It's because they don't have good filters. On Fri, Oct 19, 2012 at 8:13 AM, Rod Trent <[email protected]> wrote: > They're getting smoked. > > > -----Original Message----- > From: Ziots, Edward [mailto:[email protected]] > Sent: Friday, October 19, 2012 11:03 AM > To: NT System Admin Issues > Subject: DDOS Attacks continue targeting Tobacco Industry > > From DHS, if any of your companies or associates are on the list, I would > assume you are going to be seeing more attacks coming up. > > PASTEBIN | #1 paste tool since 2002 > create new pastetoolsapiarchivefaq > PASTEBIN create new paste trending pastes sign uploginmy > alertsmy settingsmy profile > Public Pastes > Untitled > 0 sec agoUntitled > 0 sec agoUntitled > 1 sec agoUntitled > 5 sec agoUntitled > 6 sec agoUntitled > 10 sec agoUntitled > 11 sec agoUntitled > 11 sec ago UntitledBy: a guest on Oct 15th, 2012 | syntax: None | > size: 5.74 KB | hits: 121 | expires: Neverdownload | raw | embed > | report abuse Copied 1.#OpGr0wHous3 > 2. > 3.It has come to our attention that tobacco agencies/tobacco company's have > been feeding fuel to the fire as far as keeping this safe plant we know and > love called cannabis illegal for years. It is our time now to show them who > is the boss and that we are not afraid to show action. > This is NOT A THREAT! It's a promise! We are asking all anonymous > hacktivists to help join the party! > 4. > 5.There will be 10 days of DDoS attacks on 10 different tobacco > sites/agencies. Starting October 18th 2012 -- October 27th 2012. > 6.Each day we will be attacking a new site. > 7. > 8.Every night at 8:00pm EST (Eastern Standard Time) We will Fire our Laz0rs > towards a specific site/agency. Check down below for more details on attack > dates. > 9. > 10.**IMPORTANT** > 11.If you do plan on helping with the attack, please make sure you are using > a VPN & make sure your DNS is not leaking when DDoSing!!! > 12. > 13.DO NOT USE LOIC!!! > 14.Use HOIC and the WebHive!!! > 15. > 16.Also HOIC is pointless without booster scripts so please use a booster > script for the specific site we are attacking!!! (Links Below) 17. > 18.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 19.**How To Use HOIC** > 20. > 21.If your using an older computer with little ram or weak processors. > Set the thread count for 2 or 3. > 22. > 23.If you are using a newer computer with a good amount of ram and > processors. Set the thread count for 4 or 5. > 24. > 25.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 26.**DNS Leak Check** > 27.Once you have set up your VPN. Go to the DNS Leak Checker Link down below > and check to see if your DNS is leaking. If you see anything that has your > ISP (Internet Service Provider) then your DNS IS LEAKING!!! > (Which can be very bad!!) > 28. > 29.If you DO NOT see anything with your ISP then your DNS is NOT Leaking! > (Which is good!!) 30.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 31.**How to use HOIC Booster Scripts** > 32. > 33.Just copy and paste the code into any text editor an save it as a .hoic > file. > 34.(You can name the booster whatever you want as long as it is a .hoic > extension!!) > 35. > 36.Then take the booster script an drag it into the same folder HOIC is in. > 37. > 38.Then when you are ready to attack the a specific site. Find the booster > meant for that specific site an you should be set to fire! > 39. > 40.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 41.Tools & Goodies > 42. > 43.Here's a bunch of links for tools for the attack and TuTs as well as the > WebHive URL. > 44. > 45.**(HOIC download link is in the "Tools & Goodies" paste)** 46. > 47.Tools & Goodies: http://pastebin.com/hRbrhKyd 48. > 49.VPN TuT/Download: http://pastebin.com/mYZRpQ1A 50. > 51.WebHive: http://pastehtml.com/view/cdvr011a5.html > 52. > 53.WebHive TuT: http://pastebin.com/BbEfifwA 54. > 55.DNS Leak Checker: http://www.dnsleaktest.com/ 56. > 57.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 58.**ATTACK DATES!!!** > 59. > 60.October 18th: http://www.camel.com/ > 61. > 62.October 19th: http://www.lm.com/ > 63. > 64.October 20th: http://www.marlboro.com/ 65. > 66.October 21st: http://www.newport-pleasure.com/ 67. > 68.October 22nd: http://www.rjrt.com/ > 69. > 70.October 23rd: http://www.altria.com/ > 71. > 72.October 24th: http://philipmorrisusa.com/ 73. > 74.October 25th: http://pmi.com/ > 75. > 76.October 26th: http://www.johnmiddletonco.com/ 77. > 78.October 27th: http://www.lorillard.com/ 79. > 80.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 81.HOIC Booster Scripts > 82. > 83.Altria Booster: http://pastebin.com/Zx5Gqu6E 84. > 85.Camel Booster: http://pastebin.com/QbDYxHSR 86. > 87.JohnMiddleton Booster: http://pastebin.com/fibSqGKt 88. > 89.L&M Booster: http://pastebin.com/ZV62sgzj 90. > 91.Lorillard Booster: http://pastebin.com/fpybW7NV 92. > 93.Marlboro Booster: http://pastebin.com/X09p2tbA 94. > 95.Newport Booster: http://pastebin.com/FgCVYU0F 96. > 97.PhilipMorris USA Booster: http://pastebin.com/Nnn8zvXA 98. > 99.PhilipMorris International Booster: http://pastebin.com/r02ZBiPz 100. > 101.RJRT Booster: http://pastebin.com/YnaTsJCa > 102.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 103.**WebHive Request URLs** > 104. > 105.*Camel* > 106.Image URL: > https://camel.tobaccopleasure.com/assets/images/camel99_logo.png > 107. > 108.iFrame URL: http://www.camel.com/ > 109.-------------------------------------------------------------------- > ---------- > 110.*Marlboro* > 111.iFrame URL: https://www.marlboro.com/ > 112.-------------------------------------------------------------------- > ---------- > 113.*L&M* > 114.iFrame URL: http://www.lm.com/ > 115.-------------------------------------------------------------------- > ---------- > 116.*Newport* > 117.Image URL: > http://m.newport-pleasure.com/Content/lor-themes/images/lookup_forgot_pi > n/P2.CustomerID_art.png > 118. > 119.iFrame URL: http://www.newport-pleasure.com/ > 120.-------------------------------------------------------------------- > ---------- > 121.*Altria* > 122.Image URL: > http://www.altria.com/en/cms/Home/SlideShow/Images/LargeImage/federalReg > Tobacco_large.png.aspx > 123.iFrame URL: http://www.altria.com/ > 124.-------------------------------------------------------------------- > ---------- > 125.*RJRT* > 126.Image URL: http://rjrt.com/images/home-bottom-graphic.jpg > 127.iFrame URL: http://rjrt.com/ > 128.-------------------------------------------------------------------- > ---------- > 129.*PhilipMorris USA* > 130.Image URL: > http://www.philipmorrisusa.com/en/cms/Home/images/hp_icon_tobacco.jpg.as > px > 131.iFrame URL: http://philipmorrisusa.com/ > 132.-------------------------------------------------------------------- > ---------- > 133.*Lorillard* > 134.Image URL: > http://www.lorillard.com/wp-content/uploads/2011/04/promo.jpg > 135.iFrame URL: http://www.lorillard.com/ > 136.-------------------------------------------------------------------- > ---------- > 137.*PhilipMorris International* > 138.Image URL: > http://www.pmi.com/SiteCollectionImages/acc.bnr_about_us.jpg > 139.iFrame URL: http://pmi.com/ > 140.-------------------------------------------------------------------- > ---------- > 141.*JohnMiddleton Company* > 142.Image URL: > http://www.johnmiddletonco.com/en/cms/Company/About_Middleton/photo_over > view2.jpg.aspx > 143.iFrame URL: http://www.johnmiddletonco.com/ > 144.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~create a new version > of this paste RAW Paste Data > #OpGr0wHous3 > > It has come to our attention that tobacco agencies/tobacco company's have > been feeding fuel to the fire as far as keeping this safe plant we know and > love called cannabis illegal for years. It is our time now to show them who > is the boss and that we are not afraid to show action. > This is NOT A THREAT! It's a promise! We are asking all anonymous > hacktivists to help join the party! > > There will be 10 days of DDoS attacks on 10 different tobacco > sites/agencies. Starting October 18th 2012 -- October 27th 2012. > Each day we will be attacking a new site. > > Every night at 8:00pm EST (Eastern Standard Time) We will Fire our Laz0rs > towards a specific site/agency. Check down below for more details on attack > dates. > > **IMPORTANT** > If you do plan on helping with the attack, please make sure you are using a > VPN & make sure your DNS is not leaking when DDoSing!!! > > DO NOT USE LOIC!!! > Use HOIC and the WebHive!!! > > Also HOIC is pointless without booster scripts so please use a booster > script for the specific site we are attacking!!! (Links Below) > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **How To Use HOIC** > > If your using an older computer with little ram or weak processors. Set the > thread count for 2 or 3. > > If you are using a newer computer with a good amount of ram and processors. > Set the thread count for 4 or 5. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **DNS Leak Check** > Once you have set up your VPN. Go to the DNS Leak Checker Link down below > and check to see if your DNS is leaking. If you see anything that has your > ISP (Internet Service Provider) then your DNS IS LEAKING!!! > (Which can be very bad!!) > > If you DO NOT see anything with your ISP then your DNS is NOT Leaking! > (Which is good!!) > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **How to use HOIC Booster Scripts** > > Just copy and paste the code into any text editor an save it as a .hoic > file. > (You can name the booster whatever you want as long as it is a .hoic > extension!!) > > Then take the booster script an drag it into the same folder HOIC is in. > > > Then when you are ready to attack the a specific site. Find the booster > meant for that specific site an you should be set to fire! > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Tools & Goodies > > Here's a bunch of links for tools for the attack and TuTs as well as the > WebHive URL. > > **(HOIC download link is in the "Tools & Goodies" paste)** > > Tools & Goodies: http://pastebin.com/hRbrhKyd > > VPN TuT/Download: http://pastebin.com/mYZRpQ1A > > WebHive: http://pastehtml.com/view/cdvr011a5.html > > WebHive TuT: http://pastebin.com/BbEfifwA > > DNS Leak Checker: http://www.dnsleaktest.com/ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **ATTACK DATES!!!** > > October 18th: http://www.camel.com/ > > October 19th: http://www.lm.com/ > > October 20th: http://www.marlboro.com/ > > October 21st: http://www.newport-pleasure.com/ > > October 22nd: http://www.rjrt.com/ > > October 23rd: http://www.altria.com/ > > October 24th: http://philipmorrisusa.com/ > > October 25th: http://pmi.com/ > > October 26th: http://www.johnmiddletonco.com/ > > October 27th: http://www.lorillard.com/ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > HOIC Booster Scripts > > Altria Booster: http://pastebin.com/Zx5Gqu6E > > Camel Booster: http://pastebin.com/QbDYxHSR > > JohnMiddleton Booster: http://pastebin.com/fibSqGKt > > L&M Booster: http://pastebin.com/ZV62sgzj > > Lorillard Booster: http://pastebin.com/fpybW7NV > > Marlboro Booster: http://pastebin.com/X09p2tbA > > Newport Booster: http://pastebin.com/FgCVYU0F > > PhilipMorris USA Booster: http://pastebin.com/Nnn8zvXA > > PhilipMorris International Booster: http://pastebin.com/r02ZBiPz > > RJRT Booster: http://pastebin.com/YnaTsJCa > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **WebHive Request URLs** > > *Camel* > Image URL: > https://camel.tobaccopleasure.com/assets/images/camel99_logo.png > > iFrame URL: http://www.camel.com/ > ------------------------------------------------------------------------ > ------ > *Marlboro* > iFrame URL: https://www.marlboro.com/ > ------------------------------------------------------------------------ > ------ > *L&M* > iFrame URL: http://www.lm.com/ > ------------------------------------------------------------------------ > ------ > *Newport* > Image URL: > http://m.newport-pleasure.com/Content/lor-themes/images/lookup_forgot_pi > n/P2.CustomerID_art.png > > iFrame URL: http://www.newport-pleasure.com/ > ------------------------------------------------------------------------ > ------ > *Altria* > Image URL: > http://www.altria.com/en/cms/Home/SlideShow/Images/LargeImage/federalReg > Tobacco_large.png.aspx > iFrame URL: http://www.altria.com/ > ------------------------------------------------------------------------ > ------ > *RJRT* > Image URL: http://rjrt.com/images/home-bottom-graphic.jpg > iFrame URL: http://rjrt.com/ > ------------------------------------------------------------------------ > ------ > *PhilipMorris USA* > Image URL: > http://www.philipmorrisusa.com/en/cms/Home/images/hp_icon_tobacco.jpg.as > px > iFrame URL: http://philipmorrisusa.com/ > ------------------------------------------------------------------------ > ------ > *Lorillard* > Image URL: http://www.lorillard.com/wp-content/uploads/2011/04/promo.jpg > iFrame URL: http://www.lorillard.com/ > ------------------------------------------------------------------------ > ------ > *PhilipMorris International* > Image URL: http://www.pmi.com/SiteCollectionImages/acc.bnr_about_us.jpg > iFrame URL: http://pmi.com/ > ------------------------------------------------------------------------ > ------ > *JohnMiddleton Company* > Image URL: > http://www.johnmiddletonco.com/en/cms/Company/About_Middleton/photo_over > view2.jpg.aspx > iFrame URL: http://www.johnmiddletonco.com/ > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Pastebin.com Tools & Applications > iPhone/iPad Windows Firefox Chrome WebOS Android Mac Opera Click.to UNIX > WinPhone create new paste | api | trends | users | faq | tools > | domains center | privacy | contact | stats | go pro > Follow us: pastebin on facebook | pastebin on twitter | pastebin in the > news Some friends: hostshut | hostlogr | w3patrol | cute pictures > Pastebin v3.1 rendered in: 0.008 seconds #OpGr0wHous3 > > It has come to our attention that tobacco agencies/tobacco company's have > been feeding fuel to the fire as far as keeping this safe plant we know and > love called cannabis illegal for years. It is our time now to show them who > is the boss and that we are not afraid to show action. > This is NOT A THREAT! It's a promise! We are asking all anonymous > hacktivists to help join the party! > > There will be 10 days of DDoS attacks on 10 different tobacco > sites/agencies. Starting October 18th 2012 -- October 27th 2012. > Each day we will be attacking a new site. > > Every night at 8:00pm EST (Eastern Standard Time) We will Fire our Laz0rs > towards a specific site/agency. Check down below for more details on attack > dates. > > **IMPORTANT** > If you do plan on helping with the attack, please make sure you are using a > VPN & make sure your DNS is not leaking when DDoSing!!! > > DO NOT USE LOIC!!! > Use HOIC and the WebHive!!! > > Also HOIC is pointless without booster scripts so please use a booster > script for the specific site we are attacking!!! (Links Below) > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **How To Use HOIC** > > If your using an older computer with little ram or weak processors. Set the > thread count for 2 or 3. > > If you are using a newer computer with a good amount of ram and processors. > Set the thread count for 4 or 5. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **DNS Leak Check** > Once you have set up your VPN. Go to the DNS Leak Checker Link down below > and check to see if your DNS is leaking. If you see anything that has your > ISP (Internet Service Provider) then your DNS IS LEAKING!!! > (Which can be very bad!!) > > If you DO NOT see anything with your ISP then your DNS is NOT Leaking! > (Which is good!!) > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **How to use HOIC Booster Scripts** > > Just copy and paste the code into any text editor an save it as a .hoic > file. > (You can name the booster whatever you want as long as it is a .hoic > extension!!) > > Then take the booster script an drag it into the same folder HOIC is in. > > > Then when you are ready to attack the a specific site. Find the booster > meant for that specific site an you should be set to fire! > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Tools & Goodies > > Here's a bunch of links for tools for the attack and TuTs as well as the > WebHive URL. > > **(HOIC download link is in the "Tools & Goodies" paste)** > > Tools & Goodies: http://pastebin.com/hRbrhKyd > > VPN TuT/Download: http://pastebin.com/mYZRpQ1A > > WebHive: http://pastehtml.com/view/cdvr011a5.html > > WebHive TuT: http://pastebin.com/BbEfifwA > > DNS Leak Checker: http://www.dnsleaktest.com/ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **ATTACK DATES!!!** > > October 18th: http://www.camel.com/ > > October 19th: http://www.lm.com/ > > October 20th: http://www.marlboro.com/ > > October 21st: http://www.newport-pleasure.com/ > > October 22nd: http://www.rjrt.com/ > > October 23rd: http://www.altria.com/ > > October 24th: http://philipmorrisusa.com/ > > October 25th: http://pmi.com/ > > October 26th: http://www.johnmiddletonco.com/ > > October 27th: http://www.lorillard.com/ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > HOIC Booster Scripts > > Altria Booster: http://pastebin.com/Zx5Gqu6E > > Camel Booster: http://pastebin.com/QbDYxHSR > > JohnMiddleton Booster: http://pastebin.com/fibSqGKt > > L&M Booster: http://pastebin.com/ZV62sgzj > > Lorillard Booster: http://pastebin.com/fpybW7NV > > Marlboro Booster: http://pastebin.com/X09p2tbA > > Newport Booster: http://pastebin.com/FgCVYU0F > > PhilipMorris USA Booster: http://pastebin.com/Nnn8zvXA > > PhilipMorris International Booster: http://pastebin.com/r02ZBiPz > > RJRT Booster: http://pastebin.com/YnaTsJCa > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > **WebHive Request URLs** > > *Camel* > Image URL: > https://camel.tobaccopleasure.com/assets/images/camel99_logo.png > > iFrame URL: http://www.camel.com/ > ------------------------------------------------------------------------ > ------ > *Marlboro* > iFrame URL: https://www.marlboro.com/ > ------------------------------------------------------------------------ > ------ > *L&M* > iFrame URL: http://www.lm.com/ > ------------------------------------------------------------------------ > ------ > *Newport* > Image URL: > http://m.newport-pleasure.com/Content/lor-themes/images/lookup_forgot_pi > n/P2.CustomerID_art.png > > iFrame URL: http://www.newport-pleasure.com/ > ------------------------------------------------------------------------ > ------ > *Altria* > Image URL: > http://www.altria.com/en/cms/Home/SlideShow/Images/LargeImage/federalReg > Tobacco_large.png.aspx > iFrame URL: http://www.altria.com/ > ------------------------------------------------------------------------ > ------ > *RJRT* > Image URL: http://rjrt.com/images/home-bottom-graphic.jpg > iFrame URL: http://rjrt.com/ > ------------------------------------------------------------------------ > ------ > *PhilipMorris USA* > Image URL: > http://www.philipmorrisusa.com/en/cms/Home/images/hp_icon_tobacco.jpg.as > px > iFrame URL: http://philipmorrisusa.com/ > ------------------------------------------------------------------------ > ------ > *Lorillard* > Image URL: http://www.lorillard.com/wp-content/uploads/2011/04/promo.jpg > iFrame URL: http://www.lorillard.com/ > ------------------------------------------------------------------------ > ------ > *PhilipMorris International* > Image URL: http://www.pmi.com/SiteCollectionImages/acc.bnr_about_us.jpg > iFrame URL: http://pmi.com/ > ------------------------------------------------------------------------ > ------ > *JohnMiddleton Company* > Image URL: > http://www.johnmiddletonco.com/en/cms/Company/About_Middleton/photo_over > view2.jpg.aspx > iFrame URL: http://www.johnmiddletonco.com/ > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Also on a lighter note, Weather.gov got hacked, and etc/passwd file was wide > open. ( XSS, and other attack) > http://thehackernews.com/2012/10/sensitive-server-info-leaked-from.html# > sthash.VnI105YC.dpbs > > Looks like the digital Pearl Habor is starting up just in time for the > holidays... > > Z > > Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan > Organization [email protected] > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
