Penetration Testing mailing list archives
Re: Exploiting a Worm
From: Paul Robertson <compuwar () gmail com>
Date: Wed, 14 Sep 2005 18:53:07 -0400
On 9/12/05, Ian Gizak <iangizak () hotmail com> wrote:
I have checked the open ports and no-one seems to be the worm ftp server or something useful related to the worm. Some ports allow input but don't reply anything... Does anyone knows a way to exploit this worm to get access to the system?
Maybe it's just me, but I'd worry more about letting the client know they have an infected and owned system on their network than trying to figure out if I could further exploit it. Especially if it's likely that the infection is actively being used by someone. Paul -- www.compuwar.net ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Exploiting a Worm Ian Gizak (Sep 14)
- Re: Exploiting a Worm Paul Robertson (Sep 15)
- Re: Exploiting a Worm Craig Holmes (Sep 15)
- Re: Exploiting a Worm Marco Monicelli (Sep 15)
- <Possible follow-ups>
- Exploiting a Worm Ian Gizak (Sep 14)
- RE: [Full-disclosure] Exploiting a Worm Aditya Deshmukh (Sep 14)
- Re: [Full-disclosure] Exploiting a Worm Dave Dittrich (Sep 14)
- Re: [Full-disclosure] Exploiting a Worm Karma (Sep 14)
- RE: Exploiting a Worm Drage, Nick (Sep 16)