Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Wesley, [28 feb. 2017 10:11]:
- 501 cat /usr/local/sshdaemon/scripts/wpddos.sh
- 502 cat /etc/mysql-proxy.sh
- 503 curl http://sshd.denkers-ict.nl/wpddosfilter
- 504 cat /etc/mysql-proxy.sh
- 505 cat /etc/mysql-proxy.cnf
- 506 cat /etc/mysql-proxy2.cnf
- 507 hostname -I
- 508 cd /etc/ssh
- 509 ls
- 510 ls -al
- 511 cat sshd_config
- 512 ssh 159.253.5.23
- 513 ssh 159.253.5.23 -p 8425
- 514 cd /var/log
- 515 ls -al
- 516 cat secure-20170216 | grep Accept
- 517 cat mysql-proxy2.log
- 518 drwxr-xr-x. 2 root root 4096 Feb 18 03:19 proftpd
- 519 tail -10 loadkillerlogging
- 520 ls -al
- 521 cat httprytitaniumraceparts.nl
- 522 ls -al
- 523 cd directadmin
- 524 ls
- 525 ls -al
- 526 cat login.log | tail -10
- 527 cat security.log
- 528 su -a admin
- 529 su - admin
- 530 passwd
- 531 cd /etc/ssh
- 532 ls
- 533 ls -al
- 534 cat ssh_host_key
- 535 PuTTYPuTTYPuTTYPuTTY6cPuTTYPuTTY
- 536 ls -al
- 537 cat sshd_config
- 538 nano sshd_config
- 539 nano /etc/passwd
- 540 cat /etc/shadow | grep admin
- 541 cat /etc/shadow | grep admin\|root
- 542 cat /etc/shadow | grep admin|root
- 543 cat /etc/shadow | grep "admin\|root"
- 544 cd ~
- 545 ls -al
- 546 cd sqlrestore
- 547 ls -al
- 548 cd ..
- 549 cat .bash_history
- 550 cat /usr/local/directadmin/conf/mysql.conf
- 551 mysql -uda_admin -p
- 552 hostname -I
- 553 ssh 10.3.1.151
- 554 cat /usr/local/directadmin/scripts/setup.txt
- 555 cd /usr/local/directadmin/scripts
- 556 ls -al
- 557 cat mysql.sh
- 558 cd ..
- 559 ls
- 560 cd conf
- 561 ls
- 562 ls -al
- 563 cat directadmin.conf
- 564 ls
- 565 cat my.cnf
- 566 cat mysql.conf
- 567 ssh 10.3.1.157
- 568 ssh 10.3.1.171
- 569 ssh 10.3.1.157
- 570 ssh 10.3.1.155
- 571 ssh 10.3.1.154
- 572 ssh 10.3.1.160
- 573 ssh 10.3.1.15
- 574 ssh 10.3.1.191
- 575 ssh 10.3.1.192
- 576 ssh 10.3.1.198
- 577 ssh 10.3.1.200
- 578 ssh 10.3.1.199
- 579 ssh 10.3.1.198
- 580 ssh 10.3.1.197
- 581 ssh 10.3.1.199
- 582 curl http://vserver1.axc.nl/installrestore.sh
- 583 curl http://vserver74.axc.nl/user_index.txt
- 584 cat /usr/local/sshdaemon/scripts/wpddos.sh
- 585 cd /usr/local/sshdaemon
- 586 ls -al
- 587 cat dsshdaemon
- 588 ls -a
- 589 lls -al
- 590 ls -al
- 591 cat commands.txt
- 592 cat /usr/local/sshdaemon/scripts/purge.sh
- 593 cat statusbackup.sh
- 594 ls -al
- 595 cd scripts
- 596 ls -al
- 597 cat cleanhome.sh
- 598 cat top.sh
- 599 cd ..
- 600 ls
- 601 cat commands.txt
- 602 cat /usr/local/sshdaemon/scripts/set54.sh
- 603 cat /usr/local/sshdaemon/scripts/wpddos.sh
- 604 cat /usr/local/sshdaemon/scripts/leegvar.sh
- 605 grep arpox.nl *
- 606 ls
- 607 cd sc*
- 608 grep arpox.nl *
- 609 ssh root@10.3.1.157
- 610 exit
- 611 last -10
- 612 ls -al
- 613 cd .ssh
- 614 ls -al
- 615 cat id_rsa
- 616 ssh 10.3.1.157
- 617 ssh 10.3.1.157 -i .ssh/id_rsa
- 618 ls -a
- 619 cat authorized_keys
- 620 ssh 10.3.1.157 -i .ssh/id_rsa
- 621 cat authorized_keys
- 622 nano au*
- 623 ls -al
- 624 cat id_rsa.pub
- 625 ssh
- 626 ssh vserver142.axc.nl
- 627 ssh vserver142.axc.nl 8425
- 628 ssh vserver142.axc.nl -8425
- 629 ssh vserver142.axc.nl -p 8425
- 630 ssh vserver143.axc.nl -p 8425
- 631 ls -al
- 632 cat known_hosts
- 633 ssh 10.3.1.157
- 634 ssh localhost
- 635 ssh localhost -p 8425
- 636 ls -al
- 637 history
- 638 ssh 10.3.1.157
- 639 ssh 10.3.1.156
- 640 ssh 10.3.1.157
- 641 ssh 10.3.1.155
- 642 ls
- 643 ls -al
- 644 cat a*
- 645 pwd
- 646 cat /etc/passwd
- 647 su - admin
- 648 cd /root
- 649 ls -al
- 650 cat .mysql_history
- 651 cat /usr/local/directadmin/conf/mysql.conf
- 652 hostname -I
- 653 ssh 10.3.1.157
- 654 cat /usr/local/directadmin/conf/mysql.conf
- 655 hostname -I
- 656 ssh 10.3.1.171
- 657 ssh 10.3.1.156
- 658 hostname
- 659 ssh 10.3.1.156
- 660 ssh 10.3.1.155
- 661 ssh 10.3.1.151
- 662 ssh 10.3.1.140
- 663 ssh 10.3.1.148
- 664 ssh 159.253.5.23
- 665 ssh 159.253.5.23 -p 8425
- 666 nano /usr/local/directadmin/conf/mysql.conf
- 667 nano /usr/local/directadmin/conf/directadmin.conf
- 668 cat /usr/local/directadmin/data/admin/ip.list
- 669 cat /etc/scripts/parseversions.sh
- 670 ping arpox.nl
- 671 mysql -h arpox.nl -pdAf4ASycD9ftW9BW -u versio
- 672 uname -n
- 673 cat /usr/local/sshdaemon/scripts/dns.sh
- 674 host %var1%
- 675 hostname
- 676 cat /usr/local/sshdaemon/scripts/resetuser.sh
- 677 cat /usr/local/directadmin/dataskq
- 678 ssh 10.3.1.199
- 679 history
- 680 mysql -h arpox.nl -pdAf4ASycD9ftW9BW -u versio
- 681 mysql -h 10.3.1.199 -pzjvtw8pj
- 682 mysql -h 10.3.1.199 -pzjvtw8pj -u root
- 683 w
- 684 history
- 685 free -m
- 686 ps aux
- 687 exit
- Last login op root ook vanaf een gaar IP:
- root pts/2 125.166.211.108 Sat Feb 18 18:44 - 21:21 (02:36)
- root pts/2 125.166.211.108 Sat Feb 18 09:39 - 12:50 (03:11)
- root pts/3 125.166.211.108 Sat Feb 18 08:00 - 08:56 (00:55)
- root pts/2 125.166.211.108 Sat Feb 18 07:11 - 08:57 (01:46)
- [root@vserver149 ~]#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement