Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Updated:
- February 13, 2007 11:39:39 AM
- Type:
- Hack Tool
- Version:
- 2.6.8
- Publisher:
- Shanlu
- Risk Impact:
- High
- File Names:
- WINNTAutoAttack.exe,CmdService.exe
- Systems Affected:
- Microsoft IIS, Windows 2000, Windows NT, Windows Server 2003, Windows XP
Behavior
Hacktool.Shanluprober is a hack tool with a Chinese Graphic User Interface (GUI). It enables the user to probe the servers of specified IP addresses to determine server vulnerability to attacks. The hacktool can also be used as a security-leveraging tool.
Symptoms
When "Kaishi" (Start) button is pressed, it sends a variety of TCP packets to the specified IP addresses. Once the task is completed, it displays the IP addresses and their accompanying vulnerability. While the hack tool is running, the current directory has several .exe files and .dll files that disappear when the tool is closed.
Transmission
Downloading manually from the Web.
Antivirus Protection Dates
- Initial Rapid Release version October 14, 2004
- Latest Rapid Release version May 9, 2011 revision 039
- Initial Daily Certified version October 14, 2004
- Latest Daily Certified version May 10, 2011 revision 003
- Initial Weekly Certified release date October 20, 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
