扫一扫
分享文章到微信
扫一扫
关注官方公众号
至顶头条
作者:51cto 2007年10月12日
关键字:
在本页阅读全文(共5页)
[root@vctimchkrootkit-0.47]#/usr/local/bin/rkhunter-c--createlogfile Rootkit'SHV4'...[Warning!] Rootkit'SHV5'...[Warning!] Rootkit'SuckitRootkit'...[Warning!]-->还有这个高级货啊,偷偷的汗了一下。 *Filesystemchecks Checking/devforsuspiciousfiles...[Warning!(unusualfilesfound)] Unusualfiles: /dev/srd0:ASCIItext-->/dev下有ascii文件…… --------MD5 MD5cmpared:51 IncorrectMD5checksums:6 Filescan Scannedfile:342 Possibleinfectedfiles:3 Possiblerootkits:SHV4SHV5SuckitRootkit Applicationscan Vulnerableapplications:4 Scanningtook751seconds Scanresultswrittentologfile(/var/log/rkhunter.log) |
[root@victimroot]#exportPATH=/root/.../static/:$PATH |
[root@victim/]#ls-alh/tmp/mc-root/ total8.0K drwx------2rootroot4.0KNov819:36. drwxrwxrwt9rootroot4.0KNov1810:47.. |
[11:20:04]/bin/lsHashNOTvalid |
[11:20:53]***StartscanSHV4*** [11:20:53]-File/lib/lidps1.so...WARNING!Exists. [11:21:12]***StartscanSHV5*** [11:21:12]-File/etc/sh.conf...WARNING!Exists. [11:21:12]-File/dev/srd0...WARNING!Exists. [11:21:12]-Directory/usr/lib/libsh...WARNING!Exists. [11:21:15]***StartscanSuckitRootkit*** [11:21:15]-File/usr/share/locale/sk/.sk12/sk...WARNING!Exists. [11:21:15]-Directory/usr/share/locale/sk/.sk12...WARNING!Exists. |
[root@victimroot]#file/lib/lidps1.so /lib/lidps1.so:ASCIItext [root@victimroot]#cat/lib/lidps1.so ttyload shsniff shp shsb hide ttymon scanner |
濠碘€冲€归悘澶愬箖閵娾晜濮滈悽顖涚摃閹烩晠宕氶崶鈺傜暠闁诡垰鍘栫花锛勬喆椤ゅ弧濡澘妫楅悡娆撳嫉閳ь剟寮0渚€鐛撻柛婵呮缁楀矂骞庨埀顒勫嫉椤栨瑤绻嗛柟顓у灲缁辨繈鏌囬敐鍕杽閻犱降鍨藉Σ鍕嚊閹跺鈧﹦绱旈幋鐐参楅柡鍫灦閸嬫牗绂掔捄铏规闁哄嫷鍨遍崑宥夋儍閸曨剚浠樺ù锝嗗▕閳ь剚鏌ㄧ欢鐐寸▕鐎b晝顏遍柕鍡嫹
京公网安备 11010802021500号