Vulnerability Development mailing list archives
Re: Tool released to scan for possible CodeRed infected servers
From: H D Moore <hdm () secureaustin com>
Date: Mon, 23 Jul 2001 12:42:13 -0500
Here is a quick little perl script, it only checks one host at a time. http://www.digitaloffense.net/ida_overflow.pl If you want to check a network range, try the following: # nmap -sS -p 80 -n -PS80 -oM - <ip range> | grep 80/open | awk '{print $2}' | xargs -i perl ida_overflow.pl -h {} If you want to check a range of SSL servers: # nmap -sS -p 443 -n -PS443 -oM - <ip range> | grep 443/open | awk '{print $2}' | xargs -i perl ida_overflow.pl -h {} -s -p 443 -HD P.S. This script uses libwhisker On Friday 20 July 2001 09:43 pm, tom ring wrote:
Thanks for your efforts. Will there be a unix source version available? I won't bother to explain why I'd rather have that. \ tom On 20 Jul 2001, at 16:27, Marc Maiffret wrote:In an effort to help administrators find all systems within their network that are vulnerable to the .ida buffer overflow attack, which the "Code Red" worm is using to spread itself, we have decided to release a free tool named CodeRed Scanner. It can scan a range of IP addresses and report back any IP addresses which are vulnerable to the .ida attack, and susceptible to the "Code Red" worm.------ Tom Ring WA2PHW EN34 tar () real-time com "It is better to go into a turn slow, and come out fast, than to go into a turn fast and come out dead."
Current thread:
- Tool released to scan for possible CodeRed infected servers Marc Maiffret (Jul 20)
- Re: Tool released to scan for possible CodeRed infected servers Kenneth Williams (Jul 22)
- RE: Tool released to scan for possible CodeRed infected servers Marc Maiffret (Jul 22)
- Re: Tool released to scan for possible CodeRed infected servers Mike Fedyk (Jul 22)
- RE: Tool released to scan for possible CodeRed infected servers Marc Maiffret (Jul 22)
- Re: Tool released to scan for possible CodeRed infected servers tom ring (Jul 23)
- Re: Tool released to scan for possible CodeRed infected servers H C (Jul 23)
- Re: Tool released to scan for possible CodeRed infected servers H D Moore (Jul 23)
- Re: Tool released to scan for possible CodeRed infected servers Kenneth Williams (Jul 22)