Demo entry 6351014

test

   

Submitted by anonymous on Mar 16, 2017 at 08:52
Language: XML. Code size: 1.7 kB.

行为描述:	修改文件
详情信息:	
write: path=/tmp/gates.lod, size=4
write: path=/etc/init.d/DbSecuritySpt, size=33
write: path=/usr/bin/bsd-port/getty, size=65536
write: path=/usr/bin/bsd-port/getty, size=43475
行为描述:	读取文件
详情信息:	
read: path=/lib/x86_64-linux-gnu/libc.so.6, size=832
read: path=/lib/x86_64-linux-gnu/libselinux.so.1, size=832
read: path=/lib/x86_64-linux-gnu/libpcre.so.3, size=832
read: path=/lib/x86_64-linux-gnu/libdl.so.2, size=832
read: path=/proc/filesystems, size=347
read: path=/proc/filesystems, size=0
read: path=/lib/x86_64-linux-gnu/libacl.so.1, size=832
read: path=/lib/x86_64-linux-gnu/libattr.so.1, size=832
read: path=/tmp/bin/****.elf, size=65536
read: path=/tmp/bin/****.elf, size=43475
read: path=/tmp/bin/****.elf, size=0
行为描述:	打开文件
详情信息:	
open: path=/dev/null, flags=O_RDWR, mode=0
open: path=/tmp/gates.lod, flags=O_EXCL|O_CREAT|O_RDONLY, mode=0
open: path=/tmp/gates.lod, flags=O_RDWR, mode=0
open: path=/etc/init.d/DbSecuritySpt, flags=O_TRUNC|O_CREAT|O_RDWR, mode=0
open: path=/etc/ld.so.cache, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/libc.so.6, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/libselinux.so.1, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/libpcre.so.3, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/libdl.so.2, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/proc/filesystems, flags=O_RDONLY, mode=0
open: path=/lib/x86_64-linux-gnu/libacl.so.1, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/libattr.so.1, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/tmp/bin/****.elf, flags=O_RDONLY, mode=0
open: path=/usr/bin/bsd-port/getty, flags=O_EXCL|O_CREAT|O_WRONLY, mode=0

This snippet took 0.00 seconds to highlight.

Back to the Entry List or Home.

Delete this entry (admin only).