

Astalavista Hack Act 2 - treo
http://pastebin.com/m592e1f1c

======
ilitirit
>> // We at anti-sec, hope you never heal :]

I hope I'm not the only one who thinks that this is taking things too far.
Compromising his server is one thing, compromising his health and delving into
his personal life and exposing the details of others who have no relation to
this little vendetta is another. Personally, I hope whoever is responsible
gets caught.

~~~
notdarkyet
Yeah I was coming to post the same thing. I "kind of" feel bad for this guy.
Granted he might not be the most ethical of people, this might be going a
little over the line. I wish I knew some back story as to why they are going
after him other than just the fact that they run a crappy site
(astalavista.com).

~~~
sorbus
It might be because he has a script to mirror milw0rm - line 1387 states "If
you by any means mirror milw0rm / exploits, you are a target and you _will_ be
rm'd. only a matter of time."

Maybe not the primary reason, but probably a contributing one.

------
mahmud
Seems like people are discovering "hacklogs"; they're published in scene zines
and are mostly harmful. The only reason to read them is for schadenfreude;
it's usually one hacker taking out another, I don't think the misfortunes of
civilians are logged.

For a glimpse into this, and for the most entertaining hacker interview ever
conducted, I invite you all to read the phrack interview with The Unix
Terrorist:

[http://phrack.org/issues.html?issue=65&id=2#article](http://phrack.org/issues.html?issue=65&id=2#article)

A magnificent display of ego, knowledge and balls. A laugh out loud tale of
human malice! A+.

~~~
noodle
i dunno if the _only_ reason is for schadenfreude.

i mentioned it in the other thread, but i read them to see what other people
are doing wrong in order to remind myself of what i need to do to do things
right.

~~~
mahmud
Hard to believe that. If you can grok the logs you probably know how and why
the hack works. Plus they're not too informative, for example, few of them
show the _version_ of an application under attack, and a good chunk of the
time you will see a line like:

    
    
      ~ $./domagic
      ~ #
    

Where `domagic` is published script.

There are good texts to read for security, and _imo_ , lamer logs are not
exactly at the top of that list. Read the public disclosures, advisories, PoC
code; not the private gloating of hackers :-)

~~~
noodle
most aren't super informative, no. but some are. most i skim, some i read.

never said this was the only type of thing i read.

~~~
mahmud
Let's not split hairs here. Of course you learn something from them, but be
honest, aren't you smiling the whole time you read them? They're hacker
tabloids; our version of seeing an actor in their fat, pale naked beach body.

I can't believe anybody would take a marker to a lamer log and "dive into it"
looking for Knowledge(TM).

~~~
noodle
i don't take a marker to anything i find on HN, yet i still participate in the
community and read the submissions in an effort to look for Knowledge(TM).

shrug.

------
jrnkntl
"sh-3.1$ wget <http://anti.sec.labs/MichaelScofield>

That, ladies and gentlemen, to escape from a jailshell is just plain funny.

------
treo
If anyone missed act 1: <http://news.ycombinator.com/item?id=642671>

------
ilitirit
Response on reddit:

[http://www.reddit.com/r/programming/comments/8r04o/pwned_par...](http://www.reddit.com/r/programming/comments/8r04o/pwned_part_2/c0a5vu5)

~~~
kragen
Response has been deleted.

------
ideamonk
__According to__ nowayout, it is fake <http://pastebin.com/m1ddc62d7> ,

bot nobody cares/agrees to him on #bhf

plus its a nice read indeed, as twitter.com/linuxing said "its like geek
porn..."

------
devicenull
While it sucks for the people involved, these posts just got me to go verify
that all my sites have backups setup, and that the backups cannot be deleted
via ftp

~~~
c00p3r
use scp instead.

~~~
devicenull
The backups are encrypted with gpg before they are sent anyway, so it's not a
big issue.

------
ideamonk
The good part - we get a view of what one does when on gets into your box,
this is good enough to build defense/alert systems against such activities...

~~~
lamnk
There is not much to learn: 99% of the hacklog is looking around (ls, cat,
mysql show tables ...), 1% is rm'ing and dropping database. Interesting things
like vulnerabilities, exploit methods were done by some appear-out-of-thin-air
magic scripts.

------
Torn
anyone got a dump? the pastebin entry was deleted

------
c00p3r
Good fiction! I think some pieces could be inserted in some hi-tech serials
and even books.

------
creep5
anti-sec should do something about Mr. Ankit Fadia too, he is one jerk who
would easily figure out in anti-sec's top 10 targets.

