Re: Multiple 0-days in Dark Comet RAT

["Hertz, Jesse" <jesse_hertz () brown edu>]

The cool thing about it is that if you are a net/sys admin, and you notice
one of your computers has been compromised, you can pwn the C+C server.

these are exploits in the C+C server, not in the installed trojan.

that's why its relevant. you can counterhack and pwn the person who pwned
you.


and thats fucking awesome

On Thu, Oct 11, 2012 at 12:04 PM, Julius Kivimäki <julius.kivimaki () gmail com
> wrote:

> In fact, it's not a vulnerability in malware. It's a vulnerability in a
> tool used to control computers infected by malicious software. But I can't
> see that being relevant at all.
>
> 2012/10/11 <Valdis.Kletnieks () vt edu>
>
> >  On Wed, 10 Oct 2012 23:25:50 +0200, Pascal Ernster said:
> >
> > > I suppose it turns into a 0 day when you post it on this mailing list
> > > and happen to be in the mood to put the vendor's marketing division on
> > > BCC.
> > >
> > > -1 day could be when you ask a friend to check your mail to this ML for
> > > major grammar errors before you post it.
> >
> > All this ranting about the meaning of a 0-day - and not one person has
> > mentioned the fact that the vulnerability is in *malware*??!?
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/