NOTE: Why not use our List Manager to crack your lists? Its easy and enables better management.

NOTE: When cracking WPA/WPA2 passwords, make sure you check gpuhash.me first incase it's already been processed.

Home - General Discussion - Retarded hack scanning attempt!


6 Results - Page 1 of 1 -
1
Author Message
Avatar
blandyuk
Admin / Owner
Status: Trusted
Joined: Tue, 05 Jul 2011
Posts: 3195
Team: HashKiller
Reputation: 4152 Reputation
Offline
Fri, 09 Nov 2012 @ 15:43:50

OK, someone has tried again to hack my sites, hence my bandwidth sucked-ass for awhile. They are now banned and here is their IP:

92.48.112.71

There are open ports: http, https, remote desktop, netbios

http://www.mxtoolbox.com/SuperTool.aspx?action=scan%3a92.48.112.71

Have fun!


Please read the forum rules | Please read the paid section rules
I accept private hash lists, with forum donations only.
BTC: 15qF9WUeFUD63ishxyAMiEgGqTcYzk4j9b
GPU Power: 9x GTX 1070 + 4x GTX 1080

Avatar
M@LIK

Status: n/a
Joined: Fri, 02 Mar 2012
Posts: 558
Team:
Reputation: 208 Reputation
Offline
Fri, 09 Nov 2012 @ 15:53:15

No... Not again...


Avatar
Hash-IT

Status: Trusted
Joined: Tue, 02 Aug 2011
Posts: 4598
Team: HashKiller
Reputation: 2982 Reputation
Offline
Fri, 09 Nov 2012 @ 22:28:52

blandyuk said:

OK, someone has tried again to hack my sites, hence my bandwidth sucked-ass for awhile. They are now banned and here is their IP:

92.48.112.71

There are open ports: http, https, remote desktop, netbios

http://www.mxtoolbox.com/SuperTool.aspx?action=scan%3a92.48.112.71

Have fun!

Thank you for defending our little home here Blandy.

Just out of interest, how are you sure that the IP you have belongs to the actual hacker ?

Surly they use vulnerable wifi AP's or something similar ? You might be unleashing the wrath of md5decrypter.co.uk members on an innocent victim

Don't get me wrong if you know for sure that the IP certainly is the little squirt that tried to do us harm then fair enough tinker with his ports !!

Just wondering how you know that's all, if it is a trade secret then I understand.


Please read the forum rules. | Please read the paid section rules.

BTC: 1MmWESN5bKZ1YSuHrm5uNwnQYxWyQnEQ6E

Avatar
marslander

Status: n/a
Joined: Sun, 10 Jun 2012
Posts: 59
Team:
Reputation: 0 Reputation
Offline
Tue, 13 Nov 2012 @ 07:31:53

compromised pc probably.. remote desktop enabled is nothing but trouble..


Avatar
blandyuk
Admin / Owner
Status: Trusted
Joined: Tue, 05 Jul 2011
Posts: 3195
Team: HashKiller
Reputation: 4152 Reputation
Offline
Tue, 13 Nov 2012 @ 09:10:03

Yeah I know it could be a compromised PC, hence they could be using it like a proxy but searching the IP on Google finds all sorts of interesting things about it lol

I posted the IP so users can have a play etc. The only open ports on my server is 80 (http) obviously, hence thats the only method of attack.


Please read the forum rules | Please read the paid section rules
I accept private hash lists, with forum donations only.
BTC: 15qF9WUeFUD63ishxyAMiEgGqTcYzk4j9b
GPU Power: 9x GTX 1070 + 4x GTX 1080

Avatar
Hash-IT

Status: Trusted
Joined: Tue, 02 Aug 2011
Posts: 4598
Team: HashKiller
Reputation: 2982 Reputation
Offline
Tue, 13 Nov 2012 @ 23:04:13

If it doesn't give too much information away, can I ask what they were doing ?

Were they just trying to log in as a user here with brute force ? If so is there a way of banning an IP automatically after a number of failed attempts ?

I hope you don't ban TOR users !!


Please read the forum rules. | Please read the paid section rules.

BTC: 1MmWESN5bKZ1YSuHrm5uNwnQYxWyQnEQ6E


6 Results - Page 1 of 1 -
1

We have a total of 187861 messages in 23289 topics.
We have a total of 21126 registered users.
Our newest registered member is billdiggy.