Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)

From: Stanley G. Bubrouski (stanat_private)
Date: Tue Sep 04 2001 - 16:52:39 PDT

Next message: Blue Boar: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"

Previous message: Michael R. Rudel: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
In reply to: Herbert HexXer: "CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Next in thread: Markus Kern: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 1 Sep 2001, Herbert HexXer wrote:

> hello guys ...
> ... i have been developing a code, that should patch the isdapi-filter
> bufferoverflow vulnerability (the vulnerability CodeRed is exploiting) discovered
> by eEye (walk through the code for details).
> 

Another worm...lovely...

> As I am on vacation tomorrow and I don’t have the time to exessively debug
> the code, I posted this code here.

Why not just flee the country?

> Perhaps some ppl might learn from this code (eventually someone could finish
> what I began[debug/testing]).
> Be sure to know what you are doing, as this code uses ‘viral/worm’
> techniques and could potentially cause damage.
> THIS CODE IS DESIGNED FOR EDUCATIONAL PUPOSES ONLY;
> REMEMBER THAT IT IS ONLY A BETA VERSION.
> I will not take responsibility for any damage that might be caused by this
> code.

Great.  A lack of responsibility is the cornerstone to microsoft's terms
of service, why should anyone expect any higher of it's users.

> Be sure to have understood the code and it’s pupose before beginning to play
> with it.
> 

Tell that to the kids who unleash this and eat up bandwith on corporate
networks that expand all over the globe, believe it or not some companies
have routers failing because of bandwith issues dealing with Code
Red.  You also forgot that many companies restrict the rights of users on
machines so once they are infected, even if you download the patch it
might not be installable (I don't give a shit what user the exploit runs
as, so don't bother making it an issue).  And what if the patching
fails?  You've just infected a machine with a worm that searches out other
hosts to infect, even if it means well it will eat bandwith.

> Feel free to modify the code at will, but don’t blame me, in case something
> should not work like expected.
> 

How about making a tool that patches machines and isn't a worm?

> Aloah,
> Der HexXer.
> 
> -- 
> GMX - Die Kommunikationsplattform im Internet.
> http://www.gmx.net
> 

My opinionated 2 cents.  Yes I am a biggot.

Regards,

Stan

--
Stan Bubrouski                                       stanat_private
23 Westmoreland Road, Hingham, MA 02043        Cell:   (617) 835-3284

Next message: Blue Boar: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Previous message: Michael R. Rudel: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
In reply to: Herbert HexXer: "CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Next in thread: Markus Kern: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Sep 05 2001 - 23:50:36 PDT