[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Apache 2.2.17 exploit?



here are places like codepad.org that let you compile/execute various


Indeed, i have seen the codepad.org execute action used on many many bots,
even opastebin just using download= and, renaming the downloaded file :s not
to hard, dfont even need to rename file, and, raw= featuires, is plain code
just in a txt.
on codepad tho, you can actually execute the code on the server, and, thats
awesome for debugging i guess but, i prefer to use my own stdinout.
anyhow, it is a nice world there, that is where half the bots in use sit...
you should find some of the more popular botz, and strings, and watch
howmany are active...many would be, believ it. specially on pastebin and
codepad , those two are best because allow sraw download.. but, codepad,
even allows you to setup a subdomain wich was removed from the pastebin ,
unf..
ohwell, thats how it is, it is ok by me.
xd


On 4 October 2011 07:14, adam <adam@xxxxxxxxx> wrote:

> Darren,
>
> There are places like codepad.org that let you compile/execute various
> programming/scripting languages, of course you don't have the control/access
> that you'd normally have but for some things - it may just be enough.
>
> On Mon, Oct 3, 2011 at 11:41 AM, Darren Martyn <
> d.martyn.fulldisclosure@xxxxxxxxx> wrote:
>
>> I may have to set up such an RSS + REGEX along with a google alerts to get
>> the best of both :)
>>
>> Since my lack of computing facilities has gotten worse in the last month I
>> have actually begun to forget ASM, so decoding shellcode is not so easy for
>> me :(
>> Nor do I have (currently) access to a Linux box to test it on - only a
>> friends W7 laptop (which wants to use Cyrillic) and the college computers
>> (W7 also... Network booting with Novell, buggy and slow for the win!)
>>
>> I will keep on posting anything that looks even mildly interesting, may
>> find something fun in my travels :)
>>
>>
>> On Mon, Oct 3, 2011 at 5:05 PM, PsychoBilly <zpamh0l3@xxxxxxxxx> wrote:
>>
>>> OMG!
>>> This ...
>>> actually WORKS!
>>> GR8 Job, m8+!
>>> L33+ cC l33+
>>> W00+ FB Bwana!
>>> ...
>>> <! connection reseted by peer >
>>>
>>> [[   adam   ]] @ [[   03/10/2011 17:56
>>> ]]--------------------------------------------------
>>> > Also, make sure you guys don't miss out on this 0day either:
>>> http://pastebin.com/R8XdsUgK
>>> >
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/