To whoever hacked into my Database

Ferrous Cranus nikos.gr33k at
Wed Nov 13 22:46:59 CET 2013

root at secure:~/lib64# ls -al | grep libkey

lrwxrwxrwx 1 root root 20 Jun 22 2012 ->*
-rwxr-xr-x 1 root root 10192 Jun 22 2012*
-rwxr-xr-x 1 root root 32920 Jun 22 2012*

root at secure:~/lib64# rpm -qf
file /lib64/ is not owned by any package


It appears that my server has been compromised with a malicious payload 
designed to sniff for and steal server passwords.

This must have happened when i was handling my root passwords out in the 

Served me well.

More information about the Python-list mailing list