lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: cheekypeople at sec33.com (Lee)
Subject: Unpacking Sasser

As a side note I use Vmware workstation and GSX server edition to create
enviroments that can be trashed and re-used at will, just wanted to add
another secure way of testing malware etc...

Regards

Lee @ STS
http://www.seethrusec.co.uk
Building Knowledge and Security..
----- Original Message ----- 
From: "-" <dsx_news@....de>
To: <full-disclosure@...ts.netsys.com>
Sent: Sunday, May 02, 2004 6:47 PM
Subject: Re: [Full-Disclosure] Unpacking Sasser


> I would like a copy fom Sasser, too.
>
> Thanks a lot....
>
> Greets fom Germany...
>
>
> >>Stupidly I was infected with Sasser last night and whilst trying to
identify
> >>the program I found that the code was packed and I could find no way of
> >>idenifying the packer from the EXE (avserve.exe produced no relevant
hits on
> >>Google). Could anyone tell me what unpacker to use to analyse the code?
And
> >>how was this determined?
> >>
> >>Cheers in Advance.
> >>
> >>Tom
> >>
> >>P.S: If anyone would like a copy of the file to look at, feel free to
ask.
> >>
> >>P.S.S: This is my first post, go easy. ;)
> >>
> >>_________________________________________________________________
> >>FREE pop-up blocking with the new MSN Toolbar  get it now!
> >>http://toolbar.msn.com/go/onm00200415ave/direct/01/
> >>
> >>_______________________________________________
> >>Full-Disclosure - We believe in it.
> >>Charter: http://lists.netsys.com/full-disclosure-charter.html
> >>
> >>
> >
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ