Nmap Development mailing list archives
Re: Always practice safe software: a lesson from UnrealIRCd
From: Vlatko Kosturjak <kost () linux hr>
Date: Sun, 13 Jun 2010 16:35:38 +0200
On 06/13/2010 02:24 AM, Fyodor wrote:
Also, I think this calls out for an NSE script to detect the backdoor! Any volunteers? It is a really simple backdoor, and a script would allow people to quickly scan their networks for vulnerable servers. Maybe we should have a general backdoor detection script which can start out with just Unreal but can be later extended to handle other backdoors/trojans.
Quick'n'dirty NSE script is in attachment. Feel free to modify & adapt it. Note: script tries to shut down the IRC server to check if it is vulnerable. Feel free to make it safer/better... Kost
Attachment:
irc-unrealircd-backdoor.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Always practice safe software: a lesson from UnrealIRCd Fyodor (Jun 12)
- Re: Always practice safe software: a lesson from UnrealIRCd Gutek (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Vlatko Kosturjak (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Gutek (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Ron (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Ron (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Ron (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Fyodor (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Vlatko Kosturjak (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Ron (Jun 14)
- Re: Always practice safe software: a lesson from UnrealIRCd Gutek (Jun 14)
- Re: Always practice safe software: a lesson from UnrealIRCd Vlatko Kosturjak (Jun 13)
- Re: Always practice safe software: a lesson from UnrealIRCd Ron (Jun 14)