https://srsly.de
lol, this is bad. I've already seen a few machines get rm -rf'd
What is this?
>>45841271
They use zmap to scan the internet for open VNC hosts (remote control software), then if they find one that does not have a password then they feed it to a script that takes a screenshot of the host and make it available on that website. They are running it from 31c3 as described here: https://news.ycombinator.com/item?id=8810698
Speaking of which
There was this website with a couple of guys running an experiment and letting people upload whatever they like on 6 computers running Win98 and XP, does anyone remember the website? I can't find what to google and all I remember is that they insisted that one not host it in the US
>>45841271
NSA skiddie trap
Domain: srsly.de
Nserver: ns1.first-ns.de
Nserver: robotns2.second-ns.de
Nserver: robotns3.second-ns.com
Status: connect
Changed: 2014-12-27T20:51:41+01:00
[Tech-C]
Type: PERSON
Name: Ben Parker
Address: 2809 Lunetta Street
PostalCode: 33624
City: Tampa
CountryCode: US
Phone: +19413288593
Fax: +19413288593
Email: [email protected]
Changed: 2014-08-29T16:03:13+02:00
[Zone-C]
Type: PERSON
Name: Ben Parker
Address: 2809 Lunetta Street
PostalCode: 33624
City: Tampa
CountryCode: US
Phone: +19413288593
Fax: +19413288593
Email: [email protected]
Changed: 2014-08-29T16:03:13+02:00
how does this work? I can never click anything
>>45841593
and?
what the fug :DD
>>45841797
JAPAN JAPAN JAPAN
interesting...
>>45841605
open it with a vnc client?
>gained root access to 3 servers in 10 minutes
ayy lmao
what is this shit
shutdown-ed 5 machine.
none of them is windows, since no windows install allow default passowrd in motd lol
windas stronk !
74.110.188.183:5900 mexican restaurant
anyone knows of a qemu VM escape?
also, how many of these are honeypots?
>tfw tightvnc running on my server right now
PANIC
kek
Who the fuck is whiteknighting and telling people to secure their shit?
105.210.24.71:5903
OPEN LEENUCKS VNC
>Check Firewall Privelages
>4 VNCs installed I never knew about.
>whut?
148.251.152.76:5900 im out bitches
>>45844012
better shutdown that machine, i bet they from leddit
>>45841200
does this come from CCC? if so, which talk?
http://media.ccc.de/browse/congress/2014/index.html
its vnc... but to a terminal? why dont they use ssh?
>>45841437
It was called a virus farm or something
>>45841200
>your connection is not private
NOPE, nice try NSA honeypot!
ayy
>>45841593
what about my uncle? did you give him a chance!
no fun allowed
213.87.104.117:5904
Windows VNC
Opera Android Browser blocked this site, why?
>>45844277
Subtle.
my sides
>>45844882
>>45844882
>Porn
How do I protect myself from this?
>>45845191
bump for interest
>>45845191
By not using VNC (without any password).
>>45845191
Gentoo.
>>45845221
without any password?
I remember when I used to scan millions of IPs looking for open HTTP and VNC servers.
Then I started getting paranoid and stopped doing that.
>>45845191
delete system32 and install gentoo
but seriously now: use long, complex passwords, try not to use default ports, if you can use a portknocking daemon, keep your systems updated... this way, you'd be "secure" from mass scanners at least.
>>45845286
Thanks for the riveting story, grandpa.
>>45845301
Enjoy your jail cell with Tyrone.
>>45845310
>implying I'm stupid enough to have connected to any of these machines
>>45841941
That's Chinese, bro.
So this is only for people that have forwarded the ports on their routers?
>>45845389
these are being exposed to the internet, yes. scan your system from outside..
![user_23744_3TE98SS9[1].gif](https://i.imgur.com/Stcu8hE.gif "user_23744_3TE98SS9[1].gif")
Nice password, too bad you left the poweroff button on the login screen.
>>45845348
This
Remote Desktop isnt vulnerable to this is it?
>>45845326
I connected to dozens without a proxy because I'm an internet gangster and I do not give a fuck.
>>45845532
Someone just visited this website from my proxy/honeypot server.
Was it someone from /g/? ;)
It says problem loading the page.
Is OPs website down or do I need some VNC software for this?
>>45845469
you can send ctrl+alt+del to reboot most machines...
>>45845515
the only "vulnerability" here is retards giving open access to vnc
>>45845581
You can check wether they are online by clicking the image but you need a vnc client to do things.
I just downloaded TightVNC, works quite well.
>>45845614
I mean the website can't be opened.
Not the VNCs
>>45844221
A lot of these machines will be virtualised, and this is one of the ways to give 'proper' console access. SSH relies on networking being up on your guest machine.
>>45845792
use another browser, check/change your DNS settings and/or add its address to /etc/hosts :
$ nslookup srsly.de
Address: 151.217.171.219
http://151.217.171.219:6080/vnc.html?autoconnect=true&token=200.102.217.78-5900-vnc something interesting happening over there
kek
>>45844882
o lel
https://srsly.de/hardlink/36.225.51.15-5900-vnc
i can't seem to type or do anything on them computers.
>>45846379
use a vnc viewer
skids learned from the defcon talk and made it public. damn people are stupid
>>45846311
cryptolocker? wtf??? did we do this /g/?
>>45846480
>Want us to continue after the 31c3 is over? Please drop your BTC change
well we could take down a whole network...
woah...:)
She wasn't happy of meatspin.
>>45846620
what torrents should I add here?
>>45841200
/mu/ here. Can someone explain to me like I'm 10 what's going on in this thread?
>>45846678
Touhou lossless music collection
http://www.tlmc.eu/2013/07/tlmc-v17-20130707b.html
>>45846678
>>45846678
Gay sex with hatz
>>45846678
http://thepiratebay.cr/torrent/8750920/newhalfclub-nan0204-02-hd-yuki-nanase-1080p/
How about something good.
>>45846678
https://kickass.so/chambao-discography-t1076495.html
meta
>>45846684
This site indexes people's computers running remote control software without any access password, so anyone can just connect and fuck with the user.
Naturally, some or all of these could be FBI traps.
>>45846722
You fool! What have you done?!
>>45846722
Be a dear and give him adblock.
>>45846684
Site is sharing unsecured vnc servers - think of it like remote desktop - so people can log in with a vnc client and remotely control the unsecured computer
>>45846678
The big finish complete collection torrent
Only 50ish gb, but everyone should have the opportunity at some point
>>45846739
>>45846758
Is it legal if you don't connect but simply observe?
>>45846768
you can't observe without connecting...
>>45846768
Yes.
>>45846722
>no password vnc on xp machine
honeypot
kek'd
>>45846777
So you are all breaking the law? What the fug man how do I know you're not watching me
>>45846802
by not being twelve years old.
any cool shit at 31C3 beside this?
>>45846480 link me the article/talks?
Can someone play RuneScape on this?
>>45846678
GOP leaks maybe?
>>45846802
Are you running an unsecured vnc server? You'd probably remember setting it up for access from outside your firewall by forwarding ports on your router, although uPnP could probably do that for you without asking.
Either way if you haven't enabled a remote desktop or vnc solution on your PC then, no, we're not watching your computer activity.
By that method.
Dutch home security or control system.
This is tempting guys...
https://srsly.de/hardlink/84.24.97.215-5900-vnc
>>45846894
Forgot the pic...
hue
63.249.108.199:5900
oldass ubuntu
https://srsly.de/hardlink/163.231.2.151-5900-vnc
>>45846894
IP is own by ZIGGO CO BACKBONE AND SECURITY and Ziggo happens to be one of the major Dutch ISPs... Did I just stumble across a provider honeypot?
>>45846945
1234
access granted!
>>45846957
dynamic ip lease
its not a pot
>>45846562
>university of pennsylvania
Wow.
https://srsly.de/hardlink/99.185.33.105-5900-vnc
Top Kek
>>45847083
oh yeah that was me lol
i lock these so I can use them for myself
try the password finger122
>>45846796
Public keys, whoopie-doo.. Newfag
Apparently root password is 1488
Also how can I connect to these unsecure ones.. for reasons...
>/g/ is against surveillance only when it's not in their hands
Truly hypocrisy
>>45841437
>>45844236
http://wecan.hasthe.technology/
seems to be down though :(
Ha he has a porn directory
lel
Has anyone actually done anything?
>>45841200
Do I need a program or something to control their computer?
The brower thing it opens doesn't seem to work
>>45847281
top fucking kek. I was wondering if that would happen
lol, someone have Windows 95 VM.
>>45847304
install a vnc server then click the add button, then enter your ip addr
>>45847325
:^)
>>45847152
le hypocrisy amirite xddd
if you cant tell the difference between being against surveillance and having fun with a site then you must be retarded
>>45847133
so its not cryptolocker?
>>45847325
*client
>>45847324
damn
![7e02d054adc0640e115c47f68c7728b9[1].png](https://i.imgur.com/1QuOsW8.png "7e02d054adc0640e115c47f68c7728b9[1].png")
Should I do it?
>>45847485
rm -rf /root/*
>>45847485
yes, for me. I couldn't type anything in that one
>>45847387
Your asshurt is showing.
kek who is googling for cp ?
I'm so mean lol
>find one that blatantly gives username and pass
>cant ssh into it after giving myself an account
well fuck I am too stupid, I ran dropbear but still cant ssh in.
hope you guys are using a tor exit node at least.
>>45847677
Nah, I'm behind the Google Translate proxy...
>>45841941
あれは日本語じゃないです. 中国語です
Thisamericacaptchaifuckingisafucking!!
>>45847677
naa I I vnc'd into a server that was in australia. mfw I am in jail tomorrow.
>>45847737
see you there m8
How do we do that shell shock thing again?
>>45847801
https://www.youtube.com/watch?v=UllSNdgGLbo
>>45847643
same issue, one of the cirros machines.
>>45846722
Sorry anon couldn't resist deleting system32 on that one
>>45846722
At least I think I did, I can't read Spanish
>>45848096
His AVG didn't save him from elite gentoo hackers
>>45847643
Gotta forward ports for that shit.
>>45846722
>yfw that site hacks you and shows it to everyone else
I like the one that keeps saying >install gentoo
If you're here how did you do it anon?
>click icon to safely remove drives
>remove some kind of "balloon drive"
>break bondage japs PC
Hacker as fuck.
>>45848243
I was a QEMU/KVM guest most likely. The balloon driver is for memory
I bet this is one of you guys. Both the one in control and the one running the host.
>>45848302
that some type of russian 4chin?
can't somebody just hold down the power button for five seconds if this happens to them
>>45848336
Or disconnect their internet
https://srsly.de/hardlink/168.1.84.21-5907-vnc
>>45848336
...yes but that doesn't solve the issue of vncserver running without a password.
>>45848382
well at least they get the opportunity to boot into safe mode and fix the ruddy thing
>>45848373
What about it?
>>45848393
>boot into safe mode
not all of these servers are Windows though
they don't need to boot into anything they just need to disconnect their device from the internet until they have removed VNC or given it a password.
what do?
>>45848373
>pic
>>45848439
Holy shit, you hit jackpot.
>>45848439
copy nudes
>>45848439
leave a message saying VNC isn't configured properly and log off.
>>45848427
yeah sorry, my go-to panic solution for everything is just force shut the bloody thing down. removing internet access is a handy weakness though.
>>45848439
https://srsly.de/hardlink/42.152.43.139-5900-vnc
>>45844256
except the nsa would have signed certificates, retard
>>45847281
That's great
What's up with the ones that are the size of the cursor?
What the fuck is this?
>>45848439
>>45848513
>>45848819
remote control for lights, TV and shit...
>>45845532
tfw this was me a couple of years ago
a house search and a 6 month wait to get my computers back changed me and it will change you
>>45848885
Story
>>45848885
bullshit, how did you get caught?
>>45848947
>>45848964
>>45848885
please :)
>>45848885
was a pissed off sysop beating down your door?
>>45848972
Probably because proxies are not defenses against law enforcement. They really are worse than useless.
>>45848885
stop scaring the children you're full of shit.
Fucking white knights
>>45848439
>>45848513
>>45848820
Lol they're trying to scan for viruses to prevent us fucking their shit
>>45849096
kill this whiteknight pls
mfw already defeated faggot who doing shit like >>45849040 in 3 server
>>45849040
>So blackhat XDXD
you're not cool, just do the right thing at let these people know they're fucking retards.
>>45849040
Tumblr found out
>>45849123
and youre not either
>>45849158
its cool to be nice
>:,)
>>45849173
>that self imposed delusion
This thread is gold.
>>45844279
Most underrated comment of the year award goes to...
think somebody arrived here first
>>45849286
some guy posted the password further up I think.
>>45841200
I am getting a false TLS certificate when I go to that site.
>>45849352
yeah but it doesn't seem to do anything. i got on just fine with no bad effects.
>>45849361
>implying the nsa isn't hacking your connection right now.
>>45843479
Just downloads some random file.
>>45849361
>defeating the point of TLS
>>45849381
It wouldn't be protecting anything anyway.
Everybody gets access to the same thing.
>>45849390
Someone could be trying to log what you do or inject code into the page.
>>45849410
>log what you do
They would see what website you're visiting even if encrypted, the content isn't specific to anybody.
>inject code
If they've got access to your network, you have a bigger problem.
This website doesn't really need TLS, just like when you're reading a wikipedia article...
>>45849444
>They would see what website you're visiting even if encrypted, the content isn't specific to anybody.
But they could see what you did on the website.
>If they've got access to your network, you have a bigger problem.
Like?
>This website doesn't really need TLS, just like when you're reading a wikipedia article...
They can see what you are reading about.
They can modify the information to misinform you.
They can still inject code.
>>45849515
TLS would only protect you from injected code if the attacker was on your network or somehow was the NSA.
>modify information to misinform you
seriously, do you really think "they" would be doing this to "you", there's no way "they" would be modifying the info for everybody...
Sure TLS should be used even when not really necessary, but in this case there's no real threat if you visit the site.
>>45845191
Just put a goddamn password on your VNC server and change the port to a non-default one.
>>45849560
>implying they are not the NSA
>implying that they are not on your network
>>45849577
Then why even bother.
They already broke TLS, haven't they?
>>45846916
Dear fuck, I've seen this error happen all the time with Windows on a QEMU VM. It happens when the system is paging so fucking hard the hypervisor freezes entirely and fails to deliver a CPU cycle in time. On a Linux guest this ain't no problem because Linux takes these missed cycles like a fucking boss and keeps on truckin' like nothing happened. Windows, to the contrary, fucking falls into pieces.
>>45849868
paging? what if i give the vm hueg ram like 4gb?
>>45850042
Linux will try not to page core allocated to a VM. But If something else bloats on your physical OS, like Firefox with a shitload of Jewtube tabs open, that will get paged. And if your physical OS pages too much, the hypervisor will miss a cycle.
>>45849283
kek
Thanks for ruining this for me, faggot. Now how am I supposed to use my stolen credit cards?
>>45850166
donate you nigger
>>45843958
>tightvnc
>exposed to the internet without protection
no your password that allows billions of retries is not protection
>yesterday
>connect to some server
>see that somebody is already defacing index.php in vi
>start talking to each other
>"Where are you?"
>fbi.jpg
>"I'm at the arcade"
>wut
Was talking to a guy that was at CCC, too bad I couldn't meet him, seemed like a cool guy tbh
who's the moralfag leaving notes to the admin?
>>45850586
I'm at CCC too, that's neat.
119.253.8.39:5906
>>45851789
Top.
Fucking.
Lel.
>>45851789
136.243.11.30:5910
>>45851812
I just found an>install gentoo
>install gentoo
>install gentoo
>install gentoo
>install gentoo
...
screen
>>45851818
nuke it
>>45851818
https://srsly.de/hardlink/187.22.93.253-5901-vnc
n-n-n-noice
>>45851869
https://srsly.de/hardlink/91.192.36.144-5900-vnc
what am I even supposed to do once I'm able to control a machine?
>>45851907
Open http://yyyyyyy.info/ at full screen.
>>45851818
this is a bot. more specifically a view bot that cylces pages to pick up page views. or its a bot used for click fraud or something.
>>45851936
there are more of them https://srsly.de/hardlink/136.243.22.80-5904-vnc
So if I destroy it, will the russian cyber mafia kill me?
>>45851999
>999
>>45851999
>will the russian cyber mafia kill me?
Nah
What's a good VNC client?
>inb4 teamviewer
>>45852064
TightVNC
>>45841200
>>45851921
done, now what?
Who the fuck uses VNC?
>>45852175
just rm -rf their whole thing
>>45852206
This.
I have none installed, just...what the fuck?
>>45852320
guess I need the root password for that...
>>45852395
injection, check the shell version
>>45852395
can you change hostfiles so everything will be directed to meatspin or lemonparty?
>>45852395
> dem google searches
>>45849040
>>45849040
>Fucking white knights.
How old are you, 12?
I mean seriously, do you know about kindness and it's benefits?
>>45852395
sudo su
i dont think they even set it
Can anyone get onto this one? 117.200.12.149:5900
>>45852419
can't
>>45852511
they already have
>>45852416
sorry, I'm not good at this
maybe someone else would like to try?
114.214.169.102:5900
ATM get.
https://srsly.de/hardlink/216.50.143.3-5900-vnc
216.50.143.3:5900
>>45852648
That can't be real. Must be an emulator for stage development or something.
I was kinda hoping to see someone watching someone else watching him etc via the same website.
>>45852320
>>45852395
Don't rm -rf / it.
Leave it so more people can mess around.
>>45852621
>sorry, I'm not good at this
http://en.wikipedia.org/wiki/Shellshock_%28software_bug%29
I dont know if pic related still works, been ages
I found an android device what do?
211.72.250.22:5900
>>45852621
did you type it right
https://srsly.de/hardlink/95.240.77.211-5900-vnc
HAHAHA
>Who ordered the fucking everything?
130.65.150.177:5906
www.sjsu.edu
>>45852821
holyshit, order a hundred of pussyfoot!!!
>>45852821
order 10,000 red bulls and a pussy foot
do they have alcohol?
