ROTECTED]>
Sent: Wednesday, August 13, 2003 6:57 AM
Subject: RE: [Full-Disclosure] smarter dcom worm
> I agree with Justin. You would think that by now someone would write a
> random address generator that would solve the obvious timing problems that
> Most worms seem to suffer from.
3 6:51 PM
To: Justin Shin; [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] smarter dcom worm
You are correct in that "this worm sucks" but I think you could more
eloquently put it as "this is probably the biggest pile of shit glued
together crap ass excuse for a worm" that I
RE: [Full-Disclosure] smarter dcom worm
You are correct in that "this worm sucks" but I think you could more
eloquently put it as "this is probably the biggest pile of shit glued
together crap ass excuse for a worm" that I've ever seen. >:-] That is NOT
to say it is not b
You are correct in that "this worm sucks" but I think you could more
eloquently put it as "this is probably the biggest pile of shit glued
together crap ass excuse for a worm" that I've ever seen. >:-] That is NOT
to say it is not being affective and damaging though. It is definitely a bad
one.
I
I agree with Justin. You would think that by now someone would write a
random address generator that would solve the obvious timing problems that
Most worms seem to suffer from. I was thinking more along the lines of
Generating a random IP but on the first 3 octets and going through the
Entire cl
Maybe even some polymorphic code and PE injection.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of SPAM
Sent: Wednesday, August 13, 2003 12:56 AM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] smarter dcom worm
imho netbios and tftp are good enough
On Tuesday 12 August 2003 04:51 pm, Marc Maiffret wrote:
> You are correct in that "this worm sucks" but I think you could more
> eloquently put it as "this is probably the biggest pile of shit glued
> together crap ass excuse for a worm" that I've ever seen. >:-] That is NOT
> to say it is not be
TED] On Behalf Of Marc Maiffret
> Sent: Tuesday, August 12, 2003 7:51 PM
> To: Justin Shin; [EMAIL PROTECTED]
> Subject: RE: [Full-Disclosure] smarter dcom worm
>
> You are correct in that "this worm sucks" but I think you could more
> eloquently put it as "this is
...or AV/Firewall killing.
msblast is very sloppy. The fact that it uses the old code that reboots the computer ruined their hopes of spreading undetected. Now if you are unpatched, chances are(random IP generating taken into account), your computer will reboot at least once a day or more. Some pe
On Wednesday 13 August 2003 02:08 pm, Joey wrote:
> Since the exploit
> was released for the most "important" service in windows that supposedly
> makes windows impossible to run if you disable it, I think microsoft has no
> credibility to say their OSs are secure or "most secure version of wind
On Tue, Aug 12, 2003 at 06:31:31PM -0400, Justin Shin wrote:
> note -- im not trying to encourage this stuff, i am just pointing out some key flaws
> in this worm. the next one may have all of these features and much more, because I
> am not a very creative guy.
Yes, this worm is rather stupid
11 matches
Mail list logo