| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+EJhAiTMCdv0NFSVvevJtqsPvf9=shgRQOhD_baaJ2RY1ptYg@mail.gmail.com>
Date: Fri, 17 Jan 2014 12:20:47 +0000
From: James Condron <james@...o-internet.org.uk>
To: Asheesh Tripathi <informationhacker08@...il.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Romanian hacker unknown string
It could mean anything. I'm just asking how you got that string. Hell, the
string of numbers '199403' could be there because in the 1994 world cup
Romania got to the 3rd to last game from the World Cup Final. Given enough
random chars in a random file you could probably get lots of allusions to
Romania. Given a string in a passwd file somewhere it could be less likely
to be a coincidence.
On Fri, Jan 17, 2014 at 12:01 PM, Asheesh Tripathi <
informationhacker08@...il.com> wrote:
> yes chances are their , if we search last 8 alphabet in search engine the
> result will come as "*szrtech1* is a Registered user in the Romanian
> Security Team" , it might be a coincidence
>
>
> On Fri, Jan 17, 2014 at 5:19 PM, James Condron <james@...o-internet.org.uk
> > wrote:
>
>> How are you capturing this password? Chances are its just a random string
>> they're using
>>
>>
>> On Fri, Jan 17, 2014 at 11:37 AM, Asheesh Tripathi <
>> informationhacker08@...il.com> wrote:
>>
>>> Yes Tried to reset password of one user account with this string
>>>
>>>
>>> On Fri, Jan 17, 2014 at 4:57 PM, James Condron <
>>> james@...o-internet.org.uk> wrote:
>>>
>>>> Okay, thats fair enough but where was that string? What makes you think
>>>> it means anything? You said something about it being a password, did you
>>>> not?
>>>>
>>>>
>>>> On Fri, Jan 17, 2014 at 11:21 AM, Asheesh Tripathi <
>>>> informationhacker08@...il.com> wrote:
>>>>
>>>>> There was many scripts in which it contains an URL to a Romanian
>>>>> hacking forum
>>>>> printf "for any info vizit http://hacking.3xforum.ro/ \n";
>>>>> printf "daca nu pica in 10 min dai pe alt port \n";
>>>>>
>>>>> I am looking for what does this string mean
>>>>> "rt3y(iii#$%)yhyuhub3p3scpb3ll3muuulttreb265199403199403reb265tgzszrtech1"
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Jan 17, 2014 at 4:08 PM, James Condron <
>>>>> james@...o-internet.org.uk> wrote:
>>>>>
>>>>>> Where was it? And how do you know 'Romanian hackers' have been near
>>>>>> your server?
>>>>>>
>>>>>> -James
>>>>>>
>>>>>>
>>>>>> On Fri, Jan 17, 2014 at 10:19 AM, Asheesh Tripathi <
>>>>>> informationhacker08@...il.com> wrote:
>>>>>>
>>>>>>>
>>>>>>> Hi All
>>>>>>>
>>>>>>> During log analysis of Linux server we have found a strings
>>>>>>> passwd
>>>>>>>
>>>>>>> rt3y(iii#$%)yhyuhub3p3scpb3ll3muuulttreb265199403199403reb265tgzszrtech1
>>>>>>>
>>>>>>> Can anybody help me out in understanding above string we have
>>>>>>> already found some traces of Romanian hackers
>>>>>>>
>>>>>>> Thanks
>>>>>>> Anaconda
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Full-Disclosure - We believe in it.
>>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists