LSM to kill modems using +++ATH0.
2386c8313663364e6ac207420d422f44b1039e3a236c379b238a6df54c8427eb
killmod-0.69
killmod.php3 is a php front end that calls a simple shell script (killmod.sh) and allows
you to use the +++ath0 bug to hang up older modems.
------------------------------------------------------------------------------------------------
killmod-0.69.tar.gz contains:
---
README
killmod.php3
killmod.sh
killmod.results
bitch.txt
stupid-bitch.txt
---
HISTORY:
This originally was a project started by me (jigz) because I had created a lame shell
script that just would ping with the `+++ATH0' pattern. I was too lazy to type "ping -p
2b2b2b415448300d [target]", so I made the script so I could just "killmod [target]". Then I
discovered PHP and made a lame PHP document that called the lame script, so I could do it
from a website. Everything was fine until my friend monkey decided to try and exploit it. I
figured it would be very unlikely. But due to the poorly written shell script, submitting
the proper hex characters to the form (something like `;cat /etc/passwd') would run and
print whatever was after the ";" and effectively pissed me off. After I discovered his
wrongdoing and he discovered I had backdoored him, we signed a full disclosure treaty,
which has worked out for the better. We worked together to create this PHP document that
effectively weeds out all the nasty characters ( ; | < > & ). Monkey did the PHP coding,
and I modified it to look pretty and added a few things.
USAGE:
In order to use this, you must have the Apache PHP module or the PHP binary installed. We
both have the Apache module, so we haven't tested it with the binary. I imagine it works
just fine, and you'll just need to edit the files more to get it to work.
These files are very very customizable, and you'll have to change some things in
`killmod.php3' depending on where you place your files.
Our recommendation would be to place everything but `killmod.php3' in a directory one level
up from site root, or in a directory that won't or can't be viewed, just for security
reasons. Just make sure to edit `killmod.php3' to reflect those changes.
NOTE: Make sure that killmod.results is chmod 666.
-rw-rw-r-- 1 root root 309 Jun 27 03:28 bitch.txt
-rw-rw-r-- 1 root root 2582 Jun 27 03:28 killmod.php3
-rw-rw-rw- 1 root root 203 Jun 27 03:29 killmod.results
-rwxr-xr-x 1 root root 276 Jun 27 03:29 killmod.sh
-rw-rw-r-- 1 root root 312 Jun 27 03:28 stupid-bitch.txt
There's so many things that could be optimized about this, but things work fine with the
current configuration for us. Hopefully things are pretty secure.
CONTACT:
Our stupid boxes haven't been added to a major DNS yet, so you'd just get your mail sent
back to you. You can try and mail us directly, but it may not work.
Jigz -- root@matrix.romeocomp.com or lewinsky@mailexcite.com
Monkey -- root@elmono.romeocomp.com or sonofabitch@mailexcite.com
Perhaps next time we'll use passthru() for way cleaner output.