Telnet session exhibiting privilege escalation and shell breakout commands (enable, system, shell, sh) followed by execution of /bin/busybox with a non-standard or arbitrary applet name. The sequence indicates an attempt to escape restricted CLI environments and execute a staged or randomly named payload via BusyBox. The presence of an unknown BusyBox applet strongly suggests automated bot deployment logic rather than legitimate administrative activity.

MSSQL session sequence performing automated server reconnaissance through multiple sp_server_info calls, case-sensitivity probing, charset and configuration enumeration from master.dbo tables, and session environment adjustments (set textsize, set arithabort on). The observed queries indicate scripted capability discovery and environment profiling based strictly on database command activity.