Found by Yewnix.
Resolved : [bot.blackunix.us] To [94.23.89.246]
Resolved : [bot.blackunix.us] To [217.29.115.1]
Resolved : [bot.blackunix.us] To [91.151.85.31]
Resolved : [bot.blackunix.us] To [59.167.240.231]
Resolved : [bot.blackunix.us] To [58.180.42.200]
Resolved : [bot.blackunix.us] To [64.31.27.18]
class pBot
{
var $config = array("server"=>"bot.blackunix.us",
"port"=>"20",
"pass"=>"",
"prefix"=>"Blood",
"maxrand"=>"15",
"key"=>"none",
"chan"=>"#metri",
"modes"=>"+ps",
"chan2"=>"#metri",
"password"=>"crack",
"trigger"=>".",
"hostauth"=>"bogel.us" // * for any hostname (remember: /setvhost pasukan.ddos.reload-x.us)
Hosting infos:
http://whois.domaintools.com/94.23.89.246
Anonymous - December 10, 2013 at 9:37 pm
http://apexio.com/wp-includes/pomo/jedor.txt
this same bot
Pig - December 11, 2013 at 6:10 pm
Thank You for the contribution next time remove http from links to prevent accidental infection.
Put hxxp for http.
Anonymous - December 16, 2013 at 2:09 am
Youtube malware found in wild. Looks interesting
http://www.sendspace.com/file/0453sm
Anonymous - December 16, 2013 at 10:22 pm
67.23.232.2/6667 check here botnet
209.20.66.191/6667 channel #fuckspot bot emech bot moded used
93.174.94.158/6667 #fuckspot
208.98.59.236/6667 #fuckspot
USERFILE 1
CMDCHAR –
LOGIN root
IRCNAME 2root
MODES +ix-ws
TOG CC 1
TOG CLOAK 1
TOG SPY 1
SET OPMODES 4
SET BANMODES 6
SET AAWAY 0
TOG NOIDLE 1
CHANNEL #fuckspot
TOG PUB 1
TOG MASS 1
TOG SHIT 1
TOG PROT 1
TOG ENFM 1
SET ENFM +nts
SET MDL 4
SET MKL 4
SET MBL 4
SET MPL 1
SERVER 93.174.94.158 6667
SERVER 210.205.6.30 6667
SERVER 209.20.66.191 6667
SERVER 208.98.59.236 6667
SERVER 89.248.172.144 6667
SERVER 208.98.59.236 6667
SERVER 186.2.165.72 6667
SERVER 115.47.22.196 6667
SERVER 115.85.42.162 6667
SERVER 202.199.160.38 6667
SERVER 202.199.160.98 6667
Anonymous - December 19, 2013 at 3:40 pm
dear Pig i found botnet and i want post here what i should do?