-
April 6th, 2008, 08:37 PM
#1
Member
Pangolin. Backdoor?
Has anybody else come across this sql injector, written by Zwell. The general consensus is that it although it works, there is a backdoor on the program. And when you scan it, it detects an IRC bot. Although according to a mailing list (can't remember which one) some posters said they checked everyhting out and it didnt modify their computer or communicate with an outside server( although it could just be the author saying this...) Anyway, here's the link if you want to check it out, and anyone else that has heard of it before, do you know where to get source code?
the original link doesnt seem to be working here's it uploaded here.
http://www.megaupload.com/?d=0UNAK1K4
WARNING MAY (OR MAY NOT?) CONTAIN A BACKDOOR
-
April 7th, 2008, 11:17 AM
#2
WARNING................. that upload site pops a dating service advert........... you may not want that to happen depending on where you are?
This might help:
http://www.virustotal.com/analisis/0...c57a8ab00e145c
http://www.virustotal.com/analisis/b...cda3fe708b1bd7
But AV utilities tend to do that with several security analysis tools, and some even complain if they find UPX
The author won't release the source so it boils down to whether or not you trust compiled binaries from him.
-
April 8th, 2008, 06:47 PM
#3
Member
yeah i also heard from someone that if you unpack with UPX, and scan again, its clean, but I haven't tried this yet, I might do this now
Oh right I've just realised thats what you've done above. But what significance does this have? Does it prove it isn't a virus? also, what could I do to monitor the program, and make sure it isn't writing to registry or communicating with an outside server. Is there a software useful for this?
Last edited by shad0w7; April 8th, 2008 at 06:52 PM.
-
April 14th, 2008, 05:06 PM
#4
Similar Threads
-
By ThePreacher in forum Miscellaneous Security Discussions
Replies: 17
Last Post: December 14th, 2006, 09:37 PM
-
By Cybr1d in forum Newbie Security Questions
Replies: 9
Last Post: May 1st, 2004, 06:17 PM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By mayhem991 in forum AntiVirus Discussions
Replies: 2
Last Post: February 25th, 2003, 02:04 AM
-
By [WebCarnage] in forum Security Archives
Replies: 0
Last Post: January 10th, 2002, 09:10 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|