Security Incidents mailing list archives
Phishing e-mail with hidden crap?
From: "Nicolas villatte" <Nicolas.Villatte () chello be>
Date: Fri, 17 Aug 2007 08:48:13 +0200
http://archive.ncsa.uiuc.edu/lists/vmi-bug/may07/msg00126.html At the end you see in white on white color the following: =========================================================================== cvs: 0x7457, 0x5, 0x8758, 0x9019, 0x7, 0x697, 0x17916501, 0x949, 0x80, 0x030, 0x598, 0x97266747 NCE TP6 X81P RH2E exe SG0 include V8PW root api: 0x17, 0x2879 JN9: 0x50270054, 0x28850104, 0x316, 0x935, 0x01339377, 0x64, 0x0, 0x1658, 0x26765770, 0x091, 0x162 BB4B: 0x9, 0x04, 0x1745, 0x0, 0x9597, 0x33, 0x25692116, 0x58826863, 0x536, 0x9200, 0x8236, 0x1759 EXJ: 0x1, 0x343, 0x88, 0x4917, 0x33, 0x84363121, 0x2 0x502, 0x6163, 0x460, 0x783, 0x6, 0x7, 0x805, 0x94, 0x343, 0x2, 0x2, 0x85653112 0x671, 0x5, 0x67064212, 0x3, 0x01452899, 0x9, 0x6, 0x4, 0x6, 0x9835, 0x94660375, 0x9 0x3181, 0x97, 0x7700 0x61 0x29 0x04, 0x55, 0x6412, 0x9, 0x921, 0x73133834, 0x17, 0x3, 0x08, 0x6 P37. engine: 0x4 0x11053531, 0x0, 0x9, 0x1, 0x5, 0x62, 0x662 function cvs IQ0 SCQ KSU end NXZJ IPQ. cvs: 0x38, 0x22230904 0x6517, 0x8056, 0x3, 0x! 65, 0x37425646, 0x53, 0x420, 0x47863400, 0x0562, 0x6, 0x952 0x2008, 0x82331620, 0x1484, 0x4036, 0x18171004, 0x41, 0x35, 0x3204, 0x821, 0x39538782 B3U5: 0x267 19K: 0x38438621, 0x3969, 0x90 stack: 0x098, 0x47833820, 0x1, 0x5, 0x53, 0x0931, 0x3415, 0x40, 0x1, 0x35, 0x24692917, 0x700 0x1122, 0x3, 0x1, 0x91689386, 0x8, 0x6056, 0x75, 0x05, 0x67808953, 0x67 update.0x33, 0x24, 0x3, 0x98, 0x2 start: 0x048, 0x5, 0x9, 0x95465686, 0x8, 0x0043, 0x25220247, 0x0004, 0x4524, 0x435, 0x9, 0x386, 0x3, 0x92, 0x0 0x5573, 0x48, 0x3657, 0x861, 0x6, 0x2, 0x48 BT6, 3A6. 0x6591, 0x219, 0x683, 0x36, 0x334, 0x51294373 I was wondering what it could be. Seeing strings like "cvs:" and "function cvs", it could be just crap added to bypass filtering, but then this crap would probably be generated in some special way to get intelligible strings. Anyone got any clue? Thanks, Nicolas. ------------------------------------------------------------------------- This list sponsored by: SPI Dynamics ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems! Firewalls and IDS will not stop such attacks because SQL Injections are NOT seen as intruders. Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8E --------------------------------------------------------------------------
Current thread:
- Phishing e-mail with hidden crap? Nicolas villatte (Aug 17)
- <Possible follow-ups>
- Re: Phishing e-mail with hidden crap? stremovsky (Aug 20)