i got a free membership to it which i have never used since i got it..
illwillAnthony Aykut <[EMAIL PROTECTED]> wrote:
I am a paid member of astalavista.net and use it quite frequently inaddition to FD, BugTraq, etc., as it represents a gray area (though not inthe line of .box.sk).My experience is
i seen this like 2 weeks ago basically what the script does it downloads a vbs script that pulls the username of the currently logged on aim user and also that users encrypted password and feeds it back to a server-side script which logs it to some sort of text-file.. no harm done if you catch it
with simple assembly code you could send the data to a cgi script too
;-begin evil code --
.386.model flat,stdcalloption casemap:noneinclude \masm32\include\windows.incinclude \masm32\include\user32.incinclude \masm32\include\kernel32.incinclude \masm32
http://illmob.org/rpc/cleaners/dcom2.zip
kills and removes the blaster worm and the b and c variants of it. all in a pretty little package of 1.62kb (gotta love assembly)
Coded in MASM by: illwill [EMAIL PROTEC
maybe this is a way of detecting which machine is running XP as messenger is installed by default.. im not sure if its always listening on that port if the user has not signed up with msn. ill have to look into it.
-illwillJeremiah Cornelius <[EMAIL PROTECTED]> wrote:
> We're starting to see explo
1.6 kb assembly program to kill and remove the dcom worm
http://illmob.org/files/dcomkiller.zip
DETAILS:
DCOM worm killer (W32.Blaster.Worm) Aliases: W32/Lovsan.worm [McAfee], Win32.Poza [CA], Lovsan [F-Secure] WORM_MSBLAST.A [Trend], W32/Blaster-A [Sophos], W32/Blaster [
source available upon emailing me. i need to tidy up the code a bit for readability[EMAIL PROTECTED] wrote:
IW, Offering source?r1an---From w g <[EMAIL PROTECTED]>:>1.6 kb assembly program to kill and remove the dcom worm>http://illmob.org/files/dcomkiller.z
there is no exploit code attached to your message... i too have the universal offsets for win2k and xp wondering if we can match them... also i was informed from an associate by the handle of 'harq' that dcom is also bound to port 80
"Component Object Model (COM) Internet Services (CIS) introduc
or you could send a worm out on your network to use the exploit then execute
Regedit.exe /s dcom.reg
<.snip>dcom.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]"EnableDCOM"="N"
in case your wondering how to get the dcom.reg onto the computer maybe you can use
ive noticed ever since i posted to bugtraq and this list my site http://illmob.org has been under attack from ddos... lameH D Moore <[EMAIL PROTECTED]> wrote:
On Saturday 26 July 2003 07:16 pm, Chris Paget wrote:> Personally, I'm tempted to set up my firewall to NAT incoming requests> on port 135 t
DCOM RPC exploit paper7/26/03by: illwill <[EMAIL PROTECTED]>http://illmob.org/rpc/
There are 2 dcom Win32 ported versions available:Ben Lauziere [EMAIL PROTECTED] http://illmob.org/rpc/DComExpl_UnixWin32.zip"exceed" [EMAIL PROTECTED] http://illmob.org/rpc/dcom-win32.zip
for my example ill be usin
http://illmob.org/rpc/ is my current directory for newer 'as i get them' rpc tools... if anyone has anyhting to add to it please feel free to email me
-illwill
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
there is a first version compiled and ready for the kiddies on my site http://illmob.org also have eeye's RPC scanner to check for vulnerable boxes. also waiting for a newer version supposedly from xfocus that has a few fixes etc... ill let ya know
illwillmorning_wood <[EMAIL PROTECTED]> wrote:
how bout a nice warm cup of shut the fuck up matt,, your a whiney little know-it-all bitch you remind of the comic book guy on the Simpsons...just shut the fuck up and find your flaws in software and report them and dont worry how others do their jobs.. you're a load that should have been swallowed
then dont attach a sharp knife to the tray and sit close to it. also a full can of soda would be messy if it was in front of the tray and not sitting in it...anyhow just get rid of media player its big ,bulky and shitty microsoft quality..that should solve yer problem
- Original Message -
want to access the commands, YOU must have a high user level in the eyes of the bot.--- end snippy ---here we see that 0day is possible because since this is basicly a tutorial and when we read tutorials we do it because we cant find code to copy and paste (isnt that right illwill
flames cluttering our mailboxes .. Donnie Weiner <[EMAIL PROTECTED]> wrote:
Since when do lamers with no security knowledge whatsoever get permission to flame? Everybody check out http://www.illmob.org to see "w g" a.k.a. Illwill's level of "skill". If you can't be b
"'Maybe we should have 2 lists instead of 1; full-discolure andfull-disclosure-diapers'"
i wanna be on the 'full-discolure' list , me no likey diapers...
and yes some morons like yourself do install default when they dont know what the fuck they are doing ... so sit down ,shut the fuck up and quit
boo fucking hoo."[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote:
>If I go to the mailbox and get my private letter from you and I open>it and read it, drop it on the ground and walk away, that is not>against the law.In fact it is, it is negligent -- particularly if that message containsinformation th
be afraid, be very afraid.[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-Hash: SHA1On Fri, 06 Jun 2003 13:23:58 -0700 morning_wood <[EMAIL PROTECTED]>wrote:>- Original Message ->From: "Len Rose" <[EMAIL PROTECTED]>>To: <[EMAIL PROTECTED]>>Sent: Friday, June 06, 2003 9:28 AM>Subj
his housekeeping is leel?madsaxon <[EMAIL PROTECTED]> wrote:
At 01:17 PM 6/6/03 -0700, Matthew Kent wrote:>Keep on posting morning_wood, it's funny as hell :)>>Look I found his web cam! http://2x.x2.nu>>Maybe we can watch him write some 0sec in real-time!!!Hopefully his coding is more 7337 than his
boo fucking hoo.Earl Keyser <[EMAIL PROTECTED]> wrote:
Reply to: Wood - language6/5/03I, for one, am sick and tired of Wood's snotty attitude and foul mouth.Wood, if you want to be accepted and listened to, learn some good manners.This message has been scanned for viruses. ISD#284__
i put in my username and password and nothing happened...i think its broken .. i should mail microsoft and tell them about the bug"Elkhatib, Ahmad" <[EMAIL PROTECTED]> wrote:
Hello list, This is a lame attempt from someone to collect MSN passport passwords.Users on MSN Messenger have been sent this
bunch of babies stop whining and filling my box up with retarded mail if you wanna speak to anyone do not forward to everyone else , we dont care. kthnx.morning_wood <[EMAIL PROTECTED]> wrote:
- Original Message -From: "Nick FitzGerald" <[EMAIL PROTECTED]>To: <[EMAIL PROTECTED]>; <[EMAIL PR
24 matches
Mail list logo