Bugtraq mailing list archives

bitchx sources backdoored on distribution site

From: Michał Szwaczko <mikey () wirelabs lublin pl>
Date: Sun, 13 Apr 2003 02:45:17 +0200

Hi,

Can anyone verify that the bitchx 1.0c19 sources are backdoored.
The configure script contains the following code which I think is a shell daemon.
Perhaps I am making fool of myself right now since I am not a security guru but this looks weird. 
Can you verify ?

If this is true, then the host that will get the shell is smtp.wia.com which is an alias of
ftp2.bitchx.org. 

Attached is the code fragment I found in configure 
What do you think ? 

ps. after having run configure the code fragment disappears from the script. 

-- 
Michał 'Mikey' Szwaczko
Developer/Troubleshooter

You're using a keyboard!  How quaint!

Attachment: configure.c
Description:

Current thread:

bitchx sources backdoored on distribution site Michał Szwaczko (Apr 14)
- Re: bitchx sources backdoored on distribution site Neeko Oni (Apr 14)