Date: Mon, 19 Apr 2004 07:34:31 -0500 From: "James T. Harrison" <james@aricsi.com> To: <freebsd-questions@FreeBSD.org> Subject: comments Message-ID: <000801c4260a$ab688a20$87312330@icsi.local>
next in thread | raw e-mail | index | archive | help
My server had some apps running that should not have been there. You = have a hacker using your site to gather info on servers. =20 What are your plans to stop? What is your phone number and contact = name? Here is part of the script. Notice USA as the country. This is one of = many batch files that were found on my server. @echo off echo = *-------------------------------------------------------------------*>inf= o.txt echo *--Computer Specs.... = --*>>info.txt echo = *-------------------------------------------------------------------*>>in= fo.txt psinfo.exe -d >>info.txt echo = *-------------------------------------------------------------------*>>in= fo.txt echo *--List of Current Processes Running.... = --*>>info.txt echo = *-------------------------------------------------------------------*>>in= fo.txt pslist.exe>>info.txt echo = *-------------------------------------------------------------------*>>in= fo.txt echo *--Result of speed test from various countries.... = --*>>info.txt echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: DENMARK >>info.txt ftpc.exe -n -A -s:ftpc.cmds ftp.dk.FreeBSD.org >Status-1of15 findstr /C:"bytes rec" Status-1of15>>info.txt del ncurses.tar.gz echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: GERMANY >>info.txt del Status-1of15 ftpc.exe -n -A -s:ftpc.cmds ftp.de.freebsd.org >Status-2of15 findstr /C:"bytes rec" Status-2of15 >>info.txt del ncurses.tar.gz echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: NETHERLANDS >>info.txt del Status-2of15 ftpc.exe -n -A -s:ftpc.cmds ftp2.nl.freebsd.org >Status-3of15 findstr /C:"bytes rec" Status-3of15 >>info.txt del ncurses.tar.gz echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: USA >>info.txt del Status-3of15 ftpc.exe -n -A -s:ftpc.cmds ftp1.FreeBSD.org >Status-4of15 findstr /C:"bytes rec" Status-4of15 >>info.txt del ncurses.tar.gz echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: USA2 >>info.txt del Status-4of15 ftpc.exe -n -A -s:ftpc2.cmds ftp.lucasarts.com >Status-5of15 findstr /C:"bytes rec" Status-5of15 >>info.txt del Indyprev.zip echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: Canada >>info.txt del Status-5of15 ftpc.exe -n -A -s:ftpca.cmds ftp.crc.ca >Status-6of15 findstr /C:"bytes rec" Status-6of15 >>info.txt del latest-defs.exe echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: SWEDEN >>info.txt del Status-6of15 ftpc.exe -n -A -s:ftpc.cmds ftp.se.FreeBSD.org >Status-7of15 findstr /C:"bytes rec" Status-7of15 >>info.txt del ncurses.tar.gz echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: UK >>info.txt del Status-7of15 ftpc.exe -n -A -s:ftpc.cmds ftp.uk.FreeBSD.org >Status-8of15 findstr /C:"bytes rec" Status-8of15 >>info.txt del ncurses.tar.gz echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: FRANCE >>info.txt del Status-8of15 ftpc.exe -n -A -s:ftpc.cmds ftp8.fr.FreeBSD.org >Status-9of15 findstr /C:"bytes rec" Status-9of15 >>info.txt del ncurses.tar.gz echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: NL 2 >>info.txt del Status-9of15 ftpc.exe -n -A -s:ftpco.cmds 194.171.240.20 >Status-10of15 findstr /C:"bytes rec" Status-10of15 >>info.txt del patch-2.4.19.gz echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: NL 3 >>info.txt del Status-10of15 ftpc.exe -n -A -s:ftpce.cmds ftp.euronet.nl >Status-11of15 findstr /C:"bytes rec" Status-11of15 >>info.txt del 5M.bin echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: NL 4 >>info.txt del Status-11of15 ftpc.exe -n -A -s:ftpcy.cmds ftp.chello.nl >Status-12of15 findstr /C:"bytes rec" Status-12of15 >>info.txt del LT.zip echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: NO >>info.txt del Status-12of15 ftpc.exe -n -A -s:ftpcx.cmds ftp.no.FreeBSD.org >Status-13of15 findstr /C:"bytes rec" Status-13of15 >>info.txt del MBM5300.EXE echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: AT >>info.txt del Status-13of15 ftpc.exe -n -A -s:ftpch.cmds ftp.chello.at >Status-14of15 findstr /C:"bytes rec" Status-14of15 >>info.txt del dx5ger.exe echo = *-------------------------------------------------------------------*>>in= fo.txt echo COUNTRY: HU >>info.txt del Status-14of15 ftpc.exe -n -A -s:ftpch.cmds ftp.chello.hu >Status-15of15 findstr /C:"bytes rec" Status-15of15 >>info.txt del dx5ger.exe del Status-15of15 echo *---------------------------------- DONE = ---------------------------*>>info.txt echo . > "+Speed Test Complete"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000801c4260a$ab688a20$87312330>