Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Multiple 0-days in Dark Comet RAT
From: "Hertz, Jesse" <jesse_hertz () brown edu>
Date: Sat, 13 Oct 2012 14:47:20 -0400

The cool thing about it is that if you are a net/sys admin, and you notice
one of your computers has been compromised, you can pwn the C+C server.

these are exploits in the C+C server, not in the installed trojan.

that's why its relevant. you can counterhack and pwn the person who pwned
you.


and thats fucking awesome

On Thu, Oct 11, 2012 at 12:04 PM, Julius Kivimäki <julius.kivimaki () gmail com
wrote:

In fact, it's not a vulnerability in malware. It's a vulnerability in a
tool used to control computers infected by malicious software. But I can't
see that being relevant at all.

2012/10/11 <Valdis.Kletnieks () vt edu>

 On Wed, 10 Oct 2012 23:25:50 +0200, Pascal Ernster said:

I suppose it turns into a 0 day when you post it on this mailing list
and happen to be in the mood to put the vendor's marketing division on
BCC.

-1 day could be when you ask a friend to check your mail to this ML for
major grammar errors before you post it.

All this ranting about the meaning of a 0-day - and not one person has
mentioned the fact that the vulnerability is in *malware*??!?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault