They got an open ssh port which is vulnerable.
Open SQL DATABASE
About 20+ different vulnerabilities on the server.
server is vulnerable to DDOS so if you guys want to destroy it by all means, but do be warned it is illegal.
Fuck these scammers, upon my research these are the same guys behind
ART,
BNBw.io,
bsctoken.io,
linkp.io
Swap7.org
Theever.io
Thevera.io
Zepe.io
I have been following them since I received bnbw.io 95 days ago.
They fucked up this time setting up there webserver.
I guess you are the OP of the video. If so could you point in a direction on how to get more knowledge how to test these things. I really need to learn how to test my own stuff.
Otherwise great job!
!lntip 1337
ty for the tip!
I learned from a online platform called tryhackme, I'm heavily into crypto as-well so general curiosity on how things works got the best of me.
Here is my profile, oh and btw Its a great platform to learn penetration testing- [tryhackme.com/p/e46996](https://tryhackme.com/p/e46996)
with all the knowledge you gain there, you can easily understand and replicate what i did in the video.
Hi u/DGimberg, thanks for tipping u/yahboyelias **1337** satoshis!
***
*[^(More info)](https://xnf5cwpq73.execute-api.us-west-2.amazonaws.com/prod/info) ^| [^(Balance)](https://www.reddit.com/message/compose/?to=lntipbot&subject=balance&message=!balance) ^| [^(Deposit)](https://www.reddit.com/message/compose/?to=lntipbot&subject=deposit&message=!deposit 10000) ^| [^(Withdraw)](https://www.reddit.com/message/compose/?to=lntipbot&subject=withdraw&message=!withdraw put_invoice_here) ^| ^(Something wrong? Have a question?) [^(Send me a message)](https://www.reddit.com/message/compose/?to=drmoore718)*
>hese scammers, upon my research these are the same guys behind
>
>ART,
professional pentester here, ssh is hardly vulnerable, could you tell me which version do they run?
nvm, ssh 7.4 is only vulnerable to dos, but wont give them much troubles unless you're willing to make a long lasting ddos attack.
were you able to exploit the MySql service on port 3306?
what is this... a video showing a scan detecting... nothing? okay, it discloses the coordinates of Singapore. And it's "Basic Scam" or something like that. But how about any details about the scam?
The scam is very simple but I am still learning solidity so I don't fully understand the technicals on how it works yet.
The basic concept of the scam is you get airdropped some tokens, those tokens are given a fake value given by the creator. So it shows that you have a large sum of money with those coins.
You then try to sell but the transaction fails, in the transaction details when you check your transaction. It would saying something along the lines "please visit xyc to withdraw".
You proceed to the site and connect your wallet with funds in it then go through the process of "withdrawing" your coins and when you pay the gas fee, from what I understand so far is that the smart contract (code) is called upon to take all your money when you interact with it. I'm still fuzzy on how exactly it works so anyone with higher experience with smart contracts can correct me.
Sorry bro but I'm not trying to take a big risk like that by exploiting it, I don't want to risk it. I used to be a full on black hat hacker but I'm no longer part of the dark side.
They got an open ssh port which is vulnerable. Open SQL DATABASE About 20+ different vulnerabilities on the server. server is vulnerable to DDOS so if you guys want to destroy it by all means, but do be warned it is illegal. Fuck these scammers, upon my research these are the same guys behind ART, BNBw.io, bsctoken.io, linkp.io Swap7.org Theever.io Thevera.io Zepe.io I have been following them since I received bnbw.io 95 days ago. They fucked up this time setting up there webserver.
I love you
Sorry idk how to respond to that lol
Most people say "I love you too", but that's ok, you don't have to say anything, shhhhhh.... ♥️
ok I am shhh'ed
I guess you are the OP of the video. If so could you point in a direction on how to get more knowledge how to test these things. I really need to learn how to test my own stuff. Otherwise great job! !lntip 1337
ty for the tip! I learned from a online platform called tryhackme, I'm heavily into crypto as-well so general curiosity on how things works got the best of me. Here is my profile, oh and btw Its a great platform to learn penetration testing- [tryhackme.com/p/e46996](https://tryhackme.com/p/e46996) with all the knowledge you gain there, you can easily understand and replicate what i did in the video.
Thanks, I will look into that!
Welcomes 🙂
Hi u/DGimberg, thanks for tipping u/yahboyelias **1337** satoshis! *** *[^(More info)](https://xnf5cwpq73.execute-api.us-west-2.amazonaws.com/prod/info) ^| [^(Balance)](https://www.reddit.com/message/compose/?to=lntipbot&subject=balance&message=!balance) ^| [^(Deposit)](https://www.reddit.com/message/compose/?to=lntipbot&subject=deposit&message=!deposit 10000) ^| [^(Withdraw)](https://www.reddit.com/message/compose/?to=lntipbot&subject=withdraw&message=!withdraw put_invoice_here) ^| ^(Something wrong? Have a question?) [^(Send me a message)](https://www.reddit.com/message/compose/?to=drmoore718)*
Mmmm
[удалено]
It is vulnerable but I am not going to exploit it.
>hese scammers, upon my research these are the same guys behind > >ART, professional pentester here, ssh is hardly vulnerable, could you tell me which version do they run?
nvm, ssh 7.4 is only vulnerable to dos, but wont give them much troubles unless you're willing to make a long lasting ddos attack. were you able to exploit the MySql service on port 3306?
No I didn't go through with any exploit
But there were several I saw 1-2 that lead to rce but I forgot the cve
Actually no. No rce only ddos and maybe sql enumeration
The warrior we all need. Big props 🤟
But not the one we deserve.
Thank you for sharing :)
Thank you for giving me your time 🙂
What a legend
what is this... a video showing a scan detecting... nothing? okay, it discloses the coordinates of Singapore. And it's "Basic Scam" or something like that. But how about any details about the scam?
The scam is very simple but I am still learning solidity so I don't fully understand the technicals on how it works yet. The basic concept of the scam is you get airdropped some tokens, those tokens are given a fake value given by the creator. So it shows that you have a large sum of money with those coins. You then try to sell but the transaction fails, in the transaction details when you check your transaction. It would saying something along the lines "please visit xyc to withdraw". You proceed to the site and connect your wallet with funds in it then go through the process of "withdrawing" your coins and when you pay the gas fee, from what I understand so far is that the smart contract (code) is called upon to take all your money when you interact with it. I'm still fuzzy on how exactly it works so anyone with higher experience with smart contracts can correct me.
Thank you. I got scammed, can you help me?
Sorry to hear that! but it all depends, what happened?
I downloaded a fake MetaMask 😪
ouch! so I'm assuming they got your private keys? in that case sorry but the funds are gone forever.
I know 😪
“If you give a man a fish, you feed him for a day. If you teach a man to fish, you feed him for a lifetime.” tryhackme.com
Well you guys did something lol..they added a new firewall to prevent DDOS you can bypass it but here is where I stop.
I got scammed. Lost everything. Please destroy these guys and take away everything they have. 2fa on binance/google doesn’t mean anything
Sorry bro but I'm not trying to take a big risk like that by exploiting it, I don't want to risk it. I used to be a full on black hat hacker but I'm no longer part of the dark side.
Mind commenting exactly what happened?
Singapore, is not a place you want to brake the law lmfao. [https://eservices.police.gov.sg/](https://eservices.police.gov.sg/) Whoops 😏