Monday, December 30, 2013

ZeuS C&C - bestbuyautotransport.com.au

More work done on command & control servers listed on ZeuS Tracker

bestbuyautotransport.com.au
203.170.86.145
netname:        austdomains
descr:          Internet Services Network
descr:          Global Telecommunications
country:        AU
abuse@syra.net.au

ZeuS Tracker details:

Config:



Login:


I cant get on this way, so I try something else. 



1. Drop a shell on your sandy seashore.

2. Grab mysql auth from config files. 

3. Look around (so small, sorry buddy)


4. Change admin password. (and get proper username) 




Lets try again.
Ok. Now we're in.

Confirmed. You have a small useless botnet (and penis).


Some OS statistics for Science:

Useless bots:


Some reports:
 No banking.






so silly. 

1 comment:

  1. Excuse me, but how do you get pass the login? Is there a backdoor, a master password, or is the authentication buggy? I am just curious to know what it is. I am simply amazed how you bypass all of them. Nice job!

    ReplyDelete