lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: list at hardlined.com (Shanphen Dawa)
Subject: rpc/dcom -- de ja vu?

.bat files!! must be dat hax0r morning_w00d

On Sun, 3 Aug 2003 02:28:51 -0400
"Justin Shin" <zorkshin@...pabay.rr.com> wrote:

> hi guys
> 
> Anyone recognize this directory listing (my guess is next to the name)
> 
> tftpd32.exe   < trivial ftp daemon
> rpc.exe   < ?
> r_server.exe   < radmin server
> raddrv.dll    < include dll for radmin
> AdmDll.dll    < include dll for radmin
> rad.bat     < 1337 h4x0r b47ch file
> rpc.bat     < another 1337 h4x0r b47ch file
> cygwin1.dll    < duh
> DCOM32.exe    < exploit
> NC.exe     < netcat
> 
> I first saw this on my friend's computer ... I assumed it was justa guy with some spare time screwing around ... however, I have observed this on one of my client's computers as well.
> 
> -- Justin
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 


-- 
/*
"To avoid all evil, to cultivate good, 
and to cleanse one's mind  
this is the teaching of the Buddhas."

Martin Ekendahl
http://www.hardlined.com
martin@...dlined.com
*/

Powered by blists - more mailing lists