| Name: | Sadmind |
| Aliases: | IISworm sadmind, Backdoor.Sadmind, Sadmin-iis, Unix/Sadmind,sadmind/IIS worm, Poizonbox, SunOS/BoxPoison.worm, |
| Ports: | 139, 600 |
| Files: | Uniattack.zip - 2,021 bytes Uniattack.pl - 68,519 bytes Sadmin.sh -Uniattack.sh - |
| Created: | Apr 2001 |
| Requires: | |
| Actions: | Worm / Backdoor |
| The combined worm first compromises Sun Solaris servers and then attacks Microsofts Internet Information Servers. Together with the exploit itself, comes information about several thousands compromised servers. During its first three weeks of existance the worm was able to compromise at least 8,800 servers on the Internet. The Sun vulnerability has been known since more than two years ago, and the IIS vulnerability has been known since almost a year ago. An anti-American Web page, simular to the ones coming from Chinese hackers, is the published on the hacked IIS server. The Sun boxes can be made to originate spoofed packets. | |
| Versions: | |
| Registers: | |
| Notes: | Works on Unix (Sun Solaris, together with Solstice sadmindadministration program) and Windows NT, together with IIS. |
| Country: | written in China (?) |
| Program: |