últimos mensajes de: Hason

Mostrar Mensajes
Páginas: 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 ... 204

51	Sistemas Operativos / Windows / Re: Problemas con un pc reacondicionado con windows 10 preinstalado comprado nuevo.	en: 28 Junio 2022, 22:02 pm
Hola buenas, en estos momentos estoy muy saturado, mis neuronas chisporrotean... Intentaré responder todo, pero ahora de momento no puedo. Citar ¿por que yo iva a tener que hacer todas estas movidas??? Porque eres masoquista o porque sino te aburres. Lo que me pregunto es qué te pasó antes para que ahora estés complicándote tanto. Citar Todo, por no tener estudios básicos de informática. Falso. Más allá de lo que sea básico, sabes más que yo. Sin embargo, yo no tengo tanto problema, quizá por suerte, pero bueno. La computadora que tengo me la regaló la esposa de mi padre porque se compró una nueva. Tiene un usuario que yo no creé (no sé cómo crear uno, ni borrarlo, ni si es necesario tener uno, ni me importa) y no sé cuántas cosas más, pero ¿me ves preocupado por eso? No, me dedico a divertirme... Edit: ¿Cual es tu miedo? ¿que te espíen? ¿acaso ves pornografía infantil o algo así? No vas a decir, pero a estas alturas da para pensar que haces algo bastante turbio... Puedo explicarlo todo públcamente, pero hace mal de contarlo, muchas movidas...yo lo único malo que hacia, que no es ilegal ni nada, es ver porno, por la web, por xvideos y cosas similares, y entraba en las cams de chicas, pero eso es legal, ahora ya no lo hago, pero creo que eso no es ilegal ni malo, por que si lo fuera, cerrarían las webs la guardia civil, si no lo cierrran es por que es legal, y todas las chicas que hay aparecen son mayores de edad, de hecho, creo que si revisais mis post, puede ser que lo comentará, de hecho creo que algún usuario del foro se lo comenté y se lo dije, no me acuerdo... Entonces, esto , tiene una explicación, pero es muy largo de contarlo todo,pero si quereis que lo cuente, lo haré, por que creo que no hacia nada malo, y si cuento todo como pasó, creo lo entenderiais, entonces, creo que mis enemigos, utilizaron que veia pornografía normal, para atacarme y decir que era tal o cual cosa cuando no es verdad ¿quien no ha visto pornografía en internet xdios?, yo no vi pornografía hasta que tuve internet con unos 22 o 23 años, y flipe todo lo que había... era una persona sexualmente activa, pero me dejo mi pareja y entré en depresión, y empecé a ver porno por internet, eso no es ilegal ni nada. Si quereis que cuente la pelicula bien explicada con muchas hojas de post, me lo decis, y lo explicaré todo, se puede explicar. Yo no hago nada malo con los pc, me lo hacen a mi,no tengo nada que esconder. Ahora resultará que yo soy el único del planeta que ve porno, pues vaya, creo que muchos lo ven, por eso hay una industria pornográfica grandiosa, sobre todo en eeuu, a mi me gustaba mucho brazzers, tenía el emule descargando peliculas de brazzers seguido, ya no lo hago, para que no me acusen de nada, de todas formas, creo que eso no es ilegal ni nada, y no me gusta contarlo, pero para que lo sepais, eso es algo que hacia, pero como entretenimiento, y aqui entran en juego muchas historias muy largas de contar, yo ahora no descargo ya nada de porno, ni entro en las webcams de chicas, solia entrar mucho en livejazmin, que salian unas chicas de aupa,y estando soltero, y encerrado en casa, creo que no era nada malo... en fin, pero eso es lo que creo que aprovecharon para maldecirme... yo no he hecho nada malo, y odio la pornografia infantil quien la haga o la mire, yo no me gusta eso, a mi me gustan las chicas mayores de edad y punto,vamos, ya he dicho lo único malo que hacía.Pero yo pregunto ¿quien no ve pornografia por internet o livecams??? en fin, e dejado de hacerlo hace tiempo para que no me acusen de no se que,.,.. mi actriz favorta era Lissa ann, que ya se a retirado, y ahora es comentarista de partidos de futbol americano, me tiene loco... justamente conocí una amiga que se llamaba Elisa, y me volvia loco también.... Si quereis una novela explicativa de todo puedo hacerlo, por que esto, viene de largo por historias, pero yo no he hecho nada ilegal jamás. Por emule descargando, una vez, descargué un video teoricamente de brazzers normal, pero luego , resulto que no, aparecian menores o no se, vi , y lo borré, quisé llamar guardia civil , pero lo borre y fuera, es la única experiencia que tuve con eso, no vi el video ni nada, descargaba muchas peliculas de brazzers, y en una de ellas se coló una mala.... vi y borré, me dió ascos y miedo. Creo que me e sincerado bastante. Y puedo explicarlo todo desde el principio, pero serían muchas hojas de post para explicarlo todo, no creo que queraís hacer de terapeutas, psicologos o psiquiatras, pero si quereis que lo cuente, me lo pedís, y escribiré un tocho grande de por que terminé viendo porno. Dicho esto, creo que no he hecho nada ilegal, además intervinieron muchos asuntos raros que no puedo contar si no es detalladamente escribiendo mucho, pero mucho.... Entonces, mi problema no es el porno ya,estoy cansado del porno y las webcams...mi problema es solucionar mis problemas con el pc para sanar mi salud mental, y darles un escarmiento a los 12 monos. Sinceramente, no he hecho nada ilegal y odio la gente que se aprovecha de menores. Podeís preguntarme lo que queraís,yo responderé, yo tengo la conciencia tranquila que no he hecho nada malo. Si quereis que cuente toda la historía.... agarraos que vienen curvas...como en chasis mataró barcelona....yo lo cuento si quereis, pero va a ser un tocho grande con muchas historias... Vamos, que mis enemigos se aprovecharon de que yo veia porno y entraba en las webcams para adultos, para atacarme y decir que era tal o cual, pero todo mentira, era una persona amargada cerrada en casa sin salir por años, y no tenía ningún aliciente en mi vida, más que ver pornografía normal de adultos, que pòr lo menos me alegraba un rato. Actualmente, estoy impotente, me han recetado viagra por un año....ya he dicho mucho, pero puedo explicar mucho más detalladamente, que por otro lado no creo os interese. Resumiendo, como no sabían como joderme por que no hacia nada malo, más que plantar cannabis para consumo propio y ver pornografia, pues me atacarón con eso...yo estaba solo, siempre en casa cerrado, y no sabía nada de ordenadores... se aprovecharon de mi, y me hicieron barbaridades, que no voy a contar, de esas barbaridades que me hicieron, vino mi comportamiento inadecuadom, pero por culpa terceras personas, de los 12 monos,, por eso estoy muy enfadado. Me hubiera gustado ser actor porno pero por su culpa ya no podré jamás. Ya e contado demasiado, pero, solo es la puntica del iceberg. Y lo que acabo de escribir lo he hecho por que me he bebido dos botellas de vino , si no no lo cuento, pero ya está lo he escrito publicamente,y es lo único malo que he hecho, ¿quien no ha visto pornografia por internet, cuando está todo lleno xdios?, en fin, no se que pensareis, pero lo que penseis decirmelo. Saludos.

52	Seguridad Informática / Seguridad / Re: Discos duros cifrados protegidos contra escritura, al conectarlos a la placa base reescriben la bios,rootkit fijo.	en: 28 Junio 2022, 21:10 pm
Hola Tachikomaia , es simplemente una parodia, una forma de reirme de los supuestos 12 rootkits que tengo, o supuestamente tengo... que no es seguro vale, pero todo apunta que si, entonces, es una forma de reirme de ellos en su cara... no se si me entiendes, por que ellos leen todo lo que publico, entonces por eso mi actitud incomprensible para muchos de vosotros... es por que los que me hacen esto me siguen... si nombro algún programa que me va bien, me lo jodén por ejemplol... entonces, ya no quiero dar información demasiada... Es simplemente una parodia humorística. Serapis, acabo de formatear a bajo nivel con una herramienta x (para que no se enteren los 12 monos) y estoy pasando tu comando, la verdad, que es más extenso, en un disco de 500 gb me dice, que tardará dos horas y media, en cuanto lo escanee, postearé el resultado, y saldré de dudas si realmente lo he conseguido o no. Hasta dentro de unas horas. Saludos.

53	Seguridad Informática / Seguridad / Re: Discos duros cifrados protegidos contra escritura, al conectarlos a la placa base reescriben la bios,rootkit fijo.	en: 28 Junio 2022, 20:41 pm
Bien, como podeís observar si habeis leido todas las líneas de código del análisis, algo hay, se ve. Pero claro, voy a aclarar lo siguiente: Grabé el sistema operativo caine, desde el pc infectado, con los discos duros protegidos contra escritura, entonces, supongo, que tiene que ver bastante. Ahora que he conseguido saltarme la protección contra escritura de los discos, o eso me parece a mi.... , voy a instalar de nuevo en el disco duro limpio otro sistema operativo, bien será windows 8.1 original, o bien fedora que me grabaron y creo está bien. Entonces, con los discos duros limpios, espero poder instalar correctamente los sistemas operativos, o eso espero, x dios, ya entonces, descargaré caine o desde el mismo fedora, volveré a hacer el scan, y supongo, que la cosa va a cambiar bastante, si dios quiere, y todo va según tengo pensado, que , tal vez no, pero espero que si... Cuando tenga todo montado ok, volveré a analizar, y compartiré los resultados, espero poder hacerlo,ya mi vida es esto, necesito repararlo como sea, es cuestión de salud mental. Se lo dedico a los supuestos 12 rootkits: Continuará. Saludos

54	Seguridad Informática / Seguridad / Re: Discos duros cifrados protegidos contra escritura, al conectarlos a la placa base reescriben la bios,rootkit fijo.	en: 28 Junio 2022, 20:19 pm
Citar [ Not found ] [11:46:03] Vampire Rootkit [ Not found ] [11:46:03] [11:46:03] Checking for VcKit Rootkit... [11:46:03] Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ] [11:46:03] Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ] [11:46:03] VcKit Rootkit [ Not found ] [11:46:03] [11:46:03] Checking for Volc Rootkit... [11:46:03] Checking for file '/usr/bin/volc' [ Not found ] [11:46:03] Checking for file '/usr/lib/volc/backdoor/divine' [ Not found ] [11:46:03] Checking for file '/usr/lib/volc/linsniff' [ Not found ] [11:46:03] Checking for file '/etc/rc.d/rc1.d/S25sysconf' [ Not found ] [11:46:03] Checking for file '/etc/rc.d/rc2.d/S25sysconf' [ Not found ] [11:46:03] Checking for file '/etc/rc.d/rc3.d/S25sysconf' [ Not found ] [11:46:03] Checking for file '/etc/rc.d/rc4.d/S25sysconf' [ Not found ] [11:46:03] Checking for file '/etc/rc.d/rc5.d/S25sysconf' [ Not found ] [11:46:03] Checking for directory '/var/spool/.recent' [ Not found ] [11:46:03] Checking for directory '/var/spool/.recent/.files' [ Not found ] [11:46:03] Checking for directory '/usr/lib/volc' [ Not found ] [11:46:03] Checking for directory '/usr/lib/volc/backup' [ Not found ] [11:46:03] Volc Rootkit [ Not found ] [11:46:04] [11:46:04] Checking for Xzibit Rootkit... [11:46:04] Checking for file '/dev/dsx' [ Not found ] [11:46:04] Checking for file '/dev/caca' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/linsniffer' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/logclear' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/sense' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/sl2' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/sshdu' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/s' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/sl2new.c' [ Not found ] [11:46:04] Checking for file '/dev/ida/.inet/tcp.log' [ Not found ] [11:46:04] Checking for file '/home/httpd/cgi-bin/becys.cgi' [ Not found ] [11:46:04] Checking for file '/usr/local/httpd/cgi-bin/becys.cgi' [ Not found ] [11:46:04] Checking for file '/usr/local/apache/cgi-bin/becys.cgi' [ Not found ] [11:46:04] Checking for file '/www/httpd/cgi-bin/becys.cgi' [ Not found ] [11:46:04] Checking for file '/www/cgi-bin/becys.cgi' [ Not found ] [11:46:04] Checking for directory '/dev/ida/.inet' [ Not found ] [11:46:04] Xzibit Rootkit [ Not found ] [11:46:04] [11:46:04] Checking for zaRwT.KiT Rootkit... [11:46:04] Checking for file '/dev/rd/s/sendmeil' [ Not found ] [11:46:04] Checking for file '/dev/ttyf' [ Not found ] [11:46:04] Checking for file '/dev/ttyp' [ Not found ] [11:46:04] Checking for file '/dev/ttyn' [ Not found ] [11:46:04] Checking for file '/rk/tulz' [ Not found ] [11:46:04] Checking for directory '/rk' [ Not found ] [11:46:04] Checking for directory '/dev/rd/s' [ Not found ] [11:46:04] zaRwT.KiT Rootkit [ Not found ] [11:46:04] [11:46:04] Checking for ZK Rootkit... [11:46:04] Checking for file '/usr/share/.zk/zk' [ Not found ] [11:46:04] Checking for file '/usr/X11R6/.zk/xfs' [ Not found ] [11:46:04] Checking for file '/usr/X11R6/.zk/echo' [ Not found ] [11:46:04] Checking for file '/etc/1ssue.net' [ Not found ] [11:46:04] Checking for file '/etc/sysconfig/console/load.zk' [ Not found ] [11:46:04] Checking for directory '/usr/share/.zk' [ Not found ] [11:46:04] Checking for directory '/usr/X11R6/.zk' [ Not found ] [11:46:04] ZK Rootkit [ Not found ] [11:46:06] [11:46:06] Info: Starting test name 'additional_rkts' [11:46:06] Performing additional rootkit checks [11:46:06] [11:46:06] Performing Suckit Rootkit additional checks [11:46:06] Checking hard link count on '/sbin/init' [ OK ] [11:46:06] Checking for hidden file extensions [ None found ] [11:46:06] Running skdet command [ Skipped ] [11:46:06] Info: Unable to find the 'skdet' command [11:46:06] Suckit Rootkit additional checks [ OK ] [11:46:06] [11:46:06] Info: Starting test name 'possible_rkt_files' [11:46:06] Performing check of possible rootkit files and directories [11:46:06] Checking for file '/dev/sdr0' [ Not found ] [11:46:06] Checking for file '/dev/pisu' [ Not found ] [11:46:06] Checking for file '/dev/xdta' [ Not found ] [11:46:06] Checking for file '/dev/saux' [ Not found ] [11:46:06] Checking for file '/dev/hdx' [ Not found ] [11:46:06] Checking for file '/dev/hdx1' [ Not found ] [11:46:06] Checking for file '/dev/hdx2' [ Not found ] [11:46:06] Checking for file '/dev/ptyy' [ Not found ] [11:46:06] Checking for file '/dev/ptyu' [ Not found ] [11:46:06] Checking for file '/dev/ptyv' [ Not found ] [11:46:06] Checking for file '/dev/hdbb' [ Not found ] [11:46:06] Checking for file '/tmp/.syshackfile' [ Not found ] [11:46:06] Checking for file '/tmp/.bash_history' [ Not found ] [11:46:06] Checking for file '/usr/info/.clib' [ Not found ] [11:46:06] Checking for file '/usr/sbin/tcp.log' [ Not found ] [11:46:06] Checking for file '/usr/bin/take/pid' [ Not found ] [11:46:06] Checking for file '/sbin/create' [ Not found ] [11:46:06] Checking for file '/dev/ttypz' [ Not found ] [11:46:06] Checking for file '/var/log/tcp.log' [ Not found ] [11:46:06] Checking for file '/usr/include/audit.h' [ Not found ] [11:46:06] Checking for file '/usr/bin/sourcemask' [ Not found ] [11:46:06] Checking for file '/usr/bin/ras2xm' [ Not found ] [11:46:06] Checking for file '/dev/xmx' [ Not found ] [11:46:06] Checking for file '/usr/sbin/gpm.root' [ Not found ] [11:46:06] Checking for file '/bin/vobiscum' [ Not found ] [11:46:06] Checking for file '/bin/psr' [ Not found ] [11:46:06] Checking for file '/dev/kdx' [ Not found ] [11:46:06] Checking for file '/dev/dkx' [ Not found ] [11:46:06] Checking for file '/usr/sbin/sshd3' [ Not found ] [11:46:06] Checking for file '/usr/sbin/jcd' [ Not found ] [11:46:06] Checking for file '/usr/sbin/atd2' [ Not found ] [11:46:06] Checking for file '/home/httpd/cgi-bin/linux.cgi' [ Not found ] [11:46:07] Checking for file '/home/httpd/cgi-bin/psid' [ Not found ] [11:46:07] Checking for file '/home/httpd/cgi-bin/void.cgi' [ Not found ] [11:46:07] Checking for file '/etc/rc.d/init.d/system' [ Not found ] [11:46:07] Checking for file '/etc/rc.d/rc3.d/S93users' [ Not found ] [11:46:07] Checking for file '/tmp/.ush' [ Not found ] [11:46:07] Checking for file '/usr/lib/libhidefile.so' [ Not found ] [11:46:07] Checking for file '/etc/cron.d/kmod' [ Not found ] [11:46:07] Checking for file '/usr/lib/dmis/dmisd' [ Not found ] [11:46:07] Checking for file '/lib/secure/libhij.so' [ Not found ] [11:46:07] Checking for file '/usr/sbin/sshd3' [ Not found ] [11:46:07] Checking for file '/etc/rc.d/init.d/crontab' [ Not found ] [11:46:07] Checking for file '/etc/rc.d/init.d/jcd' [ Not found ] [11:46:07] Checking for file '/usr/sbin/atd2' [ Not found ] [11:46:07] Checking for file '/etc/rc.d/rc5.d/S93users' [ Not found ] [11:46:07] Checking for file '/usr/include/mysql/mysql.hh1' [ Not found ] [11:46:07] Checking for file '/etc/init.d/xfs3' [ Not found ] [11:46:07] Checking for file '/usr/sbin/t.txt' [ Not found ] [11:46:07] Checking for file '/usr/sbin/change' [ Not found ] [11:46:07] Checking for file '/usr/sbin/s' [ Not found ] [11:46:07] Checking for file '/bin/f' [ Not found ] [11:46:07] Checking for file '/bin/i' [ Not found ] [11:46:07] Checking for file '/lib/libncom.so.4.0.1' [ Not found ] [11:46:07] Checking for file '/sbin/zinit' [ Not found ] [11:46:07] Checking for file '/tmp/pass_ssh.log' [ Not found ] [11:46:07] Checking for file '/usr/include/gpm2.h' [ Not found ] [11:46:07] Checking for file '/etc/ssh/.sshd_auth' [ Not found ] [11:46:07] Checking for file '/usr/lib/.sshd.h' [ Not found ] [11:46:07] Checking for file '/var/run/.defunct' [ Not found ] [11:46:07] Checking for file '/etc/httpd/run/.defunct' [ Not found ] [11:46:07] Checking for file '/usr/share/pci.r' [ Not found ] [11:46:07] Checking for file '/etc/cron.daily/dnsquery' [ Not found ] [11:46:07] Checking for file '/usr/lib/libutil1.2.1.2.so' [ Not found ] [11:46:07] Checking for file '/usr/lib/libppopen.so' [ Not found ] [11:46:07] Checking for file '/usr/include/libutil2.1.h' [ Not found ] [11:46:07] Checking for file '/usr/bin/munchhausen' [ Not found ] [11:46:07] Checking for file '/bin/ceva' [ Not found ] [11:46:07] Checking for file '/sbin/syslogd<SP>' [ Not found ] [11:46:07] Checking for file '/usr/include/shup.h' [ Not found ] [11:46:07] Checking for file '/etc/rpm/sshdOLD' [ Not found ] [11:46:07] Checking for file '/etc/rpm/sshOLD' [ Not found ] [11:46:07] Checking for file '/usr/share/passwd.h' [ Not found ] [11:46:08] Checking for file '/lib/.xsyslog' [ Not found ] [11:46:08] Checking for file '/etc/.xsyslog' [ Not found ] [11:46:08] Checking for file '/lib/.ssyslog' [ Not found ] [11:46:08] Checking for file '/tmp/.sendmail' [ Not found ] [11:46:08] Checking for file '/usr/share/sshd.sync' [ Not found ] [11:46:08] Checking for file '/bin/zcut' [ Not found ] [11:46:08] Checking for file '/usr/bin/zmuie' [ Not found ] [11:46:08] Checking for file '/lib/libkeyutils.so.1.9' [ Not found ] [11:46:08] Checking for file '/lib64/libkeyutils.so.1.9' [ Not found ] [11:46:08] Checking for file '/usr/lib/libkeyutils.so.1.9' [ Not found ] [11:46:08] Checking for file '/usr/lib64/libkeyutils.so.1.9' [ Not found ] [11:46:08] Checking for file '/IptabLes' [ Not found ] [11:46:08] Checking for file '/.IptabLex' [ Not found ] [11:46:08] Checking for file '/boot/.IptabLex' [ Not found ] [11:46:08] Checking for file '/boot/.IptabLes' [ Not found ] [11:46:08] Checking for file '/boot/IptabLes' [ Not found ] [11:46:08] Checking for file '/tmp/IptabLes' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/init.d/IptabLex' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/init.d/IptabLes' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/rc0.d/S55IptabLex' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/rc1.d/S55IptabLex' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/rc2.d/S55IptabLex' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/rc3.d/S55IptabLex' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/rc4.d/S55IptabLex' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/rc5.d/S55IptabLex' [ Not found ] [11:46:08] Checking for file '/etc/rc.d/rc6.d/S55IptabLex' [ Not found ] [11:46:08] Checking for file '/var/lib/update-rc.d/IptabLex' [ Not found ] [11:46:08] Checking for file '/delallmykkk' [ Not found ] [11:46:08] Checking for file '/usr/.IptabLes' [ Not found ] [11:46:08] Checking for file '/usr/IptabLes' [ Not found ] [11:46:08] Checking for file '/tmp/.flush' [ Not found ] [11:46:08] Checking for file '/var/log/.flush' [ Not found ] [11:46:08] Checking for file '/usr/.flush' [ Not found ] [11:46:08] Checking for file '/etc/init.d/bluetoothdaemon' [ Not found ] [11:46:08] Checking for file '/usr/bin/btdaemon' [ Not found ] [11:46:08] Checking for file '/etc/rc1.d/S90bluetooth' [ Not found ] [11:46:08] Checking for file '/etc/rc2.d/S90bluetooth' [ Not found ] [11:46:08] Checking for file '/etc/rc3.d/S90bluetooth' [ Not found ] [11:46:08] Checking for file '/etc/rc4.d/S90bluetooth' [ Not found ] [11:46:08] Checking for file '/etc/rc5.d/S90bluetooth' [ Not found ] [11:46:09] Checking for file '/etc/rc6.d/S90bluetooth' [ Not found ] [11:46:09] Checking for file '/boot/pro' [ Not found ] [11:46:09] Checking for file '/boot/proh' [ Not found ] [11:46:09] Checking for file '/etc/atdd' [ Not found ] [11:46:09] Checking for file '/etc/atddd' [ Not found ] [11:46:09] Checking for file '/etc/cupsdd' [ Not found ] [11:46:09] Checking for file '/etc/cupsddd' [ Not found ] [11:46:09] Checking for file '/etc/cupsddh' [ Not found ] [11:46:09] Checking for file '/etc/dsfrefr' [ Not found ] [11:46:09] Checking for file '/etc/fdsfsfvff' [ Not found ] [11:46:09] Checking for file '/etc/ferwfrre' [ Not found ] [11:46:09] Checking for file '/etc/fwke.cfg' [ Not found ] [11:46:09] Checking for file '/etc/gdmorpen' [ Not found ] [11:46:09] Checking for file '/etc/gfhddsfew' [ Not found ] [11:46:09] Checking for file '/etc/gfhjrtfyhuf' [ Not found ] [11:46:09] Checking for file '/etc/ksapd' [ Not found ] [11:46:09] Checking for file '/etc/ksapdd' [ Not found ] [11:46:09] Checking for file '/etc/kysapd' [ Not found ] [11:46:09] Checking for file '/etc/kysapdd' [ Not found ] [11:46:09] Checking for file '/etc/rewgtf3er4t' [ Not found ] [11:46:09] Checking for file '/etc/sdmfdsfhjfe' [ Not found ] [11:46:09] Checking for file '/etc/sfewfesfs' [ Not found ] [11:46:09] Checking for file '/etc/sfewfesfsh' [ Not found ] [11:46:09] Checking for file '/etc/sksapd' [ Not found ] [11:46:09] Checking for file '/etc/sksapdd' [ Not found ] [11:46:09] Checking for file '/etc/skysapd' [ Not found ] [11:46:09] Checking for file '/etc/skysapdd' [ Not found ] [11:46:09] Checking for file '/etc/smarvtd' [ Not found ] [11:46:09] Checking for file '/etc/whitptabil' [ Not found ] [11:46:09] Checking for file '/etc/xfsdx' [ Not found ] [11:46:09] Checking for file '/etc/xfsdxd' [ Not found ] [11:46:09] Checking for file '/tmp/bill.lock' [ Not found ] [11:46:09] Checking for file '/tmp/gates.lock' [ Not found ] [11:46:09] Checking for file '/tmp/gates.lod' [ Not found ] [11:46:09] Checking for file '/tmp/moni.lock' [ Not found ] [11:46:09] Checking for file '/tmp/moni.lod' [ Not found ] [11:46:09] Checking for file '/tmp/notify.file' [ Not found ] [11:46:09] Checking for file '/usr/bin/.sshd' [ Not found ] [11:46:09] Checking for file '/usr/bin/bsd-port/getty' [ Not found ] [11:46:09] Checking for file '/usr/bin/bsd-port/getty.lock' [ Not found ] [11:46:10] Checking for file '/usr/bin/bsd-port/udevd.lock' [ Not found ] [11:46:10] Checking for file '/usr/bin/pojie' [ Not found ] [11:46:10] Checking for file '/usr/lib/libamplify.so' [ Not found ] [11:46:10] Checking for file '/etc/init.d/DbSecuritySpt' [ Not found ] [11:46:10] Checking for file '/etc/rc.d/init.d/DbSecuritySpt' [ Not found ] [11:46:10] Checking for file '/etc/cron.hourly/gcc.sh' [ Not found ] [11:46:10] Checking for file '/root/2016ttfacai' [ Not found ] [11:46:10] Checking for file '/proc/rs_dev' [ Not found ] [11:46:10] Checking for file '/var/run/sftp.pid' [ Not found ] [11:46:10] Checking for file '/var/run/udev.pid' [ Not found ] [11:46:10] Checking for file '/var/run/mount.pid' [ Not found ] [11:46:10] Checking for file '/etc/cron.hourly/cron.sh' [ Not found ] [11:46:10] Checking for file '/etc/cron.hourly/udev.sh' [ Not found ] [11:46:10] Checking for file '/etc/cron.hourly/udev.sh' [ Not found ] [11:46:10] Checking for file '/lib/libgcc.so' [ Not found ] [11:46:10] Checking for file '/lib/libgcc.so.bak' [ Not found ] [11:46:10] Checking for file '/lib/libgcc4.so' [ Not found ] [11:46:10] Checking for file '/lib/libgcc4.4.so' [ Not found ] [11:46:10] Checking for file '/lib/udev/udev' [ Not found ] [11:46:10] Checking for file '/lib/udev/debug' [ Not found ] [11:46:10] Checking for directory '/dev/ptyas' [ Not found ] [11:46:10] Checking for directory '/usr/bin/take' [ Not found ] [11:46:10] Checking for directory '/usr/src/.lib' [ Not found ] [11:46:10] Checking for directory '/usr/share/man/man1/.1c' [ Not found ] [11:46:10] Checking for directory '/lib/lblip.tk' [ Not found ] [11:46:10] Checking for directory '/usr/sbin/...' [ Not found ] [11:46:10] Checking for directory '/usr/share/.gun' [ Not found ] [11:46:10] Checking for directory '/unde/vrei/tu/sa/te/ascunzi/in/server' [ Not found ] [11:46:10] Checking for directory '/usr/man/man1/..<SP><SP>/.dir' [ Not found ] [11:46:10] Checking for directory '/usr/X11R6/include/X11/...' [ Not found ] [11:46:10] Checking for directory '/usr/X11R6/lib/X11/.fonts/misc/...' [ Not found ] [11:46:10] Checking for directory '/tmp/.sys' [ Not found ] [11:46:10] Checking for directory '/tmp/'' [ Not found ] [11:46:10] Checking for directory '/tmp/.,' [ Not found ] [11:46:10] Checking for directory '/tmp/,.,' [ Not found ] [11:46:10] Checking for directory '/dev/shm/emilien' [ Not found ] [11:46:10] Checking for directory '/var/tmp/.log' [ Not found ] [11:46:10] Checking for directory '/tmp/zmeu/...<SP>' [ Not found ] [11:46:10] Checking for directory '/var/log/ssh' [ Not found ] [11:46:10] Checking for directory '/dev/ida' [ Not found ] [11:46:10] Checking for directory '/var/lib/games/.src/ssk/shit' [ Not found ] [11:46:11] Checking for directory '/usr/lib/libshtift' [ Not found ] [11:46:11] Checking for directory '/usr/src/.poop' [ Not found ] [11:46:11] Checking for directory '/dev/wd4' [ Not found ] [11:46:11] Checking for directory '/var/run/.tmp' [ Not found ] [11:46:11] Checking for directory '/usr/man/man1/lib/.lib' [ Not found ] [11:46:11] Checking for directory '/dev/portd' [ Not found ] [11:46:11] Checking for directory '/dev/...' [ Not found ] [11:46:11] Checking for directory '/usr/share/man/mansps' [ Not found ] [11:46:11] Checking for directory '/lib/.so' [ Not found ] [11:46:11] Checking for directory '/lib/.sso' [ Not found ] [11:46:11] Checking for directory '/usr/include/sslv3' [ Not found ] [11:46:11] Checking for directory '/dev/shm/sshd' [ Not found ] [11:46:11] Checking for directory '/usr/share/locale/mk/.dev/sk' [ Not found ] [11:46:11] Checking for directory '/usr/share/locale/mk/.dev' [ Not found ] [11:46:11] Checking for directory '/usr/include/netda.h' [ Not found ] [11:46:11] Checking for directory '/usr/include/.ssh' [ Not found ] [11:46:11] Checking for directory '/usr/share/locale/jp/.<SP>' [ Not found ] [11:46:11] Checking for directory '/usr/share/.sqe' [ Not found ] [11:46:11] Checking for possible rootkit files and directories [ None found ] [11:46:11] [11:46:11] Info: Starting test name 'possible_rkt_strings' [11:46:11] Performing check for possible rootkit strings [11:46:11] Info: Using system startup paths: /etc/init.d /etc/systemd/system [11:46:11] Checking for string 'phalanx' [ Not found ] [11:46:11] Checking for string '/dev/proc/fuckit' [ Not found ] [11:46:11] Checking for string 'FUCK' [ Not found ] [11:46:11] Checking for string 'backdoor' [ Not found ] [11:46:11] Checking for string '/usr/bin/rcpc' [ Not found ] [11:46:11] Checking for string '/usr/sbin/login' [ Not found ] [11:46:11] Checking for string '/dev/ptyxx/.proc' [ Not found ] [11:46:11] Checking for string 'vt200' [ Not found ] [11:46:11] Checking for string '/usr/bin/xstat' [ Not found ] [11:46:11] Checking for string '/bin/envpc' [ Not found ] [11:46:11] Checking for string 'L4m3r0x' [ Not found ] [11:46:11] Checking for string '/lib/libext' [ Not found ] [11:46:11] Checking for string '/usr/sbin/login' [ Not found ] [11:46:11] Checking for string '/usr/lib/.tbd' [ Not found ] [11:46:11] Checking for string 'sendmail' [ Not found ] [11:46:12] Checking for string 'cocacola' [ Not found ] [11:46:12] Checking for string 'joao' [ Not found ] [11:46:12] Checking for string '/dev/ptyxx/.file' [ Not found ] [11:46:12] Checking for string '/dev/ptyxx/.file' [ Not found ] [11:46:12] Checking for string '/dev/sgk' [ Not found ] [11:46:12] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [11:46:12] Checking for string '/usr/lib/.tbd' [ Not found ] [11:46:12] Checking for string '/dev/proc/fuckit' [ Not found ] [11:46:12] Checking for string '/lib/.sso' [ Not found ] [11:46:12] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [11:46:12] Checking for string '/dev/caca' [ Not found ] [11:46:12] Checking for string '/dev/ttyoa' [ Not found ] [11:46:12] Checking for string '/usr/lib/ldlibns.so' [ Not found ] [11:46:12] Checking for string '/dev/ptyxx/.addr' [ Not found ] [11:46:12] Checking for string 'syg' [ Not found ] [11:46:12] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [11:46:12] Checking for string '/dev/pts/01' [ Not found ] [11:46:12] Checking for string 'tw33dl3' [ Not found ] [11:46:12] Checking for string 'psniff' [ Not found ] [11:46:12] Checking for string 'uconf.inv' [ Not found ] [11:46:12] Checking for string 'lib/ldlibps.so' [ Not found ] [11:46:12] Checking for string '/usr/lib/ldlibpst.so' [ Not found ] [11:46:12] Checking for string 'libproc.so.2.0.7' [ Not found ] [11:46:12] Checking for string '/dev/ptyxx/.proc' [ Not found ] [11:46:12] Checking for string '/dev/ptyxx/.proc' [ Not found ] [11:46:12] Checking for string 'libproc.so.2.0.7' [ Not found ] [11:46:12] Checking for string 'libproc.so.2.0.7' [ Not found ] [11:46:12] Checking for string '/bin/bash' [ Not found ] [11:46:12] Checking for string '/dev/ptyxx' [ Not found ] [11:46:12] Checking for string '/.config' [ Not found ] [11:46:12] Checking for string '\$.\$\!.\!\!\$' [ Not found ] [11:46:12] Checking for string 'backdoor.h' [ Not found ] [11:46:12] Checking for string 'backdoor_active' [ Not found ] [11:46:12] Checking for string 'magic_pass_active' [ Not found ] [11:46:12] Checking for string '/usr/include/gpm2.h' [ Not found ] [11:46:13] Checking for string '/usr/include/openssl' [ Not found ] [11:46:13] Checking for string 'aion' [ Not found ] [11:46:13] Checking for string 'pcszPass' [ Not found ] [11:46:13] Checking for string 'LogPass' [ Not found ] [11:46:13] Checking for string 'Login_Check' [ Not found ] [11:46:13] Checking for string 'includes.h' [ Not found ] [11:46:13] Checking for string 'DecodeString' [ Not found ] [11:46:13] Checking for string 'EncodeString' [ Not found ] [11:46:13] Checking for string 'libns2.so' [ Not found ] [11:46:13] Checking for string 'libns5.so' [ Not found ] [11:46:13] Checking for string 'libpw3.so' [ Not found ] [11:46:13] Checking for string 'libpw5.so' [ Not found ] [11:46:13] Checking for string 'libsbr.so' [ Not found ] [11:46:13] Checking for string 'libslr.so' [ Not found ] [11:46:13] Checking for string '/usr/lib/.tbd' [ Not found ] [11:46:13] Checking for string '/dev/ptyxx/.proc' [ Not found ] [11:46:13] Checking for string 'in.inetd' [ Not found ] [11:46:14] Checking for string '#<HIDE_.*>' [ Not found ] [11:46:14] Checking for string 'bin/xchk' [ Not found ] [11:46:14] Checking for string 'bin/xsf' [ Not found ] [11:46:14] Checking for string '/usr/bin/ssh2d' [ Not found ] [11:46:14] Checking for string '/usr/sbin/xntps' [ Not found ] [11:46:15] Checking for string 'ttyload' [ Not found ] [11:46:15] Checking for string '/etc/rc.d/init.d/init' [ Not found ] [11:46:15] Checking for string 'usr/bin/xfss' [ Not found ] [11:46:15] Checking for string '/usr/sbin/rpc.netinet' [ Not found ] [11:46:16] Checking for string '/usr/lib/.fx/cons.saver' [ Not found ] [11:46:16] Checking for string '/usr/lib/.fx/xs' [ Not found ] [11:46:16] Checking for string '/ssh2d' [ Not found ] [11:46:16] Checking for string '/dev/kmod' [ Not found ] [11:46:17] Checking for string '/crth.o' [ Not found ] [11:46:17] Checking for string '/crtz.o' [ Not found ] [11:46:17] Checking for string '/dev/dos' [ Not found ] [11:46:17] Checking for string '/lpq' [ Not found ] [11:46:18] Checking for string '/usr/sbin/rescue' [ Not found ] [11:46:18] Checking for string '/usr/lib/lpstart' [ Not found ] [11:46:18] Checking for string '/volc' [ Not found ] [11:46:18] Checking for string 'sourcemask' [ Not found ] [11:46:19] Checking for string '/bin/vobiscum' [ Not found ] [11:46:19] Checking for string '/usr/sbin/in.telnet' [ Not found ] [11:46:19] Checking for string '/usr/bin/hdparm?-t1?-X53?-p' [ Not found ] [11:46:20] Checking for string '/lib/.xsyslog' [ Not found ] [11:46:20] Checking for string '/etc/.xsyslog' [ Not found ] [11:46:20] Checking for string '/lib/.ssyslog' [ Not found ] [11:46:20] Checking for string '/tmp/.sendmail' [ Not found ] [11:46:20] Checking for string 'IptabLex' [ Not found ] [11:46:21] Checking for string 'IptabLes' [ Not found ] [11:46:21] Checking for string '/lib/ldd.so/tkps' [ Not found ] [11:46:21] Checking for string 't0rnkit' [ Not found ] [11:46:21] Checking for string '/dev/proc/fuckit' [ Not found ] [11:46:21] Checking for string 'backdoor.h' [ Not found ] [11:46:21] Checking for string 'backdoor_active' [ Not found ] [11:46:21] Checking for string 'magic_pass_active' [ Not found ] [11:46:21] Checking for string '/usr/include/gpm2.h' [ Not found ] [11:46:21] Checking for string 'libproc.so.2.0.7' [ Not found ] [11:46:21] Checking for string 'libproc.so.2.0.7' [ Not found ] [11:46:21] Checking for string 'libproc.so.2.0.7' [ Not found ] [11:46:21] Checking for string '/usr/lib/ldlibct.so' [ Not found ] [11:46:21] Checking for string '/usr/lib/ldlibdu.so' [ Not found ] [11:46:21] Checking for string '/dev/ptyxx/.file' [ Not found ] [11:46:21] Checking for string 'libproc.so.2.0.7' [ Not found ] [11:46:21] Checking for string '/dev/ida/.inet' [ Not found ] [11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ] [11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ] [11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ] [11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ] [11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ] [11:46:21] Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ] [11:46:21] Checking for string 'backconnect' [ Not found ] [11:46:21] Checking for string 'magic?packet?received' [ Not found ] [11:46:21] Checking for possible rootkit strings [ None found ] [11:46:21] [11:46:21] Info: Starting test name 'malware' [11:46:21] Performing malware checks [11:46:21] [11:46:21] Info: Test 'deleted_files' disabled at users request. [11:46:21] [11:46:21] Info: Starting test name 'running_procs' [11:46:26] Checking running processes for suspicious files [ None found ] [11:46:26] [11:46:26] Info: Test 'hidden_procs' disabled at users request. [11:46:26] [11:46:26] Info: Test 'suspscan' disabled at users request. [11:46:26] [11:46:26] Info: Starting test name 'login_backdoors' [11:46:26] Checking for '/bin/.login' [ Not found ] [11:46:26] Checking for '/sbin/.login' [ Not found ] [11:46:26] Checking for login backdoors [ None found ] [11:46:26] [11:46:26] Info: Starting test name 'sniffer_logs' [11:46:26] Checking for file '/usr/lib/libice.log' [ Not found ] [11:46:26] Checking for file '/dev/prom/sn.l' [ Not found ] [11:46:26] Checking for file '/dev/fd/.88/zxsniff.log' [ Not found ] [11:46:26] Checking for sniffer log files [ None found ] [11:46:26] [11:46:26] Info: Starting test name 'tripwire' [11:46:26] Checking for software intrusions [ Skipped ] [11:46:26] Info: Check skipped - tripwire not installed [11:46:26] [11:46:26] Info: Starting test name 'susp_dirs' [11:46:26] Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ] [11:46:26] Checking for directory '/dev/rd/cdb' [ Not found ] [11:46:26] Checking for suspicious directories [ None found ] [11:46:26] [11:46:26] Info: Starting test name 'ipc_shared_mem' [11:46:26] Info: The minimum shared memory segment size to be checked (in bytes): 1048576 (1,0MB) [11:46:27] Checking for suspicious (large) shared memory segments [ Warning ] [11:46:27] Warning: The following suspicious (large) shared memory segments have been found: [11:46:27] Process: /usr/bin/mate-panel PID: 11695 Owner: caine Size: 64MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/bin/caja PID: 11803 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/bin/caja PID: 11803 Owner: caine Size: 64MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/bin/marco PID: 11688 Owner: caine Size: 2,0MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/bin/mate-terminal PID: 16249 Owner: root Size: 4,0MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/lib/firefox/firefox PID: 12084 Owner: caine Size: 7,6MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/bin/gnome-disks PID: 24461 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/bin/mate-terminal PID: 16524 Owner: caine Size: 4,0MB (configured size allowed: 1,0MB) [11:46:27] Process: /usr/bin/caja PID: 23540 Owner: root Size: 8,0MB (configured size allowed: 1,0MB) [11:46:27] [11:46:27] Info: Starting test name 'trojans' [11:46:27] Performing trojan specific checks [11:46:27] Checking for enabled inetd services [ Skipped ] [11:46:27] Info: Check skipped - file '/etc/inetd.conf' does not exist. [11:46:27] Checking for enabled xinetd services [ Skipped ] [11:46:27] Info: Check skipped - file '/etc/xinetd.conf' does not exist. [11:46:27] Checking for Apache backdoor [ Skipped ] [11:46:27] Info: Check skipped - no Apache module or configuration directories found. [11:46:27] [11:46:27] Info: Starting test name 'os_specific' [11:46:27] Performing Linux specific checks [11:46:27] Checking loaded kernel modules [ OK ] [11:46:27] Info: Using modules pathname of '/lib/modules/5.0.0-32-generic' [11:46:27] Checking kernel module names [ OK ] [11:46:32] [11:46:32] Info: Starting test name 'network' [11:46:32] Checking the network... [11:46:32] [11:46:32] Performing checks on the network ports [11:46:32] Info: Starting test name 'ports' [11:46:32] Performing check for backdoor ports [11:46:32] Checking for TCP port 1524 [ Not found ] [11:46:32] Checking for TCP port 1984 [ Not found ] [11:46:32] Checking for UDP port 2001 [ Not found ] [11:46:33] Checking for TCP port 2006 [ Not found ] [11:46:33] Checking for TCP port 2128 [ Not found ] [11:46:33] Checking for TCP port 6666 [ Not found ] [11:46:33] Checking for TCP port 6667 [ Not found ] [11:46:33] Checking for TCP port 6668 [ Not found ] [11:46:33] Checking for TCP port 6669 [ Not found ] [11:46:33] Checking for TCP port 7000 [ Not found ] [11:46:33] Checking for TCP port 13000 [ Not found ] [11:46:33] Checking for TCP port 14856 [ Not found ] [11:46:33] Checking for TCP port 25000 [ Not found ] [11:46:33] Checking for TCP port 29812 [ Not found ] [11:46:33] Checking for TCP port 31337 [ Not found ] [11:46:33] Checking for TCP port 32982 [ Not found ] [11:46:33] Checking for TCP port 33369 [ Not found ] [11:46:34] Checking for TCP port 47107 [ Not found ] [11:46:34] Checking for TCP port 47018 [ Not found ] [11:46:34] Checking for TCP port 60922 [ Not found ] [11:46:34] Checking for TCP port 62883 [ Not found ] [11:46:34] Checking for TCP port 65535 [ Not found ] [11:46:34] Checking for backdoor ports [ None found ] [11:46:34] [11:46:34] Info: Test 'hidden_ports' disabled at users request. [11:46:34] [11:46:34] Performing checks on the network interfaces [11:46:34] Info: Starting test name 'promisc' [11:46:34] Checking for promiscuous interfaces [ None found ] [11:46:34] [11:46:34] Info: Test 'packet_cap_apps' disabled at users request. [11:46:34] [11:46:34] Info: Starting test name 'local_host' [11:46:34] Checking the local host... [11:46:34] [11:46:34] Info: Starting test name 'startup_files' [11:46:34] Performing system boot checks [11:46:34] Checking for local host name [ Found ] [11:46:34] [11:46:34] Info: Starting test name 'startup_malware' [11:46:34] Checking for system startup files [ Found ] [11:46:36] Checking system startup files for malware [ None found ] [11:46:36] [11:46:36] Info: Starting test name 'group_accounts' [11:46:36] Performing group and account checks [11:46:36] Checking for passwd file [ Found ] [11:46:36] Info: Found password file: /etc/passwd [11:46:36] Checking for root equivalent (UID 0) accounts [ None found ] [11:46:36] Info: Found shadow file: /etc/shadow [11:46:36] Checking for passwordless accounts [ Warning ] [11:46:36] Warning: Found passwordless account in shadow file: caine [11:46:36] [11:46:36] Info: Starting test name 'passwd_changes' [11:46:36] Checking for passwd file changes [ None found ] [11:46:36] [11:46:36] Info: Starting test name 'group_changes' [11:46:36] Checking for group file changes [ None found ] [11:46:36] Checking root account shell history files [ OK ] [11:46:36] [11:46:36] Info: Starting test name 'system_configs' [11:46:36] Performing system configuration file checks [11:46:36] [11:46:36] Info: Starting test name 'system_configs_ssh' [11:46:36] Checking for an SSH configuration file [ Found ] [11:46:36] Info: Found an SSH configuration file: /etc/ssh/sshd_config [11:46:36] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'. [11:46:36] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'. [11:46:36] Checking if SSH root access is allowed [ Warning ] [11:46:36] Warning: The SSH configuration option 'PermitRootLogin' has not been set. The default value may be 'yes', to allow root access. [11:46:36] Checking if SSH protocol v1 is allowed [ Not set ] [11:46:36] Checking for other suspicious configuration settings [ None found ] [11:46:36] [11:46:36] Info: Starting test name 'system_configs_syslog' [11:46:36] Checking for a running system logging daemon [ Found ] [11:46:36] Info: A running 'rsyslog' daemon has been found. [11:46:36] Info: A running 'systemd-journald' daemon has been found. [11:46:36] Info: Found an rsyslog configuration file: /etc/rsyslog.conf [11:46:36] Info: Found a systemd configuration file: /etc/systemd/journald.conf [11:46:37] Checking for a system logging configuration file [ Found ] [11:46:37] Checking if syslog remote logging is allowed [ Not allowed ] [11:46:37] [11:46:37] Info: Starting test name 'filesystem' [11:46:37] Performing filesystem checks [11:46:37] Info: SCAN_MODE_DEV set to 'THOROUGH' [11:46:38] Checking /dev for suspicious file types [ None found ] [11:46:39] Checking for hidden files and directories [ Warning ] [11:46:39] Warning: Hidden directory found: /etc/.java [11:46:39] Checking for missing log files [ Skipped ] [11:46:39] Info: No missing log file names configured. [11:46:39] Checking for empty log files [ Skipped ] [11:46:39] Info: No empty log file names configured. [11:47:18] [11:47:18] Info: Test 'apps' disabled at users request. [11:47:18] [11:47:18] System checks summary [11:47:18] ===================== [11:47:18] [11:47:18] File properties checks... [11:47:18] Required commands check failed [11:47:18] Files checked: 152 [11:47:18] Suspect files: 1 [11:47:18] [11:47:18] Rootkit checks... [11:47:18] Rootkits checked : 500 [11:47:18] Possible rootkits: 12 [11:47:18] [11:47:18] Applications checks... [11:47:18] All checks skipped [11:47:18] [11:47:18] The system checks took: 1 minute and 59 seconds [11:47:18] [11:47:18] Info: End date is gio 23 giu 2022, 11.47.18, CEST Bueno ya veis.Ahora haré otro post explicativo.

Seguridad Informática / Seguridad / Re: Discos duros cifrados protegidos contra escritura, al conectarlos a la placa base reescriben la bios,rootkit fijo.

en: 28 Junio 2022, 20:11 pm

Código:

[11:45:22] Info: Starting test name 'properties'
[11:45:22] Performing file properties checks
[11:45:22] Warning: Checking for prerequisites               [ Warning ]
[11:45:22]          No output from the 'lsattr' command - all file immutable-bit checks will be skipped.
[11:45:24]   /usr/local/bin/test                             [ OK ]
[11:45:25]   /usr/sbin/adduser                               [ OK ]
[11:45:25] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
[11:45:25]   /usr/sbin/chroot                                [ OK ]
[11:45:25]   /usr/sbin/cron                                  [ OK ]
[11:45:25]   /usr/sbin/groupadd                              [ OK ]
[11:45:25]   /usr/sbin/groupdel                              [ OK ]
[11:45:25]   /usr/sbin/groupmod                              [ OK ]
[11:45:25]   /usr/sbin/grpck                                 [ OK ]
[11:45:26]   /usr/sbin/nologin                               [ OK ]
[11:45:26]   /usr/sbin/pwck                                  [ OK ]
[11:45:26]   /usr/sbin/rsyslogd                              [ OK ]
[11:45:26]   /usr/sbin/sshd                                  [ OK ]
[11:45:26]   /usr/sbin/useradd                               [ OK ]
[11:45:27]   /usr/sbin/userdel                               [ OK ]
[11:45:27]   /usr/sbin/usermod                               [ OK ]
[11:45:27]   /usr/sbin/vipw                                  [ OK ]
[11:45:27]   /usr/sbin/unhide                                [ OK ]
[11:45:27]   /usr/sbin/unhide-linux                          [ OK ]
[11:45:27]   /usr/sbin/unhide-posix                          [ OK ]
[11:45:27]   /usr/sbin/unhide-tcp                            [ OK ]
[11:45:27]   /usr/bin/awk                                    [ OK ]
[11:45:27]   /usr/bin/basename                               [ OK ]
[11:45:27]   /usr/bin/chattr                                 [ OK ]
[11:45:28]   /usr/bin/cut                                    [ OK ]
[11:45:28]   /usr/bin/diff                                   [ OK ]
[11:45:28]   /usr/bin/dirname                                [ OK ]
[11:45:28]   /usr/bin/dpkg                                   [ OK ]
[11:45:28]   /usr/bin/dpkg-query                             [ OK ]
[11:45:28]   /usr/bin/du                                     [ OK ]
[11:45:28]   /usr/bin/env                                    [ OK ]
[11:45:28]   /usr/bin/file                                   [ OK ]
[11:45:28]   /usr/bin/find                                   [ OK ]
[11:45:28]   /usr/bin/GET                                    [ OK ]
[11:45:28]   /usr/bin/groups                                 [ OK ]
[11:45:28]   /usr/bin/head                                   [ OK ]
[11:45:29]   /usr/bin/id                                     [ OK ]
[11:45:29]   /usr/bin/ipcs                                   [ OK ]
[11:45:29]   /usr/bin/killall                                [ OK ]
[11:45:29]   /usr/bin/last                                   [ OK ]
[11:45:29]   /usr/bin/lastlog                                [ OK ]
[11:45:29]   /usr/bin/ldd                                    [ OK ]
[11:45:29] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
[11:45:29]   /usr/bin/less                                   [ OK ]
[11:45:29]   /usr/bin/locate                                 [ OK ]
[11:45:29]   /usr/bin/logger                                 [ OK ]
[11:45:29]   /usr/bin/lsattr                                 [ OK ]
[11:45:29]   /usr/bin/lsof                                   [ OK ]
[11:45:29]   /usr/bin/mail                                   [ OK ]
[11:45:30]   /usr/bin/md5sum                                 [ OK ]
[11:45:30]   /usr/bin/mlocate                                [ OK ]
[11:45:30]   /usr/bin/newgrp                                 [ OK ]
[11:45:30]   /usr/bin/passwd                                 [ OK ]
[11:45:30]   /usr/bin/perl                                   [ OK ]
[11:45:30]   /usr/bin/pgrep                                  [ OK ]
[11:45:30]   /usr/bin/pkill                                  [ OK ]
[11:45:30]   /usr/bin/pstree                                 [ OK ]
[11:45:30]   /usr/bin/rkhunter                               [ OK ]
[11:45:30]   /usr/bin/rpm                                    [ OK ]
[11:45:30]   /usr/bin/runcon                                 [ OK ]
[11:45:31]   /usr/bin/sha1sum                                [ OK ]
[11:45:31]   /usr/bin/sha224sum                              [ OK ]
[11:45:31]   /usr/bin/sha256sum                              [ OK ]
[11:45:31]   /usr/bin/sha384sum                              [ OK ]
[11:45:31]   /usr/bin/sha512sum                              [ OK ]
[11:45:31]   /usr/bin/size                                   [ OK ]
[11:45:31]   /usr/bin/sort                                   [ OK ]
[11:45:31]   /usr/bin/ssh                                    [ OK ]
[11:45:31]   /usr/bin/stat                                   [ OK ]
[11:45:31]   /usr/bin/strace                                 [ OK ]
[11:45:31]   /usr/bin/strings                                [ OK ]
[11:45:31]   /usr/bin/sudo                                   [ OK ]
[11:45:32]   /usr/bin/tail                                   [ OK ]
[11:45:32]   /usr/bin/telnet                                 [ OK ]
[11:45:32]   /usr/bin/test                                   [ OK ]
[11:45:32]   /usr/bin/top                                    [ OK ]
[11:45:32]   /usr/bin/touch                                  [ OK ]
[11:45:32]   /usr/bin/tr                                     [ OK ]
[11:45:32]   /usr/bin/uniq                                   [ OK ]
[11:45:32]   /usr/bin/users                                  [ OK ]
[11:45:32]   /usr/bin/vmstat                                 [ OK ]
[11:45:32]   /usr/bin/w                                      [ OK ]
[11:45:32]   /usr/bin/watch                                  [ OK ]
[11:45:32]   /usr/bin/wc                                     [ OK ]
[11:45:32]   /usr/bin/wget                                   [ OK ]
[11:45:33]   /usr/bin/whatis                                 [ OK ]
[11:45:33]   /usr/bin/whereis                                [ OK ]
[11:45:33]   /usr/bin/which                                  [ OK ]
[11:45:33]   /usr/bin/who                                    [ OK ]
[11:45:33]   /usr/bin/whoami                                 [ OK ]
[11:45:33]   /usr/bin/numfmt                                 [ OK ]
[11:45:33]   /usr/bin/gawk                                   [ OK ]
[11:45:33]   /usr/bin/lwp-request                            [ Warning ]
[11:45:33] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable
[11:45:33]   /usr/bin/mail.mailutils                         [ OK ]
[11:45:33]   /usr/bin/x86_64-linux-gnu-size                  [ OK ]
[11:45:33]   /usr/bin/x86_64-linux-gnu-strings               [ OK ]
[11:45:33]   /usr/bin/telnet.netkit                          [ OK ]
[11:45:33]   /usr/bin/w.procps                               [ OK ]
[11:45:34]   /sbin/depmod                                    [ OK ]
[11:45:34]   /sbin/fsck                                      [ OK ]
[11:45:34]   /sbin/ifconfig                                  [ OK ]
[11:45:34]   /sbin/ifdown                                    [ OK ]
[11:45:34]   /sbin/ifup                                      [ OK ]
[11:45:34]   /sbin/init                                      [ OK ]
[11:45:34]   /sbin/insmod                                    [ OK ]
[11:45:34]   /sbin/ip                                        [ OK ]
[11:45:35]   /sbin/lsmod                                     [ OK ]
[11:45:35]   /sbin/modinfo                                   [ OK ]
[11:45:35]   /sbin/modprobe                                  [ OK ]
[11:45:35]   /sbin/rmmod                                     [ OK ]
[11:45:35]   /sbin/route                                     [ OK ]
[11:45:35]   /sbin/runlevel                                  [ OK ]
[11:45:35]   /sbin/sulogin                                   [ OK ]
[11:45:36]   /sbin/sysctl                                    [ OK ]
[11:45:36]   /bin/bash                                       [ OK ]
[11:45:36]   /bin/cat                                        [ OK ]
[11:45:36]   /bin/chmod                                      [ OK ]
[11:45:36]   /bin/chown                                      [ OK ]
[11:45:36]   /bin/cp                                         [ OK ]
[11:45:36]   /bin/date                                       [ OK ]
[11:45:36]   /bin/df                                         [ OK ]
[11:45:37]   /bin/dmesg                                      [ OK ]
[11:45:37]   /bin/echo                                       [ OK ]
[11:45:37]   /bin/ed                                         [ OK ]
[11:45:37]   /bin/egrep                                      [ OK ]
[11:45:37] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check.
[11:45:37]   /bin/fgrep                                      [ OK ]
[11:45:37] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check.
[11:45:37]   /bin/fuser                                      [ OK ]
[11:45:37]   /bin/grep                                       [ OK ]
[11:45:37]   /bin/ip                                         [ OK ]
[11:45:37]   /bin/kill                                       [ OK ]
[11:45:37]   /bin/less                                       [ OK ]
[11:45:38]   /bin/login                                      [ OK ]
[11:45:38]   /bin/ls                                         [ OK ]
[11:45:38]   /bin/lsmod                                      [ OK ]
[11:45:38]   /bin/mktemp                                     [ OK ]
[11:45:38]   /bin/more                                       [ OK ]
[11:45:38]   /bin/mount                                      [ OK ]
[11:45:38]   /bin/mv                                         [ OK ]
[11:45:38]   /bin/netstat                                    [ OK ]
[11:45:38]   /bin/ping                                       [ OK ]
[11:45:38]   /bin/ps                                         [ OK ]
[11:45:38]   /bin/pwd                                        [ OK ]
[11:45:39]   /bin/readlink                                   [ OK ]
[11:45:39]   /bin/sed                                        [ OK ]
[11:45:39]   /bin/sh                                         [ OK ]
[11:45:39]   /bin/su                                         [ OK ]
[11:45:39]   /bin/touch                                      [ OK ]
[11:45:39]   /bin/uname                                      [ OK ]
[11:45:39]   /bin/which                                      [ OK ]
[11:45:39] Info: Found file '/bin/which': it is whitelisted for the 'script replacement' check.
[11:45:40]   /bin/kmod                                       [ OK ]
[11:45:40]   /bin/systemd                                    [ OK ]
[11:45:40]   /bin/systemctl                                  [ OK ]
[11:45:40]   /bin/dash                                       [ OK ]
[11:45:44]   /lib/systemd/systemd                            [ OK ]
[11:45:47]
[11:45:47] Info: Starting test name 'rootkits'
[11:45:47] Checking for rootkits...
[11:45:47]
[11:45:47] Info: Starting test name 'known_rkts'
[11:45:47] Performing check of known rootkit files and directories
[11:45:47]
[11:45:47] Checking for 55808 Trojan - Variant A...
[11:45:47]   Checking for file '/tmp/.../r'                  [ Not found ]
[11:45:47]   Checking for file '/tmp/.../a'                  [ Not found ]
[11:45:47] 55808 Trojan - Variant A                          [ Not found ]
[11:45:47]
[11:45:47] Checking for ADM Worm...
[11:45:47]   Checking for string 'w0rm'                      [ Not found ]
[11:45:47] ADM Worm                                          [ Not found ]
[11:45:47]
[11:45:47] Checking for AjaKit Rootkit...
[11:45:47]   Checking for file '/dev/tux/.addr'              [ Not found ]
[11:45:47]   Checking for file '/dev/tux/.proc'              [ Not found ]
[11:45:47]   Checking for file '/dev/tux/.file'              [ Not found ]
[11:45:47]   Checking for file '/lib/.libgh-gh/cleaner'      [ Not found ]
[11:45:47]   Checking for file '/lib/.libgh-gh/Patch/patch'  [ Not found ]
[11:45:47]   Checking for file '/lib/.libgh-gh/sb0k'         [ Not found ]
[11:45:47]   Checking for directory '/dev/tux'               [ Not found ]
[11:45:47]   Checking for directory '/lib/.libgh-gh'         [ Not found ]
[11:45:47] AjaKit Rootkit                                    [ Not found ]
[11:45:47]
[11:45:47] Checking for Adore Rootkit...
[11:45:47]   Checking for file '/usr/secure'                 [ Not found ]
[11:45:47]   Checking for file '/usr/doc/sys/qrt'            [ Not found ]
[11:45:47]   Checking for file '/usr/doc/sys/run'            [ Not found ]
[11:45:47]   Checking for file '/usr/doc/sys/crond'          [ Not found ]
[11:45:47]   Checking for file '/usr/sbin/kfd'               [ Not found ]
[11:45:47]   Checking for file '/usr/doc/kern/var'           [ Not found ]
[11:45:47]   Checking for file '/usr/doc/kern/string.o'      [ Not found ]
[11:45:47]   Checking for file '/usr/doc/kern/ava'           [ Not found ]
[11:45:47]   Checking for file '/usr/doc/kern/adore.o'       [ Not found ]
[11:45:47]   Checking for file '/var/log/ssh/old'            [ Not found ]
[11:45:47]   Checking for directory '/lib/security/.config/ssh' [ Not found ]
[11:45:48]   Checking for directory '/usr/doc/kern'          [ Not found ]
[11:45:48]   Checking for directory '/usr/doc/backup'        [ Not found ]
[11:45:48]   Checking for directory '/usr/doc/backup/txt'    [ Not found ]
[11:45:48]   Checking for directory '/lib/backup'            [ Not found ]
[11:45:48]   Checking for directory '/lib/backup/txt'        [ Not found ]
[11:45:48]   Checking for directory '/usr/doc/work'          [ Not found ]
[11:45:48]   Checking for directory '/usr/doc/sys'           [ Not found ]
[11:45:48]   Checking for directory '/var/log/ssh'           [ Not found ]
[11:45:48]   Checking for directory '/usr/doc/.spool'        [ Not found ]
[11:45:48]   Checking for directory '/usr/lib/kterm'         [ Not found ]
[11:45:48] Adore Rootkit                                     [ Not found ]
[11:45:48]
[11:45:48] Checking for aPa Kit...
[11:45:48]   Checking for file '/usr/share/.aPa'             [ Not found ]
[11:45:48] aPa Kit                                           [ Not found ]
[11:45:48]
[11:45:48] Checking for Apache Worm...
[11:45:48]   Checking for file '/bin/.log'                   [ Not found ]
[11:45:48] Apache Worm                                       [ Not found ]
[11:45:48]
[11:45:48] Checking for Ambient (ark) Rootkit...
[11:45:48]   Checking for file '/usr/lib/.ark?'              [ Not found ]
[11:45:48]   Checking for file '/dev/ptyxx/.log'             [ Not found ]
[11:45:48]   Checking for file '/dev/ptyxx/.file'            [ Not found ]
[11:45:48]   Checking for file '/dev/ptyxx/.proc'            [ Not found ]
[11:45:48]   Checking for file '/dev/ptyxx/.addr'            [ Not found ]
[11:45:48]   Checking for directory '/dev/ptyxx'             [ Not found ]
[11:45:48] Ambient (ark) Rootkit                             [ Not found ]
[11:45:48]
[11:45:48] Checking for Balaur Rootkit...
[11:45:48]   Checking for file '/usr/lib/liblog.o'           [ Not found ]
[11:45:48]   Checking for directory '/usr/lib/.kinetic'      [ Not found ]
[11:45:48]   Checking for directory '/usr/lib/.egcs'         [ Not found ]
[11:45:48]   Checking for directory '/usr/lib/.wormie'       [ Not found ]
[11:45:48] Balaur Rootkit                                    [ Not found ]
[11:45:48]
[11:45:48] Checking for BeastKit Rootkit...
[11:45:48]   Checking for file '/usr/sbin/arobia'            [ Not found ]
[11:45:48]   Checking for file '/usr/sbin/idrun'             [ Not found ]
[11:45:48]   Checking for file '/usr/lib/elm/arobia/elm'     [ Not found ]
[11:45:48]   Checking for file '/usr/lib/elm/arobia/elm/hk'  [ Not found ]
[11:45:48]   Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ]
[11:45:48]   Checking for file '/usr/lib/elm/arobia/elm/sc'  [ Not found ]
[11:45:48]   Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ]
[11:45:48]   Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ]
[11:45:48]   Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ]
[11:45:48]   Checking for directory '/lib/ldd.so/bktools'    [ Not found ]
[11:45:48] BeastKit Rootkit                                  [ Not found ]
[11:45:48]
[11:45:48] Checking for beX2 Rootkit...
[11:45:48]   Checking for file '/usr/info/termcap.info-5.gz' [ Not found ]
[11:45:48]   Checking for file '/usr/bin/sshd2'              [ Not found ]
[11:45:48]   Checking for directory '/usr/include/bex'       [ Not found ]
[11:45:48] beX2 Rootkit                                      [ Not found ]
[11:45:48]
[11:45:48] Checking for BOBKit Rootkit...
[11:45:48]   Checking for file '/usr/sbin/ntpsx'             [ Not found ]
[11:45:48]   Checking for file '/usr/sbin/.../bkit-ava'      [ Not found ]
[11:45:48]   Checking for file '/usr/sbin/.../bkit-d'        [ Not found ]
[11:45:48]   Checking for file '/usr/sbin/.../bkit-shd'      [ Not found ]
[11:45:48]   Checking for file '/usr/sbin/.../bkit-f'        [ Not found ]
[11:45:48]   Checking for file '/usr/include/.../proc.h'     [ Not found ]
[11:45:48]   Checking for file '/usr/include/.../.bash_history' [ Not found ]
[11:45:48]   Checking for file '/usr/include/.../bkit-get'   [ Not found ]
[11:45:48]   Checking for file '/usr/include/.../bkit-dl'    [ Not found ]
[11:45:49]   Checking for file '/usr/include/.../bkit-screen' [ Not found ]
[11:45:49]   Checking for file '/usr/include/.../bkit-sleep' [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../bkit-adore.o'   [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../ls'             [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../netstat'        [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../lsof'           [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../bkit-ssh/bkit-mots' [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../uconf.inv'      [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../psr'            [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../find'           [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../pstree'         [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../slocate'        [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../du'             [ Not found ]
[11:45:49]   Checking for file '/usr/lib/.../top'            [ Not found ]
[11:45:49]   Checking for directory '/usr/sbin/...'          [ Not found ]
[11:45:49]   Checking for directory '/usr/include/...'       [ Not found ]
[11:45:49]   Checking for directory '/usr/include/.../.tmp'  [ Not found ]
[11:45:49]   Checking for directory '/usr/lib/...'           [ Not found ]
[11:45:49]   Checking for directory '/usr/lib/.../.ssh'      [ Not found ]
[11:45:49]   Checking for directory '/usr/lib/.../bkit-ssh'  [ Not found ]
[11:45:49]   Checking for directory '/usr/lib/.bkit-'        [ Not found ]
[11:45:49]   Checking for directory '/tmp/.bkp'              [ Not found ]
[11:45:49] BOBKit Rootkit                                    [ Not found ]
[11:45:49]
[11:45:49] Checking for cb Rootkit...
[11:45:49]   Checking for file '/dev/srd0'                   [ Not found ]
[11:45:49]   Checking for file '/lib/libproc.so.2.0.6'       [ Not found ]
[11:45:49]   Checking for file '/dev/mounnt'                 [ Not found ]
[11:45:49]   Checking for file '/etc/rc.d/init.d/init'       [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/cl'    [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/.x.tgz' [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/statdx' [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/wted'  [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/write' [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/scan'  [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/sc'    [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/sl2'   [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/wroot' [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/wscan' [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/wu'    [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/v'     [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/read'  [ Not found ]
[11:45:49]   Checking for file '/usr/lib/sshrc'              [ Not found ]
[11:45:49]   Checking for file '/usr/lib/ssh_host_key'       [ Not found ]
[11:45:49]   Checking for file '/usr/lib/ssh_host_key.pub'   [ Not found ]
[11:45:49]   Checking for file '/usr/lib/ssh_random_seed'    [ Not found ]
[11:45:49]   Checking for file '/usr/lib/sshd_config'        [ Not found ]
[11:45:49]   Checking for file '/usr/lib/shosts.equiv'       [ Not found ]
[11:45:49]   Checking for file '/usr/lib/ssh_known_hosts'    [ Not found ]
[11:45:49]   Checking for file '/u/zappa/.ssh/pid'           [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.system/..<SP>/tcp.log' [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/curatare/attrib' [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/curatare/chattr' [ Not found ]
[11:45:49]   Checking for file '/usr/bin/.zeen/..<SP>/curatare/ps' [ Not found ]
[11:45:50]   Checking for file '/usr/bin/.zeen/..<SP>/curatare/pstree' [ Not found ]
[11:45:50]   Checking for file '/usr/bin/.system/..<SP>/.x/xC.o' [ Not found ]
[11:45:50]   Checking for directory '/usr/bin/.zeen'         [ Not found ]
[11:45:50]   Checking for directory '/usr/bin/.zeen/..<SP>/curatare' [ Not found ]
[11:45:50]   Checking for directory '/usr/bin/.zeen/..<SP>/scan' [ Not found ]
[11:45:50]   Checking for directory '/usr/bin/.system/..<SP>' [ Not found ]
[11:45:50] cb Rootkit                                        [ Not found ]
[11:45:50]
[11:45:50] Checking for CiNIK Worm (Slapper.B variant)...
[11:45:50]   Checking for file '/tmp/.cinik'                 [ Not found ]
[11:45:50]   Checking for directory '/tmp/.font-unix/.cinik' [ Not found ]
[11:45:50] CiNIK Worm (Slapper.B variant)                    [ Not found ]
[11:45:50]
[11:45:50] Checking for Danny-Boy's Abuse Kit...
[11:45:50]   Checking for file '/dev/mdev'                   [ Not found ]
[11:45:50]   Checking for file '/usr/lib/libX.a'             [ Not found ]
[11:45:50] Danny-Boy's Abuse Kit                             [ Not found ]
[11:45:50]
[11:45:50] Checking for Devil RootKit...
[11:45:50]   Checking for file '/var/lib/games/.src'         [ Not found ]
[11:45:50]   Checking for file '/dev/dsx'                    [ Not found ]
[11:45:50]   Checking for file '/dev/caca'                   [ Not found ]
[11:45:50]   Checking for file '/dev/pro'                    [ Not found ]
[11:45:50]   Checking for file '/bin/bye'                    [ Not found ]
[11:45:50]   Checking for file '/bin/homedir'                [ Not found ]
[11:45:50]   Checking for file '/usr/bin/xfss'               [ Not found ]
[11:45:50]   Checking for file '/usr/sbin/tzava'             [ Not found ]

Voy a poner el final, me estoy dejando muchas partes, pero pongo lo más destacable, hubiera podido ponerlo todo por partes, pero vaya lio llevo así, podías dejar poner más carácteres de escritura en el foro, por que me hubiera gustado mucho poder postear los logs completos, por que me estoy liando yo mismo.

sigo en el siguiente post con el final del analisis con rkhunter ok arreglado, como podeis ver, aquí marca menos warnings, pero marca, y precisamente esos que marca me dan problemas.

Continuo.

Seguridad Informática / Seguridad / Re: Discos duros cifrados protegidos contra escritura, al conectarlos a la placa base reescriben la bios,rootkit fijo.

en: 28 Junio 2022, 19:58 pm

Código:

Segunda parte de rkhunter sin modificar:

[11:29:33] Info: Starting test name 'malware'
[11:29:33] Performing malware checks
[11:29:33]
[11:29:33] Info: Test 'deleted_files' disabled at users request.
[11:29:33]
[11:29:33] Info: Starting test name 'running_procs'
[11:29:37]   Checking running processes for suspicious files [ None found ]
[11:29:37]
[11:29:37] Info: Test 'hidden_procs' disabled at users request.
[11:29:38]
[11:29:38] Info: Test 'suspscan' disabled at users request.
[11:29:38]
[11:29:38] Info: Starting test name 'login_backdoors'
[11:29:38]     Checking for '/bin/.login'                    [ Not found ]
[11:29:38]     Checking for '/sbin/.login'                   [ Not found ]
[11:29:38]   Checking for login backdoors                    [ None found ]
[11:29:38]
[11:29:38] Info: Starting test name 'sniffer_logs'
[11:29:38]     Checking for file '/usr/lib/libice.log'       [ Not found ]
[11:29:38]     Checking for file '/dev/prom/sn.l'            [ Not found ]
[11:29:38]     Checking for file '/dev/fd/.88/zxsniff.log'   [ Not found ]
[11:29:38]   Checking for sniffer log files                  [ None found ]
[11:29:38]
[11:29:38] Info: Starting test name 'tripwire'
[11:29:38]   Checking for software intrusions                [ Skipped ]
[11:29:38] Info: Check skipped - tripwire not installed
[11:29:38]
[11:29:38] Info: Starting test name 'susp_dirs'
[11:29:38]     Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ]
[11:29:38]     Checking for directory '/dev/rd/cdb'          [ Not found ]
[11:29:38]   Checking for suspicious directories             [ None found ]
[11:29:38]
[11:29:38] Info: Starting test name 'ipc_shared_mem'
[11:29:38] Info: The minimum shared memory segment size to be checked (in bytes): 1048576 (1,0MB)
[11:29:38]   Checking for suspicious (large) shared memory segments [ Warning ]
[11:29:38] Warning: The following suspicious (large) shared memory segments have been found:
[11:29:38]          Process: /usr/bin/mate-panel    PID: 11695    Owner: caine    Size: 64MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/bin/caja    PID: 11803    Owner: caine    Size: 4,0MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/bin/caja    PID: 11803    Owner: caine    Size: 64MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/lib/firefox/firefox    PID: 12084    Owner: caine    Size: 7,6MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/bin/marco    PID: 11688    Owner: caine    Size: 2,0MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/lib/firefox/firefox    PID: 12084    Owner: caine    Size: 7,6MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/lib/firefox/firefox    PID: 12084    Owner: caine    Size: 7,6MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/bin/mate-terminal    PID: 16249    Owner: root    Size: 4,0MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/lib/firefox/firefox    PID: 12084    Owner: caine    Size: 7,6MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/bin/gnome-disks    PID: 24461    Owner: caine    Size: 4,0MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/bin/mate-terminal    PID: 16524    Owner: caine    Size: 4,0MB (configured size allowed: 1,0MB)
[11:29:38]          Process: /usr/bin/caja    PID: 23540    Owner: root    Size: 8,0MB (configured size allowed: 1,0MB)
[11:29:38]
[11:29:38] Info: Starting test name 'trojans'
[11:29:38] Performing trojan specific checks
[11:29:38]   Checking for enabled inetd services             [ Skipped ]
[11:29:38] Info: Check skipped - file '/etc/inetd.conf' does not exist.
[11:29:38]   Checking for enabled xinetd services            [ Skipped ]
[11:29:38] Info: Check skipped - file '/etc/xinetd.conf' does not exist.
[11:29:38]   Checking for Apache backdoor                    [ Skipped ]
[11:29:38] Info: Check skipped - no Apache module or configuration directories found.
[11:29:38]
[11:29:38] Info: Starting test name 'os_specific'
[11:29:38]   Performing Linux specific checks
[11:29:38]     Checking loaded kernel modules                [ OK ]
[11:29:38] Info: Using modules pathname of '/lib/modules/5.0.0-32-generic'
[11:29:39]     Checking kernel module names                  [ OK ]
[11:30:36]
[11:30:36] Info: Starting test name 'network'
[11:30:36] Checking the network...
[11:30:36]
[11:30:36] Performing checks on the network ports
[11:30:36] Info: Starting test name 'ports'
[11:30:36]   Performing check for backdoor ports
[11:30:36]     Checking for TCP port 1524                    [ Not found ]
[11:30:36]     Checking for TCP port 1984                    [ Not found ]
[11:30:36]     Checking for UDP port 2001                    [ Not found ]
[11:30:37]     Checking for TCP port 2006                    [ Not found ]
[11:30:37]     Checking for TCP port 2128                    [ Not found ]
[11:30:37]     Checking for TCP port 6666                    [ Not found ]
[11:30:37]     Checking for TCP port 6667                    [ Not found ]
[11:30:37]     Checking for TCP port 6668                    [ Not found ]
[11:30:37]     Checking for TCP port 6669                    [ Not found ]
[11:30:37]     Checking for TCP port 7000                    [ Not found ]
[11:30:37]     Checking for TCP port 13000                   [ Not found ]
[11:30:37]     Checking for TCP port 14856                   [ Not found ]
[11:30:37]     Checking for TCP port 25000                   [ Not found ]
[11:30:37]     Checking for TCP port 29812                   [ Not found ]
[11:30:37]     Checking for TCP port 31337                   [ Not found ]
[11:30:37]     Checking for TCP port 32982                   [ Not found ]
[11:30:37]     Checking for TCP port 33369                   [ Not found ]
[11:30:37]     Checking for TCP port 47107                   [ Not found ]
[11:30:38]     Checking for TCP port 47018                   [ Not found ]
[11:30:38]     Checking for TCP port 60922                   [ Not found ]
[11:30:38]     Checking for TCP port 62883                   [ Not found ]
[11:30:38]     Checking for TCP port 65535                   [ Not found ]
[11:30:38]   Checking for backdoor ports                     [ None found ]
[11:30:38]
[11:30:38] Info: Test 'hidden_ports' disabled at users request.
[11:30:38]
[11:30:38] Performing checks on the network interfaces
[11:30:38] Info: Starting test name 'promisc'
[11:30:38]   Checking for promiscuous interfaces             [ None found ]
[11:30:38]
[11:30:38] Info: Test 'packet_cap_apps' disabled at users request.
[11:30:38]
[11:30:38] Info: Starting test name 'local_host'
[11:30:38] Checking the local host...
[11:30:38]
[11:30:38] Info: Starting test name 'startup_files'
[11:30:38] Performing system boot checks
[11:30:38]   Checking for local host name                    [ Found ]
[11:30:38]
[11:30:38] Info: Starting test name 'startup_malware'
[11:30:38]   Checking for system startup files               [ Found ]
[11:30:40]   Checking system startup files for malware       [ None found ]
[11:30:40]
[11:30:40] Info: Starting test name 'group_accounts'
[11:30:40] Performing group and account checks
[11:30:40]   Checking for passwd file                        [ Found ]
[11:30:40] Info: Found password file: /etc/passwd
[11:30:40]   Checking for root equivalent (UID 0) accounts   [ None found ]
[11:30:40] Info: Found shadow file: /etc/shadow
[11:30:40]   Checking for passwordless accounts              [ Warning ]
[11:30:40] Warning: Found passwordless account in shadow file: caine
[11:30:40]
[11:30:40] Info: Starting test name 'passwd_changes'
[11:30:40]   Checking for passwd file changes                [ None found ]
[11:30:40]
[11:30:40] Info: Starting test name 'group_changes'
[11:30:40]   Checking for group file changes                 [ None found ]
[11:30:40]   Checking root account shell history files       [ OK ]
[11:30:40]
[11:30:40] Info: Starting test name 'system_configs'
[11:30:40] Performing system configuration file checks
[11:30:40]
[11:30:40] Info: Starting test name 'system_configs_ssh'
[11:30:40]   Checking for an SSH configuration file          [ Found ]
[11:30:40] Info: Found an SSH configuration file: /etc/ssh/sshd_config
[11:30:40] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
[11:30:40] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '2'.
[11:30:40]   Checking if SSH root access is allowed          [ Warning ]
[11:30:40] Warning: The SSH configuration option 'PermitRootLogin' has not been set.
           The default value may be 'yes', to allow root access.
[11:30:40]   Checking if SSH protocol v1 is allowed          [ Not set ]
[11:30:40]   Checking for other suspicious configuration settings [ None found ]
[11:30:40]
[11:30:40] Info: Starting test name 'system_configs_syslog'
[11:30:40]   Checking for a running system logging daemon    [ Found ]
[11:30:40] Info: A running 'rsyslog' daemon has been found.
[11:30:40] Info: A running 'systemd-journald' daemon has been found.
[11:30:40] Info: Found an rsyslog configuration file: /etc/rsyslog.conf
[11:30:40] Info: Found a systemd configuration file: /etc/systemd/journald.conf
[11:30:41]   Checking for a system logging configuration file [ Found ]
[11:30:41]   Checking if syslog remote logging is allowed    [ Not allowed ]
[11:30:41]
[11:30:41] Info: Starting test name 'filesystem'
[11:30:41] Performing filesystem checks
[11:30:41] Info: SCAN_MODE_DEV set to 'THOROUGH'
[11:30:43]   Checking /dev for suspicious file types         [ None found ]
[11:30:43]   Checking for hidden files and directories       [ Warning ]
[11:30:43] Warning: Hidden directory found: /etc/.java
[11:30:43]   Checking for missing log files                  [ Skipped ]
[11:30:43] Info: No missing log file names configured.
[11:30:43]   Checking for empty log files                    [ Skipped ]
[11:30:43] Info: No empty log file names configured.
[11:34:53]
[11:34:53] Info: Test 'apps' disabled at users request.
[11:34:53]
[11:34:53] System checks summary
[11:34:53] =====================
[11:34:53]
[11:34:53] File properties checks...
[11:34:53] Required commands check failed
[11:34:53] Files checked: 152
[11:34:53] Suspect files: 152
[11:34:53]
[11:34:53] Rootkit checks...
[11:34:53] Rootkits checked : 500
[11:34:53] Possible rootkits: 12
[11:34:53]
[11:34:53] Applications checks...
[11:34:53] All checks skipped
[11:34:53]
[11:34:53] The system checks took: 7 minutes and 30 seconds
[11:34:53]
[11:34:53] Info: End date is gio 23 giu 2022, 11.34.53, CEST

Bien, este es el primer log, sin modificar rkhunter, arroja muchos warnings, y los posibles rootkits 12, ahora pondré en el siguiente post el análisis con rkhunter arreglado, desaparecen casi todos los warning,sigue marcando alguno, y los posibles rootkits continuan.

Sigo.

57	Seguridad Informática / Seguridad / Re: Discos duros cifrados protegidos contra escritura, al conectarlos a la placa base reescriben la bios,rootkit fijo.	en: 28 Junio 2022, 19:30 pm
Hola buenas. Citar El análisis que da el comando es un análisis breve... ejécutalo al completo: chkdsk n: /F /V /R ...son 5 fases, la 4ª y 5ª llevan mucho tiempo (horas básicamente, pero depende dle tamaño, velocidad y daños (si los hubiere) del disco) Si ya se que estoy utilizando un comando corto de chkdsk, pero me sirve para comprobar, que no me arroja el error de el disco esta protegido contra escritura, y codigo de error 50 cuando se transferia al registro... por eso me vale. De todas formas , he pasado el comando: c: /f /x /r Que es más completo, y se a tirado una hora o más, y el resultado a sido ok, perfect Ahora mismo llevo todo el día reparando discos duros que tengo unos 8 no se ahora, por ahí andarán... Ahora mismo estoy reparando uno de 500gb,cuando este formateado a bajo nivel, le pasaré tu comando, de todas formas, tengo todas las chuletas de chkdsk, me voy a volver experto a este paso... Ya te comentaré el resultado, pero de momento todo ok. Citar ¿Has oído hablar de los falsos positivos? La última versión de rkhunter es de 2018 Si señor el brujo, lo e oido, y lo e estudiado, llevo semanas o meses enchufado sin parar estudiando, (ya me dejé la cafeina, solo dos cafes por la mañana) Ahora pondré el log, lo he recuperado del disco duro antes de formatearlo bajo nivel Se que habían falsos positivos, ya casi lo se de memoria, hay que hacer un update del programa, y pasarle, varios comandos, entre ellos, rkhunter --propupd, luego de eso, desapareciron la gran mayoria de warning, lo podriá explicar, pero no tengo ganas, yo ya lo se, muchas horas de estudio llevo... Pondré el log original sin hacer nada, y luego el log arreglado, y vereis que me marca no 16 si no 12 posibles rootkits, posibles, que no es seguro, pero si lo marca es por algo, y con todos los problemas que tengo, creo que puede ser... ya que el tema de los rootkits es que engañan al s.o. y se esconden... por eso, puede ser verdad. Aparte, he descargado programas más modernos y mejores que rkhunter y chrootkit, como aide, pero en todos los que he instalado, me marca error... pero bueno... ahora empieza lo bueno para mi, fase nueva en el videojuego... con los discos duros limpios, y con un fedora original, volveré a empezar partida más limpia. voy a poner los logs, los he rescatado antes formatear bajo nivel, primero uno sin modificar rkhunter, y luego, modificado rkhunter que arroja menos advertencias, pero lo de los rootkits si lo pone, son 12 perdón, no lo recordaba bien, aya va: Bueno, no puedo ponerlos en el foro , por que son muy largos intentaré poner lo más interesante, y si no haré dobles post. Pero para no saturar, pondré solo la parte de los warnings y los posibles rootkits, alla va, primero , con rkhunter sin modificar los parámetros y luego modificado. EL primero: [code][11:27:25] Info: Starting test name 'properties' [11:27:25] Performing file properties checks [11:27:25] Warning: Checking for prerequisites [ Warning ] [11:27:25] No output from the 'lsattr' command - all file immutable-bit checks will be skipped. [11:27:25] The local host configuration or operating system has changed. [11:27:27] /usr/local/bin/test [ Warning ] [11:27:27] Warning: The file '/usr/local/bin/test' exists on the system, but it is not present in the 'rkhunter.dat' file. [11:27:28] /usr/sbin/adduser [ Warning ] [11:27:28] Warning: The file properties have changed: [11:27:28] File: /usr/sbin/adduser [11:27:28] Current inode: 136452 Stored inode: 1191091 [11:27:28] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check. [11:27:28] /usr/sbin/chroot [ Warning ] [11:27:28] Warning: The file properties have changed: [11:27:28] File: /usr/sbin/chroot [11:27:28] Current inode: 136485 Stored inode: 1191110 [11:27:28] /usr/sbin/cron [ Warning ] [11:27:28] Warning: The file properties have changed: [11:27:28] File: /usr/sbin/cron [11:27:28] Current inode: 136497 Stored inode: 1191120 [11:27:28] /usr/sbin/groupadd [ Warning ] [11:27:28] Warning: The file properties have changed: [11:27:28] File: /usr/sbin/groupadd [11:27:28] Current hash: d703eec3ce7e9bc44ab21cb5fc7281654b108e145b85d61b88fa05dbfdb10df7 [11:27:28] Stored hash : 7274989b6b8e7ac8201b85139ed6b32fe2f9c8cc7313e38d2c12c9eee2fa5171 [11:27:28] Current inode: 136549 Stored inode: 1191146 [11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:29] /usr/sbin/groupdel [ Warning ] [11:27:29] Warning: The file properties have changed: [11:27:29] File: /usr/sbin/groupdel [11:27:29] Current hash: 63850f994fdab68652e8be2eaaec667e4ab9f8583bf7be094d5f91e198b28c61 [11:27:29] Stored hash : c48d32fe2f4959167bd6bfc688c3cf29c2fcd2a6be9309114a0c6fa4422cd9d8 [11:27:29] Current inode: 136550 Stored inode: 1191147 [11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:29] /usr/sbin/groupmod [ Warning ] [11:27:29] Warning: The file properties have changed: [11:27:29] File: /usr/sbin/groupmod [11:27:29] Current hash: 9efc88b57878fd98efdc9a98608d9b8950a7117db2a8081a2e0f6b96ace0a3f6 [11:27:29] Stored hash : af3e688333f0d859c7447f725567aad7ab9c763dcde90b9defb84aec4d84e1f2 [11:27:29] Current inode: 136552 Stored inode: 1191149 [11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:29] /usr/sbin/grpck [ Warning ] [11:27:29] Warning: The file properties have changed: [11:27:29] File: /usr/sbin/grpck [11:27:29] Current hash: 259901c641944017deb7136da4d107e591390ee96925c2c99c5c8ac10f904d0c [11:27:29] Stored hash : 8a6407b091487d2a30b52e69f15d8c1d5d873904b77c334c150deb0274e4583c [11:27:29] Current inode: 136553 Stored inode: 1191150 [11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:29] /usr/sbin/nologin [ Warning ] [11:27:29] Warning: The file properties have changed: [11:27:29] File: /usr/sbin/nologin [11:27:29] Current hash: 2e68cf7abbd5ebb85efb8443257f094d35871c0a3384ba71effea98edf517ea5 [11:27:29] Stored hash : b6a40cf6f883aa3f5042e54a4e7f455846e983fb3b1769caa580139cb4a0107f [11:27:29] Current inode: 136638 Stored inode: 1191197 [11:27:29] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:29] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:30] /usr/sbin/pwck [ Warning ] [11:27:30] Warning: The file properties have changed: [11:27:30] File: /usr/sbin/pwck [11:27:30] Current hash: eb29cd40cb8b153c64704dcfcd31359440ee9efe362b86d3af04b4c8f8ff6e1a [11:27:30] Stored hash : 2ee9608b222cf4ef2d8b1023a85f754d0a9bc0a07173634237ccf8ce0bbf0c14 [11:27:30] Current inode: 136678 Stored inode: 1191217 [11:27:30] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:30] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:30] /usr/sbin/rsyslogd [ Warning ] [11:27:30] Warning: The file properties have changed: [11:27:30] File: /usr/sbin/rsyslogd [11:27:30] Current inode: 136704 Stored inode: 1191228 [11:27:30] /usr/sbin/sshd [ Warning ] [11:27:30] Warning: The file '/usr/sbin/sshd' exists on the system, but it is not present in the 'rkhunter.dat' file. [11:27:30] /usr/sbin/useradd [ Warning ] [11:27:30] Warning: The file properties have changed: [11:27:30] File: /usr/sbin/useradd [11:27:30] Current hash: e808177cb21e2643fc90de0d714ab65b45e65d7805f0b72a192b204c29e737b1 [11:27:30] Stored hash : c8077e384aaeeb998b4af43b94783875778b7ee79d79406ec27af9a5148cb3ae [11:27:30] Current inode: 136811 Stored inode: 1191277 [11:27:30] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:30] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:30] /usr/sbin/userdel [ Warning ] [11:27:30] Warning: The file properties have changed: [11:27:30] File: /usr/sbin/userdel [11:27:30] Current hash: 4edf51b16552d105de39319e45625a77fe7ed5380f6499931990ed1da3f909ef [11:27:30] Stored hash : 998156c0f1d53831a978ac8c1c7a0dcdf18f1f01e59eb38c0540a5db7b759595 [11:27:30] Current inode: 136812 Stored inode: 1191278 [11:27:30] Current size: 84464 Stored size: 84432 [11:27:30] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:30] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:31] /usr/sbin/usermod [ Warning ] [11:27:31] Warning: The file properties have changed: [11:27:31] File: /usr/sbin/usermod [11:27:31] Current hash: a3648b87a7ab645e83f4990825f7710791264b307bf763377df8d8f2a6baf567 [11:27:31] Stored hash : 506e6ec1591e30a8b4084713a438955d411faf9362f54937c3cd19775c90c793 [11:27:31] Current inode: 136813 Stored inode: 1191279 [11:27:31] Current size: 126016 Stored size: 121920 [11:27:31] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:31] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:31] /usr/sbin/vipw [ Warning ] [11:27:31] Warning: The file properties have changed: [11:27:31] File: /usr/sbin/vipw [11:27:31] Current hash: da23520ecb49bfbc96334e7361e26346d319c8fc37f64f9987275eb28d49d0fb [11:27:31] Stored hash : 9ad29fc75e4804f85e027c7e9ecb4979da402438ec3a098829aa74cf0a5a0c72 [11:27:31] Current inode: 136823 Stored inode: 1191285 [11:27:31] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:31] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:31] /usr/sbin/unhide [ Warning ] [11:27:31] Warning: The file properties have changed: [11:27:31] File: /usr/sbin/unhide [11:27:31] Current inode: 136768 Stored inode: 1202265 [11:27:31] Current file modification time: 1575280912 (02-dic-2019 11:01:52) [11:27:31] Stored file modification time : 1446528173 (03-nov-2015 06:22:53) [11:27:31] /usr/sbin/unhide-linux [ Warning ] [11:27:31] Warning: The file properties have changed: [11:27:31] File: /usr/sbin/unhide-linux [11:27:31] Current inode: 136769 Stored inode: 1202263 [11:27:31] /usr/sbin/unhide-posix [ Warning ] [11:27:31] Warning: The file properties have changed: [11:27:31] File: /usr/sbin/unhide-posix [11:27:31] Current inode: 136770 Stored inode: 1202262 [11:27:31] /usr/sbin/unhide-tcp [ Warning ] [11:27:31] Warning: The file properties have changed: [11:27:31] File: /usr/sbin/unhide-tcp [11:27:31] Current inode: 136771 Stored inode: 1202261 [11:27:32] /usr/bin/awk [ Warning ] [11:27:32] Warning: The file properties have changed: [11:27:32] File: /usr/bin/awk [11:27:32] Current inode: 36128 Stored inode: 1179758 [11:27:32] Current file modification time: 1575280750 (02-dic-2019 10:59:10) [11:27:32] Stored file modification time : 1537264455 (18-set-2018 11:54:15) [11:27:32] /usr/bin/basename [ Warning ] [11:27:32] Warning: The file properties have changed: [11:27:32] File: /usr/bin/basename [11:27:32] Current inode: 36134 Stored inode: 1179762 [11:27:32] /usr/bin/chattr [ Warning ] [11:27:32] Warning: The file properties have changed: [11:27:32] File: /usr/bin/chattr [11:27:32] Current hash: 94a9adea0a0701d36ee5adcecd25ea456f01aafe6d5e0a0f0a35fa43735c59c1 [11:27:32] Stored hash : 4bc88abb911956c5eba1837e8d3cb0a0240b8c0088cb8dd127baa7720d2e06a4 [11:27:32] Current inode: 36254 Stored inode: 1179827 [11:27:32] Current file modification time: 1569520918 (26-set-2019 20:01:58) [11:27:32] Stored file modification time : 1521918808 (24-mar-2018 20:13:28) [11:27:32] /usr/bin/cut [ Warning ] [11:27:32] Warning: The file properties have changed: [11:27:32] File: /usr/bin/cut [11:27:32] Current inode: 36342 Stored inode: 1179883 [11:27:32] /usr/bin/diff [ Warning ] [11:27:32] Warning: The file properties have changed: [11:27:32] File: /usr/bin/diff [11:27:32] Current inode: 36507 Stored inode: 1179921 [11:27:32] /usr/bin/dirname [ Warning ] [11:27:32] Warning: The file properties have changed: [11:27:32] File: /usr/bin/dirname [11:27:32] Current inode: 36518 Stored inode: 1179928 [11:27:32] /usr/bin/dpkg [ Warning ] [11:27:32] Warning: The file properties have changed: [11:27:32] File: /usr/bin/dpkg [11:27:32] Current hash: a04fbea36831ceb207e02daa0da2e7115718845fef5669c461124ec96a828b84 [11:27:32] Stored hash : d1c3e14626a37fb57330759403ceb97b0dd286d60e3cba3b6ee465144eba1de6 [11:27:32] Current inode: 36543 Stored inode: 1179935 [11:27:32] Current file modification time: 1567717514 (05-set-2019 23:05:14) [11:27:32] Stored file modification time : 1523845521 (16-apr-2018 04:25:21) [11:27:32] /usr/bin/dpkg-query [ Warning ] [11:27:33] Warning: The file properties have changed: [11:27:33] File: /usr/bin/dpkg-query [11:27:33] Current hash: c030fd595169bfa22d07a6a63cae77530dec6b266b021ab5cb2dec709d5b9cd5 [11:27:33] Stored hash : 892302b08ca5fe3de11d19e3e1d2e294e095b26a9465589028ca26e448575621 [11:27:33] Current inode: 36561 Stored inode: 1179939 [11:27:33] Current file modification time: 1567717514 (05-set-2019 23:05:14) [11:27:33] Stored file modification time : 1523845521 (16-apr-2018 04:25:21) [11:27:33] /usr/bin/du [ Warning ] [11:27:33] Warning: The file properties have changed: [11:27:33] File: /usr/bin/du [11:27:33] Current inode: 36576 Stored inode: 1179945 [11:27:33] /usr/bin/env [ Warning ] [11:27:33] Warning: The file properties have changed: [11:27:33] File: /usr/bin/env [11:27:33] Current inode: 36607 Stored inode: 1179968 [11:27:33] /usr/bin/file [ Warning ] [11:27:33] Warning: The file properties have changed: [11:27:33] File: /usr/bin/file [11:27:33] Current hash: 9b00a95411bbe2f806548bea61debe9df969bb6f995b4f2da9ded779344d298a [11:27:33] Stored hash : e97ab1817c17511cb7cf3110997ceccb4baa587a7346ffb36fb2d103eb88f452 [11:27:33] Current inode: 36685 Stored inode: 1180002 [11:27:33] Current file modification time: 1572367819 (29-ott-2019 17:50:19) [11:27:33] Stored file modification time : 1528909779 (13-giu-2018 19:09:39) [11:27:33] /usr/bin/find [ Warning ] [11:27:33] Warning: The file properties have changed: [11:27:33] File: /usr/bin/find [11:27:33] Current inode: 36690 Stored inode: 1180005 [11:27:33] /usr/bin/GET [ Warning ] [11:27:33] Warning: The file properties have changed: [11:27:33] File: /usr/bin/GET [11:27:33] Current inode: 35982 Stored inode: 1179666 [11:27:33] Current file modification time: 1575280749 (02-dic-2019 10:59:09) [11:27:33] Stored file modification time : 1537264455 (18-set-2018 11:54:15) [11:27:33] /usr/bin/groups [ Warning ] [11:27:33] Warning: The file properties have changed: [11:27:33] File: /usr/bin/groups [11:27:33] Current inode: 36918 Stored inode: 1180119 [11:27:33] /usr/bin/head [ Warning ] [11:27:33] Warning: The file properties have changed: [11:27:33] File: /usr/bin/head [11:27:33] Current inode: 37037 Stored inode: 1180186 [11:27:34] /usr/bin/id [ Warning ] [11:27:34] Warning: The file properties have changed: [11:27:34] File: /usr/bin/id [11:27:34] Current inode: 37114 Stored inode: 1180221 [11:27:34] /usr/bin/ipcs [ Warning ] [11:27:34] Warning: The file properties have changed: [11:27:34] File: /usr/bin/ipcs [11:27:34] Current hash: b2c1d5345538fcf80018453f2788cd6bec9a92b8ad575ebc56271d88762da0ab [11:27:34] Stored hash : 4b91575d65bd4b44c300a55c7c7474a5c4f158b72b7050d5bb7c094e030ef560 [11:27:34] Current inode: 37184 Stored inode: 1180272 [11:27:34] Current file modification time: 1566517666 (23-ago-2019 01:47:46) [11:27:34] Stored file modification time : 1526467297 (16-mag-2018 12:41:37) [11:27:34] /usr/bin/killall [ Warning ] [11:27:34] Warning: The file properties have changed: [11:27:34] File: /usr/bin/killall [11:27:34] Current hash: ccfea15ea2ac5af918c4627bb7e43ad273ab96232bb886aa4578ccd990873c51 [11:27:34] Stored hash : 525efa977202c43ea5d8ce0d86a42bb34be77175d8ad066e00cba374e397074f [11:27:34] Current inode: 37262 Stored inode: 1180323 [11:27:34] Current size: 27768 Stored size: 23704 [11:27:34] Current file modification time: 1544543164 (11-dic-2018 16:46:04) [11:27:34] Stored file modification time : 1497560089 (15-giu-2017 22:54:49) [11:27:34] /usr/bin/last [ Warning ] [11:27:34] Warning: The file properties have changed: [11:27:34] File: /usr/bin/last [11:27:34] Current hash: d7eb312f42dcd0a6ad00372392aa70cb17a871333136fa78fd9009e406da1813 [11:27:34] Stored hash : 5ed758c30eb9db085fb0736e001463595e48600f71d15b956309ce35f9355a09 [11:27:34] Current inode: 37295 Stored inode: 1180329 [11:27:34] Current file modification time: 1566517666 (23-ago-2019 01:47:46) [11:27:34] Stored file modification time : 1526467297 (16-mag-2018 12:41:37) [11:27:34] /usr/bin/lastlog [ Warning ] [11:27:34] Warning: The file properties have changed: [11:27:34] File: /usr/bin/lastlog [11:27:34] Current hash: a9af62859f4b8d8dfd76268e57587006da1a95f719554aa902e57bd41a7eab5a [11:27:34] Stored hash : 90e9cdc574cd27261350582c05b883deff0f1430144c6619724b361bc566565b [11:27:34] Current inode: 37297 Stored inode: 1180331 [11:27:34] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:34] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:34] /usr/bin/ldd [ Warning ] [11:27:34] Warning: The file properties have changed: [11:27:34] File: /usr/bin/ldd [11:27:34] Current inode: 37308 Stored inode: 1180338 [11:27:34] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check. [11:27:34] /usr/bin/less [ Warning ] [11:27:34] Warning: The file properties have changed: [11:27:34] File: /usr/bin/less [11:27:34] Current inode: 37312 Stored inode: 1180340 [11:27:34] Current file modification time: 1575280753 (02-dic-2019 10:59:13) [11:27:35] Stored file modification time : 1537264458 (18-set-2018 11:54:18) [11:27:35] /usr/bin/locate [ Warning ] [11:27:35] Warning: The file properties have changed: [11:27:35] File: /usr/bin/locate [11:27:35] Current inode: 37399 Stored inode: 1180372 [11:27:35] Current file modification time: 1575280753 (02-dic-2019 10:59:13) [11:27:35] Stored file modification time : 1537264458 (18-set-2018 11:54:18) [11:27:35] /usr/bin/logger [ Warning ] [11:27:35] Warning: The file properties have changed: [11:27:35] File: /usr/bin/logger [11:27:35] Current hash: 2be57a5c524e722c08a74cdf5317775769a532919dad45923644f2a5d036304e [11:27:35] Stored hash : 31581aeddd9b97d5fd22c0576ed602c170dc6c682703f9110324f4dc1d2d7103 [11:27:35] Current inode: 37400 Stored inode: 1180376 [11:27:35] Current file modification time: 1566517666 (23-ago-2019 01:47:46) [11:27:35] Stored file modification time : 1526467297 (16-mag-2018 12:41:37) [11:27:35] /usr/bin/lsattr [ Warning ] [11:27:35] Warning: The file properties have changed: [11:27:35] File: /usr/bin/lsattr [11:27:35] Current hash: 9b93be49a51cc83829e4242e8c4d4bdca1a77e69dbe10b3767ee34dbe745101d [11:27:35] Stored hash : 20b05f6fea4561c6e04095a38e6c1bca733f05222db317f2386f010452c180b9 [11:27:35] Current inode: 37415 Stored inode: 1180392 [11:27:35] Current file modification time: 1569520918 (26-set-2019 20:01:58) [11:27:35] Stored file modification time : 1521918808 (24-mar-2018 20:13:28) [11:27:35] /usr/bin/lsof [ Warning ] [11:27:35] Warning: The file properties have changed: [11:27:35] File: /usr/bin/lsof [11:27:35] Current inode: 37427 Stored inode: 1180403 [11:27:35] /usr/bin/mail [ Warning ] [11:27:35] Warning: The file properties have changed: [11:27:35] File: /usr/bin/mail [11:27:35] Current inode: 37466 Stored inode: 1204799 [11:27:35] Current file modification time: 1575280754 (02-dic-2019 10:59:14) [11:27:35] Stored file modification time : 1537266339 (18-set-2018 12:25:39) [11:27:35] /usr/bin/md5sum [ Warning ] [11:27:35] Warning: The file properties have changed: [11:27:35] File: /usr/bin/md5sum [11:27:35] Current inode: 37560 Stored inode: 1180503 [11:27:35] /usr/bin/mlocate [ Warning ] [11:27:35] Warning: The file properties have changed: [11:27:35] File: /usr/bin/mlocate [11:27:35] Current inode: 37619 Stored inode: 1180528 [11:27:36] /usr/bin/newgrp [ Warning ] [11:27:36] Warning: The file properties have changed: [11:27:36] File: /usr/bin/newgrp [11:27:36] Current hash: 3117850ff94fbd09f49263c68001eb6603905aa1c07d137ec852031d873a4ab1 [11:27:36] Stored hash : a62482d823e335c9b113f78ddbe58d8d5561aea260f713f4cbf49bdb9e3e8f93 [11:27:36] Current inode: 37720 Stored inode: 1180585 [11:27:36] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:36] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:36] /usr/bin/passwd [ Warning ] [11:27:36] Warning: The file properties have changed: [11:27:36] File: /usr/bin/passwd [11:27:36] Current hash: c9348d967627b73eeb06122ff0ca1955c870dc12a8ef1b8bc8001afa53430010 [11:27:36] Stored hash : 74d2ffc34d86ace2f5d9dabb95de8c75abe824cd6cfc871d89faf65696241d2e [11:27:36] Current inode: 37834 Stored inode: 1180650 [11:27:36] Current file modification time: 1553281538 (22-mar-2019 20:05:38) [11:27:36] Stored file modification time : 1516892962 (25-gen-2018 16:09:22) [11:27:36] /usr/bin/perl [ Warning ] [11:27:36] Warning: The file properties have changed: [11:27:36] File: /usr/bin/perl [11:27:36] Current hash: 7fbeda223ca9054154cb56e47464b5a75ebbd1a0e176f4234a3a522a48092ef4 [11:27:36] Stored hash : bb206ce5ddccbb2f070b0e46f584c07bc22dd050c308e47eb7e0b55a40afba0e [11:27:36] Current inode: 37919 Stored inode: 1180714 [11:27:36] Current size: 2097720 Stored size: 2093624 [11:27:36] Current file modification time: 1542642884 (19-nov-2018 16:54:44) [11:27:36] Stored file modification time : 1531923663 (18-lug-2018 16:21:03) [11:27:36] /usr/bin/pgrep [ Warning ] [11:27:36] Warning: The file properties have changed: [11:27:36] File: /usr/bin/pgrep [11:27:36] Current hash: 607d268539f5073d67973cfac72f6ed116fee89f97ff0eb3f2ea60cbf3f168da [11:27:36] Stored hash : 52086dbdb63bf01bc6c247470a895ac1925bbd1de6452a256cdbaaa48d8e3ef7 [11:27:36] Current inode: 37953 Stored inode: 1180741 [11:27:36] Current file modification time: 1565365047 (09-ago-2019 17:37:27) [11:27:36] Stored file modification time : 1526299300 (14-mag-2018 14:01:40) [11:27:36] /usr/bin/pkill [ Warning ] [11:27:36] Warning: The file properties have changed: [11:27:36] File: /usr/bin/pkill [11:27:36] Current hash: 607d268539f5073d67973cfac72f6ed116fee89f97ff0eb3f2ea60cbf3f168da [11:27:36] Stored hash : 52086dbdb63bf01bc6c247470a895ac1925bbd1de6452a256cdbaaa48d8e3ef7 [11:27:36] Current inode: 37975 Stored inode: 1180758 [11:27:36] Current file modification time: 1575280755 (02-dic-2019 10:59:15) [11:27:36] Stored file modification time : 1537264458 (18-set-2018 11:54:18) [11:27:36] /usr/bin/pstree [ Warning ] [11:27:36] Warning: The file properties have changed: [11:27:36] File: /usr/bin/pstree [11:27:36] Current hash: 3ebb6d41888a42802e43416e85fbece5f83bcf02dd1614d2933c766207c12a28 [11:27:36] Stored hash : 5ba6189beead12a699ffb5e4b1a8fb7ae88f56981e948cb7c7c15776e4f4f63e [11:27:36] Current inode: 38183 Stored inode: 1180928 [11:27:37] Current file modification time: 1544543164 (11-dic-2018 16:46:04) [11:27:37] Stored file modification time : 1497560089 (15-giu-2017 22:54:49) [11:27:37] /usr/bin/rkhunter [ Warning ] [11:27:37] Warning: The file properties have changed: [11:27:37] File: /usr/bin/rkhunter [11:27:37] Current inode: 38384 Stored inode: 1190555 [11:27:37] /usr/bin/rpm [ Warning ] [11:27:37] Warning: The file '/usr/bin/rpm' exists on the system, but it is not present in the 'rkhunter.dat' file. [11:27:37] /usr/bin/runcon [ Warning ] [11:27:37] Warning: The file properties have changed: [11:27:37] File: /usr/bin/runcon [11:27:37] Current inode: 38429 Stored inode: 1181046 [11:27:37] /usr/bin/sha1sum [ Warning ] [11:27:37] Warning: The file properties have changed: [11:27:37] File: /usr/bin/sha1sum [11:27:37] Current inode: 38592 Stored inode: 1181099 [11:27:37] /usr/bin/sha224sum [ Warning ] [11:27:37] Warning: The file properties have changed: [11:27:37] File: /usr/bin/sha224sum [11:27:37] Current inode: 38593 Stored inode: 1181100 [11:27:37] /usr/bin/sha256sum [ Warning ] [11:27:37] Warning: The file properties have changed: [11:27:37] File: /usr/bin/sha256sum [11:27:37] Current inode: 38595 Stored inode: 1181101 [11:27:37] /usr/bin/sha384sum [ Warning ] [11:27:37] Warning: The file properties have changed: [11:27:37] File: /usr/bin/sha384sum [11:27:37] Current inode: 38596 Stored inode: 1181102 [11:27:37] /usr/bin/sha512sum [ Warning ] [11:27:37] Warning: The file properties have changed: [11:27:37] File: /usr/bin/sha512sum [11:27:37] Current inode: 38597 Stored inode: 1181103 [11:27:37] /usr/bin/size [ Warning ] [11:27:37] Warning: The file properties have changed: [11:27:37] File: /usr/bin/size [11:27:38] Current hash: b66bd6da04e6064cab25596c7f0c0153508c6b324abad4b0daff90656a5d6a23 [11:27:38] Stored hash : 6b478d3775e102443e90fecc81069f6a400303f9dafa46aad3510bb7af7aad88 [11:27:38] Current inode: 38616 Stored inode: 1181114 [11:27:38] Current file modification time: 1575280756 (02-dic-2019 10:59:16) [11:27:38] Stored file modification time : 1537264459 (18-set-2018 11:54:19) [11:27:38] /usr/bin/sort [ Warning ] [11:27:38] Warning: The file properties have changed: [11:27:38] File: /usr/bin/sort [11:27:38] Current inode: 38646 Stored inode: 1181138 [11:27:38] /usr/bin/ssh [ Warning ] [11:27:38] Warning: The file properties have changed: [11:27:38] File: /usr/bin/ssh [11:27:38] Current hash: 7488a0b216c6aba596790344a6521d65b6736b88d2871a4e8b51d8e28b211136 [11:27:38] Stored hash : 645effa85ccbe0d812ab4f2d4abdb4519c7c916e56c5fd95801f56b14ec4a5c1 [11:27:38] Current inode: 38672 Stored inode: 1181155 [11:27:38] Current file modification time: 1551701871 (04-mar-2019 13:17:51) [11:27:38] Stored file modification time : 1518229906 (10-feb-2018 03:31:46) [11:27:38] /usr/bin/stat [ Warning ] [11:27:38] Warning: The file properties have changed: [11:27:38] File: /usr/bin/stat [11:27:38] Current inode: 38687 Stored inode: 1181165 [11:27:38] /usr/bin/strace [ Warning ] [11:27:38] Warning: The file properties have changed: [11:27:38] File: /usr/bin/strace [11:27:38] Current inode: 38693 Stored inode: 1181167 [11:27:38] /usr/bin/strings [ Warning ] [11:27:38] Warning: The file properties have changed: [11:27:38] File: /usr/bin/strings [11:27:38] Current hash: 8ceeb25efb3e3708f2d750ea5eb6131de28e624b0c686501e43d9bef170acb58 [11:27:38] Stored hash : 9458ff5dd79759dc41788d91d15cb5d309bf1b25e3a439bc3d6ca6e3e7652d23 [11:27:38] Current inode: 38698 Stored inode: 1181172 [11:27:38] Current file modification time: 1575280757 (02-dic-2019 10:59:17) [11:27:38] Stored file modification time : 1537264459 (18-set-2018 11:54:19) [11:27:38] /usr/bin/sudo [ Warning ] [11:27:38] Warning: The file properties have changed: [11:27:38] File: /usr/bin/sudo [11:27:38] Current hash: 1b8166f0cd692b5d2474318e0d4b4534283339c05f5d73b125370994ac9f17fc [11:27:38] Stored hash : 9c7364b3d17e6aeaf5299b2b1589808ebb01d9a8757fd7d495137eea1e1a438e [11:27:38] Current inode: 38702 Stored inode: 1181175 [11:27:38] Current file modification time: 1570732379 (10-ott-2019 20:32:59) [11:27:38] Stored file modification time : 1516234096 (18-gen-2018 01:08:16) [11:27:38] /usr/bin/tail [ Warning ] [11:27:38] Warning: The file properties have changed: [11:27:38] File: /usr/bin/tail [11:27:38] Current inode: 38746 Stored inode: 1181206 [11:27:39] /usr/bin/telnet [ Warning ] [11:27:39] Warning: The file properties have changed: [11:27:39] File: /usr/bin/telnet [11:27:39] Current inode: 38767 Stored inode: 1181210 [11:27:39] Current file modification time: 1575280757 (02-dic-2019 10:59:17) [11:27:39] Stored file modification time : 1537264459 (18-set-2018 11:54:19) [11:27:39] /usr/bin/test [ Warning ] [11:27:39] Warning: The file properties have changed: [11:27:39] File: /usr/bin/test [11:27:39] Current inode: 38769 Stored inode: 1181212 [11:27:39] /usr/bin/top [ Warning ] [11:27:39] Warning: The file properties have changed: [11:27:39] File: /usr/bin/top [11:27:39] Current hash: 29615b5441c4ebdd6bb1e7e3301aa5f4313b326ee009645cef443fb7bab3e1e0 [11:27:39] Stored hash : 556870c813935685d5a7e9b89ec93956937037226bbf3732adebad7338795886 [11:27:39] Current inode: 38795 Stored inode: 1181232 [11:27:39] Current file modification time: 1565365047 (09-ago-2019 17:37:27) [11:27:39] Stored file modification time : 1526299300 (14-mag-2018 14:01:40) [11:27:39] /usr/bin/touch [ Warning ] [11:27:39] Warning: The file properties have changed: [11:27:39] File: /usr/bin/touch [11:27:39] Current inode: 38796 Stored inode: 1181233 [11:27:39] Current file modification time: 1575280757 (02-dic-2019 10:59:17) [11:27:39] Stored file modification time : 1537264459 (18-set-2018 11:54:19) [11:27:39] /usr/bin/tr [ Warning ] [11:27:39] Warning: The file properties have changed: [11:27:39] File: /usr/bin/tr [11:27:39] Current inode: 38798 Stored inode: 1181235 [11:27:39] /usr/bin/uniq [ Warning ] [11:27:39] Warning: The file properties have changed: [11:27:39] File: /usr/bin/uniq [11:27:39] Current inode: 38852 Stored inode: 1181273 [11:27:39] /usr/bin/users [ Warning ] [11:27:39] Warning: The file properties have changed: [11:27:39] File: /usr/bin/users [11:27:39] Current inode: 38885 Stored inode: 1181301 [11:27:39] /usr/bin/vmstat [ Warning ] [11:27:39] Warning: The file properties have changed: [11:27:39] File: /usr/bin/vmstat [11:27:39] Current hash: 04e9c1121391cd6f6c8e8290d86a692185f50374a1904e848af1937acc6486ac [11:27:39] Stored hash : 6ecb62ad8bfba3d08a057ff3bbb171051f62e5dae7f0acdab29eb24ba3724847 [11:27:39] Current inode: 38911 Stored inode: 1181314 [11:27:39] Current file modification time: 1565365047 (09-ago-2019 17:37:27) [11:27:39] Stored file modification time : 1526299300 (14-mag-2018 14:01:40) [11:27:40] /usr/bin/w [ Warning ] [11:27:40] Warning: The file properties have changed: [11:27:40] File: /usr/bin/w [11:27:40] Current hash: 7d3bb116f62c76aa011b39d993ed77216b38eb21bd3463b61bad8b97248b8e01 [11:27:40] Stored hash : e10c6009edc0c360c654601cf6d7d0b0daf344ca8ac49504105a297af8be688e [11:27:40] Current inode: 38917 Stored inode: 1181318 [11:27:40] Current file modification time: 1575280758 (02-dic-2019 10:59:18) [11:27:40] Stored file modification time : 1537264459 (18-set-2018 11:54:19) [11:27:40] /usr/bin/watch [ Warning ] [11:27:40] Warning: The file properties have changed: [11:27:40] File: /usr/bin/watch [11:27:40] Current hash: 9ff08f1ffe442ba6d08a715d0464e441938f1f634c6b6f43be55f52d7969507b [11:27:40] Stored hash : e1b67849062109fd845612d5203709e5b62cd799a180a3be27246d5f24da7d46 [11:27:40] Current inode: 38923 Stored inode: 1181321 [11:27:40] Current file modification time: 1565365047 (09-ago-2019 17:37:27) [11:27:40] Stored file modification time : 1526299300 (14-mag-2018 14:01:40) [11:27:40] /usr/bin/wc [ Warning ] [11:27:40] Warning: The file properties have changed: [11:27:40] File: /usr/bin/wc [11:27:40] Current inode: 38927 Stored inode: 1181324 [11:27:40] /usr/bin/wget [ Warning ] [11:27:40] Warning: The file properties have changed: [11:27:40] File: /usr/bin/wget [11:27:40] Current hash: 0f2b21e911bd10d795a110af7901d7860228f63cf14594ecbfb397e66000b4ae [11:27:40] Stored hash : 8b08160118a05cc01ba0a06217ea2266c3acc53fd57b1fe0f7c47d4b84c3a571 [11:27:40] Current inode: 38931 Stored inode: 1181325 [11:27:40] Current file modification time: 1554749510 (08-apr-2019 20:51:50) [11:27:40] Stored file modification time : 1525798921 (08-mag-2018 19:02:01) [11:27:40] /usr/bin/whatis [ Warning ] [11:27:40] Warning: The file properties have changed: [11:27:40] File: /usr/bin/whatis [11:27:40] Current hash: 4db12b03ae8a2b9bfdb8d275f71d60b08cf0cc6b92c13062f87960e98d34fc60 [11:27:40] Stored hash : 9dca55b557385e2d7c47ba16372703ce1b1d7b80c5576ac5bd68c40e892e7353 [11:27:40] Current inode: 38933 Stored inode: 1181326 [11:27:40] Current file modification time: 1533410172 (04-ago-2018 21:16:12) [11:27:40] Stored file modification time : 1523099733 (07-apr-2018 13:15:33) [11:27:40] /usr/bin/whereis [ Warning ] [11:27:40] Warning: The file properties have changed: [11:27:40] File: /usr/bin/whereis [11:27:40] Current hash: 80be7b9256ed74d577b8d7389542b224923aec50ced043fca32c64af7c2f25eb [11:27:40] Stored hash : fc1f9b41b89520db6267dfeb5e4a944e7de8581bea089fba05fa41ebe112b028 [11:27:40] Current inode: 38934 Stored inode: 1181327 [11:27:40] Current file modification time: 1566517666 (23-ago-2019 01:47:46) [11:27:40] Stored file modification time : 1526467297 (16-mag-2018 12:41:37) [11:27:40] /usr/bin/which [ Warning ] [11:27:40] Warning: The file properties have changed: [11:27:40] File: /usr/bin/which [11:27:40] Current inode: 38935 Stored inode: 1181328 [11:27:40] Current file modification time: 1575280758 (02-dic-2019 10:59:18) [11:27:40] Stored file modification time : 1537264459 (18-set-2018 11:54:19) [11:27:41] /usr/bin/who [ Warning ] [11:27:41] Warning: The file properties have changed: [11:27:41] File: /usr/bin/who [11:27:41] Current inode: 38937 Stored inode: 1181329 [11:27:41] /usr/bin/whoami [ Warning ] [11:27:41] Warning: The file properties have changed: [11:27:41] File: /usr/bin/whoami [11:27:41] Current inode: 38940 Stored inode: 1181330 [11:27:41] /usr/bin/numfmt [ Warning ] [11:27:41] Warning: The file properties have changed: [11:27:41] File: /usr/bin/numfmt [11:27:41] Current inode: 37754 Stored inode: 1180608 [11:27:41] /usr/bin/gawk [ Warning ] [11:27:41] Warning: The file properties have changed: [11:27:41] File: /usr/bin/gawk [11:27:41] Current inode: 36759 Stored inode: 1180050 [11:27:41] /usr/bin/lwp-request [ Warning ] [11:27:41] Warning: The file properties have changed: [11:27:41] File: /usr/bin/lwp-request [11:27:41] Current inode: 37441 Stored inode: 1180413 [11:27:41] Current file modification time: 1558428953 (21-mag-2019 10:55:53) [11:27:41] Stored file modification time : 1514315302 (26-dic-2017 20:08:22) [11:27:41] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable [11:27:41] /usr/bin/mail.mailutils [ Warning ] [11:27:41] Warning: The file properties have changed: [11:27:41] File: /usr/bin/mail.mailutils [11:27:41] Current inode: 37467 Stored inode: 1203803 [11:27:41] /usr/bin/x86_64-linux-gnu-size [ Warning ] [11:27:41] Warning: The file properties have changed: [11:27:41] File: /usr/bin/x86_64-linux-gnu-size [11:27:41] Current hash: b66bd6da04e6064cab25596c7f0c0153508c6b324abad4b0daff90656a5d6a23 [11:27:41] Stored hash : 6b478d3775e102443e90fecc81069f6a400303f9dafa46aad3510bb7af7aad88 [11:27:41] Current inode: 39017 Stored inode: 1181364 [11:27:41] Current file modification time: 1557303247 (08-mag-2019 10:14:07) [11:27:41] Stored file modification time : 1526498451 (16-mag-2018 21:20:51) [11:27:41] /usr/bin/x86_64-linux-gnu-strings [ Warning ] [11:27:41] Warning: The file properties have changed: [11:27:41] File: /usr/bin/x86_64-linux-gnu-strings [11:27:41] Current hash: 8ceeb25efb3e3708f2d750ea5eb6131de28e624b0c686501e43d9bef170acb58 [11:27:41] Stored hash : 9458ff5dd79759dc41788d91d15cb5d309bf1b25e3a439bc3d6ca6e3e7652d23 [11:27:41] Current inode: 39018 Stored inode: 1181365 [11:27:41] Current file modification time: 1557303247 (08-mag-2019 10:14:07) [11:27:42] Stored file modification time : 1526498451 (16-mag-2018 21:20:51) [11:27:42] /usr/bin/telnet.netkit [ Warning ] [11:27:42] Warning: The file properties have changed: [11:27:42] File: /usr/bin/telnet.netkit [11:27:42] Current inode: 38768 Stored inode: 1181211 [11:27:42] /usr/bin/w.procps [ Warning ] [11:27:42] Warning: The file properties have changed: [11:27:42] File: /usr/bin/w.procps [11:27:42] Current hash: 7d3bb116f62c76aa011b39d993ed77216b38eb21bd3463b61bad8b97248b8e01 [11:27:42] Stored hash : e10c6009edc0c360c654601cf6d7d0b0daf344ca8ac49504105a297af8be688e [11:27:42] Current inode: 38918 Stored inode: 1181319 [11:27:42] Current file modification time: 1565365047 (09-ago-2019 17:37:27) [11:27:42] Stored file modification time : 1526299300 (14-mag-2018 14:01:40) [11:27:42] /sbin/depmod [ Warning ] [11:27:42] Warning: The file properties have changed: [11:27:42] File: /sbin/depmod [11:27:42] Current hash: 31e9e2579309d2c68a812d63710cb8257601970bb73344b5ff454d362bde1695 [11:27:42] Stored hash : f06728a3741cb68fc8e57972fbf34136ee4e754c3e65d7189805b06ec1193fa3 [11:27:42] Current inode: 35711 Stored inode: 131297 [11:27:42] Current file modification time: 1575280748 (02-dic-2019 10:59:08) [11:27:42] Stored file modification time : 1537264454 (18-set-2018 11:54:14) [11:27:42] /sbin/fsck

Seguridad Informática / Seguridad / Re: Discos duros cifrados protegidos contra escritura, al conectarlos a la placa base reescriben la bios,rootkit fijo.

en: 27 Junio 2022, 22:50 pm

Hola siento el doble post y otros anteriores, pero es que he conseguido algo muy importante para mi:

Creo e conseguido desbloquear un disco duro

Con un programa que no diré, por si las moscas.

He hecho un formateo especial a bajo nivel, esto con el pc que tiene errores y estoy intentando reparar, y el comando de chkdsk, se a efectuado correctamente sin ningún error de ningún tipo

Código:

C:\Windows\system32>chkdsk N: /F
El tipo del sistema de archivos es NTFS.
La etiqueta de volumen es h.

Etapa 1: Examen de la estructura básica del sistema de archivos...


  256 registros de archivos procesados.

Comprobación de archivos completada.


  0 registros de archivos grandes procesados.


  0 registros de archivos no válidos procesados.

Etapa 2: Examen de la vinculación de nombres de archivos...


  276 entradas de índice procesadas.

Comprobación de índices completada.


  0 archivos no indizados examinados.


  0 archivos no indizados recuperados.

Etapa 3: Examen de los descriptores de seguridad...
Comprobación de descriptores de seguridad completada.


  10 archivos de datos procesados.

Se examinó el sistema de archivos sin encontrar problemas.
No se requieren más acciones.

  78018559 KB de espacio total en disco.
     30784 KB en 6 archivos.
         8 KB en 12 índices.
         0 KB en sectores defectuosos.
     68587 KB en uso por el sistema.
El archivo de registro ha ocupado      65536 kilobytes.
  77919180 KB disponibles en disco.

      4096 bytes en cada unidad de asignación.
  19504639 unidades de asignación en disco en total.
  19479795 unidades de asignación disponibles en disco.

No hay ningún error, esto puede ser el inicio de una nueva era.
Mañana lo intentaré con todos los demás discos duros,no se si me funcionará con todos, pero de momento, me voy a dormir muy contento, solo a sido un pasito más.

Saludos.

59	Sistemas Operativos / Windows / Re: Problemas con un pc reacondicionado con windows 10 preinstalado comprado nuevo.	en: 27 Junio 2022, 21:42 pm
Citar A que te refieres que no tienes "una conexión limpia"? No se creo que podeís imaginaros a que me refiero, estamos en un foro hacker... Vale, lo explico, tengo el router de la linea contratada tocado, y lo se por que puedo comparar los archivos bios(bueno, en este caso la memoria eprom spi fhas del router) con un comparador hexadecimal, para mi eso es lo más fácil,descargo la versión concreta del firmware del router,la misma versión y todo igual que la que deberia tener en el router,entonces con un programador externo y un adaptador con pinzas especial,pincho el chip (que la faena es mia...)y entonces le doy a leer el contenido del chip spi flash,luego guardo el firmware,y con el comparador de archivos hexadecimales puedo ver con todo lujo de detalles todas las modificaciones del chip, y si efectivamente cambian y mucho. Entonces,realmente, como no se programar, no lo entiendo los cambios, yo solo veo líneas de código diferentes, alguna cosa entiendo, por que salen palabras escritas, y varia mucho, yo no se que hay, por que no se programar, una lástima... por que si no, seguro lo reparaba rápido. Entonces, el tema está en que se que el firmware del router está mal, pero no se que hay... no se si me entendeis. Entonces tengo miedo de conectar el pc nuevo a ese router modificado, y que pase algo malo, por que ya tengo experiencia con esto, hace años, compré un portatil nuevo de trinca, todo nuevo, y un repetidor wifi, delante de mis morros, me actualizaron el router repetidor a una versión corrupta (visto con el procedimiento anterior de comparar los archivos con el comparador hexadecimal),y luego, pudieron acceder a mi pc, modificando bios, igualmente visto con mi procedimiento de análisis de la bios,total que me jugué todo en unos minutos por conectarlo al router corrupto. De ahí viene mi paranolla, de no querer conectarme. No quiero extenderme, tengo muchos màs problemas,actualmente utilizo un mobilde router, pero este mobil, lo perdí,y terceras personas me hicieron algo,entonces, tampoco puedo conectarme desde allí. Entonces,no soy experto,ni tengo estudios de informática,y tengo miedo de conectarlo. Ayer, por ebay,compré una colección de pinzas para pinchar chips spi flash soic-8, con las cuales,espero poder trabajar mejor, por que ahora mismo tengo dos pinzas, pero están muy gastadas de uso, y ya al pinchar el chip,no cogen y se saltan, por eso,ahora estoy en pause hasta que me lleguén las pinzas, con estas pinzas nuevas,que he comprado 5 ó 6 de diferentes clases, espero pueda trabajar con esto mejor. Y bueno, me falta saber una cosa, que ya pregunté en el foro, pero parece ser que no sabe nadie, que es, recortar las cabezeras de los firmwares de los fabricantes para poderlas grabar con el promador externo, es una faena,lo aprendí hacer, pero se me olvido, y debo volver a aprenderlo, pero creo es una tonteria, creo que solo hay que coger un programa hexadecimal, cargar el archivo de firmware del fabricante, y borrar una parte del principio del archivo binario, pero no lo recuerdo ahora mismo, cuando me lleguen las pinzas buenas, lo conseguiré, estoy seguro, será a base de prueba y error. Entonces, resumiendo,tengo miedo de conectar el equipo nuevo, a el router malo,o el mobil malo,y os aseguro que el mobil lo tengo malo, por que hace cosas muy raras, pero mucho. Haber, ahora mismo, tengo un router nuevo, de trinca, embalado en su caja,creo estará bien, por que estaba embalado, pero no me fio, y me quiero esperar a que me lleguen las pinzas buenas, para leer el firmware antes de conectarlo, para ver si pasa algo malo...luego tengo otro mobil nuevo de trinca, embalado, por lo que también estara correcto, pero no quiero ponerle la sim del mobil tocado, por si acaso, ya estoy muy escarmentado... Me he comprado también un kit de reparación de móbiles, un kit que incluye todas las piezas para poder desmontar las móbiles modernos,tablets,etc...entonces, quiero abrir el mobil, y ver si tiene chip spi flahs para poder asegurarme del todo, por que con el mobil, aunque lo sospecho bastante seguro, vale, no he podido comprobarlo seguro, pero ante la duda, mejor esperar. No tengo prisa, tengo multitud de cosas que hacer,y muchas cosas probablemente pudieran ser más simples, pero yo solo se lo que se y no se hacerlo de otra forma,entonces, me apoyo en lo que se, la prueba de comparar los binarios con el programa comparador hexadecimal,que eso va a misa, lo ve hasta un niño pequeño, si es diferente, es que está mal, lo ve cualquiera. Yo ya no salgo ni de casa casi, por que implicados en el asunto, me están dando de valiente, no voy a contarlo, que si no parecera una novela. Y realmente, quiero tenerlo todo claro, tengo aviso hecho a la policia de Teruel, que es mi capital de provincia, y luego aviso en el cuartel guardia civil de mi zona, donde ya me dijeron que podía ir cuando quisiera a poner denuncia, pero de momento no voy. En fin, que parece una pelicula,pero es verdad, ¿por que yo iva a tener que hacer todas estas movidas??? Lo que no quiero, es volverme loco, y actuar precipitadamente sin pensarlo, que es cuando la fastidio, debo estar calmado,e ir actuando poco a poco asegurando el territorio conquistado, como en la guerra. Por que realmente, ahora podria coger el router nuevo, conectarlo al pc nuevo, y buscar alguna red wifi abierta, pero no me fio, por que me acechan, con lo cual,no lo voy a hacer,tengo una antena grande wifi, pero no me funciona, compré una tarjeta de red interna, con salida de rosca para roscar el cable de la antena, perono funciona, supongo, que necesitará más potencia, o alimentación extra, no lo se, y por supuesto, al estar hackeado, las piezas que compro por ebay no me fio, y no se me ocurrirá conectarlas al pc nuevo. Jopé, estoy pensando escribir un libro, todavía no se me ocurré como titularlo, pero seguro estaría muy entretenido, saldría de todo, ordenadores, putas, matones,comedia,desmadres, fiestas,etc,etc...creo podría ser bueno. ¿y bueno,escrito esto, se os ocurre como podria conseguir una conexión limpia, teniendo un router limpio y un mobil limpio?estoy saturadoy tengo miedo de fastidiarla otra vez, me he gastado bastante dinero,no quiero fastidiarla de nuevo. Alomejor podía contratar una línea nueva, de hecho por debajo de mi ventana casa tengo una caja de fibra optica internet.... ya se me ha pasado por la cabeza abrirla e intentar hacer un empalme, pero se necesitan herramientas especiales... No se, vamos, que ahora mismo no se me ocurre como conectarme a un punto limpio aún teniendo un router limpio y un mobil limpio, tal vez, es por miedo y escarmientos pasados, si se os ocurre como podría hacerlo no dudeis en decirmelo por favor, por que yo en estos momentos, estoy ultra saturado haciendo cosas, madre mia...y alomejor me complico la vida demasiado. Todo, por no tener estudios básicos de informática. Perdón el tostón, me dió por escribir, y no escribo más que si no os canso. Saludos.

60	Sistemas Operativos / Windows / Re: Problemas con un pc reacondicionado con windows 10 preinstalado comprado nuevo.	en: 27 Junio 2022, 17:01 pm
Citar Hola Hason, el-brujo tiene razón, no deberías usar un sistema operativo modificado y encima justamente es un SO en dónde va todo montado sobre él, como programas y archivos/datos, vaya uno a saber como lo han modificado y con que finalidades. Tenés que bajar e instalar un Windows 10 desde la página oficial de Microsoft o de alguna de confianza. Claro, es lo que pienso, muchas gracias, pero lo malo, que no tengo conexión limpia...no puedo meterle nada, en todo caso, puedo meterle el windows 8.1 que tengo original,pero si lo hago,¿perderé la garantia? Eso sería mejor preguntarlo en la tienda. Es que es eso, a saber que han montado en esos pc...no debería haberlo comprado, pero bueno, una experiencia más, y e aprendido más cosas. Saludos.

Páginas: 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 ... 204