Full Disclosure mailing list archives
RE: DCOM Worm/scanner/autorooter !!!
From: "Warren Rees" <wrees () htoc com>
Date: Fri, 8 Aug 2003 03:28:05 -0400
FYI - http://packetstorm.icx.fr/filedesc/dcomworm.zip.html Is what Stephen was talking about. I wouldn't say its much of a worm, although I just briefly looked at it (as its 3:30am and I have to get up in the morning!) -Warren -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Joey Sent: Friday, August 08, 2003 12:04 AM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] DCOM Worm/scanner/autorooter !!! So you are saying that the infected target also scans other computers for the dcom vulnerability? if so then it would be considered a worm. --- Stephen <alf1num3rik () yahoo com> wrote:
Hello here, a new worm is on the wild, it uses the exploit released by k-otik (48 targets - http://www.k-otik.com/exploits/07.30.dcom48.c.php) look this shit : /* RPC DCOM WORM v 2.2 - * This code is in relation to a specific DDOS IRCD botnet project. * You may edit the code, and define which ftp to login * and which .exeutable file to recieve and run. * I use spybot, very convienent * - * So basicly script kids and brazilian children, this is useless to you * So PATCH PATCH PATCH and block the ports 135 - 139 -445 - 593 Regards. Stephen - Germany
__________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Red Bull Worm, (continued)
- Re: Red Bull Worm Berend-Jan Wever (Aug 07)
- Re: Red Bull Worm CHeeKY (Aug 07)
- RE: Red Bull Worm gml (Aug 07)
- Re: Red Bull Worm Brian Eckman (Aug 07)
- Re: Red Bull Worm Valdis . Kletnieks (Aug 07)
- Re: Red Bull Worm Joel R. Helgeson (Aug 07)
- Re: Red Bull Worm Brian Eckman (Aug 07)
- Re: Red Bull Worm Berend-Jan Wever (Aug 07)
- RE: Red Bull Worm Adam (Aug 07)
- Re: Red Bull Worm KF (Aug 07)
- Re: DCOM Worm/scanner/autorooter !!! Joey (Aug 07)
- RE: DCOM Worm/scanner/autorooter !!! Warren Rees (Aug 08)
- Re: DCOM Worm/scanner/autorooter !!! roman . kunz (Aug 08)
- Re: DCOM Worm/scanner/autorooter !!! Joey (Aug 10)
- Re: DCOM Worm/scanner/autorooter !!! Stephen (Aug 10)
- Re: DCOM Worm/scanner/autorooter !!! Joey (Aug 10)