2. Tech
  3. Shock wave inside

Shock wave inside

zhaozj2021-02-08  395

Shock wave inside

Author: Glen Tingquan

Time: 2003-07-21 AMs: Flashsky

Found MS Windows 2000 RPC Denial and Local Permissions Enhanced Vulnerabilities and provides a complete test code (see attached 1).

Time: 2003-07-21

Microsoft implemented the vulnerability and released the vulnerability: MS03-026: RPC interface arbitrary code can be executed

Time: 2003-07-22

Microsoft released patches for this vulnerability

http://www.microsoft.com/china/technet/security/bulletin/ms03-026.asp

Time: 2003-07-25 09:13 Characters: Flashsky

An article published in a well-known Forum in China published an article of LSD RPC overflow analysis, which announced the code to implement RPC overflow vulnerabilities, and detailed the basic principle (full text).

Time: 2003-07-25 to 2003-07-28

In this forum, the heroes of the road have modified the code provided by Flashsky.

Time: 2003-8-2 Discovery: Worm.SDBOTRPC "Rumet" virus

Using the RPC's Vulnerability Attack Network, the attack code is sent to the port listening to the RPC system service on the remote system, resulting in a remote system to crash using the RPC service or system.

Time: 2003-8-8 Discovery: Worm.Autorooter virus written in VB programming language

Time: 2003-8-10 Discovered the famous impact wave (Worm.Blaster) virus

Time: 2003-08-15 US media statement: "shock wave" virus is suspected of causing big power outages

http://www.duba.net/c/2003/08/15/89250.shtml

Time: 2003-08-18 There is a benign worm with insects, I don't know the name of the virus, first borrow the online name worm 2004, the virus also passes the computer, worm infection in the network through the RPC vulnerability After the system, the impact wave virus in the system is automatically cleared, and then according to the system language version is Simplified Chinese, traditional Chinese, Korean, English, and the system are Windows 2000 or Windows XP to download the corresponding MS03-026 patch to Microsoft Site, and can detect the system Time, if the system time is 2004, it automatically clears itself.

Time: 2003-8-20 Person: peipei

Worm 2004 The author appeared in a famous forum and announced the original code (see Annex 3), the full text is as follows:

转载请注明原文地址:https://www.9cbs.com/read-937.html

9cbs

New Post(0)