-
AuthorPosts
-
G T Friend
G T
- Join date:
- September 2014
- Posts:
- 445
- Downloads:
- 223
- Uploads:
- 39
- Thanks:
- 8
- Thanked:
- 3 times in 2 posts
June 24, 2016 at 11:45 am #943726Hi,
Please Check the Details Showing Running Processes in the Website found from the Firewall.can we stop that process or delete the suspecius files.
Time: Fri Jun 24 02:31:12 2016 -0700
PID: 7484 (Parent PID:6800)
Account: phonecare
Uptime: 61 secondsExecutable:
/usr/bin/php
Command Line (often faked in exploits):
/usr/bin/php /home/phonecare/public_html/index.php
Network connections by the process (if any):
tcp: 162.253.153.42:60375 -> 165.254.168.48:465
Files open by the process (if any):
Memory maps by the process (if any):
00400000-00b94000 r-xp 00000000 fd:00 1850184 /usr/bin/php
00d93000-00e55000 rw-p 00793000 fd:00 1850184 /usr/bin/php
00e55000-00e78000 rw-p 00000000 00:00 0
01931000-02824000 rw-p 00000000 00:00 0 [heap]
7feaac000000-7feaac021000 rw-p 00000000 00:00 0
7feaac021000-7feab0000000 —p 00000000 00:00 0
7feab1f8d000-7feab22da000 rw-p 00000000 00:00 0
7feab22da000-7feab233a000 r–s 00000000 fd:00 2888729 /var/db/nscd/hosts
7feab233a000-7feab2350000 r-xp 00000000 fd:00 1179654 /lib64/libgcc_s-4.4.7-20120601.so.1
7feab2350000-7feab254f000 —p 00016000 fd:00 1179654 /lib64/libgcc_s-4.4.7-20120601.so.1
7feab254f000-7feab2550000 rw-p 00015000 fd:00 1179654 /lib64/libgcc_s-4.4.7-20120601.so.1
7feab2550000-7feab2551000 —p 00000000 00:00 0
7feab2551000-7feab2f51000 rw-p 00000000 00:00 0
7feab2f51000-7feab2f57000 r-xp 00000000 fd:00 2372143 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo_mysql.so
7feab2f57000-7feab3157000 —p 00006000 fd:00 2372143 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo_mysql.so
7feab3157000-7feab3158000 rw-p 00006000 fd:00 2372143 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo_mysql.so
7feab3158000-7feab3210000 r-xp 00000000 fd:00 2367434 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo_sqlite.so
7feab3210000-7feab340f000 —p 000b8000 fd:00 2367434 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo_sqlite.so
7feab340f000-7feab3414000 rw-p 000b7000 fd:00 2367434 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo_sqlite.so
7feab3414000-7feab342a000 r-xp 00000000 fd:00 2371949 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo.so
7feab342a000-7feab362a000 —p 00016000 fd:00 2371949 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo.so
7feab362a000-7feab362d000 rw-p 00016000 fd:00 2371949 /usr/local/lib/php/extensions/no-debug-non-zts-20121212/pdo.so
7feab362d000-7feab364a000 r-xp 00000000 fd:00 1179699 /lib64/libselinux.so.1
7feab364a000-7feab3849000 —p 0001d000 fd:00 1179699 /lib64/libselinux.so.1
7feab3849000-7feab384a000 r–p 0001c000 fd:00 1179699 /lib64/libselinux.so.1
7feab384a000-7feab384b000 rw-p 0001d000 fd:00 1179699 /lib64/libselinux.so.1
7feab384b000-7feab384c000 rw-p 00000000 00:00 0
7feab384c000-7feab384e000 r-xp 00000000 fd:00 1841069 /usr/lib64/libXau.so.6.0.0
7feab384e000-7feab3a4e000 —p 00002000 fd:00 1841069 /usr/lib64/libXau.so.6.0.0
7feab3a4e000-7feab3a4f000 rw-p 00002000 fd:00 1841069 /usr/lib64/libXau.so.6.0.0
7feab3a4f000-7feab3a51000 r-xp 00000000 fd:00 1179832 /lib64/libkeyutils.so.1.3
7feab3a51000-7feab3c50000 —p 00002000 fd:00 1179832 /lib64/libkeyutils.so.1.3
7feab3c50000-7feab3c51000 r–p 00001000 fd:00 1179832 /lib64/libkeyutils.so.1.3
7feab3c51000-7feab3c52000 rw-p 00002000 fd:00 1179832 /lib64/libkeyutils.so.1.3
7feab3c52000-7feab3c5c000 r-xp 00000000 fd:00 1180029 /lib64/libkrb5support.so.0.1
7feab3c5c000-7feab3e5b000 —p 0000a000 fd:00 1180029 /lib64/libkrb5support.so.0.1
7feab3e5b000-7feab3e5c000 r–p 00009000 fd:00 1180029 /lib64/libkrb5support.so.0.1
7feab3e5c000-7feab3e5d000 rw-p 0000a000 fd:00 1180029 /lib64/libkrb5support.so.0.1
7feab3e5d000-7feab3e7b000 r-xp 00000000 fd:00 1841112 /usr/lib64/libxcb.so.1.1.0
7feab3e7b000-7feab407b000 —p 0001e000 fd:00 1841112 /usr/lib64/libxcb.so.1.1.0
7feab407b000-7feab407c000 rw-p 0001e000 fd:00 1841112 /usr/lib64/libxcb.so.1.1.0
7feab407c000-7feab4094000 r-xp 00000000 fd:00 1179715 /lib64/libaudit.so.1.0.0
7feab4094000-7feab4293000 —p 00018000 fd:00 1179715 /lib64/libaudit.so.1.0.0
7feab4293000-7feab4295000 r–p 00017000 fd:00 1179715 /lib64/libaudit.so.1.0.0
7feab4295000-7feab42a0000 rw-p 00019000 fd:00 1179715 /lib64/libaudit.so.1.0.0
7feab42a0000-7feab42b7000 r-xp 00000000 fd:00 1179686 /lib64/libpthread-2.12.so
7feab42b7000-7feab44b7000 —p 00017000 fd:00 1179686 /lib64/libpthread-2.12.so
7feab44b7000-7feab44b8000 r–p 00017000 fd:00 1179686 /lib64/libpthread-2.12.so
7feab44b8000-7feab44b9000 rw-p 00018000 fd:00 1179686 /lib64/libpthread-2.12.so
7feab44b9000-7feab44bd000 rw-p 00000000 00:00 0
7feab44bd000-7feab44bf000 r-xp 00000000 fd:00 1179653 /lib64/libfreebl3.so
7feab44bf000-7feab46be000 —p 00002000 fd:00 1179653 /lib64/libfreebl3.so
7feab46be000-7feab46bf000 r–p 00001000 fd:00 1179653 /lib64/libfreebl3.so
7feab46bf000-7feab46c0000 rw-p 00002000 fd:00 1179653 /lib64/libfreebl3.so
7feab46c0000-7feab46d6000 r-xp 00000000 fd:00 1179809 /lib64/libresolv-2.12.so
7feab46d6000-7feab48d6000 —p 00016000 fd:00 1179809 /lib64/libresolv-2.12.so
7feab48d6000-7feab48d7000 r–p 00016000 fd:00 1179809 /lib64/libresolv-2.12.so
7feab48d7000-7feab48d8000 rw-p 00017000 fd:00 1179809 /lib64/libresolv-2.12.so
7feab48d8000-7feab48da000 rw-p 00000000 00:00 0
7feab48da000-7feab4a64000 r-xp 00000000 fd:00 1179662 /lib64/libc-2.12.so
7feab4a64000-7feab4c64000 —p 0018a000 fd:00 1179662 /lib64/libc-2.12.so
7feab4c64000-7feab4c68000 r–p 0018a000 fd:00 1179662 /lib64/libc-2.12.so
7feab4c68000-7feab4c6a000 rw-p 0018e000 fd:00 1179662 /lib64/libc-2.12.so
7feab4c6a000-7feab4c6e000 rw-p 00000000 00:00 0
7feab4c6e000-7feab4dbe000 r-xp 00000000 fd:00 2627907 /opt/xml2/lib/libxml2.so.2.9.2
7feab4dbe000-7feab4fbd000 —p 00150000 fd:00 2627907 /opt/xml2/lib/libxml2.so.2.9.2
7feab4fbd000-7feab4fc7000 rw-p 0014f000 fd:00 2627907 /opt/xml2/lib/libxml2.so.2.9.2
7feab4fc7000-7feab4fc8000 rw-p 00000000 00:00 0
7feab4fc8000-7feab5060000 r-xp 00000000 fd:00 1835576 /usr/lib64/libfreetype.so.6.3.22
7feab5060000-7feab525f000 —p 00098000 fd:00 1835576 /usr/lib64/libfreetype.so.6.3.22
7feab525f000-7feab5265000 rw-p 00097000 fd:00 1835576 /usr/lib64/libfreetype.so.6.3.22
7feab5265000-7feab5297000 r-xp 00000000 fd:00 1179742 /lib64/libidn.so.11.6.1
7feab5297000-7feab5496000 —p 00032000 fd:00 1179742 /lib64/libidn.so.11.6.1
7feab5496000-7feab5497000 rw-p 00031000 fd:00 1179742 /lib64/libidn.so.11.6.1
7feab5497000-7feab54f4000 r-xp 00000000 fd:00 2627460 /opt/curlssl/lib/libcurl.so.4.3.0
7feab54f4000-7feab56f3000 —p 0005d000 fd:00 2627460 /opt/curlssl/lib/libcurl.so.4.3.0
7feab56f3000-7feab56f6000 rw-p 0005c000 fd:00 2627460 /opt/curlssl/lib/libcurl.so.4.3.0
7feab56f6000-7feab56f9000 r-xp 00000000 fd:00 1179724 /lib64/libcom_err.so.2.1
7feab56f9000-7feab58f8000 —p 00003000 fd:00 1179724 /lib64/libcom_err.so.2.1
7feab58f8000-7feab58f9000 r–p 00002000 fd:00 1179724 /lib64/libcom_err.so.2.1
7feab58f9000-7feab58fa000 rw-p 00003000 fd:00 1179724 /lib64/libcom_err.so.2.1
7feab58fa000-7feab5923000 r-xp 00000000 fd:00 1179836 /lib64/libk5crypto.so.3.1
7feab5923000-7feab5b23000 —p 00029000 fd:00 1179836 /lib64/libk5crypto.so.3.1
7feab5b23000-7feab5b24000 r–p 00029000 fd:00 1179836 /lib64/libk5crypto.so.3.1
7feab5b24000-7feab5b25000 rw-p 0002a000 fd:00 1179836 /lib64/libk5crypto.so.3.1
7feab5b25000-7feab5b26000 rw-p 00000000 00:00 0
7feab5b26000-7feab5c01000 r-xp 00000000 fd:00 1180027 /lib64/libkrb5.so.3.3
7feab5c01000-7feab5e01000 —p 000db000 fd:00 1180027 /lib64/libkrb5.so.3.3
7feab5e01000-7feab5e0b000 r–p 000db000 fd:00 1180027 /lib64/libkrb5.so.3.3
7feab5e0b000-7feab5e0d000 rw-p 000e5000 fd:00 1180027 /lib64/libkrb5.so.3.3
7feab5e0d000-7feab5e4e000 r-xp 00000000 fd:00 1179736 /lib64/libgssapi_krb5.so.2.2
7feab5e4e000-7feab604e000 —p 00041000 fd:00 1179736 /lib64/libgssapi_krb5.so.2.2
7feab604e000-7feab604f000 r–p 00041000 fd:00 1179736 /lib64/libgssapi_krb5.so.2.2
7feab604f000-7feab6051000 rw-p 00042000 fd:00 1179736 /lib64/libgssapi_krb5.so.2.2
7feab6051000-7feab6067000 r-xp 00000000 fd:00 1179780 /lib64/libnsl-2.12.so
7feab6067000-7feab6266000 —p 00016000 fd:00 1179780 /lib64/libnsl-2.12.so
7feab6266000-7feab6267000 r–p 00015000 fd:00 1179780 /lib64/libnsl-2.12.so
7feab6267000-7feab6268000 rw-p 00016000 fd:00 1179780 /lib64/libnsl-2.12.so
7feab6268000-7feab626a000 rw-p 00000000 00:00 0
7feab626a000-7feab626c000 r-xp 00000000 fd:00 1179730 /lib64/libdl-2.12.so
7feab626c000-7feab646c000 —p 00002000 fd:00 1179730 /lib64/libdl-2.12.so
7feab646c000-7feab646d000 r–p 00002000 fd:00 1179730 /lib64/libdl-2.12.so
7feab646d000-7feab646e000 rw-p 00003000 fd:00 1179730 /lib64/libdl-2.12.so
7feab646e000-7feab64f1000 r-xp 00000000 fd:00 1179776 /lib64/libm-2.12.so
7feab64f1000-7feab66f0000 —p 00083000 fd:00 1179776 /lib64/libm-2.12.so
7feab66f0000-7feab66f1000 r–p 00082000 fd:00 1179776 /lib64/libm-2.12.so
7feab66f1000-7feab66f2000 rw-p 00083000 fd:00 1179776 /lib64/libm-2.12.so
7feab66f2000-7feab66f9000 r-xp 00000000 fd:00 1179818 /lib64/librt-2.12.so
7feab66f9000-7feab68f8000 —p 00007000 fd:00 1179818 /lib64/librt-2.12.so
7feab68f8000-7feab68f9000 r–p 00006000 fd:00 1179818 /lib64/librt-2.12.so
7feab68f9000-7feab68fa000 rw-p 00007000 fd:00 1179818 /lib64/librt-2.12.so
7feab68fa000-7feab693d000 r-xp 00000000 fd:00 2631095 /opt/pcre/lib/libpcre.so.1.2.6
7feab693d000-7feab6b3c000 —p 00043000 fd:00 2631095 /opt/pcre/lib/libpcre.so.1.2.6
7feab6b3c000-7feab6b3d000 rw-p 00042000 fd:00 2631095 /opt/pcre/lib/libpcre.so.1.2.6
7feab6b3d000-7feab6b7c000 r-xp 00000000 fd:00 1837935 /usr/lib64/libjpeg.so.62.0.0
7feab6b7c000-7feab6d7c000 —p 0003f000 fd:00 1837935 /usr/lib64/libjpeg.so.62.0.0
7feab6d7c000-7feab6d7d000 rw-p 0003f000 fd:00 1837935 /usr/lib64/libjpeg.so.62.0.0
7feab6d7d000-7feab6d8d000 rw-p 00000000 00:00 0
7feab6d8d000-7feab6da2000 r-xp 00000000 fd:00 1179714 /lib64/libz.so.1.2.3
7feab6da2000-7feab6fa1000 —p 00015000 fd:00 1179714 /lib64/libz.so.1.2.3
7feab6fa1000-7feab6fa2000 r–p 00014000 fd:00 1179714 /lib64/libz.so.1.2.3
7feab6fa2000-7feab6fa3000 rw-p 00015000 fd:00 1179714 /lib64/libz.so.1.2.3
7feab6fa3000-7feab6fc8000 r-xp 00000000 fd:00 1837945 /usr/lib64/libpng12.so.0.49.0
7feab6fc8000-7feab71c8000 —p 00025000 fd:00 1837945 /usr/lib64/libpng12.so.0.49.0
7feab71c8000-7feab71c9000 rw-p 00025000 fd:00 1837945 /usr/lib64/libpng12.so.0.49.0
7feab71c9000-7feab71da000 r-xp 00000000 fd:00 1843667 /usr/lib64/libXpm.so.4.11.0
7feab71da000-7feab73d9000 —p 00011000 fd:00 1843667 /usr/lib64/libXpm.so.4.11.0
7feab73d9000-7feab73da000 rw-p 00010000 fd:00 1843667 /usr/lib64/libXpm.so.4.11.0
7feab73da000-7feab7511000 r-xp 00000000 fd:00 1843660 /usr/lib64/libX11.so.6.3.0
7feab7511000-7feab7711000 —p 00137000 fd:00 1843660 /usr/lib64/libX11.so.6.3.0
7feab7711000-7feab7717000 rw-p 00137000 fd:00 1843660 /usr/lib64/libX11.so.6.3.0
7feab7717000-7feab7723000 r-xp 00000000 fd:00 1180040 /lib64/libpam.so.0.82.2
7feab7723000-7feab7923000 —p 0000c000 fd:00 1180040 /lib64/libpam.so.0.82.2
7feab7923000-7feab7924000 r–p 0000c000 fd:00 1180040 /lib64/libpam.so.0.82.2
7feab7924000-7feab7925000 rw-p 0000d000 fd:00 1180040 /lib64/libpam.so.0.82.2
7feab7925000-7feab792e000 r-xp 00000000 fd:00 1844747 /usr/lib64/libltdl.so.7.2.1
7feab792e000-7feab7b2d000 —p 00009000 fd:00 1844747 /usr/lib64/libltdl.so.7.2.1
7feab7b2d000-7feab7b2e000 rw-p 00008000 fd:00 1844747 /usr/lib64/libltdl.so.7.2.1
7feab7b2e000-7feab7b58000 r-xp 00000000 fd:00 2626945 /opt/libmcrypt/lib/libmcrypt.so.4.4.8
7feab7b58000-7feab7d57000 —p 0002a000 fd:00 2626945 /opt/libmcrypt/lib/libmcrypt.so.4.4.8
7feab7d57000-7feab7d5b000 rw-p 00029000 fd:00 2626945 /opt/libmcrypt/lib/libmcrypt.so.4.4.8
7feab7d5b000-7feab7d60000 rw-p 00000000 00:00 0
7feab7d60000-7feab803a000 r-xp 00000000 fd:00 1851166 /usr/lib64/libmysqlclient.so.18.0.0
7feab803a000-7feab8239000 —p 002da000 fd:00 1851166 /usr/lib64/libmysqlclient.so.18.0.0
7feab8239000-7feab82bd000 rw-p 002d9000 fd:00 1851166 /usr/lib64/libmysqlclient.so.18.0.0
7feab82bd000-7feab82c2000 rw-p 00000000 00:00 0
7feab82c2000-7feab8324000 r-xp 00000000 fd:00 1840411 /usr/lib64/libssl.so.1.0.1e
7feab8324000-7feab8523000 —p 00062000 fd:00 1840411 /usr/lib64/libssl.so.1.0.1e
7feab8523000-7feab8527000 r–p 00061000 fd:00 1840411 /usr/lib64/libssl.so.1.0.1e
7feab8527000-7feab852e000 rw-p 00065000 fd:00 1840411 /usr/lib64/libssl.so.1.0.1e
7feab852e000-7feab86e8000 r-xp 00000000 fd:00 1837184 /usr/lib64/libcrypto.so.1.0.1e
7feab86e8000-7feab88e7000 —p 001ba000 fd:00 1837184 /usr/lib64/libcrypto.so.1.0.1e
7feab88e7000-7feab8902000 r–p 001b9000 fd:00 1837184 /usr/lib64/libcrypto.so.1.0.1e
7feab8902000-7feab890e000 rw-p 001d4000 fd:00 1837184 /usr/lib64/libcrypto.so.1.0.1e
7feab890e000-7feab8912000 rw-p 00000000 00:00 0
7feab8912000-7feab8919000 r-xp 00000000 fd:00 1179666 /lib64/libcrypt-2.12.so
7feab8919000-7feab8b19000 —p 00007000 fd:00 1179666 /lib64/libcrypt-2.12.so
7feab8b19000-7feab8b1a000 r–p 00007000 fd:00 1179666 /lib64/libcrypt-2.12.so
7feab8b1a000-7feab8b1b000 rw-p 00008000 fd:00 1179666 /lib64/libcrypt-2.12.so
7feab8b1b000-7feab8b49000 rw-p 00000000 00:00 0
7feab8b49000-7feab8b69000 r-xp 00000000 fd:00 1179651 /lib64/ld-2.12.so
7feab8b88000-7feab8bbd000 r–s 00000000 fd:00 2888730 /var/db/nscd/services
7feab8bbd000-7feab8d5f000 rw-p 00000000 00:00 0
7feab8d67000-7feab8d68000 rw-p 00000000 00:00 0
7feab8d68000-7feab8d69000 r–p 0001f000 fd:00 1179651 /lib64/ld-2.12.so
7feab8d69000-7feab8d6a000 rw-p 00020000 fd:00 1179651 /lib64/ld-2.12.so
7feab8d6a000-7feab8d6b000 rw-p 00000000 00:00 0
7ffd8444f000-7ffd84464000 rw-p 00000000 00:00 0 [stack]
7ffd84573000-7ffd84574000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Ninja Lead
Moderator
Ninja Lead
- Join date:
- November 2014
- Posts:
- 16064
- Downloads:
- 310
- Uploads:
- 2864
- Thanks:
- 341
- Thanked:
- 3854 times in 3563 posts
-
AuthorPosts
This topic contains 1 reply, has 2 voices, and was last updated by Ninja Lead 8 years, 4 months ago.
We moved to new unified forum. Please post all new support queries in our New Forum