mailing list archives
ANOTHER 3L33T3 ADVISO AND NOT ON PHP-CASTOR 10.3 BETA (used by 3 peoples on internet) !!! 0DAY EXPLOIT !
From: frogman () no-log org
Date: Mon, 5 Jul 2004 21:20:24 +0200 (CEST)
This is IHCTEAM material. We fuck blackhats and we own the planet. This is
a leet advisory, s0 l33t. Just read it and be quiet.
IHC TEAM private work, all the fame become to IHC TEAM and the leetest mr.
Frog-m () n !!!!
Security level: Very high baby !!!
What's the problem ?
There is a BIG 1337 BUG 0day in all the php versions for ever never. This
bug is caused by
the system() function. This is a very VERY 3v1l backdoor, that allows
arbitrary shell command. This backdoor has been coded by ZyXyS from HACK3R
c0rp0r4ti0n (c) (TM) (R).
Because we want fame, we'll explain you da bug:
l00k at th1s 3v1l code:
If this code is on a webserver, a malicious user (like ZyXyS) can exec
EVERYTHING and own EVERYWHERE.
It will give you:
You see, you can rock.
So, at this point we can see that ZyXyS is a very leet guy: THIS BACKDOOR
is less detectable than
a LKM BACKDOOR like adore.tar.gz (<--- hahaha).
I release this vulnerability because the K-otik team (www.k-otik.com)
owned ZyXyS 10 days ago
(after the fbi) and discovered the backdoor, and k-otik wanted to write an
advisory, ONLY FOR FAME
AND MONEY. I want this fame (but for the money, I don't mind, I am rich
because I sell 0day,
traded on #darknet, to idefense), so I had to release the bug before K-otik.
k-otik is like hack.co.za, they release everything and nothing, but they
can't code their own exploit.
Rudolf Polzer (divzero () gmail com): Thank to his idea to disclose this bug
and if you have another idea
for us mail me
packetstormsecurity: they give us kiddie-friendly exploits and mass rooters
spender: he sells good security patches
isec: now my grandmother can r00t linux boxes
bugtraq: they leak bugs found by ugly blackhats, which worked a lot of
time to discover them
espionet guys: they represented very well the hacker scene in a TV show
with their netbus
(please don't open my cdrom device guys)
We already owned everyone and everything with these exploits years ago,
fact we've all had them sitting on the shelf gathering dust due to lack of
FUN TESTED IDEAS:
www.team-teso.net (down because of us)
www.thc.org (haha owned 10 times)
It was very funny to read .gov and .mil files.
/!\ WE ARE LOOKING FOR A JOB IN THE SECURITY RESEARCH /!\
We n33d f4me, m0n3y, g1rls and m0nk3ys, so VIVA EL DISCLOSURO.
---- fr0g-m () n ----
Full-Disclosure - We believe in it.
- ANOTHER 3L33T3 ADVISO AND NOT ON PHP-CASTOR 10.3 BETA (used by 3 peoples on internet) !!! 0DAY EXPLOIT ! frogman (Jul 05)