Jump to content

aelius

Administrators
 View Profile  See their activity

  • Posts

    4970

  • Joined

  • Last visited

  • Days Won

    372

 Content Type 

Everything posted by aelius

  1. aelius
    O regula simpla cu care puteti face logging sau puteti bloca shellshock. iptables -I INPUT -p tcp -m string --algo bm --string "() {" --dport 80 -j LOG --log-prefix "shellshock rule 1: " Cum apare ? pluto:~# dmesg [12526689.726816] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=192.185.82.92 DST=xxx.xxx.88.5 LEN=287 TOS=0x00 PREC=0x00 TTL=45 ID=21610 DF PROTO=TCP SPT=39893 DPT=80 WINDOW=229 RES=0x00 ACK PSH URGP=0 [12573352.452710] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=108.163.187.146 DST=xxx.xxx.88.10 LEN=421 TOS=0x00 PREC=0x00 TTL=48 ID=25760 DF PROTO=TCP SPT=42647 DPT=80 WINDOW=115 RES=0x00 ACK PSH URGP=0 [12573362.110534] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=184.106.196.169 DST=xxx.xxx.88.7 LEN=419 TOS=0x00 PREC=0x00 TTL=48 ID=55433 DF PROTO=TCP SPT=40201 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0 [12573364.514235] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=110.44.30.204 DST=xxx.xxx.88.6 LEN=429 TOS=0x00 PREC=0x00 TTL=40 ID=20190 DF PROTO=TCP SPT=38820 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12573369.889964] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=194.28.86.63 DST=xxx.xxx.88.5 LEN=420 TOS=0x00 PREC=0x00 TTL=56 ID=32172 DF PROTO=TCP SPT=48732 DPT=80 WINDOW=115 RES=0x00 ACK PSH URGP=0 [12576046.844450] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=72.249.151.145 DST=xxx.xxx.88.5 LEN=428 TOS=0x00 PREC=0x00 TTL=48 ID=11314 DF PROTO=TCP SPT=46735 DPT=80 WINDOW=229 RES=0x00 ACK PSH URGP=0 [12581893.832430] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=89.47.247.48 DST=xxx.xxx.88.4 LEN=427 TOS=0x00 PREC=0x00 TTL=56 ID=47806 DF PROTO=TCP SPT=40027 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582722.880301] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=180.210.205.209 DST=xxx.xxx.88.10 LEN=394 TOS=0x00 PREC=0x00 TTL=51 ID=34666 DF PROTO=TCP SPT=45498 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582723.333809] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=180.210.205.209 DST=xxx.xxx.88.10 LEN=397 TOS=0x00 PREC=0x00 TTL=51 ID=59992 DF PROTO=TCP SPT=45599 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582723.800026] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=180.210.205.209 DST=xxx.xxx.88.10 LEN=370 TOS=0x00 PREC=0x00 TTL=51 ID=5234 DF PROTO=TCP SPT=45681 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582724.856256] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=180.210.205.209 DST=xxx.xxx.88.10 LEN=367 TOS=0x00 PREC=0x00 TTL=51 ID=13614 DF PROTO=TCP SPT=45879 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582725.330168] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=180.210.205.209 DST=xxx.xxx.88.10 LEN=379 TOS=0x00 PREC=0x00 TTL=51 ID=19157 DF PROTO=TCP SPT=45962 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582725.800422] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=180.210.205.209 DST=xxx.xxx.88.10 LEN=397 TOS=0x00 PREC=0x00 TTL=51 ID=53517 DF PROTO=TCP SPT=46069 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582726.258118] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=180.210.205.209 DST=xxx.xxx.88.10 LEN=370 TOS=0x00 PREC=0x00 TTL=51 ID=53738 DF PROTO=TCP SPT=46149 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582726.708889] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=180.210.205.209 DST=xxx.xxx.88.10 LEN=367 TOS=0x00 PREC=0x00 TTL=51 ID=29443 DF PROTO=TCP SPT=46236 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12582822.019042] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=23.95.95.168 DST=xxx.xxx.88.8 LEN=426 TOS=0x00 PREC=0x00 TTL=45 ID=51576 DF PROTO=TCP SPT=47145 DPT=80 WINDOW=115 RES=0x00 ACK PSH URGP=0 [12583500.543438] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=173.83.247.209 DST=xxx.xxx.88.6 LEN=304 TOS=0x00 PREC=0x00 TTL=54 ID=35104 DF PROTO=TCP SPT=57258 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12584394.167981] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=103.23.21.67 DST=xxx.xxx.88.5 LEN=427 TOS=0x00 PREC=0x00 TTL=45 ID=29985 DF PROTO=TCP SPT=44368 DPT=80 WINDOW=115 RES=0x00 ACK PSH URGP=0 [12606520.929034] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=94.23.42.182 DST=xxx.xxx.88.7 LEN=419 TOS=0x00 PREC=0x00 TTL=58 ID=19046 DF PROTO=TCP SPT=36147 DPT=80 WINDOW=115 RES=0x00 ACK PSH URGP=0 [12606529.908862] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=85.232.60.34 DST=xxx.xxx.88.5 LEN=420 TOS=0x00 PREC=0x00 TTL=51 ID=14367 DF PROTO=TCP SPT=49751 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12606541.611815] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=67.198.141.98 DST=xxx.xxx.88.6 LEN=429 TOS=0x00 PREC=0x00 TTL=51 ID=8906 DF PROTO=TCP SPT=33844 DPT=80 WINDOW=229 RES=0x00 ACK PSH URGP=0 [12609706.584728] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=67.23.9.241 DST=xxx.xxx.88.5 LEN=428 TOS=0x00 PREC=0x00 TTL=45 ID=10222 DF PROTO=TCP SPT=43102 DPT=80 WINDOW=92 RES=0x00 ACK PSH URGP=0 [12616465.783127] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=67.23.9.241 DST=xxx.xxx.122.5 LEN=427 TOS=0x00 PREC=0x00 TTL=45 ID=24709 DF PROTO=TCP SPT=40671 DPT=80 WINDOW=92 RES=0x00 ACK PSH URGP=0 [12617580.394705] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=213.238.169.117 DST=xxx.xxx.88.8 LEN=426 TOS=0x00 PREC=0x00 TTL=47 ID=13535 DF PROTO=TCP SPT=58437 DPT=80 WINDOW=115 RES=0x00 ACK PSH URGP=0 [12619408.726456] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=202.181.246.66 DST=xxx.xxx.88.5 LEN=427 TOS=0x00 PREC=0x00 TTL=41 ID=13254 DF PROTO=TCP SPT=26414 DPT=80 WINDOW=46 RES=0x00 ACK PSH URGP=0 [12659626.759636] shellshock rule 1: IN=eth0 OUT= MAC=ac:22:0b:79:90:62:c4:71:fe:11:f9:ff:08:00 SRC=192.254.250.180 DST=xxx.xxx.102.3 LEN=293 TOS=0x00 PREC=0x00 TTL=46 ID=61584 DF PROTO=TCP SPT=22274 DPT=80 WINDOW=229 RES=0x00 ACK PSH URGP=0 Note: - Am specificat doar port 80 iar regula este doar pentru logging. Se poate adauga una pentru logging si alta pentru reject/drop - Mai multe despre shellshock aici: http://en.wikipedia.org/wiki/Shellshock_(software_bug) - Mi-a venit ideea asta pentru ca multi sunt tentati sa foloseasca snort. Probabil stiti ca la reguli multe, snort consuma foarte multe resurse CPU
  2. aelius
    ja right
  3. aelius
    Adresa ip pacatoasa nu poate suporta 1.Miluie?te-m?, Dumnezeule, dup? mare mila Ta 2.?i dup? mul?imea îndur?rilor Tale, ?terge f?r?delegea mea. 3.Mai vârtos m? spal? de f?r?delegea mea ?i de p?catul meu m? cur??e?te. 4.C? f?r?delegea mea eu o cunosc ?i p?catul meu înaintea mea este pururea. 5.?ie unuia am gre?it ?i r?u înaintea Ta am f?cut, a?a încât drept e?ti Tu întru cuvintele Tale ?i biruitor când vei judeca Tu. 6.C? iat? întru f?r?delegi m-am z?mislit ?i în p?cate m-a n?scut maica mea. 7.C? iat? adev?rul ai iubit; cele near?tate ?i cele ascunse ale în?elepciunii Tale, mi-ai ar?tat mie. 8.Stropi-m?-vei cu isop ?i m? voi cur??i; sp?la-m?-vei ?i mai vârtos decât z?pada m? voi albi. 9.Auzului meu vei da bucurie ?i veselie; bucura-se-vor oasele mele cele smerite. 10.Întoarce fa?a Ta de la p?catele mele ?i toate f?r?delegile mele ?terge-le. 11.Inim? curat? zide?te intru mine, Dumnezeule ?i duh drept înnoie?te întru cele dinl?untru ale mele. 12.Nu m? lep?da de la fa?a Ta ?i Duhul T?u cel sfânt nu-l lua de la mine. 13.D?-mi mie bucuria mântuirii Tale ?i cu duh st?pânitor m? înt?re?te. 14.Înv??a-voi pe cei f?r? de lege c?ile Tale ?i cei necredincio?i la Tine se vor întoarce. 15.Izb?ve?te-m? de v?rsarea de sânge, Dumnezeule, Dumnezeul mântuirii mele; bucura-se-va limba mea de dreptatea Ta. 16.Doamne, buzele mele vei deschide ?i gura mea va vesti lauda Ta. 17.C? de ai fi voit jertf?, ?i-a? fi dat; arderile de tot nu le vei binevoi. 18.Jertfa lui Dumnezeu: duhul umilit; inima înfrânt? ?i smerit? Dumnezeu nu o va urgisi. 19.F? bine, Doamne, întru bun? voirea Ta, Sionului, ?i s? se zideasc? zidurile Ierusalimului. 20.Atunci vei binevoi jertfa drept??ii, prinosul ?i arderile de tot; atunci vor pune pe altarul T?u vi?ei. AMIN Roaga-te domnului pacatosule, caci sfarsitul este aproape
  4. aelius
    E un singur server, a ramas de la un client ce a trecut la un i7. Haswell Intel CPU Intel i5-4570 @ 3.2 Ghz 4 Core, 4 Threads, 6MB L2 Cache 16 GB DDR3 Memory 1 x 240 GB SSD Force 3 (6Gb/s, 85.000 IOPS) 100 Mbps (to any destination) 20 TB Monthly traffic 2 IP Addresses included with reverse DNS Monthly price: 45 euro Setup fee: 0 // s-a dat la fratele sclipici
  5. aelius
    Threadul celalalt e deschis. La ce gest te referi ?
  6. aelius
    Daca mai ziceti ca MUCUL ala mic e Roman va dau ban. Ala e tigan, evitati biohazardurile )
  7. aelius
    )))))) Prost esti ma. O sa inchidem inregistrarea sa nu mai aiba acces toti ratatii ca tine.Deci tu esti asta de aici.
  8. aelius
    E obligatoriu doar la TLS
  9. aelius
    Am gramada de costume. Ma imbrac si eu cand merg pe undeva. Doar nu o sa iau costum cand merg la sala
  10. aelius
    Ban permanent. Aici nu se rezuma treaba la sql in pentagon si penetrarea lu ma-ta grasa. Sunt chestii mult mai importante de descoperit si de citit pe internet decat exploatarea vulnerabilitatilor web. Sclavule. Raspuns astepti cand adresezi o intrebare. Thread closed. Username: gabybv Date: 05.10.2014 / 00:20 The IP Address is: 79.116.235.220 The host name is: 79-116-235-220.dynamic.brasov.rd?snet.ro
  11. aelius
    Ba labare, inteleg sa dai UP la un anunt important sau cand vinzi ceva si au trecut minim 24 de ore de la primul post. Tu dai UP la ce ? la un cancer tiganesc de site pe care l-ai spart? De unde cacat sunteti ma de la tara ?
  12. aelius
    Este trafic lunar. 500 GB trafic lunar inseamna un consum constant de 1,52 Mbps. Adica maxim 23 de ascultatori la 64kbps.
  13. aelius
    Sunt folosite la frauda bre. Evita sa postezi astea aici.
  14. aelius
    Singura diferenta intre banca, amanet si camatar sunt actele.
  15. aelius
    Vand sistem de detectie si blocare dinamica a atacurilor dos/ddos pentru Linux si *BSD Capabilitati: - Analiza trafic real time [tcp/udp] - Timp de raspuns: real time - Modalitate de blocare: nullroute, pf, ipfw, iptables, scripturi sau comenzi catre alte echipamente. - Logging cu numarul de pachete pe secunda, flows, sursa atacului - Detecteaza atat atacurile lansate din retea catre exterior cat si invers. Consum resurse: - Memorie: 400-600 MB per gigabit - CPU: 10-12% din teste facute pe procesoare E3-1230, i5 4750, i7 4770 la aproximativ 350.000 pachete pe secunda Note: - Poate face call la orice aplicatie instalata pe server, inclusiv scripturi bash ce pot face nullroute in routere cisco - Functioneaza pe orice distributie de linux cat si pe FreeBSD, NetBSD, OpenBSD - Este closed source. Imi spuneti distributia/versiunea, modalitatea de blocare dorita si primiti instructiuni de utilizare + sistemul in format binar. - Sunt recomandate placi de retea intel sau alte placi ce suporta tcp offload. Pret per server: 300 euro.
  16. aelius
    Eu nu. Nu drincuiesc nimic in afara de cafea si cola. Defapt nici apa nu prea beau. Nu merg la chefuri ca-mi e frica sa nu-mi dea cu maneaua si cum sunt sarit de pe fix, poate le dau foc la casa.
  17. aelius
    a.) 20 euro ; Instalare, configurare + tuning. b.) Gratis, daca este radio exclusiv cu muzica clasica. c.) Nu fac daca este pentru distributia manelelor.
  18. aelius
    <form id="form" action="" method="get"> <- self
  19. aelius
    Ok. Fai aici un test. Daca treci de el, spune-ne ce scrie in site: http://geodns.ro/\ ip address - - [28/Sep/2014:19:13:22 +0100] "GET //WEB-INF%20(copy)/jboss-web.xml HTTP/1.0" 401 342 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" ip address - - [28/Sep/2014:19:13:22 +0100] "GET //WEB-INF%20-%20Copy/jboss-web.xml HTTP/1.0" 401 342 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" ip address - - [28/Sep/2014:19:13:22 +0100] "GET //Copy%20of%20WEB-INF/jboss-web.xml HTTP/1.0" 401 342 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" ip address - - [28/Sep/2014:19:13:23 +0100] "GET /index.html HTTP/1.0" 401 342 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" ip address - - [28/Sep/2014:19:13:24 +0100] "GET / HTTP/1.0" 401 342 "http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" ip address - - [28/Sep/2014:19:13:24 +0100] "GET / HTTP/1.0" 401 342 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" ip address - - [28/Sep/2014:19:13:25 +0100] "GET / HTTP/1.0" 401 342 "http://geodns.ro/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" ip address - - [28/Sep/2014:19:13:25 +0100] "GET / HTTP/1.0" 401 342 "................windowswin.ini" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" ip address - - [28/Sep/2014:19:13:26 +0100] "GET / HTTP/1.0" 401 342 "http://geodns.ro/" "T6g6q6Dd'; waitfor delay '0:0:9' --" ip address - - [28/Sep/2014:19:13:26 +0100] "GET / HTTP/1.0" 401 342 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" Dude, mergi la doctor. Crezi ca saracia de acunetix trece de htpasswd ? Ahahaha "http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg" "
  20. aelius

    DarkDDoS

    aelius replied to Castiel's topic in Programe hacking

    Pui stealere aici? Ban o luna!
  21. aelius
    Doua servere fara setup fee Intel Core i5-2500 @ 3.3 GHz 4 Cores, 4 Threads, 6 MB Cache Memory: 8 GB 1 x 500 GB SATA 1 IP Address with reverse dns Network Port Speed: 100Mbps Monthly traffic: 20 TB Monthly cost: 35 euro Setup fee: 0 // s-au dat.
  22. aelius

    Cumpar 2 RDP

    aelius replied to HTBrain's topic in RST Market

    hacked shit sau legal ? (rulezi rahaturi pe ele sau?)
  23. aelius
    Adresa, Numar de telefon, Nume si sa dai webcam la un admin sa-i arati cartea de identitate.
  24. aelius
    In plus, chestiile ce se vand/cumpara nu cred ca sunt tocmai ortodoxe. Adrese de email de spam, servere sparte, saracii de scannere. In Market mai bine s-ar vinde servicii de programare, web design, administrare echipamente, consultanta si chestii de genul.
  25. aelius
    E buna. Cat cere pe finalizare ?
×
×
  • Create New...