|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: phpBB Worm
From: Chris Ess (securityfocus
cae.tokimi.net)
Date: Fri Dec 24 2004 - 22:49:47 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> eval{
> while(my a = getpwent()) { push(dirs, $a[7]);}
> };
>
> push(dirs, '/ ');
[...]
> Additionally, on Windows the worm would affect files on a single disk.
In generation 9 of the worm, there is the following code after what you
include:
for my $l ('A' .. 'Z') {
push(dirs, $l . ':');
}
What I get out of this is that the worm should try iterating down every
available drive on a Windows server. I haven't tested this on a Windows
machine running ActivePerl yet though.
Sincerely,
Chris Ess
System Administrator / CDTT (Certified Duct Tape Technician)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]