[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] DCOM Worm/scanner/autorooter !!!

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] DCOM Worm/scanner/autorooter !!!
From: Stephen <alf1num3rik@yahoo.com>
Date: Thu, 7 Aug 2003 03:25:33 -0700 (PDT)


Hello here,

a new worm is on the wild, it uses the exploit
released by k-otik (48 targets - 
http://www.k-otik.com/exploits/07.30.dcom48.c.php)

look this shit :

/* RPC DCOM WORM v 2.2  - 
 * This code is in relation to a specific DDOS IRCD
botnet project.
 * You may edit the code, and define which ftp to
login
 * and which .exeutable file to recieve and run.
 * I use spybot, very convienent
 * -
 * So basicly script kids and brazilian children, this
is useless to you
 * 

So PATCH PATCH PATCH and block the ports 135 - 139
-445 - 593

Regards.

Stephen - Germany

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] Red Bull Worm
  - From: "Joel R. Helgeson" <joel@helgeson.com>
- Re: [Full-Disclosure] DCOM Worm/scanner/autorooter !!!
  - From: Joey <joey2cool@yahoo.com>

Prev by Date: [Full-Disclosure] buffer overflow in Indiatimes Messenger
Next by Date: Fwd: Re: [Full-Disclosure] Ankit Fadia bullshit?
Prev by thread: [Full-Disclosure] buffer overflow in Indiatimes Messenger
Next by thread: [Full-Disclosure] Red Bull Worm
Index(es):
- Date
- Thread