Reply To: Vulnerability and compromised profiles (Zeroshell<3.0.0)

Home Page Forums Network Management ZeroShell Vulnerability and compromised profiles (Zeroshell<3.0.0) Reply To: Vulnerability and compromised profiles (Zeroshell<3.0.0)

#53148

meloun
Member

@aseques wrote:

Other than that, could someone explain how to identify the traces of the exploits intalled?

Check manually. Connect to SFTP and watch the files in subfolders in /DB
Run through the SSH command ps -ax and see if there is anything running from /DB whether subfolders.

PS Access SFTP can include changing the shell. Connect to SSH and run chsh, enter /bin/bash

PS2 Return shell back chsh and enter /root/kerbynet.cgi/scripts/localman or simply reboot zeroshell router.