| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: Writing a worm |
From: "Geo." I can't find write-ups on any recent worms, seems the details don't get posted to the AV sites anymore for some odd reason. However if you want to see for yourself, install NT4 or W2K on a box, don't patch it, and stick it on a routable IP for an hour or two. I guarantee you will have all the proof you need. The ones you hear about that run native code, infect in 3 stages, via an initial overflow, write a script to disk, then execute it to download the native code. The worm part, the thing that's running after the machine is infected is native exe but the scripts are left on the disk so you can see how it launched. I did post the script from this worm earlier in the thread http://labs.itweek.co.uk/2006/08/nt4_worm_warnin.html Geo. "Rich" wrote in message news:45d3e83b$1{at}w3.nls.net... Can you name some? The ones I remember hearing about lately are native code. I'm not counting the "worms" that aren't worms that require users to click on a link or file in some IM program. Or do you think that malware that requires user interaction can be rightfully called a worm? Rich --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 5030/786 @PATH: 379/45 1 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.