[olug] luser trickery
Andrew
andrew at einer.org
Fri May 17 22:38:39 UTC 2002
From a shell prompt you can do a:
wget http://olug.org/~roberson/windoze/stupid_trick1.php
And then look at the source. I did this and found that it doesn't
appear to do anything other than attack an Internet Explorer iFrame
vulnerability.
The page just says "No Privacy Protection Software Found" and provides a
link to a webpage that will supposedly fix your problem. The page is
called download.html and you can view it's source by doing a:
wget http://olug.org/~roberson/windoze/stupid_trick1.php
And then look at the source.
The big grand exploit contained in the download.html?
"Some Stupid exploit"
It contains that text string and nothing more. It COULD have been a
mime encoded nastygram, but it's just a harmless text string.
To further aleviate your fear of exploit consider John Warren's Post
from May 15:
On Wednesday 15 May 2002 23:08, Jonathan Warren wrote:
>I just had to try it. I got some stupid exploit on my box now. :)
>
Some Stupid Exploit is now on his box. Nothing to see here. No harm no
foul. Hope this cleared something up for you.
Andrew
Mark Martin wrote:
>Okay, Brian. For those of us who were naive enough to trust you and followed
>your link believing that you wouldn't risk damaging our systems and were
>providing a link to a description of an exploit that we should avoid rather
>than enticing us into compromising our systems with a cryptic "warning",
>would you please explain what the (insert favorite expletive here) you have
>done to our systems? Galeon showed an almost completely blank page but I
>found an uninvited server listening on the doom port (666) thereafter, which
>I am guessing came from your exploit. Do those of us who trusted you have to
>waste more of our lives cleaning up after your joke? Maybe the first
>security lesson to learn from your message is not to trust you.
>
>Also, I'm guessing that "luser" is really "loser". Ha, Ha. I'm a loser.
>Now, can you please tell us slower students what you did so we can stop
>wasting our time and stop worrying about what nefarious code is covertly
>running on our boxes?
>
>Mark
>
>On Friday 17 May 2002 07:00, Mark Martin wrote:
>
>
>>Dear Brian,
>>
>>Does this URL point to a description of the exploit or an implementation of
>>the exploit?
>>
>>Mark
>>
>>On Wednesday 15 May 2002 23:08, Jonathan Warren wrote:
>>
>>
>>>I just had to try it. I got some stupid exploit on my box now. :)
>>>
>>>On Wed, May 15, 2002 at 10:16:58PM -0500, Brian Roberson wrote:
>>>
>>>
>>>>Sadly enough... people fall for this.. ( dont try it unless you are
>>>>running windoze )
>>>>
>>>>
>>>>http://olug.org/~roberson/windoze/stupid_trick1.php
>>>>
>>>>
>
>-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>
>For help contact olug-help at olug.org - run by ezmlm
>to unsubscribe, send mail to olug-unsubscribe at olug.org
>or `mail olug-unsubscribe at olug.org < /dev/null`
>(c)1998-2002 OLUG http://www.olug.org
>
>-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>
>
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
For help contact olug-help at olug.org - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at olug.org
or `mail olug-unsubscribe at olug.org < /dev/null`
(c)1998-2002 OLUG http://www.olug.org
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
More information about the OLUG
mailing list