On Wed, Nov 12, 2003 at 02:36:41PM -0500, segfault wrote: > You idiot. Just because a file is called warm-pussy.jpg, doesn't mean that > the webserver it resides on isn't going to parse it's actual content (which > is probably plaintext). Look again, I'm sure you'll be surprised. > > Contents of warm-pussy.jpg: <snip>
I edited the source to make it harmless (putty from official website instead of virus) and fixed the dependency on existence of c:\windows. For those who want to see how it works: http://lamorak.hetisw.nl/concept.jpg I tested on 3 volunteers and 1 reported a virusscanner (can't remember which one) reporting VBS/Psyme. Either test on a fast line, or allow enough time for putty to download. Greetings, Ivo van Dongen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
![Re: [Full-Disclosure] new worm - "warm-pussy.jpg".](/search?l=full-disclosure@lists.netsys.com&q=subject:%22Re%5C%3A+%5C%5BFull%5C-Disclosure%5C%5D+new+worm+%5C-+%5C%22warm%5C-pussy.jpg%5C%22.%22&o=newest){kind=link}
