Re: [Full-Disclosure] MyDoom download info

• Previous message: Brendan Gregg: "[Full-Disclosure] Chaosreader: X11 and VNC playback"
• In reply to: first last: "RE: [Full-Disclosure] MyDoom download info"
• Next in thread: first last: "RE: [Full-Disclosure] MyDoom download info"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <full-disclosure@lists.netsys.com>
Date: Sat, 31 Jan 2004 14:39:07 +0530

I think Daniel E. Spisak is quite right ....
why would anyone post a virus/backdoor creation of hiw
own....................?????????????
Also if he wanted......he would have disributed in Executable form.......not
the xipped one.....right.
----- Original Message -----
From: "first last" <randnut@hotmail.com>
To: <full-disclosure@lists.netsys.com>
Sent: Saturday, January 31, 2004 5:58 AM
Subject: RE: [Full-Disclosure] MyDoom download info

> > > to successfully unpack the program. All they really needed to
> > > do was dump it from memory while it was running and they could've
> >analyzed
> > > it immediately with any disassembler.
> >
> >Forgive me, I am no assembly hacker nor much of a programmer,
> >but would it be possible for a program to 'react' in some way
> >were one to try to dump it from memory?
>
> The program would have to use a device driver to protect itself from not
> being dumped from memory to disk. But there are ways around that as well.
>
> _________________________________________________________________
> Get a FREE online virus check for your PC here, from McAfee.
> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Brendan Gregg: "[Full-Disclosure] Chaosreader: X11 and VNC playback"
• In reply to: first last: "RE: [Full-Disclosure] MyDoom download info"
• Next in thread: first last: "RE: [Full-Disclosure] MyDoom download info"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: [Full-Disclosure] Culprit Bio: Perfect Storm Averted or Just Ahead? ... One, they are a Forth programmer, old school. ... Subject: [Full-Disclosure] Mydoom: Perfect Storm Averted or Just Ahead? ... Charter: http://lists.netsys.com/full-disclosure-charter.html ... (Full-Disclosure) Re: [Full-Disclosure] Erasing a hard disk easily ... This was the most usefull thread I on full-disclosure I have read this year. ... booting knoppix on a box with framebuffer for video requires something like ... equals memory - memory dedicated to video. ... (Full-Disclosure) Re: [Full-disclosure] Grab a myspace credential ... Full-Disclosure - We believe in it. ... Hosted and sponsored by Secunia - http://secunia.com/ ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... I am a programmer by day, ... (Full-Disclosure) Re: [Full-disclosure] Firefox fun ... memory for reliability reasons. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ... (Full-Disclosure) Re: [Full-disclosure] PWCK Overflow POC Code Redhat/Suse older versions or something (maybe later to ... It may or may not be fake, but you are an *astonishingly* lame C programmer: ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... (Full-Disclosure)