sasser anyone?

by admin

Sunday, May 9th, 2004 at 9:47 am

.::sasser-ftpd.c ::. exploit sasser’s ftpd for a shell

sorry couldnt upload it sooner cuz of work.. but heres the newer version
.::sasser-ftpd.1.4.c ::.

926 byte backdoor

by admin

Monday, May 3rd, 2004 at 6:17 pm

added tx to the files its a 926 byte backdoor written in visual c++ for NT/2K/XP/2K3 get it from the releases section under other or click here
also added the reverse connecting backdoor that allows you to reach into computers behind routers
click here


by admin

Monday, May 3rd, 2004 at 1:15 pm

posted by atomix
I swear, the RIAA are a buncha morons. I know its old but i read somewhere that theyre sueing some more people. Isnt that lame? Dont those pansies have enough money. Friggen money hungry terds >. Gets me angry.

In the news, apparently the whole ‘internet taxes’ thing is getting the boot =). w00t. No net taxes.

Nothing really else exciting is going on… that i know of that is. If anyone knows anything exciting then comment it. I need some excitement in my life besides hiring a 9 year old hooker named Ming Lee from Pakistan.

LSASS worm

by admin

Sunday, May 2nd, 2004 at 1:23 pm

posted by pingywon

Systems Affected:
Windows 2000
Windows XP

The “Sasser” LSASS worm discovered April 30, 2004 is a self-propagating executable written in Microsoft Visual C. It exploits the LSA buffer overflow vulnerability reported to Microsoft by eEye and patched in the MS04-011 security bulletin released on April 13, 2004. Similar to the MSBlaster RPC DCOM worm that struck in August of last year, “Sasser” uses a public exploit for the LSA vulnerability in order to obtain a SYSTEM-level command shell on its victims.

.:Vunerbility scanner:.

.:Actual Exploit:.
.:Technical Information:.

eEye Digital Security


Morning_wood Ripped off

Well well.

Only moments after posting the LSASS worm on I was contacted.

I was then shown the following:

morning_wood 1st alert


morning_woods 2nd alert

Notice the date on these posts (April 29th and April 30th) Both a full 2-3 days before had anything to say about this matter.

Both alerts made by non other then our resident morning_wood, both posts hold a striking similarity to the security alert made by
It is obvious that the folks over there at are stealing morning_woods posts/alerts, barely even modding them before posting them as a security alert on their own site and then mailing everyone on their mailing list (myself included).

I have talked with morning_wood and he has informed me that this is in no way the first time a larger “security” company has stolen his material and offered no recognition for it.

In an attempt to make it easier on the I have prepared the following apology letter that should be sent to morning_wood in light of the plagiarism that has taken place here.

[email protected]
Yazat Karatus Arazatus o-bey


One Columbia
Aliso Viejo, CA 92656

May 2, 2004

Exploit Labs
56** Eagle ***
********, Wa 98***

Dear morning_wood:

Thank you for notifying us of your complaint. We strive to provide you with the best possible service, and when you feel that it fails to meet your expectations, it’s important for us to know.
We’re sorry that you received service that prompted you to contact us with a complaint, and we regret any inconvenience or frustration that your experience has caused you. We thought we could steal your story and mass mail it to everyone on our mailing list, and you would never know.To ensure that our staff conducts itself in a manner that reflects the high regard that we have for our customers, we’ve notified the proper department of your complaint, and promise that nothing will ever get done about it.
Your patronage is important to us, and we hope that you’ll continue to give us opportunities to serve you.
Thank you again for bringing these matters to our attention.



by admin

Saturday, May 1st, 2004 at 12:22 pm

posted by morning_wood
tcp reset PoC by aphex
get it ::here::

IP: Loading... - Host: Loading...
IP Geolocation: unknown.

We love our country, but fear our government.