Security Incidents mailing list archives

Re: What "methods" are being used

From: fuska <fuska () phreaker net>
Date: Mon, 14 May 2001 20:06:07 +0200


A little more info to add about the IIS part of the attack...

The following files were created in C:\

05/07/01  05:41a                   289 default.asp
05/07/01  05:41a                   289 default.htm
05/07/01  05:41a                   289 index.asp
05/07/01  05:41a                   289 index.htm

The same files were created in C:\InetPub and every subdirectory under
C:\InetPub.

A question...  How did they automate the creation of these files in every
\InetPub subdirectory?  I can't think of a simple command line to do that.


  Take a look at these pages:

        http://www.zdnet.com/intweek/stories/news/0,4164,5082732,00.html
        http://attrition.org/security/commentary/worm01.html

Current thread:

Re: What "methods" are being used Security, Network (May 09)
- Re: What "methods" are being used Mark A Lewis (May 10)
- Re: What "methods" are being used Gregory McCann (May 10)
- <Possible follow-ups>
- Re: What "methods" are being used fuska (May 14)