[plug] hacked server - language interpretation
Ben Jensz
plug at jensz.id.au
Fri Dec 2 08:39:45 WST 2005
Its probably a pre-made script, so it was probably just a random script
kiddie who exploited a well known vulnerable service. Wiping the box
and starting from scratch is the only way you'll be sure you've gotten
rid of them. Otherwise you won't know for sure whats hiding on the box.
/ Ben
Jon Miller wrote:
>Can someone interpret the following:
>
>echo "**************** PRIVATE SCANNER ! *****************"
>echo "*** HACK ATTACKS, ILLEGAL ACTIVITY, SCANS, SPAM. ***"
>echo "************ Special pt. Hunter & FLO **************"
>echo "----------------------------------------------------"
>echo "# incep scanarea frate.."
>./pscan2 $1 22
>
>sleep 10
>cat $1.pscan.22 |sort |uniq > mfu.txt
>oopsnr2=`grep -c . mfu.txt`
>echo "# Am gasit $oopsnr2 de servere"
>echo "----------------------------------------"
>echo "# Succes frate !"
>./ssh-scan 100
>rm -rf $1.pscan.22 mfu.txt
>echo "Asta a fost tot :)"
>
>One of our clients servers wa either hacked from the outside or the inside and this is a line I found inside one of the scripts?
>
>
>_______________________________________________
>PLUG discussion list: plug at plug.org.au
>http://www.plug.org.au/mailman/listinfo/plug
>Committee e-mail: committee at plug.linux.org.au
>
>
More information about the plug
mailing list