bind.c
on two my server i have found this files
-rw-r--r-- 1 nobody nobody 9637 Jan 12 15:43 bind.c
-rwxr-xr-x 1 nobody nobody 17363 Jan 22 01:27 bindz*
i have edit it and i found:
/*
Innocent Boys backdoor
*/
#define HOME "/tmp"
#define TIOCSCTTY 0x540E
#define TIOCGWINSZ 0x5413
#define TIOCSWINSZ 0x5414
#define ECHAR 0x1d
#define PORT 9865
#define BUF 32768
#include <sys/wait.h>
#include <sys/types.h>
#include <sys/resource.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <string.h>
#include <fcntl.h>
struct winsize {
unsigned short ws_row;
unsigned short ws_col;
unsigned short ws_xpixel;
unsigned short ws_ypixel;
};
/* creates tty/pty name by index */
void get_tty(int num, char *base, char *buf)
..... continue
my TMP is secure, i have also the compiler disable, how they have upgrade it? what i do now?
thx
