lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.58L1.0412242347410.2658@ryoko.tokimi.net>
Date: Fri, 24 Dec 2004 23:49:47 -0500 (EST)
From: Chris Ess <securityfocus@....tokimi.net>
To: Ofer Shezaf <Ofer.Shezaf@...ach.com>
Cc: bugtraq@...urityfocus.com
Subject: RE: phpBB Worm


> 	eval{
> 		while(my @a = getpwent()) { push(@dirs, $a[7]);}
> 	};
>
> 	push(@dirs, '/ ');

[...]

> Additionally, on Windows the worm would affect files on a single disk.

In generation 9 of the worm, there is the following code after what you
include:

        for my $l ('A' .. 'Z') {
                push(@dirs, $l . ':');
        }

What I get out of this is that the worm should try iterating down every
available drive on a Windows server.  I haven't tested this on a Windows
machine running ActivePerl yet though.

Sincerely,


Chris Ess
System Administrator / CDTT (Certified Duct Tape Technician)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ