Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Multiple 0-days in Dark Comet RAT
From: Valdis.Kletnieks () vt edu
Date: Mon, 15 Oct 2012 14:10:16 -0400

On Sat, 13 Oct 2012 14:47:20 -0400, "Hertz, Jesse" said:

The cool thing about it is that if you are a net/sys admin, and you notice
one of your computers has been compromised, you can pwn the C+C server.

these are exploits in the C+C server, not in the installed trojan.

that's why its relevant. you can counterhack and pwn the person who pwned

Strongly recommended that you retain competent legal counsel before
actually doing so.  The legality of counterhacking is *highly* debated in
most jurisdictions.

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]