Pages

Saturday, April 8

Nepenthes and fun with WINS Exploits

Recently I installed Nepenthes on one of my machines. Just so I can capture some malware, reverse engineer it and fun stuff like that. (It's fun, really)..

However, Being that WINS is one of the exploitable things in nepenthes, and that apparently some host on my ISP is infected with some sort of auto-spreading WINS exploit. Nepenthes is even able to emulate reverse shells.

Dump:



So apparently, whatever host tried to infect me, apparently is running Windows 2000. and if I really wanted to, I could control that machine. However.. I'll just have pity on him for running Windows.

No, I will not post his IP.
at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
  • Offset, Depth, Distance, and Within
    Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so...
  • Writing Snort Rules Correctly
    Let me start off by saying I'm not bashing the writer of this article, and I'm trying not to be super critical.  I don't want to...
  • Moving from Omnifocus to Reminders
    Let's say you're like me, an avid Omnifocus user, but you've been hearing great things about Reminders on MacOS/iOS/iPadOS, and ...