Warning -- K0h.org and k1u.org being used to harvest IPs


I believe that K1u manager of k0h.org domain/forums and h1u.org blog is using it to harvest IPs to try to exploit.

It started with a PM I received from him

hey, hi

whats up

I responded


why the hell are you messaging me?

his reply


I responed by quoting myself.


why the hell are you messaging me?

K1u responded

Hey do you run any sites by chance?

I responded the same as before by quoting myself.

This time his reply was a little strange.

Why the hell are you worried buddy :D

Remember you said I am a "n00b", right? Remember that?

Come over to my forums mate k0h.org lets have a chat, or comment on my blog at k1u.org

thanks man!

Why would I be worried unless he wanted something that might worry me.

Being cranky and annoyed I responded.

STFU&GTFO dumb n00b

Taking this as a major insult.

Haha... the thing you do not get is I am not a n00b.

This made me think "Maybe I'm wrong, maybe K1u is really a smart really nice guy... I know I'd better get proof"  thankfully my fellow IRCers where there to quickly bring me back to my senses, and I replied with a short portion of the conversation in IRC.


and finnaly the red flag that was raised was when k1u after getting flamed all he was interested in was still getting me to join/register on his forums...

register an account on k0h.org and check out the posts ok.

we will talk there :D


there's only 1 reason he'd still want me to register on his forums after posting these

really... that's the problem you see...

Wow... do you have to make a fucking comment out of everything you troll.

I said to top it off.


you'll have 400 baby baby's that run as fast as kenyans real kenyans then they will have a tie with real kenyans and be deproted back to kenya

What the hell are you talking about?

this you n00b http://k0h.org/energydrinkersforum/index.php?topic=64.0

Stop calling me a n00b.

You script kiddie n00b, wannabe hacker, you cant program shit and you cant hack for shit.

Fuck you. You stupid troll flamer. I am tired of your bullshit.

so he think's I'm a noob and a troll there's no reason you want one on your forums.  So we're left to conclude he wants to get my IP address because he thinks he can exploit me somehow...

As I was creating this thread I received 2 more PMs

look man I do not want to fight you ok.

I want to be friends.

Here is access to my private folder, I will change the url weekly.

I trust you to not give anything inside of it to anyone.

http:// k0h. org//privatefolder/


Dood look I want to be friends... I feel that this whole crap about fighting constantly is worthless.

As a sign of trust I will give u access to my private folder - k0h.org/privatefolder/

Please do not share anything in it with anyone.

if you do visit that URL do what I did use hidemyass.com (thanks jedi)

and it will return

Success, wrote (2008-03-16 14:17:16+ ) to file (0wned.txt)

K1u if I'm a n00b how come I saw this coming and side stepped it completely?

if you really want my IP you could have just asked for it...

and apache keeps logs with time stamps by default so you could have just grep'ed for the folder

oh and angablade is a friend of K1u so watch out from his/her links too


[14:24:10] [Angablade] Dude, does this work? http://  2xtreme.  org/test/Count/Count.php

[14:24:26] [someoneE1se] hell if I know

[14:25:13] [Angablade] Could you try and see.. cuz it works for some peopel and not for some

[14:25:32] [someoneE1se] http://forums.hak5.org/index.php/topic,870...9.html#msg89339

