EvilZone

Hacking and Security => Hacking and Security => : neusbeer November 18, 2011, 10:32:59 AM

: Anonops irc hacked
: neusbeer November 18, 2011, 10:32:59 AM

epic lol!
http://pastebin.com/mDJrP1Nk (http://pastebin.com/mDJrP1Nk)
Note: some logs of some people. what a n.rds (Some not all)

<daboogieman> now that i'm an oper im no longer accepting PM's from anyone because i feel that i have too much else to do ( being an oper and all)

What a wanker..
isn't the first time. http://arstechnica.com/tech-policy/news/2011/05/the-hackers-hacked-main-anonymous-irc-servers-seized.ars (http://arstechnica.com/tech-policy/news/2011/05/the-hackers-hacked-main-anonymous-irc-servers-seized.ars)

But, now they dumped the info.
and all the hashed passwords.. let's have look see ;-)
http://pastebin.com/0ygniAkB (http://pastebin.com/0ygniAkB) (remove the $ as end-of-line)
so.. this night I ran my wordlists over this list and found a 1/4 ;-)
http://pastebin.com/XmZV1dZV (http://pastebin.com/XmZV1dZV)

grinn..

I have a small feeling that most of the AnonOps users are kids..

: Re: Anonops irc hacked
: Stackprotector November 19, 2011, 01:36:32 AM

They are, the way the are used is to act like their personal botnet...

: Re: Anonops irc hacked
: FuyuKitsune November 19, 2011, 05:54:24 AM

lol, nice pass list. I like seeing all the kinds of crap passwords people have. They're almost all [letters/word]+[numbers]

: Re: Anonops irc hacked
: neusbeer November 19, 2011, 04:33:04 PM

lol.. a while ago I read a blog about being a 'hacker'.. and he stated: don't be anonymous.. be pride of your skills.. *and do the illegal things well hidden..
makes sence..
Why hide behind a group, when you can be in front of it! :-)

anyway

when I bruteforce some passwords lists most of the passwords are easy
[1/6 char] + numbers [0..99 - years 1960-2011]
My ruleset is based on this theory and I find a lot of passwords with that.

dictstat.py is a nice tool to check out the stats of password lists (or any other word lists)..
a while ago I bruteforced a hashed password list from BattleField Heroes Beta,
found 300.000 (have to say that the stats are a little bit off by the means I removed the dupes so it can be much worse than this :-))

Analyzing passwords: /cygdrive/l/Hacking/WorkingDir/nieuw4/hashes/passwords.txt
Analyzing 100% (300629/300629) passwords

NOTE: Statistics below is relative to the number of analyzed passwords, not total number of passwords

Line Count Statistics...
8: 29% (88069)
6: 24% (73133)
7: 16% (50153)
9: 14% (43893)
10: 08% (26519)
11: 03% (10442)
12: 01% (5333)
Mask statistics...
stringdigit: 44% (135158)
allstring: 37% (112711)
alldigit: 11% (35189)
digitstring: 01% (5099)
stringdigitstring: 01% (5008)
othermask: 01% (4827)
digitstringdigit: 00% (1714)
stringspecialdigit: 00% (382)
stringspecialstring: 00% (241)
stringspecial: 00% (213)
specialstringspecial: 00% (46)
specialstring: 00% (29)
allspecial: 00% (12)
Charset statistics...
loweralphanum: 45% (136559)
loweralpha: 35% (105723)
numeric: 11% (35189)
mixedalphanum: 04% (13916)
mixedalpha: 01% (5850)
upperalpha: 00% (1138)
upperalphanum: 00% (907)
loweralphaspecialnum: 00% (595)
loweralphaspecial: 00% (471)
mixedalphaspecialnum: 00% (174)
mixedalphaspecial: 00% (79)
special: 00% (12)
upperalphaspecialnum: 00% ( 8)
upperalphaspecial: 00% (8)

<cut>

so 29% is 8 char, 44% only contains char, 45% is lowercase.

people aren't very good in making stong passwords :-)

for AnonOps it's amost the same
I removed the special mask stats.. this shows the mask of a password, but most case it's [characters]+[num]

Analyzing passwords: /cygdrive/l/Hacking/WorkingDir/nieuw6/rls/found.txt
Analyzing 100% (622/622) passwords

NOTE: Statistics below is relative to the number of analyzed passwords, not total number of passwords

Line Count Statistics...
9: 28% (175)
10: 21% (133)
8: 16% (100)
11: 11% (74)
12: 09% (62)
13: 03% (22)
14: 02% (17)
7: 01% ( 8)
15: 01% (8)
16: 01% (7)
Mask statistics...
stringdigit: 39% (248)
allstring: 33% (206)
othermask: 11% (71)
alldigit: 04% (30)
stringdigitstring: 03% (19)
digitstring: 01% (12)
stringspecial: 01% ( 8)
stringspecialdigit: 01% (7)
stringspecialstring: 01% (7)
digitstringdigit: 00% (6)
specialstringspecial: 00% (3)
allspecial: 00% (3)
specialstring: 00% (2)
Charset statistics...
loweralphanum: 44% (276)
loweralpha: 30% (192)
mixedalphanum: 08% (51)
numeric: 04% (30)
loweralphaspecial: 03% (19)
mixedalphaspecialnum: 02% (15)
loweralphaspecialnum: 02% (15)
mixedalpha: 01% (11)
upperalphanum: 00% (4)
upperalpha: 00% (3)
special: 00% (3)
mixedalphaspecial: 00% (2)
upperalphaspecial: 00% (1)

: Re: Anonops irc hacked
: FuyuKitsune November 19, 2011, 06:57:29 PM

That's pretty sweet. I'll go pick up dictstat.

lol, you might want to disable smilies in your post, all your 8s are cool-guy sunglasses

: Re: Anonops irc hacked
: neusbeer November 21, 2011, 12:35:51 PM

euh? I don't see sunglasses 8) <- this one?
It shows a clean text to me. profile option wrong?

dicstat is also handy with large wordslist. to inspect them.

: Re: Anonops irc hacked
: Kulverstukas November 21, 2011, 01:33:36 PM

: neusbeer November 21, 2011, 12:35:51 PM

euh? I don't see sunglasses 8) <- this one?
It shows a clean text to me. profile option wrong?

dicstat is also handy with large wordslist. to inspect them.

It's because I disabled it for you :)

: Re: Anonops irc hacked
: neusbeer November 21, 2011, 02:28:21 PM

because? ;D
I smile to much? grinn