----- Original Message -----
From: <frogman () no-log org>
To: <full-disclosure () lists netsys com>
Sent: Monday, July 05, 2004 9:20 PM
Subject: [Full-disclosure] ANOTHER 3L33T3 ADVISO AND NOT ON PHP-CASTOR 10.3
BETA (used by 3 peoples on internet) !!! 0DAY EXPLOIT !
> This is IHCTEAM material. We fuck blackhats and we own the planet. This
> a leet advisory, s0 l33t. Just read it and be quiet.
> IHC TEAM private work, all the fame become to IHC TEAM and the leetest
> Frog-m () n !!!!
> Product: PHP
> Version: all
> Security level: Very high baby !!!
> What's the problem ?
> There is a BIG 1337 BUG 0day in all the php versions for ever never.
> bug is caused by
> the system() function. This is a very VERY 3v1l backdoor, that allows
> execution of
> arbitrary shell command. This backdoor has been coded by ZyXyS from
> c0rp0r4ti0n (c) (TM) (R).
> Because we want fame, we'll explain you da bug:
> l00k at th1s 3v1l code:
> *TADAAAA* !
> If this code is on a webserver, a malicious user (like ZyXyS) can exec
> EVERYTHING and own EVERYWHERE.
> It will give you:
> You see, you can rock.
> So, at this point we can see that ZyXyS is a very leet guy: THIS
> is less detectable than
> a LKM BACKDOOR like adore.tar.gz (<--- hahaha).
> I release this vulnerability because the K-otik team (www.k-otik.com)
> owned ZyXyS 10 days ago
> (after the fbi) and discovered the backdoor, and k-otik wanted to write
> advisory, ONLY FOR FAME
> AND MONEY. I want this fame (but for the money, I don't mind, I am rich
> because I sell 0day,
> traded on #darknet, to idefense), so I had to release the bug before
> k-otik is like hack.co.za, they release everything and nothing, but they
> can't code their own exploit.
> Rudolf Polzer (divzero () gmail com): Thank to his idea to disclose this
> and if you have another idea
> for us mail me
> packetstormsecurity: they give us kiddie-friendly exploits and mass
> spender: he sells good security patches
> isec: now my grandmother can r00t linux boxes
> bugtraq: they leak bugs found by ugly blackhats, which worked a lot of
> time to discover them
> espionet guys: they represented very well the hacker scene in a TV show
> with their netbus
> (please don't open my cdrom device guys)
> We already owned everyone and everything with these exploits years ago,
> and in
> fact we've all had them sitting on the shelf gathering dust due to lack
> new targets.
> FUN TESTED IDEAS:
> www.team-teso.net (down because of us)
> www.thc.org (haha owned 10 times)
> It was very funny to read .gov and .mil files.
> WARNING !!!
> /!\ WE ARE LOOKING FOR A JOB IN THE SECURITY RESEARCH /!\
> Visit us:
> We n33d f4me, m0n3y, g1rls and m0nk3ys, so VIVA EL DISCLOSURO.
> ---- fr0g-m () n ----
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html