UnrealIRCd is an open-source IRC server that has been around since 1999 and is perhaps the most widely used one today. Version 3.2.8.1 was vulnerable to remote code execution due to a backdoor in the software. Today, we will be exploiting the vulnerability with Metasploit, examining the underlying code to understand it, and creating our own version of the exploit in Python.

Between November 2009 and June 2010, UnrealIRCd 3.2.8.1 contained a backdoor trojan that was available in the download archive. The vulnerability allowed an attacker to execute arbitrary code by sending the string “AB,”… more


Go to Source

 

Comments are closed.