ADMmutate

· Overview ·
· Origins ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Vendor Notes:

 A shellcode mutation engine, can evade NIDS. from the doc: 'I have chosen to attack the signature analysis method with a technique very well known to virus enthusiasts, a polymorphic algorithm that is designed to impair the effectiveness of regexp's against known attack signatures. (signatures are typically several bytes that are known to be the same for every execution of the exploit).'

Category:

Exploit: A way of breaking into a system. An exploit takes advantage of a weakness in a system in order to hack it. Exploits are the root of the hacker culture. Hackers gain fame by discovering an exploit. Others gain fame by writing scripts for it. Legions of script-kiddies apply the exploit to millions of systems, whether it makes sense or not. Since people make the same mistakes over-and-over, exploits for very different systems start to look very much like each other. Most exploits can be classified under major categories: buffer overflow, directory climbing, defaults, Denial of Service.

Variants:
  • ADMmutate 0.8.1
  • ADMmutate 0.8.4
    		•

    Similar Pests:

    		 Exploit

    Origins

    Author:

    		 K2

    Group:

    		 The Crew

    By This Group:

    		 ADMmutate 0.8.1 ·

    Date of Origin:

    		 April, 2005

    Operation

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Research

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 April 14, 2005