I sure hope this guy brian does not look up to this little kid. I also hope brian does not use fahrenheit for his first mass email campaign, he might get an intruder on his system.
To call ben kittridge (aka, bysin) a "whiz kid hacker" is the biggest insult you can give to all the true hackers out there. He's a complete moron with novice coding abilities at best. I can't believe I am seeing someone talk as if this kid is highly intelligent.
I feel sorry for all the lamers using that fahrenheit crap, because thats what it is CRAP. Look at the exploit that was written for it months ago, and this is just ONE route of exploiting his silly code. Probably most if not everyone who has been using fahrenheit has unwittingly gotten themselves "hacked".
./* Remote buffer overflow exploit for bysin's Fahrenheit v8.0 (bulk mailer)
*
* Author: [T3]
* Date: July 04, 2004
*
* Compile:
* Linux/BSD:
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c
*
* SunOS/Solaris: (not tested)
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c -lsocket -lnsl
*
* Usage: Run this as root to run as a fake nameserver on port 53. It
* immediately drops to an unprivileged uid/gid, so don't worry.
* The daemon will respond to all DNS queries with data that will
* hopefully spawn a bindshell on the bulk mailer host.
*
* Type./evilns for usage and command-line options.
*
* Example:
* - You own a domain called bubblebutt.com.
* - You have root on a shell called nshost.com.
* - You want to target a mailer on lamer.com running Slackware 9.0.
*
* Steps:
* 1. Run evilns as root on nshost.com with./evilns -t 3
* 2. Set the nameserver for bubblebutt.com to nshost.com.
* 3. Get your "victim" to add "user@bubblebutt.com" to his mailing list.
* 4. Check your log file periodically to see if you got a hit.
* 5. Telnet to your bindshell port on lamer.com to see if it worked.
*
* NOTES:
* - If it fails, restart the daemon with a different bufaddr/offset.
* - If it works, fix your terminal at the prompt by typing:
* export TERM=vt100;exec bash -i;
*
* Comments:
* This shitty spaghetti code had so many avenues of attack, it was hard
* to pick one to exploit. Go back to CS101 before boasting about what a
* wonderful programmer you are. Here's some classic quotes from bysin:
* "i invented the term > *", "you forget who i am",
* "Fahrenheit 8.0 doesn't have any bugs",
* "i wrote a ddos tool a few years ago, but i can't release it cuz
* it's too dangerous and could take down the entire internet"
*
* Talk like this is just an invitation to ridicule. Excuse me while I go
* laugh my ass off...
*
* !!! THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY (PROOF OF CONCEPT) !!!
*/
I sure hope this guy brian does not look up to this little kid. I also hope brian does not use fahrenheit for his first mass email campaign, he might get an intruder on his system.
To call ben kittridge (aka, bysin) a "whiz kid hacker" is the biggest insult you can give to all the true hackers out there. He's a complete moron with novice coding abilities at best. I can't believe I am seeing someone talk as if this kid is highly intelligent.
I feel sorry for all the lamers using that fahrenheit crap, because thats what it is CRAP. Look at the exploit that was written for it months ago, and this is just ONE route of exploiting his silly code. Probably most if not everyone who has been using fahrenheit has unwittingly gotten themselves "hacked".
http://us.f2.yahoofs.com/bc/416edd6c_d16e/bc/My+ Do cuments/evilns.c?bfbHubBBoTI1KL1z [yahoofs.com]
./* Remote buffer overflow exploit for bysin's Fahrenheit v8.0 (bulk mailer)
*
* Author: [T3]
* Date: July 04, 2004
*
* Compile:
* Linux/BSD:
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c
*
* SunOS/Solaris: (not tested)
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c -lsocket -lnsl
*
* Usage: Run this as root to run as a fake nameserver on port 53. It
* immediately drops to an unprivileged uid/gid, so don't worry.
* The daemon will respond to all DNS queries with data that will
* hopefully spawn a bindshell on the bulk mailer host.
*
* Type./evilns for usage and command-line options.
*
* Example:
* - You own a domain called bubblebutt.com.
* - You have root on a shell called nshost.com.
* - You want to target a mailer on lamer.com running Slackware 9.0.
*
* Steps:
* 1. Run evilns as root on nshost.com with./evilns -t 3
* 2. Set the nameserver for bubblebutt.com to nshost.com.
* 3. Get your "victim" to add "user@bubblebutt.com" to his mailing list.
* 4. Check your log file periodically to see if you got a hit.
* 5. Telnet to your bindshell port on lamer.com to see if it worked.
*
* NOTES:
* - If it fails, restart the daemon with a different bufaddr/offset.
* - If it works, fix your terminal at the prompt by typing:
* export TERM=vt100;exec bash -i;
*
* Comments:
* This shitty spaghetti code had so many avenues of attack, it was hard
* to pick one to exploit. Go back to CS101 before boasting about what a
* wonderful programmer you are. Here's some classic quotes from bysin:
* "i invented the term > *", "you forget who i am",
* "Fahrenheit 8.0 doesn't have any bugs",
* "i wrote a ddos tool a few years ago, but i can't release it cuz
* it's too dangerous and could take down the entire internet"
*
* Talk like this is just an invitation to ridicule. Excuse me while I go
* laugh my ass off...
*
* !!! THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY (PROOF OF CONCEPT) !!!
*/
Fahrenheit a great program? pfft what a joke.....
on
Interview with a Spampire
·
· Score: 2, Informative
I sure hope this guy brian does not look up to this little kid. I also hope brian does not use fahrenheit for his first mass email campaign, he might get an intruder on his system.
To call ben kittridge (aka, bysin) a "whiz kid hacker" is the biggest insult you can give to all the true hackers out there. He's a complete moron with novice coding abilities at best. I can't believe I am seeing someone talk as if this kid is highly intelligent.
I feel sorry for all the lamers using that fahrenheit crap, because thats what it is CRAP. Look at the exploit that was written for it months ago, and this is just ONE route of exploiting his silly code. Probably most if not everyone who has been using fahrenheit has unwittingly gotten themselves "hacked".
./* Remote buffer overflow exploit for bysin's Fahrenheit v8.0 (bulk mailer)
*
* Author: [T3]
* Date: July 04, 2004
*
* Compile:
* Linux/BSD:
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c
*
* SunOS/Solaris: (not tested)
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c -lsocket -lnsl
*
* Usage: Run this as root to run as a fake nameserver on port 53. It
* immediately drops to an unprivileged uid/gid, so don't worry.
* The daemon will respond to all DNS queries with data that will
* hopefully spawn a bindshell on the bulk mailer host.
*
* Type./evilns for usage and command-line options.
*
* Example:
* - You own a domain called bubblebutt.com.
* - You have root on a shell called nshost.com.
* - You want to target a mailer on lamer.com running Slackware 9.0.
*
* Steps:
* 1. Run evilns as root on nshost.com with./evilns -t 3
* 2. Set the nameserver for bubblebutt.com to nshost.com.
* 3. Get your "victim" to add "user@bubblebutt.com" to his mailing list.
* 4. Check your log file periodically to see if you got a hit.
* 5. Telnet to your bindshell port on lamer.com to see if it worked.
*
* NOTES:
* - If it fails, restart the daemon with a different bufaddr/offset.
* - If it works, fix your terminal at the prompt by typing:
* export TERM=vt100;exec bash -i;
*
* Comments:
* This shitty spaghetti code had so many avenues of attack, it was hard
* to pick one to exploit. Go back to CS101 before boasting about what a
* wonderful programmer you are. Here's some classic quotes from bysin:
* "i invented the term > *", "you forget who i am",
* "Fahrenheit 8.0 doesn't have any bugs",
* "i wrote a ddos tool a few years ago, but i can't release it cuz
* it's too dangerous and could take down the entire internet"
*
* Talk like this is just an invitation to ridicule. Excuse me while I go
* laugh my ass off...
*
* !!! THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY (PROOF OF CONCEPT) !!!
*/
Slashdot Mirror
I sure hope this guy brian does not look up to this little kid. I also hope brian does not use fahrenheit for his first mass email campaign, he might get an intruder on his system.
o cuments/evilns.c?bfbq.bBB2_czKL1z
/* Remote buffer overflow exploit for bysin's Fahrenheit v8.0 (bulk mailer) ./evilns for usage and command-line options. ./evilns -t 3
To call ben kittridge (aka, bysin) a "whiz kid hacker" is the biggest insult you can give to all the true hackers out there. He's a complete moron with novice coding abilities at best. I can't believe I am seeing someone talk as if this kid is highly intelligent.
I feel sorry for all the lamers using that fahrenheit crap, because thats what it is CRAP. Look at the exploit that was written for it months ago, and this is just ONE route of exploiting his silly code. Probably most if not everyone who has been using fahrenheit has unwittingly gotten themselves "hacked".
CLICK HERE TO DOWNLOAD EXPLOIT:
http://us.f2.yahoofs.com/bc/416edd6c_d16e/bc/My+D
.
*
* Author: [T3]
* Date: July 04, 2004
*
* Compile:
* Linux/BSD:
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c
*
* SunOS/Solaris: (not tested)
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c -lsocket -lnsl
*
* Usage: Run this as root to run as a fake nameserver on port 53. It
* immediately drops to an unprivileged uid/gid, so don't worry.
* The daemon will respond to all DNS queries with data that will
* hopefully spawn a bindshell on the bulk mailer host.
*
* Type
*
* Example:
* - You own a domain called bubblebutt.com.
* - You have root on a shell called nshost.com.
* - You want to target a mailer on lamer.com running Slackware 9.0.
*
* Steps:
* 1. Run evilns as root on nshost.com with
* 2. Set the nameserver for bubblebutt.com to nshost.com.
* 3. Get your "victim" to add "user@bubblebutt.com" to his mailing list.
* 4. Check your log file periodically to see if you got a hit.
* 5. Telnet to your bindshell port on lamer.com to see if it worked.
*
* NOTES:
* - If it fails, restart the daemon with a different bufaddr/offset.
* - If it works, fix your terminal at the prompt by typing:
* export TERM=vt100;exec bash -i;
*
* Comments:
* This shitty spaghetti code had so many avenues of attack, it was hard
* to pick one to exploit. Go back to CS101 before boasting about what a
* wonderful programmer you are. Here's some classic quotes from bysin:
* "i invented the term > *", "you forget who i am",
* "Fahrenheit 8.0 doesn't have any bugs",
* "i wrote a ddos tool a few years ago, but i can't release it cuz
* it's too dangerous and could take down the entire internet"
*
* Talk like this is just an invitation to ridicule. Excuse me while I go
* laugh my ass off...
*
* !!! THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY (PROOF OF CONCEPT) !!!
*/
I sure hope this guy brian does not look up to this little kid. I also hope brian does not use fahrenheit for his first mass email campaign, he might get an intruder on his system.
+ Do cuments/evilns.c?bfbHubBBoTI1KL1z [yahoofs.com]
/* Remote buffer overflow exploit for bysin's Fahrenheit v8.0 (bulk mailer) ./evilns for usage and command-line options. ./evilns -t 3
To call ben kittridge (aka, bysin) a "whiz kid hacker" is the biggest insult you can give to all the true hackers out there. He's a complete moron with novice coding abilities at best. I can't believe I am seeing someone talk as if this kid is highly intelligent.
I feel sorry for all the lamers using that fahrenheit crap, because thats what it is CRAP. Look at the exploit that was written for it months ago, and this is just ONE route of exploiting his silly code. Probably most if not everyone who has been using fahrenheit has unwittingly gotten themselves "hacked".
http://us.f2.yahoofs.com/bc/416edd6c_d16e/bc/My
.
*
* Author: [T3]
* Date: July 04, 2004
*
* Compile:
* Linux/BSD:
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c
*
* SunOS/Solaris: (not tested)
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c -lsocket -lnsl
*
* Usage: Run this as root to run as a fake nameserver on port 53. It
* immediately drops to an unprivileged uid/gid, so don't worry.
* The daemon will respond to all DNS queries with data that will
* hopefully spawn a bindshell on the bulk mailer host.
*
* Type
*
* Example:
* - You own a domain called bubblebutt.com.
* - You have root on a shell called nshost.com.
* - You want to target a mailer on lamer.com running Slackware 9.0.
*
* Steps:
* 1. Run evilns as root on nshost.com with
* 2. Set the nameserver for bubblebutt.com to nshost.com.
* 3. Get your "victim" to add "user@bubblebutt.com" to his mailing list.
* 4. Check your log file periodically to see if you got a hit.
* 5. Telnet to your bindshell port on lamer.com to see if it worked.
*
* NOTES:
* - If it fails, restart the daemon with a different bufaddr/offset.
* - If it works, fix your terminal at the prompt by typing:
* export TERM=vt100;exec bash -i;
*
* Comments:
* This shitty spaghetti code had so many avenues of attack, it was hard
* to pick one to exploit. Go back to CS101 before boasting about what a
* wonderful programmer you are. Here's some classic quotes from bysin:
* "i invented the term > *", "you forget who i am",
* "Fahrenheit 8.0 doesn't have any bugs",
* "i wrote a ddos tool a few years ago, but i can't release it cuz
* it's too dangerous and could take down the entire internet"
*
* Talk like this is just an invitation to ridicule. Excuse me while I go
* laugh my ass off...
*
* !!! THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY (PROOF OF CONCEPT) !!!
*/
I sure hope this guy brian does not look up to this little kid. I also hope brian does not use fahrenheit for his first mass email campaign, he might get an intruder on his system.
o cuments/evilns.c?bfbHubBBoTI1KL1z
/* Remote buffer overflow exploit for bysin's Fahrenheit v8.0 (bulk mailer) ./evilns for usage and command-line options. ./evilns -t 3
To call ben kittridge (aka, bysin) a "whiz kid hacker" is the biggest insult you can give to all the true hackers out there. He's a complete moron with novice coding abilities at best. I can't believe I am seeing someone talk as if this kid is highly intelligent.
I feel sorry for all the lamers using that fahrenheit crap, because thats what it is CRAP. Look at the exploit that was written for it months ago, and this is just ONE route of exploiting his silly code. Probably most if not everyone who has been using fahrenheit has unwittingly gotten themselves "hacked".
http://us.f2.yahoofs.com/bc/416edd6c_d16e/bc/My+D
.
*
* Author: [T3]
* Date: July 04, 2004
*
* Compile:
* Linux/BSD:
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c
*
* SunOS/Solaris: (not tested)
* gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c -lsocket -lnsl
*
* Usage: Run this as root to run as a fake nameserver on port 53. It
* immediately drops to an unprivileged uid/gid, so don't worry.
* The daemon will respond to all DNS queries with data that will
* hopefully spawn a bindshell on the bulk mailer host.
*
* Type
*
* Example:
* - You own a domain called bubblebutt.com.
* - You have root on a shell called nshost.com.
* - You want to target a mailer on lamer.com running Slackware 9.0.
*
* Steps:
* 1. Run evilns as root on nshost.com with
* 2. Set the nameserver for bubblebutt.com to nshost.com.
* 3. Get your "victim" to add "user@bubblebutt.com" to his mailing list.
* 4. Check your log file periodically to see if you got a hit.
* 5. Telnet to your bindshell port on lamer.com to see if it worked.
*
* NOTES:
* - If it fails, restart the daemon with a different bufaddr/offset.
* - If it works, fix your terminal at the prompt by typing:
* export TERM=vt100;exec bash -i;
*
* Comments:
* This shitty spaghetti code had so many avenues of attack, it was hard
* to pick one to exploit. Go back to CS101 before boasting about what a
* wonderful programmer you are. Here's some classic quotes from bysin:
* "i invented the term > *", "you forget who i am",
* "Fahrenheit 8.0 doesn't have any bugs",
* "i wrote a ddos tool a few years ago, but i can't release it cuz
* it's too dangerous and could take down the entire internet"
*
* Talk like this is just an invitation to ridicule. Excuse me while I go
* laugh my ass off...
*
* !!! THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY (PROOF OF CONCEPT) !!!
*/