| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: puneet at tunmail.com (Puneet Arora) Subject: MyDoom download info I think Daniel E. Spisak is quite right .... why would anyone post a virus/backdoor creation of hiw own....................????????????? Also if he wanted......he would have disributed in Executable form.......not the xipped one.....right. ----- Original Message ----- From: "first last" <randnut@...mail.com> To: <full-disclosure@...ts.netsys.com> Sent: Saturday, January 31, 2004 5:58 AM Subject: RE: [Full-Disclosure] MyDoom download info > > > to successfully unpack the program. All they really needed to > > > do was dump it from memory while it was running and they could've > >analyzed > > > it immediately with any disassembler. > > > >Forgive me, I am no assembly hacker nor much of a programmer, > >but would it be possible for a program to 'react' in some way > >were one to try to dump it from memory? > > The program would have to use a device driver to protect itself from not > being dumped from memory to disk. But there are ways around that as well. > > _________________________________________________________________ > Get a FREE online virus check for your PC here, from McAfee. > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > >
Powered by blists - more mailing lists