Zdraveyte i ot mene... Iskam da probvash neshto... sled kato se telnetish na mashinkata na tozi port napishi prosto: whoami; --> ; sa vajni sled command-a ... namerisva mi na 1 mnogo star backdoor (bindshell) dori i ne e password protected koeto e oshte po kofti... ako se okaja prav i command "whoami;" i vsiakakvi drugi ti vrushtat result (a sum 99.9%) siguren 4e e taka... sledvashtia put kato teglish razni packets sravniavai i md5-to :), spasenieto e kill -9 smbd ... nai veroiatno ako men pitash sa te capnali i sa ti iztrili smbd file-a na negovo miasto sa slojili backdoor-a. ako "whoami;" ti vurne 4e e root (zna4e backdoor-a e pusnat kato root) togava te suvetvam reinstall na mashinkata.... ako e primerno user nobody ... si pregledai apache/SSL/ cgi-ki razni ... cros scriptings ... Uspeh.
-- Regards, Kamen Sharlandjiev System Administrator NetBG Communication ICQ: 50729493 GSM: +359 2 9624352 On Tuesday 09 September 2003 20:58, [EMAIL PROTECTED] wrote: > Stava neshto mnogo stranno. Pusnal sam samba > Version 2.2.8 i zabeliazvam che otvaria udp port 45295 > sled izvestno vreme. Telnetvam se kam nego i pisha > neshto si i mi dava: > > /bin/sh: command not found !!! > > Niakoi shte mi dade li informacia kakvo stava. Da > niama niakakav exploit za koito ne znam ! Vse pak tova > e poslednia release ... > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > =========================================================================== >= A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). > http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara > Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html > =========================================================================== >= ============================================================================ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html ============================================================================