Web Hosting Talk






PDA

View Full Version : Urgent Ensim Trojan

globalwebhos
07-16-2002, 03:16 AM
http://www.ensim.com/ubb/Forum11/HTML/000094.html

SOMEONE POSTED ON THE ENSIM BOARDS A LINK TO A FILE WHICH THEY CLAIM SECURES A BOX AGAINST '3' REMOTE ENSIM ROOT EXPLOITS. DO NOT RUN THIS, IT IS A TROJAN, IT WILL BACK DOOR YOU AND SEND THE GUY AN EMAIL WITH YOUR SYSTEM INFO (IFCONFIG AND CAT /PROC/CPUINFO).

IF YOU RAN THIS PROGRAM CONTACT ME ASAP FOR HELP!

-Ameen
The Prohacker
07-16-2002, 03:34 AM
Ok... If they ran that...

Why would they want to have someone else, who doesn't work for ensim work on the box???

Wouldn't that just be asking for trouble??
QWEST
07-16-2002, 03:39 AM
http://www.phalse.info/ensimfix.tgz hehe DOWNLOAD & RUN AND WIN $5.00:D
QWEST
07-16-2002, 03:40 AM
Hmm great convo.
Rack Byte: hey
Laricle23k: uh high
Rack Byte: I loved, your fix
Rack Byte: it works great!
Rack Byte: http://www.phalse.info/ensimfix.tgz
Rack Byte: thanks for the fix
Laricle23k: what the **** are you talking about?
Rack Byte: the errors in ensim
Rack Byte: remote root exploits..
Laricle23k: ohhhh
we are having a conf about it right now would you like to join?
Rack Byte: sure
Rack Byte: where is it
Laricle23k: its toll free
Rack Byte: k
Rack Byte: #?
Rack Byte: Still there?
Laricle23k: Phone number 877-468-3600
Participant code 31337
Rack Byte: k
Rack Byte: Ill be in, in a sec :-)
Laricle23k: there are 3 ppl from ensim on it right now
Rack Byte: Whats it about?
Rack Byte: Ahh there we go
Laricle23k: u coming?
Rack Byte: yea
Laricle23k: where waiting
Rack Byte: err lol, im trying to find my phone
Rack Byte: Its somewhere under this cluster of mess
Laricle23k: ok
\
globalwebhos
07-16-2002, 03:57 AM
Originally posted by The Prohacker
Ok... If they ran that...

Why would they want to have someone else, who doesn't work for ensim work on the box???

Wouldn't that just be asking for trouble??

First of all, im not an idiot, i d/l and checked to see what the fudge it was, ran it w/o ROOT privelages ofcourse , and then sniffed port 25 to see what the msg was.
globalwebhos
07-16-2002, 03:58 AM
Originally posted by QWEST
Hmm great convo.


That a real conf?
hehe
QWEST
07-16-2002, 04:14 AM
yea thats real hehe
The Prohacker
07-16-2002, 04:17 AM
Originally posted by globalwebhos


First of all, im not an idiot, i d/l and checked to see what the fudge it was, ran it w/o ROOT privelages ofcourse , and then sniffed port 25 to see what the msg was.

Nooooo.. I'm talking about, people that have already been infected, why should they contact you?? Are you going to fix their box??

If so, why should they trust you?? And if you know the fix for it, then why not post it here???