Full Disclosure mailing list archives
Re: Multiple 0-days in Dark Comet RAT
From: Valdis.Kletnieks () vt edu
Date: Mon, 15 Oct 2012 14:10:16 -0400
On Sat, 13 Oct 2012 14:47:20 -0400, "Hertz, Jesse" said:
The cool thing about it is that if you are a net/sys admin, and you notice one of your computers has been compromised, you can pwn the C+C server. these are exploits in the C+C server, not in the installed trojan. that's why its relevant. you can counterhack and pwn the person who pwned you.
Strongly recommended that you retain competent legal counsel before actually doing so. The legality of counterhacking is *highly* debated in most jurisdictions.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Multiple 0-days in Dark Comet RAT Hertz, Jesse (Oct 09)
- Re: Multiple 0-days in Dark Comet RAT Philip Whitehouse (Oct 10)
- Re: Multiple 0-days in Dark Comet RAT Thor (Hammer of God) (Oct 10)
- Re: Multiple 0-days in Dark Comet RAT Pascal Ernster (Oct 11)
- Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks (Oct 11)
- Re: Multiple 0-days in Dark Comet RAT Gage Bystrom (Oct 11)
- Re: Multiple 0-days in Dark Comet RAT Julius Kivimäki (Oct 11)
- Re: Multiple 0-days in Dark Comet RAT Hertz, Jesse (Oct 14)
- Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks (Oct 15)
- Re: Multiple 0-days in Dark Comet RAT Hertz, Jesse (Oct 17)
- Re: Multiple 0-days in Dark Comet RAT Philip Whitehouse (Oct 10)
- Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks (Oct 18)
- <Possible follow-ups>
- Re: Multiple 0-days in Dark Comet RAT scriptjunkie (Oct 18)