mailing list archives
Re: Botnet using Plesk vulnerability and takedown
From: kai <kai () rhynn net>
Date: Mon, 10 Jun 2013 02:19:31 +0700
my action supposed to be a counter-measure agains bad guys who could
register that domain and host some bad code there. you know that kind of
social engineering, right?
- post some fake or real advisory on popular security forum/maillist
- give a link to the "patch"
- get a lot of roots
i think it will be better to have that link offline - some guys will
blindly run your code, then they will find out that it doesn't work and
they will get enlightened by reading the code and realizing that they must
change the link themselves.
On Sat, 08 Jun 2013 23:50:15 +0700, <jtagtgc () tormail org> wrote:
We put that domain in as example, obviously we not disclose our real
domain. On that domain is the clean.pl script, obvious enough.
Also, thanks to person who register domain, you now have badass domain
name. Perhaps host the clean.pl as final_solution.txt in webroot?
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/