eromang

Linux/Chapro.A Apache malicious module

Dec 19th, 2012
576
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. !O<m
  2. Y)oT
  3. =KghA\
  4. E9w0
  5. ~mmy
  6. __gmon_start__
  7. _init
  8. _fini
  9. __cxa_finalize
  10. _Jv_RegisterClasses
  11. to_hex
  12. _CHECK_RAW_COOKIE
  13. KEY_CLIENT
  14. _CHECK_LOCAL_IP
  15. _CHECK_SITE_KERNEL
  16. ap_hook_insert_filter
  17. ap_register_output_filter
  18. rtrim
  19. strlen
  20. _CHECK_REFERER_IS_HOST
  21. FILTER
  22. apr_table_get
  23. strstr
  24. xor_decrypt_string
  25. apr_palloc
  26. xor_encrypt_string
  27. xor_encrypt
  28. _GEN_FILENAME_BLACKLIST
  29. ap_md5
  30. __snprintf_chk
  31. ap_add_output_filter
  32. _CHECK_REFERER_IS_SEO
  33. SIZE_ARRAY_SE_REFERER
  34. __ctype_toupper_loc
  35. _CHECK_BOT_USERAGENT
  36. SIZE_ARRAY_BAN_USERAGENT
  37. stristr
  38. _ADD_TO_BLACKLIST
  39. fopen
  40. fclose
  41. _CHECK_SITE_ADMIN
  42. SIZE_ARRAY_BLACKLIST_URI
  43. CLIENT_IP
  44. _CHECK_PROC
  45. opendir
  46. readdir
  47. strspn
  48. memset
  49. fgets
  50. SIZE_ARRAY_BAN_PROC
  51. __stack_chk_fail
  52. _IS_SUDOER
  53. SIZE_ARRAY_SUDOERS
  54. strcmp
  55. _CHECK_UTMP
  56. inet_ntoa
  57. getpwnam
  58. __xstat
  59. _CHECK_BLACKLIST
  60. apr_file_open
  61. apr_file_close
  62. _ADD_TO_WAITLIST
  63. GEN_FILENAME_WAITLIST
  64. __fprintf_chk
  65. _SESSION_DELETE
  66. GEN_FILENAME_SESSION
  67. remove
  68. _SESSION_KEYGEN
  69. gettimeofday
  70. srand
  71. _SET_COOKIE_KEY
  72. gmtime
  73. strftime
  74. apr_table_add
  75. explode
  76. strchr
  77. strncpy
  78. base64encode
  79. ceil
  80. malloc
  81. _INJECT_SAVE
  82. GEN_FILENAME_INJECT
  83. _SESSION_SAVE
  84. ip2long
  85. strtok
  86. urlencode
  87. __ctype_b_loc
  88. from_hex
  89. __ctype_tolower_loc
  90. base64decode
  91. _INJECT_SKIP
  92. apr_bucket_type_eos
  93. apr_bucket_alloc
  94. memcpy
  95. apr_bucket_free
  96. apr_bucket_heap_create
  97. apr_bucket_eos_create
  98. _SESSION_LOAD
  99. __strtol_internal
  100. _INJECT_UPDATE
  101. FILENAME_UPDATING
  102. socket
  103. snprintf
  104. gethostbyname
  105. connect
  106. uname
  107. send
  108. recv
  109. _CHECK_WAITLIST
  110. filesize
  111. _INJECT_LOAD
  112. fread
  113. __memcpy_chk
  114. _INJECT_DO
  115. SIZE_ARRAY_TAGS_FOR_INJECT
  116. __sprintf_chk
  117. KEY_XOR
  118. C_MODULE_VERSION
  119. C_CC_HOST
  120. C_CC_URI
  121. C_CC_REQUEST_FORMAT
  122. C_MARKER_LEFT
  123. C_MARKER_RIGHT
  124. C_TMP_DIR
  125. C_LIST_PREF
  126. C_KEY_COOKIE_NAME
  127. C_ARRAY_TAGS_FOR_INJECT
  128. C_ARRAY_BAN_USERAGENT
  129. C_ARRAY_BLACKLIST_URI
  130. C_ARRAY_SE_REFERER
  131. C_ARRAY_SUDOERS
  132. C_ARRAY_BAN_PROC
  133. C_STRING_1
  134. C_STRING_2
  135. C_STRING_3
  136. C_STRING_4
  137. C_STRING_5
  138. C_STRING_6
  139. C_STRING_7
  140. C_STRING_8
  141. C_STRING_9
  142. C_STRING_10
  143. C_STRING_11
  144. C_STRING_12
  145. C_STRING_13
  146. C_STRING_14
  147. C_STRING_16
  148. C_STRING_17
  149. C_STRING_18
  150. C_STRING_19
  151. C_STRING_20
  152. C_STRING_21
  153. C_STRING_22
  154. C_STRING_23
  155. C_STRING_15
  156. C_STRING_24
  157. C_STRING_25
  158. C_STRING_26
  159. C_STRING_27
  160. C_STRING_28
  161. C_STRING_29
  162. C_STRING_30
  163. C_STRING_31
  164. C_STRING_32
  165. C_STRING_33
  166. C_STRING_34
  167. C_ARRAY_BAN_LOCAL_IP
  168. apr_brigade_create
  169. apr_brigade_cleanup
  170. ap_pass_brigade
  171. chart_proxy_module
  172. ap_set_flag_slot
  173. libm.so.6
  174. libc.so.6
  175. _edata
  176. __bss_start
  177. _end
  178. mod_chart_proxy.so
  179. GLIBC_2.2.5
  180. GLIBC_2.4
  181. GLIBC_2.3
  182. GLIBC_2.3.4
  183. %
  184. J
  185. %zI
  186. %rI
  187. %jI
  188. %bI
  189. %ZI
  190. %RI
  191. %JI
  192. %BI
  193. %:I
  194. %2I
  195. %*I
  196. %"I
  197. %zH
  198. %rH
  199. %jH
  200. %bH
  201. %ZH
  202. %RH
  203. %JH
  204. %BH
  205. %:H
  206. %2H
  207. %*H
  208. %"H
  209. %zG
  210. %rG
  211. %jG
  212. %bG
  213. %ZG
  214. %RG
  215. %JG
  216. %BG
  217. %:G
  218. %2G
  219. ATSubH
  220. %l>
  221. ='>
  222. x8Hc
  223. []A\A]
  224. []A\A]
  225. l$ H
  226. AWAVAUATUSH
  227. D9<$u
  228. []A\A]A^A_
  229. []A\A]A^A_
  230. AWAVAUATUSH
  231. []A\A]A^A_
  232. D9<$u
  233. AWAVAUATUSH
  234. D9<$u
  235. []A\A]A^A_
  236. AWAVAUATUSH
  237. []A\A]A^A_
  238. ATUSH
  239. []A\A]
  240. []A\A]
  241. H+D$XH=+
  242. []A\
  243. \$ L
  244. ->6
  245. AVAUATUSH
  246. HcD$
  247. D;|$
  248. []A\A]A^A_
  249. ATUH
  250. VUUU
  251. []A\L
  252. d$ H
  253. []A\
  254. AVE1
  255. AUATI
  256. []A\A]L
  257. l$ L
  258. d$(L
  259. l$0L
  260. t$8L
  261. |$@H
  262. )l$
  263. H
  264. D$
  265. H
  266. D$
  267. H
  268. AWAVAUL
  269. ATUSH
  270. ==-
  271. D$ H
  272. t$ H
  273. ([]A\A]A^A_
  274. T$
  275. H
  276. HcT$
  277. H
  278. []A\
  279. T$ H
  280. t$<H
  281. L$<H
  282. |$ H
  283. L$<H
  284. |$(H
  285. T$ H
  286. L$<H
  287. \$<H
  288. |$ H
  289. |$(H
  290. t$@H
  291. D$0H
  292. D$(1
  293. T$(dH3
  294. \$0H
  295. l$8L
  296. d$@L
  297. l$HL
  298. t$PH
  299. AUATUSH
  300. T$ H9
  301. D$0I
  302. T$0H
  303. T$ H
  304. T$81
  305. t$@H
  306. T$8H
  307. T$81
  308. t$@H
  309. T$8L
  310. |$8E1
  311. T$81
  312. T$8L
  313. l$8H
  314. L$0I
  315. T$0H
  316. L$0H
  317. |$8H
  318. T$8H
  319. T$8I
  320. <,H)
  321. []A\A]A^A_
  322. []A\A]A^A_
  323. AWAVAUATUSH
  324. D$81
  325. l$ H
  326. T$8dH3
  327. H[]A\A]A^A_
  328. /var/run/utmp
  329. /dev/
  330. mod_chart_proxy.c
  331. dlEngine
  332. dl module switcher
  333. ?456789:;<=
  334. !"#$%&'()*+,-./0123
  335. ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
  336. 0123456789abcdef
  337. 22PA
  338. GCC: (GNU) 4.1.2 20080704 (Red Hat 4.1.2-51)
  339. GCC: (GNU) 4.1.2 20080704 (Red Hat 4.1.2-51)
  340. GCC: (GNU) 4.1.2 20080704 (Red Hat 4.1.2-51)
  341. GCC: (GNU) 4.1.2 20080704 (Red Hat 4.1.2-51)
  342. GCC: (GNU) 4.1.2 20080704 (Red Hat 4.1.2-51)
  343. .shstrtab
  344. .gnu.hash
  345. .dynsym
  346. .dynstr
  347. .gnu.version
  348. .gnu.version_r
  349. .rela.dyn
  350. .rela.plt
  351. .init
  352. .text
  353. .fini
  354. .rodata
  355. .eh_frame_hdr
  356. .eh_frame
  357. .ctors
  358. .dtors
  359. .jcr
  360. .data.rel.ro
  361. .dynamic
  362. .got
  363. .got.plt
  364. .data
  365. .bss
  366. .comment
RAW Paste Data