LOL @ "A timing attack on ssh passwords over the net?" and
"I think its just a bruteforce." -Travis On Mon, Jun 6, 2011 at 7:58 AM, Gichuki John Chuksjonia < chuksjo...@gmail.com> wrote: > I think its just a bruteforce. > > > > > On 6/6/11, Andreas Bogk <andr...@andreas.org> wrote: > > Excerpts from lulzfail's message of Mo Jun 06 08:39:42 +0200 2011: > >> Lulzsec == pwnt > > > > I've seen the log you pasted to pastebin. Is this: > > > > * A timing attack on ssh passwords over the net? > > * Fake, to distract us from your real 0day? > > > > Andreas > > > > Log: > > > > root@gibson:~# ./1337hax0r 204.188.219.88 -root > > Attempting too hax0r root password on 204.188.219.88 > > > > h,VhXz<avMm > > 3xL<l1-_\wC > > ffsakTgyc~H > > ZZrz,pJrg<B > > b{4Bv_Y$$Z6 > > XDh;vDU-;3> > > FB-hvg%g_'t > > }qHNvkS"'>g > > RNBKvUi5yO| > > z`(}v<1^>u& > > *V4?vh9#^f2 > > /R*9vf<h"Z# > > 9P65vjKhh.N > > \rfsv~PhNDz > >>Bfpv|uhGpy > > J%"kvf]hGf0 > > sY0"v{2hf7p > >>9dev%Qh6_v > > *<Tbv7?h.** > > }:lkvV^hN2U > > ;&5Xv'Sh#}_ > > MOqpvi_hg+# > > Md9/viVh&u7 > > M(%rvomhb'" > > MI"5v_shEVe > > M=@?vl.hZge > > MPk5v:WhUTe > > M=3vvrzh7Te > > M&'?v]sh`Te > > M/Z,vI1h`Te > > M.9>vO$hTTe > > Ms!(vY;hpTe > > MA)SvYLhnTe > > M7eCv@Lh0Te > > MkeCvFLh$Te > > M'eCv?LhaTe > > M&eCvLLh|Te > > M*eCv5Lh\Te > > MmeCvcLhCTe > > MTeCv&LhrTe > > M,eCv1LhYTe > > MEeCv}LhHTe > > M_eCvSLhnTe > > MPeCvSLh+Te > > M[eCvSLh,Te > > MOeCvSLh"Te > > M7eCvSLh"Te > > MGeCvSLhdTe > > M$eCvSLhkTe > > MCeCvSLhkTe > > MLeCvSLhkTe > > M=eCvSLhkTe > > M-eCvSLhkTe > > MweCvSLhkTe > > M=eCvSLhkTe > > M3eCvSLhkTe > > M6eCvSLhkTe > > MreCvSLhkTe > > M6eCvSLhkTe > > MFeCvSLhkTe > > MSeCvSLhkTe > > M8eCvSLhkTe > > > > Password hax0rd! root password: M8eCvSLhkTe > > > > root@gibson:~# ssh 204.188.219.88 > > > > root@204.188.219.88's password: > > > > root@xyz:~# hostname; id; w > > xyz > > uid=0(root) gid=0(root) groups=0(root) > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > -- > -- > Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P > I.T Security Analyst and Penetration Tester > jgichuki at inbox d0t com > > {FORUM}http://lists.my.co.ke/pipermail/security/ > http://chuksjonia.blogspot.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/