Vulnerability Development mailing list archives
Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)
From: "Stanley G. Bubrouski" <stan () ccs neu edu>
Date: Tue, 4 Sep 2001 19:52:39 -0400 (EDT)
On Sat, 1 Sep 2001, Herbert HexXer wrote:
hello guys ... ... i have been developing a code, that should patch the isdapi-filter bufferoverflow vulnerability (the vulnerability CodeRed is exploiting) discovered by eEye (walk through the code for details).
Another worm...lovely...
As I am on vacation tomorrow and I don?t have the time to exessively debug the code, I posted this code here.
Why not just flee the country?
Perhaps some ppl might learn from this code (eventually someone could finish what I began[debug/testing]). Be sure to know what you are doing, as this code uses ?viral/worm? techniques and could potentially cause damage. THIS CODE IS DESIGNED FOR EDUCATIONAL PUPOSES ONLY; REMEMBER THAT IT IS ONLY A BETA VERSION. I will not take responsibility for any damage that might be caused by this code.
Great. A lack of responsibility is the cornerstone to microsoft's terms of service, why should anyone expect any higher of it's users.
Be sure to have understood the code and it?s pupose before beginning to play with it.
Tell that to the kids who unleash this and eat up bandwith on corporate networks that expand all over the globe, believe it or not some companies have routers failing because of bandwith issues dealing with Code Red. You also forgot that many companies restrict the rights of users on machines so once they are infected, even if you download the patch it might not be installable (I don't give a shit what user the exploit runs as, so don't bother making it an issue). And what if the patching fails? You've just infected a machine with a worm that searches out other hosts to infect, even if it means well it will eat bandwith.
Feel free to modify the code at will, but don?t blame me, in case something should not work like expected.
How about making a tool that patches machines and isn't a worm?
Aloah, Der HexXer. -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
My opinionated 2 cents. Yes I am a biggot. Regards, Stan -- Stan Bubrouski stan () ccs neu edu 23 Westmoreland Road, Hingham, MA 02043 Cell: (617) 835-3284
Current thread:
- CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Herbert HexXer (Sep 01)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Markus Kern (Sep 01)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Stanley G. Bubrouski (Sep 05)
- <Possible follow-ups>
- RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Paige, Randall (Sep 04)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Markus Kern (Sep 04)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) DerHexXer (Sep 05)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Markus Kern (Sep 05)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Meritt James (Sep 05)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Blue Boar (Sep 05)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Blue Boar (Sep 05)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Stanley G. Bubrouski (Sep 05)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Blue Boar (Sep 05)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Jonathan Rickman (Sep 05)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Markus Kern (Sep 05)