Hi all,I have problem on CentOS 5.2
while everything is working great,suddenly i have this error when i login my server,
sudo su - -bash: /bin/egrep: cannot execute binary file -bash: /bin/egrep: cannot execute binary file -bash: /bin/egrep: cannot execute binary file -bash: /bin/hostname: cannot execute binary file -bash: /bin/grep: cannot execute binary file -bash: /bin/grep: cannot execute binary file -bash: /bin/grep: cannot execute binary file -bash: /bin/grep: cannot execute binary file [root@centos ~]#
and when i try use vi editor,i have same error like above
-bash: /bin/vi: cannot execute binary file
What is problem do you think ? i searched this problem on google but did not found any reasonable answer.
Thanks all for all helps.
On Sat, Oct 18, 2008, Semih Gokalp wrote:
Hi all,I have problem on CentOS 5.2 while everything is working great,suddenly i have this error when i login my server,
This could well mean that your system has been cracked. These programs are frequently changed in common root exploits. You can run ``rpm -V packagename'' to check for package corruption:
The command ``rpm -qf /bin/egrep'' will show the package name to which /bin/egrep belongs. A lazy way to handle this is:
rpm -V `rpm -qf /bin/egrep` rpm -V `rpm -qf /bin/hostname`
The most common reason these programs don't run after a root exploit is that the cracker has replaced them with binaries from another distribution and the binaries are looking for shared libraries that are not on the cracked system.
Bill
On Sat, Oct 18, 2008 at 1:03 AM, Semih Gokalp semihgokalp@gmail.com wrote:
sudo su -
What are you expecting this command to do? If you want to 'sudo' a command, do that. If you want to 'su,' do that. But don't mix the two together.
mhr
On Sat, Oct 18, 2008 at 12:40:26PM -0700, MHR wrote:
On Sat, Oct 18, 2008 at 1:03 AM, Semih Gokalp semihgokalp@gmail.com wrote:
sudo su -
What are you expecting this command to do? If you want to 'sudo' a command, do that. If you want to 'su,' do that. But don't mix the two together.
I'm not the OP, but "sudo su -" is a very useful command; it gives the user full root access to a root shell with root's standard profile, but doesn't require them to know the root password.
It's not good _security_ practice (not in a long way) but it can be a useful command.
-
Bill Campbell -
MHR -
Semih Gokalp -
Stephen Harris