[Full-Disclosure] Unpacking Sasser
youssef ALAOUI
alaoui_o at epita.fr
Mon May 3 16:58:04 BST 2004
HI,
You can use PEiD to try to unpack Sasser (http://peid.has.it/)
you can also catch this worm by creating a shell script called catch.sh
catch.sh would contain two lines :
nc -l -p 445 > ~/catched.dump$$
./catch.sh &
then you just have to launch it : ./catch.sh &
that will create files with random names for each incomming connexion to
port 445 containing a dump of the trafic in your home directory.
Tek Rulez
------------------------------------
ALAOUI ABDELLAOUI Youssef alias ANALYSTE
Delegue Promo 2008
-{Epitech}- European Institute of Technology
Full-Disclosure is hosted and sponsored by Secunia.