Re: [Full-disclosure] Wipe off, rub out, reappear...



Oh, whoever has made this .exe is NO idiot...
I can already see that for this bug to be readding itself, there must be
active servers obviously, wich would have the bots connected for command,
dumping of infos to other channels by using say
!pstore get *rover-*|grep *mars*transmission-request-FIN* -o #roverlogging
This is possible.. using just an if/else Logic system (as seen in
Forbot/phatbot, and a few underground ones like stuxnet...0
xd



On 11 October 2011 10:41, Dave <mrx@xxxxxxxxxxxxxxxxxxx> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/10/2011 23:52, xD 0x41 wrote:
I will say, with Botnets, and bots in general, i dont see much talented
people on FD...

It might just be a case of those with the least talent making the most
noise, whilst the really talented remain pretty quiet.

Please discuss ;-)


although, seems many can decrypt them, so, makes me wonder ,
it is a train-of-thought also, i guess this is where hat colors take
control.. black hats would say, go read some bot src and wake up FD,
while
white hats would say, "but we can just kill it anyhow...' "oh, we
decrypted
it"... etc...
another pintless neverneding arguement..



As for this "story" I would expect such systems to engineered and
administered by someone with a clue even if the operators know no more than
what buttons to press.

On 11 October 2011 07:22, Daniel Sichel <daniels@xxxxxxxxxxxxxxxx>
wrote:

Somebody posted the following;

I'm just curious to these questions. It's strange to hear someone
saying "we basically have no idea what's going on".****


Doesn't sound funny to me, happens to me all the time. That's how I
learn.

Dan S.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBTpOCkLIvn8UFHWSmAQKEgQf+L9Cvl2sdHvw6EFhIruKd5ZPmJ9woGolB
LX/hdWsPKuYFGYiiPthKTs4M/m6HTEY1fSc4KRWncpgcvCQ4iNvCE2UWDSvyrvmm
3x0J2/OjndBoAWd4gI+QaELXiwaaWMAtTQwKQPPCzIP1DEvYDMY76Ml9ga5uO0Ew
haoMYjQS/K+Bd6jTRDO9bzJHtKQWP+06jFr/FrX4+AtBHbSM9vqJ57JQjbo9U8H6
Bdkoxtc8E3njPHasmO2UF96FyIE5OW42F8xpu0gi07uOwWKAreGB9UEJx0prVkwi
BZruBLv5NunJw5wp28DkvKRfPgfRp697TYje1IuyNlgpwKX3nI2oXA==
=SCl5
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages