[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] MsBlaster Source?

To: "Shanphen Dawa" <list@hardlined.com>, <full-disclosure@lists.netsys.com>
Subject: Re: [Full-Disclosure] MsBlaster Source?
From: "Jeremiah Cornelius" <jeremiahcornelius@hotmail.com>
Date: Fri, 29 Aug 2003 15:27:41 -0700

Subject: [Full-Disclosure] MsBlaster Source?


> Can anyone, who is obviously better at coding then I, verify the rumours
that the following link, is the source to msblaster?
>

This is Xteam's posting of a MSBlaster cleaner - I think.  I don't
read/speak Chinese of any dialect!

Xteam is the source to the immediate antecedent to the dcom.c exploit used
in MSBlaster.  This code was refined, and posted at the illmob site.

Blaster uses the exploit, but adds a transport mechanism and payload.

See my timeline post to this list and MORNING_W00D for details...

-- 
Jeremiah Cornelius, CISSP, CCNA, MCSE
farm9.com Security

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] MsBlaster Source?
  - From: Shanphen Dawa <list@hardlined.com>

Prev by Date: RE: [Full-Disclosure] Authorities eye MSBlaster suspect
Next by Date: Re: [Full-Disclosure] Authorities eye MSBlaster suspect (longreply)
Prev by thread: [Full-Disclosure] MsBlaster Source?
Next by thread: RE: [Full-Disclosure] MsBlaster Source?
Index(es):
- Date
- Thread