From: jericho@attrition.org
To: John Vranesevich (jp@antionline.com)
Cc: legal@attrition.org, corruptio@hotmail.com
Date: Wed, 14 Jul 1999 04:46:23 -0600 (MDT)
Subject: Copyright Violation by AntiOnline


http://www.AntiCode.com/archives/solaris-exploits/251/amountd-ex.tgz


You and AntiOnline are once again in blatant and unmistakeable copyright
violation. I am contacting you on behalf of one of the members of
Corruptio Optimi Pessima who hosts a page on this system. 

If you read the header of their source code, they explicitly state:

 * Copyright (c) 1998-1999, Corruptio Optimi Pessima
 * All rights reserved

as well as:

 * ANTIONLINE.COM AND ANTICODE.COM (OR ANY OTHER ANTIONLINE AFFILIATE)
 * MAY NOT USE OR DISTRIBUTE THIS EXPLOIT.  AND LIKE ROOTSHELL, DELETING
 * HEADERS IS PATHETIC.

According to them, the only initial distribution point for their exploit
code was via the attrition web server. This can be verified at:
http://www.attrition.org/hosted/cop/cop-01.txt

According to the message posted to bugtraq:
   Exploit code for this vulnerability can be easily obtained from the
   following URL: http://www.attrition.org/hosted/cop/index.html

Remove the code from your server immediately as you are in direct
violation of copyright law.

=-=

forced /tmp# lynx
http://www.AntiCode.com/archives/solaris-exploits/251/amountd-ex.tgz
forced /tmp# mkdir antionline-copyright-infringement
forced /tmp# mv amountd-ex.tgz antionline-copyright-infringement/
forced /tmp# cd antionline-copyright-infringement/
forced /tmp/antionline-copyright-infringement# ls
total 7
drwx------   2 root     root         1024 Jul 14 04:34 ./
drwx-wx-wt   7 root     root         3072 Jul 14 04:34 ../
-rw-------   1 root     root         2747 Jul 14 04:34 amountd-ex.tgz
forced /tmp/antionline-copyright-infringement# gzip -d amountd-ex.tgz 
forced /tmp/antionline-copyright-infringement# tar xf amountd-ex.tar 
forced /tmp/antionline-copyright-infringement# ls
total 15
drwx------   3 root     root         1024 Jul 14 04:34 ./
drwx-wx-wt   7 root     root         3072 Jul 14 04:34 ../
-rw-------   1 root     root        10240 Jul 14 04:34 amountd-ex.tar
drwx------   2 root     web          1024 Jan  3  1999 amountdexp/
forced /tmp/antionline-copyright-infringement# cd amountdexp/
forced /tmp/antionline-copyright-infringement/amountdexp# head -30
amountdexp.c 
/* 
 * Corruptio Optimi Pessima - "corruption of the best is worst of all" 
 * Released January 3, 1999
 * 
 * Remote Solaris 2.5, 2.5.1 stock, 2.5.1 patched, 2.6, 2.7
 * rpc.statd/automountd exploit
 *
 * Copyright (c) 1998-1999, Corruptio Optimi Pessima
 * All rights reserved
 *
 * DISCLAIMER:
 *
 * WE TAKE NO RESPONSIBILITY FOR WHAT ANYONE DOES WITH THIS CODE.
 * DO NOT BLAME US.  BLAME SUN.  
 *
 * ROOTSHELL.COM MAY NOT PUT THIS UP ON THEIR PAGE.  THIS IS EXPLICIT
 * INSTRUCTION THAT DOING SO VIOLATES OUR COPYRIGHT.  AND DON'T DELETE
 * THESE HEADERS AND POST IT LIKE YOU USUALLY DO.
 *
 * ANTIONLINE.COM AND ANTICODE.COM (OR ANY OTHER ANTIONLINE AFFILIATE)
 * MAY NOT USE OR DISTRIBUTE THIS EXPLOIT.  AND LIKE ROOTSHELL, DELETING
 * HEADERS IS PATHETIC.
 *
 * Notes: Compile with -DUSESPRINTF if you are on a Solaris 2.5.1 or
 *        below machine.
 *
 */

#include  
#include  
forced /tmp/antionline-copyright-infringement/amountdexp#