CAPZLOCK SECURITY ADVISORY NO. 1

From: capzlock@hushmail.com
Date: 05/20/02


From: capzlock@hushmail.com
To: bugtraq@securityfocus.com, vulnwatch@vulnwatch.org, packet@packetstormsecurity.org
Date: Mon, 20 May 2002 07:29:32 -0700



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------| capzlock |
- ---------------------------------------------| security advisory no. 1 |

- -----------------------------------------------------------------------
CONFIDENTIAL INFORMATION - PLEASE DISTRIBUTE - CONFIDENTIAL INFORMATION
- -----------------------------------------------------------------------

|---------------------------------------------------------------------|
| "I am become Death, the destroyer of worlds." |
| - J. Robert Oppenheimer |
|---------------------------------------------------------------------|

#ifdef __ELITE_HACKER

[antiNSA@anti.security.is ~/.private]# ls -al

- -rw-r----- 1 antiNSA 0day 21023911 May 9 01:22 why_capzlock_ownz_me.txt
- -rw-r----- 1 antiNSA 0day 119511 May 2 22:09 12yroldboy.jpg
- -rw-r----- 1 antiNSA 0day 16506 Apr 1 22:04 fatherandson.jpg
- -rw-r----- 1 antiNSA 0day 4399 May 7 22:04 backdoor.com.passwordz.txt
- -rw-r----- 1 antiNSA 0day 5619 Jan 4 22:09 codered.c

#endif /* __ELITE_HACKER */

This advisory is dedicated to the many hard-working penetrators
in the security industry. And, to the underground hackers that seek
fame and profit, their undying thirst for knowledge is a true
inspiration to us all.

This advisory is being leaked to the security mailing lists in
TESO fashion. Hi security freinds!

- -----------------------------------------------------------------------

[PRODUCT]: BannerWheel v1.0

BannerWheel is a free script for displaying banner ads in a random
fashion. Users can set the probability of displaying each banner. This
script also keeps track of the number of times each banner is
displayed.

The script is intended for UNIX-based systems.

- -----------------------------------------------------------------------

[PROBLEM]:

There are bufferoverflow vulneribilities in tha C source code of the
CGI package. Particularly, in badmin.c porshion.

[snip]-----------------------------------------------------------------

[capzlock@signal-11 ~/hack/the/planet]$ gcc badmin.c -o badmin.cgi -lcrypt
[capzlock@signal-11 ~/hack/the/planet]$ ./badmin
bwe(input): "command" ? kill.the.turkey
bwe(input): "rcmd" ? AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
bwe(input): "flag" ? kill.the.turkey
Segmentation fault
[capzlock@signal-11 ~/hack/the/planet]$

[snap]-----------------------------------------------------------------

This am very serious whole that could jeperdize the security of a
digital computer system.

- -----------------------------------------------------------------------

TOODLES!@#$%!

capzlock
- -------------------------
http://www.signal-11.com
capzlock@hushmail.com

Hush provide the worlds most secure, easy to use online applications - which solution is right for you?
HushMail Secure Email http://www.hushmail.com/
HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/
Hush Business - security for your Business http://www.hush.com/
Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/

Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wl0EARECAB0FAjzpCFEWHGNhcHpsb2NrQGh1c2htYWlsLmNvbQAKCRBePYmP9gNNOGSq
AKCc+mxqQUvSAJdBzletqsh6bPLBWgCgg16ans4tht9mw+u2jChcjjktjQY=
=q4Fz
-----END PGP SIGNATURE-----









Relevant Pages

  • Re: SSHD revelaing too much information.
    ... hundreds of machines and really don't see this as a problem. ... The 'green' banner does not attract any ... This goes against my security ... > networks) then make sure you're running a known secure version. ...
    (FreeBSD-Security)
  • FW: RE Modem identification
    ... Say the return in the banner looks like this: ... Extended ASCII characters into somtheing more readable. ... systems table to match up against what the modem is sending ... Global Integrity Information Security ...
    (Pen-Test)
  • RE: plugging old IIS FTP holes
    ... After weighing up the advantages of changing the banner (I could not ... think of any) I was also wondering if the integrity of the servers ... security can be compromised by running such tools to change banner (such ... plugging old IIS FTP holes ...
    (Focus-Microsoft)
  • [NT] Foundstone Fscan Format String Bug
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... malicious service banner overwriting the stack and the EIP on the PC ... - Foundstone Fscan version 1.12 for Windows ... The vendor was contacted on the 14th of April, ...
    (Securiteam)
  • [NEWS] Wonderware SuiteLink Denial of Service Vulnerability
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... Vendor Information, Solutions and Workarounds ... Core sends the advisory draft to Wonderware support team. ...
    (Securiteam)