Full Disclosure mailing list archives
Re: Botnet using Plesk vulnerability and takedown
From: jtagtgc () tormail org
Date: Sat, 8 Jun 2013 16:50:15 -0000
We put that domain in as example, obviously we not disclose our real domain. On that domain is the clean.pl script, obvious enough. Also, thanks to person who register domain, you now have badass domain name. Perhaps host the clean.pl as final_solution.txt in webroot?
What happened to the link. On 6/8/13, kai <kai () rhynn net> wrote:wget http://botslayer.ru/final_solution.txti've registered this domain just to save incompetent shitheads who blindly run any code which is supposed to "fix security problem". why have you included the non-existent domain in your code? thanks for your interesting investigation anyway. Cheers, Kai _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com {FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Botnet using Plesk vulnerability and takedown jtagtgc (Jun 06)
- Re: Botnet using Plesk vulnerability and takedown kai (Jun 08)
- Re: Botnet using Plesk vulnerability and takedown Gichuki John Chuksjonia (Jun 08)
- Re: Botnet using Plesk vulnerability and takedown jtagtgc (Jun 08)
- Re: Botnet using Plesk vulnerability and takedown kai (Jun 09)
- Re: Botnet using Plesk vulnerability and takedown Gichuki John Chuksjonia (Jun 08)
- Re: Botnet using Plesk vulnerability and takedown kai (Jun 08)
- <Possible follow-ups>
- Re: Botnet using Plesk vulnerability and takedown dumMY's (Jun 11)