| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Oct 2011 10:59:31 +1100
From: GloW - XD <doomxd@...il.com>
To: Dave <mrx@...pergander.org.uk>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Wipe off, rub out, reappear...
Oh, whoever has made this .exe is NO idiot...
I can already see that for this bug to be readding itself, there must be
active servers obviously, wich would have the bots connected for command,
dumping of infos to other channels by using say
!pstore get *rover-*|grep *mars*transmission-request-FIN* -o #roverlogging
This is possible.. using just an if/else Logic system (as seen in
Forbot/phatbot, and a few underground ones like stuxnet...0
xd
On 11 October 2011 10:41, Dave <mrx@...pergander.org.uk> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 10/10/2011 23:52, xD 0x41 wrote:
> > I will say, with Botnets, and bots in general, i dont see much talented
> > people on FD...
>
> It might just be a case of those with the least talent making the most
> noise, whilst the really talented remain pretty quiet.
>
> Please discuss ;-)
>
>
> although, seems many can decrypt them, so, makes me wonder ,
> > it is a train-of-thought also, i guess this is where hat colors take
> > control.. black hats would say, go read some bot src and wake up FD,
> while
> > white hats would say, "but we can just kill it anyhow...' "oh, we
> decrypted
> > it"... etc...
> > another pintless neverneding arguement..
> >
>
>
> As for this "story" I would expect such systems to engineered and
> administered by someone with a clue even if the operators know no more than
> what buttons to press.
>
> > On 11 October 2011 07:22, Daniel Sichel <daniels@...derosatel.com>
> wrote:
> >
> >> Somebody posted the following;
> >>
> >>> I'm just curious to these questions. It's strange to hear someone
> >>> saying "we basically have no idea what's going on".****
> >>>
> >>
> >> Doesn't sound funny to me, happens to me all the time. That's how I
> >> learn.
> >>
> >> Dan S.
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEVAwUBTpOCkLIvn8UFHWSmAQKEgQf+L9Cvl2sdHvw6EFhIruKd5ZPmJ9woGolB
> LX/hdWsPKuYFGYiiPthKTs4M/m6HTEY1fSc4KRWncpgcvCQ4iNvCE2UWDSvyrvmm
> 3x0J2/OjndBoAWd4gI+QaELXiwaaWMAtTQwKQPPCzIP1DEvYDMY76Ml9ga5uO0Ew
> haoMYjQS/K+Bd6jTRDO9bzJHtKQWP+06jFr/FrX4+AtBHbSM9vqJ57JQjbo9U8H6
> Bdkoxtc8E3njPHasmO2UF96FyIE5OW42F8xpu0gi07uOwWKAreGB9UEJx0prVkwi
> BZruBLv5NunJw5wp28DkvKRfPgfRp697TYje1IuyNlgpwKX3nI2oXA==
> =SCl5
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists