| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <801d8986041225072732654f61@mail.gmail.com>
From: rafal.kwasny at gmail.com (^^MAg^^)
Subject: new phpBB worm affects 2.0.11
On Fri, 24 Dec 2004 17:06:30 -0500, Herman Sheremetyev
<herman@...bpage.com> wrote:
> My patched phpBB 2.0.11 running on FreeBSD 4.10 was exploited by a new
> variation of the worm this morning. I'm attaching the 2 perl scripts it
> installs, one is an irc bot the other the worm itself.
Are you sure it's because bug in 2.0.11 ? I see there only old hilight bug
> -Herman
heh, this is soo lame
> my @adms=("ssh"); # Nick do administrador #
16:22:31 [ Whois ssh (ssh@...-140-117.xdsl-dinamico.ctbcnetsuper.com.br) ]
16:22:31 : Ircname : Se fu ???? e dai ??
16:22:31 : Domain : "Brazil"
16:22:31 : Channels : #staff #ssh
16:22:31 : Server : hub3.ssh.net [SSHWorms R0xNet Server]
16:22:31 --- End of Whois ---
the person with this nick can controll all of this
> my @canais=("#ssh echo"); # Caso haja senha ("#canal :senha") #
> $servidor='ssh.gigachat.net' unless $servidor; # Servidor de irc que vai ser usado #
/server ssh.gigachat.net
/join #ssh echo
everyone's invited ;)
( also #fuck_this_worm )
greets goes to prophecy who found it at the same time :)
--
Greetings
^^MAg^^ mailto:/jid: mag@...berpl.org
Powered by blists - more mailing lists