Re: Apache worm in the wild
From: Mihai (Cop) Moldovanu (mihaim@tfm.ro)Date: 06/28/02
- Previous message: Christophe Devine: "OpenBSD 3.1 sshd remote root exploit"
- In reply to: Domas Mituzas: "Apache worm in the wild"
- Next in thread: wink: "Re: Apache worm in the wild"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 28 Jun 2002 22:46:06 +0300 (EEST) From: "Mihai (Cop) Moldovanu" <mihaim@tfm.ro> To: <domas.mituzas@microlink.lt>
Domas Mituzas said:
> Hi,
>
> our honeypot systems trapped new apache worm(+trojan) in the wild. It
> traverses through the net, and installs itself on all vulnerable
> apaches it finds. No source code available yet, but I put the binaries
> into public place, and more investigation is to be done.
>
> http://dammit.lt/apache-worm/
>
> Regards,
> Domas Mituzas
>
> Central systems @ MicroLink Data
I dissasembled it. Was a good thing that executable was not stripped.
Result is here :
http://projects.tfm.ro/security/apache_worm/
I will look deeper into it tonight.
Best Regards ,
-- TFM Group . Linux Division . Mihai Moldovanu http://www.tfm.ro/ http://portal.tfm.ro/
- Previous message: Christophe Devine: "OpenBSD 3.1 sshd remote root exploit"
- In reply to: Domas Mituzas: "Apache worm in the wild"
- Next in thread: wink: "Re: Apache worm in the wild"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
