Posted by: Dan O'Connor
Morto, Morto.Gen!A, rdp worm, windows worm
I was toying with something like this a while ago, I was playing with the idea of being able to do this from a *nix box for VA purposes (With out the gui part, I just wanted a yes or no back).
It’s current state should not get many hosts, the list of passwords is limited.
Here is a list of hosts it will attempt to contact for updates.
126.96.36.199 jifr.info jifr.co.cc jifr.co.be qfsl.net qfsl.co.cc qfsl.co.be
Always check your firewall logs just to be safe.