Irregular Expressions

Aug 21 2010   12:04AM GMT

Casper RFI crack bot – Part 2



Posted by: Dan O'Connor
Tags:
perl rfi bot

There is more then one file in each rar that appears to be a copy of the bot. The differences are pretty minor.

scan.txt
-my @servers = ("irc.xxxx.org");
+my @servers = ("irc.xxxxxx.org","irc.xxxxxx.org");

@@ -3,7 +3,7 @@
 ################################
 #  CASPER RFI CRACK Bot v1.1   #
 #  By Kiss_Me Alert jan 2010.  #
-#     Casper_kae@yahoo.com     #
+#     carisma2009@gmail.com    #
 ################################

We also have a hand full of IRC servers listed in the files, with connection information.  That could be fun but also a lot of trouble :)

 var $config = array("server"=>"irc.xxxxxx.org",
                     "port"=>"6667",
                     "pass"=>"xxxx",
                     "prefix"=>"vai",
                     "maxrand"=>"15",
                     "chan"=>"#xxxx",
                     "chan2"=>"",
                     "key"=>"",
                     "modes"=>"+p",
                     "password"=>"xxxxx",
                     "trigger"=>".",
                     "hostauth"=>"*" // * for any hostname (remember: /setvhost pucorp.org)
                     );

That’s worth looking at pucorp.org… Browsing there does not seem to do much but, there is hidden text ! spiffy.

wget --mirror pucorp.org

What is the text?

No idea, it does appear to be from multiple servers but I am not sure at this point why its being dumped into here. We will have to come back to this.

There is yet more scripts included in here, iso.txt is worth a look.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: