back

trac

esec

urity

.com

This log has been merged for ease up up/download. It has highlights and annotations added by me. All annotations are in red text.

--- Log opened Tue Feb 08 21:03:44 201121:03 -!- Laurelai [Laurelai@HA-32m.bhl.uq5i3t.IP] has joined #hq21:03 -!- Irssi: #hq: Total of 8 nicks [4 ops, 0 halfops, 0 voices, 4 normal]21:03 -!- mode/#hq [+o Laurelai] by HQBot21:03 -!- Irssi: Join to #hq was synced in 1 secs21:08 <@Laurelai> hii21:15 <&marduk> ahai21:16 <&marduk> welcome to where the shitstorm began21:16 <&marduk> :)21:16 <&marduk> i think it actually was here that hbgary was probed and "oops" was detecetd21:16 <&marduk> with SUCH AN AWESOME CREW HERE21:17 <@Topiary> Hi.21:18 <@Topiary> This is where the magnets happen. I mean magic. I mean steroids.21:20 <@Nessuno834> mmm magnets21:22 <@Topiary> Sabu is away for a week, by the way. I'm sure you guys have already read that, though.21:22 <&marduk> yah have no real update unfortunately21:22 <&marduk> Laurelai: we cant really tie them to wikileaks for sure?21:22 <@Topiary> I'll give him a call tomorrow morning anyway just to say everything is still going according to plan.21:22 <&marduk> Topiary: yup please do21:23 <@Laurelai> marduk: ?21:23 <@Laurelai> tie who21:23 <@Laurelai> oh21:23 <@Laurelai> i already have21:23 <&marduk> well, think that was the article to come?21:23 <@Laurelai> i just wanted more dirt21:23 <@Laurelai> but we got enough21:24 <@Laurelai> to smear the shit out of them21:24 <&marduk> heh. dirt.. isnt good21:24 <&marduk> facts is better 21:24 <&marduk> but who am i21:24 <&marduk> to tell you :)21:24 <@Laurelai> you know what i mean21:24 <@Laurelai> :p21:24 <&marduk> yah (=21:24 <@Topiary> Laurelai: I like the smutty portrait of malice you've created with your use of dirt, smear, and shit.21:24 <&marduk> well, we know for a fact alk companies cooperated21:25 <&marduk> upto boeing21:25 <@Laurelai> Topiary: yeah well there is definitely some malace21:25 <&marduk> we have NDA and Teaming agreements for all21:25 <@Topiary> Gentlemen, let us fuck these people so far into orbit that they'll transmute into a gravitational dip and exude Hawking radiation.

back

trac

esec

urity

.com

21:26 <@Laurelai> lol21:26 <&marduk> palenitir21:26 <@Topiary> Excuse my current loquaciousness, I'm pretty fucking drunk.21:26 <&marduk> i would REALLY REALLY like to know more21:26 <&marduk> they rae one straneg company21:26 <&marduk> actually21:26 <&marduk> i am sure it'S a govt coverup21:26 <&marduk> for very weird shit21:27 <@Laurelai> well to me it looks like21:27 <&marduk> </conspiracy>21:27 <@Laurelai> the government uses these types of companies21:27 <@Laurelai> to do their dirty work21:27 <&marduk> yup21:27 <@Laurelai> but of course we dont have proof21:27 <&marduk> Laurelai: i saw their mission statement21:27 <@Laurelai> just alot of stuff suggesting it21:28 <&marduk> it was something about brains and computers, execut8ive marketing nonsense21:28 <&marduk> really scary21:28 <@Topiary> Do you think the mysterious 500K contract in the first quarter of 2011 (from HBGaryFederal) was government related?21:29 <&marduk> well, i dont think we are unmasking a big conspiracy21:29 <@Laurelai> it could be21:29 <&marduk> its rather uncoordinated21:29 <@Topiary> Just a sidenote on that fact: it's confirmed that Aaron Barr has a quickbook intuit account that would probably contain a lot of valuable documents. We don't know his username, but I'm damn sure of the password.21:29 <&marduk> and just sad21:29 <@Laurelai> i think21:29 <@Laurelai> that this sort of stuff21:29 <@Laurelai> is like an open secret in these circles21:29 <&marduk> FUCKING ISIOTS GENERATING MONEY21:29 <&marduk> grrr21:29 * marduk is mad21:29 <@Laurelai> and they are just scrabling for contracts and cash21:30 <&marduk> yeah21:30 <&marduk> full true21:30 <&marduk> the thing is21:30 <&marduk> i KNEW this before21:30 <&marduk> but being here, seing irt live unfold, seeing the leaks...21:30 <&marduk> UNGH21:30 <&marduk> makes me much moar mad than simply knowing about it21:31 <@Topiary> We need to go derper...21:31 <&marduk> YES.21:31 <&marduk> WE NEED TO ACT.21:31 <&marduk> somehow21:31 <&marduk> i dunno.21:31 <@Topiary> There must be an opening for us to dig into this more.21:31 <@Topiary> Let's not forget that everything we have now came from a simple SQLi and

back

trac

esec

urity

.com

the incompetence of men.21:31 <&marduk> we fucking monitored hbgary email comminucation for 2 days live21:32 <&marduk> and saw the crap they were writing21:32 <@Laurelai> can i make a suggestion21:32 <&marduk> (except for Mark, HE IS WIN)21:32 <@Laurelai> next company you get into21:32 <@Laurelai> just quietly steall all their data21:32 <@Laurelai> and dont rm -rf21:32 <&marduk> and that was just fucking scary to see21:33 <@Laurelai> like21:33 <@Laurelai> it was a cool op21:33 <&marduk> yeah21:33 <&marduk> haha21:33 <&marduk> ppl got so mad21:33 <&marduk> lolo21:33 <@Laurelai> but you could have stolen data for years21:34 <@Laurelai> tainted his source code21:34 <@Laurelai> and got access to his clients21:34 <@Laurelai> backdoored his backups21:35 <@Topiary> A valid point, but he was actively trying to research Anonymous and bring people down. We weren't going to wait for him to keep trying until he actually gets something.21:35 <@Topiary> We were quite patient in that we waited specifically for a sufficient stash of emails before we went public.21:37 <&marduk> Laurelai: it's good21:38 <&marduk> they still underestimate us21:38 <&marduk> heh21:38 <&marduk> next h4x21:38 <&marduk> ????21:38 <&marduk> :)21:38 <&marduk> i mean21:38 <&marduk> it was #optunisia like21:38 <&marduk> this op was assembled in like 1 hour21:38 <&marduk> and then we waited hours to get emails leeched21:38 <&marduk> and we DID NOT make alarm until greg's spool was done21:39 <&marduk> some success :)21:39 <&marduk> but yah21:39 <&marduk> next time21:39 <@Topiary> Confirmed. I think we all had a bit of a nap while the emails leeched out.21:39 <&marduk> look for source code21:39 <&marduk> and somain registrar data login21:40 <&marduk> just fucking own them hardcore :p21:40 <@Topiary> In fact I think four of us slept at the same time for that exact reason, all the more reason to be known as the Raging Homogays.21:40 <@Topiary> Oh - Aaron's twitter just hit 600 followers.21:41 <&marduk> :)21:41 <&marduk> HE IS FAMOUS21:42 <@Topiary> Still, it would appear Twitter has frozen his account. Couldn't log in from API either. Topiary admits having the AB Twitter at 21:4221:42 <@Topiary> That works in our favour. His Twitter still has all our tweets.

back

trac

esec

urity

.com

21:42 <@Topiary> Including his SSN.21:42 <@Nessuno834> is ssn useful21:42 <@Topiary> Not particularly, it's just not really a good thing to have floating around.21:43 <@Topiary> Pretty sure the twatter admins had their coolfaces on when deciding whether to reset, suspense or freeze the account.21:43 <@Nessuno834> lol21:44 <@Topiary> Hundreds of news articles directly link to his twitter, I'll bet you 50 Internets that the twitter admins decided to maintain its hacked tweet entirety simple to gain more members, not that they need 'em.21:44 <@Nessuno834> Im not a twatterer21:45 <@Topiary> I am a bit. It's quite beneficial if you follow a select few news sources, so you can wake up and be up-to-date with what you want right away.21:45 <@Topiary> Especially if you talk to press in other timezones who've been up all day/night and have questions ready for your sleepy ass.21:45 <&marduk> hm21:45 <&marduk> mine didnt get suspended yet21:46 <&marduk> but i think21:46 <@Topiary> @AnonymousIRC?21:46 <&marduk> i am on "no suspend list"21:46 <&marduk> yup21:46 <@Topiary> I'm really surprised about that... remember in Payback they just kept getting sniped out?21:46 <@Topiary> Do you tweet about hives/DDoSing directly?21:47 <&marduk> nope21:47 <&marduk> never21:47 <&marduk> also didnt tweet any direct links to hbgary21:47 <&marduk> i am carefu21:47 <&marduk> i do not violate ToS21:47 <@Topiary> Not to talk about the trollfaggot j35t3r in depth, but Aaron was following him, apparently he might've been affiliated, and usually Jester is all "HURRRRRR ANON ARE BEING DUUUUMB" hours after we do something big.21:47 <@Topiary> This time I see nothing from him or his little henchmen bloggers.21:47 <&marduk> i hint on it21:48 <&marduk> make fun21:48 <&marduk> and even RT links21:48 <&marduk> but never tweet a direct ToS myself21:48 * marduk fkn knows his shit on social networks, and i am very drunk21:49 <&marduk> mr barr... needsa a whisky21:49 <@Topiary> You should give me the password to AnonymousIRC so I can tweet about how small Aaron's penis is.21:50 <@Nessuno834> marduk I told u uwere drunk21:51 <@Topiary> An Anon Skype party should be in order.21:51 <&marduk> Nessuno834: that information is correct21:52 <&marduk> Topiary: lol i'd never do that21:52 <&marduk> you lack like .. 45 points in diplomacy skill21:52 <@Topiary> marduk: I'll tell on you!21:53 <@Nessuno834> read #ophbgary21:53 <@Nessuno834> anthrophobic cant open pdf21:54 <&marduk> fixt

back

trac

esec

urity

.com

21:55 <@Nessuno834> <Anthrophobic> forgive someone for not being a fucking mother's basement geek and not know EVERYTHING21:55 <@Nessuno834> to open pdf21:56 <&marduk> meh 21:56 <@Topiary> PDF is clearly formats on steroids.21:56 <&marduk> why you bother here with that?22:09 <@Nessuno834> <Anthrophobic> yeah, go back to #ophbgary and scroll up to this morning.22:09 <@Nessuno834> <Anthrophobic> I asked like 20 times.22:09 <@Nessuno834> <Anthrophobic> and all these kick bans wont do anything22:09 <@Nessuno834> <Anthrophobic> and if you think FBI is what you guys should be worried about..22:09 <@Nessuno834> <Anthrophobic> haha22:09 <@Nessuno834> <Anthrophobic> i idle so much cause i collect information to write22:09 <@Nessuno834> <Anthrophobic> but thats ok.22:09 <@Nessuno834> <Anthrophobic> oh and for the people you copy/paste this to HI!22:09 <@Nessuno834> <Anthrophobic> lol22:09 <@Nessuno834> <Anthrophobic> its fucking mirc, your little zlines and kickbans don't do shit, ban evade FTW22:09 <@Nessuno834> <Anthrophobic> oh and you think you know what ever one can and can not do cause they "act" dumb or say something in a channel.22:09 <@Nessuno834> <Anthrophobic> have fun keeping your networks online through the night dumb fuck22:09 <@Nessuno834> lulz22:11 <@Laurelai> wtf lol22:11 <@Nessuno834> he can hax22:11 <@Nessuno834> but never heard of pdf22:12 <@Nessuno834> Ima go bed22:12 <@Nessuno834> goodnight all22:13 <@Topiary> Goodnight good sir22:13 <@Topiary> >its fucking mirc22:14 <@Topiary> Oh sweet lord, best be trolling.22:14 <@Topiary> Oh boy, he might win butthurt troll of the day award. Some fag was in our piretepad on HBGary dox earlier threatening to take down whywefight. Pretty sure WWF is owned by exiledsurfer22:14 <@Topiary> He's taking the crown for the 9th.22:15 <@Topiary> Or 8th if you want timezone.22:15 <@Nessuno834> this is the guy who wanted access to #loic22:15 <@Nessuno834> and used to be auto opped in every channel22:47 <@Topiary> http://hbgary.com/22:50 <&marduk> heh22:55 <@Topiary> >falsified data22:55 <@Topiary> tflow: drop those emails so hard it crushes their lives22:55 -!- Netsplit triangle.operationfreedom.ru <-> private.operationfreedom.ru quits: marduk, @Nessuno834, Avunit, @tflow, @kayla, @Topiary, HQBot22:56 -!- Irssi: #hq: Total of 1 nicks [1 ops, 0 halfops, 0 voices, 0 normal]22:56 <@Laurelai> wut22:58 -!- Netsplit over, joins: ~Avunit, @Topiary, @Nessuno834, @tflow, &marduk, &HQBot, @kayla

back

trac

esec

urity

.com

23:01 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal]23:23 <&marduk> 04:22 <+n0pants> right, what I'm saying is: if you want me to dig out a few fat juicy worms before you public release the whole thing, I could do that.23:23 <&marduk> mmm dunno23:23 <&marduk> dunnonliek23:23 <&marduk> that sentence23:24 <&marduk> but probably i am paranoid etc--- Day changed Wed Feb 09 201104:17 <~Avunit> Report in guis.04:18 <@Laurelai> Avunit: here04:18 <~Avunit> lol04:18 <~Avunit> xD04:18 <~Avunit> sup?04:18 <@Laurelai> working the article04:19 <~Avunit> i heard yes04:19 <@Laurelai> BoA was behind HBgary attacking WL04:19 <@Laurelai> im still digging through emails04:19 <~Avunit> boa hates me qq04:19 <@Laurelai> to find anything else04:20 <~Avunit> when do you want to publish it?04:21 <@Laurelai> tonight or tomorrow04:21 <@Laurelai> thetechherald is working with me on it04:21 <~Avunit> steve?04:21 <@Laurelai> yeah04:22 <~Avunit> awesome04:22 <@Laurelai> 3 companies04:22 <@Laurelai> worked together on this04:22 <@Laurelai> 3 government contractor IT security companies04:22 <~Avunit> barico, palantir and hbgary right?04:22 <@Laurelai> yes04:23 <@Laurelai> to me it implies that the federal gov is involved behind the scenes04:23 <~Avunit> barico sells security software yes, palantir analyzing software for financial and gov platforms and hbgary is a 'security' company with a federal branch. thats all i know :p05:39 !triangle.operationfreedom.ru *** HQBot invited kayla into the channel05:39 -!- kayla [mysql2@fbi.gov] has joined #hq05:39 -!- mode/#hq [+o kayla] by HQBot05:39 <&marduk> oh my fav thing on irc05:40 <@kayla> hey guys :D05:40 <&marduk> i just wanted to sleeep05:40 <&marduk> kayla: 05:40 <@kayla> *dances* :305:40 <@kayla> ? :D05:40 <&marduk> got some few minutes to scan over somethihng?05:40 <@kayla> yeh sure05:41 <&marduk> www.djezzygsm.com - algerian cellphone provider, need db05:41 <&marduk> www.mobilis.dz - algerian cellphone provider, state owned, need db05:41 <&marduk> www.nedjma.dz - algerian cellphone provider, want db05:41 <&marduk> they allowv registration05:41 <&marduk> via web

back

trac

esec

urity

.com

05:41 <@kayla> ok i'll take a look in a bit <305:41 <&marduk> if you can find anything there05:42 <&marduk> we dont need to own. only dump05:42 <&marduk> :)05:42 <@kayla> :)05:43 <&marduk> we dont want to pwn either05:44 <&marduk> if we can silently extract any database05:44 <@kayla> omg D: who keeps removing my aop D:05:44 <&marduk> we would rock05:44 <&marduk> cause i would hand to opposition05:44 <@kayla> can someone re add aop to #opegypt and #ophbgary05:44 <&marduk> they would mass sms for feb1205:45 <@kayla> i'll take a look in a bit, i have to sort something else first <305:46 <&marduk> sure.. an i check, but nobody has removed you05:46 <@kayla> :s05:47 <@kayla> ;__________; but it doesn't op me ;_______________:05:55 <&marduk> wat? heh05:55 <&marduk> was that script or question? lulz05:58 <@kayla> :d?05:58 <@kayla> :D?05:58 <&marduk> you have al acc?05:58 <@kayla> al?05:58 <&marduk> or07:54 <&marduk> tflow: 07:54 <&marduk> you around=07:55 <&marduk> or kayla !!!07:55 <&marduk> <307:55 <&marduk> or hm09:20 <@kayla> TFLOW HERE09:20 <@kayla> need him quick!!!!!!!!!!!!!09:20 <@kayla> or Topiary09:20 <@kayla> or someone with access to the internetfeds online email viewer box09:22 <@kayla> gregs emails are ready, parsed and everything09:22 <~Avunit> kayla!09:22 <@kayla> need to get them on the online viewer :309:22 <~Avunit> <309:22 <@kayla> the tiem to fuck greg is now :309:22 <@kayla> <309:22 <@kayla> luff u bb :309:22 <~Avunit> put all of them on already or only some?09:22 <@kayla> :s i thought it was only ted's,aarons and someone elses on there?09:23 <@kayla> gregs have been kept priv8 09:23 <@kayla> i dunno, this is why i need tflow09:23 <@kayla> only a few ppl have gregs mails09:23 <@kayla> no one got tflows phone?09:24 <~Avunit> i dont09:24 <~Avunit> meanwhile what about berico and palantir?09:25 <@Topiary> Do not have acccess @ kayla09:26 <@Topiary> The time to fuck Greg is nao?

back

trac

esec

urity

.com

09:26 <@Topiary> :309:26 <~Avunit> tis always time to fuck greg but with the mails we kinda fuck him eith a turbocharged fucking machine09:26 <~Avunit> with*09:27 <@Topiary> Can I have the distinct pleasure of letting #hbgary know that the time for fucking is near09:27 <~Avunit> we dont have access to the mails yet though09:27 <~Avunit> but i dont mind09:28 <@Topiary> ah yes09:28 <@kayla> wait for the mails09:28 <~Avunit> meanwhile im still eyeing berico and palantir too.09:28 <@kayla> nigg is only allowing 1 dl from his box for them and tflow has the online view access so it makes sense tflow gets them09:28 <~Avunit> yarr09:29 <@kayla> as soon as i've done this stuff im helping someone with im going full retard on palantir and berico servers09:29 <@kayla> need to get a ether pad up we can use09:29 <~Avunit> i cant run etherpad on a vps09:29 <~Avunit> java keeps screaming about ram even when it has enough09:30 <~Avunit> prob openvz issues09:31 <~Avunit> kayla you got any box around i can use for the general stuff on berico/palantir when im @ home?09:31 <@Topiary> I love you guys09:32 <~Avunit> okay omw home now09:32 <~Avunit> brb09:36 <@kayla> like a hacked server?09:36 <@kayla> i'll give you a root if you want?09:48 <@kayla> Topiary09:48 <@kayla> :D09:48 <@kayla> who is handling media?09:50 <@Topiary> Got it covered with Housh and Barrett09:50 <@Topiary> we's rollin'09:50 <@kayla> url wants someone to tlak to a journo i think09:50 <@kayla> i'll tell him to pm you :309:56 <~Avunit> there i am again09:56 <~Avunit> did i miss anything sexy09:56 <~Avunit> ?10:23 <@kayla> you missed me bb <3 ;)10:24 <@Topiary> Emailed the Guardian dude10:28 <~Avunit> Oh yeah kayla10:28 <~Avunit> I did10:28 <~Avunit> <310:31 <~Avunit> kayla, you got any box i can use to take a look at berico and palantir?10:37 <@kayla> you want a hacked server or something?10:38 <~Avunit> well something i can use safely for less legal stuff n scannign on berico and palantir10:39 <@kayla> pm ill give you a root <311:21 <~Avunit> brb dinner12:14 <~Avunit> meanwhile

back

trac

esec

urity

.com

12:14 <~Avunit> how we gonna get a pad ups?12:21 <@Topiary> on the phone with Sabu now, anything anyone wants said?12:23 <@tflow> hbgary.com says12:23 <@tflow> HBGary, Inc and HBGary Federal, a separate but related company, have been the victims of an intentional criminal cyberattack. We are taking this crime seriously and are working with federal, state, and local law enforcement authorities and redirecting internal resources to investigate and respond appropriately. To the extent that any client information may have been affected by this event, we will 12:23 <@tflow> provide the affected clients with complete and accurate information as soon as it becomes available.12:23 <@tflow> Meanwhile, please be aware that any information currently in the public domain is not reliable because the perpetrators of this offense, or people working closely with them, have intentionally falsified certain data. HBGary, Inc and HBGary Federal are committed to a comprehensive, accurate, and swift response to this crime.12:23 <@tflow> Technical Support for all HBGary products and services is still available via email at support@hbgary.com12:24 <@Topiary> okay he basically sends much love, and kayla he's gonna be on after evening time EST tomorrow and wants you to be around12:24 <@Topiary> because he wants to take part in the full retard attack12:24 <@tflow> i send much love too :-)12:24 <~Avunit> well onto barico and palantir now12:24 <~Avunit> and much love from avunit too12:30 <@tflow> http://www.thetechherald.com/article.php/201106/6798/Data-intelligence-firms-proposed-a-systematic-attack-against-WikiLeaks?page=112:30 <@tflow> juiceh12:31 <@kayla> :D tell him i said hi :312:31 <@kayla> and yes i will b here :D12:31 <@kayla> i allways will \:3/ i <3 u guys 12:39 <~Avunit> <333312:48 <@kayla> did we ever get Gred Hoglunds SSN?12:50 <~Avunit> not that i know of13:23 <@Topiary> Pretty sure we got all their SSNs, right13:23 <@Topiary> ?13:29 <@kayla> thats what i thought, i never had them though...13:29 <~Avunit> ^ same13:29 <@kayla> how was aarons pulled?13:30 <@kayla> i think they were in the financials dox?13:30 <@kayla> im not sure...13:30 <@kayla> i was kinda late to the party D:13:30 <~Avunit> i missed the actual party due to my riouter13:34 <@Topiary> sweet, might get a chance to speak to Aaron on CNN next week as a group talk13:34 <@Topiary> I am going to troll him so hard he cries on TV13:34 <@Topiary> kayla: yes, financial docs13:34 <@Topiary> so Sabu may have the rest13:34 <@Topiary> we'll ask him tomorrow evening13:37 <@kayla> he's going on CNN? on TV?13:37 <@kayla> like a call in show thing?13:37 <@kayla> OH GOD

back

trac

esec

urity

.com

13:37 <@kayla> call him out live on TV about attacking wikileaks :313:39 <@Topiary> Oh I will13:40 <@kayla> :313:41 <@kayla> how do you know he is doing cnn?13:41 <@tflow> Anonymous has entered its golden age again13:41 <@kayla> tflow did you get gregs emails :313:41 <@tflow> yup13:42 <@kayla> nice, you going to add them to the online viewer?13:42 <@tflow> yup13:42 <@kayla> \:D/ yay13:42 <@tflow> http://pastehtml.com/view/1d5wg3k.html13:42 <@tflow> what do you think of this press release?13:42 <@tflow> to accompany it13:43 <@tflow> (topiary made it)13:43 <@Topiary> can't edit right now, talking to Swedish reporter about Op Tunisia/Egypt, but will after13:43 <@kayla> oh i got someth9ing nice you can add to tht <313:44 <@kayla> posted on the techhearald comments13:44 <@kayla> Agent8613:44 <@kayla> FYI. Some of the email sport S/MIME digital signatures, thus ensuring their authenticity.13:44 <@kayla> Today, 9:23:28 AM13:44 <@kayla> . Flag . Like . Reply13:44 <@kayla> is this true?13:45 <@kayla> if so..... add it to the press release, not the whole thing but the point that it can't be fake as it contains those said signatures13:45 <@kayla> but verify if thats true first13:46 <@kayla> but i supose it proves they're not fake :D13:47 <@tflow> that's nice13:48 <@kayla> but i don't even know what that is so i can't verify it xD13:48 <@kayla> im having a blonde moment :313:48 <@kayla> http://en.wikipedia.org/wiki/S/MIME13:51 <@kayla> yes some do contain such information!!!!!!!!!! :D13:52 <~Avunit> ./agree with press release13:55 <@Topiary> sweet13:56 <@Topiary> ooh, will be on Swedish radio tomorrow, 1 million listeners13:56 <@Topiary> have to chat about Tunisia/Egypt13:57 <@Topiary> agh, forgotten the finer details, will have to look back on old interviews13:57 <~Avunit> Be sure to say em hi from me.13:58 <@kayla> bonus points if before you finish talking you play rickroll down the phone, 1 mil ppl pwnd13:59 <~Avunit> bonus points if you say "Kayla said shed strip if id rickroll you all: NEVAH GONNA GIVE YOU UP"13:59 <~Avunit> get ready to be exposed kayla13:59 <@kayla> i dont mind :D14:00 <@Topiary> well rickrolled 10 million screens in the US with that last Alyona Show one, will do it again for Sweden14:00 <@Topiary> or request that the play Never Gonna Give You Up next14:00 <@Topiary> it's a radio station so yeah.

back

trac

esec

urity

.com

14:00 <@kayla> yeh do tht :D14:00 <~Avunit> "And for my beloved kayla I'd like to request: Rick Astley - Never Gonna Give You Up"14:00 <@kayla> xD14:00 <@Topiary> kayla is 30 years old and a man14:00 <~Avunit> "Oh and hi mum and dad"14:01 <~Avunit> topiary: so we14:01 <~Avunit> are all gay14:01 * Avunit humps topiary14:01 <@kayla> ;_;14:01 <@Topiary> kayla: http :// www . vocaroo . com / [vocaroo is a popular place for uploading crank calls]14:01 <@Topiary> show us your deep 30 year old man voice14:01 <~Avunit> XD14:02 <@kayla> lol xD14:08 <@kayla> y so h8 ;_;15:09 <@kayla> how long untill we release teh ema1ls 0f d00m15:13 <@Topiary> the second joepie91 finishes his stuff I asssume15:13 <@tflow> we're also going to get anonleaks.ru/.ch or something15:13 <@tflow> to host it15:13 <@tflow> to take the piss15:13 <@tflow> and no, it's not gonna be a whistleblowing site - torrents are best for whisteblowing :)15:13 <@Topiary> also I'm going to start saying, with future press, that I'm an observer/associate of Anon that agrees with Anonymous actions, rather than say I'm Anon15:13 <@Topiary> kind of like Barrett/Housh15:13 <@Topiary> to avoid being raped by Feds15:14 <@tflow> aw15:14 <@tflow> why15:14 <@tflow> but they you can't use memes..15:14 <@Topiary> I can use memes, it's just a small terminology change15:15 <@tflow> it's big15:15 <@Topiary> all I have to do is stop saying "we" and start saying "they" when referring to Anon15:15 <@tflow> it will decrease the lulz in interviews15:15 <@Topiary> hm, valid point15:15 <@tflow> Topiary you won't get v& as long as you're not as stupid as Coldblodd15:15 <@tflow> blood*15:15 <@kayla> yeh, we just need to get the emails out as fast as possible because someone made a good point tht the longer we have them the more it looks like we could have falsified them15:15 <@kayla> did you include the stuff about mime sigs in the press release also?15:15 <@tflow> coldblood got v& because he had his name everywhere15:16 <@tflow> and his name can be traced to him irc15:16 <@tflow> irl*15:16 <~Avunit> other channel --->15:16 <@Topiary> Actually Coldblood got v& because his parents ratted him out15:16 <@Topiary> kayla: no, hoping someone could just quickly add it15:16 <@kayla> coldblood deservd v& if you ask me

back

trac

esec

urity

.com

15:16 <@kayla> his media whoreing made me feel sick15:16 <@Topiary> I just finished writing something for press so can add it now15:16 <@Topiary> just a sec15:16 <@kayla> im not good with wordings i can hardly spell D:15:16 <@kayla> cna someone add pls :315:17 <@kayla> i am not gud with wordings of the englosh language 15:18 <@Topiary> sure just a moment15:19 <@tflow> LOL15:19 <@tflow> his parents?15:19 <@tflow> LOL15:19 <@tflow> LOL15:19 <@tflow> LOL15:19 <@tflow> LOL15:19 <@tflow> LOL15:19 <@Topiary> yeah I shit you not, his parents found out he was Coldblood and ratted him out [More evidence Topiary is familiar with Brit anons]15:19 <@Topiary> I wish I was shitting you but it's true15:20 <@kayla> LOL15:20 <@kayla> his own parents?15:20 <@kayla> they must realy h8 him15:20 <@kayla> xD15:21 <@kayla> my dad would never do tht, he knows i pwn i sometimes show him the lulz i cause :D15:21 <@Topiary> http://pastehtml.com/view/1d5wg3k.html15:21 <@Topiary> page updated15:22 <@kayla> i shown him the hbgary stuff too xD 15:22 <@Topiary> paragraph below the email quote15:29 <@Laurelai> hi15:32 * kayla cuddles laurelai :315:32 <@kayla> so much <315:32 <@Laurelai> :315:40 <@Topiary> 30 year old men cuddling is a do not want.15:45 <@kayla> You're only jealous :315:49 <@Laurelai> >30 year old men15:49 <@Laurelai> im a girl15:49 <@Laurelai> :p15:58 <@Topiary> Haha, women on the Internet.16:33 <@kayla> heh the whole "no girls on the internet" was proberlby thought up by some guy who got severly pwned by a girl online and to save face they screamed "your not a girl" in order to save thier ego and proclaimed "there's no girls on the internet" and because guys on the internet were increasingly getting pwned by girls everyone started saying "there's no girls on the internet" like our friens aaron and greg who are proberlby laid in bed now shaking, crying mumbling to themself16:33 <@Nessuno834> ohai16:34 <@kayla> hi Nessuno83416:34 <@Nessuno834> ohai kayla <316:34 <@kayla> <3 :)16:34 <@Nessuno834> whats new16:36 <@kayla> nm, you hear about hbgary being contracted by BOA to as attack wikileaks?

back

trac

esec

urity

.com

16:39 <@Nessuno834> srsly?16:39 <@Nessuno834> fuck this shits deep16:40 <@Topiary> Fallen right off the diving board and drowned, that's how deep it goes16:40 <@kayla> http://www.thetechherald.com/article.php/201106/6798/Data-intelligence-firms-proposed-a-systematic-attack-against-WikiLeaks16:40 <@kayla> http://emptywheel.firedoglake.com/2011/02/09/security-firms-pitching-bank-of-america-proposed-targeting-glenn-greenwald/16:40 <@kayla> oh it's bad16:41 <@kayla> HERP DERP LETS HACK TEH WIKILEAKS AND IF ANYONE HACKS US TELL THEM THEY ARE CRIMINALS AND SEND THE FBI TO V& THE LOLZ16:42 <@Nessuno834> hbgary are so so epic fail16:42 <@Nessuno834> its like they try to fail16:42 <@Topiary> tflow: is it going to be applicable to say "anonleaks rep" when talking to press about this shit?16:43 <@kayla> i think the media will get confused and think anonleaks is seperate to anonops or payback16:43 <@kayla> i dunno16:44 <@kayla> the media ALLWAYS seem to get anything anon wrong16:44 <@Nessuno834> whatever you say they will get it wrong16:44 <@Topiary> kayla: it's annoying when speaking to press to blab to them for 20 minutes about how they can't say rep of Anon, how they can't say this or that16:44 <@Topiary> or Anon gets mad16:46 <@tflow> Topiary: maybe16:46 <@tflow> but anonleaks will not be a whistleblowing site16:46 <@tflow> it will be a site to format existing leaks16:46 <@Topiary> okay, just a place to host our leaks16:46 <@tflow> people need to use tpb for whistleblowing16:50 <@Nessuno834> is marduk around?17:09 <@Nessuno834> derp_trees17:09 <@kayla> ETA on greg mail dump ;3?17:09 -!- Netsplit triangle.operationfreedom.ru <-> trust.operationfreedom.ru quits: @marduk, @Nessuno834, @Avunit, @kayla, @tflow, @Topiary, @HQBot17:18 -!- Netsplit over, joins: ~Avunit, @Topiary, @Nessuno834, @tflow, &marduk, @kayla, &HQBot17:31 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @tflow17:33 -!- Netsplit over, joins: @tflow17:56 <@kayla> tflow here?18:02 <@tflow> yes18:02 <@tflow> web version is finished programming18:02 <@kayla> nice :D18:02 <@tflow> now all that's left is to run the web version conversion script 'n create torrent18:02 <@kayla> i think the internet is hungry for the mails :D18:02 <@tflow> and wait for http://anonleaks.ru to propagate18:02 <@tflow> which should be soon i think18:03 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal]18:06 !triangle.operationfreedom.ru *** HQBot invited kayla into the channel18:06 -!- kayla [mysql2@fbi.gov] has joined #hq18:06 -!- mode/#hq [+o kayla] by HQBot18:06 <@kayla> :3 stop dossing me!!1

back

trac

esec

urity

.com

18:06 <@kayla> jkjk <3 :)18:09 <@kayla> http://emptywheel.firedoglake.com/2011/02/09/the-disinformation-campaign-bank-of-america-considered/f18:15 <@kayla> haha :D and WL posted the PDF palantir and berico made from aarons mails on their site :D18:15 <@kayla> http://wikileaks.ch/IMG/pdf/WikiLeaks_Response_v6.pdf18:15 <@kayla> LULZ18:18 * Nessuno834 doses kayla ;)18:21 <@Nessuno834> kayla question are you hawt?18:22 <@Laurelai> hu18:22 <@Laurelai> hi18:22 <@Laurelai> im wondering18:22 <@Laurelai> if you guys could help me recruit for crowdleaks18:23 <@tflow> start a channel for crowdleaks on anonops18:24 <@tflow> that should help i think18:24 <@Nessuno834> yeah18:25 <@Topiary> tflow: Do you think we'll have Greg drops within the next hour or two?18:27 <@tflow> no idea18:27 <@tflow> the ETA is really obscure18:27 <@tflow> i can't really give a valid estimate18:28 <@tflow> but look in ifeds if you want to follow the progress18:29 <@Nessuno834> I cant in ifeds18:29 <@Laurelai> ok i made a channel18:29 <@Laurelai> #crowdleaks18:38 <@kayla> https://cryptbin.net/?id=fmj PASS = A&^S%&A^s7a6s18:39 <@kayla> some lame troll trying to scare me lol18:39 <@kayla> xD18:45 <@Nessuno834> i think i love you kayla18:59 <@tflow> kayla18:59 <@tflow> kayla18:59 <@tflow> kayla18:59 <@tflow> urgently need a working busybox ssh tunnel19:00 <@tflow> please19:01 <@kayla> i don't have the list here19:02 <@kayla> 2 mins let me see if i can find it 19:02 <@kayla> nah :/ dont have it here19:02 <@kayla> nigg has loads of them19:02 <@tflow> :/19:02 <@tflow> is he online?19:03 <@kayla> don't know im not in any ircs he is on at the minuet19:03 <@tflow> ok what about any roots?19:03 <@tflow> that can be used to tunnel?19:04 <@kayla> i think laurelai has a copy of the busybox list19:10 <@kayla> i don't have my thumb dive here :/19:24 <@kayla> tflow19:24 <@kayla> http://sprunge.us/GTbZ19:24 <@kayla> busybox, busybox everywhere19:25 <@tflow> thanks! :D19:25 <@kayla> not all will work, the list is kinda old

back

trac

esec

urity

.com

19:26 <@Nessuno834> gnite all19:26 <@kayla> sweet dreams :)19:40 <@Topiary> Sleep well, good sir.19:40 <@Topiary> Agh, my headset is being weird... must buy new one.19:45 <@kayla> tflow :3 how long?19:45 <@kayla> the suspense is killing me xD19:46 <@Laurelai> kayla: re busyboxes19:47 <@Laurelai> claire discovered they stay up just move IP's on the same block [Claire is Raymond Madeiros, a US-based transgender programmer who helps run Crowdleaks]19:47 <@Laurelai> so you just need to rescan regularly19:47 <@tflow> kayla, .htmls are being generated now19:55 <@kayla> Laurelai :D yeh im guessing because most are dynamic IP's19:55 <@kayla> tflow: sweet can't wait to see it <3 20:00 <@tflow> telecomix is offering a mirror :-)20:02 <@Laurelai> another thing20:02 <@Laurelai> is crowdleaks needs server admins20:02 <@Laurelai> who can use xen21:13 <@Topiary> marduk: when you're back, tell me, it's important21:19 <@Laurelai> any ETA on the new emails?21:45 <@Topiary> guys, this stays in here entirely and I'm not revealing my source here for his own protection, but Greg Hoglund has spies in AnonOps channels regularly, they're trying to ask reporters and even Anons for info they have on a couple of us21:45 <@Topiary> we need to lead them on a wild Anon chase21:46 <@Topiary> they can't get us via IPs or on their own so they're simply trying to socially engineer other Anon into blabbing what they know about us21:48 -!- Netsplit triangle.operationfreedom.ru <-> trust.operationfreedom.ru quits: @marduk, @Nessuno834, @Avunit, @kayla, @tflow, @Topiary, @HQBot21:53 -!- Netsplit over, joins: @tflow, ~Avunit, @Topiary, @Nessuno834, &marduk, &HQBot, @kayla22:19 <&marduk> Topiary: back, kinda22:19 <&marduk> sec tho22:22 <&marduk> Greg's mad huh?22:23 <@Topiary> pretty mad - how much info do you have available on the Internet about yourself, marduk?22:23 <@Topiary> I mean deep, like little persona tidbits from like 10 years22:24 <&marduk> all22:24 <&marduk> but not as marduk22:24 <&marduk> neither as q or as anything else i used on anonops22:24 <&marduk> and nobody, absolutely nobody on anonops knows who i am.22:24 <@Topiary> do any Anons on this server know of your aliases that could lead to other aliases that could lead to more people that could lead to doxing?22:24 <&marduk> no22:24 <&marduk> no chance22:24 * marduk is safe22:25 <@Topiary> okay, we just have to be careful, the faggot Hoglund asked for us two in specific, like he wants to know about "q and Topiary"22:25 <&marduk> but i dont know how much taht applies to others...22:25 <@Topiary> this faggot has government contacts and was in charge of that malware shit

back

trac

esec

urity

.com

22:25 <@Topiary> so let's not take him as a complete joke22:25 <&marduk> yep he mad22:25 <&marduk> mhh what about you?22:26 <@Topiary> I think I'm pretty safe, I actually honeypot google searches on me to fake dox, I add to it every 3 to 4 months22:26 <@Topiary> but I know of at least two people on this network that know my real first name22:26 <&marduk> if i wasnt so nice22:26 <&marduk> i would make them lead to someone else :p22:27 <@Topiary> here's what I was thinking: Greg is using other Anons as targets to get us, he'll ask dumb innocent shit like "so what are these guys' roles, links to anything they've done?" - I'm going to start telling certain groups of Anons in private that my first name is Derrick22:27 <@Topiary> tell others that my first name is John22:27 <@Topiary> others Jack22:27 <@Topiary> if word leaks that Greg thinks I'm Philip22:27 <@Topiary> I know exactly who blabbed22:27 <@Topiary> and who to fuck up22:28 <&marduk> good idea22:28 <@Topiary> that's a good idea to begin with in large social groups, you lie about tiny facts to certain people and make that tiny fact remain constant, so if the full story ever gets out, you know who from22:28 <@Topiary> common stuff22:29 <@Topiary> basically I ain't even mad, but the reason people like us haven't been caught yet is by being safe,22:29 <@Topiary> and gonna take this seriously just to be more safe than safe22:29 <&marduk> lol22:29 <&marduk> http://wikileaks.ch/IMG/pdf/WikiLeaks_Response_v6.pdf22:29 <&marduk> just saw that22:29 <@Topiary> pretty rad22:30 <@Topiary> my philosophy on it is that if you can dox someone, they deserve to be doxed22:31 <&marduk> and yes.. sure.. ut so far i never told anyone any first name of me22:31 <&marduk> not that anyone asked me either, i would find that a VERY STRANGE question22:32 <&marduk> but then22:32 <@Topiary> I once dox'd someone from half a nickname in like four clicks: googled half in quotes half out, found a music profile of his, googled the most obscure musician in quotes along with the two halves of his name and "facebook", found his facebook page that had liked the musician and his full name22:32 <@Topiary> that is why you take internets as srs bsns22:32 <&marduk> all you say, nothing is surptiseing at all22:32 <&marduk> OFC he wants to dox us haha22:32 <&marduk> he is mad as hell, i lub it22:32 <&marduk> i guess that is what aaron tried with Q and failed horribly 22:32 <@Topiary> he so mad22:32 <@kayla> has gregs shit been dumped yet?22:33 <&marduk> nope, still working on that it seems22:34 <@Topiary> marduk: wanna have some fun? we could fake dox, make 'em think we're

back

trac

esec

urity

.com

from batshit places and we have batshit identities22:34 <@Topiary> he has spies right nao probably storing everything both of us say22:34 <&marduk> well, we cant just reveal our identities tho :p22:34 <@Topiary> nah, drop subtle hints, a very delicate plan22:35 <@Topiary> one thing we still have to do is say "Operation Galfromtronam" or something, wait for spais to Google whatever the fuck "Galfro--" is, have it link to a "leaked" pastebin of a "secret" operation where we both discuss something about... I dunno, Russian missiles22:36 <&marduk> hm i dunno, i still am not fully awake.. also it would not by typical of me22:36 <&marduk> i dont thik any spai would believe it.. however, if someone else drops sth..22:36 <@Topiary> nah, not like that, just even drop a slight mannerism that suggests you're from a certain country22:36 <@Topiary> I don't know if you read all 23 pages of Aaron's report22:36 <@Topiary> but he was guessing people nationalities based on their words22:37 <@Topiary> he had "possibly UK" when someone said "footy"22:38 <@Topiary> fuck, if I weren't so nice I'd let those corporate bastards pay me to dox harder than they ever could22:38 <@Topiary> but Anon is leegun <322:44 <&marduk> lol i wish them good lukc22:44 <&marduk> maybe they still believe i am in cali22:45 <@Topiary> I'm actually going to call Greg/Aaron from a Cali google center via my gmail, fake an American voice and ask them if they enjoyed their new twitter22:46 <@Topiary> they know I took the twitter, so they'll think I'm American after that22:46 <@Topiary> yes they are probably that gullible22:46 <&marduk> lol22:46 <&marduk> 03:46 <flabbergaster> the way they work is that clients sign into their servers to run the software. they maintain databases. the databases/servers have been taken offline22:46 <&marduk> 03:46 <flabbergaster> because they are afraid that someone is trying to get into them22:46 <&marduk> this is golden if true22:46 <&marduk> (Palantuir)22:50 <@Topiary> excellent22:59 <@Laurelai> lol22:59 <@kayla> how long untill gregs mails :/22:59 <@kayla> fuck lol i've been waiting since sunday for them :S23:00 <@Topiary> Anon demands blood23:01 <&marduk> shouldnt be all too long.. the email reader already lists them :)23:01 <&marduk> 27000 Greg mails23:01 <&marduk> 10k more than aaron hehe23:03 <@Topiary> NEW HIGH SCORE!23:03 <@Topiary> GREG HAS GAINED +5 TO FAGGOTRY!23:43 <@Laurelai> lol--- Day changed Thu Feb 10 201100:12 <&marduk> 05:11 <DrPizza> the sql injection was in a custom app, or something off the shelf? [DrPizza is Peter Bright of Ars Technica]00:12 <&marduk> kayla: do you know that? the original swli which gained us access?01:29 <&marduk> tflow: kayla .. DrPizza from ars.technica would want someone who can walk him thru the actual hack, what was used when and in what order

back

trac

esec

urity

.com

01:29 <&marduk> would you want to talk to him?01:29 <&marduk> possibly use a new handle01:44 <@Laurelai> so01:44 <@Laurelai> idea01:44 <@Laurelai> regarding the anon intel group thing01:45 <@Laurelai> we need artwork01:45 <@Laurelai> our own terrifying symbol of leetness01:45 <@Laurelai> like an insignia or crest01:45 <@Laurelai> for psyops reasons01:45 <@Laurelai> http://www.psywarrior.com/DeathCardsAce.html01:45 <@Laurelai> examples01:50 <&marduk> yeah, i already looked for a logofag01:50 <&marduk> dindt fine one so far--- Log closed Thu Feb 10 02:11:16 2011--- Log opened Thu Feb 10 03:38:45 201103:38 -!- Laurelai [Laurelai@HA-32m.bhl.uq5i3t.IP] has joined #hq03:38 -!- Irssi: #hq: Total of 7 nicks [3 ops, 0 halfops, 0 voices, 4 normal]03:38 -!- Irssi: Join to #hq was synced in 0 secs03:39 -!- mode/#hq [+o Laurelai] by HQBot03:45 <&marduk> added you to axx list03:49 <@Laurelai> thx :)03:50 <@Laurelai> we need more kaylas03:50 <@Laurelai> :s03:52 <&marduk> idd hah06:09 <~Avunit> hai sexoes06:09 <~Avunit> sexies even06:10 <&marduk> heya Avunit 06:10 <~Avunit> how are ya?06:10 <&marduk> good good06:10 <&marduk> seen the latest news about the WL connection?06:10 <~Avunit> dont think so06:10 <&marduk> http://www.thetechherald.com/article.php/201106/6798/Data-intelligence-firms-proposed-a-systematic-attack-against-WikiLeaks06:11 <&marduk> :-)06:11 <&marduk> HBGary LEaks yield first interesting results :)06:11 <~Avunit> oh yesh that one was posted yesterday right?06:11 <&marduk> yea, i think Laurelai found that actually in the emails?06:11 <~Avunit> well when im @ home imma do my first perl project :306:12 <&marduk> oh didnt see the update \o/06:13 <~Avunit> and if perl isnt a bitch we'll have a dns bot for anonleaks today06:13 <&marduk> dns bot?06:13 <~Avunit> yarr06:13 <&marduk> whats that doin?06:13 <~Avunit> to update the nameservers on the fly through irc commands06:13 <&marduk> ahh06:13 <&marduk> heh nice06:14 <~Avunit> like !dns add lulz. A ip.goes.here06:14 <~Avunit> should create an A record for lulz.anonleaks.ru. pointing to ip.goes.here06:15 <~Avunit> should have !dns add, update and del

back

trac

esec

urity

.com

06:16 <&marduk> yup, nice06:18 <~Avunit> so thats on my todo list for todat06:18 <~Avunit> today*06:19 <&marduk> ill do some ress work06:20 <~Avunit> okay brb again for a big06:20 <~Avunit> bit*06:49 <&marduk> guys06:49 <&marduk> found a new greg mail06:49 <&marduk> From: Greg Hoglund <greg@gunwalegames.com>06:49 <&marduk> Hey all,06:49 <&marduk> I have gunwalegames.com registered and have full google apps purchased.06:49 <&marduk> This is my game related email address.06:49 <&marduk> -Greg06:57 <~Avunit> there i am again06:58 <&marduk> wb06:58 <&marduk> gunwalegames.com is not aunched06:58 <~Avunit> ty06:58 <&marduk> i wonder if it ever will07:09 <@Laurelai> hello07:09 <~Avunit> ohai laurelai07:11 <@Laurelai> :D07:12 <~Avunit> how are ya?07:12 <@Laurelai> i got some ideas to kick around whenever you guys have time07:12 <~Avunit> feel free tok ick around ideas every moment :P07:12 <~Avunit> i am perling my ass of tho07:12 <@Laurelai> well i wanted to discuss tactics07:13 * Avunit nods.07:13 <@Laurelai> while rm -rfing a idiots server is damn funny07:13 <@Laurelai> theres more long term lukz to be had by leeching information and backdooring the shit out of everything07:13 <@Laurelai> lulz*07:14 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel07:14 -!- kayla [mysql2@fbi.gov] has joined #hq07:14 -!- mode/#hq [+o kayla] by HQBot07:14 <@kayla> :3 *hugs*07:14 <@Laurelai> good morning kayla 07:14 * Avunit hugs kayla.07:14 <@Laurelai> just the girl i needed :307:14 <@kayla> good morning laurelai :D07:14 <~Avunit> [13:13:08] <@Laurelai> while rm -rfing a idiots server is damn funny07:14 <~Avunit> [13:13:38] <@Laurelai> theres more long term lukz to be had by leeching information and backdooring the shit out of everything07:14 <~Avunit> [13:13:42] <@Laurelai> lulz*07:14 <~Avunit> to update kayla07:15 <@Laurelai> kayla: take a look at http://dosarrest.com/07:15 <@Laurelai> i have it on good authority that they are the ones helping the FBI v& anons07:16 <@Laurelai> i think its worth it to take a look and see what we can find on them

back

trac

esec

urity

.com

07:16 <@Laurelai> weather it be hacking in or gathering intel07:17 -!- kayla [mysql2@fbi.gov] has quit [NickServ (GHOST command used by mysql2)]07:17 <@Laurelai> :/07:17 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel07:17 -!- kayla [mysql2@fbi.gov] has joined #hq07:17 -!- mode/#hq [+o kayla] by HQBot07:17 <@kayla> D:07:18 <~Avunit> gg07:18 <@Laurelai> 07:15 <@Laurelai> kayla: take a look at http://dosarrest.com/07:18 <@Laurelai> 07:15 <@Laurelai> i have it on good authority that they are the ones helping the FBI v& anons07:18 <@Laurelai> 07:16 <@Laurelai> i think its worth it to take a look and see what we can find on them07:18 <@Laurelai> 07:16 <@Laurelai> weather it be hacking in or gathering intel07:18 <@Laurelai> recap07:18 <@Laurelai> incase you missed it07:18 <@kayla> i've heard of tht place before :o07:18 <@kayla> can't remember where.....07:19 <@Laurelai> mpaa07:19 <@Laurelai> hired them07:19 <@Laurelai> at one point07:19 <@kayla> ewwwww html pages D:07:20 <@kayla> http://www.dosarrest.com/administrator/ it's runing joomla07:21 <@kayla> <meta name="generator" content="Joomla! 1.5 - Open Source Content Management" />07:22 <@kayla> Sitemap: http://www.dosarrest.com/sitemap.xml07:22 <@kayla> User-agent: *07:22 <@kayla> Disallow: /administrator/07:22 <@kayla> Disallow: /cache/07:22 <@kayla> Disallow: /components/07:22 <@kayla> Disallow: /includes/07:22 <@kayla> Disallow: /installation/07:22 <@kayla> Disallow: /language/07:22 <@kayla> Disallow: /libraries/07:22 <@kayla> Disallow: /media/07:22 <@kayla> Disallow: /modules/07:22 <@kayla> Disallow: /plugins/07:22 <@kayla> Disallow: /templates/07:22 <@kayla> Disallow: /tmp/07:22 <@kayla> Disallow: /xmlrpc/07:22 <@kayla> Disallow: /azr94v2hh2lgbbkk/07:22 <@kayla> from robots.txt07:22 <@Laurelai> lol07:23 <@Laurelai> whats in azr94v2hh2lgbbkk07:23 <@kayla> JError XML-RPC Server not enabled.07:23 <@kayla> shame :p07:23 <@kayla> /azr94v2hh2lgbbkk/ 40407:24 <@Laurelai> joomla 1.5 is vuln i believe07:24 <@kayla> http://www.dosarrest.com/tmp/ interesting :3

back

trac

esec

urity

.com

07:25 <@kayla> com_rsform 07:25 <@kayla> anyone know if thre's bugs in com_rsform ???07:27 <&marduk> ohai kayla07:27 <@Laurelai> /home/fwwd/public_html/administrator/components/com_joomlapack/backup/site-fwwd.dosarrest.com-20101015-054924.zip07:27 <&marduk> also i notices https://hbgary.com is redirecting now07:27 <@kayla> ohgod is tht a sit backup :op07:27 <@Laurelai> http://www.dosarrest.com/tmp/jpaae1yf07:28 <@kayla> Forbidden07:28 <@kayla> You don't have permission to access /administrator/components/com_joomlapack/backup/site-fwwd.dosarrest.com-20101015-054924.zip on this server.07:28 <@kayla> bah D:07:28 <@kayla> Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.5 with Suhosin-Patch mod_ssl/2.2.11 OpenSSL/0.9.8g Server at dosarrest.com Port 8007:32 <@Laurelai> kayla: http://www.exploit-db.com/exploits/11262/07:34 <&marduk> "Greg is an accomplished author, world recognized leader in rootkit technology and was recently named one of "10 hackers to know" in Network Security magazine. "07:34 <&marduk> lulz07:38 -!- Topiary [Piedent@do.the.impossible] has quit [Ping timeout: 121 seconds]07:46 -!- mode/#hq [+I DNSBot!*@*] by Avunit07:46 <&marduk> oh kayla and07:47 <&marduk> 11:50 <&marduk> found a new greg mail07:47 <&marduk> 11:50 <&marduk> From: Greg Hoglund <greg@gunwalegames.com>07:47 <&marduk> though i dont think he used it for anything07:47 <&marduk> project thasnt started it seeems.. and unlikely now that it will07:48 <@kayla> did gregs mails get released :o?07:49 <&marduk> not yet.. joe needs to fix sth07:49 <@kayla> D:07:49 <&marduk> he will once he'S back, shouldnt be long07:50 <&marduk> http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/index_d_d_28.html07:50 <&marduk> dont spread yet07:50 <&marduk> so far we only have ssron's spool there07:51 <&marduk> aaron'S even07:56 <~Avunit> Kayla07:57 * Avunit pokes kayla.07:59 <~Avunit> or tflow07:59 <@kayla> :o?07:59 <~Avunit> you know perl?08:00 <~Avunit> need ya to take al ook at the base of le bot08:00 <~Avunit> because my perl is sucky 08:00 <@kayla> whats wrong with it?08:00 <~Avunit> currently its bragging about msising a bracket, even though theyre all in, might have a syntax error for perl in08:00 <~Avunit> and im not sure if my file editing will work this way ;.;08:01 <&marduk> hmm im no perl guru ..... FUUU tackle lagging like hell08:01 <&marduk> i can take a look tho

back

trac

esec

urity

.com

08:02 <~Avunit> goddamnit why isnt securepastebin working08:03 <~Avunit> http://securepastebin.com/go/retrievePost.action?id=628808:03 <~Avunit> pass: perlbot08:04 <@kayla> ewwww POE::Component::IRC;08:04 <@kayla> i h8 perl modules08:04 * Avunit goes for easyness ^.^08:05 <~Avunit> i hate perl all together08:05 <@kayla> IO::SOCKET *08:05 <~Avunit> but the module is purrty easy08:05 <&marduk> yeh dont have that either08:05 <~Avunit> lulz feel free to edit it kayla :p08:06 <~Avunit> first bit of perl i evah did08:08 <~Avunit> still need the update, delete and list commands in too D:08:08 <@kayla> irc_disconnected => sub { exit 1; }, #This exits when it gets disconnected.08:08 <@kayla> },08:08 <@kayla> );08:08 <@kayla> might be those lines08:09 <~Avunit> Missing right curly or square bracket at ./perlbot.pl line 72, at end of line08:09 <~Avunit> syntax error at ./perlbot.pl line 72, at EOF08:09 <~Avunit> Execution of ./perlbot.pl aborted due to compilation errors.08:10 <&marduk> CPANing...08:11 <~Avunit> still getting that08:12 * Avunit stabs perl.08:13 <@kayla> brb08:13 <&marduk> didnt config cpan08:13 <&marduk> will take a while :p08:13 <~Avunit> lulz08:13 <~Avunit> thats done quite quickly actually08:14 <&marduk> doing some wild testing08:14 <&marduk> dunno whym, i skipped that actually hmm08:16 <&marduk> and can p0ke has the url to our email reader?5~08:17 <~Avunit> iunno08:18 <&marduk> fuck, something is broen in my perl *sigh*08:21 <&marduk> omg why am i fixing perl now08:21 <~Avunit> D:08:21 <&marduk> DIE perl DIE08:22 <~Avunit> becus we want awesum bot08:22 <~Avunit> maybe i should do python08:22 <~Avunit> but lulz08:22 <~Avunit> im too lazy08:23 <&marduk> mhh lulz, there is some dependency conflict08:23 <&marduk> grrr, looks like broken triumph lol08:23 <&marduk> HEIHACHI SEND ME LINUX VIRRi!!!!08:24 <~Avunit> blegh08:24 <~Avunit> ill fix perl on triumph08:24 <~Avunit> bitch08:24 <&marduk> reinstalling, should work here soon08:25 <~Avunit> fixing triumph08:25 <~Avunit> bitch

back

trac

esec

urity

.com

08:26 <~Avunit> and preferably dont delete perl on triumph08:26 <~Avunit> since inspircd needs it to start :p08:27 <&marduk> why would i delete that?08:27 <&marduk> and how could i, i am not root :p08:27 <~Avunit> nevah know what some people achieve :p08:28 <&marduk> lol08:28 <@kayla> can someone op me in ophbgary pls :3 08:28 <~Avunit> blegh tirumph is being slower than fuck08:29 <&marduk> youre not aopped?08:29 <~Avunit> [14:29:10] -ChanServ- kayla added to #ophbgary AOP list.08:29 <@kayla> who the fork() keep rm'ing me a0p ;____;08:29 <&marduk> no08:29 <&marduk> your added08:29 <~Avunit> I just added her08:29 <&marduk> ah k08:29 <~Avunit> triumph is benig slow08:29 <~Avunit> getting some tea meanwhile08:33 <&marduk> uhm Can't locate POE/Component/IRC.pm in @INC08:33 <&marduk> how is that installed?08:34 <@Laurelai> cpan08:34 <&marduk> yes how?08:34 <@Laurelai> install POE::Component::IRC08:34 <&marduk> ahhh right, doh08:34 <&marduk> i used / me dtupid08:34 <&marduk> thx08:34 <@Laurelai> np :)08:35 <@Laurelai> 08:29 <@kayla> who the fork() keep rm'ing me a0p ;____;08:35 <@Laurelai> saved08:35 <@Laurelai> rofl08:39 <~Avunit> use cpan POE08:39 <~Avunit> and cpan POE::Component::IRC08:41 <&marduk> hmm08:41 <&marduk> yeah i got it08:41 <&marduk> and i dont see the missing bracket on first glance either08:41 <@Laurelai> imma sleep a bit08:41 -!- Irssi: #hq: Total of 7 nicks [4 ops, 0 halfops, 0 voices, 3 normal]08:41 <~Avunit> gnite laurelai08:41 <@Laurelai> nini08:45 -!- DNSBot [DNSBot@HA-29q.22n.iger54.IP] has joined #hq08:45 <&marduk> :p08:45 <~Avunit> D:08:45 <~Avunit> whatd you do08:45 -!- DNSBot [DNSBot@HA-29q.22n.iger54.IP] has quit [Connection closed]08:45 <&marduk> fixt ya shit08:45 <~Avunit> gief08:45 <&marduk> sub Bot {08:46 <&marduk> has no closing08:46 <~Avunit> ah08:46 <&marduk> add one

back

trac

esec

urity

.com

08:46 <&marduk> and it runs08:46 <&marduk> % in vim ftw08:46 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq08:46 <~Avunit> !dns add garysucks A 127.0.0.108:47 <~Avunit> The 'privmsg' event requires two arguments08:47 <~Avunit> imma fix my own shit now08:47 <~Avunit> :P08:47 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]08:47 <&marduk> hehe08:51 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq08:51 <~Avunit> !dns add garysucks A 127.0.0.108:51 <~Avunit> fucking lies08:51 <~Avunit> it does add just a prob with theprivmsg event08:52 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]08:52 <&marduk> never used irc module so dunno08:54 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel08:54 -!- Topiary [colossal@do.the.impossible] has joined #hq08:54 -!- mode/#hq [+o Topiary] by HQBot08:55 <~Avunit> goddamnit triangle is slow08:56 <@Topiary> What's the latest, fine sirs?08:56 <~Avunit> gjkldgjklkldagjkldgklajga08:56 * Avunit starts shouting at triangle.08:57 <~Avunit> goddamnit08:57 -!- Netsplit private.operationfreedom.ru <-> triumph.operationfreedom.ru quits: marduk08:57 <~Avunit> and triangle died too08:57 <~Avunit> awesome.08:58 -!- Netsplit over, joins: &marduk09:01 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq09:01 <~Avunit> !dns add lulztest A 127.0.0.109:01 <~Avunit> i borked it nao09:02 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]09:02 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq09:02 <~Avunit> !dns add plswork A pls.work.pls09:03 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]09:03 <~Avunit> sotp being such a slow server bitch09:05 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq09:05 <~Avunit> !dns add testpls A test.pls.pls09:05 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]09:06 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq09:06 <~Avunit> !dns add moartest A moartest.test09:08 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]09:08 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq09:08 <~Avunit> !dns add dljgaklgdajgl A jklagadjkldgla09:08 < DNSBot> The following DNS configuration was added:09:08 < DNSBot> dljgaklgdajgl A jklagadjkldgla09:09 <~Avunit> oh well thats positive09:09 <&marduk> \ø/09:09 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]09:10 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq

back

trac

esec

urity

.com

09:10 <~Avunit> !dns add lulzarehad A luzl09:10 < DNSBot> The following DNS configuration was added:09:10 < DNSBot> lulzarehad A luzl09:10 <~Avunit> perfect09:10 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]09:11 <~Avunit> now update, delete and list09:11 <~Avunit> marduk, if you have a bit of time, code one of those functions :p09:12 <&marduk> i cant code for shit :p09:12 <~Avunit> awh fu09:12 <&marduk> tho probably not hard, if i look at add09:13 <~Avunit> add is easy09:13 <~Avunit> delete would do the same but then just for the line with the subdomain in it09:13 <~Avunit> update would need to split the line in tokens and update only the ip part09:13 <~Avunit> list would need to read the whole file and parse09:13 <~Avunit> atleast09:13 <~Avunit> well only the subdomain part of the file09:23 <&marduk> anyone who cares for a stuxnet message-id: <4C608615.8040303@hbgary.com>09:27 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq09:27 <~Avunit> !dns add test A 127.0.0.109:27 < DNSBot> The following DNS configuration was added:09:27 < DNSBot> test A 127.0.0.109:27 <~Avunit> !dns del test09:27 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]09:27 <~Avunit> well that didnt work09:28 <&marduk> btw correction Topiary 09:28 <&marduk> penny did not say she owns 15% of hbgf, she said hbg owns 15% and that is correct09:28 <&marduk> confirmed by internal mails09:33 <~Avunit> !aop add entropy09:33 <~Avunit> !invite entropy09:33 !twisted.operationfreedom.ru *** HQBot invited entropy into the channel09:33 -HQBot:#hq- entropy was invited to the channel.09:34 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has joined #hq09:34 -!- mode/#hq [+o entropy] by HQBot09:35 <~Avunit> besides all that I should make a @ or & check in too i suppose, but ive no fridging idea how that is handled09:35 <&marduk> if bot is only here it doesnt matter i guess09:36 <~Avunit> better safe than sorry :p09:37 <@entropy> ok you want me to add del update and list09:37 <@entropy> del cuts the a record and restarts bind09:37 <@entropy> whats update do ?09:37 <@entropy> basically del then add?09:37 <@entropy> and list just lists a records?09:37 <~Avunit> Basically itd be like !dns update hbgary 127.0.0.109:37 <~Avunit> and itd change the hbgary A 91.xxx.xxx.xxx09:38 <~Avunit> to hbgary A 127.0.0.109:38 <@entropy> yep09:38 <~Avunit> can be done by tokens i suppose

back

trac

esec

urity

.com

09:38 <~Avunit> or delte the whole line09:38 <~Avunit> and rewrite it09:38 <~Avunit> but not everything has to be A though09:38 <@entropy> yea if you have an del and add already can just call that 09:38 <~Avunit> the syntax for add is !dns add subdomain type ipaddress09:38 <@entropy> you want to add like cnames and all?09:38 <~Avunit> nah but can be hadny for mx09:39 <@entropy> ok09:39 <@entropy> let me eat breakfast and drink some coffee and ill do it09:39 <~Avunit> thanks09:39 <@entropy> np09:39 <~Avunit> ill learn some more about perl and probably add some other neat functions in later too, yknow syntax checking n stuff09:43 <@entropy> i have to change add too09:43 <@entropy> 2011020901 ; serial09:43 <@entropy> anytime you have a change09:43 <@entropy> ou have to increment that09:43 <@entropy> any change at all09:43 <~Avunit> ah09:43 <~Avunit> well i jsut did the basic 09:43 <~Avunit> as you can see it doesnt even restart bind9 yet09:44 <@entropy> whos the bot goign to run ass09:44 <@entropy> as09:44 <~Avunit> DNSBot09:44 <~Avunit> its defined in tehs cript09:44 <~Avunit> oh you mean09:44 <~Avunit> as user?09:44 <@entropy> yea09:44 <~Avunit> iunno probably under avunit or a seperate user09:45 <~Avunit> just gotta give chown of the file there :P09:50 <@entropy> http://www.tacktech.com/display.cfm?ttid=32309:50 <@entropy> prob easier todo something like that09:50 <@entropy> then you dont have to +s anythign to restart09:50 <@entropy> ok coffee brb 09:56 <~Avunit> ill just let you code something now09:56 <~Avunit> and ill screw it afterwards09:56 <~Avunit> :p10:05 <&marduk> Topiary: called sabu yet?10:06 <@Topiary> I called him yesterday.10:06 <~Avunit> Did he say he missed me? :(10:06 <&marduk> told him about the wikileaks connection?10:06 <@Topiary> He was actually driving at the time so had to park, it was pretty lulzy. And yeah, he's actually gonna be on here around evening time EST.10:06 <@Topiary> marduk: Yes.10:07 <&marduk> kk :)10:25 <~Avunit> lalalala10:25 <@kayla> :310:25 <~Avunit> hai kayla10:26 <~Avunit> howrubeisdoing?

back

trac

esec

urity

.com

10:27 <@kayla> imgoodlolthankshowareyou?10:28 <~Avunit> irbeingdoingquitefineakshuallysolikegotanyzhingtotell?10:30 <@kayla> nahnotreallyjustnoneinterestingshiticancounttopotatoeifthatcountsasanythinginterestinghowaboutyouanythingnewwithyouyoudliketoshare?10:32 <~Avunit> idontreallygoingsomethingiwanttoshareapartfromthatisimplylovehqbotimreallyinlovewithhimhesreallylikemyeternallovebutfurthermorenotreallyimeanimaprettyboringguyyknowsoyeahthatsnotmuchisuppose10:32 <@Topiary> On a scale of 1 to 10, how many letters is a bucket of caterpillars?10:32 <~Avunit> Depends on if you count to potatoe or not.10:33 <&marduk> kayla: https://hbgary.webex.com/mw0306l/mywebex/forgotpwd.do?siteurl=hbgary10:33 <&marduk> eh not quite right url10:34 <&marduk> did we look at webex?10:42 <~Avunit> err10:42 <~Avunit> nah?10:42 <~Avunit> atleast not that i know of10:43 <&marduk> ted and aaron have webex accounts with their hbgary.com email addresses10:53 <@Topiary> It requires username/pass not email/pass10:54 <@entropy> Avunit: what do you want list to do?10:54 <@kayla> do we still have tht backdoor account to their google apps account?10:54 <~Avunit> list everything starting at NS entry10:55 <&marduk> kayla: sabu would know... Topiary ask him today?10:55 <@entropy> in the channel?10:55 <@Topiary> He's coming on here this afternoon.10:55 <&marduk> oh?10:55 <&marduk> cool10:55 * marduk is happy :)10:57 <@Topiary> Indeed, he'll be here around evening time EST, he approves of going full retard on Palantir/Berico.10:57 <&marduk> palantir shut their db down10:58 <&marduk> in fear of us :p10:58 <@Topiary> Can we go public with that fact?10:58 <&marduk> what a bunch of 'security' companies they are10:58 <&marduk> i told steve ...10:58 <&marduk> but the problem is, we have no confirmation10:58 <&marduk> someonetold me who uses palantir login for some training program10:59 <@entropy> Avunit: im going to write it in your hom and put you in bind group to you can run it as yourself and update bind without root10:59 <@entropy> with rndc keys11:00 <~Avunit> k <311:00 <@kayla> they're proberbly rm'd all incriminating information incase they do get attacked11:02 <@Topiary> Wouldn't be surprised if a dozen other security companies have started shifting their internal documents in fear after this.11:03 <~Avunit> brb dinner11:08 <@kayla> thing is though, they've proberbly only rm''d the information if it was on their

back

trac

esec

urity

.com

servers we could use something like undelete to recover the info from their HD's11:10 <&marduk> lulz11:11 <&marduk> thatd be quite funny11:11 <@kayla> yeh i doubt they thought to shred11:11 <@kayla> using forensic software to get their datas back xD11:12 <@kayla> i don't rm -rf log files, i shred them11:12 <@kayla> kinda pointless when they can do a restore and get the logs back11:13 <@kayla> but not if you /dev/zero them :311:13 <@kayla> soem dd lulz11:17 <&marduk> kayla: 11:17 <&marduk> do you have some time11:17 <&marduk> DrPizza is the guy from ars technica who wrote the article11:17 <@tflow> hi11:18 <&marduk> ahh11:18 <&marduk> there he is :)11:18 <@tflow> told you i'd be here at 4 :)11:18 <&marduk> yeah :)11:18 <&marduk> k, plz msg DrPizza then11:21 <@kayla> what about lol :D11:21 <&marduk> huh?11:22 <@entropy> http://phiral.net/~noyx/perlbot.pl.txt11:22 <@entropy> ill put it in your home11:22 <@entropy> my pl is getto so i repeat code11:22 <@entropy> havent used pl in years11:40 <~Avunit> nais entropy11:41 <@entropy> ;)11:41 <@entropy> im switching between 3 langs between work and here11:42 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq11:42 <@entropy> its boggling the mind11:42 <@kayla> you own phiral?11:42 <~Avunit> !dns list11:42 <@entropy> tis ture ;)11:42 <@entropy> true11:42 <~Avunit> or is et just !list11:42 <~Avunit> !list11:42 <@entropy> $Temp[0] is command11:42 <@entropy> $Temp[1] is subdomain11:42 <@entropy> $Temp[2] is type11:42 <@entropy> $Temp[3] is ip11:42 <@entropy> is what i had11:42 <~Avunit> yarr11:42 <~Avunit> !dns list11:43 <~Avunit> is not working tho11:43 <&marduk> list empty?11:43 <~Avunit> Narr11:43 <@entropy> ok hold on11:43 <@entropy> running as you right11:43 <~Avunit> !end11:43 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Quit: Quit]

back

trac

esec

urity

.com

11:43 <~Avunit> yup11:48 <@kayla> so... what am i /msg drpizza for :s?11:48 <&marduk> no heh sorry11:48 <&marduk> tflow is covering11:48 <&marduk> join #reporter if interested11:49 <&marduk> he is giving a walkthru for the hax11:49 <@kayla> :o11:51 <@tflow> Sabu wanted full disclosure :)11:53 <@kayla> tflow wht do you mean?11:54 <@tflow> of the hack11:59 <@Topiary> Goddamnit this Guardian bitch is requesting access to "secret" inner-circle channels so she can tell everyone about how hard Anon works and to have first-hand experience at our inner workings11:59 <@Topiary> I say we fake a secret channel and discuss in BATSHIT CODE11:59 <@Topiary> and then invite her11:59 <@tflow> lol11:59 <@tflow> where is she?12:00 <~Avunit> topiary: max agree just fur the lulz12:00 <@Topiary> she's talking to me on Skype, she's doing one insanely indepth story for Guardian12:00 <@Topiary> this story will probably be their largest12:00 <@Topiary> we need to troll her hard12:00 <&marduk> Topiary: lol what?12:00 <~Avunit> we use UNION+NEVAH+GONNA+GIVE+YOU+UP12:01 <@Topiary> fuck niggahs, do you wanna make one on anonops called #over9000 or something?12:01 <@Topiary> then we invite her and just, I don't know12:01 <@Topiary> we just go to town in hackers on steroids talk12:02 <&marduk> mhh not sure but i could utter some cryptic stuff12:02 <~Avunit> bitch: create it12:02 <@Topiary> well we could just be aloof12:02 <&marduk> need some moar ppl there tho12:02 <@Topiary> #over9000 is made12:02 <@Topiary> just act distant and a little ominous so she gets intimidated12:02 <@Topiary> or even lurk12:03 <&marduk> ye wont say much12:03 <&marduk> you lead this show12:03 <@tflow> Topiary: so she's not actually believing that anonymous isn't secretive?12:03 <@tflow> if so, epic troll the guardian and teach them a lesson12:03 <@Topiary> epic troll time12:03 <~Avunit> speak like cryptic, only to eachother and be blunt to her12:03 <~Avunit> god yeah12:03 <~Avunit> lets roll12:03 <@Topiary> she wants to delve into the secret underbelly, we'll give her a trolling hellstorm12:03 <@Topiary> turn on your coolfaces12:04 <@entropy> lol12:24 <&marduk> 17:24 -!- mode/#over9000 [+f [60t]:90] by Topiary12:24 <&marduk> lol

back

trac

esec

urity

.com

12:24 <@Topiary> that'll scare her good12:25 <@Topiary> she has people from Guardian watching us with her12:25 <~Avunit> xD12:25 <~Avunit> shell be like12:25 <~Avunit> "the fuck is that?"12:26 <&marduk> tflow: check my pm!12:30 <~Avunit> and walk the dinosaur.12:31 <@Topiary> my guess is that she actually has tech guys with her right now12:31 <~Avunit> probably12:31 <@Topiary> so we need to make hints at 1337 H4X0R terms so they confirm it12:33 <&marduk> ill bring a Don in soon12:33 <&marduk> we only refer to him as D tho12:54 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq12:54 <~Avunit> !dns list12:54 <@entropy> kill and restart it12:55 <~Avunit> !end12:55 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Quit: Quit]12:55 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq12:56 <~Avunit> !dns list12:56 <~Avunit> !list12:56 <@entropy> fucking shit12:56 <~Avunit> its not doing anything with the command at all12:56 <@entropy> i know12:56 <@entropy> its poppy cock12:56 <~Avunit> !dns add test A 127.0.0.112:56 <~Avunit> not working eithah12:56 <@entropy> @Temp isnt getting populated12:57 <~Avunit> well ive no idea why since the @Temp part didnt change12:57 <~Avunit> but then again12:57 <~Avunit> my perl sucks12:58 <~Avunit> !dns del test A 127.0.0.112:58 <~Avunit> !end12:58 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Quit: Quit]13:00 <~Avunit> so it might be that my approach failed anyway13:17 <@entropy> ok try now13:17 <@entropy> i cp to your home13:17 <@entropy> !dns add|update|del test A 127.0.0.113:18 <@entropy> !dns list13:18 <@entropy> has to be called like that13:18 <@entropy> and update and del can take up to an hour if it gets cached13:18 <@entropy> not the change in ours but if it gets propagated13:18 <@entropy> actually ill change update iterval to like 10 min13:19 <@entropy> LOL13:19 <~Avunit> you13:19 <~Avunit> changed13:19 <~Avunit> servers13:19 <~Avunit> didnt you>?13:19 <@entropy> lol13:20 <@entropy> and its joins #poppycock

back

trac

esec

urity

.com

13:20 <@entropy> might want to change those back ;)13:20 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq13:20 <~Avunit> !dns list13:20 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]13:20 <~Avunit> lol13:20 <&marduk> :)13:20 <~Avunit> 1 at ./perlbot.pl line 165.13:20 <~Avunit> Permission denied13:20 <~Avunit> lulz13:20 <@entropy> the f13:21 <@entropy> type groups13:21 <@entropy> your in bind right?13:21 <~Avunit> nope13:21 <~Avunit> D:13:21 <~Avunit> avunit root admin13:21 <@entropy> logout and back in13:22 <@entropy> noyx@ru:~$ cat /etc/group | grep bind13:22 <@entropy> bind:x:106:noyx,avunit13:22 <~Avunit> logging in again13:22 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq13:22 <~Avunit> !dns list13:22 < DNSBot> Current DNS Config:13:22 < DNSBot> localhost A 127.0.0.113:22 < DNSBot> www A 92.241.162.21613:22 < DNSBot> hbgary A 92.241.162.21613:22 < DNSBot> ns1 A 92.241.184.7813:22 < DNSBot> ns2 A 92.241.184.8013:22 < DNSBot> phiral A 10.8.0.113:22 < DNSBot> $ORIGIN .13:22 < DNSBot> $TTL 3600 ; 1 hour13:22 < DNSBot> anonleaks.ru IN SOA ns1.anonleaks.ru. admin.anonleaks.ru. (13:23 < DNSBot> 2011020906 ; serial13:23 < DNSBot> 7200 ; refresh (2 hours)13:23 < DNSBot> 3600 ; retry (1 hour)13:23 < DNSBot> 604800 ; expire (1 week)13:23 < DNSBot> 3600 ; minimum (1 hour)13:23 < DNSBot> )13:23 < DNSBot> NS ns1.anonleaks.ru.13:23 < DNSBot> NS ns2.anonleaks.ru.13:23 < DNSBot> A 92.241.162.21613:23 < DNSBot> $ORIGIN anonleaks.ru.13:23 < DNSBot> localhost A 127.0.0.113:23 < DNSBot> www A 92.241.162.21613:23 < DNSBot> hbgary A 92.241.162.21613:23 < DNSBot> ns1 A 92.241.184.7813:23 <@entropy> hold on13:23 < DNSBot> ns2 A 92.241.184.8013:23 <~Avunit> sound slike13:23 <@entropy> i was backing up the main conf file

back

trac

esec

urity

.com

13:23 <@entropy> and it read both13:23 <~Avunit> its copying stuff13:23 <@entropy> i was 13:23 <@entropy> before we start testing hold on13:23 <~Avunit> k13:25 <@entropy> list now13:25 <~Avunit> !dns list13:25 < DNSBot> Current DNS Config:13:25 < DNSBot> localhost A 127.0.0.113:25 < DNSBot> www A 92.241.162.21613:25 < DNSBot> hbgary A 92.241.162.21613:25 < DNSBot> ns1 A 92.241.184.7813:25 < DNSBot> ns2 A 92.241.184.8013:25 <@entropy> should i parese and format that?13:25 <@entropy> im just reading the lines and output13:25 <~Avunit> well IRC just doesnt support tabs :/13:25 <@entropy> yea pita13:27 <@entropy> try add13:28 <~Avunit> !dns add test A 127.0.0.113:28 < DNSBot> The following DNS configuration was added:13:28 < DNSBot> test A 127.0.0.113:28 <~Avunit> !dns list13:28 < DNSBot> Current DNS Config:13:28 < DNSBot> localhost A 127.0.0.113:28 < DNSBot> www A 92.241.162.21613:28 < DNSBot> hbgary A 92.241.162.21613:28 < DNSBot> ns1 A 92.241.184.7813:28 < DNSBot> ns2 A 92.241.184.8013:28 < DNSBot> test A 127.0.0.113:28 <~Avunit> !dns del test A 127.0.0.113:28 < DNSBot> The following DNS configuration was deleted:13:28 < DNSBot> test A 127.0.0.113:28 <~Avunit> !dns list13:28 < DNSBot> Current DNS Config:13:28 < DNSBot> localhost A 127.0.0.113:28 < DNSBot> www A 92.241.162.21613:28 < DNSBot> hbgary A 92.241.162.21613:28 < DNSBot> ns1 A 92.241.184.7813:28 < DNSBot> ns2 A 92.241.184.8013:28 < DNSBot> test A 127.0.0.113:28 <@entropy> somethigns wrong with del13:28 < DNSBot> $ORIGIN .13:28 <@entropy> adds fine13:28 < DNSBot> $TTL 3600 ; 1 hour13:28 < DNSBot> anonleaks.ru IN SOA ns1.anonleaks.ru. admin.anonleaks.ru. (13:28 <@entropy> omfg13:28 < DNSBot> 2011020908 ; serial13:28 < DNSBot> 7200 ; refresh (2 hours)13:28 < DNSBot> 3600 ; retry (1 hour)

back

trac

esec

urity

.com

13:28 <@entropy> i fucking hate perl13:28 < DNSBot> 604800 ; expire (1 week)13:28 < DNSBot> 3600 ; minimum (1 hour)13:28 < DNSBot> )13:28 < DNSBot> NS ns1.anonleaks.ru.13:29 < DNSBot> NS ns2.anonleaks.ru.13:29 < DNSBot> A 92.241.162.21613:29 < DNSBot> $ORIGIN anonleaks.ru.13:29 < DNSBot> localhost A 127.0.0.113:29 < DNSBot> www A 92.241.162.21613:29 < DNSBot> hbgary A 92.241.162.21613:29 < DNSBot> ns1 A 92.241.184.7813:29 < DNSBot> ns2 A 92.241.184.8013:29 <~Avunit> no test there tho13:29 <~Avunit> :P13:29 <@entropy> its concat the file13:32 <~Avunit> D:13:33 <~Avunit> perl is so awesome13:33 <~Avunit> especially when someone is fixing your13:33 <~Avunit> newb perl coding13:33 <@entropy> ...13:34 <@entropy> i could have written this in asm faster13:34 <@entropy> can you kill it13:35 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]13:35 <~Avunit> lets go for .NET next time and emulate it into ubuntu13:35 <@entropy> lol13:36 <~Avunit> not a good plan? :313:41 <@entropy> nothign like prog in a lang you dont know to make you feel like a fuckign retard13:44 <@entropy> ok its finally right13:45 <@entropy> the f13:47 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal]13:48 <~Avunit> et is work?13:48 <@entropy> yes13:48 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq13:48 <~Avunit> !dns list13:48 < DNSBot> Current DNS Config:13:48 < DNSBot> localhost A 127.0.0.113:48 < DNSBot> www A 92.241.162.21613:48 < DNSBot> hbgary A 92.241.162.21613:48 <@entropy> if it has any bugs left im lighting the svr on fire its on13:48 < DNSBot> ns1 A 92.241.184.7813:48 < DNSBot> ns2 A 92.241.184.8013:48 <~Avunit> !dns add test A 127.0.0.113:48 < DNSBot> The following DNS configuration was added:13:48 < DNSBot> test A 127.0.0.113:49 <~Avunit> !dns list13:49 < DNSBot> Current DNS Config:13:49 < DNSBot> localhost A 127.0.0.1

back

trac

esec

urity

.com

13:49 < DNSBot> www A 92.241.162.21613:49 < DNSBot> hbgary A 92.241.162.21613:49 < DNSBot> ns1 A 92.241.184.7813:49 < DNSBot> ns2 A 92.241.184.8013:49 < DNSBot> test A 127.0.0.113:49 <~Avunit> !dns del test A 127.0.0.113:49 < DNSBot> The following DNS configuration was deleted:13:49 < DNSBot> test A 127.0.0.113:49 <~Avunit> !dns list13:49 < DNSBot> Current DNS Config:13:49 < DNSBot> localhost A 127.0.0.113:49 < DNSBot> www A 92.241.162.21613:49 < DNSBot> hbgary A 92.241.162.21613:49 < DNSBot> ns1 A 92.241.184.7813:49 < DNSBot> ns2 A 92.241.184.8013:49 <~Avunit> thats kind of positive :O13:49 <@entropy> yea13:49 <@entropy> only took me 400 tries13:50 <@entropy> and the flush and restart of bind is working13:50 <@entropy> you can see on your term13:50 <~Avunit> okay sec starting it up in the background13:50 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]13:50 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq13:51 <~Avunit> !voice DNSBot13:51 -!- mode/#hq [+v DNSBot] by HQBot13:52 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Changing host]13:52 -!- DNSBot [DNSBot@DNS.Bot] has joined #hq13:52 -!- ServerMode/#hq [+v DNSBot] by twisted.operationfreedom.ru13:53 <~Avunit> tflow13:56 * Avunit cheers at entropy meanwhile for his efforts.13:56 <@entropy> i would say n but id be lying13:56 <@entropy> np13:57 <@entropy> ;)13:57 <@tflow> !dns list13:57 <+DNSBot> Current DNS Config:13:57 <+DNSBot> localhost A 127.0.0.113:57 <+DNSBot> www A 92.241.162.21613:57 <+DNSBot> hbgary A 92.241.162.21613:57 <+DNSBot> ns1 A 92.241.184.7813:57 <+DNSBot> ns2 A 92.241.184.8013:57 <&marduk> hehe13:57 <@entropy> i didnt put any permissions checks in it13:58 <~Avunit> iknow but itll do for now13:58 <@tflow> how about the dns record for anonleaks.ru?13:58 <@entropy> anonleaks.ru is the origin13:59 <@entropy> and i put the record in as an implied origin13:59 <@entropy> so its like13:59 <@entropy> A 92.241.162.21613:59 <@entropy> $ORIGIN anonleaks.ru.

back

trac

esec

urity

.com

13:59 <@tflow> oh ok13:59 <@entropy> where the blank name before that A is implied13:59 <@entropy> i can make it editable13:59 <@tflow> gj13:59 <@entropy> i thought this was only for subs13:59 <@tflow> no, its good13:59 <@entropy> k14:00 <~Avunit> im proud of my own botbase14:00 <~Avunit> :314:00 <~Avunit> i should consider switching to perl jsut for the lulz14:00 <@entropy> pl is a lulz killer14:01 <@entropy> its like php python and some regex engine mixed together14:02 <~Avunit> i can cope witht he php and python part14:03 <~Avunit> twas mainly the component::irc module that interested me14:04 <~Avunit> !axx list14:04 <@entropy> yea it did do alot of that14:04 <&marduk> Avunit: yeah fail!14:05 <~Avunit> !access del nessuno83414:05 <&marduk> !axx list14:05 <&marduk> oh14:05 <&marduk> worx no14:05 <~Avunit> !aop del nessuno83414:05 -!- mode/#hq [-o Nessuno834] by HQBot14:05 <&marduk> didnt before14:06 <~Avunit> oh wait14:06 <~Avunit> nessuno lulz14:06 <~Avunit> im crazy14:06 <&marduk> yeah why did you remove him?14:06 <&marduk> just was about to ask14:06 <~Avunit> sorry lack of sleep14:06 <~Avunit> i was like14:06 <~Avunit> the fuck is nessuno?14:06 <~Avunit> xD14:06 <&marduk> and mr[a] wants in, hmm14:06 <&marduk> what you think14:06 <~Avunit> !aop add nessuno83414:06 -!- mode/#hq [+o Nessuno834] by HQBot14:07 <~Avunit> well no offense to him but... we dont need him here14:07 <@Nessuno834> ohai14:07 <~Avunit> lulz sorry nessuno xD14:07 <@Nessuno834> :(14:07 <&marduk> yea14:07 <&marduk> think so too14:08 <&marduk> also i dont trust his security perimeter14:08 * Nessuno834 leaves :(14:08 <~Avunit> well he is kind of... inexperienced when it comes to.. well just PCs in general :p14:09 <~Avunit> tis not because he has bad things in mind but like well14:09 <@Nessuno834> u talkin bout me?

back

trac

esec

urity

.com

14:09 <~Avunit> no :p14:09 <~Avunit> i was just14:09 <~Avunit> forgetting who you were14:09 <~Avunit> due to14:09 <~Avunit> lack of sleep14:09 <~Avunit> :p14:09 <@Nessuno834> meh14:09 <&marduk> lol14:09 <~Avunit> <314:09 <~Avunit> sorry love14:10 <~Avunit> anyway we were taling about mr[a]14:10 <&marduk> Nessuno834: ops me in #opiran pl0x14:12 * Avunit hugs nessuno14:16 <@Nessuno834> done marduk14:17 * Nessuno834 is offended14:17 * Avunit hugs nessuno even moar.14:17 <~Avunit> MOAR14:18 <@Nessuno834> MOAR14:18 <@Nessuno834> haha funny thing is i had a dream aout u two last night was weird14:18 <@Nessuno834> we was going on an operation in some war zone14:18 <&marduk> :o14:19 <@Nessuno834> and we had to meet off the train14:19 <@Nessuno834> but i forgot my passport14:19 <@Nessuno834> and q was all ragey14:19 <@Nessuno834> q nessuno avunit and ?14:19 <@Nessuno834> not hard to see how my brain invented that lol14:20 <&marduk> lol14:20 <@Nessuno834> just weird14:20 <@Nessuno834> rather dream about kayla lulz14:44 <&marduk> oh kayla is gone :(14:44 <&marduk> tflow: do you happen to have greg/aarons passwords?14:49 <@Nessuno834> whyso gone?14:52 <@Nessuno834> marduk?14:52 <&marduk> Nessuno834: ?14:55 <@Nessuno834> why kayla gone?14:55 <&marduk> cause she left?14:56 <@Nessuno834> for good?14:58 <&marduk> eh nah14:59 <@Nessuno834> oh lulz14:59 <@Nessuno834> nearly had a sad then15:00 <&marduk> just didnt notcie her leave15:00 <@Nessuno834> I bet kayla is hawt15:01 <@Nessuno834> hawt 16yo hacker 15:02 <&marduk> definitiely15:02 <&marduk> all 16y old girl hckers are hawt15:03 <@Nessuno834> DO WANT15:13 !twisted.operationfreedom.ru *** HQBot invited sabu into the channel15:14 -!- sabu [sabu@HA-gtr.7ha.1dmvoo.IP] has joined #hq15:14 -!- mode/#hq [+ao sabu sabu] by HQBot

back

trac

esec

urity

.com

15:14 <&sabu> jEA15:14 -!- sabu is now known as Sabu15:14 <&Sabu> fucking nigg3rs wanna battle15:14 <&marduk> Saaaaaaaaaaaaaabuuuuuuuu \o/15:14 <&marduk> boring without internet huh15:14 <&Sabu> sups my brothers15:15 <@Topiary> 'Lo there15:15 <&Sabu> dude15:15 <&Sabu> without internet15:15 <&Sabu> I feel like a faggot15:15 <&marduk> haha15:15 <&Sabu> anyway15:16 <&Sabu> I been reading twitter15:16 <@Nessuno834> sabu what happened to your internets?15:16 <&Sabu> and thx to topiary I been up to date15:16 <&Sabu> Nessuno834: I got rid of my laptop and everything else with media15:16 <&Sabu> just to be on safe side15:16 <@Nessuno834> ahhh :(15:16 <@Nessuno834> i heard u was having a break15:16 <&Sabu> yeah15:17 <&Sabu> so gents15:17 <&Sabu> whats the latest15:17 <&marduk> why get rid of the notebook?15:17 <&marduk> i mean.... wipe it and reinstall if you're paranoid?15:17 <&Sabu> marduk: nah I don't even want that around15:17 <&marduk> heh, okay.. :)15:17 <&Sabu> anyway15:17 <&Sabu> I got time right now15:18 <&Sabu> are we going to target these other 2 sec firms?15:18 <@Nessuno834> hope ur not paranoid15:18 <&Sabu> or we just sitting on it15:18 <&marduk> i havent heard anything .. i think kayla was checking them out15:18 <&Sabu> ok15:18 <&marduk> but you missed her by an hour or so15:18 <&Sabu> gh3y15:18 <&marduk> but i guess she'll be back15:18 <&Sabu> have we leaked greg's shit yet/15:19 <&marduk> no... but almost15:19 <&marduk> but check this out15:19 <&marduk> http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/index_d_a_71.html15:19 <&marduk> dont leak the URL yet15:20 <@Nessuno834> looks good15:20 <&Sabu> im not on other ircd just here. I'm not leaking shiznit15:20 <@Nessuno834> seeing as im prob only one here whoaint seen gregs emails, is there anything juicy in them?15:21 <&marduk> yeah i know15:21 <&marduk> just saying.. will be public later15:21 <&marduk> when the othermails are there15:21 <&Sabu> this is nice

back

trac

esec

urity

.com

15:21 <&Sabu> Nessuno834: greg's email is nice and juicy15:21 <&Sabu> I was the one in there15:21 <&marduk> we dont know, they have not been scanned or released yet15:21 <@Topiary> Sabu: do you have a list of all the emails/aliases Aaron uses?15:21 <&marduk> oh we scanned them a bit?15:21 <&marduk> and i would use his passwords, Topiary you have them? would like to try something15:21 <&Sabu> marduk, I traversed his email first. then gave access to tflow15:22 <@Topiary> kibafo3315:22 <&marduk> Sabu: ah ok nice15:22 <@Topiary> 31satcom for Ted15:22 <@Topiary> kibafo33 for Aaron15:22 <@Nessuno834> I thought u had seen them marduk15:22 <&marduk> thx15:22 <@Nessuno834> still jelly i missed the main fun15:23 <&marduk> Nessuno834: only 127 :)15:23 <&Sabu> I left a backdoor admin account on hbgary.com's email server15:23 <&Sabu> anyone want to see if we still have admin?15:23 <&Sabu> if so R O F L15:23 <@Topiary> DO EET.15:24 <&Sabu> ok15:24 <&Sabu> Ill give you info15:24 <&Sabu> you try to login15:24 <&Sabu> I don got proxies atm my rootlist is elsewhere15:24 <&Sabu> get https proxy15:24 <&Sabu> url: https://www.google.com/a/prvt.org15:24 <&Sabu> user: reseller15:24 <&Sabu> pass: random15:24 <&Sabu> if you do get to login15:24 <&Sabu> click on "manage domain"15:24 <&Sabu> reset their passwords15:24 <&Sabu> and leak new emails15:24 <&Sabu> ROFLOLFROLOFLORLFRL15:25 <&Sabu> oops15:25 <&Sabu> wrong domain15:25 <&Sabu> https://www.google.com/a/hbgary.com15:25 <&Sabu> there you go15:26 <@Nessuno834> no deal15:26 <@Topiary> Does not work, sadface15:26 <&Sabu> gay15:26 <&Sabu> so sad15:26 <&marduk> 20:22 <@garrett> anyone seen sabu?15:26 <@Nessuno834> sogay15:26 <&Sabu> tell garrett he ca find me here15:26 <&Sabu> can15:26 <&Sabu> privately15:26 <&marduk> k15:30 <~Avunit> SABUUUUUUUUUUUUUU15:31 * Avunit humps the sabu

back

trac

esec

urity

.com

15:31 <~Avunit> D:15:32 <&Sabu> yo yo avunit15:32 <&Sabu> what up my nigga15:32 <&marduk> uh what happened now15:32 <&marduk> vlad goin away?15:32 <&Sabu> what?15:32 <&marduk> hmm no irc works15:32 <~Avunit> wut?15:32 <&marduk> http://internetfeds.mil.nf not responding15:32 <&marduk> ah now15:32 <&marduk> just hung15:32 <~Avunit> LINK: Server tackle.operationfreedom.ru has not responded to PING for 15 seconds, high latency.15:33 <&marduk> heihachi. i guess.15:33 <&marduk> lol15:33 <&marduk> yeah15:33 <&Sabu> haihachi sucks cocks15:33 <~Avunit> that said i will have an invoice in 5 days again15:33 <&Sabu> oh yeah avunit I meant to tell you that if I go offline for a while15:33 <&Sabu> private and isla are good money15:33 <&Sabu> they're completely separated from me15:33 <&Sabu> so that'll stay up + stable15:33 <~Avunit> nais15:34 <&Sabu> I'll have to give you root if anything15:34 <~Avunit> I think about kepeing triumph in heihachi and moving tackle to another host15:34 <&Sabu> yea15:35 <~Avunit> and my first time crappty perl project combined with entropy's rusty perl skills15:35 <~Avunit> gave us the DNSBot too15:35 <~Avunit> to manage anonleaks.ru15:35 <~Avunit> 8)15:35 <&Sabu> who is leaking gregs mails? tflow?15:35 <~Avunit> think so15:35 <&marduk> yes, but we wnt to combine it with the release of the online reader15:35 <~Avunit> oh marduk, has joepie been working on the interface somewhere today?15:35 <&marduk> and i think we need joe for that15:36 <&marduk> he didnt come back yet.. but should be soon now15:36 <~Avunit> Because here we sorted everything at domain and manage level now15:36 <~Avunit> so the only thing holding us back is the interface :P15:36 <&marduk> there was a probl with greg's mails but he knows how to six15:36 <&marduk> he wanted to do that when he is back15:36 <~Avunit> fix I hope15:36 <&marduk> yarr15:36 <~Avunit> Because I know how to seven.15:36 <&Sabu> let me tell you guys15:36 <&Sabu> you thought aarons mails were bad15:37 <&Sabu> gregs full of yumz15:37 <&marduk> they are not that bad actually15:37 <&marduk> most is shit15:37 <~Avunit> I love yumz, but i generally dont have time to read through yumz

back

trac

esec

urity

.com

15:37 <&Sabu> you guys do realize15:37 <&Sabu> that this is going to spark a major offensive on at least my behalf against white security firms15:38 <&Sabu> whitehat+15:38 * Avunit points at palantir and berico.15:38 <&Sabu> yup15:38 <&Sabu> you know those guys are changing their passwords15:38 <&Sabu> scanning their access logs15:38 <&Sabu> lol15:38 <&marduk> oh sabi15:38 <&marduk> sabu15:38 <&marduk> i heard that palantur shut down their databases. cause they fear us15:38 <&marduk> lulz15:38 <&Sabu> yeah bro15:39 <~Avunit> anyway guys15:39 <&Sabu> really15:39 <&marduk> can you confirm that?15:39 <~Avunit> if we wanna do something with palantir and berico15:39 <~Avunit> i propose something more subtle first15:39 <~Avunit> because now theyre all like expecting us15:39 <~Avunit> just relax, get sniff em to death15:39 <&marduk> also did we check out that lawyer firm?15:39 <~Avunit> and when it starts to calm down again15:39 <&Sabu> they're expecting us to attack their servers15:39 <~Avunit> hit em with every backdoor that was in15:39 <~Avunit> bawt no direct email leaks, rm -rfs and maximum access everywhere :p15:39 <&Sabu> I will hit everything around the servers15:40 <&Sabu> I just wanna rm some more ;)15:40 <&marduk> >>> Example. If I want to gain access to the Exelon plant up in Pottsdown PA I only have to go as far as LinkedIn to identify Nuclear engineers being employed by Exelon in that location. Jump over to Facebook to start doing link analysis and profiling. Add data from twitter and other social media services. I have enough information to develop a highly targeted exploitation effort.15:40 <&marduk> god this guy is so full of bull15:40 <@Topiary> Sabu: Greg is looking for q and me personally15:40 <~Avunit> Just do it at the right time sabu :P15:40 <@Topiary> He was asking about us by name15:40 <&Sabu> to whom topiary?15:40 <&marduk> I CAN USE FACEBOOK, I AM A MEGA HAXORR!15:41 <@Topiary> Sabu: couple of sources that want to be kept private15:41 <&Sabu> ok15:41 <@Nessuno834> topiary they want to remain anonymous?15:41 <&Sabu> just be careful guy15:41 <&Sabu> s15:41 <&Sabu> can;t afford to lose any of you guys15:42 <&marduk> i am safe15:42 * Avunit dies under the pressure.15:42 <@Topiary> Nessuno834: yeah and I'm getting them to troll Greg and fax dox me, act like they're ratting me out but leading him further away [Pester, et al?]

back

trac

esec

urity

.com

15:42 <~Avunit> too... much... love...15:42 <&marduk> fucking nobody on anonops knows who i am15:42 <@Topiary> *fact15:42 <@Nessuno834> I dont exist15:42 <@Nessuno834> at all15:42 <~Avunit> Well there are no actual ties to me and very criminal activity but yeah as said before I am traceable if they really want to15:42 <~Avunit> but all my data is safe :P15:43 <@Topiary> @topiary on twitter, that guy with the European voice15:43 <@Topiary> that is all anyone has on me.15:43 <@Topiary> @atopiary rather15:43 <@Topiary> Fucking wish I had @topiary15:43 <~Avunit> I'm just that guy that lurks in every channel.15:43 <&marduk> oh 15:43 <@Topiary> my skype is doxiary15:43 <@Nessuno834> I do nothing 15:43 <@Topiary> in case they go DERPER15:44 <~Avunit> lol15:44 <@Nessuno834> and I am nobody15:44 <@Topiary> I'm sure all of us have info online somewhere, but not linked to our current info in any way15:44 <&marduk> HBGary and Berico were in contact with Hunton & Williams in early5~ Novemvber alredy15:44 <&marduk> http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/6413.html15:44 <@Topiary> Let's face it, we were dumb kids once15:45 <~Avunit> Topiary: probably, and mainly because i want it :P15:45 <~Avunit> gotta run businesses too15:45 <~Avunit> xD15:45 <&marduk> WOW shit15:45 <&marduk> check that pptx15:45 <&marduk> "Develop a corporate information reconnaissance service to aid legal investigations through the open source collection of information on target groups and individuals that appear organized to extort specific concessions through online slander campaigns."15:45 <&marduk> Laurelai15:46 <~Avunit> srs i prefer just a plain text file over a powerpoint presentation >.>15:46 <&marduk> lol15:47 <~Avunit> lulllz15:47 <~Avunit> they want to dox us all15:47 <~Avunit> thru facebwek15:47 <~Avunit> n linkedin15:47 <~Avunit> n google15:47 <~Avunit> n wordpress 15:47 <~Avunit> n yahoo15:47 <~Avunit> the fuck15:47 <~Avunit> that they go use the same pass and name everywhere and reg everywhere15:47 <~Avunit> doesnt mean15:47 <~Avunit> we do15:47 <&Sabu> these guys are completely dense

back

trac

esec

urity

.com

15:48 <~Avunit> if thats your only way of doxing people...15:48 <~Avunit> well lol15:48 <~Avunit> we'd better get a smoke and chill a lot then15:48 <~Avunit> because jeez15:48 <&Sabu> ok gents15:48 <@Topiary> I really want to see their emails now, after that statement on the HBGary site, we can assume they're going into dox overdrive15:48 <&Sabu> so whats the lawyer firm that tried to put the anti-wikileaks oepration?15:48 <@Topiary> GIGA DRILL MAXIMUMARRUUUU15:48 <~Avunit> Hudson & thingie?15:49 <~Avunit> oh Hunton & Williams15:49 <&Sabu> wasnt it williams and something?15:49 <&marduk> yes15:49 <&Sabu> what were their email addresses?15:49 <&marduk> its BoA lawyer firm15:49 <&Sabu> do they have a website?15:49 <&marduk> sure.. i guess..15:49 <@Nessuno834> Meanwhile, please be aware that any information currently in the public domain is not reliable because the perpetrators of this offense, or people working closely with them, have intentionally falsified certain data. 15:49 <@Nessuno834> fuckin hypocrites15:49 <&marduk> http://www.hunton.com/15:50 <&Sabu> kk15:50 <&Sabu> I'll begin research15:50 <&marduk> Nessuno834: well aarons mail are all sigitally signed15:50 <&marduk> lulz15:50 <~Avunit> Listening to mubarak meanwhile15:54 <~Avunit> and ofcourse ill take care of private and isla too15:54 <~Avunit> gimme roto and ill fux em up as much as possible :P15:56 <&marduk> 20:55 <%SteveD3> Anyone know if it was the enterprise edition of google apps or the regular version where the emails were stored?15:56 <&marduk> Sabu: ?15:57 <&marduk> also:15:57 <&marduk> jwoods@hunton.com15:57 <&marduk> John Woods15:57 <&marduk> is their contact at H&W16:01 <&marduk> ohhhh sabu16:01 <&marduk> i have someting lol16:02 <&marduk> research from Aaron on Jeff16:02 <&marduk> but this looks substantial *surprise*16:02 <&marduk> http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/7628.html16:02 <&marduk> soo hmm16:02 <&marduk> it looks like they actively researched that company. interesting16:03 <&marduk> Political Donations: Gave money to John McCain 16:03 <&marduk> oh god16:03 <&marduk> :p16:03 <&marduk> Father owns Noland Company16:03 <&marduk> Annual Revenue $100-$500M16:03 <&marduk> A Runner. Member of GRIPLA.ORG (Greater Richmond Intellectual

back

trac

esec

urity

.com

Property Law Association. Has a blackberry and has installed the Facebook app for blackberry.16:03 <&marduk> lol16:16 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: @entropy, +DNSBot16:18 -!- Netsplit over, joins: @entropy, +DNSBot16:20 <~Avunit> D:16:46 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: @entropy, +DNSBot16:53 -!- Netsplit over, joins: @entropy, +DNSBot16:56 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: @entropy, +DNSBot16:58 * Avunit stabs triangle.17:03 -!- Netsplit over, joins: @entropy, +DNSBot17:05 -!- Netsplit private.operationfreedom.ru <-> triangle.operationfreedom.ru quits: @entropy, +DNSBot17:05 <&Sabu> sorry im back now17:06 <&Sabu> marduk, it was enterprise edition17:06 <&Sabu> they paid 1500 for 33 users17:06 <&marduk> thx Sabu 17:06 <&Sabu> I had all the receipts but I deleted them thinking hey were useless17:06 <&Sabu> they17:06 <&marduk> heh yeah17:06 <&Sabu> is it important if it was regular or enterprise/17:07 <&marduk> dunno, steve wnated to know, guess for some follow up article17:07 <&Sabu> interesting17:13 -!- DNSBot [DNSBot@DNS.Bot] has joined #hq17:13 -!- ServerMode/#hq [+v DNSBot] by triangle.operationfreedom.ru17:14 <&Sabu> ok17:14 <&Sabu> whats dnsbot17:14 <&marduk> !dns list17:14 <&marduk> !list17:14 <&marduk> hmm17:14 <&marduk> wellm, a dns bot :)17:14 <+DNSBot> Current DNS Config:17:14 <+DNSBot> localhost A 127.0.0.117:14 <+DNSBot> www A 92.241.162.21617:14 <+DNSBot> hbgary A 92.241.162.21617:14 <+DNSBot> ns1 A 92.241.184.7817:15 <+DNSBot> ns2 A 92.241.184.8017:15 <&marduk> arh17:15 <&marduk> !dns add test a 6.6.6.617:15 <+DNSBot> The following DNS configuration was added:17:15 <+DNSBot> test a 6.6.6.617:15 <&marduk> !dns del test17:15 <+DNSBot> The following DNS configuration was deleted:17:15 <+DNSBot> test 17:16 <&Sabu> interesting17:16 <&Sabu> can you look up MX records and shit?

back

trac

esec

urity

.com

17:16 <&marduk> it's only for anonleaks.ru 17:16 <&Sabu> I see17:16 <&Sabu> ok 17:21 <&Sabu> ok17:21 <&Sabu> so17:21 <&Sabu> tflow, you around?17:23 -!- Netsplit private.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot17:26 <&Sabu> whats up with triangle17:28 <&marduk> dunno, blame Avunit 17:28 -!- Netsplit over, joins: +DNSBot17:28 <&marduk> i'm only responsible for tackle and triumph. not that i could do anything if the split :P17:31 <&Sabu> so17:31 -!- Netsplit private.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot17:31 <&Sabu> I'm looking into hunton.com17:31 <&Sabu> would that be a good target?17:32 <&marduk> of course it would be17:33 <&marduk> if we could pull a gary.. that'd kill them immediately. but i dont think that's possible17:33 <&marduk> i actually believe they would protect their communications..17:33 -!- Netsplit over, joins: +DNSBot17:34 <&Sabu> ok17:34 <&Sabu> if I sign off in a few or go idle that means I'm back home17:34 <&Sabu> if kayla logs on17:34 <&Sabu> ask her to begin working on it17:34 <&marduk> allriite, will do. but will probably go to sleep soon17:35 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot17:35 <&Sabu> yo someone rm triangle already17:37 * marduk JUPES triangle17:37 <&marduk> naw17:46 <&Sabu> dude17:46 <&Sabu> hunton.com will be a nice fucking hit17:46 <&marduk> hm see potential vulns?17:48 <&Sabu> yeah17:48 <&Sabu> I see some potential openings17:48 <&marduk> :]17:49 <&Sabu> we could rape these niggers17:49 <&marduk> it would be awesome if we can get it without noticing17:49 <&marduk> pull the comm tapping again17:49 <&Sabu> yeah17:50 <&marduk> comm tapping a lareg lawyers office17:50 <&marduk> man17:50 <&Sabu> this time we'll sit and collect quietly17:50 <&marduk> that's major shit17:50 <&marduk> yes17:50 <&Sabu> itll require a lot of our time and dedication17:50 <&marduk> also, we should NOT release a dump

back

trac

esec

urity

.com

17:50 <&marduk> only things which show illegal/fishy things etc17:50 <&marduk> because i would assume they have tons of absolutely legit clients17:50 <&marduk> we should not compromise them17:51 <&marduk> i dont think this would play well in the public17:51 <&Sabu> and another point to make it we have not found evidence of them attacking us at this point17:51 <&marduk> but well, hypothetical. should see what we discover first17:51 <&marduk> yup17:52 <&marduk> but it's not only about us17:52 <&marduk> it is about the BoA/WL/Gov connection17:52 <&Sabu> can you guys put together a private pad containing a list of whitehat targets, lawyers, reporters, any media that requires counter-intelligence attack17:52 <&Sabu> yeah17:52 <&marduk> which still is mysterious to us17:52 <&Sabu> I fucking lol'd when I read that shit in the news17:52 <&marduk> mhh i will get on that after i slept17:53 <&marduk> dont like a public pad tho...17:53 <&Sabu> thats why I said private 17:53 <&Sabu> in fact I'll set one up now17:53 <&Sabu> for our internal use17:53 <&Sabu> give me a few17:53 <&marduk> ah okay :)17:53 <&Sabu> brb17:53 <&marduk> sure17:53 <&marduk> put in topic then17:53 -!- Netsplit over, joins: +DNSBot17:56 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot18:01 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel18:01 -!- kayla [mysql2@fbi.gov] has joined #hq18:01 -!- mode/#hq [+o kayla] by HQBot18:01 <@kayla> hola :318:01 <@kayla> sabu!!! :DD18:03 -!- Netsplit over, joins: +DNSBot18:06 <&marduk> kkk-kayla18:06 <&marduk> he maybe away.. but i am to inform you about a new target18:06 <&marduk> www.hunton.com18:06 <&marduk> sabu found potential vulns18:06 <&marduk> it's that lawyers office that represent BoA18:06 <&marduk> and approached HBGary about the Smear Campaign18:07 <&marduk> but should you get in.. be quiet pll0x :x18:08 <@kayla> ofc :318:08 <&Sabu> im back18:08 <&Sabu> kayla my love18:08 <@kayla> :D18:08 <@kayla> sabu we going to rock www.hunton.com :D?18:08 <&Sabu> yes miss18:09 <&Sabu> hunton.com is target but its windows ;\18:09 <&Sabu> it has tons of asp/aspx scripts with lots of potential pams we can sql18:09 <&Sabu> also it has about 6 mx servers listed..

back

trac

esec

urity

.com

18:09 <&Sabu> so if push comes to shove we can try to root them if they arent exchange/windows boxes18:09 <@kayla> show me the links i'll see if i can get an injection out of them :)18:10 <&Sabu> site:hunton.com inurl:id youll find a few18:12 <@tflow> this could be blind sqli18:12 <@tflow> http://www.hunton.com/news/event.aspx?tab=0002&gen_H4ID=114'5318:12 <@tflow> compared to http://www.hunton.com/news/event.aspx?tab=0002&gen_H4ID=1145318:14 <@Nessuno834> kayla <318:14 <@kayla> hi Nessuno83418:14 <@kayla> <3 :)18:15 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot18:15 <&marduk> goddarn triangle18:15 <&marduk> get square18:18 <@Nessuno834> :D18:20 <&Sabu> yeah kayla I see that18:21 <@kayla> can't seem to get anything out of those tflow18:21 <&marduk> i'm running a few wild dreams now.. we manage to tap their comms and notice they are actually investigating us :)18:22 <&marduk> then we should set up a bot that greps for interesting keywords and just posts mails here heh18:26 <@kayla> this is interesting http://www.hunton.com/cwrhunton/index.htm18:28 <&marduk> "secure" orly? :)18:30 <&marduk> heh, Sabu JFYI you still have a client on anonops18:30 <&marduk> 23:29 -!- mode/#opegypt [+b *!*sabu@*.5AC22E7D.D7D87AFD.IP] by p0ke18:30 <&marduk> 23:29 -!- Sabu_ was kicked from #opegypt by p0ke [115 hours idle]18:30 <&marduk> 23:29 -!- mode/#opegypt [-b *!*sabu@*.5AC22E7D.D7D87AFD.IP] by Nessuno18:31 <&Sabu> yes kill it if possible its my other shell server 18:31 <&Sabu> in fact kline the ip18:31 <&Sabu> guys im going offline I will be back online toorrow18:31 <&Sabu> tomorrow I should have a new laptop18:31 <&Sabu> muah18:31 <&Sabu> and kayla18:31 <&Sabu> please work on whitehat targets18:34 <&marduk> will request18:34 <@kayla> Sabu ofc <3 :) 18:35 <&marduk> tflow: can you z-line reason requested?18:35 <@kayla> c ya later sabu :D18:35 <@Nessuno834> cya sabu18:36 <&marduk> <o/18:37 <@kayla> brb ;)18:37 <@Nessuno834> bai kayla <318:38 <@kayla> have gregs mails been dumped yet :D?18:39 <&marduk> *almost* ready18:39 <&marduk> tech problem has been fixed it seems18:42 <@tflow> yeah.. nigg gave the greg mails in a fucked up format lol18:42 <@tflow> that had me scratching my head

back

trac

esec

urity

.com

18:43 <@tflow> but it's fixed now18:44 <@tflow> (\r\r\n was used as a newline, lol)18:44 <@tflow> rather than \r\n or \n18:51 <@tflow> currently converting greg's mails to the web version though. will be released on torrents + as a web version at the same time18:52 <&marduk> can you give ETA?18:52 <@tflow> if everything goes to plan18:52 <@tflow> then i would say18:52 <@tflow> 4 hours maybe18:52 <&marduk> cool. dunno if i will survive that long tho :/(19:24 <@Laurelai> my presentation will be tonight too19:25 <@Laurelai> for whoever is around19:28 <@Topiary> tflow: do you know what's in the mails?19:32 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @tflow19:32 <&marduk> hmm there goes tackle and vlad19:32 <&marduk> bye bye19:32 <&marduk> grr19:42 <@Topiary> Just a big high five to all you; I can't stop LOLing at the thought of how much we fucked up Aaron19:45 <&marduk> http://twitter.com/#!/AnonymousIRC/status/3586158434989260819:48 <@Topiary> http://twitter.com/#!/atopiary/status/3586256615663616219:48 <@Topiary> DAMNIT MARDUK19:48 <@Topiary> HOW THE FUCK DID YOUU KNOW.19:50 <&marduk> i can read your mind of course!19:50 <@Topiary> WELL RETWEET MINE OR I'LL ROOT CHARLIE AND SPAM DAVIDSONS!19:51 <&marduk> pfff. already done before you said. CHECK YOUR FACTS, NEWFAG!19:51 <@Topiary> I'm about to tweet something I just made up that is superb19:51 <@Topiary> http://twitter.com/#!/atopiary/status/3586346559576473619:54 <&marduk> lol... i use thats ome other time tho :)19:54 <&marduk> but it IS good (=19:55 <@Topiary> Damn, beat me to it19:56 <@Topiary> [00:52:39] Topiary: Well, I understand, we do sometimes do very harsh things.19:56 <@Topiary> [00:52:47] Topiary: Or just mindless things.19:56 <@Topiary> [00:53:38] Parmy Olson: For lulz.19:56 <@Topiary> Shit, I think I've converted this Forbes writer to Anon19:57 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @marduk, @kayla20:01 -!- Netsplit over, joins: &marduk20:03 <@Topiary> can we register anonleaks on twitter in case someone nabs it?20:03 <@Topiary> even if it's inactive20:03 <&marduk> uh sure20:03 <&marduk> do it20:03 <@Topiary> damnit20:04 <@Topiary> Very well.20:04 <&marduk> in use?20:04 <&marduk> i can do it tho20:04 <&marduk> i only have one twitter so far

back

trac

esec

urity

.com

20:04 <&marduk> but go ahead if you want20:05 <@Topiary> Oh fuck, I put leak into the password box, started typing something random, thought of a rhyme, "weak", put in leakweak, and the fucking box came up that says "password is weak"20:05 <@Topiary> shat brix.20:05 <@Topiary> I'll do it20:05 <&marduk> lo20:06 <@Topiary> http://twitter.com/anonleaks20:06 <@Topiary> Damnit, it's already up.20:06 <@Topiary> Nevermind then.20:06 <&marduk> yeah i feared as much20:07 <&marduk> well AnonymousIRC works fine as catalyst20:07 <&marduk> closing on 7k now20:07 <@Topiary> You're doing well on that20:18 <@Topiary> http://securepastebin.com/go/retrievePost.action?id=6302 Avunit mardu Sabu Laurelai Nessuno83420:18 <@Topiary> password is puddi20:24 <&marduk> quite interesting20:28 <@Topiary> thought maybe kayla/tflow/Sabu might enjoy20:28 <&marduk> yes, definitely good info20:29 <&marduk> also relayed to ifeds20:29 <&marduk> !invite kayla20:29 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel20:29 -HQBot:#hq- kayla was invited to the channel.20:32 -!- kayla [mysql2@HA-i80.2gd.hmtqaa.IP] has joined #hq20:32 < kayla> :320:32 < kayla> wew20:33 <&marduk> there she is20:33 -!- kayla [mysql2@HA-i80.2gd.hmtqaa.IP] has quit [Changing host]20:33 -!- kayla [mysql2@fbi.gov] has joined #hq20:33 -!- mode/#hq [+o kayla] by HQBot20:33 <@kayla> :320:33 <@kayla> how goes?20:33 <&marduk> 01:19 <@Topiary> http://securepastebin.com/go/retrievePost.action?id=6302 Avunit mardu Sabu Laurelai Nessuno83420:33 <&marduk> 01:19 <@Topiary> password is puddi20:33 <&marduk> check that20:33 <&marduk> but i wouldnt touch it just yet20:34 <&marduk> i'd like to get some confirmation somehow20:34 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq20:34 -!- ServerMode/#hq [+o tflow] by tackle.operationfreedom.ru20:34 <&marduk> ohai tackle 20:34 <&marduk> and tflow you too: http://securepastebin.com/go/retrievePost.action?id=6302 password is puddi20:36 <@Topiary> http://securepastebin.com/go/retrievePost.action?id=6303 also kayla if you want lulz at us trolling some Guardian bitch into thinking she was in the secret hacking channel20:36 <@Topiary> password guardian20:36 <&marduk> hehe

back

trac

esec

urity

.com

20:36 <&marduk> just hope she will come back20:37 <&marduk> and btw, i did not use David (alrhough the D reference was clear) but that would have exposed the troll20:37 <&marduk> a mystery Don that nobody seen before is much better20:43 <@kayla> lol guardian as in media xD?20:44 <&marduk> ye20:44 <&marduk> she contacted topiary via skype and wanted access to one of the "secret channels"20:44 <&marduk> so we made one up :p20:52 <@Laurelai> lol20:52 <&marduk> oh the beauty20:52 <&marduk> we have lulz + epic win20:52 <@Laurelai> silly bitch dont you know im the only medial allowed here20:52 <@Laurelai> media*20:53 <@Topiary> I've already converted the fuck out of Russia Today's producer Jenny Churchill - she LOLs hard at Anon lulz20:53 <@Topiary> Parmy Olson next20:53 <@Laurelai> yes...turn them all to the dark side20:54 <&marduk> palentir ... remove that from target list for now20:54 <@Laurelai> oh?20:54 <&marduk> i cannot really leak this info as of yet20:54 <&marduk> but .. there will be big news in a moment20:54 <@Laurelai> orly20:55 <&marduk> palantir head PR apologized to Greenwald in person and to all "progressive institutions" as palantir always supported freedom of speech20:55 <&marduk> steve will post an item soon20:55 <&marduk> please do not spread that ourtside yet20:55 <@Laurelai> ok20:55 <@Laurelai> so20:56 <@Laurelai> they put their hands up20:56 <&marduk> that means20:56 <&marduk> the IMPORTANT thing is: palantir confirmed the document as real20:56 <&marduk> and therefore basically confirmed the mails are probably all real20:57 <&marduk> they probably do damage control now20:57 <&marduk> they don't want to go down with the rest20:57 <&marduk> it will be interesting to see.. if they continue cooperationg with DoD/DOJ20:57 <&marduk> and how that runs down21:01 <@Topiary> you guys aware that we now have a copy of stuxnet via Aaron's emails?21:01 <@Laurelai> orly21:01 <@Laurelai> source?21:04 <&marduk> wow21:04 <&marduk> wow21:04 <&marduk> wow21:04 <&marduk> it gets better21:04 <&marduk> source is Head of Palantir PR21:04 <&marduk> ""As the Co-Founder and CEO of Palantir Technologies, I have directed the company to sever any and all contacts with HB Gary."21:04 <&marduk> EAT THAT21:04 <&marduk> But SHHHHHHHHHHH!

back

trac

esec

urity

.com

21:04 <@tflow> link?21:04 <&marduk> no link21:04 <&marduk> private mail with steve21:04 <@tflow> wher is that from?21:04 <@tflow> oh21:04 <@tflow> :)21:04 <&marduk> it will be on tech herald21:04 <@tflow> acs:law 2.0 :)21:05 <@tflow> like how all uk isps cut of contact with them21:07 <@Topiary> EAT SHIT AND DIE HBGARY21:07 <&marduk> OH HE WILL21:07 <&marduk> AND I WANT TO FUCKING KNOW WHAT HBGARY MEANS21:39 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @tflow21:41 -!- Irssi: #hq: Total of 8 nicks [6 ops, 0 halfops, 0 voices, 2 normal]21:43 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @marduk21:45 -!- Netsplit over, joins: &marduk21:46 * marduk axemurders heihachi21:48 <@Laurelai> hi21:48 -!- Netsplit over, joins: @tflow21:49 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal]21:59 <&marduk> http://www.thetechherald.com/article.php/201106/6804/Firm-targeting-WikiLeaks-cuts-ties-with-HBGary-apologizes-to-reporter22:17 <@Topiary> [03:16:53] === quinn <quinn@an-93277362.natpool.nyu.edu> ``Quinn Norton''22:17 <@Topiary> [03:16:53] === quinn is a registered nick22:17 <@Topiary> [03:16:53] === quinn: member of #ophbgary, #reporter, and #opegypt22:17 <@Topiary> [03:16:53] === quinn: attached to doom.anonops.ru ``AnonOps IRC Network''22:17 <@Topiary> [03:16:53] --- End of WHOIS information for quinn.22:17 <@Topiary> I don't trust this guy.22:22 <&marduk> he is weird indeed22:23 <&marduk> saw him also on telecomix22:23 <&marduk> you may wanna ask biella22:23 <&marduk> i think she knows him22:23 <&marduk> or was it arrett?22:23 <&marduk> either one22:27 <@Topiary> I just don't like the channels he's in - Aaron Barr spy channels.22:33 <@Laurelai> hey22:34 <@Topiary> marduk Avunit Sabu Laurelai Nessuno834 tflow http://twitter.com/#!/dstufft # these guys are trying to dox us and give to Feds22:34 <@Topiary> we have counter-dox, what do?22:34 <@Topiary> it's 6 people22:34 <@Topiary> they're actually getting some valid info 22:34 <&marduk> lol22:35 <&marduk> wtf is that?22:42 <@tflow> its a fail22:42 <@tflow> he's just posting /whoises22:42 <@tflow> don't give him any attention

back

trac

esec

urity

.com

22:42 <@Topiary> they were back from chanology22:42 <@Topiary> don't underestimate22:42 <@Topiary> we have dox on them, formatting now22:43 <@tflow> ironically he's here http://dstufft.com/22:43 <@tflow> with a photo of himself and everything22:43 <@tflow> is he trying to commit suicide?22:44 <@Topiary> that's not him22:44 <@Topiary> it's a group of 6 that actually are trying to fuck that guy22:44 <@Topiary> anyway just a note in case they actually do something: we have their dox22:45 <&marduk> Topiary: http://en.wikipedia.org/wiki/Quinn_Norton22:45 <&marduk> she claims it's her22:45 <&marduk> see #reportter22:46 <@Topiary> ah, that's okay then. we have reporters of 3 different sources analyzing/spying on us right now. I don't give a shit, but I fear for some of the more less private anons22:46 <@Topiary> *reports22:49 <&marduk> yup i think she'S legit22:49 <&marduk> i sont think she would claim to be a blogger which has 404 on its site if she wasnt the one22:49 <&marduk> :p22:49 <@Topiary> right, that's good. @ these 6 faggots: I am going to personally fuck with their lives22:50 <&marduk> 6?22:50 <@Topiary> that twitter is a group of 522:50 <@Topiary> 6522:50 <@Topiary> 622:50 <&marduk> ahh22:51 <&marduk> yeah didnt read context thx22:59 <@Laurelai> im decompiling stuxnet atm23:00 <@Laurelai> should have source code soon23:02 <&marduk> mhh nice.. but in this case, i'D actually be more interested in the cleaned source that hbgary has :)23:03 <@tflow> Topiary/marduk: any of you going to make @anonleaksdotru?23:03 <&marduk> hmmm23:03 <&marduk> AnonLeaksDotRu ?23:04 <@tflow> yeah23:04 <@tflow> or any other suggestions?23:05 <&marduk> thinking23:09 <@Topiary> @AnonymousLeaks23:09 <@Topiary> ?23:10 <@Topiary> also, Y/N: we allowed to say "AnonLeaks rep" to press?23:10 <@Topiary> to replace Anon source23:11 <&marduk> ohyes23:11 <&marduk> AnonymousLeaks i like better23:11 <@tflow> Well, we can say Anonleaks only when referring to the technical operations the site, as we can't speak for all of Anonymous23:11 <@tflow> and yeas, that's a good name23:12 <&marduk> i would refrein from using "rep" ever23:12 <&marduk> simply because.. that makes you/us directly tiable/responsible for what

back

trac

esec

urity

.com

happens23:12 <&marduk> no need to23:12 <&marduk> example: the penny lock23:12 <&marduk> yeah sabu/kayla/tflow obviously were involved in the hack. but they never admitted to23:13 <&marduk> from the logs, you can only deduct that they knew about the operation23:13 <&marduk> well that kayla is our 16 year ol girl is no secret tho anymore tho i guess23:13 <&marduk> same for me23:13 <&marduk> i'm sure they think i actually haxed23:13 <&marduk> which is fine.. for reason stated often enough23:13 <@tflow> Well we don't really need to speak as "AnonLeaks" anyway, most of the time was can speak as "Anonymous"23:14 <&marduk> yup23:14 <@Topiary> okay - good words23:15 <&marduk> well, want me to register23:15 <&marduk> actually i prefer that :p23:15 <&marduk> Topiary is sometimes... so vulgar :p23:17 <&marduk> what the frigging fuck23:18 <&marduk> this is beyond mad23:19 <&marduk> my yahoo mail account, i registered like a week ago for facebook23:19 <&marduk> has 1066 mails :o23:19 <&marduk> ahh damn,23:19 <&marduk> that were all the facebook action to David Davidson23:19 <&marduk> lol23:19 <&marduk> it'S regged23:19 <&marduk> need a profile text23:19 <&marduk> and profile pic23:24 <&marduk> http://twitter.com/#!/AnonymousLeaks/23:24 <&marduk> draft23:43 <@tflow> looking nice23:46 <@Laurelai> ok23:46 <@Laurelai> keep this quiet for now23:46 <@Laurelai> https://github.com/Laurelai/decompile-dump/tree/master/output23:46 <@Laurelai> its going with my article23:47 <@Topiary> Laurelai: I am in lesbians23:47 <@Laurelai> Topiary: lol23:47 <@Laurelai> Topiary: i saw that movie the other day....23:47 <@tflow> what's that?23:47 <&marduk> tflow: 23:47 <@Laurelai> do i know you O_O23:47 <&marduk> i need some help23:47 <@Topiary> Laurelai: Maybe23:47 <@tflow> oh. stuxnet decompile23:48 <@tflow> marduk: with?23:48 <&marduk> other net, sorry w/c--- Day changed Fri Feb 11 201100:09 <&marduk> tflow: heh00:09 <&marduk> hbgary functional again00:14 <&marduk> tflow: ?

back

trac

esec

urity

.com

00:14 <&marduk> can we have nopants here,w hat do you think00:14 <&marduk> or no actually00:14 <&marduk> forget it00:16 <@tflow> HAHA00:16 <@tflow> seems like they don't have a copy of their original site :-)00:16 <&marduk> sux to have backups wiped00:25 <@Laurelai> omg00:25 <@Laurelai> the stuxnet thing00:25 <@Laurelai> they were working with the NSA00:34 <&marduk> uhm00:34 <&marduk> no surprise tho00:34 <&marduk> i mean, to be expected?00:34 <&marduk> btw00:34 <&marduk> https://twitter.com/#!/AnonymousLeaks/status/3593430928196403200:34 <&marduk> we find lulzy stuff00:34 <&marduk> https://twitter.com/#!/AnonymousLeaks/status/3592652202810572800:34 <&marduk> like that even more00:34 <&marduk> that was actually the final mail Jussi send to Greg lol00:34 <&marduk> He got no reply. Hm.02:18 <&marduk> Topiary: 02:18 <&marduk> you around02:18 <&marduk> or anyone02:18 <&marduk> moah02:18 <&marduk> this sux02:31 <@Laurelai> hi05:40 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel05:40 -!- kayla [mysql2@fbi.gov] has joined #hq05:40 -!- mode/#hq [+o kayla] by HQBot05:40 <@kayla> wew:305:40 <@kayla> *kiss*05:41 * marduk glomps kayla 05:41 <@kayla> \:3/05:42 <&marduk> haha you know05:42 <&marduk> how many people have asked me in query05:42 <&marduk> if Q was q05:42 <&marduk> lol05:42 <&marduk> i just said, i wouldnt know05:42 <@kayla> xD05:42 <@kayla> i know too many Q's :(05:42 <@kayla> you on sunshine, efnet and one on freenode xD05:43 <&marduk> i guess Q is fine that he is kinda confused with me here05:43 <&marduk> it makes it all more obscure05:43 <&marduk> im on efnet05:43 <&marduk> but with my real id05:43 <&marduk> cant interact ;)05:43 <@kayla> i dont go to efnet anymore :D05:43 <&marduk> good05:43 <@kayla> did gregs mails get dumped ?05:43 <&marduk> they are as we soeak

back

trac

esec

urity

.com

05:44 <&marduk> lets see05:44 <&marduk> ?05:44 <&marduk> gah05:44 <&marduk> now its down05:46 <&marduk> join in anonopa :)05:46 <@kayla> wot :o?05:46 <@Topiary> Morning05:46 <@kayla> whats anonoopa?05:46 <&marduk> #internetfeds05:46 <@kayla> anonopa*05:46 <&marduk> on anonops05:46 <@kayla> ahh :)05:46 <&marduk> the MASTER CAHN!05:46 <&marduk> :)05:47 <&marduk> well not really05:47 <&marduk> mostly idle :)06:03 <&marduk> kayla: did you look at .dz mobile ohone?06:08 -!- DNSBot [DNSBot@DNS.Bot] has joined #hq06:08 -!- ServerMode/#hq [+v DNSBot] by triangle.operationfreedom.ru06:13 <@Laurelai> marduk06:13 <@Laurelai> do you know the Q on sunshine06:14 <&marduk> 'know' is exaggerated06:14 <&marduk> i talked to him 06:15 <&marduk> once or twice06:16 <@Laurelai> ok06:16 <@Laurelai> thought i was gonna have a twilight zone moment06:16 <@Laurelai> lol06:18 <&marduk> nah not the same06:18 <&marduk> some think so06:18 <&marduk> good :)06:18 <@Laurelai> yeah06:18 <@Laurelai> i didnt think so06:18 <@Laurelai> i thought you might be someone else06:18 <&marduk> ofc, first i act diffently06:18 <&marduk> and then there is the caps thing06:19 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal]06:19 <&marduk> oh no .(06:19 <@Laurelai> inb4 you are julina assange06:19 <&marduk> nah, i am too old for that06:19 <@Laurelai> lol06:20 <&marduk> but yeah, we might have something in common06:20 <&marduk> like the insanity06:27 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel06:28 -!- kayla [mysql2@fbi.gov] has joined #hq06:28 -!- mode/#hq [+o kayla] by HQBot06:28 <@kayla> anyone here :D?06:28 <@Laurelai> hi06:29 <@kayla> Does anyone have gregs mails they can grep for me :D?06:30 <@kayla> he has an immunity account!!!

back

trac

esec

urity

.com

06:30 <@Laurelai> wut06:30 <@kayla> want pass bad :306:30 <@kayla> then we can dl all their 0day 06:32 <~Avunit> sup guis06:32 <&marduk> only whats up so far06:32 <&marduk> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/06:33 <~Avunit> thats just a page with all e-mails as files to me06:33 <~Avunit> not an interface06:33 <&marduk> we KNOW06:33 <&marduk> DONT COMPLAIN 06:33 <@kayla> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/23894.html OHGOD LOL06:33 <@kayla> the "HBgary Handbook"06:33 <~Avunit> I am NOT complaining.06:33 <@kayla> xD06:33 <~Avunit> kthxbai.06:33 <&marduk> attachment?06:33 <@kayla> yeh :D06:34 <~Avunit> So rather dont shout at me.06:34 <@kayla> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/attachments/5425.doc06:34 <&marduk> somehow... my office doesnt parse docs correctly06:34 <@kayla> Thank you for joining HBGary, Inc. .HBGary.. We pride ourselves on being a dynamic and innovative team of people, who desire to produce quality results while offering a professional work environment that is fun and rewarding. 06:34 <@kayla> We encourage you to make a difference here, as your participation counts. As we grow our business, we offer you the opportunity to enjoy an expanding reputation in the community and contribute to the success of our company. 06:34 <@kayla> We strive to meet the high standards that we have set as a company. Customers are our top priority and we value each and every customer and want their experience interfacing with HBGary to be the best in the industry. If we make our customers successful, we will create an enjoyable, professional atmosphere where everyone can succeed.06:34 <~Avunit> and hai kayla <306:34 <&marduk> gaaah06:34 <&marduk> no marketing soam plz -306:34 <@kayla> hi seksi :306:35 <~Avunit> how are you?06:35 <@kayla> 1.6. ETHICS 06:35 <@kayla> Employees are expected to act ethically, honestly, and with the highest standard of personal integrity at all times in the performance of their job responsibilities. Employees must comply fully with federal, state, local laws, and regulations governing our operations, and must conduct their business affairs according to the highest legal and ethical standards. Violations will be investigated and disciplinary action may be taken, including termination. Violation of this p06:35 <@kayla> You are to report any actual or potential violations of applicable laws or regulations and any unethical, dishonest, or improper conduct to the designated Manager at HBGary, Inc., or the Human Resource Department. If you are uncertain as to the applicability of a law or this policy to your work, you are responsible for seeking guidance from your manager or Human Resources. No reprisal or detrimental action of any kind shall be taken against an employee who reports a viola

back

trac

esec

urity

.com

06:35 <~Avunit> ethically, honestly06:35 <@kayla> derp "ETHICS"06:35 <~Avunit> we should report aaron,.06:36 <@kayla> xD06:36 <~Avunit> He isnt honest and the average cow has more ethics.06:37 <&marduk> i need tha sleeps06:38 <&marduk> kayla: iöll dream oyou <306:38 <&marduk> seey tomorrow06:39 <~Avunit> kayla, can you reach nic.ru/en?06:48 <@Topiary> Oh fuck is that actually all of his emails?06:48 <@Topiary> kayla06:52 <@kayla> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18599.html06:52 <@kayla> sup :D?06:53 <@kayla> Avunit doesn't load for me06:53 <@Topiary> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/10391.html06:53 <&marduk> http://twitter.com/#!/AnonymousLeaks/status/3602995907605708806:53 <~Avunit> yeah i just managed to get it loading so its fine06:53 <~Avunit> !dns list06:53 <+DNSBot> Current DNS Config:06:53 <+DNSBot> localhost A 127.0.0.106:53 <+DNSBot> www A 92.241.162.21606:53 <+DNSBot> hbgary A 92.241.162.21606:53 <+DNSBot> ns1 A 92.241.184.7806:53 <+DNSBot> ns2 A 92.241.184.8006:54 <~Avunit> !dns add ns3 A 91.211.116.13406:54 <+DNSBot> The following DNS configuration was added:06:54 <+DNSBot> ns3 A 91.211.116.13407:01 <@Topiary> Greg's paypal email is hoglund@hbgary.com07:01 <@Topiary> just a note07:02 <~Avunit> and next time i come in and someone starts shouting at me07:02 <~Avunit> i will gline someone07:02 <~Avunit> <.<07:02 <~Avunit> i no like that07:04 <~Avunit> </rant>07:04 <~Avunit> so how are ya all?07:05 <&marduk> need a fnny mail07:05 <&marduk> :P07:05 <&marduk> Topiary: deliver :p07:06 * Avunit stabs top and kayla07:12 <~Avunit> D:07:16 <@kayla> bah i h8 not being able to search these mails D:07:17 <@kayla> anyone have them and can do some greps?07:21 <@kayla> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/13817.html HGBGARY PRIV8 WAREZ 07:22 <@kayla> password for the file is "private"07:22 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot07:22 <@tflow> kayla, hopefully google will index them07:23 -!- Netsplit over, joins: +DNSBot07:23 <&marduk> kayla: lol

back

trac

esec

urity

.com

07:23 <&marduk> nice find07:24 <@kayla> tflow!!07:24 <@kayla> you have them all correct?07:24 <@kayla> can you do me some greps?07:24 <@tflow> sure07:24 <@kayla> be interesting to get in to his immunity account as they teh 0day :#07:25 <@kayla> grep for immunityinc.com07:25 <@kayla> and grep for "password"07:25 <@tflow> ok sec07:25 <@kayla> grep for "adserver" 07:26 <@kayla> also! they speak in the emails about a VPS smapshot of the machine used in the recent oil company hackes07:26 <~Avunit> !dns list07:26 <+DNSBot> Current DNS Config:07:26 <+DNSBot> localhost A 127.0.0.107:26 <+DNSBot> www A 92.241.162.21607:26 <+DNSBot> hbgary A 92.241.162.21607:26 <+DNSBot> ns1 A 92.241.184.7807:26 <@kayla> apparently is FULL of nice data07:26 <+DNSBot> ns2 A 92.241.184.8007:26 <+DNSBot> ns3 A 91.211.116.13407:28 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot07:32 <~Avunit> anonleaks.com regged07:33 <&marduk> :))07:33 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot07:33 -!- Netsplit over, joins: +DNSBot07:35 <@Topiary> marduk: can retwat? http://twitter.com/#!/atopiary/status/3603919517673472107:38 <&marduk> done07:38 -!- Netsplit over, joins: +DNSBot07:39 <@tflow> kayla:07:39 <@tflow> http://internetfeds.mil.nf/hbgary/grep1.html07:41 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot07:42 <@tflow> most emails seem to be just product release notes07:42 <~Avunit> triangle tfl07:42 -!- kayla [mysql2@fbi.gov] has quit [NickServ (GHOST command used by mysql2)]07:42 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel07:42 -!- kayla [mysql2@fbi.gov] has joined #hq07:42 -!- mode/#hq [+o kayla] by HQBot07:43 -!- Netsplit over, joins: +DNSBot07:44 <@tflow> kayla: http://internetfeds.mil.nf/hbgary/07:44 <@tflow> grep results are being outputted there, still running though07:44 <@tflow> grep1=immunitysec.com07:44 <@tflow> grep2=password07:44 <@tflow> grep3=adserver07:45 <@tflow> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/12097.html07:45 <@tflow> Renewal of: nsWebAddress .COM07:45 <@tflow> ROOTKIT.COM07:45 <@tflow> Quantity: 1

back

trac

esec

urity

.com

07:45 <@tflow> Term: 5 year(s)07:45 <@tflow> Today's Charges: $114.9507:45 <@tflow> Exp. Date**: 2015-03-0207:46 <@tflow> $100 for a domain eh?07:46 <@tflow> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/13336.html07:46 <@tflow> nsWebAddress .COM07:46 <@tflow> GUNWALEGAMES.COM07:46 <@tflow> Quantity: 107:46 <@tflow> Term: 2 year(s)07:46 <@tflow> Today's Charges: $65.9807:46 <@tflow> Exp. Date**: 2012-09-1807:46 <@tflow> nsWebAddress .NET07:46 <@tflow> GUNWALEGAMES.NET07:46 <@tflow> Quantity: 107:46 <@tflow> Term: 2 year(s)07:46 <@tflow> Today's Charges: $65.9807:46 <@tflow> Exp. Date**: 2012-09-1807:46 <@tflow> nsWebAddress .ORG07:46 <@tflow> GUNWALEGAMES.ORG07:46 <@tflow> Quantity: 107:46 <@tflow> Term: 2 year(s)07:46 <@tflow> Today's Charges: $65.9807:46 <@tflow> Exp. Date**: 2012-09-1807:47 <@kayla> :o07:48 <&marduk> endgames07:48 <&marduk> yes07:48 <&marduk> they are interesting07:48 <&marduk> gunwalgames is not07:49 <&marduk> it was never launched07:49 <&marduk> and it will never be launched, pretty sure07:51 <&marduk> but endgames is worth a look07:51 <&marduk> dunno their exact relation07:52 <@Laurelai> kayla: sup07:55 -!- Netsplit private.operationfreedom.ru <-> triangle.operationfreedom.ru quits: +DNSBot07:58 -!- Netsplit over, joins: +DNSBot07:58 <@kayla> Laurelai nm just reading gregs mails :pPpp07:59 <@Laurelai> kayla: insid is helping me with crowdleaks migration08:01 -!- DNSBot [DNSBot@DNS.Bot] has quit [Connection closed]09:09 <@Topiary> kayla: http://internetfeds.mil.nf/hbgary/greg_hbgary_com/27198.html09:09 <@Topiary> Fascinating how much spare time these fags have.09:09 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq09:09 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed]09:09 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq09:10 <~Avunit> !voice DNSBot09:10 -!- mode/#hq [+v DNSBot] by HQBot09:10 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Changing host]09:10 -!- DNSBot [DNSBot@DNS.Bot] has joined #hq09:10 -!- ServerMode/#hq [+v DNSBot] by twisted.operationfreedom.ru

back

trac

esec

urity

.com

09:11 <~Avunit> !dns list09:11 <+DNSBot> Current DNS Config:09:11 <+DNSBot> localhost IN A 127.0.0.109:11 <+DNSBot> www IN A 92.241.162.21609:11 <+DNSBot> hbgary IN A 92.241.162.21609:11 <+DNSBot> ns1 IN A 92.241.184.7809:11 <+DNSBot> ns2 IN A 92.241.184.8009:11 <+DNSBot> ns3 IN A 91.211.116.13409:12 <&marduk> !dns add WE.WILL.WIN A 192.1688.12.1309:12 <+DNSBot> The following DNS configuration was added:09:12 <+DNSBot> WE.WILL.WIN IN A 192.1688.12.1309:12 <&marduk> invalid ip address?09:12 <&marduk> tztz09:12 <&marduk> !dns del WE.WILL.WIN 09:12 <+DNSBot> The following DNS configuration was deleted:09:12 <+DNSBot> WE.WILL.WIN IN 09:12 <~Avunit> !dns list09:12 <+DNSBot> Current DNS Config:09:12 <+DNSBot> localhost IN A 127.0.0.109:12 <+DNSBot> www IN A 92.241.162.21609:12 <+DNSBot> hbgary IN A 92.241.162.21609:12 <+DNSBot> ns1 IN A 92.241.184.7809:13 <+DNSBot> ns2 IN A 92.241.184.8009:13 <+DNSBot> ns3 IN A 91.211.116.13409:13 <&marduk> it werks!09:13 <~Avunit> it does not do sanity checks :P09:13 <&marduk> i noticed hehe09:13 <~Avunit> ets just basics09:14 <&marduk> all good09:14 <&marduk> i woudnt mess with it anyway09:14 <~Avunit> afk09:21 !twisted.operationfreedom.ru *** HQBot invited entropy into the channel09:21 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has joined #hq09:21 -!- mode/#hq [+o entropy] by HQBot09:21 <@entropy> i was misreading what you said :(09:21 <&marduk> was about to /sajoin you09:21 <&marduk> :p09:22 <@entropy> omfg im so tired09:29 <@entropy> deamon to check your servers if anyone wants it http://ru.phiral.net/~noyx/alive.py.txt09:29 <@entropy> youd have to do your own email and sms ways though09:33 <@Topiary> Goddamnit why is that the third helicopter noise I've heard this afternoon09:35 <&marduk> hmm09:35 <&marduk> why did you say that09:35 <&marduk> i want to listen to pink floyd now09:35 <&marduk> dark side of the moon09:38 <@Topiary> hey me too09:38 * Topiary does that09:38 <@tflow> entropy, is there any domain that resolves to 91.211.116.134?

back

trac

esec

urity

.com

09:39 <@entropy> no but i can make one09:39 <@tflow> no..np09:39 <@tflow> just was wondering what to put in the mirrors list09:39 <@entropy> thats box is secured and everythign chrooted09:39 <@tflow> nice09:39 <@entropy> i like nginx09:39 <@entropy> im goign to start using it09:39 <@entropy> vs apache its so m,much smaller09:40 <@tflow> indeed09:40 <@tflow> it can handle 10k requests per second09:40 <@tflow> where apache can only do like 10009:40 <@tflow> that's why i chose it - not easy to ddos09:41 <@entropy> you want a <name>.anonleaks.ru name for 91.211.116.134?09:41 <@entropy> actually i put it to ukraine.phiral.net09:41 <@tflow> ok09:41 <@entropy> but that was really so i wouldnt have to rememebr ip whne ssh09:41 <@tflow> that's good09:41 <@tflow> btw09:41 <@tflow> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/09:42 <@tflow> (don't share link yet)09:42 <@Topiary> good reading09:42 <@Topiary> he made a WoW bot09:42 <&marduk> ol09:42 <&marduk> oh man09:42 <@tflow> when it's ready to release, that will be hbgary.anonleaks.ru/greg09:43 <&marduk> it will be frenzy tomorrow09:43 <@Topiary> Listening to: On The Run ♪ Pink Floyd [3:33][Album: The Dark Side Of The Moon]09:43 <&marduk> Topiary: mmmh i DONT HAVE IT HERE09:43 <&marduk> I HATE YOU09:43 <@Topiary> I have 24 Floyd albums on here09:43 <@entropy> i also have the ns3 updating every 5 minues09:43 <&marduk> oh wait09:43 <@entropy> incase ns1 and 2 are ddos09:43 <&marduk> i have them on my fone09:43 <&marduk> forgot :)09:44 <@entropy> ns3 also has ddos proc09:44 <@tflow> ddos proc?09:44 <@entropy> protection09:44 <@entropy> whatever that is09:44 <&marduk> provider side?09:44 <@tflow> !dns 09:44 <@tflow> !dns list09:44 <+DNSBot> Current DNS Config:09:44 <+DNSBot> localhost IN A 127.0.0.109:44 <+DNSBot> www IN A 92.241.162.21609:44 <+DNSBot> hbgary IN A 92.241.162.21609:44 <+DNSBot> ns1 IN A 92.241.184.7809:44 <+DNSBot> ns2 IN A 92.241.184.80

back

trac

esec

urity

.com

09:44 <@entropy> yes09:44 <&marduk> usually it's dynamic firewalling09:44 <+DNSBot> ns3 IN A 91.211.116.13409:44 <@tflow> !dns add search.hbgary 88.80.5.8409:44 <+DNSBot> The following DNS configuration was added:09:44 <&marduk> if not load baanced09:44 <+DNSBot> search.hbgaryIN 88.80.5.8409:45 <@entropy> yea but if i send a oc3 of traffic to yourr t109:45 <@entropy> your fucked no matter what you have09:45 <&marduk> entropy: then i am fucked, yup09:45 <&marduk> entropy: heh09:45 <&marduk> you know..09:45 <&marduk> i would like to have one of the russian nets09:45 <&marduk> with like 2M tombies09:46 <&marduk> which are nerver used for attack09:46 <&marduk> but i'd do it09:46 <@entropy> you think they really have 2M?09:46 <@tflow> search.hbgary.anonleaks.ru is hosted @ prq :)09:46 <&marduk> 2M zombies on paypal09:46 <&marduk> oh yes09:46 <&marduk> entropy: but... they are usualy rented in parts09:46 <&marduk> to spammers09:46 <&marduk> those nets never do ddos09:47 <&marduk> cause.. that would burn them09:47 <&marduk> but yeah, 2M+ botnets do exist09:47 <&marduk> fkn scary09:48 <@entropy> that is crazy09:48 <@entropy> tflow: delete that09:49 <@entropy> then do: dns add search.hbgar A 88.80.5.8409:49 <@tflow> how does that make sense?09:49 <@entropy> your adding the subdomain type ipaddress09:49 <~Avunit> fail tflow09:50 <~Avunit> !dns del search.hbgary09:50 <+DNSBot> The following DNS configuration was deleted:09:50 <+DNSBot> search.hbgary IN 09:50 <@entropy> the bot can do mx cname etc09:50 <@tflow> oh09:50 <@entropy> so it wants the type09:50 <@tflow> oops09:50 <@tflow> i forgot the 'a'09:50 <@tflow> lol09:50 <~Avunit> !dns add search.hbgary A 88.80.5.8409:50 <@tflow> !dns add search.hbgary A 88.80.5.8409:50 <+DNSBot> The following DNS configuration was added:09:50 <+DNSBot> search.hbgaryIN A 88.80.5.8409:50 <+DNSBot> The following DNS configuration was added:09:50 <+DNSBot> search.hbgaryIN A 88.80.5.8409:50 <@tflow> lol09:50 <&marduk> !dns del tflow

back

trac

esec

urity

.com

09:50 <+DNSBot> The following DNS configuration was deleted:09:50 <+DNSBot> tflow IN 09:50 <@tflow> !dns list09:50 <+DNSBot> Current DNS Config:09:50 <+DNSBot> localhost IN A 127.0.0.109:50 <+DNSBot> www IN A 92.241.162.21609:50 <+DNSBot> hbgary IN A 92.241.162.21609:50 <+DNSBot> ns1 IN A 92.241.184.7809:50 <+DNSBot> ns2 IN A 92.241.184.8009:50 <+DNSBot> ns3 IN A 91.211.116.13409:50 <+DNSBot> search.hbgary IN A 88.80.5.8409:50 <+DNSBot> search.hbgary IN A 88.80.5.8409:50 <@tflow> lol09:50 <~Avunit> y so 2 times09:51 <@entropy> ...09:51 <@tflow> !del search.hbgary09:51 <@tflow> !dns del search.hbgary09:51 <+DNSBot> The following DNS configuration was deleted:09:51 <+DNSBot> search.hbgary IN 09:51 <@tflow> !dns list09:51 <+DNSBot> Current DNS Config:09:51 <+DNSBot> localhost IN A 127.0.0.109:51 <+DNSBot> www IN A 92.241.162.21609:51 <+DNSBot> hbgary IN A 92.241.162.21609:51 <+DNSBot> ns1 IN A 92.241.184.7809:51 <+DNSBot> ns2 IN A 92.241.184.8009:51 <+DNSBot> ns3 IN A 91.211.116.13409:51 <@tflow> y so slow09:51 <@entropy> im not sure09:51 <@tflow> oh yeah, throttling09:51 <~Avunit> triangle tends to be a bit slow nowadays :/09:51 <~Avunit> nah notrly09:51 <~Avunit> it has splitted like 4-5 times today :P09:51 <@tflow> !dns add search.hbgary A 88.80.5.8409:51 <+DNSBot> The following DNS configuration was added:09:51 <+DNSBot> search.hbgaryIN A 88.80.5.8409:51 <@tflow> !dns list09:51 <+DNSBot> Current DNS Config:09:51 <+DNSBot> localhost IN A 127.0.0.109:51 <+DNSBot> www IN A 92.241.162.21609:51 <+DNSBot> hbgary IN A 92.241.162.21609:51 <+DNSBot> ns1 IN A 92.241.184.7809:51 <+DNSBot> ns2 IN A 92.241.184.8009:51 <+DNSBot> ns3 IN A 91.211.116.13409:51 <+DNSBot> search.hbgary IN A 88.80.5.8409:52 <@entropy> nslookup search.hbgary.anonleaks.ru ns1.anonleaks.ru09:52 <@entropy> Server: ns1.anonleaks.ru09:52 <@entropy> Address: 92.241.184.78#5309:52 <@entropy> Name: search.hbgary.anonleaks.ru

back

trac

esec

urity

.com

09:52 <@entropy> Address: 88.80.5.8409:52 <@entropy> there you go09:53 <~Avunit> [15:16:26] <@entropy> Unknown command join. "/msg ChanServ HELP" for help09:53 <~Avunit> awh i lold09:54 <@entropy> yea i tried to join chanserv09:54 <@entropy> retarded09:54 <~Avunit> maybe i shouldve specific that its /cs invite 09:54 <~Avunit> :p09:54 <@entropy> im tired as shit if thats any excuse ;)09:55 <~Avunit> jon the club09:55 <~Avunit> well09:55 <~Avunit> im more like09:55 <~Avunit> confused as shit09:57 <~Avunit> D:09:57 * Avunit shoots self.09:57 * marduk needs sleep09:58 <~Avunit> needs sleep, less confusion and whatever09:58 <~Avunit> just need to get myself sorted D:10:05 <~Avunit> gfjkfhlakljg10:37 <@entropy> there is so many more ways to fuc kthem in these emails 10:37 <@entropy> its like a fucking joke10:37 <@Topiary> Penny sent Greg a love letter, it was mushy10:37 <@kayla> :310:37 <@Topiary> we must now always taunt him about his spiky bed head hair10:37 <@kayla> i think it was nice :D10:38 <@kayla> yes!xD10:38 <~Avunit> maybe i should put that10:38 <@Topiary> All,10:38 <~Avunit> in valentines cards10:38 <@Topiary> HBGary has no official position on Stuxnet. Please do not comment to the10:38 <@Topiary> press on Stuxnet. We know nothing about Stuxnet.10:38 <@Topiary> -Greg Hoglund10:38 <@Topiary> CEO, HBGary, Inc.10:39 <@Topiary> >shitloads of emails about stuxnet10:39 <@Topiary> >LOL we don't know what that shit is10:39 <@entropy> these ppl called every one else script kiddies10:39 <@entropy> yet they "hack" using canvas10:39 <@entropy> ...10:39 <~Avunit> Can somenoe twitter them10:39 <~Avunit> asking10:39 <~Avunit> about10:39 <~Avunit> stuxnet?10:39 <@Topiary> okay one second10:40 <~Avunit> "I am curious about your statement on Stuxnet, care to comment?"10:43 <@Topiary> http://twitter.com/#!/atopiary/status/3608775359043993710:43 <@kayla> n e stuxnet src :310:44 <@Topiary> I made a twatter 3 days ago10:44 <~Avunit> lulz were had

back

trac

esec

urity

.com

10:49 <@entropy> im glad i never had any of thatsocial media shit10:49 <~Avunit> i like twitter for the purposes of anonymous10:52 <@entropy> Additional ground rules: the account is a full admin account. Please10:52 <@entropy> don't UPGRADE or PATCH the server. Please don't upgrade the DDNA.10:52 <@entropy> DEMO1: https://66.60.163.234:744310:52 <@entropy> username: admin10:52 <@entropy> password: demo10:52 <@entropy> good job there10:52 <~Avunit> wutwatwhere10:52 <@entropy> im guessing they took everything down or changed passes10:52 <@entropy> actually they probably didnt10:53 <@entropy> Team,10:53 <@entropy> password is now demo12310:53 <~Avunit> ohw ait10:53 <~Avunit> thats fromt he mails10:53 <@entropy> yea10:53 <@kayla> gogogo :311:01 <@kayla> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/1554.html11:01 <@kayla> loool11:02 <@entropy> its rediculious11:02 <~Avunit> well like11:02 <~Avunit> GOGOGO11:02 <@entropy> how can you not know to use pgp/gpg when sending passes in emails that dont instantly change11:04 <@Topiary> entropy: never had a Facebook/MySpace/Bebo ever, but Twitter is just email/pass and keeps data to a minimum, doesn't need an address11:04 <@Topiary> and it's useful as hell for getting news11:05 <~Avunit> I ahs troll faesbook11:06 <@entropy> yea twitters not bad11:09 <~Avunit> i no has twitter11:09 <@entropy> this feels kindof wierd11:09 <@entropy> i have 2 of gregs books right here11:09 <@entropy> exploiting software and rootkits11:09 <@entropy> lol11:10 <@entropy> althought designing bsd rootkits kills his rootkits book11:10 <@kayla> lol11:10 <@kayla> :D11:11 <@entropy> i have to study11:11 <@entropy> this makes it so hard11:11 <@kayla> how can i open docx ?11:12 <@entropy> openoffice11:18 <@entropy> http://www.bbc.co.uk/news/world-middle-east-1243304511:28 <@tflow> Avunit, you use a different whois email for anonleaks.com and anonleaks.ru, seeing that anonleaks.com has your personal info on the whois11:28 <@tflow> use a*11:41 <~Avunit> tflow11:41 <~Avunit> does it look11:41 <~Avunit> like that is11:41 <~Avunit> my actualy

back

trac

esec

urity

.com

11:41 <~Avunit> actual*11:41 <~Avunit> info?11:41 <~Avunit> I am not german :P11:41 <~Avunit> just i couldnt hide the data with private person on a .com domain11:41 <~Avunit> but its in no way tied to me11:43 <@tflow> oh ok lol11:44 <~Avunit> My name is not David11:44 <~Avunit> evern though11:44 <~Avunit> I liked david11:44 <~Avunit> yknow11:44 <~Avunit> Davidson.11:45 <@kayla> tflow can you grep for "BinDiff"11:45 <~Avunit> Registrant City: Merchweiler11:45 <~Avunit> Registrant State: Berlin11:46 <~Avunit> is that even right?11:46 <~Avunit> i had to guess the state :P11:53 <~Avunit> http://anonleaks.org/cgi-sys/suspendedpage.cgi11:53 <~Avunit> lulz11:53 <@entropy> by police?11:54 <@entropy> or for payment?11:54 <~Avunit> its not ours :p11:54 <~Avunit> iunno what anonleaks.org is11:54 <@entropy> ok11:54 <~Avunit> we only own .ru and .com11:54 <@entropy> fuck my heart had a palpatation11:55 <~Avunit> So yeah only worry if you hear things about anonleaks.ru or anonleaks.com :p11:55 <~Avunit> ive no idea what .org is but its the only other registered domain with anonleaks11:55 <@entropy> yea i saw that11:56 <~Avunit> so i was like11:56 <~Avunit> well elts check out what that is!11:56 <~Avunit> and then i go to asuspended page :P12:42 <@kayla> how long now till release D:13:00 <~Avunit> !end13:00 -!- DNSBot [DNSBot@DNS.Bot] has quit [Quit: Quit]13:01 <@tflow> kayla13:02 <@kayla> :D13:02 <@tflow> many of us are thinking of delaying it till Monday. because there's no press on friday-sunday13:02 <@kayla> *kiss*13:02 <@tflow> for maximum impact13:02 <@kayla> ugg D:13:02 <@kayla> by then it will fizzle out13:02 <@tflow> no13:02 <@kayla> no one will care by then13:02 <@tflow> we're going to make even more buzz13:02 <@tflow> by giving some teasers13:02 <@kayla> and they'll just say it's faked

back

trac

esec

urity

.com

13:03 <~Avunit> kayla: a temp page will come online13:03 <~Avunit> saying release date13:03 <@tflow> they haven't said that so far13:03 <~Avunit> and some teaser released13:03 <@tflow> the original hbgary mails were released on monday13:03 <@kayla> did we get anyone else mails? 13:03 <@kayla> or is gregs all we have left?13:04 <@tflow> that's all13:04 <@kayla> be interesting to see if they removed tht backdoor account13:04 <@tflow> so that's why we need to make the most of it13:04 <@tflow> because we only have one chance to launch the leaks13:04 <@tflow> considering that 1 inbox < 3 inboxes13:25 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal]14:49 <@Nessuno834> did someone highlight?15:05 -!- Avunit [Avunit2@netadmin.operationfreedom.ru] has quit [Ping timeout: 121 seconds]15:22 <@Topiary> tflow, I still think we should host a single front page on anonleaks.ru with a logo or message stating that "leaking begins Monday"15:22 <@Topiary> that way people will have the URL over the weekend and can be checking it15:22 <@Topiary> it would actually create more buzz this way15:22 <@Topiary> and then we release on Monday like you planned15:24 <@tflow> sure15:24 <@tflow> got anything prepared?15:26 <@Topiary> not in particular, I made this in about 10 minutes http://i.imgur.com/6Xvsv.jpg could be a starting point15:32 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @tflow15:33 -!- Netsplit over, joins: @tflow15:48 <@entropy> ill bbl15:49 <@entropy> going to go spar ;)15:57 <@Nessuno834> spar :(17:46 -!- Avunit [Avunit2@netadmin.operationfreedom.ru] has joined #hq17:46 -!- mode/#hq [+qo Avunit Avunit] by HQBot18:12 <&Sabu> hi guys. talking from my blackberry18:12 <~Avunit> hi sexy18:13 <&Sabu> whats latest?18:13 <&Sabu> supz18:13 <~Avunit> delay of anonleaks.ru till monday18:13 <~Avunit> iunno if a teaser page will come online today18:13 <~Avunit> and mubarak is gone18:13 <~Avunit> for if you dont watch the news18:15 <&Sabu> oh wow i didnt know fuck yes18:15 <&Sabu> congrats all18:15 * Avunit bows to sabu.18:16 <~Avunit> thats like all the news i have i think18:16 <~Avunit> well we regged anonleaks.com too18:16 <~Avunit> just to be sure the name wouldnt be stolen18:16 <&Sabu> ok. anonleaks will keep me busy18:17 <&Sabu> itll be what we use to dump whitehat dumps

back

trac

esec

urity

.com

18:17 <&Sabu> im lovin anonleaks already18:17 <&Sabu> brb bro18:17 <~Avunit> k18:24 <~Avunit> im gonig afk18:56 <@entropy> sup19:10 <@Topiary> It would be good to have a test page up tonight, just a homepage if anything19:10 <@Topiary> Laurelai: what do with stuxnet source19:15 <@Laurelai> Topiary: lol idk19:16 <@entropy> you have to ask tflow19:40 <@Topiary> Laurelai: I tweeted once ages ago about it and now dumbass press are taking my tweet super serially19:40 <@Topiary> http://blogs.forbes.com/chrisbarth/2011/02/11/anonymous-claims-possession-of-insidious-stuxnet-virus/19:40 <@Topiary> LOL'd19:40 <@Topiary> Oooohhh, deadly insidious virus!19:40 * Topiary waves cape19:45 -!- Topiary changed the topic of #hq to: HQ | Keep everything said in this channel inside this channel. Something to note if bored: http://securepastebin.com/go/retrievePost.action?id=6302 password = puddi19:47 <@entropy> lol19:48 <@Topiary> And those trolly fags on twitter think they've dox'd me and I'm a 21-year-old man from Washington19:48 <@Topiary> that better not be taken seriously, innocent people shouldn't be v&19:49 <@entropy> ;)20:01 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel20:01 -!- kayla [mysql2@fbi.gov] has joined #hq20:01 -!- mode/#hq [+o kayla] by HQBot20:01 <@kayla> hi :)20:01 <@kayla> anyone here it's kinda urgent!20:03 <@Topiary> Yes20:04 <@kayla> who uses the username "root" on anonops?20:05 <@kayla> anyone here?20:06 <@entropy> im on but i have no idea20:07 <@Topiary> I have him on Skype20:07 <@Topiary> Do you need to get in touch?20:08 <@kayla> does he ever come here??20:08 <@Topiary> Not here20:08 <@kayla> like in this chat?20:08 <@kayla> well ok, sit down i have something to tell :)20:08 <@entropy> ?20:09 <@kayla> were you here earlier when tht greghb or w/e it was came in to the ophbgary chat and was all "herderp im greg"20:09 <@entropy> yea20:09 <@kayla> and i said compare SSN's to prove it n i k/b him20:09 <@kayla> well it was a troll20:09 <@kayla> and he's on another chat i go to and he mentioned it20:09 <@kayla> and i lol'd when he told me20:10 <@kayla> but then he scrolled me this

back

trac

esec

urity

.com

20:10 <@kayla> <root> My server was the one raided in the FBI's Tailor Made Servers raid20:10 <@kayla> <root> I'm still here. :)20:10 <@kayla> <root> I'm not your average Anon.20:10 <@kayla> <root> But that's besides the point.20:10 <@kayla> <root> The only way you're ever going to identify someone is gaining enough trust as a friend.20:10 <@kayla> <root> gregh what I'm saying is that you need to infiltrate Anon at the deepest level.20:10 <@kayla> <root> You need an insider.20:10 <@kayla> <root> You need me.20:10 <@kayla> <root> I grow tired of these operations.20:10 <@kayla> <root> To watch them all fail would be fairly lulzy.20:10 <@kayla> apparently thats from "root" in a pm20:10 <@entropy> what the fuck20:10 <@kayla> not to be trusted anymore20:10 <@kayla> but also, this guys is a troll so i dont know if tht up there is true20:10 <@kayla> but still.....20:11 <@kayla> just thought i'd pass it on20:11 <@kayla> :)20:11 <@entropy> does he talk like that om the chan20:11 <@entropy> capitolizing letters and all20:11 <@entropy> periods20:12 <@kayla> i don't know, i dont even know who he is tbh...20:12 <@Topiary> He's been here a while, has helped out with media a couple times, probably helped a lot with Payback20:12 <@Topiary> But "root" is really a generic name, someone might be trying to fake him20:13 <@kayla> <root> My server was the one raided in the FBI's Tailor Made Servers raid20:13 <@kayla> it sounds like it's root20:13 <@entropy> yea seems pretty easy to find that out ^20:14 <@kayla> is +r registerd only or is tht +R i forget20:14 <@entropy> +r20:14 <@kayla> then it HAS to be root because ophbgary is +r and has been for ages20:15 <@kayla> because he must have been identified to be in the chan and it's the only chan "gregh" was in :)20:15 <@entropy> <root> I grow tired of these operations. <- then when they fuck does he go in #op<whatever>20:16 <@kayla> dunno :/20:17 <@kayla> unless he was trying to SE gregh thinking it was the real greg?20:17 <@kayla> try to get closer to him20:17 <@kayla> all i know now is i wont talk to root ever20:17 <@entropy> theres like 10k accts in the emails20:17 <@entropy> theres no reason to se him20:18 <@kayla> 10k accounts? what for lol :)20:18 <@kayla> just random online accounts?20:18 <@entropy> yes20:18 <@kayla> any good ones?20:19 <@entropy> im doing super slow scans of them20:19 <@entropy> so far most are down20:19 <@kayla> http://internetfeds.mil.nf/hbgary/ is down?

back

trac

esec

urity

.com

20:19 <@entropy> they have alot of http://someip:port20:20 <@entropy> yes is down now20:20 <@entropy> wasnt like an hour ago20:20 <@kayla> :/20:20 <@kayla> i was going to do some more reading 20:20 <@kayla> xD20:30 <@entropy> http://www.lacy.ie/hbgary.php20:30 <@entropy> someone made that20:30 <@entropy> from the torrent20:30 <@entropy> im guessing20:34 <@Topiary> Yes20:36 <@kayla> yeh but they dont have gregs :P20:51 <@kayla> site: www.offensivecomputing.net20:51 <@kayla> username: tedvera20:51 <@kayla> password: xWWzSeHxAJ20:51 <@kayla> Your new Offensive Computing membership also enables to you to login to other Drupal powered websites20:51 <@kayla> (e.g. http://drupal.org/) without registering. Just use the following Drupal20:51 <@kayla> ID and password: Drupal ID: tedvera@www.offensivecomputing.net password: xWWzSeHxAJ -- Offensive Computing team 20:52 <@kayla> works :D20:58 <@entropy> theres seriously 200+ of things like that20:58 <@entropy> its like a joke20:59 <@kayla> http://www.lacy.ie/hbgary.php?id=1899120:59 <@kayla> yeh :D21:00 <@entropy> omfg21:00 <@entropy> dhs21:42 <@kayla> :D21:42 <@kayla> there's all kinds of stuff22:05 <@entropy> what the fuck is this http://search.hbgary.anonleaks.ru/22:05 <@entropy> it got released?22:06 <@entropy> ah just a ptr to lacy22:11 <@kayla> yeh :D22:12 <@kayla> this one is interesting :D22:12 <@kayla> http://search.hbgary.anonleaks.ru/index.php?id=1994822:12 <@kayla> oops22:12 <@kayla> not tht one22:12 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal]22:14 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel22:14 -!- kayla [mysql2@fbi.gov] has joined #hq22:14 -!- mode/#hq [+o kayla] by HQBot22:14 <@kayla> http://search.hbgary.anonleaks.ru/index.php?id=3662322:14 <@kayla> Subject: wow22:14 <@kayla> From: "Aaron Barr" <aaron@hbgary.com>22:14 <@kayla> To: "Ted Vera" <ted@hbgary.com>,"Mark Trynor" <mark@hbgary.com>22:14 <@kayla> Original Email22:14 <@kayla> http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode?enc=68C5730C268E5722C1B9FA63247B01B63BBF99317CFBFEEF393299B041D165ADA3DE3B0D7E556EE784628ED7849CA9F1C859763381AFDDF9&.submit=decode%21

back

trac

esec

urity

.com

Sooooo...using the link above and the google hack string. !Host=*.* intext:enc_UserPassword=* ext:pcf Take your pick of VPNs you want access too. Ugghh.. Aaron Barr CEO HBGary Federal Inc.22:15 <@kayla> 1) Google search !Host=*.* intext:enc_UserPassword=* ext:pcf22:15 <@kayla> download the pcf file22:16 <@kayla> then use http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode?enc= to clear text it22:16 <@kayla> = free VPN :D22:19 <@entropy> thats only the group password22:19 <@entropy> so with cisco vpn you have the tunnel group pass then th username and user pass22:19 <@entropy> tunnel group is like the first line in just shared secret22:19 <@entropy> but still userfull22:19 <@entropy> 99% of the pcf's will have usernames too22:30 <@kayla> :D22:41 <@kayla> ni ni guys :D <322:41 <@kayla> sleeps time :322:41 -!- kayla [mysql2@fbi.gov] has quit [Quit: leaving]--- Day changed Sat Feb 12 201100:26 <@Laurelai> hey00:26 <@Laurelai> https://chat.dosarrest.com:9091/webchat/start.jsp?workgroup=00:27 <@Laurelai> possible entry point00:27 <@Laurelai> https://panel.dosarrest.com/customerpanel1_0/cp/sites/view/00:28 <@Laurelai> https://chat.dosarrest.com:9091/webchat/email/offline-mail.jsp00:29 <@Laurelai> https://panel.dosarrest.com/customerpanel1_0/cp/sites/view/00:57 -!- Topiary [colossal@do.the.impossible] has quit [Ping timeout: 121 seconds]01:06 <&marduk> hi guise02:01 <@Laurelai> hi02:01 <&Sabu> hi all02:01 <&Sabu> im back02:01 <&marduk> sabu!<302:01 <&Sabu> supz02:01 <&Sabu> got a lappy02:01 <&Sabu> lets do this02:01 <&marduk> yay :)02:02 <&marduk> i just came back a short while myself02:02 <&marduk> berico + palantir have both cut ties with HBGary02:02 <&marduk> and publically apologized02:02 <&marduk> they are so screwed02:06 <&Sabu> ok02:06 <&Sabu> thats good to hear02:07 <&Sabu> im reading twitter to get updates02:07 <&Sabu> anything else going on?02:08 <&marduk> as i said, just came back. most ppl seem to be asleep yet02:08 <&Sabu> yeah02:08 <&Sabu> no doubt02:09 <&Sabu> so are we going to focus on anonleaks, or should I start looking for targets? palantir/belico/hunton+williams seem like lame targets02:09 <&marduk> mm have better ideas? palatur/berico are not good, atm.

back

trac

esec

urity

.com

02:09 <&marduk> although i dont trust their accouncement fully yet02:10 <&marduk> but if they say they cut ties and apologize, we should respect that for now02:10 <&marduk> H&W is anothermatter tho02:14 <&Sabu> true02:15 <&Sabu> I'm so tired man I been up like 2 days so I need to rest however I really want to make some progress02:15 <&marduk> ah.. i know how you feel. was like 50h up myself02:15 <&marduk> but feel good after 14h of sleep now (=02:17 <&Sabu> haha nice02:17 <&Sabu> I read the buffer, it seems the guy on anonop "root" is a mole or troll?02:20 <&marduk> the nick "root"?02:20 <&marduk> eh if he's identified.. he used to be oper i think. is forunder of #operationpayback02:21 <&Sabu> really02:21 <&Sabu> 04:10 <@kayla> <root> My server was the one raided in the FBI's Tailor Made Servers raid02:21 <&Sabu> 04:10 <@kayla> <root> I'm still here. :)02:21 <&Sabu> 04:10 <@kayla> <root> I'm not your average Anon.02:21 <&Sabu> 04:10 <@kayla> <root> But that's besides the point.02:21 <&Sabu> 04:10 <@kayla> <root> The only way you're ever going to identify someone is gaining enough trust as a friend.02:21 <&Sabu> 04:10 <@kayla> <root> gregh what I'm saying is that you need to infiltrate Anon at the deepest level.02:21 <&Sabu> 04:10 <@kayla> <root> You need an insider.02:21 <&Sabu> 04:10 <@kayla> <root> You need me.02:21 <&Sabu> 04:10 <@kayla> <root> I grow tired of these operations.02:21 <&Sabu> 04:10 <@kayla> <root> To watch them all fail would be fairly lulzy.02:21 <&Sabu> 04:10 <@kayla> apparently thats from "root" in a pm02:21 <&Sabu> if thats him being genuine02:21 <&Sabu> he must get rocked02:21 <&Sabu> plz investigate my brother02:23 <&marduk> wtf02:23 <&marduk> :o02:23 <&marduk> oh i will02:23 <&marduk> i will leave kayla out of this, but i will present this to owen02:23 <&marduk> i think he will be quite interested02:23 <&marduk> but why is root telling this to kayla?02:24 <&marduk> or where is that from?02:26 <&Sabu> no02:26 <&Sabu> root wrote that to gregh, who is a troll/poser who posed/trolled as greg hoglund on irc02:26 <&Sabu> and root wrote him that log02:27 <&marduk> Oh shit02:27 <&marduk> how did kayla get it?02:27 <&marduk> oh some fake-greg-spy?02:27 <&marduk> lol02:27 <&marduk> sorry, didnt read02:27 <&marduk> eh that's actually a good idea02:27 <&marduk> we can weed out traitors this way

back

trac

esec

urity

.com

02:28 <&marduk> i will probaby make an alternative nick, go in #ophbgary02:28 <&marduk> idle mostly, but pm a few ppl02:28 <&Sabu> yup02:28 <&Sabu> do it plz02:28 <&Sabu> greg/gregh/coganon/anoncog/aaronbar/abarr etc02:31 <&marduk> okay02:31 <&marduk> talked to owen02:31 <&marduk> it all makes sense02:31 <&marduk> 07:30 <owen> and he tried, no begged for his oper back and was refused hands down02:31 <&marduk> 07:30 <owen> he was gone too long02:31 <&marduk> 07:31 <owen> some bs about his job blahblah02:31 <&marduk> 07:31 <owen> noone believed it02:31 <&marduk> 07:31 <owen> ill pass it on02:31 <&marduk> so .. thanks for relaying02:31 <&marduk> ppl will know.02:32 <&Sabu> kk02:32 <&Sabu> tell owen I miss him<302:32 <&Sabu> I'm not getting on anonops for a while02:32 <&Sabu> this place will be my base of operations02:33 <&Sabu> http://www.zwillgen.com/leota.php = the people that tried taking down lacy.ie?02:33 <&marduk> k will tell him :)02:38 <&Sabu> support.hbgary.com server back up. would be funny if I could get back in02:38 <&Sabu> lamers02:38 <&Sabu> not even going to fuck with them honetly02:38 <&Sabu> they're done02:39 <&marduk> true02:39 <&Sabu> "Greatest social hack of all time: http://is.gd/duaZcG - Anonymous vs. hbgary.com."02:39 <&Sabu> rofl02:39 <&Sabu> people are really enjoying the socialing of jussi02:39 <&Sabu> man I was talking to my little brother who witnessed the whole shit02:39 <&Sabu> I think he and I were as excited as people are about it now02:39 <&Sabu> we were fitdgeting and giggling and shit02:40 <&Sabu> as jussi dropped firewall02:40 <&Sabu> then reset the pw02:40 <&Sabu> then gave us the username02:40 <&Sabu> then asked us if we opened a high port on the box 02:40 <&Sabu> ROFL02:40 <&Sabu> I wonder if jussi has made any statements at all 02:44 <&marduk> yesh hahaha02:44 <&marduk> that "did you open something running on high port?"02:44 <&marduk> i lold hard when i saw that02:45 <&marduk> you didnt disclose that before :)02:48 <&Sabu> didnt think it was important02:48 <&Sabu> haha02:48 <&Sabu> I only pasted the important bits02:49 <&Sabu> basically hes referring to kayla.. on root I opened a reverse shell to her server at a high port

back

trac

esec

urity

.com

02:49 <&Sabu> so she could get root too02:49 <&marduk> wasnt really important.. but quite lulzy :)02:49 <&Sabu> I figured it was too vague for anyone to find interesting02:49 <&marduk> yup, i figured that (=02:49 <&Sabu> I guess it is though lol02:50 <&Sabu> basically I read all his outgoing email communication to jussi02:50 <&Sabu> and mimicked word for word and grammar for grammar02:50 <&Sabu> I also made sure to throw in rootkit.com's root password (found in an earlier email) in the initial SE email02:50 <&Sabu> to get jussi to trust me02:51 <&Sabu> it worked thankfully and turned out to be lolz02:51 <&marduk> ah nice... yeah ii thought the pws you mentioned must be kinda known to him02:51 <&marduk> but that he immediately tes you the root pw02:51 <&marduk> *facepalm*02:53 <&Sabu> yeah I learned a decade ago in order to get a successful SE you must know at least one bit of intimate information to gain at least a bit of trust from your target02:53 <&Sabu> thats why I fucing researched my balls off02:53 <&marduk> yes i know.. actually, SE is my strongpart as well... i am out of the freaky technical stuff02:53 <&marduk> i lost connection by now02:54 <&marduk> although i noticed.. many of the exploit stuff is the same like 10 years ago02:56 <&Sabu> uNF02:57 <&marduk> uNF uNF uNF ... coffee!02:58 <&Sabu> im off to bed for a nap. ill be back my brothers and sister02:58 <&Sabu> <302:58 <&marduk> sleep well (=04:15 <@Laurelai> ok so i had soeone look at stuxnet04:16 <&marduk> anything interesting? must be kinda cool to look at software that had cost several millions04:18 <@Laurelai> well04:18 <@Laurelai> the thing is04:18 <@Laurelai> its big punch04:19 <@Laurelai> is that fact it had 4 windoes 0 days in it04:19 <@Laurelai> windows*04:19 <@Laurelai> wich have since been patched04:19 <&marduk> ye04:19 <@Laurelai> my debugger said it looked like it was coded like a child fingerpaints04:20 <@Laurelai> someone took some sploits and crammed them togethe r and said go04:20 <@Laurelai> oh04:20 <@Laurelai> and stole some certs04:20 <&marduk> uhm, from what i heard from people who actually legally looked at this thing, it was a very good coding job04:21 <&marduk> remember the source will look vastly different than any disassembly04:22 <@Laurelai> yes04:22 <@Laurelai> shes quoting from the end effects04:22 <@Laurelai> not the code itself04:22 <@Laurelai> looks like there was just alot of hype04:22 <@Laurelai> and HBgary wanted in on it

back

trac

esec

urity

.com

04:24 <&marduk> well, everybody wanted to take a look at stuxnet :)04:25 <@Laurelai> yeah04:25 <@Laurelai> HBGary was trying to make themselves look like the stuxnet experts i think04:26 <&marduk> hmm would be hard; i think f-secure had the best insight there. they did a lot of work on stuxnet which was widely praised04:26 <@Laurelai> yeah04:26 <@Laurelai> nobody ever said HBGary was smart04:26 <@Laurelai> :p04:26 <&marduk> lol04:26 <@Laurelai> it really looks like a whole trail of fail04:26 <&marduk> i still want to know wtf HBGary means :p04:26 <@Laurelai> leading the fail train into Anons lap04:27 <&marduk> :)04:27 <@Laurelai> where it crahed04:27 <@Laurelai> and burned04:27 <@Laurelai> crashed*04:27 <&marduk> and it is still smoldering now04:27 <@Laurelai> and you can hear people screaming and dying04:28 <@Laurelai> good times04:35 <@Laurelai> hmm04:35 <@Laurelai> http://ge.tt/3ckSqhP04:36 <@Laurelai> have a look at that04:39 <&marduk> i like that pretty much... dunno though about the strict teams.. i mean some ppl do more than one thing, are not really specialized. 04:39 <&marduk> but in general very good... 04:40 <&marduk> make sure to show it to the other guise as well04:40 <@Laurelai> none of it is strict04:40 <@Laurelai> nothing saying you cant be part of more than one team04:40 <@Laurelai> ill revise that04:42 <&marduk> yeah just making some comments04:42 <&marduk> the team/focus is okay.. just i wouldnt name it "teams"04:43 <@Laurelai> ok04:43 <&Sabu> hi04:44 <&marduk> wb Sabu. check that url from Laurelai 04:44 <&Sabu> who the fuck wrote that doc04:45 <&Sabu> remove that shit from existence04:45 <&Sabu> first off there is no hierachy or leadership, and thus an operations manual is not needed04:45 <&Sabu> those who root, also "Shell" and also "deface"04:45 <&Sabu> theres scant need to segregate04:46 <&Sabu> shit like this is where the feds will get american anons on rico act abuse and other organized crime laws04:47 <@Laurelai> yeah well you could have done 100 times more effective shit with HBgary04:47 <@Laurelai> gratted what we got was good04:47 <&Sabu> if you're so fucking talented why didn't you root them yourselves?04:47 <@Laurelai> but it could have been done alot better04:47 <&Sabu> also we had a time restraint04:48 <&Sabu> and as far as I know, considering I'm the one that did the op, I rooted their

back

trac

esec

urity

.com

boxes, cracked their hashes, owned their emails and social engineered their admins in hours04:48 <&Sabu> your manual is irrelevent.04:48 <@Laurelai> ok so why didnt you backdoor everything and just collect data04:49 <&Sabu> because it was generally agreed that we should OWN HBGARY _BEFORE_ Aaron Barr met up with FBI04:49 <&Sabu> that gave us ~24 hours to play with04:49 <&Sabu> you werent in the chat at the time and thus you wouldn't know this04:49 <&Sabu> and who invited you anyway?04:49 <&Sabu> I do not know you04:50 <&Sabu> marduk, I'm about to bounce. this place is getting compromised a bit too quick/easy04:50 <@Laurelai> :/04:50 <&marduk> what huh ?04:50 <&marduk> whats getting compromised?04:51 <&Sabu> who the fuck is laurelai and why is he/she/it questioning our owning of hbgary04:51 <&marduk> uhm.. she is with wl04:51 <&Sabu> and?04:51 <&marduk> and kayla knows her.04:51 <&Sabu> bleh04:51 <&Sabu> ok who authored this ridiculous "OPERATIONS" doc?04:51 <@Laurelai> look the guideline isnt for you04:51 <&Sabu> because I'm about to start owning nigg3rs04:51 <&marduk> authorized???04:52 <@Laurelai> its just an idea to kick around04:52 <@Laurelai> start talking04:52 <&Sabu> for who? the feds?04:52 <&marduk> its not any official doc, it is something that Laurelai wrote up.. and it is for.. others04:52 <&marduk> on anonops04:52 <&Sabu> rofl04:52 <@Laurelai> just idea04:52 <@Laurelai> ideas04:52 <&Sabu> man04:52 <&marduk> at least that is how i understand it04:52 <@Laurelai> to talk over04:53 <&Sabu> le sigh04:53 <&marduk> mmmm why are we so in a bad mood?04:53 <&Sabu> my nigga look at that doc04:53 <&Sabu> and how ridiculous it is04:54 <&marduk> its just a document and it doesnt even mention anonymous04:54 <&Sabu> shelling team?04:54 <&Sabu> wtf is a shelling team04:54 <&Sabu> whatever04:54 <&marduk> look, i think it was made with good intentions. and it is nothing you need to follow, if you dont like it, it is your good right04:55 <&Sabu> no fuck that. its docs like this that WHEN LEAKED makes us look like an ORGANIZED CRIME ORGANIZATION04:55 <&Sabu> its the ANTITHESIS OF WHAT ANONYMOUS IS04:55 <&marduk> mmm

back

trac

esec

urity

.com

04:55 <&Sabu> if these lamers leak shit like that Im rooting them04:55 <&marduk> i get your point04:56 <&Sabu> and it also makes us look like fucking twats aka hypocrits. we sit here and tweet all day about palantir/hbgary putting together docs and slides discussing the process of OWNING WIKILEAKS04:57 <&Sabu> yet we're producing the same fucking shit04:57 <&Sabu> only difference being our target focus are whitehats/anonymous targets04:57 <&Sabu> rofl04:57 <&Sabu> I'm going back to sleep. nice to meet you laurelai04:58 <&marduk> mm i get the point... and yes, considering that, we should not use/spread/hand such dox around04:58 <&marduk> but i am also convinced that Laurelai wasnt ill-minded by doing that. actually we taked about this before04:58 <&marduk> the point just is... we shoud have some procedure (it actually started with ppl ddosing targets that could be defaced, etc)04:59 <&Sabu> marduk the other night.. when we owned hbgary we had 100% coordination in here. we had one slight issue with leeching of emails taking a bit longer than they should have04:59 <&Sabu> but besides that, I did my part, topiary did his part, tflow did his part, you did yours, etc04:59 <&Sabu> we did not need a manual04:59 <&Sabu> and we were on point05:00 <&Sabu> laurelei's issue is that we did not sit and sniff their emails for more good info05:00 <@Laurelai> no05:00 <&Sabu> so what were you saying earlier?05:01 <@Laurelai> my issue is they had alot of private software and proprietary code, as well as customer information that could have been taken and used to gain access to more stuff quietly and then use tht as a platform to gain even more05:01 <&Sabu> true, they had private software and proprietary code. and true I deleted their entire fileserver which included about 1 terabyte worth of malware, code and data05:01 <&Sabu> let me ask you a question05:02 <&Sabu> do you have 1terabyte+ servers ready to leach+store+torrent?05:02 <@Laurelai> yes05:02 <&Sabu> and how lon would it have taken us to leak the terabyte off their network05:02 <&Sabu> before they realized they were getting owned?05:03 <&marduk> it was a LITTLE rushed, yes we could have leeched mybe a little more. but in overall i think we did a very awesome op05:03 <@Laurelai> i think so too05:03 <&marduk> we fucking tapped their email comms for 30 hours05:03 <&Sabu> as for customer information, all that customer information is in the emails. tflow had access to those emails before leaking ~24 hours05:03 <@Laurelai> thats all i was trying to say05:03 <&marduk> and they didnt notice a fkn thing05:03 <&Sabu> thats enough to traverse into customer accounts05:03 <@Laurelai> was it would have been nice to get some of the priv software05:03 <@Laurelai> and malware05:03 <&Sabu> trust me miss05:04 <&Sabu> if you saw what I saw05:04 <&Sabu> there was nothing worth getting

back

trac

esec

urity

.com

05:04 <&Sabu> they had endless copies of rxbot05:04 <&Sabu> public .exe's 05:04 <&Sabu> they had sandboxed a bunch of romanian exes with zeus05:04 <&Sabu> public bots05:04 <&Sabu> they had 0% 0dayz05:04 <@Laurelai> ok then05:04 <&Sabu> their source code was not on the fileserver. there were nothing but executables05:05 <&Sabu> and if you want their software that bad search thepiratebay05:05 <&Sabu> I'm sure copies are on there05:05 <&Sabu> their shit is garbage05:05 <&Sabu> so we're discussing a non-issue05:05 <&Sabu> perhaps I should have cleared this all up for everyone05:05 <@Laurelai> then what i was told wasnt what actually happened05:05 <&Sabu> so docs like the one you created would not exist right now05:05 <@Laurelai> im sorry05:05 <&Sabu> I dont know who told you what05:05 <&Sabu> but if you have questions ask me05:05 <@Laurelai> ok05:06 <&marduk> well she wasn't here from the beginning05:06 <&marduk> so she couldnt have known05:06 <&Sabu> I am not being rude to you. trust me, I'm a nice guy05:06 <&marduk> as stuff in here was not relayed to outside05:06 <&Sabu> I just dont like the bs05:06 <@Laurelai> im not trying to bs05:06 <@Laurelai> i was making a point based on the information i has05:06 <@Laurelai> wich was wrong05:06 <&Sabu> ok so what were you told/05:06 <&Sabu> that their fileserver had massive 0dayz?05:06 <@Laurelai> basically05:06 <&Sabu> because I can say there were two external drives05:07 <&Sabu> I have a good memory and will tell you what was there05:07 <&Sabu> one external drive was used as a nfs/samba mount it contained about 1tb of data05:07 <&Sabu> it contained the same financial docs you find in the emails05:07 <&Sabu> it contained backups of their dbs, etc05:07 <&Sabu> it contained endless copies of their software in versions05:08 <&Sabu> changelog edits05:08 <&Sabu> it contained literally garbage 05:08 <&Sabu> that has little value to us05:08 <@Laurelai> ok05:08 <&Sabu> the other external hard drive used as a nfs mount for internal lan servers05:08 <&Sabu> contained all of their malware research05:08 <&marduk> Sabu: can we h4x the DoJ? :p05:08 <&Sabu> which literally consisted of05:08 <&Sabu> rxbots05:08 <&Sabu> zeus bots05:08 <&Sabu> chinese and romanian bots05:09 <&Sabu> stuxnet debugs, copies of same binary

back

trac

esec

urity

.com

05:09 <&Sabu> etc.05:09 <&Sabu> nothing of value to us05:09 <&marduk> ye i noticed from the emails, they take a lot of interest in the public/widely available bots05:09 <&Sabu> because they already exist in the emails we have05:10 <@Laurelai> alright05:10 <@Laurelai> makes sense05:11 <@tflow> fuck05:11 <@tflow> Laurelai05:11 <@tflow> do you have access to the prq server?05:11 <@tflow> of crowdleaks?05:11 <&marduk> ohai tflow05:11 <@tflow> hi05:11 <@Laurelai> tflow: yes of course05:11 <@tflow> Laurelai: please remove the vhost for search.hbgary.anonleaks.ru asap05:11 <@tflow> it's not supposed to be public yet05:11 <@Laurelai> ok..05:12 <&marduk> :o05:12 <@tflow> and the dnsbot is offline .__.05:12 <&Sabu> good morning tflow my brother05:12 <&marduk> tflow: i have a copy but only add is working there05:12 <@tflow> Sabu!05:12 <@tflow> did you hear about the shitstorm the leaks caused?05:12 <&Sabu> yeah bro I been catching up05:13 <&marduk> this is actually.. bigger than the cables it seems05:13 <&marduk> especially as only small amounts have been scanned so far05:14 <@Laurelai> tflow: done05:14 <@tflow> thanks05:15 <&marduk> Sabu: in need of new target? its not whitehats tho...05:15 <&Sabu> I want to focus on white hat sec firms05:15 <&Sabu> they're the ones working on us05:15 <&marduk> okay.05:15 <&marduk> hmm05:15 <&marduk> oh05:15 <@Laurelai> its a good idea05:15 <&Sabu> hbgary was the tip of the iceberg05:15 <&marduk> what was that05:15 <&marduk> there was that french one05:15 <&marduk> Laurelai: ?05:15 <&Sabu> you know how many other sec firms are trying to do exactly what they're doing05:15 <&Sabu> lol05:15 <&marduk> you got the tip from someone05:16 <&Sabu> so we need to start rocking these lamers05:16 <&marduk> what was the url, damn05:16 <~Avunit> D:05:16 <&Sabu> hi avunit my brother05:16 <~Avunit> the fuck is up with anonops05:16 <&marduk> oh all awayke .. just kayla missing now :o

back

trac

esec

urity

.com

05:16 <@Laurelai> ddosaresst.com05:16 <&marduk> Avunit: was ddosed05:16 <&marduk> Laurelai: nah i meant the other one.. who are working with french police05:16 <~Avunit> tiny is down, belldandy is down, koldsun is down05:16 <@Laurelai> marduk: i dont know 05:17 <&marduk> who are trying to spai on us05:17 <&marduk> mhhh05:17 <@Laurelai> marduk05:17 <@Laurelai> yeah05:17 <&Sabu> laurelie, I appreciate you took the time to write that document. perhaps instead of creating evidence we actually follow such procedures. we just educate our people here so our next target isnt rushed/etc05:17 <@Laurelai> ddosaresst05:17 <@Laurelai> Sabu: thats what i was trying to get at05:17 <&Sabu> http://dosarrest.com/ ?05:17 <@Laurelai> can we let it go ive deleted it already05:17 <&Sabu> heh 05:17 <@Laurelai> Sabu: yes05:17 <@Laurelai> that one05:17 <&Sabu> I'm being fucking nice to you05:17 * marduk hands around cake and coffee.05:18 <&Sabu> and you're telling me to let it go/05:18 <&Sabu> don't get rocked bro :|05:18 <&marduk> meehh.. now all; let's focus not argue anymore.05:18 <&marduk> it's done.05:18 <&Sabu> you run crowdleaks.org?05:18 <@Laurelai> i help run it05:18 <&Sabu> I see05:19 <~Avunit> Hey instead of argueing do me a favor and tell me which anonops server with atleast a 50 channel limit is online :P05:19 <@tflow> Avunit: vlad has 5105:19 <~Avunit> thanks05:19 <@tflow> np05:19 <~Avunit> added vlad in my pool05:19 <&marduk> Avunit: vlad05:19 <&marduk> oh im slow05:20 <~Avunit> so any news around here?05:20 <&Sabu> Laurelai: <3 u05:20 <@Laurelai> Sabu: sorry05:20 <&Sabu> I'm unusually cranky today haha05:20 <@Laurelai> its no excuse but i dont sleep alot05:20 <&Sabu> <3 to you all05:20 * Avunit throws a cake at Sabu.05:20 <&marduk> moar <3<3<305:20 <&Sabu> aRF05:20 <~Avunit> Group hug?05:20 <&Sabu> well anyway guys I'll be back online today05:20 <&Sabu> heres what I need05:20 <@tflow> Laurelai: Can I have sftp access to the folder where

back

trac

esec

urity

.com

search.hbgary.anonleaks.ru? I need to make some coding changes05:20 <&Sabu> I need more targets=05:20 <@Laurelai> https://panel.dosarrest.com/customerpanel1_0/cp/sites/view/05:21 <&Sabu> whitehats, spies, whatever05:21 <&marduk> Sabu: im still looking for that one url05:21 <&marduk> i got a tip05:21 <&marduk> ill look thru my history05:21 <&Sabu> kk05:22 <~Avunit> !dns list05:22 <~Avunit> oh wait05:22 <@Laurelai> tflow: its a single php file05:22 <@tflow> ah nice05:22 <@Laurelai> whats wrong with it05:23 <@tflow> can you set me up an account with write access to that file?05:23 <@tflow> i need to make it so that05:23 <@tflow> it like to the .html pages on hbgary.anonleaks.ru05:23 <@tflow> links*05:23 <@tflow> there is a better interface there with attachments and such05:23 <@Laurelai> oh05:23 <@Laurelai> i can do that05:23 <@tflow> great05:24 <@Laurelai> hbgary.anonleaks.ru05:24 <@tflow> i'll give you the db files for each index05:24 <@tflow> basically05:24 <@Laurelai> doesnt appear to be up05:24 <@tflow> each email is like 3333.html05:24 <@tflow> a number05:24 <@tflow> brb 2 mins05:24 <@Laurelai> do you mean http://search.hbgary.anonleaks.ru/05:24 <@Laurelai> o_O05:25 <~Avunit> the anonleaks.ru sites, apart from search are not yet activated :P05:26 <@Laurelai> i need more coffie05:27 <&Sabu> anonleaks is going to rock my socks05:29 <~Avunit> DNSBot is online again ^.^05:30 <&Sabu> question gents05:30 <&Sabu> whats the situation with openleaks05:30 <~Avunit> watcha mean?05:31 <&Sabu> "Domscheit-Berg denies claims by WikiLeaks that he damaged the organization or 'stole' material, but did say he took roughly 300,000 documents with him when he left."05:31 <&Sabu> does openleaks need to get owned or not our buisness05:31 <~Avunit> Well afaik they were taken for safekeeping and are being forced back by wikileaks now05:31 <~Avunit> atleast thats what the news here said 2 days ago05:33 <&Sabu> word05:33 <&marduk> damnit i dont find that site anymore05:33 <&Sabu> I cant wiat for anonleaks to go public :D05:34 <&Sabu> ok gents and ladies05:34 <&Sabu> I'm going offline till tonight

back

trac

esec

urity

.com

05:35 <&Sabu> much love to you all05:35 <&Sabu> <305:35 * Sabu detaches05:35 <@tflow> <05:35 <@tflow> <305:35 <@Laurelai> openleaks cant be trustef fyi05:35 <@Laurelai> trusted*05:35 <@tflow> Laurelai: nevermind, you can keep the vhost, I just deleted it from the DNS05:36 <~Avunit> gl sabu!05:36 <~Avunit> <305:36 <@Laurelai> k05:38 <@tflow> http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/db05:38 <@tflow> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/db05:38 <@tflow> http://internetfeds.mil.nf/hbgary/phil_hbgary_com/db05:38 <@tflow> http://internetfeds.mil.nf/hbgary/ted_hbgary_com/db05:38 <&marduk> up again? :o05:38 <@tflow> From these files, you can tell which .html page to link to by looking @ the email filename05:39 <&marduk> YAY05:39 <&marduk> tflow: so whats status on greg?05:40 <@tflow> marduk: many of us want to wait until Monday to release, because there is 0 media on Fri-Sun05:40 <@tflow> for maximum impact...05:41 <&marduk> ok hmm makes sense.. but for us?05:41 <&marduk> can we add it already?05:41 <@tflow> what do you mean?05:41 <&marduk> oh05:41 <&marduk> lol05:41 <&marduk> it is added05:41 <~Avunit> are we going for a teaser page actualy or let it 404?05:41 <&marduk> nvm me05:42 <@tflow> lol. it was added about 1 day ago :p05:42 <@tflow> Avunit: dunno. is someone going to make one?05:42 <&marduk> haha05:42 <&marduk> From: Google Alerts <googlealerts-noreply@google.com>05:42 <&marduk> Subject: Google Alert - HBgary05:42 <&marduk> To: karenmaryburke@yahoo.com05:42 <&marduk> Date: Sunday, February 6, 2011, 11:01 AM05:42 <&marduk> News1 new result for HBgary CORRECTION: Aaron Barr is not Justin Bieber05:42 <&marduk> p2pnet.net05:42 <&marduk> ulz nice google alert05:43 <~Avunit> well tflow, i suppose a date with the logo topiary made05:43 <~Avunit> would be enough?05:43 <~Avunit> we can always add some links to some emails on there05:44 <&marduk> tflow: you think it would be good to announce that anonleaks will go public on monday?05:45 <@tflow> i think so05:45 <&marduk> ok will make some noice later

back

trac

esec

urity

.com

05:45 <@tflow> Laurelai: did you get that?05:46 <@Laurelai> ?05:46 <@tflow> [10:38:22] <@tflow> http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/db05:46 <@tflow> [10:38:28] <@tflow> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/db05:46 <@tflow> [10:38:33] <@tflow> http://internetfeds.mil.nf/hbgary/phil_hbgary_com/db05:46 <@tflow> [10:38:40] <@tflow> http://internetfeds.mil.nf/hbgary/ted_hbgary_com/db05:46 <@tflow> [10:38:51] <&marduk> up again? :o05:46 <@tflow> [10:39:04] <@tflow> From these files, you can tell which .html page to link to by looking @ the email filename05:46 <@Laurelai> oh yeah i saw05:47 <@Laurelai> how do i search it05:47 <@tflow> ok cool05:47 <@tflow> using php? :p05:47 <@tflow> do you know how to code it?05:48 <@tflow> otherwise i can code it and give you the hbgary.php file05:48 <@Laurelai> im not so hot with php05:48 <@tflow> (but i'd need the original hbgary.php first)05:48 <@Laurelai> thats lexis department05:48 <@tflow> np05:48 <@Laurelai> yeah ill secure pastebin it05:49 <@tflow> actually.. you know.. i think it would be better to store that in the mysql db05:49 <@tflow> having it filebased would be too slow to search05:50 <@tflow> can you create me a mysql account on the server with one db?05:50 <~Avunit> Must I code the like 10 line html page excluding headers to say COMING: 14 FEBRUARI 201105:50 <~Avunit> with a logo05:50 <~Avunit> and iunnom aybe some links to sum emails?05:51 <~Avunit> if so, ill do it after lunch :P05:51 <~Avunit> brb05:53 <@Laurelai> hes got it using postgesql05:53 <@Laurelai> or something05:53 <@Laurelai> for that05:53 <@Laurelai> man05:53 <@Laurelai> im just going to get lexi to work with you on that05:53 <@tflow> ok05:53 <@tflow> when's he coming on?05:53 <@Laurelai> i just install shit and make sure it doesnt get hacked into05:54 <@Laurelai> tflow: here pretty soon05:54 <@Laurelai> hes in ireland05:55 <@tflow> ah05:55 <&marduk> btw, some mails still cant be parsed, any idea why?05:56 <&marduk> example: http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18057.html05:57 <@tflow> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18057h.html can05:57 <@tflow> view it in html mode05:58 <&marduk> ups05:58 <&marduk> kk06:22 <&marduk> tflow: 06:22 <&marduk> http://search.hbgary.anonleaks.ru still works for me06:22 <&marduk> cached NS?

back

trac

esec

urity

.com

06:22 <@tflow> yes06:22 <&marduk> ah k06:23 <@tflow> hmm.. what do we have so far..06:23 <&marduk> ?06:23 <@tflow> 4 Heihachi servers (3 for NS, 2 for interface)06:23 <&marduk> ah06:23 <@tflow> 1 PRQ servers (for search - with dosarrest)06:24 <&marduk> 1 Telecomix?06:24 <@tflow> 1 Luxembourg server (from Telecomix, for web interface)06:24 <~Avunit> those servers are not all heihachi tflow :P06:24 <~Avunit> but they are russian06:24 <@tflow> oh?06:24 <~Avunit> and in the same datacentre06:24 <@tflow> yeah06:24 <@tflow> webalta06:24 <~Avunit> and santrex06:24 <@tflow> ah06:24 <~Avunit> I can roll one extra server in, Triumph, if needed.06:25 <@tflow> If we do need another server, it would be for the web interface. but I think we're sorted for now06:25 <&marduk> Avunit: i gave you the other paysafe?06:25 <~Avunit> yes marduk i think06:25 <~Avunit> oh goddamnit that said06:25 <~Avunit> gimme again06:25 <~Avunit> xD06:25 <&marduk> k, yeah i remember faintly06:25 <~Avunit> i forgot i dont log anymore06:26 <&marduk> uh oh06:26 * Avunit stabs self in face.06:26 <~Avunit> imma get the invoice sorted direclty06:26 <&marduk> NOT GOOD06:26 * Avunit navigates towards heihachi.06:26 <&marduk> phew06:26 <&marduk> found it06:26 <@tflow> We should also have a page called legal.html06:27 <@tflow> That shows all the DMCA requests we've gotten from HBGary06:27 <@tflow> And our replies06:27 <@tflow> TPB-stlye06:27 <@tflow> style*06:27 <~Avunit> what is the bgcolor of the interface page?06:29 <@tflow> #D7C3FC06:30 <~Avunit> ill do some lousy html coding for a such teaser page06:31 <&marduk> sifting greg's emails for anything more about BoA & co06:31 <@tflow> it doesn't really need to use that bg colour if it's just a teaser page06:31 <@tflow> also you can base it on http://pastehtml.com/view/1cw69sc.html Avunit06:31 <@tflow> all you need to do is change the txt06:31 <@tflow> or logo06:32 <~Avunit> well might look better if it uses the same bgcolor06:32 <~Avunit> thats why

back

trac

esec

urity

.com

06:32 <@tflow> http://www.technologyreview.com/web/32279/?p1=A106:32 <&marduk> did we see this:06:32 <&marduk> "I have been sucked up for the last, seems like almost 2 weeks working the law firm deal. The potential is huge for us. We are starting the pilot this week, 50K effort. After the pilot the end customer gets briefed. We were talking to the senior partner of the law firm on Friday and he wants a firm fixed price by month for 6 months and the figure we have come to settle on is $2M per month for the 3 team members. That will equal $500-$700K for HBG Federal, thats per ..06:32 <&marduk> ... month. We still need to close it, so I am spending most of my time making sure we blow them away and get the funding. Other stuff happening, but thats the main focus for me."06:32 <@tflow> oh wait, that's not anonleaks06:32 <&marduk> was sent from aaron to greg and penny on nov 1606:38 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel06:38 -!- Topiary [colossal@do.the.impossible] has joined #hq06:39 -!- mode/#hq [+o Topiary] by HQBot06:44 <&marduk> hey Topiary 06:44 <@Topiary> Hai06:44 <&marduk> moah, greg'S mails are full of ticketspam 06:44 <&marduk> that'S why he has 10k more mails06:45 <@Topiary> Ticketspam indeed, new registration/password change too06:45 <&marduk> yeah06:45 <@Topiary> and emails from PayPal06:53 <~Avunit> http://operationfreedom.ru/anonleaks/06:53 <~Avunit> thats kinda what i have atm06:54 <@Laurelai> hey06:54 <@Laurelai> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/2760.html06:54 <@Laurelai> could i get the origional email for that06:54 <&marduk> Avunit: nice06:54 <&marduk> Fubruary?06:54 <&marduk> eh06:54 <&marduk> February.06:54 <~Avunit> oh yeah06:54 <&marduk> #AnonLeaks?06:54 <~Avunit> yes06:54 <&marduk> on anonops?06:54 <~Avunit> yes06:54 <&marduk> oh.06:55 <~Avunit> I had e-mail 5 in twice too instead of one 6 xD06:55 <@Laurelai> please06:56 <&marduk> Laurelai: ?06:56 <@Laurelai> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/2760.html06:56 <~Avunit> ask tflow, he might have it D: i no has06:56 <@Laurelai> tflow: ?06:56 <&marduk> Laurelai: yes looking at that06:56 <~Avunit> anything else that needs to be on the teaser page? gimme about 6 juicy emails as a teaser too d:06:56 <~Avunit> marduk: laurelai wants the original06:57 * Avunit pokes topiary

back

trac

esec

urity

.com

06:57 <&marduk> original?06:57 <&marduk> oh the .eml?06:57 <~Avunit> yarr06:57 <@tflow> ?06:58 <&marduk> ya well, i dun have it... btw when are we gonna torrent greg'S mails?06:58 <@tflow> it says it06:58 <~Avunit> laurelai wants the .eml for that link06:58 <@tflow> Original file: 2685806:58 <@tflow> the .emls for greg are not released yet.06:58 <~Avunit> and http://operationfreedom.ru/anonleaks/06:58 <@tflow> hmm06:59 <@tflow> not bad but06:59 <@tflow> it doesn't really fit well06:59 <~Avunit> as in?06:59 <@Topiary> possibly a black background outside the box?06:59 <&marduk> ok i need to be away for an hour or so06:59 <~Avunit> easy enough06:59 <@tflow> also i don't think we should tell the irc channel yet06:59 <~Avunit> well stab topiary for that06:59 <~Avunit> i stole his banner :p07:00 <@Topiary> hah, made it in a few minutes as a test07:00 <@tflow> I think it would be cool to have the green anon logo in large07:00 <@Topiary> it's not a banner so much as a lulz07:00 <@tflow> with a white background07:00 <@tflow> and says coming soon under it07:00 <@Topiary> don't think I have any large Anon logos like that to turn green, that one was pretty small07:01 <~Avunit> http://operationfreedom.ru/anonleaks/07:02 <@tflow> i think it's better to just have a white bg07:02 <~Avunit> k sec07:02 <@tflow> with the green logo only + coming soon under it07:02 <~Avunit> done07:02 <@tflow> (without the irc stuff or the text)07:03 <~Avunit> ill green the irc stuff out07:03 <@tflow> the bg is still black :p07:03 <~Avunit> oh you wante verything white?07:03 <@tflow> no i mean07:03 <@Topiary> http://i.imgur.com/N7mfR.jpg07:03 <@Topiary> made07:03 <~Avunit> ah liek dat07:03 <@tflow> nice07:03 <~Avunit> want the date still under it or all text removed?07:03 <@tflow> only thing i would say07:04 <@tflow> the stroke around the text kinda makes it seem cartoonish :p07:05 <~Avunit> now then?07:05 <@Topiary> can easily be fixed. any text you had in mind?07:06 <~Avunit> and topiary, you got any e-mails ready to be teased?07:08 <~Avunit> so i can put em there too07:08 <@Topiary> not sure if I have anything that stands out

back

trac

esec

urity

.com

07:08 <~Avunit> well aslong its kinda lulz or juicy07:09 <~Avunit> its fine07:09 <~Avunit> we dont have to throw the best in, rather not even07:10 <~Avunit> just a few to show we're for real and ready to cause mayham07:12 <~Avunit> and tflow watcha think of the current page then? bettah?07:12 <@Topiary> http://i.imgur.com/zgaMs.jpg07:12 <@Topiary> simpler?07:14 <@Topiary> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/22450.html07:14 <@Topiary> can't tell if juicy or not...07:16 <~Avunit> should i use the source of that html to leak or put it in .txt?07:16 <@Topiary> I guess html07:16 <@Topiary> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/9747.html07:19 <@Laurelai> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18599.html07:19 <@Topiary> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/5281.html07:19 <@Topiary> wat07:19 <~Avunit> im removing attachement and without html markup links07:23 <~Avunit> any others?07:24 <~Avunit> tis kind of fugly but fine07:25 <@Topiary> this isn't worth putting up, but lol http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18450.html07:25 <~Avunit> LOL07:25 <~Avunit> i say07:25 <~Avunit> put it up xD07:26 <~Avunit> but yeah check out http://operationfreedom.ru/anonleaks/07:26 <~Avunit> its kind of ugly with the emails07:26 <~Avunit> but k07:27 <@tflow> Avunit: you need the .css file07:27 <~Avunit> yeah figured07:27 <~Avunit> but i have no link to the actual source either07:28 <~Avunit> with divs and whatever07:28 <~Avunit> oh wait07:28 <~Avunit> you use th for that07:28 <~Avunit> nvm me :P07:30 <~Avunit> i put the css file up07:31 <~Avunit> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/9365.html im lolling quite a bit tho07:36 <~Avunit> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/20419.html <-- is that one leaked already?07:37 <@Topiary> don't think so07:37 <@Topiary> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/7853.html07:37 <@Topiary> also lulz07:37 <~Avunit> lol07:37 <~Avunit> shoudl i leak http://internetfeds.mil.nf/hbgary/greg_hbgary_com/20419.html too on the teaser page>?07:38 <~Avunit> tflow? topiary?07:38 <@Topiary> if numbers need to be made up, then I guess07:39 <@Topiary> also add simpler, non-stroked text link07:39 <@Topiary> [12:12:23] <Topiary> http://i.imgur.com/zgaMs.jpg07:39 <~Avunit> oh yeah ill udpate the logo

back

trac

esec

urity

.com

07:41 <&marduk> haha yes that google alert is cool (=07:43 <&marduk> http://operationfreedom.ru/anonleaks/07:43 <&marduk> is that public?07:43 <@Topiary> I think maybe the 14 Feb thing needs to be taken out, not sure why07:43 <&marduk> can we spreda that?07:43 <@Topiary> no07:43 <@Topiary> the main site will be anonleaks.ru07:43 <@Topiary> right?07:43 <&marduk> yea07:43 <&marduk> but this will be one mirror, tho?07:44 <@Topiary> still probably not best to spread this yet until anonleaks.ru is updated07:44 <@Topiary> and we've agreed on final page07:44 <&marduk> yeah 07:44 <~Avunit> itll be on anonleaks.ru07:44 <~Avunit> this is just my testing ground07:44 <&marduk> tell me when it is07:44 <~Avunit> http://operationfreedom.ru/anonleaks/07:44 <~Avunit> the date taken out?07:45 <&marduk> well.. we are sure that we go public on monday i think?07:45 <&marduk> we got all set. all uploaded, mirrors working07:45 <~Avunit> or should I just make "Coming February 2011" of it?07:45 <@Topiary> just in case we fail hard on Monday07:45 <&marduk> mhh07:45 <~Avunit> ill just get the 14 and : out of it07:45 <&marduk> if then take it out completely07:45 <&marduk> and leave the coming soon in logo07:45 <@Topiary> we can just tweet about it07:45 <@Topiary> and when we actually release, we'll do a countdown07:45 <~Avunit> http://operationfreedom.ru/anonleaks/07:45 <~Avunit> updated07:46 <&marduk> i want to send the teaser page to some bloggers asap07:46 <@tflow> The font on coming soon is a bit weird07:46 <&marduk> mhh07:46 <&marduk> idd remove february07:46 <&marduk> that souds like.. we are maybe online in 2 weeks07:46 <@Topiary> I'd just remove the whole line about coming soon07:46 <&marduk> coming soon in the logo is okay07:46 <&marduk> small and decent07:46 <@Topiary> and we can create buzz on twitter about it07:46 <&marduk> i'd just remove the big text07:46 <@tflow> Can you remove the black border?07:46 <@Topiary> ^07:46 <~Avunit> yesi can07:46 <~Avunit> sec07:47 <@tflow> What about the border?07:47 <@tflow> It's not nice :p07:47 <~Avunit> http://operationfreedom.ru/anonleaks/07:47 <~Avunit> there you go07:47 <@Topiary> it'll look more scary 1337 h4x the plainer it gets

back

trac

esec

urity

.com

07:47 <&marduk> yup07:47 <~Avunit> we all agree this one is fine then?07:47 <&marduk> maybe a blank line between teasers iand the mails07:48 <~Avunit> then ill tar it for tflow :P07:48 <&marduk> then it'd be perfect07:48 <@tflow> can you remove that border?07:48 <&marduk> shift reload07:48 <&marduk> it is07:48 <~Avunit> its removed07:48 <&marduk> i'dd add a blank line tho07:48 <~Avunit> and white lnie added07:48 <&marduk> below "teasers"07:48 <~Avunit> line*07:48 <~Avunit> its added07:48 <&marduk> looks a bit dense07:48 <@tflow> aha07:48 <~Avunit> reload07:48 <&marduk> ah :)07:48 <&marduk> perfect imo07:48 <~Avunit> should i make the teasers fat or is only underlined fine like this?07:48 <@tflow> tested in other browsers?07:49 <~Avunit> sec imma start up IE07:49 <~Avunit> im using firefox myself07:49 <&marduk> chrome here07:49 <@Topiary> just gonna find another teaser, or one to replace one already07:49 <&marduk> on linux07:49 <@Topiary> the Penny loveletter07:49 <@Topiary> sec07:49 <&marduk> looks fine07:49 <&marduk> mhh07:49 <&marduk> nah07:49 <&marduk> not the penny love letter07:49 <&marduk> something juicy07:49 <&marduk> like Boa related07:49 <~Avunit> looks fine on an old version of IE07:49 <&marduk> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/15038.html07:49 <&marduk> like this one07:49 <~Avunit> but ive the idea that the teasers should be bolded :/07:50 <~Avunit> well the word "Teasers:"07:50 <@tflow> try it07:50 <~Avunit> kay07:50 <~Avunit> adding a ninth leak too07:51 <~Avunit> hrrm07:52 <~Avunit> adding bold removing underline07:52 <@Topiary> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/23876.html07:52 <@Topiary> I don't think we need this many teasers07:52 <@Topiary> some bring down the quality of the others07:52 <&marduk> hmm07:52 <&marduk> too many fun/private ones imo

back

trac

esec

urity

.com

07:53 <&marduk> we should concentrate on the interesting ones07:53 <&marduk> anonleaks isnt emphasized on gossip :(07:53 <@Topiary> at least replace email 8 with Penny's one07:53 <~Avunit> feel free to say which one to remove etc.07:53 <@Topiary> or get rid of 8 entirely07:53 <~Avunit> replacing 8 with http://internetfeds.mil.nf/hbgary/greg_hbgary_com/23876.html07:54 <~Avunit> done07:55 <@tflow> brb taking a shower07:55 <@tflow> when i'm back i'll put it up07:55 <&marduk> cool07:55 <&marduk> get wet.07:55 <~Avunit> ill tar it for you tflow07:55 <@Topiary> thoroughly moist07:56 <~Avunit> updated email 9 to remove the attachement link too07:56 <&marduk> why isnt kayla here?07:56 <&marduk> hrrr.07:56 <@Topiary> we should put a contact email in the form of07:56 <@Topiary> "Problem, officer? email@email.com"07:56 <@Topiary> so we can laugh hard at takedown notices07:56 <@Topiary> tflow requests that I give them lulzy responses07:56 <&marduk> can use my hushmail, of do we have email already setup?07:56 <@Topiary> and we post them in a legal section07:57 <&marduk> should have something official like07:57 <&marduk> complaints@anonleaks.ru07:57 <&marduk> :p07:57 <~Avunit> i have no mailserver07:57 <~Avunit> gief mailserver07:57 <~Avunit> and we can create anonleaks.ru07:57 <&marduk> wait when tflow gets back07:57 <@Topiary> I would jizz over Topiary@anonleaks.ru as my email07:57 <@Topiary> I'd put that shit as mah vhost07:57 <~Avunit> avunit@anonleaks.ru07:57 <~Avunit> bitches.07:58 <@Topiary> We go' be hunted by the po-po07:58 <@Topiary> oh no-no07:58 <~Avunit> almost tempted to make a theteam.html07:58 <~Avunit> with fake dox07:58 <~Avunit> xD07:58 <@Topiary> DO IT07:58 <@Topiary> DO IT SO HARD07:58 <~Avunit> LOL07:58 <~Avunit> okay07:59 <~Avunit> everyone go make fake identity07:59 <~Avunit> fake name07:59 <~Avunit> fake country07:59 <~Avunit> and GIEF ME07:59 <&marduk> heh, aren't i John Q Nagel?07:59 <~Avunit> IUNNO GIMME INFO

back

trac

esec

urity

.com

08:00 <&marduk> lol08:00 <&marduk> i cant ind him08:00 <&marduk> rofl08:00 <@Topiary> David D. Davidson08:00 <&marduk> google "John Q Nagel"08:00 <@Topiary> 6697 Mudkup Rd.08:00 <@Topiary> Longcatsville08:00 <@Topiary> The Internets08:00 <@Topiary> Mine ^08:00 <&marduk> only hits are the Anonymous docs of Aaron08:00 <@Topiary> Mudkip*08:00 <&marduk> I'll use John Q. Nagel08:01 <~Avunit> make some other fake info up too marduk, like topiary08:01 <&marduk> sec08:01 <&marduk> actually that John Q Nagel is real on facebook08:01 <&marduk> mhh i use something else08:03 <&marduk> Henry Dorsett Case, 648, Matsudo, Matsudo-shi, Chiba, 271-8510, Japan08:03 <&marduk> thar you go08:04 <&marduk> whoever knows the reference wins an internet08:05 <~Avunit> Want me to use your irc nicks?08:05 <~Avunit> like Topiary:08:05 <~Avunit> David D. Davidson08:05 <&marduk> tflow: and canihaz sop in #anonleaks pl0x08:05 <~Avunit> 6697 Mudkup rd.08:05 <&marduk> lolno08:05 <&marduk> not me08:05 <~Avunit> k08:05 <&marduk> enough trouble qith q as it is :p08:06 <@Topiary> we should include a weblink to #anonleaks on the teaser site08:06 <@Topiary> massive buzz for it08:06 <&marduk> oh08:06 <&marduk> Avunit: use my fake nick: "Don"08:06 <@Topiary> WebAnon chat08:06 <~Avunit> nah not using nicks now :op08:06 <&marduk> he's rarely online08:06 <&marduk> ok08:06 <&marduk> fine too08:08 <~Avunit> okay08:08 <~Avunit> MOAR08:08 <~Avunit> ill add something for myself too08:10 <&marduk> oh nice08:10 <&marduk> (as I was finishing writing this, Karp called me, seemed sincere enough in his apology, vowed that any Palantir employees involved in this would be dealt with the way they dealt with HB Gary, and commendably committed to telling me by the end of the week whether Bank of America or Hunton & Williams actually retained these firms to carry out this proposal).08:10 <&marduk> (Greenwald on salon.com)08:11 <@Topiary> Perhaps a "MEET THE TEAM" link underneath the teasers, and also on that page can be a "Problem, officer? complaints@anonops.ru""

back

trac

esec

urity

.com

08:12 <~Avunit> http://operationfreedom.ru/anonleaks/theteam.html08:14 <~Avunit> well we can do that after we got an anonops.ru email server topiary08:14 <~Avunit> because i do want to see that :p08:14 <&marduk> Avunit: "648 Matsudo, Matsudo-shi" - "Chiba 271-8510" 08:14 <~Avunit> oh k08:14 <&marduk> btw, case is the main character in william Gibson's Neuromancer08:14 <~Avunit> updated08:15 <&marduk> and he lives in Chiba City :)08:15 <&marduk> cheers08:16 <~Avunit> http://operationfreedom.ru/anonleaks/theteam.html08:16 <~Avunit> updated with email lnik too08:16 <@Topiary> Looks good Avunit, needs Mudkip though08:16 <~Avunit> oh well ypu typed mudkup :P08:16 <~Avunit> anyway need mailserver *stabs topiary*08:16 <~Avunit> i added a subject line to the mail link too :p08:20 <@Topiary> looking like the sex of all sexes08:20 <~Avunit> now tflow needs to come back, he needs to give an identity and we need some mail serverz08:20 <~Avunit> and then we r ready to rawl08:20 <@Topiary> WE HAZ PROBLEMZ08:20 <~Avunit> oh btw is thel ink i put on the index good or you want MEET THE TEAM there?08:20 <@Topiary> MEET THE TEAM08:20 <@Topiary> Y3333308:21 <~Avunit> MEET THE SPY08:21 <~Avunit> oh no wait08:21 <~Avunit> xD08:21 <~Avunit> http://operationfreedom.ru/anonleaks/08:22 <~Avunit> getting some tea meanwhileeee08:22 <~Avunit> get soem bitches to gief mailserbur08:22 <~Avunit> we iz want offishul address08:23 <@tflow> sup08:23 <&marduk> wb tflow 08:24 <&marduk> Avunit: davidson has a ":" the others not08:26 <@tflow> For mail, we can use Google Apps08:30 <@entropy> morning08:32 <@entropy> i can setup a mail svr pretty easily if we need08:33 <@entropy> and qmail is pretty hackproof08:33 <@entropy> but lacks alot of extras08:34 <@tflow> Why not GMail? Would save us having to get extra servers + DDoS-proof08:34 <@tflow> then we can use the extra servers for mirroring08:34 <@entropy> ah ok08:34 <@tflow> Google Apps lets you have your own domains08:35 <@entropy> i just dont use g* anything08:35 <@entropy> since they spy on your shit08:35 <@tflow> hm08:35 <@tflow> Well we don't really have anything to hide :P08:35 <@tflow> All secret shit will be done on IRC08:35 <@tflow> @anonleaks.ru is just for press

back

trac

esec

urity

.com

08:35 <@tflow> Infact, it would be funny one day if we leak our own mail08:35 <@entropy> lol08:37 <&marduk> tflow: will u put the teaser version up?08:38 <&marduk> i'D like to spread it to some ppl today08:38 <@tflow> Are we done with it?08:38 <@tflow> Also08:38 <~Avunit> tflow08:38 <~Avunit> gimme ur08:38 <~Avunit> s3cret dox data08:38 <@tflow> I think the meet the team joke needs to be more subtle - like a easter egg or hiden joke08:38 <~Avunit> I like my J. Shepard D:08:39 <@tflow> Maybe if we put it in the comments, or make the like very small08:39 <&marduk> good idea08:39 <@tflow> link*08:39 <~Avunit> k08:39 <&marduk> yeah it'S too prominent i agree08:39 <~Avunit> ill make08:39 <~Avunit> very small link08:39 <~Avunit> <size = 108:39 <~Avunit> bitch08:40 <~Avunit> blegh08:40 <~Avunit> needs to be even smaller08:41 <&marduk> make link in bg color :p08:41 <@tflow> ^^^08:41 <@tflow> Bigger but in BG colour08:41 <@entropy> did you get that lftp mirror script working?08:41 <~Avunit> k color=#000000 :p08:41 <@tflow> entropy: yup08:41 <@tflow> I mean08:41 <@entropy> cool08:41 <@tflow> I haven't made a script08:41 <@tflow> but the command works08:42 <~Avunit> oh i mean #FFFFFF :p08:42 <@entropy> its incremental and all?08:42 <@tflow> It doesn't keep logs08:42 <@tflow> What do you mean incremental?08:42 <@tflow> you just do:08:42 <@entropy> i mean like the first copy you do it does it all, the next it just does the changes since last copy08:42 <@tflow> lftp sftp://user:pass@server/dir08:43 <@tflow> then: mirror -R /local/path08:43 <@entropy> yea thats what i mean08:43 <@entropy> thats cool08:43 <@tflow> yes, it just does the changes :)08:44 <~Avunit> okay08:44 <~Avunit> check the index page out08:44 <~Avunit> and tflow gimme some dox on you too :P08:45 <@tflow> hmm..

back

trac

esec

urity

.com

08:45 <@tflow> I'm not very creative08:46 <~Avunit> can someone give me thel ink to the google mail server shit too?08:48 <~Avunit> the free version that is08:48 <@entropy> http://www.computersecurityarticles.info/security/anonleaks-continues-relationship-with-criminals/08:48 <@entropy> what a fuckign cock suer08:48 <@entropy> One of the characteristics that the members of Anonymous have in common with their Russian and Ukrainian cybercriminal benefactors08:49 <@entropy> although its funny he thinks our servers have benifactors08:50 <~Avunit> entropy!08:50 <~Avunit> you gief fake dox too08:50 <~Avunit> and tflow just become creative :P08:50 <@entropy> lol08:50 <@entropy> 1 sec08:51 <&marduk> Sabu: when you get back. TARGET: http://www.lexsi.com/ <<< the guys investigating us, in coop. with french police08:51 <&marduk> tip's from yehezkel08:52 <~Avunit> regging for google apps08:53 <@tflow> Oh I already did that before08:54 <@tflow> lemme give you root admin details08:54 <@tflow> sec08:55 <@entropy> avunit:08:55 <@entropy> Toomas Saarva08:55 <@entropy> Fort George G. 08:55 <@entropy> Meade MD, 2075508:55 <@entropy> nsa address08:55 <@entropy> and the guy who got busted for the biggest steroid bust ever08:55 <@entropy> lol08:56 <&marduk> lol08:56 <&marduk> we should maybe add Keith B. Alexander to our team08:56 <&marduk> :D08:56 <~Avunit> guis i failed :*08:57 <&marduk> ? :o08:57 <~Avunit> This domain has been registered and is in the process of ownership verification. If you believe this registration was unauthorized, please have your domain administrator contact Google support.08:57 <~Avunit> bawt i accidently closed page08:57 <~Avunit> and changed ip08:57 <~Avunit> SO IVE NO IDEA08:57 <~Avunit> what to do xD08:57 <@tflow> lol08:57 <@entropy> is it a new domain or what?08:57 <@tflow> I never knew you can register twice with the same domain08:58 <~Avunit> nah its anonleaks.ru08:58 <~Avunit> but they mean08:58 <~Avunit> its regged for google apps08:58 <@tflow> I made a Google Apps for anonleaksru08:58 <~Avunit> and awaiting verification08:58 <~Avunit> oh wait

back

trac

esec

urity

.com

08:58 <~Avunit> you did already08:58 <~Avunit> THATS WHY08:58 <~Avunit> BITCH08:58 <@entropy> im sure their db will notice its in a second time and just drop it08:58 <~Avunit> because at my first reg try08:58 <~Avunit> it kept sending me back08:58 <@tflow> Wait, let me give you root admin details08:58 <~Avunit> to the info08:58 <~Avunit> and I was like08:58 <~Avunit> I SEND TAHT ALREAD YBITCH08:59 <~Avunit> I added Toomas Sarva to the team08:59 <~Avunit> only need one for tflow now too D:08:59 <&marduk> he can use Keith B. Alexander id he's not creative :p09:00 <~Avunit> shh let him make up his own shit :P09:00 <@entropy> did you guys scroll up and see the shit kayla was talking about about that guy 'root'09:01 <~Avunit> i havent seen kayla talking09:01 <~Avunit> so it mustve been09:01 <@entropy> it was last night09:01 <~Avunit> before i logged on my bnc09:01 <~Avunit> :P09:01 <~Avunit> i dont backlog D:09:01 <@entropy> like 12 hours ago09:01 <&marduk> yes09:01 <&marduk> i told owen09:01 <@entropy> yea mine only has like 100 lines09:01 <&marduk> it was a fake root09:01 <&marduk> very likely09:01 <&marduk> possible switch09:01 <@entropy> even though the chan was +r?09:02 <&marduk> but owen knows.. and will follow up on that09:04 <~Avunit> D:09:12 <@entropy> pffft09:12 <@entropy> lol09:12 <@entropy> your goignto have complaints@anonleaks09:12 <@entropy> omfg that is going to get rocked w mail09:12 <~Avunit> awesum eh?09:12 <@entropy> but they will prob be funny as shit09:16 <~Avunit> waiting for domain verification now09:17 <~Avunit> domain verificated09:17 <&marduk> mmh i'D like to use that logo for the twitter acc09:18 <&marduk> let'S see if my netbook cn cope with gimp'n shit09:19 <~Avunit> oh fuck09:19 <~Avunit> entropy!09:19 <@entropy> avunit!09:19 <~Avunit> wont be able to add mx with the bot09:19 <~Avunit> since it requires more optionzzz09:19 <~Avunit> can you add it manually?09:19 <@entropy> yea if you do more then generic mx

back

trac

esec

urity

.com

09:19 <@entropy> sure what do you need09:19 <~Avunit> sec ill write it09:21 <~Avunit> anonleaks.ru. 14400 IN MX 10 ASPMX.L.GOOGLE.COM.09:21 <~Avunit> anonleaks.ru. 14400 IN MX 20 ALT1.ASPMX.L.GOOGLE.COM.09:21 <~Avunit> anonleaks.ru. 14400 IN MX 20 ALT2.ASPMX.L.GOOGLE.COM.09:21 <~Avunit> anonleaks.ru. 14400 IN MX 30 ASPMX2.GOOGLEMAIL.COM.09:21 <~Avunit> anonleaks.ru. 14400 IN MX 30 ASPMX3.GOOGLEMAIL.COM.09:21 <~Avunit> anonleaks.ru. 14400 IN MX 30 ASPMX4.GOOGLEMAIL.COM.09:21 <~Avunit> anonleaks.ru. 14400 IN MX 30 ASPMX5.GOOGLEMAIL.COM.09:21 <~Avunit> that should do09:21 <@entropy> oh is that all09:21 <@entropy> ...09:21 <@entropy> lol09:21 <@entropy> ok brb09:21 <~Avunit> yeah its just the multiple arguments and youre prob logged into the server already xD09:22 <@entropy> you need this: anonleaks.ru. IN TXT google-site-verification=zkig3tWuq_y7fpgAfAZO76OfLMfWJcGKUfK6Iq7WyG409:22 <~Avunit> yes09:22 <@entropy> ?09:22 <@entropy> k09:22 <~Avunit> that needs to stay ther09:22 <~Avunit> e09:23 <@entropy> i have to do anything manually that startw with anonleaks.ru.09:23 <@entropy> cause that is the origin09:23 <&marduk> fixt09:23 <&marduk> http://twitter.com/#!/AnonymousLeaks09:23 <@entropy> im using shortcuts with the @09:23 <~Avunit> well it did work though entropy09:23 <&marduk> heh, 780 followers already09:23 <~Avunit> since google got that one out properly09:23 <@entropy> really09:23 <~Avunit> yarr09:23 <@entropy> i never knew you could do that09:23 <&marduk> tflow: hbgary.anonleaks.ru teaser version ETA?09:23 <~Avunit> nor did i, but i just tried :p09:23 <~Avunit> oh that said ill tar the teaser version in a sec09:24 <@tflow> Should we put ti on anonleaks.ru or hbgary.anonleaks.ru?09:24 <&marduk> or just anonleaks.ru/hbgary/ ?09:24 <&marduk> would be better imo.. avoid dns spam :p09:25 <~Avunit> anonleaks.ru i just say09:25 <~Avunit> i mean thats the standard domain09:25 <&marduk> yah and then subdir. 09:25 <&marduk> agree here09:25 <~Avunit> http://operationfreedom.ru/teaser.tar.gz09:26 <~Avunit> the email should be onlnie.. well shortly09:26 <@Topiary> Everything going smoothly, AnonLeakers?09:27 <&marduk> everything going excellently09:27 <@entropy> avunit: stop the bot, go down to this line: if ($i >= 10) { # start printing at

back

trac

esec

urity

.com

the 10th line09:28 <@entropy> if ($i >= 19) { # start printing at the 19th line09:28 <@entropy> restart bot09:28 <~Avunit> change 10 to 19 ya mean?09:28 <~Avunit> k09:28 <@entropy> to hide all the non subdomain 09:28 <@entropy> yep09:31 <~Avunit> done09:31 <~Avunit> Email09:31 <~Avunit> - Updating...09:31 <~Avunit> We are checking MX records for your domain. This may take 48 hours to complete.09:31 <~Avunit> awh fu09:31 <@entropy> it wont09:31 <@entropy> its in now09:32 <@tflow> http://anonleaks.ru/09:32 <~Avunit> awesome tflow09:32 <~Avunit> awesome!09:32 <&marduk> YAY09:32 <@tflow> when we're releasing i'll redirect the frontpage to hbgary.anonleaks.ru09:33 <&marduk> ah okay09:33 <&marduk> kk09:34 <~Avunit> google is still checking, suppose itll be doen within the hour09:35 <&marduk> http://twitter.com/#!/AnonymousLeaks/status/3643307706863616009:35 <@entropy> http://anonleaks.ru/email5.html09:35 <@entropy> fuck i thought that was real09:35 <@entropy> niel stevenson should pick that up09:35 <~Avunit> lol09:35 <~Avunit> xD09:38 <@entropy> shit so its out09:38 <@entropy> ...09:38 <@entropy> let the games begin09:40 * Avunit stabs google for a fuster update09:40 <@entropy> whats the best way to kill a hd09:40 <@entropy> unskrew it and scratch the platters09:40 <@entropy> ?09:40 <~Avunit> chainsaw? sandpaper?09:40 <@entropy> actually ill just drive somewhere and dump them09:40 <~Avunit> open it u09:41 <~Avunit> and sandpaperrrrrr09:41 <@entropy> i need a giant electro magnet09:41 <@entropy> yea that will work09:41 <@entropy> but i have like 8 of them09:41 <@entropy> and theres like 20 star screws each09:41 <@entropy> pita09:41 <~Avunit> oh yeah09:41 <~Avunit> errr09:41 <~Avunit> drive over em09:41 <~Avunit> with a tractor

back

trac

esec

urity

.com

09:41 <~Avunit> and then throw em in water09:41 * entropy starts up my tractor09:41 <~Avunit> with a few batteries too09:42 <@entropy> 9v?09:42 <~Avunit> nah09:42 <~Avunit> 50v09:42 <~Avunit> :P09:42 <@entropy> word09:42 <~Avunit> BIG ONES09:42 <~Avunit> and then09:42 <~Avunit> sledgehammer09:42 <~Avunit> to finish it up09:42 <~Avunit> should kind of do the trick09:43 <&marduk> http://twitter.com/#!/AnonymousIRC/status/3643516626836684809:43 <&marduk> algeria live stream thar!09:43 <~Avunit> Updating Google servers... This may take up to 1 hour to complete.09:43 <~Avunit> * We are updating Google servers to enable email for your users.09:43 <@entropy> google anonleaks.ru09:43 <~Avunit> oh yarrrrr09:43 <@entropy> About 941 results (0.34 seconds) 09:43 <@entropy> its been what 1 minute09:44 <~Avunit> first results are awesome09:44 <@entropy> wow who made that logo09:44 <@entropy> ;)09:45 <~Avunit> Teasers: E-mail 1 E-mail 2 E-mail 3 E-mail 4 E-mail 5 E-mail 6 E-mail 7 E-mail 8 E-mail 9 · MEET THE TEAM.09:45 <~Avunit> oh fuck09:45 <~Avunit> at the google hit09:45 <~Avunit> google just09:45 <~Avunit> deneis09:45 <~Avunit> denies*09:45 <~Avunit> fonts :p09:45 <~Avunit> the bitches xD09:45 <@entropy> whats up with white on white09:45 <&marduk> lol you expect a google robot to miss text in BG color?09:45 <&marduk> :D09:45 <@entropy> sekret times09:46 <~Avunit> nah09:46 <~Avunit> i didnt09:46 <~Avunit> just09:46 <~Avunit> didnt realize09:46 <~Avunit> that google would cache that :P09:46 <@entropy> should keep it09:46 <@entropy> thats funny actually09:46 <~Avunit> how long before fox news09:46 <~Avunit> will report09:46 <~Avunit> they have our dox?09:47 <@entropy> and then a van will blow up09:47 <~Avunit> ill lol so hard

back

trac

esec

urity

.com

09:47 <@entropy> lol09:47 <~Avunit> "Wheres Serpent Nebula actually?"09:47 <@entropy> there is so many great lines in that video i cant believe it09:47 <@entropy> i had seven passwords and they got them all09:48 <@entropy> ^ the best one09:48 * Topiary buys a dog and hangs curtains.09:48 <@entropy> lol09:48 <@Topiary> The power of 9000 VPNs"09:48 <@entropy> my gf broke up w me cause she thought ... i was cheating on her with guys09:48 <@entropy> LOL09:48 <~Avunit> complaints@anonleaks.ru will be up in approx 1hr09:48 <@entropy> hopw can that still be funny i dont know09:48 <@Topiary> Isn't there where the old wordfilter of "7" to "over 9000" came from?09:48 <@Topiary> *that09:49 <@entropy> not sure09:49 <@entropy> thought ht 900 thing was from like pokeman09:49 <@Topiary> Avunit: sounds lovely.09:49 <~Avunit> I should send09:49 <@Topiary> Over 9000 itself is from Dragonsweatyballs09:49 <~Avunit> very serious replies09:49 <@Topiary> but the wordfilter on 4chan, 7 was replaced with over 900009:49 <@entropy> ah yea dragonball09:49 <@entropy> lol09:49 <~Avunit> I lieked Dragon Ball when i was lil kiddo09:49 <@Topiary> Avunit: may I respond to takedown notices with vigor?09:50 <~Avunit> But of course09:50 <@Topiary> or rather have access to that email as well09:50 <~Avunit> just if i get ranodm mails09:50 <&marduk> 14:48 <Ellerich> btw have you seen Avunit? I see him, but wonder when he be online09:50 <&marduk> 14:49 <Ellerich> he haven't reply for a while since I last spoke09:50 <@Topiary> because if there's one thing I'm useful for, it's creating laughs via responses09:50 <&marduk> avunit?09:50 <~Avunit> ill react very seriously09:50 <~Avunit> ohai i am seen09:50 <~Avunit> but rly was/am kinda busy09:50 <&marduk> what takedown notice?09:50 <@entropy> if09:51 <~Avunit> "You have complaints about our content? We are now passing your complaint on to the board of directors. We thank you for your input, please keep supporting AnonLeaks.ru"09:51 <@entropy> if and or when takedowns come09:51 <&marduk> ah 09:51 <~Avunit> ill gief you all some sexy @anonleaks.ru mail too when its done xD09:52 <@entropy> i have to go take the ccie security written test in an hour09:52 * entropy isnt scared09:53 <~Avunit> http://twitter.com/#search?q=%23AnonLeaks

back

trac

esec

urity

.com

09:54 <~Avunit> Even people with cleavage retweet that now09:54 <~Avunit> thats good09:54 <&marduk> WE WILL ROCK THE WORLD!09:54 <~Avunit> http://twitter.com/Emma_A09:54 <&marduk> wow09:54 <&marduk> it's a top tweet09:55 <&marduk> already09:55 <&marduk> fuck haha09:55 <&marduk> and over 800 followers09:55 <&marduk> sick shit is shit09:55 <@tflow> access.log is getting like 1 request per second09:55 <~Avunit> who all has access to that twitter account btw, you and tflow?09:55 <&marduk> yes, atm09:55 <~Avunit> k09:55 <&marduk> ill usually take care of the account. will not tweet much with it09:55 <~Avunit> just need to know who to poke for a tweet :P09:56 <&marduk> but just in case i am not round09:56 <~Avunit> we need it to tweet a bit tho ^.^09:57 <&marduk> ill tweet bout it with my main account09:57 <&marduk> as more reach anyway09:57 <&marduk> wil use *Leaks only for really new nnouncements09:57 <&marduk> @wikileaks isn't tweeting much either09:58 <&marduk> but once full version is online09:58 <&marduk> i will tweet a few nice mails of course09:58 <&marduk> http://www.wikifiltraciones.com/?p=183809:58 <~Avunit> nah but we are not wikileaks either :P09:59 <&marduk> we certainly are not09:59 <&marduk> i hope we never get into a daniel-situation :p09:59 <~Avunit> iunno we operate differently10:00 <~Avunit> we use social media more actually :P10:00 <~Avunit> thats why i said keep people happy with tweets of @AnonymousLeaks too10:00 <~Avunit> I nevah used twitter though D:10:00 <~Avunit> atopiary #AnonLeaks teaser site up: http://anonleaks.ru/10:00 <&marduk> yeah i will.. just not too much10:00 <~Avunit> icwutudidthar10:01 <~Avunit> glynmoody RT @BiellaColeman #anonymous is gonna release/leak more damning emails here: http://anonleaks.ru/ >>interesting use of .ru domain here less than 20 seconds ago via web10:01 <~Avunit> lulz10:01 <~Avunit> interesting useeee10:02 <&marduk> lol natural use i'd say10:03 <~Avunit> well we can always let .com redirect to .ru just for that guy :p10:03 <@Topiary> http://twitter.com/#!/atopiary/status/36439397956202496 :D10:03 <~Avunit> [16:00:49] <~Avunit> atopiary #AnonLeaks teaser site up: http://anonleaks.ru/10:03 <~Avunit> [16:00:50] <&marduk> yeah i will.. just not too much10:03 <~Avunit> [16:00:52] <~Avunit> icwutudidthar10:03 <~Avunit> mwhaha :p10:04 <@tflow> search anonleaks.ru in google

back

trac

esec

urity

.com

10:05 <~Avunit> i did yesh :p10:05 <&marduk> feng37 冯三七10:05 <@Topiary> Should we make #anonleaks public now?10:05 <&marduk> http://twitter.com/#!/feng37/status/3644049140272332810:05 <&marduk> Topiary: sure10:05 <~Avunit> we're getting max publicity already10:06 <@entropy> lol10:06 <~Avunit> liek10:06 <~Avunit> well10:06 <~Avunit> lets go for top google searches? :P10:06 <@tflow> i see http://anonleaks.ru10:06 <@tflow> as the top for anonleaks.ru10:06 <@entropy> yea10:07 <@entropy> it has been since like the second it came up10:07 <@entropy> but the nextresult is the cock sucker calling us sociopaths10:07 <~Avunit> http://twitter.com/search?q=AnonLeaks10:07 <~Avunit> arr10:08 <~Avunit> second it top 5k tweets for me10:08 <~Avunit> by topsy10:08 <@tflow> http://www.icerocket.com/search?tab=twitter&fr=h&q=anonleaks&x=0&y=010:08 <@entropy> crazy10:08 <@entropy> its been like 20 minutes10:08 <@entropy> lol10:08 <&marduk> eheh10:08 <&marduk> this will hit the fan10:09 <~Avunit> lol shit10:09 <~Avunit> we're going max for top tweet10:09 <~Avunit> monday will be max10:09 <~Avunit> gotta look what to do weeks after the 27k mails tho10:09 <&marduk> btw Topiary why aren't you in the most elitest idle channel on anonops? :o10:10 <~Avunit> hrrm are we having bets on which internet media will report first on the lulz page?10:10 <~Avunit> because surely one will get the mocking of doxing10:10 <@Topiary> http://twitter.com/#!/atopiary/status/3644199358025728010:10 <@Topiary> marduk: OH SHIT10:10 <@Topiary> must join!10:10 * Topiary joins the secretz10:11 <~Avunit> SamusAranX #anonleaks' credits page: http://img.ly/2Zie half a minute ago via Twitterrific10:11 <~Avunit> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^10:11 <@tflow> I wouldn't tweet the channel yet on AnonymousLeaks twitter or AnonymousIRC - I think better for it not to be *too* public yet10:11 <@tflow> haha10:11 <@entropy> too late10:11 <~Avunit> we have a winrar10:12 <@tflow> nah that's just for atopiary :p10:12 <&marduk> why not? its just an irchannel10:12 <&marduk> having the anonleaks site up and tweeted makes much more impact10:12 <@tflow> I dunno. might make us seems like publicity whores

back

trac

esec

urity

.com

10:12 <@tflow> i feel10:12 <@Topiary> we did the same for the HBGarychannel10:12 <@tflow> hm ok10:12 <@tflow> put a link to the webirc10:12 <@Topiary> I did10:12 <@Topiary> marduk: retwat?10:12 <&marduk> yeah we often tweeted channel10:13 <&marduk> done already10:13 <@Topiary> a true scholar10:13 <@entropy> lol10:13 <~Avunit> I <3 SamunaranX10:14 <~Avunit> SamusAranX even10:14 <@entropy> knows how to html10:14 <@tflow> tail -f access.log10:14 <@tflow> is flying10:14 <~Avunit> lulz10:14 <~Avunit> 16 new tweets10:14 <~Avunit> in 5 secodns10:14 <~Avunit> containing 'AnonLeaks'10:19 <@Topiary> It's such a unique word10:19 <@Topiary> shitstorm inbound10:19 <~Avunit> xD10:19 <@Topiary> tflow are you distancing yourself from #anonleaks?10:19 <~Avunit> 82 new tweets since you started searching10:20 <@tflow> lol, no10:20 <&marduk> ugh triumph lags bad10:21 <~Avunit> triumph.operationfreedom.ru (6DE) 4 [12.12%] [Up: 1d12h35m50s Lag: 222ms]10:21 <~Avunit> 222 ms from US to RU isnt that bad10:21 <&marduk> sssssss10:21 <&marduk> hhdh10:22 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @tflow10:22 <&marduk> hmm well.. packet loss?10:22 <~Avunit> tackle splitted tho D:10:22 <&marduk> if i type... it have a delay of 2-5 seconds10:22 * Avunit revives tackle.10:22 <@entropy> santrex boxen acting like champs right now ;)10:22 <&marduk> will switch to tackle then10:23 -!- Netsplit over, joins: @tflow10:23 <&marduk> hmm getting better tho10:23 <~Avunit> triumph is doing better than tackle atm10:23 <&marduk> utf-8 is broken on triumph though10:23 <&marduk> in irssi10:23 <~Avunit> is et?10:23 <~Avunit> not installed?10:23 <&marduk> not sure what'S the difference to tackle10:34 <@entropy> lol10:35 <&marduk> uh10:35 <&marduk> anonleaks.ru slow

back

trac

esec

urity

.com

10:35 <&marduk> ddos already?10:35 <&marduk> or just ... normal "ddos"10:35 <&marduk> hm works now10:35 <@tflow> Probably Heihachi problems10:35 <@entropy> no ddos to mine10:35 <@tflow> Considering there was just a netsplit10:35 <~Avunit> google hits are getting better already10:35 <@tflow> here10:36 <&marduk> ima try tackle10:36 <~Avunit> purrrfectly loading pae here10:36 <~Avunit> tflow watcha using, nginx or lighttpd? cba to read http headers xD10:36 <@entropy> loads real fast for me10:37 <&marduk> yeah all good again10:37 <@tflow> nginx10:39 <~Avunit> i nevah used nginx ;.;10:39 <~Avunit> <-- lighttpd fag10:41 -!- x [x@The.Internet] has joined #hq10:41 -!- mode/#hq [+ao x x] by HQBot10:41 <&x> tackle actually feels better.10:44 <&marduk> http://gawker.com/#!5757995/an-interview-with-a-target-of-the-fbis-anonymous-probe10:51 <~Avunit> YO BITCHES10:51 <~Avunit> somenoe wants an @anonleaks.ru email?10:52 <~Avunit> this is your chance :O10:54 <&marduk> sure!10:54 <&marduk> gimme qcase@anonleaks.ru10:54 <&marduk> eh10:54 <&marduk> case@10:55 <~Avunit> k10:55 <@entropy> noyx@anonleaks.ru10:57 <~Avunit> both added10:57 <~Avunit> check pm10:57 <~Avunit> tfkiw10:57 <~Avunit> tflow*10:57 <~Avunit> you want one?10:57 <@tflow> nah10:57 <~Avunit> k11:01 <&marduk> hmm 11:01 <&marduk> will be interesting to see.. if google keeps this alive11:01 <~Avunit> google isnt that bad11:01 <~Avunit> and it loves influence11:01 <~Avunit> and having access to data just for the sake of it11:01 <~Avunit> so yeah i think itll stay up11:02 <@tflow> Topiary: http://www.mediafire.com/?7vb98xu7cobcif211:02 <@tflow> gonna put that on youtube?11:04 <~Avunit> vesper_dbs it's on ;] > @bruces: http://anonleaks.ru/ *these Anonleaks guys are like the game-griefer maestros of psychological torment.11:05 <@entropy> ok im leaving to take my test11:05 <@entropy> ttl

back

trac

esec

urity

.com

11:05 <~Avunit> good luck entropy!11:05 <@entropy> thanks11:13 <~Avunit> afk11:16 <@tflow> http://www.reddit.com/r/TwoXChromosomes/comments/fk3fe/look_upon_the_beautiful_soul_of_penny_hbgarys/11:16 <@tflow> lol11:19 <&marduk> brb, need to get BEER!11:25 <@Topiary> tflow: you gonna be available to add takedown notices in lulzy formats on the page if I give ya emails of them in the future?11:26 <@Topiary> piratebay style, it was a genius idea11:30 <@tflow> I'll just add them to legal.html if you give me them :)11:33 <@Topiary> sounds good11:36 <~Avunit> tflow11:36 <~Avunit> should we add the complaints email11:36 <~Avunit> to the homepage too?11:38 <@Topiary> it would be lulzy11:39 <~Avunit> Could you copy the link part of theteam.html to the end of index.html tflow?11:41 <~Avunit> purrty please11:45 <~Avunit> (or gief me access to screw wid da siet man)11:46 <@tflow> http://anonleaks.ru/theteam.html?11:46 <@tflow> oh11:46 <@tflow> Should I put the link there, but in small?11:46 <@tflow> to theteam.html11:47 <~Avunit> nono11:47 <~Avunit> copy the "Problem officer? mailto:thingie"11:47 <~Avunit> to the end of the index.html too11:47 <@tflow> i think i should just to theteam.html11:47 <~Avunit> well11:47 <~Avunit> thats there already11:47 <~Avunit> just11:47 <~Avunit> in white11:47 <@tflow> yeah, but make it black11:47 <@tflow> and small11:48 <~Avunit> you could do that11:48 <~Avunit> but please put the problem officer11:48 <~Avunit> on the main page too :P11:48 <~Avunit> under the MEET THE TEAM link11:48 <~Avunit> brb 5 mins12:03 <@tflow> http://anonleaks.ru/12:06 <&marduk> btw12:06 <&marduk> can i have access to that inbox?12:06 <&marduk> or isnt that possible?12:07 <@tflow> ask Avunit12:09 <~Avunit> tflow, can you put the link to the email up on the index.html too?12:09 <@tflow> I think it would be too much :\12:09 <@tflow> We don't want the jokes to be too obvious12:09 <~Avunit> well12:09 <~Avunit> it isnt quite a joke yet :P

back

trac

esec

urity

.com

12:09 <~Avunit> only when they send us a mail12:09 <~Avunit> and we reply12:09 <~Avunit> xD12:10 <@tflow> They will send our hosts mail12:10 <~Avunit> ill set the complaints mail of anonleaks.ru to complaints@anonleaks.ru too12:10 <@tflow> What to you mean?12:11 <~Avunit> that when you whois anonleaks.ru12:11 <~Avunit> get as a contact mail12:11 <~Avunit> complaints@anonleaks.ru12:13 <&Sabu> hi12:13 <~Avunit> hai sabu <312:13 <~Avunit> whois data for anonleaks.ru should be updated soon12:17 <&marduk> http://www.computersecurityarticles.info/security/anonleaks-continues-relationship-with-criminals/12:17 <&marduk> gah12:17 <&marduk> fuckers12:17 <~Avunit> tell them12:17 <~Avunit> we are 12:17 <~Avunit> NOT12:17 <~Avunit> anonlaeks.org12:18 <&marduk> and wtf is anonleaks.pcriot.com12:18 <&marduk> ??12:18 <~Avunit> its anonleaks.org i think12:18 <~Avunit> not us12:19 <&Sabu> http://www.newyorker.com/reporting/2011/02/14/110214fa_fact_wright?currentPage=all nice read12:19 <&marduk> sabu ohai12:19 <&marduk> 13:51 <&marduk> Sabu: when you get back. TARGET: http://www.lexsi.com/ <<< the guys investigating us, in coop. with french police12:20 <&marduk> also there seems to be an sqli on hunton.com, p0ke reporten12:20 <&marduk> reported12:20 <@tflow> how do you know they are investigating us?12:21 <&marduk> it was a tip from yehezkel via Barrett12:22 <@tflow> how does he know?12:23 <@tflow> also12:23 <@tflow> googlebot seems to be indexing the mail on internetfeds.mil.nf...12:23 <~Avunit> -.-"12:23 <~Avunit> robot.txt?12:23 <&marduk> i cannot really say, but barrett was pretty sure that he was right12:23 <~Avunit> google respects that12:23 <&marduk> you may want to talk to him12:23 <@tflow> crawling*12:24 <&marduk> uh12:24 <@tflow> but mil.nf is blacklisted anyway..12:24 <~Avunit> lol12:24 <~Avunit> why is it?12:24 <@tflow> dnno12:24 <@tflow> many afraid.org domains are12:25 <&marduk> afraid.org :)

back

trac

esec

urity

.com

12:25 <&Sabu> I can setup anonleaks.prvt.org let me know12:25 <&Sabu> its one of my private domains12:25 <~Avunit> we have anonleaks.ru and anonleaks.com tho12:25 <&Sabu> guess we'll setup a whole bunch of mirror servers12:25 <&Sabu> if you nigg3rs need me to get bulletproof servers12:25 <&Sabu> but I have to buy prepaid visas12:26 <@tflow> Sabu: sweet. we have 4 mirroring servers in total12:26 <~Avunit> 5 if i join in soon12:26 <@tflow> 1 of which is in prq, and 1 from telecomix12:26 <~Avunit> but thatd be later on tho D: kinda busy here12:26 <&Sabu> ok count me in12:26 <~Avunit> my server will be in russia12:26 <&Sabu> I'll have some servers tonight just for anonleaks12:26 <~Avunit> triumph.operationfreedom.ru on this net12:26 <@tflow> swet12:26 <@tflow> sweet*12:26 <~Avunit> but you awnna use nginx?12:26 <~Avunit> because it runs lighttpd12:26 <&Sabu> nginx is good shit12:26 <@tflow> hm12:26 <@tflow> lighttpd is OK, but nginx is better12:27 <&Sabu> indeed12:27 <~Avunit> actually fuck you ill get you an account on that box tflow12:27 <~Avunit> and drop myself in the pool12:27 <@tflow> :312:28 <&marduk> ugh just seeing this12:28 <&marduk> only 5 servers on anonops :o12:28 <&marduk> they are as large as we are heh12:58 <&marduk> Sabu: 12:58 <&marduk> tflow: 12:58 <&marduk> 17:55 <yehezkel> this company collects information here to analyze12:58 <&marduk> 17:55 <q> yes, can you tell me how you know that?12:58 <&marduk> 17:56 <q> lexsi it was12:58 <&marduk> 17:56 <yehezkel> They are not very discreet12:58 <&marduk> 17:56 <q> heh12:59 <&marduk> 17:57 <yehezkel> We can find their presence around all the actions of anonymous12:59 <&marduk> 17:57 <q> got an example?12:59 <&marduk> 17:58 <yehezkel> documents revealed on hb gary federal on torrent12:59 <&marduk> 17:58 <q> oh? hmm search is offline atm12:59 <&marduk> 17:58 <q> you happen to know date/time of a mail?12:59 <&marduk> 17:58 <yehezkel> And they do not hide, a speaker of that company spoke French in a story on anonymous13:02 <&marduk> 17:59 <yehezkel> "Gwendal Delcros, expert for the company's computer security Lexsi"13:02 <&marduk> 18:00 <yehezkel> he said clearly that they are collecting information on public irc, analyze behavior, etc..13:02 <&marduk> 18:00 <yehezkel> but this speaker was a spokesperson, I provided the name of the barrett apparently in charge of the project

back

trac

esec

urity

.com

13:02 <&marduk> 18:01 <yehezkel> This company is large enough, we know that it deals with the French authorities, and that its turnover amounted to several billion with money in very vague13:17 <&Sabu> ok13:17 <&Sabu> lexis.com it is13:17 <&Sabu> do me a solid13:18 <&Sabu> collect info on yehezkel in the process. if hes trolling us13:18 <&Sabu> and has me wasting time rooting lexis13:18 <&Sabu> you already know13:18 <&marduk> im quite confident that his info is okay13:18 <&marduk> he doesnt sound like a troll13:18 <&marduk> he taked to barrett yesterday13:18 <&marduk> didnt talk to anyone else or tried to spread that to anyone13:18 <&marduk> ony after i asked him in private13:19 <&marduk> he was on #opdeface for about 4-5 weeks now13:19 <&Sabu> ok13:19 <&marduk> but i will try to find out a bit more13:20 <&marduk> but he gave us some lists of password/logins before13:20 <&marduk> quite a while ago13:20 <&marduk> think was for .eg13:22 <&Sabu> ok my brother13:22 <&Sabu> so lets begin researching lexis13:22 <&marduk> now he's helping with info on our .dz loic target13:22 <&marduk> i really am quite confident he is genuine13:22 <&marduk> the search would be helpful now13:22 <&marduk> for hbgary mails. since he mentioned there is evidence in there13:23 <&Sabu> whats the site again13:23 <&Sabu> lexsi.com ?13:23 <&marduk> yup13:24 <&marduk> they are working close with french but also international authorities13:24 <&marduk> and apparently greg was in contact with them... but i need yet to see that13:39 <&Sabu> probing their servers now13:59 <&marduk> what was greg'S standard PW?13:59 <&marduk> i should really note that down, grrr.14:13 <&marduk> yeah.. well, i love joe. but discussing with him is really exhausting and no fun. :/14:13 <@Topiary> Avunit: No complains yet, heh14:14 <@Nessuno834> ohai14:17 <@Topiary> Sup14:17 <@Topiary> I'll be back in an hour or two gentlement14:17 <&Sabu> topiary my brother :D14:17 -!- Topiary [colossal@do.the.impossible] has quit [Quit: AFK, return time 1-2 hours, TANGO OSCAR PAPA INDIA ALPHA ROMEO YANKEE OUT HURR]14:18 <&Sabu> SIERRA ALPHA BRAVO UNIFORM REPORTING FOR DUTY14:19 <&marduk> MIKE ALPHA ROMEO DELTA UNIFORM KILO on standby.14:20 <&marduk> still scanning mails14:29 <&Sabu> jEA14:31 <&marduk> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/attachments/4558.pdf -- 'Warfare by Internet

back

trac

esec

urity

.com

14:31 <&marduk> may be an interesting read14:47 !twisted.operationfreedom.ru *** tflow invited joepie91 into the channel14:47 <@tflow> add joepie91 to aop please14:47 !twisted.operationfreedom.ru *** tflow invited joepie91 into the channel14:48 -!- joepie91 [merpderp@HA-u3g.pbq.j3hiks.IP] has joined #hq14:48 < joepie91> danke.14:48 <@Nessuno834> alert the faggot police14:48 <@Nessuno834> joepie is here14:48 <@tflow> nou14:50 <&marduk> !aop add joepie91 14:50 <&marduk> he'S not regged14:51 < joepie91> yes I am14:51 < joepie91> :P14:51 <&marduk> !aop add joepie91 14:51 -!- mode/#hq [+o joepie91] by HQBot14:53 <@entropy> back14:53 <@entropy> anything happen14:54 <@entropy> passed test 877/1000 ;)14:55 <&marduk> grats :)14:56 <@entropy> thanks15:12 <&marduk> sality rootkit here15:12 <&marduk> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18927.html15:19 <@tflow> joepie91: I think I should add a link to ./ for where it says "HBGary email viewer"15:20 <@joepie91> that would be an idea, yes15:20 <&marduk> heh thats a good compromise15:20 <@joepie91> also, any irc servers still working?15:20 <@joepie91> on anonops?15:20 <&marduk> vlad15:20 <@joepie91> dharma just dropped15:20 <@joepie91> ok15:20 <@joepie91> what hostname?15:20 <&marduk> vlad was fine the past 24h15:20 <@joepie91> just vlad.anonops.ru?15:20 <&marduk> vlad.anonops.ru15:20 <@joepie91> also15:20 <@joepie91> vlad dropped a few hours ago15:20 <@joepie91> for a few minutes15:20 <@joepie91> :P15:20 <&marduk> hm? not for me15:21 <@joepie91> yus15:21 <@joepie91> it did15:21 <@joepie91> it delinked15:21 <@joepie91> was fixed in like 5 minutes15:21 <&marduk> hm k, was probably AFK15:21 <&marduk> but right, i noticed that tackle split... :)15:21 <&marduk> if vlad does, tackle does too.15:21 <@entropy> wtf sis going on w anonops15:21 <@joepie91> lol

back

trac

esec

urity

.com

15:22 <@joepie91> ddos15:22 <@entropy> on all the boxes?15:22 <@joepie91> apparently15:22 <&marduk> not all15:22 <@joepie91> shit keeps going down15:22 <@joepie91> meh15:22 <@joepie91> I think they are all attacked15:22 <&marduk> vlad wasnt attacked so far15:22 <@joepie91> some more, some less15:22 <@entropy> has anyone said why its goign on?15:22 <@joepie91> and some are protected15:22 <&marduk> nope, vlad had no ddos. tflow ?15:22 <@joepie91> hm, it did delink15:22 <&marduk> well15:23 <&marduk> as we said15:23 <&marduk> vlad doesnt need to be attacked to split or lose connection15:23 <&marduk> that's normal :p15:23 <&marduk> but it'S been amazingly good the past 48h15:23 <@joepie91> lol.15:23 <@joepie91> I wonder about santrex15:23 <@joepie91> they have russia15:23 <@joepie91> and they're pretty cheap15:23 <@joepie91> any experience?15:23 <@entropy> they are pretty good15:24 <@entropy> i have 3 in ru15:24 <@joepie91> they have openvz, which makes me a happy panda15:24 <@entropy> 1 in ukraine15:24 <@joepie91> :315:24 <@entropy> 1 in luxenburg15:24 <@joepie91> russia is sold out15:24 <@joepie91> thinking about getting a 9.95/mo in ukraine15:24 <@joepie91> especially nice that it's unmtered15:24 <@entropy> yea ukraine is actually the best out of all of them15:24 <@joepie91> unmetered*15:24 <@joepie91> oh, rly?15:24 <@joepie91> howso?15:24 <@joepie91> connectivity?15:24 <@entropy> yea15:24 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel15:24 -!- kayla [mysql3@fbi.gov] has joined #hq15:24 -!- mode/#hq [+o kayla] by HQBot15:24 <@entropy> ru getts ddosed weekly15:24 <@kayla> ;)15:24 <@joepie91> hm, what country are you?15:24 <&marduk> kayla <3<315:25 <@joepie91> west europe at least?15:25 <&marduk> kayla: gimme greg's old pw again15:25 <@entropy> no ny15:25 <@kayla> whats new :)

back

trac

esec

urity

.com

15:25 <@joepie91> hmmm15:25 <&marduk> i need to write it down15:25 <@joepie91> then I wonder15:25 <@joepie91> also15:25 <&marduk> found some sites that may work15:25 <@kayla> i don't have it here 15:25 <&marduk> meh, k15:25 <@joepie91> the connectivity between my US VPS and my dutch connection is ridiculously good15:25 <@joepie91> better than between me and ANY dutch vps that I have tried so far15:25 <@kayla> :D15:25 <@joepie91> I don't really get it lol15:25 <@entropy> im coming from a oc3 on this end so thats not the problem15:25 <@joepie91> apparently because of hurricane or sth15:25 <@entropy> or dual ds3s15:26 <@entropy> its def their end15:26 <@joepie91> hurricane electric?15:26 <@joepie91> that's what it's called right?15:26 <@joepie91> heh15:26 <@joepie91> entropy: can you check your connectivity to www.yunicc.ws ?15:26 <@joepie91> that VPS15:26 <@entropy> check it how just pings?15:27 <@joepie91> ping, download speed15:27 <@entropy> --- www.yunicc.ws ping statistics ---15:27 <@entropy> 3 packets transmitted, 3 received, 0% packet loss, time 2003ms15:27 <@entropy> rtt min/avg/max/mdev = 40.137/40.255/40.353/0.186 ms15:27 <@kayla> are you guys still fucking with egyption gov too :D15:27 <@joepie91> lemme see15:27 <@joepie91> I have a 100mb15:27 * joepie91 logs on to ssh to figure out where he put the 100mb15:27 <@joepie91> hm15:27 <@joepie91> removed my 100mb?15:28 <@joepie91> sec15:28 <@entropy> i thought egypt is all good now15:28 <&marduk> kayla: not really.. i think15:28 <&marduk> mubarak resigned15:29 <&marduk> opegypt is like in optunisia state15:29 <&marduk> and fuck, triumpg lagging hard15:29 <&marduk> hmmm and cant ssh to tackle.15:29 <&marduk> wtf.15:29 <@kayla> http://etenders.gov.eg/uploads/owned.html15:29 <@kayla> http://etenders.gov.eg/uploads/sh.php?cmd=uname%20-a%3Bid%3Bw%3Buptime%3Bcat%20%2fetc%2fhosts15:29 <@joepie91> downloading from cachefly with 10.7mb/sec...15:29 <@joepie91> :P15:29 <@joepie91> 100mbit file15:29 <@joepie91> www.yunicc.ws/100mb.test15:29 <@joepie91> entropy, what speed are you getting from there?15:29 <&marduk> uh oh

back

trac

esec

urity

.com

15:30 <@entropy> from where you want me to test15:30 <&marduk> i think tackle and vlad are dying :(15:30 <@entropy> what country?15:30 <&marduk> fuck15:30 <@joepie91> uhm15:30 <@joepie91> US15:30 <@entropy> 1 sec15:30 <@joepie91> anywhere in US15:30 <@entropy> 32,434,472 4.77M/s eta 16s 15:30 <&marduk> tackle/vlad dead15:30 <@entropy> about 5 M a secpnd15:30 <@joepie91> heh15:30 <@joepie91> ok15:30 <@entropy> 100%[=====================================================================>] 104,857,600 4.78M/s in 21s 15:30 <@entropy> 2011-02-12 15:43:17 (4.72 MB/s) - `100mb.test' saved [104857600/104857600]15:30 <@joepie91> that's interesting15:30 <&marduk> *sigh*15:31 <@joepie91> because I got 8mb/sec on a dutch 100mbit line15:31 <@joepie91> :P15:31 <@joepie91> and ping?15:31 <@entropy> 5M is fucking fast15:31 <@entropy> 40ms ping15:31 <&marduk> 20:31 [vlad] CTCP PING reply from q: 78.629 seconds15:31 <&marduk> oh15:31 <@joepie91> I get about 51ms15:31 <&marduk> not quite dead15:31 <&marduk> :)15:31 <@joepie91> from netherlands15:31 <@joepie91> a bit difference15:31 <@joepie91> but still...15:31 <@joepie91> ridiculously well-connected, lol15:31 <@joepie91> that site is actually dutch15:31 <@entropy> are they some tier3 that gives hosting too?15:31 <@joepie91> aimed at dutch public, too15:31 <@entropy> like level315:31 <&marduk> mhh okay again.15:31 <@joepie91> uhm15:31 <@joepie91> this host is connected through level315:31 <@joepie91> hurricane15:32 <@joepie91> and a few others15:32 <@entropy> ah15:32 <@joepie91> not sure which one for this DC though15:32 <@joepie91> www.ramhost.us15:32 <@entropy> those are the bigguns15:32 <@joepie91> it's a small host15:32 <@joepie91> great host, too

back

trac

esec

urity

.com

15:32 <@entropy> they got the 10gige15:32 <@entropy> intercontential shit15:32 <@joepie91> herh15:32 <@joepie91> heh*15:32 <@joepie91> well15:32 <@joepie91> I pay like 30 dollar a month15:32 <@joepie91> for 3 vpses15:32 <@joepie91> fairly high spec15:32 <@joepie91> they are fucking cheap15:33 <@joepie91> and it's openvz, and fucking responsive :D15:33 <@entropy> the only thing is dutch will comply with us laws15:33 <@entropy> no mas15:33 <@joepie91> mhmm15:33 <@joepie91> meh15:33 <@joepie91> I don't plan on breaking rules15:33 <@joepie91> and I know the host is fairly anon-minded15:33 <@joepie91> at free speech etc15:33 <@joepie91> he won't shut down a server when he gets a DMCA15:34 <@joepie91> but talk first15:34 <@joepie91> etc15:34 <@joepie91> it's the typical geek, even :P15:34 <@entropy> thats cool15:34 <@joepie91> srsly15:34 <@joepie91> robert marder15:34 <@joepie91> great guy15:34 <@joepie91> if something is up, you send him a message15:34 <@joepie91> and he fixes it15:34 <@joepie91> found a vuln on the site once15:34 <@joepie91> sent a message15:34 <@joepie91> less than an hour later it was fixed15:34 <@joepie91> he wrote his own control panel for the VPSes too15:34 <@joepie91> :P15:35 <&marduk> haha, greg on August 25 "Intelligence work becomes banal, now available for the common man, CIA, Inc."15:35 <&marduk> He did not know how true this will become15:36 <@joepie91> LOL15:36 <@joepie91> :O!15:36 <@joepie91> ramhost has stock!15:37 <@joepie91> you can bet that all those VPSes are sold out in three days :D15:37 <@joepie91> entropy: https://my.ramhost.us/v2/vps/cp/ demo:demo15:38 <@joepie91> who pingd me15:38 <@tflow> me15:38 <@tflow> :P15:38 <@joepie91> lol15:38 <@joepie91> *** CTCP-request ignored (ping)15:38 <@joepie91> :D15:39 <@entropy> thats cool15:39 <@entropy> i wrote something liek this years ago15:39 <@entropy> we used to host freebsd in jails

back

trac

esec

urity

.com

15:39 <@entropy> right whn linux was tsratign to be able too15:39 <&marduk> wow, hit 7000 followers yesterday. will have 8000 tomorrow15:39 <&marduk> speed is picking up15:40 <@joepie91> heh15:40 <@entropy> 700 or 7000?15:40 <@tflow> [20:38:12] -> [#ophbgary] PING15:40 <@tflow> [20:38:13] -joepie91- LOLNO15:40 <&marduk> 7000 naturally15:40 <&marduk> 7535 now15:40 <@entropy> jesus15:40 <@joepie91> uhm15:40 * joepie91 checks follow count on wikileaks15:40 <@tflow> he's talking about anonymousirc :P15:40 <&marduk> and @AnonymousLeaks has 900+ already15:40 <&marduk> lol15:40 <@kayla> lol followers where :D?15:40 <&marduk> @AnonymousIRC - twitter15:40 <@entropy> ah thats what i was thinking of15:40 <@tflow> @anonymousleaks15:40 <&marduk> will catch @AnonOps soon15:40 <&marduk> that idit15:40 <@joepie91> 731k on wikileaks15:41 <@joepie91> almost there15:41 <@joepie91> :D15:41 <@entropy> holy shit15:41 <&marduk> 873 for anonymousleaks. for 9 tweets15:41 <&marduk> exists 24h15:41 <&marduk> :D15:41 <@kayla> oh i dont get mixed up with that twitter stuff :D irc is my play ground :D15:41 <&marduk> kayla: mine too... i just understood twitter when joining anon15:41 <&marduk> very good propaganda tool (=15:42 <@tflow> aigeanta: RT @_x4o: AnonLeaks.ru - Teaser!! A Tale of HBGary, Stuxnet, Pride and Prejudice --->> ow.ly/3Vhin You won't want to miss this. #anonymous #TT · Reply · RT 15:42 <@kayla> oh it is! look how it's helped tunisia and egypt :)15:42 <&marduk> idd15:42 <@kayla> i just don't live having online accounts :)15:43 <@joepie91> nickserv.15:43 <&marduk> well, obv i only access it via vpn15:43 <&marduk> tflow: how many PI do we have on anonleaks.ru by now?15:44 <@tflow> PI?15:44 <&marduk> page impressions/unique visitors15:44 <@tflow> dunno. i should probs install awstats15:44 <@kayla> we need to make http://anonleaks.ru a fortress :D every faggot wanting to 1up anon will try to haq it :D15:44 <@joepie91> awstats indeed15:44 <&marduk> there's not much to hack, is there?15:45 <@tflow> kayla: yeah. but we have a fuckload of mirrors atm15:45 <@joepie91> try if you can make it run awstats every hour, then clean IPs from logs

back

trac

esec

urity

.com

15:45 <@tflow> well, a few :P15:45 <@tflow> about 6 total15:45 <@joepie91> try if you can make it run awstats every hour, then clean IPs from logs15:45 <@joepie91> :)15:45 <@kayla> tflow, mirrors are nothing, we get hacked we will lose face :-)15:45 <@entropy> scp the logs to a diff box to install awstats15:45 <@entropy> awstats is unsecure as fuck15:45 <@tflow> kayla: well all the content is static15:45 <@joepie91> entropy: that can be traced15:45 <@joepie91> and they will just get that box15:45 <@joepie91> lol15:45 <&marduk> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/15255.html MOAR sality rootkits15:45 <&marduk> kayla: heard of sality?15:45 <@entropy> i have15:46 <@entropy> like 5 years ago15:46 <@entropy> its super common15:46 <&marduk> ah k15:46 <&marduk> then nvm15:46 <@tflow> + even if they hack the box, nginx doesn't run as root, but as nginx15:46 <&marduk> hevent heard of it before15:46 <@entropy> its a part that alot uses15:46 <@entropy> its the main rootkit part15:46 <@joepie91> how sick is it that I make tea in a coffee machine?15:47 <@kayla> atleast install sunoshin and disable LOAD_FILE and INTO OUTFILE on mysql, close all none needing ports, not using FTP? close it! not using SMTP? close it! 15:47 <@entropy> im moving all my shit off those dns servers15:47 <@entropy> cause now im hosting my www onit15:47 <@entropy> is into outfile disabled on all mysql?15:47 <@entropy> by default15:47 <@kayla> not sure!!!!!!!15:47 <@kayla> i've not installed it too many times, but i sure know how tyo make a mess of it :D15:48 <@entropy> i dont know why the f anyone would legit use that15:48 <@entropy> lol15:48 <@kayla> i break servers dont make servers :D15:48 <@entropy> lol15:49 <@joepie91> kayla15:49 <@joepie91> I am not sure how useful it is to install patches15:49 <@joepie91> for things that are not installed15:49 <@joepie91> lol15:50 <&marduk> HBGary Preparation to Sell the Company.docx (12406 bytes)15:50 <&marduk> http://internetfeds.mil.nf/hbgary/greg_hbgary_com/26862.html15:50 <@kayla> if it was my server only port 80 and 22 would be running, i wouldn't even use a mysql DB and just use html static pages rather than php/html15:50 <@joepie91> also, imho the best way is to start off with a minimal image15:50 <@joepie91> set up an sshd15:50 <@joepie91> set up a httpd15:50 <@entropy> mysql you can run on 127.0.0.1

back

trac

esec

urity

.com

15:50 <@joepie91> and only use sftp for access15:50 <@tflow> we only use html pages15:50 <@entropy> and should change sshd to ran port15:50 <@kayla> entropy yes :D15:50 <@joepie91> only allow local mysql connections15:50 <@entropy> *rand15:51 <@kayla> but having a SQL DB means it can be SQL injected :D15:51 <@joepie91> not if you write proper code.15:51 <@kayla> is why no mysql for me :D15:51 <@joepie91> kayla: try to get into my shit.15:51 <@joepie91> through sqli.15:51 <@Laurelai> morning kayla 15:51 <@joepie91> if you succeed I will buy you cookies.15:51 <@joepie91> :P15:51 <@kayla> joepie91 but professional coder think they write good code and it get's pwned15:51 <@joepie91> mhm15:51 <@joepie91> but I judge my code by how secure it is15:51 <@joepie91> and not by how good I think I am15:51 <@joepie91> :)15:52 <@kayla> :)15:52 <@joepie91> try to break into my shit.15:52 <@joepie91> srsly.15:52 <@joepie91> www.yunicc.ws www.chinacheep.com www.anonnews.org15:52 <@joepie91> have fun :)(15:52 <@joepie91> :)*15:52 <@joepie91> all run php5 and mysql15:52 <@joepie91> 100% self-written15:52 <@entropy> your on a vpn15:53 <@entropy> if you cant break in remotely15:53 <@entropy> just get a host on the same vpn15:53 <@entropy> or subnet15:53 <@entropy> poision arp15:53 <@entropy> or pull a mitnick15:53 <@joepie91> vps*15:53 <@joepie91> :P15:53 <@entropy> its it was 198815:53 <@joepie91> heh15:53 <@joepie91> social engineering?15:53 <@joepie91> good luck trying that on me15:53 <@entropy> lol15:53 <@joepie91> noone has access to my servers15:53 <@joepie91> besides me15:53 <@entropy> could you open the fw on a high port btw?15:53 <@joepie91> lol15:54 <@kayla> xD15:54 <@entropy> ;)15:54 <@joepie91> what bout no15:54 <@joepie91> :P

back

trac

esec

urity

.com

15:54 <@joepie91> but yeah15:54 <@joepie91> I run a httpd15:54 <@entropy> i have vpn in canada15:54 <@joepie91> and an sshd15:54 <@joepie91> and that's it15:54 <@joepie91> pretty much15:54 <@entropy> i can sniff everyones traffic15:54 <@entropy> and have some fun times with dnsiff tools15:54 <@joepie91> oh, and an icecast server on the... yunicc? vps15:55 <@joepie91> lol15:55 <@kayla> it's been a week of non stop lulz15:55 <@kayla> :D15:55 <@joepie91> indeed, inded15:55 <@kayla> poor aaron :(15:55 <@joepie91> I want my own irc server :(15:55 <@kayla> *trolls remorse*15:55 <@kayla> :(15:55 <@joepie91> lol15:55 <@joepie91> Trolls Remorse Syndrome15:55 <@kayla> joke :D15:55 <@joepie91> TRS15:56 <@kayla> joepie91 irc is gay install a silc :D15:56 <@kayla> install silc plugin for irssi15:56 <@kayla> PROFIT15:56 <@kayla> :D15:57 <@kayla> AES256 encrypted chats :D uses priv/pub keys :D15:57 <@entropy> what is it like a WASTE plugin for irssi?15:57 <@kayla> you can have it so every user has same nick too xD15:58 <@joepie91> ..15:58 <@entropy> does every person have to have it15:58 <@joepie91> irc + fish go15:58 <@entropy> or does the cli and svr?15:58 <@entropy> or is it cli<->cli?15:58 <@entropy> ill look it up actually...15:58 <@kayla> it's client and server yeh :D15:59 <@kayla> http://silcnet.org/15:59 <@kayla> how2 irssi -> sicl http://cvs.silcnet.org/source/irssi/README15:59 <@kayla> silc*16:00 <@kayla> here is the plugin http://www.freshports.org/net/silc-irssi-plugin/16:00 <@kayla> totally priv8 chats16:01 <@kayla> run it on a server with only tht service16:01 <@tflow> it's on ;] > @bruces: *these Anonleaks guys are like the game-griefer maestros of psychological torment.16:02 <@joepie91> lolol.16:03 <@kayla> put it in topic of #anonleaks :D16:03 <@kayla> lol'd 16:07 <@tflow> SimplePraxis: RT @bodyspacesoc: (Wikileaks + Anonymous) * Banks(2) = Anonleaks t.co/EGKW2h5 #HBGary #formulafordisaster · Reply · RT 16:07 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Connection closed]

back

trac

esec

urity

.com

16:07 <@tflow> cinnamon_carter: aronleaks ? a joke ??? RT @chronic: uh oh: t.co/LRapm5B · Reply · RT 16:07 <@tflow> aronleaks?16:07 <@tflow> lol16:07 <@tflow> Aaronleaks16:08 <@tflow> agentmule: RT @jeffantebi: OH FUCK. anonleaks.ru/ #theendoftheworldasweknowit · Reply · RT 16:12 <@kayla> 00:08 <@tflow> Aaronleaks16:12 <@kayla> lol16:12 !twisted.operationfreedom.ru *** HQBot invited entropy into the channel16:12 !twisted.operationfreedom.ru *** HQBot invited entropy into the channel16:13 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has joined #hq16:13 -!- mode/#hq [+o entropy] by HQBot16:14 <@kayla> welcome back entropy :)16:14 <@entropy> ;)16:14 <@entropy> i have to go to laptop so i can see whats on all these disks before i toss them16:14 <@joepie91> is it weird I read dildos instead of disks?16:14 <@entropy> lol16:15 <@joepie91> no, srsly16:15 <@joepie91> lol16:16 <@entropy> holy shit i hate caps lock key16:16 <@entropy> why does it even exist16:17 <@kayla> caps lock is cruise control for cool :D16:18 <@joepie91> CAPS LOCK16:18 <@joepie91> CAPS LOCK16:18 <@joepie91> CAPS LOCKKKKK16:18 <@joepie91> but yeah16:18 <@joepie91> good question16:18 <@joepie91> like scroll lock16:18 <@joepie91> has zero practical usage in regular computer usage16:18 <@joepie91> lol16:34 <@tflow> http://hbgary.lacy.ie/16:34 <@tflow> how is search coming along?16:34 <@tflow> (presumably not good for your cpu usage, joepie91 :P)16:34 <@tflow> actually wait, it's broken atm16:38 <@joepie91> miraculously does not kill cpu16:38 <@joepie91> not even a bit16:38 <@joepie91> but it doesn;'t work either16:38 <@joepie91> :P16:39 <@tflow> http://gawker.com/#!575875316:39 <@tflow> ..16:44 <@tflow> pretty damn ironic16:44 <@tflow> considering they released julian's love letters16:47 <@entropy> why does everyone think its a replacement wikileaks16:54 <@joepie91> lol16:54 <@joepie91> because they are idiots16:55 <@joepie91> oh16:55 <@joepie91> tflow

back

trac

esec

urity

.com

16:55 <@joepie91> make sure you keep the emailX.html pages alive16:55 <@joepie91> after launch16:55 <@joepie91> don't want to make gawker point to dead links ;)16:57 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel16:57 -!- Topiary [topiary@do.the.impossible] has joined #hq16:57 -!- mode/#hq [+o Topiary] by HQBot16:57 <&marduk> http://www.p2pnet.net/story/4862516:57 <@Topiary> Sabu: Sorry about that earlier - hai to you good sir.16:57 <&marduk> they got it right16:57 <&marduk> as usual16:58 <&marduk> "It’s rumoured that McQuaid is an HBGary shareholder."16:58 <&marduk> lol16:59 <@joepie91> p2pnet <316:59 <@joepie91> also16:59 <@joepie91> Nate's story on ars16:59 <@joepie91> is in spotlight on google news17:01 <@Topiary> Who is <case@anonleaks.ru>17:01 -!- Topiary [topiary@do.the.impossible] has quit [Connection closed]17:02 <@joepie91> lolguys17:02 <@joepie91> http://anonleaks.ru/email2.html17:02 <@joepie91> got tweeted 13 times17:02 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel17:02 -!- Topiary [topiary@do.the.impossible] has joined #hq17:02 -!- mode/#hq [+o Topiary] by HQBot17:03 <@Topiary> wat17:04 <@joepie91> lol17:05 <@joepie91> the plot idea is even more popular17:05 <@Topiary> joepie91: what was my disconnect message17:10 <@joepie91> Connection closed17:16 <@kayla> :O17:17 <@kayla> link to story on ars :D?17:20 <&marduk> http://arstechnica.com/tech-policy/news/2011/02/week-in-tech-anonymous-strikes-back.ars17:20 <&marduk> all three linked there17:20 <&marduk> two on top, one on bottom17:21 <@kayla> thanks :D17:24 <@joepie91> Topiary DING17:24 <@Topiary> ?17:24 <@joepie91> read above17:24 <@joepie91> I answered your q17:24 <@joepie91> :P17:25 <@Topiary> Cheers17:25 <@Topiary> also do you know who case@anonleaks.ru is?17:25 <@tflow> q17:25 <@tflow> also17:25 <@tflow> any emails in complants@?17:25 <&marduk> Topiary: btw did quinn msg you?17:25 <&marduk> i dont really trust him17:25 <&marduk> i dunno

back

trac

esec

urity

.com

17:25 <@Topiary> marduk: He did and wanted a face-to-face interview, I denied17:26 <&marduk> okay, yeah me too :p17:26 <@Topiary> tflow: Two emails, one from case@anonleaks.ru requesting complaint forwards, another one simply asking if Greg's emails will be dumped17:26 <@Topiary> I'll respond to the first one nao17:26 <&marduk> :p17:26 <@tflow> paste plz17:26 <@Topiary> marduk: will forward complaints17:26 <@Topiary> tflow: k17:26 <&marduk> cheers :)17:27 <@Topiary> from Mike Perez <Mgamerz@hotmail.com>17:27 <@Topiary> to complaints@anonleaks.ru17:27 <@Topiary> date Sat, Feb 12, 2011 at 7:55 PM17:27 <@Topiary> subject I has problemz17:27 <@Topiary> 17:27 <@Topiary> I can has hopes that gregs email will soon be released17:27 <@joepie91> k...17:27 <@tflow> is that it? lol17:28 <@Topiary> Yep, that's our entire inbox so far.17:29 <@joepie91> <anon1984>hi, i managed to crack 52k of the leaked rootkit md5 hashes http://www.mediafire.com/?sfpmuujffbufal117:29 <@joepie91> wat do17:30 <@joepie91> was a pm17:30 <@joepie91> on anonops17:32 <@tflow> wheeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee17:32 <@tflow> the guy who got pwned a few months ago by haxors17:32 <@tflow> tries to write some negative http://gawker.com/#!5758753/anonymous-hackers-launch-wikileaks-for-normal-people17:32 <@tflow> yet all the comments are positive17:32 <@tflow> + http://www.abovetopsecret.com/forum/thread662298/pg117:33 <&marduk> uhm17:33 <&marduk> all rootkit.com pw have been cracked and released before17:33 <&marduk> but they were taken offline :o17:35 <@joepie91> I know\17:37 <@joepie91> jesus17:37 <@joepie91> people bitching17:37 <@joepie91> that the personal mails shouldnt be released17:37 <@joepie91> uh, guys, the personal mails shouldnt have been in their corporate inboxes in the FIRST place17:38 <&marduk> blaeh we reelase all17:38 <&marduk> FULL DISCLOSURE; baby17:38 <&marduk> shoud we sift thru all and sort personal outÃ? lol17:38 <@Topiary> ^17:38 <@Topiary> Fuck no!17:38 <@Topiary> LEAK LEAK LEAK.17:40 <@joepie91> If someone "ripped open" my corporate mailbox, I'd be like Steve Martin in Lonely Guy. Flat out boring. 17:40 <@joepie91> Now, my porn email account...that's a WHOLEEEE different story. 17:40 <@joepie91> from a comment on gawker

back

trac

esec

urity

.com

17:40 <@joepie91> he gets it17:40 <@joepie91> lol17:41 <@joepie91> There is no good guy in this story, no innocent victim. If I can't have all evil-doers in the universe wiped out, I'll settle for one. 17:43 <@joepie91> When sleazy corporate 'security professionals' are willing to engage in smear campaigns against activists - and who knows what else? - I find it acceptable that they also become the target of equally sleazy anarchist smackdowns.17:50 <@tflow> Redsuricat: RT @bodyspacesoc: (Wikileaks + Anonymous) * Banks(2) = Anonleaks t.co/EGKW2h5 #HBGary #formulafordisaster · Reply · RT 17:53 <@joepie91> lolol.17:53 <@joepie91> I think Anonleaks is going to do boom for a few people :317:55 <@tflow> boom?17:57 <@joepie91> uhu17:57 <@joepie91> some people whose... secrets are in there :317:58 <&marduk> wtf17:58 <&marduk> FreedomNow2011 YouthUnited 17:58 <&marduk> @ 17:58 <&marduk> @AnonymousIRC are you really Anonymous? I mean,THE Anonymous. Would be a good thing to meet you, but need to know it's true.17:58 <@tflow> llool17:59 <@tflow> http://www.computersecurityarticles.info/security/anonleaks-on-the-move/17:59 <@tflow> they still think anonleaks.org = anonleaks.ru18:00 <@tflow> http://anonleaks.pcriot.com/18:02 <&marduk> i will tweet about it, maybe it helps18:03 <@Topiary> Maybe we'll start get Anonymous sources of info18:03 <@Topiary> Can we also put the "problem officer" thing on the front page?18:03 <@Topiary> It would be the shit18:05 <@entropy> someone should say .org isnt the same18:05 <&marduk> http://twitter.com/#!/AnonymousLeaks/status/3656147834556416018:06 <@entropy> wtf18:06 <@entropy> that was magical18:06 <@entropy> lol18:07 <@tflow> entropy18:07 <@tflow> where is the conf file for your nginx?18:08 <@entropy> uh18:08 <@entropy> on which server the unkrine one?18:09 <@tflow> yeah18:09 <@entropy> 1 sec18:10 <@entropy> /etc/nginx/nginx.conf18:11 <@entropy> its centos18:12 <@tflow> ah18:12 <&marduk> hmm what you think.. ad a few more teasers?18:12 <&marduk> just an idea18:13 <@entropy> i like the DHS one18:18 <@joepie91> 910 motherfucking followers.18:18 <@joepie91> wat.18:19 <@joepie91> it's about dinner time in US now18:19 <@joepie91> so should be a good time18:19 <@joepie91> to add a few more teasers :)

back

trac

esec

urity

.com

18:20 <@tflow> what do you say about releasing anonleaks on sunday night? it's monday in asia :p18:20 <@tflow> (night, well, for gmt time)18:20 <@joepie91> hm18:21 <@tflow> we want the media to see that before they see the gawker article18:21 <@joepie91> would be a good one18:23 -!- Nessuno834 [fag@fag.fag] has quit [Ping timeout: 121 seconds]18:25 <@tflow> joepie9118:25 <@tflow> http://www.reddit.com/r/politics/comments/fk3ql/hbgary_pwns_anonymous/18:25 <@tflow> 'fuck that color scheme18:25 <@tflow> '18:25 <@tflow> xD18:26 * kayla h8's gawker :D18:26 <@kayla> Nick Denton especially h8's me :D [Kayla/Gnosis broke into Gawker]18:28 <@joepie91> :D18:29 <@joepie91> Hoglundâ??s company which, he claims, provides â??classified services to the Department of Defense, the Intelligence Community and other U.S. Government agencies to meet their unique requirementâ? , is now effectively on the trash heap.18:29 <@joepie91> yup.18:29 <@joepie91> :P.18:34 <@kayla> :D18:36 <@joepie91> lolbai hbgary18:36 <@joepie91> YOU SCREWED UP FAGGOTS18:37 * kayla rapes joepie91 :318:37 <@joepie91> D:18:37 <@joepie91> you's gurl18:37 <@joepie91> ;_;18:37 <@Topiary> Love me love me18:37 <@Topiary> say that you love me18:38 -!- Topiary was kicked from #hq by joepie91 [k]18:38 <@joepie91> !invite Topiary18:38 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel18:38 -HQBot:#hq- Topiary was invited to the channel.18:38 -!- Topiary [topiary@do.the.impossible] has joined #hq18:38 -!- mode/#hq [+o Topiary] by HQBot18:38 <@joepie91> :318:38 <@joepie91> :o18:38 <@joepie91> Topiary18:38 <@Topiary> EVERYTHING WAS GOING SO WELL AND THEN YOU SHOWED UP, YOU BIG MEANIE!18:38 <@joepie91> does you have autojoin18:38 <@joepie91> on invite18:38 <@tflow> lol18:38 <@tflow> /invite Topiary #cocks18:38 <@tflow> /invite Topiary #kill18:39 <@joepie91> :D18:39 <@kayla> lol sajoin everyone #kill :D18:39 <@joepie91> xD18:43 <@Topiary> How are you chaps doing today?

back

trac

esec

urity

.com

18:53 <@kayla> vmware + unity = <319:08 <@joepie91> unity and <3 in the same sentence?19:08 <@joepie91> lolwat19:22 <@Topiary> Justin Bieber <319:22 <@joepie91> Topiary...19:23 <@joepie91> any preference for a specific psychologist?19:25 <@Topiary> No.19:26 <@joepie91> k19:26 <@joepie91> will call one for you then19:26 <@joepie91> :P19:27 <&marduk> hmm19:27 <&marduk> did you break the reader?19:27 <&marduk> http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/index_d_d_2.html19:27 <&marduk> This webpage is not available.19:27 <&marduk> http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/index_d_d_1.html works19:28 <@joepie91> uhm19:28 <@joepie91> it points to localhost.

19:28 <@joepie91> you just have 1.html cached19:28 <&marduk> ?19:28 <@joepie91> when I go to those URLs..19:28 <&marduk> ugh i see19:28 <@joepie91> I get my own webserver19:28 <&marduk> y?19:28 <@joepie91> running at localhost19:28 <@joepie91> :)19:28 <@joepie91> I dunno19:28 <@joepie91> ask tflow19:28 <&marduk> uhm19:28 <@joepie91> tflow DING19:28 <&marduk> tflow: ?19:29 <&marduk> LULZKILLER!19:29 <@entropy> lol19:30 <@tflow> I have to remove the DNS before I go to bed19:30 <@tflow> To feel safe19:30 <@joepie91> lol19:30 <&marduk> :(19:30 <@entropy> lol19:30 <&marduk> but but.. i wanna scan mails :(19:30 <@tflow> youu can add it to your hosts file if you want19:31 <&marduk> ah what was the ip?19:31 <@tflow> 92.241.162.21619:31 <&marduk> thxi <319:32 <@tflow> http://securehomenetwork.blogspot.com/2011/02/anonleaks-on-move.html19:32 <@tflow> In addition, anonleaks.ru has been set up within criminal hoster Webalta's IP space:19:32 <@tflow> 92.241.162.21619:32 <@tflow> anonleaks.ru19:32 <@tflow> hbgary.anonleaks.ru

back

trac

esec

urity

.com

19:32 <@tflow> internetfeds.mil.nf19:32 <@tflow> irc.anonops.net19:32 <@tflow> loic.anonops.in19:32 <@tflow> internetfeds.mil.nf lol19:33 <&marduk> we're so evil19:33 <@joepie91> lol.19:33 <@entropy> who the fuck is this guy19:34 <@entropy> wait19:34 <@entropy> how did he get internetfeds.mil.nf19:35 <@entropy> dont only like ppl in this chan know about that19:35 <@joepie91> reverse dns lookup19:35 <@entropy> yea i mean either the fwd or reverse19:35 <@entropy> donsent no one else know?19:35 <@entropy> or is that in dns?19:37 <&marduk> lol, aaron to his (ex)wife.. in one of the flame mails19:37 <&marduk> "Get your anger straight."19:37 <@joepie91> http://www.robtex.com/ip/92.241.162.216.html19:37 <&marduk> he's funny. i have to remember that19:37 <@joepie91> there you go19:38 <@joepie91> robtex <319:38 <@tflow> since when was it an Anonymous Proxy?19:38 <@joepie91> that site indexes pretty much fucking everything19:38 <@joepie91> hmm, dunno19:39 <@entropy> wtf19:39 <@joepie91> srsly19:39 <@joepie91> if you want to know *anything* about a domain19:39 <@joepie91> robtex is the first place to look19:39 <@joepie91> lol19:39 <@tflow> i use whois.sc/domain.com19:40 <@tflow> but i should probaby use robtex19:40 <@joepie91> mh, I haven't ever seen a single site give SO much info, graphs, relational tables and whatnot19:41 <@joepie91> and so up to date19:41 <@joepie91> as robtex19:41 <@joepie91> :P19:47 <@Topiary> We have requests to add Chuck Norris to the team page in "special thanks" at the bottom19:47 <@Topiary> On Sun, Feb 13, 2011 at 12:10 AM, Kizzycocoa <kizzycocoa@yahoo.co.uk> wrote:19:47 <@Topiary> I have an issue. Mainly to do with the Team page.19:47 <@Topiary> Simply put, you have neglected to note Chuck Norris's involvement in the team.19:47 <@Topiary> I wish to see this corrected as soon as possible.19:47 <@Topiary> to Kizzycocoa <kizzycocoa@yahoo.co.uk>19:47 <@Topiary> date Sun, Feb 13, 2011 at 12:38 AM19:48 <@Topiary> subject Re: I has problemz19:48 <@Topiary> mailed-by anonleaks.ru19:48 <@Topiary> 19:48 <@Topiary> Dear Kizzy,19:48 <@Topiary> As always, AnonLeaks is committed to bringing the utmost professionalism and

back

trac

esec

urity

.com

saltiest sea shanties to the world of the Internet, and we humbly apologize for neglecting Chuck Norris in our team page. After Chuck Norris crushed Batman's head in between his thighs, we thought it best that he take a few days off - but this is no excuse for our negligence.19:48 <@Topiary> As per your request, Dr. Cocoa, this factual misinformation will be rectified as soon as possible. Please be aware that, while we intend to include Chuck Norris on our operations, we may decide to first partake several plates of chicken parmesan in an attempt to comfort ourselves over our own increasing falsification.19:48 <@Topiary> Yours rampantly,19:48 <@Topiary> Topiary19:48 <@Topiary> CEO of your mother19:48 <@entropy> lol19:51 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Quit: switch back]19:56 !twisted.operationfreedom.ru *** HQBot invited entropy into the channel19:56 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has joined #hq19:56 -!- mode/#hq [+o entropy] by HQBot19:58 <@joepie91> Topiary +9001 internets.20:03 <@entropy> is anonops still getting ddos20:04 <@joepie91> http://webmove.org/projects/jamendo-html5-audio-player/?artist_id=8094&artist_name=Julien%20Boulier20:04 <@joepie91> probably, yes20:04 <@entropy> wtf20:04 <@entropy> i hate ddosing fucks20:05 <&marduk> vlad's fine though20:05 <&marduk> dunno why20:05 <&marduk> tbh20:31 <&marduk> mhh now it seems to be down20:32 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @joepie91, @x, @tflow20:33 <&marduk> ah k20:33 <&marduk> FU20:35 <@Topiary> DEM SPLITS20:35 <&marduk> ddos i think20:35 <&marduk> vlad+tackle died20:35 <&marduk> and thus the reader as well20:36 <&marduk> uh oh20:36 <&marduk> which anonops server is working?20:36 <&marduk> owen said something about a new GB?20:37 <@Topiary> Don't know, but anonleaks.ru seems to be slow/down too20:37 <@Topiary> I can't connect to AnonOps20:37 <&marduk> mmm20:37 <&marduk> no good.20:37 <&marduk> praise for the backup net tho20:37 <@Topiary> I hate these attention-seeking bored trolls who get sensitive over Anonymous doing something big when they're not at the center of it20:37 <&marduk> all ddosed it seems20:38 <@Topiary> so instead of realizing they can't always be in the middle, they lash out20:38 <&marduk> |-heimdall.anonops.in (17) 20:38 <&marduk> tiny.anonops.ru20:38 <&marduk> heimdall is on gigabit

back

trac

esec

urity

.com

20:38 <&marduk> try that20:40 <@Topiary> On now; thanks20:45 <&marduk> and thats why we need da mirrors20:53 <@entropy> fuck i hate geolocal language in web pages20:55 <@entropy> im going to check out whats up with the fuck calling us socicopaths20:55 <@entropy> http://www.dioceseoflansing.org/20:55 <@entropy> his work20:59 <@entropy> oh no its down20:59 <@entropy> :( sad times21:01 <@entropy> actually ill put it back up21:01 <@entropy> until hes at work monday21:01 <&marduk> heh21:01 <&marduk> rather bring our sites back up :(21:02 <@entropy> whats down?21:02 <&marduk> anonleaks.ru21:02 <&marduk> internedfeds.mil.nf and vlad.anonops.ru21:02 <@entropy> wheres tflow21:02 <&marduk> as well as tackle.operationfreedom.ru21:02 <&marduk> and a few other anonops leafs21:02 <&marduk> well it's ddos, it seem21:02 <&marduk> snothing much to do21:02 <@entropy> i can change dns21:03 <@entropy> and put up a mirror21:03 <&marduk> mmm21:03 <@entropy> cause i have the page cahced21:03 <&marduk> worth a try? the irc doesnt matter much21:04 <@entropy> <link href="./index.css" rel="stylesheet" type="text/css" />21:04 <@entropy> <a href="./email1.html">E-mail 1</a>21:04 <@entropy> no i cant21:04 <@entropy> why the f they linked that way i dont know21:04 <&marduk> ah hm well, only a demo21:04 <&marduk> but well, ddos will cease21:04 <&marduk> sooner or later.ö..21:05 <@entropy> actually i could slowy get it21:05 <@entropy> with like21:05 <@entropy> cache:anonleaks.ru/email1.html21:05 <@entropy> in google maybe21:05 <@entropy> 1 sec21:06 <@entropy> for some reason there no cache link21:06 <&marduk> they are kinda hidden now.. i dont see any cache links anymore21:06 <&marduk> sth changed21:07 <&marduk> http://webcache.googleusercontent.com/search?q=cache:http://anonleaks.ru/21:07 <&marduk> hmm cant read either...21:07 <@entropy> http://webcache.googleusercontent.com/search?q=cache:http://anonleaks.ru/email1.html21:07 <&marduk> http://webcache.googleusercontent.com/search?q=cache:http://anonleaks.ru/&hl=en&strip=121:07 <@entropy> but no css will look like shit if i put that up21:08 <&marduk> mhh cant access tea, page either

back

trac

esec

urity

.com

21:08 <&marduk> in cache21:08 <&marduk> cant load the emails from cache here either, strange21:09 <@entropy> it is21:09 <@entropy> <joepie91:#ophbgary> Aaron and Greg now talking in #hbgarytalk !!21:10 <@entropy> how did i get into kill21:10 <@entropy> and not get killed21:10 <&marduk> FUCK YOU!21:10 <&marduk> :p21:10 <@entropy> [Users(#kill:5)] 21:10 <@entropy> [ entropy ] [ Hex ] [ joepie91 ] [ &SiteBot ] [ Immortalit] 21:10 <@entropy> Channel #kill was created at Sat Feb 12 20:36:43 201121:10 <@entropy> BitchX: Join to #kill was synched in 0.599 secs!!21:10 <@entropy> q [root@hbgaryfederal.com] has joined #kill21:10 <@entropy> #kill q Hr root@hbgaryfederal.com (x)21:10 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Killed (marduk (because!))]21:12 !twisted.operationfreedom.ru *** HQBot invited entropy into the channel21:12 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has joined #hq21:12 -!- mode/#hq [+o entropy] by HQBot21:12 <@entropy> lol21:12 <&marduk> wb :)21:12 <&marduk> yeah without killbot that doesnt really work21:12 <&marduk> nice try tho21:14 <&marduk> and sorry, i usually dont do that. 21:14 <@entropy> lol21:14 <&marduk> but i dont like to get killed for no reason :p21:15 <@entropy> i dont care clients auto reconnect21:15 <@entropy> im drinking absenth and oj21:15 <@entropy> in a jolly mood anyway21:15 <@entropy> ;)21:15 <&marduk> heh nice21:15 <&marduk> we're having whisky21:16 <&marduk> Glenrothes, Special Reserve21:17 <@entropy> nice21:23 <@entropy> you are kidding me21:23 <@entropy> the fuck calling socicopath21:23 <&marduk> ?21:23 <@entropy> DIOCESE OF GAYLORD21:23 <@entropy> thats what hes in21:23 <@entropy> its not a joke21:23 <&marduk> heh21:23 <@entropy> www.dioceseoflansing.org/communications/DOLdirectoryforweb2010.pdf21:25 <&marduk> yeah just looking at the site21:26 <@entropy> its vuln to slow get/post21:26 <@entropy> just stops it 100%21:27 <@entropy> and im guessing the search to xss21:27 <@entropy> havent checked yet21:27 <@entropy> wget -r ing it21:28 <&marduk> yeah well, we need to get the mirrors going tomorrow21:28 <@entropy> yea we should have had them since the day we put the first link out

back

trac

esec

urity

.com

21:28 <@entropy> to anonleaks21:28 <@entropy> had to know thiswas going to happen21:28 <@entropy> oh wait21:28 <@entropy> i didnt even look if its already there21:28 <&marduk> hm?21:29 <&marduk> oh21:29 <@entropy> tflow was mirroringthe pages21:29 <&marduk> wait21:29 <@entropy> so he might have done the int page21:29 <&marduk> hm there was a mirror on opfreedum.ru21:30 <&marduk> me nvm21:31 <@entropy> nope not on any of mine21:31 <&marduk> hmm not anymore it seems21:31 <@entropy> http://91.211.116.134/21:31 <@entropy> same as before21:32 <@entropy> i thought he mirrored already21:32 <&marduk> http://operationfreedom.ru/anonleaks/21:32 <&marduk> there21:32 <&marduk> mirror21:33 <@entropy> ok21:33 <@entropy> ill change dns21:33 <&marduk> i dont think i want the opfreedom site tweeted21:33 <&marduk> not wile ddos is going on21:33 <&marduk> since it is triumpg21:33 <@entropy> so i shouldnt or should?21:33 <&marduk> dont want triumph down as well21:34 <&marduk> yes.. if you can mirror it elseqhere?21:34 <@entropy> i can put it on any of my boxes21:34 <@entropy> yes i got 2 ru 1 ukraine 1 netherlands21:34 <&marduk> one where you can live with it being down?21:34 <@entropy> ru21:34 <&marduk> would be cool21:34 <&marduk> and also a test21:34 <@entropy> ukraine and nether host backup dns and my real www21:34 <&marduk> to see if it REALLY is ddos21:34 <@entropy> ok21:34 <&marduk> maybe heihachi screwed up again21:34 <@entropy> your going to tell tflow you told me to21:35 <@entropy> ;)21:35 <@entropy> ill do it now21:35 <&marduk> hehe sure21:35 <&marduk> well, i'D spread operationfreedom.ru mirror.. but if that get'S ddosed we lose another irc leaf21:35 <&marduk> dont want ;/21:37 <@entropy> http://91.211.116.134/21:37 <@entropy> ok wget it21:37 <@entropy> changing dns21:38 <&marduk> does it have a host?21:38 <&marduk> oh

back

trac

esec

urity

.com

21:38 <@entropy> it will in 2 seconds21:38 <&marduk> you change anonleaks.ru to it21:38 <&marduk> yeah 21:41 <&marduk> team link is still invisible there tho21:41 <@entropy> root@ru:/var/named/chroot/var/named# nslookup anonleaks.ru 127.0.0.121:41 <@entropy> Server: 127.0.0.121:41 <@entropy> Address: 127.0.0.1#5321:41 <@entropy> Name: anonleaks.ru21:41 <@entropy> Address: 91.211.116.13421:42 <@entropy> bash-3.2# nslookup anonleaks.ru 127.0.0.121:42 <@entropy> Server: 127.0.0.121:42 <@entropy> Address: 127.0.0.1#5321:42 <@entropy> Name: anonleaks.ru21:42 <@entropy> Address: 91.211.116.13421:42 <@entropy> ok give like 5 min to propagate21:42 <@entropy> and it will be back up21:42 <&marduk> works here already21:42 <&marduk> with CCC nameserver21:42 <@entropy> yep me too21:42 <&marduk> will tweet in 2 or so21:43 <@entropy> its not done in usa yet21:43 <&marduk> hm app they are not ddosing the domain then21:43 <&marduk> hm k waiting for now21:43 <@entropy> no they are ddosing the ips 21:43 <@entropy> it has to be hbgaruys botnet21:43 <&marduk> mhhh21:43 <@entropy> he dosent know i can move shit around the world all night ;)21:43 <&marduk> i dunno21:43 <@entropy> you think just skiddies?21:44 <&marduk> yes, more likely21:44 <&marduk> because also vlad/tackle/belldandy etc21:44 <&marduk> and that started earlier21:44 <&marduk> but well, we never know for sure21:45 <@entropy> fuck goign thro 2 vpns and a proxy amkes it hard to test when thsi is up21:45 <@entropy> ok looks up in ny21:45 <@entropy> and cali21:45 <&marduk> kk21:45 <&marduk> thx21:45 <@entropy> np21:45 <&marduk> will tweet.. then see what happens21:46 <@entropy> ill start sniffing to some dump file in screen21:47 <&marduk> http://twitter.com/#!/AnonymousLeaks/status/3661730818098790421:47 <@entropy> nice21:47 <@entropy> id tell op*21:48 <&marduk> thx :x21:48 <&marduk> i did21:48 <@entropy> yep just saw21:52 <@entropy> still up and fast as shit21:53 <&marduk> yup

back

trac

esec

urity

.com

21:53 <&marduk> well21:53 <&marduk> there'S always the chance it'S an heihachi fuckup 21:53 <&marduk> but i dont really think so21:53 <@entropy> are all those boxes on the same subnet21:53 <&marduk> vlad/tackle are in same rack21:54 <@entropy> ah21:54 <&marduk> opfreedum.ru is on triumph21:54 <@entropy> most likely same subnet then21:54 <&marduk> also heihachi but sifferent21:54 <@entropy> mine are all santrex21:54 <&marduk> ass for the other anonops i dunn21:54 <&marduk> ah and yeah. internetfeds.mil.nf is running on vlad21:55 <@entropy> lol this is goign to get them pissed21:55 <@entropy> until they realise to attack the dns21:55 <&marduk> Topiary: nice tweet :)21:55 <@entropy> i can seiosuly switch this around to 20 boxes21:55 <&marduk> haha21:55 <@entropy> actually21:56 <@entropy> i can round robin dns it to like 10 boes right now21:56 <@entropy> eh21:56 <&marduk> we have enough domains as well, actually21:56 <@entropy> but then they have the 10 ips21:56 <&marduk> well have to think of a plan tomorrow21:56 <&marduk> how we want to propagagte that21:56 <@entropy> all we have to do it put it on n boxes21:56 <@entropy> and have anonleaks.ru resolve to all those ips randomly21:56 <@entropy> like what google and all big providers do21:57 <@entropy> as long as the same contecnt is on all tis fine21:57 <&marduk> yup21:57 <@entropy> and static pages which it is21:57 <&marduk> classic load balancing21:57 <&marduk> basically21:57 <@entropy> yea exactly22:04 <@Topiary> marduk: green is the new black22:04 <&marduk> i like green for anonleaks.. but will stay for the classic black on main twitter22:04 <@Topiary> Indeed22:06 <@entropy> fuckign 22:06 <@entropy> shit22:06 <@entropy> theres like 5 requests a second22:06 <&marduk> sounds normal?22:07 <@entropy> bash-3.2# ls -la access.log 22:07 <@entropy> -rw-r--r-- 1 root root 827533 Feb 13 06:05 access.log22:07 <@entropy> bash-3.2# ls -la access.log 22:07 <@entropy> -rw-r--r-- 1 root root 857050 Feb 13 06:05 access.log22:07 <@entropy> if we are fucking google i seems normal22:07 <&marduk> but its too weak to be ddos22:07 <&marduk> i just tweeted it'S up and running22:08 <@entropy> its seriously like 100 hits aminute22:08 <&marduk> to 7k followers and it was RTed massively

back

trac

esec

urity

.com

22:08 <&marduk> mhh22:08 <@entropy> no they look like real reauests22:08 <&marduk> still .. what kind of ddos? LOIC?22:08 <&marduk> lol22:08 <@entropy> all diff ips22:08 <&marduk> yeah22:08 <&marduk> hehe22:08 <&marduk> we're fucking famous22:08 <@entropy> lol22:08 <&marduk> live with it (=22:08 <@entropy> the access log is going up 1k a second22:09 <@entropy> i thought tflow was exagurating22:09 <&marduk> site is fast tho22:09 <@entropy> how ever you spell it22:09 <&marduk> exaggerating :)22:09 <@entropy> yea i cp'ed tflow nginx.conf22:09 <@entropy> nginx is awsome22:09 <@Topiary> entropy: you got control of it all now?22:09 <@entropy> and this ukraine box always was stable as hell22:09 <@entropy> yea22:09 <@Topiary> sweet22:10 <@entropy> tflwo/avunits boxen are ddos/down22:10 <@entropy> so i jhust mirrored22:10 <@entropy> then changed dns22:10 <@entropy> and until they ddos the dns i can continue to move it22:10 <@Topiary> can you edit the index?22:10 <@entropy> dont mention that anywhere though ;)22:10 <@entropy> yes22:10 <&marduk> the team link is invisible22:10 <&marduk> but not that important i guess22:11 <@entropy> i thought that was on purpose22:11 <@entropy> i can change that easily22:11 <@Topiary> was gonna /r/ that the "Problem officer? complaints@anonleaks.ru" be moved to the front22:11 <&marduk> nah we changed it 22:11 <&marduk> to a small, decent link22:11 <&marduk> since it'S google indexed anyway22:11 <&marduk> Topiary: mail greed22:11 <&marduk> !22:11 <@Topiary> NOM NOM NOM!22:12 <@entropy> should i change something in it or?22:12 <@entropy> <a STYLE="text-decoration:none" href="./theteam.html"><font color="#FFFFFF">22:12 <@entropy> white on white22:12 <@Topiary> I'd just like to see the complaints thing on the index22:13 <&marduk> i dun care much, as long as it'S up22:14 <@entropy> http://anonleaks.ru/ ?22:14 <@Topiary> yes22:14 <@entropy> ill do it as long as im not pissing anyone off

back

trac

esec

urity

.com

22:18 <@entropy> if this box is ddos i got http://94.102.51.136/anonleaks/22:18 <@entropy> setup22:23 <&marduk> well so far all is good. 22:23 <@entropy> yea im surprised actually22:23 <@entropy> been like 30 minutes22:24 <&marduk> maybe it really is heihachi fubar22:24 <&marduk> all affected boxes are at heihachi..22:25 <@entropy> yep it is22:25 <@entropy> i dont think its ddos22:25 <@entropy> when my heihachi box goes down22:25 <@entropy> and i traceroute22:25 <@entropy> stops at exact same place22:26 <&marduk> mmm k22:26 <@entropy> i think they have like 128 vhosts per box22:26 <&marduk> *Sigh*22:26 <&marduk> that'S even worse22:26 <@entropy> so the box goes down they all do22:26 <@entropy> and they dont wake up till 1 est22:26 <@entropy> 1am est22:26 <@entropy> is like 9am russian22:26 <&marduk> hmm22:27 <&marduk> possibly vlad was ddosed as ircleaf22:27 <&marduk> and that took down the rest22:27 <@entropy> anonops or opfreedom?22:27 <&marduk> anonops22:27 <&marduk> was under heavy ddos today22:27 <&marduk> owen actually connected a new 1GB leaf22:28 <@entropy> yea that must be ddos22:28 <@entropy> cause im on those same ips22:28 <@entropy> root@ru:/var/named/chroot/var/named# ifconfig | grep inet22:28 <@entropy> inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.25522:28 <@entropy> inet addr:92.241.184.78 P-t-P:92.241.184.78 Bcast:0.0.0.0 Mask:255.255.255.25522:28 <@entropy> inet addr:92.241.184.79 P-t-P:92.241.184.79 Bcast:0.0.0.0 Mask:255.255.255.25522:28 <@entropy> inet addr:92.241.184.80 P-t-P:92.241.184.80 Bcast:0.0.0.0 Mask:255.255.255.25522:28 <@entropy> and mine is fine22:28 <@entropy> 92.241.X.X22:29 <&marduk> triumph fine too22:29 <&marduk> but vlad/tackle are in same rack i think (not same vps tho)22:30 <@entropy> bash-3.2# ls -lah access.log 22:30 <@entropy> -rw-r--r-- 1 root root 1.5M Feb 13 06:28 access.log22:30 <@entropy> that was seriously 1k22:30 <@entropy> 20 min ago22:30 <@entropy> cant belive how many hits22:30 <@entropy> maybe we should put like google ads on this shit and get rich22:30 <@entropy> lol j/k22:32 <&marduk> well, some funding for the servers would actually be naic

back

trac

esec

urity

.com

22:32 <&marduk> but i think that we can decide later.. after next leak :x22:33 <@entropy> bash-3.2# cat access.log|awk '{print $1}'|sort|uniq|wc|awk '{print $1}'22:33 <@entropy> 701922:33 <&marduk> hehe22:33 <@entropy> 7019 unique hits in the last 30 minutes22:33 <@entropy> theres no donate page up?22:33 <&marduk> and that for only 9 teaser emails22:33 <&marduk> hmmm, not really so far i think. but avunit is having some donation think runninh i think22:34 <&marduk> gotta check with him and tflow tomorrow22:34 <&marduk> maybe add a flattr?22:34 <@entropy> flattr?22:34 <&marduk> works quite okay for anonnews22:34 <&marduk> http://flattr.com/22:36 <@entropy> ok i haveto go hang out with the wife22:36 <@entropy> ill check back periodicly befre i go to bed22:36 * entropy typing skillz22:38 <&marduk> k have fun22:38 <&marduk> will be asleep soon too22:54 <@Topiary> entropy: we gonna get the complaints link on anonops.ru or was it decided against?22:55 <&marduk> hm?22:55 <&marduk> btw22:55 <&marduk> http://www.straight.com/article-331250/vancouver/video-riot-police-charge-g20-protesters-singing-o-canada22:55 <&marduk> sick video22:56 <&marduk> was a reply after i tweeted that some algerians were arrested today for holding up the algerian flag22:57 <&marduk> hmm #opbahrain doesnt even exist :o23:22 <@entropy> Topiary: its on there now23:22 <@entropy> im assuming its ok23:22 <@entropy> but tflow is off/down really until he gets back i assume its alright23:22 <@entropy> and its still up23:23 <@entropy> which is crazy23:23 <@Topiary> it's nice23:23 <@entropy> really expected it to go down in 10-15 minutes23:23 <&marduk> dont think its ddos, really23:23 <&marduk> heihachi fucked it up, once again23:23 <&marduk> or maybe it is23:23 <&marduk> and vlad is still fired23:23 <&marduk> well, tflow will tell us tomorrow23:26 <@entropy> yea23:26 <&marduk> and ill crash now23:26 <@entropy> i think they would have realised and switch to this ip23:26 <@entropy> me too23:26 <@entropy> ttl23:26 <&marduk> seeya in 9h or something like this23:26 <@entropy> later23:29 <@entropy> tflow/avunit: i cahnged the dns and you cannot edit it via the bot, either wait till i come on or change /var/named/chroot/var/named/db.anonleaks.ru (serial and first a record line) and

back

trac

esec

urity

.com

/usr/sbin/rndc -s localhost -c /var/named/chroot/etc/rndc.conf reload--- Day changed Sun Feb 13 201100:48 <@kayla> is this the bat cave :D?00:51 * marduk flaps around in panic00:51 <@kayla> :o00:51 * kayla hides00:51 <&marduk> you woke a bat00:52 <&marduk> half of heihachi is dead or so00:52 <&marduk> narf00:52 <&marduk> had to move ip and put up a new mirror to keep teasers running00:52 <&marduk> either ddos on vlad which takes down the whole rack and more.. or heihachi fubar00:53 <&marduk> kayla: by the way, we still need your dox! :-)00:53 <&marduk> http://anonleaks.ru/theteam.html00:55 <&marduk> btw actually an idea. investigate shell/bp/exxon fuckers00:55 <&marduk> not whitehats i know... but...00:56 <&marduk> probably about the only industry which can be worse than banks00:58 <@kayla> :D make some do up for me lololol :D?01:00 <&marduk> main webservers are not interesting01:00 <&marduk> but i will do some research.. in the next days01:01 <&marduk> scanning subnets etc. finding rather unknown boxes01:01 <&marduk> will give you guys an report.. in the meantime.. stay on what we have i guess01:02 <&marduk> lexsi i guess, hunton maybe.. and i dunno about dosarrest, this is rather strange01:03 <@kayla> ok :D01:03 <@kayla> im gonna get some sleep now <3 :)01:03 <@kayla> ni ni <3 :D01:03 -!- kayla [mysql3@fbi.gov] has quit [Quit: Lost terminal]01:22 -!- Topiary [topiary@do.the.impossible] has quit [Ping timeout: 121 seconds]02:53 <@Laurelai> hello03:20 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel03:20 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq03:20 -!- mode/#hq [+o tflow] by HQBot03:25 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: @tflow03:28 -!- Netsplit over, joins: @tflow03:28 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Connection closed]03:30 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel03:30 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq03:30 -!- mode/#hq [+o tflow] by HQBot03:34 <@Laurelai> preview of story coming up03:35 <@tflow> sup03:58 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: @tflow04:03 -!- Netsplit over, joins: @tflow04:56 <@Laurelai> http://crowdleaks.org/hbgary-wanted-to-suppress-stuxnet-research/05:00 <@tflow> :o05:01 <@Laurelai> yah05:05 <~Avunit> We got some press requests.05:06 <~Avunit> D:05:06 <~Avunit> wake up guis05:08 <~Avunit> http://securepastebin.com/go/retrievePost.action?id=6336 pass: complaints05:08 <@tflow> yo

back

trac

esec

urity

.com

05:08 <@tflow> oh05:08 <@tflow> hackernews05:08 <@tflow> nub site05:08 <@tflow> lol05:09 <@tflow> '2.) We wanna invite you guys to start "Operation India" , So as to expose all corrupt Politicians. Its must in India. I can make u sure that, Whole India will support you and every Indian Hacker will also support you.'05:09 <@tflow> oh, and05:09 <~Avunit> http://securepastebin.com/go/retrievePost.action?id=6337 pass: complaints05:09 <@tflow> Avunit: can you cname anonleaks.ru to www.anonleaks.ru05:09 <@tflow> so that we can edit it from the dnsbot05:09 <~Avunit> err think i can sec gotta log in the right server XD05:10 <@tflow> ty05:10 <@tflow> i'm not sure what happened yesterday with my server o_o05:11 <~Avunit> it died?05:11 <@tflow> what server is the site is on now?05:11 <@tflow> who's*05:11 <@tflow> yeah05:12 <@tflow> it died05:14 <@Laurelai> do you guys need space on PRQ?05:14 <@Laurelai> or was it just a technical issue?05:15 <~Avunit> okay05:15 <~Avunit> i cnamed it05:16 <~Avunit> IN CNAME www.anonleaks.ru.05:17 <~Avunit> anyway what about the russian press guis?05:17 <~Avunit> [11:09:24] <~Avunit> http://securepastebin.com/go/retrievePost.action?id=6337 pass: complaints05:17 <~Avunit> that one05:21 <~Avunit> opinions?05:22 <@tflow> Probably invite her to #reporters as usual05:22 <~Avunit> yeah but she cant connect to the IRC it seems05:22 <@tflow> we can give her the web link05:24 <~Avunit> ill gief when she mails again on mail05:33 <@tflow> hm..05:33 <@tflow> i'm thinking of ways that mirrors can keep their index page updated with the latest mirrors05:33 <@tflow> i was thinking of making them have a cron job to automatically wget index.html from anonleaks05:34 <@tflow> but i think that might be insecure05:34 <~Avunit> why not rsync then?05:34 <~Avunit> since thatll only download when its changed05:34 <~Avunit> get one mirror thats not public, update shit on there05:34 <@tflow> they will have to give us their sftp details etc05:34 <~Avunit> and let the rest rsync cronjob it from there05:34 <@tflow> more hassle05:34 <~Avunit> so the nonpublic mirror wont be offline05:34 <~Avunit> normal ssh will do :p05:34 <~Avunit> ets safe05:35 <@tflow> ssh = sftp :p

back

trac

esec

urity

.com

05:35 <~Avunit> fast05:35 <~Avunit> yarr05:35 <~Avunit> so no additinoal05:35 <~Avunit> creditinials needed05:35 <@tflow> but i'm not sure05:35 <@tflow> it's odd asking for their ssh details on the mirror page for something that is supposed to be decentralised05:36 <~Avunit> gotta spread from somewehre :P05:36 <~Avunit> did you set triumph up already?05:36 <@tflow> no, couldnt conenct to ssh again05:36 <@tflow> connect*05:36 <~Avunit> 0.o?05:36 <~Avunit> i05:36 <~Avunit> hate05:36 <~Avunit> openssh05:36 <~Avunit> chrooting05:36 <@tflow> [18:05] <tflow> lftp tflow@triumph.operationfreedom.ru:~> ls05:36 <@tflow> [18:05] <tflow> ls: Fatal error: pseudo-tty allocation failed: Exec format error05:37 <~Avunit> fuck it05:38 <@tflow> wanna download it yourself?05:38 <@tflow> but actually.. i still need working ssh details to update index.html05:38 <~Avunit> login now05:38 <~Avunit> i removed your chroot on sftp05:38 <@tflow> sec05:38 <~Avunit> just dont fuck shit up :p05:39 <~Avunit> i logged in just fine on your account05:39 <~Avunit> so yeah05:39 <~Avunit> i can wget it meanwhile if you want to05:43 <@tflow> lftp tflow@triumph.operationfreedom.ru:~> mkdir hbgary-www05:43 <@tflow> mkdir: Access failed: Permission denied (hbgary-www)05:43 <~Avunit> cd anonleaks05:43 <~Avunit> thats the web directory05:44 <@tflow> ok, it's uploading05:44 <~Avunit> gave you access in your home directory now too05:44 <~Avunit> chown -R tflow /home/tflow/05:44 <~Avunit> and voila05:44 <@tflow> fast server... 7k files transferred in a minute05:45 <@tflow> probs because in same datacenter05:45 <~Avunit> yarr and its on a 1gbit line05:45 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel05:45 -!- Topiary [topiary@do.the.impossible] has joined #hq05:46 -!- mode/#hq [+o Topiary] by HQBot05:46 <~Avunit> hai topiary05:46 <@Laurelai> hi Topiary 05:46 <@Laurelai> Topiary: new crowdleaks story is up05:46 <~Avunit> anyway like i said tflow, the webserver redirects hbgary.anonleaks.ru to /home/tflow/anonleaks05:46 <~Avunit> so the actual webpage should be in there05:47 <@tflow> ah

back

trac

esec

urity

.com

05:47 <@tflow> well i'm uploading to /home/tflow/anonleaks05:47 <@Topiary> Hi05:47 <~Avunit> k05:47 <@tflow> well i'm uploading to /home/tflow/anonleaks/hbgary-www*05:47 <~Avunit> oh05:47 <~Avunit> well05:47 <@tflow> probably needs to be moved05:47 <@tflow> ohai05:47 <~Avunit> i can change the dir if you want05:47 <~Avunit> but you could also mv the files out05:47 <~Avunit> just what you want05:47 <@tflow> how big is the hd?05:48 <~Avunit> err 25gb i think05:48 <@tflow> can you set hbgary.anonleaks.ru /home/tflow/anonleaks/hbgary05:48 <@tflow> and05:48 <@tflow> archive.anonleaks.ru /home/tflow/anonleaks/archive.hbgary05:48 <~Avunit> yarr05:48 <~Avunit> will do05:48 <@tflow> archive.hbgary.anonleaks.ru /home/tflow/anonleaks/archive.hbgary*05:49 <@tflow> archive will host a .tar.gz backup of the site05:50 <~Avunit> $HTTP["host"] == "hbgary.anonleaks.ru" {05:50 <~Avunit> server.document-root = "/home/tflow/anonleaks/hbgary"05:50 <~Avunit> $HTTP["host"] == "archive.hbgary.anonleaks.ru" {05:50 <~Avunit> server.document-root = "/home/tflow/anonleaks/archive.hbgary"05:50 <@tflow> kewl05:52 <@tflow> Topiary: we've had 2 press requests05:53 <@Topiary> just checked that, noticed they've been responded to05:53 <@Topiary> Laurelai: great article05:53 <~Avunit> yarr05:53 <~Avunit> i left em in the inbox05:53 <~Avunit> i responded to one other too but that wasnt press05:53 <~Avunit> can find that in the replied complaints05:53 <@Topiary> Avunit: nice complain dealings, lulz05:53 <@Topiary> I read that one too05:53 <~Avunit> xD05:53 <~Avunit> i liek the rolex.05:54 <~Avunit> its like troll season in that mailbox05:54 <@Topiary> I guess we can tell who has taken which with press just by (2) being next to the name05:54 <~Avunit> yeah if its still in the inbox but replied too05:54 <~Avunit> well then its probably a convo that has to stay :p05:55 <@tflow> can I have the pass to complaints too pls? :-)05:55 <@tflow> oh and, do you link that anonleaks logo in gmail?05:55 <@tflow> like*05:56 <~Avunit> yarr i saw it this morning05:56 <~Avunit> Well topiary do we want tflow in our customer support team?05:56 * Avunit ponders.05:56 <~Avunit> It's a tough decision. Maybe we should talk to D and R about this.05:57 <@tflow> lol

back

trac

esec

urity

.com

05:57 <@tflow> Who's D and R?05:57 <~Avunit> Don and RR.Rson05:57 <@tflow> Who's Don and RR.Rson?05:57 <~Avunit> S3cret members of our super secret elite hacking team05:58 <@tflow> Hmm, well I've just had a word with David D. Davidson05:58 <@Topiary> tflow: But I'm him05:58 <@Topiary> NO WORDS HAVE BEEN HAD!05:59 <~Avunit> Lulz06:00 <~Avunit> domain: ANONLEAKS.RU06:00 <~Avunit> nserver: ns1.anonleaks.ru. 92.241.184.7806:00 <~Avunit> nserver: ns2.anonleaks.ru. 92.241.184.8006:00 <~Avunit> nserver: ns3.anonleaks.ru. 91.211.116.13406:00 <~Avunit> state: REGISTERED, DELEGATED, VERIFIED06:00 <~Avunit> person: Private Person06:00 <~Avunit> phone: +49 36022 60 6206:00 <~Avunit> e-mail: 06:00 <~Avunit> registrar: RU-CENTER-REG-RIPN06:00 <~Avunit> created: 2011.02.0906:00 <~Avunit> paid-till: 2012.02.0906:00 <~Avunit> source: TCI06:00 <~Avunit> awh fuck06:00 <~Avunit> it didnt copy06:00 <~Avunit> the email06:00 <~Avunit> anyway i set the e-mail to06:00 <~Avunit> complaits@anonleaks.ru06:00 <~Avunit> :P06:00 <@tflow> LOL@D06:00 <@tflow> LOL@D06:00 <@tflow> at replies06:01 <~Avunit> http://anonleaks.net/06:01 <~Avunit> the fucks that06:02 <@Topiary> Heh, we shouldn't troll press so hard.06:03 <~Avunit> actually at the press i put a qutie serious line06:03 <~Avunit> at the end06:03 <~Avunit> D:06:03 <@Topiary> Fair enough then, as long as we're looking at getting some coverage after the lulzy emails =P06:03 <~Avunit> Yarr06:03 <~Avunit> I try to not scare em off :p06:03 <@Topiary> That's great then06:03 <@Laurelai> who highlighted me06:03 <@Topiary> Laurelai: That was me, I was saying great article06:03 <@Laurelai> aww thanks :D06:04 * Avunit highfives Topiary at the replies.06:04 <~Avunit> anyway we know anonleaks.net?06:04 <~Avunit> mustve been regged in the past 24hrs06:04 <@Topiary> Avunit: I'm happy to talk to press on IRC/Skype, have done for months06:04 <~Avunit> Yeah thats why you are the telephone team :p06:04 <@tflow> also

back

trac

esec

urity

.com

06:04 <@Topiary> OH SWEET! PROMOTION!06:04 <~Avunit> i can talk to press on irc/email too :P06:05 <@tflow> i'd tone down on using irc nicks, but use nicks like david davidson for identification06:05 <~Avunit> Oh then I'm J. Shepard D:06:05 <@tflow> (we don't want to get namefagged in the press :P)06:05 <@tflow> (like coldblood)06:05 <~Avunit> anyway brb lunch06:05 <~Avunit> use theteam.html names :p06:05 <~Avunit> afk06:05 <~Avunit> <3 you guys06:05 <@tflow> yeah06:06 * Avunit dances in awesomeness.06:06 <@Topiary> tflow: I've talked to maybe 150 journalists under Topiary and simply said "Just write that I'm Anonymous". Only 3 cases of "Topiary" have popped up, and 2 of them were simply because people thought I WAS Coldblood.06:06 <@tflow> lol06:06 <@tflow> but still06:07 <@Topiary> I see your point though.06:07 <@tflow> in the emails it's not really needed06:07 <@tflow> on irc/skype though, i can see06:16 <@Topiary> I use Topiary mainly as a taunt to spais; I'm Topiary on twitter and IRC, but nowhere else on the entire Internet06:16 <@Topiary> Thus faggot doxers become enraged06:28 <@Laurelai> lol06:29 <@tflow> lftp tflow@triumph.operationfreedom.ru:~/anonleaks> mirror -R /home/eagle01/hbgary-www06:29 <@tflow> Total: 9 directories, 165861 files, 0 symlinks06:29 <@tflow> New: 165861 files, 0 symlinks06:29 <@tflow> 9404003092 bytes transferred in 2337 seconds (3.84M/s)06:29 <@tflow> done06:30 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: @tflow06:33 -!- Netsplit over, joins: @tflow06:35 <~Avunit> wait is the06:35 <~Avunit> home dir06:35 <~Avunit> anonleaks/hbgary06:35 <~Avunit> or06:35 <~Avunit> anonleaks/hbgary-www?06:37 <@tflow> hbgary06:37 <@tflow> i renmaed it to hbgary06:37 <~Avunit> k06:37 <@tflow> renamed*06:49 <~Avunit> i am going to be awesome06:49 <~Avunit> srs06:50 * Avunit has created a twitter.06:50 <~Avunit> \0/06:51 <@Topiary> Sweet06:51 <@Topiary> super133706:57 <~Avunit> AvunitAnon06:59 <@Topiary> Splendid

back

trac

esec

urity

.com

06:59 <@Topiary> Laurelai: that's interesting they use "meatflower" for the password @ your article. They used the same password for one other malware archive and his WoW bot.07:02 <~Avunit> Who should i all follow?07:03 <~Avunit> D:07:03 * Avunit is a twitter newb.07:05 * Avunit stabs topiary.07:06 <@Topiary> @AnonymousIRC @WikiLeaks @atopiary @Anony_Ops07:06 <@Topiary> @AnonymousLeaks07:06 <@Laurelai> @crowdleaks07:06 <@Laurelai> >.>07:07 <@Topiary> And of course @crowdleaks07:08 <~Avunit> oh yeah @crowleaks :P07:08 <~Avunit> had the rest already07:13 <~Avunit> hurray07:13 <~Avunit> @AvunitAnon is done >.>07:14 <@Topiary> You're like that guy I know, but less cool07:14 <@Topiary> you know that guy I talk about07:14 <@Topiary> I think his name is Topiary07:14 <@Topiary> he's pretty cool07:15 <~Avunit> oh shush you :p07:17 * Avunit throws a twitter at topiary.07:18 -!- Topiary [topiary@do.the.impossible] has quit [Ping timeout: 121 seconds]07:19 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel07:19 -!- Topiary [topiary@do.the.impossible] has joined #hq07:19 -!- mode/#hq [+o Topiary] by HQBot07:19 <@Topiary> Honestly, I switch locations for 2 days and my connection is a joke.07:19 <@Topiary> It's a pain in my multiple Anonymous asses.07:19 <~Avunit> You are a joke.07:21 <@Topiary> In incredibly sexy joke.07:21 <~Avunit> shhh07:22 <~Avunit> biatch07:25 <~Avunit> </307:26 * Avunit mails a complaint about topiary.07:26 <@tflow> http://twitter.com/ED_Official/status/3664302309376409607:26 <@Topiary> You're right, AnonLeaks should focus on leaking07:26 <@Topiary> not incredibly sexy boys07:26 <@tflow> Sounds like ED's going to have some fun.07:27 <~Avunit> biatches07:27 <~Avunit> qq07:27 <@Topiary> Indeed, tflow.07:28 <~Avunit> ED is awsum.07:29 <@Topiary> Do we have any other content prepared for AnonLeaks? What's the site going to look like on Monday?07:30 <~Avunit> we dont have any other content afaik, thats what i was asking yesterday07:30 <~Avunit> have we got any plans for after a few weeks after the leaks07:30 <@Topiary> I think it looks good the way it is, just add links to full HBGary spools07:30 <@Topiary> in place of those 9 teasers07:30 <@Topiary> when the time comes.07:30 <@tflow> anonleaks.ru will redirect to hbgary.anonleaks.ru, which will be a little portal to all the

back

trac

esec

urity

.com

HBGary inboxes07:31 <@tflow> (whcih i'm making now)07:31 <@Topiary> can't you just set up direct links to the inboxes on anonleaks.ru itself07:31 <@Topiary> and do you need anything written?07:32 <@tflow> Well07:32 <@tflow> it's anonleaks.ru not hbgaryleaks.ru07:32 <@tflow> So in the future we might have other leaks07:32 <@Topiary> which can also be put on the front page07:32 <@tflow> We can't only put hbgary leaks on anonleaks.ru07:32 <@tflow> but07:33 <@tflow> anonleaks.ru should be a portal to all the leaks07:33 <~Avunit> ^07:33 <@tflow> (so far, only hbgary)07:33 <~Avunit> +107:33 <@Topiary> okay, that works07:33 <@tflow> i.e.07:33 <@tflow> if there's a leak for abc07:33 <@tflow> anonleaks.ru will have a link to hbgary.anonleaks.ru and abc.anonleaks.ru07:33 <@Topiary> that sounds good07:33 <@tflow> but atm there's only 1 leak07:34 <@tflow> we might have acslaw.anonleaks.ru if needed07:34 <@tflow> but idk if there's any demand07:34 <~Avunit> gotta be weary that the hbgary stuff is 10gb already tho ;p07:34 <~Avunit> to mirror more i gotta get more drive space xD07:36 <~Avunit> We all do realise that in a few days we put up a network thats going to be awesome yes?07:38 <@Topiary> FYI I totally call dibs on any official HBBGary lawyer takedown notice from angry people in suits07:38 <@Topiary> "I sent those Anons a takedown order, Anons hate takedown orders"07:38 <@Topiary> Will be the last thing they think before they shit themselves.07:38 <~Avunit> xD07:38 <@tflow> http://pastehtml.com/view/1d7u5vs.html07:38 <@tflow> how's this so far?07:39 <~Avunit> triumph.operationfreedom.ru/hbgary wont work :P07:39 <@Topiary> That's really good tflow07:39 <~Avunit> itll only react on hbgary.anonleaks.ru :p07:40 <~Avunit> but furthermore awesum07:40 <@tflow> Avunit: Can you set an alias for that?07:40 <@tflow> It's incase DNS goes down07:40 <~Avunit> yarr07:40 <@tflow> kgreat07:40 <~Avunit> well ill make hbgary.operationfreedom.ru07:40 <@Topiary> is that the page anonleaks.ru will be redirected to @ pastehtml?07:40 <~Avunit> so put that there07:41 <@tflow> Topiary: no, that page will be hosted on hbgary.anonleaks.ru07:41 <@tflow> Avunit: k07:41 <@Topiary> So there'll be a link to hbgary.anonleaks.ru on anonleaks.ru or will anonleaks.ru auto direct to hbgary.anonleaks.ru until next leak07:41 <@tflow> yeah

back

trac

esec

urity

.com

07:44 <~Avunit> Memory 390 MB 512 MB 07:44 <~Avunit> lulz07:46 <~Avunit> okay hbgary.operationfreedom.ru will be on the nameservers in like 4hrs07:55 <@tflow> Topiary, Avunit: can we share some of those complaint emails to #anonleaks?07:55 <@tflow> mainly the chuck norris one07:55 <~Avunit> Lol sure :p07:55 <~Avunit> theyre like not s3cret anyway07:56 <~Avunit> when the box is a bit full we should leak our own e-mails anyway07:56 <~Avunit> ^.^07:56 <@tflow> ^07:56 <~Avunit> NEW LEAK07:56 <~Avunit> complaints@anonleaks.ru!07:56 <@tflow> on april fools07:57 <~Avunit> oh yeah!07:57 <~Avunit> ill drop in my avunit@anonleaks.ru e-mail too :p08:02 <@entropy> morning08:02 <~Avunit> gd morning entropy08:02 <@entropy> you guys see what we did last night08:02 <~Avunit> on this lovely leaking day08:02 <@entropy> since like half the boxes went down08:02 <@entropy> tis tis08:02 <~Avunit> inocwatudidthar08:03 <@entropy> lol08:03 <@entropy> i just wget -r -l2 opfreedom/hbgary ...08:03 <@entropy> then change the dns to my ukraine svr08:03 <@entropy> to keep anonleaks.ru up08:04 <@entropy> are all those boxes back up?08:04 <~Avunit> think so08:17 <~Avunit> ^.^08:34 <@entropy> one of the mirrors should be a tor hidden server08:34 <@entropy> those are almost impossible to take down or find08:35 <@tflow> yeha08:36 <@entropy> i can set one up on a totally seperate box now08:36 <@tflow> sweet08:36 <@entropy> tflow: you saw what i did to keep anonleaks.up?08:36 <@entropy> i can change it back if you want08:36 <@entropy> just didnt want it down all night08:36 <@tflow> yeah, you saved it :-)08:37 <@tflow> btw ukraine.phiral.net doesn't resolve08:37 <@entropy> i know i moved everything i have out of usa08:37 <@entropy> so im stil lrebuilding everything08:37 <@tflow> ah08:37 <@tflow> what url should i put for the mirror?08:37 <@tflow> (in the mirrors page)08:37 <@tflow> just ip?08:38 <@entropy> yea08:38 <@tflow> ok08:38 <@tflow> http://91.211.116.134/hbgary08:39 <@entropy> ok your going to do it like that vs round robin dns?

back

trac

esec

urity

.com

08:39 <@entropy> mirrors vs anonleaks.ru having like 6 ips08:39 <@tflow> both08:39 <@entropy> ok08:39 <@tflow> so if dns goes down, they can access it from those urls08:40 <@entropy> yea the dns is the primary reason i started thinking about tor hidden node08:40 <@entropy> if they attack that and the svrs its down08:40 <@entropy> btut a tor link will always be up08:40 <@entropy> as long as tor net is08:40 <@tflow> yeah08:48 <~Avunit> <3 tor hidden services08:51 <@entropy> my boxes are getting slow scanned08:52 <@entropy> from MCI Communications Services, Inc. d/b/a Verizon Business UUNET65 (NET-65-192-0-0-1) 65.192.0.0 - 65.223.255.25508:52 <@entropy> Kintiskton LLC UU-65-208-151-112-D1 (NET-65-208-151-112-1) 65.208.151.112 - 65.208.151.11908:52 <@entropy> like 20 differnt ips from that subnet08:52 <@entropy> really slow like 1 per minute09:05 <@entropy> http://lo3xhuh3qkvinvgu.onion:81/09:05 <@entropy> ^ tor hidden 09:07 <@tflow> The server at lo3xhuh3qkvinvgu.onion is taking too long to respond.09:07 <@entropy> i just did it09:07 <@entropy> i think it take like 10 minutes09:07 <@tflow> ah09:07 <@tflow> nice09:07 <@entropy> i cna see it already09:08 <@entropy> your using port 81 right?09:08 <@tflow> where should i sync it to?09:08 <@tflow> yeah09:08 <@entropy> 94.102.51.13609:08 <@entropy> how are you syncing?09:08 <@tflow> sftp/ssh09:08 <@entropy> /var/www/tor_hidden/09:08 <@entropy> ill make you an acct09:11 <@entropy> same ssh port and pass as the others09:11 <@tflow> ok, ty09:11 <@tflow> syncing shortly09:13 <@entropy> ok ill change the owner of that dir o you09:18 <~Avunit> so the portal page is like done too tflow?09:21 <@tflow> http://pastehtml.com/view/1d7vhbu.html09:21 <@tflow> how is that?09:23 <&marduk> ehlo09:23 <@tflow> yo09:23 <@tflow> http://pastehtml.com/view/1d7vhbu.html09:23 <@tflow> how is that?09:23 <&marduk> arh. vlad is back09:23 <@tflow> for hbgary.anonleaks.ru09:23 <&marduk> naic!09:23 <~Avunit> maek it hbgary.operationfreedom.ru :p09:24 <@tflow> I know, i changed them on purpose

back

trac

esec

urity

.com

09:24 <@tflow> incase the psatehtml gets leaked09:24 <~Avunit> ah k09:24 <&marduk> btw09:24 <&marduk> https://github.com/Laurelai/decompile-dump/blob/master/09:24 <&marduk> stuxnet disassmble09:24 <~Avunit> you created mirrors@anonleaks.ru already?09:25 <@tflow> not ye09:25 <@tflow> not yet*09:25 <~Avunit> And will you handle it yourself or you want others to keep an eye on that mail too?09:27 <@tflow> i can handle it, but any of you can help09:28 <~Avunit> feel free to hook me up with the mail if you want to, though then ill need to have access to the html page too prob to be able to update the page09:28 <~Avunit> otherwise you still have to do it all :P09:28 <@tflow> all you'll really need to do is lftp <mirror> and then mirror -R /path/to/files09:28 <@tflow> might make a script to do it automatically09:29 <~Avunit> i has no access to the box you distribute it from though :P09:29 <@entropy> theres going to be a direct link to a 9Gb download on the page?09:29 <@tflow> yeah09:30 <@tflow> but on archive.hbgary.anonleaks.ru09:30 <@entropy> should prob just have a lin kto a full torrent09:30 <@tflow> so not everyone has to have it09:30 <@tflow> yeh i suppose09:30 <&marduk> hmm maisl not really up atm?09:30 <@entropy> that site is going to get killed09:30 <~Avunit> well torrent doesnt have the most up to date html files tho09:30 <&marduk> greg's index doesnt work09:30 <@tflow> its up09:31 <&marduk> oh now it works, strange09:31 <@tflow> u sure you have it in your hosts file?09:31 <&marduk> yeah.. now works, just one time didnt09:31 <&marduk> maybe chache 09:32 <&marduk> anpther one offered to mirror09:32 <&marduk> mhh *thinks*09:32 <@tflow> who?09:32 <&marduk> soserious09:32 <~Avunit> otherwise youd need a direct lnik to the html files and tell em to download the emails from a torrent?09:35 <&marduk> tackle is STILL down? :o09:35 <&marduk> ah no09:35 <&marduk> getting it back now09:39 <@entropy> http://lo3xhuh3qkvinvgu.onion:81/ is up everywhere now09:39 <@entropy> its just slow as hell09:39 <@entropy> it has to run as tor so mirroring will take some manual interaction09:42 <~Avunit> The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.09:42 <~Avunit> y09:42 <@entropy> for what the tor site?09:42 <~Avunit> yarr09:44 <@entropy> its lighthttp

back

trac

esec

urity

.com

09:44 <@entropy> ill disable mod_compress09:44 <@entropy> thats a wierd error though09:45 <~Avunit> [When I went to the site a while ago, it named the AnonLeaks team with addresses such as The Internets and Serpent Nebula. Now they're gone, replaced by Problem officer? complaints@anonleaks.ru]09:45 <~Avunit> i run lighttpd on triumph too09:46 <&marduk> Avunit: lamers09:46 <~Avunit> before09:46 <~Avunit> well09:46 <~Avunit> before you said09:46 <~Avunit> 'is up everywhere now'09:46 <~Avunit> it did work for me09:46 <&marduk> i meant the guy who cant find the team page anymore09:46 <@tflow> lol who said that?09:48 <~Avunit> guis09:48 <~Avunit> imma be twitter newb09:48 <~Avunit> how to get direct link09:48 <~Avunit> to one of my own statuses?09:50 <~Avunit> oh there09:50 <~Avunit> http://twitter.com/#!/AvunitAnon/status/3679808115232358409:50 <~Avunit> :309:50 <~Avunit> irisbecometwittahpro09:52 <~Avunit> Thank you! Which number should I call? I will email David or Richard as well:) Will he tell me why you are registered in .ru domain?09:52 <~Avunit> i hope09:52 <~Avunit> shes trolling me09:52 <~Avunit> because otherwise09:52 <~Avunit> shes really dumb09:53 <~Avunit> read that e-mail tflow09:53 <~Avunit> its the russian thingie in the inbox09:53 <~Avunit> is she srs? xD09:54 <@entropy> whos asking you that09:54 <~Avunit> sec ill paste the whole mail convo09:54 <&marduk> mm what inbox?09:56 <@tflow> Topiary, you here?09:56 <@Topiary> Just woke up09:56 <@tflow> ah09:56 <@tflow> I think we should modify the press release09:56 <@tflow> For greg's mail09:57 <@tflow> As circumstances have changed09:57 <~Avunit> http://securepastebin.com/go/retrievePost.action?id=6338 pass: complaints09:57 <@tflow> Instead of making it seem like revenge for us, we need to highlight the fact that they tried to attack wikileaks09:58 <&marduk> where is the PR?09:58 <@tflow> http://pastehtml.com/view/1d5wg3k.html09:58 <~Avunit> Topiary09:58 <&marduk> tx09:58 <~Avunit> read that09:58 <~Avunit> is she srs? :p

back

trac

esec

urity

.com

09:58 <@Topiary> Already read it09:58 <@Topiary> tflow: okay, I'm gonna get up, eat, do some things09:58 <@Topiary> then I'll work on that09:59 <@tflow> sweet09:59 <&marduk> tflow: yes, fully agree. also that chamber of commerce thing09:59 <~Avunit> Well09:59 <~Avunit> what the fuck should I say09:59 <~Avunit> to that russian woman?09:59 <@entropy> tell her that they support freedom of speech more then anyone else10:00 <@entropy> and wont give our info out10:00 <@entropy> its basically the truth10:00 <&marduk> uhm10:00 <&marduk> whats her questions?10:00 <@entropy> Thank you! Which number should I call? I will email David or Richard as well:) Will he tell me why you are registered in .ru domain?10:01 <&marduk> ohh10:01 <&marduk> at the bottom10:01 <@entropy> http://gtoltxwurxbbadzf.onion:81/10:02 <@entropy> i remade it without any compression10:02 <@entropy> these hidden services are more unstable then heihachi10:02 <&marduk> Avunit: well quite simple, she can redirect her questions to same email address (maybe we should have a press@ one?). as for the .ru domain, it'S hardened and US cant kill the domain. quite simple.10:02 <@Topiary> Ask the press lady for questions she might have so we can answer, it's that simple10:02 <@Topiary> I've done that for months with 'em10:02 <~Avunit> Im using my avunit@ email atm10:02 <~Avunit> well my main concern was10:02 <~Avunit> that she dont even got the fact10:02 <~Avunit> that she got trolled10:03 <~Avunit> in the first lines10:03 <~Avunit> :p10:03 <@Topiary> It happens10:03 <&marduk> nah10:03 <&marduk> she put in a smiley10:03 <&marduk> well we'll see i guess, no harm in a quick, straight up reply imo10:04 <@Topiary> 1) ask press for proof of their identify, give them webIRC link to #reporter10:04 <@Topiary> 2) ask them to ask about our shit in email10:04 <@Topiary> 3) trololol10:04 <@entropy> should definetly make this http://pastehtml.com/view/1d5wg3k.html not seem like revenge10:04 <&marduk> i think Topiary is on that?10:04 <@Topiary> I'm doing that soon, just woke up10:04 <@Topiary> okay BRB10:04 <&marduk> :)10:05 <@entropy> if we insinate we knew they were attacking wikileaks still be heros10:05 <&marduk> mhh hardly believable10:05 <@entropy> yea thats true and if cought will be 1000x worse10:05 <@Topiary> that's not a good path to go down10:05 <@entropy> but should do revenge

back

trac

esec

urity

.com

10:05 <@entropy> *shouldnt10:05 <&marduk> the story was told already. aaron tries to screw, we break in and uups.. wikileaks connection10:06 <&marduk> we should stay with the truth, 100%10:06 <@Topiary> no, we do not want to say we knew about WL before we leaked them, that is a road to destruction10:06 <&marduk> 'full disclosure'10:06 <@entropy> yep your right10:07 <@Topiary> our story is actually more meaningful seeing as we attacked Aaron Barr for specific revenge and everything else was accidental10:07 <@Topiary> which it was10:07 * Topiary neglects to get up for now, dumps his release into piratepad and works on it10:07 <&marduk> lol :)10:07 <&marduk> i should get some food10:07 <&marduk> mmm10:07 <~Avunit> http://twitter.com/#!/AvunitAnon/status/36798081152323584 still lolling about them :P10:11 <@tflow> http://jdhdf2j.semisecure.org/10:11 <@tflow> How is this so far? for search10:11 <@tflow> atm still to do: make it link to anonleaks.ru + make it possible to searcha phrase for more than 3 chars10:12 <&marduk> tflow: give clue how to insert date10:12 <&marduk> (syntax)10:12 <@tflow> if you click the date box, a box should popup10:12 <&marduk> also.. hmm is it possible to limit search to subject?10:12 <&marduk> oh!10:12 <&marduk> sorry sidnt see that hehe10:13 <&marduk> like a checkbox "subject only"10:13 <@tflow> ok now it links to anonleaks10:16 <@tflow> and for the subject.. you can order the search results by subject10:17 <&marduk> well, minor i thought it could be implemented easily.. 10:17 <&marduk> sometimes you remember a mail because of a phrase in a subject10:18 <&marduk> but if its a common phrase.. search will give too many results10:18 <&marduk> if it also matches body10:22 <&marduk> also btw the "meet the team" link is invisible again, may wanna fix that on occasion (that was because we put up an older mirror when anonleaks.ru went down and we moved to another IP)10:22 <&marduk> although i must admit10:22 <&marduk> i kinda like it invisible.. its still quite obvious10:23 <~Avunit> I like it this way10:23 <~Avunit> with the complaints thingie under it10:23 <&marduk> yup10:23 <&marduk> +110:24 <@entropy> i can switch the dns back if its back up10:24 <@entropy> that was the 88 ip i think10:24 <@entropy> dont rememebre it though10:25 <&marduk> AnonymousLeaks 1037 followers Ã\o/10:26 <~Avunit> AvunitAnon 0 followers \0/10:26 <~Avunit> hah bitch i win

back

trac

esec

urity

.com

10:26 <&marduk> oh i can be your first!10:26 <&marduk> yay10:26 <@Topiary> http://pastehtml.com/view/1d5wg3k.html updated10:26 <&marduk> you now have a follower!10:26 * marduk reads10:26 <@Topiary> bottom half changed10:26 <@Topiary> top half same10:26 <~Avunit> \0/10:28 <&marduk> Topiary: maybe -- just a thought -- i'd like to quote that they threatened with a "swift response" and we're still waiting. we know it is a hollow threat but we still don't appreciate it?10:28 <@Topiary> Okay, sec10:28 <&marduk> ah you quoted the swift part10:29 <&marduk> just below a sentence then or so10:29 <@Topiary> Oh, I did10:29 <@Topiary> Anonymous has falsified nothing; we leaked your inboxes in full with no edits. In fact, most of your emails contain S/MIME digital signatures, proving that they're real. This information is now free to the public, and you honestly think you can wriggle your way out of it by accusing Anonymous of tampering with your data?10:29 <@Topiary> That being said, we can see why you'd lie like this. You had intended to disrupt WikiLeaks' operations with two other firms, and not only has that plan been revealed to the public, both of those firms have officially cut all ties with you. Anonymous gives a nod to Palantir and Berico for doing the right thing.10:29 <@Topiary> As for HBGary, we still award you no points. What we find truly pathetic is that you'd willingly work with the U.S. Chamber of Commerce to create a smear campaign against WikiLeaks while shrugging off any damages caused to innocent people, including wives and children. You are the real terrorists here.10:29 <@Topiary> these are the updated paragaphs10:29 <@Topiary> in case the html link dun goof'd10:30 <@tflow> http://jdhdf2j.semisecure.org/10:30 <@tflow> thoughts?10:30 <@entropy> tflow: want me to switch the main dns back to 92.241.162.216 or no?10:30 <~Avunit> hurray i has a follower on twitter10:31 <~Avunit> looks nice tflow10:31 <&marduk> and an awesome one, he doesnt follow everybody!10:31 <@Topiary> Looks good tflow10:31 <&marduk> yup indeed10:31 <@Topiary> http://pastehtml.com/view/1d5wg3k.html10:32 <&marduk> hmm10:32 <&marduk> i am not quite sure10:32 <&marduk> with the end10:33 <@tflow> end?10:33 <@tflow> oh10:33 <@tflow> for the press release10:33 <&marduk> i'd suggest different last two paragraphs.. yes for topiaria10:33 <&marduk> let me draft something10:33 <@tflow> btw i think we should put the wikileaks stuff first10:33 <@tflow> then the revenge part last10:34 <&marduk> Hmm.. I'd actually suggest a different approach. when will we release that, tomorrow when we go public?

back

trac

esec

urity

.com

10:34 <@tflow> it will make us seem like heros10:34 <@tflow> (they read about us exposing their wikileaks plans; then they read about us being targetted for exposing them)10:35 <&marduk> i'd like to sketch something up; you can then see if you like it or will only use parts10:35 <~Avunit> i thought we were going for a tonight release?10:35 <&marduk> anonleaks.ru public tonight?10:35 <~Avunit> in that case we really gotta be working towards having everything ready and only having to add the IPs in the dns pool10:35 <&marduk> its actually better than tomorrow.. as it will be ready tomorrow morning10:36 <@entropy> whats the ip of anonleaks.ru supposed ot be?10:36 <@entropy> the main one10:36 <&marduk> wel as for the PR .. my idea was.. to put AnonLeaks in the focus.. and play HBGary as a side story10:36 <&marduk> using the wikileaks thing (and chamber of commerce) as example why what we do is important10:37 <&marduk> nothing about revenge actually... at least only very very subtle10:38 <@Topiary> Why? This *is* about revenge.10:38 <~Avunit> Fact is we started with revenge10:38 <~Avunit> and ended at a wikileaks 'conspiracy'10:38 <@Topiary> This is all about revenge, don't destroy that glory just to gain attention for AnonLeaks10:39 <@Topiary> we are not the people who "uncovered" their scandals10:39 <@tflow> I don't think we should completely cut out the revenge part, but we should put emphasis that they're not innocent10:39 <@Topiary> we are the people who took revenge upon them10:39 <@tflow> and that they tried to shutdown wikileaks10:39 <@tflow> i.e. it's just revenge for pissing US off10:39 <@Topiary> feel free to edit10:39 <@tflow> it's not*10:40 <&marduk> Topiary: yes but revenge is like putting the tongue out. and it'S small compared in what we revealed regarding wikileaks and chamber of commerce10:40 <&marduk> and who knows what else comes out10:40 <@Topiary> marduk: what's your point?10:40 <&marduk> well.. we dont need to rush just yet...10:40 <&marduk> ill let you see my idea soon10:40 <@Topiary> there's very accurate paragraphs about WikiLeaks in there, we don't need to become reporters on it10:41 <&marduk> it'll have the revenge partm too10:41 <&marduk> hey i just want to make an alternative suggestion10:41 <@entropy> wtf10:41 <&marduk> if you dont care, fine10:41 <&marduk> i do other things then10:41 <~Avunit> HEY10:41 <~Avunit> instead of shouting at eachother10:41 <~Avunit> write a differetn version10:41 <~Avunit> and then people can merge10:41 <~Avunit> and whatever.10:41 <@Topiary> don't get all pissy, go ahead and write your thing10:41 <&marduk> I AM NOT SHOUTING AND SHUT THE FUCK UP

back

trac

esec

urity

.com

10:41 <&marduk> i am already doing that :OD10:42 <&marduk> and i'm not pissy heh10:42 <~Avunit> DO NOT USE THAT TONE10:42 <~Avunit> I am serious there.10:42 <@Topiary> EVERYBODY SHUT THE FUCK UP I AM USING CAPS LOCK10:42 <@tflow> STFU10:42 <@entropy> my box is getting ddosed10:42 <~Avunit> dump ips pls10:42 <@entropy> im restarying via ctrl panel10:42 <&marduk> i cant lose my nerves on irc. should i use caps it'S all sarcastic :p10:42 <&marduk> now.. brb busy.10:43 <~Avunit> I can, and no offense to you but especially since I walke din last time and you started shouting at me10:43 <~Avunit> while im trying to get updated <.<10:43 <~Avunit> I am close to glining people then so i can just do my work >.>10:43 <&marduk> wut?10:43 <&marduk> when did i shout at you? :o10:43 <~Avunit> When I told you the viewer was offline.10:43 <@entropy> wtf https://vpsadmin-ua.santrex.net is down10:43 <~Avunit> theyre ddosing whole santrex? :O10:44 <~Avunit> or they just fail? :p10:44 <&marduk> eh.. you must have interpreted sth wrong10:44 <@entropy> santrex10:44 <~Avunit> id almost love heihachi.10:45 <@entropy> can you get on https://vpsadmin-ua.santrex.net?10:45 <~Avunit> narr10:45 <~Avunit> cannot establish a connection10:46 <@entropy> 92.241.184.78 and 80 are up10:47 <@entropy> i can get in via ssh10:47 <@entropy> but them in just dropped out10:47 <@entropy> or froze10:50 <~Avunit> :/10:50 <~Avunit> strange10:50 <@tflow> [15:28:17] <+Anonymous9> Guys10:50 <@tflow> [15:28:18] <+Anonymous9> IDea10:50 <@tflow> [15:28:25] <+Anonymous9> Whoever is working on anonleaks.ru10:50 <@tflow> [15:28:37] <+Anonymous9> If we want to generate a bit of press anticipation about this10:50 <@tflow> [15:28:52] <+Anonymous9> Put a countdown clock of some kind up on the home page, to the intended release time10:50 <@tflow> [15:28:56] <+Anonymous9> And put "Expect us" under it10:50 <@tflow> [15:28:59] <+Anonymous9> in big text10:50 <@tflow> [15:30:09] <+Anonymous9> I guarantee this will be good for viral buzz, folks10:50 <~Avunit> yarr10:50 <~Avunit> want me to do that?10:50 <@tflow> sure10:51 <~Avunit> k getting the index.html to update it10:51 <~Avunit> in how much hours we gonna release?10:51 <@tflow> but show us first

back

trac

esec

urity

.com

10:51 <@tflow> hm10:51 <@tflow> ideas?10:51 <&marduk> sec; almost done with my alt version10:51 <@tflow> 9pm utc?10:52 <~Avunit> thats err 4 hours?10:52 <@entropy> my fucking password and shitdosent work for that server10:52 <@tflow> 510:52 <~Avunit> k10:53 <@entropy> what the fuck10:54 <@entropy> im locked out of the ukraine box10:54 <@entropy> and santrex is down for ukraine10:54 <@entropy> http://bgp.he.net/net/91.211.116.0/22#_dns10:55 <@entropy> 91.211.117.72 vpsadmin-ua.santrex.net10:55 <@entropy> yet i can ping them10:55 <@entropy> wtf is goign on here10:57 <@entropy> oh fuck10:57 <@entropy> santrex is out of uk not ru10:57 <@entropy> how the fuck could i not have seen this11:00 <&marduk> okay, what do you thing: http://pastebin.com/C3Yqb7su -- nott 100% yet (there are some (?) where i dont think the word is right)11:00 <&marduk> but i like this version a bit better11:00 <&marduk> what you think?11:02 <@tflow> i like it but there shouldn't be any references to anonleaks11:02 <&marduk> not?11:02 <@tflow> all references should be to anonymous11:03 <&marduk> hmm, but we do reference to the full leaks tho? which ARE anonleaks?11:03 <&marduk> well we can take out anonleaks 11:03 <&marduk> thats simple11:03 <@Topiary> The first paragraphs doesn't make sense grammatically now11:03 <@Topiary> *paragraph11:03 <&marduk> oh.. hmm that could be a copy/paste accident :s11:04 <&marduk> well first paragraphs can actually remain, i didnt change much there11:04 <@tflow> i think we should use topiary's release, but with this paragraph:11:04 <@tflow> #11:04 <@tflow> But do not get us wrong, this is not all about revenge. Your leaked communication reveals that your companies were entangled in highly dubious and most likely illegit activity, including a smear campaign against Wikileaks and potential opponents(?) of the Chamber of Commerce. Apparently this was done with full knowledge of the Department of Justice. While the whole truth has yet to be uncovered, 11:04 <@tflow> AnonLeaks feels that it is its duty to let the world know what you and related companies and Government agencies are up to. We will not idly stand by while companies like HBGary work in secrecy to undermine rights of citizens or institutions like Wikileaks. 11:04 <&marduk> s/AnonLeaks/Anonymous/11:04 <&marduk> ?11:04 <@tflow> or something similar11:04 <@tflow> yeah marduk11:04 <@Topiary> Yes I do like the highly dubious bit11:04 <@Topiary> And take out "apparently" IMO11:05 <@tflow> can't we mix your press released?

back

trac

esec

urity

.com

11:05 <&marduk> "You tried to play the game. You lost." << hehe how about this11:05 <@tflow> Topiary's top + marduk's bottom11:05 <&marduk> yeah plus fix my grammar11:05 <&marduk> also "opponent" is not good i think11:05 <~Avunit> http://pastehtml.com/view/1d7wtqx.html11:06 <&marduk> hehe11:06 <&marduk> are WE SURE?11:06 <~Avunit> its without the css file11:06 <@Topiary> Niiiiice11:06 <~Avunit> but you get the gist of it11:06 <@tflow> y so purple?11:06 <~Avunit> tflow: now css makeup11:06 <~Avunit> its white with css i think11:06 <@tflow> also y no anonleaks logo11:06 <~Avunit> no*11:06 <&marduk> cool love it (in correct CSS) ... IF WE CAN 100% MAKE THE DEADLINE11:06 <~Avunit> becaaaause11:06 <~Avunit> its a seperate file :p11:07 <~Avunit> http://pastehtml.com/view/1d7wulg.html11:07 <~Avunit> there you are11:07 <~Avunit> if you upload that one11:07 <~Avunit> itll work with logo and hwatever11:07 <~Avunit> and my css file11:08 <~Avunit> i used a public javascript function11:08 <~Avunit> so credits are in the .html source11:08 <~Avunit> cba to write one myself if theyre public available :p11:09 <~Avunit> we're sure about the 5 hours?11:09 <~Avunit> if so; put it online tflow!11:10 <@entropy> ns3 and anonleaks.ru is down11:10 <@entropy> so is santrex ctrl panel11:10 <@Topiary> not sure about which release to do, I just think if we both write one, they should be meshed without meshing paragraphs themselves11:10 <@entropy> i just emailed them11:10 <@Topiary> one person adding to another's single paragraph never works11:10 <@tflow> Let's start a pad then?11:10 <@tflow> Avunit: lemme make sure first11:11 <~Avunit> tflow: wait about 30mins - 1h with putting the enw one up then11:11 <~Avunit> because ill have dinner first11:11 <@tflow> ok11:11 <~Avunit> make sure we get another box temp to host anonleaks.ru on as a homepage meanwhile and that we can release in 5 hrs11:11 <~Avunit> brb11:11 <~Avunit> <3 ya all11:12 <&marduk> <3<3 and whoever thought i was shouting or angry; i wasnt.11:12 <@tflow> entropy: anonleaks.ru is up here11:12 <@tflow> oh wait no it's down11:12 <@tflow> lemme change the dns11:12 <&marduk> doesnt work here11:12 <@entropy> its cached most likely

back

trac

esec

urity

.com

11:12 <@entropy> whats wierd is santrex control pael is down11:12 <@entropy> and my box is down11:12 <@entropy> but i can ping both11:13 <&marduk> mm11:13 <@entropy> it just happened11:13 <@entropy> i thought it was ddos11:13 <@entropy> but it looks like im locked out11:13 <@tflow> entropy: what's the ttl for the ns?11:13 <@entropy> how long the record lasts11:13 <@entropy> before refresh11:13 <@entropy> oh11:13 <@entropy> its 5 minutes11:13 <@tflow> ah11:13 <@tflow> should be good11:13 <@entropy> unless i restart then its instant11:13 <@entropy> how so?11:14 <@tflow> anonleaks.ru is cnamed to www.anonleaks.ru right?11:14 <@entropy> yes11:14 <@entropy> both on my box11:14 <@entropy> thats down11:14 <@entropy> oh wait11:14 <@entropy> cname11:14 <@entropy> i can get in the dns ns1 and ns211:14 <@entropy> the ru ones11:14 <@entropy> ukraine is down11:15 <@entropy> no theres no cname in here11:15 <@tflow> cname them please11:15 <@entropy> oh theres a a record for www11:15 <@entropy> 92.241.162.21611:15 <@entropy> its not a cname11:15 <@tflow> cname to anonleaks.ru to www.anonleaks.ru11:15 <@entropy> ok11:16 <@entropy> http://www.anonleaks.ru/11:16 <@entropy> 40411:16 <@entropy> i can cname the other way around11:16 <@tflow> i mean11:16 <@tflow> anonleaks.ru CNAME www.anonleaks.ru11:16 <@tflow> so anonleaks.ru goes to www.anonleaks.ru11:19 <@Topiary> http://piratepad.net/lYa7c9TSHp pad for editing11:20 <&marduk> well, should i put in my paragraphs at the bottom?11:22 <@tflow> entropy: done yet?11:22 <@entropy> no i killed al lthe logs11:22 <@tflow> http://anonleaks.ru/ - up now.11:22 <@entropy> and dns isnt restartign with that cname11:22 <@entropy> so i cant see the error11:23 <@tflow> seems up here11:23 <@entropy> yea i just manually put the ip for now11:23 <@tflow> ah..11:23 <@entropy> no cname

back

trac

esec

urity

.com

11:23 <@entropy> i put both to the www ip11:23 <@entropy> its that ok11:23 <@entropy> if not ill have to kee p looking why this cname isnt working11:38 <~Avunit> hai guis11:38 <~Avunit> Are we sure we can roll in like 4hrs and 20 mins?11:39 <~Avunit> tflow?11:40 <&marduk> also mainpage should have the mail link11:40 <&marduk> i'D make it a little smaller tho11:40 <@tflow> let me just get everytinh ready first11:40 <@tflow> should take me about 30 mins11:40 <~Avunit> okay http://pastehtml.com/view/1d7wulg.html theres the main html page again11:40 <~Avunit> tell me when we put it on11:41 <&marduk> yup looks good. sans no pic11:41 <~Avunit> yeah the pic is included11:41 <~Avunit> but with a ./anonleaks3.jpg11:41 <@Topiary> marduk: check pad, everything good?11:41 <&marduk> yeah i knwo11:41 <&marduk> sec11:42 <&marduk> "This was done with full knowledge of the Department of Justice. " <<< hmmm11:42 <&marduk> i think we should put it more vague11:42 <&marduk> Apparantly or sth11:42 <&marduk> because we dont really know 100%11:42 <&marduk> shouldnt claim that11:44 <&marduk> "Evidence even suggests that this was done with full knowldge of the U.S. Department of Justice."11:44 <&marduk> ?11:44 <&marduk> we SHOULD mention the DoJ indeed11:45 <@entropy> avunit: was it santrex that locked you out of your vps last time?11:45 <~Avunit> when what where?11:45 <@tflow> btw, hm11:45 <~Avunit> i never use a santrex box11:45 <~Avunit> apart from yours11:45 <@tflow> i can't do it if entropy's box is down11:45 <@entropy> its down11:45 <@tflow> greg's raw emails are there11:45 <@entropy> on what box?11:45 <@entropy> the ukraine one?11:45 <@tflow> ukraine11:46 <@entropy> i emailed them11:46 <@entropy> and made a ticket11:46 <@entropy> you dont have them anywhere else?11:47 <@tflow> on my pc11:47 <@tflow> but my upspeed is too slow11:47 <&marduk> meh.11:47 * marduk hates problems11:47 <@tflow> nvm11:47 <@entropy> i hate these fucking boxes11:47 <@tflow> the emails are still on the prq box11:47 <@entropy> and getting locked out for no reason

back

trac

esec

urity

.com

11:47 <@tflow> i can grab em from the prq box11:47 <@tflow> dw11:48 <~Avunit> k11:48 <@entropy> https://vpsadmin-ua.santrex.net < was up like 2 hours ago11:50 <@tflow> entropy is the tor hidden service stillup?11:50 <@entropy> yea should be11:51 <~Avunit> well if you can get it from the prq box we should be fine11:51 <@entropy> what the fuck11:51 <~Avunit> for our 'supposed' deadline11:51 <@entropy> they sent me this11:51 <@entropy> https://www.santrex.net/termsofservice.php. Failure to comply with the terms will result in suspension/termination.11:51 <@entropy> For Open, Scheduled, or Resolved network issues please check https://clients.santrex.net/networkissues.php11:51 <@entropy> If you want to earn money by sending people our way, the best place is to get activated is at https://clients.santrex.net/affiliates.php11:51 <@entropy> Thank you for choosing Santrex.11:51 <@entropy> Your sincerely,11:52 <@entropy> Santrex Internet Services11:52 <@entropy> London, UK11:52 <~Avunit> lulz11:52 <~Avunit> standard response?11:52 <@entropy> no its not11:52 <@entropy> 11:52 <@entropy> [View original HTML in new window]11:52 <@entropy> Santrex Internet Services Ltd.11:52 <@entropy> Luca Hall,11:52 <@entropy> Thank you for contacting our support team. A support ticket has now been opened for your request. You will be notified when a response is made by email. The details of your ticket are shown below.11:52 <@entropy> Please note while we try our best to maintain a 24/7 quick response time, it may be slightly slower during weekends SAT-SUN and after normal working hours.11:52 <@entropy> well i guess every one ion here knows my real name11:52 <@entropy> ...11:53 <@entropy> but no11:53 <@entropy> its not standard11:53 <@entropy> i thnkm they kileld my two vps11:53 <@entropy> but not the ru ones11:53 <~Avunit> why would the 11:53 <~Avunit> vpsadmin11:53 <~Avunit> be down toot hen?11:54 <@entropy> i have no idea11:54 <~Avunit> and they must give a proper reason too imo, but fine11:54 <~Avunit> should bug them11:54 <~Avunit> to say whats exactly going on11:57 <@entropy> how much does dns cost on the heihachi boxes?11:57 <~Avunit> dns? watcha mean?11:58 <@entropy> where you reg the domain11:58 <~Avunit> oh i rgged at nic.ru/en

back

trac

esec

urity

.com

11:58 <@entropy> hos much for them to provide dns11:58 <@entropy> im afraid they are goign to shut my ru boxes down11:58 <@entropy> i dont know if im parnoid or what11:58 <~Avunit> their vps admin is down for me too11:58 <@entropy> yea but my vps are down11:59 <@entropy> and no services running on any ports11:59 <@entropy> 2 of them11:59 <@entropy> for no reason11:59 <~Avunit> maybe other santrex ua boxes are down too?11:59 <~Avunit> apart from yours?11:59 <@entropy> ah didnt check11:59 <~Avunit> try the ip range?12:00 <@entropy> they are fuckign up12:00 <@entropy> nmap -sP 91.211.116.1-25612:00 <@tflow> why are they shutting it down?12:01 <@entropy> their vpsadmin is down too12:01 <@tflow> and perhaps we should setup some backup ns12:01 <@tflow> like on triumph or something12:01 <@entropy> so hopefully its just somethings wrong with thier box12:01 <@entropy> 2 of mine are down12:01 <@entropy> but i can ping my vps12:01 <~Avunit> rather on tackle then12:01 <@entropy> but ssh or www is not running12:02 <@entropy> and they are set to run at boot12:02 <~Avunit> check port 22 and 80 on the ip range?12:02 <&marduk> tflow: 12:02 <&marduk> 17:02 <%DrPizza> q: The e-mails sent from greg's account to jussi; how were they sent?12:02 <&marduk> can you clarify?12:02 <&marduk> 17:02 <&q> from his gmail account12:02 <&marduk> 17:02 <%DrPizza> did tis occur after the password for greg's account was reset 12:02 <&marduk> i think yes12:02 <&marduk> we needed to reset his pass to get in?12:03 <@tflow> yes12:03 <&marduk> thx12:05 <@tflow> yeah12:11 <@entropy> ok they have it in their network issues12:11 <@entropy> its not just me12:13 <~Avunit> k tflow12:13 <~Avunit> you're going fine with the mails?12:14 !twisted.operationfreedom.ru *** HQBot invited Nessuno834 into the channel12:14 -!- Nessuno834 [fag@fag.fag] has joined #hq12:14 -!- mode/#hq [+o Nessuno834] by HQBot12:14 <@Nessuno834> Im a fucking idiot12:14 <~Avunit> truth12:15 <~Avunit> I just finished scanning your ip range too entropy :P12:15 <@entropy> yea noone ese is open 12:15 <@entropy> and they have network issue12:15 <@entropy> we are investigating the issue at the moment. updates will be here.

back

trac

esec

urity

.com

12:16 <~Avunit> Hello,12:16 <~Avunit> My name is Sam.12:16 <~Avunit> I would like to be interviewed to be a member of your team.12:16 <~Avunit> I do not want money. Please let me know how I can help.12:16 <~Avunit> Thank you,12:16 <~Avunit> Sam12:16 <~Avunit> lulz12:16 <@tflow> http://internetfeds.mil.nf/hbgary/12:16 <@tflow> does this look fine to all your browsers?12:16 <@tflow> i know it's fine in firefox + all ie12:16 <~Avunit> fine on firefox.12:16 <&marduk> Avunit: send to #repoter?12:16 <~Avunit> err12:16 <~Avunit> marduk12:16 <&marduk> fine on chrome/linux12:17 <~Avunit> he wants to join the 'team'12:17 <&marduk> oh hah12:17 <&marduk> sorry, misread12:17 <&marduk> lulz12:17 <~Avunit> im going to troll him12:17 <~Avunit> badly12:17 <&marduk> cc case please :)12:17 <@Nessuno834> tflow looks fine on ff 12:17 <@Nessuno834> on linux12:17 <@tflow> ok gr812:23 <~Avunit> sent and bcc to you marduk12:23 <~Avunit> not really superb trolling12:23 <~Avunit> but fine12:23 <@Nessuno834> search.hbgary.anonleaks.ru dead link?12:24 <~Avunit> yesh12:24 <~Avunit> not public yet12:24 <~Avunit> tflow, ready to roll the new index.html in?12:25 <@Nessuno834> aha12:25 <~Avunit> and will we make the 3hr and 30 mins one?12:25 <&marduk> heh av12:26 <&marduk> i like it :)12:26 <@Nessuno834> can i see?12:26 <&marduk> wait ill paste12:26 <@tflow> not yet. wait a sec12:26 <@tflow> can we get some backup dns going incase entropy's goes down?12:26 <@tflow> maybe afraid.org?12:26 <&marduk> Nessuno834: http://securepastebin.com/go/retrievePost.action?id=6344 pw bla12:26 <@tflow> dydns?12:27 <~Avunit> how will they get updated tho?12:27 <@tflow> via the site12:27 <~Avunit> since we use the dns bot here12:27 <@tflow> well it's just for backup12:27 <@Nessuno834> I lolled12:27 <~Avunit> well we can but its not really needed

back

trac

esec

urity

.com

12:27 <&marduk> 4.: Please hack and root 8.8.8.8 and give us a link to the php shell.12:27 <&marduk> :D12:27 <~Avunit> i mean we got 3 nameservers and only the UA have some network probs12:28 <~Avunit> yeah im curious if he'll reply with12:28 <~Avunit> LULZ GOOGLE!?12:28 <~Avunit> if needed ill throw tackle in when entropys boxes will get taken down, but that probabvly wont happen12:28 <@tflow> all 3 ns are in santrex..12:28 <@tflow> and 1 is down already12:28 <~Avunit> Yes but tflow they only got network problem12:28 <~Avunit> s12:28 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel12:28 -!- kayla [mysql3@fbi.gov] has joined #hq12:28 -!- mode/#hq [+o kayla] by HQBot12:28 <@kayla> :D12:28 <~Avunit> it has nothing to do with actual stuff12:29 <@entropy> avunit: im just assuming that12:29 <@tflow> are they all in the same datacenter?12:29 <@entropy> and ns1 and ns2 are the same box12:29 <@entropy> just diff ips12:29 <@entropy> yes same datacenter12:29 <~Avunit> blegh entropy12:29 <~Avunit> you got soem time left?12:29 <@entropy> i have no clue12:29 <&marduk> kkkkkkay<3la12:30 <~Avunit> ill install bind and give you an accounto n tackle so you can config it entropy with the files you havwe12:30 <@Nessuno834> ohai kayla12:30 <@Nessuno834> fuck im too hungry12:30 <@entropy> ok12:30 <@entropy> avunit: what os?12:30 <~Avunit> debian512:30 <~Avunit> oh wait12:30 <~Avunit> fedora12 on tackle12:31 <~Avunit> ;.;12:31 <@entropy> ok if you make it the primary12:31 <~Avunit> triumph is debian5 :P12:31 <@entropy> i can set it up exactly so you can run the bot12:31 <~Avunit> does it need to be the primary? :/12:31 <@entropy> no12:31 <@entropy> just saying12:31 <@entropy> you can only run the bot on the primary12:32 <&marduk> woah12:32 <~Avunit> yeah tackle sometimes lags a bit due to heihachi12:32 <~Avunit> so not the best idea12:32 <&marduk> lag+++12:32 <&marduk> a bit heh12:33 <&marduk> cant connect to tackle atm... hmm12:33 <~Avunit> im in tackle fine

back

trac

esec

urity

.com

12:33 <&marduk> ah now12:33 <&marduk> yeah.. lag gone now12:33 <&marduk> had bad lag on triumph as well12:33 <&marduk> 17:31 -!- x [x@The.Internet] has joined #hqddddddddeeedddd12:33 <&marduk> lulz12:34 <&marduk> so countdown?12:35 <@kayla> 512:35 <@kayla> 412:35 <@kayla> 312:35 <@kayla> 212:35 <@kayla> 112:35 <@kayla> :D12:36 <&marduk> kayla: http://jdhdf2j.semisecure.org/12:37 <&marduk> Topiary: ?12:38 -!- kayla [mysql3@fbi.gov] has quit [Quit: Lost terminal]12:41 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel12:41 -!- kayla [mysql3@fbi.gov] has joined #hq12:41 -!- mode/#hq [+o kayla] by HQBot12:43 <@tflow> so how's the press release?12:43 <&marduk> i removed the last sentence, i like it better12:43 <@tflow> link?12:43 <&marduk> but wanted to hear Topiary's opinion12:43 <&marduk> http://piratepad.net/lYa7c9TSHp12:43 <&marduk> (its still at the bottom in ()12:44 <@tflow> looks gd12:45 <&marduk> think so do12:45 <@tflow> http://hbgary.operationfreedom.ru/12:45 <@tflow> http://internetfeds.mil.nf/hbgary/12:45 <@tflow> ready12:45 <@tflow> (don't share links yet obv)12:45 <&marduk> obv12:45 <&marduk> so countdown?12:45 <@tflow> sec12:45 <~Avunit> we're installing a 4th nameserver meanwhile12:45 <~Avunit> think the countdown can go online12:46 <&marduk> we will truly deliver12:48 <~Avunit> atleast it should be put online soon otherwise we gotta put it a few horus futher away12:48 <~Avunit> because a countdown that only lasts 30 mins12:48 <~Avunit> would be... useless :p12:49 <&marduk> hmm we could make it midnight UTC?12:49 <~Avunit> id prefer to do the current12:49 <~Avunit> but if we wait12:50 <~Avunit> well then we have to delay it a bit12:50 <&marduk> or midnight CET/23.00 GMT12:50 <&marduk> tflow: ?12:50 <&marduk> what you think?12:50 <@tflow> i don't mind12:50 <&marduk> midnight CET sounds kinda cool12:50 <&marduk> imo

back

trac

esec

urity

.com

12:50 <&marduk> or GMT12:51 <@tflow> is tat midnight UTC?12:51 <&marduk> UTC=GMT12:51 <&marduk> 0.00 GMT = 1.00 CET12:52 <&marduk> i'd suggest either midnight UTC or 23.00 UTC12:56 <&marduk> mmm12:56 <~Avunit> id suggest a bit earlier12:56 <~Avunit> since i got college tomorrow :p12:57 <@tflow> entropy12:57 <&marduk> well okay, but then but it up12:57 <@entropy> yea12:57 <@entropy> im doingit now12:57 <@tflow> what's the ssh port for your tor server12:57 <&marduk> 23.00 CET, 22.00 UTC?12:57 <@entropy> 2292212:57 <@tflow> root@cybercom:~# ssh tflow@94.102.51.136 -p 2292212:57 <@tflow> ssh: connect to host 94.102.51.136 port 22922: Connection refused12:57 <@entropy> its not up12:57 <@entropy> i know12:58 <@tflow> when will it be up?12:58 <@entropy> i have no idea12:58 <@entropy> i dont know why its not up12:59 <@entropy> it _seems_ like they reset them12:59 <@entropy> but i havent got any email12:59 <~Avunit> Hello Mr. Shepard,12:59 <~Avunit> Thank you for this wonderful test.12:59 <~Avunit> I will enjoy working on this for fun!12:59 <~Avunit> I would like to help your team by sending funds to help the cause. (This my friend is not a joke.)12:59 <~Avunit> Please let me know how I can send money and learn how to help,12:59 <~Avunit> Thank you,12:59 <~Avunit> Sammy Nakhla MD, an Egyptian-American that believes in truth and rooting out corruption.12:59 <@tflow> ukash vouchers plz12:59 <~Avunit> yarr12:59 <~Avunit> mail that13:00 <~Avunit> or paysafecards D:13:00 <@tflow> yes13:00 <~Avunit> if hes a rich ass we'll be rolling on deds. but every buck will help P13:00 <~Avunit> :P*13:00 <@tflow> or liberty rserve13:01 <@kayla> :D13:01 <@kayla> rich? :D?13:01 <@tflow> girls always light up at that word :P13:02 <~Avunit> Your message has been sent.13:02 <~Avunit> no kayla, no diamonds for you13:02 <&marduk> lol13:03 <@kayla> :(13:04 <~Avunit> dstufft Baw baw black sheep

back

trac

esec

urity

.com

13:04 <~Avunit> Just saw the disaster that is anonleaks.ru What's the supposed justification for this? (Don't everyone all parrot at once) #fail #terrorism13:05 <@tflow> who said that?13:05 <~Avunit> dstufft13:05 <&marduk> twitter13:05 <~Avunit> ill gief you link13:05 <~Avunit> sec13:05 <&marduk> yeah i saw that13:05 <&marduk> *ignoring*13:05 <~Avunit> http://twitter.com/#!/dstufft/status/3684458723031449613:05 <~Avunit> i was lolling at him13:05 <&marduk> who is that btw?13:05 <~Avunit> no idea13:05 <@tflow> 47 followers13:05 <@tflow> gay13:05 <~Avunit> just saw it in my anonleaks search :p13:05 <&marduk> i heard the name befroe13:05 <&marduk> but dont know in what context13:06 <~Avunit> anyway13:06 <~Avunit> guis 13:06 <~Avunit> lets get a countdown timer up?13:06 <&marduk> YES PL0X!13:06 <&marduk> or do we need to wait for entropy's ssh?13:06 <@tflow> ok13:06 <~Avunit> not rly13:06 <~Avunit> tflow13:06 <@tflow> but we only have 3 confirmed mirrors13:06 <~Avunit> shall we increase it13:06 <@tflow> that's down from 513:07 <~Avunit> with one hour?13:07 <~Avunit> just to be sure?13:07 <&marduk> +1 for that13:07 <@tflow> i think we should only start the timer like 2hrs before13:07 <@tflow> or 1.513:07 <@tflow> b/c it might attract ddos13:07 <~Avunit> iunno13:07 <&marduk> if you see soserious .. he will mirror too13:07 <&marduk> what about p0ke?13:07 <~Avunit> well with a few mirrors its doable13:07 <~Avunit> otherwise id start it now13:07 <&marduk> mhh13:07 <~Avunit> since its like 3hrs13:08 <@tflow> also13:08 <@tflow> set up mirrors@anonleaks.ru plz13:08 <~Avunit> i mean ddos might be bad for us, but it does prove our point13:08 <~Avunit> i will sec13:08 <&marduk> 2h timer will be missed by many. i like 3+ better13:09 <@kayla> so whats happening :D?13:09 <&marduk> we're anticipating teh Launch!

back

trac

esec

urity

.com

13:09 <@kayla> :D13:10 <@kayla> what time?13:10 <&marduk> 3 or 4 hours?13:10 <@kayla> nice :)13:11 <@tflow> i love how all this happens exactly 1 week after the incident13:11 <~Avunit> \0/13:11 <@tflow> rapid response13:11 <~Avunit> tflow, shall we just go for the 3hr timer?13:12 <@tflow> so what time should we release?13:12 <~Avunit> http://pastehtml.com/view/1d7wulg.html13:12 <~Avunit> 2hrs and 47 mins left13:12 <~Avunit> which is not too long or too short13:12 <&marduk> i like that13:12 <@tflow> can we increase by 15 mins?13:12 <~Avunit> of course13:12 <~Avunit> sec13:12 <@tflow> b/c i need 2 shit13:13 <@tflow> for like an hour13:13 <@tflow> haven't taken a shit in a while13:13 <&marduk> just put it onnnnnnnnnn 13:13 <~Avunit> http://pastehtml.com/view/1d7ygxh.html13:13 <~Avunit> 15 mins increase13:13 <~Avunit> 3hrs and 1min to go13:14 <~Avunit> put it on13:14 <~Avunit> shout13:14 <~Avunit> and lets roll13:14 <@tflow> Avunit, put it on triumph13:14 * Avunit readies his epic twitter.13:14 <~Avunit> where you want me to put it?13:14 <~Avunit> your home?13:14 <@tflow> /home/tflow/anonleaks/main13:14 <@tflow> then set a vhost for it13:15 <~Avunit> ill need the other files too though13:15 <@kayla> 11 hours, 59 minutes, 18 seconds13:15 <@kayla> Expect us.13:15 <@kayla> Teasers:13:15 <~Avunit> the .jpg and emails13:15 <@kayla> :s 11?13:15 <~Avunit> ets 3 for me13:15 <~Avunit> oh god13:15 <@tflow> i'll upload them13:15 <@tflow> or don't u have them?13:15 <~Avunit> whats it for the rest of you?13:16 <~Avunit> tflow: not the most updated ones13:16 <@tflow> 3pm?13:16 <@kayla> says 11 foe me13:16 <~Avunit> nono 3 hours13:16 <~Avunit> but for kayla its 11 houras13:16 <&marduk> 3h here too

back

trac

esec

urity

.com

13:16 <&marduk> goes by timezone? :o13:16 <@tflow> o13:16 <~Avunit> oh crap13:16 <~Avunit> >.<13:16 <~Avunit> i shouldve written the file myself13:16 <&marduk> :((13:16 <@tflow> says 3 mins 4813:16 <@tflow> says 3 hrs 4813:16 <@tflow> *13:16 <@tflow> says 3 hrs 58*13:17 <&marduk> yeah it's probably depending on your timezone13:17 <~Avunit> gsdjklgdklajgklagjklejklaejgjlagjkla13:17 <~Avunit> trying to fix13:17 <~Avunit> goddamnit13:17 <~Avunit> javascript is client side13:17 <~Avunit> d'oh13:18 * Avunit slaps self.13:20 <~Avunit> well lthis gives me quite a problem13:20 <~Avunit> as i prob cant use javascript13:20 <@tflow> meh...13:20 <@tflow> just use timeanddate.com13:20 <&marduk> *sigh*13:20 <@tflow> to make a counter13:22 <@entropy> avunit ok its setup13:22 <@entropy> that was a bitch13:23 <@entropy> ps -waux shows wied shit13:23 <@entropy> no clue why the fuck ps removed the '-' for options13:25 <&marduk> year=2011&amp;month=02&amp;date=13&amp;hrs=21&amp;ts=24&amp;tz=UTC&amp;min=0&amp;sec=0&amp;lang=en&amp;show=dhms&amp;mode=t&amp;cdir=down&amp;bgcolor=%23CCFFFF&amp;fgcolor=%23000000&amp;title=Countdown%20To" width="250" height="365" scrolling="no" frameborder="1" style="overflow:hidden;width:15.6em;height:22.8em;"><a ...13:25 <&marduk> ... href="http://www.7is7.com/otto/countdown.html?year=2011&amp;month=02&amp;date=13&amp;hrs=21&amp;ts=24&amp;tz=UTC&amp;min=0&amp;sec=0&amp;lang=en&amp;show=dhms&amp;mode=t&amp;cdir=down&amp;bgcolor=%23CCFFFF&amp;fgcolor=%23000000&amp;title=Countdown%20To">Countdown To</a></iframe>13:25 <&marduk> would that work13:26 <&marduk> urg13:26 <@tflow> ?13:26 <&marduk> http://www.7is7.com/otto/countdclock.html13:26 <~Avunit> plau tflow13:26 <~Avunit> im uploading13:26 <&marduk> ah k13:26 <@tflow> did u fix the issue?13:27 <~Avunit> yes13:27 <~Avunit> i used time and date13:27 <~Avunit> with an iframe13:27 <@tflow> preview?

back

trac

esec

urity

.com

13:27 <~Avunit> sec13:28 <~Avunit> http://pastehtml.com/view/1d7ynji.html13:28 <&marduk> UTC13:28 <&marduk> 0 Day, 02 Hr, 46 Min, 40 Sec13:28 <@tflow> remove the UTC part? i think13:29 <~Avunit> lemme see if i can13:30 <~Avunit> done13:30 <~Avunit> want me to show it again?13:30 <@tflow> yes plz13:31 <~Avunit> http://pastehtml.com/view/1d7yp0k.html13:31 <&marduk> looks okay13:31 <@tflow> looks gd13:31 <@tflow> put it on triumph13:31 <&marduk> unless day is easily removable....13:32 <~Avunit> k13:32 <~Avunit> oh i might be able to remove that13:32 <~Avunit> oh i cant13:32 <~Avunit> damnit13:32 <&marduk> ah nvm13:33 <&marduk> not important.13:33 <&marduk> let me know when it is up live so i can tweet from AnonLEaks13:33 <~Avunit> ill tweet too obviously with my 1 followers13:33 <~Avunit> home/tflow/anonleaks/main/index.html13:34 <@tflow> ok13:34 <@tflow> did you upload all the other files too?13:34 <@tflow> and set the vhost?13:34 <~Avunit> nope13:34 <~Avunit> can you sftp them?13:34 <~Avunit> ill set anonleaks.ru to that page yes13:34 <@tflow> k13:34 <~Avunit> sec13:35 <~Avunit> updating a 4th nameserver13:37 <~Avunit> vhost set13:37 <~Avunit> ready to roll when the files are there13:37 <@tflow> files are up13:38 <~Avunit> entropy has to edit it in the dns?13:39 <@entropy> no its set13:39 <@entropy> root@ru:/var/named/chroot/etc# nslookup ns4.anonleaks.ru 127.0.0.113:39 <@entropy> Server: 127.0.0.113:39 <@entropy> Address: 127.0.0.1#5313:39 <@entropy> Name: ns4.anonleaks.ru13:39 <@entropy> Address: 77.91.227.23713:39 <~Avunit> i mean13:39 <~Avunit> the actual13:39 <~Avunit> address13:39 <@entropy> but it has to probpagate via ni13:39 <~Avunit> of anonleaks.ru13:39 <~Avunit> for 13:39 <~Avunit> the site

back

trac

esec

urity

.com

13:39 <~Avunit> and www.anonleaks.ru13:39 <@entropy> whats the ip?13:39 <~Avunit> sec13:40 <~Avunit> 77.91.225.16813:40 <@tflow> no..13:40 <@tflow> oh13:40 <@tflow> i mean13:40 <@tflow> can't you cname it?13:40 <~Avunit> iunno well thats the ip of the box13:40 <@tflow> i mena13:40 <~Avunit> itll react on www. and just anonleaks.ru13:40 <@tflow> anonleaks.ru cname www.anonleaks.ru13:41 <~Avunit> that didnt work before did it?13:41 <@entropy> ill try but i dont think you can cname the origin13:41 <@tflow> so if we edit www from dnsbot, it will upate on anonleaks.ru13:41 <~Avunit> i generally do it the other way around :P13:41 <~Avunit> cname www to origin :P13:41 <@tflow> well its so that we can edit it from dnsbot..13:41 <@entropy> theres no way via dns bot to do that13:41 <@entropy> unless i rewrite part of it13:41 <@tflow> you can edit www from dns bot13:41 <~Avunit> well he meant that if we can cname the origin13:41 <~Avunit> we can edit www13:42 <@entropy> ok hold on13:45 <@entropy> no you cant do that or i dont know how13:45 <@tflow> shame13:45 <@tflow> ok13:45 <@tflow> i need you to change the ip back 5 mins before launch13:46 <@entropy> ok whens that happening13:46 <@entropy> im going to a fight in like 2 hours13:46 <@entropy> 10 fights so probably 3 hours maybe13:46 <@tflow> 2 hours 30 mins lol13:47 <@entropy> ...13:47 <@tflow> does Avunit have access to it?13:47 <@entropy> yes13:47 <&marduk> hmm cant you give axx to someone who will be here?13:47 <&marduk> ah13:47 <@tflow> ok that should be fine then13:47 <~Avunit> I shall do et gentlemen.13:47 <&marduk> YES pl0xxi13:47 <@entropy> ok edit /var/named/chroot/var/named/db.anonleaks.ru13:47 <@tflow> we must celebrate13:47 <@tflow> on launch13:47 <@entropy> edit the serial number increment it by 113:47 <&marduk> ill be here13:47 <&marduk> (=13:47 <~Avunit> yeah and update the serial right :P13:47 <~Avunit> yup13:47 <~Avunit> did it before :p

back

trac

esec

urity

.com

13:47 <@entropy> 2011020945 ; serial13:47 <~Avunit> whats your 13:47 <@entropy> change this line to the ip13:47 <@entropy> IN A 92.241.162.21613:48 <~Avunit> config?13:48 <@entropy> then www IN A 92.241.162.21613:48 <~Avunit> liek start command?13:48 <@entropy> /var/named/chroot/var/named/db.anonleaks.ru13:48 <@entropy> /etc/init.d/bind9 restart13:48 <~Avunit> k thx13:48 <@entropy> why is it gettign released in 2:30?13:49 <@entropy> 430 est?13:49 <~Avunit> did you set the ip to triumph already or i gotta do that now?13:50 <@tflow> well13:50 <@tflow> in utc it will be almost monday13:50 <@Nessuno834> so when do i get open my champagne?13:50 <~Avunit> okay im setting the ip now13:50 <&marduk> CET even moreseo13:50 <&marduk> Nessuno834: 2,5h13:50 <@Nessuno834> coolio13:51 <@Nessuno834> gonna be very drunk the bubbles go to my head13:52 <~Avunit> $ ./bind9 restart13:52 <~Avunit> * Stopping domain name service... bind9 [ OK ]13:52 <~Avunit> * Starting domain name service... bind9 chmod: changing permissions of `/var/run/named': Operation not permitted13:53 <@entropy> $13:53 <@entropy> sudo su13:53 <&marduk> also, press release is here: http://piratepad.net/lYa7c9TSHp13:53 <&marduk> for later13:53 <&marduk> need to be made clean with logo and shit13:53 <~Avunit> rndc: connect failed: 127.0.0.1#953: connection refused does that matter?13:54 <@entropy> no13:54 <~Avunit> k13:54 <~Avunit> waiting for it to be udpated then13:54 <@tflow> marduk: the press release will ony be on the torrent anyway13:54 <&marduk> tflow: oh? hmm not via anonnews?13:54 <&marduk> gives more exposure13:55 <@entropy> avunit: /usr/sbin/rndc -s localhost -c /var/named/chroot/etc/rndc.conf reload13:55 <@entropy> thats prob better13:55 <&marduk> yay13:55 <&marduk> timer is up13:56 <~Avunit> http://twitter.com/#!/AvunitAnon/status/3686113387282841613:56 <~Avunit> tweeted13:56 <~Avunit> but your dns might take time to reload it13:56 <~Avunit> for me the www. has the counter and the origin not13:56 <@tflow> oh13:56 <@tflow> never though of it13:57 <~Avunit> fine13:57 <~Avunit> dns is updated there now too

back

trac

esec

urity

.com

13:57 <~Avunit> SPREAD IT13:57 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @Nessuno83414:00 <~Avunit> http://twitter.com/#!/AvunitAnon/status/36861133872828416 http://twitter.com/#!/AvunitAnon/status/36861133872828416 http://twitter.com/#!/AvunitAnon/status/3686113387282841614:00 <~Avunit> lets rawl14:01 -!- Netsplit trust.operationfreedom.ru <-> triangle.operationfreedom.ru quits: @tflow14:01 !twisted.operationfreedom.ru *** HQBot invited Nessuno834 into the channel14:01 -!- Nessuno834 [fag@fag.fag] has joined #hq14:01 -!- mode/#hq [+o Nessuno834] by HQBot14:01 <&marduk> hmm14:01 <@Nessuno834> was that netsplit14:01 <@Nessuno834> or my fag laptop14:01 <&marduk> yes tackle and triumpg vanished14:02 <&marduk> err triangle14:02 <@Nessuno834> though so14:02 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel14:02 -!- mode/#hq [+o tflow] by HQBot14:02 -!- Netsplit over, joins: tflow14:03 <@Nessuno834> right boys and girls14:03 <@Nessuno834> I got a lot to do14:03 <~Avunit> triangle vanished mainly14:03 <&marduk> also tackle14:03 <&marduk> but vlad still there?14:03 <&marduk> unusual14:03 <@Nessuno834> but if for some reason u need me, may happen one day?! highlight me14:04 <~Avunit> entropy!14:04 <&marduk> oh tackle is back14:04 <&marduk> didnt notice14:04 <@entropy> yo14:04 <~Avunit> did you kill triangle?14:04 <~Avunit> well ru for you?14:04 <@entropy> no?14:04 <@entropy> why14:04 <~Avunit> Broadcast message from root@ru14:04 <~Avunit> (unknown) at 19:03 ...14:04 <~Avunit> The system is going down for halt NOW!14:04 <&marduk> triangle?14:05 <@entropy> what the fuck14:05 <@entropy> oot@ru:/var/named/chroot/var/named# 14:05 <@entropy> Broadcast message from root@ru14:05 <@entropy> (unknown) at 19:03 ...14:05 <@entropy> The system is going down for halt NOW!14:05 <@entropy> Connection to ru.phiral.net closed by remote host.14:05 <@entropy> Connection to ru.phiral.net closed.14:05 <&marduk> uhhhm14:05 <~Avunit> well thats what i had14:05 <&marduk> oh no14:05 <@entropy> tflow:

back

trac

esec

urity

.com

14:05 <&marduk> i dont believe this14:05 <@entropy> did you reboot that?14:05 <~Avunit> well it surely didnt reboot, only shutdown D:14:05 <@entropy> wha t the fuck14:06 <&marduk> Avunit: that happened on triumph a few weeks ago14:06 <&marduk> but it came back14:06 <&marduk> but FUCK14:06 <~Avunit> can you log in the vps panel?14:06 -!- Nessuno834 is now known as Nessuno14:06 <&marduk> well, i have to leave for ~40 minutes14:06 <&marduk> cant help it14:07 <@entropy> they suspened all my vps14:07 <@entropy> Active Pending Suspended Terminated14:07 <@entropy> all suspened14:07 <@entropy> yellow14:07 <~Avunit> tmklngdgkldgkljalgjerlgjljgloegjklgjklawegjljglagjlegjawelgjlgjklgjklejlagjklgljka14:07 <&marduk> URGH!?14:07 <@entropy> i have no emails14:07 <~Avunit> GODFUCKINGDAMNIT14:07 <@entropy> and still havent responed to my tickets14:07 <~Avunit> TFLOW14:07 <&marduk> uhm, can we use the others.. and stay with 3 mirros then?14:07 <@entropy> Number of Products/Services: 3 (3)14:07 <@entropy> Number of Domains: 0 (0)14:07 <@entropy> Number of Support Tickets: 214:07 <@entropy> Number of Referred Signups: 14:08 <@entropy> 3 out of 3 suspened14:08 <@entropy> what the fuck14:08 <~Avunit> which means14:08 <~Avunit> we only have14:08 <@entropy> they were just dns14:08 <~Avunit> 1 nameserver?14:08 <&marduk> ah.. hm.14:09 <~Avunit> I regret launching now14:09 <&marduk> well.. okay, back in 40m .. i hope somewhat good news then maybe :/14:09 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Ping timeout: 121 seconds]14:09 <~Avunit> goddamnit tflow14:09 <&marduk> all fux. grr.14:09 <@entropy> fuck im supposed to be goign to my friends fight soon14:10 <@entropy> how fast can i get a heihachi box14:10 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel14:10 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq14:10 -!- mode/#hq [+o tflow] by HQBot14:10 <~Avunit> not quite sure14:10 <@tflow> Firefox can't find the server at www.anonleaks.ru.14:10 <~Avunit> tflow14:10 <@tflow> y14:10 <~Avunit> damnit14:10 <@entropy> my vps are suspened

back

trac

esec

urity

.com

14:10 <~Avunit> 3 nameservers are offline14:10 <@tflow> ..14:10 <@tflow> we have 1 right?14:10 <@entropy> anyone know how to get heihachi right now?14:10 <~Avunit> yup14:10 <~Avunit> only mines is online14:10 <@entropy> like wheres the english site14:10 <~Avunit> cp.heihachi.net14:10 <@tflow> is it up?14:10 <~Avunit> yes14:10 <~Avunit> tackle is up and running14:11 <@tflow> not resolving...14:11 <~Avunit> this is not a good moment to get screwed over D:14:11 <@entropy> its not in nic.ru yet14:11 <@tflow> oh?14:11 <@tflow> how long will that take?14:11 <~Avunit> oh fuck no 14:11 <@entropy> no clue?14:11 <~Avunit> 4hrs at max14:12 <@entropy> did you do it avunit?14:12 <@tflow> depr14:12 <~Avunit> yup14:12 <@tflow> why are you vpses suspended....14:12 <@entropy> what about just a change of ip14:12 <@entropy> i have no emails from them14:12 <@entropy> if i login they are yellow14:12 <~Avunit> thats also taking the same amount of time14:12 <@entropy> i have two tickets and an email14:12 <@entropy> noone has gotten back to me14:12 <~Avunit> Shall I tweet that our NSes are down?14:13 <~Avunit> toimpale Arv14:13 <~Avunit> Wow, is @AnonLeaks down before it even got up? -- http://www.anonleaks.ru14:13 <~Avunit> xD14:13 <@entropy> its up14:13 <@entropy> my box is back up14:14 <@entropy> i just reboot it in ctrl panel14:14 <~Avunit> oh great!14:14 <@entropy> named is back14:14 <@entropy> reboot system boot 2.6.18-194.8.1.e Sun Feb 13 19:15 - 19:16 (00:01) 14:14 <@entropy> why are my vps yellow then14:15 <@tflow> so nameservers will be back?14:15 <@entropy> back right now14:15 <@tflow> :DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD14:15 <@tflow> tweet it's back up14:15 <@entropy> why did someone say it was down?14:15 <@tflow> like say sorry we had some technical issues with nameservers14:16 <@tflow> no one did yet

back

trac

esec

urity

.com

14:16 <~Avunit> tweeted14:16 <@tflow> but ppl are tweeting that its down14:16 <@entropy> thats was only like 2 minutes14:16 <@entropy> wtf14:16 <~Avunit> yeah14:16 <~Avunit> people tweeted it was down already14:16 <~Avunit> i tweeted that we had a lil problem with a host14:16 <~Avunit> but that its all resolved14:16 <@entropy> my vps say suspened14:16 <@entropy> and are yellow14:16 <~Avunit> http://twitter.com/#!/AvunitAnon/status/3686618058928947214:16 <@entropy> what if they shut it down again14:16 <@tflow> dnsbot plz14:16 <@tflow> if they shut it down we still have ns4 right14:17 <@entropy> well we had ns414:17 <~Avunit> entropy: we can only hope ns4 has been updated by then14:17 <~Avunit> but it might take 4 hrs14:17 <@entropy> why wasnt that working14:17 <@entropy> oh yea14:17 <@entropy> fuck14:17 <@tflow> dnsbot plz14:17 <@tflow> dnsbot plz14:17 <@tflow> dnsbot plz14:17 <~Avunit> im bringing it up!14:17 <~Avunit> sec14:17 <@entropy> ok hopefully it dosent happen14:17 <~Avunit> entropy14:17 <~Avunit> can you give one of us temp access tot he vps panel?14:17 <@entropy> yea14:17 <~Avunit> so we can reboot since they suck at keeping it down?14:18 <@entropy> ill check14:18 <@entropy> im not goign to the fight14:18 <@entropy> ill say here14:19 <@entropy> its only 90$14:19 <@entropy> :(14:19 <~Avunit> goddamnit14:19 <~Avunit> the perlbot refuses to start14:19 <@entropy> why?14:19 <~Avunit> iunno it starts14:19 <~Avunit> but doesnt connect14:19 <@entropy> did you change any code?14:19 <~Avunit> nope14:20 <@entropy> oh yea was doignthat to me14:20 <~Avunit> howd you fix it?14:20 <@entropy> probably because its tryign to connect to a ip in net.operationfreedom.ru thats down14:20 <~Avunit> btw can i bring the irc back too?14:20 <@entropy> thats why i put it to 127.0.0.114:20 <@entropy> yea sure14:20 <@entropy> are al lthe ips for net.operationfreedom.ru up?

back

trac

esec

urity

.com

14:21 <@entropy> and running irc?14:21 <~Avunit> only yours wasnt14:21 <@entropy> must have been tryign t connect to mine first14:21 <~Avunit> for 6 times? :p14:21 <@entropy> dont know14:21 <@entropy> try manually putting the ip14:21 <~Avunit> nope its not on yours either14:22 <@entropy> when i was deugiing thats what i did cause it would start and just hang14:22 <~Avunit> i used 127.0.0.114:22 <~Avunit> worked14:22 <@entropy> yea14:22 <@entropy> somethings up with how it resolvs ip14:22 <@entropy> i think it just picks one14:23 <@entropy> and continusly tries it14:23 -!- marduk- [user@netadmin.operationfreedom.ru] has joined #hq14:23 < marduk-> on cell14:23 <~Avunit> okay14:23 <~Avunit> its on now14:23 < marduk-> phew cool14:24 <~Avunit> brb getting some tea14:24 < marduk-> so much fun lulz14:27 <@Topiary> Backistan14:27 <@Topiary> you guys all done with the release?14:27 <@Topiary> nice timer by the way.14:28 <@tflow> server14:28 <@tflow> {14:28 <@tflow> server_name archive.hbgary.anonleaks.ru;14:28 <@tflow> location /14:28 <@tflow> {14:28 <@tflow> root html/archive.hbgary.anonleaks.ru;14:28 <@tflow> index index.html;14:28 <@tflow> }14:28 <@tflow> }14:28 <@tflow> grr y the fuck isnt that working14:28 -!- marduk- [user@netadmin.operationfreedom.ru] has quit [Ping timeout: 121 seconds]14:30 <@entropy> avunit: does triangle provide much of anything14:30 <@entropy> just goign throuw their tos14:30 <@entropy> apparenetly i cant have ircd on it14:30 <@entropy> so maybe for now to keep it up shut ircd down14:30 <@tflow> fd@luxembourg:~$ ls -lt /usr/local/nginx/html14:30 <@tflow> total 702192014:30 <@tflow> -rw-r--r-- 1 fd fd 7183403125 Feb 13 22:56 archive.hbgary.anonleaks.ru14:30 <@tflow> drwxr-xr-x 6 fd fd 4096 Feb 13 21:52 hbgary.anonleaks.ru14:30 <@tflow> -rw-r--r-- 1 root staff 383 Feb 11 04:57 50x.html14:30 <@tflow> -rw-r--r-- 1 root staff 151 Feb 11 04:57 index.html14:31 <@tflow> fucking derp14:31 <@tflow> archive.hbgary.anonleaks.ru is a file not a directory LOL14:36 <@entropy> my server is down again14:36 <@entropy> and im lockec out of ctrl panel

back

trac

esec

urity

.com

14:37 <@entropy> im getting a heihachi box right now14:37 <@tflow> damn it14:37 <&marduk> re14:37 <@entropy> avunit: if you set to use their ns just for right now it will be instant14:37 <@entropy> then i can get this box and put it up14:37 <@entropy> and then we can use off site dns14:38 <@entropy> will take 10 min14:38 <@entropy> http://cp.heihachi.net/cart.php?gid=214:38 <@entropy> are all these in russia?14:38 <@tflow> yes14:39 <@entropy> this is the exact same ctrl panel14:39 <@entropy> its not the same company is it?14:40 <@tflow> no14:40 <@tflow> many hosts use that cp14:40 <@entropy> avunit:14:40 <@entropy> fuck14:40 <@entropy> sorry i dont know what i did to have them take my shit dwn14:41 <@entropy> and i have no emails from them14:41 <@entropy> ph fuckl14:41 <@entropy> i have no fucking ewmails cause thats hosting my own dns14:41 <&marduk> is the site up? here its not, but could be the ns i use14:42 <@entropy> no its not14:42 <@entropy> we need avunit to change the dns servers it uses to its own dns14:42 <@entropy> nic.rus dns servers14:42 <@tflow> Avunit?14:42 <@entropy> they will come up the second he does it14:42 <@entropy> my phiral.net email is down14:42 <@entropy> and somain14:42 <@entropy> fuck14:43 <&marduk> he wanted to get a tea..14:50 <@entropy> my boss called me14:50 <@entropy> ans asked me if i can come into work14:50 <@entropy> they couldnt have got anythign this fast right14:51 <@entropy> my hands are fuckign shaking14:51 <@entropy> should i go there14:51 <@tflow> gahh..14:51 <@entropy> its way to fats right14:52 <@entropy> fast14:52 <@kayla> for what?14:53 <@entropy> for the police to do anything?14:53 <@kayla> i'd say so14:53 <@entropy> thats what i think14:53 <@kayla> why would they go to your work and not your house?14:53 <@entropy> i have no idea14:53 <@kayla> i think you're being paranoid :D14:53 <&marduk> yah that makes no sense, rly14:53 <@entropy> ok fuck14:54 <@entropy> too many wierd things now im fuckign paranoid as shit14:54 <@entropy> i need to calm the fuck down

back

trac

esec

urity

.com

14:58 <&marduk> i wishi i could help you in doing so14:58 <@entropy> im tryign to get in touch with our monitoring ppl14:58 <@entropy> and see whos there14:58 <@tflow> can u tweet or something? like14:59 <@tflow> some of our namservers down | backup nameservers are still propagating14:59 <@tflow> what do u think?14:59 <&marduk> yeah15:00 <&marduk> http://twitter.com/#!/AnonymousLeaks/status/3687743234245017715:01 <@tflow> Avunit15:02 <@tflow> well mirrors are still up15:02 <@tflow> http://internetfeds.mil.nf/hbgary/15:02 <@tflow> http://hbgary.operationfreedom.ru/15:02 <@tflow> http://luxembourg.cryptoanarchy.org/15:04 <&marduk> where the hell did he go?15:04 <&marduk> he wanted to get a tea :o15:05 <&marduk> and i am away again... for a while15:10 <@entropy> theres two people with my boss in my conf room15:10 <@entropy> two guys15:10 <@entropy> i have no fucking idea whats goign on15:10 <@entropy> should i call a layer before i go in there or ?15:10 <@entropy> just to be safe?15:10 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @marduk, @tflow15:16 <~Avunit> djklgadklgjdlgjak15:16 <~Avunit> sdgmldgjklal15:17 -!- Netsplit over, joins: &marduk, @tflow15:17 <~Avunit> dgjdklagjldgjkladjgkladg15:18 <~Avunit> we're getting bullshitted badly rite?15:18 <~Avunit> entropy15:18 <@entropy> i fucking wish i was bullshitting15:18 <@entropy> im goign to fucking throw up15:19 <~Avunit> jesus shitting fuck15:19 <~Avunit> why of every moment of the day15:19 <~Avunit> this moment15:19 <~Avunit> after we launched our clock15:20 <~Avunit> http://twitter.com/#!/AvunitAnon/status/3688215745239449615:20 <@tflow> Avunit15:20 <@tflow> ns4 is in the domain registration yes?15:21 <~Avunit> yes15:21 <~Avunit> its awaiting update of the ripn.net databases15:21 <@tflow> good15:21 <@tflow> plz get dnsbot for ns415:21 <~Avunit> its ready to roll15:21 <~Avunit> but gotta wait till its updated15:21 <~Avunit> and then start as primary15:21 <~Avunit> (glad i downloaded the perlbot already)15:24 <@entropy> im going into my work15:25 <~Avunit> hmm?15:30 <@kayla> entropy, im sure it's nothing <315:30 <@Nessuno> whats happening kidlets?

back

trac

esec

urity

.com

15:30 <~Avunit> well tbh15:31 <~Avunit> it happened quite quickly after we put the countdown on15:31 <~Avunit> hbgary is trying to screw us or the host is :P15:31 <~Avunit> anyway we lack nameservers15:31 <@Nessuno> reckon hbgary got an injunction?15:32 <@Nessuno> u need a nameserver?15:32 <~Avunit> We need some bulletproof nameservers15:32 <~Avunit> quickly15:32 <~Avunit> we only got one atm15:33 <@Nessuno> I'll put a few feelers out15:33 <@Nessuno> but its short notice15:34 <~Avunit> yes it is15:34 <~Avunit> but we need to get it sorted15:34 <~Avunit> i mean it is a legitimate reason to suspend the release date15:34 <~Avunit> but we gotta get it sorted15:34 <@Nessuno> looks a bit fail tho doesnt it15:35 <@Nessuno> put up countdown, lose nameservers ????? failprofit15:35 <~Avunit> yup15:35 <~Avunit> srs15:35 <~Avunit> if it was a tos notice15:35 <~Avunit> they have been watching the site15:35 <~Avunit> like 15 mins after the countdown was up15:35 <~Avunit> we got pwnd15:35 <@kayla> are all the emails in a torrent ready to go?15:36 <@kayla> because i'll be dammed if we miss a dead line, they're getting released one way or the other15:36 <@kayla> even if i have to paste them all in to irc :315:36 <@tflow> Avunit15:36 <@tflow> dnsbot for ns4?15:37 * Nessuno gets ctrl c ctrlv ready lol15:37 <~Avunit> tflow: its not even in the pool yet, when its in the pool i have to make it primary15:37 <~Avunit> and then i can run a dnsbot on it15:40 <@tflow> when did you add ns4?15:41 <~Avunit> like15:41 <~Avunit> 1hr ago15:41 <~Avunit> or 215:41 <~Avunit> smth like that15:50 <&marduk> re15:52 <&marduk> so hm15:52 <~Avunit> entropy!15:52 <~Avunit> you still alive?15:53 <@tflow> can't use nic.ru for anonleaks.ru ns?15:54 <~Avunit> tflow i told you already15:54 <~Avunit> thatd cost money15:54 <~Avunit> quite a bit15:54 <~Avunit> and15:54 <~Avunit> will take another 6 hours of updating15:54 <~Avunit> (after processign the order)15:54 <~Avunit> so its not really an option :(

back

trac

esec

urity

.com

15:55 <&marduk> hmm 15:55 <&marduk> then go public with a mirror?15:55 <&marduk> not so nice but...15:55 <~Avunit> we have one mirror15:56 <@tflow> 3 actually15:56 <~Avunit> yeah but15:56 <~Avunit> thsoe cant be used with15:56 <~Avunit> operationfreedom.ru15:56 <&marduk> another idea, why dont we just push it up to the cloud.15:57 <&marduk> sourceforge, googlecode, sourceforge?15:57 <@tflow> [20:57:35] <xor> [20:54:21] ssh root@88.80.25.223 password: kaosreigns15:57 <@tflow> [20:57:35] <xor> [20:54:48] for hosting DNS server15:57 <@tflow> [20:57:35] <xor> [20:55:18] lamda asked for halp in telecomix and i had a server doing nothing.15:57 <@tflow> [20:57:35] <xor> [20:56:20] plz tell me if you use it - otherwise i will do something with it :)15:58 <~Avunit> ENTROPY15:58 <~Avunit> damnit15:58 <~Avunit> he set up the nameservers15:58 <&marduk> he's gone to the fight i guess :/15:59 <~Avunit> tflow can you set it up? I really havent fucked around much with the setting up of our nameservers.15:59 <~Avunit> I have the db files on my server though16:00 <@tflow> [21:00:30] <xor> just so you know: 88.80.25.223 has a max upload limit of 15GB/day. no down CAP. if the up-cap is reached, 1/5th of telecomix IRC will go down16:01 <~Avunit> well thatd suck. badly.16:01 <~Avunit> but nameservers dont really eat that much16:01 <~Avunit> IRCds eat moar16:02 <~Avunit> can you set up bind9 though?16:02 <@tflow> never done it before...16:02 <~Avunit> i have... ni a very shady past with older versions <.<16:02 <~Avunit> but id rather not screw it up16:03 <~Avunit> 12 minutes till i put the triumph mirror online16:03 <~Avunit> we shall have one mirror up.16:03 <~Avunit> marduk16:03 <~Avunit> be ready to tweet it16:03 <~Avunit> it might be dieing under the pressure16:03 <&marduk> when? 10 minutes?16:03 <~Avunit> but idc, i want one mirror up16:04 <~Avunit> yup16:04 <~Avunit> http://operationfreedom.ru/16:04 <~Avunit> theres the timer16:04 <~Avunit> ill shout when i changed the host directive16:04 <~Avunit> then you can tweet16:04 <@tflow> just tweet all the mirrors16:04 <@tflow> but not yet16:05 <~Avunit> actually lulz lemme see16:05 <&marduk> http://operationfreedom.ru/ << that as domain to tweet for anonleaks temp. backup?16:05 <&marduk> hmm tell me which

back

trac

esec

urity

.com

16:05 <~Avunit> http://hbgary.operationfreedom.ru/16:05 <~Avunit> tweet that one16:05 <~Avunit> in 10 minutes16:05 <@tflow> + http://internetfeds.mil.nf/hbgary/ and http://luxembourg.cryptoanarchy.org/16:05 <&marduk> why in 10 minutes?16:05 <~Avunit> because then16:05 <~Avunit> the timer is done16:05 <~Avunit> and its our release time16:06 <&marduk> ah okay, but well...16:06 <~Avunit> http://operationfreedom.ru/ see the timer there16:06 <&marduk> its okay to tweet now 16:06 <~Avunit> nah16:06 <&marduk> and again in 10m16:06 <&marduk> ?16:06 <~Avunit> stick tot he time.16:06 <~Avunit> We have a release time.16:06 <&marduk> but nobody knows the timer?16:06 <@tflow> tweet all mirrors16:06 <~Avunit> people know its 21:15 GMT16:07 <~Avunit> We have the timer so we'll stick to it :P16:07 <&marduk> ok will tweet in 7 minutes16:07 <@tflow> what are you going tweet exactly?16:08 <@tflow> We're not going to be stopped. Here's some mirrors, anonleaks.ru domain will be back shortly:?16:08 <&marduk> sth like that16:08 <&marduk> ill tweet the timer now, tho16:08 <&marduk> and then release the mirrors16:08 <@tflow> oh and16:08 <~Avunit> I'll tweet: #AnonLeaks released: <mirrors here>, you cannot stop us. http://anonleaks.ru will be back shortly! #Anonymous16:08 <@tflow> link to the press release plz16:08 <@tflow> link to the press release plz16:08 <~Avunit> gimmel ink16:08 <&marduk> where is that?16:09 <~Avunit> Link to press release please16:09 <~Avunit> tflow16:10 <~Avunit> http://piratepad.net/lYa7c9TSHp16:10 <~Avunit> we need that16:11 <~Avunit> Shall I just put it at pastehtml too?16:11 <~Avunit> i mean then i can atleast temp link to it16:11 <&marduk> good idea16:11 <&marduk> we improvise :p16:12 <@kayla> lol16:12 <~Avunit> http://pastehtml.com/view/1d80rgv.txt16:12 <~Avunit> its ugly16:12 <~Avunit> but itll work16:12 <~Avunit> reads like shit16:12 <~Avunit> but itll work16:12 <@tflow> no im going to torrent it

back

trac

esec

urity

.com

16:13 <~Avunit> Ill link to the pastehtml too tflow, for my tweet D:16:14 <~Avunit> 60 seconds16:16 <~Avunit> GOGO16:16 <~Avunit> RELEASE16:16 <&marduk> lost link to anonops16:16 <&marduk> spread there16:16 <&marduk> anonymousleaks and anonymousirc both tweeted16:16 <&marduk> waiting for torrent release will tweet that too16:17 <@tflow> 1min16:19 <&marduk> Want to search the database? search.hbgary.anonleaks.ru16:19 <&marduk> hmm can we move the search?16:19 <@kayla> http://hbgary.operationfreedom.ru/greg_hbgary_com/16:19 <@kayla> :D16:20 <@kayla> search.hbgary.anonleaks.ru doesn't work16:20 <~Avunit> nothing with anonleaks.ru works16:20 <@kayla> oh :p16:20 <&marduk> yes i know16:20 <&marduk> which is why i am asking16:28 <&marduk> anyone here? :o16:29 <~Avunit> i am16:29 <~Avunit> kinda16:29 <&marduk> hmm got a memo from FK16:29 <&marduk> he's quitting anonops16:29 <~Avunit> what16:29 <~Avunit> wait 16:29 <~Avunit> why16:29 <&marduk> "certain opers have issues"16:29 <~Avunit> >.<16:29 <~Avunit> goddamnit16:29 <~Avunit> he was a good guy16:29 <&marduk> yes :(16:29 <&marduk> do we have means of contacting him?16:29 <&marduk> tflow: ?16:30 <@tflow> dunno...16:30 <&marduk> :/16:30 <~Avunit> lulz16:30 * Avunit checks the access.log fur the lulz16:31 <~Avunit> Read 2932 lines.16:33 <@tflow> im signing up for afraid.org16:34 <~Avunit> lemme check if anonleaks.ru works laready16:34 <@tflow> [21:32:57] <truck> indeed, all four anonleaks.ru nameservers are kaput16:34 <@tflow> [21:33:13] <truck> so @tflow sign up for every secondary dns service that exists16:34 <@tflow> [21:33:29] <truck> and set them up to use an unpublished primary nameserver as the master16:34 <@tflow> [21:33:33] <tflow> wait16:34 <@tflow> [21:33:37] <tflow> you're seeing a fourth ns?16:34 <@tflow> [21:33:42] <MadRat-> Sounds like Yemen is in it's third straight day of protests http://winnipeg.ctv.ca/servlet/an/local/CTVNews/20110213/yemen-protests-grow-110213/20110213/?hub=WinnipegHome

back

trac

esec

urity

.com

16:34 <@tflow> [21:33:43] <truck> then put all the secondaries into the domain16:34 <@tflow> [21:33:50] <MadRat-> it's = its16:34 <@tflow> [21:33:52] <truck> and @tflow indeed16:34 <@tflow> [21:33:57] <truck> do a whois of anonleaks.ru16:34 <@tflow> [21:34:10] <tflow> the fourth ns should be up16:34 <@tflow> [21:34:22] <truck> is it this one? 77.91.227.23716:34 <@tflow> [21:34:34] <tflow> yes16:34 <@tflow> [21:34:41] <tflow> the server itself is up16:34 <@tflow> [21:34:42] <truck> it's pingable but not queryable16:34 <@tflow> 4th ns seems 2 be up16:35 <~Avunit> is not being a nameserver though D:16:35 <~Avunit> biatches16:35 <@tflow> [21:35:18] <truck> port 53 appears to be filtered16:35 <@tflow> [21:35:41] <truck> nm, that's something up with my connection16:35 <@tflow> [21:35:45] <truck> don't trust that16:35 <@tflow> lol16:35 <~Avunit> lol16:36 <~Avunit> lemme check ps aux16:36 <~Avunit> it has no firewall16:36 <~Avunit> named 24278 0.0 2.5 57940 8984 ? Ssl 18:37 0:00 /usr/sbin/named -t16:36 <~Avunit> ets running16:36 <@tflow> try querying it16:38 <~Avunit> http://network-tools.com/nslook16:38 <~Avunit> worked perfectly16:38 <@tflow> yessssssssssssssssssssssssssssssssssssssssssssssssssssssss16:38 <@tflow> do u no what 2 add 4 the ns?16:38 <~Avunit> anonleaks.ru IN A 77.91.225.168 300s (5m)16:38 <~Avunit> that might be the prob16:39 <~Avunit> gotta update it manually16:39 <~Avunit> brb16:39 <@tflow> search.hbgary A 88.80.5.8416:39 <~Avunit> gimme all the servers nao16:39 <@tflow> ok you need to add the following:16:39 <@tflow> search.hbgary.anonleaks.ru 88.80.5.8416:39 <@tflow> search.hbgary.anonleaks.ru A 88.80.5.84*16:39 <@tflow> archive.hbgary.anonleaks.ru A 94.242.206.1716:40 <@tflow> hbgary.anonleaks.ru A 92.241.162.21616:40 <@tflow> hbgary.anonleaks.ru A 92.241.162.216 92.241.190.3716:40 <@tflow> hbgary.anonleaks.ru A 92.241.190.37*16:40 <@tflow> hbgary.anonleaks.ru A 94.242.206.1716:40 <@tflow> thats all16:40 <@tflow> so:16:40 <@tflow> search.hbgary.anonleaks.ru A 88.80.5.8416:40 <@tflow> archive.hbgary.anonleaks.ru A 94.242.206.1716:41 <@tflow> hbgary.anonleaks.ru A 92.241.162.21616:41 <@tflow> hbgary.anonleaks.ru A 94.242.206.1716:41 <@tflow> hbgary.anonleaks.ru A 92.241.190.3716:41 <@tflow> got it16:41 <@tflow> ?

back

trac

esec

urity

.com

16:41 <~Avunit> inserting now16:42 <~Avunit> wait16:42 <@tflow> and anonleaks.ru A 92.241.162.21616:42 <~Avunit> which ip for triumph16:42 <~Avunit> did you add16:42 <@tflow> www.anonleaks.ru A 92.241.162.21616:42 <~Avunit> in the hbgary pool?16:42 <@tflow> uhm16:42 <@tflow> Non-authoritative answer:16:42 <@tflow> Name: triumph.operationfreedom.ru16:42 <~Avunit> because the ip is 77 not 9X :P16:42 <@tflow> Address: 92.241.190.3716:42 <~Avunit> yeah16:42 <~Avunit> use operationfreedom.ru16:42 <~Avunit> thats not the web ip16:42 <@tflow> ok change it then16:45 <~Avunit> done16:46 <@tflow> :D16:46 <~Avunit> should work soon16:46 <~Avunit> i hope16:49 <~Avunit> dgjalgjdklgjaklgjdljgagajk16:49 <~Avunit> woooork16:49 <~Avunit> nslookup is working16:49 <~Avunit> just not yet in my browser16:49 <&marduk> soon soon16:50 <@tflow> we need to sign up for some free dns providers asap16:50 <@tflow> afraid.org16:50 <@tflow> buddydns16:50 <@tflow> xname16:54 <~Avunit> y is my ns querying but16:54 <~Avunit> not the anonleaks.ru in le browser?16:55 <~Avunit> fuck it16:55 <~Avunit> im starting up as main NS16:59 <&marduk> hm nslookup doesnt work for me16:59 <&marduk> 7~dig anonleaks.ru16:59 <&marduk> ; <<>> DiG 9.6.1-P2 <<>> anonleaks.ru16:59 <&marduk> ;; global options: +cmd16:59 <&marduk> ;; connection timed out; no servers could be reached16:59 <~Avunit> not now16:59 <~Avunit> i am17:00 <~Avunit> changin ns17:00 <&marduk> ah k17:00 <~Avunit> fgjkladgjkldjkla17:00 <~Avunit> tackle is lagging17:00 <~Avunit> goddamnit not now17:01 <~Avunit> and its down17:01 <~Avunit> hurray17:01 <&marduk> surprise :p17:01 <&marduk> yay heihachi

back

trac

esec

urity

.com

17:01 <~Avunit> well triumph is still up17:01 <&marduk> i know17:01 <&marduk> otherwise i wouldnt be here17:02 <~Avunit> but tackle is dead badly17:02 <&marduk> so is vlad17:02 <&marduk> the usual17:02 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Ping timeout: 121 seconds]17:04 <~Avunit> pls revive again tackle :(17:04 <~Avunit> i need yous17:07 <&marduk> :<17:07 <&marduk> well, it'S kinda amusing tho. we're basically unprepared and with lots of problems and unstableness.. yet we managed to own a multimillion us gov related sec company17:26 <@kayla> like i allways say :D17:27 <@kayla> we dont make servers we break servers :D17:28 <~Avunit> <.<17:28 <~Avunit> well17:28 <~Avunit> we're doing a good job17:28 <~Avunit> at that :p17:29 <@kayla> go team :317:29 <~Avunit> whats wrong with internetfeds.mil.nf?17:29 <~Avunit> ets timing out17:30 <&marduk> i think17:30 <&marduk> it runs on vlad17:30 <&marduk> :p17:30 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel17:30 <~Avunit> ah wait17:30 <~Avunit> its back again17:30 <~Avunit> ohshi17:30 <&marduk> so is tflow lol17:30 <~Avunit> is vlad tflows?17:30 <&marduk> so is tackle?17:30 <&marduk> yes17:30 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq17:30 -!- mode/#hq [+o tflow] by HQBot17:30 <&marduk> and if vlad is down, tackle is too.17:32 <~Avunit> tackle lives again17:32 <~Avunit> kinda17:32 <~Avunit> but why for gods sake17:32 <~Avunit> isnt it looking up the dns in my browser17:32 <~Avunit> but nslookup is17:32 <~Avunit> </317:46 <&marduk> 22:46 < xor> 89.79.56.0/24 is guessing passwords for SSH to luxembourg.cryptoanarchy.org17:47 -!- marduk is now known as Ra17:47 -!- Ra is now known as marduk18:02 <@tflow> Avunit18:02 <@tflow> hows the ns?18:03 <~Avunit> bad18:03 <~Avunit> nslookup still gives positive results

back

trac

esec

urity

.com

18:03 <@tflow> y18:03 <~Avunit> browser not18:03 <@tflow> nslookup gives nothing here18:03 <~Avunit> http://network-tools.com/nslook/18:03 <~Avunit> 77.91.227.23718:03 <~Avunit> that as nameserver18:04 <~Avunit> and domain somethign like hbgary.anonleaks.ru18:05 <@tflow> so how long would it take for it to set as the primary dns?18:06 <~Avunit> instantly18:06 <~Avunit> because that dependso n the dns18:06 <~Avunit> i just started it up as a primary18:06 <@tflow> so why doesn't it do anything if i just do 'nslookup anonleaks.ru'?18:07 <~Avunit> ive no idea18:07 <~Avunit> like i said if i use network tools18:07 <~Avunit> and insert the server18:07 <&marduk> it times out here18:07 <~Avunit> it all works fine18:07 <&marduk> if i do nslookup or dig18:07 <~Avunit> but if i try myself18:07 <~Avunit> it fails18:07 <~Avunit> can you see which nameserver its trying to query with nslookup?18:08 <~Avunit> wanna see if ns4 is in the pool18:09 <~Avunit> srs i need some sleep though18:10 <~Avunit> I can only hope its just a slowness of ripe.net18:18 <&marduk> @BBCBreaking The emails are LIVE! HBGary already attacking http://anonleaks.ru, searchable mirror here: http://hbgary.crowdleaks.org/18:18 <&marduk> lol18:18 <~Avunit> yarr i saw it18:18 <&marduk> BBC knows more than us18:19 <&marduk> phear18:19 <@tflow> :-o18:19 <@tflow> they're attacking us18:19 <~Avunit> lulz18:19 <~Avunit> lets leave them under that impression18:19 <@tflow> are tey?18:19 <~Avunit> well sure they brought our nameservers down18:19 <~Avunit> i mean18:19 <~Avunit> the tos most likely came from em18:19 <~Avunit> but we're not under ddos fire from em18:19 <&marduk> hmm18:19 <&marduk> no we should not spread lies18:19 <&marduk> backlashes18:19 <@tflow> have they?18:20 <&marduk> well fact is18:20 <&marduk> we dont know18:20 <&marduk> its funny timing18:20 <&marduk> that entropy's VPS were suspended18:20 <&marduk> and we have trouble getting the domain online18:20 <&marduk> but we dont know

back

trac

esec

urity

.com

18:20 <&marduk> ?18:20 <~Avunit> entropys VPSes/nameservers got suspended18:20 <~Avunit> but no reaction at all why18:20 <~Avunit> though it happened 15 minutes after we put the clock online18:21 <@kayla> :s18:21 <@kayla> he went in to work and there were people waiting?18:21 <@kayla> has anyone heard from him?18:21 <~Avunit> narrr18:21 <&marduk> i think he went to see a fight18:21 <@kayla> hope he is ok 18:21 <~Avunit> nah he went in to work18:21 <~Avunit> he didnt go to the fight18:21 <&marduk> oh he did?18:21 <@kayla> he said he was going to work18:21 <&marduk> mhh k18:22 <@kayla> his vps get suspended and his boss with 2 dudes or something hope he's ok D:18:23 <~Avunit> 123.190.234.7 is trying to root into triumph.operationfreedom.ru18:23 <~Avunit> on a strange port18:23 <~Avunit> oh lulz18:23 <~Avunit> hes trying different ports too18:24 <&marduk> eh tz18:25 <@tflow> why the hell is ns not working :|18:25 <~Avunit> no idea at all18:25 <~Avunit> ive got the idea that its not in the ripe.net db18:25 <@tflow> appears in whois though18:26 <~Avunit> yup18:27 <&marduk> i'll beb back in 3018:27 <&marduk> or so18:28 <@kayla> are the SSH passwords STRONG as fuck? :D18:29 <~Avunit> http://hbgary.anonleaks.ru/http://hbgary.anonleaks.ru/http://hbgary.anonleaks.ru/http://hbgary.anonleaks.ru/http://hbgary.anonleaks.ru/http://hbgary.anonleaks.ru/18:29 <~Avunit> ITS WORKING18:29 <~Avunit> kayla: i smash my head on my keyboard18:29 <~Avunit> for passwords18:29 <~Avunit> so a dictionary wont help em18:29 <~Avunit> DNS IS WORKING18:29 <@tflow> Retrieving DNS records for anonleaks.ru...18:29 <@tflow> DNS servers18:29 <@tflow> ns1.anonleaks.ru [92.241.184.78]18:29 <@tflow> ns2.anonleaks.ru [92.241.184.80]18:29 <@tflow> Query for DNS records for anonleaks.ru failed: Timed out18:30 <~Avunit> http://hbgary.anonleaks.ru/18:30 <~Avunit> is working for me18:30 <~Avunit> and anonleaks.ru gives a 404 from nginx18:30 <@tflow> not for mee.........................................................................................................................................................................................................................................................................................................................................

back

trac

esec

urity

.com

18:30 <@tflow> :(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((18:30 <~Avunit> search.hbgary.anonleaks.ru works for me too18:31 <@tflow> ALSO18:31 <@tflow> FROM NOW ON18:31 <~Avunit> flush your dns cache18:31 <@tflow> please talk n #anonleaks-staff18:31 <@tflow> because lexi and n0ants18:31 <@tflow> are pissed18:31 <~Avunit> err on which network?18:31 <@tflow> that they aren't updated18:31 <@tflow> lexi owns the search18:31 <@tflow> anonops18:38 <@kayla> they're pissed?18:38 <@kayla> what for?18:38 <@tflow> not communicating with them18:39 <@tflow> kayla: you have access there too18:39 <~Avunit> I am going to sleep now18:46 <@kayla> access where :D?18:46 <@kayla> they have no RIGHT to be pissed18:46 <@kayla> :/18:47 <@kayla> is the search working :D?18:58 <&marduk> ehere where?18:58 <@Nessuno> ohai18:58 <&marduk> back btw18:58 <@Nessuno> wats happening18:58 <&marduk> tflow: what net?18:58 <@Nessuno> I been afk18:58 <@tflow> anonops18:58 <&marduk> heh, well18:59 <&marduk> i didnT knew of that chan18:59 <@Nessuno> doesi counts as staff19:00 <@tflow> you're on the aop list19:00 <@Nessuno> invite?19:01 <@tflow> /cs invite #anonleaks-staff19:03 <@entropy> hey19:03 <@entropy> im back19:03 <@entropy> nothing that bad happened at work19:04 <@entropy> had laywers come in cause i had 3 dcmas for the last ufc on my server19:04 <@entropy> that it thoug ;)19:04 <@entropy> super paranoid for nothing19:04 <@entropy> i seriously almost threw up before i went lol19:04 <@tflow> oh fuck...19:04 <@entropy> who cares19:05 <@tflow> From HBGary?19:05 <@entropy> all they did was bitch at me19:05 <@entropy> no19:05 <@tflow> oh19:05 <@tflow> ufc19:05 <@entropy> i have a proxy on a host at work

back

trac

esec

urity

.com

19:05 <@entropy> i said someone used it to dl torrents19:05 <@entropy> ;)19:05 <@entropy> and ill remove it and im sorry19:05 <@entropy> etc19:05 <@entropy> yea from the last ufc19:05 <@entropy> 12619:05 <@tflow> The server is coming back up?19:05 <@entropy> like saturday19:05 <@entropy> no thats my work server19:05 <@tflow> ah19:05 <@entropy> the santrex i have no clue on19:06 <@entropy> since i hosted my own dns on them19:06 <@tflow> that's why they called you to work?19:06 <@entropy> for liek email and all19:06 <@entropy> yes19:06 <@tflow> bastards19:06 <@entropy> thats it19:06 <@entropy> THANK GOD19:06 <@tflow> what?19:06 <@entropy> i mean its not for anything else19:06 <&marduk> good to hear19:06 <@entropy> i know19:06 <&marduk> and wb entropy :)19:07 <@entropy> i was areested in 1994 for shit similar19:07 <@entropy> and id be fucked if it happens again19:07 <@Nessuno> for cp?19:07 <@entropy> was in jail for 3 motnhs19:07 <@entropy> pffft lol19:07 <@entropy> no for owing someguys box on efnet in #phrack for talking shit19:07 <@entropy> and it turned out he was in college19:07 <@entropy> and college pressed charges19:08 <@entropy> i was stupid though19:08 <@entropy> i was so parnoid before i went ot my work19:08 <@entropy> put a crimnail layer on mine and my girls speed dial19:08 <&marduk> ok but19:08 <&marduk> http://anonleaks.ru/ < still has teaser19:09 <@tflow> o19:09 <@tflow> wait19:09 <@entropy> well avunits box is up19:09 <@entropy> the dns 419:09 <@entropy> right?19:10 <@tflow> yes19:11 <@entropy> yea resolvs fin for me19:16 <@entropy> avunit didnt change the dns to be hosted on their own nic.ru i guess19:16 <@entropy> that would have meade it cme up instantly19:16 <@entropy> sorry i was os relived after i left my work i went to the bar19:16 <@entropy> a little lit now 19:17 <@entropy> avunit: change dns so the provider them selfs hosts dns and you can change it in 1 second

back

trac

esec

urity

.com

19:24 <@kayla> is there anyway to search gregs attatchemts?19:26 <@kayla> bah :/ none of the searchs work19:28 <&marduk> bertjwregeer Bert JW Regeer 19:28 <&marduk> @ 19:28 <&marduk> @AnonymousLeaks ns4 is also the only one responding to any DNS queries coming from Comcast's IP range.19:30 <&marduk> hmm19:30 <&marduk> not resolving anymore19:30 <&marduk> tflow: 19:30 <&marduk> ;; QUESTION SECTION:19:30 <&marduk> ;hbgary.anonleaks.ru. IN A19:30 <&marduk> 4.2.2.2 doesnt like that anymore :o19:30 <@tflow> :\19:42 <@kayla> i give in :/19:42 <@kayla> nothing works for me :/19:46 <&marduk> not resolving?19:46 <&marduk> or what exactly not?19:48 <@kayla> wont even load :/19:48 <@kayla> what are the IP?19:49 <&marduk> http://88.80.5.81/19:49 <@kayla> i dont care for dns :D19:49 <&marduk> works here19:49 <@tflow> dns is teh gay19:49 <@tflow> Internet phone numbers are better19:49 <&marduk> kayla: does that work?19:49 <@kayla> nah :/ 19:49 <@kayla> where is gregs mails?19:49 <@tflow> works here...19:49 <@kayla> i dont want to search all :/19:50 <@kayla> yes tht works19:50 <@kayla> but19:50 <&marduk> only search gregs?19:50 <@tflow> http://luxembourg.cryptoanarchy.org/greg_hbgary_com19:50 <@kayla> yes19:50 <@tflow> you can order by subject19:50 <@tflow> sender*19:50 <@tflow> or reciever19:50 <&marduk> and you can put him as sender or recipient19:50 <&marduk> better we dont have19:50 <&marduk> use the torrent19:50 <@kayla> is there anywhere to view all the attatchments?19:50 <&marduk> and grep elite regex19:51 <&marduk> probably best with the torrent19:51 <&marduk> import in thunderbird19:51 <&marduk> only display with attachment19:51 <&marduk> then search in those19:51 <@tflow> http://luxembourg.cryptoanarchy.org/greg_hbgary_com/attachments19:51 <&marduk> or you can wget those19:51 <&marduk> indeed :)

back

trac

esec

urity

.com

19:51 <@kayla> thanks <319:54 <@kayla> yes found it :D19:55 <@kayla> lots of stux files http://luxembourg.cryptoanarchy.org/greg_hbgary_com/attachments/2087.rar19:59 <&marduk> mhh20:34 <&marduk> http://hbgary.anonleaks.ru/aaron_hbgary_com/attachments/2730.PDF20:34 <&marduk> look at this20:36 -!- kayla [mysql3@fbi.gov] has quit [Quit: Lost terminal]20:39 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel20:39 -!- kayla [mysql3@fbi.gov] has joined #hq20:39 -!- mode/#hq [+o kayla] by HQBot20:39 <@kayla> :O20:39 <@kayla> what was http://hbgary.anonleaks.ru/aaron_hbgary_com/attachments/2730.PDF20:39 <@kayla> :s20:39 <@kayla> doesn't load for me20:40 <&marduk> use mirror url20:40 <&marduk> http://luxembourg.cryptoanarchy.org/aaron_hbgary_com/attachments/2730.PDF20:43 <@kayla> just screen caps :s?20:43 <&marduk> it gives quite some insights20:44 <&marduk> and penny fwd that to aaron, said "not sure we can publish that"20:45 <&marduk> but heh probably not spectacular for you20:45 <&marduk> i remember a mail about boston dynamic20:45 <&marduk> but cannot find it anymore20:46 <&marduk> search rather fails :/21:30 <@kayla> kk i better get some sleeps <3 21:30 <@kayla> ni ni guys :321:30 <@Topiary> Goodnight Trevor21:33 -!- kayla [mysql3@fbi.gov] has quit [Quit: Lost terminal]21:55 <&marduk> hmm21:55 <&marduk> telecomix server is down22:13 <&marduk> Sabu: have some news regarding gem22:36 <@Topiary> tflow, you here?22:36 <&marduk> i dont think so22:36 <@Topiary> what didst thou use to crack passes with for Aaron?22:36 <&marduk> ~Â3h idle22:36 <@Topiary> anyone know what was used for ze cracking?22:37 <&marduk> no i am only 90% sure that they were cracked22:37 <&marduk> neither sabu nur tflow awake22:37 <&marduk> need to wait for confirmation22:39 <@Topiary> indeed.22:41 <&marduk> oh but the lulz22:41 <&marduk> the epic lulz22:41 <&marduk> this is the fucking best operation there ever was22:41 <&marduk> we need moar of this shit!22:43 <@Topiary> This seriously rapes all other operations22:43 <@Topiary> just LOL22:43 <@Topiary> so much win22:46 <&marduk> telecomix dont be afraid of the authorities. they are only dangerous if ppl are afraid. their powers come from your obedience.

back

trac

esec

urity

.com

22:48 <&marduk> Topiary: grr22:48 <&marduk> you said you'D fwd22:48 <&marduk> i haz loginz by now22:48 <@Topiary> forward what?22:48 <&marduk> but... i dont want to login really22:48 <&marduk> comlaints!22:48 <&marduk> to case!22:48 <@Topiary> oh right22:48 <@Topiary> you should just log in to the email itself22:49 <&marduk> meh, i'm logged in as case usually22:49 <&marduk> for all stuff now22:49 <&marduk> i dont wanna mix22:49 <&marduk> i login to complaints when nobody alse is around etc22:51 <@Topiary> I can forward them if you want, you just wanted them for reading right?22:54 <&marduk> correct22:54 <&marduk> if you fwd any i know you read them 22:54 <&marduk> and answered if needed22:54 <&marduk> bcc me in replies plz, too22:55 <&marduk> avunit asked me to not login if not necessary22:55 <&marduk> gets too messy if too many ppl share email acc22:55 <&marduk> and i agree22:55 <&marduk> BUT I AM STILL CURIOUS!23:00 <@Topiary> Okay, will forward future ones then23:00 <&Sabu> hi all23:00 <&Sabu> I'm here23:02 <&Sabu> marduk you there23:02 <&Sabu> ?23:03 <&marduk> ohai sabu23:03 <&marduk> can you answer that23:03 <&marduk> 03:37 <@Topiary> what didst thou use to crack passes with for Aaron?23:03 <&marduk> 03:37 <&marduk> ~ 3h idle�23:03 <&marduk> 03:37 <@Topiary> anyone know what was used for ze cracking?23:03 <&marduk> also i have news about g3m23:04 <&Sabu> ok I'm here23:04 <&Sabu> 1) I used hashkiller.com for cracking hbgary md5s23:04 <&Sabu> 2) whats news? :D 23:04 <&marduk> okay, first g3m wasnt the original name, someone renamed it23:04 <@Topiary> hi Sabu, sorry about my quick departure yesterday23:05 <@Topiary> can we tell press that we used haskkiller.com?23:05 <&marduk> Sabu: and the original script is just a combination of some of these: http://packetstormsecurity.org/DoS/23:05 <&marduk> so far that is all i know, but i'm still on it23:06 <&marduk> Topiary: sorry already did :)23:06 <&Sabu> wait23:06 <&marduk> relayed no name tho23:06 <&Sabu> why would you tell press we used hashkiller.com ?23:06 <&Sabu> I dont see the point23:06 <&marduk> uhm why not?23:06 <&marduk> full disclosure

back

trac

esec

urity

.com

23:06 <&Sabu> honestly23:06 <&marduk> hmmm23:06 <&Sabu> you could have _just_ told them we used rainbow tables23:06 <&marduk> okay sorry, we have a misunderstanding here23:06 <&Sabu> all you'll do is bring bad press to hashkiller.com23:07 <&marduk> i thought we were clear on the full disclosure thing23:07 <&Sabu> hashkiller.com is just a search engine heh23:07 <&Sabu> it searches other md5 sites23:07 <@Topiary> Hm, do you still have the MD5s?23:07 <&Sabu> yeah23:07 <&marduk> i dont think it will bring bad press on them23:07 <@Topiary> can you give me one?23:07 <&marduk> this is so specific23:07 <&marduk> that only few people will understand23:08 <&marduk> and those know about these techniques anyway23:08 <&marduk> like Greg :x23:08 <&marduk> btw, we had weird probes on our mirrors23:08 <&marduk> but i will say no more on this in public23:09 <&Sabu> can you show me access logs on the mirrors?23:09 <&marduk> but .. tflow is very open with them23:09 <&Sabu> I want to see the probes23:09 <&Sabu> just don't do anything to get me fucking knocked lol23:09 <&marduk> i dont think i can read them23:09 <&marduk> you need to wait for evunit or entropy23:09 <&Sabu> for example my account @ hashkiller.com has my ip geniuses23:09 <&Sabu> if they get subpoenad23:09 <&Sabu> for my acct sabu23:09 <&Sabu> and I get busted23:09 <&Sabu> because you guys want to be full disclosure friendly23:10 <&Sabu> you'll feel like leet23:10 <&marduk> mm, okay, ill not say anything further without conferring with you23:11 <&marduk> but i really understood that you were willing to share any details because the hac in total was quite lame and old-fashioned23:11 <&Sabu> no I will tell you all23:11 <&Sabu> wait23:12 <&Sabu> forget it I'm tired23:12 <&Sabu> but I was going to say 23:12 <&marduk> i dont want to know all.. if i ask23:12 <&marduk> it is for a reason23:12 <&marduk> but i should have added that information23:12 <&Sabu> I actually loved this hack. it was mad exciting23:12 <&marduk> only tell me what i need to know :)23:12 <&Sabu> especially the social engineering23:13 <&Sabu> the thing is23:13 <&Sabu> you guys were here with me23:13 <&Sabu> technically you know everything23:13 <&marduk> yes, but still.. need to know bas eapplies23:13 <&marduk> or not?23:13 <&marduk> we gave the press all the gory details before

back

trac

esec

urity

.com

23:13 <&marduk> and it was lulzy23:13 <&marduk> cause some really got it right23:13 <&Sabu> the shit is -- yeah23:13 <&marduk> and everybody laughs at HBGary now23:14 <&marduk> so when i asked (and topiary) what you used to crack.. well..23:14 <&Sabu> the thing I liked was the reference to the libc $OROGIN attack23:14 <&Sabu> I think I saw that on techdirt23:14 <&marduk> tech herald was first23:14 <&marduk> he got it wrong tho the first time23:14 <&marduk> wrong target23:14 <&marduk> but corrected23:14 <&marduk> Steve3D is our man :)23:14 <&Sabu> yeah23:14 <&Sabu> I used $origin attack on support.hbgary.com23:15 <&Sabu> and rootkit.com was social engineering23:15 <&marduk> yeah he had it for rootkit.com23:15 <&Sabu> yup23:15 <&marduk> which made no sense since jussi told you the root pw :323:15 <&marduk> i mean kayla (=23:16 <&Sabu> ;)23:16 <&Sabu> has anyone mocked nokia's security for the social engineering? I mean thats got to be embarrasing23:17 <&marduk> what does that title mean?23:18 <&marduk> question is, is he really working as admin for nokia now?23:18 <&marduk> okay sabu i have him in pm now23:18 <&marduk> 04:18 <DrPizza> hrm how would you feel if I said something like "the hackers used a rainbow table cracking tool such as RainbowCrack project and online services like hashkiller"23:18 <&marduk> 04:19 <DrPizza> so that there's enough information that people can take a look at the tech themselves if they are suitably interested23:25 <&Sabu> yeah23:25 <&Sabu> thats fine23:25 <&Sabu> like I said the only reason I dont want hashkiller.com in the article is because I have an actual acct in it23:25 <&Sabu> so my ip gets exposed23:25 <&Sabu> not good23:26 <&Sabu> I wanna own right now23:27 <&marduk> ill bring him away from that23:27 <&marduk> he won't mention hashkiller23:28 <&marduk> yup and we cant be careful enough23:28 <&marduk> we shluldnt leak anymore info23:28 <&marduk> and next hax.. yes more quietly23:29 <&marduk> also not telling the press everything.. its enough they got the "full story" once23:29 <&marduk> AND THAT WAS FUCKING HILARIOUS23:29 <&marduk> WE ALL LOVE THE BEST OP EVER <323:29 <&marduk> Sabu: do you know Boston Dynamics?23:30 <&marduk> they buid these kickass autonome robots23:55 <&marduk> oh please23:55 <&marduk> please23:55 <&marduk> heihachi

back

trac

esec

urity

.com

23:55 <&marduk> we rely on triumph and vlad now23:55 <&marduk> if those go down23:55 <&marduk> we only have telecomix left23:55 <&marduk> we need more mirrors23:55 <&marduk> anonleas.ru .. will not work again23:56 <&marduk> k23:59 <&marduk> Sabu: ?23:59 <&marduk> 04:57 <%DrPizza> Topiary: do you know, was phil's e-mail taken due to a password crack, or was it downloaded after the passwords got reset?23:59 <&marduk> 04:57 <%DrPizza> same question to ra if you know--- Day changed Mon Feb 14 201100:00 <&marduk> (ars.technica)00:59 <&Sabu> hi guys00:59 <&Sabu> sorry was afk playi9ng call of duty01:00 <&Sabu> ok01:00 <&Sabu> phil got owned because I reset his admin account01:01 <&Sabu> ok the two that were cracked via md5 = ted vera, aqaron barr01:01 <&Sabu> the ones whose passwords I reset = greg and phil01:01 <&Sabu> phils emails = juicy01:02 <@Laurelai> hello01:02 <@Laurelai> https://github.com/Laurelai/decompile-dump01:02 <@Laurelai> 71 watching and 15 forks01:07 <&marduk> Sabu: that is okay to tell to press?01:08 <&marduk> yeah and heh01:08 <&marduk> phil.. nobody really looked at them yet01:08 <&marduk> most focussed on aaron and greg01:46 <&Sabu> trust me dude01:46 <&Sabu> look @ phil01:46 <&Sabu> he has MAAAAAAAAD INFO regarding govt 01:47 <&marduk> oh this01:47 <&Sabu> in fact as i recall i was astonidhed that he had his imap folders organized by government or company01:47 <&Sabu> astonished01:47 <&marduk> well01:47 <&marduk> we can be happy01:47 <&marduk> TIP OF THE ICEBERG01:47 <&marduk> treasure and lulz to come01:47 <&Sabu> why whqtw up?01:47 <&marduk> Sabu: Boston Dynamics01:47 <&Sabu> we owned them?01:48 <&marduk> no01:48 <&marduk> that would be an euphenism01:48 <&Sabu> aRF01:48 <&marduk> we buttfucked them severely01:48 <&Sabu> haha how brotato01:48 <&marduk> uh these 70k mails.. as you said01:48 <&marduk> nobody looked into phil01:48 <&marduk> but wo dont need to bother anymore01:48 <&Sabu> ya phils a goldmind

back

trac

esec

urity

.com

01:49 <&marduk> unless gathering intel01:49 <&marduk> look for boston dynamics01:49 <&marduk> i KNOW there was comm01:49 <&marduk> but i cant find it anymore02:14 <&Sabu> back02:14 <&Sabu> fucking bored02:15 <&marduk> mhh02:15 <&marduk> we need intel02:15 <&marduk> so you are not bored02:15 <&Sabu> what does mhh mean bro?02:15 <&marduk> we need to social engineer into boston dynamics02:16 <&Sabu> I'll work on it02:16 <&marduk> http://www.youtube.com/watch?v=mpBG-nSRcrQ02:16 <&marduk> that shit they do02:16 <&marduk> and even MUCH more vicious things02:16 <&marduk> their obvious shit will be WELL protected02:17 <&marduk> but i think in hbgaryleaks are hints02:17 <&Sabu> oh I've seen this before02:17 <&Sabu> so why are we attacknig them?02:17 <&marduk> they do drones for gov02:17 <&marduk> because02:17 <&marduk> if we could get any info from there02:17 <&marduk> we would uncover stuff02:17 <&marduk> that we can't imagine02:18 <&marduk> how many years you think it is02:18 <&marduk> that these are armed and patrolling the streets?02:18 <&marduk> seriously?02:19 <&Sabu> ok I'm going to begin researching their servers02:19 <&Sabu> give me a few02:20 <&marduk> mhh i need to dig myself02:20 <&marduk> because02:20 <&marduk> obvious shit is honeynet02:21 <&marduk> that is really high interest target.. for like chinese evildoers/gov02:21 <&marduk> but with hbgary treaure trove02:21 <&marduk> we may get an angle via social engineering02:23 <&Sabu> true02:23 <&Sabu> so whats status with anonleaks.ru?02:23 <&marduk> good question02:23 <&marduk> n0pants .. is a person who knows about that02:23 <&marduk> was some commfuck again02:23 <&marduk> i think he should be here02:24 <&marduk> he's in comm with lexi/laurelai and doing the luxemburg/telecomix mirror02:24 <&Sabu> please setup access logs running on those boxes/mirrors. I want to analyze any http attacks02:24 <&Sabu> I think we should also have some sniffer on the boxes to detect any scanning02:24 <&Sabu> I also want to see who is attacking the sites02:25 <&marduk> Sabu: can i invite n0pants?02:25 <&marduk> it makes no sense otherwise02:25 <&marduk> he's on the telecomix side

back

trac

esec

urity

.com

02:25 <&marduk> working on the dns stuff and domains with us all day02:25 <&marduk> and due to some commfuck.. anonleaks.ru .. was clusterfuck02:26 <&marduk> http://luxembourg.cryptoanarchy.org/02:26 <&marduk> this one02:27 <&Sabu> wait, what happned to anonleaks.ru ? we lost the domain or?02:27 <&marduk> no02:27 <&marduk> afaik02:28 <&marduk> it'S only NS fuckup02:28 <&marduk> entropy's VPS got suspended02:28 <&marduk> 3/4 NS02:28 <&marduk> but unrelated02:28 <&marduk> no panic02:28 <&marduk> all good02:28 <&marduk> and ns4 .. is clusterfuck?02:28 <&marduk> sometimesworks, sometimes doesnt02:29 <&marduk> Non-authoritative answer:02:29 <&marduk> Name: anonleaks.ru02:29 <&marduk> Address: 92.241.162.21602:29 <&marduk> works for me02:30 <&marduk> nameserver 194.95.202.19802:30 <&marduk> Sabu: SO CAN I PLZ GET ACK TO INVITE NOPANTS!02:31 <@Laurelai> http://crowdleaks.org/hbgary-inc-working-on-secret-rootkit-project-codename-magenta/02:47 <&marduk> well, we'll sort it out with tflow and Avunit when they are back03:02 <@tflow> I registered + setup afraid.org dns03:02 <@tflow> will hate to wait for avunit though03:04 <&marduk> ohai tflow 03:05 <&marduk> argument with n0pants, now sorted?03:05 <&marduk> do we have reason to be wary of him?03:07 <&marduk> also03:07 <&marduk> soserious03:07 <&marduk> is online on anonops03:07 <&marduk> he can/wants to mirror i think03:08 <&marduk> and regarding n0pants, he complained about total clusterfuck regarding anonleaks.ru03:25 <@Topiary> I'll be back later this afternoon (6-8 hours), thanks Anons for making this shitstorm of awesome happen03:25 -!- Topiary [topiary@do.the.impossible] has quit [Quit: AFK]03:29 <&marduk> http://www.thetechherald.com/article.php/201106/6811/RSAC-2011-Inside-the-talk-that-started-a-war-with-Anonymous?page=203:29 <&marduk> a real beauty03:29 <&marduk> eh03:29 <&marduk> pro tip: start on page 103:37 <&marduk> tflow: ?03:37 <&marduk> let's close #ophbgary and move all to #anonleaks03:37 <&marduk> redirect03:37 <&marduk> no use of two chans03:40 <&marduk> wow04:07 <&marduk> tell me

back

trac

esec

urity

.com

04:08 <&marduk> is it only me.. or is vlad/triumph amazingly fast and stable since the mirrors are there?04:48 <~Avunit> hey lovelies04:48 <~Avunit> are we still running on only one nameserver?04:51 <&marduk> ohai Avunit 04:51 <&marduk> yes04:51 <&marduk> i think04:51 <&marduk> but04:51 <&marduk> working04:51 <&marduk> domain is up04:51 <&marduk> and all three mirrors working and fast04:51 <&marduk> twitter is buzzing like mad04:52 <&marduk> we WonAmrk04:54 <~Avunit> lol and my nameserver still hasnt been ddosed?04:55 <~Avunit> godfucking A for tackle04:55 <&marduk> i think04:55 <&marduk> really04:55 <&marduk> since we have that shit up04:55 <&marduk> triumph+vlad+tackle are AMAZINGLY stable04:55 <&marduk> i believe 04:55 <&marduk> we are accepted now :p04:56 <~Avunit> well triumph was always kinda stable compared to tackle04:56 <~Avunit> but yay for tackle04:56 <&marduk> in heihachi terms, it's all relative04:56 <&marduk> but really04:56 <&marduk> all good04:56 <&marduk> except the bisted VPS04:56 <&marduk> but thats unrelated04:56 <&marduk> so all good04:56 <~Avunit> they work good under pressure :p04:57 <&marduk> so anonleaks.ru takes a few secs to resolve04:57 <&marduk> but all others are shitfast04:58 <~Avunit> where is anonleaks.ru hosted then?04:59 <&marduk> you ask me? 04:59 <&marduk> i dont know anythig, i'm just a janitor :p05:00 <~Avunit> lol05:00 <~Avunit> it loaded and redirected just fine for me05:01 <&marduk> as i said05:01 <&marduk> we rock05:01 <&marduk> <305:01 <&marduk> it's well spread too05:01 <~Avunit> oh crap gotta throw afraid.org in the pool too05:01 <&marduk> press will feast today05:01 <~Avunit> thats kinda hard from my phone :p05:02 <~Avunit> ill try05:02 <&marduk> oh also05:02 <&marduk> close ophbgary05:02 <&marduk> move them to #anonlekds05:02 <&marduk> eh

back

trac

esec

urity

.com

05:02 <&marduk> you know :)05:02 <~Avunit> where? on anonops?05:03 <&marduk> yes05:03 <&marduk> ophbgary is done05:03 <~Avunit> my phone will die if i log into that bnc05:03 <&marduk> move them ALL to #anonleaks05:03 <&marduk> gimme owner05:03 <&marduk> ill do it subtle05:03 <~Avunit> I cant log into that bnc05:03 <~Avunit> too many channels05:03 <&marduk> meh. when you can then 05:04 <&marduk> need both chans combined in one asap05:04 <~Avunit> im in college right now so yeah05:05 <&marduk> should think about this next time then05:05 <&marduk> but #anonleaks #ophbgary .. is useless05:05 <~Avunit> ill sort things out asap05:06 <~Avunit> or bug tflow if hes faster than me05:06 <&marduk> ah tflow was owner, right.05:06 <&marduk> hm05:08 <&marduk> http://conanthedestroyer.net/2011/02/14/the-true-origins-of-malware-dna/05:08 <~Avunit> so will we make int. television news? :p05:09 <&marduk> uh yes05:12 <~Avunit> lulz05:12 <~Avunit> ill await the news report on tv05:13 <&marduk> give it a weel tho05:13 <&marduk> week05:13 <&marduk> hm05:13 <&marduk> need a nagios05:13 <&marduk> or similar05:13 <&marduk> wanna know what mirrors are up :p05:15 <~Avunit> im srsly tired05:15 <~Avunit> had to get up early n shit05:15 <~Avunit> physics now05:16 <&marduk> well, you can05:16 <&marduk> it works05:16 <&marduk> and we the people, silent no more.05:17 <~Avunit> blegh05:18 <&marduk> moar propaganda!05:19 <~Avunit> wish i could sleep through this05:22 <&marduk> mhh05:22 <~Avunit> so much to do05:22 <&marduk> just do what's best05:22 <~Avunit> if tackle gets ddosed now we're pwnd05:24 <~Avunit> i need a vpn on my phone05:28 <&marduk> i think05:28 <&marduk> they will be stable now05:28 <&marduk> i have a feeling05:31 <~Avunit> i hope so05:31 <~Avunit> ive been stressed enough yesterday

back

trac

esec

urity

.com

05:31 <&marduk> i liked my one tweet05:32 <~Avunit> which one?05:32 <&marduk> http://twitter.com/#!/AnonymousIRC/status/3703256883869286405:32 <~Avunit> i no can click :p05:32 <&marduk> #HBGary: Do you think you played with amateurs? Oh, wait, we are. That makes you... beginners? Protecting the #USA from hackers? #AnonLeaks05:32 <~Avunit> oh yeah saw that one05:33 <~Avunit> we r be pro05:33 <&marduk> it was HBGary that wanted to set a new bar heh05:35 <~Avunit> a new barr*05:35 <&marduk> lol!05:36 <&marduk> much meme potential05:36 <~Avunit> need a quote bot now05:36 <&marduk> !invite Effecor05:36 <&marduk> ah damn05:36 <~Avunit> remind me to install a quote module05:36 <~Avunit> into HQBot05:37 <&marduk> will try05:37 <~Avunit> and copy that quote :p05:38 <&marduk> saved05:39 <~Avunit> good boy05:41 <&marduk> thinking about some high jump 05:41 <&marduk> with his pic05:41 <&marduk> a new barr05:42 <&marduk> the barrrrr must be low05:42 <~Avunit> lol05:42 <~Avunit> do et05:42 <&marduk> i cant05:42 <&marduk> i only have ideas05:42 <&marduk> also05:42 <&marduk> So long, and thanks for all the lulz! #RIP #HPGary #AnonLeaks05:42 <~Avunit> who tweeted that?05:43 <&marduk> me05:43 <~Avunit> ah k05:43 <&marduk> what a question :)05:43 <&marduk> well actually05:43 <&marduk> i corrected that05:43 <&marduk> it was an accidental adams reference05:43 <&marduk> i corrected some word05:43 <&marduk> twitter is weird05:44 <~Avunit> Just a small gov CEO05:44 <&marduk> @NewtonMark: Oh god this is too good. "Malware DNA" inventor uses leaked HBGary email to allege theft of his work: http://arseh.at/47k /via @bernardkeane05:44 <~Avunit> From a Washington town05:45 <~Avunit> lalala05:45 <~Avunit> This is on Triumph05:45 <~Avunit> I'm making a leak here:05:45 <~Avunit> huge success05:46 <~Avunit> it's hard to overstate my satisfaction

back

trac

esec

urity

.com

05:47 <~Avunit> AnonLeaks science05:47 <~Avunit> we leak what we must05:47 <~Avunit> because we can05:47 <~Avunit> for the good of all of us05:47 <~Avunit> apart from the ones that are lieing05:47 <&marduk> let's stay on earth tho05:48 <&marduk> we may really make a difference05:48 <~Avunit> im just singing a nais song :(05:48 <&marduk> oh lol05:49 <~Avunit> but theres no such crying over every mistake05:49 <~Avunit> we just keep on trying till we run out of leaks05:49 <~Avunit> and the leaking gets done05:49 <~Avunit> and we make a neat site05:49 <~Avunit> for the people who see the truth05:49 <~Avunit> lalala05:50 <~Avunit> go ahead and blame us05:50 <~Avunit> i think we prefer to stay inside07:07 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel07:07 -!- Topiary [topiary@do.the.impossible] has joined #hq07:07 -!- mode/#hq [+o Topiary] by HQBot09:44 <@entropy> i have to clean my house09:45 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Quit: Leaving]11:23 -!- marduk [marduk@eridu.sumer] has quit [Quit: excuse me?]11:27 -!- marduk [marduk@eridu.sumer] has joined #hq11:27 -!- mode/#hq [+ao marduk marduk] by HQBot11:48 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @Topiary11:51 -!- Netsplit over, joins: &marduk, @Topiary12:02 <~Avunit> tflow12:03 <@Topiary> Avunit: http://twitter.com/#!/dstufft/status/3718151996964864012:03 <@Topiary> fake, right?12:04 <~Avunit> Nope.12:04 <@Topiary> wat12:04 <~Avunit> Well the hacker and ddoser part isnt right.12:04 <~Avunit> But it sure is my name12:04 <&marduk> problem, officer?12:04 <@Topiary> Avunit: is this bad?12:04 <~Avunit> not quite spelled right12:04 <~Avunit> lulz not really12:04 <~Avunit> i can easily be tracked down12:05 <~Avunit> through my servers12:05 <@Topiary> stay safe.12:05 <&marduk> well, i dont care. Avunit knows why12:05 <&marduk> but yeah12:05 <&marduk> hell12:05 <&marduk> stay safe12:06 <~Avunit> not much i can do about it ;) my personal servers were in12:06 <&marduk> and hm i will stay a bit lower in anonops12:06 <&marduk> strange things happening there12:07 <&marduk> i'm Don

back

trac

esec

urity

.com

12:07 <&marduk> i think some ppl might chat me up12:07 <&marduk> after a while12:08 <&marduk> i hope12:09 <~Avunit> If you want to protect me: feel free to throw in miscommunication about my identity12:09 <~Avunit> but I am not denying it, simply because I knew I'd be traceable12:09 <~Avunit> So thats up to you guys12:09 <~Avunit> I cannot change who I am :p12:10 <&marduk> Avunit: you're definitely from michigan12:10 <&marduk> aaron gave me training12:10 <~Avunit> Like I said, feel free to make up a fake identity for me; id love you guys for it, but I am who I am, and I am not going to lie about that n shit :P12:10 <&marduk> on how to pinpint you down12:10 <&marduk> Michigan.12:10 <&marduk> Definitely.12:11 <~Avunit> Well go on I'd say.12:11 <&marduk> Lansing, i think.12:11 <&marduk> desolate city12:11 <~Avunit> But I wouldnt be to explicit because thatd be obvious troll xD12:11 <&marduk> 20%+ unemplyment rate12:11 <&marduk> me dont care12:11 <~Avunit> well it wouldnt quite help me if you tweet it12:12 <~Avunit> with all your followers12:12 <~Avunit> and its obvious troll :p12:12 <&marduk> i really worry more about all of you than me12:12 <~Avunit> Yeah but if you with all your followers tweet somethign obvious troll12:12 <~Avunit> then its obvious12:12 <~Avunit> that he's right :p12:14 <&marduk> well, i jdhhf12:14 <&marduk> laaag12:14 <&marduk> oacjet losss12:14 <&marduk> dddos12:14 -!- x [x@netadmin.operationfreedom.ru] has joined #hq12:14 < x> really12:14 -!- mode/#hq [+ao x x] by HQBot12:14 <&x> triumph is baaad12:15 <&x> ddos?12:15 <~Avunit> iunno12:16 <~Avunit> lemme check12:16 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @Topiary12:16 <~Avunit> so far tackle12:16 <&x> nod12:16 <&x> feels funny12:17 <~Avunit> Anyway if youw ant to save the Avunit; please do :P12:17 <&x> hm, how? best by ignore?12:17 <~Avunit> iunno something subtle12:18 <~Avunit> hinting towards another identity, iunno12:18 <&x> what was the tweet again?12:18 <~Avunit> http://twitter.com/#!/dstufft/status/37181519969648640

back

trac

esec

urity

.com

12:20 -!- Netsplit over, joins: &marduk, @Topiary12:21 <&x> http://twitter.com/#!/AnonymousIRC/status/3719968308030668812:22 <~Avunit> i lold12:22 <~Avunit> thanks love12:22 <&x> we just play theweapons we have12:27 -!- x [x@netadmin.operationfreedom.ru] has left #hq []12:28 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @Topiary12:33 <~Avunit> !staff12:37 -!- case [case@tessier-ashpool.org] has joined #hq12:38 -!- mode/#hq [+ao case case] by HQBot12:41 -!- Netsplit trust.operationfreedom.ru <-> private.operationfreedom.ru quits: @case12:41 -!- Netsplit over, joins: &case12:45 -!- Netsplit over, joins: &marduk, @Topiary12:52 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @Topiary12:55 -!- Netsplit over, joins: &marduk, @Topiary13:22 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @Topiary13:30 -!- Netsplit over, joins: &marduk, @Topiary14:10 !twisted.operationfreedom.ru *** HQBot invited entropy into the channel14:10 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has joined #hq14:10 -!- mode/#hq [+o entropy] by HQBot14:10 <@entropy> yo14:10 <@entropy> im not doing shit for awhile14:10 <@entropy> i think santrex gave my info out14:10 <@entropy> they reset all the vps to default14:11 <@entropy> but i didnt get any notice caus my mail dns was hosted by the boxes they took down14:11 <@entropy> im guessing its tos14:11 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Quit: Leaving]14:14 <@Nessuno> whats so happen?15:11 -!- Topiary [topiary@do.the.impossible] has quit [Ping timeout: 121 seconds]16:05 <~Avunit> marduk or tflow16:05 <~Avunit> i need one of you16:58 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel16:58 -!- Topiary [topiary@do.the.impossible] has joined #hq16:58 -!- mode/#hq [+o Topiary] by HQBot18:03 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @Topiary18:06 -!- Netsplit over, joins: &marduk18:09 -!- Netsplit private.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @case18:10 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk18:11 -!- Netsplit over, joins: &marduk18:12 -!- Netsplit over, joins: &case18:24 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk18:31 -!- Netsplit over, joins: &marduk18:33 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk18:46 -!- Netsplit over, joins: &marduk18:52 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk19:05 -!- Netsplit over, joins: &marduk

back

trac

esec

urity

.com

19:11 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk19:16 -!- Netsplit over, joins: &marduk19:20 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk19:25 -!- Netsplit over, joins: &marduk19:33 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk19:35 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Ping timeout: 121 seconds]19:36 -!- Netsplit over, joins: &marduk19:36 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel19:36 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq19:36 -!- mode/#hq [+o tflow] by HQBot19:38 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk19:42 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Ping timeout: 121 seconds]19:44 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel19:45 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq19:45 -!- mode/#hq [+o tflow] by HQBot19:46 -!- Netsplit over, joins: &marduk19:50 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk19:52 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Ping timeout: 121 seconds]19:53 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel19:56 -!- Netsplit over, joins: &marduk19:56 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq19:56 -!- mode/#hq [+o tflow] by HQBot20:04 -!- Netsplit private.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @case20:07 -!- Netsplit over, joins: &case20:08 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel20:08 -!- Topiary [topiary@do.the.impossible] has joined #hq20:08 -!- mode/#hq [+o Topiary] by HQBot20:10 -!- Netsplit private.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @Topiary20:10 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @case20:11 -!- Netsplit over, joins: &marduk, @Topiary20:11 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Ping timeout: 121 seconds]20:12 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel20:12 -!- Netsplit over, joins: &case20:12 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq20:12 -!- mode/#hq [+o tflow] by HQBot23:16 <&Sabu> hello23:16 <&Sabu> who the fuck is here23:17 <&Sabu> what the fuck is going on23:54 -!- Topiary [topiary@do.the.impossible] has quit [Ping timeout: 121 seconds]--- Day changed Tue Feb 15 201100:43 <&Sabu> y0h01:42 <@Laurelai> hi01:43 <@Laurelai> http://sprunge.us/hGQF01:43 <@Laurelai> iran vulns01:43 <@Laurelai> you didnt get those from me01:43 -!- Irssi: #hq: Total of 8 nicks [7 ops, 0 halfops, 0 voices, 1 normal]02:30 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Server shutdown]02:30 -!- Nessuno [fag@fag.fag] has quit [Server shutdown]

back

trac

esec

urity

.com

--- Log closed Tue Feb 15 02:30:05 2011--- Log opened Tue Feb 15 23:57:07 201123:57 -!- Laurelai [Laurelai@HA-32m.bhl.uq5i3t.IP] has joined #hq23:57 -!- Irssi: #hq: Total of 8 nicks [2 ops, 0 halfops, 0 voices, 6 normal]23:57 -!- mode/#hq [+o Laurelai] by HQBot23:57 -!- Irssi: Join to #hq was synced in 0 secs23:57 <&Sabu> we need to see his logs for user infinite23:57 <@Laurelai> http://typewith.me/FszF0irIsM23:57 <&armitage> Sabu: you have the screenshot again he posted?23:58 <&Sabu> armitage: no sir23:58 <&armitage> meh.. ok i should find it23:58 <&Sabu> Laurelai: I will check it out. is there a team working on .gov.ir penetration or is it all just random?23:59 <&armitage> Sabu: it was infinity? or infiniti?23:59 <&Sabu> infinite23:59 <&armitage> i think the former23:59 <&armitage> infinite?23:59 <&armitage> oh kay23:59 <&Sabu> yp23:59 <&Sabu> Infinite was his nick23:59 <&Sabu> once we have his ident@ip/hostmask we can tell admins on both anonnet and anonops to be on the look out--- Day changed Wed Feb 16 201100:00 <&Sabu> for said/similar ident@hostmask/nick00:00 <&Sabu> clearly the nigg3r is social engineering people00:00 <@Laurelai> Sabu: yes i have a team woriking on stuff like this00:00 <@Laurelai> they gather vulns and info for anon00:00 <@Laurelai> and ask me to deliver them to you00:00 <&Sabu> ok great00:00 <&Sabu> I'll begin working on targets then00:01 <&Sabu> can you bring them to this network for private chats with me? I want some realtime coordination.00:01 <@Laurelai> id like to but they wont00:01 <&Sabu> I see00:02 <@Laurelai> they kind of do their own thing and just are passing things that might be usefull because they like me00:02 * Sabu shrugs00:02 <&Sabu> my irc sqli bot finds them for me with minimal time wasted00:02 <&Sabu> got to set it up in a few anyway00:02 <&armitage> Sabu: btw, private pad?00:03 <&Sabu> yes I will work on it now actually00:03 <&Sabu> thanks for reminding me my brother00:04 -!- Irssi: #hq: Total of 8 nicks [3 ops, 0 halfops, 0 voices, 5 normal]00:06 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: armitage00:07 -!- Netsplit over, joins: &armitage00:45 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: marduk, @tflow00:46 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @armitage00:47 -!- Netsplit over, joins: &armitage00:50 -!- Netsplit over, joins: @tflow, &marduk

back

trac

esec

urity

.com

00:50 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @tflow00:55 -!- Netsplit over, joins: @tflow, &marduk00:55 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @marduk, @tflow01:00 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @armitage01:02 -!- Netsplit over, joins: &armitage01:05 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @armitage01:07 -!- Netsplit over, joins: &armitage01:10 -!- Netsplit over, joins: &marduk, @tflow01:10 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru, triumph.operationfreedom.ru quits: @marduk, @armitage, @tflow01:12 -!- Netsplit over, joins: &armitage01:15 -!- Netsplit over, joins: &marduk, @tflow01:41 <@Laurelai> hi01:41 -!- Irssi: #hq: Total of 8 nicks [5 ops, 0 halfops, 0 voices, 3 normal]01:44 <@Laurelai> hey Sabu 02:43 <@Laurelai> anyone here02:44 <@Laurelai> http://static.arstechnica.com/02-14-2011/o-day-exploits.jpg02:44 <@Laurelai> what happened to the 0 days they had08:44 -!- armitage [armitage@freeside.tessier-ashpool.org] has quit [Quit: leaving]08:48 -!- armitage [armitage@netadmin.operationfreedom.ru] has joined #hq08:48 < armitage> mhh tflow ?08:56 -!- armitage is now known as foo08:56 -!- foo is now known as armitage08:56 -!- armitage [armitage@netadmin.operationfreedom.ru] has quit [Changing host]08:56 -!- armitage [armitage@freeside.tessier-ashpool.org] has joined #hq09:51 < armitage> [15:47] <l0calh0stTN> http://cbl.gov.ly/en/home/details.php?id=675%2709:51 < armitage> [15:47] <l0calh0stTN> a sqli on thier central bank10:07 < armitage> Sabu.10:29 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @marduk, armitage, @tflow10:30 -!- Netsplit over, joins: @tflow, &marduk10:38 -!- marduk is now known as armitage10:39 -!- armitage is now known as foo10:39 -!- foo is now known as armitage10:39 -!- armitage [marduk@eridu.sumer] has quit [Changing ident]10:39 -!- armitage [armitage@eridu.sumer] has joined #hq10:39 -!- ServerMode/#hq [+ao armitage armitage] by isla.operationfreedom.ru10:39 -!- armitage [armitage@eridu.sumer] has quit [Changing host]10:39 -!- armitage [armitage@freeside.tessier-ashpool.org] has joined #hq10:39 -!- ServerMode/#hq [+ao armitage armitage] by isla.operationfreedom.ru11:01 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @armitage, @tflow11:05 -!- Netsplit over, joins: &armitage11:27 !isla.operationfreedom.ru *** HQBot invited tflow into the channel11:27 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq11:27 -!- mode/#hq [+o tflow] by HQBot13:06 -!- armitage is now known as marduk13:06 -!- marduk is now known as bla-13:06 -!- bla- is now known as marduk13:06 -!- marduk [armitage@freeside.tessier-ashpool.org] has quit [Changing ident]

back

trac

esec

urity

.com

13:06 -!- marduk [marduk@freeside.tessier-ashpool.org] has joined #hq13:06 -!- ServerMode/#hq [+ao marduk marduk] by isla.operationfreedom.ru13:06 -!- marduk [marduk@freeside.tessier-ashpool.org] has quit [Changing host]13:06 -!- marduk [marduk@eridu.sumer] has joined #hq13:06 -!- ServerMode/#hq [+ao marduk marduk] by isla.operationfreedom.ru13:09 -!- armitage [armitage@freeside.tessier-ashpool.org] has joined #hq13:17 <~Avunit> You need a new domain.13:18 < armitage> we are perfectly aware13:18 < armitage> hi avunit .. good to see you.13:18 <~Avunit> I'd start working on it, safe domain and raise a little fund for it.13:18 <~Avunit> See the twitter, you get heaps of attention13:18 < armitage> we are already on that13:19 <~Avunit> but the infrastructure is rubbish13:19 <@tflow> Money isn't a problem atm13:19 <~Avunit> Nor is not network a network without the operationfreedom.ru domani13:19 <@tflow> The problem is finding a good bulletproof registrar13:19 <~Avunit> tflow: then i'd advise getting a few deds xD13:20 <@tflow> well.. not that much money :P13:20 <@tflow> we have money to buy a new domain13:20 < armitage> or several13:20 <~Avunit> Yeah but srs, apart form the domain you gotta work on thea ctual servers too.13:20 <@tflow> but we need to find a good registrar that does not bow down to dmcas13:20 <@tflow> yeah i know13:20 < armitage> people will mirror too13:21 <@tflow> but anonleaks.ru is about to die, so that's currently a high priority13:21 < armitage> still need stable domain13:21 <~Avunit> nameservers i prefer to keep yourself, especially since the bot might be convenient too13:21 <@tflow> well i'm trying to setup some secondary dns providers13:21 <@tflow> like twisted4life.com13:21 < armitage> hmm for a NS we can buy a VPS?13:22 <~Avunit> yup13:22 <@tflow> but i'm still waiting for them to update their zone13:22 < armitage> i have €65 to burn.13:22 <~Avunit> id get a primary, well primary is on tackle atm13:22 <~Avunit> and a few backup primaries13:22 <~Avunit> the rest can all be13:22 <~Avunit> free hsots13:23 <~Avunit> anyway if you want to keep anonleaks.ru you have to contact auction@nic.ru anyway13:24 <~Avunit> (which migth probably take a while)13:25 < armitage> should i just write to them from mah hushmail and ask what happened?13:25 <~Avunit> thatll only cost you time since they reverted ownership already13:26 <~Avunit> so best is to get another tld13:26 <~Avunit> How are the funds available? psc/ukash?13:26 < armitage> ye, we are.. working on that 13:27 < armitage> but not sure what registrar13:27 < armitage> i haz paysafe again13:27 <~Avunit> im checking out tlds13:27 <~Avunit> Get some fundraising done.

back

trac

esec

urity

.com

13:27 <~Avunit> The attention is maximum13:27 <~Avunit> even if we survive this month the bills will come after that :P13:28 < armitage> absolutely13:28 <~Avunit> and we're on all low end systems atm, that doesnt matter but it means that if we lose one of the boxes with the few we have13:28 < armitage> Avunit, if you tell me a stable nic/tld that accepts paysafe.... ill do it.13:28 <~Avunit> we're hurt badly13:28 < armitage> tho also we might get a vps at 2x4?13:28 <~Avunit> im working on et13:31 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.CO $10.99 13:31 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.COM $8.99 13:31 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.ORG $8.82 13:31 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.NET $7.99 13:31 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.PL $39.20 13:31 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.RU $35.10 13:31 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.SG $44.85 13:31 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.TW $37.7013:32 <~Avunit> org, net, com and ru are biddings13:32 <~Avunit> .sg anyone?13:33 < armitage> expensive...13:33 <~Avunit> tis not like we have much choice13:33 <~Avunit> unless you want .co13:33 < armitage> just hearing13:33 <~Avunit> or any EU or America TLD13:34 < armitage> .cn13:34 < armitage> 60/yeark13:34 <~Avunit> lemme see13:34 < armitage> :p13:34 < armitage> and haha CN registrar will not pull hbgary mails13:34 < armitage> i am very sure lol13:34 <~Avunit> isnt available at this bulletproof registar though13:35 <~Avunit> wait13:35 <~Avunit> i know a bulletproof13:35 <~Avunit> cn one13:36 <~Avunit> some chinese hosts work very much with anti-stuff13:36 < armitage> yes13:36 < armitage> just got an offer13:36 < armitage> 60/year13:36 < armitage> not cheap13:36 < armitage> but heh13:36 < armitage> anonleaks.cn sounds kinda awesome13:36 <~Avunit> anonleaks.cn UnAvailable13:36 < armitage> meh :(13:36 < armitage> someone was faster13:37 <@tflow> no13:37 <@tflow> anonleaks.cn is not registered13:37 <~Avunit> does china13:37 <~Avunit> even allow13:37 <~Avunit> tlds to be regged?

back

trac

esec

urity

.com

13:37 < armitage> ye but available thru heihachi?13:37 <@tflow> http://whois.domaintools.com/anonleaks.cn13:37 <~Avunit> not on second elvel?13:37 < armitage> anonleaks.bla.cn would still be fine 13:38 <@tflow> http://qq.cn/13:38 <~Avunit> lemme check another chinese bulletproof prob13:38 <@tflow> so yeah13:38 <@tflow> tom from heihachi said that they can reg .cns13:38 <@tflow> per request13:38 <@tflow> and apparantly truly bulletproof13:39 < armitage> i like it... and even if we have to go to third level.13:39 <~Avunit> want me to reg it through my account there?13:40 * Avunit is ready to send a request to heihachi.13:40 < armitage> well. it's either that... or we use the funds for 2 cheaper domains (which will possibly be pulled) and a vps.13:41 < armitage> well let'S wait a sec and coordinate this so we're all on the same side13:41 <~Avunit> its wasted money on non bulletproof13:41 < armitage> 15 minutes dont make a difference now13:41 < armitage> yea13:41 < armitage> but i hoped to get one more VPS, to use as our own13:41 < armitage> NS13:41 < armitage> but i only have €6513:41 <~Avunit> I'll ask them if they can give me an offer13:41 <~Avunit> for .cn with whois protection.13:42 <~Avunit> k?13:42 < armitage> throw in a vps for one months, for $5? :)13:42 < armitage> ask for that :)13:42 < armitage> but wait13:42 < armitage> tflow is in comms with them13:42 < armitage> lets not fubar this13:42 <@tflow> we should try to get .ru back too13:42 <~Avunit> gotta auction on that then :/13:43 <~Avunit> Okay here's my suggestion13:43 <~Avunit> Main problem is the domain at this moment13:43 <~Avunit> Request a .cn @ heihachi with whois protection13:43 <~Avunit> and then raise funds13:43 <~Avunit> for the server infrastructure13:43 <~Avunit> and handle .ru13:44 < armitage> i think thats a good plan. i may fund another vps in the next days.13:44 <~Avunit> I can handle setting up and whatever again13:44 <~Avunit> since thats not public13:44 <~Avunit> so i suppose it wont matter if i keep doing that atleast for now13:45 < armitage> Avunit, are you absolutely sure tackle/triumph dont log? they tell me my last login IP etc13:46 <~Avunit> oh they do that yes13:46 <~Avunit> standard linux motd13:46 <~Avunit> lulz13:46 <~Avunit> can change that easily13:46 < armitage> where was that stored?

back

trac

esec

urity

.com

13:46 <~Avunit> and obviously it has auth.log13:46 < armitage> i mean its only vpn .. but still13:46 <~Avunit> otherwise i cant see login attempts either13:46 < armitage> k13:46 <~Avunit> its in /var/log/auth.log13:46 < armitage> can you /dev/null that?13:47 <~Avunit> Means i cant blacklist bruteforces.13:47 < armitage> i dont have root.13:48 <~Avunit> if you really want to have that gone ill look into it13:48 <~Avunit> but we got a lil bit more pressnig matters13:49 < armitage> just remove and ln -s to /dev/null .. adn yea, not that urgent13:50 <~Avunit> tflow; status?13:51 <@tflow> on what?13:51 <@tflow> Tom Meier | Support13:51 <@tflow> Staff 16/02/2011 19:5113:51 <@tflow> Hello,13:51 <@tflow> as "full bullet proof domains" we can only offer:13:51 <@tflow> .com13:51 <@tflow> .net13:51 <@tflow> .org13:51 <@tflow> .cc13:51 <@tflow> .tv13:51 <@tflow> .name13:51 <@tflow> .info13:51 <@tflow> .mobi13:51 <@tflow> .biz13:51 <@tflow> .asia13:51 <@tflow> Looks like we also can't register it at eNom.13:51 <@tflow> Mit freundlichen Gruessen,13:51 <@tflow> Tom Meier 13:51 <@tflow> ohhhhh13:51 <@tflow> LOL13:51 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: armitage13:51 <@tflow> when he said china13:51 <@tflow> he meant13:51 <@tflow> IN CHINA13:51 <@tflow> not .cn13:51 <~Avunit> -.-"13:51 <~Avunit> all those bulletproofs kinda suck :P13:52 <~Avunit> which countries do you trust?13:53 <&marduk> ungh13:53 <&marduk> HATREEEED!13:54 <~Avunit> .sg? .tw? .in? .jp?13:54 <&marduk> also: operationfreedomru domains are dead -- bad for our irc13:54 <&marduk> mh13:54 <&marduk> .sg .tw13:54 <~Avunit> .cx?13:54 <&marduk> probably the better ones13:54 <~Avunit> .ki?

back

trac

esec

urity

.com

13:54 <&marduk> .cx more13:54 <&marduk> .cc ?13:54 <~Avunit> .nu?13:54 <&marduk> what about that13:55 <&marduk> the rootkit dump is on .cc13:55 <&marduk> was never pulled13:55 <~Avunit> also available13:55 <~Avunit> .tl13:55 <&marduk> .cc is something we should keep in mind13:55 <~Avunit> .mn13:55 <~Avunit> .la13:55 <~Avunit> .tm?13:56 <@tflow> .cx hosted goatse13:56 <@tflow> and then they kicked them off13:56 <@tflow> because it was too gross lol13:56 <&marduk> .cc hosts the rootkit.com mysql dump13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.CC $18.99 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.CX $45.49 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.IN $18.46 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.KI $1,299.48 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.LA $40.30 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.MN $57.20 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.NU $31.20 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.SG $44.85 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.TL $45.49 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.TM $126.62 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.TW $37.70 13:56 <~Avunit> Please wait... Checking if TLD is available ANONLEAKS.WS $14.8113:56 <&marduk> while the .com was was DMCAed, the cc wasnt13:56 <&marduk> and 18.99 is good13:56 <~Avunit> .ki anyone?13:57 <&marduk> worth a shot imo13:57 <&marduk> 18:56 <~Avunit> Please wait... Checking if TLD is available IANONLEAKS.KI I$1,299.48 I13:57 <&marduk> what the hell13:57 <&marduk> lol13:57 <&marduk> LETS TAKE THAT!13:57 <~Avunit> lulz13:57 <~Avunit> or .tm13:57 <~Avunit> .in is doable too though13:58 <~Avunit> blegh wait, old british colony stuff13:58 <~Avunit> tflow?13:58 <&marduk> .cc + .in13:58 <&marduk> cheap options13:58 <&marduk> .cn well....13:58 <&marduk> would be the luxury option13:58 <~Avunit> .ws is cheaper :p13:59 <&marduk> but eat all our monexy13:59 <~Avunit> wait

back

trac

esec

urity

.com

13:59 <~Avunit> what the fuck13:59 <~Avunit> .in13:59 <@tflow> which registrar though?13:59 <~Avunit> just got registered?13:59 <@tflow> it's all about the registrar13:59 <&marduk> heihachi i think13:59 <&marduk> via heihachi13:59 <~Avunit> moniker13:59 <~Avunit> heard good things about em13:59 <@tflow> do they comply with dmca?14:00 <~Avunit> as far as i hear they dont pull stuff offline14:00 <~Avunit> unless its child pr0n14:00 <~Avunit> anti-dmca.com is registered with them too :P14:00 <~Avunit> xD14:02 <~Avunit> ive no idea about their payment options tho14:02 <&marduk> Avunit: hm where are you looking?14:02 <~Avunit> moniker.com14:02 <~Avunit> [19:59:48] <~Avunit> moniker14:02 <~Avunit> [19:59:54] <~Avunit> heard good things about em14:02 <~Avunit> [19:59:57] <@tflow> do they comply with dmca?14:02 <~Avunit> [20:00:07] <~Avunit> as far as i hear they dont pull stuff offline14:02 <~Avunit> [20:00:10] <~Avunit> unless its child pr0n14:02 <~Avunit> [20:00:52] <~Avunit> anti-dmca.com is registered with them too :P14:02 <~Avunit> [20:00:53] <~Avunit> xD14:02 <~Avunit> [20:02:23] <~Avunit> ive no idea about their payment options tho14:03 <~Avunit> can only pay with paypal or creditcard tho14:03 <~Avunit> >.<14:03 <&marduk> Pay using credit card on file14:03 <&marduk> Pay using a new credit card14:03 <&marduk> Pay with PayPal14:03 <&marduk> :/14:04 <~Avunit> yarr14:04 <&marduk> there's a way to convert paysafe into CC14:04 <&marduk> but meh14:04 <&marduk> thats .. sub-par i think14:04 <&marduk> costs money tpoo14:04 <~Avunit> sec trying other host14:05 <@tflow> what happened to triumph?14:05 <&marduk> it 'died'?14:05 <&marduk> it went away at least14:05 <~Avunit> .CN domain name registrants are required to submit the following documents for verification before the domain name can be registered.14:05 <~Avunit> 1. .CN Domain Application Form signed by authorized person and with company,s stamp. The Application Form can be downloaded here.14:05 <~Avunit> 2. Company Business License/Certificate (clear photocopy)14:05 <~Avunit> 3. Registrant contact person,s Identity Card (clear photocopy of both front & back side)14:05 <~Avunit> 14:05 * Avunit sticks to .cc

back

trac

esec

urity

.com

14:05 <&marduk> uhm, i dont think not if you do it via heihachi14:06 <&marduk> they will use their name or something14:06 <&marduk> or not?14:06 <~Avunit> no you need to supply that14:06 <~Avunit> but heihachi doesnt allow .cn14:06 <&marduk> oh heh okay14:06 <&marduk> i thought tflow got an offer?14:06 <&marduk> was it $60 or €60?14:06 <&marduk> it was on request14:07 <@tflow> no 14:07 <@tflow> [18:51:25] <@tflow> Tom Meier | Support14:07 <@tflow> [18:51:25] <@tflow> Staff 16/02/2011 19:5114:07 <@tflow> [18:51:25] <@tflow> Hello,14:07 <@tflow> [18:51:25] <@tflow> as "full bullet proof domains" we can only offer:14:07 <@tflow> [18:51:25] <@tflow> .com14:07 <@tflow> [18:51:25] <@tflow> .net14:07 <@tflow> [18:51:25] <@tflow> .org14:07 <@tflow> [18:51:25] <@tflow> .cc14:07 <@tflow> [18:51:25] <@tflow> .tv14:07 <@tflow> [18:51:25] <@tflow> .name14:07 <@tflow> [18:51:25] <@tflow> .info14:07 <@tflow> [18:51:25] <@tflow> .mobi14:07 <@tflow> [18:51:25] <@tflow> .biz14:07 <@tflow> [18:51:25] <@tflow> .asia14:07 <@tflow> [18:51:25] <@tflow> Looks like we also can't register it at eNom.14:07 <@tflow> [18:51:25] <@tflow> Mit freundlichen Gruessen,14:07 <@tflow> [18:51:25] <@tflow> Tom Meier 14:07 <@tflow> [18:51:34] <@tflow> ohhhhh14:07 <@tflow> [18:51:37] <@tflow> LOL14:07 <@tflow> [18:51:40] <@tflow> when he said china14:07 <@tflow> [18:51:42] <@tflow> he meant14:07 <@tflow> [18:51:42] * armitage (armitage@freeside.tessier-ashpool.org) Quit (trust.operationfreedom.ru triumph.operationfreedom.ru)14:07 <@tflow> [18:51:44] <@tflow> IN CHINA14:07 <@tflow> [18:51:46] <@tflow> not .cn14:07 <&marduk> .cc14:07 <&marduk> still my favorite then14:07 <&marduk> and lexi tries a .ch?14:08 <@tflow> katz doesn't have ch14:08 <&marduk> also we haz money left for 1-2 VPS14:08 <&marduk> ah damn14:08 <&marduk> and godaddy?14:10 <@tflow> godaddy = dmca ofc14:10 <&marduk> k14:10 <~Avunit> .cc 1 E 40.00 EUR E 40.00 EUR E 40.00 EUR14:10 <~Avunit> @ heihachi14:10 <&marduk> 40? unf.. mhh. 14:11 <&marduk> well still, 40 + 1 VPS14:11 <~Avunit> in 1 E 25.00 EUR E 25.00 EUR E 25.00 EUR

back

trac

esec

urity

.com

14:11 <&marduk> hmm14:11 <@tflow> Avunit, what happened to triumph?14:11 <&marduk> .in worked well for anonops so far?14:11 <&marduk> probably same as before14:11 <~Avunit> err probably network issues14:11 <&marduk> was gone for about an hour or so14:11 <&marduk> times out14:12 <@Topiary> I would PayPal you money if my PayPal didn't contain my actual dox14:12 <&marduk> :p14:12 <&marduk> well14:12 <&marduk> heihachi takes paysafe14:12 <~Avunit> Okay let me just throw in a vote, .cc or .in?14:12 <&marduk> so no problem there14:13 <&marduk> .in obv... 14:13 <@Topiary> .in14:13 <&marduk> or?14:13 <&marduk> i mean.. i dont think its a difference14:13 <&marduk> .cc is more expensive cause it'S cooler14:13 <@tflow> btw14:13 <&marduk> i guess14:13 <@tflow> Avunit, we managed to contact the owner of anonleaks.org14:13 <@tflow> lexi can transfer the domain to prq14:13 <&marduk> really he will borrow it to us?14:13 <&marduk> that'S awesome14:13 <@tflow> dunno yet14:14 <&marduk> if so... then they are finally right14:14 <@tflow> haven't asked yet14:14 <@tflow> but just in contact14:14 <&marduk> ok we'll see.14:14 <~Avunit> tflow; i got clearance to register anonleaks.in?14:14 <@tflow> Avunit: @ which registrar?14:14 <&marduk> but how about, we take anonleaks.in + 2 VPS for nameserver14:14 <~Avunit> heihachi14:14 <&marduk> maybe for another irc leaf too :)14:14 <&marduk> Avunit: also, we need new domains for this irc14:14 <@tflow> Avunit: via eNom or their bulletproof thingy?14:14 <~Avunit> their standard service14:15 <~Avunit> marduk: can simply set an irc.anonleaks.in domani on that14:15 <@tflow> ok i'd say go ahead14:16 <&marduk> Avunit: yeah like that14:16 <&marduk> okay, i say we go for .in now14:16 <@tflow> any particular reason for .in though?14:16 <&marduk> .ru is gone14:16 <&marduk> cheapest14:16 <&marduk> €2514:16 <&marduk> so we have money left for VPS14:16 <@tflow> ah14:16 <&marduk> to run NS and possibly ircds14:16 <@tflow> what about .me?

back

trac

esec

urity

.com

14:16 <@tflow> 15 euros14:16 <@Topiary> AnonLeaks Me14:16 <@Topiary> oh lawd14:16 <&marduk> is it?14:17 <~Avunit> sec lemmer ead about14:17 <&marduk> lol14:17 <~Avunit> .me14:17 <~Avunit> actually14:17 <~Avunit> sounds good14:17 <~Avunit> Yugoslavia ^.^14:18 <~Avunit> well Serbia now mainly14:18 <@tflow> but anonleaks.me might have a bad ring to it lol14:18 <&marduk> and it'S €15?14:18 <~Avunit> well lets stick to .in then?14:18 <&marduk> fine with me. we have enough for that14:18 <&marduk> also order another vps14:18 <&marduk> for NS14:19 <&marduk> the rest of the funds i keep.. for .. whatever14:19 <~Avunit> i got clearance to order?14:19 <&marduk> anonleaks.in (25€) + VPS (17?)14:19 <&marduk> please a VPS which is not on same rack as vlad/tacke lulz14:19 <@tflow> methinks we should buy proper dns14:20 <&marduk> how much is a "proper dns" which also is secure?14:20 <&marduk> Avunit: order domain only for now14:20 <@tflow> or actually.. i guess all we really need is a few primary dns servers + some secondary14:20 <&marduk> we can add VPS later anyway, if we need to14:20 <~Avunit> well14:20 <&marduk> but all domains are dead14:20 <~Avunit> we need nameservers14:20 <&marduk> we need one asap14:20 <~Avunit> so far we have tackle14:21 <~Avunit> we got any other nameservers ready?14:21 <&marduk> that why i suggested taking at least one more VPS14:21 <&marduk> just as backup14:21 <&marduk> we can still hunt for proper dns14:21 <~Avunit> .in sounds proper to me?14:22 <&marduk> uhm didnt you say it just got regged btw?14:23 <~Avunit> probably fail @ the javascript check14:23 <&marduk> ah k14:23 <~Avunit> because i just got a big fat green 'its free!'14:23 <&marduk> well, yes. get the domain14:23 <~Avunit> only domain or vps too?14:23 <&marduk> tflow: what you think? one more heihachi VPS?14:23 <~Avunit> we only have tackle atm as a nameserver ready thing14:23 <&marduk> that was €17?/m?14:23 <~Avunit> erhm lemme check14:23 <@tflow> ok, so what's the budget?14:24 <@tflow> how much do we have to burn/14:24 <&marduk> for heihachi or rather paysafe i can fund €65

back

trac

esec

urity

.com

14:24 <&marduk> obv.. i dont wanna spend all right now14:24 <&marduk> domain is €2514:24 <~Avunit> 11 for cheapest vps14:25 <&marduk> for NS that should be fine14:25 <&marduk> no ircd there14:25 <&marduk> just NS?14:25 <~Avunit> ircd could run on it too even, but good enough for just NS yes14:25 <&marduk> then i say get domain and a chapass vps14:26 <~Avunit> Domain (25) + vps (11) and then do fundraising?14:26 <&marduk> is there still money left on the account?14:26 <~Avunit> 514:26 <&marduk> yeah i have funds now14:26 <&marduk> excellect14:26 <&marduk> then i give you 3014:26 <&marduk> arh damn14:27 <~Avunit> that wont make it :P14:27 <&marduk> lol, €1 missing14:27 <&marduk> well 40 then.14:27 <&marduk> leaves me with 25€14:32 -!- marduk is now known as armitage14:32 -!- armitage is now known as bla14:32 -!- bla is now known as armitage14:32 -!- armitage [marduk@eridu.sumer] has quit [Changing ident]14:32 -!- armitage [armitage@eridu.sumer] has joined #hq14:32 -!- ServerMode/#hq [+ao armitage armitage] by isla.operationfreedom.ru14:32 -!- armitage [armitage@eridu.sumer] has quit [Changing host]14:32 -!- armitage [armitage@freeside.tessier-ashpool.org] has joined #hq14:32 -!- ServerMode/#hq [+ao armitage armitage] by isla.operationfreedom.ru14:36 <@tflow> btw14:36 <@tflow> we really need to focus on getting .ru back14:36 <~Avunit> cup of tea brb14:37 <&armitage> tflow: yes, how?14:37 <~Avunit> tflow: i ordered .in and we'll have 2 nameservers, lets do some fundraising?14:37 <&armitage> what the fuck happened anyway?14:37 <~Avunit> so we can auction .ru (wont be expensive) and get the infrastructure done14:37 <~Avunit> 5 secs brb14:37 <&armitage> well how did it went in aution?14:38 <@tflow> how do we get .ru back?14:38 <&armitage> if we have to auction it back every week, that's not the idea i had in mind heh14:38 <@tflow> http://auction.nic.ru/en/14:38 <@tflow> anonleaks isn't even there yet14:41 <&armitage> well.. we kinda should find out what happened first, no?14:41 <~Avunit> armitage14:41 <&armitage> wasnt it paid? did it expire?14:41 <~Avunit> we know.14:41 <~Avunit> atleast14:41 <&armitage> oh?14:41 <~Avunit> we sort of know14:41 <~Avunit> but

back

trac

esec

urity

.com

14:41 <~Avunit> we got no official statement14:41 <&armitage> so what do we think?14:41 <~Avunit> untill then it wont be on auction either14:43 <@tflow> http://nic.ru/dns/domain/en/rf.html14:43 <@tflow> wtf is that lol14:44 <@tflow> http://кц.рф/en/14:44 <&armitage> cyrillic14:44 <&armitage> there are arabic domains too14:44 <&armitage> pretty confusing14:44 <&armitage> xn--foo14:45 <&armitage> just had connection to triumph.. 14:45 <~Avunit> cyrillic .ru14:45 <&armitage> for a second14:45 <&armitage> lol14:45 <&armitage> now no route14:45 <&armitage> anonleaks.su ?14:45 <~Avunit> Gelesen & Bearbeitung geplant14:45 <~Avunit> well they read it :p14:45 <&armitage> hmm.14:46 <&armitage> probably not until tomorrow :/14:47 <&armitage> tflow: you leeching the tarball for seeding?14:48 <~Avunit> no route to host maximum powah14:49 <&armitage> http://hbgary.anonleaks.ru/aaron_hbgary_com/14:49 <&armitage> works again :o14:49 <&armitage> something is a bit weird15:11 * Avunit waits15:12 * armitage waits along15:13 <~Avunit> f5f5f515:13 <&armitage> http://hbgary.leakmirror.org/15:14 <&armitage> :P15:16 <~Avunit> In Progress15:16 <~Avunit> ^15:16 <~Avunit> we're making progress15:17 <&armitage> yay15:17 <&armitage> and we have working mirror again. and the avunit is back!15:17 * armitage feels much better this evening15:22 <~Avunit> cant reach15:22 <~Avunit> heihachi.net T__________T15:23 <~Avunit> brb15:57 -!- marduk [marduk@eridu.sumer] has joined #hq15:59 < marduk> !aop add molly15:59 < marduk> wat?15:59 < marduk> !deop del molly16:02 <~Avunit> deop del molly?16:02 <~Avunit> lulz?16:02 < marduk> yeh meh, wrong chan16:02 < marduk> doesnt matter16:02 < marduk> wasnt regged anyway16:03 <~Avunit> iz molly

back

trac

esec

urity

.com

16:03 <~Avunit> ur girlfriend?16:03 < marduk> kinda :)16:03 < marduk> the nick i use on triumph for anonops16:04 < marduk> tackle=armitage, triumph=molly16:04 <~Avunit> lol16:05 < marduk> hmm tflow16:05 <~Avunit> GUIS GUIS GUIS16:05 <~Avunit> [22:02:39] <Global> Backing up databases16:05 <~Avunit> we got backup of databases16:05 <~Avunit> :I16:05 < marduk> triumph is up. and anonleaks.ru is up, too16:06 < marduk> doesnt it always backup? :o16:06 < marduk> ah right16:06 < marduk> hmm i think i make it easier for all16:06 -!- marduk is now known as molly16:06 <~Avunit> yeah lol :P16:06 <~Avunit> it does16:07 <~Avunit> like well every X hours16:07 < molly> so.. that wasn't really important :p16:07 <~Avunit> not at all, tbh.16:08 < molly> kk :)16:11 < molly> tflow, can you add molly (y/anone) to #reporter AOP? owen that meany set that to level 11 :p 16:12 < molly> i want to keep two nick groups for .. ease of maintainance16:12 <~Avunit> ^16:12 <~Avunit> he's pretending to be a girl16:12 <~Avunit> on this nick.16:12 <~Avunit> Don't fall for ti.16:12 < molly> hey, that always works16:12 < molly> even if ppl know i'm a guy. girlish nicks give an edge16:13 < molly> especially if i make sad smileys :(16:13 <~Avunit> :3 works better16:13 < molly> :)16:16 -!- molly [marduk@eridu.sumer] has quit [Changing ident]16:16 -!- molly [millions@eridu.sumer] has joined #hq16:16 -!- molly [millions@eridu.sumer] has quit [Changing host]16:16 -!- molly [millions@freeside.tessier-ashpool.org] has joined #hq16:19 <@tflow> Avunit16:20 <@tflow> is it possible that the account is just locked16:20 <@tflow> not deleted16:20 <@tflow> for anonleaks.r16:20 <@tflow> .ru16:20 <@tflow> maybe you need to contact them16:20 <~Avunit> nah16:20 <~Avunit> the account is still there16:20 <~Avunit> just the domains are removed from it16:20 <~Avunit> and ownership transferred16:21 <@tflow> ownership transferred to who?16:21 <@tflow> nic.ru?

back

trac

esec

urity

.com

16:21 <~Avunit> ANO "Regional Network Information Center"16:21 <~Avunit> aka nic16:21 <@tflow> didn't they at least email you?16:21 < molly> it's all a bit strange..16:22 <~Avunit> well i got an e-mail16:22 <~Avunit> that16:22 <~Avunit> ownership was transferred16:22 <~Avunit> .16:22 <~Avunit> and thats an automated one :P16:23 < molly> hmm.16:23 <~Avunit> lemme check now16:23 <@tflow> plz contact them16:23 <@tflow> Contacts16:23 <@tflow> Telephone:+7 (495) 994-46-01, +7 (495) 737-06-0116:23 <@tflow> Fax: +7 (495) 737-06-0216:23 <@tflow> Working hours: 9:00-19:00 MSK (Monday-Friday)16:23 <@tflow> E-mail addresses:16:23 <@tflow> ru-ncc@nic.ru — .RU, .РФ, .SU, .NET.RU, .ORG.RU, .PP.RU, .COM.RU domain names16:23 <@tflow> tld-ncc@nic.ru — .NET, .COM, .ORG, .BIZ, .INFO, .CC, .TV, .ME domain names16:23 <@tflow> ru-cont@nic.ru — information regarding conclusion of the Service Agreement16:23 <@tflow> ru-bill@nic.ru — information regarding billing procedures16:23 <@tflow> support@nic.ru — technical support of additional services16:26 <~Avunit> Dear Sirs,16:26 <~Avunit> The domain ANONLEAKS.COM Administrator (Owner) has been changed.16:26 <~Avunit> Previous Administrator:16:26 <~Avunit> David Gottlieb16:26 <~Avunit> New Administrator:16:26 <~Avunit> ANO "Regional Network Information Center"16:26 <~Avunit> Service renewal will be possible in at least one day.16:26 <~Avunit> we all know thatll be useless tflow, since they are probably right16:26 <~Avunit> and it wont quite help us if i go poke on that identity about it16:28 <@tflow> it's worth a shot...16:28 <@tflow> lexi is willing to use his identity temporarily16:29 <@tflow> plus it doesn't show in the whois anyway16:29 <~Avunit> no bu ti mean16:29 <~Avunit> if its about yknow illegal registrants n shit16:29 <~Avunit> being the fraud person16:29 <~Avunit> doesnt qutie help then :P16:29 <@tflow> well16:30 <@tflow> you could at least ask them why they did it first16:30 <~Avunit> *obviously*16:30 <~Avunit> Do I look like that's not the first thing I did? :P16:31 <~Avunit> oh payment processing at heihachi is done16:31 <~Avunit> awaiting activation of services now16:33 <&armitage> whee16:34 <&armitage> !aop add molly 16:34 -!- mode/#hq [+o molly] by HQBot16:50 <&armitage> !aop add nessuno

back

trac

esec

urity

.com

16:50 <@molly> !invite nessuno16:50 !isla.operationfreedom.ru *** HQBot invited Nessuno into the channel16:50 -HQBot:#hq- Nessuno was invited to the channel.16:52 -!- Nessuno [fag@fagz.fagz] has joined #hq16:52 -!- mode/#hq [+o Nessuno] by HQBot16:52 <@Nessuno> yay16:52 <@Nessuno> ty17:19 <@molly> av can you tell me isla, triangle, twisted IPs?17:21 <@molly> btw what happened with the opfreedom domain, same as with anonleaks.ru?19:02 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @armitage, @Nessuno, @tflow21:37 <@molly> Topiary, Sabu btw21:37 <@molly> woah21:37 <@molly> fakegregghoush21:37 <@molly> twitter21:37 <@Topiary> Hmm, yes21:37 <@molly> that is @dstufft21:37 <@Topiary> it is21:37 <@molly> yep21:37 <@molly> gregg told me :p21:37 <@Topiary> Gregg told me quite some time ago, heh21:38 <@Topiary> though considering we've had a Skype conference open with a few others since November, information is spread quick21:38 <@molly> yeah well, i usually ignore trolls so i wouldnt care21:38 <@molly> just that one caught my attention. although av said we should drop it 21:39 <@Topiary> there are a number of trolls going right now, he's just trying to rile up attention from AnonymousIRC desperately21:39 <@Topiary> I wouldn't respond21:39 <@Topiary> I only respond to him on mine to poke fun, troll, or act neutral21:39 <@Topiary> that's the best way to piss trolls off21:40 <@molly> i did now once.21:40 <@molly> i'm in the mood.21:40 <@molly> also.. it's relatively riskless21:41 <@molly> on the side of HBGary you will get buried :)21:43 <@Topiary> link him to an image with a bit URL of "I ain't even mad"21:43 <@Topiary> I've done it with "feels good man"21:44 <@Topiary> http://bit.ly/e3rd3E21:44 <@Topiary> here21:44 <@molly> that's rather your style. i used a bit induced rage with a tiny amount of doubt about his information21:45 <@Topiary> damn, but that would be thewins21:45 <@molly> why don't you reply then :p21:45 <@molly> i already did reply once.. second one is lame on my end21:45 <@Topiary> because I already sent him a bit URL of "feels good man"21:45 <@Topiary> if you send him that one I just linked21:46 <@molly> ahh21:46 <@molly> ok21:46 <@Topiary> he will be royally pissed21:46 <@Topiary> http://twitter.com/#!/atopiary/status/38061524723576832

back

trac

esec

urity

.com

21:46 <@molly> any accompying text?21:46 <@Topiary> Just @him http://bit.ly/e3rd3E21:46 <@Topiary> it will be the lulz21:47 <@molly> ah he replied, okay then21:47 <@molly> :)21:47 <@Topiary> heh, thought you noticed21:47 <@molly> my twitterfall is slow :)21:48 <@molly> scanning hbgary and anonleaks21:48 <@molly> plus my timeline21:49 <@Topiary> that's hilarious though, I love using twitter to send shortened URLs of reaction images21:50 <@Topiary> it shuts arguments down in seconds21:52 <@molly> but now enough of this.21:52 <@molly> more relevant tweets! :p21:53 <@molly> it was ./ed again21:53 <@molly> http://it.slashdot.org/story/11/02/17/0041208/Anatomy-of-the-HBGary-Hack?from=rss22:03 <@molly> sorry got disconnected22:03 <@molly> after my url22:06 <@molly> http://twitter.com/#!/hypeonmedia22:06 <@molly> aaron?22:06 <@molly> :p22:06 <@molly> hm rather one of the trolls22:06 <@molly> i see he follows dstufft and jester22:07 <@molly> actually22:08 <@molly> mm22:28 <@Topiary> Jester follows HBGaryPR and dstufft22:28 <@molly> http://cryptome.org/0003/anon-surpass-wl.htm22:28 <@molly> hmm22:29 <@molly> hmm regarding jester(22:29 <@Topiary> him and his faggots have gone really quiet22:30 <@Topiary> the main dude that trolls has been offline since the superbowl22:30 <@molly> funny timing heh22:30 <@molly> hmm22:30 <@molly> you know that aaron wanted to expose us22:30 <@molly> fits well together with jesters stuff actually22:31 <@molly> plus their research is about similar crap22:36 <@Topiary> and didn't they both have military involvement?22:40 <@molly> yes22:42 <@Topiary> If Jester is Barr I will laugh so hard22:43 <@Topiary> oh lawd, should have tried logging into Jester's twitter with Aaron's pass22:43 <@molly> nah. i dont think so22:43 <@molly> but barr may be well related to RJackSix22:44 <@molly> i dont think that barr would ddos jihad sites and tweet about it22:44 <@molly> i really doubt that22:45 <@Topiary> seems suspicious that most of Jester's main followers (@tyrkoil for example) have shut completely up22:46 <@Topiary> we should spai on Jester's IRC channel22:46 <@molly> uh not me

back

trac

esec

urity

.com

22:46 <@molly> i had enough of this crap22:46 <@molly> also.. no relevant info will be exchanged threr22:46 <@Topiary> I'll just boot up a separate mIRC and lurk in there22:46 <@molly> if at all, then misonformation22:48 <@molly> and i still dont get what this fb dude wants22:49 <@Topiary> I'm lurking in there now, I won't say anything but will relay any logs that mention us22:49 <@Topiary> just to have extra knowledge22:51 <@molly> i find this guy highly suspicious23:26 <@Topiary> [04:13] <@CryptKper> #opclueless 11 users - Operation Clueless - Helping anons prosecuted by governments.23:27 <@molly> actually there is an +s chan for that .. but well :)23:28 <@Topiary> they're mainly talking about us23:28 <@Topiary> nothing of note yet23:28 <@molly> meh coming.23:29 <@molly> hmm what identity....23:29 <@molly> *that* one23:31 <@Topiary> I'm totally joining under Topiary on a separate VPN23:31 <@Topiary> and just gonna see if they know who I am23:31 <@Topiary> for lulz23:31 <@molly> heh23:31 <@Topiary> [04:31] * Topiary (~topiary@84.19.169.162) has joined #jester23:32 <@Topiary> two clones in there, one VPN on CZ, one non-VPN on mIRC23:32 <@Topiary> well not really clones in that case23:32 <@Topiary> but you know23:35 <@molly> another thing23:35 <@molly> which always had me wondering23:36 <@molly> in one of aarons anonymous docs23:36 <@molly> he has one of my exit nodes23:36 <@molly> which is quite interesting23:36 <@molly> because here they wouldnt show23:36 <@molly> unless they cracked the hash...23:36 <@molly> but on 2600.net they do show...23:36 <@molly> and i was there unmasked as q23:36 <@molly> when i talked to rjsix23:42 <@Topiary> Are you in there?23:42 <@molly> sure :p23:46 <@Laurelai> hi23:46 <@Topiary> Hi Laurelai23:46 <@Topiary> [04:46:26] <unstable> well, i might risk of getting banned but i am really kinda curious, didnt jester want to bring down anonymous and now.. it uh, somehow they took down one of the players in his turf? what happened there?23:46 <@Topiary> is this you q?23:47 <@Topiary> Laurelai: http://twitter.com/#!/Narganon/status/3807424707087564823:47 <@Topiary> this man/woman is "going after" you after he's done with "going after" me23:47 * Topiary shrugs23:47 <@molly> yep of course23:48 <@molly> who else could i be, bobody else joined and stayed23:48 <@molly> excpet chatterbox

back

trac

esec

urity

.com

23:48 <@Laurelai> Topiary: what23:48 <@Topiary> he's talking about finding us IRL I believe23:48 <@Laurelai> what the hell have i ever done to this guy23:50 <@Topiary> you exist and he's bored23:50 <@Topiary> that's all there is to it23:50 <@molly> well i wish him good luck heh23:50 <@Topiary> because I don't know him either23:50 <@Topiary> well actually there are about 6 different accounts on twitter tweeting about me23:50 <@Topiary> three are trying to dox me, one is constantly telling the media that I'm the leader of Anonymous, another is just spouting general hate, and the final one is urging people to dox Anons including me23:51 <@Topiary> is February when trolls get bored the most?23:51 <@molly> lol23:51 <@Topiary> is it something in the air?23:51 <@molly> nice tag team23:51 <@molly> it's probably a cia psyops23:51 <@molly> would be adequate regarding quality23:55 <@Laurelai> and im not exactly hiding who i am23:56 <@Laurelai> if he wants to come to my house and make an issue hes more than welcome to meet both barrels of my home security system :)--- Day changed Thu Feb 17 201100:01 <@molly> Topiary: hm00:01 <@Topiary> I don't know what I'm doing in the chan00:01 <@molly> chance to get som intel on that dstufft+xy?00:01 <@molly> you're doing great :p00:01 <@Topiary> I know exactly who dstufft is00:02 <@Topiary> I have all their dox00:02 <@Topiary> It's six people00:02 <@molly> oh those six?00:02 <@Topiary> It's the same six from chanology - apparently they have something planned for this Saturday (19th)00:02 <@Topiary> Most likely a drop of what they think is dox.00:03 <@molly> yawns. i wonder who i am this time, or likely they will neglect me.00:05 <@molly> Topiary: see -staff00:06 <@Topiary> I really don't trust the new dude in there00:06 <@Laurelai> so00:06 <@Laurelai> its the people from chanology doing this??00:07 <@Topiary> Laurelai: it's the six fags lead by Jennifer Emick00:07 <@Laurelai> HOLY FUCKING BALL00:07 <@Laurelai> I KNOW THAT CUNT00:08 <@molly> oh forgot you're also here00:08 <@molly> :)00:08 <@Topiary> molly: I'm going to make everyone in #jester love me so hard00:08 <@Topiary> look at that motherfucking respect I'm getting already00:08 <@Topiary> dumb motherfuckers00:08 <@molly> interesting strategy :)00:09 <@Laurelai> encyclopediadramatica.com/Jennifer_Emick00:10 <@molly> .oO00:10 <@molly> what did i get into here

back

trac

esec

urity

.com

00:10 <@Laurelai> if that bitch is behind this00:11 <@Laurelai> then i got some friends who might be willing to help00:12 <@Topiary> I don't know her exact new address after she moved00:13 <@Topiary> if we bring her down, the whole group will fail00:15 <@Laurelai> http://pipl.com/directory/people/Jennifer/Emick00:15 <@Laurelai> Jennifer Emick, Age 39, 4121 Wakefield Loop, Fremont, CA...00:19 <@molly> Topiary: 05:17 < anon1101> btw, let me be clear that I'm not Narganon.. just trying to be helpful.00:19 <@molly> #reporter00:19 <@molly> wut?00:19 <@Topiary> http://piratepad.net/V6UQH9WSXu00:34 <@molly> i'll need sleep :)00:56 <@Laurelai> Topiary: 04:15 <@Laurelai> Topiary: they arent behind it04:15 <@Laurelai> at all04:16 <@Laurelai> you got PA'ed04:16 <@Laurelai> and i think i know by who05:10 -!- Irssi: #hq: Total of 6 nicks [3 ops, 0 halfops, 0 voices, 3 normal]08:18 <@Laurelai> anyone awake08:37 <@molly> hi08:37 <@molly> just woke up08:39 <@molly> mhh08:39 <@molly> what happened?08:51 <@Laurelai> molly08:51 <@Laurelai> that piratepad08:51 <@Laurelai> is full of info for people who had nothing to do with anything08:51 <@Laurelai> you all have been PA'ed08:52 <@molly> uhm i had not to do anything with that pad08:52 <@Laurelai> i wasnt claiming you did08:52 <@molly> plus, i was not bothered by these people either08:52 <@Laurelai> im just informing everyone08:52 <@molly> yup, that would be for Topiary 08:52 <@Laurelai> that something alot more sinister is going on08:52 <@molly> hm?08:53 <@Laurelai> does anyone know what08:53 <@molly> i dont think dstufft and co are a problem08:53 <@Laurelai> marblecake means08:53 <@molly> you mean what we did with HBGary?08:53 <@Laurelai> c0s told HBgary my infos08:54 <@molly> c0s? why would he do that?08:54 <@Laurelai> and has been after my info for the past week08:54 <@Laurelai> because08:54 <@Laurelai> hes gregg houshe08:54 <@molly> i know.. and?08:54 <@Laurelai> and hes one of those people who thinks he can control anonymous08:54 <@Laurelai> you dont know do you08:54 <@Laurelai> gods blood you dont know08:55 <@molly> that strikes me as most strange; i talked to him a couple of times08:55 <@molly> he did not see to want to control anything

back

trac

esec

urity

.com

08:55 <@Laurelai> yes hes very manipulative08:56 <@Laurelai> cause i jsut talked to jen on the phone08:56 <@Laurelai> and SP on skype08:56 <@Laurelai> and they have no idea whats going on08:56 <@Laurelai> and i know them08:56 <@Laurelai> they cant hack08:56 <@Laurelai> they dont know how08:57 <@Laurelai> they dont even care about anonops08:57 <@molly> well, i still don't understand what is the goal of this thing?08:57 <@Laurelai> to get at me08:57 <@Laurelai> because08:57 <@molly> mmh.08:57 <@Laurelai> lol he is pissed at me08:57 <@Laurelai> has been for years08:59 <@Laurelai> its all just a childish grudge08:59 <@molly> well i dont know, i told him about dstufft and that we know his nick on anonnet; which he seemed to did not know08:59 <@molly> well then if it's only that.. ignore the trolls? 08:59 <@Laurelai> he runs a business with dstufft08:59 <@molly> he does?08:59 <@Laurelai> yes08:59 <@Laurelai> dstufft is daemon08:59 <@Laurelai> he knows daemon08:59 <@Laurelai> i know he does08:59 <@molly> mhh he says dstufft hates him; also usus an anti-gregghoush twitter now08:59 <@molly> all for disguise?09:00 <@Laurelai> hmm didnt know that09:00 <@molly> http://twitter.com/#!/fakegregghoush09:00 <@molly> this one is dstufft09:00 <@Laurelai> no09:00 <@molly> according to gregg.09:00 <@Laurelai> lol09:00 <@Laurelai> http://twitter.com/#!/dstufft09:01 <@Laurelai> thats dstufft09:01 <@molly> gregg says they are the same. now why would he lie about that? this would be found out easily09:01 <@Laurelai> i dont know09:01 <@Laurelai> but i think09:01 <@Laurelai> we should take a stronger look at everything09:01 <@molly> can you tell me how you know/thin that gregg passed you data along?09:01 <@molly> oh yes, i already do that09:02 <@Laurelai> because jen told me over the phone09:02 <@molly> i can move relatively safe cause none of the bastards has any idea who i am09:02 <@Laurelai> because she says people from anonops have been harrasing her09:02 <@molly> ah okay.. mhh maybe it was some comm fuckup09:02 <@molly> i will talk to gregg if the time is good; obviously not telling him what you said09:02 <@Laurelai> ok09:02 <@molly> but see if i can get some info from him w/o saying aynthing more09:02 <@molly> so we can see if it matches/checks out

back

trac

esec

urity

.com

09:03 <@Laurelai> i mean yeah jens a little weird09:03 <@Laurelai> but shes harmless09:04 <@Laurelai> highoverlord09:04 <@Laurelai> hes a brain dammaged vet09:04 <@Laurelai> ive met him irl09:04 <@molly> oh that chick we talked yesterday about09:04 <@molly> the one on ED?09:04 <@Laurelai> yeah09:04 <@molly> k09:04 <@Laurelai> highoverlord doesnt even know what time it is most of the time09:04 <@Laurelai> hes nice09:05 <@Laurelai> just has brain dammage09:05 <@molly> well i don't know any of these ppl09:05 <@molly> usually tayed away from such groups heh09:05 <@Laurelai> yeah09:05 <@Laurelai> they were all people who worked with me when i did stuff for chanology09:05 <@Laurelai> all of them09:05 <@molly> but well, if some ppl know your dox anyway.. whats the pressure on you?09:06 <@Laurelai> there sint09:06 <@Laurelai> really09:06 <@Laurelai> i dont hide who i am09:06 <@Laurelai> but 09:06 <@molly> so it's only to annoy you?09:06 <@Laurelai> whats the goal?09:06 <@Laurelai> it just makes me think09:06 <@molly> thats what i am trying to figure our09:06 <@Laurelai> what are they trying to accomplish09:06 <@molly> most likely: they think it annoys you, makes you panic/cry whatever09:06 <@Laurelai> lol09:06 <@molly> typical trolls09:06 <@Laurelai> i post my name on my twitter09:06 <@Laurelai> and facebook09:07 <@molly> lol?09:07 <@Laurelai> and i dont care09:07 <@Laurelai> lol09:07 <@molly> okay09:07 <@molly> didnt know you were that blatant :)09:07 <@Laurelai> im *not* anonymous09:07 <@Laurelai> im a reporter09:07 <@Laurelai> lol09:07 <@molly> well, probably the best we can do is to ignore that stuff and dont waste any time on it09:08 <@molly> and by the way YAAAAY for anonleaks.ch :)09:08 <@Laurelai> yeah but i know c0s09:08 <@molly> ill try to find sth out via him09:08 <@Laurelai> i know if you ignore him he doesnt go away09:08 <@Laurelai> he just stabs you in the back09:08 <@molly> he doesnt know me really, so this is a good think09:08 <@molly> if he is what you say09:08 <@molly> he would want to know more

back

trac

esec

urity

.com

09:08 <@molly> i throw him a piece of meat and see what happens09:08 <@Laurelai> ok09:08 <@Laurelai> :)09:09 <@Topiary> Laurelai09:09 <@Topiary> Gregg Housh is the one that told us that Jennifer Emick was @dstufft09:09 <@molly> so hm vlad/tackle still down. or rather again; tflow popped up.09:10 <@molly> so either he is outright lying there.. but that would be quite risky09:10 <@molly> if it's wrong it will be detected soon and he lose cred09:10 <@molly> or maybe he is simply wrong.09:10 <@Laurelai> Topiary: hes lying to you09:11 <@Laurelai> jen cant hack09:11 <@Laurelai> lol09:11 <@Laurelai> Topiary: hes using you09:11 <@Laurelai> lol09:11 <@Topiary> he also notes that Jen and the fags sign onto Skype every time @fakegregghoush comes online on twitter09:11 <@Laurelai> Topiary09:11 <@molly> all dstufft did was parsing public whois info. doesnt even have to be done himself; could have just been relayed info09:11 <@Laurelai> why do you think09:11 <@molly> just sayinf09:11 <@Laurelai> all of those people09:11 <@Laurelai> are people i know09:12 <@molly> sorry brb09:12 <@Laurelai> Topiary: highoverlord is a brain dammaged veteran09:12 <@Laurelai> jen09:12 <@Laurelai> jen just talks alot09:12 <@Laurelai> and is sometimes annoying09:12 <@Laurelai> SP09:12 <@Laurelai> Sp is just some paranoid brit who hates scientology09:12 <@Laurelai> reylt09:13 <@Laurelai> is borderline retarded09:13 <@Laurelai> Topiary: i talked to all of them they dont know whats going on09:13 <@Laurelai> but09:13 <@Laurelai> they know09:13 <@Laurelai> gregg keeps coming after them09:14 <@Laurelai> because of the stuff they helped me with back in the day09:14 <@Laurelai> Topiary: do you know about marblecake09:14 <@Topiary> not particularly09:15 <@Laurelai> gregg is the leader of a group who thinks they can control anonymous09:15 <@Laurelai> they are called marblecake09:15 <@Topiary> All I know is of the IRC channel simply called #marblecake09:15 <@Laurelai> we discovered this during the early days of chanology09:15 <@Topiary> back in chanology09:15 <@Laurelai> and exposed them09:15 <@Laurelai> and aftert hat09:15 <@Laurelai> that*09:16 <@Laurelai> he did everything in his power to drive us off/dox us ect..09:17 <@Laurelai> he will sell out anyone and everyone for personal gain too

back

trac

esec

urity

.com

09:17 <@molly> well sorry but lol09:17 <@molly> "gregg is the leader of a group who thinks they can control anonymous"09:17 <@molly> if he is, then just ignore him?09:17 <@molly> obviously it's bullshit09:17 <@Laurelai> because he manipulates people09:17 <@Laurelai> look what he had Topiary ready to do09:17 <@molly> to do what?09:17 <@molly> hm what did he do?09:18 <@Laurelai> hes the one that told Topiary that jen and them were behind this crap09:18 <@molly> so far nothing happened as far as i can tell09:18 <@Laurelai> when they werent09:18 <@molly> well, obviously we dont know for sure yet who is behin who on twitter etc09:18 <@molly> but the more i hear of this09:18 <@molly> the more i realize how childish this is09:18 <@Laurelai> yeah09:18 <@Topiary> Laurelai: I was a bit suspicious of how much he pushed the issue09:18 <@Laurelai> lol09:18 <@Topiary> he seemed too aggressive with it09:18 <@molly> and i have better stuff to do. however, i will try to SE gregg a bit09:19 <@Topiary> but in any case, I don't give a shit about faggots versus faggots form chanology days09:19 <@Topiary> so it can be whoever09:19 <@Laurelai> Topiary: thank you09:19 <@Laurelai> thats all i ask is you dont give a shit09:19 <@Laurelai> and lets all go back to raping iran09:19 * molly doesn't either. i am just a bit intrigued about Gregg now09:22 <@Topiary> both sides are obviously pretty butthurt over banning each other on forums, trying to fuck with each other, then thinking their situation is so important (pretentious dicks, all of them) that they can drag all Anon operations into it09:22 <@Topiary> I give no shit about their drama, herp derp IPs, herp derp dox, herp bans09:23 <@molly> then there is some kind of competition between anonnet and anonops?09:23 <@molly> i never was on anonnet though09:24 <@Laurelai> molly: yeah i wasnt part of that either09:24 <@Laurelai> this goes back further09:24 * molly is newfag09:26 <@Topiary> I was around back then, just not paying attention to arrogant faggots spouting shit at other arrogant faggots09:26 <@Laurelai> Topiary: was prolly a good idea09:26 <@Laurelai> in retrospect i should have done the same09:27 <@Laurelai> thats why i just write articles and give ideas09:27 <@Topiary> TBH all of them are twats09:27 <@Laurelai> yep09:29 <@Topiary> I trust Gregg in a sense; naturally I don't trust him about random things, but perhaps thought he wasn't bullshitting about the Jennifer thing09:29 <@Topiary> doesn't make a different to me either way09:29 <@Topiary> *difference09:29 <@Topiary> wouldn't make a difference to me if you were secretly Jennifer Emick playing the double-troll09:29 <@Topiary> really this shit affects nothing

back

trac

esec

urity

.com

09:30 <@Laurelai> well lol09:30 <@Laurelai> im not09:30 <@Laurelai> my name actually is Laurelai 09:30 <@Topiary> "a pylon that moved up" as described on twitter by the trolls09:30 <@Topiary> that's you09:30 <@Topiary> and I am a, err,09:31 <@Topiary> "pretentious twat hipster vag"09:31 <@Topiary> or something along those lines.09:31 <@Laurelai> lol09:31 <@Laurelai> oh09:31 <@Laurelai> dude09:31 <@Laurelai> haha09:31 <@Laurelai> i dont think your a hipster09:31 <@Laurelai> :p09:32 <@Topiary> they think I'm a hipster because they've seen an OKCupid profile of some faggot they think is me09:32 <@Topiary> in fairness he's pretty hipster09:32 <@Laurelai> lol09:32 <@Topiary> but hey, still a pretentious twat vag, 3/4 ain't bad09:32 <@Laurelai> lol09:33 <@Laurelai> you are ok by me09:33 <@Laurelai> if that means anything from a pylon09:33 <@Laurelai> :p09:33 <@Topiary> I'm reminded of the movie Lucky Number Slevin09:34 <@Topiary> ever seen it?09:35 <@Laurelai> nope09:35 <@Topiary> shit, can't make my awesome analogy09:35 <@Laurelai> ill watch it tomorrow09:36 <@Laurelai> im gonna read the dalilammas twitter for a bit and go to bed09:37 <@Topiary> enjoy09:53 <@molly> Topiary: 09:53 <@molly> still around?12:08 -!- Topiary [topiary@do.the.impossible] has quit [Ping timeout: 121 seconds]12:16 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq12:32 <@molly> ui wow12:32 <@molly> wb tackle12:41 -!- armitage [armitage@freeside.tessier-ashpool.org] has joined #hq12:41 < armitage> yay13:21 !isla.operationfreedom.ru *** HQBot invited Nessuno834 into the channel13:22 -!- Nessuno834 [nessuno@HA-6c4.s5e.qempvl.IP] has joined #hq13:22 -!- mode/#hq [+o Nessuno834] by HQBot13:26 -!- mode/#hq [+o tflow] by HQBot13:39 !isla.operationfreedom.ru *** HQBot invited Topiary into the channel13:39 -!- Topiary [topiary@do.the.impossible] has joined #hq13:39 -!- mode/#hq [+o Topiary] by HQBot14:14 -!- molly [millions@freeside.tessier-ashpool.org] has quit [Quit: Changing server]14:17 -!- molly [millions@freeside.tessier-ashpool.org] has joined #hq14:17 -!- mode/#hq [+o molly] by HQBot14:17 <@molly> J opfreedom

back

trac

esec

urity

.com

14:38 <@Topiary> Laurelai: anything new with this twittertroll thing?14:38 <@Topiary> [19:35:56] Topiary: Gregg did you give Laurelai's information to HBGary?14:38 <@Topiary> [19:36:11] Emily: Who is Laurelai14:38 <@Topiary> [19:36:17] Emily: Other than a "transgendered bitch"14:39 <@Topiary> [19:37:04] Gregg: no idea14:39 <@Topiary> [19:37:10] Gregg: seems to just be some person on anonops?14:41 <@molly> from anonnet?14:43 <@Topiary> I've never been on anonnet.14:43 <@molly> from where then?14:43 <@Topiary> That's from Skype.14:43 <@molly> ah14:48 <@Nessuno834> laurelai you a trap14:49 -!- Nessuno834 is now known as Nessuno14:50 <@Topiary> Heh, I don't trust any of these chanology "hurr Anon must be controlled" niggers14:50 <@Topiary> all in the same boat, whether they're trying to dox us or trying to make us dox their opponents14:53 <@Topiary> I know it's ironic but I think a brief encounter with fresh air might clear their retardation14:53 <@Nessuno> who topiary?14:54 <@Topiary> anyone involved in chanology/marblecake/herpderp who pick at each other because they're butthurt over years of forum bans and petty arguments that change nothing14:55 <@Topiary> it honestly does not go deeper than that14:57 <@Topiary> I mean, if they all met up in a big room, it wouldn't be a scrap resulting in fatalities, it would be a series of awkward glances and having nothing to say or do14:57 <@Topiary> Internets is srs bsns, and with that I am going to iron some clothes14:58 <@molly> yup, thats why its best to ignore all this crap15:08 <@molly> tflow, ?16:21 <@molly> mhh Sabu so quiet....17:15 <@molly> !aop add evey17:15 <@molly> gnah17:16 < armitage> !aop add ivey17:16 < armitage> !aop addevey17:16 < armitage> !aop add evey17:16 <@molly> !invite evey17:16 !isla.operationfreedom.ru *** HQBot invited evey into the channel17:16 -HQBot:#hq- evey was invited to the channel.17:16 -!- evey [ouija@HA-b0c.smh.b454mb.IP] has joined #hq17:16 -!- mode/#hq [+o evey] by HQBot17:18 <@molly> but yeah evey 17:18 <@molly> a domain would be good17:18 <@evey> read the thing in the topic17:18 <@molly> i need to get all the ips,sec17:18 !isla.operationfreedom.ru *** HQBot invited kayla into the channel17:18 -!- kayla [mysql2@fbi.gov] has joined #hq17:18 -!- mode/#hq [+o kayla] by HQBot17:19 <@kayla> *hugs* :D17:19 <@evey> hi kayla17:19 <@kayla> hey evey :D17:19 <@evey> evey == lexi

back

trac

esec

urity

.com

17:19 <@evey> well.. sorta anyway17:19 <@evey> :)17:19 <@kayla> ?17:21 <@molly> ungf17:21 <@molly> tflow, where do i find them17:21 <@molly> i need isla, twisted and triangle IP17:21 <@evey> kayla: I guess I'm a diff person that I was yesterday :)17:21 <@molly> i only have tackle and triumpg17:22 <@molly> tho triangle and twisted are missing :S17:22 <@molly> evey, well can you add tackle and triumph for now?17:22 <@evey> kk17:22 <@kayla> evey what do you mean?17:22 <@evey> what IPs17:22 <@evey> and what is the name of the A record17:22 <@molly> tackle: 77.91.227.23717:22 <@molly> triumph: 77.91.225.16817:23 <@kayla> is sabu here?17:23 <@molly> haven't seen him talk today17:24 <@evey> kayla: well I disappeared all records I could disappear easily of me on the internet... in a month or so I should be difficult to find on google17:24 <@evey> the way I figure it17:24 <@evey> my life is now about doing internet activism17:24 <@evey> so I don't need a linkedin anymore17:24 <@evey> which reminds me17:25 <@Topiary> My life is about eating cake17:25 <@molly> http://twitter.com/hypeonmedia << Aaron? :p17:25 <@kayla> my life is about doing what other ppl tell me i can't do17:26 <@molly> lol17:26 <@molly> you can't h4x the NSA! :)17:26 <@kayla> molly try his common passwords with it :D?17:26 <@kayla> is it a new one?17:26 <@molly> pretty new17:26 <@evey> kayla: you can't make me a sandwhich :)17:26 <@kayla> molly i allready have NSA hacked bb <317:26 <@evey> cause I'm too far away :P17:26 <@Topiary> already tried, doesn't work17:27 <@Topiary> he would have changed passes anyway17:27 <@molly> 42 tweets...17:27 <@kayla> i would hope so too 17:27 <@kayla> who are staff here :D?17:27 <@kayla> 1staff17:27 <@molly> heh what you do with nsa?17:27 <@kayla> !staff17:27 <@molly> < staff17:28 <@molly> so is avunit and sabu17:28 <@kayla> jst curious :D17:28 <@evey> what does staff mean17:28 <@evey> here17:28 <@evey> do you get a company car?

back

trac

esec

urity

.com

17:28 <@molly> irc admins17:28 <@molly> lol17:28 <@molly> yeah.. but we're still waiting17:28 <@molly> for our Ladas17:28 <@Topiary> You've never been in the Topiarymobile?17:29 <@molly> company cars are black vans. they may come unexpected..17:29 <@evey> no I don't exist in RL so.. I can't get into cars17:29 <@evey> I work for the TLA... we have pink helicopters17:30 <@evey> the bad guys are so disconcerted by our colours that they stand still17:30 <@evey> so we can black bag them17:30 <@molly> uuuuuhhh hello kitty apaches?17:30 <@evey> ya17:30 * molly wants one, too17:31 <@evey> my daddy didn't buy me a pony so I had him sent to a secret prison in poland17:32 <@evey> I wonder how they found out there is 3000 renditions a year17:33 <@kayla> http://emptywheel.firedoglake.com/2011/02/16/chet-uber-contacted-hbgary-before-he-publicized-his-role-in-turning-in-bradley-manning/17:33 <@kayla> oooooh17:33 <@kayla> my daddy didn't buy me an icecream so i had him sent to guatanamo bay17:33 <@kayla> :317:34 <@kayla> said he luv his new orange suit :317:34 <@molly> Wow17:34 <@molly> MORE OUT OF THE PANDORA'S BOX17:34 <@molly> thx kayla <317:35 <@evey> kayla: wow that sounds awful, you poor thing! I hope someone else got you an ice cream!17:36 <@evey> can we say to aaron that we will trade all of his s3cr3ts for a pony17:37 <@evey> not sure how we would transport the pony17:37 <@evey> but...17:44 <@evey> hey17:44 <@evey> might be an idea17:44 <@evey> to ask people you suspect of being aaron17:44 <@evey> if he will allow you to send him details17:44 <@evey> about anon17:45 <@evey> cause you think what he was doing was great and clever17:45 <@evey> then send him a pdf research doc on magnetism17:47 <@kayla> :o17:47 <@kayla> but our magnatism hacks are priv817:48 <@evey> oh you hacked magnetism? :O I didn't know? can we change the north pole/south pole... cause... I wanna see what would happen17:49 <@molly> eh, seriously... the story we told ars technical was false flag17:49 <@molly> actually we owned hbgary with fucking magnets17:50 <@kayla> tru.dat17:50 <@kayla> lots of magnets17:51 <@kayla> swarms and swarms of magnets17:51 <@evey> ok DNS now points opfreedom.anonleaks.ch @ triumph + tackle17:51 <@kayla> magnets on magnets17:51 <@evey> plus triumph and tackle are now A records that point at those machines17:51 <@kayla> so who's server are all these hosted here?

back

trac

esec

urity

.com

17:51 <@evey> DNS is hosted by PRQ17:52 <@evey> for anonleaks.ch17:52 <@molly> which reminds me...17:52 <@molly> oh that is old17:52 <@evey> and the server is managed by semisecure folks17:52 <@molly> http://bofh.ch/bofh/bofh6.html17:52 <@molly> <317:52 <@evey> same one that crowdleaks is on17:52 <@evey> laurelai is an admin kayla17:52 <@molly> read that in case you don't know it (=17:53 <@molly> evey, oh nice... ah good domain choice, thanks17:54 <@molly> need to be on the road again for a moment17:54 <@evey> it was tflows idea17:55 <@evey> anyways I was thinking17:55 <@evey> about how this works17:56 <@evey> I was thinking of setting up a holding company that would be managed by someone trustworthy... called semisecure which would own all the hardware17:56 <@evey> it would also be a site that would show people how to secure themselves17:56 <@evey> with step by step on how to set up OTR17:56 <@evey> etc.17:56 <@evey> Enigmail17:57 <@evey> two factor auth on gamil17:57 <@evey> *gmail17:57 <@evey> which servers are friendly toward DMCA17:57 <@evey> then there would be a group called crowdleaks17:57 <@evey> and they would be a media outlet registered in sweeden17:57 <@evey> sorry17:57 <@evey> I mean iceland17:58 <@evey> now all the same admin team that handle semisecure17:58 <@evey> would handle the crowdleaks server17:58 <@evey> as well as all the money etc.17:58 <@evey> so crowdleaks is protected by the fact that it's a mediaoutlet and the IMMI17:58 <@evey> from exposing sources etc17:59 <@evey> then we have anonleaks which is completely anon and has no actual physical existence18:00 <@evey> but is hosted by semisecure as well for free18:00 <@evey> so both crowdleaks and anonleaks don't need to trust anyone at all18:00 <@evey> with passwords/dns etc18:00 <@evey> that is all handled for them18:01 <@evey> the focus would be on the data18:01 <@evey> and the contacts18:07 <@evey> what is the name of the server at 92.241.162.21618:09 <@tflow> what do you mean 'name'?18:09 <@tflow> hbgary.anonleaks.ch?18:10 <@evey> well18:10 <@evey> tackle is one... triumph is another18:10 <@evey> what are you calling it18:11 <@evey> it is easy to say18:11 <@molly> isla ?18:11 <@evey> triumph is done

back

trac

esec

urity

.com

18:11 <@evey> *down18:11 <@molly> no18:11 <@evey> rather than XXX.XXX.XXX.XXX18:11 <@molly> i am on triumph18:11 <@evey> is down18:11 <@evey> yeah I know it is not down18:11 <@tflow> oh18:11 <@evey> I'm giving an example18:11 <@tflow> vlad18:11 <@molly> sec18:11 <@evey> kk ty18:11 <@tflow> name = vlad18:11 <@tflow> why, just for internal reference? ;-)18:12 <@evey> well actually unless you have an objection I would like to add A records 18:12 <@evey> to each machine18:12 <@evey> so I don't have to remember IP addresses18:12 <@evey> :)18:13 <@tflow> vlad.anonops.net resolves to it18:13 <@tflow> if that's what you mean18:13 <@tflow> also18:14 <@tflow> i suggest setting the ttl to something like 5-10 minutes18:14 <@evey> yeah?18:14 <@evey> why?18:15 <@tflow> well18:15 <@evey> cause that just means that if the DNS goes down18:15 <@evey> then it's gone really quick18:15 <@tflow> sometime in the future we might have to be constantly on the move18:15 <@tflow> hm18:15 <@tflow> true18:15 <@tflow> what's the ttl now?18:18 <@evey> erm..18:18 <@evey> I didn't change the ttl18:18 <@evey> so it just says -18:20 <@tflow> I can't seem to resolve hbgary.anonleaks.ch atm.18:20 <@tflow> also I have 301 redirected everything from anonleaks.ru to .ch18:20 <@tflow> so seo juice should be flowing in soon18:21 <@tflow> i.e. hbgary.anonleaks.ru/abc will redirect to hbgary.anonleaks.ch/abc18:25 <@kayla> hmmm need to speak to sabu ;/18:26 <@kayla> if someone see sabu let me know :D18:27 <@molly> okay back18:27 <@molly> kayla: use memoserv?18:28 <@kayla> ill just wait for him to come online :)18:28 <@molly> evey, tflow so are tackle/triumph rechable directly via domain now?18:29 <@tflow> well it seems that there is no nameservers set for operationfreedom.ru18:29 <@tflow> only for anonleaks.ru for some reason18:30 <@molly> whatever happened to that domain anyway?18:30 <@tflow> changed ownership18:30 <@molly> same as anonleaks?18:30 <@molly> (yeah i can look...)

back

trac

esec

urity

.com

18:30 <@Laurelai> hi kayla 18:30 <@molly> yah.. e-mail: auction@nic.ru18:30 <@molly> hm.18:31 <@molly> yes, they have changed the ns back18:31 <@molly> for anonleaks.ru they didn't bother heh18:32 <@kayla> Laurelai :D <318:33 <@evey> hi Laurelai18:38 <@evey> http://network-tools.com/nslook/Default.asp?domain=hbgary.anonleaks.ch&type=255&server=ns.prq.se&class=1&port=53&timeout=5000&go.x=22&go.y=1318:59 <@molly> hmm irc domains not working yet?18:59 <@molly> 00:58 -!- Irssi: Connecting to opfreedom.anonleaks.ch [77.91.225.168] port 666718:59 <@molly> although hmm that is triumpg19:00 <@molly> oh hm19:00 <@molly> only ssl works20:11 <@Laurelai> heya kayla 20:11 <@kayla> Laurelai ;)20:12 <@Laurelai> :D20:12 * Laurelai hugs kayla 20:13 * molly hugs all20:13 <@molly> so many girls here20:13 <@molly> and only one is fake \o/20:13 <@Laurelai> im not fake20:13 <@Laurelai> im trans20:13 <@evey> molly was talking about herself20:13 <@evey> I think20:13 <@evey> :)20:13 <@evey> himself20:13 <@evey> ..sorry20:13 <@evey> moly20:14 <@molly> haha indeed20:14 <@molly> didn't expect new truths coming out lol20:14 <@kayla> :o20:14 <@kayla> :D20:15 <@Laurelai> lol molly 20:15 <@kayla> \:D/ i love you all 20:15 <@Laurelai> i dont hide who i am20:15 <@molly> here you don't need to. although, honestly.. i prefer NOT knowing too much personal details about any of you20:15 * molly strongly believes in "need to know principle"20:15 <@Laurelai> well im not gonna post my home address itc20:16 <@Laurelai> lol20:16 <@Laurelai> but im pretty open20:16 <@molly> damn, i thought that reverse psychology trick would work20:16 <@Laurelai> though if you want to hang out for coffie20:16 <@Laurelai> :p20:17 <@molly> well, if you come to defcon20:17 <@molly> you can find me: look for someone wearing a HBGaryFederal shirt :)20:18 <@Laurelai> oh im deffo coming to defcon

back

trac

esec

urity

.com

20:18 <@evey> what is defcon like?20:18 <@evey> when is it?20:19 <@molly> july/august weekend usually20:20 <@molly> after that is cccamp20:20 <@molly> 2 weeks after20:28 <@kayla> go2 defcon, fuck shit up20:29 <@molly> hehe20:29 <@molly> good old flyers20:30 <@molly> defcon is just a cool party20:30 <@molly> never go to talks. maybe 1.20:30 <@molly> if a VERY good friend is holding one20:33 <@Nessuno> kayla are u a beautiful disaster?20:33 <@kayla> whats tht suposed to mean xD thats like =!20:33 <@kayla> beautiful and disaster ?20:33 <@kayla> xD20:34 <@kayla> i sure do love to make a mess of things :320:34 <@Nessuno> :D20:37 <@molly> http://hbgary.com/hbgary_letter_021711_final.pdf20:37 <@Nessuno> xyrix20:38 <@Nessuno> OMG20:38 <@Nessuno> they are fail20:46 <@kayla> lol i hacked xyrix, i took all his accounts back when those fags took 4chans DNS20:46 <@kayla> i used his accounts to troll various IRCOP's so hard tht they thought me = xyrix and added me to his ed page lol, i lol'd and left it as it is as a reminder of WB's failure20:46 <@kayla> we had cele crying on the phone20:48 <@kayla> With regard to some of the information that came to light as a result of the publishing of stolen information, I want to assure you that your HBGary team did not participate in the development of the proposals that have been the focus of media attention. As most of you know, HBGary, Inc. and HBGary Federal are separate companies and have different management. The media confusion around this point has been unfortunate and we have been working diligently to correct it.20:48 <@kayla> lol at them now trying to distance themselfs from federal 20:48 <@kayla> hahahahaha20:48 <@kayla> but gre and them all knew what was happening20:48 <@molly> as i tweeted20:48 <@kayla> so they are stil to blame20:49 <@molly> "we lack words"20:49 <@molly> i mean by the emails it's fucking clear they were ALL fucking involved20:49 <@molly> there is no point in denying this20:50 <@kayla> yeh :D20:51 <@molly> AnonymousIRC "The media confusion around this point has been unfortunate" -- No, #HBGary. Unfortunate is your incompetence and your dirty business.20:51 <@molly> grr.20:53 <@molly> okay THIS is the BREAK server channel20:53 <@Topiary> tweeted twice about that hilarious PDF20:54 <@Topiary> dude, what the fuck are they smoking over at HB Gary20:54 <@Topiary> can I just have the all clear to post their universal passwords?20:54 <@Topiary> on twitter20:54 <@Topiary> for lulz20:54 <@kayla> anyone got the mails to hand, somoen can post the entire email chain showing all

back

trac

esec

urity

.com

those involved?20:55 <@kayla> im using my dads laptop and dont have here my netbook is fried D;20:56 <@molly> Topiary, well by now they changed them anyway20:56 <@molly> hmm its hundreds of mails about carious stuff20:56 <@molly> but i guess the wikileaks thing is enough20:57 <@Topiary> actually I can still log into Aaron's webex account, his old linkedin, Ted's flickr and his intuit20:57 <@molly> rly? :o20:57 <@molly> hmm then it's a trap.20:57 <@kayla> i would have loved to get their sourcecode :p20:57 <@kayla> and found bugs in it!!20:57 <@kayla> that would have been funny20:58 <@molly> yeah.. well.. tell that sabu :p20:59 <@Topiary> I should post passes for llz20:59 <@molly> Topiary, why not?20:59 <@molly> do it.. you know my twitter wont do that :p20:59 <@Topiary> hm, might get suspended from twatter20:59 <@molly> saitam @AnonymousIRC I appreciate that #HBGary didn't password protect changes in the PDF. Why bother if it gets hacked anyway... #lessonlearned21:00 <@molly> lol21:00 <@molly> yeah, maybe21:00 <@molly> thats why i dont do it :)21:01 <@kayla> sabu has their src :D?21:01 <@kayla> i'd devote all my time to find exploitable bugs in it21:01 <@kayla> :D21:02 <@tflow> nah, he deleted all the backups :-(21:02 <@kayla> HBGAY-bypass.c21:02 <@kayla> heh :D21:02 <@Topiary> http://twitter.com/#!/atopiary/status/3841804089073664021:03 <@kayla> Ted Vera, Colossal Faggot of HBGary21:03 <@kayla> xD21:05 <@Topiary> arasita@mac.com21:05 <@Topiary> adbarr@mac.com21:05 <@Topiary> adbarr@me.com21:05 <@Topiary> aaron@hbgary.com21:05 <@Topiary> does Aaron use any more?21:07 <@kayla> not sure :D21:08 <@kayla> kk i gtg :D i'll u all tomorrow or somethign <3 <3 <3 21:08 <@kayla> see*21:08 <@Topiary> Ciao.21:09 <@kayla> :3 <321:09 -!- kayla [mysql2@fbi.gov] has quit [Quit: :D :o :P ;D :3 ]22:13 <@molly> ..22:13 <@Topiary> how are you typing when this place does not exist?22:14 <@molly> grr, i hate missing backlog22:14 <@molly> would need to look up in my irssi22:15 <@molly> [04:14] * #hq :Only servers may set channel mode +q22:15 <@Laurelai> heya22:15 <@molly> and wtf is this!

back

trac

esec

urity

.com

22:15 <@molly> ohai Laurelai 22:15 <@molly> channel mode?22:15 <@molly> mhh22:15 <@Topiary> Laurelai, you are a spai and we've known this for ages, but we just let you in here to cover up the other secret-secret channel22:15 -!- mode/#hq [+o armitage] by molly22:15 <@molly> mh22:16 <@Laurelai> Topiary: cool story bro22:16 <@evey> oh yes laurelai should be added to the anonleaks.ch google apps22:17 <@Laurelai> Topiary: im in ur irc spain for lulz22:17 <@Laurelai> :p22:17 <@Topiary> I know you are fakegregghoush, I know you are22:18 <@Laurelai> lol22:18 <@Topiary> your base have belong to me for many moons22:18 <@Laurelai> lol22:18 <@evey> that's no moon22:18 <@evey> >.>22:18 <@Laurelai> hahaha22:20 <@Laurelai> hey22:20 <@Laurelai> is the google apps22:20 <@Laurelai> enabled for mobile devices22:21 <@evey> is now22:22 <@molly> evey, so btw.. is contact@ forwareded?22:22 <@evey> contact@ goes to everyone22:22 <@evey> who has an email address22:24 <@evey> do we have access to the other two IPs that the A record points to?--- Day changed Fri Feb 18 201100:30 <@Laurelai> http://ai.moh.gov.bh/FAQp2.asp?rid='1000:30 <@Laurelai> http://www.noga.gov.bh/en/eventdetails.asp?event='106400:30 <@Laurelai> http://www.noga.gov.bh/en/media_events.asp?event='106700:30 <@Laurelai> http://www.noga.gov.bh/en/newsdetails.asp?news='93900:30 <@Laurelai> have fun00:44 -!- evey [ouija@HA-b0c.smh.b454mb.IP] has quit [Ping timeout: 121 seconds]01:14 <@Laurelai> hey Topiary you around04:48 -!- Irssi: #hq: Total of 9 nicks [6 ops, 0 halfops, 0 voices, 3 normal]05:21 !isla.operationfreedom.ru *** HQBot invited evey into the channel05:22 -!- evey [user@HA-4tt.nib.lci946.IP] has joined #hq05:22 -!- mode/#hq [+o evey] by HQBot07:01 -!- evey [user@HA-4tt.nib.lci946.IP] has quit [Quit: ]08:02 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @armitage, @Nessuno, @tflow, @Topiary10:51 <@molly> Laurelai, ??11:00 -!- Nessuno834 [nessuno@HA-6c4.s5e.qempvl.IP] has joined #hq11:00 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq11:00 -!- mode/#hq [+o tflow] by HQBot11:56 -!- armitage [armitage@freeside.tessier-ashpool.org] has joined #hq11:56 -!- mode/#hq [+ao armitage armitage] by HQBot12:04 <@molly> Hmmm12:04 <@molly> Sabu

back

trac

esec

urity

.com

12:04 <@molly> where art thou? :(12:05 -!- Sabu [sabu@HA-gtr.7ha.1dmvoo.IP] has quit [Ping timeout: 121 seconds]12:05 <@molly> ungh12:53 !isla.operationfreedom.ru *** HQBot invited Topiary into the channel12:53 -!- Topiary [trouble@do.the.impossible] has joined #hq12:53 -!- mode/#hq [+o Topiary] by HQBot12:57 !isla.operationfreedom.ru *** HQBot invited evey into the channel12:58 -!- evey [user@HA-4tt.nib.lci946.IP] has joined #hq12:58 -!- mode/#hq [+o evey] by HQBot12:58 <@evey> hey13:00 <@molly> ohai!13:00 <@molly> wtf is going on?13:00 <@molly> laurelai is still online.. on both nets. just idle?13:01 <@molly> also.. search is broken for some reason. 13:01 <@molly> and i am talking to gregg atm13:06 <@molly> currently, from what i can put together, it looks like somoneone is trying to play you and laurelai against gregg13:24 <@Topiary> If it's worth anything, I've talked to Gregg frequently since early December, and I don't think he's doing any of the shit these people are accusing him of16:09 -!- Nessuno834 [nessuno@HA-6c4.s5e.qempvl.IP] has quit [Quit: Leaving]16:15 !isla.operationfreedom.ru *** HQBot invited nessuno into the channel16:15 -!- nessuno [fag@fagz.fagz] has joined #hq16:15 -!- mode/#hq [+o nessuno] by HQBot16:16 <@nessuno> this network need more jb17:00 <@molly> this network needs more sabu 17:09 !isla.operationfreedom.ru *** HQBot invited kayla into the channel17:09 -!- kayla [mysql2@fbi.gov] has joined #hq17:09 -!- mode/#hq [+o kayla] by HQBot17:09 <@molly> hey kayla <317:09 <@kayla> hey :-)17:10 <@molly> still haven't seen sabu. he pinged out earlier :/17:10 <@kayla> :/17:10 <@kayla> so whats new :D?17:10 <@kayla> have i missed anything?17:11 <@molly> not much .. just talked 2h to a german journalist17:11 <@molly> about hbgary & co17:11 <@molly> he was impressed and stunned about what we did hehe17:13 <@kayla> yeh :D Parmy Olson said she wanted to speak to me so i might aswell lol xD17:14 <@molly> heh .. yeah why not. 17:14 <@molly> i mean... it's all out anyway 17:15 <@kayla> yeh she seems nice :D17:17 <@molly> wrote good stuff about us so far.. she talked with Topiary i think17:17 <@molly> he has her seduced i guess17:17 <@kayla> :p17:17 <@Topiary> I've spoken with her about 100 times17:17 <@Topiary> since December17:18 <@Topiary> almost as seduced as Alyona17:18 <@Topiary> http://www.youtube.com/watch?v=4bU6fT9pulg17:19 <@tflow> I wonder why page seems all f'ed up in their browser though

back

trac

esec

urity

.com

17:19 <@Topiary> was curious about that17:19 <@Topiary> "can't help but think that Alyona is boning one of the leaders of Anonymous..and if she isn't...does she want to? ;)17:19 <@Topiary> infastructureFissure 3 days ago"17:19 * Topiary zips up17:20 <@kayla> lol :D17:20 <@kayla> naughty!!!17:20 <@kayla> :D17:20 <@kayla> i though you loved me D:17:21 * molly still lubs kayla madly17:21 <@Topiary> Un4chanately not17:21 <@Topiary> you know the second time I did the Alyona Show, a couple of Anon's voices accidentally got broadcast to the entire studio (including control room computers) while we were doing sound test with one of their producers17:21 <@Topiary> we were listening in on one of their live practices (we could actually fucking see them through video too) and we started giggling17:21 <@kayla> </317:21 <@Topiary> it got played EVERYWHERE17:22 <@Topiary> their cameramen were making the best faces you'd ever seen.17:22 <@Topiary> and pretty sure were Alyona shout "FFFFFFUUUUUUUUUCK" when messing up a line17:22 <@Topiary> *heard17:23 <@kayla> :o17:23 <@kayla> such rude language 17:23 <@kayla> wait :D/ cameras :D? you've been on tv :D?17:24 <@Topiary> just voice with no name, don't want to facefag/namefag too much17:24 <@kayla> omg i might go all coldbloog and media whore :D17:24 <@kayla> coldblood*17:24 <@Topiary> srs17:24 <@Topiary> he did that too much17:24 <@kayla> yeh i know im not that dumb17:24 <@kayla> xD17:25 <@Topiary> I've done probably 150+ talks/interviews since Payback, unfortunately Topiary was included in maybe 4 of them17:25 <@molly> you got namefagged already kayla17:25 <@Topiary> so when I get called a media whore I want to punch some fags17:25 <@molly> http://www.dailykos.com/story/2011/02/15/945095/-HBGary;-further-fallout17:26 <@Topiary> I'm namefagged left, right and center because of pastebin logs of #ophbgary (you guys are too) and that dumb stuxnet thing17:26 <@molly> they all got it wrong though17:26 <@molly> the social engineering was just the sideshot on rootkit.com17:26 <@molly> hbgary was owned before 17:27 <@Topiary> we should really do a timeline17:27 <@kayla> yeh but i don't mind google "kayla" it's why i dont use a handle because nicks are actually easier to pin point ;) standing out from the croud is never good 17:28 <@kayla> i normally put .'s in my mails too because they it's unsearchable by google17:28 <@kayla> then*17:29 <@Topiary> I don't mind "Topiary" being googled either17:29 <@kayla> s.o.m.e.t.h.i.n.g.l.i.k.e.t.h.i.s@something.com

back

trac

esec

urity

.com

17:29 <@molly> yes.. well, thats why i got away from q (although i never used that nick before)17:29 <@molly> but it got too much attention17:29 <@molly> but one letter nicks are good17:29 <@molly> they are hard to google17:29 <@kayla> but googleing Q would have returned millions of results on google 17:29 <@Topiary> kayla: That's smart17:29 <@molly> yup17:32 <@Topiary> I am now the proud owner of two ikiLeaks' shirts, a duffel bag, four stickers, three mugs and ten buttons.17:32 <@kayla> :D17:32 <@kayla> iki17:32 * molly brb17:32 <@kayla> lol stickyleaks xD17:32 <@kayla> eww17:32 <@Topiary> The Internet po-po cut out my dubya17:33 <@kayla> thats tht deep packet inspection!!! :D17:33 <@kayla> your shits getting monitored :D17:33 <@kayla> do you SSH proxy ?17:33 <@kayla> :D17:33 <@kayla> you should!17:34 <@kayla> http://en.wikipedia.org/wiki/Deep_packet_inspection it happens more commonly than you think17:35 <@kayla> Lawful interception17:35 <@kayla> Service providers are required by almost all governments worldwide to enable lawful intercept capabilities. Decades ago in a legacy telephone environment, this was met by creating a traffic access point (TAP) using an intercepting proxy server that connects to the government's surveillance equipment. This is not possible in contemporary digital networks. The acquisition component of this functionality can be provided in many ways, including DPI, DPI enabled products that a17:35 <@kayla> HTTP over SSH 17:36 <@kayla> allways :)17:36 <@kayla> SSL is not enough17:36 <@kayla> and some browsers default to DES17:36 <@kayla> xD17:36 <@kayla> fucking DES17:36 <@kayla> you have to force your broswer to use AES17:37 <@kayla> i don't trust SSL17:37 <@kayla> ssl stripped has been public for a long time now17:37 <@kayla> and SSL can be MITM17:37 <@kayla> not hard to forge certificates17:38 <@kayla> i don't trust TOR either, traffic is only encrypted untill it reaches the exit node it even says this on their site17:38 <@kayla> and people have been sniffing exit nodes for years now17:39 <@kayla> the huuuuuge embasy leak tht happend a few years back was because of TOR nodes being sniffed17:39 <@kayla> connecting to any US TOR exit nodes is bad too, alot of gov honeypots who work with child protection services monitor TOR because disgusting pedos use it 17:40 <@kayla> the gov and everyone WANT you to think such means are "secure"17:40 <@kayla> so you get in your comfort zone and think you are safe17:41 <@kayla> tbh there's not alot i do trust :D

back

trac

esec

urity

.com

17:42 * kayla puts her tinfoil hat on :317:45 <@Topiary> As long as you don't go past your front door and think the people on the street are all working together in an elaborate conspiracy to kill you, you're fine17:45 <@kayla> people outside trying to do what to me :O?17:45 * kayla peeks through the curtain :317:45 <@kayla> xD17:46 <@nessuno> kayla whyusohot?17:47 <@kayla> http://luxsci.com/blog/256-bit-aes-encryption-for-ssl-and-tls-maximal-security.html17:47 <@kayla> atleast force your browser to use AES ^^^^17:47 <@kayla> nessuno :p 17:48 <@nessuno> <317:48 <@kayla> make sure to stick DES and 3DES at the bottom of the list and/or remove them17:49 <@kayla> DES got pwned 20 someting years ago17:53 <@molly> backZ17:54 <@molly> i trust in mah VPN <317:56 <@kayla> http://wiki.vpslink.com/Instant_SOCKS_Proxy_over_SSH for windows fags17:56 <@kayla> :D17:57 <@molly> kayla, oh that's a nice howto17:57 <@molly> *bookmark*17:58 <@kayla> all your HTTP traffic is encrypted over SSH17:58 <@kayla> you can set UP IM to use it too17:58 <@molly> yes i know how that works heh17:58 <@molly> just the presentation is nice, will keep that to hand around17:59 <@kayla> :D17:59 <@molly> but i don't need it. for irc i am going thru VPN and then connect to my anon heihachi box, which runs screened irssi17:59 <@molly> irssi connceted to localhost <318:00 <@kayla> see if you set up a silc server you can't irssi from a server, you can but then your priv key is stored in your home DIR on the server you going to IRC from which isn;t a really good/secure idea, it's best to install irssi local and have it connect via SSH proxy and keep your priv key on your local machine18:01 <@molly> in the worst possible case they can trace me back to my vpn exit node. and that is fully crypted and does not keep any logs18:01 <@molly> well... i would. if i had root on the boxes. we have to wait for avunit/sabu 18:01 <@kayla> see thats anoter thing i don't trust, screen'd irssi :D i've hijacked sooooo many irssi sessions from diving in to someones screens and pretending to be them, sometimes they are IRCOP and logged in to services18:02 <@molly> how would you dive into my screen?18:02 <@molly> only avunit and i have access to that box.18:02 <@kayla> if someone hacks that box18:02 <@kayla> it's not hard to get to your screen sessions 18:02 <@molly> well.. then we have worse problems18:02 <@molly> than my screened irssi18:02 <@molly> as the ircd is running there. and a hbgary mirror :)18:02 <@kayla> true :) but im trying to make a point :)18:03 <@molly> yeah, got your point18:03 <@molly> as for my real box18:03 <@molly> really if it gets hacked.. i am not in worry about my irssi18:03 <@kayla> is why i dont idle ircs or use bnc's much because it's easy to hijack if they get access

back

trac

esec

urity

.com

to the server 18:03 <@molly> im worried more about other stuff18:04 <@molly> yup in general you're right18:04 <@molly> but it's just convenient .. especially if you have like 4+ networks and 50 channels18:05 <@kayla> but the most convenient is never the most secure :p18:06 <@molly> of course not. it contradicts usually18:06 <@molly> the more convenient the less secure18:06 <@molly> http://i.imgur.com/OblRW.gif18:07 <@molly> it's always a compromise18:07 <@Topiary> that gif is amazing18:09 <@kayla> ppi just dont want to see anyone go to prison \:D/18:09 <@kayla> -pp18:09 <@kayla> xD18:09 <@molly> i think ppl here know what they are doing18:10 <@molly> also, even IF they could grab me.. they would have nothing on me18:10 <@molly> they would find no logs no anything.18:10 <@Topiary> Of course, no proxy, Internet Explorer 8, Windows Vista, Norton antivirus, paris-hilton.exe18:10 <@molly> :-)18:10 <@kayla> :D Topiary you have to have Limewire.exe too to be pr018:11 <@Topiary> That being said I could probably learn a lot more from you fags18:11 <@kayla> Limewire is completely safe :318:11 <@molly> btw kayla.. did Q on wikileaks actually took note of aaron's research and that omnious Q, Co-Leader of anonymous?18:13 <@kayla> how do i know lol xD18:13 <@molly> i dunno i thought maybe you had heard somthing18:13 <@molly> just curious18:14 <@kayla> now im confused xD i thought you were q18:14 <@kayla> xD?18:14 <@molly> yeah.. but apparently there is a Q on wikileaks. several ppl asked me if i was him18:15 <@molly> i love hit how diff. ppl on diff. networks use same nicks18:15 <@molly> it makes the job of all the aaron's so much more difficult heh18:15 <@kayla> yeh :D18:15 <@Topiary> In my many years of IRC, nobody has ever used Topiary18:16 <@molly> i can confirm that18:16 <@molly> never seen that nick before :)18:16 <@kayla> like i say "kayla" and "q" are very common :D18:17 <@molly> yep, so is molly i guess18:17 <@nessuno> I seen topiary18:17 <@molly> also a cbherphunk reference is always good18:17 <@nessuno> it was some polish18:17 <@kayla> polska :318:18 <@nessuno> u polish kayla18:23 <@molly> http://www.psnathome.com/general/ps3-hackers-can-now-ban-legitimate-users-and-unban-consoles.html18:23 <@molly> lulz18:23 <@molly> reminds me of hbgary18:25 <@Topiary> I love how that story is developing18:25 <@Topiary> it's like m$ whining about Xbawks hackers upgrading firmware all day every day

back

trac

esec

urity

.com

18:25 <@molly> fun times indeed18:25 <@molly> did you read that cryptome article?18:26 <@Topiary> >implying anyone would pay 40USD for Assassin's Creed18:26 <@molly> hehe18:38 <@molly> http://arstechnica.com/tech-policy/news/2011/02/black-ops-how-hbgary-wrote-backdoors-and-rootkits-for-the-government.ars?utm_source=twitterfeed&utm_medium=twitter&utm_campaign=rss18:39 <@kayla> ars have been digging deep in those mails :D18:40 <@molly> that's why the webinterface rox so much18:40 <@molly> any press can dig as deep as they want18:41 <@kayla> :D18:50 <@Topiary> That's fucking deep.18:58 <@molly> Topiary, http://twitter.com/#!/aaronbarr18:58 <@molly> he got it back heh18:59 <@Topiary> He did indeed18:59 <@Topiary> I've been tweeting to the twat18:59 <@molly> let me guess, he is ignoring you? 19:00 <@Topiary> Yessir19:00 <@Topiary> When I was in his account, I deleted all of his PMs except one to some Chinese security firm, then I replied with "you are a faggot"19:00 <@Topiary> I wonder if he saw that19:00 <@molly> lol19:21 <@molly> [01:20] <ooOO00_> there are indeed no emails to embassy stored that xould e if interest19:22 <@molly> [01:20] <ooOO00_> what i catched was mass of persoal data(also from other hosted sites=19:22 <@molly> well, that guy has a dump of bahrain gov emails19:22 <@molly> they are in english19:22 <@molly> this may be very juicy19:25 <@molly> [01:24] <ooOO00_> someone familiar with cold fusion coding?19:25 <@molly> [01:24] <ooOO00_> i need a dump class placed, how do i register it as custom cfc tag19:27 <@tflow> he said that there are no emails of interest tho19:28 <@molly> he did? uhhm. 19:28 <@tflow> >there are indeed no emails to embassy stored that xould e if interest19:28 <@molly> mhh19:30 -!- evey [user@HA-4tt.nib.lci946.IP] has quit [Ping timeout: 121 seconds]20:06 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal]21:19 !isla.operationfreedom.ru *** HQBot invited evey into the channel21:22 <@molly> Topiary, ?21:22 <@molly> jester gives you 6 minutes *gasp*21:23 <@molly> you're under an ultimatum!21:32 <@molly> tflow, regarding govt IPs21:32 <@molly> it would be interesting to see, WHAT they are looking at21:32 <@molly> do they search something specific, etc21:34 <@molly> Topiary21:34 <@molly> confirm if you're there21:37 !isla.operationfreedom.ru *** HQBot invited evey into the channel21:37 -!- evey [evey@HA-g7p.j9k.65sbfj.IP] has joined #hq

back

trac

esec

urity

.com

21:37 -!- mode/#hq [+o evey] by HQBot22:12 <@molly> oh noez22:12 <@molly> 04:11 <@th3j35t3r> believe in the fact that a 16 year old kid from wiscosin will take some heat.22:12 <@molly> poor kayla being DIRECTLY threatened! /o\22:19 <@evey> :O22:19 <@evey> she is from states?22:19 <@evey> :(22:19 <@molly> don't worry about her22:19 <@molly> :)22:19 <@evey> k22:20 <@evey> jester... seems like a bit of a clown22:20 <@evey> why is topiary doing this dance with him22:27 <@Topiary> LOL22:27 <@Topiary> I am one line away form blowing Jester's fucking brains22:43 <@molly> hmm22:43 <@molly> need new persona!22:43 <@molly> lulz22:43 <@molly> he's really touchy if someone mentioned he is doxxed22:48 <@Topiary> Do you know p35t3r?22:48 <@molly> nope22:48 <@molly> i dont know anyone there except rodent22:49 <@molly> he's an ircop and cool22:49 <@molly> rather neutral22:49 <@molly> well, "know" is exaggerated lol22:49 <@Topiary> Nah, Pester is a twitter troll that Jester hates entirely22:49 <@molly> the only nick i know :)22:50 <@molly> nah, i usually stayed away from that entirely22:50 <@molly> just enjoyed some entertainment22:59 <@evey> he seems like an idiot22:59 <@evey> why do you talk to him?23:00 <@Topiary> To understand him more23:00 <@evey> oh look it's 4am UTC23:01 <@Topiary> I knew what I was doing, don't worry23:01 <@evey> I'm not worried it just seemed like a waste of time23:01 <@Topiary> Ah, a small waste of time now leads to things later23:01 <@evey> he is like the man who would be king in there23:59 <@molly> [05:56] <thegreengateway> are there any old school anonymous present??? any that go way back??23:59 <@molly> oh23:59 <@molly> not in there?23:59 <@molly> #anonymous on anonops23:59 <@molly> oh you are 23:59 <@molly> my client fails--- Day changed Sat Feb 19 201100:16 <@molly> anyone here?00:16 <@molly> Topiary, 00:16 <@molly> tflow, 00:16 <@molly> evey, ?

back

trac

esec

urity

.com

00:40 <@evey> what?00:40 <@evey> someone die?00:40 <@molly> hm no all good00:41 <@molly> just been invited to some strange chan on anonops00:41 <@molly> have the nagging feeling it's a trap00:44 <@evey> trap?00:44 <@evey> like #kill?00:44 <@evey> or like #partyvan00:45 <@molly> the latter00:45 <@evey> how would they go about trapping you?00:48 <@molly> hmm00:48 <@molly> sec00:49 <@molly> hm nah cant copy all that... well00:49 <@molly> they basically want to reform anonymous00:49 <@molly> and are looking for people who have influence00:49 <@molly> to navigate them somehow00:49 <@molly> i am not sure yet00:51 <@evey> how do they want to reform anonymous?00:52 <@molly> not sure okay, lemme paste some stuff00:52 <@molly> [06:44] <thegreengateway> anon was a force to be reckoned with00:52 <@molly> [06:44] <thegreengateway> now it is largely ignored...00:52 <@molly> [06:45] <q> oh00:52 <@molly> [06:45] <thegreengateway> so will you support us...00:52 <@molly> [06:45] <q> actually HBGary showed quite the opposite00:52 <@molly> [06:45] <q> 'expect us'00:52 <@molly> [06:46] <thegreengateway> expect...yah...but where are we??00:52 <@molly> [06:46] <thegreengateway> on the irc...oooo...00:52 <@molly> [06:46] <thegreengateway> we don;t attack...we don't use force...00:52 <@molly> [06:47] <thegreengateway> wtf is the point if not to make our point...00:52 <@molly> [06:47] * Eyecon|afk is now known as Eyecon00:52 <@molly> [06:47] <q> well what is YOUR point?00:52 <@Topiary> I don't fucking trust his "..." one bit, that is how Aaron talks.00:52 <@molly> [06:47] <q> i still don't really get it, apart from "Lets make a darknet" and do stuff00:52 <@molly> [06:47] <q> not much difference from here00:52 <@molly> [06:48] <thegreengateway> that we need to step up as a whole...that those with the skills take action instead of sitting back and waiting...00:53 <@molly> [06:48] <thegreengateway> that anonmyous become the collective it once was...00:53 <@molly> [06:49] <thegreengateway> that as a collective we take out those who opress00:53 <@molly> [06:49] <Eyecon> I'm not certain, as regards the "how" or "what", specifically... but it is grossly obvious - to me, at least - that SOME sort of dramatic change needs to happen in Anonymous.00:53 <@molly> [06:49] <Eyecon> What those changes should be, or how they should be brought to fruition, as I said, I just don't know at this point. But...00:53 <@molly> [06:50] <Eyecon> Meh. That's all I got. 00:53 <@molly> [06:50] <thegreengateway> lol00:53 <@molly> [06:50] <q> one thing we can agree on already00:53 <@molly> [06:50] <q> we must make clear that we are NOT wikileaks00:53 <@molly> [06:50] <q> especially after anonleaks00:53 <@molly> [06:50] <Eyecon> ^

back

trac

esec

urity

.com

00:53 <@molly> [06:51] <thegreengateway> it needs to happen...wheather we take out the current anon and repalce it with an active one...or we work behind the script...that remains to be seen00:53 <@molly> [06:52] <thegreengateway> wikileaks....thats the fucking most retarded thing i've seen yet...00:53 <@molly> Topiary, EXACTLY00:53 <@molly> my thought00:53 <@molly> but.. i dont wanna be so paranoid to cry "it's aaron" just yet00:53 <@molly> i play along00:53 <@molly> dwaan is in that channel too00:53 <@molly> wtf is he?00:54 <@molly> probably invited by aaron00:54 <@molly> as the australian keyplayer00:54 <@molly> lol00:54 <@Topiary> We have to be fucking careful of these troll bastards.00:54 <@molly> yup00:54 <@molly> and who is eyecon?00:54 <@Topiary> Not sure about that either... people keep changing nicks and it confuses the hell out of me.00:54 <@molly> let me ask them00:54 <@molly> if i can invite you?00:55 <@Topiary> Which channel is it?00:55 <@molly> well you will know then00:55 <@molly> is it okay?00:55 <@Topiary> Sure.00:55 <@molly> ill ask first there00:56 <@molly> [06:55] <q> can i invite topiary?00:56 <@molly> [06:55] <q> or can you.00:56 <@molly> [06:55] <q> his input may be valuable.00:56 <@molly> [06:56] <thegreengateway> if they are trusted yes...00:56 <@molly> [06:56] <q> yes he is01:13 <@molly> lulz01:13 <@Topiary> [06:12:51] <Topiary> thegreengateway: You're a delusional troll, fuck off.01:13 <@Topiary> [06:12:53] =-= q was booted from #opReform by Hal9000 (Requested (thegreengateway))01:13 <@Topiary> [06:12:56] <--| YOU (Topiary) have left #opReform01:13 <@Topiary> I really ruined your streak of being subtle01:13 <@molly> :)01:14 <@molly> meh, there was no point in being subtle01:14 <@Topiary> Operation Reform indeed, what a prick01:14 <@Topiary> Wouldn't be surprised if it were one of the twittertrolls01:14 <@molly> yup01:15 <@molly> some troll operation01:19 <@Topiary> [06:01:10] === Eyecon: member of &#opReform, #lounge, #WikiLeaks, #whitefaxegypt, #ultimateleaks, #target, #Setup, #recruit, #propaganda, #over9000, #opyemen, #opTunisia, #OpSaudi, #opNewZealand, ~#opmonsanto, #opmesh, #opLibya, #opitaly, #OpIran, #OperationPayback, #Operationfreedom, #operationBOA, #operationbinayaksen, #opegypt, #opDownSyndrome, #opclueless, #opchina, #opBackupNet,...01:19 <@Topiary> ...#leakspin, #HBGary, #hackers, #deface, #crowdleaks, #anonsec, #anonops, #anonnews, #anonleaks, and #anarchism

back

trac

esec

urity

.com

01:19 <@Topiary> Jesus fucking hell01:20 <@molly> ./whois tflow :)01:20 <@Topiary> Just noting the lack of access in all of those01:20 <@molly> mm01:20 <@molly> yeah01:20 <@molly> fits01:20 <@molly> trolls or even garytrolls01:21 <@Topiary> he's in #over9000 too01:21 <@Topiary> very trolly01:22 <@molly> yup01:22 <@molly> i think ju will put out a nice article01:23 <@molly> he was truly impressed01:23 <@molly> i'll scan it.. though he will probably send us a copy anyway01:27 <@Topiary> Indeed01:28 <@Topiary> it was a good interview, you did well01:29 <@molly> he won't quote anything out of context either01:29 <@molly> i know c't, we did that precious interview.. we translated that.01:40 <@molly> Topiary, #anonnews01:40 <@molly> that one guy is active there, too01:43 -!- armitage [armitage@freeside.tessier-ashpool.org] has quit [Killed (molly (go away))]01:43 -!- molly is now known as armitage01:43 -!- mode/#hq [+a armitage] by HQBot01:43 -!- armitage [millions@freeside.tessier-ashpool.org] has quit [Changing ident]01:43 -!- armitage [armitage@freeside.tessier-ashpool.org] has joined #hq01:43 -!- ServerMode/#hq [+ao armitage armitage] by isla.operationfreedom.ru04:28 -!- Avunit [Avunit2@netadmin.operationfreedom.ru] has quit [Ping timeout: 121 seconds]09:21 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru, triumph.operationfreedom.ru quits: @evey, @armitage, @nessuno, @tflow, @Topiary09:21 -!- Netsplit over, joins: &armitage09:24 -!- Netsplit trust.operationfreedom.ru <-> triumph.operationfreedom.ru quits: @armitage09:26 -!- Netsplit over, joins: &armitage09:29 -!- Netsplit over, joins: @evey, @tflow, @Topiary, @nessuno09:29 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @evey, @nessuno, @tflow, @Topiary09:34 -!- Netsplit over, joins: @evey, @tflow, @Topiary, @nessuno09:34 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @evey, @nessuno, @tflow, @Topiary09:39 -!- Netsplit over, joins: @evey, @tflow, @Topiary, @nessuno09:39 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @evey, @nessuno, @tflow, @Topiary09:44 -!- Netsplit over, joins: @evey, @tflow, @Topiary, @nessuno09:44 -!- Netsplit trust.operationfreedom.ru <-> tackle.operationfreedom.ru quits: @evey, @nessuno, @tflow, @Topiary09:45 -!- Netsplit over, joins: @evey, @tflow, @Topiary, @nessuno09:52 <&armitage> Topiary, ?10:17 <@Topiary> Laurelai: ?10:17 <@Topiary> armitage: ?10:18 <&armitage> heya Topiary .. hmm care to check with sabu?10:18 <@Topiary> Sure, in a bit

back

trac

esec

urity

.com

10:18 <&armitage> coo11:06 -!- Irssi: #hq: Total of 7 nicks [6 ops, 0 halfops, 0 voices, 1 normal]11:16 <&armitage> tflow, also, heard anything from av, is he good?13:44 <@evey> hi16:50 <@Topiary> Just called, it was Sabu's friend, Sabu is all fine16:51 <&armitage> good :-)16:51 <&armitage> thx topi17:03 <@evey> ?17:03 <@evey> what happened?17:05 <&armitage> nothing.. was just a little worried since sabi been offline for a while17:05 <&armitage> sabu*17:06 <@nessuno> do u worry abt me armitage17:07 <&armitage> you're around often enough, don't need to :)17:08 <@nessuno> im not around enought aparent17:11 <@evey> I worry about everyone :S17:11 <@evey> I'm a professional though17:11 <&armitage> nessuno hmm? we talk basically daily..17:18 <@nessuno> yag20:41 <@Topiary> armitage20:41 <@Topiary> can you retweet this? http://twitter.com/#!/atopiary/status/3913735101586227220:41 <@Topiary> tl;dr donation fund to help protests in oppressed countries not get sniffed out20:41 <@Topiary> helps buy them nice things20:42 <&armitage> already did that20:42 <@Topiary> well shit20:42 <@Topiary> you active motherfucker20:42 <&armitage> twitterfall usually always running on one screen 20:43 <@Topiary> ah, how many displays you got up?20:43 <&armitage> just 2 atm--- Log closed Sat Feb 19 21:46:50 2011\

back

trac

esec

urity

.com

Hubris I will hunt you down to the ends of the earth and the end of time. You will take your own miserable life rather than endure what I will bring down upon you which will be nothing short of the Wrath of mother fucking God you miserable lousy fucking piece of shit. And if you are a member of this rotten little association of liars pass the word, and you might want to reconsider your alliance because when I find you you will PRAY for death to come to you.

Commander X

PLF Field Commander

PeoplesLiberationFront.orgopV@mailinator.com64.134.144.41

64.134.144.41 IP address location & more:IP address [?]: 64.134.144.41 Copy [Whois] [Reverse IP]IP country code: USIP address country: ip address flag United StatesIP address state: VirginiaIP address city: SterlingIP postcode: 20166IP address latitude: 38.9881IP address longitude: -77.4755ISP of this IP [?]: WAYPORTOrganization: Washington Dulles International AirportLocal time in United States: 2011-03-19 12:45

WHOIS information for PeoplesLiberationFront.org :

[Querying whois.publicinterestregistry.net][whois.publicinterestregistry.net]NOTICE: Access to .ORG WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registryregistry database. The data in this record is provided by Public Interest Registryfor informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator or any ICANN-Accredited Registrar, except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.

Domain ID:D161561878-LROR

back

trac

esec

urity

.com

Domain Name:PEOPLESLIBERATIONFRONT.ORGCreated On:20-Feb-2011 19:11:46 UTCLast Updated On:20-Feb-2011 19:11:51 UTCExpiration Date:20-Feb-2012 19:11:46 UTCSponsoring Registrar:Lime Labs LLC (R1764-LROR)Status:CLIENT DELETE PROHIBITEDStatus:CLIENT TRANSFER PROHIBITEDStatus:CLIENT UPDATE PROHIBITEDStatus:TRANSFER PROHIBITEDRegistrant ID:4511142002207680Registrant Name:Freedom FighterRegistrant Organization:PLFRegistrant Street1:1206 Masonic AvenueRegistrant Street2:Registrant Street3:Registrant City:San FranciscoRegistrant State/Province:CARegistrant Postal Code:94117Registrant Country:USRegistrant Phone:+1.8315158571Registrant Phone Ext.:Registrant FAX:Registrant FAX Ext.:Registrant Email:plf666@mailinator.netAdmin ID:4511142002207680Admin Name:Freedom FighterAdmin Organization:PLFAdmin Street1:1206 Masonic AvenueAdmin Street2:Admin Street3:Admin City:San FranciscoAdmin State/Province:CAAdmin Postal Code:94117Admin Country:USAdmin Phone:+1.8315158571Admin Phone Ext.:Admin FAX:Admin FAX Ext.:Admin Email:plf666@mailinator.netTech ID:4511142002207680Tech Name:Freedom FighterTech Organization:PLFTech Street1:1206 Masonic AvenueTech Street2:Tech Street3:Tech City:San FranciscoTech State/Province:CATech Postal Code:94117Tech Country:USTech Phone:+1.8315158571Tech Phone Ext.:Tech FAX:Tech FAX Ext.:Tech Email:plf666@mailinator.net

back

trac

esec

urity

.com

Name Server:NS1.LIMEDOMAINS.COMName Server:NS2.LIMEDOMAINS.COMName Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: DNSSEC:Unsigned

Official reply: "To the PLF Commander, NUTS!, The American Commander"