Security Incidents mailing list archives
Re: Beware: Latest Version Of Subseven is released...
From: Gossi The Dog <gossi () OWNED LAB6 COM>
Date: Sun, 11 Mar 2001 18:59:21 +0000
On Sun, 11 Mar 2001, Brian McWilliams wrote:
Readme.txt from SS 2.2. Anyone see anything particular nasty (&new) in this release?
The biggest thing which isn't really mentioned on the website - it works under Windows NT 4 and Windows 2000 perfectly (the server, I mean). I've tested the server while logged into NT4 as a local user, as well as under a service account. The server terminates when the user logs out, as expected. Obvious, it is restricted access to the context user it runs as. If run as Administrator, it initally quits when the admin logs out. However, the server can be configured to start on system boot. Once this happens, logins do not effect the server.exe's ability to function. The main server.exe is compressed with UPX 1.02. You can grab UPX from http://upx.tsx.org, and use the -d option to depack the server. Because of the modular design of S7 2.2, the main server is kept quite small, with a bulk of the main functionally being present in Plugin DLLs. As of time of writing (11/March/2001) no AV software appears to have detection in place. Obviously vendors will do this, but since the maker (Mobman) plans to release an SDK (see readme) for making custom plugins, it will make detection that little bit harder. I have made a small package will allows the uploading of a custom S7 server via the IIS Unicode bug. Testing reveals it works extremely well. I shall publish this soon enough. The other fairly important thing to bare in mind is that this release includes a packet sniffer, controlled by a GUI interface. This is obviously a fairly powerful tool for kids to have. Hope this helps, Gossi.
Current thread:
- Beware: Latest Version Of Subseven is released... James Cox (Mar 10)
- Re: Beware: Latest Version Of Subseven is released... Thierry (Mar 11)
- Re: Beware: Latest Version Of Subseven is released... Brian McWilliams (Mar 11)
- Re: Beware: Latest Version Of Subseven is released... Gossi The Dog (Mar 12)
- Re: Beware: Latest Version Of Subseven is released... Brian McWilliams (Mar 11)
- <Possible follow-ups>
- Re: Beware: Latest Version Of Subseven is released... Timothy Lyons (Mar 11)
- Re: Beware: Latest Version Of Subseven is released... Thierry (Mar 11)