lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20031113080013.GA31650@camelot.hetisw.nl>
From: vdongen at hetisw.nl (I.R. van Dongen)
Subject: new worm - "warm-pussy.jpg".

On Wed, Nov 12, 2003 at 02:36:41PM -0500, segfault wrote:
> You idiot.  Just because a file is called warm-pussy.jpg, doesn't mean that
> the webserver it resides on isn't going to parse it's actual content (which
> is probably plaintext).  Look again, I'm sure you'll be surprised.
> 
> Contents of warm-pussy.jpg:
<snip>

I edited the source to make it harmless (putty from official website
instead of virus) and fixed the dependency on existence of c:\windows.

For those who want to see how it works:
http://lamorak.hetisw.nl/concept.jpg

I tested on 3 volunteers and 1 reported a virusscanner (can't remember
which one) reporting VBS/Psyme.

Either test on a fast line, or allow enough time for putty to download.

Greetings,

Ivo van Dongen

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ