Re: [Full-Disclosure] MsBlaster Source?
From: Jeremiah Cornelius (jeremiahcornelius_at_hotmail.com)
Date: 08/30/03
- Previous message: Paul Schmehl: "Re: [Full-Disclosure] Authorities eye MSBlaster suspect (long reply)"
- In reply to: Shanphen Dawa: "[Full-Disclosure] MsBlaster Source?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Shanphen Dawa" <list@hardlined.com>, <full-disclosure@lists.netsys.com> Date: Fri, 29 Aug 2003 15:27:41 -0700
Subject: [Full-Disclosure] MsBlaster Source?
> Can anyone, who is obviously better at coding then I, verify the rumours
that the following link, is the source to msblaster?
>
This is Xteam's posting of a MSBlaster cleaner - I think. I don't
read/speak Chinese of any dialect!
Xteam is the source to the immediate antecedent to the dcom.c exploit used
in MSBlaster. This code was refined, and posted at the illmob site.
Blaster uses the exploit, but adds a transport mechanism and payload.
See my timeline post to this list and MORNING_W00D for details...
-- Jeremiah Cornelius, CISSP, CCNA, MCSE farm9.com Security _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Paul Schmehl: "Re: [Full-Disclosure] Authorities eye MSBlaster suspect (long reply)"
- In reply to: Shanphen Dawa: "[Full-Disclosure] MsBlaster Source?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
