Monday, January 6, 2014

2x ZeuS botnets on diversifiedgeneralcontracting.com

Hacked 2x ZeuS botnet this past weekend.

hosted on:
diversifiedgeneralcontracting.com
184.173.68.2
network:IP-Network-Block:184.173.68.0-184.173.68.31
network:Organization;I:Green Olive Tree

Reported abuse to: abuse[at]greenolivetree.net

Server:
Linux hawkeye.iwswebhosting.com 2.6.18-348.6.1.el5

WHOIS:
diversifiedgeneralcontracting.com
Admin Name: Registration Private
Admin Organization: Domains By Proxy, LLC
Admin Street: DomainsByProxy.com


Login ZeuS #1 
(botnet name: log)

Summary:

 Bots:


OS Statistics (for Science)


ZeuS #2
botnet name: web
Summary:


Bots:

config.php for zeus #1
$config['mysql_host']          = '127.0.0.1';
$config['mysql_user']          = 'dgchome_log';
$config['mysql_pass']          = '1qaz2wsx';
$config['mysql_db']            = 'dgchome_log';

config.php for zeus #2
$config['mysql_host']          = '127.0.0.1';
$config['mysql_user']          = 'dgchome_web';
$config['mysql_pass']          = '1qaz2wsx';
$config['mysql_db']            = 'dgchome_web';

:-)

Cheers, douche bag. 
(oh yeah, and yer box is shelled)

No comments:

Post a Comment