i asked the guy for the exploit, ran it. and it seems to fork in
background and afterwards it starts flooding with UDP packets
161.69.3.150 ;P not nice, not nice at all
On Thu, 2002-07-25 at 04:05, ilker güvercin wrote:
>
>
> I found a tool on my compramised machine called
> bind9 and the source code is still there.
> its made by team teso bind9 Exploit by by scut of
> teso [http://teso.scene.at/]...
> Usage: ./bind remote_addr domainname target_id
> Targets:
> 0 - Linux RedHat 6.0 (9.2.x)
> 1 - Linux RedHat 6.2 (9.2.x)
> 2 - Linux RedHat 7.2 (9.2.x)
> 3 - Linux Slackware 8.0 (9.2.x)
> 4 - Linux Debian (all) (9.2.x)
> 5 - FreeBSD 3.4 (8.2.x)
> 6 - FreeBSD 3.5 (8.2.x)
> 7 - FreeBSD 4.x (8.2.x)
>
> Example usage:
> $ host -t ns domain.com
> domain.com name server dns1.domain.com
> $ ./bind9 dns1.domain.com domain.com 0
> [..expl output..]
> I didnt test it; its workin or not.
> Anybody have knowlegde about this.Sorry for my
> poor english:)
> if anyone wanna test it I can send the source code.
> holylinuxmail.org
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com

--
Jay
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]