On Mon, 24 Nov 2003, Dan wrote: ; Hi, ; Our Snort picked up an interesting attempt to download, compile and execute. ; Noting also the fact that the sub dir its attempting to access has not been ; there for over 4 months(/logjam/)? ; ; Has anyone actually seen what this fedor.c is? I have done some google'ing but ; it comes up blank.
It's simply a bindshell with allocates tty for each session. Bindshell is a program which binds to tcp port, and listen for incoming connections. If one will connect to port defined within this bindshell program, (root) shell will be spawned. Check this out -> http://hysteria.sk/sd/f/junk/bindshell/ -- ..... Robert Jaroszuk - [EMAIL PROTECTED],pl - [ IQ PL Sp. z o.o. ] ..... GCS/IT/O d? s: a-- C++ ULB++++$ P+ L++++$ E--- W- N+ w-- O- M- V- PS+ PE Y(+) PGP-(+++) t-- 5? X- R* tv-- DI++ b++>+++ DI- D- ... The superior warrior wins without fighting -- Sun Tzu. ... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
