Full Disclosure mailing list archives
ssh 3.2.9.1 backdoor could not log the login info
From: "fatb" <fatb () security zz ha cn>
Date: Sat, 19 Nov 2005 00:50:42 +0800
hi list: the aion ssh patch for ssh 3.2.9.1 from packetstorm http://packetstormsecurity.org/UNIX/patches/apatch-ssh-3.2.9.1 modified the LEETPASS and SSH_LOG,and replace the orgin sshd2 with the trojaned one. But when I loggin the server without the Magic Password,I could only find some strange stings in the log file which looks like below ������胚臀窝稳脱褪窝魄喏����胚�������喏����胚���������������������胚臀窝稳脱褪窝魄喏����胚�������喏����胚���������������������胚臀窝稳脱褪窝魄喏����胚�������喏����胚���������������������胚臀窝稳脱褪窝魄喏����胚�������喏����胚���������������������胚臀窝稳脱褪窝魄喏����胚�������喏����胚���������������������胚臀窝稳脱褪窝魄喏����胚�������喏����胚���������������������胚臀窝稳脱褪窝魄喏����胚�������喏����胚���������������������胚臀窝稳脱褪窝蜗蛇�����胚�������喏����胚���������������������胚臀窝稳脱褪窝蜗蛇�����胚�������喏����胚���������������������胚臀窝稳脱褪窝蜗诉�����胚�������喏����胚���������������[ anybody has any idea about ssh trojan ? (not for openssh) thx.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ssh 3.2.9.1 backdoor could not log the login info fatb (Nov 18)