API tools faq
paste
Advertisement
CaffeineSecurity

New unknown malware "nt" - strings

CaffeineSecurity
Jul 18th, 2012
128
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 8.55 KB | None | 0 0
raw download clone embed print report
  1. ELF
  2. /lib/ld-linux.so.2
  3. GNU
  4. __gmon_start__
  5. libpthread.so.0
  6. recv
  7. connect
  8. pthread_create
  9. send
  10. pthread_mutex_unlock
  11. pthread_mutex_lock
  12. pthread_mutex_init
  13. fcntl
  14. pthread_join
  15. close
  16. libc.so.6
  17. __strtol_internal
  18. fscanf
  19. memcpy
  20. perror
  21. feof
  22. malloc
  23. optarg
  24. socket
  25. select
  26. fflush
  27. fprintf
  28. inet_addr
  29. __deregister_frame_info
  30. strstr
  31. signal
  32. strncpy
  33. getopt
  34. memset
  35. inet_ntoa
  36. sprintf
  37. fclose
  38. getpeername
  39. stderr
  40. exit
  41. fopen
  42. _IO_stdin_used
  43. __libc_start_main
  44. strchr
  45. __register_frame_info
  46. free
  47. GLIBC_2.1
  48. GLIBC_2.0
  49. PTRh\
  50. QVh
  51. WVS
  52. t=Vj
  53. IQS
  54. IQS
  55. IQS
  56. tTVj
  57. [^_
  58. WVS
  59. PVh
  60. Ph"
  61. uVh|
  62. Rh@
  63. h|
  64. Rh@
  65. Rh~
  66. 220
  67. tNh
  68. [^_
  69. WVS1
  70. u j
  71. XdP
  72. XdP
  73. [^_
  74. Shd
  75. WVS1
  76. uXh
  77. ^dSh
  78. [^_
  79. WVS1
  80. uuh
  81. [^_
  82. t6h
  83. t$h
  84. t$h"
  85. WVS
  86. Ph@
  87. Ph@
  88. [^_
  89. WVSj
  90. } h`
  91. PVS
  92. [^_
  93. USER %s
  94. RMD sarcaxxo
  95. QUIT
  96. PASS %s
  97. Connecting to: %s
  98. Testing USER: %s PASS: %s IP: %s
  99. check_user() return: %d
  100. the ftp do a strange reply... IP:%s USER:%s PASS:%s REPLY:%s
  101. IP: %s
  102. USER: %s
  103. PASS: %s
  104.  Telnet
  105.  SSH
  106.  Telnet SSH
  107. 220
  108.  FTP & NT scanner by Lomax (credits Inode <inode@wayreth.eu.org>)
  109. t:c:h:u:p:o:vdbskC
  110.  Max num of thread...
  111. /dev/stdout
  112. Can't open output file
  113. Please specify user and password files
  114. Start IP: %s
  115. End   IP: %s
  116. Error in creating thread
  117. Error in joining thread
  118. Scan end...
  119. Bau
  120. Can't open input file!
  121. %s
  122. "null"
  123. 220
  124. 230
  125. 530
  126. 520
  127. 500
  128. 501
  129. 331
  130. 503
  131. 221
  132. 400
  133. 550
  134. 421
  135. Connecting to: %s on port: %d
  136. Can't create  socket try to decrase the number of threads...
  137. socket
  138. init.c
  139. /usr/src/bs/BUILD/glibc-2.1/csu/
  140. gcc2_compiled.
  141. int:t(0,1)=r(0,1);0020000000000;0017777777777;
  142. char:t(0,2)=r(0,2);0;127;
  143. long int:t(0,3)=r(0,1);0020000000000;0017777777777;
  144. unsigned int:t(0,4)=r(0,1);0000000000000;0037777777777;
  145. long unsigned int:t(0,5)=r(0,1);0000000000000;0037777777777;
  146. long long int:t(0,6)=r(0,1);01000000000000000000000;0777777777777777777777;
  147. long long unsigned int:t(0,7)=r(0,1);0000000000000;01777777777777777777777;
  148. short int:t(0,8)=r(0,8);-32768;32767;
  149. short unsigned int:t(0,9)=r(0,9);0;65535;
  150. signed char:t(0,10)=r(0,10);-128;127;
  151. unsigned char:t(0,11)=r(0,11);0;255;
  152. float:t(0,12)=r(0,1);4;0;
  153. double:t(0,13)=r(0,1);8;0;
  154. long double:t(0,14)=r(0,1);12;0;
  155. complex int:t(0,15)=s8real:(0,1),0,32;imag:(0,1),32,32;;
  156. complex float:t(0,16)=r(0,16);4;0;
  157. complex double:t(0,17)=r(0,17);8;0;
  158. complex long double:t(0,18)=r(0,18);12;0;
  159. void:t(0,19)=(0,19)
  160. ../include/libc-symbols.h
  161. /usr/src/bs/BUILD/glibc-2.1/build-i386-linux/config.h
  162. ../include/libintl.h
  163. ../intl/libintl.h
  164. ../include/features.h
  165. ../include/sys/cdefs.h
  166. ../misc/sys/cdefs.h
  167. /usr/lib/gcc-lib/i386-redhat-linux/egcs-2.91.66/include/stddef.h
  168. ../include/locale.h
  169. ../locale/locale.h
  170. lconv:T(10,1)=s48decimal_point:(10,2)=*(0,2),0,32;thousands_sep:(10,2),32,32;\
  171. grouping:(10,2),64,32;int_curr_symbol:(10,2),96,32;\
  172. currency_symbol:(10,2),128,32;mon_decimal_point:(10,2),160,32;\
  173. mon_thousands_sep:(10,2),192,32;mon_grouping:(10,2),224,32;\
  174. positive_sign:(10,2),256,32;negative_sign:(10,2),288,32;\
  175. int_frac_digits:(0,2),320,8;frac_digits:(0,2),328,8;\
  176. p_cs_precedes:(0,2),336,8;p_sep_by_space:(0,2),344,8;\
  177. n_cs_precedes:(0,2),352,8;n_sep_by_space:(0,2),360,8;\
  178. p_sign_posn:(0,2),368,8;n_sign_posn:(0,2),376,8;;
  179. ../include/xlocale.h
  180. ../locale/xlocale.h
  181. __locale_struct:T(13,1)=s36__locales:(13,2)=ar(0,1);0;5;(13,3)=*(13,4)=xslocale_data:,0,192;\
  182. __ctype_b:(13,5)=*(0,9),192,32;__ctype_tolower:(13,6)=*(0,1),224,32;\
  183. __ctype_toupper:(13,6),256,32;;
  184. __locale_t:t(13,7)=(13,8)=*(13,1)
  185. ../sysdeps/unix/sysv/linux/_G_config.h
  186. ../sysdeps/unix/sysv/linux/bits/types.h
  187. size_t:t(16,1)=(0,4)
  188. __u_char:t(15,1)=(0,11)
  189. __u_short:t(15,2)=(0,9)
  190. __u_int:t(15,3)=(0,4)
  191. __u_long:t(15,4)=(0,5)
  192. __u_quad_t:t(15,5)=(0,7)
  193. __quad_t:t(15,6)=(0,6)
  194. __int8_t:t(15,7)=(0,10)
  195. __uint8_t:t(15,8)=(0,11)
  196. __int16_t:t(15,9)=(0,8)
  197. __uint16_t:t(15,10)=(0,9)
  198. __int32_t:t(15,11)=(0,1)
  199. __uint32_t:t(15,12)=(0,4)
  200. __int64_t:t(15,13)=(0,6)
  201. __uint64_t:t(15,14)=(0,7)
  202. __qaddr_t:t(15,15)=(15,16)=*(15,6)
  203. __dev_t:t(15,17)=(15,5)
  204. __uid_t:t(15,18)=(15,3)
  205. __gid_t:t(15,19)=(15,3)
  206. __ino_t:t(15,20)=(15,4)
  207. __mode_t:t(15,21)=(15,3)
  208. __nlink_t:t(15,22)=(15,3)
  209. __off_t:t(15,23)=(0,3)
  210. __loff_t:t(15,24)=(15,6)
  211. __pid_t:t(15,25)=(0,1)
  212. __ssize_t:t(15,26)=(0,1)
  213. __rlim_t:t(15,27)=(0,3)
  214. __rlim64_t:t(15,28)=(15,6)
  215. __id_t:t(15,29)=(15,3)
  216. __fsid_t:t(15,30)=(15,31)=s8__val:(15,32)=ar(0,1);0;1;(0,1),0,64;;
  217. __daddr_t:t(15,33)=(0,1)
  218. __caddr_t:t(15,34)=(10,2)
  219. __time_t:t(15,35)=(0,3)
  220. __swblk_t:t(15,36)=(0,3)
  221. __clock_t:t(15,37)=(0,3)
  222. __fd_mask:t(15,38)=(0,5)
  223. __fd_set:t(15,39)=(15,40)=s128fds_bits:(15,41)=ar(0,1);0;31;(15,38),0,1024;;
  224. __key_t:t(15,42)=(0,1)
  225. __ipc_pid_t:t(15,43)=(0,9)
  226. __blkcnt_t:t(15,44)=(0,3)
  227. __blkcnt64_t:t(15,45)=(15,6)
  228. __fsblkcnt_t:t(15,46)=(15,4)
  229. __fsblkcnt64_t:t(15,47)=(15,5)
  230. __fsfilcnt_t:t(15,48)=(15,4)
  231. __fsfilcnt64_t:t(15,49)=(15,5)
  232. __ino64_t:t(15,50)=(15,4)
  233. __off64_t:t(15,51)=(15,24)
  234. __t_scalar_t:t(15,52)=(0,1)
  235. __t_uscalar_t:t(15,53)=(0,4)
  236. __intptr_t:t(15,54)=(0,1)
  237. ../linuxthreads/sysdeps/pthread/bits/pthreadtypes.h
  238. ../sysdeps/unix/sysv/linux/bits/sched.h
  239. __sched_param:T(18,1)=s4sched_priority:(0,1),0,32;;
  240. _pthread_fastlock:T(17,1)=s8__status:(0,3),0,32;__spinlock:(0,1),32,32;;
  241. _pthread_descr:t(17,2)=(17,3)=*(17,4)=xs_pthread_descr_struct:
  242. pthread_attr_t:t(17,5)=(17,6)=s36__detachstate:(0,1),0,32;\
  243. __schedpolicy:(0,1),32,32;__schedparam:(18,1),64,32;\
  244. __inheritsched:(0,1),96,32;__scope:(0,1),128,32;\
  245. __guardsize:(16,1),160,32;__stackaddr_set:(0,1),192,32;\
  246. __stackaddr:(17,7)=*(0,19),224,32;__stacksize:(16,1),256,32;;
  247. pthread_cond_t:t(17,8)=(17,9)=s12__c_lock:(17,1),0,64;\
  248. __c_waiting:(17,2),64,32;;
  249. pthread_condattr_t:t(17,10)=(17,11)=s4__dummy:(0,1),0,32;;
  250. pthread_key_t:t(17,12)=(0,4)
  251. pthread_mutex_t:t(17,13)=(17,14)=s24__m_reserved:(0,1),0,32;\
  252. __m_count:(0,1),32,32;__m_owner:(17,2),64,32;\
  253. __m_kind:(0,1),96,32;__m_lock:(17,1),128,64;;
  254. pthread_mutexattr_t:t(17,15)=(17,16)=s4__mutexkind:(0,1),0,32;;
  255. pthread_once_t:t(17,17)=(0,1)
  256. pthread_rwlock_t:t(17,18)=(17,19)=s32__rw_lock:(17,1),0,64;\
  257. __rw_readers:(0,1),64,32;__rw_writer:(17,2),96,32;\
  258. __rw_read_waiting:(17,2),128,32;__rw_write_waiting:(17,2),160,32;\
  259. __rw_kind:(0,1),192,32;__rw_pshared:(0,1),224,32;;
  260. pthread_rwlockattr_t:t(17,20)=(17,21)=s8__lockkind:(0,1),0,32;\
  261. __pshared:(0,1),32,32;;
  262. pthread_t:t(17,22)=(0,5)
  263. wchar_t:t(19,1)=(0,3)
  264. wint_t:t(19,2)=(0,4)
  265. _G_int16_t:t(14,1)=(0,8)
  266. _G_int32_t:t(14,2)=(0,1)
  267. _G_uint16_t:t(14,3)=(0,9)
  268. _G_uint32_t:t(14,4)=(0,4)
  269. _IO_stdin_used:G(0,1)
  270. GCC: (GNU) egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
  271. GCC: (GNU) egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
  272. GCC: (GNU) egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
  273. GCC: (GNU) egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
  274. GCC: (GNU) egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
  275. GCC: (GNU) egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
  276. 01.01
  277. 01.01
  278. 01.01
  279. 01.01
  280. 01.01
  281. 01.01
  282. .symtab
  283. .strtab
  284. .shstrtab
  285. .interp
  286. .note.ABI-tag
  287. .hash
  288. .dynsym
  289. .dynstr
  290. .gnu.version
  291. .gnu.version_r
  292. .rel.got
  293. .rel.bss
  294. .rel.plt
  295. .init
  296. .plt
  297. .text
  298. .fini
  299. .rodata
  300. .data
  301. .eh_frame
  302. .ctors
  303. .dtors
  304. .got
  305. .dynamic
  306. .bss
  307. .stab
  308. .stabstr
  309. .comment
  310. .note
  311. initfini.c
  312. gcc2_compiled.
  313. init.c
  314. crtstuff.c
  315. p.2
  316. __DTOR_LIST__
  317. completed.3
  318. __do_global_dtors_aux
  319. __EH_FRAME_BEGIN__
  320. fini_dummy
  321. object.8
  322. frame_dummy
  323. init_dummy
  324. force_to_data
  325. __CTOR_LIST__
  326. __do_global_ctors_aux
  327. __CTOR_END__
  328. __DTOR_END__
  329. __FRAME_END__
  330. nt.c
  331. check_port
  332. strchr@@GLIBC_2.0
  333. feof@@GLIBC_2.0
  334. check_user
  335. _DYNAMIC
  336. _etext
  337. __register_frame_info@@GLIBC_2.0
  338. check_rdp
  339. strange
  340. current_ip
  341. usage
  342. close@@GLIBC_2.0
  343. _fp_hw
  344. first_pass
  345. perror@@GLIBC_2.0
  346. fprintf@@GLIBC_2.0
  347. verbose
  348. signal@@GLIBC_2.0
  349. fflush@@GLIBC_2.0
  350. pthread_create@@GLIBC_2.1
  351. check_telssh
  352. end_ip
  353. select@@GLIBC_2.0
  354. load_password
  355. scan
  356. rm_dir
  357. inet_ntoa@@GLIBC_2.0
  358. _init
  359. malloc@@GLIBC_2.0
  360. pthread_mutex_init@@GLIBC_2.0
  361. fscanf@@GLIBC_2.0
  362. connect_ip
  363. __deregister_frame_info@@GLIBC_2.0
  364. input_queue
  365. stderr@@GLIBC_2.0
  366. getpeername@@GLIBC_2.0
  367. ssh_telnet
  368. _start
  369. getopt@@GLIBC_2.0
  370. pthread_mutex_lock@@GLIBC_2.0
  371. output_file
  372. strstr@@GLIBC_2.0
  373. banner
  374. __strtol_internal@@GLIBC_2.0
  375. first_user
  376. inet_addr@@GLIBC_2.0
  377. __bss_start
  378. main
  379. drop
  380. __libc_start_main@@GLIBC_2.0
  381. timeout
  382. data_start
  383. _fini
  384. fcntl@@GLIBC_2.0
  385. memcpy@@GLIBC_2.0
  386. fclose@@GLIBC_2.1
  387. user_list
  388. pthread_join@@GLIBC_2.0
  389. OUTFILE
  390. exit@@GLIBC_2.0
  391. load_users
  392. _edata
  393. _GLOBAL_OFFSET_TABLE_
  394. free@@GLIBC_2.0
  395. _end
  396. send@@GLIBC_2.0
  397. check_ftp_reply
  398. memset@@GLIBC_2.0
  399. connect@@GLIBC_2.0
  400. strncpy@@GLIBC_2.0
  401. fopen@@GLIBC_2.1
  402. optarg@@GLIBC_2.0
  403. _IO_stdin_used
  404. pthread_mutex_unlock@@GLIBC_2.0
  405. recv@@GLIBC_2.0
  406. sprintf@@GLIBC_2.0
  407. __data_start
  408. socket@@GLIBC_2.0
  409. __gmon_start__
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!