[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY14-F41q9MprrKJ0g00007f59@hotmail.com>
From: leseulfrog at hotmail.com (Frog Man)
Subject: Fw: ANOTHER 3L33T3 ADVISO AND NOT ON PHP-CASTOR 10.3 BETA
(used by 3 peoples on internet) !!! 0DAY EXPLOIT !
This "advisory" was of course not written by me, it's a fake.
Bye
Germain Randaxhe aka frog-m@n
>----- Original Message -----
>From: <frogman@...log.org>
>To: <full-disclosure@...ts.netsys.com>
>Sent: Monday, July 05, 2004 9:20 PM
>Subject: [Full-Disclosure] ANOTHER 3L33T3 ADVISO AND NOT ON PHP-CASTOR 10.3
>BETA (used by 3 peoples on internet) !!! 0DAY EXPLOIT !
>
>
> > This is IHCTEAM material. We fuck blackhats and we own the planet. This
>is
> > a leet advisory, s0 l33t. Just read it and be quiet.
> >
> > ---------------------------
> >
> > IHC TEAM private work, all the fame become to IHC TEAM and the leetest
>mr.
> > Frog-m@n !!!!
> >
> > Product: PHP
> > Version: all
> > Security level: Very high baby !!!
> >
> >
> > What's the problem ?
> > ==================
> >
> > There is a BIG 1337 BUG 0day in all the php versions for ever never.
>This
> > bug is caused by
> > the system() function. This is a very VERY 3v1l backdoor, that allows
> > execution of
> > arbitrary shell command. This backdoor has been coded by ZyXyS from
>HACK3R
> > c0rp0r4ti0n (c) (TM) (R).
> >
> > Because we want fame, we'll explain you da bug:
> > l00k at th1s 3v1l code:
> >
> > <?
> > system("$cmd");
> > ?>
> >
> > *TADAAAA* !
> >
> >
> > If this code is on a webserver, a malicious user (like ZyXyS) can exec
> > EVERYTHING and own EVERYWHERE.
> > Example:
> > www.thc-is-lame.org/page.php?cmd=ls%20/tmp
> >
> > It will give you:
> >
> > tmp-shells-owned-with-THC-Hydra-fucking-lame-kiddy-tool.txt
> > adore.tar.gz
> > last-10-leaked-exploits.tar.gz
> >
> >
> > You see, you can rock.
> > So, at this point we can see that ZyXyS is a very leet guy: THIS
>BACKDOOR
> > is less detectable than
> > a LKM BACKDOOR like adore.tar.gz (<--- hahaha).
> >
> > I release this vulnerability because the K-otik team (www.k-otik.com)
> > owned ZyXyS 10 days ago
> > (after the fbi) and discovered the backdoor, and k-otik wanted to write
>an
> > advisory, ONLY FOR FAME
> > AND MONEY. I want this fame (but for the money, I don't mind, I am rich
> > because I sell 0day,
> > traded on #darknet, to idefense), so I had to release the bug before
>K-otik.
> > k-otik is like hack.co.za, they release everything and nothing, but they
> > can't code their own exploit.
> >
> >
> > Greets:
> > ======
> >
> > Rudolf Polzer (divzero@...il.com): Thank to his idea to disclose this
>bug
> > and if you have another idea
> > for us mail me
> > packetstormsecurity: they give us kiddie-friendly exploits and mass
>rooters
> > spender: he sells good security patches
> > isec: now my grandmother can r00t linux boxes
> > bugtraq: they leak bugs found by ugly blackhats, which worked a lot of
> > time to discover them
> > espionet guys: they represented very well the hacker scene in a TV show
> > with their netbus
> > (please don't open my cdrom device guys)
> >
> >
> > Fame:
> > ====
> >
> >
> > We already owned everyone and everything with these exploits years ago,
> > and in
> > fact we've all had them sitting on the shelf gathering dust due to lack
>of
> > new targets.
> >
> > FUN TESTED IDEAS:
> >
> > www.team-teso.net (down because of us)
> > www.thc.org (haha owned 10 times)
> > www.securityfocus.com
> >
> >
> > It was very funny to read .gov and .mil files.
> >
> > WARNING !!!
> >
> > /!\ WE ARE LOOKING FOR A JOB IN THE SECURITY RESEARCH /!\
> >
> > Visit us:
> >
> > www.ihcteam.com
> > www.newffr.com
> > www.espionet.net
> > www.underground-fr.org
> > www.phpsecure.com
> >
> >
> > ---------------------------
> >
> > We n33d f4me, m0n3y, g1rls and m0nk3ys, so VIVA EL DISCLOSURO.
> >
> > ---- fr0g-m@n ----
> >
_________________________________________________________________
A la recherche d'un taux plus int?ressant? http://money.fr.msn.be/
Powered by blists - more mailing lists