[TOOL] MsnShell - Covert Shell Tunneling Through MSN Protocol

From: SecuriTeam (support_at_securiteam.com)
Date: 01/23/05

  • Next message: SecuriTeam: "[UNIX] Multiple UNIX/Linux Vendor Xpdf makeFileKey2 Stack Overflow" 
    To: list@securiteam.com
Date: 23 Jan 2005 14:24:34 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      MsnShell - Covert Shell Tunneling Through MSN Protocol
    ------------------------------------------------------------------------

    SUMMARY

    DETAILS

    MsnShell is a kind of covert channel tunneling tool allowing to remotely
    control a Linux computer protected by a firewall. MsnShell encapsulates
    shell commands and responses within the MSN protocol and only consist of
    an executable file named "MsnShell Server".

    The key MsnShell features:
     * Give a shell from a box located within the internal network to an
    external server
     * Encapsulate shell commands and responses within the MSN protocol (SHELL
    over MSN)
     * Can also work with HTTP proxy (SHELL over MSN over HTTP)

    Download Information:
    The tool can be obtained from the project's website at:
    <http://gray-world.net/projects/msnshell/msnshell-1.1.tar.gz>
    http://gray-world.net/projects/msnshell/msnshell-1.1.tar.gz

    ADDITIONAL INFORMATION

    To keep updated with the tool visit the project's homepage at:
    <http://gray-world.net/pr_msnshell.shtml>
    http://gray-world.net/pr_msnshell.shtml

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[UNIX] Multiple UNIX/Linux Vendor Xpdf makeFileKey2 Stack Overflow"

    Relevant Pages

    • [NEWS] Clipcomm CPW-100E Wireless Mobile IP Phone Open Debug Service
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Clipcomm's Wi-Fi IP phone, CWP-100, is a low-priced wireless mobile IP ... An undocumented port and debug service on TCP/60023 enables an attacker to ... The shell access provides the attacker with two levels of access: ...
      (Securiteam)
    • [UNIX] KPopup Allows Gaining of Elevated Privileges (Insecure system())
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... compiled and install the binary KPopup is installed setuid root it also ... especially on a setuid root binaries. ... To exploit this we need to do is make a shell script and call it killall, ...
      (Securiteam)
    • [EXPL] Cdrecord RSH SUID Shell Creation
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... This shell script writes out and compiles a C application which sets it's ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
      (Securiteam)
    • [TOOL] RECUB (Remote Encrypted Callback Unix Backdoor) Windows Port
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... RECUB (Remote Encrypted Callback Unix Backdoor) is a windows port for a ... * RC4 Encrypted reverse connect shell for XP,2k,2003. ...
      (Securiteam)