Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Hacktool.WSRShell

Nov 17, 2003 4:38AM PST

Discovered on: November 14, 2003
Last Updated on: November 17, 2003 09:43:23 AM

Hacktool.WSRShell is a hack tool that attempts to gain access to a remote computer using the workstation service buffer overrun vulnerability (described in Microsoft Security Bulletin MS03-049).


--------------------------------------------------------------------------------
Note: Virus definitions dated prior to November 17, 2003 may detect this as Bloodhound.Exploit.4
--------------------------------------------------------------------------------




Type: Trojan Horse

When Hacktool.WSRShell is executed, it attempts to connect to a remote computer using the workstation service buffer overrun vulnerability (described in Microsoft Security Bulletin MS03-049). If this hack tool succeeds in doing so, it can execute arbitrary code on a compromised computer.

Some variants of this hack tool can create a remote shell on a compromised computer, listening on a certain port.

http://www.symantec.com/avcenter/venc/data/hacktool.wsrshell.html

Discussion is locked