mantvydas - nesvarbutis, stanfords punished
Posted: 2013 Sep 11 20:48
skype log: http://pastebin.com/82Fp8bLX
suspect: Stanfords
reason: highly malicious activities against other servers with known
exploit raiz0
owner of: http://massacre.us.lt/ - cs-massacre.eu
server: 77.241.194.54:27016 mantvydas host
skype: sausainisx
ip: 84.46.230.101
nicknames: neo, tommy, eaas, ladygaga, stanford, stanfords - Main
mails:
[email protected] - Main
[email protected], [email protected]
real info: 8th grade 14-15 years old
phone number, lithuania: 37063804571
mantvydas host web space: http://77.241.199.144/sausainis
host: massacre.us.lt
login: massacre_forum0
db: massacre_forum0as
mokejimai.lt project id: 38524
pass:
gerass21, gerass1, tommy, nudegaga
383f31a256544bb6d8f8c9498211a8db
0c32a600ed082648d259bf9d358ba2f9
$H$9bdGOIJrkeb3.gfc5aowMw5eKqP5Zr.
Suspect: Mantvydas
reason:
http://rampage.us.lt/reklama/cs-reklama.html
illegal redirects, slowhacking, malicious fraud activities,
using known exploit raiz0
method: http://cs-boost.com/ services reseller
customers: ukdm.net, more...
real name: Mantvydas
skype: kalnas333
location: Šiauliai / Kelmės raj.
birth date: 1995-08-07, 1994-05-10
owner of projects:
77.241.194.54
77.241.199.144
http://csdownload.us.lt
http://pacukai.lt/news.php
http://rampage.us.lt/
http://www.bitradio.lt/ - crew
ip: 86.38.55.237
nicknames: mantvydas123, xmusicccc, xmusic178, nesvarbutis
passwords:
29afcba6414d4cc22dd3354b76b964fc
5cf50421692e1d29ce4d3cfbd1ade97
3 - markas
mails:
[email protected] - Main
[email protected]
info: connect cs.pacukai.lt
motdfile autoexec.CFG
motd_write alias motdfile
motdfile userconfig.CFG
motd_write alias motdfile
motdfile rampage.CFG
motd_write alias motdfile
motdfile rampage.CFG
motd_write alias motdfile
motdfile motd.txt
misc:
user:adminas
pass: mantvyd9d4z0_s
host: 77.241.194.54
user: root
pass: KkkKASD25868zzX
host: 77.241.199.144, http://77.241.199.144/phpmyadmin
db: banai2
user: root
pass: KkkKASD25868zzX, nesvarbu
ip tables security:
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -A INPUT -p tcp -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p tcp -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp -d 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p tcp -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp -s 77.241.194.54 -j ACCEPT
iptables -A OUTPUT -p tcp -s 77.241.194.54 -j ACCEPT
iptables -A INPUT -p tcp -s 86.38.55.237 -j ACCEPT
iptables -A OUTPUT -p tcp -s 86.38.55.237 -j ACCEPT
iptables -A INPUT -p tcp -s 78.63.204.253 -j ACCEPT
iptables -A OUTPUT -p tcp -s 78.63.204.253 -j ACCEPT
iptables -A INPUT -p udp -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p udp -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p udp -d 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p udp -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p udp -s 77.241.194.54 -j ACCEPT
iptables -A OUTPUT -p udp -s 77.241.194.54 -j ACCEPT
iptables -A INPUT -p udp -s 86.38.55.237 -j ACCEPT
iptables -A OUTPUT -p udp -s 86.38.55.237 -j ACCEPT
iptables -A INPUT -p udp -s 78.63.204.253 -j ACCEPT
iptables -A OUTPUT -p udp -s 78.63.204.253 -j ACCEPT
iptables -A INPUT -p tcp --dport mysql -j DROP
iptables -A OUTPUT -p tcp --dport mysql -j DROP
iptables -A INPUT -p udp --dport mysql -j DROP
iptables -A OUTPUT -p udp --dport mysql -j DROP
suspect: Stanfords
reason: highly malicious activities against other servers with known
exploit raiz0
owner of: http://massacre.us.lt/ - cs-massacre.eu
server: 77.241.194.54:27016 mantvydas host
skype: sausainisx
ip: 84.46.230.101
nicknames: neo, tommy, eaas, ladygaga, stanford, stanfords - Main
mails:
[email protected] - Main
[email protected], [email protected]
real info: 8th grade 14-15 years old
phone number, lithuania: 37063804571
mantvydas host web space: http://77.241.199.144/sausainis
host: massacre.us.lt
login: massacre_forum0
db: massacre_forum0as
mokejimai.lt project id: 38524
pass:
gerass21, gerass1, tommy, nudegaga
383f31a256544bb6d8f8c9498211a8db
0c32a600ed082648d259bf9d358ba2f9
$H$9bdGOIJrkeb3.gfc5aowMw5eKqP5Zr.
Suspect: Mantvydas
reason:
http://rampage.us.lt/reklama/cs-reklama.html
illegal redirects, slowhacking, malicious fraud activities,
using known exploit raiz0
method: http://cs-boost.com/ services reseller
customers: ukdm.net, more...
real name: Mantvydas
skype: kalnas333
location: Šiauliai / Kelmės raj.
birth date: 1995-08-07, 1994-05-10
owner of projects:
77.241.194.54
77.241.199.144
http://csdownload.us.lt
http://pacukai.lt/news.php
http://rampage.us.lt/
http://www.bitradio.lt/ - crew
ip: 86.38.55.237
nicknames: mantvydas123, xmusicccc, xmusic178, nesvarbutis
passwords:
29afcba6414d4cc22dd3354b76b964fc
5cf50421692e1d29ce4d3cfbd1ade97
3 - markas
mails:
[email protected] - Main
[email protected]
info: connect cs.pacukai.lt
motdfile autoexec.CFG
motd_write alias motdfile
motdfile userconfig.CFG
motd_write alias motdfile
motdfile rampage.CFG
motd_write alias motdfile
motdfile rampage.CFG
motd_write alias motdfile
motdfile motd.txt
misc:
user:adminas
pass: mantvyd9d4z0_s
host: 77.241.194.54
user: root
pass: KkkKASD25868zzX
host: 77.241.199.144, http://77.241.199.144/phpmyadmin
db: banai2
user: root
pass: KkkKASD25868zzX, nesvarbu
ip tables security:
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -A INPUT -p tcp -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p tcp -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp -d 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p tcp -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp -s 77.241.194.54 -j ACCEPT
iptables -A OUTPUT -p tcp -s 77.241.194.54 -j ACCEPT
iptables -A INPUT -p tcp -s 86.38.55.237 -j ACCEPT
iptables -A OUTPUT -p tcp -s 86.38.55.237 -j ACCEPT
iptables -A INPUT -p tcp -s 78.63.204.253 -j ACCEPT
iptables -A OUTPUT -p tcp -s 78.63.204.253 -j ACCEPT
iptables -A INPUT -p udp -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p udp -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p udp -d 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p udp -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p udp -s 77.241.194.54 -j ACCEPT
iptables -A OUTPUT -p udp -s 77.241.194.54 -j ACCEPT
iptables -A INPUT -p udp -s 86.38.55.237 -j ACCEPT
iptables -A OUTPUT -p udp -s 86.38.55.237 -j ACCEPT
iptables -A INPUT -p udp -s 78.63.204.253 -j ACCEPT
iptables -A OUTPUT -p udp -s 78.63.204.253 -j ACCEPT
iptables -A INPUT -p tcp --dport mysql -j DROP
iptables -A OUTPUT -p tcp --dport mysql -j DROP
iptables -A INPUT -p udp --dport mysql -j DROP
iptables -A OUTPUT -p udp --dport mysql -j DROP