At 04:00 PM 12/3/00 , you wrote:
the asp file is encrypted.. i can send it directly to anyone who would
like it..
>Can you post the code for that ASP file eeyerulez??? Im assuming that page
>is connecting to the exe file by the same name eeyehack.exe. Perhaps its
>grabbing any information posted to your CGI programs & then reporting this
>information back through the ASP page somehow.
>
>If indeed its doing something like that then there has to be some kinda link
>back to them through something. Post code for that ASP file & find out what
>that its really doing in there.
>
>
> >From: "Brian L. Wolfsohn" <[EMAIL PROTECTED]>
> >Reply-To: [EMAIL PROTECTED]
> >To: CF-Talk <[EMAIL PROTECTED]>
> >Subject: OT: Who's hacking around ???
> >Date: Sat, 02 Dec 2000 23:55:19 -0500
> >
> >i've found these suspicious looking files in one of our cgi directories.
> >
> >Has anyone heard of these ?? can you point me to any resources for checking
> >on them ??
> >
> >
> >eeyerulez.asp
> >logfilename
> >sysmng.exe
> >sensepost.exe
> >eeyehack.exe
> >
> >
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
