« previous next »
Pages: [1]   Go Down

Author Topic: bad packets  (Read 1821 times)

Offline reaper

  • Opulent Member
  • *
  • Posts: 2872
  • Nice night for a walk, eh? - Nice night for a walk
    • View Profile
  • Rated:
bad packets
« on: April 26, 2008, 09:05:45 PM »
there were like 100,000 sites hacked from China recently using SQL injection, and it's sending user passwords to China.

I created a rule for the packet, and made the packet myself:
perl -e 'print "\x20\x20\x20\x20\x20\x00\x03\x00\x06\x00","\x01"x100;' | nc -nvvv x.x.x.x 2043

that's what a command and control packet looks like on their botnet system, now hopefully they don't change it :).  but if they don't, people can now know their code needs to be fixed.

interesting stuff I think:
http://isc.sans.org/diary.html?storyid=4331&rss

people need to verify input by whitelising it, then we wouldn't have these problems.

edit:
btw that command opens a tcp connection with netcat, then data gets passed to it via the perl print function, which is just data that matches the botnet control system, shown as hex values.  and netcat is awesome, you can do some really cool things with it, like get remote bash and cmd shells initiated from a system behind a firewall
« Last Edit: April 26, 2008, 09:07:47 PM by reaper »
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus
VaeVictus "reaper is a lying sack of shit and ragequit then had, probably slugs, come alias and beat me, wasnt even the same person playing OBVIOUSLY, accuracies basicly doubled, and strategy
Pages: [1]   Go Up
« previous next »
 

El Box de Shoutamente

Last 10 Shouts:

 

Yotematoi

February 14, 2025, 12:41:48 PM
 :-*
 

|iR|Focalor

February 13, 2025, 07:31:24 AM
I was on DM this morning for the first time in a pretty long time. Seemed fine to me.

0rbisson

February 13, 2025, 04:54:21 AM
DM server is fucked. 2 point blank rockets from spawn and lava damage and player survived? WTF?" Also someone has fucked with the spawn points, every single time no matter how big the map you spawn right in front of the person who killed you last
 

rikwad

February 08, 2025, 10:48:18 PM
Seattle FFA now has working HTTP downloads. Thanks Unholy!
 
RIP Pepp   ✟
 
 

-Unh0ly-

February 03, 2025, 01:20:14 AM
vvvALL WEAPS HAVE MUZZLE FLASH vvvv
 

|iR|Focalor

December 25, 2024, 12:15:35 AM
 

|iR|Focalor

December 25, 2024, 12:06:54 AM
 

RailWolf

December 23, 2024, 09:15:50 AM
Fixed the image for you =)
And Die Hard is a great Christmas movie
 

|iR|Focalor

December 19, 2024, 04:55:07 AM
correction - you gotta put the whole word, not just w: {img width=210}

Show 50 latest

User

Welcome, Guest. Please login or register.
February 16, 2025, 01:56:57 PM

Login with username, password and session length

Search