Re: [Full-Disclosure] Red Bull Worm

Thu, 07 Aug 2003 13:13:12 -0700 

 targets[] =
 {
  { "[Win2k-Universal]", 0x0018759F },
  { "[WinXP-Universal]", 0x0100139d },
}, v;




http://packetstorm.linuxsecurity.com/filedesc/oc192-dcom.c.html
-KF


Adam wrote: 
FYI - k-otik released a universal exploit that doesn't need 48 different
offsets.  It uses 2. One for win2k and one for XP. ( In case noone noticed )



Adam Richards
Network Administrator
WorldNet Communications, Inc.
318-213-9827 / Fax 318-213-8534
World Class Technology, Hometown Service


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Joel R.
Helgeson
Sent: Thursday, August 07, 2003 10:54 AM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Red Bull Worm


Lets see, the last big worm to exploit windows was named Code Red after the
Mountain Dew Code Red was brought to market.  Being that this worm is much
more effective than Code Red ever was, I say worm should be named Red Bull
as it is sure to exhibit much more energy than the Code Red worm.

---- Original Message -----
From: "Stephen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 07, 2003 5:25 AM
Subject: [Full-Disclosure] DCOM Worm/scanner/autorooter !!!



Hello here,

a new worm is on the wild, it uses the exploit
released by k-otik (48 targets -
http://www.k-otik.com/exploits/07.30.dcom48.c.php)

look this shit :

/* RPC DCOM WORM v 2.2  -
* This code is in relation to a specific DDOS IRCD
botnet project.
* You may edit the code, and define which ftp to
login
* and which .exeutable file to recieve and run.
* I use spybot, very convienent
* -
* So basicly script kids and brazilian children, this
is useless to you
*

So PATCH PATCH PATCH and block the ports 135 - 139
-445 - 593

Regards.

Stephen - Germany

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Reply via email to