Sunday, November 28, 2004
enviar
Later on we discover this setup in /dev/shm:
"enviar" means "to send" in spanish. In other words, the guy would have used this cracked box to send out virii. I realize that doesn't make sense, since the guy also announced his presence by breaking as much as possible, but people are stupid.
Lee [lee@generalpublic shm]$ ls -lt
Lee total 8660
Lee -rw-r--r-- 1 root root 4667507 Nov 28 15:33 emails3.txt
Lee -rw-r--r-- 1 root root 378368 Nov 28 15:32 email1.6.txt
Lee -rw-r--r-- 1 root root 3782928 Nov 28 15:25 emails.txt
Lee -rw-r--r-- 1 root root 32 Nov 28 15:00 ok.txt
Lee -rw-r--r-- 1 root root 2404 Nov 28 14:16 enviar.txt
Lee -rw-r--r-- 1 root root 3760 Nov 28 13:16 microsoft.htm
Lee that'll help the spam problem
...
plaus heh... i think this guy was shotgunning emails that helped him find vulnerable
Win* machines to zombiefy - just a theory
"enviar" means "to send" in spanish. In other words, the guy would have used this cracked box to send out virii. I realize that doesn't make sense, since the guy also announced his presence by breaking as much as possible, but people are stupid.
# posted by Lucas Gonze @ 9:47 PM 
