Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Fw: ANOTHER 3L33T3 ADVISO AND NOT ON PHP-CASTOR 10.3 BETA (used by 3 peoples on internet) !!! 0DAY EXPLOIT !
From: "Frog Man" <leseulfrog () hotmail com>
Date: Mon, 05 Jul 2004 23:59:08 +0200

This advisory was not written by me. It's a fake.

bye

frog-m () n

----- Original Message -----
From: <frogman () no-log org>
To: <full-disclosure () lists netsys com>
Sent: Monday, July 05, 2004 9:20 PM
Subject: [Full-disclosure] ANOTHER 3L33T3 ADVISO AND NOT ON PHP-CASTOR 10.3
BETA (used by 3 peoples on internet) !!! 0DAY EXPLOIT !


> This is IHCTEAM material. We fuck blackhats and we own the planet. This is
> a leet advisory, s0 l33t. Just read it and be quiet.
>
> ---------------------------
>
> IHC TEAM private work, all the fame become to IHC TEAM and the leetest mr.
> Frog-m () n !!!!
>
> Product: PHP
> Version: all
> Security level: Very high baby !!!
>
>
> What's the problem ?
> ==================
>
> There is a BIG 1337 BUG 0day in all the php versions for ever never. This
> bug is caused by
> the system() function. This is a very VERY 3v1l backdoor, that allows
> execution of
> arbitrary shell command. This backdoor has been coded by ZyXyS from HACK3R
> c0rp0r4ti0n (c) (TM) (R).
>
> Because we want fame, we'll explain you da bug:
> l00k at th1s 3v1l code:
>
> <?
> system("$cmd");
> ?>
>
> *TADAAAA* !
>
>
> If this code is on a webserver, a malicious user (like ZyXyS) can exec
> EVERYTHING and own EVERYWHERE.
> Example:
> www.thc-is-lame.org/page.php?cmd=ls%20/tmp
>
> It will give you:
>
> tmp-shells-owned-with-THC-Hydra-fucking-lame-kiddy-tool.txt
> adore.tar.gz
> last-10-leaked-exploits.tar.gz
>
>
> You see, you can rock.
> So, at this point we can see that ZyXyS is a very leet guy: THIS BACKDOOR
> is less detectable than
> a LKM BACKDOOR like adore.tar.gz (<--- hahaha).
>
> I release this vulnerability because the K-otik team (www.k-otik.com)
> owned ZyXyS 10 days ago
> (after the fbi) and discovered the backdoor, and k-otik wanted to write an
> advisory, ONLY FOR FAME
> AND MONEY. I want this fame (but for the money, I don't mind, I am rich
> because I sell 0day,
> traded on #darknet, to idefense), so I had to release the bug before
K-otik.
> k-otik is like hack.co.za, they release everything and nothing, but they
> can't code their own exploit.
>
>
> Greets:
> ======
>
> Rudolf Polzer (divzero () gmail com): Thank to his idea to disclose this bug
> and if you have another idea
> for us mail me
> packetstormsecurity: they give us kiddie-friendly exploits and mass
rooters
> spender: he sells good security patches
> isec: now my grandmother can r00t linux boxes
> bugtraq: they leak bugs found by ugly blackhats, which worked a lot of
> time to discover them
> espionet guys: they represented very well the hacker scene in a TV show
> with their netbus
> (please don't open my cdrom device guys)
>
>
> Fame:
> ====
>
>
> We already owned everyone and everything with these exploits years ago,
> and in
> fact we've all had them sitting on the shelf gathering dust due to lack of
> new targets.
>
> FUN TESTED IDEAS:
>
> www.team-teso.net (down because of us)
> www.thc.org (haha owned 10 times)
> www.securityfocus.com
>
>
> It was very funny to read .gov and .mil files.
>
> WARNING !!!
>
> /!\ WE ARE LOOKING FOR A JOB IN THE SECURITY RESEARCH /!\
>
> Visit us:
>
> www.ihcteam.com
> www.newffr.com
> www.espionet.net
> www.underground-fr.org
> www.phpsecure.com
>
>
> ---------------------------
>
> We n33d f4me, m0n3y, g1rls and m0nk3ys, so VIVA EL DISCLOSURO.
>
> ---- fr0g-m () n ----
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


_________________________________________________________________
Des centaines de jobs de rĂªve on-line. http://www.fr.msn.be/job/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]