http://valhalla.allalla.com/2013/08/htp-owned-x2-enjoy-my-french-kiss-rf/
seems after 2 weeks, and a CRAP load of ddos from these lamers… was time to attack, again… this time i found a neat way thru telnet bug on debian… to do some fun stuff… here is the reason, or oneof them…and here is my reply….
[09:29am] <~xd> wat total lamers
[09:29am] <~xd> not even efnet has such skids
[09:29am] <~xd> thts saying alot
[09:31am] <~xd> ]# telnet ipv6.nullstate.se 80
[09:31am] <~xd> Trying 2001:470:c2cd::6667…
[09:31am] <~xd> Connected to ipv6.nullstate.se.
[09:31am] <~xd> Escape character is ‘^]’.
[09:31am] <~xd> hihi
[09:31am] <~xd> <!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>
[09:31am] <~xd> <html><head>
[09:31am] <~xd> <title>501 Method Not Implemented</title>
[09:31am] <~xd> </head><body>
[09:31am] <~xd> <h1>Method Not Implemented</h1>
[09:31am] <~xd> <p>hihi to / not supported.<br />
[09:31am] <~xd> </p>
[09:31am] <~xd> <hr>
[09:31am] <~xd> <address>Apache/2.2.16 (Debian) Server at ipv6.nullstate.se Port 80</address>
[09:31am] <~xd> </body></html>
[09:31am] <~xd> Connection closed by foreign host.
[09:31am] <~xd> abnnoying centos
[09:31am] <~xd> ah debian
[09:31am] <~xd> centos gives it str8 away
[09:32am] <~xd> # telnet ipv6.nullstate.se 80
[09:32am] <~xd> Trying 2001:470:c2cd::6667…
[09:32am] <~xd> Connected to ipv6.nullstate.se.
[09:32am] <~xd> Escape character is ‘^]’.
[09:32am] <~xd> POST rm -fr /
[09:32am] <~xd> catch yas
[09:32am] <~xd> lol
[09:32am] <~xd> they running apache on /
[09:32am] <~xd> silly
[09:32am] <~xd> <!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>
[09:32am] <~xd> <html><head>
[09:32am] <~xd> <title>408 Request Time-out</title>
[09:32am] <~xd> </head><body>
[09:32am] <~xd> </head><body>
[09:32am] <~xd> <h1>Request Time-out</h1>
[09:32am] <~xd> <p>Server timeout waiting for the HTTP request from the client.</p>
[09:32am] <~xd> <hr>
[09:32am] <~xd> <address>Apache/2.2.16 (Debian) Server at ipv6.nullstate.se Port 80</address>
[09:32am] <~xd> </body></html>
[09:32am] <~xd> Connection closed by foreign host.
[09:32am] <~xd> dead
whats matter… nomore boxes left for me to kill ?? oh darn, i feel so sorry for u,… i doooo….
After reading this, I feel more sorry for xd than ever. He's under the impression that he just rm'd somebody, by using telnet to send HTTP request headers containing arbitrary commands!
POST rm -fr / HTTP/1.1\r\nThe very idea that Apache could be so easily exploited is ridiculous, yet xd seems to believe it. Sadly, xd didn't even format his HTTP request headers properly, and as expected, his request got timed-out. True to his delusional and idiotic nature, xd interprets the HTTP response as the result of him rming the server, which never happened, nevermind the fact that / refers to the httpd's root dir and not the root dir of the box itself. It's also hilarious that xd thinks that this bug exists let alone has something to do with telnet (I suppose using telnet makes him feel like a leet hecker, which he will never be). It has become evident that xd is past the point of no return and beyond salvation, and it isn't surprising given the extent that xd will lie to himself in order to rationalize his absurd and idiotic decisions. My recommendation to him is to stop blogging and embarrassing himself any further.
[09:25am] <~xd> sure
[09:26am] <~xd> hiding behind a monitor making physical threats to someone who would crush them with left arm alone. tough…. adios …..
if your a lamer, then oneday, u to can have my rm -french kiss
love ya…another haqnet production…
xd
Fjear the xd! He has 0day Apache exploits and he will rm you!
No comments:
Post a Comment