Let's see the source please.
On 3/26/08, zwell_at_sohu.com <zwell_at_sohu.com> wrote:
>
> I've just read the discussion from here, seriously, I don't know what's
> going on.
>
> I've coded it since 2005 and never release it until this year. And I
> really do not know why it be treated as a backdoor.
>
> If you think it is a backdoor, so please do a reverse engineering on it.
> You can capture the network packet, you can list all the strings in it, even
> you can hook APIs in it. Do anything you like to make sure whether it's
> backdoor or not.
>
> BTW, I packeted it through UPX to reduce the size. And some people focused
> on "http://www.nosec.org/web/index.txt", which is used in ORACLE injection
> mode when the target database is in intranet so we can use some store-procs
> to make the target to visit our website then we can receive the internet
> address that is mapped to outside. Anybody who is good at oracle injection
> should know this.
>
> Really, I wanna know why!!!
>
> < div class="w134">
>
> ------------------------------
> 2008年薪水翻倍技巧<http://doc.go.sohu.com/200802/5e1b674ab8183f3db8baba8ee4c6dd53.php>
> *用搜狗拼音写邮件,体验更流畅的中文输入>><http://goto.mail.sohu.com/goto.php3?code=mailadt-ta>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Mar 28 2008
Intro
