To reduce the database size and server load, all articles from 2004 or earlier are archived here.

Return to MacMegasite

• December 2004 (52)
• November 2004 (33)
• October 2004 (54)
• September 2004 (43)
• August 2004 (41)
• July 2004 (57)
• June 2004 (82)
• May 2004 (53)
• April 2004 (45)
• March 2004 (49)
• February 2004 (40)
• January 2004 (46)
• December 2003 (44)
• November 2003 (48)
• October 2003 (57)
• September 2003 (45)
• August 2003 (54)
• July 2003 (62)
• June 2003 (46)
• May 2003 (47)
• April 2003 (51)
• March 2003 (63)
• February 2003 (69)
• January 2003 (72)
• December 2002 (63)
• November 2002 (70)
• October 2002 (72)
• September 2002 (73)
• August 2002 (41)
• July 2002 (39)
• June 2002 (19)
• May 2002 (3)
• April 2002 (1)

Yet another Windows worm

Lioten, also known as Iraq_Oil, is a Windows network worm spreading through

shared folders. It was found on December 16th, 2002 in the wild.



internet for Windows 2000 and Windows XP machines which have shared folders

with other users and are not protected by a firewall. Once a suitable

machine is found, the worm guesses a password, logs in to the machine,

copies itself over as an EXE file (usually named iraq_oil.exe) and executes

it. After this the worm restarts spreading.

There is no further information on what the worm does in addition to

spreading. Also the reason for the reference to Iraq is unclear.

The worm exploits the Windows Server Message Block (SMB) service at a port

445. Basic firewall techniques prevent access to this port.

The worm launches 100 threads each of which starts generating random IP

numbers using the system clock to generate a seed value.

For every generated IP a connection is made to the port 445. If the

connection is successful, it tries to list the list of users in the machine

and tries to guess their password, using passwords from an hardcoded

internal list which contains a blank password and the following words:

  admin

  root

  111

  123

  1234

  123456

  654321

  1

  !@#$

  asdf

  asdfgh

  !@#$%

  !@#$%^

  !@#$%^&

  !@#$%^&*

  server

If the file is copied successfully, a remote task is scheduled so that the

process will be run on the remote machine.

The executable is packed with UPX.

So what else is new?

[] permanent link

Shop at MacMegasite

We're pleased to announce the MacMegasite Store, which features Mac utilities from Advenio Software, Ancodia Software, Chaotic Software, Fetch Softworks, Andreas Schwarz, and Selznick Scientific. We hope to add other products in the future.

[] permanent link

Trolltech releases Qt Script for Applications

Trolltech's new multiplatform scripting toolkit tightly integrates with the

Qt libraries to provide a powerful combination of C++ and script-based

interfaces for developers



OSLO, Norway and SANTA CLARA, Calif. - December 18, 2002 -Trolltech, the

leading provider of single-source, multiplatform C++ software development

tools, today announced the beta release of Qt Script for Applications

(QSA). QSA is Trolltech's new multiplatform scripting toolkit for Qt-based

application developers.

QSA lets developers and end-users extend and customize Qt applications

through a powerful ECMA standard scripting environment.

"QSA was designed to provide Qt developers with the ability to create

extendable, customizable applications without having to re-release a new

version of their application every time a small modification is needed,"

said Eirik Eng, Trolltech president. "By tightly integrating the scripting

libraries, most Qt applications are inherently scriptable. Applications do

not need to be re-written to implement this functionality, which we feel is

one of the key strengths to QSA."

Key components of QSA include:

QSA library: This integrates into Qt and allows C++ application developers

to make their Qt-based applications scriptable.

Qt Script: An easy-to-learn, multiplatform, interpreted scripting language.

Qt Script is based on ECMAScript, which is also the foundation of

JavaScript.

Qt Scripter: A multiplatform Integrated Development Environment (IDE) that

can be deployed on a royalty-free basis with QSA-enabled Qt applications.

End users and VARs (Value Added Resellers) can use Qt Scripter to visually

design custom forms, and to write, run and debug forms and Qt Script code

in script-enabled applications.

C++ developers may create a script-enabled Qt application by specifying

which features should be scriptable. The script-enabled application may

then be distributed, including QSA libraries, and the Qt Scripter. This

allows VARs, support staff, or end customers to customize the application

to meet their specific needs.

Key features and benefits:

• QSA is tightly integrated with Qt, eliminating the need for bindings or
  
  wrappers
  
  
• Includes a royalty-free IDE, with a powerful debugger
  
  
• Allows base applications to be customized to meet specific customer
  
  requirements
  
  
• Utilizes the same 'Signals and Slots' mechanism as Qt
  
  
• Source code is provided
  
  
• Many fixes, updates and work-arounds can be provided using scripts for
  
  fast response to customers without having to create premature new versions.
  
  
• Value Added Resellers (VARs) can provide additional value via
  
  customizations for their customers
  
  
• QSA makes both Qt and application-specific C++ classes scriptable
  
  

QSA pricing will be announced on a date closer to the final release. QSA

1.0 is expected to be released in Q2, 2003. Evaluation versions are now

available to Qt license holders. Please contact mailto:sales@trolltech.com

for more information.

Licensing

QSA will be released under a commercial license for Linux/Unix (X11),

Windows and Mac platforms. Additionally, QSA will be released under the GPL

for free software development on the Linux/Unix (X11) platforms.

About Trolltech

Trolltech is a software company with two flagship products: Qt and Qtopia.

Qt is a multiplatform C++ application framework developers can use to write

single-source applications that run-natively-on Windows, Linux, Unix, Mac

OS X and embedded Linux. Qt has been used to build thousands of successful

commercial applications worldwide, and is the basis of the open source KDE

desktop environment. Qtopia is the first comprehensive application

environment built for embedded Linux, and is used in Sharp's new Zaurus

SL5500 and SL-A300 PDAs. Trolltech is headquartered in Oslo, Norway, with

offices in Brisbane, Australia, and Santa Clara, California. More about

Trolltech can be found at http://www.trolltech.com.

[] permanent link

Interview with Spring creator

Mac Net Journal has published an interview with Spring creator Rob Beal.

User Creations Spring 1.0 is an innovative desktop application that lets you work with contacts, applications, and data as objects in your workspace. Spring users can share their contacts with others, and create custom objects for applications & web services.

[] permanent link