|
Modules
|
|
Who's Online
|
|
There are currently, 8 guest(s) and 1 member(s) that are online.
You are Anonymous user. You can register for free by clicking
|
|
Content Categories
|
|
Help Desk
|
|
Amazon
|
|
NukeWeather
|
|
Sugar Land, Texas, United States, North America |
Change Settings |
|
Current Conditions: |
73°F |
Feel: |
77°F |
Wind: |
CALM
0 mph |
|
|
Detailed Forecast |
|
|
|
|
Warning: Cannot modify header information - headers already sent by (output started at /usr/local/psa/home/vhosts/.net/httpdocs/header.php:32) in /usr/local/psa/home/vhosts/.net/httpdocs/includes/sessions.php on line 240
Warning: Cannot modify header information - headers already sent by (output started at /usr/local/psa/home/vhosts/.net/httpdocs/header.php:32) in /usr/local/psa/home/vhosts/.net/httpdocs/includes/sessions.php on line 241
Warning: Cannot modify header information - headers already sent by (output started at /usr/local/psa/home/vhosts/.net/httpdocs/header.php:32) in /usr/local/psa/home/vhosts/.net/httpdocs/includes/page_header.php on line 529
Warning: Cannot modify header information - headers already sent by (output started at /usr/local/psa/home/vhosts/.net/httpdocs/header.php:32) in /usr/local/psa/home/vhosts/.net/httpdocs/includes/page_header.php on line 531
Warning: Cannot modify header information - headers already sent by (output started at /usr/local/psa/home/vhosts/.net/httpdocs/header.php:32) in /usr/local/psa/home/vhosts/.net/httpdocs/includes/page_header.php on line 532
Proof of Concept to Fight Back
|
View previous topic :: View next topic |
Author |
Message |
Sleeve
Windoze skiddie
Joined: Apr 10, 2005
Posts: 3
|
Posted: Sun Apr 10, 2005 9:16 pm Post subject: Proof of Concept to Fight Back
|
|
|
I'm not ususally the one to double post but it's easier to copy and past than it is to re-type everything.
I have a proof of concept that I want people to know about...
I am a site op for a small company that absolutely gets bombarded by spam. 90% of it is from these fake mortgage webistes that harvest personal info for the purpose of either ID theft, or list selling to direct mailers. I traced it back to one site that has over 700 subdomains used for spamming and/or a landing site for victims. One of the domains are http://truck.ok-mrg-now.net if you are interested in checking in to it. They must be on just about evey blacklist in the U.S.!
Upset at their nefarious intentions and the ungodly amount of spam we recieve from them, I decided to fight back by giving them what they want...names and addresses...and a LOT of them
I created the first ever FORM FILLER that generates FAKE names, addresses phone numbers and email addresses and then SUBMITS the data directly to the data harvesting pages MILLIONS OF TIMES PER DAY! This will prevent them from distinguishing the fake names from the real names, thus preventing victims, and it will use HUGE amounts of process time and resources on their server. Let's FIGHT BACK!
I got up to 15 MILLION FORMS successfully submitted before they k-lined me. I need some help to beta test this app and to take down the worlds biggest spammer. After they are gone, we will take down the second biggest spammer and so on.
The software is Flash based and is NOT an executable. If you know anything about Flash, it cannont directly access your registry, hard drive or memory. It is absolutely incapable of viral-like doings so please do not worry.
You can find it here: http://bdonner.coconia.net/
HELP me test it and KILL THE SPAMMERS! Post your stats/comments/question to this thread and spread the word. Lets FIGHT BACK and let the spammers know that we will not tolerate this anymore!
I am in the very early stages of development and if this works, I will be further developing it and accepting other spammers for consideration as targets. e.g fake sofware sites, fake pharmacy sites, fake banks and any other evil entities. E-mail me at with any questions.
Regards,
PL222
|
|
Back to top |
|
|
NealT
3133T BSD d00d
Joined: Nov 11, 2003
Posts: 394
Location: In Front of My Computer - Same as You
|
Posted: Mon Apr 11, 2005 5:32 am Post subject:
|
|
|
I hate to tell you this, but by my reading of things, what you are doing is not legal. Further, if by some remote chance you happen to stumble on a name/address/phone combination of a REAL person, it is my view that you would be liable for damages caused.....
I would suggest before you go any further, you contact a reputable attorney.
_________________
|
|
Back to top |
|
|
etee
The Me
Joined: Oct 30, 2003
Posts: 551
Location: In front of my computer
|
Posted: Mon Apr 11, 2005 6:27 am Post subject:
|
|
|
Interesting concept -- definitely on the "grey hat" side, but interesting nonetheless. I have several spam-bot poisoners I am involved with (I might even be running one or more of them on this site -- who knows?), but this is both using a new technology (flash), and is more "active" (going out and registering on the sites, rather than sitting there and waiting for them to come to you.) It's the latter that I think NealT might have had the heartburn about. The algorithms for generating real-looking (bur fake) email addresses is pretty well known by now. And, better yet, you can generate real email addresses that go to "spam traps" -- a number of anti-spam products (and people) use this method to tag the spam.
My concern is about exactly what sites the "solution" registers with. If indeed these are ID-theft sites, then quite frankly the goal is to shut them down -- and the quicker the better. Dropping a dime on the site to the ISP (or the upstream) is a much better idea in that instance, IMHO.
_________________
Cheers,
-etee
"Supreme Commander of the Buffalo Wing, Spicey Chicken Cartel"
|
|
Back to top |
|
|
Sleeve
Windoze skiddie
Joined: Apr 10, 2005
Posts: 3
|
Posted: Mon Apr 11, 2005 8:50 am Post subject:
|
|
|
First to address NealT - If there is a name/address combination that points to a real person generated by this script, it would be more rare than winning the mega millions lottery twice in a row with a $1.00 ticket. The algorithm used ensures this will not happen.
Furthermore, this is not a DDoS attack. It uses a public web portal to auto-fill forms and submit data. The goal is to dilute the database so they cannot distinguish real people from auto generated. There are several programs that auto fill data already, just in a more constructive way than mine. Everyone I've spoken with about this says it's abuse AT BEST and perfectly legal. To me it's fighting fire with fire in a measured and controlled way.
Now to address etee - This perticular ISP and webhost have been warned several times over the last year or so to no avail. It resides in China so it is outside of US law and they are not responding to complaints. Considering the amount of money they are making by spamming, my guess is that they aren't about the shut down the operation with a 'friendly' reminder that SPAM is illegal.
Agreed, it is a 'grey' area but you must also agree that if I can prevent one ID theft victim by doing this, it is a worthwhile effort.
Sleeve
|
|
Back to top |
|
|
BobCat
Cyborg
Joined: Apr 10, 2004
Posts: 528
Location: on the 'net
|
Posted: Mon Apr 11, 2005 8:57 am Post subject:
|
|
|
Normally I am on the "don't fight abuse with abuse" track, but remember: THEY DID ASK YOU TO FILL OUT THEIR FORM, right? ^_^
OK, so you couldn't do it right the first 500 times. You just kept trying until you got it right, after all, you wanna do it right, correct? ^_^
_________________
--BobCat
Spicey Chicken Cartel (tinSCC)#23, Lumber Cartel (tinLC)#1606
"Spam is used by lusers who don't want to do business with you ethically."
|
|
Back to top |
|
|
Sleeve
Windoze skiddie
Joined: Apr 10, 2005
Posts: 3
|
Posted: Mon Apr 11, 2005 11:05 am Post subject:
|
|
|
Yes, that's the idea
Take one of the most sinister perpetrators...fake 'male enhancement' sites that actually steal your dollars by draining your CC when you try to order. Here is an example: http://chattanooga3b.order-x.com and another: http://pentecost2b.order-x.com and yet another: http://muffle1a.order-x.com/. Identical websites, identical offers. GO ahead, order something with false info...you will see it's a scam clear as day. Now look at the whois.sc - http://www.whois.sc/order-x.com - hosted in China and BLACKLISTED.
Now ask yourself, is it possible to 'Abuse' these guys?
It can take weeks to get a response from an ISP or webhost and even if you get a response, they may not act and take the site down. My script can take down a site entirely in just DAYS and/or seriously handicap their ability to victimize people IMMEDIATELY.
To me a war is fought with guns on both sides.
|
|
Back to top |
|
|
etee
The Me
Joined: Oct 30, 2003
Posts: 551
Location: In front of my computer
|
Posted: Mon Apr 11, 2005 12:58 pm Post subject:
|
|
|
Well, it may be legal (I Am Not A Lawyer, Nor do I Play One on TV), but I still feel it is really grey hat, bordering on black hat. Not that I am totally opposed to grey hat stuff, mind you -- I wear one myself on occasion. I would be darn sure, though, that the program was rate-limited to the point you couldn't DDoS the site -- even accidentally. DDoS, even if the site is pond scum, is treated as "computer access crime" by most prosecutors.
_________________
Cheers,
-etee
"Supreme Commander of the Buffalo Wing, Spicey Chicken Cartel"
|
|
Back to top |
|
|
etee
The Me
Joined: Oct 30, 2003
Posts: 551
Location: In front of my computer
|
Posted: Mon Apr 11, 2005 3:16 pm Post subject:
|
|
|
Also registered in TUCOWS. If the contact info is legit, the guy is in California -- contact the AG there (or the DA in the county) and have his butt shut down. If the contact info is not legit, contact TUCOWS and have them unregister the domain (they have to, according to ICANN's rules.)
Sleeve wrote: |
Now ask yourself, is it possible to 'Abuse' these guys? |
Yes, it certainly is. Whether it is a Good Thing or a Bad Thing is up for debate, but they can be abused. The real question is whether or not using your program constitutes such abuse -- and that one I don't have the answer for.
Sleeve wrote: |
To me a war is fought with guns on both sides. |
That's OK -- just make sure that some innocent isn't caught in the cross-fire.
_________________
Cheers,
-etee
"Supreme Commander of the Buffalo Wing, Spicey Chicken Cartel"
|
|
Back to top |
|
|
NealT
3133T BSD d00d
Joined: Nov 11, 2003
Posts: 394
Location: In Front of My Computer - Same as You
|
Posted: Wed Apr 13, 2005 10:25 am Post subject:
|
|
|
Sleeve wrote: |
To me a war is fought with guns on both sides. |
Hmmm...
Kinda reminds me of Martin Luther King...or Ghandi...and as I recall, they did not use guns...
And, to answer your question on abuse...YEP, I think you can...besides, you can ALWAYS just turn the computer off right?
_________________
|
|
Back to top |
|
|
BobCat
Cyborg
Joined: Apr 10, 2004
Posts: 528
Location: on the 'net
|
Posted: Wed Apr 13, 2005 10:48 am Post subject:
|
|
|
Remember we (tinw) don't use guns. We (tinw) use LARTs. And trust me, there is much more imagination that could go into LARTing ^_^
_________________
--BobCat
Spicey Chicken Cartel (tinSCC)#23, Lumber Cartel (tinLC)#1606
"Spam is used by lusers who don't want to do business with you ethically."
|
|
Back to top |
|
|
etee
The Me
Joined: Oct 30, 2003
Posts: 551
Location: In front of my computer
|
Posted: Wed Apr 13, 2005 11:16 am Post subject:
|
|
|
I think the reference to firearms was metaphorical, not literal. In that context, both sides have good points. I simply am concerned about collateral damage, which was one of the concerns of the "Make Love Not Spam(m)" program that Lycos Europe unleashed (then withdrew.) I feel that this type of "fight back/attack back" response is truly a last resort, after all other avenues of dealing with it (including the IDP) are exhausted (I have found that null-routing the IP addresses at the routers is really effective.)
_________________
Cheers,
-etee
"Supreme Commander of the Buffalo Wing, Spicey Chicken Cartel"
|
|
Back to top |
|
|
NealT
3133T BSD d00d
Joined: Nov 11, 2003
Posts: 394
Location: In Front of My Computer - Same as You
|
Posted: Wed Apr 13, 2005 7:00 pm Post subject:
|
|
|
I guess that is the nice part about this country (and media). We all have the right to disagree...
_________________
|
|
Back to top |
|
|
BobCat
Cyborg
Joined: Apr 10, 2004
Posts: 528
Location: on the 'net
|
Posted: Thu Apr 14, 2005 12:40 am Post subject:
|
|
|
I say LART first, ask questions later
_________________
--BobCat
Spicey Chicken Cartel (tinSCC)#23, Lumber Cartel (tinLC)#1606
"Spam is used by lusers who don't want to do business with you ethically."
|
|
Back to top |
|
|
etee
The Me
Joined: Oct 30, 2003
Posts: 551
Location: In front of my computer
|
Posted: Thu Apr 14, 2005 1:48 pm Post subject:
|
|
|
LART everything that moves, then LART THEM AGAIN!!!11 After that, let boB sort 'em out.
_________________
Cheers,
-etee
"Supreme Commander of the Buffalo Wing, Spicey Chicken Cartel"
|
|
Back to top |
|
|
BobCat
Cyborg
Joined: Apr 10, 2004
Posts: 528
Location: on the 'net
|
Posted: Thu Apr 14, 2005 5:28 pm Post subject:
|
|
|
Just pull an Arnold: Hasta la LARTsa baby!
_________________
--BobCat
Spicey Chicken Cartel (tinSCC)#23, Lumber Cartel (tinLC)#1606
"Spam is used by lusers who don't want to do business with you ethically."
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
|