Penetration Testing mailing list archives
Re: [PEN-TEST] Suspect .EXE Trojan
From: MadHat <madhat () UNSPECIFIC COM>
Date: Fri, 15 Dec 2000 12:55:51 -0800
There is also the CygWin tools, that have a fairly large number of unix tools ported to Win32. Works quite well... Yes it is hosted by redhat http://sources.redhat.com/cygwin At 08:30 AM 12/15/2000 +0000, you wrote:
Hi folks, Not just for *NIX users ;-) http://www.foundstone.com/resources/tools.html for BinHex3, or http://www.sysinternals.com/misc.htm for strings. Regards, JJ ----- Original Message ----- From: "Ben Ford" <bford () TALONTECH COM> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Friday, December 15, 2000 12:46 AM Subject: Re: Suspect .EXE Trojan > If you have access to a Linux or other unix type box, the easiest way is to run > 'strings' on the file. That will give you all the text information contained > within it and would tell you any registry keys modified or files accessed etc. [snip] ____________________________________________ http://1cis.com Free E-mail Servers with unlimited mailboxes 1st Class Internet Solutions
-- MadHat at unspecific.com
Current thread:
- Re: [PEN-TEST] Raw Disk Mounter, (continued)
- Re: [PEN-TEST] Raw Disk Mounter Brian Russo (Dec 16)
- Re: [PEN-TEST] Raw Disk Mounter Berend De Schouwer (Dec 16)
- Re: [PEN-TEST] Raw Disk Mounter Jonathan Johnson (Dec 16)
- Re: [PEN-TEST] Raw Disk Mounter c0ncept (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Mark Curphey (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Yonatan Bokovza (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Eaton, Arthur (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Ben Ford (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Nexus (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Pierre Vandevenne (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan MadHat (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Nexus (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Frank Knobbe (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Andrew Lawton (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Bob Dog (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Tomi Tuominen (Dec 19)
- Re: [PEN-TEST] Suspect .EXE Trojan Jensen, Greg (Dec 17)
- Re: [PEN-TEST] Suspect .EXE Trojan Marty Richards (Dec 18)