root.exe scanner

From: w1re p4ir (w1rep4irat_private)
Date: Tue Aug 07 2001 - 20:03:04 PDT

  • Next message: Jason Haar: "Re: CR II - winME? confirmation? (Slightly OT)"

    I also sent this message to incidents so sorry if you get it twice like I will ;). After seeing many posts on this "root.exe" backdoor, and encountering
    it 3 times in the field I decided to write a script that scans from startip to
    endip looking for root.exe in msadc/ and scripts/. It's not blazing fast but it
    definitely gets the job done. Feel free to modify it as you see fit. Just email
    me your modifications so i can see how you improved it and keep my name on it.
    Enjoy,
    
    
    
    ________________________________________________________
    The Best News Source On The Web - http://www.disinfo.com
    
    
    



    This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 10:52:37 PDT