http://89.248.164.63/dox/xyz/20.png
look at the picture. On Mon, Jun 6, 2011 at 2:26 PM, T Biehn <[email protected]> wrote: > LOL @ > "A timing attack on ssh passwords over the net?" > > and > > > "I think its just a bruteforce." > > -Travis > > > On Mon, Jun 6, 2011 at 7:58 AM, Gichuki John Chuksjonia < > [email protected]> wrote: > >> I think its just a bruteforce. >> >> >> >> >> On 6/6/11, Andreas Bogk <[email protected]> wrote: >> > Excerpts from lulzfail's message of Mo Jun 06 08:39:42 +0200 2011: >> >> Lulzsec == pwnt >> > >> > I've seen the log you pasted to pastebin. Is this: >> > >> > * A timing attack on ssh passwords over the net? >> > * Fake, to distract us from your real 0day? >> > >> > Andreas >> > >> > Log: >> > >> > root@gibson:~# ./1337hax0r 204.188.219.88 -root >> > Attempting too hax0r root password on 204.188.219.88 >> > >> > h,VhXz<avMm >> > 3xL<l1-_\wC >> > ffsakTgyc~H >> > ZZrz,pJrg<B >> > b{4Bv_Y$$Z6 >> > XDh;vDU-;3> >> > FB-hvg%g_'t >> > }qHNvkS"'>g >> > RNBKvUi5yO| >> > z`(}v<1^>u& >> > *V4?vh9#^f2 >> > /R*9vf<h"Z# >> > 9P65vjKhh.N >> > \rfsv~PhNDz >> >>Bfpv|uhGpy >> > J%"kvf]hGf0 >> > sY0"v{2hf7p >> >>9dev%Qh6_v >> > *<Tbv7?h.** >> > }:lkvV^hN2U >> > ;&5Xv'Sh#}_ >> > MOqpvi_hg+# >> > Md9/viVh&u7 >> > M(%rvomhb'" >> > MI"5v_shEVe >> > M=@?vl.hZge >> > MPk5v:WhUTe >> > M=3vvrzh7Te >> > M&'?v]sh`Te >> > M/Z,vI1h`Te >> > M.9>vO$hTTe >> > Ms!(vY;hpTe >> > MA)SvYLhnTe >> > M7eCv@Lh0Te >> > MkeCvFLh$Te >> > M'eCv?LhaTe >> > M&eCvLLh|Te >> > M*eCv5Lh\Te >> > MmeCvcLhCTe >> > MTeCv&LhrTe >> > M,eCv1LhYTe >> > MEeCv}LhHTe >> > M_eCvSLhnTe >> > MPeCvSLh+Te >> > M[eCvSLh,Te >> > MOeCvSLh"Te >> > M7eCvSLh"Te >> > MGeCvSLhdTe >> > M$eCvSLhkTe >> > MCeCvSLhkTe >> > MLeCvSLhkTe >> > M=eCvSLhkTe >> > M-eCvSLhkTe >> > MweCvSLhkTe >> > M=eCvSLhkTe >> > M3eCvSLhkTe >> > M6eCvSLhkTe >> > MreCvSLhkTe >> > M6eCvSLhkTe >> > MFeCvSLhkTe >> > MSeCvSLhkTe >> > M8eCvSLhkTe >> > >> > Password hax0rd! root password: M8eCvSLhkTe >> > >> > root@gibson:~# ssh 204.188.219.88 >> > >> > [email protected]'s password: >> > >> > root@xyz:~# hostname; id; w >> > xyz >> > uid=0(root) gid=0(root) groups=0(root) >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> > >> >> >> -- >> -- >> Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P >> I.T Security Analyst and Penetration Tester >> jgichuki at inbox d0t com >> >> {FORUM}http://lists.my.co.ke/pipermail/security/ >> http://chuksjonia.blogspot.com/ >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > > -- > FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C > http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on > http://pastebin.com/f6fd606da > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
