----- Original Message -----
From: <frogman@xxxxxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxx>
Sent: Monday, July 05, 2004 9:20 PM
Subject: [Full-Disclosure] ANOTHER 3L33T3 ADVISO AND NOT ON PHP-CASTOR 10.3
BETA (used by 3 peoples on internet) !!! 0DAY EXPLOIT !
> This is IHCTEAM material. We fuck blackhats and we own the planet. This
is
> a leet advisory, s0 l33t. Just read it and be quiet.
>
> ---------------------------
>
> IHC TEAM private work, all the fame become to IHC TEAM and the leetest
mr.
> Frog-m@n !!!!
>
> Product: PHP
> Version: all
> Security level: Very high baby !!!
>
>
> What's the problem ?
> ==================
>
> There is a BIG 1337 BUG 0day in all the php versions for ever never.
This
> bug is caused by
> the system() function. This is a very VERY 3v1l backdoor, that allows
> execution of
> arbitrary shell command. This backdoor has been coded by ZyXyS from
HACK3R
> c0rp0r4ti0n (c) (TM) (R).
>
> Because we want fame, we'll explain you da bug:
> l00k at th1s 3v1l code:
>
> <?
> system("$cmd");
> ?>
>
> *TADAAAA* !
>
>
> If this code is on a webserver, a malicious user (like ZyXyS) can exec
> EVERYTHING and own EVERYWHERE.
> Example:
> www.thc-is-lame.org/page.php?cmd=ls%20/tmp
>
> It will give you:
>
> tmp-shells-owned-with-THC-Hydra-fucking-lame-kiddy-tool.txt
> adore.tar.gz
> last-10-leaked-exploits.tar.gz
>
>
> You see, you can rock.
> So, at this point we can see that ZyXyS is a very leet guy: THIS
BACKDOOR
> is less detectable than
> a LKM BACKDOOR like adore.tar.gz (<--- hahaha).
>
> I release this vulnerability because the K-otik team (www.k-otik.com)
> owned ZyXyS 10 days ago
> (after the fbi) and discovered the backdoor, and k-otik wanted to write
an
> advisory, ONLY FOR FAME
> AND MONEY. I want this fame (but for the money, I don't mind, I am rich
> because I sell 0day,
> traded on #darknet, to idefense), so I had to release the bug before
K-otik.
> k-otik is like hack.co.za, they release everything and nothing, but they
> can't code their own exploit.
>
>
> Greets:
> ======
>
> Rudolf Polzer (divzero@xxxxxxxxx): Thank to his idea to disclose this
bug
> and if you have another idea
> for us mail me
> packetstormsecurity: they give us kiddie-friendly exploits and mass
rooters
> spender: he sells good security patches
> isec: now my grandmother can r00t linux boxes
> bugtraq: they leak bugs found by ugly blackhats, which worked a lot of
> time to discover them
> espionet guys: they represented very well the hacker scene in a TV show
> with their netbus
> (please don't open my cdrom device guys)
>
>
> Fame:
> ====
>
>
> We already owned everyone and everything with these exploits years ago,
> and in
> fact we've all had them sitting on the shelf gathering dust due to lack
of
> new targets.
>
> FUN TESTED IDEAS:
>
> www.team-teso.net (down because of us)
> www.thc.org (haha owned 10 times)
> www.securityfocus.com
>
>
> It was very funny to read .gov and .mil files.
>
> WARNING !!!
>
> /!\ WE ARE LOOKING FOR A JOB IN THE SECURITY RESEARCH /!\
>
> Visit us:
>
> www.ihcteam.com
> www.newffr.com
> www.espionet.net
> www.underground-fr.org
> www.phpsecure.com
>
>
> ---------------------------
>
> We n33d f4me, m0n3y, g1rls and m0nk3ys, so VIVA EL DISCLOSURO.
>
> ---- fr0g-m@n ----
>