On Mon, 3 Jan 2005 17:40:28 +0100, EmirAga <[EMAIL PROTECTED]> wrote: > lots has passed since releasing a phpbb worm by some stupid people, i will > list my oppinion about it. > > - why release a worm? not sure about newer ones, but first one did not do > anything, so, whats the point?. Worm will warn whole world about > vulnerability and most of servers will patch it, without worm it would stay > just another bug in their forum and most non will worry about it. Security > _penetators_ are loosing their jobs because of you. >
So, releasing a worm that does nothing but warn the world and getting the holes patched? I would agree this is stupid from a black-hat's point of view, but I think it's better that some kiddies exploit and expose the vuln/exploit than some organized criminals. Have you ever done something for the kick off it? The message I'm replying to now, is there a point? Except saying they are stupid? > - first worm sent a thousand requests before infection. The newer one do > 'wget' it from static http location. STUPID. Simply worm could send his self > by POST or FILE_UPLOAD method since they are not written in logs. In logs > would be written a small request that most administrators will not notice. > what's wrong with eval($_POST[x])? It is possible for the authors to replace the scripts and hence, load different payloads as time goes, it hasn't been done, but it is a possibility. I would say this is harder with self-carrying code. > - first worm wrote his self to current directory, we all know that in most > cases this will fail. Better solution would be to write to /tmp, or even > better to use upload $_FILES[worm][tmp_name]. So stupid! > > - Why didn't they removed comments and replaced their variables with smaller > ones, so worm will go faster. Agree with this one, it's not very "nice" code to look at, especially when it's in some strange foreign language. > i just hope no one will rewrite its code with newer _version_ cuz then i will > be the stupid one here. > > just wanted to say that worm writing sucks and real programmer will never > release one. > > greets I myself are fascinated by worms, but then again I'm not a real programmer. My two cents - Stian _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
