Bugtraq mailing list archives
RE: phpBB Worm
From: Chris Ess <securityfocus () cae tokimi net>
Date: Fri, 24 Dec 2004 23:49:47 -0500 (EST)
eval{ while(my @a = getpwent()) { push(@dirs, $a[7]);} }; push(@dirs, '/ ');
[...]
Additionally, on Windows the worm would affect files on a single disk.
In generation 9 of the worm, there is the following code after what you include: for my $l ('A' .. 'Z') { push(@dirs, $l . ':'); } What I get out of this is that the worm should try iterating down every available drive on a Windows server. I haven't tested this on a Windows machine running ActivePerl yet though. Sincerely, Chris Ess System Administrator / CDTT (Certified Duct Tape Technician)
Current thread:
- Re: phpBB Worm, (continued)
- Re: phpBB Worm Raymond Dijkxhoorn (Dec 21)
- Re: phpBB Worm Sebastian Wiesinger (Dec 22)
- Re: phpBB Worm William Geoghegan (Dec 23)
- Re: phpBB Worm Anders Henke (Dec 23)
- Re: phpBB Worm Sebastian Wiesinger (Dec 22)
- RE: phpBB Worm Paul Kurczaba (Dec 21)
- Re: phpBB Worm Alexander Klimov (Dec 22)
- Re: phpBB Worm ycw1bh302 (Dec 22)
- Re: phpBB Worm Alvin Packard (Dec 23)
- Re: phpBB Worm Anders Henke (Dec 23)
- RE: phpBB Worm Ofer Shezaf (Dec 23)
- RE: phpBB Worm Chris Ess (Dec 25)
- Re: phpBB Worm steve (Dec 24)
- Re: phpBB Worm Raymond Dijkxhoorn (Dec 24)
- new phpBB worm affects 2.0.11 Herman Sheremetyev (Dec 25)
- Re: phpBB Worm Raymond Dijkxhoorn (Dec 24)
- Re: phpBB Worm Zeljko Brajdic (Dec 25)
- Re: phpBB Worm Raymond Dijkxhoorn (Dec 21)