search for: cantrick

...or a "secure" tftpd. If not, I''ll probably polish mine up a bit and then start asking people for evaluations of the code. If it passes, I''ll toss it up on my web page and give it away to anyone who wants it. -Ben -- =--------- http://ucsu.colorado.edu/~cantrick/home.html -------------= *Ben Cantrick, diehard BGC otaku and Priss fan. ---> THE BGC DUBS SUCK! <---*

...#39;t know whether it's wise to release the FTP-location I would recommend everyone to just look over their daemons, and run something like nessus against theirselves... Greetings, Jan-Philip Velders ---------- Forwarded message ---------- Date: Thu, 25 Mar 1999 16:26:59 -0700 From: "Ben Cantrick (Macky Stingray)" <mackys@MACKY.RONIN.NET> To: BUGTRAQ@NETSPACE.ORG Subject: ADM Worm. Worm for Linux x86 found in wild. 1. Summary On the week of 3/7, a polite mail from a system administrator at a company in Russia tipped me off to one of our Redhat boxes portscanning one of their...

..." is public and can be found at: http://adm.isp.at/ADM/ADMw0rm-v1.tar The public version solely exploits the name server iquery bug, although it is fairly easy to make it exploit ANY remote vulnerability. (Put in BSD/Sun exploits and it wouldn't be too linux specific anymore. :&) Ben Cantrick (Macky Stingray) wrote: > How it picks the IP addresses to scan is not > presently known to me. Presumably, the "gimmieip" binary takes care > of that. Someone with more time can dissect it and post the results. True, it will start with a random IP number, then scan sequentiall...