exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

killmod-0.69.lsm

killmod-0.69.lsm
Posted Aug 17, 1999

LSM to kill modems using +++ATH0.

tags | exploit
SHA-256 | 2386c8313663364e6ac207420d422f44b1039e3a236c379b238a6df54c8427eb

killmod-0.69.lsm

Change Mirror Download
killmod-0.69

killmod.php3 is a php front end that calls a simple shell script (killmod.sh) and allows
you to use the +++ath0 bug to hang up older modems.
------------------------------------------------------------------------------------------------
killmod-0.69.tar.gz contains:

---
README
killmod.php3
killmod.sh
killmod.results
bitch.txt
stupid-bitch.txt
---

HISTORY:

This originally was a project started by me (jigz) because I had created a lame shell
script that just would ping with the `+++ATH0' pattern. I was too lazy to type "ping -p
2b2b2b415448300d [target]", so I made the script so I could just "killmod [target]". Then I
discovered PHP and made a lame PHP document that called the lame script, so I could do it
from a website. Everything was fine until my friend monkey decided to try and exploit it. I
figured it would be very unlikely. But due to the poorly written shell script, submitting
the proper hex characters to the form (something like `;cat /etc/passwd') would run and
print whatever was after the ";" and effectively pissed me off. After I discovered his
wrongdoing and he discovered I had backdoored him, we signed a full disclosure treaty,
which has worked out for the better. We worked together to create this PHP document that
effectively weeds out all the nasty characters ( ; | < > & ). Monkey did the PHP coding,
and I modified it to look pretty and added a few things.

USAGE:

In order to use this, you must have the Apache PHP module or the PHP binary installed. We
both have the Apache module, so we haven't tested it with the binary. I imagine it works
just fine, and you'll just need to edit the files more to get it to work.

These files are very very customizable, and you'll have to change some things in
`killmod.php3' depending on where you place your files.

Our recommendation would be to place everything but `killmod.php3' in a directory one level
up from site root, or in a directory that won't or can't be viewed, just for security
reasons. Just make sure to edit `killmod.php3' to reflect those changes.

NOTE: Make sure that killmod.results is chmod 666.

-rw-rw-r-- 1 root root 309 Jun 27 03:28 bitch.txt
-rw-rw-r-- 1 root root 2582 Jun 27 03:28 killmod.php3
-rw-rw-rw- 1 root root 203 Jun 27 03:29 killmod.results
-rwxr-xr-x 1 root root 276 Jun 27 03:29 killmod.sh
-rw-rw-r-- 1 root root 312 Jun 27 03:28 stupid-bitch.txt

There's so many things that could be optimized about this, but things work fine with the
current configuration for us. Hopefully things are pretty secure.

CONTACT:

Our stupid boxes haven't been added to a major DNS yet, so you'd just get your mail sent
back to you. You can try and mail us directly, but it may not work.

Jigz -- root@matrix.romeocomp.com or lewinsky@mailexcite.com
Monkey -- root@elmono.romeocomp.com or sonofabitch@mailexcite.com

Perhaps next time we'll use passthru() for way cleaner output.
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close