BUTTPLUG Server Security Challenge. Can YOU Crack It?

[Butterfly]

QC - why the fuck bother? I don't know a single person that takes butters computer expertise claims seriously. He has been publically burned again, and again and again.

oh shut up, nidhogg, you boring twat. What's your expertise ? oh I forgot, forum gossip and being a boring idiot

since you have no clue about computers, I doubt you could make such wonderful judgment calls. Fool.

[Butterfly]

Anyway, it's been over two hours since Necron showed you how to find a server and it is still ticking along fine.

more stories being made long, a new goal post. I didn't realize I had to execute myself immediately it was posted. Don't worry, I will go sniff your open ports on that IP in due time.

Looks like your 5 minute rootkit that was reduced in desperation to a 1 minute rootkit needs a little more work or are you still compiling the kernel you are going to install onto the machine?

always take your target by surprise, not fun if you are expecting within the hours. Best to strike when you least expect it and start looking around for the one responsible

FFS, even a small DoS should put your BB hosted server on its knees

[Necron99]

3 hour 14 minutes..........

[Butterfly]

-He cries that I am collecting IP addresses of people who view pics I host on my server which would be totally futile as CSFFan gently points out.

hardly futile since you proceeded to post threats in repos over that very same IP you collected, simply because I was calling you a stupid mac tard, which you are btw. Doesn't this alone speak volume about your stalking capacity ?

[Butterfly]

3 hour 14 minutes..........

go fuckup another thread mod retard,

[Necron99]

-He cries that I am collecting IP addresses of people who view pics I host on my server which would be totally futile as CSFFan gently points out.

hardly futile since you proceeded to post threats in repos over that very same IP you collected, simply because I was calling you a stupid mac tard, which you are btw. Doesn't this alone speak volume about your stalking capacity ?

Question time.

You say he collected your IP via his server hosting images hotlinked to that test thread.
But when I posted the thread for you, you said you had never seen it?

Could be wrong but I doubt he would get the IP of the user anyway, he would get TD's IP as it is the TD site making the call.

But anyhow, explain again how he got your IP from a thread you said you have never seen???


Would you like me to use my awesome Super Mod powers to make all this embarrassment go away Butters?

[Butterfly]

-He whinges that my webserver is not a "real" webserver despite (a) it is serving files and (b) it is doing it over the web. I never made any claims about what it was doing apart from serving files over the web. Which it is. Ergo it is a webserver.

you are getting desperate dude,

[Butterfly]

You say he collected your IP via his server hosting images hotlinked to that test thread.
But when I posted the thread for you, you said you had never seen it?

good question actually. I don't remember seeing this thread ever, but again do you remember every shit threads you visit on TD ? of course not,

Could be wrong but I doubt he would get the IP of the user anyway, he would get TD's IP as it is the TD site making the call.

If you click to zoom on the image or copy/paste the link of the image to your address bar, then it would be your IP that would be logged by the webserver. Certainly don't remember doing that over his crappy pictures. Hence, me asking where he got it from, and his non-sense response about Slackware, proxy, php exploits etc... obviously a retard.

Would you like me to use my awesome Super Mod powers to make all this embarrassment go away Butters?

fuck you, keep it here, it's doing fine with the usual mac retards

[slackula]

FFS, even a small DoS should put your BB hosted server on its knees

Yes, I know that. I wrote that it would be easy to overload in the fucking thread that Necron linked you halfwitted cretin. Here is how I put it:

I haven't really put image hosting through ts paces yet, it'll be interesting to see what happens if I put an image onto a high-traffic forum; I predict that my network card will melt or something.

always take your target by surprise, not fun if you are expecting within the hours. Best to strike when you least expect it and start looking around for the one responsible

Is that why you are now suggesting a DoS attack? You sound more and more like Inspector Clouseau with each post, "Aha, ze eauld tek ze target ba surpreese pleauy". No wait, scratch that, Clouseau is Sherlock frikking Holmes compared to you.

You might have a point if you hadn't been bragging about what you were going to (try to) do all over the place and within minutes not hours according to you. And then failing to do anything...

QC - why the fuck bother? I don't know a single person that takes butters computer expertise claims seriously. He has been publically burned again, and again and again.

For the lulz and boredom.

What's your expertise ? oh I forgot, forum gossip and being a boring idiot since you have no clue about computers, I doubt you could make such wonderful judgment calls. Fool.

He clearly knows that everything you say about computers is bullshit, which is true as you have proved so well in this very thread. That's more than you know, I think you actually believe the crap you spout.

[pseudolus]

3 hour 14 minutes..........

go fuckup another thread mod retard,

Ah ha - that explains a lot.

[Butterfly]

back to the topic

You might have a point if you hadn't been bragging about what you were going to (try to) do all over the place and within minutes not hours according to you. And then failing to do anything...

wtf, still making up stories, aren't you, fuck face ? let me remind you how it went:

- You sent me a repo about me making fun of mactards, in the repo you send an IP address claiming it was mine and you should report me for abuse. I mean WTF psycho ???? I was making fun of mac tards, don't take it personally.
- Then I call you publicly in your little stalking activity and was wondering if you were a mod on TD to get my IP
- Then instead you accuse me, as the chav that you are, of trying to attack your crappy webserver on your crappy home ADSL, and that's how you got my IP. Hellooooo Earthhhhh ???? fucking chav logic.
- I tell you that if I wanted to hack your crappy webserver, it would have be done already and you wouldn't know it. Like I give a fuck about your crappy shitty webserver. I asked you to post the IP of the crappy webserver to see what's the fuck the crappy server is about and what kind of open ports it has since I still have no clue which IP I am accused of trying to fuck with.
- For some reasons, you take this as some kind of "mighty" challenge, probably to validate your poor ego and your shitty IT skills for building a webserver, but for some reasons don't want to post the IP address. Fucking strange fucker you are, and a stalking one too.
- Someone has to post your crappy webserver IP because you are scared to do it yourself. In the meantime, in typical Chav style, you accuse me of all kind of shit, making assumption about the OS, dynamic IP etc... I mean WTF pyscho chav ??? Too much sun in Phuket ???
- More accusations that I can't take your challenge and I have no skills to hack your crappy webserver. Again, WTF ??? so why make the exact opposite accusations 2 pages before ?

Conclusion: you are a fucking mental Chav who live in Phuket, probably teaching English or pimping his Thai girlfriend, and run "i486-slackware-gnu" on a dynamic IP 3BB network with port 8080 open and run "NT3BB-1PWN-122 FTP version 1.0" on port 2121 (Port Forwarding). It seems 2121 is traditionally used by some crappy service knows as "ccproxy-ftp", it's full of vulnerabilities, which could explain why you were being scanned, as you were an easy target. Basically, the signature of a crappy webserver.

I will strike and own you shit server when I feel like it, not when you dictate it to me in some shit thread. Comprende ?

[hillbilly]

back to the topic

You might have a point if you hadn't been bragging about what you were going to (try to) do all over the place and within minutes not hours according to you. And then failing to do anything...

wtf, still making up stories, aren't you, fuck face ? let me remind you how it went:

- You sent me a repo about me making fun of mactards, in the repo you send an IP address claiming it was mine and you should report me for abuse. I mean WTF psycho ???? I was making fun of mac tards, don't take it personally.
- Then I call you publicly in your little stalking activity and was wondering if you were a mod on TD to get my IP
- Then instead you accuse me, as the chav that you are, of trying to attack your crappy webserver on your crappy home ADSL, and that's how you got my IP. Hellooooo Earthhhhh ???? fucking chav logic.
- I tell you that if I wanted to hack your crappy webserver, it would have be done already and you wouldn't know it. Like I give a fuck about your crappy shitty webserver. I asked you to post the IP of the crappy webserver to see what's the fuck the crappy server is about and what kind of open ports it has since I still have no clue which IP I am accused of trying to fuck with.
- For some reasons, you take this as some kind of "mighty" challenge, probably to validate your poor ego and your shitty IT skills for building a webserver, but for some reasons don't want to post the IP address. Fucking strange fucker you are, and a stalking one too.
- Someone has to post your crappy webserver IP because you are scared to do it yourself. In the meantime, in typical Chav style, you accuse me of all kind of shit, making assumption about the OS, dynamic IP etc... I mean WTF pyscho chav ??? Too much sun in Phuket ???
- More accusations that I can't take your challenge and I have no skills to hack your crappy webserver. Again, WTF ??? so why make the exact opposite accusations 2 pages before ?

Conclusion: you are a fucking mental Chav who live in Phuket, probably teaching English or pimping his Thai girlfriend, and run i486-slackware-gnu on a dynamic IP 3BB network with port 8080 open and run "NT3BB-1PWN-122 FTP version 1.0" on port 2121. It seems 2121 is traditionally used by some crappy service knows as "ccproxy-ftp", it's full of vulnerabilities, which could explain why you were being scanned, as you were an easy target. Basically, the signature of a crappy webserver.

I will strike and own you shit server when I feel like it, not when you dictate it to me in some shit thread. Comprende ?

Now this is more like old style TD!

[slackula]

and run "i486-slackware-gnu" on a dynamic IP 3BB network with port 8080 open and run "NT3BB-1PWN-122 FTP version 1.0" on port 2121 (Port Forwarding).

lol, Bravo!

"NT3BB-1PWN-122 FTP" indeed? Wow, impressive. You should have googled a bit more though - that is the model number of a free router that 3BB hands out, the ftp server report is coming from there...

8080 may be open but nothing is listening on it, you can pound it like your boyfriend does your port 0 all night long but you won't get any joy. The server is running on good old port 80.

Why didn't you mention port 25? Sendmail is listening on that one, surely somebody with your prodigious skills can have some fun on that.

SSH is open too, but not where you'd normally look and port-knocking is configured so good luck getting into that.

[baldrick]

and was wondering if you were a mod on TD to get my IP

whats wrong with just sending a repo with a pic that is hosted on a server to which you have access to logs ?

though won't help much if the person is connected via a VPN tunnnel - but I doubt many TD'ers are

with port 8080 open

8080 is normally used by an internal proxy

[Butterfly]

8080 is normally used by an internal proxy

says who ? baldrick

8080 have been used by a number of applications for ages and they are not proxy,

maybe you should get out more, 8080 is not normally reserved for proxy anymore, not since 2000 at least

[Butterfly]

"NT3BB-1PWN-122 FTP" indeed? Wow, impressive. You should have googled a bit more though - that is the model number of a free router that 3BB hands out, the ftp server report is coming from there...

god, you are retarded. This is the response from the server when port 2121 is queried. Of course it will response with some header label mentioning the router, since you are using the router port forwarding service FFS, hence why I mention port forwarding in parentheses fuckface. Actually you could trick entrants by putting a different service behind 2121 with the wrong label so actually FTP wouldn't be served. That would harden your fucking crappy server, but you wouldn't know that since you have no fucking IT security skills.

8080 may be open but nothing is listening on it, you can pound it like your boyfriend does your port 0 all night long but you won't get any joy. The server is running on good old port 80.

hate to break it to you, but the port is open, and it's bind. Could be your router though for admin access, usually 8080 for outside entrants

Check your crappy router manual in PDF that is available everywhere on the Web

Why didn't you mention port 25? Sendmail is listening on that one, surely somebody with your prodigious skills can have some fun on that.

again hate to break it to you but 3BB "close" port 25 for Home ADSL to stop spam and spambots from using PCs as zombie and spam machine. You are so stupid, you probably didn't notice

SSH is open too, but not where you'd normally look and port-knocking is configured so good luck getting into that.

you would be stupid to let it at 22, indeed, surprised you didn't. Have you tried using your ssh port outside Thailand though. Probably not. Like I said, crappy webserver and crappy setup for crappy admin.

[kingwilly]

It's a nerd battle.

[kingwilly]

[nidhogg]

It's a nerd battle.

Not quite.

[david44]

For those of a less technical bent
Explain to us morons in Kent
Is the port that is open
Passed left by Big Ben
Are you coming or went?

[slackula]

but you wouldn't know that since you have no fucking IT security skills.

Evidently I have enough to stop a big mouthed belgian wanker from fulfilling a single one of the threats he has tossed around for the last few days. So there's that.

Check your crappy router manual in PDF that is available everywhere on the Web

So you googled it finally? Well done.

again hate to break it to you but 3BB "close" port 25 for Home ADSL to stop spam and spambots from using PCs as zombie and spam machine. You are so stupid, you probably didn't notice

They also close port 80 and a couple of others until you ring them up and say you want to run a mail server and web server then they open them up for you if you ask nicely. But I'm sure you knew that. Give me your email address and I'll prove it for you...

Actually you could trick entrants by putting a different service behind 2121 with the wrong label so actually FTP wouldn't be served

FTP isn't being served from the web server. Just because whatever port-sniffer you downloaded onto daddy's computer tells you that it is doesn't make it true. But I'm sure you knew that too.

Continue waving your cock in the air all you like, get back to me when you have actually managed to do anything, anything to my crappy server that you have been proclaiming would be so easy because we are waaaaaay past the one minute that you said it would take to knock it offline.


Run along now sugartits, mama is calling you in for lunch.

[Topper]

Check your crappy router manual in PDF that is available everywhere on the Web

Isn't the manual being available on the web a good thing?

I'm dying to know...after you hacked his server, what cool stuff did you learn?

[slackula]

I'm dying to know...after you hacked his server, what cool stuff did you learn?

Me too.

Anyway, I have decided to document the method and development of the attack to serve as a warning to others. It is called the Butterfly Security Reports, "buttsecs" for short.

buttsecs

From now on pictures I post on TD will be hosted there. Until I get bored again.

C'mon buttplug - the server is taunting you..

[pseudolus]

^ I always thought I had too much time on my hands. Compared to you though, QC, I'm a fricking workaholic.

[nidhogg]

Check your crappy router manual in PDF that is available everywhere on the Web

Isn't the manual being available on the web a good thing?

I'm dying to know...after you hacked his server, what cool stuff did you learn?

Pshaw. I think QC extensive goat porn stash is safe enough.