[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040307194419.GE11935@sparky.finchhaven.net>
From: jsage at finchhaven.com (John Sage)
Subject: mydoom.c information
Now I'm confused...
On Sun, Mar 07, 2004 at 09:43:03AM -0800, morning_wood wrote:
> From: "morning_wood" <se_cur_ity@...mail.com>
> To: <full-disclosure@...ts.netsys.com>
> Subject: [Full-Disclosure] mydoom.c information
> Date: Sun, 7 Mar 2004 09:43:03 -0800
>
> > > bascially looking for sync-src-1.00.tbz. That message was
> > > posted to this
> >
> > avail on infected hosts
> >
> > > This is how I came to be in possession of it:
> > >
> > > nc -l -p 3127 > doomjuice.dump
> > >
> > > You will probably want to write a loop to restart netcat
> > > because it exits after a successful transfer.
> > >
>
> nc -L -p 3127 > out.txt note: " -L " will not exit your netcat, as
> it is for a persistant listener.
/* snip */
[jsage@...rky /storage/virii] $ nc -h
GNU netcat 0.7.1, a rewrite of the famous networking tool.
Basic usages:
connect to somewhere: nc [options] hostname port [port] ...
listen for inbound: nc -l -p port [options] [hostname] [port] ...
tunnel to somewhere: nc -L hostname:port -p port [options]
Mandatory arguments to long options are mandatory for short options too.
Options:
-c, --close close connection on EOF from stdin
-e, --exec=PROGRAM program to exec after connect
-g, --gateway=LIST source-routing hop point[s], up to 8
-G, --pointer=NUM source-routing pointer: 4, 8, 12, ...
-h, --help display this help and exit
-i, --interval=SECS delay interval for lines sent, ports scanned
-l, --listen listen mode, for inbound connects
-L, --tunnel=ADDRESS:PORT forward local port to remote address
/* snip */
Does persistent listener == tunnel?
- John
--
"Mad cow? You'd be mad too, if someone was trying to eat you."
Powered by blists - more mailing lists