Re: http://xfteam.net/fedor.c - Anyone seen this before??

[Robert Jaroszuk <zim () iq pl>]

On Mon, 24 Nov 2003, Dan wrote:

; Hi,
; Our Snort picked up an interesting attempt to download, compile and execute.
; Noting also the fact that the sub dir its attempting to access has not been
; there for over 4 months(/logjam/)?
; 
; Has anyone actually seen what this fedor.c is? I have done some google'ing but
; it comes up blank.

It's simply a bindshell with allocates tty for each session.
Bindshell is a program which binds to tcp port, and listen for incoming connections.
If one will connect to port defined within this bindshell program, (root) shell will be spawned.
Check this out -> http://hysteria.sk/sd/f/junk/bindshell/

-- 
..... Robert Jaroszuk - zim@iq,pl - [ IQ PL Sp. z o.o. ] .....
GCS/IT/O d? s: a-- C++ ULB++++$ P+ L++++$ E--- W- N+ w-- O- M-
V- PS+ PE Y(+) PGP-(+++) t-- 5? X- R* tv-- DI++ b++>+++ DI- D-
... The superior warrior wins without fighting -- Sun Tzu. ...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html