Isn't there a variant of THC-Hydra that does this? Brute forcer not malware but if its code has it then others might.
James Cupps Information Security Officer -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, June 18, 2004 3:17 PM To: Larry Seltzer Cc: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Spam Solution On Fri, 18 Jun 2004 07:31:26 EDT, Larry Seltzer <[EMAIL PROTECTED]> said: > SMTP AUTH cracking and using the ISP account? Not that it can't and won't be done, but > I'm aware of no actual examples. Could you cite one please? There's at least one piece of malware out there that tries to use the default passwords for a number of accounts on an Outlook server to gain access to use it as a spam relay. The name escapes me, but a few minutes of googling should find it... This message may contain information which is private, privileged or confidential and is intended solely for the use of the individual or entity named in the message. If you are not the intended recipient of this message, please notify the sender thereof and destroy / delete the message. Neither the sender nor Sappi Limited (including its subsidiaries and associated companies) shall incur any liability resulting directly or indirectly from accessing any of the attached files which may contain a virus or the like. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
