-
am i right that main discussion point is
"wtf the file 'd been stored at a place I can notify it ?"
so...
...may be there's out a tutorial for the so_called skiddies and tere was someone on
not really knowing what he does/did (while exploiting another coldfusion problem????)
....maybe the file was stored there to get you notify it. that would make me thinking ...
may i get the zipped executable, too?`
(i would like to do some reversing....)
greetz,
stanger
btw. how do you administrate this server?
-
To my knowledge that executable is installed when you install Coldfusion. I have seen it on a few web servers, at a few different customer sites. I maybe wrong and its probably worth a call to Macromedia. I have never heard of a virus/worm/rootkit called NTAdminrights.exe and would bet that someone wouldnt be stupid enough to give it such and obvious name.
-
Thanks for the reply, Net2Infinity. The time stamp on the file does coinside somewhat with my CF install. Nothing on Macromedia's site about that file however. I may have to give them a call as you said, or try the CF install on a juk box and see it fit leaves that file on that box as well.
