Twitter | Pretraživanje | |
Adam ♿ 🐧
What the fuck?! , a little help? This is my Plex server but it looks like it's been breached.
Reply Retweet Označi sa "sviđa mi se" More
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @voltagex
plex:x:111:119::/var/lib/plexmediaserver:/bin/bash Fuck, I'm an idiot.
Reply Retweet Označi sa "sviđa mi se"
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @voltagex
Okay, so we've worked out how they got in (chsh bash when I was trying to fix something, then I didn't disable it again) and how they persisted (cron).
Reply Retweet Označi sa "sviđa mi se"
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @voltagex
And my "entry" is in but why?
Reply Retweet Označi sa "sviđa mi se"
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @voltagex
One way to get their attention.
Reply Retweet Označi sa "sviđa mi se"
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @voltagex
-rwxrwxr-x 1 plex plex 947 Sep 15 14:23 anon. So they've been in for a while.
Reply Retweet Označi sa "sviđa mi se"
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @voltagex
So, do I nuke this from orbit?
Reply Retweet Označi sa "sviđa mi se"
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @voltagex
SSH version was/is a false alarm.
Reply Retweet Označi sa "sviđa mi se"
Alex Sadleir 29. sij
Odgovor korisniku/ci @voltagex
"The TomatoAnon script will send information to an online database about your router's model and installed version of Tomato."
Reply Retweet Označi sa "sviđa mi se"
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @maxious
wtf++
Reply Retweet Označi sa "sviđa mi se"
Jamie 29. sij
Odgovor korisniku/ci @voltagex
Was it running qbittorrent? Seems to be a common theme with the IPs i've checked
Reply Retweet Označi sa "sviđa mi se"
Adam ♿ 🐧 29. sij
Odgovor korisniku/ci @JJJollyjim
I was at one point, but the UI was bound to localhost.
Reply Retweet Označi sa "sviđa mi se"