To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- "Carder" is probably just a typical mass-rooter script, modify the code to look for specific vulnerability "X" and if found deliver the exploit "Y" to the host. Most payloads contain multiple items, backdoors, bots and rootkits are common.
Searching Google for the phrase "shopping cart exploit" returned 1,070,000 hits, many of which contain code. The vulnerability is in the application itself and doesnt really involve any magic on the part of the script, the script just makes it easier to use. On 3/20/06, Dyann Bradbury <[EMAIL PROTECTED]> wrote: > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > ---------- > Folks, > > Has anyone seen this? I am curious how "Carder" works, what exploits it > is looking for, what e-commerce shopping cart applications is it > targeting, etc.? > > > Brazen Botnets Steal From E-Shopping Carts > http://update.internetweek.cmp.com/cgi-bin4/DM/y/eu8S0HJOkm0G4X0EMxn0Et > In a bold crime wave that's almost enough to make you think twice about > spending money online, two large botnets that control 150,000 > compromised computers are hacking into users' online shopping carts. > > One, dubbed "Carder," is a customizable Perl > <http://www.techweb.com/encyclopedia/defineterm.jhtml?term=Perl&x=&y=> > script designed to sniff out exploits in several e-commerce > <http://www.techweb.com/encyclopedia/defineterm.jhtml?term=e-commerce&x= > &y=> shopping cart applications. > > Best regards, > Dyann > > > _______________________________________________ > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > All list and server information are public and available to law enforcement > upon request. > http://www.whitestar.linuxbox.org/mailman/listinfo/botnets > _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
