[Dshield] abuse script operatiing at godaddy sites

Joe_Blanchard at 3com.com Joe_Blanchard at 3com.com
Thu Aug 9 21:15:20 GMT 2007


Looks to be for the use of hacking a Sony PSP.

http://gogloom.com/Gigachat/aod/

Angels of death, looks like a small group of folks doing some interesting
things. Not sure, looks like they are simply using that (and another site)
to be able to distribute that script. Doesn't look to do anything harmful,
unless you run it on a nix box, then your on your own. 0:


Cheers
Joe Blanchard



                                                                           
             Team Amber                                                    
             Beistle                                                       
             <beistle_jr at hotma                                          To 
             il.com>                   <list at lists.dshield.org>,           
             Sent by:                  "abuse at godaddy.com"                 
             list-bounces at list         <abuse at godaddy.com>, support        
             s.dshield.org             godaddy <support at godaddy.com>       
                                                                        cc 
                                                                           
             08/09/2007 03:29                                      Subject 
             PM                        [Dshield] abuse script operatiing   
                                       at godaddy sites                    
                                                                           
             Please respond to                                             
              General DShield                                              
              Discussion List                                              
             <list at lists.dshie                                             
                  ld.org>                                                  
                                                                           
                                                                           




63-247-90-156/images/cmd?  63.l247.90.156 is the actual server name changed
to stop inadvertent link ... this is a trojan per Norton...
Please share who what are the angels of death? and their roots ... is this
an old exploit or something new? is this tied to Rafa Styled attacks on
Linux or aimed at MS Clients via explorer? Clueless and suspicious ... I
have copied the script and studying it now in text format can this be
stopped and traced to perp?
Jim e Beistle Jr.


Jim E. Beistle Jr. 806.853.9400
Team Amber Alert
Texas based non-Profit Corporation
501©(3) Organisation
619 S. Ballard St.
Pampa, Texas 79065
Every second counts when a child of any age is missing or abducted!
_________________________________________________________________
Find a local pizza place, movie theater, and more….then map the best route!
http://maps.live.com/default.aspx?v=2&ss=yp.bars~yp.pizza~yp.movie%20theater&cp=42.358996~-71.056691
&style=r&lvl=13&tilt=-90&dir=0&alt=-1000&scene=950607&encType=1&FORM=MGAC01

_________________________________________
SANSFIRE 2007 July 25-August 2 in Washington, DC.  56 courses, SANS top
instructors, and a great tools and solutions expo. Register today!
http://www.sans.org/info/4651 (brochure code ISC)



CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is being sent by 3Com for the sole use of the intended recipient(s) and
may contain confidential, proprietary and/or privileged information.
Any unauthorized review, use, disclosure and/or distribution by any
recipient is prohibited.  If you are not the intended recipient, please
delete and/or destroy all copies of this message regardless of form and
any included attachments and notify 3Com immediately by contacting the
sender via reply e-mail or forwarding to 3Com at postmaster at 3com.com.



More information about the list mailing list