« previous next »
Pages: [1]   Go Down

Author Topic: bad packets  (Read 1900 times)

Offline reaper

  • Opulent Member
  • *
  • Posts: 2872
  • Nice night for a walk, eh? - Nice night for a walk
    • View Profile
  • Rated:
bad packets
« on: April 26, 2008, 09:05:45 PM »
there were like 100,000 sites hacked from China recently using SQL injection, and it's sending user passwords to China.

I created a rule for the packet, and made the packet myself:
perl -e 'print "\x20\x20\x20\x20\x20\x00\x03\x00\x06\x00","\x01"x100;' | nc -nvvv x.x.x.x 2043

that's what a command and control packet looks like on their botnet system, now hopefully they don't change it :).  but if they don't, people can now know their code needs to be fixed.

interesting stuff I think:
http://isc.sans.org/diary.html?storyid=4331&rss

people need to verify input by whitelising it, then we wouldn't have these problems.

edit:
btw that command opens a tcp connection with netcat, then data gets passed to it via the perl print function, which is just data that matches the botnet control system, shown as hex values.  and netcat is awesome, you can do some really cool things with it, like get remote bash and cmd shells initiated from a system behind a firewall
« Last Edit: April 26, 2008, 09:07:47 PM by reaper »
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus
VaeVictus "reaper is a lying sack of shit and ragequit then had, probably slugs, come alias and beat me, wasnt even the same person playing OBVIOUSLY, accuracies basicly doubled, and strategy
Pages: [1]   Go Up
« previous next »
 

El Box de Shoutamente

Last 10 Shouts:

 

|iR|Focalor

July 04, 2025, 06:33:05 AM
 

RyU

June 29, 2025, 06:27:46 PM
Q2 must never die  :)
 

|iR|Focalor

May 26, 2025, 01:17:30 PM
 

-Unh0ly-

May 22, 2025, 05:45:28 PM

https://drive.google.com/file/d/1VB1if3QjStPWCpbB33vbx7OOef-Negd3/view?usp=sharing

DUST 2 HD TEXTURES PUT IN BASEQ2 folder
 

Yotematoi

May 17, 2025, 08:33:15 AM
Yo desde el año 2007 me enfermé de Q2, es incurable  
Morir y revivir es costumbre, lástima q el QT estaba bueno
 

ImperiusDamian

May 12, 2025, 01:45:35 AM
Quake II is not 27 years old. I refuse to accept THAT much time has gone by.
 

|iR|Focalor

May 11, 2025, 02:33:39 PM
 

-Unh0ly-

May 03, 2025, 08:02:46 AM
198.179.6.200:30634
 

Yotematoi

May 02, 2025, 10:27:47 AM
Note for Player-4109 "Remember, the Guinness Book of Records does not include cowards who shot at someone by treachery." :D

Show 50 latest

User

Welcome, Guest. Please login or register.
July 11, 2025, 06:24:52 PM

Login with username, password and session length

Search