Full Disclosure mailing list archives
Re: rpc/dcom -- de ja vu?
From: Shanphen Dawa <list () hardlined com>
Date: Sun, 3 Aug 2003 03:29:59 -0500
.bat files!! must be dat hax0r morning_w00d On Sun, 3 Aug 2003 02:28:51 -0400 "Justin Shin" <zorkshin () tampabay rr com> wrote:
hi guys Anyone recognize this directory listing (my guess is next to the name) tftpd32.exe < trivial ftp daemon rpc.exe < ? r_server.exe < radmin server raddrv.dll < include dll for radmin AdmDll.dll < include dll for radmin rad.bat < 1337 h4x0r b47ch file rpc.bat < another 1337 h4x0r b47ch file cygwin1.dll < duh DCOM32.exe < exploit NC.exe < netcat I first saw this on my friend's computer ... I assumed it was justa guy with some spare time screwing around ... however, I have observed this on one of my client's computers as well. -- Justin _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-- /* "To avoid all evil, to cultivate good, and to cleanse one's mind this is the teaching of the Buddhas." Martin Ekendahl http://www.hardlined.com martin () hardlined com */ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- rpc/dcom -- de ja vu? Justin Shin (Aug 02)
- Re: rpc/dcom -- de ja vu? Shanphen Dawa (Aug 03)
- Re: rpc/dcom -- de ja vu? morning_wood (Aug 03)
- Re: rpc/dcom -- de ja vu? Shanphen Dawa (Aug 03)