Re: W-Nikto PHP FrontEnd [twice, YAY!!!]

["morning_wood" <se_cur_ity () hotmail com>]

b0iler... go away and find someone to pick on on IRC, as that is what you
enjoy most..

Donnie

----- Original Message ----- 
From: "morning_wood Weinerzucker" <morning_wood () singapore net>
To: <full-disclosure () lists netsys com>
Sent: Thursday, July 17, 2003 6:44 PM
Subject: [Full-disclosure] W-Nikto PHP FrontEnd [twice, YAY!!!]


> I go start new mail list where we can all frolick with fake exploit and
XSS! who wanna join?!! Now 0d4y
> ------------------------------------------------------------------
>           - EXPL-A-2003-015 exploitlabs.com Advisory 016 [i dunno what
these number mean]
> ------------------------------------------------------------------
>                          -= w-nikto phpFE =-
>
>
> Donnie Weinerzucker
> July 17, 2003
> I release advisory of my own scripts! thats how l33t I am
>
>
> Vunerability(s):
> ----------------
> 1. Remote Commands Execution
> 2. XSS Vulnerability
> 3. File PERmission issues
> 4. Bad Code & Credit Stealing
>
>
> Product:
> --------
> Wnikto32 PHP Remote Frontend
>
>
> http://exploitlabs.com/files/woods/wnikto32-phpfe.zip
>
>
>
> Comments:
> -------------------
> No Blame Me Because I Make Script. I not make nikto
> not my fault, i just code bad frontend, blame nikto for
> do nothing to protect againt my bad coding.
>
>
> almost like inf-scan.  no blame me for working on code
> and putting it out as mine then exploiting it, not my
> fault i can not code
>
>
>
> Description of product:
> -----------------------
> "Wnikto32(vuln scanner i compiled, i l33t) with php remote frontend avail
at
> http://exploitlabs.com/files/woods/wnikto32-phpfe.zip
>  Author: Donnie Werner
>
> Requirements:
> Webspace with PHP support.
> have been developed over a Apache + PHP
> platform running in Windows XP[me never used unix] and have not been
fully tested
> because I don't knwo how to code
>
> ummm.. ok  hint: it runs on most anything with php installed
>
>
>
> VUNERABILITY / EXPLOIT
> ======================
> Another very lame "scanner" frontend type of php script with many
flaws...
> 1. REMOTE COMMAND EXECUTION in the execution of the w-nikto.exe,
>    the frontend passes all input unfiltered.
>
> 2. XSS Vunerabilities lay in everything that give output
>
> "<SCRIPT>alert(document.domain);</SCRIPT><SCRIPT>alert(document.cookie
> );</SCRIPT>"
>
> the JS code is rendered / executed in the the users browser.
>
> 3. No authentication at all done giving anyone remote command access
>
> 4. I can't code and only know XSS
>
> 5. I suck and should die
>
>
>
> EXPLOIT CODE:
> -------
> input | or ; surrounding most input
>
> see, I know exploit is. you tell me i no know exploit, hah
>
>
> Local:
> ------
> everything remote is local!!!
>
> Remote:
> -------
> yup we got XSS and stuff via remote
>
>
> Vendor Fix:
> -----------
> There is no fix on 0day because I don't know how to code(look
> at what I call advisories, me code?! HAH)
>
>
>
> Vendor Contact:
> ---------------
> Yep, and he got mad and pissed his pants while crying for his mother
>
>
> Credits:
> --------
>
> Donnie Werner (morning_wood () frame4 com)
> 5685 Eagle Pky #2
> Ferndale, Wa 98248
> 360-312-8011 ~ call me if you want to talk about XSS
>
> visit my sites!
> exploitlabs.com (maybe some day i learn more than xss)
> nothackers.org (the XSS 0y34r ph34r, "Freedom of voice" till you say
something i no like)
> and other lame sites that have nothing!
>
> Original advisory may be found at
> http://exploitlabs.com/files/advisories/EXPL-A-2003-015-phpfe.txt
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Goodbyes;
>
> I only know XSS, thats why you can look at every script i review and find
> alot more holes in them. I can scroll on IRC! I never seen a unix, i
think it's
> some kinda blackhat thing. I got exploit code! but only fake and exploit
for my
> own scripts I make. Maybe someone can e-mail me and tell me how to do dns
because
> I dont know how people can visit my site with www.! lately I complain
because
> nobody see that im "special"(i lub u mommy!) and servers should never
start, I also
> release programs but I dont know how to code. Just call me the unpatched
xp kid!
> I got hacked but i dont know yet... i got lots of porn e-mail me for
trade. I got my
> chan all logged, ask for logs and you can see how i know nothing.
>
>
> If anyone saw my post in the "Invaded by morons"  discussion, just ignore
that
> my comments of "And I think most of you may be in for a big supprise
sometime
> in a few weeks from me.... im so incompitent.. sheesh", I also thought my
lame
> Zope information disclosure/xss was going to make me famous! Because I
want to
> speak at defcon on how im so elite at XSS that i release it 0d4y! WOOHOO
FOR ME
> Greets;
>
> Project cOd,  Donnie Weiner, w00w00[u know aim technique, teech aim xss?]
> badpack3t(i'm almost as lame as you! nice sploitz!), the cisco kyd, moot
bailey,
> 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y
0D4Y
>    0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y
>                         0d4y thinking caps on!
>
> 0D4Y EXPLOIT ON FULL DISCLOSURE ~ THEY MAIL YOU PASSWORD BACK IN
CLEARTEXT
> HAHAHAH HOW LAME THAT IS?!?!@?!@ HAHAHAHHA-ROFLMFAOHAHAHAHHAA
>
>
>                 XSS THE PLANET!!!!!!  YEAHHH!!!!!!!!!!! LUCY!!!!!
>
>                                    THE END
>
> -- 
> _______________________________________________
> Get your free email from http://www.singapore.net
> Get US $10 Now: http://www.resource-a-day.com/members2/rsathyamurthy
>
> Powered by Outblaze
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html