1. Forum
  2. DOVE-Net
  3. Programming

  • ssh exploit (hack)

    From Magizian@VERT/SYNCNIX to DOVE-Net.Programming on Wednesday, May 25, 2011 22:30:31
    I'm familiar with the telephone...
    it's quite possibly the most insecure form of communication we have on this set.

    I alerted you to the fact that your product (pragma fortress sshd) has a
    very dangerous exploit and that my version of your product no longer does.. and that if you want the fix it would only cost you one license and key..
    I'm considering jacking up the price though.

    If this fact is not a reality to you, logon to your own box with the
    following command (edit it first):

    ssh -2C -l lowestaccessusername -t yourdomainnameorIPv4 "at 12:30 reallynastycommand"

    ..then try to do that on mine.
    [;-)
    and you might want to have your product fixed and distributed to your
    clients before this data becomes public widespread information.. which will
    be happening soon.

    But you don't seem interested in my generous offer, you seem to want to try
    to get free information from me other than what I've disclosed to you.

    as far as your product being "Government approved", which government agency
    do you claim is using your product?

    Magizian

    On Wed, May 25 at 06:04 PM (GMT+7), Andrew Tull <andrew@pragmasys.com>
    wrote:

    Hunter,

    Certainly, but I also like to use the phone.

    Let me know when we can connect over the telephone. It's the
    device that has the wonky ten digit keypad on it.

    Andrew

    ________________________________________
    From: hunter1977@hushmail.com [hunter1977@hushmail.com]
    Sent: Wednesday, May 25, 2011 4:50 PM
    To: Andrew Tull
    Subject: Re: FW: Follow up on evaluation of Pragma Systems
    Telnet and SSH solutions

    SSH -2Cp 20022 -l user magizian2.dyndns.org

    is my number, password is freeaccess

    you do know how to use ssh right? ;-)


    On Wed, May 25 at 11:25 AM (GMT+7), Andrew Tull
    <andrew@pragmasys.com> wrote:

    Hunter,

    I am following up on the below - let me know when I can
    reach
    you over the phone to talk further about your email below.

    I look forward to hearing back from you.

    Thank you,

    Andrew Tull
    Pragma Systems
    512.219.7270

    ________________________________________
    From: hunter1977@hushmail.com [hunter1977@hushmail.com]
    Sent: Tuesday, May 24, 2011 8:22 PM
    To: Andrew Tull
    Subject: Re: Follow up on evaluation of Pragma Systems
    Telnet
    and SSH solutions

    Well, I found an insecurity in your sshd that allowed
    anyone to
    run virtually any command via the ssh -t flag, and
    absolutely
    any command when combined with the w32 at command...
    patched it,
    so the exploit no longer exists for me.. if you want it,
    it's
    only gonna cost you a free key. If you don't want it, then
    you
    probably left that insecurity in there on purpose.

    Hunter Reon Barnes
    "Magizian"
    SSH -2Cp 20022 -l user magizian2.dyndns.org

    password for user is freeaccess

    On Mon, May 23 at 11:01 PM (GMT+7),
    andrew.tull@pragmasys.com
    wrote:

    May 24, 2011

    Dear hunter barnes,

    I hope all is well with you as you continue your
    evaluation
    of the
    Pragma technologies. I am following up with you to see
    how
    your
    evaluation is progressing?

    If you require technical support, you may contact us
    at
    support@pragmasys.com. If you have any sales related
    questions, please
    do not hesitate to contact me directly.

    I look forward to hearing back from you.

    Best regards,

    Andrew Tull
    Vice President, Sales & Marketing
    Pragma Systems, Inc.
    13809 Research Blvd, Suite 675
    Austin, Texas 78750
    512.219.7270 office
    512.219.7110 fax
    206.601.5516 cell
    andrew.tull@pragmasys.com
    ...

    ---
    þ Synchronet þ My Brand-New BBS (All the cool SysOps run STOCK!)