[plug] hacked server - language interpretation
W.Kenworthy
billk at iinet.net.au
Fri Dec 2 09:29:30 WST 2005
Googling on "incep scanarea frate" gets some (spanish?) results - maybe
run them through babelfish?
BillK
On Fri, 2005-12-02 at 08:39 +0800, Ben Jensz wrote:
> Its probably a pre-made script, so it was probably just a random script
> kiddie who exploited a well known vulnerable service. Wiping the box
> and starting from scratch is the only way you'll be sure you've gotten
> rid of them. Otherwise you won't know for sure whats hiding on the box.
>
>
> / Ben
>
>
> Jon Miller wrote:
>
> >Can someone interpret the following:
> >
> >echo "**************** PRIVATE SCANNER ! *****************"
> >echo "*** HACK ATTACKS, ILLEGAL ACTIVITY, SCANS, SPAM. ***"
> >echo "************ Special pt. Hunter & FLO **************"
> >echo "----------------------------------------------------"
> >echo "# incep scanarea frate.."
> >./pscan2 $1 22
> >
> >sleep 10
> >cat $1.pscan.22 |sort |uniq > mfu.txt
> >oopsnr2=`grep -c . mfu.txt`
> >echo "# Am gasit $oopsnr2 de servere"
> >echo "----------------------------------------"
> >echo "# Succes frate !"
> >./ssh-scan 100
> >rm -rf $1.pscan.22 mfu.txt
> >echo "Asta a fost tot :)"
> >
> >One of our clients servers wa either hacked from the outside or the inside and this is a line I found inside one of the scripts?
> >
> >
> >_______________________________________________
> >PLUG discussion list: plug at plug.org.au
> >http://www.plug.org.au/mailman/listinfo/plug
> >Committee e-mail: committee at plug.linux.org.au
> >
> >
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
More information about the plug
mailing list