Wednesday, January 6, 2010

IP addresses you should hack and not feel bad about

Here is a list of banned IP addresses you can try hacking and not feel bad. These IPs spammed one of my websites so I was able to grab them.

Edit Delete 1 213.79.93.188
Edit Delete 2 193.63.181.11
Edit Delete 3 69.32.139.171
Edit Delete 4 72.3.139.247
Edit Delete 5 85.140.185.219
Edit Delete 6 157.138.204.166
Edit Delete 7 128.243.21.224
Edit Delete 8 129.194.8.73
Edit Delete 9 68.68.104.34
Edit Delete 10 85.140.65.67
Edit Delete 11 147.156.98.148
Edit Delete 12 66.147.136.40
Edit Delete 13 194.82.16.252

Let me help you get started:
Using the UNIX command NMAP you can do:

nmap -A -T4 147.156.98.148 to find out what services are running. The ouput for this IP is:

SCRIPT ENGINE: Aborting script scan.
Interesting ports on open9.irobot.uv.es (147.156.98.148):
Not shown: 1708 filtered ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.2.11 ((Ubuntu) PHP/5.2.6-3ubuntu4.2 with Suhosin-Patch)
443/tcp closed https
5900/tcp closed vnc
5901/tcp closed vnc-1
5902/tcp closed vnc-2
5903/tcp closed vnc-3
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port22-TCP:V=4.62%I=7%D=1/6%Time=4B44D19C%P=i686-pc-linux-gnu%r(NULL,27
SF:,"SSH-2\.0-OpenSSH_5\.1p1\x20Debian-5ubuntu1\r\n");

Some areas to start would be trying to do a brute force on the SSH server, or VNC server incase the password was simple, or find vulnerabilities in the webserver, the kernel may have a security hole since it is older... etc.. etc..

No comments: