illmob

im sure you guys have seen or heard about some irc bot kiddie named Subz a.k.a. Robert Phelps
d.o.b. August 8,1982
phone number: +01225481930

i guess he was mad i posted his parents home number instead of his on my site, so they get alot of unwanted phone calls in the night.. so now little robby thinks hes gonna get my site shut down because he ‘is in with the fbi’
so now i present you you the excerpt from our little chat on irc today.

subz.txt

how fucking lame can you get?

posted by pingywon
You can deny the administrator access to the internal web configuration page.
MS Router exploit

….easy enuff

BUT ….. it doesnt say anything about telnet to the router. Something most of these routers support.

I posted a msg to this group asking them about it.
My theory is that AT VERY LEAST…. you could telnet to the router and reboot it to shake the connections

~pingywon

if you havent seen it. make sure you do. i’m telling you it will open your eyes about alot of things going on in the world today. being on the internet it gives the chance to talk to people from all over the world .. yea we get slack from some people who hate americans in general .. but alot of their propaganda they are force fed everyday is the same type of shit we hear… i can understand people hating us because of what we look like to other people… but its same all over the place.. we are not representative of our govt’s , half of us could careless whats going on in the world today as long as it doesnt interrupt our everyday lives. alot of shit behind it is money .. why are we at war with Iraq? because our president and other have interest in the oil? most likely .. but why kill innocent people over it? half this war is bullshit, sending underprivileged kids just out of high school to go over and get maimed or even killed before they even know what they wanna do in life. November couldnt come quick enough to get people like george bush out of office,,, fighting a war to try to impress his daddy and get rich off of it… what the media shows on tv everyday isnt half of the shit you people gotta know… i guarantee if you went and saw this movie it would change your views on alot of shit… anyhow its late the movie got out at 1:30 am and i need some sleep… get your asses to the theater and see it.. this is prolly the only movie i actually paid to see instead of downloading in a few years and it was worth every penny

Shout outs to all the motherfuckers putting their lives on the line in Iraq,

posted by pingywon
Here is a cute little URI I found crashing skype on it’s latest version
(0.98.0.04).
It’s probably a buffer overflow of some sort, so, a special crafted URI could
potentially lead to remote code execution.
(would probably be extremely hard doing it threw a URI, but still an option)

callto://aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/

If you really really want this not to happened to you, u should remove the
referring registry entrance to “callto://” in URI’s

finally got around to making my gentoo box… out of an old cd player.. heres the results ::HERE::
or you can look at all the pics ::HERE:: .. i know the floppy looks ghetto on the bottom but i got lazy.. the power button and cd tray really work too

newer version that now allows you to enter that password and port of your choosing

get it ::HERE::

well thanx to pingywon i found out that ghost admin 1.0 wasnt executing correctly so i released a newer version with the new fsg so now the server is only 1.18kb … so basically you edit the server and send it to the victim then you can remotely log into them using the radmin client

last night i recieved a instant message from someone claiming to be the famed phone hack Kevin Poulsen .. who also writes on security focus.com .. asking about the program we released on the site that takes advantage of the backdoor masster password the Optix trojan… after some convincing i found him to be legit , and i was asked a series of questions relating to the software… anyhow you can read the results :::HERE:::

posted by morning_wood
The US Patent and Trademark Office has granted a patent to Microsoft Corp. for a “time based hardware button for application launch” in which a click of a button can start different programs if it is clicked once, twice or held down for several seconds

links in full news
http://216.239.59.104/search?q=cache:Z0oG5DoK3w0J:www.smh.com.au/articles/2004/06/02/1086058889577.html+microsoft+patented+mouse+click&hl=it

or

http://www.smh.com.au/articles/2004/06/04/1086203602853.html

posted by pingywon
..:::UPDATE:::..
Look at bottom of post for new updates

There is a rather (not completely) new Cpanel exploit which will compromise Linux/Apache boxes (imagine that – IIS actually not being effected)

.:read Fullnews for story and link:.
:CpanelSploit:.

SEVERITY:

High, Arbitrary Execution as Arbitrary User

PROBLEM DESCRIPTION:

Flaws in how Apache’s suexec binary has been patched by cPanel when configured for mod_php, in conjuction with cPanel’s creation of some perl scripts that are not taint clean, allow for any user to execute arbitrary code as any other user with uid above UID_MIN ( uid >= 100).

IMPACT:

Unfortunately, cPanel comes with mod_php installed by default, so all systems are vulnerable right out of the box. Any local user can comprimise the whole system.

SYSTEMS AFFECTED:

All systems where Apache has been compiled WITHOUT mod_phpsuexec, (most systems using cPanel software), are vulnerable. Those configurations that compiled Apache WITH mod_phpsuexec are NOT

VULNERABLE.

Apache versions 1.3.31 and below are VULNERABLE.

All cPanel versions (STABLE, RELEASE, CURRENT, and
EDGE) up through and including 9.3.0-EDGE_95 are VULNERABLE.

RedHat 7.3, 8.0, 9, and Enterprise Linux, Fedora, and FreeBSD OS have been verified vulnerable. All others are probably vulnerable too.

PROOF OF CONCEPT:

See top of post for php download

~pingywon ya heard it hear second