bad packets

[reaper]

there were like 100,000 sites hacked from China recently using SQL injection, and it's sending user passwords to China.

I created a rule for the packet, and made the packet myself:
perl -e 'print "\x20\x20\x20\x20\x20\x00\x03\x00\x06\x00","\x01"x100;' | nc -nvvv x.x.x.x 2043

that's what a command and control packet looks like on their botnet system, now hopefully they don't change it .  but if they don't, people can now know their code needs to be fixed.

interesting stuff I think:
http://isc.sans.org/diary.html?storyid=4331&rss

people need to verify input by whitelising it, then we wouldn't have these problems.

edit:
btw that command opens a tcp connection with netcat, then data gets passed to it via the perl print function, which is just data that matches the botnet control system, shown as hex values.  and netcat is awesome, you can do some really cool things with it, like get remote bash and cmd shells initiated from a system behind a firewall