Home page logo

fulldisclosure logo Full Disclosure mailing list archives

0day remote root BNC exploit
From: poofie () gmx net
Date: Wed, 4 Dec 2002 01:44:57 +0100 (MET)

This is in response to: 

                 FaKe Research Laboratories
                     Security Advisory

 Package:               BNC 
 Vendor Web Site:       http://gotbnc.com/
 Versions:              < = Latest (v2.8.4)
 Platforms:             Lots of them
 Advisory Title:        Plaintext BNC Authentication Passwords
 Advisory ID:           F8K20020918:BNC
 Issue Date:            Wed Sep 18 12:34:56 PST 2002
 File(s):               bnc.conf
 Local:                 Yes
 Remote:                No
 Fix Available:         Yes
 Vendor Contacted:      No 
 Researcher:            poofie <poofie () fakelabs com>
 FaKe Web Site:         http://www.fakelabs.com ( NOT ORG! )

 1. Overview

 The password is stored in plaintext in the configuration allowing 
 hackers to use the BNC for their illegal activities. This could 
 mean the end of IRC as we know it. Please do not use this exploit for
 fun or profit.  

 2. Exploit

 Here is the 0day exploit from FaKelabs because we have the best exploit
 collection ever. 

 # BNC password stealing exploit by poofie () fakelabs com
 printf "Where do you want to steal the password from? "
 READ file
 echo "Stealing the password hahahahahaha"
 grep 'S:' $file

 3. Impact

 IRC will cease to exist.

 4. Greetz

               Loki - Supreme magistrate CEO flash hacker master
              ph33r - Previous research on plaintext password methods
 PhantomOfTheRouter - Blacker than Jesse Jackson crack smoking MSN hack3r
         hack3r.com - I learned everything from you guys, THANKS
            |SaMaN| -
                      Contributing useful information. Coder of the 
                      http://blackcode.tr.cx hacker team.
               ushi - Lesbian hacker slut

 (c) Copyright 1981-2002 FaKe Research Labs. All Copyrights Reserved.
 Web: http://www.fakelabs.com

+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • 0day remote root BNC exploit poofie (Dec 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]