Posts
How did we catch us some dirty would be hackers?
To catch a would be Anonymous Hacker is not very difficult. first you need an idea on what you are targeting. lets take the #interpol attack for example. we first setup a virtual linux server on the cloud that would be ready for the job of being a trap. we went to work throwing together a very simple html page, with a php script that records the ip to file. nothing more, nothing less.
On our #stickyfingers operation we used the following script. we are firm beleivers that your source code should only include the task it is doing on the page it is doing it on. you're far less likely to create vulnerabilities that can open your server up to a number of problems.
Enjoy the code, hope you get a good laugh how simple it is. for the data it produced.
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="content-type">
<title>Support Anonymous</title>
</head>
<body>
<script src="//connect.facebook.net/en_US/all.js#xfbml=1"
id="facebook-jssdk"></script>
<div style="text-align: center;"><big><big><span
style="font-weight: bold;">Anonymous needs your help!</span><br
style="font-weight: bold;">
<span style="font-weight: bold;">Keep clicking the button below<br>Each time sends 1000 proxies.<br>
<?php
$logfile= '/var/www/html/thepot.html';
$IP = $_SERVER['REMOTE_ADDR'];
$logdetails= date("F j, Y, g:i a O T") . ': ' .
'<a href=http://www.geobytes.com/IpLocator.htm?GetLocation&ipaddress='.$_SERVER['REMOTE_ADDR'].'>'
.$_SERVER['REMOTE_ADDR'].'</a>';
$fp = fopen($logfile, "a");
fwrite($fp, $logdetails);
fwrite($fp, "<br>");
fclose($fp);
echo("Send some packets to our target!");
?>
</span></big></big><br>
<br>
<big><big><big><big><span style="font-weight: bold;">TARGET<br>
</span></big></big></big></big><cite><big><big><big><big><span
style="font-weight: bold;">www.</span><b style="font-weight: bold;">interpol</b><span
style="font-weight: bold;">.int</span></big></big></big></big><br>
<br>
<button style="color: rgb(233, 121, 17);" onfocus="f01" value="ftarget"
name="CLICK TO FIRE!" type="button">CLICK TO FIRE!</button>
<br>
<br>
<span style="color: rgb(228, 55, 9);">using this website will <span
style="font-weight: bold;">not</span> identify your IP to the target</span><br>
<br><div class="fb-like" data-href="http://yourhostname" data-send="true" data-width="450" data-show-faces="true"></div>
</cite></div>
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/all.js#xfbml=1";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
To break it down for you, the only important part of this code is the following part.
<?php
$logfile= '/var/www/html/thepot.html';
$IP = $_SERVER['REMOTE_ADDR'];
$logdetails= date("F j, Y, g:i a O T") . ': ' .
'<a href=http://www.geobytes.com/IpLocator.htm?GetLocation&ipaddress='.$_SERVER['REMOTE_ADDR'].'>'
.$_SERVER['REMOTE_ADDR'].'</a>';
$fp = fopen($logfile, "a");
fwrite($fp, $logdetails);
fwrite($fp, "<br>");
fclose($fp);
echo("Send some packets to our target!");
?>
Now all you have to do is create a file called thepot.html (or another name) and make it writable. 777.
Now just keep an eye on thepot file, and maybe even run the Linux command tail -f thepot.html to keep a scrolling eye on what's going on.
That's all there was to it. and it generated the huge list of ip's of Twitter users who are involved with Anonymous Hacking and DDOSing.
trap IP log can be found here
0 comments:
Post a Comment