Lamest Attempted Hax

[BenMillard]

Do not click any of the links in the quoted section!

 

 

Tried to access this  link http://www.ppstream.com/bin/ppstreamsetup.exe but

the 403 error- forbidden came up. it said that i might not have permission

to view the page with the credentials ive supplied.

Server Name: http://www.ppstream.com/bin/ppstreamsetup.exe

Your Bowser: Internet Explorer V6.0.2800.1106

Your IP Address: Sorry dont know it.

Requested URL:Http Error 403- forbidden

 

Please do your best, im all out of ideas.

Thanks, Steve

This is what I received. It seems to be a set of faked details for my server error page, except that the server is not Project Cerbera. Also, the browser string isn't a proper browser string, it's just a program name with its full version number. The requested URL isn't the URL which was requested, it is a human error message...with bad capitalisation. Setting the "IP Address" field to "Sorry dont know it" nearly made me fall off my chair at how blatently faked it was.

 

The sinister side to this is that the links are EXE programs. This makes me think it is malware (viruses, spyware and stuff like that) and that the Email was written by a very amateur hacker. When I told Sektor about this, he searched for details about the program and the filename is that of a TV streaming application. However, the filename is just a name, the actual program could contain anything. Don't click the links!

 

 

Anyone else experienced similarly lame hacking attempts?

[RMT]

PPStream is a Pear to Pear TV streaming network program for foreign TV channels. I used to use it to watch Football Ga... factual programes on Pandas. But it sucks arse.

[tehhunter]

What type of a nub would make his trojans .exes? .scrs are the way to go. No one knows that format.

 

Oh, and while I worked at HackThisSite.org we had a bunch of idiots try to "Ping of Death" us to death. From where? ProtestWarrior, naturally.

[jacob.]

I've had direct IM's that say DO NOT CLICK THIS LINK, and sure enough, I click it.

It ends up taking me to some blank page trying to install spyware infested activex plugins.

[Luke]

The lamest attempts at hacking have to be the hundreds of random login attempts hammering SSH on every server that runs it. Then again, those with passwords that are common enough to be in the password lists they try are even lamer yet.

 

Some statistics from twozero.nl.eu.gtanet.com:

551 refused connections (We only allow SSH connections from specific IPs)

498 failed passwords

259 illegal usernames

[segosa]

What type of a nub would make his trojans .exes? .scrs are the way to go. No one knows that format.

 

.pif's better

[Svip]

What type of a nub would make his trojans .exes? .scrs are the way to go. No one knows that format.

 

.pif's better

What about; "[email protected]" ? Mmm... .com format.

[BenMillard]

You can't have question marks in Windows file names, it is a "wildcard" character.

 

 

(EDIT) Forgot to add his replies:

 

Tried to access this  link http://www.ppstream.com/bin/ppstreamsetup.exe but

the 403 error- forbidden came up. it said that i might not have permission

to view the page with the credentials ive supplied.

Server Name: http://www.ppstream.com/bin/ppstreamsetup.exe

Your Bowser: Internet Explorer V6.0.2800.1106

Your IP Address: Sorry dont know it.

Requested URL:Http Error 403- forbidden

 

Please do your best, im all out of ideas.

Thanks, Steve

LMAO, that has to be the lamest attempted hack in history! :-D

Hack? All i want to know is how to access that link? Someone emailed that

link to me- Can you help? http://www.ppstream.com/bin/ppstreamsetup.exe

Is it to do with my settings?

K its cool, its been sorted- sorry to bother you.Looks like it was from an actual person rather than a robot, then. And a pretty thick person at that. It's so obviously a hacking attempt because he included the link again when it's absolutely nothing to do with Project Cerbera.

 

 

When using Lynx to access that link, it comes up as an application/octet-stream which is a standard executable, as you'd expect. I don't want to take any risks by downloading it and picking it apart, though.

Edited September 25, 2005 by Cerbera

[jacob.]

I had a look at the file just for the hell of it. It has a lot of compression and WOW64 references inside, this may just be a part of the installer though.

 

It seems to be a foreign P2P client of some sort - Chinese, I'm guessing. The file also appears to be created with Inno Setup. There's not much more that can be inspected without going through with the installation, but that's a risk I won't take. On a side note, SpyBot, AdAware, McAfee, and AVG have no problems with it.

 

It could be a poor attempt at advertising. I suggest you send him this reply:

 

Hey there Steve, I had a look around and found the file also hosted here:

http://members.home.nl/scrummie/ppstreamsetup.exe

 

Good luck!

 

Bet that'll shut him up.

[RMT]

It seems to be a foreign P2P client of some sort - Chinese, I'm guessing. The file also appears to be created with Inno Setup. There's not much more that can be inspected without going through with the installation, but that's a risk I won't take. On a side note, SpyBot, AdAware, McAfee, and AVG have no problems with it.

Nice to know I was ignored

 

(hint: second post. I explained what PPStream is)