 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
I figured either the "wizard" knows the new info or it will need to get it on 6/30. Curiousity got the better of me. If it knows, maybe it could concievably be reverse engineered by reviewing scripts or running strings on the executable, etc. If not, we all wait for the largest self inflicted denial of service attack when everyone seeks the same information at the same time on 6/30, right? Well, I just wanted to know what would happen when I ran that wizard. Sorry for the lack of precision, I have spent too much time as it is. I downloaded it and tried to break it apart (could not unzip, was a .exe) Looks like it runs an app/browser to get a value from a URL and then springs into action when the following is returned (go=yes) It must get settings from a URL as well to run the reconfiguration scripts and set up the server to forward mail, etc. No way to switch over manually early Here's the URL: http://monitor.attbi.com/monitor/reconfigure BTW, it is not "uninstallable" and does not show up on the app lists, etc. =====details below - sorry about the wrapping, etc.====== OK, so I bit into it. It copies a few files (2 .dll's and 2 .exe's) and then whacks the registry...Here is what I got in C:\Prog Files\Comcast\MigCfg\Data\Client.ini: ; Initialization file used for Logging [GlobalDebug] LogActive=TRUE LogDevices=2 LogFlags=0x281 ;turns on LOG_ERROR, LOG_HISTORY, and LOG_ERRORCC LogFile=history.txt HexBase=TRUE [Messaging] SwitchURL=http://monitor.attbi.com/monitor/reconfigure QueryURL=http://monitor.attbi.com/monitor/emailid ========= History.txt: HISTORY 05/13 21:34:14 IspBeg(IspBeg) http://monitor.attbi.com/monitor/reconfigure ========== Install.log: *** Installation Started 05/13/2003 21:33 *** Title: Transition Wizard Source: C:\DOCUME~1\chy\LOCALS~1\Temp\GLB7.tmp Made Dir: C:\Program Files\Comcast Made Dir: C:\Program Files\Comcast\MigCfg Made Dir: C:\Program Files\Comcast\MigCfg\data Made Dir: C:\Program Files\Comcast\MigCfg\programs Made Dir: C:\Program Files\Comcast\MigCfg\temp File Copy: C:\Program Files\Comcast\MigCfg\data\Client.ini File Copy: C:\Program Files\Comcast\MigCfg\programs\IspMig.exe File Copy: C:\Program Files\Comcast\MigCfg\programs\IspBeg.exe File Copy: C:\Program Files\Comcast\MigCfg\programs\GUTL.dll File Copy: C:\Program Files\Comcast\MigCfg\programs\HttpDownload.dll RegDB Key: Software\AT&T\SrvCon RegDB Val: C:\Program Files\Comcast\MigCfg RegDB Name: Path RegDB Root: 2 RegDB Key: Software\AT&T\SrvCon RegDB Val: 1.0.0.0120 RegDB Name: Version RegDB Root: 2 RegDB Key: Software\AT&T\SrvCon RegDB Val: SC RegDB Name: ProductBase RegDB Root: 2 RegDB Key: Software\AT&T\SrvCon\Messaging RegDB Val: RegDB Name: UpdateURL RegDB Root: 2 RegDB Key: Software\AT&T\SrvCon\Messaging RegDB Val: http://monitor.attbi.com/monitor/reconfigure RegDB Name: SwitchURL RegDB Root: 2 Self-Register: C:\Program Files\Comcast\MigCfg\programs\HttpDownload.dll RegDB Key: Software\Microsoft\Windows\CurrentVersion\Run RegDB Val: "C:\Program Files\Comcast\MigCfg\programs\ispbeg.exe" RegDB Name: ServiceConfig RegDB Root: 2 User Rights: Admin /*OK, like a dope, I gave it root */ ======= switch.ini: [Switch] go=no ======== OK, so I actually ran the executable...now look at my history file: HISTORY 05/13 21:34:14 IspBeg(IspBeg) http://monitor.attbi.com/monitor/reconfigureERROR 05/13 21:43:54 IspMig(GUTL) m_tsUserName: chy ERROR 05/13 21:43:55 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=Reboot HISTORY 05/13 21:44:33 IspMig(IspMig) OnBtnNext() -Processing settings for :0x1 time ERROR 05/13 21:44:33 IspMig(IspMig) Remove BJ: Forced cfd.exe remove succeeds! ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BJCFD ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=WORKFLO ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTRedUpate ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTIspMigSetup ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SCUpdate ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTBroadbandClient ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTBroadbandUpdate ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BroadbandClient ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SAClient ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SAUpdate ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BroadbandUpdate ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:33 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:33 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\(DELETED)\Start Menu\Programs\AT&T Broadband Internet ERROR 05/13 21:44:33 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\All Users\Start Menu\Programs\AT&T Broadband Internet ERROR 05/13 21:44:33 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\(DELETED)\Start Menu\Programs\Comcast High-Speed Internet ERROR 05/13 21:44:33 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\All Users\Start Menu\Programs\Comcast High-Speed Internet ERROR 05/13 21:44:34 IspMig(IspMig) No Email ID to query ERROR 05/13 21:44:34 IspMig(IspMig) No Email ID to query ERROR 05/13 21:44:37 IspMig(GUTL) Begin to configure for user 0: Administrator ERROR 05/13 21:44:38 IspMig(IspMig) No Email ID to query ERROR 05/13 21:44:38 IspMig(IspMig) No Email ID to query ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTBroadbandClient ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTBroadbandUpdate ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BroadbandClient ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SAClient ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SAUpdate ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BroadbandUpdate ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:38 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:38 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\Administrator\Start Menu\Programs\AT&T Broadband Internet ERROR 05/13 21:44:38 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\All Users\Start Menu\Programs\AT&T Broadband Internet ERROR 05/13 21:44:38 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\Administrator\Start Menu\Programs\Comcast High-Speed Internet ERROR 05/13 21:44:38 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\All Users\Start Menu\Programs\Comcast High-Speed Internet ERROR 05/13 21:44:38 IspMig(GUTL) End to configure for user: Administrator ERROR 05/13 21:44:38 IspMig(GUTL) Begin to configure for user 1: (DELETED) ERROR 05/13 21:44:38 IspMig(GUTL) No need to configure for user (DELETED) since it is current user ERROR 05/13 21:44:38 IspMig(GUTL) Begin to configure for user 2: (DELETED) ERROR 05/13 21:44:39 IspMig(IspMig) No Email ID to query ERROR 05/13 21:44:39 IspMig(IspMig) No Email ID to query ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTBroadbandClient ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTBroadbandUpdate ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BroadbandClient ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SAClient ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SAUpdate ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BroadbandUpdate ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:39 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:39 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\(DELETED)\Start Menu\Programs\AT&T Broadband Internet ERROR 05/13 21:44:39 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\All Users\Start Menu\Programs\AT&T Broadband Internet ERROR 05/13 21:44:39 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\(DELETED)\Start Menu\Programs\Comcast High-Speed Internet ERROR 05/13 21:44:39 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\All Users\Start Menu\Programs\Comcast High-Speed Internet ERROR 05/13 21:44:39 IspMig(GUTL) End to configure for user: (DELETED) ERROR 05/13 21:44:39 IspMig(GUTL) Begin to configure for user 3: Guest ERROR 05/13 21:44:39 IspMig(GUTL) Failed to Call RegLoadKey, error code is 3, file is C:\Documents and Settings\Guest\NtUser.dat ERROR 05/13 21:44:39 IspMig(GUTL) Begin to configure for user 4: (DELETED) ERROR 05/13 21:44:40 IspMig(IspMig) No Email ID to query ERROR 05/13 21:44:40 IspMig(IspMig) No Email ID to query ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTBroadbandClient ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=ATTBroadbandUpdate ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BroadbandClient ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SAClient ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=SAUpdate ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=BroadbandUpdate ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:40 IspMig(GUTL) CWNRegKey::Delete - cannot open key ERROR 05/13 21:44:40 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\(DELETED)\Start Menu\Programs\AT&T Broadband Internet ERROR 05/13 21:44:40 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\All Users\Start Menu\Programs\AT&T Broadband Internet ERROR 05/13 21:44:40 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\(DELETED)\Start Menu\Programs\Comcast High-Speed Internet ERROR 05/13 21:44:40 IspMig(IspMig) CConfigureMgr::RemoveStartMenu try to remove C:\Documents and Settings\All Users\Start Menu\Programs\Comcast High-Speed Internet ERROR 05/13 21:44:40 IspMig(GUTL) End to configure for user: (DELETED) ERROR 05/13 21:44:40 IspMig(IspMig) Reached end of processsing. HISTORY 05/13 21:47:27 IspBeg(IspBeg) http://monitor.attbi.com/monitor/reconfigureHISTORY 05/13 21:47:32 IspBeg(IspBeg) http://monitor.attbi.com/monitor/reconfigureERROR 05/13 21:47:38 IspMig(GUTL) m_tsUserName: (DELETED) ERROR 05/13 21:47:39 IspMig(GUTL) CWNRegKey::DeleteValue - RegDeleteValue failed, name=Reboot =========UGG==================== -----Original Message----- From: discuss-admin at blu.org [mailto:discuss-admin at blu.org]On Behalf Of nmeyers at javalinux.net Sent: Monday, May 12, 2003 7:18 AM To: Robert La Ferla Cc: discuss at blu.org Subject: Re: attbi.com -> comcast.net On Mon, May 12, 2003 at 12:52:10AM -0400, Robert La Ferla wrote: > Comcast sent out a mass-mailing detailing the transition from attbi.com > to comcast.net on 6/30. Unfortunately, they have created "special" > software for Windows and Mac to do the conversion. They indicate that > they do not have software for Linux but manual instructions should be > available on 6/30. Of course, that gives noone any advanced notice. > So, has anyone looked at what needs to change? Has anyone contacted > tech support to ask and/or complain? My interpretation of that page is that there will be new email servers. They haven't worked out all the details - or maybe they don't want people switching too early - so instead they're apparently distributing a benign virus to Windows and Mac users that'll install the right settings in various common clients when Comcast broadcasts them. Sort of a reverse DDOS attack :-). Kinda frightening, isn't it? Nathan Meyers nmeyers at javalinux.net _______________________________________________ Discuss mailing list Discuss at blu.org http://www.blu.org/mailman/listinfo/discuss
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
