To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
another one, looks like my old italian friends. does anybody know
more how to grab more info from this adapted irc server type?
ISP not notified yet.
cheers
andrej
2c35e69b94c8070fb0e21cc21211c001 danger.exe
# norman.com output
[ Network services ]
* Looks for an Internet connection.
* Connects to "213.202.240.46" on port 6667 (TCP).
* Connects to IRC server.
* IRC: Uses nickname [???]|803400.
* IRC: Uses username ezkieyac.
* IRC: Joins channel ##|-_-|## with password FiGoZZa.
* IRC: Sets the usermode for user [???]|803400 to -x.
[ Security issues ]
* Possible backdoor functionality [Authenticate] port 113.
# join the fun
telnet 213.202.240.46 6667
Trying 213.202.240.46...
Connected to 213.202.240.46.unitedcolo.de.
Escape character is '^]'.
:Hub.PrivateNetwork.z NOTICE AUTH :*** Looking up your hostname...
:Hub.PrivateNetwork.z NOTICE AUTH :*** Found your hostname
user ezkieyac dummy dummy dummy
nick Z
:Hub.PrivateNetwork.z 001 Z :Welcome to the PrivateNetwork.z IRC
Network [EMAIL PROTECTED]
:Hub.PrivateNetwork.z 002 Z :Your host is Hub.PrivateNetwork.z,
running version Unreal3.2.3
:Hub.PrivateNetwork.z 003 Z :This server was created Thu Feb 16 2006
at 21:05:39 CET
:Hub.PrivateNetwork.z 004 Z Hub.PrivateNetwork.z Unreal3.2.3
iowghraAsORTVSxNCWqBzvdHtGp lvhopsmntikrRcaqOALQbSeIKVfMCuzNTGj
:Hub.PrivateNetwork.z 005 Z SAFELIST HCN MAXCHANNELS=10 CHANLIMIT=#:
10 MAXLIST=b:60,e:60,I:60 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307
KICKLEN=307 AWAYLEN=307 MAXTARGETS=20 WALLCHOPS WATCH=128 :are
supported by this server
:Hub.PrivateNetwork.z 005 Z SILENCE=15 MODES=12 CHANTYPES=# PREFIX=
(qaohv)~&@%+ CHANMODES=beI,kfL,lj,psmntirRcOAQKVGCuzNSMTG
NETWORK=PrivateNetwork.z CASEMAPPING=ascii EXTBAN=~,cqnr ELIST=MNUCT
STATUSMSG=~&@%+ EXCEPTS INVEX CMDS=KNOCK,MAP,DCCALLOW,USERIP :are
supported by this server
:Hub.PrivateNetwork.z 251 Z :There are 1 users and 108 invisible on 1
servers
:Hub.PrivateNetwork.z 252 Z 2 :operator(s) online
:Hub.PrivateNetwork.z 253 Z 1 :unknown connection(s)
:Hub.PrivateNetwork.z 254 Z 8 :channels formed
:Hub.PrivateNetwork.z 255 Z :I have 109 clients and 0 servers
:Hub.PrivateNetwork.z 265 Z :Current Local Users: 109 Max: 185
:Hub.PrivateNetwork.z 266 Z :Current Global Users: 109 Max: 185
:Hub.PrivateNetwork.z 422 Z :MOTD File is missing
:Z MODE Z :+iwx
join ##|-_-|## FiGoZZa
:[EMAIL PROTECTED] JOIN :##|-_-|##
:Hub.PrivateNetwork.z 332 Z ##|-_-|## :.advscan dcom135 400 5 0 -r -a
:Hub.PrivateNetwork.z 333 Z ##|-_-|## lol 1141801565
:Hub.PrivateNetwork.z 353 Z @ ##|-_-|## :Z @lol
:Hub.PrivateNetwork.z 366 Z ##|-_-|## :End of /NAMES list.
mode Z -x
:Z MODE Z :-x
whois *
:Hub.PrivateNetwork.z 318 Z * :End of /WHOIS list.
names
:Hub.PrivateNetwork.z 366 Z * :End of /NAMES list.
list *
:Hub.PrivateNetwork.z 321 Z Channel :Users Name
:Hub.PrivateNetwork.z 322 Z ##|-_-|## 16 :[+smntQuT] .advscan dcom135
400 5 0 -r -a
:Hub.PrivateNetwork.z 323 Z :End of /LIST
_______________________________________________
botnets mailing list
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
