Security Incidents mailing list archives
FW: Sub-7
From: abel () ABLE-TOWERS COM (Abel Wisman)
Date: Thu, 8 Jun 2000 14:15:31 +0200
this is output in a channel on irc: 17:10] *** Joins: cwc [17:10] <cwc> Sub7Server v.2.1 installed on port: 27374, ip: 195.252.137.208 - victim: pechfregel - password: rasta [17:10] *** Quits: dt018 (Leaving) [17:10] *** Joins: kwxqry [17:10] <kwxqry> Sub7Server v.2.1 installed on port: 27374, ip: 213.6.181.193 - victim: pechfregel - password: rasta [17:10] <moxbj> Sub7Server v.2.1 installed on port: 27374, ip: 62.157.13.4 - victim: pechfregel - password: rasta [17:10] <pjv> Sub7Server v.2.1 installed on port: 27374, ip: 192.168.10.52 - victim: pechfregel - password: rasta [17:10] *** Joins: xakjbl [17:10] <xakjbl> Sub7Server v.2.1 installed on port: 27374, ip: 62.224.173.111 - victim: pechfregel - password: rasta [17:10] <paxlp> Sub7Server v.2.1 installed on port: 27374, ip: 195.71.25.254 - victim: pechfregel - password: rasta [17:10] <sjil> Sub7Server v.2.1 installed on port: 27374, ip: 195.131.87.73 - victim: pechfregel - password: rasta [17:11] <fwwm> Sub7Server v.2.1 installed on port: 27374, ip: 62.224.200.40 - victim: pechfregel - password: rasta [17:11] *** Joins: yagc [17:11] <yagc> Sub7Server v.2.1 installed on port: 27374, ip: 213.6.119.91 - victim: pechfregel - password: rasta [17:12] <bstdm> Sub7Server v.2.1 installed on port: 27374, ip: 193.159.1.191 - victim: pechfregel - password: rasta [17:12] <uen> Sub7Server v.2.1 installed on port: 27374, ip: -193.0.81.2-192.168.171.26-193.159.10.204- - victim: pechfregel - password: rasta (attached log) abel wisman ABLE-TOWERS is a division of UROwear Llc which in turn is a division of ABLE Consultancy Holding BV we recommend you visit these pages: www.able-towers.com (hosting) www.ul.org (domainregistration) www.nut-shell.com (webdesign) www.webdesignsdirect.com (webdesign) -----Original Message----- From: Incidents Mailing List [mailto:INCIDENTS () SECURITYFOCUS COM]On Behalf Of Khan, Mansoor Sent: maandag 5 juni 2000 19:49 To: INCIDENTS () SECURITYFOCUS COM Subject: Sub-7 I was wondering if any one has any experience with this Trojan (Sub-7). I am interested in finding out if it sends info through a general broadcast to chat rooms. Additionally, what specific info does it send (from a w-95 machine) e.g. registry settings, user ids and passwords etc. Thanks,
Current thread:
- FW: Sub-7 Abel Wisman (Jun 08)
- <Possible follow-ups>
- Re: Sub-7 PARKIN, MICHAEL (PBI) (Jun 08)
- Re: FW: Sub-7 Brooke, O'Neil (Jun 09)