illmob

It is hard to identify files containing Conficker because the executable are packed and encrypted. When Conficker runs in memory it is fully unpacked. Our memory disinfector scans the memory of every running process in the system and terminates Conficker threads without touching the process it runs in. This helps to keep the system services running.

The tool itself and the source code can be downloaded here:

And here is a tool to remove the registry entries

regnfile.exe 599 K

More info can be found here

Dan Kaminsky packaged a nice standalone .exe by the researchers with the HoneyNet Project (Tillmann Werner and Felix Leder) , that scans for infected conficker computers on the network. They recently discovered an easy way to identify infected systems remotely. Conficker attempts to patch the MS08-067 vulnerability during infection. A flaw in the patch causes the machine to respond differently than both an unpatched system and an officially patched system. Their scanner uses this knowledge to scan and identify the infected computers. McAfee, nCircle, Nmap, Qualys, and Tenable (Nessus) and most have already incorporated, or are about to incorporate, Conficker sigs for their scanners, but for now you can get

Dan’s .exe ::Here::

More info on the python script ::HERE::

Ashton Kutcher got an online buzz with his sneak pic of his wife’s ass on twitter
http://twitpic.com/2bj58 I guess it’s almost as good as the ones we stole from his phone

damn you’re getting old , we should call you petrified_wood

even though they made shitloads of money off their older versions before a bunch of open source alternatives finallycame, l0pht isgoing back to their roots and releasing a newer version, no word of whatupdates itcontains but check out l0phtcrack.com for more info

New code found for the internet explorer 7 exploit making the rounds http://milw0rm.com/exploits/8077 add your own un-escaped shellcode with this tool ::HERE:: and you’re good to go.

Her Twitter account was owned ::Screenshot:: Just like her gmail and youtube accounts before.

The newest beta of Backtrack is available fordownload

head over to http://remote-exploit.org to download it