[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] ssh 3.2.9.1 backdoor could not log the login info
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: [Full-disclosure] ssh 3.2.9.1 backdoor could not log the login info
- From: "fatb" <fatb@xxxxxxxxxxxxxxxxx>
- Date: Sat, 19 Nov 2005 00:50:42 +0800
hi list:
the aion ssh patch for ssh 3.2.9.1 from packetstorm
http://packetstormsecurity.org/UNIX/patches/apatch-ssh-3.2.9.1
modified the LEETPASS and SSH_LOG,and replace the orgin sshd2 with the trojaned
one.
But when I loggin the server without the Magic Password,I could only find some
strange stings
in the log file which looks like below
???胚臀窝稳脱褪窝魄喏??胚??????????????????胚臀窝稳脱褪窝魄喏??胚??????????????????胚臀窝稳脱褪窝魄喏??胚??????????????????胚臀窝稳脱褪窝魄喏??胚??????????????????胚臀窝稳脱褪窝魄喏??胚??????????????????胚臀窝稳脱褪窝魄喏??胚??????????????????胚臀窝稳脱褪窝魄喏??胚??????????????????胚臀窝稳脱褪窝蜗蛇???????喏??胚???????????咄挝盐韧淹饰盐仙喏??胚??????????????????胚臀窝稳脱褪窝蜗诉???????喏??胚????????
anybody has any idea about ssh trojan ? (not for openssh)
thx.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/