Penetration Testing mailing list archives
Re: MyDoom
From: xyberpix <xyberpix () xyberpix com>
Date: Thu, 5 Jan 2006 21:39:54 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1If you could run a sniffer on their network and see what traffic is trying to get to what IRC server it may be offline now, so you could always set your own one up and spoof the IP ;-) Or maybe that's just me ;-)
xyberpix On 4 Jan 2006, at 11:37, Simon Edwards wrote:
-----Original Message----- From: Mohamed Abdel Kader [mailto:mak.pen () gmail com] Sent: 02 January 2006 09:59 To: pen-test () securityfocus com Subject: MyDoom Hello All,I am currently trying to penetrate a client having the mydoom virus. Anysuggestions? Does anyone have any kind of client I can use? My understanding is that Mydoom-infected hosts receive commands byconnecting to an IRC channel. I don't think you can connect directly to it. It's always possible (but not that likely) that the author of the virus has controlled your client's PC and uploaded some other Trojan, which might becontrollable by connecting directly to it. Simon.---------------------------------------------------------------------- --------Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831---------------------------------------------------------------------- ---------
Blog: http://xyberpix.blogspot.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) iD8DBQFDvZIqcRMkOnlkwMERAl8mAJ4vley5LK5QgIQc1WbDdoQF/GDNqgCfYZAe 8x4I331kOVsaEN0yGUHE1vw= =5m9i -----END PGP SIGNATURE----- ------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- MyDoom Mohamed Abdel Kader (Jan 02)
- RE: MyDoom Simon Edwards (Jan 04)
- RE: MyDoom Alan (Jan 05)
- Re: MyDoom xyberpix (Jan 05)
- Re: MyDoom Maxime Ducharme (Jan 04)
- RE: MyDoom IanC @ TracingEmails (Jan 04)
- <Possible follow-ups>
- RE: MyDoom Simon Edwards (Jan 04)
- RE: MyDoom Simon Edwards (Jan 04)