Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re: Something I found on my site

by rjt (Deacon)
on Apr 25, 2014 at 20:07 UTC ( #1083850=note: print w/ replies, xml ) Need Help??


in reply to Something I found on my site

This does look like an attempt at some sort of exploit—more likely a probe to check for vulnerable servers to plant the real attacks on later.

It tries to disguise itself as lynx (a text-based browser) in the process list, a weak measure, perhaps, but a pretty sure sign their intentions are less than pure.

Then it tries to open a TCP socket to $ARGV[0] on port $ARGV[1] and reopen the 3 standard streams, and send your kernel version and the local user ID and groups to the remote server, and try to start a (remote) shell. Quite possibly the $target is a machine controlled by the attackers.

Whether you should be worried or not? I dunno, that depends on how it got there and whether you can identify the target and the perpetrators.

That, and they didn't use strict. Bastards.

use strict; use warnings; omitted for brevity.


Comment on Re: Something I found on my site
Select or Download Code
Re^2: Something I found on my site
by GnikLlort (Novice) on Apr 25, 2014 at 20:15 UTC

    I removed the file and changed all my passwords just to be safe, thanks for the help.

Re^2: Something I found on my site
by kennethk (Abbot) on Apr 25, 2014 at 20:25 UTC

    Hell, they didn't even check their opens -- two-argument opens at that! I think we need to send some missionaries into the dark corners of the Internet.


    #11929 First ask yourself `How would I do this without a computer?' Then have the computer do it the same way.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1083850]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (9)
As of 2015-07-04 08:57 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (58 votes), past polls