Exploit code posted for MS04-29 "Please Read!!!"

Networking/Security Forums -> News // Columns // Articles

Author: alt.don PostPosted: Tue Nov 02, 2004 4:18 pm    Post subject: Exploit code posted for MS04-29 "Please Read!!!"
    ----
If any of you downloaded the posted code on MS04-029 from user MaxLoad that was in the "Exploit/System Weaknesses" forum and run it you have now been trojaned. Upon execution of this code you will get a segfault. Right after that you will have a connection established to an Italian IRC server with an IP addy of 212.210.194.124:6667

If you have run this and not noticed the socket then do;
Code:

lsof -i

to see the connection. Needless to say you have more or less been owned. A good reason not to play with supposed 0 day code Very Happy Do as I did and run it on a lab box first and also read the source code!

Author: CassLocation: Scotland PostPosted: Tue Nov 02, 2004 5:50 pm    Post subject:
    ----
HI Alt.Don,

Thx for the heads up though i cant seem to find this code or indeed the author, the only reference i can find on MS04-029 in the forums is your post .... would you have a link to this ?? id be interested in a look at this "sploit"

Apologies if ive missed something somewhere .....

Cheers
Cass

Author: Tom BairLocation: Portland, Oregon USA PostPosted: Tue Nov 02, 2004 5:55 pm    Post subject:
    ----
The post has been removed from the public forum least an inexperienced user finds themselves in trouble over tinkering with it. Very Happy

PCWriter

Author: CassLocation: Scotland PostPosted: Tue Nov 02, 2004 6:27 pm    Post subject:
    ----
lol i figured as much ... thanks for the explanation ...

Cass



Networking/Security Forums -> News // Columns // Articles


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group