Full Disclosure mailing list archives
Re: DCOM WORM - preface
From: "sf" <sf () diffusion net>
Date: Fri, 15 Aug 2003 21:28:11 -0400
ya i got more questions. so you are ddosing yourself? are you complaining cuz this sdbot net is attacking you? why is your dns being used? are you pissing people off again? its interesting to see people take the time to make a personal version for you. ----- Original Message ----- From: "morning_wood" <se_cur_ity () hotmail com> To: "sf" <sf () diffusion net>; <full-disclosure () lists netsys com>; "0day" <0day () nothackers org> Sent: Friday, August 15, 2003 8:12 PM Subject: Re: [Full-disclosure] DCOM WORM - preface
if you look at the sample you will see those are connect strings of the sdbot attacking my system from infected systemsjihpt@ nigga2 exploitlabs.com #0sec nigger exploitlabs.com #whore niggerexploitlabs.com <---- server (dns ) to attack #0sec <--- chanel to join nigger / nigga2 <--- password for the botsProc32.exe^^^^^^^^---- if you have this you are infected and attacking meCritical Process Monitor mIRC v6.03 Khaled Mardam-Bey^^^^^^^^^^^^^^^^^^^^^^^^^^^^--------- basic irc interface component in the sdbotwtf is that supposed to be?any more questions? try to analyse the info first ok, try looking at the sdbot configuration and you will see these things clearly as options. Donnie Werner
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- DCOM WORM - preface morning_wood (Aug 15)
- Re: DCOM WORM - preface sf (Aug 15)
- Re: DCOM WORM - preface morning_wood (Aug 15)
- Re: DCOM WORM - preface sf (Aug 15)
- Re: DCOM WORM Killer 2.0 w g (Aug 15)
- Re: DCOM WORM - preface morning_wood (Aug 15)
- Re: DCOM WORM - preface sf (Aug 15)