Re: rooted by blowkit

["Jay D. Dyson" <jdyson () treachery net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 26 Jun 2003 raul_aldaz () hotmail com wrote:

> One of our machines has been rooted using this kit thru one well-know
> apache vulnerability.

        Which one?  There's more than one "well-known" vulnerability and
(last time I looked) there was Apache v1.x and Apache v2.x.  More info
would be a Good Thing(tm).

> I haven't found nothing specific about this kit, but a after simple
> analysis is clear that it's very similar to evilkit. Anybody out there
> interesed on it?

        Nah...most of us just use the Incidents list to talk like manly
men about girly girls.

        ...OF COURSE we're interested in it!  ;)  Details, please.
Thanks.

- -Jay

   (    (                                                        _______
   ))   ))   .-"There's always time for a good cup of coffee"-.   >====<--.
 C|~~|C|~~| (>----- Jay D. Dyson -- jdyson () treachery net -----<) |    = |-'
  `--' `--'  `Red meat isn't bad for you, fuzzy green meat is.'  `------'

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iD8DBQE+/SUcNlg1oZSC9mkRAk4+AKCBeKYZUmA5/K0AaSdjNRcHV9P0ggCfQXOv
4K2jHgS02m8ALrSfxg8Evgk=
=xpfR
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the 
world's premier technical IT security event! 10 tracks, 15 training sessions, 
1,800 delegates from 30 nations including all of the top experts, from CSO's to 
"underground" security specialists.  See for yourself what the buzz is about!  
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
----------------------------------------------------------------------------