Mydoom.f

Full Version: Mydoom.f

GovernmentSecurity.org > System Security > Trojan & Virus Errata

MxMx

Feb 26 2004, 10:48 AM

Hello PeepZ
maybe this sound strange, but I need the mydoom.F worm of further research and maybe even writing a exploit, just like for the mydoom.A variant..
so If anyone who has this virus post it here ill will be some more research and youll here from me soon whether or not my exploit has completed

stonebreaker

Feb 26 2004, 10:52 AM

i found this on
http://www.coromputer.net

The W32.Mydoom.F@mm worm:

Is a mass-mailing worm that opens a backdoor on TCP port 1080
Can download and execute arbitrary files
Will perform a Denial of Service (DoS) against www.microsoft.com and www.riaa.com, if the computer's local system date is between 17th and 22nd of any month.
Sets up a backdoor in an infected system, by opening TCP port 1080. This could allow an attacker to connect to a computer and use it as a proxy to gain access to its network resources.

is this port 1080 .. the same kind of port which mydoom.A opened?
I mean .. should the exploit of MyDoom.A work also on MyDoom.F?

RedShadow

Mar 1 2004, 09:48 PM

no the same exploit does not work for mydoom.f and i think that mydoom.f kills mydoom.a..... and any1 with mydoom.c, mydoom.f or DoomJuice.b i would really like to have the sources.

klint0

Mar 2 2004, 04:53 PM

I dont understand how Mydoom.F works, do you just use them like a proxy.. because thats not much of a virus i can get proxies when i please =p it says something about remote control but you probably need a client or something to do that or access from telnet or something? anyone help

R0x0r

Mar 2 2004, 07:09 PM

Sounds good if we can get an exploid for the mydoom.f virus.. Good luck to you MxMx. hope you can figure that you:)

prog

Mar 3 2004, 08:45 AM

If this opens up a port on 1080 i dont see it getting too big. I mean Maybe it if had a filter out, but I dont see it happening.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.


Help - Search - Member List - Calendar Full Version: Mydoom.f GovernmentSecurity.org > System Security > Trojan & Virus Errata MxMx Feb 26 2004, 10:48 AM Hello PeepZ maybe this sound strange, but I need the mydoom.F worm of further research and maybe even writing a exploit, just like for the mydoom.A variant.. so If anyone who has this virus post it here ill will be some more research and youll here from me soon whether or not my exploit has completed stonebreaker Feb 26 2004, 10:52 AM i found this on http://www.coromputer.net The W32.Mydoom.F@mm worm: Is a mass-mailing worm that opens a backdoor on TCP port 1080 Can download and execute arbitrary files Will perform a Denial of Service (DoS) against www.microsoft.com and www.riaa.com, if the computer's local system date is between 17th and 22nd of any month. Sets up a backdoor in an infected system, by opening TCP port 1080. This could allow an attacker to connect to a computer and use it as a proxy to gain access to its network resources. is this port 1080 .. the same kind of port which mydoom.A opened? I mean .. should the exploit of MyDoom.A work also on MyDoom.F? RedShadow Mar 1 2004, 09:48 PM no the same exploit does not work for mydoom.f and i think that mydoom.f kills mydoom.a..... and any1 with mydoom.c, mydoom.f or DoomJuice.b i would really like to have the sources. klint0 Mar 2 2004, 04:53 PM I dont understand how Mydoom.F works, do you just use them like a proxy.. because thats not much of a virus i can get proxies when i please =p it says something about remote control but you probably need a client or something to do that or access from telnet or something? anyone help R0x0r Mar 2 2004, 07:09 PM Sounds good if we can get an exploid for the mydoom.f virus.. Good luck to you MxMx. hope you can figure that you:) prog Mar 3 2004, 08:45 AM If this opens up a port on 1080 i dont see it getting too big. I mean Maybe it if had a filter out, but I dont see it happening. This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.