Conversation: How servers are cracked

July 15, 2005

Author sakieN Date Wed Oct 06, 2004 4:59 am Type Type 1
How servers are cracked
by Raven
[18:04] okie
[18:05] ready?
[18:05] alright
[18:05] is everyone ready?
[18:05] yep
[18:05] Yes sir…
[18:05] yup
[18:05] yup
[18:05] 9 ppl overall
[18:05] yeah
[18:05] that good?
[18:05] including me
[18:05] icon_smile.gif
[18:05] alright
[18:05] On your marks.
[18:05] Get set.
[18:05] Go!
[18:05] okay, so today’s topic is…
[18:06] how servers are hacked
[18:06] basically, of course
[18:06] cracked
[18:06] yeah, cracked
[18:06] terminology…
[18:06] hehe
[18:06] icon_smile.gif
[18:06] that’s what you wrote on your website ;p
[18:06] icon_smile.gif
[18:06] anyway, most of those website defacements…
[18:06] dns cracks
[18:06] email cracks
[18:06] ftp cracks
[18:06] etc’ etc’
[18:06] they’re usually done in fairly easy and simple ways
[18:06] that do not require much knowledge
[18:07] they’re usually done by little kids
[18:07] mostly little kids in “hacking” groups
[18:07] who want to show the world how smart they are
[18:07] Phase I
[18:07] ——–
[18:07] oops…
[18:07] ——-
[18:07] DAMN!
[18:07] lol
[18:07] okay, all over again
[18:07] Phase I
[18:07] ——-
[18:07] ahh…
[18:07] that’s better
[18:07] any questions so far?
[18:07] okay, so phase one is…
[18:07] intelligence gathering
[18:07] why is it so easy?
[18:08] we’ll get to that
[18:08] because of ./i-0wn3d-u ;p
[18:08] exactly
[18:08] if some of u don’t understand, don’t worry
[18:08] we’ll get to that
[18:08] so anyway, stage one is intelligence gathering
[18:08] this is the most important stage
[18:08] why?
[18:08] …
[18:09] because otherwise you’ll find yourself trying thousands of sunos 3.4 exploits
[18:09] need to know what os
[18:09] you have to know what exploits apply
[18:09] while you’re actually attacking an nt4.0 server
[18:09] what os…
[18:09] and what is the host running
[18:09] *** c0c0_ has joined #bsrf
[18:09] those are the two most important phases in intelligence gathering
[18:09] damn i’ve disconnected
[18:09] getting them is fairly easy
[18:09] *** c0c0 has quit IRC (Ping timeout)
[18:09] welcome c0c0_, we’re in the middle of the lecture
[18:09] *** c0c0_ is now known as c0c0
[18:09] poor soul
[18:09] nmap?
[18:09] icon_smile.gif
[18:10] that’s two
[18:10] nmap is too “advanced” for most script kiddies
[18:10] advanced?
[18:10] most people use really amateurish methods
[18:10] such as reading daemon banners
[18:10] (yes, it requires the “cracker” to have unix… ooh)
[18:10] hehe
[18:10] whats a daemon banner?
[18:10] and to know how to install new software
[18:10] ha
[18:10] alright, i’ll show u
[18:10] oo me oo me!
[18:10] everyone, do telnet mailgw.netvision.net.il
[18:10] this is my isp’s smtp server
[18:11] smtp = simple mail transfer protocol
[18:11] but daemon banner is trivial to be spoofed
[18:11] for outgoing mail
[18:11] yes, of course
[18:11] first, let’s explain to those who don’t know what daemon banners are
[18:11] what do u get when u telnet to mailgw.netvision.net.il?
[18:11] oh, i think i know what you mean
[18:11] Trying 194.90.1.14…
[18:11] “could not connect”
[18:11] icon_smile.gif
[18:11] telnet: connect to address 194.90.1.14: Connection refused
[18:11] telnet: Unable to connect to remote host: Connection refused
[18:11] oops
[18:11] *** SnIpEr_WoLf_ has left #bsrf
[18:11] telnet mailgw.netvision.net.il 25
[18:11] *** SnIpEr_WoLf_ has joined #bsrf
[18:11] telnet mailgw.netvision.net.il 25
[18:12] port 25, this is important
[18:12] smtp runs on port 25
[18:12] yea
[18:12] I’m on…
[18:12] we get like sendmail version etc…
[18:12] running sendmail
[18:12] 8.9.3 sendmail
[18:12] yup
[18:12] 220 alpha.netvision.net.il ESMTP Sendmail 8.9.3/8.8.6; Sat, 22 Jan 2000 19:14:41 +0200 (IST)
[18:12] a linux/unix?
[18:12] this is what u get
[18:12] *** Sniper_wolf__ has joined #bsrf
[18:12] this is a daemon banner
[18:13] hmmmm, oki
[18:13] btw check blacksun.box.sk/ports.txt for a list of standard ports
[18:13] now, what does it tell us?
[18:13] ooh, sendmail
[18:13] the dumbest daemon ever
[18:13] it just gave us the version of the daemon that is running
[18:13] it’s a unix type sys
[18:13] usually, in sendmail holes, the OS doesn’t matter much
[18:13] yup
[18:13] now, suppose we’re some script kiddie
[18:14] so we have the version
[18:14] of the daemon
[18:14] now we go to, say, packetstorm.securify.com
[18:14] or neworder.box.sk
[18:14] and we search
[18:14] bugtraq
[18:14] technotronic
[18:14] ;p
[18:14] we use keywords such as “sendmail 8.9.3″
[18:14] yes, bugtraq is good too
[18:14] look for a crack/bug
[18:14] yup
[18:14] ntbugtraq.com
[18:14] now, here is what we’ll find
[18:14] we could find:
[18:15] that’s pathetic!
[18:15] a) advisories
[18:15] these hardly mean anything to crackers
[18:15] they only explain to u how to fix the hole
[18:15] and a little technical backgruond
[18:15] and a little technical background
[18:15] which the common script kiddie won’t be interested in
[18:15] b) texts
[18:15] texts will detail the hole
[18:15] how to exploit it
[18:16] and a workaround, if any
[18:16] c) an exploit
[18:16] BINGO!
[18:16] an exploit is a premade program
[18:16] that exploits a certain hole
[18:16] all the cracker has to do is to compile it
[18:16] (unless it’s written in perl)
[18:16] (or another interpreted programming language)
[18:16] bash
[18:16] (’cause they run in the form of source code)
[18:16] So crackers are usally lazy punks…
[18:16] yes, or a shell script
[18:16] although u’ll hardly ever found exploits in the form of shell scripts
[18:16] pamslam.sh
[18:16] heheh ;p
[18:17] sniperwolf missed everything from phase one ’till “the dumbest daemon ever”
[18:17] redhat and mandrake rooter
[18:17] can anyone plz help him?
[18:17] i’m kinda busy here with the lecture and everything
[18:17] icon_smile.gif
[18:17] other daemons a cracker might want to look at:
[18:17] ftp
[18:17] by logging into ftp servers
[18:17] when logging into ftp servers
[18:17] u usually get technical information about the system
[18:18] u could also try to issue the syst command
[18:18] which will also give away some information
[18:18] webservers
[18:18] if u issue a bad url request
[18:18] it’ll give u some info
[18:18] for example: try surfing to http://blacksun.box.sk/some-dead-link.html
[18:18] like they are usun apache
[18:18] it’ll give u an error msg
[18:18] and the name and version of the webserver program
[18:18] fairly easy
[18:18] all u need is a browser
[18:19] crackers can also utilize newsgroups daemons
[18:19] how bout pop mail?
[18:19] and others
[18:19] pop mail too
[18:19] Apache 1.3.6 port 80
[18:19] pop3 usually reveals information
[18:19] ftp port 21
[18:19] news port…
[18:19] 119, i think
[18:19] pop is…
[18:19] telnet
[18:19] uhh, damn
[18:19] 110 = pop
[18:19] 110
[18:19] yeah
[18:19] telnet too
[18:19] telnet to port 23
[18:19] yep 119 if it is not a secure connection
[18:19] go ahead and telnet to blacksun.box.sk on port 23
[18:19] u’ll get some info on the system
[18:20] but what if we change this information?
[18:20] *** Sniper_wolf__ has quit IRC (IL.Quit: I was using Ghost_Rider Script version 2.0)
[18:20] most of today’s server programs let u do it
[18:20] most admins do it.
[18:20] redhat linux 5.2 — you learn the os
[18:20] Kernel 2.0.36 on an i586
[18:20] and the system
[18:20] so suppose we’ve changed the daemon banner
[18:20] Red Hat Linux release 1.2 (Apollo)
[18:20] but what if…
[18:20] …
[18:20] we’re dealing with a smarter script kiddie?
[18:21] (ph33r)
[18:21] they exist?
[18:21] yeah
[18:21] icon_smile.gif
[18:21] there are some
[18:21] nmap!
[18:21] yes, unfortunately ;p
[18:21] yup
[18:21] www.insecure.org
[18:21] download nmap
[18:21] queso may be?
[18:21] how does nmap work?
[18:21] winfingerptint.exe
[18:21] queso too
[18:21] winfingerprint too
[18:21] winfingerprint is for windows
[18:21] the others are for unix
[18:21] get them all at packetstorm.securify.com
[18:21] windows nt
[18:21] how do they work?
[18:21] pretty simple
[18:21] each OS has what we call tcp/ip fingerprints
[18:21] why?
[18:22] it trys all these same techniques don’t it?
[18:22] because each os implements tcp/ip in a different way
[18:22] kinda
[18:22] yeah
[18:22] basically, nmap and the others are just port scanners
[18:22] ya now I remember
[18:22] but they do more
[18:22] they can detect these fingerprints
[18:22] and give definitive information
[18:22] this irc server gives a lot if advertising msgs..
[18:22] the win tcp/ip stack is easy to detect
[18:22] yes, it’s the easiest
[18:22] windows is the easiest to detect
[18:23] detecting the difference between two similar unix distributions is harder
[18:23] detecting the differences between, say, some unix and windows
[18:23] or mac and windows
[18:23] is fairly easy
[18:23] could you spoof fingerprints? as an admin i mean
[18:23] so our smart and elite script kiddie grabs his copy of nmap
[18:23] how bout between linux distro or *bsd?
[18:23] but nmap uses a combo of all the techniques.
[18:23] technically, u can, but it takes a lot of messing around with code and stuff
[18:24] and u probably won’t be able to do it well
[18:24] nor hide from all techniques
[18:24] also, nmap does other things
[18:24] it’s a portscanner that can also scan through firewalls
[18:24] but do your really have too hide?
[18:24] more on nmap’s website and nmap’s man pages
[18:24] (it installs a manpage)
[18:24] (so u type man nmap after u install it)
[18:24] (and it explains everything)
[18:24] www.insecure.org/nmap
[18:25] arent your lost in say ftp trafic when ftping?
[18:25] well, if u reveal critical information about ur system
[18:25] u might be helping a cracker
[18:25] TheJoker: say again plz?
[18:25] does the cracker have to worry about hiding?
[18:26] yes
[18:26] so the cracker would implement some techniques
[18:26] wont’ he/she be lost in trafic?
[18:26] such as the ones described in blacksun.box.sk/anonymity.txt
[18:26] generally, yes
[18:26] but there are IDSs
[18:26] IDS = Intrusion Detection System
[18:26] dynamic IPs now days
[18:26] they go over traffic
[18:26] and highlight several parts in the logs
[18:26] is a proxy enough to hide?
[18:26] which might mean a cracking attempt
[18:26] *** c0c0 has quit IRC (Ping timeout)
[18:26] bouncing ur connection would usually suffice
[18:27] okay, that’s it. if u miss something, just wait for the logs to come out
[18:27] if the proxy party cooperate w/ us ;p
[18:27] or…
[18:27] suppose we telnet to nether.net
[18:27] and get a free shell account
[18:27] and then break out
[18:27] and manage to get root
[18:27] (suppose we do it from a public place so they can’t trace us back home)
[18:27] now we have a root shell on nether.net
[18:27] and we can run exploits and hack from them
[18:27] http://freebooks.hypermart.net/proxy/proxiesn.htm
[18:28] icon_smile.gif
[18:28] free proxies worldwide
[18:28] nether.net is the best free shell provider
[18:28] okay, so these were phase one and two
[18:28] phase one – info gathering
[18:28] two – searching online databases
[18:28] now, suppose we’re in
[18:28] now comes phase three
[18:28] no, not defacing the website!
[18:28] or dns database
[18:28] we have some other things to worry about
[18:29] first we need to clean out presence from the logs
[18:29] logs?
[18:29] or the admin might realize he got cracked
[18:29] thats what i’m doing right now
[18:29] and put more effort into security
[18:29] icon_smile.gif
[18:29] icon_smile.gif
[18:29] this is where rootkit comes in ;p
[18:29] not these logs!
[18:29] hahaha
[18:29] yeah, rootkits automate such processes
[18:29] icon_razz.gif)
[18:29] *** INTJ has quit IRC (No route to host)
[18:29] * Chaotic_Thought grins
[18:29] fun for the whole family
[18:29] how does a rootkit actaully work?
[18:29] so now that we’ve cleaned our presence from the logs
[18:30] it’s just an automated script
[18:30] it automates some tasks for u
[18:30] they only work on specific configurations
[18:30] *** INTJ has joined #bsrf
[18:30] of course, if we only clean the standard logs like klog (kernel logger) and syslog (system logger)
[18:30] shoot, israel.net closed me
[18:30] it might now be enough
[18:30] don’t worry, just get someone to give u the logs at the end of the lecture
[18:31] okay, so if we only cleaned syslog and klog
[18:31] we might have still left some trace
[18:31] maybe the admin is using an external logging system?
[18:31] could be…
[18:31] in being rooted?
[18:31] hey, when ur done with the lecture, plz send the logs to tplec@zipmail.com.br (sniper wolf) and to me (barakirs@netvision.net.il)
[18:31] now, suppose we’re a cracker
[18:31] and we’ve cleaned syslog and klog
[18:32] but the admin was using some external logger
[18:32] WHOOPS!
[18:32] we’ve left some presence
[18:32] dead
[18:32] wed be screwed..
[18:32] now, phase 4
[18:32] Do u want logs edited somewhat?
[18:32] *** SnIpEr_WoLf_ has quit IRC (IL.Quit: 12Delta 3.4 15,1- 14Dark15 Il16lu15mina14tion 15- – [ http://delta.cjb.net ])
[18:32] how do you get around that?
[18:32] so u need to do some research on the machine
[18:32] browse around in it’s directories
[18:32] see what u can find
[18:32] and of course, u must have a lot of experience
[18:32] can one practice that?
[18:32] install some log cleaners on urself
[18:33] mess around with external logging programs
[18:33] etc’ etc’
[18:33] skript kiddies dont though
[18:33] rootkit
[18:33] that’s right
[18:33] u can practice that on ur own box
[18:33] script kiddies hardly ever practice
[18:33] the average script kiddie would skip phases 3 and 4
[18:33] phase 3 – deleting urself from the logs
[18:33] rootkit can make logging exclude our doings
[18:33] phase 4 – installing a backdoor
[18:33] (we’ll get to that)
[18:34] btw, DO NOT just delete the logs!
[18:34] this will surely get the admin to notice
[18:34] DUH!!
[18:34] that’s the dumbest thing u could possibly do
[18:34] just your intries!
[18:34] exactly
[18:34] u can also change ur entries
[18:34] and make them look like something more legitimate
[18:34] of course, u have to make sure they look authentic
[18:34] skript kiddies would’nt know thier entries form others would they?
[18:35] yup – experience with loggers
[18:35] yeah
[18:35] okay, let’s move on
[18:35] suppose this whole process of cracking into the machine and cleaning the logs
[18:35] took u…
[18:35] 5 minutes…
[18:35] 30 minutes…
[18:35] maybe a couple of hours
[18:35] a day?
[18:35] icon_wink.gif
[18:35] *g*
[18:35] u wouldn’t want to repeat that whenever u step in, would u?
[18:36] this is what backdoors are for
[18:36] hell no
[18:36] no
[18:36] ya!
[18:36] the most basic one is:
[18:36] useradd my-backdoor
[18:36] password my-backdoor my-new-pass
[18:36] we’ve just added a new user
[18:36] passwd
[18:36] oops
[18:36] you would’nt use my-backdoor!
[18:36] passwd my-backdoor my-new-pass
[18:36] sorry
[18:36] yes, of course
[18:37] adduser
[18:37] or useradd
[18:37] haha
[18:37] icon_smile.gif
[18:37] depends on the system
[18:37] and on…
[18:37] nevermind!
[18:37] off-topic
[18:37] hehe
[18:37] it really doesn’t matter
[18:37] you wanna do clickings in win ;p
[18:37] now we edit the passwd file
[18:37] and give the new account uid 0 and gid 0
[18:37] user id 0 = root access!
[18:37] access to ANYTHING
[18:37] not always
[18:37] group id 0 = root’s group
[18:38] yes, of course
[18:38] but usually
[18:38] u can change anything on unix boxes
[18:38] SuSE has extreme restrictions, then you cant do some stuff
[18:38] the admin would notice a new god mode user!
[18:38] exactly!
[18:38] that’s why it’s the most obvious backdoor
[18:38] there’s a program for unix that can restrict uid 0 guid 0 permissions
[18:38] a new god user would fire up some alarms, now wouldn’t it?
[18:38] that’s also true
[18:38] ya!
[18:39] so no smart cracker would use this method
[18:39] another possible method:
[18:39] taking some backdoor noone uses
[18:39] and trojan it
[18:39] oops, i mean daemon
[18:39] taking some daemon
[18:39] and trojaning it
[18:39] what about cracking the passwd file?
[18:39] no, we already have root access
[18:39] sshd daemon is a good one
[18:39] usually u won’t need root’s password
[18:40] u’ll just run an exploit and get a root shell
[18:40] but after your in
[18:40] another possible backdoor:
[18:40] trojaning some daemon
[18:40] crack it and then you’ll be able to get back in
[18:40] so the daemon would appear to be working just fine
[18:40] and will do everything naturally
[18:40] but will also allow the cracker to get a root shell
[18:40] but…
[18:40] what if the admin is running checksum checks?
[18:41] tripwire
[18:41] change them too… only problem left: time stamps
[18:41] there are programs out there, such as tripwire, which check the file sizes of files
[18:41] and let’s the admin know when they’re changed
[18:41] critical files
[18:41] that’s true too
[18:41] the file’s “last changed date” would also change
[18:41] sure, u can go around all of this…
[18:41] but this only means more variables
[18:41] more places where u can fail
[18:41] or make a mistake
[18:41] you could change sys time before you mod the file icon_razz.gif)
[18:42] and reveal urself
[18:42] of course, but that would be noticed
[18:42] *** [S]hun has joined #bsrf
[18:42] this is one of the main reasons that u need to make sure the admin is not present when u crack
[18:42] using finger
[18:42] if finger is available
[18:42] finger @target-host.com
[18:42] not much anymore.
[18:42] yeah
[18:42] it’s hard to find an admin
[18:42] that is dumb enough
[18:42] to run finger!
[18:43] who
[18:43] suppose netvision.net.il (my isp) was running fingerd (finger daemon)
[18:43] run ‘who’
[18:43] ppl would just be able to do finger barakirs@netvision.net.il
[18:43] and get tons of information about me
[18:43] yes, of course, once you’re in, u can use commands such as who
[18:43] you would have to be on the system to use who
[18:43] ps aux
[18:43] exactly
[18:43] ps -aux
[18:43] this will show ALL running processes
[18:43] useful too
[18:43] sometimes to find loggers
[18:44] but the admin can change the process names of the loggers
[18:44] we can send the admin xxx passwd to distract him ;p
[18:44] now, here’s another method
[18:44] using the r services
[18:44] especially rlogin
[18:44] go read rlogin’s man page
[18:44] wait, lemme quote it
[18:44] okay, nm, lemme write something of my own
[18:45] rlogin is based on trust systems
[18:45] for example:
[18:45] suppose u require anyone who comes over to ur house to give a password
[18:45] three knocks or something
[18:45] some password…
[18:45] but suddenly, ur best friends comes over
[18:45] 4 is better
[18:45] and he doesn’t know the password
[18:45] icon_smile.gif
[18:45] will u let him in?
[18:45] of course u will!
[18:45] no
[18:45] u trust him
[18:45] lol
[18:45] heck no!
[18:45] u wouldn’t
[18:45] trust systems would
[18:46] they suck!
[18:46] they’re also good for more user-friendlyness
[18:46] I don’t want my ps to be friendly
[18:46] send me the log please i must go
[18:46] so dumb clerks won’t have to type in passwords all the time
[18:46] sorry pc
[18:46] micro$oft? *eg*
[18:46] *** squiler has quit IRC (IL.Quit: Leaving)
[18:46] now, trust systems are also serious security hazards
[18:47] go to blacksun.box.sk/books.html and read ‘IP Spoofing Demystified’ later
[18:47] now, let’s take rlogin for example
[18:47] it was good.
[18:47] suppose u put a file:
[18:47] called /etc/rhosts
[18:47] put a file called rhosts in /etc
[18:47] which will look like this:
[18:48] somehost.com someuser
[18:48] the user someuser from somehost.com will be able to do:
[18:48] loggers would catch it?
[18:48] just a sec
[18:48] he’ll be able to use rlogin
[18:48] to remotely login to this bx
[18:48] to remotely login to this box
[18:48] as ANY user
[18:48] or if u put an .rhosts file in a user’s home directory
[18:48] he’ll be able to log in as that user
[18:48] ANOTHER POSSIBLE BACKDOOR!
[18:48] but wait…
[18:49] that’s fairly noticable, isn’t it?
[18:49] ya
[18:49] most backdoors are
[18:49] so we need to put a lot of thought into it
[18:49] and some luck
[18:49] and make sure the admin is as dumb as possible
[18:49] should you make backup back doors?
[18:49] yes
[18:49] always
[18:49] on the other hand
[18:49] more backdoors
[18:49] would mean more chances
[18:49] that the admin will notice something wrong
[18:49] suppose u were an admin
[18:50] like a stupid one to make them think that they got you?
[18:50] and u would have suddenly noticed a backdoor
[18:50] u would panic, right?
[18:50] and put a lot more effort into security
[18:50] download every scanner u can find
[18:50] roam your system for backdoors and holes
[18:50] perhaps
[18:50] but they might find the stupid backdoor
[18:50] and then go crazy
[18:50] search the system
[18:50] and find ur other backdoors
[18:50] ya it’s all luck,
[18:50] but a very smart admin had setup a honeypot ;p
[18:50] exactly
[18:50] yup
[18:50] honeypots are kewl
[18:51] he would attract a cracker
[18:51] and then…
[18:51] KABOOM!!
[18:51] < [S]hun> Whats honeypot ?
[18:51] ;P)
[18:51] or something…
[18:51] boobie trap
[18:51] a honeypot is a host or a certain situation that will attract crackers
[18:51] KABOOM? the mail bomber? ;p hahaha
[18:51] the admin will monitor his honeypot
[18:51] see if there are any bees trapped inside
[18:52] and then, once he sees something…
[18:52] he would realize that he’s being attacked
[18:52] and maybe call the police
[18:52] or Robert Frost!!
[18:52] MWHAHAHAHA!!
[18:52] (the poet)
[18:52] nevermind, forget it
[18:52] icon_smile.gif
[18:52] private joke
[18:52] sounds like a personal problem
[18:52] so that was phase 4
[18:53] now, we’re in
[18:53] we’ve cleaned the logs
[18:53] we have a backdoor
[18:53] now we only have one thing left to do:
[18:53] inflate ego in irc
[18:53] utilize the box
[18:53] perhaps for mailbombing someone
[18:53] perhaps for installing bots on it
[18:53] or flooding
[18:53] vhost
[18:53] or defacing the website on the box
[18:53] hack another box
[18:53] *** rekaerf has joined #bsrf
[18:53] yup, u can also set a virtual host on this box
[18:53] hey
[18:54] yes, or start other attacks against other hosts from this newly cracked one
[18:54] or just screw the system and kill a business
[18:54] yes, that’s also true
[18:54] or…
[18:54] corporate espionage
[18:54] yummy!
[18:54] if ur a corporate spy
[18:54] credit card numbers ;p
[18:54] u could get info and stuff
[18:54] *** blu3h4z3 has joined #bsrf
[18:54] or maybe acccess credit card databases
[18:54] or other sensitive information
[18:54] so that was phase 5
[18:55] which is…
[18:55] well, the last phase
[18:55] LOL
[18:55] thank u all for coming over to the lecture
[18:55] < [S]hun> hmm, I think I missed the first few parts
[18:55] < [S]hun> where can I get the logs ?
[18:55] argh, I missed the whole thing@
[18:55] it was cool
[18:55] ouch
[18:55] < [S]hun> on blacksun/ ?
[18:55] na ni na na boo boo!
[18:55] it was good yes
[18:55] someone send me his logs plz
[18:55] hahaha
[18:55] interesting
[18:55] nice job Raven
[18:56] RaveN, u want logs sorta edited?
[18:56] edit the personal joke!!! hahaha ;p
[18:56] sorta edited?
[18:56] whaddya mean?
[18:56] Like, I was talking before lecture
[18:56] seeker, u didn’t miss any parts of the lecture, right?
[18:56] no uncut and unedited
[18:56] Want that out?
[18:56] nm, seeker is sending me his logs
[18:57] *** rekaerf has quit IRC (IL.Quit: I was using Ghost_Rider Script version 2.0)
[18:57] in a whopping 0.6429k per second speed
[18:57] < [S]hun> haha
[18:57] # ³ Type ³ Nick ³ Percent Complete ³ K/s ³ File
[18:57] ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

[18:57] 1# GET seeker ±²Û²±° °±° 94.6% 00:02 0.6395 #bsrf_20000122.log
[18:57] ùíù DCC Warning: incoming file is larger than the handshake said
[18:57] ùíù DCC Warning: GET: closing connection
[18:57] * Seeker grins
[18:57] send again plz

Posted in WhitePapers