|
Full Disclosure
mailing list archives
RE: Red Bull Worm
From: "Adam" <rabbit () wnonline net>
Date: Thu, 7 Aug 2003 12:38:38 -0500
FYI - k-otik released a universal exploit that doesn't need 48 different
offsets. It uses 2. One for win2k and one for XP. ( In case noone noticed )
Adam Richards
Network Administrator
WorldNet Communications, Inc.
318-213-9827 / Fax 318-213-8534
World Class Technology, Hometown Service
-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of Joel R.
Helgeson
Sent: Thursday, August 07, 2003 10:54 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Red Bull Worm
Lets see, the last big worm to exploit windows was named Code Red after the
Mountain Dew Code Red was brought to market. Being that this worm is much
more effective than Code Red ever was, I say worm should be named Red Bull
as it is sure to exhibit much more energy than the Code Red worm.
---- Original Message -----
From: "Stephen" <alf1num3rik () yahoo com>
To: <full-disclosure () lists netsys com>
Sent: Thursday, August 07, 2003 5:25 AM
Subject: [Full-disclosure] DCOM Worm/scanner/autorooter !!!
Hello here,
a new worm is on the wild, it uses the exploit
released by k-otik (48 targets -
http://www.k-otik.com/exploits/07.30.dcom48.c.php)
look this shit :
/* RPC DCOM WORM v 2.2 -
* This code is in relation to a specific DDOS IRCD
botnet project.
* You may edit the code, and define which ftp to
login
* and which .exeutable file to recieve and run.
* I use spybot, very convienent
* -
* So basicly script kids and brazilian children, this
is useless to you
*
So PATCH PATCH PATCH and block the ports 135 - 139
-445 - 593
Regards.
Stephen - Germany
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
- RE: Red Bull Worm, (continued)
- RE: Red Bull Worm Adam (Aug 07)
Re: DCOM Worm/scanner/autorooter !!! Joey (Aug 07)
Re: DCOM Worm/scanner/autorooter !!! roman . kunz (Aug 08)
|
Intro
