Hi, I posted earlier asking for help finding this tool but someone has already sent me an earlier version that seems to work. As soon as I am done with immediate concerns I will reverse the protocol and write an open source client for this thing. Apparently the kuang2 virus/trojan infects exe files as a virus, but also binds tcp port 17300 listening for remote control/update information without authentication. I have seen first hand that Korea has a pandemic situation with this, and have tens of thousands of infected systems that attackers are actively using as a part of irc-controlled bot nets. thanks, jqp __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri Jun 06 2003 - 12:17:52 PDT