Another link that doesn't work (sort of - this is example of "wierd html")
in [Viruses]
|
From: Virus Guy on 20 Nov 2009 08:38 Got an e-mail on Wednesday with this as the message body: ----------------- I just created a poll hxxp://ms9.by . ru/hot.html ----------------- (I put spaces in the above url because ms9-dot-by-dot-ru is a black-listed domain at uribl.com, and the news server I use filters posts that contain blacklisted domains in the message body) I got a blank page when I tried it. However, I got a complete directory listing when I removed the html file: ----------------- hxxp://ms9.by . ru/ ----------------- And I was able to manually download "hot.html". Kaspersky id's it as JS.Shadraem.a, and only 5 other AV packages ID it as malware (but they give a generic ID). Here's the complete directory listing. All these files and directories appear to be fully browseable: [Folder] again/ 01-Mar-2009 09:31 - [Folder] country/ 19-May-2009 17:20 - [Folder] cqi/ 05-Feb-2009 07:59 - [Folder] glqcm/ 20-Nov-2009 13:45 - [Folder] mf/ 18-Apr-2007 13:26 - [Folder] pfv/ 20-Nov-2009 13:45 - [Folder] thinking/ 07-May-2009 06:34 - [Folder] took/ 30-Mar-2009 00:54 - [Folder] trying/ 28-May-2009 20:54 - [Folder] xbtqx/ 20-Nov-2009 13:46 - [HTML Document] hot.html 19-Nov-2009 12:08 7.6K [GIF Image] ode.gif 27-Aug-2009 18:35 30K [GIF Image] proshedshee.g 19-Aug-2009 14:50 31K [JPEG Image] all.jpg 26-Sep-2009 20:10 27K [JPEG Image] edvaou.jpg 19-Aug-2009 01:07 86K [JPEG Image] KINO-o.jpg 17-Aug-2009 15:44 23K [JPEG Image] rasp.jpg 28-Sep-2009 13:53 21K [JPEG Image] setup.jpg 20-Sep-2009 16:05 27K [JPEG Image] stradal.jpg 20-Aug-2009 00:07 23K [JPEG Image] vabit.jpg 18-Aug-2009 00:19 23K [JPEG Image] zatmenii.jpg 18-Aug-2009 16:18 27K [ ] class.phpmailer.php 06-Nov-2009 12:56 56K [ ] class.smtp.php 06-Nov-2009 12:56 32K [ ] htaccess.php 06-Nov-2009 12:56 79K [ ] in.php 06-Nov-2009 12:56 9.8K [ ] PE5BF5B95BE125.php 20-Nov-2009 13:45 6.8K [ ] searchsg.php 06-Nov-2009 12:56 15K [ ] test.php 20-Nov-2009 13:45 7.1K
|
Pages: 1 Prev: Avira switches to new update system Next: USB-Stick autorun virus |