Re: Exploiting a Worm

From: Paul Robertson (compuwar@gmail.com)
Date: Wed Sep 14 2005 - 18:53:07 EDT


On 9/12/05, Ian Gizak <iangizak@hotmail.com> wrote:
> I have checked the open ports and no-one seems to be the worm ftp server or
> something useful related to the worm. Some ports allow input but don't reply
> anything...
>
> Does anyone knows a way to exploit this worm to get access to the system?

Maybe it's just me, but I'd worry more about letting the client know
they have an infected and owned system on their network than trying to
figure out if I could further exploit it. Especially if it's likely
that the infection is actively being used by someone.

Paul

-- 
www.compuwar.net
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:54 EDT