Full Disclosure mailing list archives
DCOM Worm/scanner/autorooter !!!
From: Stephen <alf1num3rik () yahoo com>
Date: Thu, 7 Aug 2003 03:25:33 -0700 (PDT)
Hello here, a new worm is on the wild, it uses the exploit released by k-otik (48 targets - http://www.k-otik.com/exploits/07.30.dcom48.c.php) look this shit : /* RPC DCOM WORM v 2.2 - * This code is in relation to a specific DDOS IRCD botnet project. * You may edit the code, and define which ftp to login * and which .exeutable file to recieve and run. * I use spybot, very convienent * - * So basicly script kids and brazilian children, this is useless to you * So PATCH PATCH PATCH and block the ports 135 - 139 -445 - 593 Regards. Stephen - Germany __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- DCOM Worm/scanner/autorooter !!! Stephen (Aug 07)
- Red Bull Worm Joel R. Helgeson (Aug 07)
- Re: Red Bull Worm Berend-Jan Wever (Aug 07)
- Re: Red Bull Worm CHeeKY (Aug 07)
- RE: Red Bull Worm gml (Aug 07)
- Re: Red Bull Worm Brian Eckman (Aug 07)
- Re: Red Bull Worm Valdis . Kletnieks (Aug 07)
- Re: Red Bull Worm Joel R. Helgeson (Aug 07)
- Re: Red Bull Worm Brian Eckman (Aug 07)
- Re: Red Bull Worm Berend-Jan Wever (Aug 07)
- RE: Red Bull Worm Adam (Aug 07)
- Re: Red Bull Worm KF (Aug 07)
- Red Bull Worm Joel R. Helgeson (Aug 07)