melodic Posted April 14, 2006 Share Posted April 14, 2006 oh for fuck sake, darren please post these peoples ips so people can play :twisted: Quote Link to comment Share on other sites More sharing options...
stingwray Posted April 14, 2006 Share Posted April 14, 2006 It is getting a bit annoying now. I second the posting of the IPs so we can punish them Hak.5 Style :twisted: Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 14, 2006 Share Posted April 14, 2006 I also recommend that darran impliment anti-bot features, even if it's just "Enter the code you see in the image" when they register. Quote Link to comment Share on other sites More sharing options...
VaKo Posted April 14, 2006 Share Posted April 14, 2006 We could use the kitten test! Quote Link to comment Share on other sites More sharing options...
Rocold Posted April 14, 2006 Share Posted April 14, 2006 We could use the kitten test! Yes, I've seen this before. Maybe Darren could set it up to be click the 3 Drunk Harrisons. Quote Link to comment Share on other sites More sharing options...
melodic Posted April 14, 2006 Author Share Posted April 14, 2006 hahahahahahahah i like it!!! Quote Link to comment Share on other sites More sharing options...
VaKo Posted April 14, 2006 Share Posted April 14, 2006 Sir, you have a winner! Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 14, 2006 Share Posted April 14, 2006 A most excelent idea. Quote Link to comment Share on other sites More sharing options...
harrison Posted April 14, 2006 Share Posted April 14, 2006 Interesting game you guys got going on there, hah. Quote Link to comment Share on other sites More sharing options...
stingwray Posted April 14, 2006 Share Posted April 14, 2006 Yeah, go for the drunk harrison, that way also people signing up to the forums will have at least watched Hak.5 or spent a decent amount of time browsing the forums. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted April 14, 2006 Share Posted April 14, 2006 63.223.66.152 Have fun Quote Link to comment Share on other sites More sharing options...
melodic Posted April 14, 2006 Author Share Posted April 14, 2006 Server Used: [ whois.arin.net ] 63.223.66.152 = [ ] OrgName: Beyond The Network America Inc. OrgID: BNA-42 Address: Reston Executive Center Address: 12100 Sunset Hills Road Suite 300 City: Reston StateProv: VA PostalCode: 20190 Country: US NetRange: 63.216.0.0 - 63.223.255.255 CIDR: 63.216.0.0/13 NetName: BTN-CIDR5 NetHandle: NET-63-216-0-0-1 Parent: NET-63-0-0-0-0 NetType: Direct Allocation NameServer: NS.CAIS.COM NameServer: NS2.CAIS.COM Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE RegDate: 1999-12-09 Updated: 2004-11-12 OrgNOCHandle: NOC1582-ARIN OrgNOCName: NOC OrgNOCPhone: 1-703-621-1637 OrgNOCEmail: supportamerica@btnaccess.com OrgTechHandle: JRA62-ARIN OrgTechName: Ray Jerry OrgTechPhone: 1-703-621-0012 OrgTechEmail: jray@btnaccess.com ARIN WHOIS database last updated 2006-04-13 19: 10 Enter ? for additional hints on searching ARIN's WHOIS database. Quote Link to comment Share on other sites More sharing options...
harrison Posted April 14, 2006 Share Posted April 14, 2006 PORT STATE SERVICE VERSION 21/tcp open ftp Serv-U ftpd 6.1 80/tcp open http Apache httpd 1.3.33 ((Win32) PHP/4.4.0) 110/tcp open pop3 5000/tcp open UPnP? 5900/tcp open vnc VNC (protocol 3.8) 25/tcp open|filtered smtp 135/tcp open|filtered msrpc 136/tcp open|filtered profile 137/tcp open|filtered netbios-ns 138/tcp open|filtered netbios-dgm 139/tcp open|filtered netbios-ssn 445/tcp open|filtered microsoft-ds 27374/tcp open|filtered subseven PORT STATE SERVICE 21/tcp open ftp 80/tcp open http 110/tcp open pop3 666/tcp open doom 5000/tcp open UPnP 5800/tcp open vnc-http 5900/tcp open vnc Quote Link to comment Share on other sites More sharing options...
armadaender Posted April 14, 2006 Share Posted April 14, 2006 And hell has broken loose. Please post any and all "updates". Haha Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 14, 2006 Share Posted April 14, 2006 That server is running an outof date version of Apache (1.3.33) on windows with PHp 4.4.0 installed, any one know any vuns? Btw. This is most likly a hacked windows computer that some one has installed apache on for there own means, if 'we' 'get in' perhaps 'we' should stop this zombie ^^ Quote Link to comment Share on other sites More sharing options...
moonlit Posted April 14, 2006 Share Posted April 14, 2006 metasploit has some exploits for apache (as mentioned in the show IIRC) but I don't know which version they go up to... might look later... Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 14, 2006 Share Posted April 14, 2006 I just checked that, it only has exploits up to 1.2.24. Quote Link to comment Share on other sites More sharing options...
metatron Posted April 14, 2006 Share Posted April 14, 2006 Hears a list of vulnerabilities. http://search.securitytracker.com/cgi-bin/ts.pl Quote Link to comment Share on other sites More sharing options...
VaKo Posted April 14, 2006 Share Posted April 14, 2006 Has anyone stopped to consider if this might just be a dude with an owned box that doesn't know it. Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 14, 2006 Share Posted April 14, 2006 Thats what I said I also said we should try to unhack it. Quote Link to comment Share on other sites More sharing options...
VaKo Posted April 14, 2006 Share Posted April 14, 2006 ^^^ far to long on the "post a reply" page... Quote Link to comment Share on other sites More sharing options...
moonlit Posted April 14, 2006 Share Posted April 14, 2006 yeah - I agree... if he doesn't know it (and might never know) then it would only be fair, since we know the machine is in this state (still assuming the owner doesn't know it)... it's like knowing there's a robbery happening but just diving in and helping yourself otherwise... ok, bad example but you guys know what I mean :p Edit: another few ports - 1002/tcp open windows icfw? 1720/tcp open ms-rdp (Microsoft Terminal Service - NetMeeting, Remote Desktop, Remote Assistance) Quote Link to comment Share on other sites More sharing options...
Technologique Posted April 15, 2006 Share Posted April 15, 2006 .... I love you guys, I go away for an evening, and you're already tormenting people without me. Quote Link to comment Share on other sites More sharing options...
melodic Posted April 15, 2006 Author Share Posted April 15, 2006 why are you going to join in?? :D :twisted: Quote Link to comment Share on other sites More sharing options...
Technologique Posted April 15, 2006 Share Posted April 15, 2006 I may lend a hand to the resistance in a while, but at the moment, I've got Dr Who to watch, so I'll be glazed for a while. Shiney. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.