I've been WARNED? I only post here!

New Member Joined: Mar 21, 2006 Posts: 3

This happened in a site that I posted to. I do not host a php site.

I posted some general comments on the sites' topics and moved on.

Received an email apparently from the owner of the original forum where I posted.

It announced " http://www.g00ns.net owns you " and that is all.

It had the name of the site owner in the email header, so I went to see if the site had been hacked or something. Maybe he sent it, maybe his id was forged, who knows?

I saw the nuke sentinel thing in the site telling me I have been warned:

of what? Something I did? or something the site is doing? Is that something that is warning people that the site in question is somehow abusing NUKE programs? Or that it has been hacked? then why doesn't this warning explain more to the innocent poster-by? Is the site I posted in, a victim or a villain?

Because a further look at the g00ns site turned up this piece of cybertrash:

g00ns is a invite only commmunity. We are not a clan of any kind. Our goal is to ruin your fun online. Why do we do this you ask? Because its fun, because we can, because we want to, because we f***ing hate you. Thats right, most people reading this are f***ing morons, and your number increase steadily. In simple terms we gain pleasure from your misfortune. Your anger and frustration fuel our fun. The angrier you get the more fun we have. We hope this page will explain our intentions a little better. If not then f*** off. P.S. Notice the word above "invite" only. We do not recruit so don't come here telling us all about your leet coding skills as no one here gives a f***. Send that s**t to Bill Gates.. maybe he will care.

It was on this page:
http://www.g00ns.net/?g00n=about

Some people do use the internet to communicate important news and ideas. These free forum boards are key to more actual news dissemination than the old media cares to admit. And there is no monopoly by any ideology on the use of free forums. The generosity of open source developers is appreciated by all.

But apparently abused by some. Apparently the spam sent to people posting in a site that seems to be unconnected to this g00ns stuff is their "invitation". I did not register to post anything there, so they better not count me in their tally.

I hope those who know more about these Nuke programs and their licensed use can deal with idiots like these "g00ns" appear to be.

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Just ignore them.

registered · Posted: Wed Mar 22, 2006 8:48 am

Aye ignore them - they are known script kiddie group.

Posted: Wed Mar 22, 2006 11:52 am

Yes, I can see they are not worth the energy they stir up on first encounter.

But I am still curious: did I post to a "front" site that they run? Or was the site a victim of their foolishness?

If it is a "front", then I think the respectable sites that are allowing its' banner as a bona-fide political discussion board need to be advised that they might want to remove the link, and I would send them a note.

I know from experience that most people will not give a victimized domain owner the information they need to protect their domain. I had a business once that a spammer attached to a rotten ad program so that he could hijack my print publicity to a link selling his products in place of mine, and the people who complained about the rotten ad program would not send me any headers or screen prints or urls that would enable me to protect my investment. I was slandered, libeled and bankrupted because of these kind of socalled "script kiddie" shananigans.

"script kiddies" are punks who belong in jail.

Posted: Wed Mar 22, 2006 6:48 pm

Their site was probably hacked.. they use a lot of known phpBB vulnerabilities. I don't see them setting up their own forums just to do this

Posted: Wed Mar 22, 2006 7:00 pm

well, I really have no time for it anyway. I did start to host php at one point but gave it up as something not worth doing if you don't have time to do it right.

there are not enough hours in the day.

Posted: Sun Mar 26, 2006 1:13 pm

this is true..not enough hours in the day...lol

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

Of course, whether or not you need a PHP site depends on what you need, but it doesn't take very long to setup a RavenNuke site - which include security and a really simple installation routine.

Regular Joined: Jan 10, 2006 Posts: 93

Is there a way to fight back against these clowns?

I could think of three strategies:

1. Police involvement - don't know how effective this would be, does the fbi handle this sort of thing? Would send a nice message that we don't mess around
2. Hack them back - probably would fuel their attacks, but would be great fun and would feel rewarding
3. Find out who they are and beat the sh*t out of them/ruin their prospects for jobs/whatever in the future via the internet.

On point 3, I think I actually found the personal site of a dirtbag in a group that hacked me last. For a couple of minutes I thought how funny it would be to fly out to his town, knock on his door, and pull a Jay and Silent Bob Strike Back on him (ask if he recognized the hacking of my site then administer a beatdown). It would be especially funny to video tape it, do some clever editing, and put a sticker on the kid at the end that said something about being owned. Of course, this would probably end up with the beater getting suied and/or arrested. Video evidence is never good either if it comes to court.

Posted: Fri Mar 31, 2006 3:00 pm

Quote:

On point 3, I think I actually found the personal site of a dirtbag in a group that hacked me last. For a couple of minutes I thought how funny it would be to fly out to his town, knock on his door, and pull a Jay and Silent Bob Strike Back on him (ask if he recognized the hacking of my site then administer a beatdown). It would be especially funny to video tape it, do some clever editing, and put a sticker on the kid at the end that said something about being owned.

I love the way you think. *LOL*

Posted: Fri Mar 31, 2006 3:37 pm

1) Police involvement would be hard, esp if these guys are not in the US. You could probably report them anyway.. but I don't know if you'd get anywhere

2) Hacking back is just pointless escalation

3) Err sure.. if you find them, let us know and we'll help you HAHA

What you could do is the report to whoever hosts their site
http://www.whois.sc/g00ns.net

Looks like a company in the US. Send to their abuse team and get them to stop hosting on that account. Granted, they'll probably just move somewhere foreign. But at least it will stop US companys from helping them

Involved Joined: Apr 05, 2006 Posts: 263

i did that (report them) when they hit mine months ago obviously nothing happend , but i think its a server from there home , thats all the info i could get about them 2 ages to find that , which is why its still up probably.

but please let me know if ya find any of there houses i dont care about cameras lol

go U

Posted: Sat Jun 24, 2006 12:27 pm

owned

http://www.g00ns.net/

registered · Posted: Sat Jun 24, 2006 1:58 pm

DarK_Gamers wrote:

owned

http://www.g00ns.net/

So, DarK_Gamers, what are you trying to tell us?

Posted: Sat Jun 24, 2006 2:23 pm

montego wrote:

DarK_Gamers wrote:

owned

http://www.g00ns.net/

So, DarK_Gamers, what are you trying to tell us?

that thyr site is offline Wink

Posted: Sat Jun 24, 2006 2:40 pm

Careful what you say, you sounded like one of them! Wink

Posted: Sat Jun 24, 2006 2:48 pm

jakec wrote:

Careful what you say, you sounded like one of them! Wink

wrong

i hate them. this list must stop
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,g00ns/

sorry if i sounded like one of them.

Posted: Sat Jun 24, 2006 4:30 pm

I agree, but the "script kiddies" will never stop... especially when school is out. Wink

Sorry DarK_Gamers, just wasn't quite sure if you were claiming responsibility... I had my finger on the Smack

Posted: Sat Jun 24, 2006 4:45 pm

Don't get too excited Dark_Gamers, their site does go down from time to time, sometimes for a couple of days.
I think it is because they are hosting their own site on their own box.

Posted: Sat Jun 24, 2006 8:27 pm

Guardian2003 wrote:

Don't get too excited Dark_Gamers, their site does go down from time to time, sometimes for a couple of days.
I think it is because they are hosting their own site on their own box.

trust me wen i say this time they will have a hard time to figer out how to come back online.

just play whith they own tools and u have some resultz.

also,they so busy hacking otheres that they dont fix they own holes...oh...they dont use Sentinel Laughing

Posted: Sat Jun 24, 2006 10:00 pm

No you are right, they dont use Sentinel because they don't use nuke. If I remember correctly they use vBulletin for their forum.
Ah, yes they are using vBulletin according to their footer and the server is back up.

Posted: Sun Jun 25, 2006 4:49 am

well what would you know they tried hacking our site again, and i got this code for you to look at, ya might not want this on your site so i will PM you with it Raven

Posted: Sun Jun 25, 2006 6:27 am

To specifically address the zone-h.org stuff, just add a few lines to your .htaccess that redirect any links from that site to yours right back to the linking site. That'll cause confusion, delay the zone-h verification process, and waste their time...

Posted: Sun Jun 25, 2006 8:41 am

Good idea kguske!!
bugsTHoR - can you send me a copy please also.

Posted: Sun Jun 25, 2006 10:35 am

I found this on the web (wish I could remember to whom I should give credit).

Here what I added to the .htaccess file (if you already have RewriteEngine on, you don't need to add that line again):

Code:

RewriteEngine on





SetEnvIfNoCase Referer "^http://([a-z0-9\-]+\.)?zone-h\.org.*$" banned





# Nice trick.. => 301-Redirect to themself...


RewriteCond %{ENV:banned} ^1$


RewriteCond %{HTTP_REFERER} ^(.*)$


RewriteRule ^(.*)$ %1 [R=301,L]

Of course, you can add as many referers to the banned list by copying the SetENvIfNoCase line. You can renamed the banned environment to something else if you already use banned for some other purpose.