Saturday, April 8

Nepenthes and fun with WINS Exploits

Recently I installed Nepenthes on one of my machines. Just so I can capture some malware, reverse engineer it and fun stuff like that. (It's fun, really)..

However, Being that WINS is one of the exploitable things in nepenthes, and that apparently some host on my ISP is infected with some sort of auto-spreading WINS exploit. Nepenthes is even able to emulate reverse shells.

Dump:



So apparently, whatever host tried to infect me, apparently is running Windows 2000. and if I really wanted to, I could control that machine. However.. I'll just have pity on him for running Windows.

No, I will not post his IP.

No comments: