/* ***************************************************** * THE DIARY OF gnd (Green Legend) JONES * Linenoise.info (in)Security in it's most pure state" * ****************************************************** [gnd@avalon]$ ./random ip [+] Searching ... [+] TARGET FOUND: linenoise.info [gnd@avalon]$ linenoise hum? phrack lovers? then get 0wn3d with the original phrack-style! Voila! Linux hazent 2.4.25-1-686 #1 Tue Feb 24 10:55:59 EST 2004 i686 GNU/Linux Debian GNU/Linux testing/unstable \n \l root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh postgres:x:31:32:postgres:/var/lib/postgres:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh operator:x:37:37:Operator:/var:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:x:65534:65534:nobody:/nonexistent:/bin/sh sslayer:x:1000:1000:,,,:/home/sslayer:/bin/bash sshd:x:100:65534::/var/run/sshd:/bin/false postfix:x:101:103::/var/spool/postfix:/bin/false mysql:x:102:105:MySQL Server,,,:/var/lib/mysql:/bin/false bind:x:103:106::/var/cache/bind:/bin/false gforge:x:107:107::/var/www/gforge:/bin/false ftp:x:104:65534::/home/ftp:/bin/false sfftp:x:108:108::/var/lib/gforge/chroot/ftproot:/bin/false javi87:x:1002:1002:,,,:/home/javi87:/bin/bash bitlbee:x:105:65534::/var/lib/bitlbee/:/bin/false neolk:x:1001:1001:,,,:/home/neolk:/bin/bash johnc:x:1003:1003:,,,:/home/johnc:/bin/bash uml-net:x:109:109::/home/uml-net:/bin/false darcy:x:1004:1004::/home/darcy:/bin/bash [root@hazent /var/lib/gforge/chroot/home/users]# ls agm anoncvs_linuxbt anoncvs_peerrating anoncvs_telematica anoncvs_wardphone flamethrower jota naty unai anoncvs_comunidadtsm anoncvs_minisniff anoncvs_pimypono anoncvs_thsfpga camvoya jcaceres jrp oscurito vanmore anoncvs_doja-npc anoncvs_mobilemaps anoncvs_sbd anoncvs_tprg ciph3r jjvaca jsj priseo xavyiy anoncvs_ibookg4 anoncvs_mysonyvaio anoncvs_siteadmin anoncvs_tuxsm efe jmtorre lordeath santi_phreack anoncvs_linenoise anoncvs_newsadmin anoncvs_stats anoncvs_uraster flamesoft jose matrixhome ths [root@hazent /var/lib/gforge/chroot/home/users]# [gnd@hazent]$ cd /home/bockvan [gnd@hazent]$ cat dead.letter ----------------- Hi, I'm decoder (aka bockvan) I would like to receive information of submitting my own articles to hakin9. I can write of security of operating systems (unix bsd above all), network programming (hack tools), telephony (GSM), unlocking mobiles ----------------- oh ic, OS security... yeah!! [gnd@hazent]$ cd ../decode/fotos [gnd@hazent]$ echo "WoW nice phone!" bleh all mobile stuff... [gnd@hazent]$ cd ../../fissh [gnd@hazent]$ less mbox ----------------- From jrp@hazent.com Fri Jan 30 13:34:59 2004 Return-Path: X-Original-To: fissh@linenoise.info Delivered-To: fissh@linenoise.info Received: from senec (unknown [62.151.150.139]) by linenoise.info (Postfix) with ESMTP id F39A21220F for ; Fri, 30 Jan 2004 13:34:57 +0100 (CET) Received: from senec (senec [127.0.0.1]) by senec (Postfix) with ESMTP id A7ABE6313A for ; Fri, 30 Jan 2004 13:36:06 +0100 (CET) From: Jose Ramon Palanco Reply-To: comerc@hazent.com Subject: Fwd: Peticion de informacion sobre prodcutos hardware de vitelcom SPT2 Date: Fri, 30 Jan 2004 13:36:06 +0100 User-Agent: KMail/1.5.4 To: fissh@linenoise.info MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200401301336.06091.jrp@hazent.com> Status: RO ble ble ble Jose Ramon Palanco Jefe de departamento jrp@hazent.com Departamento comercial +34 660 93 70 83 comerc@hazent.com Hazent Technologies C/Fernando Delgado, 6 28047 Madrid - Espana ----------------- [gnd@hazent]$ cd ../gnd ohh! look, it's me!! I say hello to mom, dad and little bro! let's see how lame can I be: [gnd@avalon]$ cat .mc/history [Dir Hist New Left Panel] 0=/home/gnd 1=/home 2=/home/javi87 3=/home 4=/home/mldonkey 5=/home 6=/ 7=/var [Dir Hist New Right Panel] 0=/home/gnd [cmdline] 0=1~ 1=telnet localhost enough about me! [gnd@hazent]$ cd ../home/home/barsh [gnd@hazent]$ cat .bash_history exit /.mldonkey locate mldonkey mldonkey start mldonkey locate -u exit dir cat LeemeO_o start mlnet start mln ./mln /mnt/nfs/mldonkey/mln exit ./mlnet bg ./ml/ cd ml/ ls ./mlnet ls ls -alh su [... loads of ls ... ] ./mlnet strace ./mlnet echo "/etc/init.d/mldonkey start" >>/etc/ppp/ip-up dir telnet localhost 4000 telnet localhost 4000 telnet localhost 4000 dir cd .. dir telnet localhost 4000 lynx oh ic, barsh aka warez monkey... that's nice. Remember to send me all your pr0n. [gnd@hazent]$ cd ../gnd omfg! it's me again! how lucky! you'll remember me from films like: SET is 0wn3d I part or SET is 0wn3d II part I have a big mouth, look at my history I'm a big warez chimp! [gnd@hazent]$ cat .bash_history Animatrix DVD XViD OGG 2003 Austin.POwers.Y.miembro.deoro Barco Fantasma SEDG Spanish DvD-SCREENER Beavis.&.Butthead.Recorren.America.[DVDRip.Spanish] df du mc logout chmod 777 Jackass.The.Movie.DVD.DivX5.MP3.SCREENER.2002.ES-SCZ/ chmod 777 Recien.Casados.DVD.XViD.MP3.2003.PROPER.ES-VOTD/ ls unrar x scz-jkm.rar ls rm -rf *.r* ls rm -rf *.s* ls ls unarar x votd-rca.rar unrar x votd-rca.rar ls rm -rf *.r* ls chmod 777 bmp/ chmod Atrapame.Si.Puedes.DvD.DivX5.AC3.2002.ES-SCZ/ chmod 777 Atrapame.Si.Puedes.DvD.DivX5.AC3.2002.ES-SCZ/ chmod 777 CD1 clear ls who df telnet localhost 4000 df who mc df logout who ps telnet localhost 4000 logout who df telnet localhost 4000 mc chmod 777 La.Presa.DVD.Divx5.MP3.2003.ES-SdA chmod La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA/ chmod 777 La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA chmod 777 La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA/ chmod 777 La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA/ ls unrar x sda-lpre.rar ls rm -rf sda-lpre.r* ls ls ls -la chmod 777 La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA/ chmod 777 La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA ls du ls clear ls Double.Vision.DVDrip.divx Double_Vision_(2002).TWCiSO.ShareReactor.srt Hombres_felices.jpg Jane.White.Is.Sick.And.Twisted.(2002).ES-subs.VH-PROD.ShareReactor.rar Karate.a.muerte.mpeg Killer.barbies.mpeg Los.Serrano CureDVDrip2cds clear cd .. ls cd 02\ -\ DVDRIP/ ls cd .. ls cd 03\ -\ SCREENERS/ ls sin noticias de dios - [ spanish divx 5 ] - by dbelilles ls who df cd .. cd .. cd mnt cd nfs cd ml mc who df mc who df ls rm -rf nohup.out ls mc telnet localhost 4000 who mc mc ls chmod 777 -R La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA chmod 777 -R La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA/ [21~ [1~ ls unrar x scz-lrc.1.rar cd .. cd CD2 unrar x scz-lrc.2.rar ls cd .. cd .. cd Lizzie.Superstar.DVD.XviD.MP3.SCREENER.2003.ES-SdA/ unrar x sda-lzsr.rar ls rm -rf sda-lzsr.r* ls ls rm -rf scz-lrc.1.r* ls ls ls chmod 777 CD1 chmod ? chmod --help chmod 777 -R CD2 chmod 777 -R CD1 cd .. chmod 777 -R Lizzie.Superstar.DVD.XviD.MP3.SCREENER.2003.ES-SdA mc who mc chmod 777 -R Canguro.Jack.DVD.XviD.MP3.SCREENER.2003.ES-SdA/ chmod 777 -R Terminator.3.La.Rebelion.De.Las.Maquinas.TS.XViD.MP3.SCREENER.2003. ES-KiNEPOLiS/ ls cd Terminator.3.La.Rebelion.De.Las.Maquinas.TS.XViD.MP3.SCREENER.2003.ES-KiNEPOL iS/ ls unrar x knp-t3rm.rar ls rm -rf knp-t3rm.r* ls clear telnet localhost 4000 who mc chmod 777 * unrar scz-lrc.2.rar unrar x scz-lrc.2.rar ls rm -rf scz-lrc.2.r* ls ls chmod 777 -R Loveparade.Masses.In.Motion.2003.DVDRip.XviD-xCZ/ unrar x xcz-xvid-loveparade.rar ls rm -rf xcz-xvid-loveparade.r* ls chmod 777 -R Los.Reyes.del.Crimen.DVD.DivX5.MP3.SCREENER.2001.ES-SCZ/ chmod 777 -R Canguro.Jack.DVD.XviD.MP3.SCREENER.2003.ES-SdA/ ls ls unrar x sda-cojk.rar ls rt -rf sda-cojk.r* ls rm -rf sda-cojk.r* ls ls chmod 777 -R La.Leyenda.Del.Pirata.Barbanegra.DVD.XViD.MP3.SCREENER.2001.ES-SdA/ ls unrar x sda-piba.rar ls rm -rf sda-piba.r* ls clear chmod 777 -R Lizzie.Superstar.DVD.XviD.MP3.SCREENER.2003.ES-SdA/ who df telnet localhost 4000 mc ls chmod 777 -R El.Protector.DVD.DivX3.MP3.SCREENER.2002.ES-SdA/ who mc telnet localhost 4000 } telnet localhost 4000 who clear ls cd .. cd .. cd mnt cd nfs ls cd ml ls cd incoming/ ls mc mc clera who man msg talk pst/9 talk pst/6 talk pst9 who dame messag telnet localhost 4000 mc mc who df telner localhost 4000 telnet localhost 4000 who talk javi87 talk javi87@linenoise who talk --? man talk who talk mamon who talk talk pst6 mc [ ... enough!! ] wow, seems I forgot how to talk... too bad. Btw, great films I see =) Hmm what the fuck!? Its the great sslayer (_CN_ - cianuro) How evil is! show us ur mad skills! [gnd@hazent]$ cat /home/sslayer/200* | less 213.98.7.103:62433 -> 195.219.191.61:110 pop3 USER: ana%eacostablanca.com PASS: eaco05 80.28.166.112:3878 -> 195.219.191.61:110 pop3 USER: paloma%iriaregalos.com PASS: fangoria 80.58.10.235:51239 -> 195.219.191.61:80 www USER: admin PASS: miradio www.bossanova.fm/nowplaying/catcher.php 213.98.7.103:62434 -> 195.219.191.61:110 pop3 USER: arquitectura%eacostablanca.com PASS: eaco15 80.28.166.112:3429 -> 195.219.191.61:110 pop3 USER: info%iriaregalos.com PASS: iriare 80.28.166.112:3908 -> 195.219.191.61:110 pop3 USER: eduardo%iriaregalos.com PASS: dinarama 80.28.166.112:3432 -> 195.219.191.61:110 pop3 USER: cristina%iriaregalos.com PASS: alaska 217.11.115.168:2545 -> 195.219.191.5:110 pop3 USER: consultoria PASS: serra175 217.11.115.168:2547 -> 195.219.191.5:110 pop3 USER: sergio.serrano PASS: serra175 81.36.87.4:35226 -> 195.219.191.116:21 ftp USER: marinasurf@marinasur PASS: mari33 217.11.115.168:2552 -> 195.219.191.5:110 pop3 USER: sergio.serrano PASS: serra175 212.53.123.245:24009 -> 195.219.191.194:21 ftp USER: darketernal.net PASS: disfruta 67.17.14.196:4838 -> 195.219.191.194:21 ftp USER: darketernal.net PASS: disfruta 213.96.121.235:22729 -> 195.219.191.34:110 pop3 USER: javi@interdominios.com PASS: der43wq 81.36.87.4:35228 -> 195.219.191.116:21 ftp USER: marinasurf@marinasur PASS: mari33 213.96.121.235:22730 -> 195.219.191.34:110 pop3 USER: javier@interdominios.com PASS: der43wq 80.38.13.158:24144 -> 195.219.191.198:21 ftp USER: pcweb02_011%tpolaris.com PASS: 659326 Oh! very bad boy! sniffing with ettercap ur ISP neighbours and admins. You should be unplugged from interdominios ISP :( sslayer passwords Queen0 -> forum 1l9e9a9 -> irc-hispano nickname -!- sslayer [~sslayer@195.219.191.235] -!- ircname : sslayer -!- server : irc.freenode.net [http://freenode.net/] -!- idle : 1 days 17 hours 1 mins 52 secs [signon: Sun May 2 01:50:27 2004] -!- sslayer [sslayer@DqRPKX.DEAtg2.virtual] -!- ircname : sslayer -!- channels : @#librepensamiento +#mensa -!- server : omega.irc-hispano.org [www.flytech.intelideas.com] -!- : has registered this nick -!- modes : FUCK! MENSA! isn it the guys who think they are the most intelligent over the world! So 1f w3 h4ck m3ns4, w3 ar3 th3 m0s7 cl3v3r boyz 0v3r the pl4n3t /* ***************************************************** * THE DIARY OF gnd (Green Legend) JONES III * Linenoise.info (in)Security in it's most pure state" * ****************************************************** Now some of my warez ftps: [inp FTP to machine ] 0=gnd@sequoia.phy.bris.ac.uk:33333 1=gnd@147.83.203.12:11666 2=gnd@147.83.203.12:11666 3=gnd@seqouia.phy.bris.ac.uk:33333 [gnd@avalon]$ cd ../javi87 [gnd@avalon]$ cat .bash_history cat /etc/passwd nano /etc/ftppasswd echo -n re13as0 |md5sum nano /etc/ftppasswd sudo /etc/init.d/proftpd restart nano /etc/ftppasswd [...] vi /etc/ftppasswd passwd manu whoami irssi vi /etc/ftppasswd vi /etc/ftppasswd df -h echo -n renegator|md5sum wget ftp://gnd@147.83.203.12:11666/Los.Increibles.Albondigas.DVB.Divx3.MP3.1979.ES-VOTD/ wget ftp://legend:gnd@147.83.203.12:11666/Los.Increibles.Albondigas.DVB.Divx3.MP3.1979.ES-VOTD/ wget ftp://gnd:legend@147.83.203.12:11666/Los.Increibles.Albondigas.DVB.Divx3.MP3.1979.ES-VOTD/ wget -r ftp://gnd:legend@147.83.203.12:11666/Los.Increibles.Albondigas.DVB.Divx3.MP3.1979.ES-VOTD/ wops! l33t security! thxs 4 the ftp snmpwalk localhost dd{2023} system snmpwalk localhost system nano snmpd.conf snmpwalk localhost Gruta system snmpwalk sudo /etc/init.d/snmpd stop sudo /etc/init.d/snmpd start nano snmptrapd.conf snmpwalk localhost Gruta system snmpwalk localhost Gruta system -v Gruta snmpwalk -v Gruta localhost Gruta system snmpwalk -OS localhost Gruta system nano snmpd.conf sudo /etc/init.d/snmpd stop sudo /etc/init.d/snmpd start snmpwalk localhost Gruta system nano snmpd.conf snmpwalk -v 1 -c Gruta localhost system cfgmaker --community Gruta --output /etc/mrtg.cfg localhost oh!, thxs again 4 the cs snmpwalk -On localhost Gruta dsk snmpwalk -On -v 1 -c Gruta localhost dsk snmpwalk -v 1 -c Gruta localhost dsk snmpwalk -v 1 -c Gruta localhost system snmpwalk -v 1 -c Gruta localhost .more nano snmpd.conf snmpwalk -v 1 -c Gruta localhost dsk snmpwalk -v 1 -c Gruta localhost . | more snmpwalk -v 1 -c Gruta localhost . | grep device snmpwalk -v 1 -c Gruta localhost . | grep Device snmpwalk -v 1 -c Gruta localhost . | grep HOST-RESOURCES snmpwalk -v 1 -c Gruta localhost . | grep HOST-RESOURCES | less snmpwalk -v 1 -c Gruta localhost . | grep HOST-RESOURCES | less snmpwalk -v 1 -c Gruta localhost . | grep HOST-RESOURCES > /home/linenoise/javi87/HOST nano /home/linenoise/javi87/HOST snmpwalk -v 1 -c Gruta localhost . | grep Storage> /home/linenoise/javi87/HOST su mrtg w ssh 195.219.191.233 ssh root@195.219.191.233 hmmm nice security! Remember all the nano stuff? BIG PRESENT: [gnd@avalon]$ cat .nano_history 235 history use spanish silent elite probe yads portal tempo Burro rocommunity roco [gnd@avalon]$ cat .mc/history [inp FTP to machine ] 0=ftp://gnd:legend@147.83.203.12:11666/ 1=gnd@147.83.203.12:11666 2=ftp://xbox:legend@147.83.203.12:11666/ 3=ftp://xbox:xbox@195.219.191.237:21/F 4=xbox@195.219.191.237:21 5=xbox@195.219.191.237:21/F/Movies 6=xbox@195.219.191.237:21 7=xbox@195.219.191.237:21/F/Movies/ 8=xbox@195.219.191.237:21/F/Movies 9=Javi87_@distribution.xbins.org [gnd@avalon]$ cd ../low [gnd@avalon]$ cat .bash_history wget -cr "ftp://papa:papa00@207.106.123.4:34001/Terminator.3.La.Rebelion.De.Las.Maquinas.TS.XViD.MP3.SCREENER.2003.ES-KiNEPOLiS/" wget -cr "ftp://papa:papa00@207.106.123.4:34001/Terminator.3.La.Rebelion.De.Las.Maquinas.TS.XViD.MP3.SCREENER.2003.ES-KiNEPOLiS" wget -c "ftp://papa:papa00@207.106.123.4:34001/Terminator.3.La.Rebelion.De.Las.Maquinas.TS.XViD.MP3.SCREENER.2003.ES-KiNEPOLiS/kn p-t3rm.r00" [gnd@avalon]$ cd ../neolk [gnd@avalon]$ cat programas/motes.c #include #include int main() { char *punt[][2]={"Decoder","Apu (del Badulake de los Simpsom)","Cejon","Barbucio","Javi87","Puto Javii","CN","Se me ha pe rdido el Erizo","Ajx","Ajo man"}; int i=0,j=0, sw=0; char nombre[25]; printf("Introduzca el nombre del Personaje a localizar: "); scanf("%s",&nombre); <--------------- HAHAHAHA!! for(j=0;(j<6)&&(sw==0);j++) { if(strcmp(nombre,punt[j][0])==0) { printf("%s alias -->%s \n",nombre,punt[j][1]); sw=1; } } if(sw==0) printf("Lo siento pero mi programador todavia no ha incluido el Personaje...\nPrueba con otro...(Decoder,Cejon,Ja vi87,CN o Ajx)\n"); } holly crap! neolk has m4d sk1llz! hmm more funny mails: From ondas@madridwireless.net Fri Aug 22 20:39:55 2003 Return-path: Envelope-to: radio@linenoise.info Received: from 26.red-80-34-212.pooles.rima-tde.net ([80.34.212.26] helo=mail.madridwireless.net) by linenoise with esmtp (Exim 3.36 #1 (Debian)) id 19qGpG-00042R-00 for ; Fri, 22 Aug 2003 20:39:54 +0200 Received: from debaser.ath.cx (localhost [127.0.0.1]) by mail.madridwireless.net (Postfix) with SMTP id D4E94BEBE for ; Fri, 22 Aug 2003 20:39:55 +0200 (CEST) Received: from 80.25.50.31 (SquirrelMail authenticated user ondas@madridwireless.net) by debaser.ath.cx with HTTP; Fri, 22 Aug 2003 20:39:56 +0200 (CEST) Message-ID: <40492.80.25.50.31.1061577596.squirrel@debaser.ath.cx> Date: Fri, 22 Aug 2003 20:39:56 +0200 (CEST) Subject: Conexzion Satelite en huelva From: ondas@madridwireless.net To: radio@linenoise.info User-Agent: SquirrelMail/1.4.0 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 Importance: Normal Status: RO Hola En setiembre se va a hacer una cnexion satelite en Huelva me ha dicho Pablo de Soto q estais invitados los de linenoise. Si os interesa poneros en contacto cn Pablo o conmigo para lo del viaje. http://www.hackitectura.net/lamultitudconectada/inicio.html http://acp.sindominio.net/article.pl?sid=03/08/21/2311200 http://madridwireless.net/article.pl?sid=03/08/22/016240&mode=thread ((((...0nDaS...)))) Antonio [gnd@avalon]$ cd ../vanmore [gnd@avalon]$ cat .bash_history ls -Rl ls -Rl > juanker ls ls -Rl > /home/linenoise/vanmore/juanker ls cd vanmore/ ls cat juanker cat juanker | most cat juanker | more ls cd .. ls gcc logout logout [inp FTP to machine ] 0=195.219.191.194 1=javi87@195.219.191.194 2=javi87@saffi.gotdns.com 3=javi87@saffy.gotdns.com 4=javi87@voidmind.d2g.com 5=javi87@voidmind.d2g.com:444 6=javi87@195.219.191.194 7=javi87@64.105.65.145 8=tsmfirm@linenoise.info [input2] 0=/home/javi87 1=/#ftp:javi87@voidmind.d2g.com:444/xbox 2=/#ftp:javi87@64.105.65.145/home/javi87 3=/#ftp:tsmfirm@linenoise.info links fortarro.myvnc.com:4080 ssh -l johnc fortarro.myvnc.com RESUME: Boring...