backtracesecurity.com - AnonymousDown

This log has been merged for ease up up/download. It has highlights and annotations added 

by me. All annotations are in red text. 

--- Log opened Tue Feb 08 21:03:44 2011 

21:03 -!- Laurelai [Laurelai@HA-32m.bhl.uq5i3t.IP] has joined #hq 

21:03 -!- Irssi: #hq: Total of 8 nicks [4 ops, 0 halfops, 0 voices, 4 normal] 

21:03 -!- mode/#hq [+o Laurelai] by HQBot 

21:03 -!- Irssi: Join to #hq was synced in 1 secs 

21:08 hii 

21:15 ahai 

21:16 welcome to where the shitstorm began 

21:16 :) 

21:16 i think it actually was here that hbgary was probed and "oops" was 

detecetd 

21:16 with SUCH AN AWESOME CREW HERE 

21:17 Hi. 

21:18 This is where the magnets happen. I mean magic. I mean steroids. 

21:20 mmm magnets 

21:22 Sabu is away for a week, by the way. I'm sure you guys have already read 

that, though. 

21:22 yah have no real update unfortunately 

21:22 Laurelai: we cant really tie them to wikileaks for sure? 

21:22 I'll give him a call tomorrow morning anyway just to say everything is still 

going according to plan. 

21:22 Topiary: yup please do 

21:23 marduk: ? 

21:23 tie who 

21:23 oh 

21:23 i already have 

21:23 well, think that was the article to come? 

21:23 i just wanted more dirt 

21:23 but we got enough 

21:24 to smear the shit out of them 

21:24 heh. dirt.. isnt good 

21:24 facts is better 

21:24 but who am i 

21:24 to tell you :) 

21:24 you know what i mean 

21:24 :p 

21:24 yah (= 

21:24 Laurelai: I like the smutty portrait of malice you've created with your use of 

dirt, smear, and shit. 

21:24 well, we know for a fact alk companies cooperated 

21:25 upto boeing 

21:25 Topiary: yeah well there is definitely some malace 

21:25 we have NDA and Teaming agreements for all 

21:25 Gentlemen, let us fuck these people so far into orbit that they'll transmute 

into a gravitational dip and exude Hawking radiation. 

backtracesecurity.com

21:26 lol 

21:26 palenitir 

21:26 Excuse my current loquaciousness, I'm pretty fucking drunk. 

21:26 i would REALLY REALLY like to know more 

21:26 they rae one straneg company 

21:26 actually 

21:26 i am sure it'S a govt coverup 

21:26 for very weird shit 

21:27 well to me it looks like 

21:27 

21:27 the government uses these types of companies 

21:27 to do their dirty work 

21:27 yup 

21:27 but of course we dont have proof 

21:27 Laurelai: i saw their mission statement 

21:27 just alot of stuff suggesting it 

21:28 it was something about brains and computers, execut8ive marketing 

nonsense 

21:28 really scary 

21:28 Do you think the mysterious 500K contract in the first quarter of 2011 (from 

HBGaryFederal) was government related? 

21:29 well, i dont think we are unmasking a big conspiracy 

21:29 it could be 

21:29 its rather uncoordinated 

21:29 Just a sidenote on that fact: it's confirmed that Aaron Barr has a quickbook 

intuit account that would probably contain a lot of valuable documents. We don't know his 

username, but I'm damn sure of the password. 

21:29 and just sad 

21:29 i think 

21:29 that this sort of stuff 

21:29 is like an open secret in these circles 

21:29 FUCKING ISIOTS GENERATING MONEY 

21:29 grrr 

21:29 * marduk is mad 

21:29 and they are just scrabling for contracts and cash 

21:30 yeah 

21:30 full true 

21:30 the thing is 

21:30 i KNEW this before 

21:30 but being here, seing irt live unfold, seeing the leaks... 

21:30 UNGH 

21:30 makes me much moar mad than simply knowing about it 

21:31 We need to go derper... 

21:31 YES. 

21:31 WE NEED TO ACT. 

21:31 somehow 

21:31 i dunno. 

21:31 There must be an opening for us to dig into this more. 

21:31 Let's not forget that everything we have now came from a simple SQLi and 


the incompetence of men. 

21:31 we fucking monitored hbgary email comminucation for 2 days live 

21:32 and saw the crap they were writing 

21:32 can i make a suggestion 

21:32 (except for Mark, HE IS WIN) 

21:32 next company you get into 

21:32 just quietly steall all their data 

21:32 and dont rm -rf 

21:32 and that was just fucking scary to see 

21:33 like 

21:33 it was a cool op 

21:33 yeah 

21:33 haha 

21:33 ppl got so mad 

21:33 lolo 

21:33 but you could have stolen data for years 

21:34 tainted his source code 

21:34 and got access to his clients 

21:34 backdoored his backups 

21:35 A valid point, but he was actively trying to research Anonymous and bring 

people down. We weren't going to wait for him to keep trying until he actually gets something. 

21:35 We were quite patient in that we waited specifically for a sufficient stash of 

emails before we went public. 

21:37 Laurelai: it's good 

21:38 they still underestimate us 

21:38 heh 

21:38 next h4x 

21:38 ???? 

21:38 :) 

21:38 i mean 

21:38 it was #optunisia like 

21:38 this op was assembled in like 1 hour 

21:38 and then we waited hours to get emails leeched 

21:38 and we DID NOT make alarm until greg's spool was done 

21:39 some success :) 

21:39 but yah 

21:39 next time 

21:39 Confirmed. I think we all had a bit of a nap while the emails leeched out. 

21:39 look for source code 

21:39 and somain registrar data login 

21:40 just fucking own them hardcore :p 

21:40 In fact I think four of us slept at the same time for that exact reason, all the 

more reason to be known as the Raging Homogays. 

21:40 Oh - Aaron's twitter just hit 600 followers. 

21:41 :) 

21:41 HE IS FAMOUS 

21:42 Still, it would appear Twitter has frozen his account. Couldn't log in from 

API either. Topiary admits having the AB Twitter at 21:42 

21:42 That works in our favour. His Twitter still has all our tweets. 


21:42 Including his SSN. 

21:42 is ssn useful 

21:42 Not particularly, it's just not really a good thing to have floating around. 

21:43 Pretty sure the twatter admins had their coolfaces on when deciding 

whether to reset, suspense or freeze the account. 

21:43 lol 

21:44 Hundreds of news articles directly link to his twitter, I'll bet you 50 Internets 

that the twitter admins decided to maintain its hacked tweet entirety simple to gain more 

members, not that they need 'em. 

21:44 Im not a twatterer 

21:45 I am a bit. It's quite beneficial if you follow a select few news sources, so 

you can wake up and be up-to-date with what you want right away. 

21:45 Especially if you talk to press in other timezones who've been up all 

day/night and have questions ready for your sleepy ass. 

21:45 hm 

21:45 mine didnt get suspended yet 

21:46 but i think 

21:46 @AnonymousIRC? 

21:46 i am on "no suspend list" 

21:46 yup 

21:46 I'm really surprised about that... remember in Payback they just kept 

getting sniped out? 

21:46 Do you tweet about hives/DDoSing directly? 

21:47 nope 

21:47 never 

21:47 also didnt tweet any direct links to hbgary 

21:47 i am carefu 

21:47 i do not violate ToS 

21:47 Not to talk about the trollfaggot j35t3r in depth, but Aaron was following 

him, apparently he might've been affiliated, and usually Jester is all "HURRRRRR ANON ARE 

BEING DUUUUMB" hours after we do something big. 

21:47 This time I see nothing from him or his little henchmen bloggers. 

21:47 i hint on it 

21:48 make fun 

21:48 and even RT links 

21:48 but never tweet a direct ToS myself 

21:48 * marduk fkn knows his shit on social networks, and i am very drunk 

21:49 mr barr... needsa a whisky 

21:49 You should give me the password to AnonymousIRC so I can tweet about 

how small Aaron's penis is. 

21:50 marduk I told u uwere drunk 

21:51 An Anon Skype party should be in order. 

21:51 Nessuno834: that information is correct 

21:52 Topiary: lol i'd never do that 

21:52 you lack like .. 45 points in diplomacy skill 

21:52 marduk: I'll tell on you! 

21:53 read #ophbgary 

21:53 anthrophobic cant open pdf 

21:54 fixt 


21:55 forgive someone for not being a fucking mother's 

basement geek and not know EVERYTHING 

21:55 to open pdf 

21:56 meh 

21:56 PDF is clearly formats on steroids. 

21:56 why you bother here with that? 

22:09 yeah, go back to #ophbgary and scroll up to this 

morning. 

22:09 I asked like 20 times. 

22:09 and all these kick bans wont do anything 

22:09 and if you think FBI is what you guys should be 

worried about.. 

22:09 haha 

22:09 i idle so much cause i collect information to write 

22:09 but thats ok. 

22:09 oh and for the people you copy/paste this to HI! 

22:09 lol 

22:09 its fucking mirc, your little zlines and kickbans don't 

do shit, ban evade FTW 

22:09 oh and you think you know what ever one can and 

can not do cause they "act" dumb or say something in a channel. 

22:09 have fun keeping your networks online through the 

night dumb fuck 

22:09 lulz 

22:11 wtf lol 

22:11 he can hax 

22:11 but never heard of pdf 

22:12 Ima go bed 

22:12 goodnight all 

22:13 Goodnight good sir 

22:13 >its fucking mirc 

22:14 Oh sweet lord, best be trolling. 

22:14 Oh boy, he might win butthurt troll of the day award. Some fag was in our 

piretepad on HBGary dox earlier threatening to take down whywefight. Pretty sure WWF is 

owned by exiledsurfer 

22:14 He's taking the crown for the 9th. 

22:15 Or 8th if you want timezone. 

22:15 this is the guy who wanted access to #loic 

22:15 and used to be auto opped in every channel 

22:47 http://hbgary.com/ 

22:50 heh 

22:55 >falsified data 

22:55 tflow: drop those emails so hard it crushes their lives 

22:55 -!- Netsplit triangle.operationfreedom.ru private.operationfreedom.ru quits: marduk, 

@Nessuno834, Avunit, @tflow, @kayla, @Topiary, HQBot 


22:56 wut 

22:58 -!- Netsplit over, joins: ~Avunit, @Topiary, @Nessuno834, @tflow, &marduk, &HQBot, 

@kayla 


23:01 -!- kayla [mysql2@fbi.gov] has quit [Quit: Lost terminal] 

23:23 04:22 right, what I'm saying is: if you want me to dig out a few 

fat juicy worms before you public release the whole thing, I could do that. 

23:23 mmm dunno 

23:23 dunnonliek 

23:23 that sentence 

23:24 but probably i am paranoid etc 

--- Day changed Wed Feb 09 2011 

04:17 Report in guis. 

04:18 Avunit: here 

04:18 lol 

04:18 xD 

04:18 sup? 

04:18 working the article 

04:19 i heard yes 

04:19 BoA was behind HBgary attacking WL 

04:19 im still digging through emails 

04:19 boa hates me qq 

04:19 to find anything else 

04:20 when do you want to publish it? 

04:21 tonight or tomorrow 

04:21 thetechherald is working with me on it 

04:21 steve? 

04:21 yeah 

04:22 awesome 

04:22 3 companies 

04:22 worked together on this 

04:22 3 government contractor IT security companies 

04:22 barico, palantir and hbgary right? 

04:22 yes 

04:23 to me it implies that the federal gov is involved behind the scenes 

04:23 barico sells security software yes, palantir analyzing software for financial 

and gov platforms and hbgary is a 'security' company with a federal branch. thats all i know :p 

05:39 !triangle.operationfreedom.ru *** HQBot invited kayla into the channel 

05:39 -!- kayla [mysql2@fbi.gov] has joined #hq 

05:39 -!- mode/#hq [+o kayla] by HQBot 

05:39 oh my fav thing on irc 

05:40 hey guys :D 

05:40 i just wanted to sleeep 

05:40 kayla: 

05:40 *dances* :3 

05:40 ? :D 

05:40 got some few minutes to scan over somethihng? 

05:40 yeh sure 

05:41 www.djezzygsm.com - algerian cellphone provider, need db 

05:41 www.mobilis.dz - algerian cellphone provider, state owned, need db 

05:41 www.nedjma.dz - algerian cellphone provider, want db 

05:41 they allowv registration 

05:41 via web 


05:41 ok i'll take a look in a bit

09:26 :3 

09:26 tis always time to fuck greg but with the mails we kinda fuck him eith a 

turbocharged fucking machine 

09:26 with* 

09:27 Can I have the distinct pleasure of letting #hbgary know that the time for 

fucking is near 

09:27 we dont have access to the mails yet though 

09:27 but i dont mind 

09:28 ah yes 

09:28 wait for the mails 

09:28 meanwhile im still eyeing berico and palantir too. 

09:28 nigg is only allowing 1 dl from his box for them and tflow has the online view 

access so it makes sense tflow gets them 

09:28 yarr 

09:29 as soon as i've done this stuff im helping someone with im going full retard 

on palantir and berico servers 

09:29 need to get a ether pad up we can use 

09:29 i cant run etherpad on a vps 

09:29 java keeps screaming about ram even when it has enough 

09:30 prob openvz issues 

09:31 kayla you got any box around i can use for the general stuff on 

berico/palantir when im @ home? 

09:31 I love you guys 

09:32 okay omw home now 

09:32 brb 

09:36 like a hacked server? 

09:36 i'll give you a root if you want? 

09:48 Topiary 

09:48 :D 

09:48 who is handling media? 

09:50 Got it covered with Housh and Barrett 

09:50 we's rollin' 

09:50 url wants someone to tlak to a journo i think 

09:50 i'll tell him to pm you :3 

09:56 there i am again 

09:56 did i miss anything sexy 

09:56 ? 

10:23 you missed me bb

12:14 how we gonna get a pad ups? 

12:21 on the phone with Sabu now, anything anyone wants said? 

12:23 hbgary.com says 

12:23 HBGary, Inc and HBGary Federal, a separate but related company, have 

been the victims of an intentional criminal cyberattack. We are taking this crime seriously and 

are working with federal, state, and local law enforcement authorities and redirecting internal 

resources to investigate and respond appropriately. To the extent that any client information 

may have been affected by this event, we will 

12:23 provide the affected clients with complete and accurate information as soon 

as it becomes available. 

12:23 Meanwhile, please be aware that any information currently in the public 

domain is not reliable because the perpetrators of this offense, or people working closely with 

them, have intentionally falsified certain data. HBGary, Inc and HBGary Federal are 

committed to a comprehensive, accurate, and swift response to this crime. 

12:23 Technical Support for all HBGary products and services is still available via 

email at support@hbgary.com 

12:24 okay he basically sends much love, and kayla he's gonna be on after 

evening time EST tomorrow and wants you to be around 

12:24 because he wants to take part in the full retard attack 

12:24 i send much love too :-) 

12:24 well onto barico and palantir now 

12:24 and much love from avunit too 

12:30 http://www.thetechherald.com/article.php/201106/6798/Data-intelligencefirms-proposed-a-systematic-attack-against-WikiLeaks?page=1 

12:30 juiceh 

12:31 :D tell him i said hi :3 

12:31 and yes i will b here :D 

12:31 i allways will \:3/ i

13:37 call him out live on TV about attacking wikileaks :3 

13:39 Oh I will 

13:40 :3 

13:41 how do you know he is doing cnn? 

13:41 Anonymous has entered its golden age again 

13:41 tflow did you get gregs emails :3 

13:41 yup 

13:42 nice, you going to add them to the online viewer? 

13:42 yup 

13:42 \:D/ yay 

13:42 http://pastehtml.com/view/1d5wg3k.html 

13:42 what do you think of this press release? 

13:42 to accompany it 

13:43 (topiary made it) 

13:43 can't edit right now, talking to Swedish reporter about Op Tunisia/Egypt, 

but will after 

13:43 oh i got someth9ing nice you can add to tht

14:00 yeh do tht :D 

14:00 "And for my beloved kayla I'd like to request: Rick Astley - Never Gonna 

Give You Up" 

14:00 xD 

14:00 kayla is 30 years old and a man 

14:00 "Oh and hi mum and dad" 

14:01 topiary: so we 

14:01 are all gay 

14:01 * Avunit humps topiary 

14:01 ;_; 

14:01 kayla: http:// 

www. 

vocaroo. 

com/ 

[vocaroo is a popular place for uploading 

crank calls] 

14:01 show us your deep 30 year old man voice 

14:01 XD 

14:02 lol xD 

14:08 y so h8 ;_; 

15:09 how long untill we release teh ema1ls 0f d00m 

15:13 the second joepie91 finishes his stuff I asssume 

15:13 we're also going to get anonleaks.ru/.ch or something 

15:13 to host it 

15:13 to take the piss 

15:13 and no, it's not gonna be a whistleblowing site - torrents are best for 

whisteblowing :) 

15:13 also I'm going to start saying, with future press, that I'm an 

observer/associate of Anon that agrees with Anonymous actions, rather than say I'm Anon 

15:13 kind of like Barrett/Housh 

15:13 to avoid being raped by Feds 

15:14 aw 

15:14 why 

15:14 but they you can't use memes.. 

15:14 I can use memes, it's just a small terminology change 

15:15 it's big 

15:15 all I have to do is stop saying "we" and start saying "they" when referring 

to Anon 

15:15 it will decrease the lulz in interviews 

15:15 hm, valid point 

15:15 Topiary you won't get v& as long as you're not as stupid as Coldblodd 

15:15 blood* 

15:15 yeh, we just need to get the emails out as fast as possible because 

someone made a good point tht the longer we have them the more it looks like we could have 

falsified them 

15:15 did you include the stuff about mime sigs in the press release also? 

15:15 coldblood got v& because he had his name everywhere 

15:16 and his name can be traced to him irc 

backtracesecurity.com 

15:16 irl* 

15:16 other channel ---> 

15:16 Actually Coldblood got v& because his parents ratted him out 

15:16 kayla: no, hoping someone could just quickly add it 

15:16 coldblood deservd v& if you ask me

15:16 his media whoreing made me feel sick 

15:16 I just finished writing something for press so can add it now 

15:16 just a sec 

15:16 im not good with wordings i can hardly spell D: 

15:16 cna someone add pls :3 

15:17 i am not gud with wordings of the englosh language 

15:18 sure just a moment 

15:19 LOL 

15:19 his parents? 

15:19 LOL 

15:19 LOL 

15:19 LOL 

15:19 LOL 

15:19 LOL 

15:19 yeah I shit you not, his parents found out he was Coldblood and ratted him 

out [More evidence Topiary is familiar with Brit anons] 

15:19 I wish I was shitting you but it's true 

15:20 LOL 

15:20 his own parents? 

15:20 they must realy h8 him 

15:20 xD 

15:21 my dad would never do tht, he knows i pwn i sometimes show him the lulz i 

cause :D 


15:21 page updated 

15:22 i shown him the hbgary stuff too xD 

15:22 paragraph below the email quote 

15:29 hi 

15:32 * kayla cuddles laurelai :3 

15:32 so much

16:39 srsly? 

16:39 fuck this shits deep 

16:40 Fallen right off the diving board and drowned, that's how deep it goes 

16:40 http://www.thetechherald.com/article.php/201106/6798/Data-intelligencefirms-proposed-a-systematic-attack-against-WikiLeaks 

16:40 http://emptywheel.firedoglake.com/2011/02/09/security-firms-pitching-bankof-america-proposed-targeting-glenn-greenwald/ 

16:40 oh it's bad 

16:41 HERP DERP LETS HACK TEH WIKILEAKS AND IF ANYONE HACKS US 

TELL THEM THEY ARE CRIMINALS AND SEND THE FBI TO V& THE LOLZ 

16:42 hbgary are so so epic fail 

16:42 its like they try to fail 

16:42 tflow: is it going to be applicable to say "anonleaks rep" when talking to 

press about this shit? 

16:43 i think the media will get confused and think anonleaks is seperate to 

anonops or payback 

16:43 i dunno 

16:44 the media ALLWAYS seem to get anything anon wrong 

16:44 whatever you say they will get it wrong 

16:44 kayla: it's annoying when speaking to press to blab to them for 20 minutes 

about how they can't say rep of Anon, how they can't say this or that 

16:44 or Anon gets mad 

16:46 Topiary: maybe 

16:46 but anonleaks will not be a whistleblowing site 

16:46 it will be a site to format existing leaks 

16:46 okay, just a place to host our leaks 

16:46 people need to use tpb for whistleblowing 

16:50 is marduk around? 

17:09 derp_trees 

17:09 ETA on greg mail dump ;3? 

17:09 -!- Netsplit triangle.operationfreedom.ru trust.operationfreedom.ru quits: @marduk, 

@Nessuno834, @Avunit, @kayla, @tflow, @Topiary, @HQBot 

17:18 -!- Netsplit over, joins: ~Avunit, @Topiary, @Nessuno834, @tflow, &marduk, @kayla, 

&HQBot 

17:31 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @tflow 

17:33 -!- Netsplit over, joins: @tflow 

17:56 tflow here? 

18:02 yes 

18:02 web version is finished programming 

18:02 nice :D 

18:02 now all that's left is to run the web version conversion script 'n create torrent 

18:02 i think the internet is hungry for the mails :D 

18:02 and wait for http://anonleaks.ru to propagate 

18:02 which should be soon i think 


18:06 !triangle.operationfreedom.ru *** HQBot invited kayla into the channel 



18:06 :3 stop dossing me!!1 


18:06 jkjk

19:26 gnite all 

19:26 sweet dreams :) 

19:40 Sleep well, good sir. 

19:40 Agh, my headset is being weird... must buy new one. 

19:45 tflow :3 how long? 

19:45 the suspense is killing me xD 

19:46 kayla: re busyboxes 

19:47 claire discovered they stay up just move IP's on the same block [Claire is 

Raymond Madeiros, a US-based transgender programmer who helps run Crowdleaks] 

19:47 so you just need to rescan regularly 

19:47 kayla, .htmls are being generated now 

19:55 Laurelai :D yeh im guessing because most are dynamic IP's 

19:55 tflow: sweet can't wait to see it

22:25 so let's not take him as a complete joke 

22:25 yep he mad 

22:25 mhh what about you? 

22:26 I think I'm pretty safe, I actually honeypot google searches on me to fake 

dox, I add to it every 3 to 4 months 

22:26 but I know of at least two people on this network that know my real first 

name 

22:26 if i wasnt so nice 

22:26 i would make them lead to someone else :p 

22:27 here's what I was thinking: Greg is using other Anons as targets to get us, 

he'll ask dumb innocent shit like "so what are these guys' roles, links to anything they've 

done?" - I'm going to start telling certain groups of Anons in private that my first name is 

Derrick 

22:27 tell others that my first name is John 

22:27 others Jack 

22:27 if word leaks that Greg thinks I'm Philip 

22:27 I know exactly who blabbed 

22:27 and who to fuck up 

22:28 good idea 

22:28 that's a good idea to begin with in large social groups, you lie about tiny 

facts to certain people and make that tiny fact remain constant, so if the full story ever gets 

out, you know who from 

22:28 common stuff 

22:29 basically I ain't even mad, but the reason people like us haven't been 

caught yet is by being safe, 

22:29 and gonna take this seriously just to be more safe than safe 

22:29 lol 

22:29 http://wikileaks.ch/IMG/pdf/WikiLeaks_Response_v6.pdf 

22:29 just saw that 

22:29 pretty rad 

22:30 my philosophy on it is that if you can dox someone, they deserve to be 

doxed 

22:31 and yes.. sure.. ut so far i never told anyone any first name of me 

22:31 not that anyone asked me either, i would find that a VERY STRANGE 

question 

22:32 but then 

22:32 I once dox'd someone from half a nickname in like four clicks: googled half 

in quotes half out, found a music profile of his, googled the most obscure musician in quotes 

along with the two halves of his name and "facebook", found his facebook page that had liked 

the musician and his full name 

22:32 that is why you take internets as srs bsns 

22:32 all you say, nothing is surptiseing at all 

22:32 OFC he wants to dox us haha 

22:32 he is mad as hell, i lub it 

22:32 i guess that is what aaron tried with Q and failed horribly 

22:32 he so mad 

22:32 has gregs shit been dumped yet? 

22:33 nope, still working on that it seems 

22:34 marduk: wanna have some fun? we could fake dox, make 'em think we're 


from batshit places and we have batshit identities 

22:34 he has spies right nao probably storing everything both of us say 

22:34 well, we cant just reveal our identities tho :p 

22:34 nah, drop subtle hints, a very delicate plan 

22:35 one thing we still have to do is say "Operation Galfromtronam" or 

something, wait for spais to Google whatever the fuck "Galfro--" is, have it link to a "leaked" 

pastebin of a "secret" operation where we both discuss something about... I dunno, Russian 

missiles 

22:36 hm i dunno, i still am not fully awake.. also it would not by typical of me 

22:36 i dont thik any spai would believe it.. however, if someone else drops sth.. 

22:36 nah, not like that, just even drop a slight mannerism that suggests you're 

from a certain country 

22:36 I don't know if you read all 23 pages of Aaron's report 

22:36 but he was guessing people nationalities based on their words 

22:37 he had "possibly UK" when someone said "footy" 

22:38 fuck, if I weren't so nice I'd let those corporate bastards pay me to dox 

harder than they ever could 

22:38 but Anon is leegun

01:29 would you want to talk to him? 

01:29 possibly use a new handle 

01:44 so 

01:44 idea 

01:44 regarding the anon intel group thing 

01:45 we need artwork 

01:45 our own terrifying symbol of leetness 

01:45 like an insignia or crest 

01:45 for psyops reasons 

01:45 http://www.psywarrior.com/DeathCardsAce.html 

01:45 examples 

01:50 yeah, i already looked for a logofag 

01:50 dindt fine one so far 

--- Log closed Thu Feb 10 02:11:16 2011 

--- Log opened Thu Feb 10 03:38:45 2011 





03:45 added you to axx list 

03:49 thx :) 

03:50 we need more kaylas 

03:50 :s 

03:52 idd hah 

06:09 hai sexoes 

06:09 sexies even 

06:10 heya Avunit 

06:10 how are ya? 

06:10 good good 

06:10 seen the latest news about the WL connection? 

06:10 dont think so 

06:10 http://www.thetechherald.com/article.php/201106/6798/Data-intelligencefirms-proposed-a-systematic-attack-against-WikiLeaks 

06:11 :-) 

06:11 HBGary LEaks yield first interesting results :) 

06:11 oh yesh that one was posted yesterday right? 

06:11 yea, i think Laurelai found that actually in the emails? 

06:11 well when im @ home imma do my first perl project :3 

06:12 oh didnt see the update \o/ 

06:13 and if perl isnt a bitch we'll have a dns bot for anonleaks today 

06:13 dns bot? 

06:13 yarr 

06:13 whats that doin? 

06:13 to update the nameservers on the fly through irc commands 

06:13 ahh 

06:13 heh nice 

06:14 like !dns add lulz. A ip.goes.here 

06:14 should create an A record for lulz.anonleaks.ru. pointing to ip.goes.here 

06:15 should have !dns add, update and del 


06:16 yup, nice 

06:18 so thats on my todo list for todat 

06:18 today* 

06:19 ill do some ress work 

06:20 okay brb again for a big 

06:20 bit* 

06:49 guys 

06:49 found a new greg mail 

06:49 From: Greg Hoglund 

06:49 Hey all, 

06:49 I have gunwalegames.com registered and have full google apps 

purchased. 

06:49 This is my game related email address. 

06:49 -Greg 

06:57 there i am again 

06:58 wb 

06:58 gunwalegames.com is not aunched 

06:58 ty 

06:58 i wonder if it ever will 

07:09 hello 

07:09 ohai laurelai 

07:11 :D 

07:12 how are ya? 

07:12 i got some ideas to kick around whenever you guys have time 

07:12 feel free tok ick around ideas every moment :P 

07:12 i am perling my ass of tho 

07:12 well i wanted to discuss tactics 

07:13 * Avunit nods. 

07:13 while rm -rfing a idiots server is damn funny 

07:13 theres more long term lukz to be had by leeching information and 

backdooring the shit out of everything 

07:13 lulz* 

07:14 !twisted.operationfreedom.ru *** HQBot invited kayla into the channel 



07:14 :3 *hugs* 

07:14 good morning kayla 

07:14 * Avunit hugs kayla. 

07:14 just the girl i needed :3 

07:14 good morning laurelai :D 

07:14 [13:13:08] while rm -rfing a idiots server is damn funny 

07:14 [13:13:38] theres more long term lukz to be had by leeching 

information and backdooring the shit out of everything 

07:14 [13:13:42] lulz* 

07:14 to update kayla 

07:15 kayla: take a look at http://dosarrest.com/ 

07:15 i have it on good authority that they are the ones helping the FBI v& 

anons 

07:16 i think its worth it to take a look and see what we can find on them 


07:16 weather it be hacking in or gathering intel 

07:17 -!- kayla [mysql2@fbi.gov] has quit [NickServ (GHOST command used by mysql2)] 

07:17 :/ 




07:17 D: 

07:18 gg 

07:18 07:15 kayla: take a look at http://dosarrest.com/ 

07:18 07:15 i have it on good authority that they are the ones 

helping the FBI v& anons 

07:18 07:16 i think its worth it to take a look and see what we can 

find on them 

07:18 07:16 weather it be hacking in or gathering intel 

07:18 recap 

07:18 incase you missed it 

07:18 i've heard of tht place before :o 

07:18 can't remember where..... 

07:19 mpaa 

07:19 hired them 

07:19 at one point 

07:19 ewwwww html pages D: 

07:20 http://www.dosarrest.com/administrator/ it's runing joomla 

07:21 

07:22 Sitemap: http://www.dosarrest.com/sitemap.xml 

07:22 User-agent: * 

07:22 Disallow: /administrator/ 

07:22 Disallow: /cache/ 

07:22 Disallow: /components/ 

07:22 Disallow: /includes/ 

07:22 Disallow: /installation/ 

07:22 Disallow: /language/ 

07:22 Disallow: /libraries/ 

07:22 Disallow: /media/ 

07:22 Disallow: /modules/ 

07:22 Disallow: /plugins/ 

07:22 Disallow: /templates/ 

07:22 Disallow: /tmp/ 

07:22 Disallow: /xmlrpc/ 

07:22 Disallow: /azr94v2hh2lgbbkk/ 

07:22 from robots.txt 

07:22 lol 

07:23 whats in azr94v2hh2lgbbkk 

07:23 JError XML-RPC Server not enabled. 

07:23 shame :p 

07:23 /azr94v2hh2lgbbkk/ 404 

07:24 joomla 1.5 is vuln i believe 

07:24 http://www.dosarrest.com/tmp/ interesting :3 


07:25 com_rsform 

07:25 anyone know if thre's bugs in com_rsform ??? 

07:27 ohai kayla 

07:27 

/home/fwwd/public_html/administrator/components/com_joomlapack/backup/sitefwwd.dosarrest.com-20101015-054924.zip 

07:27 also i notices https://hbgary.com is redirecting now 

07:27 ohgod is tht a sit backup :op 

07:27 http://www.dosarrest.com/tmp/jpaae1yf 

07:28 Forbidden 

07:28 You don't have permission to access 

/administrator/components/com_joomlapack/backup/site-fwwd.dosarrest.com-20101015- 

054924.zip on this server. 

07:28 bah D: 

07:28 Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.5 with Suhosin-Patch 

mod_ssl/2.2.11 OpenSSL/0.9.8g Server at dosarrest.com Port 80 

07:32 kayla: http://www.exploit-db.com/exploits/11262/ 

07:34 "Greg is an accomplished author, world recognized leader in rootkit 

technology and was recently named one of "10 hackers to know" in Network Security 

magazine. " 

07:34 lulz 

07:38 -!- Topiary [Piedent@do.the.impossible] has quit [Ping timeout: 121 seconds] 

07:46 -!- mode/#hq [+I DNSBot!*@*] by Avunit 

07:46 oh kayla and 

07:47 11:50 found a new greg mail 

07:47 11:50 From: Greg Hoglund 

07:47 though i dont think he used it for anything 

07:47 project thasnt started it seeems.. and unlikely now that it will 

07:48 did gregs mails get released :o? 

07:49 not yet.. joe needs to fix sth 

07:49 D: 

07:49 he will once he'S back, shouldnt be long 

07:50 http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/index_d_d_28.html 

07:50 dont spread yet 

07:50 so far we only have ssron's spool there 

07:51 aaron'S even 

07:56 Kayla 

07:57 * Avunit pokes kayla. 

07:59 or tflow 

07:59 :o? 

07:59 you know perl? 

08:00 need ya to take al ook at the base of le bot 

08:00 because my perl is sucky 

08:00 whats wrong with it? 

08:00 currently its bragging about msising a bracket, even though theyre all in, 

might have a syntax error for perl in 

08:00 and im not sure if my file editing will work this way ;.; 

08:01 hmm im no perl guru ..... FUUU tackle lagging like hell 

08:01 i can take a look tho 


08:02 goddamnit why isnt securepastebin working 

08:03 http://securepastebin.com/go/retrievePost.action?id=6288 

08:03 pass: perlbot 

08:04 ewwww POE::Component::IRC; 

08:04 i h8 perl modules 

08:04 * Avunit goes for easyness ^.^ 

08:05 i hate perl all together 

08:05 IO::SOCKET * 

08:05 but the module is purrty easy 

08:05 yeh dont have that either 

08:05 lulz feel free to edit it kayla :p 

08:06 first bit of perl i evah did 

08:08 still need the update, delete and list commands in too D: 

08:08 irc_disconnected => sub { exit 1; }, #This exits when it gets disconnected. 

08:08 }, 

08:08 ); 

08:08 might be those lines 

08:09 Missing right curly or square bracket at ./perlbot.pl line 72, at end of line 

08:09 syntax error at ./perlbot.pl line 72, at EOF 

08:09 Execution of ./perlbot.pl aborted due to compilation errors. 

08:10 CPANing... 

08:11 still getting that 

08:12 * Avunit stabs perl. 

08:13 brb 

08:13 didnt config cpan 

08:13 will take a while :p 

08:13 lulz 

08:13 thats done quite quickly actually 

08:14 doing some wild testing 

08:14 dunno whym, i skipped that actually hmm 

08:16 and can p0ke has the url to our email reader?5~ 

08:17 iunno 

08:18 fuck, something is broen in my perl *sigh* 

08:21 omg why am i fixing perl now 

08:21 D: 

08:21 DIE perl DIE 

08:22 becus we want awesum bot 

08:22 maybe i should do python 

08:22 but lulz 

08:22 im too lazy 

08:23 mhh lulz, there is some dependency conflict 

08:23 grrr, looks like broken triumph lol 

08:23 HEIHACHI SEND ME LINUX VIRRi!!!! 

08:24 blegh 

08:24 ill fix perl on triumph 

08:24 bitch 

08:24 reinstalling, should work here soon 

08:25 fixing triumph 

08:25 bitch 


08:26 and preferably dont delete perl on triumph 

08:26 since inspircd needs it to start :p 

08:27 why would i delete that? 

08:27 and how could i, i am not root :p 

08:27 nevah know what some people achieve :p 

08:28 lol 

08:28 can someone op me in ophbgary pls :3 

08:28 blegh tirumph is being slower than fuck 

08:29 youre not aopped? 

08:29 [14:29:10] -ChanServ- kayla added to #ophbgary AOP list. 

08:29 who the fork() keep rm'ing me a0p ;____; 

08:29 no 

08:29 your added 

08:29 I just added her 

08:29 ah k 

08:29 triumph is benig slow 

08:29 getting some tea meanwhile 

08:33 uhm Can't locate POE/Component/IRC.pm in @INC 

08:33 how is that installed? 

08:34 cpan 

08:34 yes how? 

08:34 install POE::Component::IRC 

08:34 ahhh right, doh 

08:34 i used / me dtupid 

08:34 thx 

08:34 np :) 

08:35 08:29 who the fork() keep rm'ing me a0p ;____; 

08:35 saved 

08:35 rofl 

08:39 use cpan POE 

08:39 and cpan POE::Component::IRC 

08:41 hmm 

08:41 yeah i got it 

08:41 and i dont see the missing bracket on first glance either 

08:41 imma sleep a bit 


08:41 gnite laurelai 

08:41 nini 

08:45 -!- DNSBot [DNSBot@HA-29q.22n.iger54.IP] has joined #hq 

08:45 :p 

08:45 D: 

08:45 whatd you do 

08:45 -!- DNSBot [DNSBot@HA-29q.22n.iger54.IP] has quit [Connection closed] 

08:45 fixt ya shit 

08:45 gief 

08:45 sub Bot { 

08:46 has no closing 

08:46 ah 

08:46 add one 


08:46 and it runs 

08:46 % in vim ftw 

08:46 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has joined #hq 

08:46 !dns add garysucks A 127.0.0.1 

08:47 The 'privmsg' event requires two arguments 

08:47 imma fix my own shit now 

08:47 :P 

08:47 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Connection closed] 

08:47 hehe 


08:51 !dns add garysucks A 127.0.0.1 

08:51 fucking lies 

08:51 it does add just a prob with theprivmsg event 


08:52 never used irc module so dunno 

08:54 !twisted.operationfreedom.ru *** HQBot invited Topiary into the channel 

08:54 -!- Topiary [colossal@do.the.impossible] has joined #hq 

08:54 -!- mode/#hq [+o Topiary] by HQBot 

08:55 goddamnit triangle is slow 

08:56 What's the latest, fine sirs? 

08:56 gjkldgjklkldagjkldgklajga 

08:56 * Avunit starts shouting at triangle. 

08:57 goddamnit 

08:57 -!- Netsplit private.operationfreedom.ru triumph.operationfreedom.ru quits: marduk 

08:57 and triangle died too 

08:57 awesome. 

08:58 -!- Netsplit over, joins: &marduk 


09:01 !dns add lulztest A 127.0.0.1 

09:01 i borked it nao 



09:02 !dns add plswork A pls.work.pls 


09:03 sotp being such a slow server bitch 


09:05 !dns add testpls A test.pls.pls 



09:06 !dns add moartest A moartest.test 



09:08 !dns add dljgaklgdajgl A jklagadjkldgla 

09:08 < DNSBot> The following DNS configuration was added: 

09:08 < DNSBot> dljgaklgdajgl A jklagadjkldgla 

09:09 oh well thats positive 

09:09 \ø/ 




09:10 !dns add lulzarehad A luzl 


09:10 < DNSBot> lulzarehad A luzl 

09:10 perfect 


09:11 now update, delete and list 

09:11 marduk, if you have a bit of time, code one of those functions :p 

09:12 i cant code for shit :p 

09:12 awh fu 

09:12 tho probably not hard, if i look at add 

09:13 add is easy 

09:13 delete would do the same but then just for the line with the subdomain in it 

09:13 update would need to split the line in tokens and update only the ip part 

09:13 list would need to read the whole file and parse 

09:13 atleast 

09:13 well only the subdomain part of the file 

09:23 anyone who cares for a stuxnet message-id: 

 


09:27 !dns add test A 127.0.0.1 


09:27 < DNSBot> test A 127.0.0.1 

09:27 !dns del test 


09:27 well that didnt work 

09:28 btw correction Topiary 

09:28 penny did not say she owns 15% of hbgf, she said hbg owns 15% and that 

is correct 

09:28 confirmed by internal mails 

09:33 !aop add entropy 

09:33 !invite entropy 

09:33 !twisted.operationfreedom.ru *** HQBot invited entropy into the channel 

09:33 -HQBot:#hq- entropy was invited to the channel. 

09:34 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has joined #hq 

09:34 -!- mode/#hq [+o entropy] by HQBot 

09:35 besides all that I should make a @ or & check in too i suppose, but ive no 

fridging idea how that is handled 

09:35 if bot is only here it doesnt matter i guess 

09:36 better safe than sorry :p 

09:37 ok you want me to add del update and list 

09:37 del cuts the a record and restarts bind 

09:37 whats update do ? 

09:37 basically del then add? 

09:37 and list just lists a records? 

09:37 Basically itd be like !dns update hbgary 127.0.0.1 

09:37 and itd change the hbgary A 91.xxx.xxx.xxx 

09:38 to hbgary A 127.0.0.1 

09:38 yep 

09:38 can be done by tokens i suppose 


09:38 or delte the whole line 

09:38 and rewrite it 

09:38 but not everything has to be A though 

09:38 yea if you have an del and add already can just call that 

09:38 the syntax for add is !dns add subdomain type ipaddress 

09:38 you want to add like cnames and all? 

09:38 nah but can be hadny for mx 

09:39 ok 

09:39 let me eat breakfast and drink some coffee and ill do it 

09:39 thanks 

09:39 np 

09:39 ill learn some more about perl and probably add some other neat functions 

in later too, yknow syntax checking n stuff 

09:43 i have to change add too 

09:43 2011020901 ; serial 

09:43 anytime you have a change 

09:43 ou have to increment that 

09:43 any change at all 

09:43 ah 

09:43 well i jsut did the basic 

09:43 as you can see it doesnt even restart bind9 yet 

09:44 whos the bot goign to run ass 

09:44 as 

09:44 DNSBot 

09:44 its defined in tehs cript 

09:44 oh you mean 

09:44 as user? 

09:44 yea 

09:44 iunno probably under avunit or a seperate user 

09:45 just gotta give chown of the file there :P 

09:50 http://www.tacktech.com/display.cfm?ttid=323 

09:50 prob easier todo something like that 

09:50 then you dont have to +s anythign to restart 

09:50 ok coffee brb 

09:56 ill just let you code something now 

09:56 and ill screw it afterwards 

09:56 :p 

10:05 Topiary: called sabu yet? 

10:06 I called him yesterday. 

10:06 Did he say he missed me? :( 

10:06 told him about the wikileaks connection? 

10:06 He was actually driving at the time so had to park, it was pretty lulzy. And 

yeah, he's actually gonna be on here around evening time EST. 

10:06 marduk: Yes. 

10:07 kk :) 

10:25 lalalala 

10:25 :3 

10:25 hai kayla 

10:26 howrubeisdoing? 


10:27 imgoodlolthankshowareyou? 

10:28 irbeingdoingquitefineakshuallysolikegotanyzhingtotell? 

10:30 

nahnotreallyjustnoneinterestingshiticancounttopotatoeifthatcountsasanythinginterestinghowab 

outyouanythingnewwithyouyoudliketoshare? 

10:32 

idontreallygoingsomethingiwanttoshareapartfromthatisimplylovehqbotimreallyinlovewithhimhe 

sreallylikemyeternallovebutfurthermorenotreallyimeanimaprettyboringguyyknowsoyeahthatsno 

tmuchisuppose 

10:32 On a scale of 1 to 10, how many letters is a bucket of caterpillars? 

10:32 Depends on if you count to potatoe or not. 

10:33 kayla: https://hbgary.webex.com/mw0306l/mywebex/forgotpwd.do? 

siteurl=hbgary 

10:33 eh not quite right url 

10:34 did we look at webex? 

10:42 err 

10:42 nah? 

10:42 atleast not that i know of 

10:43 ted and aaron have webex accounts with their hbgary.com email 

addresses 

10:53 It requires username/pass not email/pass 

10:54 Avunit: what do you want list to do? 

10:54 do we still have tht backdoor account to their google apps account? 

10:54 list everything starting at NS entry 

10:55 kayla: sabu would know... Topiary ask him today? 

10:55 in the channel? 

10:55 He's coming on here this afternoon. 

10:55 oh? 

10:55 cool 

10:55 * marduk is happy :) 

10:57 Indeed, he'll be here around evening time EST, he approves of going full 

retard on Palantir/Berico. 

10:57 palantir shut their db down 

10:58 in fear of us :p 

10:58 Can we go public with that fact? 

10:58 what a bunch of 'security' companies they are 

10:58 i told steve ... 

10:58 but the problem is, we have no confirmation 

10:58 someonetold me who uses palantir login for some training program 

10:59 Avunit: im going to write it in your hom and put you in bind group to you 

can run it as yourself and update bind without root 

10:59 with rndc keys 

11:00 k

servers we could use something like undelete to recover the info from their HD's 

11:10 lulz 

11:11 thatd be quite funny 

11:11 yeh i doubt they thought to shred 

11:11 using forensic software to get their datas back xD 

11:12 i don't rm -rf log files, i shred them 

11:12 kinda pointless when they can do a restore and get the logs back 

11:13 but not if you /dev/zero them :3 

11:13 soem dd lulz 

11:17 kayla: 

11:17 do you have some time 

11:17 DrPizza is the guy from ars technica who wrote the article 

11:17 hi 

11:18 ahh 

11:18 there he is :) 

11:18 told you i'd be here at 4 :) 

11:18 yeah :) 

11:18 k, plz msg DrPizza then 

11:21 what about lol :D 

11:21 huh? 

11:22 http://phiral.net/~noyx/perlbot.pl.txt 

11:22 ill put it in your home 

11:22 my pl is getto so i repeat code 

11:22 havent used pl in years 

11:40 nais entropy 

11:41 ;) 

11:41 im switching between 3 langs between work and here 


11:42 its boggling the mind 

11:42 you own phiral? 

11:42 !dns list 

11:42 tis ture ;) 

11:42 true 

11:42 or is et just !list 

11:42 !list 

11:42 $Temp[0] is command 

11:42 $Temp[1] is subdomain 

11:42 $Temp[2] is type 

11:42 $Temp[3] is ip 

11:42 is what i had 

11:42 yarr 


11:43 is not working tho 

11:43 list empty? 

11:43 Narr 

11:43 ok hold on 

11:43 running as you right 

11:43 !end 

11:43 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Quit: Quit] 


11:43 yup 

11:48 so... what am i /msg drpizza for :s? 

11:48 no heh sorry 

11:48 tflow is covering 

11:48 join #reporter if interested 

11:49 he is giving a walkthru for the hax 

11:49 :o 

11:51 Sabu wanted full disclosure :) 

11:53 tflow wht do you mean? 

11:54 of the hack 

11:59 Goddamnit this Guardian bitch is requesting access to "secret" inner-circle 

channels so she can tell everyone about how hard Anon works and to have first-hand 

experience at our inner workings 

11:59 I say we fake a secret channel and discuss in BATSHIT CODE 

11:59 and then invite her 

11:59 lol 

11:59 where is she? 

12:00 topiary: max agree just fur the lulz 

12:00 she's talking to me on Skype, she's doing one insanely indepth story for 

Guardian 

12:00 this story will probably be their largest 

12:00 we need to troll her hard 

12:00 Topiary: lol what? 

12:00 we use UNION+NEVAH+GONNA+GIVE+YOU+UP 

12:01 fuck niggahs, do you wanna make one on anonops called #over9000 or 

something? 

12:01 then we invite her and just, I don't know 

12:01 we just go to town in hackers on steroids talk 

12:02 mhh not sure but i could utter some cryptic stuff 

12:02 bitch: create it 

12:02 well we could just be aloof 

12:02 need some moar ppl there tho 

12:02 #over9000 is made 

12:02 just act distant and a little ominous so she gets intimidated 

12:02 or even lurk 

12:03 ye wont say much 

12:03 you lead this show 

12:03 Topiary: so she's not actually believing that anonymous isn't secretive? 

12:03 if so, epic troll the guardian and teach them a lesson 

12:03 epic troll time 

12:03 speak like cryptic, only to eachother and be blunt to her 

12:03 god yeah 

12:03 lets roll 

12:03 she wants to delve into the secret underbelly, we'll give her a trolling 

hellstorm 

12:03 turn on your coolfaces 

12:04 lol 

12:24 17:24 -!- mode/#over9000 [+f [60t]:90] by Topiary 

12:24 lol 


12:24 that'll scare her good 

12:25 she has people from Guardian watching us with her 

12:25 xD 

12:25 shell be like 

12:25 "the fuck is that?" 

12:26 tflow: check my pm! 

12:30 and walk the dinosaur. 

12:31 my guess is that she actually has tech guys with her right now 

12:31 probably 

12:31 so we need to make hints at 1337 H4X0R terms so they confirm it 

12:33 ill bring a Don in soon 

12:33 we only refer to him as D tho 



12:54 kill and restart it 

12:55 !end 




12:56 !list 

12:56 fucking shit 

12:56 its not doing anything with the command at all 

12:56 i know 

12:56 its poppy cock 

12:56 !dns add test A 127.0.0.1 

12:56 not working eithah 

12:56 @Temp isnt getting populated 

12:57 well ive no idea why since the @Temp part didnt change 

12:57 but then again 

12:57 my perl sucks 

12:58 !dns del test A 127.0.0.1 

12:58 !end 


13:00 so it might be that my approach failed anyway 

13:17 ok try now 

13:17 i cp to your home 

13:17 !dns add|update|del test A 127.0.0.1 


13:18 has to be called like that 

13:18 and update and del can take up to an hour if it gets cached 

13:18 not the change in ours but if it gets propagated 

13:18 actually ill change update iterval to like 10 min 

13:19 LOL 

13:19 you 

13:19 changed 

13:19 servers 

13:19 didnt you>? 

13:19 lol 

13:20 and its joins #poppycock 


13:20 might want to change those back ;) 




13:20 lol 

13:20 :) 

13:20 1 at ./perlbot.pl line 165. 

13:20 Permission denied 

13:20 lulz 

13:20 the f 

13:21 type groups 

13:21 your in bind right? 

13:21 nope 

13:21 D: 

13:21 avunit root admin 

13:21 logout and back in 

13:22 noyx@ru:~$ cat /etc/group | grep bind 

13:22 bind:x:106:noyx,avunit 

13:22 logging in again 



13:22 < DNSBot> Current DNS Config: 

13:22 < DNSBot> localhost A 127.0.0.1 

13:22 < DNSBot> www A 92.241.162.216 

13:22 < DNSBot> hbgary A 92.241.162.216 

13:22 < DNSBot> ns1 A 92.241.184.78 

13:22 < DNSBot> ns2 A 92.241.184.80 

13:22 < DNSBot> phiral A 10.8.0.1 

13:22 < DNSBot> $ORIGIN . 

13:22 < DNSBot> $TTL 3600 ; 1 hour 

13:22 < DNSBot> anonleaks.ru IN SOA ns1.anonleaks.ru. admin.anonleaks.ru. ( 

13:23 < DNSBot> 2011020906 ; serial 

13:23 < DNSBot> 7200 ; refresh (2 hours) 

13:23 < DNSBot> 3600 ; retry (1 hour) 

13:23 < DNSBot> 604800 ; expire (1 week) 

13:23 < DNSBot> 3600 ; minimum (1 hour) 

13:23 < DNSBot> ) 

13:23 < DNSBot> NS ns1.anonleaks.ru. 


13:23 < DNSBot> A 92.241.162.216 

13:23 < DNSBot> $ORIGIN anonleaks.ru. 


13:23 < DNSBot> www A 92.241.162.216 


13:23 < DNSBot> ns1 A 92.241.184.78 

13:23 hold on 

13:23 < DNSBot> ns2 A 92.241.184.80 

13:23 sound slike 

13:23 i was backing up the main conf file 


13:23 and it read both 

13:23 its copying stuff 

13:23 i was 

13:23 before we start testing hold on 

13:23 k 

13:25 list now 




13:25 < DNSBot> www A 92.241.162.216 


13:25 < DNSBot> ns1 A 92.241.184.78 

13:25 < DNSBot> ns2 A 92.241.184.80 

13:25 should i parese and format that? 

13:25 im just reading the lines and output 

13:25 well IRC just doesnt support tabs :/ 

13:25 yea pita 

13:27 try add 

13:28 !dns add test A 127.0.0.1 


13:28 < DNSBot> test A 127.0.0.1 




13:28 < DNSBot> www A 92.241.162.216 


13:28 < DNSBot> ns1 A 92.241.184.78 

13:28 < DNSBot> ns2 A 92.241.184.80 

13:28 < DNSBot> test A 127.0.0.1 

13:28 !dns del test A 127.0.0.1 

13:28 < DNSBot> The following DNS configuration was deleted: 

13:28 < DNSBot> test A 127.0.0.1 




13:28 < DNSBot> www A 92.241.162.216 


13:28 < DNSBot> ns1 A 92.241.184.78 

13:28 < DNSBot> ns2 A 92.241.184.80 

13:28 < DNSBot> test A 127.0.0.1 

13:28 somethigns wrong with del 

13:28 < DNSBot> $ORIGIN . 

13:28 adds fine 

13:28 < DNSBot> $TTL 3600 ; 1 hour 

13:28 < DNSBot> anonleaks.ru IN SOA ns1.anonleaks.ru. admin.anonleaks.ru. ( 

13:28 omfg 

13:28 < DNSBot> 2011020908 ; serial 

13:28 < DNSBot> 7200 ; refresh (2 hours) 

13:28 < DNSBot> 3600 ; retry (1 hour) 


13:28 i fucking hate perl 

13:28 < DNSBot> 604800 ; expire (1 week) 

13:28 < DNSBot> 3600 ; minimum (1 hour) 

13:28 < DNSBot> ) 



13:29 < DNSBot> A 92.241.162.216 

13:29 < DNSBot> $ORIGIN anonleaks.ru. 


13:29 < DNSBot> www A 92.241.162.216 


13:29 < DNSBot> ns1 A 92.241.184.78 

13:29 < DNSBot> ns2 A 92.241.184.80 

13:29 no test there tho 

13:29 :P 

13:29 its concat the file 

13:32 D: 

13:33 perl is so awesome 

13:33 especially when someone is fixing your 

13:33 newb perl coding 

13:33 ... 

13:34 i could have written this in asm faster 

13:34 can you kill it 


13:35 lets go for .NET next time and emulate it into ubuntu 

13:35 lol 

13:36 not a good plan? :3 

13:41 nothign like prog in a lang you dont know to make you feel like a fuckign 

retard 

13:44 ok its finally right 

13:45 the f 


13:48 et is work? 

13:48 yes 





13:48 < DNSBot> www A 92.241.162.216 


13:48 if it has any bugs left im lighting the svr on fire its on 

13:48 < DNSBot> ns1 A 92.241.184.78 

13:48 < DNSBot> ns2 A 92.241.184.80 

13:48 !dns add test A 127.0.0.1 


13:48 < DNSBot> test A 127.0.0.1 





13:49 < DNSBot> www A 92.241.162.216 


13:49 < DNSBot> ns1 A 92.241.184.78 

13:49 < DNSBot> ns2 A 92.241.184.80 

13:49 < DNSBot> test A 127.0.0.1 

13:49 !dns del test A 127.0.0.1 

13:49 < DNSBot> The following DNS configuration was deleted: 

13:49 < DNSBot> test A 127.0.0.1 




13:49 < DNSBot> www A 92.241.162.216 


13:49 < DNSBot> ns1 A 92.241.184.78 

13:49 < DNSBot> ns2 A 92.241.184.80 

13:49 thats kind of positive :O 

13:49 yea 

13:49 only took me 400 tries 

13:50 and the flush and restart of bind is working 

13:50 you can see on your term 

13:50 okay sec starting it up in the background 



13:51 !voice DNSBot 

13:51 -!- mode/#hq [+v DNSBot] by HQBot 

13:52 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Changing host] 

13:52 -!- DNSBot [DNSBot@DNS.Bot] has joined #hq 

13:52 -!- ServerMode/#hq [+v DNSBot] by twisted.operationfreedom.ru 

13:53 tflow 

13:56 * Avunit cheers at entropy meanwhile for his efforts. 

13:56 i would say n but id be lying 

13:56 np 

13:57 ;) 


13:57 Current DNS Config: 

13:57 localhost A 127.0.0.1 

13:57 www A 92.241.162.216 

13:57 hbgary A 92.241.162.216 

13:57 ns1 A 92.241.184.78 

13:57 ns2 A 92.241.184.80 

13:57 hehe 

13:57 i didnt put any permissions checks in it 

13:58 iknow but itll do for now 

13:58 how about the dns record for anonleaks.ru? 

13:58 anonleaks.ru is the origin 

13:59 and i put the record in as an implied origin 

13:59 so its like 

13:59 A 92.241.162.216 

13:59 $ORIGIN anonleaks.ru. 


13:59 oh ok 

13:59 where the blank name before that A is implied 

13:59 i can make it editable 

13:59 gj 

13:59 i thought this was only for subs 

13:59 no, its good 

13:59 k 

14:00 im proud of my own botbase 

14:00 :3 

14:00 i should consider switching to perl jsut for the lulz 

14:00 pl is a lulz killer 

14:01 its like php python and some regex engine mixed together 

14:02 i can cope witht he php and python part 

14:03 twas mainly the component::irc module that interested me 

14:04 !axx list 

14:04 yea it did do alot of that 

14:04 Avunit: yeah fail! 

14:05 !access del nessuno834 

14:05 !axx list 

14:05 oh 

14:05 worx no 

14:05 !aop del nessuno834 

14:05 -!- mode/#hq [-o Nessuno834] by HQBot 

14:05 didnt before 

14:06 oh wait 

14:06 nessuno lulz 

14:06 im crazy 

14:06 yeah why did you remove him? 

14:06 just was about to ask 

14:06 sorry lack of sleep 

14:06 i was like 

14:06 the fuck is nessuno? 

14:06 xD 

14:06 and mr[a] wants in, hmm 

14:06 what you think 

14:06 !aop add nessuno834 

14:06 -!- mode/#hq [+o Nessuno834] by HQBot 

14:07 well no offense to him but... we dont need him here 

14:07 ohai 

14:07 lulz sorry nessuno xD 

14:07 :( 

14:07 yea 

14:07 think so too 

14:08 also i dont trust his security perimeter 

14:08 * Nessuno834 leaves :( 

14:08 well he is kind of... inexperienced when it comes to.. well just PCs in 

general :p 

14:09 tis not because he has bad things in mind but like well 

14:09 u talkin bout me? 


14:09 no :p 

14:09 i was just 

14:09 forgetting who you were 

14:09 due to 

14:09 lack of sleep 

14:09 :p 

14:09 meh 

14:09 lol 

14:09

15:14 jEA 

15:14 -!- sabu is now known as Sabu 

15:14 fucking nigg3rs wanna battle 

15:14 Saaaaaaaaaaaaaabuuuuuuuu \o/ 

15:14 boring without internet huh 

15:14 sups my brothers 

15:15 'Lo there 

15:15 dude 

15:15 without internet 

15:15 I feel like a faggot 

15:15 haha 

15:15 anyway 

15:16 I been reading twitter 

15:16 sabu what happened to your internets? 

15:16 and thx to topiary I been up to date 

15:16 Nessuno834: I got rid of my laptop and everything else with media 

15:16 just to be on safe side 

15:16 ahhh :( 

15:16 i heard u was having a break 

15:16 yeah 

15:17 so gents 

15:17 whats the latest 

15:17 why get rid of the notebook? 

15:17 i mean.... wipe it and reinstall if you're paranoid? 

15:17 marduk: nah I don't even want that around 

15:17 heh, okay.. :) 

15:17 anyway 

15:17 I got time right now 

15:18 are we going to target these other 2 sec firms? 

15:18 hope ur not paranoid 

15:18 or we just sitting on it 

15:18 i havent heard anything .. i think kayla was checking them out 

15:18 ok 

15:18 but you missed her by an hour or so 

15:18 gh3y 

15:18 but i guess she'll be back 

15:18 have we leaked greg's shit yet/ 

15:19 no... but almost 

15:19 but check this out 

15:19 http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/index_d_a_71.html 

15:19 dont leak the URL yet 

15:20 looks good 

15:20 im not on other ircd just here. I'm not leaking shiznit 

15:20 seeing as im prob only one here whoaint seen gregs emails, is there 

anything juicy in them? 

15:21 yeah i know 

15:21 just saying.. will be public later 

15:21 when the othermails are there 

15:21 this is nice 


15:21 Nessuno834: greg's email is nice and juicy 

15:21 I was the one in there 

15:21 we dont know, they have not been scanned or released yet 

15:21 Sabu: do you have a list of all the emails/aliases Aaron uses? 

15:21 oh we scanned them a bit? 

15:21 and i would use his passwords, Topiary you have them? would like to try 

something 

15:21 marduk, I traversed his email first. then gave access to tflow 

15:22 kibafo33 

15:22 Sabu: ah ok nice 

15:22 31satcom for Ted 

15:22 kibafo33 for Aaron 

15:22 I thought u had seen them marduk 

15:22 thx 

15:22 still jelly i missed the main fun 

15:23 Nessuno834: only 127 :) 

15:23 I left a backdoor admin account on hbgary.com's email server 

15:23 anyone want to see if we still have admin? 

15:23 if so R O F L 

15:23 DO EET. 

15:24 ok 

15:24 Ill give you info 

15:24 you try to login 

15:24 I don got proxies atm my rootlist is elsewhere 

15:24 get https proxy 

15:24 url: https://www.google.com/a/prvt.org 

15:24 user: reseller 

15:24 pass: random 

15:24 if you do get to login 

15:24 click on "manage domain" 

15:24 reset their passwords 

15:24 and leak new emails 

15:24 ROFLOLFROLOFLORLFRL 

15:25 oops 

15:25 wrong domain 

15:25 https://www.google.com/a/hbgary.com 

15:25 there you go 

15:26 no deal 

15:26 Does not work, sadface 

15:26 gay 

15:26 so sad 

15:26 20:22 anyone seen sabu? 

15:26 sogay 

15:26 tell garrett he ca find me here 

15:26 can 

15:26 privately 

15:26 k 

15:30 SABUUUUUUUUUUUUUU 

15:31 * Avunit humps the sabu 


15:31 D: 

15:32 yo yo avunit 

15:32 what up my nigga 

15:32 uh what happened now 

15:32 vlad goin away? 

15:32 what? 

15:32 hmm no irc works 

15:32 wut? 

15:32 http://internetfeds.mil.nf not responding 

15:32 ah now 

15:32 just hung 

15:32 LINK: Server tackle.operationfreedom.ru has not responded to PING for 15 

seconds, high latency. 

15:33 heihachi. i guess. 

15:33 lol 

15:33 yeah 

15:33 haihachi sucks cocks 

15:33 that said i will have an invoice in 5 days again 

15:33 oh yeah avunit I meant to tell you that if I go offline for a while 

15:33 private and isla are good money 

15:33 they're completely separated from me 

15:33 so that'll stay up + stable 

15:33 nais 

15:34 I'll have to give you root if anything 

15:34 I think about kepeing triumph in heihachi and moving tackle to another host 

15:34 yea 

15:35 and my first time crappty perl project combined with entropy's rusty perl skills 

15:35 gave us the DNSBot too 

15:35 to manage anonleaks.ru 

15:35 8) 

15:35 who is leaking gregs mails? tflow? 

15:35 think so 

15:35 yes, but we wnt to combine it with the release of the online reader 

15:35 oh marduk, has joepie been working on the interface somewhere today? 

15:35 and i think we need joe for that 

15:36 he didnt come back yet.. but should be soon now 

15:36 Because here we sorted everything at domain and manage level now 

15:36 so the only thing holding us back is the interface :P 

15:36 there was a probl with greg's mails but he knows how to six 

15:36 he wanted to do that when he is back 

15:36 fix I hope 

15:36 yarr 

15:36 Because I know how to seven. 

15:36 let me tell you guys 

15:36 you thought aarons mails were bad 

15:37 gregs full of yumz 

15:37 they are not that bad actually 

15:37 most is shit 

15:37 I love yumz, but i generally dont have time to read through yumz 


15:37 you guys do realize 

15:37 that this is going to spark a major offensive on at least my behalf against 

white security firms 

15:38 whitehat+ 

15:38 * Avunit points at palantir and berico. 

15:38 yup 

15:38 you know those guys are changing their passwords 

15:38 scanning their access logs 

15:38 lol 

15:38 oh sabi 

15:38 sabu 

15:38 i heard that palantur shut down their databases. cause they fear us 

15:38 lulz 

15:38 yeah bro 

15:39 anyway guys 

15:39 really 

15:39 can you confirm that? 

15:39 if we wanna do something with palantir and berico 

15:39 i propose something more subtle first 

15:39 because now theyre all like expecting us 

15:39 just relax, get sniff em to death 

15:39 also did we check out that lawyer firm? 

15:39 and when it starts to calm down again 

15:39 they're expecting us to attack their servers 

15:39 hit em with every backdoor that was in 

15:39 bawt no direct email leaks, rm -rfs and maximum access everywhere :p 

15:39 I will hit everything around the servers 

15:40 I just wanna rm some more ;) 

15:40 >>> Example. If I want to gain access to the Exelon plant up in Pottsdown 

PA I only have to go as far as LinkedIn to identify Nuclear engineers being employed by 

Exelon in that location. Jump over to Facebook to start doing link analysis and profiling. Add 

data from twitter and other social media services. I have enough information to develop a 

highly targeted exploitation effort. 

15:40 god this guy is so full of bull 

15:40 Sabu: Greg is looking for q and me personally 

15:40 Just do it at the right time sabu :P 

15:40 He was asking about us by name 

15:40 to whom topiary? 

15:40 I CAN USE FACEBOOK, I AM A MEGA HAXORR! 

15:41 Sabu: couple of sources that want to be kept private 

15:41 ok 

15:41 topiary they want to remain anonymous? 

15:41 just be careful guy 

15:41 s 

15:41 can;t afford to lose any of you guys 

15:42 i am safe 

15:42 * Avunit dies under the pressure. 

15:42 Nessuno834: yeah and I'm getting them to troll Greg and fax dox me, act 

like they're ratting me out but leading him further away [Pester, et al?] 


15:42 too... much... love... 

15:42 fucking nobody on anonops knows who i am 

15:42 *fact 

15:42 I dont exist 

15:42 at all 

15:42 Well there are no actual ties to me and very criminal activity but yeah as said 

before I am traceable if they really want to 

15:42 but all my data is safe :P 

15:43 @topiary on twitter, that guy with the European voice 

15:43 that is all anyone has on me. 

15:43 @atopiary rather 

15:43 Fucking wish I had @topiary 

15:43 I'm just that guy that lurks in every channel. 

15:43 oh 

15:43 my skype is doxiary 

15:43 I do nothing 

15:43 in case they go DERPER 

15:44 lol 

15:44 and I am nobody 

15:44 I'm sure all of us have info online somewhere, but not linked to our current 

info in any way 

15:44 HBGary and Berico were in contact with Hunton & Williams in early5~ 

Novemvber alredy 

15:44 http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/6413.html 

15:44 Let's face it, we were dumb kids once 

15:45 Topiary: probably, and mainly because i want it :P 

15:45 gotta run businesses too 

15:45 xD 

15:45 WOW shit 

15:45 check that pptx 

15:45 "Develop a corporate information reconnaissance service to aid legal 

investigations through the open source collection of information on target groups and 

individuals that appear organized to extort specific concessions through online slander 

campaigns." 

15:45 Laurelai 

15:46 srs i prefer just a plain text file over a powerpoint presentation >.> 

15:46 lol 

15:47 lulllz 

15:47 they want to dox us all 

15:47 thru facebwek 

15:47 n linkedin 

15:47 n google 

15:47 n wordpress 

15:47 n yahoo 

15:47 the fuck 

15:47 that they go use the same pass and name everywhere and reg everywhere 

15:47 doesnt mean 

15:47 we do 

15:47 these guys are completely dense 


15:48 if thats your only way of doxing people... 

15:48 well lol 

15:48 we'd better get a smoke and chill a lot then 

15:48 because jeez 

15:48 ok gents 

15:48 I really want to see their emails now, after that statement on the HBGary 

site, we can assume they're going into dox overdrive 

15:48 so whats the lawyer firm that tried to put the anti-wikileaks oepration? 

15:48 GIGA DRILL MAXIMUMARRUUUU 

15:48 Hudson & thingie? 

15:49 oh Hunton & Williams 

15:49 wasnt it williams and something? 

15:49 yes 

15:49 what were their email addresses? 

15:49 its BoA lawyer firm 

15:49 do they have a website? 

15:49 sure.. i guess.. 

15:49 Meanwhile, please be aware that any information currently in the 

public domain is not reliable because the perpetrators of this offense, or people working 

closely with them, have intentionally falsified certain data. 

15:49 fuckin hypocrites 

15:49 http://www.hunton.com/ 

15:50 kk 

15:50 I'll begin research 

15:50 Nessuno834: well aarons mail are all sigitally signed 

15:50 lulz 

15:50 Listening to mubarak meanwhile 

15:54 and ofcourse ill take care of private and isla too 

15:54 gimme roto and ill fux em up as much as possible :P 

15:56 20:55 Anyone know if it was the enterprise edition of google 

apps or the regular version where the emails were stored? 

15:56 Sabu: ? 

15:57 also: 

15:57 jwoods@hunton.com 

15:57 John Woods 

15:57 is their contact at H&W 

16:01 ohhhh sabu 

16:01 i have someting lol 

16:02 research from Aaron on Jeff 

16:02 but this looks substantial *surprise* 

16:02 http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/7628.html 

16:02 soo hmm 

16:02 it looks like they actively researched that company. interesting 

16:03 Political Donations: Gave money to John McCain 

16:03 oh god 

16:03 :p 

16:03 Father owns Noland Company 

16:03 Annual Revenue $100-$500M 

16:03 A Runner. Member of GRIPLA.ORG (Greater Richmond Intellectual 


Property Law Association. Has a blackberry and has installed the Facebook app for 

blackberry. 

16:03 lol 

16:16 -!- Netsplit trust.operationfreedom.ru triangle.operationfreedom.ru quits: @entropy, 

+DNSBot 

16:18 -!- Netsplit over, joins: @entropy, +DNSBot 

16:20 D: 


+DNSBot 



+DNSBot 

16:58 * Avunit stabs triangle. 


17:05 -!- Netsplit private.operationfreedom.ru triangle.operationfreedom.ru quits: 

@entropy, +DNSBot 

17:05 sorry im back now 

17:06 marduk, it was enterprise edition 

17:06 they paid 1500 for 33 users 

17:06 thx Sabu 

17:06 I had all the receipts but I deleted them thinking hey were useless 

17:06 they 

17:06 heh yeah 

17:06 is it important if it was regular or enterprise/ 

17:07 dunno, steve wnated to know, guess for some follow up article 

17:07 interesting 


17:13 -!- ServerMode/#hq [+v DNSBot] by triangle.operationfreedom.ru 

17:14 ok 

17:14 whats dnsbot 


17:14 !list 

17:14 hmm 

17:14 wellm, a dns bot :) 


17:14 localhost A 127.0.0.1 

17:14 www A 92.241.162.216 

17:14 hbgary A 92.241.162.216 

17:14 ns1 A 92.241.184.78 

17:15 ns2 A 92.241.184.80 

17:15 arh 

17:15 !dns add test a 6.6.6.6 

17:15 The following DNS configuration was added: 

17:15 test a 6.6.6.6 

17:15 !dns del test 

17:15 The following DNS configuration was deleted: 

17:15 test 

17:16 interesting 

17:16 can you look up MX records and shit? 


17:16 it's only for anonleaks.ru 

17:16 I see 

17:16 ok 

17:21 ok 

17:21 so 

17:21 tflow, you around? 


+DNSBot 

17:26 whats up with triangle 

17:28 dunno, blame Avunit 

17:28 -!- Netsplit over, joins: +DNSBot 

17:28 i'm only responsible for tackle and triumph. not that i could do anything if 

the split :P 

17:31 so 


+DNSBot 

17:31 I'm looking into hunton.com 

17:31 would that be a good target? 

17:32 of course it would be 

17:33 if we could pull a gary.. that'd kill them immediately. but i dont think that's 

possible 

17:33 i actually believe they would protect their communications.. 


17:34 ok 

17:34 if I sign off in a few or go idle that means I'm back home 

17:34 if kayla logs on 

17:34 ask her to begin working on it 

17:34 allriite, will do. but will probably go to sleep soon 

17:35 -!- Netsplit trust.operationfreedom.ru triangle.operationfreedom.ru quits: +DNSBot 

17:35 yo someone rm triangle already 

17:37 * marduk JUPES triangle 

17:37 naw 

17:46 dude 

17:46 hunton.com will be a nice fucking hit 

17:46 hm see potential vulns? 

17:48 yeah 

17:48 I see some potential openings 

17:48 :] 

17:49 we could rape these niggers 

17:49 it would be awesome if we can get it without noticing 

17:49 pull the comm tapping again 

17:49 yeah 

17:50 comm tapping a lareg lawyers office 

17:50 man 

17:50 this time we'll sit and collect quietly 

17:50 that's major shit 

17:50 yes 

17:50 itll require a lot of our time and dedication 

17:50 also, we should NOT release a dump 


17:50 only things which show illegal/fishy things etc 

17:50 because i would assume they have tons of absolutely legit clients 

17:50 we should not compromise them 

17:51 i dont think this would play well in the public 

17:51 and another point to make it we have not found evidence of them attacking 

us at this point 

17:51 but well, hypothetical. should see what we discover first 

17:51 yup 

17:52 but it's not only about us 

17:52 it is about the BoA/WL/Gov connection 

17:52 can you guys put together a private pad containing a list of whitehat targets, 

lawyers, reporters, any media that requires counter-intelligence attack 

17:52 yeah 

17:52 which still is mysterious to us 

17:52 I fucking lol'd when I read that shit in the news 

17:52 mhh i will get on that after i slept 

17:53 dont like a public pad tho... 

17:53 thats why I said private 

17:53 in fact I'll set one up now 

17:53 for our internal use 

17:53 give me a few 

17:53 ah okay :) 

17:53 brb 

17:53 sure 

17:53 put in topic then 






18:01 hola :3 

18:01 sabu!!! :DD 


18:06 kkk-kayla 

18:06 he maybe away.. but i am to inform you about a new target 

18:06 www.hunton.com 

18:06 sabu found potential vulns 

18:06 it's that lawyers office that represent BoA 

18:06 and approached HBGary about the Smear Campaign 

18:07 but should you get in.. be quiet pll0x :x 

18:08 ofc :3 

18:08 im back 

18:08 kayla my love 

18:08 :D 

18:08 sabu we going to rock www.hunton.com :D? 

18:08 yes miss 

18:09 hunton.com is target but its windows ;\ 

18:09 it has tons of asp/aspx scripts with lots of potential pams we can sql 

18:09 also it has about 6 mx servers listed.. 


18:09 so if push comes to shove we can try to root them if they arent 

exchange/windows boxes 

18:09 show me the links i'll see if i can get an injection out of them :) 

18:10 site:hunton.com inurl:id youll find a few 

18:12 this could be blind sqli 

18:12 http://www.hunton.com/news/event.aspx?tab=0002&gen_H4ID=114'53 

18:12 compared to http://www.hunton.com/news/event.aspx? 

tab=0002&gen_H4ID=11453 

18:14 kayla

18:43 but it's fixed now 

18:44 (\r\r\n was used as a newline, lol) 

18:44 rather than \r\n or \n 

18:51 currently converting greg's mails to the web version though. will be released 

on torrents + as a web version at the same time 

18:52 can you give ETA? 

18:52 if everything goes to plan 

18:52 then i would say 

18:52 4 hours maybe 

18:52 cool. dunno if i will survive that long tho :/( 

19:24 my presentation will be tonight too 

19:25 for whoever is around 

19:28 tflow: do you know what's in the mails? 


19:32 hmm there goes tackle and vlad 

19:32 bye bye 

19:32 grr 

19:42 Just a big high five to all you; I can't stop LOLing at the thought of how 

much we fucked up Aaron 

19:45 http://twitter.com/#!/AnonymousIRC/status/35861584349892608 

19:48 http://twitter.com/#!/atopiary/status/35862566156636162 

19:48 DAMNIT MARDUK 

19:48 HOW THE FUCK DID YOUU KNOW. 

19:50 i can read your mind of course! 

19:50 WELL RETWEET MINE OR I'LL ROOT CHARLIE AND SPAM 

DAVIDSONS! 

19:51 pfff. already done before you said. CHECK YOUR FACTS, NEWFAG! 

19:51 I'm about to tweet something I just made up that is superb 


19:54 lol... i use thats ome other time tho :) 

19:54 but it IS good (= 

19:55 Damn, beat me to it 

19:56 [00:52:39] Topiary: Well, I understand, we do sometimes do very harsh 

things. 

19:56 [00:52:47] Topiary: Or just mindless things. 

19:56 [00:53:38] Parmy Olson: For lulz. 

19:56 Shit, I think I've converted this Forbes writer to Anon 

19:57 -!- Netsplit trust.operationfreedom.ru triumph.operationfreedom.ru quits: @marduk, 

@kayla 


20:03 can we register anonleaks on twitter in case someone nabs it? 

20:03 even if it's inactive 

20:03 uh sure 

20:03 do it 

20:03 damnit 

20:04 Very well. 

20:04 in use? 

20:04 i can do it tho 

20:04 i only have one twitter so far 


20:04 but go ahead if you want 

20:05 Oh fuck, I put leak into the password box, started typing something 

random, thought of a rhyme, "weak", put in leakweak, and the fucking box came up that says 

"password is weak" 

20:05 shat brix. 

20:05 I'll do it 

20:05 lo 

20:06 http://twitter.com/anonleaks 

20:06 Damnit, it's already up. 

20:06 Nevermind then. 

20:06 yeah i feared as much 

20:07 well AnonymousIRC works fine as catalyst 

20:07 closing on 7k now 

20:07 You're doing well on that 

20:18 http://securepastebin.com/go/retrievePost.action?id=6302 Avunit mardu 

Sabu Laurelai Nessuno834 

20:18 password is puddi 

20:24 quite interesting 

20:28 thought maybe kayla/tflow/Sabu might enjoy 

20:28 yes, definitely good info 

20:29 also relayed to ifeds 

20:29 !invite kayla 


20:29 -HQBot:#hq- kayla was invited to the channel. 

20:32 -!- kayla [mysql2@HA-i80.2gd.hmtqaa.IP] has joined #hq 

20:32 < kayla> :3 

20:32 < kayla> wew 

20:33 there she is 

20:33 -!- kayla [mysql2@HA-i80.2gd.hmtqaa.IP] has quit [Changing host] 



20:33 :3 

20:33 how goes? 

20:33 01:19 http://securepastebin.com/go/retrievePost.action? 

id=6302 Avunit mardu Sabu Laurelai Nessuno834 

20:33 01:19 password is puddi 

20:33 check that 

20:33 but i wouldnt touch it just yet 

20:34 i'd like to get some confirmation somehow 

20:34 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has joined #hq 

20:34 -!- ServerMode/#hq [+o tflow] by tackle.operationfreedom.ru 

20:34 ohai tackle 

20:34 and tflow you too: http://securepastebin.com/go/retrievePost.action? 

id=6302 password is puddi 

20:36 http://securepastebin.com/go/retrievePost.action?id=6303 also kayla if you 

want lulz at us trolling some Guardian bitch into thinking she was in the secret hacking 

channel 

20:36 password guardian 

20:36 hehe 


20:36 just hope she will come back 

20:37 and btw, i did not use David (alrhough the D reference was clear) but that 

would have exposed the troll 

20:37 a mystery Don that nobody seen before is much better 

20:43 lol guardian as in media xD? 

20:44 ye 

20:44 she contacted topiary via skype and wanted access to one of the "secret 

channels" 

20:44 so we made one up :p 

20:52 lol 

20:52 oh the beauty 

20:52 we have lulz + epic win 

20:52 silly bitch dont you know im the only medial allowed here 

20:52 media* 

20:53 I've already converted the fuck out of Russia Today's producer Jenny 

Churchill - she LOLs hard at Anon lulz 

20:53 Parmy Olson next 

20:53 yes...turn them all to the dark side 

20:54 palentir ... remove that from target list for now 

20:54 oh? 

20:54 i cannot really leak this info as of yet 

20:54 but .. there will be big news in a moment 

20:54 orly 

20:55 palantir head PR apologized to Greenwald in person and to all 

"progressive institutions" as palantir always supported freedom of speech 

20:55 steve will post an item soon 

20:55 please do not spread that ourtside yet 

20:55 ok 

20:55 so 

20:56 they put their hands up 

20:56 that means 

20:56 the IMPORTANT thing is: palantir confirmed the document as real 

20:56 and therefore basically confirmed the mails are probably all real 

20:57 they probably do damage control now 

20:57 they don't want to go down with the rest 

20:57 it will be interesting to see.. if they continue cooperationg with DoD/DOJ 

20:57 and how that runs down 

21:01 you guys aware that we now have a copy of stuxnet via Aaron's emails? 

21:01 orly 

21:01 source? 

21:04 wow 

21:04 wow 

21:04 wow 

21:04 it gets better 

21:04 source is Head of Palantir PR 

21:04 ""As the Co-Founder and CEO of Palantir Technologies, I have directed the 

company to sever any and all contacts with HB Gary." 

21:04 EAT THAT 

21:04 But SHHHHHHHHHHH! 


21:04 link? 

21:04 no link 

21:04 private mail with steve 

21:04 wher is that from? 

21:04 oh 

21:04 :) 

21:04 it will be on tech herald 

21:04 acs:law 2.0 :) 

21:05 like how all uk isps cut of contact with them 

21:07 EAT SHIT AND DIE HBGARY 

21:07 OH HE WILL 

21:07 AND I WANT TO FUCKING KNOW WHAT HBGARY MEANS 

21:39 -!- Netsplit private.operationfreedom.ru tackle.operationfreedom.ru quits: @tflow 


21:43 -!- Netsplit trust.operationfreedom.ru triumph.operationfreedom.ru quits: @marduk 


21:46 * marduk axemurders heihachi 

21:48 hi 



21:59 http://www.thetechherald.com/article.php/201106/6804/Firm-targeting- 

WikiLeaks-cuts-ties-with-HBGary-apologizes-to-reporter 

22:17 [03:16:53] === quinn 

``Quinn Norton'' 

22:17 [03:16:53] === quinn is a registered nick 

22:17 [03:16:53] === quinn: member of #ophbgary, #reporter, and 

#opegypt 

22:17 [03:16:53] === quinn: attached to doom.anonops.ru ``AnonOps IRC 

Network'' 

22:17 [03:16:53] --- End of WHOIS information for quinn. 

22:17 I don't trust this guy. 

22:22 he is weird indeed 

22:23 saw him also on telecomix 

22:23 you may wanna ask biella 

22:23 i think she knows him 

22:23 or was it arrett? 

22:23 either one 

22:27 I just don't like the channels he's in - Aaron Barr spy channels. 

22:33 hey 

22:34 marduk Avunit Sabu Laurelai Nessuno834 tflow http://twitter.com/#!/dstufft 

# these guys are trying to dox us and give to Feds 

22:34 we have counter-dox, what do? 

22:34 it's 6 people 

22:34 they're actually getting some valid info 

22:34 lol 

22:35 wtf is that? 

22:42 its a fail 

22:42 he's just posting /whoises 

22:42 don't give him any attention 


22:42 they were back from chanology 

22:42 don't underestimate 

22:42 we have dox on them, formatting now 

22:43 ironically he's here http://dstufft.com/ 

22:43 with a photo of himself and everything 

22:43 is he trying to commit suicide? 

22:44 that's not him 

22:44 it's a group of 6 that actually are trying to fuck that guy 

22:44 anyway just a note in case they actually do something: we have their dox 

22:45 Topiary: http://en.wikipedia.org/wiki/Quinn_Norton 

22:45 she claims it's her 

22:45 see #reportter 

22:46 ah, that's okay then. we have reporters of 3 different sources 

analyzing/spying on us right now. I don't give a shit, but I fear for some of the more less 

private anons 

22:46 *reports 

22:49 yup i think she'S legit 

22:49 i sont think she would claim to be a blogger which has 404 on its site if she 

wasnt the one 

22:49 :p 

22:49 right, that's good. @ these 6 faggots: I am going to personally fuck with 

their lives 

22:50 6? 

22:50 that twitter is a group of 5 

22:50 65 

22:50 6 

22:50 ahh 

22:51 yeah didnt read context thx 

22:59 im decompiling stuxnet atm 

23:00 should have source code soon 

23:02 mhh nice.. but in this case, i'D actually be more interested in the cleaned 

source that hbgary has :) 

23:03 Topiary/marduk: any of you going to make @anonleaksdotru? 

23:03 hmmm 

23:03 AnonLeaksDotRu ? 

23:04 yeah 

23:04 or any other suggestions? 

23:05 thinking 

23:09 @AnonymousLeaks 

23:09 ? 

23:10 also, Y/N: we allowed to say "AnonLeaks rep" to press? 

23:10 to replace Anon source 

23:11 ohyes 

23:11 AnonymousLeaks i like better 

23:11 Well, we can say Anonleaks only when referring to the technical operations 

the site, as we can't speak for all of Anonymous 

23:11 and yeas, that's a good name 

23:12 i would refrein from using "rep" ever 

23:12 simply because.. that makes you/us directly tiable/responsible for what 


happens 

23:12 no need to 

23:12 example: the penny lock 

23:12 yeah sabu/kayla/tflow obviously were involved in the hack. but they never 

admitted to 

23:13 from the logs, you can only deduct that they knew about the operation 

23:13 well that kayla is our 16 year ol girl is no secret tho anymore tho i guess 

23:13 same for me 

23:13 i'm sure they think i actually haxed 

23:13 which is fine.. for reason stated often enough 

23:13 Well we don't really need to speak as "AnonLeaks" anyway, most of the time 

was can speak as "Anonymous" 

23:14 yup 

23:14 okay - good words 

23:15 well, want me to register 

23:15 actually i prefer that :p 

23:15 Topiary is sometimes... so vulgar :p 

23:17 what the frigging fuck 

23:18 this is beyond mad 

23:19 my yahoo mail account, i registered like a week ago for facebook 

23:19 has 1066 mails :o 

23:19 ahh damn, 

23:19 that were all the facebook action to David Davidson 

23:19 lol 

23:19 it'S regged 

23:19 need a profile text 

23:19 and profile pic 

23:24 http://twitter.com/#!/AnonymousLeaks/ 

23:24 draft 

23:43 looking nice 

23:46 ok 

23:46 keep this quiet for now 

23:46 https://github.com/Laurelai/decompile-dump/tree/master/output 

23:46 its going with my article 

23:47 Laurelai: I am in lesbians 

23:47 Topiary: lol 

23:47 Topiary: i saw that movie the other day.... 

23:47 what's that? 

23:47 tflow: 

23:47 do i know you O_O 

23:47 i need some help 

23:47 Laurelai: Maybe 

23:47 oh. stuxnet decompile 

23:48 marduk: with? 

23:48 other net, sorry w/c 

--- Day changed Fri Feb 11 2011 

00:09 tflow: heh 

00:09 hbgary functional again 

00:14 tflow: ? 


00:14 can we have nopants here,w hat do you think 

00:14 or no actually 

00:14 forget it 

00:16 HAHA 

00:16 seems like they don't have a copy of their original site :-) 

00:16 sux to have backups wiped 

00:25 omg 

00:25 the stuxnet thing 

00:25 they were working with the NSA 

00:34 uhm 

00:34 no surprise tho 

00:34 i mean, to be expected? 

00:34 btw 

00:34 https://twitter.com/#!/AnonymousLeaks/status/35934309281964032 

00:34 we find lulzy stuff 

00:34 https://twitter.com/#!/AnonymousLeaks/status/35926522028105728 

00:34 like that even more 

00:34 that was actually the final mail Jussi send to Greg lol 

00:34 He got no reply. Hm. 

02:18 Topiary: 

02:18 you around 

02:18 or anyone 

02:18 moah 

02:18 this sux 

02:31 hi 




05:40 wew:3 

05:40 *kiss* 

05:41 * marduk glomps kayla 

05:41 \:3/ 

05:42 haha you know 

05:42 how many people have asked me in query 

05:42 if Q was q 

05:42 lol 

05:42 i just said, i wouldnt know 

05:42 xD 

05:42 i know too many Q's :( 

05:42 you on sunshine, efnet and one on freenode xD 

05:43 i guess Q is fine that he is kinda confused with me here 

05:43 it makes it all more obscure 

05:43 im on efnet 

05:43 but with my real id 

05:43 cant interact ;) 

05:43 i dont go to efnet anymore :D 

05:43 good 

05:43 did gregs mails get dumped ? 

05:43 they are as we soeak 


05:44 lets see 

05:44 ? 

05:44 gah 

05:44 now its down 

05:46 join in anonopa :) 

05:46 wot :o? 

05:46 Morning 

05:46 whats anonoopa? 

05:46 #internetfeds 

05:46 anonopa* 

05:46 on anonops 

05:46 ahh :) 

05:46 the MASTER CAHN! 

05:46 :) 

05:47 well not really 

05:47 mostly idle :) 

06:03 kayla: did you look at .dz mobile ohone? 


06:08 -!- ServerMode/#hq [+v DNSBot] by triangle.operationfreedom.ru 

06:13 marduk 

06:13 do you know the Q on sunshine 

06:14 'know' is exaggerated 

06:14 i talked to him 

06:15 once or twice 

06:16 ok 

06:16 thought i was gonna have a twilight zone moment 

06:16 lol 

06:18 nah not the same 

06:18 some think so 

06:18 good :) 

06:18 yeah 

06:18 i didnt think so 

06:18 i thought you might be someone else 

06:18 ofc, first i act diffently 

06:18 and then there is the caps thing 


06:19 oh no .( 

06:19 inb4 you are julina assange 

06:19 nah, i am too old for that 

06:19 lol 

06:20 but yeah, we might have something in common 

06:20 like the insanity 




06:28 anyone here :D? 

06:28 hi 

06:29 Does anyone have gregs mails they can grep for me :D? 

06:30 he has an immunity account!!! 


06:30 wut 

06:30 want pass bad :3 

06:30 then we can dl all their 0day 

06:32 sup guis 

06:32 only whats up so far 

06:32 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/ 

06:33 thats just a page with all e-mails as files to me 

06:33 not an interface 

06:33 we KNOW 

06:33 DONT COMPLAIN 

06:33 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/23894.html OHGOD LOL 

06:33 the "HBgary Handbook" 

06:33 I am NOT complaining. 

06:33 xD 

06:33 kthxbai. 

06:33 attachment? 

06:33 yeh :D 

06:34 So rather dont shout at me. 

06:34 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/attachments/5425.doc 

06:34 somehow... my office doesnt parse docs correctly 

06:34 Thank you for joining HBGary, Inc. .HBGary.. We pride ourselves on being a 

dynamic and innovative team of people, who desire to produce quality results while offering a 

professional work environment that is fun and rewarding. 

06:34 We encourage you to make a difference here, as your participation counts. 

As we grow our business, we offer you the opportunity to enjoy an expanding reputation in the 

community and contribute to the success of our company. 

06:34 We strive to meet the high standards that we have set as a company. 

Customers are our top priority and we value each and every customer and want their 

experience interfacing with HBGary to be the best in the industry. If we make our customers 

successful, we will create an enjoyable, professional atmosphere where everyone can 

succeed. 

06:34 and hai kayla

06:35 ethically, honestly 

06:35 derp "ETHICS" 

06:35 we should report aaron,. 

06:36 xD 

06:36 He isnt honest and the average cow has more ethics. 

06:37 i need tha sleeps 

06:38 kayla: iöll dream oyou

07:23 nice find 

07:24 tflow!! 

07:24 you have them all correct? 

07:24 can you do me some greps? 

07:24 sure 

07:24 be interesting to get in to his immunity account as they teh 0day :# 

07:25 grep for immunityinc.com 

07:25 and grep for "password" 

07:25 ok sec 

07:25 grep for "adserver" 

07:26 also! they speak in the emails about a VPS smapshot of the machine used in 

the recent oil company hackes 



07:26 localhost A 127.0.0.1 

07:26 www A 92.241.162.216 

07:26 hbgary A 92.241.162.216 

07:26 ns1 A 92.241.184.78 

07:26 apparently is FULL of nice data 

07:26 ns2 A 92.241.184.80 

07:26 ns3 A 91.211.116.134 


07:32 anonleaks.com regged 

07:33 :)) 



07:35 marduk: can retwat? 

http://twitter.com/#!/atopiary/status/36039195176734721 

07:38 done 


07:39 kayla: 

07:39 http://internetfeds.mil.nf/hbgary/grep1.html 


07:42 most emails seem to be just product release notes 

07:42 triangle tfl 

07:42 -!- kayla [mysql2@fbi.gov] has quit [NickServ (GHOST command used by mysql2)] 





07:44 kayla: http://internetfeds.mil.nf/hbgary/ 

07:44 grep results are being outputted there, still running though 

07:44 grep1=immunitysec.com 

07:44 grep2=password 

07:44 grep3=adserver 

07:45 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/12097.html 

07:45 Renewal of: nsWebAddress .COM 

07:45 ROOTKIT.COM 

07:45 Quantity: 1 


07:45 Term: 5 year(s) 

07:45 Today's Charges: $114.95 

07:45 Exp. Date**: 2015-03-02 

07:46 $100 for a domain eh? 


07:46 nsWebAddress .COM 

07:46 GUNWALEGAMES.COM 




07:46 Exp. Date**: 2012-09-18 

07:46 nsWebAddress .NET 

07:46 GUNWALEGAMES.NET 




07:46 Exp. Date**: 2012-09-18 

07:46 nsWebAddress .ORG 

07:46 GUNWALEGAMES.ORG 




07:46 Exp. Date**: 2012-09-18 

07:47 :o 

07:48 endgames 

07:48 yes 

07:48 they are interesting 

07:48 gunwalgames is not 

07:49 it was never launched 

07:49 and it will never be launched, pretty sure 

07:51 but endgames is worth a look 

07:51 dunno their exact relation 

07:52 kayla: sup 


+DNSBot 


07:58 Laurelai nm just reading gregs mails :pPpp 

07:59 kayla: insid is helping me with crowdleaks migration 

08:01 -!- DNSBot [DNSBot@DNS.Bot] has quit [Connection closed] 

09:09 kayla: http://internetfeds.mil.nf/hbgary/greg_hbgary_com/27198.html 

09:09 Fascinating how much spare time these fags have. 




09:10 !voice DNSBot 

09:10 -!- mode/#hq [+v DNSBot] by HQBot 

09:10 -!- DNSBot [DNSBot@HA-gd5.b4q.0gssb5.IP] has quit [Changing host] 


09:10 -!- ServerMode/#hq [+v DNSBot] by twisted.operationfreedom.ru 




09:11 localhost IN A 127.0.0.1 

09:11 www IN A 92.241.162.216 

09:11 hbgary IN A 92.241.162.216 

09:11 ns1 IN A 92.241.184.78 

09:11 ns2 IN A 92.241.184.80 

09:11 ns3 IN A 91.211.116.134 

09:12 !dns add WE.WILL.WIN A 192.1688.12.13 


09:12 WE.WILL.WIN IN A 192.1688.12.13 

09:12 invalid ip address? 

09:12 tztz 

09:12 !dns del WE.WILL.WIN 


09:12 WE.WILL.WIN IN 



09:12 localhost IN A 127.0.0.1 

09:12 www IN A 92.241.162.216 

09:12 hbgary IN A 92.241.162.216 

09:12 ns1 IN A 92.241.184.78 

09:13 ns2 IN A 92.241.184.80 

09:13 ns3 IN A 91.211.116.134 

09:13 it werks! 

09:13 it does not do sanity checks :P 

09:13 i noticed hehe 

09:13 ets just basics 

09:14 all good 

09:14 i woudnt mess with it anyway 

09:14 afk 




09:21 i was misreading what you said :( 

09:21 was about to /sajoin you 

09:21 :p 

09:22 omfg im so tired 

09:29 deamon to check your servers if anyone wants it 

http://ru.phiral.net/~noyx/alive.py.txt 

09:29 youd have to do your own email and sms ways though 

09:33 Goddamnit why is that the third helicopter noise I've heard this afternoon 

09:35 hmm 

09:35 why did you say that 

09:35 i want to listen to pink floyd now 

09:35 dark side of the moon 

09:38 hey me too 

09:38 * Topiary does that 

09:38 entropy, is there any domain that resolves to 91.211.116.134? 


09:39 no but i can make one 

09:39 no..np 

09:39 just was wondering what to put in the mirrors list 

09:39 thats box is secured and everythign chrooted 

09:39 nice 

09:39 i like nginx 

09:39 im goign to start using it 

09:39 vs apache its so m,much smaller 

09:40 indeed 

09:40 it can handle 10k requests per second 

09:40 where apache can only do like 100 

09:40 that's why i chose it - not easy to ddos 

09:41 you want a .anonleaks.ru name for 91.211.116.134? 

09:41 actually i put it to ukraine.phiral.net 

09:41 ok 

09:41 but that was really so i wouldnt have to rememebr ip whne ssh 

09:41 that's good 

09:41 btw 

09:41 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/ 

09:42 (don't share link yet) 

09:42 good reading 

09:42 he made a WoW bot 

09:42 ol 

09:42 oh man 

09:42 when it's ready to release, that will be hbgary.anonleaks.ru/greg 

09:43 it will be frenzy tomorrow 

09:43 Listening to: On The Run ♪ Pink Floyd [3:33][Album: The Dark Side Of The 

Moon] 

09:43 Topiary: mmmh i DONT HAVE IT HERE 

09:43 I HATE YOU 

09:43 I have 24 Floyd albums on here 

09:43 i also have the ns3 updating every 5 minues 

09:43 oh wait 

09:43 incase ns1 and 2 are ddos 

09:43 i have them on my fone 

09:43 forgot :) 

09:44 ns3 also has ddos proc 

09:44 ddos proc? 

09:44 protection 

09:44 whatever that is 

09:44 provider side? 

09:44 !dns 



09:44 localhost IN A 127.0.0.1 

09:44 www IN A 92.241.162.216 

09:44 hbgary IN A 92.241.162.216 

09:44 ns1 IN A 92.241.184.78 

09:44 ns2 IN A 92.241.184.80 


09:44 yes 

09:44 usually it's dynamic firewalling 

09:44 ns3 IN A 91.211.116.134 

09:44 !dns add search.hbgary 88.80.5.84 


09:44 if not load baanced 

09:44 search.hbgaryIN 88.80.5.84 

09:45 yea but if i send a oc3 of traffic to yourr t1 

09:45 your fucked no matter what you have 

09:45 entropy: then i am fucked, yup 

09:45 entropy: heh 

09:45 you know.. 

09:45 i would like to have one of the russian nets 

09:45 with like 2M tombies 

09:46 which are nerver used for attack 

09:46 but i'd do it 

09:46 you think they really have 2M? 

09:46 search.hbgary.anonleaks.ru is hosted @ prq :) 

09:46 2M zombies on paypal 

09:46 oh yes 

09:46 entropy: but... they are usualy rented in parts 

09:46 to spammers 

09:46 those nets never do ddos 

09:47 cause.. that would burn them 

09:47 but yeah, 2M+ botnets do exist 

09:47 fkn scary 

09:48 that is crazy 

09:48 tflow: delete that 

09:49 then do: dns add search.hbgar A 88.80.5.84 

09:49 how does that make sense? 

09:49 your adding the subdomain type ipaddress 

09:49 fail tflow 

09:50 !dns del search.hbgary 


09:50 search.hbgary IN 

09:50 the bot can do mx cname etc 

09:50 oh 

09:50 so it wants the type 

09:50 oops 

09:50 i forgot the 'a' 

09:50 lol 

09:50 !dns add search.hbgary A 88.80.5.84 



09:50 search.hbgaryIN A 88.80.5.84 


09:50 search.hbgaryIN A 88.80.5.84 

09:50 lol 

09:50 !dns del tflow 



09:50 tflow IN 



09:50 localhost IN A 127.0.0.1 

09:50 www IN A 92.241.162.216 

09:50 hbgary IN A 92.241.162.216 

09:50 ns1 IN A 92.241.184.78 

09:50 ns2 IN A 92.241.184.80 

09:50 ns3 IN A 91.211.116.134 

09:50 search.hbgary IN A 88.80.5.84 

09:50 search.hbgary 

09:50 lol 

09:50 y so 2 times 

09:51 ... 

09:51 !del search.hbgary 

09:51 !dns del search.hbgary 

IN A 88.80.5.84 


09:51 search.hbgary IN 



09:51 localhost IN A 127.0.0.1 

09:51 www IN A 92.241.162.216 

09:51 hbgary IN A 92.241.162.216 

09:51 ns1 IN A 92.241.184.78 

09:51 ns2 IN A 92.241.184.80 

09:51 ns3 

09:51 y so slow 

09:51 im not sure 

09:51 oh yeah, throttling 

IN A 91.211.116.134 

09:51 triangle tends to be a bit slow nowadays :/ 

09:51 nah notrly 

09:51 it has splitted like 4-5 times today :P 



09:51 search.hbgaryIN A 



88.80.5.84 

09:51 localhost IN A 127.0.0.1 

09:51 www IN A 92.241.162.216 

09:51 hbgary IN A 92.241.162.216 

09:51 ns1 IN A 92.241.184.78 

09:51 ns2 IN A 92.241.184.80 

09:51 ns3 IN A 91.211.116.134 

09:51 search.hbgary IN A 88.80.5.84 

09:52 nslookup search.hbgary.anonleaks.ru ns1.anonleaks.ru 

09:52 Server: ns1.anonleaks.ru 

09:52 Address: 92.241.184.78#53 

09:52 Name: search.hbgary.anonleaks.ru 


09:52 Address: 88.80.5.84 


09:53 [15:16:26] Unknown command join. "/msg ChanServ HELP" for 

help 

09:53 awh i lold 

09:54 yea i tried to join chanserv 

09:54 retarded 

09:54 maybe i shouldve specific that its /cs invite 

09:54 :p 

09:54 im tired as shit if thats any excuse ;) 

09:55 jon the club 

09:55 well 

09:55 im more like 

09:55 confused as shit 

09:57 D: 

09:57 * Avunit shoots self. 

09:57 * marduk needs sleep 

09:58 needs sleep, less confusion and whatever 

09:58 just need to get myself sorted D: 

10:05 gfjkfhlakljg 

10:37 there is so many more ways to fuc kthem in these emails 

10:37 its like a fucking joke 

10:37 Penny sent Greg a love letter, it was mushy 

10:37 :3 

10:37 we must now always taunt him about his spiky bed head hair 

10:37 i think it was nice :D 

10:38 yes!xD 

10:38 maybe i should put that 

10:38 All, 

10:38 in valentines cards 

10:38 HBGary has no official position on Stuxnet. Please do not comment to the 

10:38 press on Stuxnet. We know nothing about Stuxnet. 

10:38 -Greg Hoglund 

10:38 CEO, HBGary, Inc. 

10:39 >shitloads of emails about stuxnet 

10:39 >LOL we don't know what that shit is 

10:39 these ppl called every one else script kiddies 

10:39 yet they "hack" using canvas 

10:39 ... 

10:39 Can somenoe twitter them 

10:39 asking 

10:39 about 

10:39 stuxnet? 

10:39 okay one second 

10:40 "I am curious about your statement on Stuxnet, care to comment?" 


10:43 n e stuxnet src :3 

10:44 I made a twatter 3 days ago 

10:44 lulz were had 


10:49 im glad i never had any of thatsocial media shit 

10:49 i like twitter for the purposes of anonymous 

10:52 Additional ground rules: the account is a full admin account. Please 

10:52 don't UPGRADE or PATCH the server. Please don't upgrade the DDNA. 

10:52 DEMO1: https://66.60.163.234:7443 

10:52 username: admin 

10:52 password: demo 

10:52 good job there 

10:52 wutwatwhere 

10:52 im guessing they took everything down or changed passes 

10:52 actually they probably didnt 

10:53 Team, 

10:53 password is now demo123 

10:53 ohw ait 

10:53 thats fromt he mails 

10:53 yea 

10:53 gogogo :3 


11:01 loool 

11:02 its rediculious 

11:02 well like 

11:02 GOGOGO 

11:02 how can you not know to use pgp/gpg when sending passes in emails that 

dont instantly change 

11:04 entropy: never had a Facebook/MySpace/Bebo ever, but Twitter is just 

email/pass and keeps data to a minimum, doesn't need an address 

11:04 and it's useful as hell for getting news 

11:05 I ahs troll faesbook 

11:06 yea twitters not bad 

11:09 i no has twitter 

11:09 this feels kindof wierd 

11:09 i have 2 of gregs books right here 

11:09 exploiting software and rootkits 

11:09 lol 

11:10 althought designing bsd rootkits kills his rootkits book 

11:10 lol 

11:10 :D 

11:11 i have to study 

11:11 this makes it so hard 

11:11 how can i open docx ? 

11:12 openoffice 

11:18 http://www.bbc.co.uk/news/world-middle-east-12433045 

11:28 Avunit, you use a different whois email for anonleaks.com and anonleaks.ru, 

seeing that anonleaks.com has your personal info on the whois 

11:28 use a* 

11:41 tflow 

11:41 does it look 

11:41 like that is 

11:41 my actualy 


11:41 actual* 

11:41 info? 

11:41 I am not german :P 

11:41 just i couldnt hide the data with private person on a .com domain 

11:41 but its in no way tied to me 

11:43 oh ok lol 

11:44 My name is not David 

11:44 evern though 

11:44 I liked david 

11:44 yknow 

11:44 Davidson. 

11:45 tflow can you grep for "BinDiff" 

11:45 Registrant City: Merchweiler 

11:45 Registrant State: Berlin 

11:46 is that even right? 

11:46 i had to guess the state :P 

11:53 http://anonleaks.org/cgi-sys/suspendedpage.cgi 

11:53 lulz 

11:53 by police? 

11:54 or for payment? 

11:54 its not ours :p 

11:54 iunno what anonleaks.org is 

11:54 ok 

11:54 we only own .ru and .com 

11:54 fuck my heart had a palpatation 

11:55 So yeah only worry if you hear things about anonleaks.ru or 

anonleaks.com :p 

11:55 ive no idea what .org is but its the only other registered domain with 

anonleaks 

11:55 yea i saw that 

11:56 so i was like 

11:56 well elts check out what that is! 

11:56 and then i go to asuspended page :P 

12:42 how long now till release D: 

13:00 !end 

13:00 -!- DNSBot [DNSBot@DNS.Bot] has quit [Quit: Quit] 

13:01 kayla 

13:02 :D 

13:02 many of us are thinking of delaying it till Monday. because there's no press 

on friday-sunday 

13:02 *kiss* 

13:02 for maximum impact 

13:02 ugg D: 

13:02 by then it will fizzle out 

13:02 no 

13:02 no one will care by then 

13:02 we're going to make even more buzz 

13:02 by giving some teasers 

13:02 and they'll just say it's faked 


13:03 kayla: a temp page will come online 

13:03 saying release date 

13:03 they haven't said that so far 

13:03 and some teaser released 

13:03 the original hbgary mails were released on monday 

13:03 did we get anyone else mails? 

13:03 or is gregs all we have left? 

13:04 that's all 

13:04 be interesting to see if they removed tht backdoor account 

13:04 so that's why we need to make the most of it 

13:04 because we only have one chance to launch the leaks 

13:04 considering that 1 inbox < 3 inboxes 


14:49 did someone highlight? 

15:05 -!- Avunit [Avunit2@netadmin.operationfreedom.ru] has quit [Ping timeout: 121 

seconds] 

15:22 tflow, I still think we should host a single front page on anonleaks.ru with a 

logo or message stating that "leaking begins Monday" 

15:22 that way people will have the URL over the weekend and can be checking 

it 

15:22 it would actually create more buzz this way 

15:22 and then we release on Monday like you planned 

15:24 sure 

15:24 got anything prepared? 

15:26 not in particular, I made this in about 10 minutes 

http://i.imgur.com/6Xvsv.jpg could be a starting point 



15:48 ill bbl 

15:49 going to go spar ;) 

15:57 spar :( 

17:46 -!- Avunit [Avunit2@netadmin.operationfreedom.ru] has joined #hq 

17:46 -!- mode/#hq [+qo Avunit Avunit] by HQBot 

18:12 hi guys. talking from my blackberry 

18:12 hi sexy 

18:13 whats latest? 

18:13 supz 

18:13 delay of anonleaks.ru till monday 

18:13 iunno if a teaser page will come online today 

18:13 and mubarak is gone 

18:13 for if you dont watch the news 

18:15 oh wow i didnt know fuck yes 

18:15 congrats all 

18:15 * Avunit bows to sabu. 

18:16 thats like all the news i have i think 

18:16 well we regged anonleaks.com too 

18:16 just to be sure the name wouldnt be stolen 

18:16 ok. anonleaks will keep me busy 

18:17 itll be what we use to dump whitehat dumps 


18:17 im lovin anonleaks already 

18:17 brb bro 

18:17 k 

18:24 im gonig afk 

18:56 sup 

19:10 It would be good to have a test page up tonight, just a homepage if 

anything 

19:10 Laurelai: what do with stuxnet source 

19:15 Topiary: lol idk 

19:16 you have to ask tflow 

19:40 Laurelai: I tweeted once ages ago about it and now dumbass press are 

taking my tweet super serially 

19:40 http://blogs.forbes.com/chrisbarth/2011/02/11/anonymous-claimspossession-of-insidious-stuxnet-virus/ 

19:40 LOL'd 

19:40 Oooohhh, deadly insidious virus! 

19:40 * Topiary waves cape 

19:45 -!- Topiary changed the topic of #hq to: HQ | Keep everything said in this channel inside 

this channel. Something to note if bored: http://securepastebin.com/go/retrievePost.action? 

id=6302 password = puddi 

19:47 lol 

19:48 And those trolly fags on twitter think they've dox'd me and I'm a 21-yearold 

man from Washington 

19:48 that better not be taken seriously, innocent people shouldn't be v& 

19:49 ;) 




20:01 hi :) 

20:01 anyone here it's kinda urgent! 

20:03 Yes 

20:04 who uses the username "root" on anonops? 

20:05 anyone here? 

20:06 im on but i have no idea 

20:07 I have him on Skype 

20:07 Do you need to get in touch? 

20:08 does he ever come here?? 

20:08 Not here 

20:08 like in this chat? 

20:08 well ok, sit down i have something to tell :) 

20:08 ? 

20:09 were you here earlier when tht greghb or w/e it was came in to the ophbgary 

chat and was all "herderp im greg" 

20:09 yea 

20:09 and i said compare SSN's to prove it n i k/b him 

20:09 well it was a troll 

20:09 and he's on another chat i go to and he mentioned it 

20:09 and i lol'd when he told me 

20:10 but then he scrolled me this 


20:10 My server was the one raided in the FBI's Tailor Made Servers raid 

20:10 I'm still here. :) 

20:10 I'm not your average Anon. 

20:10 But that's besides the point. 

20:10 The only way you're ever going to identify someone is gaining 

enough trust as a friend. 

20:10 gregh what I'm saying is that you need to infiltrate Anon at the 

deepest level. 

20:10 You need an insider. 

20:10 You need me. 

20:10 I grow tired of these operations. 

20:10 To watch them all fail would be fairly lulzy. 

20:10 apparently thats from "root" in a pm 

20:10 what the fuck 

20:10 not to be trusted anymore 

20:10 but also, this guys is a troll so i dont know if tht up there is true 

20:10 but still..... 

20:11 just thought i'd pass it on 

20:11 :) 

20:11 does he talk like that om the chan 

20:11 capitolizing letters and all 

20:11 periods 

20:12 i don't know, i dont even know who he is tbh... 

20:12 He's been here a while, has helped out with media a couple times, 

probably helped a lot with Payback 

20:12 But "root" is really a generic name, someone might be trying to fake him 

20:13 My server was the one raided in the FBI's Tailor Made Servers raid 

20:13 it sounds like it's root 

20:13 yea seems pretty easy to find that out ^ 

20:14 is +r registerd only or is tht +R i forget 

20:14 +r 

20:14 then it HAS to be root because ophbgary is +r and has been for ages 

20:15 because he must have been identified to be in the chan and it's the only 

chan "gregh" was in :) 

20:15 I grow tired of these operations.

20:19 they have alot of http://someip:port 

20:20 yes is down now 

20:20 wasnt like an hour ago 

20:20 :/ 

20:20 i was going to do some more reading 

20:20 xD 

20:30 http://www.lacy.ie/hbgary.php 

20:30 someone made that 

20:30 from the torrent 

20:30 im guessing 

20:34 Yes 

20:36 yeh but they dont have gregs :P 

20:51 site: www.offensivecomputing.net 

20:51 username: tedvera 

20:51 password: xWWzSeHxAJ 

20:51 Your new Offensive Computing membership also enables to you to login to 

other Drupal powered websites 

20:51 (e.g. http://drupal.org/) without registering. Just use the following Drupal 

20:51 ID and password: Drupal ID: tedvera@www.offensivecomputing.net 

password: xWWzSeHxAJ -- Offensive Computing team 

20:52 works :D 

20:58 theres seriously 200+ of things like that 

20:58 its like a joke 

20:59 http://www.lacy.ie/hbgary.php?id=18991 

20:59 yeh :D 

21:00 omfg 

21:00 dhs 

21:42 :D 

21:42 there's all kinds of stuff 

22:05 what the fuck is this http://search.hbgary.anonleaks.ru/ 

22:05 it got released? 

22:06 ah just a ptr to lacy 

22:11 yeh :D 

22:12 this one is interesting :D 

22:12 http://search.hbgary.anonleaks.ru/index.php?id=19948 

22:12 oops 

22:12 not tht one 





22:14 http://search.hbgary.anonleaks.ru/index.php?id=36623 

22:14 Subject: wow 

22:14 From: "Aaron Barr" 

22:14 To: "Ted Vera" ,"Mark Trynor" 

22:14 Original Email 

22:14 http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode? 

enc=68C5730C268E5722C1B9FA63247B01B63BBF99317CFBFEEF393299B041D165ADA 

3DE3B0D7E556EE784628ED7849CA9F1C859763381AFDDF9&.submit=decode%21 


Sooooo...using the link above and the google hack string. !Host=*.* 

intext:enc_UserPassword=* ext:pcf Take your pick of VPNs you want access too. Ugghh.. 

Aaron Barr CEO HBGary Federal Inc. 

22:15 1) Google search !Host=*.* intext:enc_UserPassword=* ext:pcf 

22:15 download the pcf file 

22:16 then use http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode?enc= to 

clear text it 

22:16 = free VPN :D 

22:19 thats only the group password 

22:19 so with cisco vpn you have the tunnel group pass then th username and 

user pass 

22:19 tunnel group is like the first line in just shared secret 

22:19 but still userfull 

22:19 99% of the pcf's will have usernames too 

22:30 :D 

22:41 ni ni guys :D

02:09 although i dont trust their accouncement fully yet 

02:10 but if they say they cut ties and apologize, we should respect that for now 

02:10 H&W is anothermatter tho 

02:14 true 

02:15 I'm so tired man I been up like 2 days so I need to rest however I really want 

to make some progress 

02:15 ah.. i know how you feel. was like 50h up myself 

02:15 but feel good after 14h of sleep now (= 

02:17 haha nice 

02:17 I read the buffer, it seems the guy on anonop "root" is a mole or troll? 

02:20 the nick "root"? 

02:20 eh if he's identified.. he used to be oper i think. is forunder of 

#operationpayback 

02:21 really 

02:21 04:10 My server was the one raided in the FBI's Tailor 

Made Servers raid 

02:21 04:10 I'm still here. :) 

02:21 04:10 I'm not your average Anon. 

02:21 04:10 But that's besides the point. 

02:21 04:10 The only way you're ever going to identify someone 

is gaining enough trust as a friend. 

02:21 04:10 gregh what I'm saying is that you need to infiltrate 

Anon at the deepest level. 

02:21 04:10 You need an insider. 

02:21 04:10 You need me. 

02:21 04:10 I grow tired of these operations. 

02:21 04:10 To watch them all fail would be fairly lulzy. 

02:21 04:10 apparently thats from "root" in a pm 

02:21 if thats him being genuine 

02:21 he must get rocked 

02:21 plz investigate my brother 

02:23 wtf 

02:23 :o 

02:23 oh i will 

02:23 i will leave kayla out of this, but i will present this to owen 

02:23 i think he will be quite interested 

02:23 but why is root telling this to kayla? 

02:24 or where is that from? 

02:26 no 

02:26 root wrote that to gregh, who is a troll/poser who posed/trolled as greg 

hoglund on irc 

02:26 and root wrote him that log 

02:27 Oh shit 

02:27 how did kayla get it? 

02:27 oh some fake-greg-spy? 

02:27 lol 

02:27 sorry, didnt read 

02:27 eh that's actually a good idea 

02:27 we can weed out traitors this way 


02:28 i will probaby make an alternative nick, go in #ophbgary 

02:28 idle mostly, but pm a few ppl 

02:28 yup 

02:28 do it plz 

02:28 greg/gregh/coganon/anoncog/aaronbar/abarr etc 

02:31 okay 

02:31 talked to owen 

02:31 it all makes sense 

02:31 07:30 and he tried, no begged for his oper back and was refused 

hands down 

02:31 07:30 he was gone too long 

02:31 07:31 some bs about his job blahblah 

02:31 07:31 noone believed it 

02:31 07:31 ill pass it on 

02:31 so .. thanks for relaying 

02:31 ppl will know. 

02:32 kk 

02:32 tell owen I miss him

02:49 so she could get root too 

02:49 wasnt really important.. but quite lulzy :) 

02:49 I figured it was too vague for anyone to find interesting 

02:49 yup, i figured that (= 

02:49 I guess it is though lol 

02:50 basically I read all his outgoing email communication to jussi 

02:50 and mimicked word for word and grammar for grammar 

02:50 I also made sure to throw in rootkit.com's root password (found in an earlier 

email) in the initial SE email 

02:50 to get jussi to trust me 

02:51 it worked thankfully and turned out to be lolz 

02:51 ah nice... yeah ii thought the pws you mentioned must be kinda known to 

him 

02:51 but that he immediately tes you the root pw 

02:51 *facepalm* 

02:53 yeah I learned a decade ago in order to get a successful SE you must know 

at least one bit of intimate information to gain at least a bit of trust from your target 

02:53 thats why I fucing researched my balls off 

02:53 yes i know.. actually, SE is my strongpart as well... i am out of the freaky 

technical stuff 

02:53 i lost connection by now 

02:54 although i noticed.. many of the exploit stuff is the same like 10 years ago 

02:56 uNF 

02:57 uNF uNF uNF ... coffee! 

02:58 im off to bed for a nap. ill be back my brothers and sister 

02:58

04:24 well, everybody wanted to take a look at stuxnet :) 

04:25 yeah 

04:25 HBGary was trying to make themselves look like the stuxnet experts i 

think 

04:26 hmm would be hard; i think f-secure had the best insight there. they did a 

lot of work on stuxnet which was widely praised 

04:26 yeah 

04:26 nobody ever said HBGary was smart 

04:26 :p 

04:26 lol 

04:26 it really looks like a whole trail of fail 

04:26 i still want to know wtf HBGary means :p 

04:26 leading the fail train into Anons lap 

04:27 :) 

04:27 where it crahed 

04:27 and burned 

04:27 crashed* 

04:27 and it is still smoldering now 

04:27 and you can hear people screaming and dying 

04:28 good times 

04:35 hmm 

04:35 http://ge.tt/3ckSqhP 

04:36 have a look at that 

04:39 i like that pretty much... dunno though about the strict teams.. i mean some 

ppl do more than one thing, are not really specialized. 

04:39 but in general very good... 

04:40 make sure to show it to the other guise as well 

04:40 none of it is strict 

04:40 nothing saying you cant be part of more than one team 

04:40 ill revise that 

04:42 yeah just making some comments 

04:42 the team/focus is okay.. just i wouldnt name it "teams" 

04:43 ok 

04:43 hi 

04:44 wb Sabu. check that url from Laurelai 

04:44 who the fuck wrote that doc 

04:45 remove that shit from existence 

04:45 first off there is no hierachy or leadership, and thus an operations manual is 

not needed 

04:45 those who root, also "Shell" and also "deface" 

04:45 theres scant need to segregate 

04:46 shit like this is where the feds will get american anons on rico act abuse and 

other organized crime laws 

04:47 yeah well you could have done 100 times more effective shit with HBgary 

04:47 gratted what we got was good 

04:47 if you're so fucking talented why didn't you root them yourselves? 

04:47 but it could have been done alot better 

04:47 also we had a time restraint 

04:48 and as far as I know, considering I'm the one that did the op, I rooted their 


oxes, cracked their hashes, owned their emails and social engineered their admins in hours 

04:48 your manual is irrelevent. 

04:48 ok so why didnt you backdoor everything and just collect data 

04:49 because it was generally agreed that we should OWN HBGARY _BEFORE_ 

Aaron Barr met up with FBI 

04:49 that gave us ~24 hours to play with 

04:49 you werent in the chat at the time and thus you wouldn't know this 

04:49 and who invited you anyway? 

04:49 I do not know you 

04:50 marduk, I'm about to bounce. this place is getting compromised a bit too 

quick/easy 

04:50 :/ 

04:50 what huh ? 

04:50 whats getting compromised? 

04:51 who the fuck is laurelai and why is he/she/it questioning our owning of hbgary 

04:51 uhm.. she is with wl 

04:51 and? 

04:51 and kayla knows her. 

04:51 bleh 

04:51 ok who authored this ridiculous "OPERATIONS" doc? 

04:51 look the guideline isnt for you 

04:51 because I'm about to start owning nigg3rs 

04:51 authorized??? 

04:52 its just an idea to kick around 

04:52 start talking 

04:52 for who? the feds? 

04:52 its not any official doc, it is something that Laurelai wrote up.. and it is for.. 

others 


04:52 rofl 

04:52 just idea 

04:52 ideas 

04:52 man 

04:52 at least that is how i understand it 

04:52 to talk over 

04:53 le sigh 

04:53 mmmm why are we so in a bad mood? 

04:53 my nigga look at that doc 

04:53 and how ridiculous it is 

04:54 its just a document and it doesnt even mention anonymous 

04:54 shelling team? 

04:54 wtf is a shelling team 

04:54 whatever 

04:54 look, i think it was made with good intentions. and it is nothing you need to 

follow, if you dont like it, it is your good right 

04:55 no fuck that. its docs like this that WHEN LEAKED makes us look like an 

ORGANIZED CRIME ORGANIZATION 

04:55 its the ANTITHESIS OF WHAT ANONYMOUS IS 

04:55 mmm 


04:55 if these lamers leak shit like that Im rooting them 

04:55 i get your point 

04:56 and it also makes us look like fucking twats aka hypocrits. we sit here and 

tweet all day about palantir/hbgary putting together docs and slides discussing the process of 

OWNING WIKILEAKS 

04:57 yet we're producing the same fucking shit 

04:57 only difference being our target focus are whitehats/anonymous targets 

04:57 rofl 

04:57 I'm going back to sleep. nice to meet you laurelai 

04:58 mm i get the point... and yes, considering that, we should not 

use/spread/hand such dox around 

04:58 but i am also convinced that Laurelai wasnt ill-minded by doing that. 

actually we taked about this before 

04:58 the point just is... we shoud have some procedure (it actually started with 

ppl ddosing targets that could be defaced, etc) 

04:59 marduk the other night.. when we owned hbgary we had 100% coordination 

in here. we had one slight issue with leeching of emails taking a bit longer than they should 

have 

04:59 but besides that, I did my part, topiary did his part, tflow did his part, you did 

yours, etc 

04:59 we did not need a manual 

04:59 and we were on point 

05:00 laurelei's issue is that we did not sit and sniff their emails for more good info 

05:00 no 

05:00 so what were you saying earlier? 

05:01 my issue is they had alot of private software and proprietary code, as well 

as customer information that could have been taken and used to gain access to more stuff 

quietly and then use tht as a platform to gain even more 

05:01 true, they had private software and proprietary code. and true I deleted their 

entire fileserver which included about 1 terabyte worth of malware, code and data 

05:01 let me ask you a question 

05:02 do you have 1terabyte+ servers ready to leach+store+torrent? 

05:02 yes 

05:02 and how lon would it have taken us to leak the terabyte off their network 

05:02 before they realized they were getting owned? 

05:03 it was a LITTLE rushed, yes we could have leeched mybe a little more. but 

in overall i think we did a very awesome op 

05:03 i think so too 

05:03 we fucking tapped their email comms for 30 hours 

05:03 as for customer information, all that customer information is in the emails. 

tflow had access to those emails before leaking ~24 hours 

05:03 thats all i was trying to say 

05:03 and they didnt notice a fkn thing 

05:03 thats enough to traverse into customer accounts 

05:03 was it would have been nice to get some of the priv software 

05:03 and malware 

05:03 trust me miss 

05:04 if you saw what I saw 

05:04 there was nothing worth getting 


05:04 they had endless copies of rxbot 

05:04 public .exe's 

05:04 they had sandboxed a bunch of romanian exes with zeus 

05:04 public bots 

05:04 they had 0% 0dayz 

05:04 ok then 

05:04 their source code was not on the fileserver. there were nothing but 

executables 

05:05 and if you want their software that bad search thepiratebay 

05:05 I'm sure copies are on there 

05:05 their shit is garbage 

05:05 so we're discussing a non-issue 

05:05 perhaps I should have cleared this all up for everyone 

05:05 then what i was told wasnt what actually happened 

05:05 so docs like the one you created would not exist right now 

05:05 im sorry 

05:05 I dont know who told you what 

05:05 but if you have questions ask me 

05:05 ok 

05:06 well she wasn't here from the beginning 

05:06 so she couldnt have known 

05:06 I am not being rude to you. trust me, I'm a nice guy 

05:06 as stuff in here was not relayed to outside 

05:06 I just dont like the bs 

05:06 im not trying to bs 

05:06 i was making a point based on the information i has 

05:06 wich was wrong 

05:06 ok so what were you told/ 

05:06 that their fileserver had massive 0dayz? 

05:06 basically 

05:06 because I can say there were two external drives 

05:07 I have a good memory and will tell you what was there 

05:07 one external drive was used as a nfs/samba mount it contained about 1tb of 

data 

05:07 it contained the same financial docs you find in the emails 

05:07 it contained backups of their dbs, etc 

05:07 it contained endless copies of their software in versions 

05:08 changelog edits 

05:08 it contained literally garbage 

05:08 that has little value to us 

05:08 ok 

05:08 the other external hard drive used as a nfs mount for internal lan servers 

05:08 contained all of their malware research 

05:08 Sabu: can we h4x the DoJ? :p 

05:08 which literally consisted of 

05:08 rxbots 

05:08 zeus bots 

05:08 chinese and romanian bots 

05:09 stuxnet debugs, copies of same binary 


05:09 etc. 

05:09 nothing of value to us 

05:09 ye i noticed from the emails, they take a lot of interest in the public/widely 

available bots 

05:09 because they already exist in the emails we have 

05:10 alright 

05:10 makes sense 

05:11 fuck 


05:11 do you have access to the prq server? 

05:11 of crowdleaks? 

05:11 ohai tflow 

05:11 hi 

05:11 tflow: yes of course 

05:11 Laurelai: please remove the vhost for search.hbgary.anonleaks.ru asap 

05:11 it's not supposed to be public yet 

05:11 ok.. 

05:12 :o 

05:12 and the dnsbot is offline .__. 

05:12 good morning tflow my brother 

05:12 tflow: i have a copy but only add is working there 

05:12 Sabu! 

05:12 did you hear about the shitstorm the leaks caused? 

05:12 yeah bro I been catching up 

05:13 this is actually.. bigger than the cables it seems 

05:13 especially as only small amounts have been scanned so far 

05:14 tflow: done 

05:14 thanks 

05:15 Sabu: in need of new target? its not whitehats tho... 

05:15 I want to focus on white hat sec firms 

05:15 they're the ones working on us 

05:15 okay. 

05:15 hmm 

05:15 oh 

05:15 its a good idea 

05:15 hbgary was the tip of the iceberg 

05:15 what was that 

05:15 there was that french one 

05:15 Laurelai: ? 

05:15 you know how many other sec firms are trying to do exactly what they're 

doing 

05:15 lol 

05:15 you got the tip from someone 

05:16 so we need to start rocking these lamers 

05:16 what was the url, damn 

05:16 D: 

05:16 hi avunit my brother 

05:16 the fuck is up with anonops 

05:16 oh all awayke .. just kayla missing now :o 


05:16 ddosaresst.com 

05:16 Avunit: was ddosed 

05:16 Laurelai: nah i meant the other one.. who are working with french police 

05:16 tiny is down, belldandy is down, koldsun is down 

05:16 marduk: i dont know 

05:17 who are trying to spai on us 

05:17 mhhh 

05:17 marduk 

05:17 yeah 

05:17 laurelie, I appreciate you took the time to write that document. perhaps 

instead of creating evidence we actually follow such procedures. we just educate our people 

here so our next target isnt rushed/etc 

05:17 ddosaresst 

05:17 Sabu: thats what i was trying to get at 

05:17 http://dosarrest.com/ ? 

05:17 can we let it go ive deleted it already 

05:17 heh 

05:17 Sabu: yes 

05:17 that one 

05:17 I'm being fucking nice to you 

05:17 * marduk hands around cake and coffee. 

05:18 and you're telling me to let it go/ 

05:18 don't get rocked bro :| 

05:18 meehh.. now all; let's focus not argue anymore. 

05:18 it's done. 

05:18 you run crowdleaks.org? 

05:18 i help run it 

05:18 I see 

05:19 Hey instead of argueing do me a favor and tell me which anonops server 

with atleast a 50 channel limit is online :P 

05:19 Avunit: vlad has 51 

05:19 thanks 

05:19 np 

05:19 added vlad in my pool 

05:19 Avunit: vlad 

05:19 oh im slow 

05:20 so any news around here? 

05:20 Laurelai:

search.hbgary.anonleaks.ru? I need to make some coding changes 

05:20 I need more targets= 

05:20 https://panel.dosarrest.com/customerpanel1_0/cp/sites/view/ 

05:21 whitehats, spies, whatever 

05:21 Sabu: im still looking for that one url 

05:21 i got a tip 

05:21 ill look thru my history 

05:21 kk 


05:22 oh wait 

05:22 tflow: its a single php file 

05:22 ah nice 

05:22 whats wrong with it 

05:23 can you set me up an account with write access to that file? 

05:23 i need to make it so that 

05:23 it like to the .html pages on hbgary.anonleaks.ru 

05:23 links* 

05:23 there is a better interface there with attachments and such 

05:23 oh 

05:23 i can do that 

05:23 great 

05:24 hbgary.anonleaks.ru 

05:24 i'll give you the db files for each index 


05:24 doesnt appear to be up 

05:24 each email is like 3333.html 

05:24 a number 

05:24 brb 2 mins 

05:24 do you mean http://search.hbgary.anonleaks.ru/ 

05:24 o_O 

05:25 the anonleaks.ru sites, apart from search are not yet activated :P 

05:26 i need more coffie 

05:27 anonleaks is going to rock my socks 

05:29 DNSBot is online again ^.^ 

05:30 question gents 

05:30 whats the situation with openleaks 

05:30 watcha mean? 

05:31 "Domscheit-Berg denies claims by WikiLeaks that he damaged the 

organization or 'stole' material, but did say he took roughly 300,000 documents with him when 

he left." 

05:31 does openleaks need to get owned or not our buisness 

05:31 Well afaik they were taken for safekeeping and are being forced back by 

wikileaks now 

05:31 atleast thats what the news here said 2 days ago 

05:33 word 

05:33 damnit i dont find that site anymore 

05:33 I cant wiat for anonleaks to go public :D 

05:34 ok gents and ladies 

05:34 I'm going offline till tonight 


05:35 much love to you all 

05:35

05:45 Laurelai: did you get that? 

05:46 ? 

05:46 [10:38:22] http://internetfeds.mil.nf/hbgary/aaron_hbgary_com/db 

05:46 [10:38:28] http://internetfeds.mil.nf/hbgary/greg_hbgary_com/db 

05:46 [10:38:33] http://internetfeds.mil.nf/hbgary/phil_hbgary_com/db 

05:46 [10:38:40] http://internetfeds.mil.nf/hbgary/ted_hbgary_com/db 

05:46 [10:38:51] up again? :o 

05:46 [10:39:04] From these files, you can tell which .html page to link to 

by looking @ the email filename 

05:46 oh yeah i saw 

05:47 how do i search it 

05:47 ok cool 

05:47 using php? :p 

05:47 do you know how to code it? 

05:48 otherwise i can code it and give you the hbgary.php file 

05:48 im not so hot with php 

05:48 (but i'd need the original hbgary.php first) 

05:48 thats lexis department 

05:48 np 

05:48 yeah ill secure pastebin it 

05:49 actually.. you know.. i think it would be better to store that in the mysql db 

05:49 having it filebased would be too slow to search 

05:50 can you create me a mysql account on the server with one db? 

05:50 Must I code the like 10 line html page excluding headers to say COMING: 14 

FEBRUARI 2011 

05:50 with a logo 

05:50 and iunnom aybe some links to sum emails? 

05:51 if so, ill do it after lunch :P 

05:51 brb 

05:53 hes got it using postgesql 

05:53 or something 

05:53 for that 

05:53 man 

05:53 im just going to get lexi to work with you on that 

05:53 ok 

05:53 when's he coming on? 

05:53 i just install shit and make sure it doesnt get hacked into 

05:54 tflow: here pretty soon 

05:54 hes in ireland 

05:55 ah 

05:55 btw, some mails still cant be parsed, any idea why? 

05:56 example: http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18057.html 

05:57 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18057h.html can 

05:57 view it in html mode 

05:58 ups 

05:58 kk 

06:22 tflow: 

06:22 http://search.hbgary.anonleaks.ru still works for me 

06:22 cached NS? 


06:22 yes 

06:22 ah k 

06:23 hmm.. what do we have so far.. 

06:23 ? 

06:23 4 Heihachi servers (3 for NS, 2 for interface) 

06:23 ah 

06:23 1 PRQ servers (for search - with dosarrest) 

06:24 1 Telecomix? 

06:24 1 Luxembourg server (from Telecomix, for web interface) 

06:24 those servers are not all heihachi tflow :P 

06:24 but they are russian 

06:24 oh? 

06:24 and in the same datacentre 

06:24 yeah 

06:24 webalta 

06:24 and santrex 

06:24 ah 

06:24 I can roll one extra server in, Triumph, if needed. 

06:25 If we do need another server, it would be for the web interface. but I think 

we're sorted for now 

06:25 Avunit: i gave you the other paysafe? 

06:25 yes marduk i think 

06:25 oh goddamnit that said 

06:25 gimme again 

06:25 xD 

06:25 k, yeah i remember faintly 

06:25 i forgot i dont log anymore 

06:26 uh oh 

06:26 * Avunit stabs self in face. 

06:26 imma get the invoice sorted direclty 

06:26 NOT GOOD 

06:26 * Avunit navigates towards heihachi. 

06:26 phew 

06:26 found it 

06:26 We should also have a page called legal.html 

06:27 That shows all the DMCA requests we've gotten from HBGary 

06:27 And our replies 

06:27 TPB-stlye 

06:27 style* 

06:27 what is the bgcolor of the interface page? 

06:29 #D7C3FC 

06:30 ill do some lousy html coding for a such teaser page 

06:31 sifting greg's emails for anything more about BoA & co 

06:31 it doesn't really need to use that bg colour if it's just a teaser page 

06:31 also you can base it on http://pastehtml.com/view/1cw69sc.html Avunit 

06:31 all you need to do is change the txt 

06:31 or logo 

06:32 well might look better if it uses the same bgcolor 

06:32 thats why 


06:32 http://www.technologyreview.com/web/32279/?p1=A1 

06:32 did we see this: 

06:32 "I have been sucked up for the last, seems like almost 2 weeks working the 

law firm deal. The potential is huge for us. We are starting the pilot this week, 50K effort. After 

the pilot the end customer gets briefed. We were talking to the senior partner of the law firm 

on Friday and he wants a firm fixed price by month for 6 months and the figure we have come 

to settle on is $2M per month for the 3 team members. That will equal $500-$700K for HBG 

Federal, thats per .. 

06:32 ... month. We still need to close it, so I am spending most of my time 

making sure we blow them away and get the funding. Other stuff happening, but thats the 

main focus for me." 

06:32 oh wait, that's not anonleaks 

06:32 was sent from aaron to greg and penny on nov 16 


06:38 -!- Topiary [colossal@do.the.impossible] has joined #hq 


06:44 hey Topiary 

06:44 Hai 

06:44 moah, greg'S mails are full of ticketspam 

06:44 that'S why he has 10k more mails 

06:45 Ticketspam indeed, new registration/password change too 

06:45 yeah 

06:45 and emails from PayPal 

06:53 http://operationfreedom.ru/anonleaks/ 

06:53 thats kinda what i have atm 

06:54 hey 


06:54 could i get the origional email for that 

06:54 Avunit: nice 

06:54 Fubruary? 

06:54 eh 

06:54 February. 

06:54 oh yeah 

06:54 #AnonLeaks? 

06:54 yes 

06:54 on anonops? 

06:54 yes 

06:54 oh. 

06:55 I had e-mail 5 in twice too instead of one 6 xD 

06:55 please 



06:56 ask tflow, he might have it D: i no has 

06:56 tflow: ? 

06:56 Laurelai: yes looking at that 

06:56 anything else that needs to be on the teaser page? gimme about 6 juicy 

emails as a teaser too d: 

06:56 marduk: laurelai wants the original 

06:57 * Avunit pokes topiary 


06:57 original? 

06:57 oh the .eml? 

06:57 yarr 

06:57 ? 

06:58 ya well, i dun have it... btw when are we gonna torrent greg'S mails? 

06:58 it says it 

06:58 laurelai wants the .eml for that link 

06:58 Original file: 26858 

06:58 the .emls for greg are not released yet. 

06:58 and http://operationfreedom.ru/anonleaks/ 

06:58 hmm 

06:59 not bad but 

06:59 it doesn't really fit well 

06:59 as in? 

06:59 possibly a black background outside the box? 

06:59 ok i need to be away for an hour or so 

06:59 easy enough 

06:59 also i don't think we should tell the irc channel yet 

06:59 well stab topiary for that 

06:59 i stole his banner :p 

07:00 hah, made it in a few minutes as a test 

07:00 I think it would be cool to have the green anon logo in large 

07:00 it's not a banner so much as a lulz 

07:00 with a white background 

07:00 and says coming soon under it 

07:00 don't think I have any large Anon logos like that to turn green, that one was 

pretty small 


07:02 i think it's better to just have a white bg 

07:02 k sec 

07:02 with the green logo only + coming soon under it 

07:02 done 

07:02 (without the irc stuff or the text) 

07:03 ill green the irc stuff out 

07:03 the bg is still black :p 

07:03 oh you wante verything white? 

07:03 no i mean 

07:03 http://i.imgur.com/N7mfR.jpg 

07:03 made 

07:03 ah liek dat 

07:03 nice 

07:03 want the date still under it or all text removed? 

07:03 only thing i would say 

07:04 the stroke around the text kinda makes it seem cartoonish :p 

07:05 now then? 

07:05 can easily be fixed. any text you had in mind? 

07:06 and topiary, you got any e-mails ready to be teased? 

07:08 so i can put em there too 

07:08 not sure if I have anything that stands out 


07:08 well aslong its kinda lulz or juicy 

07:09 its fine 

07:09 we dont have to throw the best in, rather not even 

07:10 just a few to show we're for real and ready to cause mayham 

07:12 and tflow watcha think of the current page then? bettah? 

07:12 http://i.imgur.com/zgaMs.jpg 

07:12 simpler? 


07:14 can't tell if juicy or not... 

07:16 should i use the source of that html to leak or put it in .txt? 

07:16 I guess html 




07:19 wat 

07:19 im removing attachement and without html markup links 

07:23 any others? 

07:24 tis kind of fugly but fine 

07:25 this isn't worth putting up, but lol 

http://internetfeds.mil.nf/hbgary/greg_hbgary_com/18450.html 

07:25 LOL 

07:25 i say 

07:25 put it up xD 

07:26 but yeah check out http://operationfreedom.ru/anonleaks/ 

07:26 its kind of ugly with the emails 

07:26 but k 

07:27 Avunit: you need the .css file 

07:27 yeah figured 

07:27 but i have no link to the actual source either 

07:28 with divs and whatever 

07:28 oh wait 

07:28 you use th for that 

07:28 nvm me :P 

07:30 i put the css file up 

07:31 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/9365.html im lolling quite 

a bit tho 

07:36 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/20419.html

07:41 haha yes that google alert is cool (= 


07:43 is that public? 

07:43 I think maybe the 14 Feb thing needs to be taken out, not sure why 

07:43 can we spreda that? 

07:43 no 

07:43 the main site will be anonleaks.ru 

07:43 right? 

07:43 yea 

07:43 but this will be one mirror, tho? 

07:44 still probably not best to spread this yet until anonleaks.ru is updated 

07:44 and we've agreed on final page 

07:44 yeah 

07:44 itll be on anonleaks.ru 

07:44 this is just my testing ground 

07:44 tell me when it is 


07:44 the date taken out? 

07:45 well.. we are sure that we go public on monday i think? 

07:45 we got all set. all uploaded, mirrors working 

07:45 or should I just make "Coming February 2011" of it? 

07:45 just in case we fail hard on Monday 

07:45 mhh 

07:45 ill just get the 14 and : out of it 

07:45 if then take it out completely 

07:45 and leave the coming soon in logo 

07:45 we can just tweet about it 

07:45 and when we actually release, we'll do a countdown 


07:45 updated 

07:46 i want to send the teaser page to some bloggers asap 

07:46 The font on coming soon is a bit weird 

07:46 mhh 

07:46 idd remove february 

07:46 that souds like.. we are maybe online in 2 weeks 

07:46 I'd just remove the whole line about coming soon 

07:46 coming soon in the logo is okay 

07:46 small and decent 

07:46 and we can create buzz on twitter about it 

07:46 i'd just remove the big text 

07:46 Can you remove the black border? 

07:46 ^ 

07:46 yesi can 

07:46 sec 

07:47 What about the border? 

07:47 It's not nice :p 



07:47 it'll look more scary 1337 h4x the plainer it gets 


07:47 yup 

07:47 we all agree this one is fine then? 

07:47 maybe a blank line between teasers iand the mails 

07:48 then ill tar it for tflow :P 

07:48 then it'd be perfect 

07:48 can you remove that border? 

07:48 shift reload 

07:48 it is 

07:48 its removed 

07:48 i'dd add a blank line tho 

07:48 and white lnie added 

07:48 below "teasers" 

07:48 line* 

07:48 its added 

07:48 looks a bit dense 

07:48 aha 

07:48 reload 

07:48 ah :) 

07:48 perfect imo 

07:48 should i make the teasers fat or is only underlined fine like this? 

07:48 tested in other browsers? 

07:49 sec imma start up IE 

07:49 im using firefox myself 

07:49 chrome here 

07:49 just gonna find another teaser, or one to replace one already 

07:49 on linux 

07:49 the Penny loveletter 

07:49 sec 

07:49 looks fine 

07:49 mhh 

07:49 nah 

07:49 not the penny love letter 

07:49 something juicy 

07:49 like Boa related 

07:49 looks fine on an old version of IE 


07:49 like this one 

07:49 but ive the idea that the teasers should be bolded :/ 

07:50 well the word "Teasers:" 

07:50 try it 

07:50 kay 

07:50 adding a ninth leak too 

07:51 hrrm 

07:52 adding bold removing underline 


07:52 I don't think we need this many teasers 

07:52 some bring down the quality of the others 

07:52 hmm 

07:52 too many fun/private ones imo 


07:53 we should concentrate on the interesting ones 

07:53 anonleaks isnt emphasized on gossip :( 

07:53 at least replace email 8 with Penny's one 

07:53 feel free to say which one to remove etc. 

07:53 or get rid of 8 entirely 

07:53 replacing 8 with 

http://internetfeds.mil.nf/hbgary/greg_hbgary_com/23876.html 

07:54 done 

07:55 brb taking a shower 

07:55 when i'm back i'll put it up 

07:55 cool 

07:55 get wet. 

07:55 ill tar it for you tflow 

07:55 thoroughly moist 

07:56 updated email 9 to remove the attachement link too 

07:56 why isnt kayla here? 

07:56 hrrr. 

07:56 we should put a contact email in the form of 

07:56 "Problem, officer? email@email.com" 

07:56 so we can laugh hard at takedown notices 

07:56 tflow requests that I give them lulzy responses 

07:56 can use my hushmail, of do we have email already setup? 

07:56 and we post them in a legal section 

07:57 should have something official like 

07:57 complaints@anonleaks.ru 

07:57 :p 

07:57 i have no mailserver 

07:57 gief mailserver 

07:57 and we can create anonleaks.ru 

07:57 wait when tflow gets back 

07:57 I would jizz over Topiary@anonleaks.ru as my email 

07:57 I'd put that shit as mah vhost 

07:57 avunit@anonleaks.ru 

07:57 bitches. 

07:58 We go' be hunted by the po-po 

07:58 oh no-no 

07:58 almost tempted to make a theteam.html 

07:58 with fake dox 

07:58 xD 

07:58 DO IT 

07:58 DO IT SO HARD 

07:58 LOL 

07:58 okay 

07:59 everyone go make fake identity 

07:59 fake name 

07:59 fake country 

07:59 and GIEF ME 

07:59 heh, aren't i John Q Nagel? 

07:59 IUNNO GIMME INFO 


08:00 lol 

08:00 i cant ind him 

08:00 rofl 

08:00 David D. Davidson 

08:00 google "John Q Nagel" 

08:00 6697 Mudkup Rd. 

08:00 Longcatsville 

08:00 The Internets 

08:00 Mine ^ 

08:00 only hits are the Anonymous docs of Aaron 

08:00 Mudkip* 

08:00 I'll use John Q. Nagel 

08:01 make some other fake info up too marduk, like topiary 

08:01 sec 

08:01 actually that John Q Nagel is real on facebook 

08:01 mhh i use something else 

08:03 Henry Dorsett Case, 648, Matsudo, Matsudo-shi, Chiba, 271-8510, Japan 

08:03 thar you go 

08:04 whoever knows the reference wins an internet 

08:05 Want me to use your irc nicks? 

08:05 like Topiary: 

08:05 David D. Davidson 

08:05 tflow: and canihaz sop in #anonleaks pl0x 

08:05 6697 Mudkup rd. 

08:05 lolno 

08:05 not me 

08:05 k 

08:05 enough trouble qith q as it is :p 

08:06 we should include a weblink to #anonleaks on the teaser site 

08:06 massive buzz for it 

08:06 oh 

08:06 Avunit: use my fake nick: "Don" 

08:06 WebAnon chat 

08:06 nah not using nicks now :op 

08:06 he's rarely online 

08:06 ok 

08:06 fine too 

08:08 okay 

08:08 MOAR 

08:08 ill add something for myself too 

08:10 oh nice 

08:10 (as I was finishing writing this, Karp called me, seemed sincere enough in 

his apology, vowed that any Palantir employees involved in this would be dealt with the way 

they dealt with HB Gary, and commendably committed to telling me by the end of the week 

whether Bank of America or Hunton & Williams actually retained these firms to carry out this 

proposal). 

08:10 (Greenwald on salon.com) 

08:11 Perhaps a "MEET THE TEAM" link underneath the teasers, and also on 

that page can be a "Problem, officer? complaints@anonops.ru"" 


08:12 http://operationfreedom.ru/anonleaks/theteam.html 

08:14 well we can do that after we got an anonops.ru email server topiary 

08:14 because i do want to see that :p 

08:14 Avunit: "648 Matsudo, Matsudo-shi" - "Chiba 271-8510" 

08:14 oh k 

08:14 btw, case is the main character in william Gibson's Neuromancer 

08:14 updated 

08:15 and he lives in Chiba City :) 

08:15 cheers 

08:16 http://operationfreedom.ru/anonleaks/theteam.html 

08:16 updated with email lnik too 

08:16 Looks good Avunit, needs Mudkip though 

08:16 oh well ypu typed mudkup :P 

08:16 anyway need mailserver *stabs topiary* 

08:16 i added a subject line to the mail link too :p 

08:20 looking like the sex of all sexes 

08:20 now tflow needs to come back, he needs to give an identity and we need 

some mail serverz 

08:20 and then we r ready to rawl 

08:20 WE HAZ PROBLEMZ 

08:20 oh btw is thel ink i put on the index good or you want MEET THE TEAM 

there? 

08:20 MEET THE TEAM 

08:20 Y33333 

08:21 MEET THE SPY 

08:21 oh no wait 

08:21 xD 


08:22 getting some tea meanwhileeee 

08:22 get soem bitches to gief mailserbur 

08:22 we iz want offishul address 

08:23 sup 

08:23 wb tflow 

08:24 Avunit: davidson has a ":" the others not 

08:26 For mail, we can use Google Apps 

08:30 morning 

08:32 i can setup a mail svr pretty easily if we need 

08:33 and qmail is pretty hackproof 

08:33 but lacks alot of extras 

08:34 Why not GMail? Would save us having to get extra servers + DDoS-proof 

08:34 then we can use the extra servers for mirroring 

08:34 ah ok 

08:34 Google Apps lets you have your own domains 

08:35 i just dont use g* anything 

08:35 since they spy on your shit 

08:35 hm 

08:35 Well we don't really have anything to hide :P 

08:35 All secret shit will be done on IRC 

08:35 @anonleaks.ru is just for press 


08:35 Infact, it would be funny one day if we leak our own mail 

08:35 lol 

08:37 tflow: will u put the teaser version up? 

08:38 i'D like to spread it to some ppl today 

08:38 Are we done with it? 

08:38 Also 

08:38 tflow 

08:38 gimme ur 

08:38 s3cret dox data 

08:38 I think the meet the team joke needs to be more subtle - like a easter egg or 

hiden joke 

08:38 I like my J. Shepard D: 

08:39 Maybe if we put it in the comments, or make the like very small 


08:39 link* 

08:39 k 

08:39 yeah it'S too prominent i agree 

08:39 ill make 

08:39 very small link 

08:39

08:45 I'm not very creative 

08:46 can someone give me thel ink to the google mail server shit too? 

08:48 the free version that is 

08:48 http://www.computersecurityarticles.info/security/anonleaks-continuesrelationship-with-criminals/ 

08:48 what a fuckign cock suer 

08:48 One of the characteristics that the members of Anonymous have in 

common with their Russian and Ukrainian cybercriminal benefactors 

08:49 although its funny he thinks our servers have benifactors 

08:50 entropy! 

08:50 you gief fake dox too 

08:50 and tflow just become creative :P 

08:50 lol 

08:50 1 sec 

08:51 Sabu: when you get back. TARGET: http://www.lexsi.com/

08:58 you did already 

08:58 THATS WHY 

08:58 BITCH 

08:58 im sure their db will notice its in a second time and just drop it 

08:58 because at my first reg try 

08:58 it kept sending me back 

08:58 Wait, let me give you root admin details 

08:58 to the info 

08:58 and I was like 

08:58 I SEND TAHT ALREAD YBITCH 

08:59 I added Toomas Sarva to the team 

08:59 only need one for tflow now too D: 

08:59 he can use Keith B. Alexander id he's not creative :p 

09:00 shh let him make up his own shit :P 

09:00 did you guys scroll up and see the shit kayla was talking about about that 

guy 'root' 

09:01 i havent seen kayla talking 

09:01 so it mustve been 

09:01 it was last night 

09:01 before i logged on my bnc 

09:01 :P 

09:01 i dont backlog D: 

09:01 like 12 hours ago 

09:01 yes 

09:01 i told owen 

09:01 yea mine only has like 100 lines 

09:01 it was a fake root 

09:01 very likely 

09:01 possible switch 

09:01 even though the chan was +r? 

09:02 but owen knows.. and will follow up on that 

09:04 D: 

09:12 pffft 

09:12 lol 

09:12 your goignto have complaints@anonleaks 

09:12 omfg that is going to get rocked w mail 

09:12 awesum eh? 

09:12 but they will prob be funny as shit 

09:16 waiting for domain verification now 

09:17 domain verificated 

09:17 mmh i'D like to use that logo for the twitter acc 

09:18 let'S see if my netbook cn cope with gimp'n shit 

09:19 oh fuck 


09:19 avunit! 

09:19 wont be able to add mx with the bot 

09:19 since it requires more optionzzz 

09:19 can you add it manually? 

09:19 yea if you do more then generic mx 


09:19 sure what do you need 

09:19 sec ill write it 

09:21 anonleaks.ru. 14400 IN MX 10 ASPMX.L.GOOGLE.COM. 

09:21 anonleaks.ru. 14400 IN MX 20 ALT1.ASPMX.L.GOOGLE.COM. 

09:21 anonleaks.ru. 14400 IN MX 20 ALT2.ASPMX.L.GOOGLE.COM. 

09:21 anonleaks.ru. 14400 IN MX 30 ASPMX2.GOOGLEMAIL.COM. 




09:21 that should do 

09:21 oh is that all 

09:21 ... 

09:21 lol 

09:21 ok brb 

09:21 yeah its just the multiple arguments and youre prob logged into the server 

already xD 

09:22 you need this: anonleaks.ru. IN TXT google-siteverification=zkig3tWuq_y7fpgAfAZO76OfLMfWJcGKUfK6Iq7WyG4 

09:22 yes 

09:22 ? 

09:22 k 

09:22 that needs to stay ther 

09:22 e 

09:23 i have to do anything manually that startw with anonleaks.ru. 

09:23 cause that is the origin 

09:23 fixt 

09:23 http://twitter.com/#!/AnonymousLeaks 

09:23 im using shortcuts with the @ 

09:23 well it did work though entropy 

09:23 heh, 780 followers already 

09:23 since google got that one out properly 

09:23 really 

09:23 yarr 

09:23 i never knew you could do that 

09:23 tflow: hbgary.anonleaks.ru teaser version ETA? 

09:23 nor did i, but i just tried :p 

09:23 oh that said ill tar the teaser version in a sec 

09:24 Should we put ti on anonleaks.ru or hbgary.anonleaks.ru? 

09:24 or just anonleaks.ru/hbgary/ ? 

09:24 would be better imo.. avoid dns spam :p 

09:25 anonleaks.ru i just say 

09:25 i mean thats the standard domain 

09:25 yah and then subdir. 

09:25 agree here 

09:25 http://operationfreedom.ru/teaser.tar.gz 

09:26 the email should be onlnie.. well shortly 

09:26 Everything going smoothly, AnonLeakers? 

09:27 everything going excellently 

09:27 avunit: stop the bot, go down to this line: if ($i >= 10) { # start printing at 


the 10th line 

09:28 if ($i >= 19) { # start printing at the 19th line 

09:28 restart bot 

09:28 change 10 to 19 ya mean? 

09:28 k 

09:28 to hide all the non subdomain 

09:28 yep 

09:31 done 

09:31 Email 

09:31 - Updating... 

09:31 We are checking MX records for your domain. This may take 48 hours to 

complete. 

09:31 awh fu 

09:31 it wont 

09:31 its in now 

09:32 http://anonleaks.ru/ 

09:32 awesome tflow 

09:32 awesome! 

09:32 YAY 

09:32 when we're releasing i'll redirect the frontpage to hbgary.anonleaks.ru 

09:33 ah okay 

09:33 kk 

09:34 google is still checking, suppose itll be doen within the hour 

09:35 http://twitter.com/#!/AnonymousLeaks/status/36433077068636160 

09:35 http://anonleaks.ru/email5.html 

09:35 fuck i thought that was real 

09:35 niel stevenson should pick that up 

09:35 lol 

09:35 xD 

09:38 shit so its out 

09:38 ... 

09:38 let the games begin 

09:40 * Avunit stabs google for a fuster update 

09:40 whats the best way to kill a hd 

09:40 unskrew it and scratch the platters 

09:40 ? 

09:40 chainsaw? sandpaper? 

09:40 actually ill just drive somewhere and dump them 

09:40 open it u 

09:41 and sandpaperrrrrr 

09:41 i need a giant electro magnet 

09:41 yea that will work 

09:41 but i have like 8 of them 

09:41 and theres like 20 star screws each 

09:41 pita 

09:41 oh yeah 

09:41 errr 

09:41 drive over em 

09:41 with a tractor 


09:41 and then throw em in water 

09:41 * entropy starts up my tractor 

09:41 with a few batteries too 

09:42 9v? 

09:42 nah 

09:42 50v 

09:42 :P 

09:42 word 

09:42 BIG ONES 

09:42 and then 

09:42 sledgehammer 

09:42 to finish it up 

09:42 should kind of do the trick 


09:43 algeria live stream thar! 

09:43 Updating Google servers... This may take up to 1 hour to complete. 

09:43 * We are updating Google servers to enable email for your users. 

09:43 google anonleaks.ru 

09:43 oh yarrrrr 

09:43 About 941 results (0.34 seconds) 

09:43 its been what 1 minute 

09:44 first results are awesome 

09:44 wow who made that logo 

09:44 ;) 

09:45 Teasers: E-mail 1 E-mail 2 E-mail 3 E-mail 4 E-mail 5 E-mail 6 E-mail 7 Email 

8 E-mail 9 · MEET THE TEAM. 

09:45 oh fuck 

09:45 at the google hit 

09:45 google just 

09:45 deneis 

09:45 denies* 

09:45 fonts :p 

09:45 the bitches xD 

09:45 whats up with white on white 

09:45 lol you expect a google robot to miss text in BG color? 

09:45 :D 

09:45 sekret times 

09:46 nah 

09:46 i didnt 

09:46 just 

09:46 didnt realize 

09:46 that google would cache that :P 

09:46 should keep it 

09:46 thats funny actually 

09:46 how long before fox news 

09:46 will report 

09:46 they have our dox? 

09:47 and then a van will blow up 

09:47 ill lol so hard 


09:47 lol 

09:47 "Wheres Serpent Nebula actually?" 

09:47 there is so many great lines in that video i cant believe it 

09:47 i had seven passwords and they got them all 

09:48 ^ the best one 

09:48 * Topiary buys a dog and hangs curtains. 

09:48 lol 

09:48 The power of 9000 VPNs" 

09:48 my gf broke up w me cause she thought ... i was cheating on her with 

guys 

09:48 LOL 

09:48 complaints@anonleaks.ru will be up in approx 1hr 

09:48 hopw can that still be funny i dont know 

09:48 Isn't there where the old wordfilter of "7" to "over 9000" came from? 

09:48 *that 

09:49 not sure 

09:49 thought ht 900 thing was from like pokeman 

09:49 Avunit: sounds lovely. 

09:49 I should send 

09:49 Over 9000 itself is from Dragonsweatyballs 

09:49 very serious replies 

09:49 but the wordfilter on 4chan, 7 was replaced with over 9000 

09:49 ah yea dragonball 

09:49 lol 

09:49 I lieked Dragon Ball when i was lil kiddo 

09:49 Avunit: may I respond to takedown notices with vigor? 

09:50 But of course 

09:50 or rather have access to that email as well 

09:50 just if i get ranodm mails 

09:50 14:48 btw have you seen Avunit? I see him, but wonder when he 

be online 

09:50 14:49 he haven't reply for a while since I last spoke 

09:50 because if there's one thing I'm useful for, it's creating laughs via 

responses 

09:50 avunit? 

09:50 ill react very seriously 

09:50 ohai i am seen 

09:50 but rly was/am kinda busy 

09:50 what takedown notice? 

09:50 if 

09:51 "You have complaints about our content? We are now passing your 

complaint on to the board of directors. We thank you for your input, please keep supporting 

AnonLeaks.ru" 

09:51 if and or when takedowns come 

09:51 ah 

09:51 ill gief you all some sexy @anonleaks.ru mail too when its done xD 

09:52 i have to go take the ccie security written test in an hour 

09:52 * entropy isnt scared 

09:53 http://twitter.com/#search?q=%23AnonLeaks 


09:54 Even people with cleavage retweet that now 

09:54 thats good 

09:54 WE WILL ROCK THE WORLD! 

09:54 http://twitter.com/Emma_A 

09:54 wow 

09:54 it's a top tweet 

09:55 already 

09:55 fuck haha 

09:55 and over 800 followers 

09:55 sick shit is shit 

09:55 access.log is getting like 1 request per second 

09:55 who all has access to that twitter account btw, you and tflow? 

09:55 yes, atm 

09:55 k 

09:55 ill usually take care of the account. will not tweet much with it 

09:55 just need to know who to poke for a tweet :P 

09:56 but just in case i am not round 

09:56 we need it to tweet a bit tho ^.^ 

09:57 ill tweet bout it with my main account 

09:57 as more reach anyway 

09:57 wil use *Leaks only for really new nnouncements 

09:57 @wikileaks isn't tweeting much either 

09:58 but once full version is online 

09:58 i will tweet a few nice mails of course 

09:58 http://www.wikifiltraciones.com/?p=1838 

09:58 nah but we are not wikileaks either :P 

09:59 we certainly are not 

09:59 i hope we never get into a daniel-situation :p 

09:59 iunno we operate differently 

10:00 we use social media more actually :P 

10:00 thats why i said keep people happy with tweets of @AnonymousLeaks too 

10:00 I nevah used twitter though D: 

10:00 atopiary #AnonLeaks teaser site up: http://anonleaks.ru/ 

10:00 yeah i will.. just not too much 

10:00 icwutudidthar 

10:01 glynmoody RT @BiellaColeman #anonymous is gonna release/leak more 

damning emails here: http://anonleaks.ru/ >>interesting use of .ru domain here less than 20 

seconds ago via web 

10:01 lulz 

10:01 interesting useeee 

10:02 lol natural use i'd say 

10:03 well we can always let .com redirect to .ru just for that guy :p 

10:03 http://twitter.com/#!/atopiary/status/36439397956202496 :D 

10:03 [16:00:49] atopiary #AnonLeaks teaser site up: 

http://anonleaks.ru/ 

10:03 [16:00:50] yeah i will.. just not too much 

10:03 [16:00:52] icwutudidthar 

10:03 mwhaha :p 

10:04 search anonleaks.ru in google 


10:05 i did yesh :p 

10:05 feng37 冯三七 

10:05 Should we make #anonleaks public now? 

10:05 http://twitter.com/#!/feng37/status/36440491402723328 

10:05 Topiary: sure 

10:05 we're getting max publicity already 

10:06 lol 

10:06 liek 

10:06 well 

10:06 lets go for top google searches? :P 

10:06 i see http://anonleaks.ru 

10:06 as the top for anonleaks.ru 

10:06 yea 

10:07 it has been since like the second it came up 

10:07 but the nextresult is the cock sucker calling us sociopaths 

10:07 http://twitter.com/search?q=AnonLeaks 

10:07 arr 

10:08 second it top 5k tweets for me 

10:08 by topsy 

10:08 http://www.icerocket.com/search?tab=twitter&fr=h&q=anonleaks&x=0&y=0 

10:08 crazy 

10:08 its been like 20 minutes 

10:08 lol 

10:08 eheh 

10:08 this will hit the fan 

10:09 lol shit 

10:09 we're going max for top tweet 

10:09 monday will be max 

10:09 gotta look what to do weeks after the 27k mails tho 

10:09 btw Topiary why aren't you in the most elitest idle channel on anonops? :o 

10:10 hrrm are we having bets on which internet media will report first on the lulz 

page? 

10:10 because surely one will get the mocking of doxing 


10:10 marduk: OH SHIT 

10:10 must join! 

10:10 * Topiary joins the secretz 

10:11 SamusAranX #anonleaks' credits page: http://img.ly/2Zie half a minute ago 

via Twitterrific 

10:11 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 

10:11 I wouldn't tweet the channel yet on AnonymousLeaks twitter or 

AnonymousIRC - I think better for it not to be *too* public yet 

10:11 haha 

10:11 too late 

10:11 we have a winrar 

10:12 nah that's just for atopiary :p 

10:12 why not? its just an irchannel 

10:12 having the anonleaks site up and tweeted makes much more impact 

10:12 I dunno. might make us seems like publicity whores 


10:12 i feel 

10:12 we did the same for the HBGarychannel 

10:12 hm ok 

10:12 put a link to the webirc 

10:12 I did 

10:12 marduk: retwat? 

10:12 yeah we often tweeted channel 

10:13 done already 

10:13 a true scholar 

10:13 lol 

10:13 I

10:35 ddos already? 

10:35 or just ... normal "ddos" 

10:35 hm works now 

10:35 Probably Heihachi problems 

10:35 no ddos to mine 

10:35 Considering there was just a netsplit 

10:35 google hits are getting better already 

10:35 here 

10:36 ima try tackle 

10:36 purrrfectly loading pae here 

10:36 tflow watcha using, nginx or lighttpd? cba to read http headers xD 

10:36 loads real fast for me 

10:37 yeah all good again 

10:37 nginx 

10:39 i nevah used nginx ;.; 

10:39

11:05 good luck entropy! 

11:05 thanks 

11:13 afk 

11:16 

http://www.reddit.com/r/TwoXChromosomes/comments/fk3fe/look_upon_the_beautiful_soul_o 

f_penny_hbgarys/ 

11:16 lol 

11:19 brb, need to get BEER! 

11:25 tflow: you gonna be available to add takedown notices in lulzy formats on 

the page if I give ya emails of them in the future? 

11:26 piratebay style, it was a genius idea 

11:30 I'll just add them to legal.html if you give me them :) 

11:33 sounds good 

11:36 tflow 

11:36 should we add the complaints email 

11:36 to the homepage too? 

11:38 it would be lulzy 

11:39 Could you copy the link part of theteam.html to the end of index.html tflow? 

11:41 purrty please 

11:45 (or gief me access to screw wid da siet man) 

11:46 http://anonleaks.ru/theteam.html? 

11:46 oh 

11:46 Should I put the link there, but in small? 

11:46 to theteam.html 

11:47 nono 

11:47 copy the "Problem officer? mailto:thingie" 

11:47 to the end of the index.html too 

11:47 i think i should just to theteam.html 

11:47 well 

11:47 thats there already 

11:47 just 

11:47 in white 

11:47 yeah, but make it black 

11:47 and small 

11:48 you could do that 

11:48 but please put the problem officer 

11:48 on the main page too :P 

11:48 under the MEET THE TEAM link 

11:48 brb 5 mins 

12:03 http://anonleaks.ru/ 

12:06 btw 

12:06 can i have access to that inbox? 

12:06 or isnt that possible? 

12:07 ask Avunit 

12:09 tflow, can you put the link to the email up on the index.html too? 

12:09 I think it would be too much :\ 

12:09 We don't want the jokes to be too obvious 

12:09 well 

12:09 it isnt quite a joke yet :P 


12:09 only when they send us a mail 

12:09 and we reply 

12:09 xD 

12:10 They will send our hosts mail 

12:10 ill set the complaints mail of anonleaks.ru to complaints@anonleaks.ru too 

12:10 What to you mean? 

12:11 that when you whois anonleaks.ru 

12:11 get as a contact mail 

12:11 complaints@anonleaks.ru 

12:13 hi 

12:13 hai sabu

12:25 I can setup anonleaks.prvt.org let me know 

12:25 its one of my private domains 

12:25 we have anonleaks.ru and anonleaks.com tho 

12:25 guess we'll setup a whole bunch of mirror servers 

12:25 if you nigg3rs need me to get bulletproof servers 

12:25 but I have to buy prepaid visas 

12:26 Sabu: sweet. we have 4 mirroring servers in total 

12:26 5 if i join in soon 

12:26 1 of which is in prq, and 1 from telecomix 

12:26 but thatd be later on tho D: kinda busy here 

12:26 ok count me in 

12:26 my server will be in russia 

12:26 I'll have some servers tonight just for anonleaks 

12:26 triumph.operationfreedom.ru on this net 

12:26 swet 

12:26 sweet* 

12:26 but you awnna use nginx? 

12:26 because it runs lighttpd 

12:26 nginx is good shit 

12:26 hm 

12:26 lighttpd is OK, but nginx is better 

12:27 indeed 

12:27 actually fuck you ill get you an account on that box tflow 

12:27 and drop myself in the pool 

12:27 :3 

12:28 ugh just seeing this 

12:28 only 5 servers on anonops :o 

12:28 they are as large as we are heh 

12:58 Sabu: 

12:58 tflow: 

12:58 17:55 this company collects information here to analyze 

12:58 17:55 yes, can you tell me how you know that? 

12:58 17:56 lexsi it was 

12:58 17:56 They are not very discreet 

12:58 17:56 heh 

12:59 17:57 We can find their presence around all the actions of 

anonymous 

12:59 17:57 got an example? 

12:59 17:58 documents revealed on hb gary federal on torrent 

12:59 17:58 oh? hmm search is offline atm 

12:59 17:58 you happen to know date/time of a mail? 

12:59 17:58 And they do not hide, a speaker of that company spoke 

French in a story on anonymous 

13:02 17:59 "Gwendal Delcros, expert for the company's computer 

security Lexsi" 

13:02 18:00 he said clearly that they are collecting information on 

public irc, analyze behavior, etc.. 

13:02 18:00 but this speaker was a spokesperson, I provided the 

name of the barrett apparently in charge of the project 


13:02 18:01 This company is large enough, we know that it deals 

with the French authorities, and that its turnover amounted to several billion with money in 

very vague 

13:17 ok 

13:17 lexis.com it is 

13:17 do me a solid 

13:18 collect info on yehezkel in the process. if hes trolling us 

13:18 and has me wasting time rooting lexis 

13:18 you already know 

13:18 im quite confident that his info is okay 

13:18 he doesnt sound like a troll 

13:18 he taked to barrett yesterday 

13:18 didnt talk to anyone else or tried to spread that to anyone 

13:18 ony after i asked him in private 

13:19 he was on #opdeface for about 4-5 weeks now 

13:19 ok 

13:19 but i will try to find out a bit more 

13:20 but he gave us some lists of password/logins before 

13:20 quite a while ago 

13:20 think was for .eg 

13:22 ok my brother 

13:22 so lets begin researching lexis 

13:22 now he's helping with info on our .dz loic target 

13:22 i really am quite confident he is genuine 

13:22 the search would be helpful now 

13:22 for hbgary mails. since he mentioned there is evidence in there 

13:23 whats the site again 

13:23 lexsi.com ? 

13:23 yup 

13:24 they are working close with french but also international authorities 

13:24 and apparently greg was in contact with them... but i need yet to see that 

13:39 probing their servers now 

13:59 what was greg'S standard PW? 

13:59 i should really note that down, grrr. 

14:13 yeah.. well, i love joe. but discussing with him is really exhausting and no 

fun. :/ 

14:13 Avunit: No complains yet, heh 

14:14 ohai 

14:17 Sup 

14:17 I'll be back in an hour or two gentlement 

14:17 topiary my brother :D 

14:17 -!- Topiary [colossal@do.the.impossible] has quit [Quit: AFK, return time 1-2 hours, 

TANGO OSCAR PAPA INDIA ALPHA ROMEO YANKEE OUT HURR] 

14:18 SIERRA ALPHA BRAVO UNIFORM REPORTING FOR DUTY 

14:19 MIKE ALPHA ROMEO DELTA UNIFORM KILO on standby. 

14:20 still scanning mails 

14:29 jEA 

14:31 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/attachments/4558.pdf -- 

'Warfare by Internet 


14:31 may be an interesting read 

14:47 !twisted.operationfreedom.ru *** tflow invited joepie91 into the channel 

14:47 add joepie91 to aop please 

14:47 !twisted.operationfreedom.ru *** tflow invited joepie91 into the channel 

14:48 -!- joepie91 [merpderp@HA-u3g.pbq.j3hiks.IP] has joined #hq 

14:48 < joepie91> danke. 

14:48 alert the faggot police 

14:48 joepie is here 

14:48 nou 

14:50 !aop add joepie91 

14:50 he'S not regged 

14:51 < joepie91> yes I am 

14:51 < joepie91> :P 

14:51 !aop add joepie91 

14:51 -!- mode/#hq [+o joepie91] by HQBot 

14:53 back 

14:53 anything happen 

14:54 passed test 877/1000 ;) 

14:55 grats :) 

14:56 thanks 

15:12 sality rootkit here 


15:19 joepie91: I think I should add a link to ./ for where it says "HBGary email 

viewer" 

15:20 that would be an idea, yes 

15:20 heh thats a good compromise 

15:20 also, any irc servers still working? 

15:20 on anonops? 

15:20 vlad 

15:20 dharma just dropped 

15:20 ok 

15:20 what hostname? 

15:20 vlad was fine the past 24h 

15:20 just vlad.anonops.ru? 

15:20 vlad.anonops.ru 

15:20 also 

15:20 vlad dropped a few hours ago 

15:20 for a few minutes 

15:20 :P 

15:20 hm? not for me 

15:21 yus 

15:21 it did 

15:21 it delinked 

15:21 was fixed in like 5 minutes 

15:21 hm k, was probably AFK 

15:21 but right, i noticed that tackle split... :) 

15:21 if vlad does, tackle does too. 

15:21 wtf sis going on w anonops 

15:21 lol 


15:22 ddos 

15:22 on all the boxes? 

15:22 apparently 

15:22 not all 

15:22 shit keeps going down 

15:22 meh 

15:22 I think they are all attacked 

15:22 vlad wasnt attacked so far 

15:22 some more, some less 

15:22 has anyone said why its goign on? 

15:22 and some are protected 

15:22 nope, vlad had no ddos. tflow ? 

15:22 hm, it did delink 

15:22 well 

15:23 as we said 

15:23 vlad doesnt need to be attacked to split or lose connection 

15:23 that's normal :p 

15:23 but it'S been amazingly good the past 48h 

15:23 lol. 

15:23 I wonder about santrex 

15:23 they have russia 

15:23 and they're pretty cheap 

15:23 any experience? 

15:23 they are pretty good 

15:24 i have 3 in ru 

15:24 they have openvz, which makes me a happy panda 

15:24 1 in ukraine 

15:24 :3 

15:24 1 in luxenburg 

15:24 russia is sold out 

15:24 thinking about getting a 9.95/mo in ukraine 

15:24 especially nice that it's unmtered 

15:24 yea ukraine is actually the best out of all of them 

15:24 unmetered* 

15:24 oh, rly? 

15:24 howso? 

15:24 connectivity? 

15:24 yea 




15:24 ru getts ddosed weekly 

15:24 ;) 

15:24 hm, what country are you? 

15:24 kayla

15:25 hmmm 

15:25 i need to write it down 

15:25 then I wonder 

15:25 also 

15:25 found some sites that may work 

15:25 i don't have it here 

15:25 meh, k 

15:25 the connectivity between my US VPS and my dutch connection is 

ridiculously good 

15:25 better than between me and ANY dutch vps that I have tried so far 

15:25 :D 

15:25 I don't really get it lol 

15:25 im coming from a oc3 on this end so thats not the problem 

15:25 apparently because of hurricane or sth 

15:25 or dual ds3s 

15:26 its def their end 

15:26 hurricane electric? 

15:26 that's what it's called right? 

15:26 heh 

15:26 entropy: can you check your connectivity to www.yunicc.ws ? 

15:26 that VPS 

15:26 check it how just pings? 

15:27 ping, download speed 

15:27 --- www.yunicc.ws ping statistics --- 

15:27 3 packets transmitted, 3 received, 0% packet loss, time 2003ms 

15:27 rtt min/avg/max/mdev = 40.137/40.255/40.353/0.186 ms 

15:27 are you guys still fucking with egyption gov too :D 

15:27 lemme see 

15:27 I have a 100mb 

15:27 * joepie91 logs on to ssh to figure out where he put the 100mb 

15:27 hm 

15:27 removed my 100mb? 

15:28 sec 

15:28 i thought egypt is all good now 

15:28 kayla: not really.. i think 

15:28 mubarak resigned 

15:29 opegypt is like in optunisia state 

15:29 and fuck, triumpg lagging hard 

15:29 hmmm and cant ssh to tackle. 

15:29 wtf. 

15:29 http://etenders.gov.eg/uploads/owned.html 

15:29 http://etenders.gov.eg/uploads/sh.php?cmd=uname%20-a%3Bid%3Bw 

%3Buptime%3Bcat%20%2fetc%2fhosts 

15:29 downloading from cachefly with 10.7mb/sec... 

15:29 :P 

15:29 100mbit file 

15:29 www.yunicc.ws/100mb.test 

15:29 entropy, what speed are you getting from there? 

15:29 uh oh 


15:30 from where you want me to test 

15:30 i think tackle and vlad are dying :( 

15:30 what country? 

15:30 fuck 

15:30 uhm 

15:30 US 

15:30 1 sec 

15:30 anywhere in US 

15:30 32,434,472 4.77M/s eta 16s 

15:30 tackle/vlad dead 

15:30 about 5 M a secpnd 

15:30 heh 

15:30 ok 

15:30 100% 

[=====================================================================>] 

104,857,600 4.78M/s in 21s 

15:30 2011-02-12 15:43:17 (4.72 MB/s) - `100mb.test' saved 

[104857600/104857600] 

15:30 that's interesting 

15:30 *sigh* 

15:31 because I got 8mb/sec on a dutch 100mbit line 

15:31 :P 

15:31 and ping? 

15:31 5M is fucking fast 

15:31 40ms ping 

15:31 20:31 [vlad] CTCP PING reply from q: 78.629 seconds 

15:31 oh 

15:31 I get about 51ms 

15:31 not quite dead 

15:31 :) 

15:31 from netherlands 

15:31 a bit difference 

15:31 but still... 

15:31 ridiculously well-connected, lol 

15:31 that site is actually dutch 

15:31 are they some tier3 that gives hosting too? 

15:31 aimed at dutch public, too 

15:31 like level3 

15:31 mhh okay again. 

15:31 uhm 

15:31 this host is connected through level3 

15:31 hurricane 

15:32 and a few others 

15:32 ah 

15:32 not sure which one for this DC though 

15:32 www.ramhost.us 

15:32 those are the bigguns 

15:32 it's a small host 

15:32 great host, too 


15:32 they got the 10gige 

15:32 intercontential shit 

15:32 herh 

15:32 heh* 

15:32 well 

15:32 I pay like 30 dollar a month 

15:32 for 3 vpses 

15:32 fairly high spec 

15:32 they are fucking cheap 

15:33 and it's openvz, and fucking responsive :D 

15:33 the only thing is dutch will comply with us laws 

15:33 no mas 

15:33 mhmm 

15:33 meh 

15:33 I don't plan on breaking rules 

15:33 and I know the host is fairly anon-minded 

15:33 at free speech etc 

15:33 he won't shut down a server when he gets a DMCA 

15:34 but talk first 

15:34 etc 

15:34 it's the typical geek, even :P 

15:34 thats cool 

15:34 srsly 

15:34 robert marder 

15:34 great guy 

15:34 if something is up, you send him a message 

15:34 and he fixes it 

15:34 found a vuln on the site once 

15:34 sent a message 

15:34 less than an hour later it was fixed 

15:34 he wrote his own control panel for the VPSes too 

15:34 :P 

15:35 haha, greg on August 25 "Intelligence work becomes banal, now available 

for the common man, CIA, Inc." 

15:35 He did not know how true this will become 

15:36 LOL 

15:36 :O! 

15:36 ramhost has stock! 

15:37 you can bet that all those VPSes are sold out in three days :D 

15:37 entropy: https://my.ramhost.us/v2/vps/cp/ demo:demo 

15:38 who pingd me 

15:38 me 

15:38 :P 

15:38 lol 

15:38 *** CTCP-request ignored (ping) 

15:38 :D 

15:39 thats cool 

15:39 i wrote something liek this years ago 

15:39 we used to host freebsd in jails 


15:39 right whn linux was tsratign to be able too 

15:39 wow, hit 7000 followers yesterday. will have 8000 tomorrow 

15:39 speed is picking up 

15:40 heh 

15:40 700 or 7000? 

15:40 [20:38:12] -> [#ophbgary] PING 

15:40 [20:38:13] -joepie91- LOLNO 

15:40 7000 naturally 

15:40 7535 now 

15:40 jesus 

15:40 uhm 

15:40 * joepie91 checks follow count on wikileaks 

15:40 he's talking about anonymousirc :P 

15:40 and @AnonymousLeaks has 900+ already 

15:40 lol 

15:40 lol followers where :D? 

15:40 @AnonymousIRC - twitter 

15:40 ah thats what i was thinking of 

15:40 @anonymousleaks 

15:40 will catch @AnonOps soon 

15:40 that idit 

15:40 731k on wikileaks 

15:41 almost there 

15:41 :D 

15:41 holy shit 

15:41 873 for anonymousleaks. for 9 tweets 

15:41 exists 24h 

15:41 :D 

15:41 oh i dont get mixed up with that twitter stuff :D irc is my play ground :D 

15:41 kayla: mine too... i just understood twitter when joining anon 

15:41 very good propaganda tool (= 

15:42 aigeanta: RT @_x4o: AnonLeaks.ru - Teaser!! A Tale of HBGary, Stuxnet, 

Pride and Prejudice --->> ow.ly/3Vhin You won't want to miss this. #anonymous #TT · Reply · 

RT 

15:42 oh it is! look how it's helped tunisia and egypt :) 

15:42 idd 

15:42 i just don't live having online accounts :) 

15:43 nickserv. 

15:43 well, obv i only access it via vpn 

15:43 tflow: how many PI do we have on anonleaks.ru by now? 

15:44 PI? 

15:44 page impressions/unique visitors 

15:44 dunno. i should probs install awstats 

15:44 we need to make http://anonleaks.ru a fortress :D every faggot wanting to 

1up anon will try to haq it :D 

15:44 awstats indeed 

15:44 there's not much to hack, is there? 

15:45 kayla: yeah. but we have a fuckload of mirrors atm 

15:45 try if you can make it run awstats every hour, then clean IPs from logs 


15:45 well, a few :P 

15:45 about 6 total 

15:45 try if you can make it run awstats every hour, then clean IPs from logs 

15:45 :) 

15:45 tflow, mirrors are nothing, we get hacked we will lose face :-) 

15:45 scp the logs to a diff box to install awstats 

15:45 awstats is unsecure as fuck 

15:45 kayla: well all the content is static 

15:45 entropy: that can be traced 

15:45 and they will just get that box 

15:45 lol 

15:45 http://internetfeds.mil.nf/hbgary/greg_hbgary_com/15255.html MOAR sality 

rootkits 

15:45 kayla: heard of sality? 

15:45 i have 

15:46 like 5 years ago 

15:46 its super common 

15:46 ah k 

15:46 then nvm 

15:46 + even if they hack the box, nginx doesn't run as root, but as nginx 

15:46 hevent heard of it before 

15:46 its a part that alot uses 

15:46 its the main rootkit part 

15:46 how sick is it that I make tea in a coffee machine? 

15:47 atleast install sunoshin and disable LOAD_FILE and INTO OUTFILE on 

mysql, close all none needing ports, not using FTP? close it! not using SMTP? close it! 

15:47 im moving all my shit off those dns servers 

15:47 cause now im hosting my www onit 

15:47 is into outfile disabled on all mysql? 

15:47 by default 

15:47 not sure!!!!!!! 

15:47 i've not installed it too many times, but i sure know how tyo make a mess of 

it :D 

15:48 i dont know why the f anyone would legit use that 

15:48 lol 

15:48 i break servers dont make servers :D 

15:48 lol 

15:49 kayla 

15:49 I am not sure how useful it is to install patches 

15:49 for things that are not installed 

15:49 lol 

15:50 HBGary Preparation to Sell the Company.docx (12406 bytes) 


15:50 if it was my server only port 80 and 22 would be running, i wouldn't even use 

a mysql DB and just use html static pages rather than php/html 

15:50 also, imho the best way is to start off with a minimal image 

15:50 set up an sshd 

15:50 set up a httpd 

15:50 mysql you can run on 127.0.0.1 


15:50 and only use sftp for access 

15:50 we only use html pages 

15:50 and should change sshd to ran port 

15:50 entropy yes :D 

15:50 only allow local mysql connections 

15:50 *rand 

15:51 but having a SQL DB means it can be SQL injected :D 

15:51 not if you write proper code. 

15:51 is why no mysql for me :D 

15:51 kayla: try to get into my shit. 

15:51 through sqli. 

15:51 morning kayla 

15:51 if you succeed I will buy you cookies. 

15:51 :P 

15:51 joepie91 but professional coder think they write good code and it get's 

pwned 

15:51 mhm 

15:51 but I judge my code by how secure it is 

15:51 and not by how good I think I am 

15:51 :) 

15:52 :) 

15:52 try to break into my shit. 

15:52 srsly. 

15:52 www.yunicc.ws www.chinacheep.com www.anonnews.org 

15:52 have fun :)( 

15:52 :)* 

15:52 all run php5 and mysql 

15:52 100% self-written 

15:52 your on a vpn 

15:53 if you cant break in remotely 

15:53 just get a host on the same vpn 

15:53 or subnet 

15:53 poision arp 

15:53 or pull a mitnick 

15:53 vps* 

15:53 :P 

15:53 its it was 1988 

15:53 heh 

15:53 social engineering? 

15:53 good luck trying that on me 

15:53 lol 

15:53 noone has access to my servers 

15:53 besides me 

15:53 could you open the fw on a high port btw? 

15:53 lol 

15:54 xD 

15:54 ;) 

15:54 what bout no 

15:54 :P 


15:54 but yeah 

15:54 I run a httpd 

15:54 i have vpn in canada 

15:54 and an sshd 

15:54 and that's it 

15:54 pretty much 

15:54 i can sniff everyones traffic 

15:54 and have some fun times with dnsiff tools 

15:54 oh, and an icecast server on the... yunicc? vps 

15:55 lol 

15:55 it's been a week of non stop lulz 

15:55 :D 

15:55 indeed, inded 

15:55 poor aaron :( 

15:55 I want my own irc server :( 

15:55 *trolls remorse* 

15:55 :( 

15:55 lol 

15:55 Trolls Remorse Syndrome 

15:55 joke :D 

15:55 TRS 

15:56 joepie91 irc is gay install a silc :D 

15:56 install silc plugin for irssi 

15:56 PROFIT 

15:56 :D 

15:57 AES256 encrypted chats :D uses priv/pub keys :D 

15:57 what is it like a WASTE plugin for irssi? 

15:57 you can have it so every user has same nick too xD 

15:58 .. 

15:58 does every person have to have it 

15:58 irc + fish go 

15:58 or does the cli and svr? 

15:58 or is it clicli? 

15:58 ill look it up actually... 

15:58 it's client and server yeh :D 

15:59 http://silcnet.org/ 

15:59 how2 irssi -> sicl http://cvs.silcnet.org/source/irssi/README 

15:59 silc* 

16:00 here is the plugin http://www.freshports.org/net/silc-irssi-plugin/ 

16:00 totally priv8 chats 

16:01 run it on a server with only tht service 

16:01 it's on ;] > @bruces: *these Anonleaks guys are like the game-griefer 

maestros of psychological torment. 

16:02 lolol. 

16:03 put it in topic of #anonleaks :D 

16:03 lol'd 

16:07 SimplePraxis: RT @bodyspacesoc: (Wikileaks + Anonymous) * Banks(2) = 

Anonleaks t.co/EGKW2h5 #HBGary #formulafordisaster · Reply · RT 

16:07 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Connection closed] 


16:07 cinnamon_carter: aronleaks ? a joke ??? RT @chronic: uh oh: 

t.co/LRapm5B · Reply · RT 

16:07 aronleaks? 

16:07 lol 

16:07 Aaronleaks 

16:08 agentmule: RT @jeffantebi: OH FUCK. anonleaks.ru/ 

#theendoftheworldasweknowit · Reply · RT 

16:12 00:08 Aaronleaks 

16:12 lol 





16:14 welcome back entropy :) 

16:14 ;) 

16:14 i have to go to laptop so i can see whats on all these disks before i toss 

them 

16:14 is it weird I read dildos instead of disks? 

16:14 lol 

16:15 no, srsly 

16:15 lol 

16:16 holy shit i hate caps lock key 

16:16 why does it even exist 

16:17 caps lock is cruise control for cool :D 

16:18 CAPS LOCK 

16:18 CAPS LOCK 

16:18 CAPS LOCKKKKK 


16:18 good question 

16:18 like scroll lock 

16:18 has zero practical usage in regular computer usage 

16:18 lol 

16:34 http://hbgary.lacy.ie/ 

16:34 how is search coming along? 

16:34 (presumably not good for your cpu usage, joepie91 :P) 

16:34 actually wait, it's broken atm 

16:38 miraculously does not kill cpu 

16:38 not even a bit 

16:38 but it doesn;'t work either 

16:38 :P 

16:39 http://gawker.com/#!5758753 

16:39 .. 

16:44 pretty damn ironic 

16:44 considering they released julian's love letters 

16:47 why does everyone think its a replacement wikileaks 

16:54 lol 

16:54 because they are idiots 

16:55 oh 

16:55 tflow 


16:55 make sure you keep the emailX.html pages alive 

16:55 after launch 

16:55 don't want to make gawker point to dead links ;) 


16:57 -!- Topiary [topiary@do.the.impossible] has joined #hq 


16:57 http://www.p2pnet.net/story/48625 

16:57 Sabu: Sorry about that earlier - hai to you good sir. 

16:57 they got it right 

16:57 as usual 

16:58 "It’s rumoured that McQuaid is an HBGary shareholder." 

16:58 lol 

16:59 p2pnet

17:25 marduk: He did and wanted a face-to-face interview, I denied 

17:26 okay, yeah me too :p 

17:26 tflow: Two emails, one from case@anonleaks.ru requesting complaint 

forwards, another one simply asking if Greg's emails will be dumped 

17:26 I'll respond to the first one nao 

17:26 :p 

17:26 paste plz 

17:26 marduk: will forward complaints 

17:26 tflow: k 

17:26 cheers :) 

17:27 from Mike Perez 

17:27 to complaints@anonleaks.ru 

17:27 date Sat, Feb 12, 2011 at 7:55 PM 

17:27 subject I has problemz 

17:27 

17:27 I can has hopes that gregs email will soon be released 

17:27 k... 

17:27 is that it? lol 

17:28 Yep, that's our entire inbox so far. 

17:29 hi, i managed to crack 52k of the leaked rootkit md5 hashes 

http://www.mediafire.com/?sfpmuujffbufal1 

17:29 wat do 

17:30 was a pm 


17:32 wheeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee 

17:32 the guy who got pwned a few months ago by haxors 

17:32 tries to write some negative http://gawker.com/#!5758753/anonymoushackers-launch-wikileaks-for-normal-people 

17:32 yet all the comments are positive 

17:32 + http://www.abovetopsecret.com/forum/thread662298/pg1 

17:33 uhm 

17:33 all rootkit.com pw have been cracked and released before 

17:33 but they were taken offline :o 

17:35 I know\ 

17:37 jesus 

17:37 people bitching 

17:37 that the personal mails shouldnt be released 

17:37 uh, guys, the personal mails shouldnt have been in their corporate 

inboxes in the FIRST place 

17:38 blaeh we reelase all 

17:38 FULL DISCLOSURE; baby 

17:38 shoud we sift thru all and sort personal outÃ? lol 

17:38 ^ 

17:38 Fuck no! 

17:38 LEAK LEAK LEAK. 

17:40 If someone "ripped open" my corporate mailbox, I'd be like Steve Martin 

in Lonely Guy. Flat out boring. 

17:40 Now, my porn email account...that's a WHOLEEEE different story. 

17:40 from a comment on gawker 


17:40 he gets it 

17:40 lol 

17:41 There is no good guy in this story, no innocent victim. If I can't have all 

evil-doers in the universe wiped out, I'll settle for one. 

17:43 When sleazy corporate 'security professionals' are willing to engage in 

smear campaigns against activists - and who knows what else? - I find it acceptable that they 

also become the target of equally sleazy anarchist smackdowns. 

17:50 Redsuricat: RT @bodyspacesoc: (Wikileaks + Anonymous) * Banks(2) = 

Anonleaks t.co/EGKW2h5 #HBGary #formulafordisaster · Reply · RT 

17:53 lolol. 

17:53 I think Anonleaks is going to do boom for a few people :3 

17:55 boom? 

17:57 uhu 

17:57 some people whose... secrets are in there :3 

17:58 wtf 

17:58 FreedomNow2011 YouthUnited 

17:58 @ 

17:58 @AnonymousIRC are you really Anonymous? I mean,THE Anonymous. 

Would be a good thing to meet you, but need to know it's true. 

17:58 llool 

17:59 http://www.computersecurityarticles.info/security/anonleaks-on-the-move/ 

17:59 they still think anonleaks.org = anonleaks.ru 

18:00 http://anonleaks.pcriot.com/ 

18:02 i will tweet about it, maybe it helps 

18:03 Maybe we'll start get Anonymous sources of info 

18:03 Can we also put the "problem officer" thing on the front page? 

18:03 It would be the shit 

18:05 someone should say .org isnt the same 


18:06 wtf 

18:06 that was magical 

18:06 lol 

18:07 entropy 

18:07 where is the conf file for your nginx? 

18:08 uh 

18:08 on which server the unkrine one? 

18:09 yeah 

18:09 1 sec 

18:10 /etc/nginx/nginx.conf 

18:11 its centos 

18:12 ah 

18:12 hmm what you think.. ad a few more teasers? 

18:12 just an idea 

18:13 i like the DHS one 

18:18 910 motherfucking followers. 

18:18 wat. 

18:19 it's about dinner time in US now 

18:19 so should be a good time 

18:19 to add a few more teasers :) 


18:20 what do you say about releasing anonleaks on sunday night? it's monday in 

asia :p 

18:20 (night, well, for gmt time) 

18:20 hm 

18:21 we want the media to see that before they see the gawker article 

18:21 would be a good one 

18:23 -!- Nessuno834 [fag@fag.fag] has quit [Ping timeout: 121 seconds] 

18:25 joepie91 

18:25 http://www.reddit.com/r/politics/comments/fk3ql/hbgary_pwns_anonymous/ 

18:25 'fuck that color scheme 

18:25 ' 

18:25 xD 

18:26 * kayla h8's gawker :D 

18:26 Nick Denton especially h8's me :D [Kayla/Gnosis broke into Gawker] 

18:28 :D 

18:29 Hoglundâ??s company which, he claims, provides â??classified services 

to the Department of Defense, the Intelligence Community and other U.S. Government 

agencies to meet their unique requirementâ? , is now effectively on the trash heap. 

18:29 yup. 

18:29 :P. 

18:34 :D 

18:36 lolbai hbgary 

18:36 YOU SCREWED UP FAGGOTS 

18:37 * kayla rapes joepie91 :3 

18:37 D: 

18:37 you's gurl 

18:37 ;_; 

18:37 Love me love me 

18:37 say that you love me 

18:38 -!- Topiary was kicked from #hq by joepie91 [k] 

18:38 !invite Topiary 


18:38 -HQBot:#hq- Topiary was invited to the channel. 



18:38 :3 

18:38 :o 

18:38 Topiary 

18:38 EVERYTHING WAS GOING SO WELL AND THEN YOU SHOWED UP, 

YOU BIG MEANIE! 

18:38 does you have autojoin 

18:38 on invite 

18:38 lol 

18:38 /invite Topiary #cocks 

18:38 /invite Topiary #kill 

18:39 :D 

18:39 lol sajoin everyone #kill :D 

18:39 xD 

18:43 How are you chaps doing today? 


18:53 vmware + unity =

19:32 internetfeds.mil.nf 

19:32 irc.anonops.net 

19:32 loic.anonops.in 

19:32 internetfeds.mil.nf lol 

19:33 we're so evil 

19:33 lol. 

19:33 who the fuck is this guy 

19:34 wait 

19:34 how did he get internetfeds.mil.nf 

19:35 dont only like ppl in this chan know about that 

19:35 reverse dns lookup 

19:35 yea i mean either the fwd or reverse 

19:35 donsent no one else know? 

19:35 or is that in dns? 

19:37 lol, aaron to his (ex)wife.. in one of the flame mails 

19:37 "Get your anger straight." 

19:37 http://www.robtex.com/ip/92.241.162.216.html 

19:37 he's funny. i have to remember that 


19:38 robtex

saltiest sea shanties to the world of the Internet, and we humbly apologize for neglecting Chuck Norris 

in our team page. After Chuck Norris crushed Batman's head in between his thighs, we thought it best 

that he take a few days off - but this is no excuse for our negligence. 

19:48 As per your request, Dr. Cocoa, this factual misinformation will be rectified as soon 

as possible. Please be aware that, while we intend to include Chuck Norris on our operations, we may 

decide to first partake several plates of chicken parmesan in an attempt to comfort ourselves over our 

own increasing falsification. 

19:48 Yours rampantly, 

19:48 Topiary 

19:48 CEO of your mother 

19:48 lol 

19:51 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Quit: switch back] 




19:58 Topiary +9001 internets. 

20:03 is anonops still getting ddos 

20:04 http://webmove.org/projects/jamendo-html5-audio-player/? 

artist_id=8094&artist_name=Julien%20Boulier 

20:04 probably, yes 

20:04 wtf 

20:04 i hate ddosing fucks 

20:05 vlad's fine though 

20:05 dunno why 

20:05 tbh 

20:31 mhh now it seems to be down 

20:32 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @joepie91, @x, 

@tflow 

20:33 ah k 

20:33 FU 

20:35 DEM SPLITS 

20:35 ddos i think 

20:35 vlad+tackle died 

20:35 and thus the reader as well 

20:36 uh oh 

20:36 which anonops server is working? 

20:36 owen said something about a new GB? 

20:37 Don't know, but anonleaks.ru seems to be slow/down too 

20:37 I can't connect to AnonOps 

20:37 mmm 

20:37 no good. 

20:37 praise for the backup net tho 

20:37 I hate these attention-seeking bored trolls who get sensitive over Anonymous doing 

something big when they're not at the center of it 

20:37 all ddosed it seems 

20:38 so instead of realizing they can't always be in the middle, they lash out 

20:38 |-heimdall.anonops.in (17) 

20:38 tiny.anonops.ru 

20:38 heimdall is on gigabit 


20:38 try that 

20:40 On now; thanks 

20:45 and thats why we need da mirrors 

20:53 fuck i hate geolocal language in web pages 

20:55 im going to check out whats up with the fuck calling us socicopaths 

20:55 http://www.dioceseoflansing.org/ 

20:55 his work 

20:59 oh no its down 

20:59 :( sad times 

21:01 actually ill put it back up 

21:01 until hes at work monday 

21:01 heh 

21:01 rather bring our sites back up :( 

21:02 whats down? 

21:02 anonleaks.ru 

21:02 internedfeds.mil.nf and vlad.anonops.ru 

21:02 wheres tflow 

21:02 as well as tackle.operationfreedom.ru 

21:02 and a few other anonops leafs 

21:02 well it's ddos, it seem 

21:02 snothing much to do 

21:02 i can change dns 

21:03 and put up a mirror 

21:03 mmm 

21:03 cause i have the page cahced 

21:03 worth a try? the irc doesnt matter much 

21:04 

21:04 E-mail 1 

21:04 no i cant 

21:04 why the f they linked that way i dont know 

21:04 ah hm well, only a demo 

21:04 but well, ddos will cease 

21:04 sooner or later.ö.. 

21:05 actually i could slowy get it 

21:05 with like 

21:05 cache:anonleaks.ru/email1.html 

21:05 in google maybe 

21:05 1 sec 

21:06 for some reason there no cache link 

21:06 they are kinda hidden now.. i dont see any cache links anymore 

21:06 sth changed 

21:07 http://webcache.googleusercontent.com/search?q=cache:http://anonleaks.ru/ 

21:07 hmm cant read either... 

21:07 http://webcache.googleusercontent.com/search? 

q=cache:http://anonleaks.ru/email1.html 

21:07 http://webcache.googleusercontent.com/search? 

q=cache:http://anonleaks.ru/&hl=en&strip=1 

21:07 but no css will look like shit if i put that up 

21:08 mhh cant access tea, page either 


21:08 in cache 

21:08 cant load the emails from cache here either, strange 

21:09 it is 

21:09 Aaron and Greg now talking in #hbgarytalk !! 

21:10 how did i get into kill 

21:10 and not get killed 

21:10 FUCK YOU! 

21:10 :p 

21:10 [Users(#kill:5)] 

21:10 [ entropy ] [ Hex ] [ joepie91 ] [ &SiteBot ] [ Immortalit] 

21:10 Channel #kill was created at Sat Feb 12 20:36:43 2011 

21:10 BitchX: Join to #kill was synched in 0.599 secs!! 

21:10 q [root@hbgaryfederal.com] has joined #kill 

21:10 #kill q Hr root@hbgaryfederal.com (x) 

21:10 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Killed (marduk (because!))] 




21:12 lol 

21:12 wb :) 

21:12 yeah without killbot that doesnt really work 

21:12 nice try tho 

21:14 and sorry, i usually dont do that. 

21:14 lol 

21:14 but i dont like to get killed for no reason :p 

21:15 i dont care clients auto reconnect 

21:15 im drinking absenth and oj 

21:15 in a jolly mood anyway 

21:15 ;) 

21:15 heh nice 

21:15 we're having whisky 

21:16 Glenrothes, Special Reserve 

21:17 nice 

21:23 you are kidding me 

21:23 the fuck calling socicopath 

21:23 ? 

21:23 DIOCESE OF GAYLORD 

21:23 thats what hes in 

21:23 its not a joke 

21:23 heh 

21:23 www.dioceseoflansing.org/communications/DOLdirectoryforweb2010.pdf 

21:25 yeah just looking at the site 

21:26 its vuln to slow get/post 

21:26 just stops it 100% 

21:27 and im guessing the search to xss 

21:27 havent checked yet 

21:27 wget -r ing it 

21:28 yeah well, we need to get the mirrors going tomorrow 

21:28 yea we should have had them since the day we put the first link out 


21:28 to anonleaks 

21:28 had to know thiswas going to happen 

21:28 oh wait 

21:28 i didnt even look if its already there 

21:28 hm? 

21:29 oh 

21:29 tflow was mirroringthe pages 

21:29 wait 

21:29 so he might have done the int page 

21:29 hm there was a mirror on opfreedum.ru 

21:30 me nvm 

21:31 nope not on any of mine 

21:31 hmm not anymore it seems 

21:31 http://91.211.116.134/ 

21:31 same as before 

21:32 i thought he mirrored already 


21:32 there 

21:32 mirror 

21:33 ok 

21:33 ill change dns 

21:33 i dont think i want the opfreedom site tweeted 

21:33 not wile ddos is going on 

21:33 since it is triumpg 

21:33 so i shouldnt or should? 

21:33 dont want triumph down as well 

21:34 yes.. if you can mirror it elseqhere? 

21:34 i can put it on any of my boxes 

21:34 yes i got 2 ru 1 ukraine 1 netherlands 

21:34 one where you can live with it being down? 

21:34 ru 

21:34 would be cool 

21:34 and also a test 

21:34 ukraine and nether host backup dns and my real www 

21:34 to see if it REALLY is ddos 

21:34 ok 

21:34 maybe heihachi screwed up again 

21:34 your going to tell tflow you told me to 

21:35 ;) 

21:35 ill do it now 

21:35 hehe sure 

21:35 well, i'D spread operationfreedom.ru mirror.. but if that get'S ddosed we lose 

another irc leaf 

21:35 dont want ;/ 

21:37 http://91.211.116.134/ 

21:37 ok wget it 

21:37 changing dns 

21:38 does it have a host? 

21:38 oh 


21:38 it will in 2 seconds 

21:38 you change anonleaks.ru to it 

21:38 yeah 

21:41 team link is still invisible there tho 

21:41 root@ru:/var/named/chroot/var/named# nslookup anonleaks.ru 127.0.0.1 

21:41 Server: 127.0.0.1 

21:41 Address: 127.0.0.1#53 

21:41 Name: anonleaks.ru 

21:41 Address: 91.211.116.134 

21:42 bash-3.2# nslookup anonleaks.ru 127.0.0.1 

21:42 Server: 127.0.0.1 

21:42 Address: 127.0.0.1#53 


21:42 Address: 91.211.116.134 

21:42 ok give like 5 min to propagate 

21:42 and it will be back up 

21:42 works here already 

21:42 with CCC nameserver 

21:42 yep me too 

21:42 will tweet in 2 or so 

21:43 its not done in usa yet 

21:43 hm app they are not ddosing the domain then 

21:43 hm k waiting for now 

21:43 no they are ddosing the ips 

21:43 it has to be hbgaruys botnet 

21:43 mhhh 

21:43 he dosent know i can move shit around the world all night ;) 

21:43 i dunno 

21:43 you think just skiddies? 

21:44 yes, more likely 

21:44 because also vlad/tackle/belldandy etc 

21:44 and that started earlier 

21:44 but well, we never know for sure 

21:45 fuck goign thro 2 vpns and a proxy amkes it hard to test when thsi is up 

21:45 ok looks up in ny 

21:45 and cali 

21:45 kk 

21:45 thx 

21:45 np 

21:45 will tweet.. then see what happens 

21:46 ill start sniffing to some dump file in screen 


21:47 nice 

21:47 id tell op* 

21:48 thx :x 

21:48 i did 

21:48 yep just saw 

21:52 still up and fast as shit 

21:53 yup 


21:53 well 

21:53 there'S always the chance it'S an heihachi fuckup 

21:53 but i dont really think so 

21:53 are all those boxes on the same subnet 

21:53 vlad/tackle are in same rack 

21:54 ah 

21:54 opfreedum.ru is on triumph 

21:54 most likely same subnet then 

21:54 also heihachi but sifferent 

21:54 mine are all santrex 

21:54 ass for the other anonops i dunn 

21:54 ah and yeah. internetfeds.mil.nf is running on vlad 

21:55 lol this is goign to get them pissed 

21:55 until they realise to attack the dns 

21:55 Topiary: nice tweet :) 

21:55 i can seiosuly switch this around to 20 boxes 

21:55 haha 


21:56 i can round robin dns it to like 10 boes right now 

21:56 eh 

21:56 we have enough domains as well, actually 

21:56 but then they have the 10 ips 

21:56 well have to think of a plan tomorrow 

21:56 how we want to propagagte that 

21:56 all we have to do it put it on n boxes 

21:56 and have anonleaks.ru resolve to all those ips randomly 

21:56 like what google and all big providers do 

21:57 as long as the same contecnt is on all tis fine 

21:57 yup 

21:57 and static pages which it is 

21:57 classic load balancing 


21:57 yea exactly 

22:04 marduk: green is the new black 

22:04 i like green for anonleaks.. but will stay for the classic black on main twitter 

22:04 Indeed 

22:06 fuckign 

22:06 shit 

22:06 theres like 5 requests a second 

22:06 sounds normal? 

22:07 bash-3.2# ls -la access.log 

22:07 -rw-r--r-- 1 root root 827533 Feb 13 06:05 access.log 

22:07 bash-3.2# ls -la access.log 

22:07 -rw-r--r-- 1 root root 857050 Feb 13 06:05 access.log 

22:07 if we are fucking google i seems normal 

22:07 but its too weak to be ddos 

22:07 i just tweeted it'S up and running 

22:08 its seriously like 100 hits aminute 

22:08 to 7k followers and it was RTed massively 


22:08 mhh 

22:08 no they look like real reauests 

22:08 still .. what kind of ddos? LOIC? 

22:08 lol 

22:08 all diff ips 

22:08 yeah 

22:08 hehe 

22:08 we're fucking famous 

22:08 lol 

22:08 live with it (= 

22:08 the access log is going up 1k a second 

22:09 i thought tflow was exagurating 

22:09 site is fast tho 

22:09 how ever you spell it 

22:09 exaggerating :) 

22:09 yea i cp'ed tflow nginx.conf 

22:09 nginx is awsome 

22:09 entropy: you got control of it all now? 

22:09 and this ukraine box always was stable as hell 

22:09 yea 

22:09 sweet 

22:10 tflwo/avunits boxen are ddos/down 

22:10 so i jhust mirrored 

22:10 then changed dns 

22:10 and until they ddos the dns i can continue to move it 

22:10 can you edit the index? 

22:10 dont mention that anywhere though ;) 

22:10 yes 

22:10 the team link is invisible 

22:10 but not that important i guess 

22:11 i thought that was on purpose 

22:11 i can change that easily 

22:11 was gonna /r/ that the "Problem officer? complaints@anonleaks.ru" be moved to 

the front 

22:11 nah we changed it 

22:11 to a small, decent link 

22:11 since it'S google indexed anyway 

22:11 Topiary: mail greed 

22:11 ! 

22:11 NOM NOM NOM! 

22:12 should i change something in it or? 

22:12 

22:12 white on white 

22:12 I'd just like to see the complaints thing on the index 

22:13 i dun care much, as long as it'S up 

22:14 http://anonleaks.ru/ ? 

22:14 yes 

22:14 ill do it as long as im not pissing anyone off 


22:18 if this box is ddos i got http://94.102.51.136/anonleaks/ 

22:18 setup 

22:23 well so far all is good. 

22:23 yea im surprised actually 

22:23 been like 30 minutes 

22:24 maybe it really is heihachi fubar 

22:24 all affected boxes are at heihachi.. 

22:25 yep it is 

22:25 i dont think its ddos 

22:25 when my heihachi box goes down 

22:25 and i traceroute 

22:25 stops at exact same place 

22:26 mmm k 

22:26 i think they have like 128 vhosts per box 

22:26 *Sigh* 

22:26 that'S even worse 

22:26 so the box goes down they all do 

22:26 and they dont wake up till 1 est 

22:26 1am est 

22:26 is like 9am russian 

22:26 hmm 

22:27 possibly vlad was ddosed as ircleaf 

22:27 and that took down the rest 

22:27 anonops or opfreedom? 

22:27 anonops 

22:27 was under heavy ddos today 

22:27 owen actually connected a new 1GB leaf 

22:28 yea that must be ddos 

22:28 cause im on those same ips 

22:28 root@ru:/var/named/chroot/var/named# ifconfig | grep inet 

22:28 inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255 

22:28 inet addr:92.241.184.78 P-t-P:92.241.184.78 Bcast:0.0.0.0 

Mask:255.255.255.255 


Mask:255.255.255.255 


Mask:255.255.255.255 

22:28 and mine is fine 

22:28 92.241.X.X 

22:29 triumph fine too 

22:29 but vlad/tackle are in same rack i think (not same vps tho) 

22:30 bash-3.2# ls -lah access.log 

22:30 -rw-r--r-- 1 root root 1.5M Feb 13 06:28 access.log 

22:30 that was seriously 1k 

22:30 20 min ago 

22:30 cant belive how many hits 

22:30 maybe we should put like google ads on this shit and get rich 

22:30 lol j/k 

22:32 well, some funding for the servers would actually be naic 


22:32 but i think that we can decide later.. after next leak :x 

22:33 bash-3.2# cat access.log|awk '{print $1}'|sort|uniq|wc|awk '{print $1}' 

22:33 7019 

22:33 hehe 

22:33 7019 unique hits in the last 30 minutes 

22:33 theres no donate page up? 

22:33 and that for only 9 teaser emails 

22:33 hmmm, not really so far i think. but avunit is having some donation think runninh i 

think 

22:34 gotta check with him and tflow tomorrow 

22:34 maybe add a flattr? 

22:34 flattr? 

22:34 works quite okay for anonnews 

22:34 http://flattr.com/ 

22:36 ok i haveto go hang out with the wife 

22:36 ill check back periodicly befre i go to bed 

22:36 * entropy typing skillz 

22:38 k have fun 

22:38 will be asleep soon too 

22:54 entropy: we gonna get the complaints link on anonops.ru or was it decided against? 

22:55 hm? 

22:55 btw 

22:55 http://www.straight.com/article-331250/vancouver/video-riot-police-charge-g20protesters-singing-o-canada 

22:55 sick video 

22:56 was a reply after i tweeted that some algerians were arrested today for holding up 

the algerian flag 

22:57 hmm #opbahrain doesnt even exist :o 

23:22 Topiary: its on there now 

23:22 im assuming its ok 

23:22 but tflow is off/down really until he gets back i assume its alright 

23:22 and its still up 

23:23 which is crazy 

23:23 it's nice 

23:23 really expected it to go down in 10-15 minutes 

23:23 dont think its ddos, really 

23:23 heihachi fucked it up, once again 

23:23 or maybe it is 

23:23 and vlad is still fired 

23:23 well, tflow will tell us tomorrow 

23:26 yea 

23:26 and ill crash now 

23:26 i think they would have realised and switch to this ip 

23:26 me too 

23:26 ttl 

23:26 seeya in 9h or something like this 

23:26 later 

23:29 tflow/avunit: i cahnged the dns and you cannot edit it via the bot, either wait till i 

come on or change /var/named/chroot/var/named/db.anonleaks.ru (serial and first a record line) and 


usr/sbin/rndc -s localhost -c /var/named/chroot/etc/rndc.conf reload 

--- Day changed Sun Feb 13 2011 

00:48 is this the bat cave :D? 

00:51 * marduk flaps around in panic 

00:51 :o 

00:51 * kayla hides 

00:51 you woke a bat 

00:52 half of heihachi is dead or so 

00:52 narf 

00:52 had to move ip and put up a new mirror to keep teasers running 

00:52 either ddos on vlad which takes down the whole rack and more.. or heihachi fubar 

00:53 kayla: by the way, we still need your dox! :-) 

00:53 http://anonleaks.ru/theteam.html 

00:55 btw actually an idea. investigate shell/bp/exxon fuckers 

00:55 not whitehats i know... but... 

00:56 probably about the only industry which can be worse than banks 

00:58 :D make some do up for me lololol :D? 

01:00 main webservers are not interesting 

01:00 but i will do some research.. in the next days 

01:01 scanning subnets etc. finding rather unknown boxes 

01:01 will give you guys an report.. in the meantime.. stay on what we have i guess 

01:02 lexsi i guess, hunton maybe.. and i dunno about dosarrest, this is rather strange 

01:03 ok :D 

01:03 im gonna get some sleep now

05:08 oh 

05:08 hackernews 

05:08 nub site 

05:08 lol 

05:09 '2.) We wanna invite you guys to start "Operation India" , So as to expose all corrupt 

Politicians. Its must in India. I can make u sure that, Whole India will support you and every Indian 

Hacker will also support you.' 

05:09 oh, and 

05:09 http://securepastebin.com/go/retrievePost.action?id=6337 pass: complaints 

05:09 Avunit: can you cname anonleaks.ru to www.anonleaks.ru 

05:09 so that we can edit it from the dnsbot 

05:09 err think i can sec gotta log in the right server XD 

05:10 ty 

05:10 i'm not sure what happened yesterday with my server o_o 

05:11 it died? 

05:11 what server is the site is on now? 

05:11 who's* 

05:11 yeah 

05:12 it died 

05:14 do you guys need space on PRQ? 

05:14 or was it just a technical issue? 

05:15 okay 

05:15 i cnamed it 

05:16 IN CNAME www.anonleaks.ru. 

05:17 anyway what about the russian press guis? 

05:17 [11:09:24] http://securepastebin.com/go/retrievePost.action?id=6337 pass: 

complaints 

05:17 that one 

05:21 opinions? 

05:22 Probably invite her to #reporters as usual 

05:22 yeah but she cant connect to the IRC it seems 

05:22 we can give her the web link 

05:24 ill gief when she mails again on mail 

05:33 hm.. 

05:33 i'm thinking of ways that mirrors can keep their index page updated with the latest 

mirrors 

05:33 i was thinking of making them have a cron job to automatically wget index.html from 

anonleaks 

05:34 but i think that might be insecure 

05:34 why not rsync then? 

05:34 since thatll only download when its changed 

05:34 get one mirror thats not public, update shit on there 

05:34 they will have to give us their sftp details etc 

05:34 and let the rest rsync cronjob it from there 

05:34 more hassle 

05:34 so the nonpublic mirror wont be offline 

05:34 normal ssh will do :p 

05:34 ets safe 

05:35 ssh = sftp :p 


05:35 fast 

05:35 yarr 

05:35 so no additinoal 

05:35 creditinials needed 

05:35 but i'm not sure 

05:35 it's odd asking for their ssh details on the mirror page for something that is supposed 

to be decentralised 

05:36 gotta spread from somewehre :P 

05:36 did you set triumph up already? 

05:36 no, couldnt conenct to ssh again 

05:36 connect* 

05:36 0.o? 

05:36 i 

05:36 hate 

05:36 openssh 

05:36 chrooting 

05:36 [18:05] lftp tflow@triumph.operationfreedom.ru:~> ls 

05:36 [18:05] ls: Fatal error: pseudo-tty allocation failed: Exec format error 

05:37 fuck it 

05:38 wanna download it yourself? 

05:38 but actually.. i still need working ssh details to update index.html 

05:38 login now 

05:38 i removed your chroot on sftp 

05:38 sec 

05:38 just dont fuck shit up :p 

05:39 i logged in just fine on your account 

05:39 so yeah 

05:39 i can wget it meanwhile if you want to 

05:43 lftp tflow@triumph.operationfreedom.ru:~> mkdir hbgary-www 

05:43 mkdir: Access failed: Permission denied (hbgary-www) 

05:43 cd anonleaks 

05:43 thats the web directory 

05:44 ok, it's uploading 

05:44 gave you access in your home directory now too 

05:44 chown -R tflow /home/tflow/ 

05:44 and voila 

05:44 fast server... 7k files transferred in a minute 

05:45 probs because in same datacenter 

05:45 yarr and its on a 1gbit line 




05:46 hai topiary 

05:46 hi Topiary 

05:46 Topiary: new crowdleaks story is up 

05:46 anyway like i said tflow, the webserver redirects hbgary.anonleaks.ru to 

/home/tflow/anonleaks 

05:46 so the actual webpage should be in there 

05:47 ah 


05:47 well i'm uploading to /home/tflow/anonleaks 

05:47 Hi 

05:47 k 

05:47 well i'm uploading to /home/tflow/anonleaks/hbgary-www* 

05:47 oh 

05:47 well 

05:47 probably needs to be moved 

05:47 ohai 

05:47 i can change the dir if you want 

05:47 but you could also mv the files out 

05:47 just what you want 

05:47 how big is the hd? 

05:48 err 25gb i think 

05:48 can you set hbgary.anonleaks.ru /home/tflow/anonleaks/hbgary 

05:48 and 

05:48 archive.anonleaks.ru /home/tflow/anonleaks/archive.hbgary 

05:48 yarr 

05:48 will do 

05:48 archive.hbgary.anonleaks.ru /home/tflow/anonleaks/archive.hbgary* 

05:49 archive will host a .tar.gz backup of the site 

05:50 $HTTP["host"] == "hbgary.anonleaks.ru" { 

05:50 server.document-root = "/home/tflow/anonleaks/hbgary" 

05:50 $HTTP["host"] == "archive.hbgary.anonleaks.ru" { 

05:50 server.document-root = "/home/tflow/anonleaks/archive.hbgary" 

05:50 kewl 

05:52 Topiary: we've had 2 press requests 

05:53 just checked that, noticed they've been responded to 

05:53 Laurelai: great article 

05:53 yarr 

05:53 i left em in the inbox 

05:53 i responded to one other too but that wasnt press 

05:53 can find that in the replied complaints 

05:53 Avunit: nice complain dealings, lulz 

05:53 I read that one too 

05:53 xD 

05:53 i liek the rolex. 

05:54 its like troll season in that mailbox 

05:54 I guess we can tell who has taken which with press just by (2) being next to the 

name 

05:54 yeah if its still in the inbox but replied too 

05:54 well then its probably a convo that has to stay :p 

05:55 can I have the pass to complaints too pls? :-) 

05:55 oh and, do you link that anonleaks logo in gmail? 

05:55 like* 

05:56 yarr i saw it this morning 

05:56 Well topiary do we want tflow in our customer support team? 

05:56 * Avunit ponders. 

05:56 It's a tough decision. Maybe we should talk to D and R about this. 

05:57 lol 


05:57 Who's D and R? 

05:57 Don and RR.Rson 

05:57 Who's Don and RR.Rson? 

05:57 S3cret members of our super secret elite hacking team 

05:58 Hmm, well I've just had a word with David D. Davidson 

05:58 tflow: But I'm him 

05:58 NO WORDS HAVE BEEN HAD! 

05:59 Lulz 

06:00 domain: ANONLEAKS.RU 

06:00 nserver: ns1.anonleaks.ru. 92.241.184.78 



06:00 state: REGISTERED, DELEGATED, VERIFIED 

06:00 person: Private Person 

06:00 phone: +49 36022 60 62 

06:00 e-mail: 

06:00 registrar: RU-CENTER-REG-RIPN 

06:00 created: 2011.02.09 

06:00 paid-till: 2012.02.09 

06:00 source: TCI 

06:00 awh fuck 

06:00 it didnt copy 

06:00 the email 

06:00 anyway i set the e-mail to 

06:00 complaits@anonleaks.ru 

06:00 :P 

06:00 LOL@D 

06:00 LOL@D 

06:00 at replies 

06:01 http://anonleaks.net/ 

06:01 the fucks that 

06:02 Heh, we shouldn't troll press so hard. 

06:03 actually at the press i put a qutie serious line 

06:03 at the end 

06:03 D: 

06:03 Fair enough then, as long as we're looking at getting some coverage after the lulzy 

emails =P 

06:03 Yarr 

06:03 I try to not scare em off :p 

06:03 That's great then 

06:03 who highlighted me 

06:03 Laurelai: That was me, I was saying great article 

06:03 aww thanks :D 

06:04 * Avunit highfives Topiary at the replies. 

06:04 anyway we know anonleaks.net? 

06:04 mustve been regged in the past 24hrs 

06:04 Avunit: I'm happy to talk to press on IRC/Skype, have done for months 

06:04 Yeah thats why you are the telephone team :p 

06:04 also 


06:04 OH SWEET! PROMOTION! 

06:04 i can talk to press on irc/email too :P 

06:05 i'd tone down on using irc nicks, but use nicks like david davidson for identification 

06:05 Oh then I'm J. Shepard D: 

06:05 (we don't want to get namefagged in the press :P) 

06:05 (like coldblood) 

06:05 anyway brb lunch 

06:05 use theteam.html names :p 

06:05 afk 

06:05

06:59 Laurelai: that's interesting they use "meatflower" for the password @ your article. 

They used the same password for one other malware archive and his WoW bot. 

07:02 Who should i all follow? 

07:03 D: 

07:03 * Avunit is a twitter newb. 

07:05 * Avunit stabs topiary. 

07:06 @AnonymousIRC @WikiLeaks @atopiary @Anony_Ops 

07:06 @AnonymousLeaks 

07:06 @crowdleaks 

07:06 >.> 

07:07 And of course @crowdleaks 

07:08 oh yeah @crowleaks :P 

07:08 had the rest already 

07:13 hurray 

07:13 @AvunitAnon is done >.> 

07:14 You're like that guy I know, but less cool 

07:14 you know that guy I talk about 

07:14 I think his name is Topiary 

07:14 he's pretty cool 

07:15 oh shush you :p 

07:17 * Avunit throws a twitter at topiary. 

07:18 -!- Topiary [topiary@do.the.impossible] has quit [Ping timeout: 121 seconds] 




07:19 Honestly, I switch locations for 2 days and my connection is a joke. 

07:19 It's a pain in my multiple Anonymous asses. 

07:19 You are a joke. 

07:21 In incredibly sexy joke. 

07:21 shhh 

07:22 biatch 

07:25

HBGary inboxes 

07:31 (whcih i'm making now) 

07:31 can't you just set up direct links to the inboxes on anonleaks.ru itself 

07:31 and do you need anything written? 

07:32 Well 

07:32 it's anonleaks.ru not hbgaryleaks.ru 

07:32 So in the future we might have other leaks 

07:32 which can also be put on the front page 

07:32 We can't only put hbgary leaks on anonleaks.ru 

07:32 but 

07:33 anonleaks.ru should be a portal to all the leaks 

07:33 ^ 

07:33 (so far, only hbgary) 

07:33 +1 

07:33 okay, that works 

07:33 i.e. 

07:33 if there's a leak for abc 

07:33 anonleaks.ru will have a link to hbgary.anonleaks.ru and abc.anonleaks.ru 

07:33 that sounds good 

07:33 but atm there's only 1 leak 

07:34 we might have acslaw.anonleaks.ru if needed 

07:34 but idk if there's any demand 

07:34 gotta be weary that the hbgary stuff is 10gb already tho ;p 

07:34 to mirror more i gotta get more drive space xD 

07:36 We all do realise that in a few days we put up a network thats going to be awesome 

yes? 

07:38 FYI I totally call dibs on any official HBBGary lawyer takedown notice from angry 

people in suits 

07:38 "I sent those Anons a takedown order, Anons hate takedown orders" 

07:38 Will be the last thing they think before they shit themselves. 

07:38 xD 

07:38 http://pastehtml.com/view/1d7u5vs.html 

07:38 how's this so far? 

07:39 triumph.operationfreedom.ru/hbgary wont work :P 

07:39 That's really good tflow 

07:39 itll only react on hbgary.anonleaks.ru :p 

07:40 but furthermore awesum 

07:40 Avunit: Can you set an alias for that? 

07:40 It's incase DNS goes down 

07:40 yarr 

07:40 kgreat 

07:40 well ill make hbgary.operationfreedom.ru 

07:40 is that the page anonleaks.ru will be redirected to @ pastehtml? 

07:40 so put that there 

07:41 Topiary: no, that page will be hosted on hbgary.anonleaks.ru 

07:41 Avunit: k 

07:41 So there'll be a link to hbgary.anonleaks.ru on anonleaks.ru or will anonleaks.ru 

auto direct to hbgary.anonleaks.ru until next leak 

07:41 yeah 


07:44 Memory 390 MB 512 MB 

07:44 lulz 

07:46 okay hbgary.operationfreedom.ru will be on the nameservers in like 4hrs 

07:55 Topiary, Avunit: can we share some of those complaint emails to #anonleaks? 

07:55 mainly the chuck norris one 

07:55 Lol sure :p 

07:55 theyre like not s3cret anyway 

07:56 when the box is a bit full we should leak our own e-mails anyway 

07:56 ^.^ 

07:56 ^ 

07:56 NEW LEAK 

07:56 complaints@anonleaks.ru! 

07:56 on april fools 

07:57 oh yeah! 

07:57 ill drop in my avunit@anonleaks.ru e-mail too :p 

08:02 morning 

08:02 gd morning entropy 

08:02 you guys see what we did last night 

08:02 on this lovely leaking day 

08:02 since like half the boxes went down 

08:02 tis tis 

08:02 inocwatudidthar 

08:03 lol 

08:03 i just wget -r -l2 opfreedom/hbgary ... 

08:03 then change the dns to my ukraine svr 

08:03 to keep anonleaks.ru up 

08:04 are all those boxes back up? 

08:04 think so 

08:17 ^.^ 

08:34 one of the mirrors should be a tor hidden server 

08:34 those are almost impossible to take down or find 

08:35 yeha 

08:36 i can set one up on a totally seperate box now 

08:36 sweet 

08:36 tflow: you saw what i did to keep anonleaks.up? 

08:36 i can change it back if you want 

08:36 just didnt want it down all night 

08:36 yeah, you saved it :-) 

08:37 btw ukraine.phiral.net doesn't resolve 

08:37 i know i moved everything i have out of usa 

08:37 so im stil lrebuilding everything 

08:37 ah 

08:37 what url should i put for the mirror? 

08:37 (in the mirrors page) 

08:37 just ip? 

08:38 yea 

08:38 ok 

08:38 http://91.211.116.134/hbgary 

08:39 ok your going to do it like that vs round robin dns? 


08:39 mirrors vs anonleaks.ru having like 6 ips 

08:39 both 

08:39 ok 

08:39 so if dns goes down, they can access it from those urls 

08:40 yea the dns is the primary reason i started thinking about tor hidden node 

08:40 if they attack that and the svrs its down 

08:40 btut a tor link will always be up 

08:40 as long as tor net is 

08:40 yeah 

08:48

09:24 incase the psatehtml gets leaked 

09:24 ah k 

09:24 btw 

09:24 https://github.com/Laurelai/decompile-dump/blob/master/ 

09:24 stuxnet disassmble 

09:24 you created mirrors@anonleaks.ru already? 

09:25 not ye 

09:25 not yet* 

09:25 And will you handle it yourself or you want others to keep an eye on that mail too? 

09:27 i can handle it, but any of you can help 

09:28 feel free to hook me up with the mail if you want to, though then ill need to have 

access to the html page too prob to be able to update the page 

09:28 otherwise you still have to do it all :P 

09:28 all you'll really need to do is lftp and then mirror -R /path/to/files 

09:28 might make a script to do it automatically 

09:29 i has no access to the box you distribute it from though :P 

09:29 theres going to be a direct link to a 9Gb download on the page? 

09:29 yeah 

09:30 but on archive.hbgary.anonleaks.ru 

09:30 should prob just have a lin kto a full torrent 

09:30 so not everyone has to have it 

09:30 yeh i suppose 

09:30 hmm maisl not really up atm? 

09:30 that site is going to get killed 

09:30 well torrent doesnt have the most up to date html files tho 

09:30 greg's index doesnt work 

09:30 its up 

09:31 oh now it works, strange 

09:31 u sure you have it in your hosts file? 

09:31 yeah.. now works, just one time didnt 

09:31 maybe chache 

09:32 anpther one offered to mirror 

09:32 mhh *thinks* 

09:32 who? 

09:32 soserious 

09:32 otherwise youd need a direct lnik to the html files and tell em to download the emails 

from a torrent? 

09:35 tackle is STILL down? :o 

09:35 ah no 

09:35 getting it back now 

09:39 http://lo3xhuh3qkvinvgu.onion:81/ is up everywhere now 

09:39 its just slow as hell 

09:39 it has to run as tor so mirroring will take some manual interaction 

09:42 The page you are trying to view cannot be shown because it uses an invalid or 

unsupported form of compression. 

09:42 y 

09:42 for what the tor site? 

09:42 yarr 

09:44 its lighthttp 


09:44 ill disable mod_compress 

09:44 thats a wierd error though 

09:45 [When I went to the site a while ago, it named the AnonLeaks team with addresses 

such as The Internets and Serpent Nebula. Now they're gone, replaced by Problem officer? 

complaints@anonleaks.ru] 

09:45 i run lighttpd on triumph too 

09:46 Avunit: lamers 

09:46 before 

09:46 well 

09:46 before you said 

09:46 'is up everywhere now' 

09:46 it did work for me 

09:46 i meant the guy who cant find the team page anymore 

09:46 lol who said that? 

09:48 guis 

09:48 imma be twitter newb 

09:48 how to get direct link 

09:48 to one of my own statuses? 

09:50 oh there 

09:50 http://twitter.com/#!/AvunitAnon/status/36798081152323584 

09:50 :3 

09:50 irisbecometwittahpro 

09:52 Thank you! Which number should I call? I will email David or Richard as well:) Will 

he tell me why you are registered in .ru domain? 

09:52 i hope 

09:52 shes trolling me 

09:52 because otherwise 

09:52 shes really dumb 

09:53 read that e-mail tflow 

09:53 its the russian thingie in the inbox 

09:53 is she srs? xD 

09:54 whos asking you that 

09:54 sec ill paste the whole mail convo 

09:54 mm what inbox? 

09:56 Topiary, you here? 

09:56 Just woke up 

09:56 ah 

09:56 I think we should modify the press release 

09:56 For greg's mail 

09:57 As circumstances have changed 

09:57 http://securepastebin.com/go/retrievePost.action?id=6338 pass: complaints 

09:57 Instead of making it seem like revenge for us, we need to highlight the fact that they 

tried to attack wikileaks 

09:58 where is the PR? 


09:58 Topiary 

09:58 tx 

09:58 read that 

09:58 is she srs? :p 


09:58 Already read it 

09:58 tflow: okay, I'm gonna get up, eat, do some things 

09:58 then I'll work on that 

09:59 sweet 

09:59 tflow: yes, fully agree. also that chamber of commerce thing 

09:59 Well 

09:59 what the fuck should I say 

09:59 to that russian woman? 

09:59 tell her that they support freedom of speech more then anyone else 

10:00 and wont give our info out 

10:00 its basically the truth 

10:00 uhm 

10:00 whats her questions? 

10:00 Thank you! Which number should I call? I will email David or Richard as well:) 

Will he tell me why you are registered in .ru domain? 

10:01 ohh 

10:01 at the bottom 

10:01 http://gtoltxwurxbbadzf.onion:81/ 

10:02 i remade it without any compression 

10:02 these hidden services are more unstable then heihachi 

10:02 Avunit: well quite simple, she can redirect her questions to same email address 

(maybe we should have a press@ one?). as for the .ru domain, it'S hardened and US cant kill the 

domain. quite simple. 

10:02 Ask the press lady for questions she might have so we can answer, it's that simple 

10:02 I've done that for months with 'em 

10:02 Im using my avunit@ email atm 

10:02 well my main concern was 

10:02 that she dont even got the fact 

10:02 that she got trolled 

10:03 in the first lines 

10:03 :p 

10:03 It happens 

10:03 nah 

10:03 she put in a smiley 

10:03 well we'll see i guess, no harm in a quick, straight up reply imo 

10:04 1) ask press for proof of their identify, give them webIRC link to #reporter 

10:04 2) ask them to ask about our shit in email 

10:04 3) trololol 

10:04 should definetly make this http://pastehtml.com/view/1d5wg3k.html not seem like 

revenge 

10:04 i think Topiary is on that? 

10:04 I'm doing that soon, just woke up 

10:04 okay BRB 

10:04 :) 

10:05 if we insinate we knew they were attacking wikileaks still be heros 

10:05 mhh hardly believable 

10:05 yea thats true and if cought will be 1000x worse 

10:05 that's not a good path to go down 

10:05 but should do revenge 


10:05 *shouldnt 

10:05 the story was told already. aaron tries to screw, we break in and uups.. wikileaks 

connection 

10:06 we should stay with the truth, 100% 

10:06 no, we do not want to say we knew about WL before we leaked them, that is a road 

to destruction 

10:06 'full disclosure' 

10:06 yep your right 

10:07 our story is actually more meaningful seeing as we attacked Aaron Barr for specific 

revenge and everything else was accidental 

10:07 which it was 

10:07 * Topiary neglects to get up for now, dumps his release into piratepad and works on it 

10:07 lol :) 

10:07 i should get some food 

10:07 mmm 

10:07 http://twitter.com/#!/AvunitAnon/status/36798081152323584 still lolling about 

them :P 

10:11 http://jdhdf2j.semisecure.org/ 

10:11 How is this so far? for search 

10:11 atm still to do: make it link to anonleaks.ru + make it possible to searcha phrase for 

more than 3 chars 

10:12 tflow: give clue how to insert date 

10:12 (syntax) 

10:12 if you click the date box, a box should popup 

10:12 also.. hmm is it possible to limit search to subject? 

10:12 oh! 

10:12 sorry sidnt see that hehe 

10:13 like a checkbox "subject only" 

10:13 ok now it links to anonleaks 

10:16 and for the subject.. you can order the search results by subject 

10:17 well, minor i thought it could be implemented easily.. 

10:17 sometimes you remember a mail because of a phrase in a subject 

10:18 but if its a common phrase.. search will give too many results 

10:18 if it also matches body 

10:22 also btw the "meet the team" link is invisible again, may wanna fix that on occasion 

(that was because we put up an older mirror when anonleaks.ru went down and we moved to another 

IP) 

10:22 although i must admit 

10:22 i kinda like it invisible.. its still quite obvious 

10:23 I like it this way 

10:23 with the complaints thingie under it 

10:23 yup 

10:23 +1 

10:24 i can switch the dns back if its back up 

10:24 that was the 88 ip i think 

10:24 dont rememebre it though 

10:25 AnonymousLeaks 1037 followers Ã\o/ 

10:26 AvunitAnon 0 followers \0/ 

10:26 hah bitch i win 


10:26 oh i can be your first! 

10:26 yay 

10:26 http://pastehtml.com/view/1d5wg3k.html updated 

10:26 you now have a follower! 

10:26 * marduk reads 

10:26 bottom half changed 

10:26 top half same 

10:26 \0/ 

10:28 Topiary: maybe -- just a thought -- i'd like to quote that they threatened with a "swift 

response" and we're still waiting. we know it is a hollow threat but we still don't appreciate it? 

10:28 Okay, sec 

10:28 ah you quoted the swift part 

10:29 just below a sentence then or so 

10:29 Oh, I did 

10:29 Anonymous has falsified nothing; we leaked your inboxes in full with no edits. In 

fact, most of your emails contain S/MIME digital signatures, proving that they're real. This information 

is now free to the public, and you honestly think you can wriggle your way out of it by accusing 

Anonymous of tampering with your data? 

10:29 That being said, we can see why you'd lie like this. You had intended to disrupt 

WikiLeaks' operations with two other firms, and not only has that plan been revealed to the public, both 

of those firms have officially cut all ties with you. Anonymous gives a nod to Palantir and Berico for 

doing the right thing. 

10:29 As for HBGary, we still award you no points. What we find truly pathetic is that 

you'd willingly work with the U.S. Chamber of Commerce to create a smear campaign against 

WikiLeaks while shrugging off any damages caused to innocent people, including wives and children. 

You are the real terrorists here. 

10:29 these are the updated paragaphs 

10:29 in case the html link dun goof'd 

10:30 http://jdhdf2j.semisecure.org/ 

10:30 thoughts? 

10:30 tflow: want me to switch the main dns back to 92.241.162.216 or no? 

10:30 hurray i has a follower on twitter 

10:31 looks nice tflow 

10:31 and an awesome one, he doesnt follow everybody! 

10:31 Looks good tflow 

10:31 yup indeed 


10:32 hmm 

10:32 i am not quite sure 

10:32 with the end 

10:33 end? 

10:33 oh 

10:33 for the press release 

10:33 i'd suggest different last two paragraphs.. yes for topiaria 

10:33 let me draft something 

10:33 btw i think we should put the wikileaks stuff first 

10:33 then the revenge part last 

10:34 Hmm.. I'd actually suggest a different approach. when will we release that, 

tomorrow when we go public? 


10:34 it will make us seem like heros 

10:34 (they read about us exposing their wikileaks plans; then they read about us being 

targetted for exposing them) 

10:35 i'd like to sketch something up; you can then see if you like it or will only use parts 

10:35 i thought we were going for a tonight release? 

10:35 anonleaks.ru public tonight? 

10:35 in that case we really gotta be working towards having everything ready and only 

having to add the IPs in the dns pool 

10:35 its actually better than tomorrow.. as it will be ready tomorrow morning 

10:36 whats the ip of anonleaks.ru supposed ot be? 

10:36 the main one 

10:36 wel as for the PR .. my idea was.. to put AnonLeaks in the focus.. and play HBGary 

as a side story 

10:36 using the wikileaks thing (and chamber of commerce) as example why what we do 

is important 

10:37 nothing about revenge actually... at least only very very subtle 

10:38 Why? This *is* about revenge. 

10:38 Fact is we started with revenge 

10:38 and ended at a wikileaks 'conspiracy' 

10:38 This is all about revenge, don't destroy that glory just to gain attention for 

AnonLeaks 

10:39 we are not the people who "uncovered" their scandals 

10:39 I don't think we should completely cut out the revenge part, but we should put 

emphasis that they're not innocent 

10:39 we are the people who took revenge upon them 

10:39 and that they tried to shutdown wikileaks 

10:39 i.e. it's just revenge for pissing US off 

10:39 feel free to edit 

10:39 it's not* 

10:40 Topiary: yes but revenge is like putting the tongue out. and it'S small compared in 

what we revealed regarding wikileaks and chamber of commerce 

10:40 and who knows what else comes out 

10:40 marduk: what's your point? 

10:40 well.. we dont need to rush just yet... 

10:40 ill let you see my idea soon 

10:40 there's very accurate paragraphs about WikiLeaks in there, we don't need to become 

reporters on it 

10:41 it'll have the revenge partm too 

10:41 hey i just want to make an alternative suggestion 

10:41 wtf 

10:41 if you dont care, fine 

10:41 i do other things then 

10:41 HEY 

10:41 instead of shouting at eachother 

10:41 write a differetn version 

10:41 and then people can merge 

10:41 and whatever. 

10:41 don't get all pissy, go ahead and write your thing 

10:41 I AM NOT SHOUTING AND SHUT THE FUCK UP 


10:41 i am already doing that :OD 

10:42 and i'm not pissy heh 

10:42 DO NOT USE THAT TONE 

10:42 I am serious there. 

10:42 EVERYBODY SHUT THE FUCK UP I AM USING CAPS LOCK 

10:42 STFU 

10:42 my box is getting ddosed 

10:42 dump ips pls 

10:42 im restarying via ctrl panel 

10:42 i cant lose my nerves on irc. should i use caps it'S all sarcastic :p 

10:42 now.. brb busy. 

10:43 I can, and no offense to you but especially since I walke din last time and you started 

shouting at me 

10:43 while im trying to get updated .> 

10:43 wut? 

10:43 when did i shout at you? :o 

10:43 When I told you the viewer was offline. 

10:43 wtf https://vpsadmin-ua.santrex.net is down 

10:43 theyre ddosing whole santrex? :O 

10:44 or they just fail? :p 

10:44 eh.. you must have interpreted sth wrong 

10:44 santrex 

10:44 id almost love heihachi. 

10:45 can you get on https://vpsadmin-ua.santrex.net? 

10:45 narr 

10:45 cannot establish a connection 

10:46 92.241.184.78 and 80 are up 

10:47 i can get in via ssh 

10:47 but them in just dropped out 

10:47 or froze 

10:50 :/ 

10:50 strange 

10:50 [15:28:17] Guys 

10:50 [15:28:18] IDea 

10:50 [15:28:25] Whoever is working on anonleaks.ru 

10:50 [15:28:37] If we want to generate a bit of press anticipation about 

this 

10:50 [15:28:52] Put a countdown clock of some kind up on the home 

page, to the intended release time 

10:50 [15:28:56] And put "Expect us" under it 

10:50 [15:28:59] in big text 

10:50 [15:30:09] I guarantee this will be good for viral buzz, folks 

10:50 yarr 

10:50 want me to do that? 

10:50 sure 

10:51 k getting the index.html to update it 

10:51 in how much hours we gonna release? 

10:51 but show us first 


10:51 hm 

10:51 ideas? 

10:51 sec; almost done with my alt version 

10:51 9pm utc? 

10:52 thats err 4 hours? 

10:52 my fucking password and shitdosent work for that server 

10:52 5 

10:52 k 


10:54 im locked out of the ukraine box 

10:54 and santrex is down for ukraine 

10:54 http://bgp.he.net/net/91.211.116.0/22#_dns 

10:55 91.211.117.72 vpsadmin-ua.santrex.net 

10:55 yet i can ping them 

10:55 wtf is goign on here 

10:57 oh fuck 

10:57 santrex is out of uk not ru 

10:57 how the fuck could i not have seen this 

11:00 okay, what do you thing: http://pastebin.com/C3Yqb7su -- nott 100% yet (there are 

some (?) where i dont think the word is right) 

11:00 but i like this version a bit better 

11:00 what you think? 

11:02 i like it but there shouldn't be any references to anonleaks 

11:02 not? 

11:02 all references should be to anonymous 

11:03 hmm, but we do reference to the full leaks tho? which ARE anonleaks? 

11:03 well we can take out anonleaks 

11:03 thats simple 

11:03 The first paragraphs doesn't make sense grammatically now 

11:03 *paragraph 

11:03 oh.. hmm that could be a copy/paste accident :s 

11:04 well first paragraphs can actually remain, i didnt change much there 

11:04 i think we should use topiary's release, but with this paragraph: 

11:04 # 

11:04 But do not get us wrong, this is not all about revenge. Your leaked communication 

reveals that your companies were entangled in highly dubious and most likely illegit activity, including 

a smear campaign against Wikileaks and potential opponents(?) of the Chamber of Commerce. 

Apparently this was done with full knowledge of the Department of Justice. While the whole truth has 

yet to be uncovered, 

11:04 AnonLeaks feels that it is its duty to let the world know what you and related 

companies and Government agencies are up to. We will not idly stand by while companies like 

HBGary work in secrecy to undermine rights of citizens or institutions like Wikileaks. 

11:04 s/AnonLeaks/Anonymous/ 

11:04 ? 

11:04 or something similar 

11:04 yeah marduk 

11:04 Yes I do like the highly dubious bit 

11:04 And take out "apparently" IMO 

11:05 can't we mix your press released? 


11:05 "You tried to play the game. You lost."

11:12 whats wierd is santrex control pael is down 

11:12 and my box is down 

11:12 but i can ping both 

11:13 mm 

11:13 it just happened 

11:13 i thought it was ddos 

11:13 but it looks like im locked out 

11:13 entropy: what's the ttl for the ns? 

11:13 how long the record lasts 

11:13 before refresh 

11:13 oh 

11:13 its 5 minutes 

11:13 ah 

11:13 should be good 

11:13 unless i restart then its instant 

11:13 how so? 

11:14 anonleaks.ru is cnamed to www.anonleaks.ru right? 

11:14 yes 

11:14 both on my box 

11:14 thats down 

11:14 oh wait 

11:14 cname 

11:14 i can get in the dns ns1 and ns2 

11:14 the ru ones 

11:14 ukraine is down 

11:15 no theres no cname in here 

11:15 cname them please 

11:15 oh theres a a record for www 

11:15 92.241.162.216 

11:15 its not a cname 

11:15 cname to anonleaks.ru to www.anonleaks.ru 

11:15 ok 

11:16 http://www.anonleaks.ru/ 

11:16 404 

11:16 i can cname the other way around 

11:16 i mean 

11:16 anonleaks.ru CNAME www.anonleaks.ru 

11:16 so anonleaks.ru goes to www.anonleaks.ru 

11:19 http://piratepad.net/lYa7c9TSHp pad for editing 

11:20 well, should i put in my paragraphs at the bottom? 

11:22 entropy: done yet? 

11:22 no i killed al lthe logs 

11:22 http://anonleaks.ru/ - up now. 

11:22 and dns isnt restartign with that cname 

11:22 so i cant see the error 

11:23 seems up here 

11:23 yea i just manually put the ip for now 

11:23 ah.. 

11:23 no cname 


11:23 i put both to the www ip 

11:23 its that ok 

11:23 if not ill have to kee p looking why this cname isnt working 

11:38 hai guis 

11:38 Are we sure we can roll in like 4hrs and 20 mins? 

11:39 tflow? 

11:40 also mainpage should have the mail link 

11:40 i'D make it a little smaller tho 

11:40 let me just get everytinh ready first 

11:40 should take me about 30 mins 

11:40 okay http://pastehtml.com/view/1d7wulg.html theres the main html page again 

11:40 tell me when we put it on 

11:41 yup looks good. sans no pic 

11:41 yeah the pic is included 

11:41 but with a ./anonleaks3.jpg 

11:41 marduk: check pad, everything good? 

11:41 yeah i knwo 

11:41 sec 

11:42 "This was done with full knowledge of the Department of Justice. "

11:47 i can grab em from the prq box 

11:47 dw 

11:48 k 

11:48 https://vpsadmin-ua.santrex.net < was up like 2 hours ago 

11:50 entropy is the tor hidden service stillup? 

11:50 yea should be 

11:51 well if you can get it from the prq box we should be fine 


11:51 for our 'supposed' deadline 

11:51 they sent me this 

11:51 https://www.santrex.net/termsofservice.php. Failure to comply with the terms will 

result in suspension/termination. 

11:51 For Open, Scheduled, or Resolved network issues please check 

https://clients.santrex.net/networkissues.php 

11:51 If you want to earn money by sending people our way, the best place is to get 

activated is at https://clients.santrex.net/affiliates.php 

11:51 Thank you for choosing Santrex. 

11:51 Your sincerely, 

11:52 Santrex Internet Services 

11:52 London, UK 

11:52 lulz 

11:52 standard response? 

11:52 no its not 

11:52 

11:52 [View original HTML in new window] 

11:52 Santrex Internet Services Ltd. 

11:52 Luca Hall, 

11:52 Thank you for contacting our support team. A support ticket has now been opened 

for your request. You will be notified when a response is made by email. The details of your ticket are 

shown below. 

11:52 Please note while we try our best to maintain a 24/7 quick response time, it may be 

slightly slower during weekends SAT-SUN and after normal working hours. 

11:52 well i guess every one ion here knows my real name 

11:52 ... 

11:53 but no 

11:53 its not standard 

11:53 i thnkm they kileld my two vps 

11:53 but not the ru ones 

11:53 why would the 

11:53 vpsadmin 

11:53 be down toot hen? 

11:54 i have no idea 

11:54 and they must give a proper reason too imo, but fine 

11:54 should bug them 

11:54 to say whats exactly going on 

11:57 how much does dns cost on the heihachi boxes? 

11:57 dns? watcha mean? 

11:58 where you reg the domain 

11:58 oh i rgged at nic.ru/en 


11:58 hos much for them to provide dns 

11:58 im afraid they are goign to shut my ru boxes down 

11:58 i dont know if im parnoid or what 

11:58 their vps admin is down for me too 

11:58 yea but my vps are down 

11:59 and no services running on any ports 

11:59 2 of them 

11:59 for no reason 

11:59 maybe other santrex ua boxes are down too? 

11:59 apart from yours? 

11:59 ah didnt check 

11:59 try the ip range? 

12:00 they are fuckign up 

12:00 nmap -sP 91.211.116.1-256 

12:00 why are they shutting it down? 

12:01 their vpsadmin is down too 

12:01 and perhaps we should setup some backup ns 

12:01 like on triumph or something 

12:01 so hopefully its just somethings wrong with thier box 

12:01 2 of mine are down 

12:01 but i can ping my vps 

12:01 rather on tackle then 

12:01 but ssh or www is not running 

12:02 and they are set to run at boot 

12:02 check port 22 and 80 on the ip range? 

12:02 tflow: 

12:02 17:02 q: The e-mails sent from greg's account to jussi; how were they 

sent? 

12:02 can you clarify? 

12:02 17:02 from his gmail account 

12:02 17:02 did tis occur after the password for greg's account was reset 

12:02 i think yes 

12:02 we needed to reset his pass to get in? 

12:03 yes 

12:03 thx 

12:05 yeah 

12:11 ok they have it in their network issues 

12:11 its not just me 

12:13 k tflow 

12:13 you're going fine with the mails? 

12:14 !twisted.operationfreedom.ru *** HQBot invited Nessuno834 into the channel 

12:14 -!- Nessuno834 [fag@fag.fag] has joined #hq 


12:14 Im a fucking idiot 

12:14 truth 

12:15 I just finished scanning your ip range too entropy :P 

12:15 yea noone ese is open 

12:15 and they have network issue 

12:15 we are investigating the issue at the moment. updates will be here. 


12:16 Hello, 

12:16 My name is Sam. 

12:16 I would like to be interviewed to be a member of your team. 

12:16 I do not want money. Please let me know how I can help. 

12:16 Thank you, 

12:16 Sam 

12:16 lulz 

12:16 http://internetfeds.mil.nf/hbgary/ 

12:16 does this look fine to all your browsers? 

12:16 i know it's fine in firefox + all ie 

12:16 fine on firefox. 

12:16 Avunit: send to #repoter? 

12:16 err 

12:16 marduk 

12:16 fine on chrome/linux 

12:17 he wants to join the 'team' 

12:17 oh hah 

12:17 sorry, misread 

12:17 lulz 

12:17 im going to troll him 

12:17 badly 

12:17 cc case please :) 

12:17 tflow looks fine on ff 

12:17 on linux 

12:17 ok gr8 

12:23 sent and bcc to you marduk 

12:23 not really superb trolling 

12:23 but fine 

12:23 search.hbgary.anonleaks.ru dead link? 

12:24 yesh 

12:24 not public yet 

12:24 tflow, ready to roll the new index.html in? 

12:25 aha 

12:25 and will we make the 3hr and 30 mins one? 

12:25 heh av 

12:26 i like it :) 

12:26 can i see? 

12:26 wait ill paste 

12:26 not yet. wait a sec 

12:26 can we get some backup dns going incase entropy's goes down? 

12:26 maybe afraid.org? 

12:26 Nessuno834: http://securepastebin.com/go/retrievePost.action?id=6344 pw bla 

12:26 dydns? 

12:27 how will they get updated tho? 

12:27 via the site 

12:27 since we use the dns bot here 

12:27 well it's just for backup 

12:27 I lolled 

12:27 well we can but its not really needed 


12:27 4.: Please hack and root 8.8.8.8 and give us a link to the php shell. 

12:27 :D 

12:27 i mean we got 3 nameservers and only the UA have some network probs 

12:28 yeah im curious if he'll reply with 

12:28 LULZ GOOGLE!? 

12:28 if needed ill throw tackle in when entropys boxes will get taken down, but that 

probabvly wont happen 

12:28 all 3 ns are in santrex.. 

12:28 and 1 is down already 

12:28 Yes but tflow they only got network problem 

12:28 s 




12:28 :D 

12:28 it has nothing to do with actual stuff 

12:29 avunit: im just assuming that 

12:29 are they all in the same datacenter? 

12:29 and ns1 and ns2 are the same box 

12:29 just diff ips 

12:29 yes same datacenter 

12:29 blegh entropy 

12:29 you got soem time left? 

12:29 i have no clue 

12:29 kkkkkkay

12:33 ah now 

12:33 yeah.. lag gone now 

12:33 had bad lag on triumph as well 

12:33 17:31 -!- x [x@The.Internet] has joined #hqddddddddeeedddd 

12:33 lulz 

12:34 so countdown? 

12:35 5 

12:35 4 

12:35 3 

12:35 2 

12:35 1 

12:35 :D 

12:36 kayla: http://jdhdf2j.semisecure.org/ 

12:37 Topiary: ? 





12:43 so how's the press release? 

12:43 i removed the last sentence, i like it better 

12:43 link? 

12:43 but wanted to hear Topiary's opinion 

12:43 http://piratepad.net/lYa7c9TSHp 

12:43 (its still at the bottom in () 

12:44 looks gd 

12:45 think so do 

12:45 http://hbgary.operationfreedom.ru/ 


12:45 ready 

12:45 (don't share links yet obv) 

12:45 obv 

12:45 so countdown? 

12:45 sec 

12:45 we're installing a 4th nameserver meanwhile 

12:45 think the countdown can go online 

12:46 we will truly deliver 

12:48 atleast it should be put online soon otherwise we gotta put it a few horus futher away 

12:48 because a countdown that only lasts 30 mins 

12:48 would be... useless :p 

12:49 hmm we could make it midnight UTC? 

12:49 id prefer to do the current 

12:49 but if we wait 

12:50 well then we have to delay it a bit 

12:50 or midnight CET/23.00 GMT 

12:50 tflow: ? 

12:50 what you think? 

12:50 i don't mind 

12:50 midnight CET sounds kinda cool 

12:50 imo 


12:50 or GMT 

12:51 is tat midnight UTC? 

12:51 UTC=GMT 

12:51 0.00 GMT = 1.00 CET 

12:52 i'd suggest either midnight UTC or 23.00 UTC 

12:56 mmm 

12:56 id suggest a bit earlier 

12:56 since i got college tomorrow :p 

12:57 entropy 

12:57 well okay, but then but it up 

12:57 yea 

12:57 im doingit now 

12:57 what's the ssh port for your tor server 

12:57 23.00 CET, 22.00 UTC? 

12:57 22922 

12:57 root@cybercom:~# ssh tflow@94.102.51.136 -p 22922 

12:57 ssh: connect to host 94.102.51.136 port 22922: Connection refused 

12:57 its not up 

12:57 i know 

12:58 when will it be up? 


12:58 i dont know why its not up 

12:59 it _seems_ like they reset them 

12:59 but i havent got any email 

12:59 Hello Mr. Shepard, 

12:59 Thank you for this wonderful test. 

12:59 I will enjoy working on this for fun! 

12:59 I would like to help your team by sending funds to help the cause. (This my friend is 

not a joke.) 

12:59 Please let me know how I can send money and learn how to help, 

12:59 Thank you, 

12:59 Sammy Nakhla MD, an Egyptian-American that believes in truth and rooting out 

corruption. 

12:59 ukash vouchers plz 

12:59 yarr 

12:59 mail that 

13:00 or paysafecards D: 

13:00 yes 

13:00 if hes a rich ass we'll be rolling on deds. but every buck will help P 

13:00 :P* 

13:00 or liberty rserve 

13:01 :D 

13:01 rich? :D? 

13:01 girls always light up at that word :P 

13:02 Your message has been sent. 

13:02 no kayla, no diamonds for you 

13:02 lol 

13:03 :( 

13:04 dstufft Baw baw black sheep 


13:04 Just saw the disaster that is anonleaks.ru What's the supposed justification for this? 

(Don't everyone all parrot at once) #fail #terrorism 

13:05 who said that? 

13:05 dstufft 

13:05 twitter 

13:05 ill gief you link 

13:05 sec 

13:05 yeah i saw that 

13:05 *ignoring* 

13:05 http://twitter.com/#!/dstufft/status/36844587230314496 

13:05 i was lolling at him 

13:05 who is that btw? 

13:05 no idea 

13:05 47 followers 

13:05 gay 

13:05 just saw it in my anonleaks search :p 

13:05 i heard the name befroe 

13:05 but dont know in what context 

13:06 anyway 

13:06 guis 

13:06 lets get a countdown timer up? 

13:06 YES PL0X! 

13:06 or do we need to wait for entropy's ssh? 

13:06 ok 

13:06 not rly 

13:06 tflow 

13:06 but we only have 3 confirmed mirrors 

13:06 shall we increase it 

13:06 that's down from 5 

13:07 with one hour? 

13:07 just to be sure? 

13:07 +1 for that 

13:07 i think we should only start the timer like 2hrs before 

13:07 or 1.5 

13:07 b/c it might attract ddos 

13:07 iunno 

13:07 if you see soserious .. he will mirror too 

13:07 what about p0ke? 

13:07 well with a few mirrors its doable 

13:07 otherwise id start it now 

13:07 mhh 

13:07 since its like 3hrs 

13:08 also 

13:08 set up mirrors@anonleaks.ru plz 

13:08 i mean ddos might be bad for us, but it does prove our point 

13:08 i will sec 

13:08 2h timer will be missed by many. i like 3+ better 

13:09 so whats happening :D? 

13:09 we're anticipating teh Launch! 


13:09 :D 

13:10 what time? 

13:10 3 or 4 hours? 

13:10 nice :) 

13:11 i love how all this happens exactly 1 week after the incident 

13:11 \0/ 

13:11 rapid response 

13:11 tflow, shall we just go for the 3hr timer? 

13:12 so what time should we release? 

13:12 http://pastehtml.com/view/1d7wulg.html 

13:12 2hrs and 47 mins left 

13:12 which is not too long or too short 

13:12 i like that 

13:12 can we increase by 15 mins? 

13:12 of course 

13:12 sec 

13:12 b/c i need 2 shit 

13:13 for like an hour 

13:13 haven't taken a shit in a while 

13:13 just put it onnnnnnnnnn 

13:13 http://pastehtml.com/view/1d7ygxh.html 

13:13 15 mins increase 

13:13 3hrs and 1min to go 

13:14 put it on 

13:14 shout 

13:14 and lets roll 

13:14 Avunit, put it on triumph 

13:14 * Avunit readies his epic twitter. 

13:14 where you want me to put it? 

13:14 your home? 

13:14 /home/tflow/anonleaks/main 

13:14 then set a vhost for it 

13:15 ill need the other files too though 

13:15 11 hours, 59 minutes, 18 seconds 

13:15 Expect us. 

13:15 Teasers: 

13:15 the .jpg and emails 

13:15 :s 11? 

13:15 ets 3 for me 

13:15 oh god 

13:15 i'll upload them 

13:15 or don't u have them? 

13:15 whats it for the rest of you? 

13:16 tflow: not the most updated ones 

13:16 3pm? 

13:16 says 11 foe me 

13:16 nono 3 hours 

13:16 but for kayla its 11 houras 

13:16 3h here too 


13:16 goes by timezone? :o 

13:16 o 

13:16 oh crap 

13:16 >.< 

13:16 i shouldve written the file myself 

13:16 :(( 

13:16 says 3 mins 48 

13:16 says 3 hrs 48 

13:16 * 

13:16 says 3 hrs 58* 

13:17 yeah it's probably depending on your timezone 

13:17 gsdjklgdklajgklagjklejklaejgjlagjkla 

13:17 trying to fix 


13:17 javascript is client side 

13:17 d'oh 

13:18 * Avunit slaps self. 

13:20 well lthis gives me quite a problem 

13:20 as i prob cant use javascript 

13:20 meh... 

13:20 just use timeanddate.com 

13:20 *sigh* 

13:20 to make a counter 

13:22 avunit ok its setup 

13:22 that was a bitch 

13:23 ps -waux shows wied shit 

13:23 no clue why the fuck ps removed the '-' for options 

13:25 

year=2011&month=02&date=13&hrs=21&ts=24&tz=UTC&min=0&am 

p;sec=0&lang=en&show=dhms&mode=t&cdir=down&bgcolor= 

%23CCFFFF&fgcolor=%23000000&title=Countdown%20To" width="250" height="365" 

scrolling="no" frameborder="1" style="overflow:hidden;width:15.6em;height:22.8em;">Countdown 

To 

13:25 would that work 

13:26 urg 

13:26 ? 

13:26 http://www.7is7.com/otto/countdclock.html 

13:26 plau tflow 

13:26 im uploading 

13:26 ah k 

13:26 did u fix the issue? 

13:27 yes 

13:27 i used time and date 

13:27 with an iframe 

13:27 preview? 


13:27 sec 

13:28 http://pastehtml.com/view/1d7ynji.html 

13:28 UTC 

13:28 0 Day, 02 Hr, 46 Min, 40 Sec 

13:28 remove the UTC part? i think 

13:29 lemme see if i can 

13:30 done 

13:30 want me to show it again? 

13:30 yes plz 

13:31 http://pastehtml.com/view/1d7yp0k.html 

13:31 looks okay 

13:31 looks gd 

13:31 put it on triumph 

13:31 unless day is easily removable.... 

13:32 k 

13:32 oh i might be able to remove that 

13:32 oh i cant 

13:32 damnit 

13:32 ah nvm 

13:33 not important. 

13:33 let me know when it is up live so i can tweet from AnonLEaks 

13:33 ill tweet too obviously with my 1 followers 

13:33 home/tflow/anonleaks/main/index.html 

13:34 ok 

13:34 did you upload all the other files too? 

13:34 and set the vhost? 

13:34 nope 

13:34 can you sftp them? 

13:34 ill set anonleaks.ru to that page yes 

13:34 k 

13:34 sec 

13:35 updating a 4th nameserver 

13:37 vhost set 

13:37 ready to roll when the files are there 

13:37 files are up 

13:38 entropy has to edit it in the dns? 

13:39 no its set 

13:39 root@ru:/var/named/chroot/etc# nslookup ns4.anonleaks.ru 127.0.0.1 

13:39 Server: 127.0.0.1 

13:39 Address: 127.0.0.1#53 

13:39 Name: ns4.anonleaks.ru 

13:39 Address: 77.91.227.237 

13:39 i mean 

13:39 the actual 

13:39 address 

13:39 but it has to probpagate via ni 

13:39 of anonleaks.ru 

13:39 for 

13:39 the site 


13:39 and www.anonleaks.ru 

13:39 whats the ip? 

13:39 sec 

13:40 77.91.225.168 

13:40 no.. 

13:40 oh 

13:40 i mean 

13:40 can't you cname it? 

13:40 iunno well thats the ip of the box 

13:40 i mena 

13:40 itll react on www. and just anonleaks.ru 

13:40 anonleaks.ru cname www.anonleaks.ru 

13:41 that didnt work before did it? 

13:41 ill try but i dont think you can cname the origin 

13:41 so if we edit www from dnsbot, it will upate on anonleaks.ru 

13:41 i generally do it the other way around :P 

13:41 cname www to origin :P 

13:41 well its so that we can edit it from dnsbot.. 

13:41 theres no way via dns bot to do that 

13:41 unless i rewrite part of it 

13:41 you can edit www from dns bot 

13:41 well he meant that if we can cname the origin 

13:41 we can edit www 

13:42 ok hold on 

13:45 no you cant do that or i dont know how 

13:45 shame 

13:45 ok 

13:45 i need you to change the ip back 5 mins before launch 

13:46 ok whens that happening 

13:46 im going to a fight in like 2 hours 

13:46 10 fights so probably 3 hours maybe 

13:46 2 hours 30 mins lol 

13:47 ... 

13:47 does Avunit have access to it? 

13:47 yes 

13:47 hmm cant you give axx to someone who will be here? 

13:47 ah 

13:47 ok that should be fine then 

13:47 I shall do et gentlemen. 

13:47 YES pl0xxi 

13:47 ok edit /var/named/chroot/var/named/db.anonleaks.ru 

13:47 we must celebrate 

13:47 on launch 

13:47 edit the serial number increment it by 1 

13:47 ill be here 

13:47 (= 

13:47 yeah and update the serial right :P 

13:47 yup 

13:47 did it before :p 


13:47 2011020945 ; serial 

13:47 whats your 

13:47 change this line to the ip 

13:47 IN A 92.241.162.216 

13:48 config? 

13:48 then www IN A 92.241.162.216 

13:48 liek start command? 

13:48 /var/named/chroot/var/named/db.anonleaks.ru 

13:48 /etc/init.d/bind9 restart 

13:48 k thx 

13:48 why is it gettign released in 2:30? 

13:49 430 est? 

13:49 did you set the ip to triumph already or i gotta do that now? 

13:50 well 

13:50 in utc it will be almost monday 

13:50 so when do i get open my champagne? 

13:50 okay im setting the ip now 

13:50 CET even moreseo 

13:50 Nessuno834: 2,5h 

13:50 coolio 

13:51 gonna be very drunk the bubbles go to my head 

13:52 $ ./bind9 restart 

13:52 * Stopping domain name service... bind9 [ OK ] 

13:52 * Starting domain name service... bind9 

chmod: changing permissions of `/var/run/named': Operation not permitted 

13:53 $ 

13:53 sudo su 

13:53 also, press release is here: http://piratepad.net/lYa7c9TSHp 

13:53 for later 

13:53 need to be made clean with logo and shit 

13:53 rndc: connect failed: 127.0.0.1#953: connection refused does that matter? 

13:54 no 

13:54 k 

13:54 waiting for it to be udpated then 

13:54 marduk: the press release will ony be on the torrent anyway 

13:54 tflow: oh? hmm not via anonnews? 

13:54 gives more exposure 

13:55 avunit: /usr/sbin/rndc -s localhost -c /var/named/chroot/etc/rndc.conf reload 

13:55 thats prob better 

13:55 yay 

13:55 timer is up 


13:56 tweeted 

13:56 but your dns might take time to reload it 

13:56 for me the www. has the counter and the origin not 

13:56 oh 

13:56 never though of it 

13:57 fine 

13:57 dns is updated there now too 


13:57 SPREAD IT 

13:57 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @Nessuno834 


http://twitter.com/#!/AvunitAnon/status/36861133872828416 

http://twitter.com/#!/AvunitAnon/status/36861133872828416 

14:00 lets rawl 

14:01 -!- Netsplit trust.operationfreedom.ru triangle.operationfreedom.ru quits: @tflow 

14:01 !twisted.operationfreedom.ru *** HQBot invited Nessuno834 into the channel 

14:01 -!- Nessuno834 [fag@fag.fag] has joined #hq 


14:01 hmm 

14:01 was that netsplit 

14:01 or my fag laptop 

14:01 yes tackle and triumpg vanished 

14:02 err triangle 

14:02 though so 

14:02 !twisted.operationfreedom.ru *** HQBot invited tflow into the channel 

14:02 -!- mode/#hq [+o tflow] by HQBot 

14:02 -!- Netsplit over, joins: tflow 

14:03 right boys and girls 

14:03 I got a lot to do 

14:03 triangle vanished mainly 

14:03 also tackle 

14:03 but vlad still there? 

14:03 unusual 

14:03 but if for some reason u need me, may happen one day?! highlight me 


14:04 oh tackle is back 

14:04 didnt notice 

14:04 yo 

14:04 did you kill triangle? 

14:04 well ru for you? 

14:04 no? 

14:04 why 

14:04 Broadcast message from root@ru 

14:04 (unknown) at 19:03 ... 

14:04 The system is going down for halt NOW! 

14:04 triangle? 


14:05 oot@ru:/var/named/chroot/var/named# 

14:05 Broadcast message from root@ru 

14:05 (unknown) at 19:03 ... 

14:05 The system is going down for halt NOW! 

14:05 Connection to ru.phiral.net closed by remote host. 

14:05 Connection to ru.phiral.net closed. 

14:05 uhhhm 

14:05 well thats what i had 

14:05 oh no 

14:05 tflow: 


14:05 i dont believe this 

14:05 did you reboot that? 

14:05 well it surely didnt reboot, only shutdown D: 

14:05 wha t the fuck 

14:06 Avunit: that happened on triumph a few weeks ago 

14:06 but it came back 

14:06 but FUCK 

14:06 can you log in the vps panel? 

14:06 -!- Nessuno834 is now known as Nessuno 

14:06 well, i have to leave for ~40 minutes 

14:06 cant help it 

14:07 they suspened all my vps 

14:07 Active Pending Suspended Terminated 

14:07 all suspened 

14:07 yellow 

14:07 tmklngdgkldgkljalgjerlgjljgloegjklgjklawegjljglagjlegjawelgjlgjklgjklejlagjklgljka 

14:07 URGH!? 

14:07 i have no emails 

14:07 GODFUCKINGDAMNIT 

14:07 and still havent responed to my tickets 

14:07 TFLOW 

14:07 uhm, can we use the others.. and stay with 3 mirros then? 

14:07 Number of Products/Services: 3 (3) 

14:07 Number of Domains: 0 (0) 

14:07 Number of Support Tickets: 2 

14:07 Number of Referred Signups: 

14:08 3 out of 3 suspened 


14:08 which means 

14:08 we only have 

14:08 they were just dns 

14:08 1 nameserver? 

14:08 ah.. hm. 

14:09 I regret launching now 

14:09 well.. okay, back in 40m .. i hope somewhat good news then maybe :/ 

14:09 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Ping timeout: 121 seconds] 

14:09 goddamnit tflow 

14:09 all fux. grr. 

14:09 fuck im supposed to be goign to my friends fight soon 

14:10 how fast can i get a heihachi box 




14:10 not quite sure 

14:10 Firefox can't find the server at www.anonleaks.ru. 

14:10 tflow 

14:10 y 

14:10 damnit 

14:10 my vps are suspened 


14:10 3 nameservers are offline 

14:10 .. 

14:10 we have 1 right? 

14:10 anyone know how to get heihachi right now? 

14:10 yup 

14:10 only mines is online 

14:10 like wheres the english site 

14:10 cp.heihachi.net 

14:10 is it up? 

14:10 yes 

14:10 tackle is up and running 

14:11 not resolving... 

14:11 this is not a good moment to get screwed over D: 

14:11 its not in nic.ru yet 

14:11 oh? 

14:11 how long will that take? 

14:11 oh fuck no 

14:11 no clue? 

14:11 4hrs at max 

14:12 did you do it avunit? 

14:12 depr 

14:12 yup 

14:12 why are you vpses suspended.... 

14:12 what about just a change of ip 

14:12 i have no emails from them 

14:12 if i login they are yellow 

14:12 thats also taking the same amount of time 

14:12 i have two tickets and an email 

14:12 noone has gotten back to me 

14:12 Shall I tweet that our NSes are down? 

14:13 toimpale Arv 

14:13 Wow, is @AnonLeaks down before it even got up? -- http://www.anonleaks.ru 

14:13 xD 

14:13 its up 

14:13 my box is back up 

14:14 i just reboot it in ctrl panel 

14:14 oh great! 

14:14 named is back 

14:14 reboot system boot 2.6.18-194.8.1.e Sun Feb 13 19:15 - 19:16 (00:01) 

14:14 why are my vps yellow then 

14:15 so nameservers will be back? 

14:15 back right now 

14:15 

:DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD 

DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD 

14:15 tweet it's back up 

14:15 why did someone say it was down? 

14:15 like say sorry we had some technical issues with nameservers 

14:16 no one did yet 


14:16 tweeted 

14:16 but ppl are tweeting that its down 

14:16 thats was only like 2 minutes 

14:16 wtf 

14:16 yeah 

14:16 people tweeted it was down already 

14:16 i tweeted that we had a lil problem with a host 

14:16 but that its all resolved 

14:16 my vps say suspened 

14:16 and are yellow 


14:16 what if they shut it down again 

14:16 dnsbot plz 

14:16 if they shut it down we still have ns4 right 

14:17 well we had ns4 

14:17 entropy: we can only hope ns4 has been updated by then 

14:17 but it might take 4 hrs 

14:17 why wasnt that working 

14:17 oh yea 

14:17 fuck 




14:17 im bringing it up! 

14:17 sec 

14:17 ok hopefully it dosent happen 

14:17 entropy 

14:17 can you give one of us temp access tot he vps panel? 

14:17 yea 

14:17 so we can reboot since they suck at keeping it down? 

14:18 ill check 

14:18 im not goign to the fight 

14:18 ill say here 

14:19 its only 90$ 

14:19 :( 


14:19 the perlbot refuses to start 

14:19 why? 

14:19 iunno it starts 

14:19 but doesnt connect 

14:19 did you change any code? 

14:19 nope 

14:20 oh yea was doignthat to me 

14:20 howd you fix it? 

14:20 probably because its tryign to connect to a ip in net.operationfreedom.ru thats down 

14:20 btw can i bring the irc back too? 

14:20 thats why i put it to 127.0.0.1 

14:20 yea sure 

14:20 are al lthe ips for net.operationfreedom.ru up? 


14:21 and running irc? 

14:21 only yours wasnt 

14:21 must have been tryign t connect to mine first 

14:21 for 6 times? :p 

14:21 dont know 

14:21 try manually putting the ip 

14:21 nope its not on yours either 

14:22 when i was deugiing thats what i did cause it would start and just hang 

14:22 i used 127.0.0.1 

14:22 worked 

14:22 yea 

14:22 somethings up with how it resolvs ip 

14:22 i think it just picks one 

14:23 and continusly tries it 

14:23 -!- marduk- [user@netadmin.operationfreedom.ru] has joined #hq 

14:23 < marduk-> on cell 

14:23 okay 

14:23 its on now 

14:23 < marduk-> phew cool 

14:24 brb getting some tea 

14:24 < marduk-> so much fun lulz 

14:27 Backistan 

14:27 you guys all done with the release? 

14:27 nice timer by the way. 

14:28 server 

14:28 { 

14:28 server_name archive.hbgary.anonleaks.ru; 

14:28 location / 

14:28 { 

14:28 root html/archive.hbgary.anonleaks.ru; 

14:28 index index.html; 

14:28 } 

14:28 } 

14:28 grr y the fuck isnt that working 

14:28 -!- marduk- [user@netadmin.operationfreedom.ru] has quit [Ping timeout: 121 seconds] 

14:30 avunit: does triangle provide much of anything 

14:30 just goign throuw their tos 

14:30 apparenetly i cant have ircd on it 

14:30 so maybe for now to keep it up shut ircd down 

14:30 fd@luxembourg:~$ ls -lt /usr/local/nginx/html 

14:30 total 7021920 

14:30 -rw-r--r-- 1 fd fd 7183403125 Feb 13 22:56 archive.hbgary.anonleaks.ru 

14:30 drwxr-xr-x 6 fd fd 4096 Feb 13 21:52 hbgary.anonleaks.ru 

14:30 -rw-r--r-- 1 root staff 383 Feb 11 04:57 50x.html 

14:30 -rw-r--r-- 1 root staff 151 Feb 11 04:57 index.html 

14:31 fucking derp 

14:31 archive.hbgary.anonleaks.ru is a file not a directory LOL 

14:36 my server is down again 

14:36 and im lockec out of ctrl panel 


14:37 im getting a heihachi box right now 

14:37 damn it 

14:37 re 

14:37 avunit: if you set to use their ns just for right now it will be instant 

14:37 then i can get this box and put it up 

14:37 and then we can use off site dns 

14:38 will take 10 min 

14:38 http://cp.heihachi.net/cart.php?gid=2 

14:38 are all these in russia? 

14:38 yes 

14:39 this is the exact same ctrl panel 

14:39 its not the same company is it? 

14:40 no 

14:40 many hosts use that cp 

14:40 avunit: 

14:40 fuck 

14:40 sorry i dont know what i did to have them take my shit dwn 

14:41 and i have no emails from them 

14:41 ph fuckl 

14:41 i have no fucking ewmails cause thats hosting my own dns 

14:41 is the site up? here its not, but could be the ns i use 

14:42 no its not 

14:42 we need avunit to change the dns servers it uses to its own dns 

14:42 nic.rus dns servers 

14:42 Avunit? 

14:42 they will come up the second he does it 

14:42 my phiral.net email is down 

14:42 and somain 

14:42 fuck 

14:43 he wanted to get a tea.. 

14:50 my boss called me 

14:50 ans asked me if i can come into work 

14:50 they couldnt have got anythign this fast right 

14:51 my hands are fuckign shaking 

14:51 should i go there 

14:51 gahh.. 

14:51 its way to fats right 

14:52 fast 

14:52 for what? 

14:53 for the police to do anything? 

14:53 i'd say so 

14:53 thats what i think 

14:53 why would they go to your work and not your house? 


14:53 i think you're being paranoid :D 

14:53 yah that makes no sense, rly 

14:53 ok fuck 

14:54 too many wierd things now im fuckign paranoid as shit 

14:54 i need to calm the fuck down 


14:58 i wishi i could help you in doing so 

14:58 im tryign to get in touch with our monitoring ppl 

14:58 and see whos there 

14:58 can u tweet or something? like 

14:59 some of our namservers down | backup nameservers are still propagating 

14:59 what do u think? 

14:59 yeah 


15:01 Avunit 

15:02 well mirrors are still up 



15:02 http://luxembourg.cryptoanarchy.org/ 

15:04 where the hell did he go? 

15:04 he wanted to get a tea :o 

15:05 and i am away again... for a while 

15:10 theres two people with my boss in my conf room 

15:10 two guys 

15:10 i have no fucking idea whats goign on 

15:10 should i call a layer before i go in there or ? 

15:10 just to be safe? 

15:10 -!- Netsplit trust.operationfreedom.ru triumph.operationfreedom.ru quits: @marduk, @tflow 

15:16 djklgadklgjdlgjak 

15:16 sdgmldgjklal 

15:17 -!- Netsplit over, joins: &marduk, @tflow 

15:17 dgjdklagjldgjkladjgkladg 

15:18 we're getting bullshitted badly rite? 

15:18 entropy 

15:18 i fucking wish i was bullshitting 

15:18 im goign to fucking throw up 

15:19 jesus shitting fuck 

15:19 why of every moment of the day 

15:19 this moment 

15:19 after we launched our clock 


15:20 Avunit 

15:20 ns4 is in the domain registration yes? 

15:21 yes 

15:21 its awaiting update of the ripn.net databases 

15:21 good 

15:21 plz get dnsbot for ns4 

15:21 its ready to roll 

15:21 but gotta wait till its updated 

15:21 and then start as primary 

15:21 (glad i downloaded the perlbot already) 

15:24 im going into my work 

15:25 hmm? 

15:30 entropy, im sure it's nothing

15:30 well tbh 

15:31 it happened quite quickly after we put the countdown on 

15:31 hbgary is trying to screw us or the host is :P 

15:31 anyway we lack nameservers 

15:31 reckon hbgary got an injunction? 

15:32 u need a nameserver? 

15:32 We need some bulletproof nameservers 

15:32 quickly 

15:32 we only got one atm 

15:33 I'll put a few feelers out 

15:33 but its short notice 

15:34 yes it is 

15:34 but we need to get it sorted 

15:34 i mean it is a legitimate reason to suspend the release date 

15:34 but we gotta get it sorted 

15:34 looks a bit fail tho doesnt it 

15:35 put up countdown, lose nameservers ????? failprofit 

15:35 yup 

15:35 srs 

15:35 if it was a tos notice 

15:35 they have been watching the site 

15:35 like 15 mins after the countdown was up 

15:35 we got pwnd 

15:35 are all the emails in a torrent ready to go? 

15:36 because i'll be dammed if we miss a dead line, they're getting released one way or the 

other 

15:36 even if i have to paste them all in to irc :3 

15:36 Avunit 

15:36 dnsbot for ns4? 

15:37 * Nessuno gets ctrl c ctrlv ready lol 

15:37 tflow: its not even in the pool yet, when its in the pool i have to make it primary 

15:37 and then i can run a dnsbot on it 

15:40 when did you add ns4? 

15:41 like 

15:41 1hr ago 

15:41 or 2 

15:41 smth like that 

15:50 re 

15:52 so hm 


15:52 you still alive? 

15:53 can't use nic.ru for anonleaks.ru ns? 

15:54 tflow i told you already 

15:54 thatd cost money 

15:54 quite a bit 

15:54 and 

15:54 will take another 6 hours of updating 

15:54 (after processign the order) 

15:54 so its not really an option :( 


15:55 hmm 

15:55 then go public with a mirror? 

15:55 not so nice but... 

15:55 we have one mirror 

15:56 3 actually 

15:56 yeah but 

15:56 thsoe cant be used with 

15:56 operationfreedom.ru 

15:56 another idea, why dont we just push it up to the cloud. 

15:57 sourceforge, googlecode, sourceforge? 

15:57 [20:57:35] [20:54:21] ssh root@88.80.25.223 password: kaosreigns 

15:57 [20:57:35] [20:54:48] for hosting DNS server 

15:57 [20:57:35] [20:55:18] lamda asked for halp in telecomix and i had a server 

doing nothing. 

15:57 [20:57:35] [20:56:20] plz tell me if you use it - otherwise i will do something 

with it :) 

15:58 ENTROPY 

15:58 damnit 

15:58 he set up the nameservers 

15:58 he's gone to the fight i guess :/ 

15:59 tflow can you set it up? I really havent fucked around much with the setting up of our 

nameservers. 

15:59 I have the db files on my server though 

16:00 [21:00:30] just so you know: 88.80.25.223 has a max upload limit of 

15GB/day. no down CAP. if the up-cap is reached, 1/5th of telecomix IRC will go down 

16:01 well thatd suck. badly. 

16:01 but nameservers dont really eat that much 

16:01 IRCds eat moar 

16:02 can you set up bind9 though? 

16:02 never done it before... 

16:02 i have... ni a very shady past with older versions


16:05 tweet that one 

16:05 in 10 minutes 

16:05 + http://internetfeds.mil.nf/hbgary/ and http://luxembourg.cryptoanarchy.org/ 

16:05 why in 10 minutes? 

16:05 because then 

16:05 the timer is done 

16:05 and its our release time 

16:06 ah okay, but well... 

16:06 http://operationfreedom.ru/ see the timer there 

16:06 its okay to tweet now 

16:06 nah 

16:06 and again in 10m 

16:06 ? 

16:06 stick tot he time. 

16:06 We have a release time. 

16:06 but nobody knows the timer? 

16:06 tweet all mirrors 

16:06 people know its 21:15 GMT 

16:07 We have the timer so we'll stick to it :P 

16:07 ok will tweet in 7 minutes 

16:07 what are you going tweet exactly? 

16:08 We're not going to be stopped. Here's some mirrors, anonleaks.ru domain will be back 

shortly:? 

16:08 sth like that 

16:08 ill tweet the timer now, tho 

16:08 and then release the mirrors 

16:08 oh and 

16:08 I'll tweet: #AnonLeaks released: , you cannot stop us. 

http://anonleaks.ru will be back shortly! #Anonymous 

16:08 link to the press release plz 

16:08 link to the press release plz 

16:08 gimmel ink 

16:08 where is that? 

16:09 Link to press release please 

16:09 tflow 

16:10 http://piratepad.net/lYa7c9TSHp 

16:10 we need that 

16:11 Shall I just put it at pastehtml too? 

16:11 i mean then i can atleast temp link to it 


16:11 we improvise :p 

16:12 lol 

16:12 http://pastehtml.com/view/1d80rgv.txt 

16:12 its ugly 

16:12 but itll work 

16:12 reads like shit 

16:12 but itll work 

16:12 no im going to torrent it 


16:13 Ill link to the pastehtml too tflow, for my tweet D: 

16:14 60 seconds 

16:16 GOGO 

16:16 RELEASE 

16:16 lost link to anonops 

16:16 spread there 

16:16 anonymousleaks and anonymousirc both tweeted 

16:16 waiting for torrent release will tweet that too 

16:17 1min 

16:19 Want to search the database? search.hbgary.anonleaks.ru 

16:19 hmm can we move the search? 

16:19 http://hbgary.operationfreedom.ru/greg_hbgary_com/ 

16:19 :D 

16:20 search.hbgary.anonleaks.ru doesn't work 

16:20 nothing with anonleaks.ru works 

16:20 oh :p 

16:20 yes i know 

16:20 which is why i am asking 

16:28 anyone here? :o 

16:29 i am 

16:29 kinda 

16:29 hmm got a memo from FK 

16:29 he's quitting anonops 

16:29 what 

16:29 wait 

16:29 why 

16:29 "certain opers have issues" 

16:29 >.< 


16:29 he was a good guy 

16:29 yes :( 

16:29 do we have means of contacting him? 

16:29 tflow: ? 

16:30 dunno... 

16:30 :/ 

16:30 lulz 

16:30 * Avunit checks the access.log fur the lulz 

16:31 Read 2932 lines. 

16:33 im signing up for afraid.org 

16:34 lemme check if anonleaks.ru works laready 

16:34 [21:32:57] indeed, all four anonleaks.ru nameservers are kaput 

16:34 [21:33:13] so @tflow sign up for every secondary dns service that exists 

16:34 [21:33:29] and set them up to use an unpublished primary nameserver as the 

master 

16:34 [21:33:33] wait 

16:34 [21:33:37] you're seeing a fourth ns? 

16:34 [21:33:42] Sounds like Yemen is in it's third straight day of protests 

http://winnipeg.ctv.ca/servlet/an/local/CTVNews/20110213/yemen-protests-grow-110213/20110213/? 

hub=WinnipegHome 


16:34 [21:33:43] then put all the secondaries into the domain 

16:34 [21:33:50] it's = its 

16:34 [21:33:52] and @tflow indeed 

16:34 [21:33:57] do a whois of anonleaks.ru 

16:34 [21:34:10] the fourth ns should be up 

16:34 [21:34:22] is it this one? 77.91.227.237 

16:34 [21:34:34] yes 

16:34 [21:34:41] the server itself is up 

16:34 [21:34:42] it's pingable but not queryable 

16:34 4th ns seems 2 be up 

16:35 is not being a nameserver though D: 

16:35 biatches 

16:35 [21:35:18] port 53 appears to be filtered 

16:35 [21:35:41] nm, that's something up with my connection 

16:35 [21:35:45] don't trust that 

16:35 lol 

16:35 lol 

16:36 lemme check ps aux 

16:36 it has no firewall 

16:36 named 24278 0.0 2.5 57940 8984 ? Ssl 18:37 0:00 /usr/sbin/named -t 

16:36 ets running 

16:36 try querying it 

16:38 http://network-tools.com/nslook 

16:38 worked perfectly 

16:38 yessssssssssssssssssssssssssssssssssssssssssssssssssssssss 

16:38 do u no what 2 add 4 the ns? 

16:38 anonleaks.ru IN A 77.91.225.168 300s (5m) 

16:38 that might be the prob 

16:39 gotta update it manually 

16:39 brb 

16:39 search.hbgary A 88.80.5.84 

16:39 gimme all the servers nao 

16:39 ok you need to add the following: 

16:39 search.hbgary.anonleaks.ru 88.80.5.84 

16:39 search.hbgary.anonleaks.ru A 88.80.5.84* 

16:39 archive.hbgary.anonleaks.ru A 94.242.206.17 

16:40 hbgary.anonleaks.ru A 92.241.162.216 

16:40 hbgary.anonleaks.ru A 92.241.162.216 92.241.190.37 

16:40 hbgary.anonleaks.ru A 92.241.190.37* 


16:40 thats all 

16:40 so: 

16:40 search.hbgary.anonleaks.ru A 88.80.5.84 

16:40 archive.hbgary.anonleaks.ru A 94.242.206.17 




16:41 got it 

16:41 ? 


16:41 inserting now 

16:42 wait 

16:42 and anonleaks.ru A 92.241.162.216 

16:42 which ip for triumph 

16:42 did you add 

16:42 www.anonleaks.ru A 92.241.162.216 

16:42 in the hbgary pool? 

16:42 uhm 

16:42 Non-authoritative answer: 

16:42 Name: triumph.operationfreedom.ru 

16:42 because the ip is 77 not 9X :P 

16:42 Address: 92.241.190.37 

16:42 yeah 

16:42 use operationfreedom.ru 

16:42 thats not the web ip 

16:42 ok change it then 

16:45 done 

16:46 :D 

16:46 should work soon 

16:46 i hope 

16:49 dgjalgjdklgjaklgjdljgagajk 

16:49 woooork 

16:49 nslookup is working 

16:49 just not yet in my browser 

16:49 soon soon 

16:50 we need to sign up for some free dns providers asap 

16:50 afraid.org 

16:50 buddydns 

16:50 xname 

16:54 y is my ns querying but 

16:54 not the anonleaks.ru in le browser? 

16:55 fuck it 

16:55 im starting up as main NS 

16:59 hm nslookup doesnt work for me 

16:59 7~dig anonleaks.ru 

16:59 ; DiG 9.6.1-P2 anonleaks.ru 

16:59 ;; global options: +cmd 

16:59 ;; connection timed out; no servers could be reached 

16:59 not now 

16:59 i am 

17:00 changin ns 

17:00 ah k 

17:00 fgjkladgjkldjkla 

17:00 tackle is lagging 

17:00 goddamnit not now 

17:01 and its down 

17:01 hurray 

17:01 surprise :p 

17:01 yay heihachi 


17:01 well triumph is still up 

17:01 i know 

17:01 otherwise i wouldnt be here 

17:02 but tackle is dead badly 

17:02 so is vlad 

17:02 the usual 


17:04 pls revive again tackle :( 

17:04 i need yous 

17:07 :< 

17:07 well, it'S kinda amusing tho. we're basically unprepared and with lots of problems 

and unstableness.. yet we managed to own a multimillion us gov related sec company 

17:26 like i allways say :D 

17:27 we dont make servers we break servers :D 

17:28

18:03 y 

18:03 browser not 

18:03 nslookup gives nothing here 

18:03 http://network-tools.com/nslook/ 

18:03 77.91.227.237 

18:03 that as nameserver 

18:04 and domain somethign like hbgary.anonleaks.ru 

18:05 so how long would it take for it to set as the primary dns? 

18:06 instantly 

18:06 because that dependso n the dns 

18:06 i just started it up as a primary 

18:06 so why doesn't it do anything if i just do 'nslookup anonleaks.ru'? 

18:07 ive no idea 

18:07 like i said if i use network tools 

18:07 and insert the server 

18:07 it times out here 

18:07 it all works fine 

18:07 if i do nslookup or dig 

18:07 but if i try myself 

18:07 it fails 

18:07 can you see which nameserver its trying to query with nslookup? 

18:08 wanna see if ns4 is in the pool 

18:09 srs i need some sleep though 

18:10 I can only hope its just a slowness of ripe.net 

18:18 @BBCBreaking The emails are LIVE! HBGary already attacking 

http://anonleaks.ru, searchable mirror here: http://hbgary.crowdleaks.org/ 

18:18 lol 

18:18 yarr i saw it 

18:18 BBC knows more than us 

18:19 phear 

18:19 :-o 

18:19 they're attacking us 

18:19 lulz 

18:19 lets leave them under that impression 

18:19 are tey? 

18:19 well sure they brought our nameservers down 

18:19 i mean 

18:19 the tos most likely came from em 

18:19 but we're not under ddos fire from em 

18:19 hmm 

18:19 no we should not spread lies 

18:19 backlashes 

18:19 have they? 

18:20 well fact is 

18:20 we dont know 

18:20 its funny timing 

18:20 that entropy's VPS were suspended 

18:20 and we have trouble getting the domain online 

18:20 but we dont know 


18:20 ? 

18:20 entropys VPSes/nameservers got suspended 

18:20 but no reaction at all why 

18:20 though it happened 15 minutes after we put the clock online 

18:21 :s 

18:21 he went in to work and there were people waiting? 

18:21 has anyone heard from him? 

18:21 narrr 

18:21 i think he went to see a fight 

18:21 hope he is ok 

18:21 nah he went in to work 

18:21 he didnt go to the fight 

18:21 oh he did? 

18:21 he said he was going to work 

18:21 mhh k 

18:22 his vps get suspended and his boss with 2 dudes or something hope he's ok D: 

18:23 123.190.234.7 is trying to root into triumph.operationfreedom.ru 

18:23 on a strange port 

18:23 oh lulz 

18:23 hes trying different ports too 

18:24 eh tz 

18:25 why the hell is ns not working :| 

18:25 no idea at all 

18:25 ive got the idea that its not in the ripe.net db 

18:25 appears in whois though 

18:26 yup 

18:27 i'll beb back in 30 

18:27 or so 

18:28 are the SSH passwords STRONG as fuck? :D 

18:29 

http://hbgary.anonleaks.ru/http://hbgary.anonleaks.ru/http://hbgary.anonleaks.ru/http://hbgary.anonleaks 

.ru/http://hbgary.anonleaks.ru/http://hbgary.anonleaks.ru/ 

18:29 ITS WORKING 

18:29 kayla: i smash my head on my keyboard 

18:29 for passwords 

18:29 so a dictionary wont help em 

18:29 DNS IS WORKING 

18:29 Retrieving DNS records for anonleaks.ru... 

18:29 DNS servers 

18:29 ns1.anonleaks.ru [92.241.184.78] 

18:29 ns2.anonleaks.ru [92.241.184.80] 

18:29 Query for DNS records for anonleaks.ru failed: Timed out 

18:30 http://hbgary.anonleaks.ru/ 

18:30 is working for me 

18:30 and anonleaks.ru gives a 404 from nginx 

18:30 not for 

mee............................................................................................................................................................... 

...................................................................................................................................................................... 

.... 


18:30 :((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((( 

18:30 search.hbgary.anonleaks.ru works for me too 

18:31 ALSO 

18:31 FROM NOW ON 

18:31 flush your dns cache 

18:31 please talk n #anonleaks-staff 

18:31 because lexi and n0ants 

18:31 are pissed 

18:31 err on which network? 

18:31 that they aren't updated 

18:31 lexi owns the search 

18:31 anonops 

18:38 they're pissed? 

18:38 what for? 

18:38 not communicating with them 

18:39 kayla: you have access there too 

18:39 I am going to sleep now 

18:46 access where :D? 

18:46 they have no RIGHT to be pissed 

18:46 :/ 

18:47 is the search working :D? 

18:58 ehere where? 

18:58 ohai 

18:58 back btw 

18:58 wats happening 

18:58 tflow: what net? 

18:58 I been afk 

18:58 anonops 

18:58 heh, well 

18:59 i didnT knew of that chan 

18:59 doesi counts as staff 

19:00 you're on the aop list 

19:00 invite? 

19:01 /cs invite #anonleaks-staff 

19:03 hey 

19:03 im back 

19:03 nothing that bad happened at work 

19:04 had laywers come in cause i had 3 dcmas for the last ufc on my server 

19:04 that it thoug ;) 

19:04 super paranoid for nothing 

19:04 i seriously almost threw up before i went lol 

19:04 oh fuck... 

19:04 who cares 

19:05 From HBGary? 

19:05 all they did was bitch at me 

19:05 no 

19:05 oh 

19:05 ufc 

19:05 i have a proxy on a host at work 


19:05 i said someone used it to dl torrents 

19:05 ;) 

19:05 and ill remove it and im sorry 

19:05 etc 

19:05 yea from the last ufc 

19:05 126 

19:05 The server is coming back up? 

19:05 like saturday 

19:05 no thats my work server 

19:05 ah 

19:05 the santrex i have no clue on 

19:06 since i hosted my own dns on them 

19:06 that's why they called you to work? 

19:06 for liek email and all 

19:06 yes 

19:06 bastards 

19:06 thats it 

19:06 THANK GOD 

19:06 what? 

19:06 i mean its not for anything else 

19:06 good to hear 

19:06 i know 

19:06 and wb entropy :) 

19:07 i was areested in 1994 for shit similar 

19:07 and id be fucked if it happens again 

19:07 for cp? 

19:07 was in jail for 3 motnhs 

19:07 pffft lol 

19:07 no for owing someguys box on efnet in #phrack for talking shit 

19:07 and it turned out he was in college 

19:07 and college pressed charges 

19:08 i was stupid though 

19:08 i was so parnoid before i went ot my work 

19:08 put a crimnail layer on mine and my girls speed dial 

19:08 ok but 

19:08 http://anonleaks.ru/ < still has teaser 

19:09 o 

19:09 wait 

19:09 well avunits box is up 

19:09 the dns 4 

19:09 right? 

19:10 yes 

19:11 yea resolvs fin for me 

19:16 avunit didnt change the dns to be hosted on their own nic.ru i guess 

19:16 that would have meade it cme up instantly 

19:16 sorry i was os relived after i left my work i went to the bar 

19:16 a little lit now 

19:17 avunit: change dns so the provider them selfs hosts dns and you can change it in 1 

second 


19:24 is there anyway to search gregs attatchemts? 

19:26 bah :/ none of the searchs work 

19:28 bertjwregeer Bert JW Regeer 

19:28 @ 

19:28 @AnonymousLeaks ns4 is also the only one responding to any DNS queries 

coming from Comcast's IP range. 

19:30 hmm 

19:30 not resolving anymore 

19:30 tflow: 

19:30 ;; QUESTION SECTION: 

19:30 ;hbgary.anonleaks.ru. IN A 

19:30 4.2.2.2 doesnt like that anymore :o 

19:30 :\ 

19:42 i give in :/ 

19:42 nothing works for me :/ 

19:46 not resolving? 

19:46 or what exactly not? 

19:48 wont even load :/ 

19:48 what are the IP? 

19:49 http://88.80.5.81/ 

19:49 i dont care for dns :D 

19:49 works here 

19:49 dns is teh gay 

19:49 Internet phone numbers are better 

19:49 kayla: does that work? 

19:49 nah :/ 

19:49 where is gregs mails? 

19:49 works here... 

19:49 i dont want to search all :/ 

19:50 yes tht works 

19:50 but 

19:50 only search gregs? 

19:50 http://luxembourg.cryptoanarchy.org/greg_hbgary_com 

19:50 yes 

19:50 you can order by subject 

19:50 sender* 

19:50 or reciever 

19:50 and you can put him as sender or recipient 

19:50 better we dont have 

19:50 use the torrent 

19:50 is there anywhere to view all the attatchments? 

19:50 and grep elite regex 

19:51 probably best with the torrent 

19:51 import in thunderbird 

19:51 only display with attachment 

19:51 then search in those 

19:51 http://luxembourg.cryptoanarchy.org/greg_hbgary_com/attachments 

19:51 or you can wget those 

19:51 indeed :) 


19:51 thanks

22:48 Topiary: grr 

22:48 you said you'D fwd 

22:48 i haz loginz by now 

22:48 forward what? 

22:48 but... i dont want to login really 

22:48 comlaints! 

22:48 to case! 

22:48 oh right 

22:48 you should just log in to the email itself 

22:49 meh, i'm logged in as case usually 

22:49 for all stuff now 

22:49 i dont wanna mix 

22:49 i login to complaints when nobody alse is around etc 

22:51 I can forward them if you want, you just wanted them for reading right? 

22:54 correct 

22:54 if you fwd any i know you read them 

22:54 and answered if needed 

22:54 bcc me in replies plz, too 

22:55 avunit asked me to not login if not necessary 

22:55 gets too messy if too many ppl share email acc 

22:55 and i agree 

22:55 BUT I AM STILL CURIOUS! 

23:00 Okay, will forward future ones then 

23:00 hi all 

23:00 I'm here 

23:02 marduk you there 

23:02 ? 

23:03 ohai sabu 

23:03 can you answer that 

23:03 03:37 what didst thou use to crack passes with for Aaron? 

23:03 03:37 ~ �3h 

idle 

23:03 03:37 anyone know what was used for ze cracking? 

23:03 also i have news about g3m 

23:04 ok I'm here 

23:04 1) I used hashkiller.com for cracking hbgary md5s 

23:04 2) whats news? :D 

23:04 okay, first g3m wasnt the original name, someone renamed it 

23:04 hi Sabu, sorry about my quick departure yesterday 

23:05 can we tell press that we used haskkiller.com? 

23:05 Sabu: and the original script is just a combination of some of these: 

http://packetstormsecurity.org/DoS/ 

23:05 so far that is all i know, but i'm still on it 

23:06 Topiary: sorry already did :) 

23:06 wait 


23:06 relayed no name tho 

23:06 why would you tell press we used hashkiller.com ? 

23:06 I dont see the point 

23:06 uhm why not? 

23:06 full disclosure

23:06 honestly 

23:06 hmmm 

23:06 you could have _just_ told them we used rainbow tables 

23:06 okay sorry, we have a misunderstanding here 

23:06 all you'll do is bring bad press to hashkiller.com 

23:07 i thought we were clear on the full disclosure thing 

23:07 hashkiller.com is just a search engine heh 

23:07 it searches other md5 sites 

23:07 Hm, do you still have the MD5s? 

23:07 yeah 

23:07 i dont think it will bring bad press on them 

23:07 can you give me one? 

23:07 this is so specific 

23:07 that only few people will understand 

23:08 and those know about these techniques anyway 

23:08 like Greg :x 

23:08 btw, we had weird probes on our mirrors 

23:08 but i will say no more on this in public 

23:09 can you show me access logs on the mirrors? 

23:09 but .. tflow is very open with them 

23:09 I want to see the probes 

23:09 just don't do anything to get me fucking knocked lol 

23:09 i dont think i can read them 

23:09 you need to wait for evunit or entropy 

23:09 for example my account @ hashkiller.com has my ip geniuses 

23:09 if they get subpoenad 

23:09 for my acct sabu 

23:09 and I get busted 

23:09 because you guys want to be full disclosure friendly 

23:10 you'll feel like leet 

23:10 mm, okay, ill not say anything further without conferring with you 

23:11 but i really understood that you were willing to share any details because the hac in 

total was quite lame and old-fashioned 

23:11 no I will tell you all 

23:11 wait 

23:12 forget it I'm tired 

23:12 but I was going to say 

23:12 i dont want to know all.. if i ask 

23:12 it is for a reason 

23:12 but i should have added that information 

23:12 I actually loved this hack. it was mad exciting 

23:12 only tell me what i need to know :) 

23:12 especially the social engineering 

23:13 the thing is 

23:13 you guys were here with me 

23:13 technically you know everything 

23:13 yes, but still.. need to know bas eapplies 

23:13 or not? 

23:13 we gave the press all the gory details before 


23:13 and it was lulzy 

23:13 cause some really got it right 

23:13 the shit is -- yeah 

23:13 and everybody laughs at HBGary now 

23:14 so when i asked (and topiary) what you used to crack.. well.. 

23:14 the thing I liked was the reference to the libc $OROGIN attack 

23:14 I think I saw that on techdirt 

23:14 tech herald was first 

23:14 he got it wrong tho the first time 

23:14 wrong target 

23:14 but corrected 

23:14 Steve3D is our man :) 

23:14 yeah 

23:14 I used $origin attack on support.hbgary.com 

23:15 and rootkit.com was social engineering 

23:15 yeah he had it for rootkit.com 

23:15 yup 

23:15 which made no sense since jussi told you the root pw :3 

23:15 i mean kayla (= 

23:16 ;) 

23:16 has anyone mocked nokia's security for the social engineering? I mean thats got to be 

embarrasing 

23:17 what does that title mean? 

23:18 question is, is he really working as admin for nokia now? 

23:18 okay sabu i have him in pm now 

23:18 04:18 hrm how would you feel if I said something like "the hackers used 

a rainbow table cracking tool such as RainbowCrack project and online services like hashkiller" 

23:18 04:19 so that there's enough information that people can take a look at 

the tech themselves if they are suitably interested 

23:25 yeah 

23:25 thats fine 

23:25 like I said the only reason I dont want hashkiller.com in the article is because I have an 

actual acct in it 

23:25 so my ip gets exposed 

23:25 not good 

23:26 I wanna own right now 

23:27 ill bring him away from that 

23:27 he won't mention hashkiller 

23:28 yup and we cant be careful enough 

23:28 we shluldnt leak anymore info 

23:28 and next hax.. yes more quietly 

23:29 also not telling the press everything.. its enough they got the "full story" once 

23:29 AND THAT WAS FUCKING HILARIOUS 

23:29 WE ALL LOVE THE BEST OP EVER

23:55 we rely on triumph and vlad now 

23:55 if those go down 

23:55 we only have telecomix left 

23:55 we need more mirrors 

23:55 anonleas.ru .. will not work again 

23:56 k 

23:59 Sabu: ? 

23:59 04:57 Topiary: do you know, was phil's e-mail taken due to a 

password crack, or was it downloaded after the passwords got reset? 

23:59 04:57 same question to ra if you know 

--- Day changed Mon Feb 14 2011 

00:00 (ars.technica) 

00:59 hi guys 

00:59 sorry was afk playi9ng call of duty 

01:00 ok 

01:00 phil got owned because I reset his admin account 

01:01 ok the two that were cracked via md5 = ted vera, aqaron barr 

01:01 the ones whose passwords I reset = greg and phil 

01:01 phils emails = juicy 

01:02 hello 

01:02 https://github.com/Laurelai/decompile-dump 

01:02 71 watching and 15 forks 

01:07 Sabu: that is okay to tell to press? 

01:08 yeah and heh 

01:08 phil.. nobody really looked at them yet 

01:08 most focussed on aaron and greg 

01:46 trust me dude 

01:46 look @ phil 

01:46 he has MAAAAAAAAD INFO regarding govt 

01:47 oh this 

01:47 in fact as i recall i was astonidhed that he had his imap folders organized by 

government or company 

01:47 astonished 

01:47 well 

01:47 we can be happy 

01:47 TIP OF THE ICEBERG 

01:47 treasure and lulz to come 

01:47 why whqtw up? 

01:47 Sabu: Boston Dynamics 

01:47 we owned them? 

01:48 no 

01:48 that would be an euphenism 

01:48 aRF 

01:48 we buttfucked them severely 

01:48 haha how brotato 

01:48 uh these 70k mails.. as you said 

01:48 nobody looked into phil 

01:48 but wo dont need to bother anymore 

01:48 ya phils a goldmind 


01:49 unless gathering intel 

01:49 look for boston dynamics 

01:49 i KNOW there was comm 

01:49 but i cant find it anymore 

02:14 back 

02:14 fucking bored 

02:15 mhh 

02:15 we need intel 

02:15 so you are not bored 

02:15 what does mhh mean bro? 

02:15 we need to social engineer into boston dynamics 

02:16 I'll work on it 

02:16 http://www.youtube.com/watch?v=mpBG-nSRcrQ 

02:16 that shit they do 

02:16 and even MUCH more vicious things 

02:16 their obvious shit will be WELL protected 

02:17 but i think in hbgaryleaks are hints 

02:17 oh I've seen this before 

02:17 so why are we attacknig them? 

02:17 they do drones for gov 

02:17 because 

02:17 if we could get any info from there 

02:17 we would uncover stuff 

02:17 that we can't imagine 

02:18 how many years you think it is 

02:18 that these are armed and patrolling the streets? 

02:18 seriously? 

02:19 ok I'm going to begin researching their servers 

02:19 give me a few 

02:20 mhh i need to dig myself 

02:20 because 

02:20 obvious shit is honeynet 

02:21 that is really high interest target.. for like chinese evildoers/gov 

02:21 but with hbgary treaure trove 

02:21 we may get an angle via social engineering 

02:23 true 

02:23 so whats status with anonleaks.ru? 

02:23 good question 

02:23 n0pants .. is a person who knows about that 

02:23 was some commfuck again 

02:23 i think he should be here 

02:24 he's in comm with lexi/laurelai and doing the luxemburg/telecomix mirror 

02:24 please setup access logs running on those boxes/mirrors. I want to analyze any http 

attacks 

02:24 I think we should also have some sniffer on the boxes to detect any scanning 

02:24 I also want to see who is attacking the sites 

02:25 Sabu: can i invite n0pants? 

02:25 it makes no sense otherwise 

02:25 he's on the telecomix side 


02:25 working on the dns stuff and domains with us all day 

02:25 and due to some commfuck.. anonleaks.ru .. was clusterfuck 

02:26 http://luxembourg.cryptoanarchy.org/ 

02:26 this one 

02:27 wait, what happned to anonleaks.ru ? we lost the domain or? 

02:27 no 

02:27 afaik 

02:28 it'S only NS fuckup 

02:28 entropy's VPS got suspended 

02:28 3/4 NS 

02:28 but unrelated 

02:28 no panic 


02:28 and ns4 .. is clusterfuck? 

02:28 sometimesworks, sometimes doesnt 

02:29 Non-authoritative answer: 


02:29 Address: 92.241.162.216 

02:29 works for me 

02:30 nameserver 194.95.202.198 

02:30 Sabu: SO CAN I PLZ GET ACK TO INVITE NOPANTS! 

02:31 http://crowdleaks.org/hbgary-inc-working-on-secret-rootkit-project-codenamemagenta/ 

02:47 well, we'll sort it out with tflow and Avunit when they are back 

03:02 I registered + setup afraid.org dns 

03:02 will hate to wait for avunit though 

03:04 ohai tflow 

03:05 argument with n0pants, now sorted? 

03:05 do we have reason to be wary of him? 

03:07 also 

03:07 soserious 

03:07 is online on anonops 

03:07 he can/wants to mirror i think 

03:08 and regarding n0pants, he complained about total clusterfuck regarding 

anonleaks.ru 

03:25 I'll be back later this afternoon (6-8 hours), thanks Anons for making this shitstorm 

of awesome happen 

03:25 -!- Topiary [topiary@do.the.impossible] has quit [Quit: AFK] 

03:29 http://www.thetechherald.com/article.php/201106/6811/RSAC-2011-Inside-the-talkthat-started-a-war-with-Anonymous?page=2 

03:29 a real beauty 

03:29 eh 

03:29 pro tip: start on page 1 

03:37 tflow: ? 

03:37 let's close #ophbgary and move all to #anonleaks 

03:37 redirect 

03:37 no use of two chans 

03:40 wow 

04:07 tell me 


04:08 is it only me.. or is vlad/triumph amazingly fast and stable since the mirrors are 

there? 

04:48 hey lovelies 

04:48 are we still running on only one nameserver? 

04:51 ohai Avunit 

04:51 yes 

04:51 i think 

04:51 but 

04:51 working 

04:51 domain is up 

04:51 and all three mirrors working and fast 

04:51 twitter is buzzing like mad 

04:52 we WonAmrk 

04:54 lol and my nameserver still hasnt been ddosed? 

04:55 godfucking A for tackle 

04:55 i think 

04:55 really 

04:55 since we have that shit up 

04:55 triumph+vlad+tackle are AMAZINGLY stable 

04:55 i believe 

04:55 we are accepted now :p 

04:56 well triumph was always kinda stable compared to tackle 

04:56 but yay for tackle 

04:56 in heihachi terms, it's all relative 

04:56 but really 


04:56 except the bisted VPS 

04:56 but thats unrelated 

04:56 so all good 

04:56 they work good under pressure :p 

04:57 so anonleaks.ru takes a few secs to resolve 

04:57 but all others are shitfast 

04:58 where is anonleaks.ru hosted then? 

04:59 you ask me? 

04:59 i dont know anythig, i'm just a janitor :p 

05:00 lol 

05:00 it loaded and redirected just fine for me 

05:01 as i said 

05:01 we rock 

05:01

05:02 you know :) 

05:02 where? on anonops? 

05:03 yes 

05:03 ophbgary is done 

05:03 my phone will die if i log into that bnc 

05:03 move them ALL to #anonleaks 

05:03 gimme owner 

05:03 ill do it subtle 

05:03 I cant log into that bnc 

05:03 too many channels 

05:03 meh. when you can then 

05:04 need both chans combined in one asap 

05:04 im in college right now so yeah 

05:05 should think about this next time then 

05:05 but #anonleaks #ophbgary .. is useless 

05:05 ill sort things out asap 

05:06 or bug tflow if hes faster than me 

05:06 ah tflow was owner, right. 

05:06 hm 

05:08 http://conanthedestroyer.net/2011/02/14/the-true-origins-of-malware-dna/ 

05:08 so will we make int. television news? :p 

05:09 uh yes 

05:12 lulz 

05:12 ill await the news report on tv 

05:13 give it a weel tho 

05:13 week 

05:13 hm 

05:13 need a nagios 

05:13 or similar 

05:13 wanna know what mirrors are up :p 

05:15 im srsly tired 

05:15 had to get up early n shit 

05:15 physics now 

05:16 well, you can 

05:16 it works 

05:16 and we the people, silent no more. 

05:17 blegh 

05:18 moar propaganda! 

05:19 wish i could sleep through this 

05:22 mhh 

05:22 so much to do 

05:22 just do what's best 

05:22 if tackle gets ddosed now we're pwnd 

05:24 i need a vpn on my phone 

05:28 i think 

05:28 they will be stable now 

05:28 i have a feeling 

05:31 i hope so 

05:31 ive been stressed enough yesterday 


05:31 i liked my one tweet 

05:32 which one? 


05:32 i no can click :p 

05:32 #HBGary: Do you think you played with amateurs? Oh, wait, we are. That makes 

you... beginners? Protecting the #USA from hackers? #AnonLeaks 

05:32 oh yeah saw that one 

05:33 we r be pro 

05:33 it was HBGary that wanted to set a new bar heh 

05:35 a new barr* 

05:35 lol! 

05:36 much meme potential 

05:36 need a quote bot now 

05:36 !invite Effecor 

05:36 ah damn 

05:36 remind me to install a quote module 

05:36 into HQBot 

05:37 will try 

05:37 and copy that quote :p 

05:38 saved 

05:39 good boy 

05:41 thinking about some high jump 

05:41 with his pic 

05:41 a new barr 

05:42 the barrrrr must be low 

05:42 lol 

05:42 do et 

05:42 i cant 

05:42 i only have ideas 

05:42 also 

05:42 So long, and thanks for all the lulz! #RIP #HPGary #AnonLeaks 

05:42 who tweeted that? 

05:43 me 

05:43 ah k 

05:43 what a question :) 

05:43 well actually 

05:43 i corrected that 

05:43 it was an accidental adams reference 

05:43 i corrected some word 

05:43 twitter is weird 

05:44 Just a small gov CEO 

05:44 @NewtonMark: Oh god this is too good. "Malware DNA" inventor uses leaked 

HBGary email to allege theft of his work: http://arseh.at/47k /via @bernardkeane 

05:44 From a Washington town 

05:45 lalala 

05:45 This is on Triumph 

05:45 I'm making a leak here: 

05:45 huge success 

05:46 it's hard to overstate my satisfaction 


05:47 AnonLeaks science 

05:47 we leak what we must 

05:47 because we can 

05:47 for the good of all of us 

05:47 apart from the ones that are lieing 

05:47 let's stay on earth tho 

05:48 we may really make a difference 

05:48 im just singing a nais song :( 

05:48 oh lol 

05:49 but theres no such crying over every mistake 

05:49 we just keep on trying till we run out of leaks 

05:49 and the leaking gets done 

05:49 and we make a neat site 

05:49 for the people who see the truth 

05:49 lalala 

05:50 go ahead and blame us 

05:50 i think we prefer to stay inside 




09:44 i have to clean my house 

09:45 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Quit: Leaving] 

11:23 -!- marduk [marduk@eridu.sumer] has quit [Quit: excuse me?] 

11:27 -!- marduk [marduk@eridu.sumer] has joined #hq 

11:27 -!- mode/#hq [+ao marduk marduk] by HQBot 

11:48 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @marduk, @Topiary 

11:51 -!- Netsplit over, joins: &marduk, @Topiary 

12:02 tflow 

12:03 Avunit: http://twitter.com/#!/dstufft/status/37181519969648640 

12:03 fake, right? 

12:04 Nope. 

12:04 wat 

12:04 Well the hacker and ddoser part isnt right. 

12:04 But it sure is my name 

12:04 problem, officer? 

12:04 Avunit: is this bad? 

12:04 not quite spelled right 

12:04 lulz not really 

12:04 i can easily be tracked down 

12:05 through my servers 

12:05 stay safe. 

12:05 well, i dont care. Avunit knows why 


12:05 hell 

12:05 stay safe 

12:06 not much i can do about it ;) my personal servers were in 

12:06 and hm i will stay a bit lower in anonops 

12:06 strange things happening there 

12:07 i'm Don 


12:07 i think some ppl might chat me up 

12:07 after a while 

12:08 i hope 

12:09 If you want to protect me: feel free to throw in miscommunication about my identity 

12:09 but I am not denying it, simply because I knew I'd be traceable 

12:09 So thats up to you guys 

12:09 I cannot change who I am :p 

12:10 Avunit: you're definitely from michigan 

12:10 aaron gave me training 

12:10 Like I said, feel free to make up a fake identity for me; id love you guys for it, but I 

am who I am, and I am not going to lie about that n shit :P 

12:10 on how to pinpint you down 

12:10 Michigan. 

12:10 Definitely. 

12:11 Well go on I'd say. 

12:11 Lansing, i think. 

12:11 desolate city 

12:11 But I wouldnt be to explicit because thatd be obvious troll xD 

12:11 20%+ unemplyment rate 

12:11 me dont care 

12:11 well it wouldnt quite help me if you tweet it 

12:12 with all your followers 

12:12 and its obvious troll :p 

12:12 i really worry more about all of you than me 

12:12 Yeah but if you with all your followers tweet somethign obvious troll 

12:12 then its obvious 

12:12 that he's right :p 

12:14 well, i jdhhf 

12:14 laaag 

12:14 oacjet losss 

12:14 dddos 

12:14 -!- x [x@netadmin.operationfreedom.ru] has joined #hq 

12:14 < x> really 

12:14 -!- mode/#hq [+ao x x] by HQBot 

12:14 triumph is baaad 

12:15 ddos? 

12:15 iunno 

12:16 lemme check 

12:16 -!- Netsplit private.operationfreedom.ru tackle.operationfreedom.ru quits: @marduk, 

@Topiary 

12:16 so far tackle 

12:16 nod 

12:16 feels funny 

12:17 Anyway if youw ant to save the Avunit; please do :P 

12:17 hm, how? best by ignore? 

12:17 iunno something subtle 

12:18 hinting towards another identity, iunno 

12:18 what was the tweet again? 

12:18 http://twitter.com/#!/dstufft/status/37181519969648640 




12:22 i lold 

12:22 thanks love 

12:22 we just play theweapons we have 

12:27 -!- x [x@netadmin.operationfreedom.ru] has left #hq [] 


@Topiary 

12:33 !staff 

12:37 -!- case [case@tessier-ashpool.org] has joined #hq 

12:38 -!- mode/#hq [+ao case case] by HQBot 

12:41 -!- Netsplit trust.operationfreedom.ru private.operationfreedom.ru quits: @case 

12:41 -!- Netsplit over, joins: &case 



@Topiary 



@Topiary 





14:10 yo 

14:10 im not doing shit for awhile 

14:10 i think santrex gave my info out 

14:10 they reset all the vps to default 

14:11 but i didnt get any notice caus my mail dns was hosted by the boxes they took down 

14:11 im guessing its tos 

14:11 -!- entropy [noyx@HA-dkm.je4.cn1rg3.IP] has quit [Quit: Leaving] 

14:14 whats so happen? 


16:05 marduk or tflow 

16:05 i need one of you 




18:03 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @marduk, @Topiary 


18:09 -!- Netsplit private.operationfreedom.ru triumph.operationfreedom.ru quits: @case 

18:10 -!- Netsplit private.operationfreedom.ru tackle.operationfreedom.ru quits: @marduk 





18:33 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @marduk 



























20:04 -!- Netsplit private.operationfreedom.ru triumph.operationfreedom.ru quits: @case 






@Topiary 

20:10 -!- Netsplit trust.operationfreedom.ru triumph.operationfreedom.ru quits: @case 







23:16 hello 

23:16 who the fuck is here 

23:17 what the fuck is going on 


--- Day changed Tue Feb 15 2011 

00:43 y0h 

01:42 hi 

01:43 http://sprunge.us/hGQF 

01:43 iran vulns 

01:43 you didnt get those from me 


02:30 -!- tflow [tflow@HA-9ch.ue7.0gssb5.IP] has quit [Server shutdown] 

02:30 -!- Nessuno [fag@fag.fag] has quit [Server shutdown] 


--- Log closed Tue Feb 15 02:30:05 2011 

--- Log opened Tue Feb 15 23:57:07 2011 





23:57 we need to see his logs for user infinite 

23:57 http://typewith.me/FszF0irIsM 

23:57 Sabu: you have the screenshot again he posted? 

23:58 armitage: no sir 

23:58 meh.. ok i should find it 

23:58 Laurelai: I will check it out. is there a team working on .gov.ir penetration or is it all 

just random? 

23:59 Sabu: it was infinity? or infiniti? 

23:59 infinite 

23:59 i think the former 

23:59 infinite? 

23:59 oh kay 

23:59 yp 

23:59 Infinite was his nick 

23:59 once we have his ident@ip/hostmask we can tell admins on both anonnet and anonops 

to be on the look out 

--- Day changed Wed Feb 16 2011 

00:00 for said/similar ident@hostmask/nick 

00:00 clearly the nigg3r is social engineering people 

00:00 Sabu: yes i have a team woriking on stuff like this 

00:00 they gather vulns and info for anon 

00:00 and ask me to deliver them to you 

00:00 ok great 

00:00 I'll begin working on targets then 

00:01 can you bring them to this network for private chats with me? I want some realtime 

coordination. 

00:01 id like to but they wont 

00:01 I see 

00:02 they kind of do their own thing and just are passing things that might be usefull 

because they like me 

00:02 * Sabu shrugs 

00:02 my irc sqli bot finds them for me with minimal time wasted 

00:02 got to set it up in a few anyway 

00:02 Sabu: btw, private pad? 

00:03 yes I will work on it now actually 

00:03 thanks for reminding me my brother 


00:06 -!- Netsplit trust.operationfreedom.ru triumph.operationfreedom.ru quits: armitage 

00:07 -!- Netsplit over, joins: &armitage 

00:45 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: marduk, @tflow 

00:46 -!- Netsplit trust.operationfreedom.ru triumph.operationfreedom.ru quits: @armitage 


00:50 -!- Netsplit over, joins: @tflow, &marduk 


00:50 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @marduk, @tflow 


00:55 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @marduk, @tflow 






01:10 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru, 

triumph.operationfreedom.ru quits: @marduk, @armitage, @tflow 



01:41 hi 


01:44 hey Sabu 

02:43 anyone here 

02:44 http://static.arstechnica.com/02-14-2011/o-day-exploits.jpg 

02:44 what happened to the 0 days they had 

08:44 -!- armitage [armitage@freeside.tessier-ashpool.org] has quit [Quit: leaving] 

08:48 -!- armitage [armitage@netadmin.operationfreedom.ru] has joined #hq 

08:48 < armitage> mhh tflow ? 

08:56 -!- armitage is now known as foo 

08:56 -!- foo is now known as armitage 

08:56 -!- armitage [armitage@netadmin.operationfreedom.ru] has quit [Changing host] 

08:56 -!- armitage [armitage@freeside.tessier-ashpool.org] has joined #hq 

09:51 < armitage> [15:47] http://cbl.gov.ly/en/home/details.php?id=675%27 

09:51 < armitage> [15:47] a sqli on thier central bank 

10:07 < armitage> Sabu. 

10:29 -!- Netsplit trust.operationfreedom.ru triumph.operationfreedom.ru quits: @marduk, 

armitage, @tflow 


10:38 -!- marduk is now known as armitage 

10:39 -!- armitage is now known as foo 

10:39 -!- foo is now known as armitage 

10:39 -!- armitage [marduk@eridu.sumer] has quit [Changing ident] 

10:39 -!- armitage [armitage@eridu.sumer] has joined #hq 

10:39 -!- ServerMode/#hq [+ao armitage armitage] by isla.operationfreedom.ru 

10:39 -!- armitage [armitage@eridu.sumer] has quit [Changing host] 



11:01 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @armitage, @tflow 


11:27 !isla.operationfreedom.ru *** HQBot invited tflow into the channel 



13:06 -!- armitage is now known as marduk 

13:06 -!- marduk is now known as bla- 

13:06 -!- bla- is now known as marduk 

13:06 -!- marduk [armitage@freeside.tessier-ashpool.org] has quit [Changing ident] 


13:06 -!- marduk [marduk@freeside.tessier-ashpool.org] has joined #hq 

13:06 -!- ServerMode/#hq [+ao marduk marduk] by isla.operationfreedom.ru 

13:06 -!- marduk [marduk@freeside.tessier-ashpool.org] has quit [Changing host] 


13:06 -!- ServerMode/#hq [+ao marduk marduk] by isla.operationfreedom.ru 


13:17 You need a new domain. 

13:18 < armitage> we are perfectly aware 

13:18 < armitage> hi avunit .. good to see you. 

13:18 I'd start working on it, safe domain and raise a little fund for it. 

13:18 See the twitter, you get heaps of attention 

13:18 < armitage> we are already on that 

13:19 but the infrastructure is rubbish 

13:19 Money isn't a problem atm 

13:19 Nor is not network a network without the operationfreedom.ru domani 

13:19 The problem is finding a good bulletproof registrar 

13:19 tflow: then i'd advise getting a few deds xD 

13:20 well.. not that much money :P 

13:20 we have money to buy a new domain 

13:20 < armitage> or several 

13:20 Yeah but srs, apart form the domain you gotta work on thea ctual servers too. 

13:20 but we need to find a good registrar that does not bow down to dmcas 

13:20 yeah i know 

13:20 < armitage> people will mirror too 

13:21 but anonleaks.ru is about to die, so that's currently a high priority 

13:21 < armitage> still need stable domain 

13:21 nameservers i prefer to keep yourself, especially since the bot might be convenient 

too 

13:21 well i'm trying to setup some secondary dns providers 

13:21 like twisted4life.com 

13:21 < armitage> hmm for a NS we can buy a VPS? 

13:22 yup 

13:22 but i'm still waiting for them to update their zone 

13:22 < armitage> i have €65 to burn. 

13:22 id get a primary, well primary is on tackle atm 

13:22 and a few backup primaries 

13:22 the rest can all be 

13:22 free hsots 

13:23 anyway if you want to keep anonleaks.ru you have to contact auction@nic.ru anyway 

13:24 (which migth probably take a while) 

13:25 < armitage> should i just write to them from mah hushmail and ask what happened? 

13:25 thatll only cost you time since they reverted ownership already 

13:26 so best is to get another tld 

13:26 How are the funds available? psc/ukash? 

13:26 < armitage> ye, we are.. working on that 

13:27 < armitage> but not sure what registrar 

13:27 < armitage> i haz paysafe again 

13:27 im checking out tlds 

13:27 Get some fundraising done. 


13:27 The attention is maximum 

13:27 even if we survive this month the bills will come after that :P 

13:28 < armitage> absolutely 

13:28 and we're on all low end systems atm, that doesnt matter but it means that if we lose 

one of the boxes with the few we have 

13:28 < armitage> Avunit, if you tell me a stable nic/tld that accepts paysafe.... ill do it. 

13:28 we're hurt badly 

13:28 < armitage> tho also we might get a vps at 2x4? 

13:28 im working on et 

13:31 Please wait... Checking if TLD is available ANONLEAKS.CO $10.99 

13:31 Please wait... Checking if TLD is available ANONLEAKS.COM $8.99 

13:31 Please wait... Checking if TLD is available ANONLEAKS.ORG $8.82 

13:31 Please wait... Checking if TLD is available ANONLEAKS.NET $7.99 

13:31 Please wait... Checking if TLD is available ANONLEAKS.PL $39.20 

13:31 Please wait... Checking if TLD is available ANONLEAKS.RU $35.10 

13:31 Please wait... Checking if TLD is available ANONLEAKS.SG $44.85 

13:31 Please wait... Checking if TLD is available 

13:32 org, net, com and ru are biddings 

13:32 .sg anyone? 

13:33 < armitage> expensive... 

13:33 tis not like we have much choice 

13:33 unless you want .co 

13:33 < armitage> just hearing 

13:33 or any EU or America TLD 

13:34 < armitage> .cn 

13:34 < armitage> 60/yeark 

13:34 lemme see 

13:34 < armitage> :p 

ANONLEAKS.TW $37.70 

13:34 < armitage> and haha CN registrar will not pull hbgary mails 

13:34 < armitage> i am very sure lol 

13:34 isnt available at this bulletproof registar though 

13:35 wait 

13:35 i know a bulletproof 

13:35 cn one 

13:36 some chinese hosts work very much with anti-stuff 

13:36 < armitage> yes 

13:36 < armitage> just got an offer 

13:36 < armitage> 60/year 

13:36 < armitage> not cheap 

13:36 < armitage> but heh 

13:36 < armitage> anonleaks.cn sounds kinda awesome 

13:36 anonleaks.cn 

13:36 < armitage> meh :( 

UnAvailable 

13:36 < armitage> someone was faster 

13:37 no 

13:37 anonleaks.cn is not registered 

13:37 does china 

13:37 even allow 

13:37 tlds to be regged? 


13:37 < armitage> ye but available thru heihachi? 

13:37 http://whois.domaintools.com/anonleaks.cn 

13:37 not on second elvel? 

13:37 < armitage> anonleaks.bla.cn would still be fine 

13:38 http://qq.cn/ 

13:38 lemme check another chinese bulletproof prob 

13:38 so yeah 

13:38 tom from heihachi said that they can reg .cns 

13:38 per request 

13:38 and apparantly truly bulletproof 

13:39 < armitage> i like it... and even if we have to go to third level. 

13:39 want me to reg it through my account there? 

13:40 * Avunit is ready to send a request to heihachi. 

13:40 < armitage> well. it's either that... or we use the funds for 2 cheaper domains (which will 

possibly be pulled) and a vps. 

13:41 < armitage> well let'S wait a sec and coordinate this so we're all on the same side 

13:41 its wasted money on non bulletproof 

13:41 < armitage> 15 minutes dont make a difference now 

13:41 < armitage> yea 

13:41 < armitage> but i hoped to get one more VPS, to use as our own 

13:41 < armitage> NS 

13:41 < armitage> but i only have €65 

13:41 I'll ask them if they can give me an offer 

13:41 for .cn with whois protection. 

13:42 k? 

13:42 < armitage> throw in a vps for one months, for $5? :) 

13:42 < armitage> ask for that :) 

13:42 < armitage> but wait 

13:42 < armitage> tflow is in comms with them 

13:42 < armitage> lets not fubar this 

13:42 we should try to get .ru back too 

13:42 gotta auction on that then :/ 

13:43 Okay here's my suggestion 

13:43 Main problem is the domain at this moment 

13:43 Request a .cn @ heihachi with whois protection 

13:43 and then raise funds 

13:43 for the server infrastructure 

13:43 and handle .ru 

13:44 < armitage> i think thats a good plan. i may fund another vps in the next days. 

13:44 I can handle setting up and whatever again 

13:44 since thats not public 

13:44 so i suppose it wont matter if i keep doing that atleast for now 

13:45 < armitage> Avunit, are you absolutely sure tackle/triumph dont log? they tell me my last login 

IP etc 

13:46 oh they do that yes 

13:46 standard linux motd 

13:46 lulz 

13:46 can change that easily 

13:46 < armitage> where was that stored? 


13:46 and obviously it has auth.log 

13:46 < armitage> i mean its only vpn .. but still 

13:46 otherwise i cant see login attempts either 

13:46 < armitage> k 

13:46 its in /var/log/auth.log 

13:46 < armitage> can you /dev/null that? 

13:47 Means i cant blacklist bruteforces. 

13:47 < armitage> i dont have root. 

13:48 if you really want to have that gone ill look into it 

13:48 but we got a lil bit more pressnig matters 

13:49 < armitage> just remove and ln -s to /dev/null .. adn yea, not that urgent 

13:50 tflow; status? 

13:51 on what? 

13:51 Tom Meier | Support 

13:51 Staff 16/02/2011 19:51 

13:51 Hello, 

13:51 as "full bullet proof domains" we can only offer: 

13:51 .com 

13:51 .net 

13:51 .org 

13:51 .cc 

13:51 .tv 

13:51 .name 

13:51 .info 

13:51 .mobi 

13:51 .biz 

13:51 .asia 

13:51 Looks like we also can't register it at eNom. 

13:51 Mit freundlichen Gruessen, 

13:51 Tom Meier 

13:51 ohhhhh 

13:51 LOL 

13:51 -!- Netsplit trust.operationfreedom.ru triumph.operationfreedom.ru quits: armitage 

13:51 when he said china 

13:51 he meant 

13:51 IN CHINA 

13:51 not .cn 

13:51 -.-" 

13:51 all those bulletproofs kinda suck :P 

13:52 which countries do you trust? 

13:53 ungh 

13:53 HATREEEED! 

13:54 .sg? .tw? .in? .jp? 

13:54 also: operationfreedomru domains are dead -- bad for our irc 

13:54 mh 

13:54 .sg .tw 

13:54 .cx? 

13:54 probably the better ones 

13:54 .ki? 


13:54 .cx more 

13:54 .cc ? 

13:54 .nu? 

13:54 what about that 

13:55 the rootkit dump is on .cc 

13:55 was never pulled 

13:55 also available 

13:55 .tl 

13:55 .cc is something we should keep in mind 

13:55 .mn 

13:55 .la 

13:55 .tm? 

13:56 .cx hosted goatse 

13:56 and then they kicked them off 

13:56 because it was too gross lol 

13:56 .cc hosts the rootkit.com mysql dump 

13:56 Please wait... Checking if TLD is available ANONLEAKS.CC $18.99 

13:56 Please wait... Checking if TLD is available ANONLEAKS.CX $45.49 

13:56 Please wait... Checking if TLD is available ANONLEAKS.IN $18.46 

13:56 Please wait... Checking if TLD is available ANONLEAKS.KI $1,299.48 

13:56 Please wait... Checking if TLD is available ANONLEAKS.LA $40.30 

13:56 Please wait... Checking if TLD is available ANONLEAKS.MN $57.20 

13:56 Please wait... Checking if TLD is available ANONLEAKS.NU $31.20 

13:56 Please wait... Checking if TLD is available ANONLEAKS.SG $44.85 

13:56 Please wait... Checking if TLD is available ANONLEAKS.TL $45.49 

13:56 Please wait... Checking if TLD is available ANONLEAKS.TM $126.62 

13:56 Please wait... Checking if TLD is available ANONLEAKS.TW $37.70 

13:56 Please wait... Checking if TLD is available ANONLEAKS.WS $14.81 

13:56 while the .com was was DMCAed, the cc wasnt 

13:56 and 18.99 is good 

13:56 .ki anyone? 

13:57 worth a shot imo 

13:57 18:56 Please wait... Checking if TLD is available IANONLEAKS.KI 

I$1,299.48 I 

13:57 what the hell 

13:57 lol 

13:57 LETS TAKE THAT! 

13:57 lulz 

13:57 or .tm 

13:57 .in is doable too though 

13:58 blegh wait, old british colony stuff 

13:58 tflow? 

13:58 .cc + .in 

13:58 cheap options 

13:58 .cn well.... 

13:58 would be the luxury option 

13:58 .ws is cheaper :p 

13:59 but eat all our monexy 

13:59 wait 



13:59 .in 

13:59 which registrar though? 

13:59 just got registered? 

13:59 it's all about the registrar 

13:59 heihachi i think 

13:59 via heihachi 

13:59 moniker 

13:59 heard good things about em 

13:59 do they comply with dmca? 

14:00 as far as i hear they dont pull stuff offline 

14:00 unless its child pr0n 

14:00 anti-dmca.com is registered with them too :P 

14:00 xD 

14:02 ive no idea about their payment options tho 

14:02 Avunit: hm where are you looking? 

14:02 moniker.com 

14:02 [19:59:48] moniker 

14:02 [19:59:54] heard good things about em 

14:02 [19:59:57] do they comply with dmca? 

14:02 [20:00:07] as far as i hear they dont pull stuff offline 

14:02 [20:00:10] unless its child pr0n 

14:02 [20:00:52] anti-dmca.com is registered with them too :P 

14:02 [20:00:53] xD 

14:02 [20:02:23] ive no idea about their payment options tho 

14:03 can only pay with paypal or creditcard tho 

14:03 >.< 

14:03 Pay using credit card on file 

14:03 Pay using a new credit card 

14:03 Pay with PayPal 

14:03 :/ 

14:04 yarr 

14:04 there's a way to convert paysafe into CC 

14:04 but meh 

14:04 thats .. sub-par i think 

14:04 costs money tpoo 

14:04 sec trying other host 

14:05 what happened to triumph? 

14:05 it 'died'? 

14:05 it went away at least 

14:05 .CN domain name registrants are required to submit the following documents for 

verification before the domain name can be registered. 

14:05 1. .CN Domain Application Form signed by authorized person and with company,s 

stamp. The Application Form can be downloaded here. 

14:05 2. Company Business License/Certificate (clear photocopy) 

14:05 3. Registrant contact person,s Identity Card (clear photocopy of both front & back 

side) 

14:05 

14:05 * Avunit sticks to .cc 


14:05 uhm, i dont think not if you do it via heihachi 

14:06 they will use their name or something 

14:06 or not? 

14:06 no you need to supply that 

14:06 but heihachi doesnt allow .cn 

14:06 oh heh okay 

14:06 i thought tflow got an offer? 

14:06 was it $60 or €60? 

14:06 it was on request 

14:07 no 

14:07 [18:51:25] Tom Meier | Support 

14:07 [18:51:25] Staff 16/02/2011 19:51 

14:07 [18:51:25] Hello, 

14:07 [18:51:25] as "full bullet proof domains" we can only offer: 

14:07 [18:51:25] .com 

14:07 [18:51:25] .net 

14:07 [18:51:25] .org 

14:07 [18:51:25] .cc 

14:07 [18:51:25] .tv 

14:07 [18:51:25] .name 

14:07 [18:51:25] .info 

14:07 [18:51:25] .mobi 

14:07 [18:51:25] .biz 

14:07 [18:51:25] .asia 

14:07 [18:51:25] Looks like we also can't register it at eNom. 

14:07 [18:51:25] Mit freundlichen Gruessen, 

14:07 [18:51:25] Tom Meier 

14:07 [18:51:34] ohhhhh 

14:07 [18:51:37] LOL 

14:07 [18:51:40] when he said china 

14:07 [18:51:42] he meant 

14:07 [18:51:42] * armitage (armitage@freeside.tessier-ashpool.org) Quit 

(trust.operationfreedom.ru triumph.operationfreedom.ru) 

14:07 [18:51:44] IN CHINA 

14:07 [18:51:46] not .cn 

14:07 .cc 

14:07 still my favorite then 

14:07 and lexi tries a .ch? 

14:08 katz doesn't have ch 

14:08 also we haz money left for 1-2 VPS 

14:08 ah damn 

14:08 and godaddy? 

14:10 godaddy = dmca ofc 

14:10 k 

14:10 .cc 1 E 40.00 EUR E 40.00 EUR E 40.00 EUR 

14:10 @ heihachi 

14:10 40? unf.. mhh. 

14:11 well still, 40 + 1 VPS 

14:11 in 1 E 25.00 EUR E 25.00 EUR E 25.00 EUR 


14:11 hmm 

14:11 Avunit, what happened to triumph? 

14:11 .in worked well for anonops so far? 

14:11 probably same as before 

14:11 err probably network issues 

14:11 was gone for about an hour or so 

14:11 times out 

14:12 I would PayPal you money if my PayPal didn't contain my actual dox 

14:12 :p 

14:12 well 

14:12 heihachi takes paysafe 

14:12 Okay let me just throw in a vote, .cc or .in? 

14:12 so no problem there 

14:13 .in obv... 

14:13 .in 

14:13 or? 

14:13 i mean.. i dont think its a difference 

14:13 .cc is more expensive cause it'S cooler 

14:13 btw 

14:13 i guess 

14:13 Avunit, we managed to contact the owner of anonleaks.org 

14:13 lexi can transfer the domain to prq 

14:13 really he will borrow it to us? 

14:13 that'S awesome 

14:13 dunno yet 

14:14 if so... then they are finally right 

14:14 haven't asked yet 

14:14 but just in contact 

14:14 ok we'll see. 

14:14 tflow; i got clearance to register anonleaks.in? 

14:14 Avunit: @ which registrar? 

14:14 but how about, we take anonleaks.in + 2 VPS for nameserver 

14:14 heihachi 

14:14 maybe for another irc leaf too :) 

14:14 Avunit: also, we need new domains for this irc 

14:14 Avunit: via eNom or their bulletproof thingy? 

14:14 their standard service 

14:15 marduk: can simply set an irc.anonleaks.in domani on that 

14:15 ok i'd say go ahead 

14:16 Avunit: yeah like that 

14:16 okay, i say we go for .in now 

14:16 any particular reason for .in though? 

14:16 .ru is gone 

14:16 cheapest 

14:16 €25 

14:16 so we have money left for VPS 

14:16 ah 

14:16 to run NS and possibly ircds 

14:16 what about .me? 


14:16 15 euros 

14:16 AnonLeaks Me 

14:16 oh lawd 

14:16 is it? 

14:17 sec lemmer ead about 

14:17 lol 

14:17 .me 


14:17 sounds good 

14:17 Yugoslavia ^.^ 

14:18 well Serbia now mainly 

14:18 but anonleaks.me might have a bad ring to it lol 

14:18 and it'S €15? 

14:18 well lets stick to .in then? 

14:18 fine with me. we have enough for that 

14:18 also order another vps 

14:18 for NS 

14:19 the rest of the funds i keep.. for .. whatever 

14:19 i got clearance to order? 

14:19 anonleaks.in (25€) + VPS (17?) 

14:19 please a VPS which is not on same rack as vlad/tacke lulz 

14:19 methinks we should buy proper dns 

14:20 how much is a "proper dns" which also is secure? 

14:20 Avunit: order domain only for now 

14:20 or actually.. i guess all we really need is a few primary dns servers + some secondary 

14:20 we can add VPS later anyway, if we need to 

14:20 well 

14:20 but all domains are dead 

14:20 we need nameservers 

14:20 we need one asap 

14:20 so far we have tackle 

14:21 we got any other nameservers ready? 

14:21 that why i suggested taking at least one more VPS 

14:21 just as backup 

14:21 we can still hunt for proper dns 

14:21 .in sounds proper to me? 

14:22 uhm didnt you say it just got regged btw? 

14:23 probably fail @ the javascript check 

14:23 ah k 

14:23 because i just got a big fat green 'its free!' 

14:23 well, yes. get the domain 

14:23 only domain or vps too? 

14:23 tflow: what you think? one more heihachi VPS? 

14:23 we only have tackle atm as a nameserver ready thing 

14:23 that was €17?/m? 

14:23 erhm lemme check 

14:23 ok, so what's the budget? 

14:24 how much do we have to burn/ 

14:24 for heihachi or rather paysafe i can fund €65 


14:24 obv.. i dont wanna spend all right now 

14:24 domain is €25 

14:24 11 for cheapest vps 

14:25 for NS that should be fine 

14:25 no ircd there 

14:25 just NS? 

14:25 ircd could run on it too even, but good enough for just NS yes 

14:25 then i say get domain and a chapass vps 

14:26 Domain (25) + vps (11) and then do fundraising? 

14:26 is there still money left on the account? 

14:26 5 

14:26 yeah i have funds now 

14:26 excellect 

14:26 then i give you 30 

14:26 arh damn 

14:27 that wont make it :P 

14:27 lol, €1 missing 

14:27 well 40 then. 

14:27 leaves me with 25€ 

14:32 -!- marduk is now known as armitage 

14:32 -!- armitage is now known as bla 

14:32 -!- bla is now known as armitage 

14:32 -!- armitage [marduk@eridu.sumer] has quit [Changing ident] 

14:32 -!- armitage [armitage@eridu.sumer] has joined #hq 


14:32 -!- armitage [armitage@eridu.sumer] has quit [Changing host] 



14:36 btw 

14:36 we really need to focus on getting .ru back 

14:36 cup of tea brb 

14:37 tflow: yes, how? 

14:37 tflow: i ordered .in and we'll have 2 nameservers, lets do some fundraising? 

14:37 what the fuck happened anyway? 

14:37 so we can auction .ru (wont be expensive) and get the infrastructure done 

14:37 5 secs brb 

14:37 well how did it went in aution? 

14:38 how do we get .ru back? 

14:38 if we have to auction it back every week, that's not the idea i had in mind heh 

14:38 http://auction.nic.ru/en/ 

14:38 anonleaks isn't even there yet 

14:41 well.. we kinda should find out what happened first, no? 

14:41 armitage 

14:41 wasnt it paid? did it expire? 

14:41 we know. 

14:41 atleast 

14:41 oh? 

14:41 we sort of know 

14:41 but 


14:41 we got no official statement 

14:41 so what do we think? 

14:41 untill then it wont be on auction either 

14:43 http://nic.ru/dns/domain/en/rf.html 

14:43 wtf is that lol 

14:44 http://кц.рф/en/ 

14:44 cyrillic 

14:44 there are arabic domains too 

14:44 pretty confusing 

14:44 xn--foo 

14:45 just had connection to triumph.. 

14:45 cyrillic .ru 

14:45 for a second 

14:45 lol 

14:45 now no route 

14:45 anonleaks.su ? 

14:45 Gelesen & Bearbeitung geplant 

14:45 well they read it :p 

14:45 hmm. 

14:46 probably not until tomorrow :/ 

14:47 tflow: you leeching the tarball for seeding? 

14:48 no route to host maximum powah 

14:49 http://hbgary.anonleaks.ru/aaron_hbgary_com/ 

14:49 works again :o 

14:49 something is a bit weird 

15:11 * Avunit waits 

15:12 * armitage waits along 

15:13 f5f5f5 

15:13 http://hbgary.leakmirror.org/ 

15:14 :P 

15:16 In Progress 

15:16 ^ 

15:16 we're making progress 

15:17 yay 

15:17 and we have working mirror again. and the avunit is back! 

15:17 * armitage feels much better this evening 

15:22 cant reach 

15:22 heihachi.net T__________T 

15:23 brb 


15:59 < marduk> !aop add molly 

15:59 < marduk> wat? 

15:59 < marduk> !deop del molly 

16:02 deop del molly? 

16:02 lulz? 

16:02 < marduk> yeh meh, wrong chan 

16:02 < marduk> doesnt matter 

16:02 < marduk> wasnt regged anyway 

16:03 iz molly 


16:03 ur girlfriend? 

16:03 < marduk> kinda :) 

16:03 < marduk> the nick i use on triumph for anonops 

16:04 < marduk> tackle=armitage, triumph=molly 

16:04 lol 

16:05 < marduk> hmm tflow 

16:05 GUIS GUIS GUIS 

16:05 [22:02:39] Backing up databases 

16:05 we got backup of databases 

16:05 :I 

16:05 < marduk> triumph is up. and anonleaks.ru is up, too 

16:06 < marduk> doesnt it always backup? :o 

16:06 < marduk> ah right 

16:06 < marduk> hmm i think i make it easier for all 

16:06 -!- marduk is now known as molly 

16:06 yeah lol :P 

16:06 it does 

16:07 like well every X hours 

16:07 < molly> so.. that wasn't really important :p 

16:07 not at all, tbh. 

16:08 < molly> kk :) 

16:11 < molly> tflow, can you add molly (y/anone) to #reporter AOP? owen that meany set that to level 

11 :p 

16:12 < molly> i want to keep two nick groups for .. ease of maintainance 

16:12 ^ 

16:12 he's pretending to be a girl 

16:12 on this nick. 

16:12 Don't fall for ti. 

16:12 < molly> hey, that always works 

16:12 < molly> even if ppl know i'm a guy. girlish nicks give an edge 

16:13 < molly> especially if i make sad smileys :( 

16:13 :3 works better 

16:13 < molly> :) 

16:16 -!- molly [marduk@eridu.sumer] has quit [Changing ident] 

16:16 -!- molly [millions@eridu.sumer] has joined #hq 

16:16 -!- molly [millions@eridu.sumer] has quit [Changing host] 

16:16 -!- molly [millions@freeside.tessier-ashpool.org] has joined #hq 

16:19 Avunit 

16:20 is it possible that the account is just locked 

16:20 not deleted 

16:20 for anonleaks.r 

16:20 .ru 

16:20 maybe you need to contact them 

16:20 nah 

16:20 the account is still there 

16:20 just the domains are removed from it 

16:20 and ownership transferred 

16:21 ownership transferred to who? 

16:21 nic.ru? 


16:21 ANO "Regional Network Information Center" 

16:21 aka nic 

16:21 didn't they at least email you? 

16:21 < molly> it's all a bit strange.. 

16:22 well i got an e-mail 

16:22 that 

16:22 ownership was transferred 

16:22 . 

16:22 and thats an automated one :P 

16:23 < molly> hmm. 

16:23 lemme check now 

16:23 plz contact them 

16:23 Contacts 

16:23 Telephone:+7 (495) 994-46-01, +7 (495) 737-06-01 

16:23 Fax: +7 (495) 737-06-02 

16:23 Working hours: 9:00-19:00 MSK (Monday-Friday) 

16:23 E-mail addresses: 

16:23 ru-ncc@nic.ru — .RU, .РФ, .SU, .NET.RU, .ORG.RU, .PP.RU, .COM.RU domain 

names 

16:23 tld-ncc@nic.ru — .NET, .COM, .ORG, .BIZ, .INFO, .CC, .TV, .ME domain names 

16:23 ru-cont@nic.ru — information regarding conclusion of the Service Agreement 

16:23 ru-bill@nic.ru — information regarding billing procedures 

16:23 support@nic.ru — technical support of additional services 

16:26 Dear Sirs, 

16:26 The domain ANONLEAKS.COM Administrator (Owner) has been changed. 

16:26 Previous Administrator: 

16:26 David Gottlieb 

16:26 New Administrator: 

16:26 ANO "Regional Network Information Center" 

16:26 Service renewal will be possible in at least one day. 

16:26 we all know thatll be useless tflow, since they are probably right 

16:26 and it wont quite help us if i go poke on that identity about it 

16:28 it's worth a shot... 

16:28 lexi is willing to use his identity temporarily 

16:29 plus it doesn't show in the whois anyway 

16:29 no bu ti mean 

16:29 if its about yknow illegal registrants n shit 

16:29 being the fraud person 

16:29 doesnt qutie help then :P 

16:29 well 

16:30 you could at least ask them why they did it first 

16:30 *obviously* 

16:30 Do I look like that's not the first thing I did? :P 

16:31 oh payment processing at heihachi is done 

16:31 awaiting activation of services now 

16:33 whee 

16:34 !aop add molly 

16:34 -!- mode/#hq [+o molly] by HQBot 

16:50 !aop add nessuno 


16:50 !invite nessuno 

16:50 !isla.operationfreedom.ru *** HQBot invited Nessuno into the channel 

16:50 -HQBot:#hq- Nessuno was invited to the channel. 

16:52 -!- Nessuno [fag@fagz.fagz] has joined #hq 

16:52 -!- mode/#hq [+o Nessuno] by HQBot 

16:52 yay 

16:52 ty 

17:19 av can you tell me isla, triangle, twisted IPs? 

17:21 btw what happened with the opfreedom domain, same as with anonleaks.ru? 

19:02 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @armitage, 

@Nessuno, @tflow 

21:37 Topiary, Sabu btw 

21:37 woah 

21:37 fakegregghoush 

21:37 twitter 

21:37 Hmm, yes 

21:37 that is @dstufft 

21:37 it is 

21:37 yep 

21:37 gregg told me :p 

21:37 Gregg told me quite some time ago, heh 

21:38 though considering we've had a Skype conference open with a few others since 

November, information is spread quick 

21:38 yeah well, i usually ignore trolls so i wouldnt care 

21:38 just that one caught my attention. although av said we should drop it 

21:39 there are a number of trolls going right now, he's just trying to rile up attention from 

AnonymousIRC desperately 

21:39 I wouldn't respond 

21:39 I only respond to him on mine to poke fun, troll, or act neutral 

21:39 that's the best way to piss trolls off 

21:40 i did now once. 

21:40 i'm in the mood. 

21:40 also.. it's relatively riskless 

21:41 on the side of HBGary you will get buried :) 

21:43 link him to an image with a bit URL of "I ain't even mad" 

21:43 I've done it with "feels good man" 

21:44 http://bit.ly/e3rd3E 

21:44 here 

21:44 that's rather your style. i used a bit induced rage with a tiny amount of doubt about 

his information 

21:45 damn, but that would be thewins 

21:45 why don't you reply then :p 

21:45 i already did reply once.. second one is lame on my end 

21:45 because I already sent him a bit URL of "feels good man" 

21:45 if you send him that one I just linked 

21:46 ahh 

21:46 ok 

21:46 he will be royally pissed 



21:46 any accompying text? 

21:46 Just @him http://bit.ly/e3rd3E 

21:46 it will be the lulz 

21:47 ah he replied, okay then 

21:47 :) 

21:47 heh, thought you noticed 

21:47 my twitterfall is slow :) 

21:48 scanning hbgary and anonleaks 

21:48 plus my timeline 

21:49 that's hilarious though, I love using twitter to send shortened URLs of reaction 

images 

21:50 it shuts arguments down in seconds 

21:52 but now enough of this. 

21:52 more relevant tweets! :p 

21:53 it was ./ed again 

21:53 http://it.slashdot.org/story/11/02/17/0041208/Anatomy-of-the-HBGary-Hack? 

from=rss 

22:03 sorry got disconnected 

22:03 after my url 

22:06 http://twitter.com/#!/hypeonmedia 

22:06 aaron? 

22:06 :p 

22:06 hm rather one of the trolls 

22:06 i see he follows dstufft and jester 


22:08 mm 

22:28 Jester follows HBGaryPR and dstufft 

22:28 http://cryptome.org/0003/anon-surpass-wl.htm 

22:28 hmm 

22:29 hmm regarding jester( 

22:29 him and his faggots have gone really quiet 

22:30 the main dude that trolls has been offline since the superbowl 

22:30 funny timing heh 

22:30 hmm 

22:30 you know that aaron wanted to expose us 

22:30 fits well together with jesters stuff actually 

22:31 plus their research is about similar crap 

22:36 and didn't they both have military involvement? 

22:40 yes 

22:42 If Jester is Barr I will laugh so hard 

22:43 oh lawd, should have tried logging into Jester's twitter with Aaron's pass 

22:43 nah. i dont think so 

22:43 but barr may be well related to RJackSix 

22:44 i dont think that barr would ddos jihad sites and tweet about it 

22:44 i really doubt that 

22:45 seems suspicious that most of Jester's main followers (@tyrkoil for example) have 

shut completely up 

22:46 we should spai on Jester's IRC channel 

22:46 uh not me 


22:46 i had enough of this crap 

22:46 also.. no relevant info will be exchanged threr 

22:46 I'll just boot up a separate mIRC and lurk in there 

22:46 if at all, then misonformation 

22:48 and i still dont get what this fb dude wants 

22:49 I'm lurking in there now, I won't say anything but will relay any logs that mention 

us 

22:49 just to have extra knowledge 

22:51 i find this guy highly suspicious 

23:26 [04:13] #opclueless 11 users - Operation Clueless - Helping anons 

prosecuted by governments. 

23:27 actually there is an +s chan for that .. but well :) 

23:28 they're mainly talking about us 

23:28 nothing of note yet 

23:28 meh coming. 

23:29 hmm what identity.... 

23:29 *that* one 

23:31 I'm totally joining under Topiary on a separate VPN 

23:31 and just gonna see if they know who I am 

23:31 for lulz 

23:31 heh 

23:31 [04:31] * Topiary (~topiary@84.19.169.162) has joined #jester 

23:32 two clones in there, one VPN on CZ, one non-VPN on mIRC 

23:32 well not really clones in that case 

23:32 but you know 

23:35 another thing 

23:35 which always had me wondering 

23:36 in one of aarons anonymous docs 

23:36 he has one of my exit nodes 

23:36 which is quite interesting 

23:36 because here they wouldnt show 

23:36 unless they cracked the hash... 

23:36 but on 2600.net they do show... 

23:36 and i was there unmasked as q 

23:36 when i talked to rjsix 

23:42 Are you in there? 

23:42 sure :p 

23:46 hi 

23:46 Hi Laurelai 

23:46 [04:46:26] well, i might risk of getting banned but i am really 

kinda curious, didnt jester want to bring down anonymous and now.. it uh, somehow they took down 

one of the players in his turf? what happened there? 

23:46 is this you q? 

23:47 Laurelai: http://twitter.com/#!/Narganon/status/38074247070875648 

23:47 this man/woman is "going after" you after he's done with "going after" me 

23:47 * Topiary shrugs 

23:47 yep of course 

23:48 who else could i be, bobody else joined and stayed 

23:48 excpet chatterbox 


23:48 Topiary: what 

23:48 he's talking about finding us IRL I believe 

23:48 what the hell have i ever done to this guy 

23:50 you exist and he's bored 

23:50 that's all there is to it 

23:50 well i wish him good luck heh 

23:50 because I don't know him either 

23:50 well actually there are about 6 different accounts on twitter tweeting about me 

23:50 three are trying to dox me, one is constantly telling the media that I'm the leader of 

Anonymous, another is just spouting general hate, and the final one is urging people to dox Anons 

including me 

23:51 is February when trolls get bored the most? 

23:51 lol 

23:51 is it something in the air? 

23:51 nice tag team 

23:51 it's probably a cia psyops 

23:51 would be adequate regarding quality 

23:55 and im not exactly hiding who i am 

23:56 if he wants to come to my house and make an issue hes more than welcome to 

meet both barrels of my home security system :) 

--- Day changed Thu Feb 17 2011 

00:01 Topiary: hm 

00:01 I don't know what I'm doing in the chan 

00:01 chance to get som intel on that dstufft+xy? 

00:01 you're doing great :p 

00:01 I know exactly who dstufft is 

00:02 I have all their dox 

00:02 It's six people 

00:02 oh those six? 

00:02 It's the same six from chanology - apparently they have something planned for this 

Saturday (19th) 

00:02 Most likely a drop of what they think is dox. 

00:03 yawns. i wonder who i am this time, or likely they will neglect me. 

00:05 Topiary: see -staff 

00:06 I really don't trust the new dude in there 

00:06 so 

00:06 its the people from chanology doing this?? 

00:07 Laurelai: it's the six fags lead by Jennifer Emick 

00:07 HOLY FUCKING BALL 

00:07 I KNOW THAT CUNT 

00:08 oh forgot you're also here 

00:08 :) 

00:08 molly: I'm going to make everyone in #jester love me so hard 

00:08 look at that motherfucking respect I'm getting already 

00:08 dumb motherfuckers 

00:08 interesting strategy :) 

00:09 encyclopediadramatica.com/Jennifer_Emick 

00:10 .oO 

00:10 what did i get into here 


00:10 if that bitch is behind this 

00:11 then i got some friends who might be willing to help 

00:12 I don't know her exact new address after she moved 

00:13 if we bring her down, the whole group will fail 

00:15 http://pipl.com/directory/people/Jennifer/Emick 

00:15 Jennifer Emick, Age 39, 4121 Wakefield Loop, Fremont, CA... 

00:19 Topiary: 05:17 < anon1101> btw, let me be clear that I'm not Narganon.. just trying 

to be helpful. 

00:19 #reporter 

00:19 wut? 

00:19 http://piratepad.net/V6UQH9WSXu 

00:34 i'll need sleep :) 


04:15 Topiary: they arent behind it 

04:15 at all 

04:16 you got PA'ed 

04:16 and i think i know by who 


08:18 anyone awake 

08:37 hi 

08:37 just woke up 

08:39 mhh 

08:39 what happened? 

08:51 molly 

08:51 that piratepad 

08:51 is full of info for people who had nothing to do with anything 

08:51 you all have been PA'ed 

08:52 uhm i had not to do anything with that pad 

08:52 i wasnt claiming you did 

08:52 plus, i was not bothered by these people either 

08:52 im just informing everyone 

08:52 yup, that would be for Topiary 

08:52 that something alot more sinister is going on 

08:52 hm? 

08:53 does anyone know what 

08:53 i dont think dstufft and co are a problem 

08:53 marblecake means 

08:53 you mean what we did with HBGary? 

08:53 c0s told HBgary my infos 

08:54 c0s? why would he do that? 

08:54 and has been after my info for the past week 

08:54 because 

08:54 hes gregg houshe 

08:54 i know.. and? 

08:54 and hes one of those people who thinks he can control anonymous 

08:54 you dont know do you 

08:54 gods blood you dont know 

08:55 that strikes me as most strange; i talked to him a couple of times 

08:55 he did not see to want to control anything 


08:55 yes hes very manipulative 

08:56 cause i jsut talked to jen on the phone 

08:56 and SP on skype 

08:56 and they have no idea whats going on 

08:56 and i know them 

08:56 they cant hack 

08:56 they dont know how 

08:57 they dont even care about anonops 

08:57 well, i still don't understand what is the goal of this thing? 

08:57 to get at me 

08:57 because 

08:57 mmh. 

08:57 lol he is pissed at me 

08:57 has been for years 

08:59 its all just a childish grudge 

08:59 well i dont know, i told him about dstufft and that we know his nick on anonnet; 

which he seemed to did not know 

08:59 well then if it's only that.. ignore the trolls? 

08:59 he runs a business with dstufft 

08:59 he does? 

08:59 yes 

08:59 dstufft is daemon 

08:59 he knows daemon 

08:59 i know he does 

08:59 mhh he says dstufft hates him; also usus an anti-gregghoush twitter now 

08:59 all for disguise? 

09:00 hmm didnt know that 

09:00 http://twitter.com/#!/fakegregghoush 

09:00 this one is dstufft 

09:00 no 

09:00 according to gregg. 

09:00 lol 

09:00 http://twitter.com/#!/dstufft 

09:01 thats dstufft 

09:01 gregg says they are the same. now why would he lie about that? this would be found 

out easily 

09:01 i dont know 

09:01 but i think 

09:01 we should take a stronger look at everything 

09:01 can you tell me how you know/thin that gregg passed you data along? 

09:01 oh yes, i already do that 

09:02 because jen told me over the phone 

09:02 i can move relatively safe cause none of the bastards has any idea who i am 

09:02 because she says people from anonops have been harrasing her 

09:02 ah okay.. mhh maybe it was some comm fuckup 

09:02 i will talk to gregg if the time is good; obviously not telling him what you said 

09:02 ok 

09:02 but see if i can get some info from him w/o saying aynthing more 

09:02 so we can see if it matches/checks out 


09:03 i mean yeah jens a little weird 

09:03 but shes harmless 

09:04 highoverlord 

09:04 hes a brain dammaged vet 

09:04 ive met him irl 

09:04 oh that chick we talked yesterday about 

09:04 the one on ED? 

09:04 yeah 

09:04 k 

09:04 highoverlord doesnt even know what time it is most of the time 

09:04 hes nice 

09:05 just has brain dammage 

09:05 well i don't know any of these ppl 

09:05 usually tayed away from such groups heh 

09:05 yeah 

09:05 they were all people who worked with me when i did stuff for chanology 

09:05 all of them 

09:05 but well, if some ppl know your dox anyway.. whats the pressure on you? 

09:06 there sint 

09:06 really 

09:06 i dont hide who i am 

09:06 but 

09:06 so it's only to annoy you? 

09:06 whats the goal? 

09:06 it just makes me think 

09:06 thats what i am trying to figure our 

09:06 what are they trying to accomplish 

09:06 most likely: they think it annoys you, makes you panic/cry whatever 

09:06 lol 

09:06 typical trolls 

09:06 i post my name on my twitter 

09:06 and facebook 

09:07 lol? 

09:07 and i dont care 

09:07 lol 

09:07 okay 

09:07 didnt know you were that blatant :) 

09:07 im *not* anonymous 

09:07 im a reporter 

09:07 lol 

09:07 well, probably the best we can do is to ignore that stuff and dont waste any time on it 

09:08 and by the way YAAAAY for anonleaks.ch :) 

09:08 yeah but i know c0s 

09:08 ill try to find sth out via him 

09:08 i know if you ignore him he doesnt go away 

09:08 he just stabs you in the back 

09:08 he doesnt know me really, so this is a good think 

09:08 if he is what you say 

09:08 he would want to know more 


09:08 i throw him a piece of meat and see what happens 

09:08 ok 

09:08 :) 


09:09 Gregg Housh is the one that told us that Jennifer Emick was @dstufft 

09:09 so hm vlad/tackle still down. or rather again; tflow popped up. 

09:10 so either he is outright lying there.. but that would be quite risky 

09:10 if it's wrong it will be detected soon and he lose cred 

09:10 or maybe he is simply wrong. 

09:10 Topiary: hes lying to you 

09:11 jen cant hack 

09:11 lol 

09:11 Topiary: hes using you 

09:11 lol 

09:11 he also notes that Jen and the fags sign onto Skype every time @fakegregghoush 

comes online on twitter 

09:11 Topiary 

09:11 all dstufft did was parsing public whois info. doesnt even have to be done himself; 

could have just been relayed info 

09:11 why do you think 

09:11 just sayinf 

09:11 all of those people 

09:11 are people i know 

09:12 sorry brb 

09:12 Topiary: highoverlord is a brain dammaged veteran 

09:12 jen 

09:12 jen just talks alot 

09:12 and is sometimes annoying 

09:12 SP 

09:12 Sp is just some paranoid brit who hates scientology 

09:12 reylt 

09:13 is borderline retarded 

09:13 Topiary: i talked to all of them they dont know whats going on 

09:13 but 

09:13 they know 

09:13 gregg keeps coming after them 

09:14 because of the stuff they helped me with back in the day 

09:14 Topiary: do you know about marblecake 

09:14 not particularly 

09:15 gregg is the leader of a group who thinks they can control anonymous 

09:15 they are called marblecake 

09:15 All I know is of the IRC channel simply called #marblecake 

09:15 we discovered this during the early days of chanology 

09:15 back in chanology 

09:15 and exposed them 

09:15 and aftert hat 

09:15 that* 

09:16 he did everything in his power to drive us off/dox us ect.. 

09:17 he will sell out anyone and everyone for personal gain too 


09:17 well sorry but lol 

09:17 "gregg is the leader of a group who thinks they can control anonymous" 

09:17 if he is, then just ignore him? 

09:17 obviously it's bullshit 

09:17 because he manipulates people 

09:17 look what he had Topiary ready to do 

09:17 to do what? 

09:17 hm what did he do? 

09:18 hes the one that told Topiary that jen and them were behind this crap 

09:18 so far nothing happened as far as i can tell 

09:18 when they werent 

09:18 well, obviously we dont know for sure yet who is behin who on twitter etc 

09:18 but the more i hear of this 

09:18 the more i realize how childish this is 

09:18 yeah 

09:18 Laurelai: I was a bit suspicious of how much he pushed the issue 

09:18 lol 

09:18 he seemed too aggressive with it 

09:18 and i have better stuff to do. however, i will try to SE gregg a bit 

09:19 but in any case, I don't give a shit about faggots versus faggots form chanology 

days 

09:19 so it can be whoever 

09:19 Topiary: thank you 

09:19 thats all i ask is you dont give a shit 

09:19 and lets all go back to raping iran 

09:19 * molly doesn't either. i am just a bit intrigued about Gregg now 

09:22 both sides are obviously pretty butthurt over banning each other on forums, trying 

to fuck with each other, then thinking their situation is so important (pretentious dicks, all of them) that 

they can drag all Anon operations into it 

09:22 I give no shit about their drama, herp derp IPs, herp derp dox, herp bans 

09:23 then there is some kind of competition between anonnet and anonops? 

09:23 i never was on anonnet though 

09:24 molly: yeah i wasnt part of that either 

09:24 this goes back further 

09:24 * molly is newfag 

09:26 I was around back then, just not paying attention to arrogant faggots spouting shit 

at other arrogant faggots 

09:26 Topiary: was prolly a good idea 

09:26 in retrospect i should have done the same 

09:27 thats why i just write articles and give ideas 

09:27 TBH all of them are twats 

09:27 yep 

09:29 I trust Gregg in a sense; naturally I don't trust him about random things, but perhaps 

thought he wasn't bullshitting about the Jennifer thing 

09:29 doesn't make a different to me either way 

09:29 *difference 

09:29 wouldn't make a difference to me if you were secretly Jennifer Emick playing the 

double-troll 

09:29 really this shit affects nothing 


09:30 well lol 

09:30 im not 

09:30 my name actually is Laurelai 

09:30 "a pylon that moved up" as described on twitter by the trolls 

09:30 that's you 

09:30 and I am a, err, 

09:31 "pretentious twat hipster vag" 

09:31 or something along those lines. 

09:31 lol 

09:31 oh 

09:31 dude 

09:31 haha 

09:31 i dont think your a hipster 

09:31 :p 

09:32 they think I'm a hipster because they've seen an OKCupid profile of some faggot 

they think is me 

09:32 in fairness he's pretty hipster 

09:32 lol 

09:32 but hey, still a pretentious twat vag, 3/4 ain't bad 

09:32 lol 

09:33 you are ok by me 

09:33 if that means anything from a pylon 

09:33 :p 

09:33 I'm reminded of the movie Lucky Number Slevin 

09:34 ever seen it? 

09:35 nope 

09:35 shit, can't make my awesome analogy 

09:35 ill watch it tomorrow 

09:36 im gonna read the dalilammas twitter for a bit and go to bed 

09:37 enjoy 


09:53 still around? 



12:32 ui wow 

12:32 wb tackle 


12:41 < armitage> yay 

13:21 !isla.operationfreedom.ru *** HQBot invited Nessuno834 into the channel 

13:22 -!- Nessuno834 [nessuno@HA-6c4.s5e.qempvl.IP] has joined #hq 



13:39 !isla.operationfreedom.ru *** HQBot invited Topiary into the channel 



14:14 -!- molly [millions@freeside.tessier-ashpool.org] has quit [Quit: Changing server] 

14:17 -!- molly [millions@freeside.tessier-ashpool.org] has joined #hq 

14:17 -!- mode/#hq [+o molly] by HQBot 

14:17 J opfreedom 


14:38 Laurelai: anything new with this twittertroll thing? 

14:38 [19:35:56] Topiary: Gregg did you give Laurelai's information to HBGary? 

14:38 [19:36:11] Emily: Who is Laurelai 

14:38 [19:36:17] Emily: Other than a "transgendered bitch" 

14:39 [19:37:04] Gregg: no idea 

14:39 [19:37:10] Gregg: seems to just be some person on anonops? 

14:41 from anonnet? 

14:43 I've never been on anonnet. 

14:43 from where then? 

14:43 That's from Skype. 

14:43 ah 

14:48 laurelai you a trap 

14:49 -!- Nessuno834 is now known as Nessuno 

14:50 Heh, I don't trust any of these chanology "hurr Anon must be controlled" niggers 

14:50 all in the same boat, whether they're trying to dox us or trying to make us dox their 

opponents 

14:53 I know it's ironic but I think a brief encounter with fresh air might clear their 

retardation 

14:53 who topiary? 

14:54 anyone involved in chanology/marblecake/herpderp who pick at each other because 

they're butthurt over years of forum bans and petty arguments that change nothing 

14:55 it honestly does not go deeper than that 

14:57 I mean, if they all met up in a big room, it wouldn't be a scrap resulting in fatalities, 

it would be a series of awkward glances and having nothing to say or do 

14:57 Internets is srs bsns, and with that I am going to iron some clothes 

14:58 yup, thats why its best to ignore all this crap 

15:08 tflow, ? 

16:21 mhh Sabu so quiet.... 

17:15 !aop add evey 

17:15 gnah 

17:16 < armitage> !aop add ivey 

17:16 < armitage> !aop addevey 

17:16 < armitage> !aop add evey 

17:16 !invite evey 

17:16 !isla.operationfreedom.ru *** HQBot invited evey into the channel 

17:16 -HQBot:#hq- evey was invited to the channel. 

17:16 -!- evey [ouija@HA-b0c.smh.b454mb.IP] has joined #hq 

17:16 -!- mode/#hq [+o evey] by HQBot 

17:18 but yeah evey 

17:18 a domain would be good 

17:18 read the thing in the topic 

17:18 i need to get all the ips,sec 

17:18 !isla.operationfreedom.ru *** HQBot invited kayla into the channel 



17:19 *hugs* :D 

17:19 hi kayla 

17:19 hey evey :D 

17:19 evey == lexi 


17:19 well.. sorta anyway 

17:19 :) 

17:19 ? 

17:21 ungf 

17:21 tflow, where do i find them 

17:21 i need isla, twisted and triangle IP 

17:21 kayla: I guess I'm a diff person that I was yesterday :) 

17:21 i only have tackle and triumpg 

17:22 tho triangle and twisted are missing :S 

17:22 evey, well can you add tackle and triumph for now? 

17:22 kk 

17:22 evey what do you mean? 

17:22 what IPs 

17:22 and what is the name of the A record 

17:22 tackle: 77.91.227.237 

17:22 triumph: 77.91.225.168 

17:23 is sabu here? 

17:23 haven't seen him talk today 

17:24 kayla: well I disappeared all records I could disappear easily of me on the internet... in 

a month or so I should be difficult to find on google 

17:24 the way I figure it 

17:24 my life is now about doing internet activism 

17:24 so I don't need a linkedin anymore 

17:24 which reminds me 

17:25 My life is about eating cake 

17:25 http://twitter.com/hypeonmedia

17:28 irc admins 

17:28 lol 

17:28 yeah.. but we're still waiting 

17:28 for our Ladas 

17:28 You've never been in the Topiarymobile? 

17:29 company cars are black vans. they may come unexpected.. 

17:29 no I don't exist in RL so.. I can't get into cars 

17:29 I work for the TLA... we have pink helicopters 

17:30 the bad guys are so disconcerted by our colours that they stand still 

17:30 so we can black bag them 

17:30 uuuuuhhh hello kitty apaches? 

17:30 ya 

17:30 * molly wants one, too 

17:31 my daddy didn't buy me a pony so I had him sent to a secret prison in poland 

17:32 I wonder how they found out there is 3000 renditions a year 

17:33 http://emptywheel.firedoglake.com/2011/02/16/chet-uber-contacted-hbgary-beforehe-publicized-his-role-in-turning-in-bradley-manning/ 

17:33 oooooh 

17:33 my daddy didn't buy me an icecream so i had him sent to guatanamo bay 

17:33 :3 

17:34 said he luv his new orange suit :3 

17:34 Wow 

17:34 MORE OUT OF THE PANDORA'S BOX 

17:34 thx kayla

17:51 DNS is hosted by PRQ 

17:52 for anonleaks.ch 

17:52 which reminds me... 

17:52 oh that is old 

17:52 and the server is managed by semisecure folks 

17:52 http://bofh.ch/bofh/bofh6.html 

17:52

18:11 *down 

18:11 no 

18:11 rather than XXX.XXX.XXX.XXX 

18:11 i am on triumph 

18:11 is down 

18:11 yeah I know it is not down 

18:11 oh 

18:11 I'm giving an example 

18:11 vlad 

18:11 sec 

18:11 kk ty 

18:11 name = vlad 

18:11 why, just for internal reference? ;-) 

18:12 well actually unless you have an objection I would like to add A records 

18:12 to each machine 

18:12 so I don't have to remember IP addresses 

18:12 :) 

18:13 vlad.anonops.net resolves to it 

18:13 if that's what you mean 

18:13 also 

18:14 i suggest setting the ttl to something like 5-10 minutes 

18:14 yeah? 

18:14 why? 

18:15 well 

18:15 cause that just means that if the DNS goes down 

18:15 then it's gone really quick 

18:15 sometime in the future we might have to be constantly on the move 

18:15 hm 

18:15 true 

18:15 what's the ttl now? 

18:18 erm.. 

18:18 I didn't change the ttl 

18:18 so it just says - 

18:20 I can't seem to resolve hbgary.anonleaks.ch atm. 

18:20 also I have 301 redirected everything from anonleaks.ru to .ch 

18:20 so seo juice should be flowing in soon 

18:21 i.e. hbgary.anonleaks.ru/abc will redirect to hbgary.anonleaks.ch/abc 

18:25 hmmm need to speak to sabu ;/ 

18:26 if someone see sabu let me know :D 

18:27 okay back 

18:27 kayla: use memoserv? 

18:28 ill just wait for him to come online :) 

18:28 evey, tflow so are tackle/triumph rechable directly via domain now? 

18:29 well it seems that there is no nameservers set for operationfreedom.ru 

18:29 only for anonleaks.ru for some reason 

18:30 whatever happened to that domain anyway? 

18:30 changed ownership 

18:30 same as anonleaks? 

18:30 (yeah i can look...) 


18:30 hi kayla 

18:30 yah.. e-mail: auction@nic.ru 

18:30 hm. 

18:31 yes, they have changed the ns back 

18:31 for anonleaks.ru they didn't bother heh 

18:32 Laurelai :D

20:18 what is defcon like? 

20:18 when is it? 

20:19 july/august weekend usually 

20:20 after that is cccamp 

20:20 2 weeks after 

20:28 go2 defcon, fuck shit up 

20:29 hehe 

20:29 good old flyers 

20:30 defcon is just a cool party 

20:30 never go to talks. maybe 1. 

20:30 if a VERY good friend is holding one 

20:33 kayla are u a beautiful disaster? 

20:33 whats tht suposed to mean xD thats like =! 

20:33 beautiful and disaster ? 

20:33 xD 

20:34 i sure do love to make a mess of things :3 

20:34 :D 

20:37 http://hbgary.com/hbgary_letter_021711_final.pdf 

20:37 xyrix 

20:38 OMG 

20:38 they are fail 

20:46 lol i hacked xyrix, i took all his accounts back when those fags took 4chans DNS 

20:46 i used his accounts to troll various IRCOP's so hard tht they thought me = xyrix and 

added me to his ed page lol, i lol'd and left it as it is as a reminder of WB's failure 

20:46 we had cele crying on the phone 

20:48 With regard to some of the information that came to light as a result of the publishing 

of stolen information, I want to assure you that your HBGary team did not participate in the 

development of the proposals that have been the focus of media attention. As most of you know, 

HBGary, Inc. and HBGary Federal are separate companies and have different management. The media 

confusion around this point has been unfortunate and we have been working diligently to correct it. 

20:48 lol at them now trying to distance themselfs from federal 

20:48 hahahahaha 

20:48 but gre and them all knew what was happening 

20:48 as i tweeted 

20:48 so they are stil to blame 

20:49 "we lack words" 

20:49 i mean by the emails it's fucking clear they were ALL fucking involved 

20:49 there is no point in denying this 

20:50 yeh :D 

20:51 AnonymousIRC "The media confusion around this point has been unfortunate" -- No, 

#HBGary. Unfortunate is your incompetence and your dirty business. 

20:51 grr. 

20:53 okay THIS is the BREAK server channel 

20:53 tweeted twice about that hilarious PDF 

20:54 dude, what the fuck are they smoking over at HB Gary 

20:54 can I just have the all clear to post their universal passwords? 

20:54 on twitter 

20:54 for lulz 

20:54 anyone got the mails to hand, somoen can post the entire email chain showing all 


those involved? 

20:55 im using my dads laptop and dont have here my netbook is fried D; 

20:56 Topiary, well by now they changed them anyway 

20:56 hmm its hundreds of mails about carious stuff 

20:56 but i guess the wikileaks thing is enough 

20:57 actually I can still log into Aaron's webex account, his old linkedin, Ted's flickr and 

his intuit 

20:57 rly? :o 

20:57 hmm then it's a trap. 

20:57 i would have loved to get their sourcecode :p 

20:57 and found bugs in it!! 

20:57 that would have been funny 

20:58 yeah.. well.. tell that sabu :p 

20:59 I should post passes for llz 

20:59 Topiary, why not? 

20:59 do it.. you know my twitter wont do that :p 

20:59 hm, might get suspended from twatter 

20:59 saitam @AnonymousIRC I appreciate that #HBGary didn't password protect 

changes in the PDF. Why bother if it gets hacked anyway... #lessonlearned 

21:00 lol 

21:00 yeah, maybe 

21:00 thats why i dont do it :) 

21:01 sabu has their src :D? 

21:01 i'd devote all my time to find exploitable bugs in it 

21:01 :D 

21:02 nah, he deleted all the backups :-( 

21:02 HBGAY-bypass.c 

21:02 heh :D 


21:03 Ted Vera, Colossal Faggot of HBGary 

21:03 xD 

21:05 arasita@mac.com 

21:05 adbarr@mac.com 

21:05 adbarr@me.com 

21:05 aaron@hbgary.com 

21:05 does Aaron use any more? 

21:07 not sure :D 

21:08 kk i gtg :D i'll u all tomorrow or somethign

22:15 ohai Laurelai 

22:15 channel mode? 

22:15 mhh 

22:15 Laurelai, you are a spai and we've known this for ages, but we just let you in here to 

cover up the other secret-secret channel 

22:15 -!- mode/#hq [+o armitage] by molly 

22:15 mh 

22:16 Topiary: cool story bro 

22:16 oh yes laurelai should be added to the anonleaks.ch google apps 

22:17 Topiary: im in ur irc spain for lulz 

22:17 :p 

22:17 I know you are fakegregghoush, I know you are 

22:18 lol 

22:18 your base have belong to me for many moons 

22:18 lol 

22:18 that's no moon 

22:18 >.> 

22:18 hahaha 

22:20 hey 

22:20 is the google apps 

22:20 enabled for mobile devices 

22:21 is now 

22:22 evey, so btw.. is contact@ forwareded? 

22:22 contact@ goes to everyone 

22:22 who has an email address 

22:24 do we have access to the other two IPs that the A record points to? 

--- Day changed Fri Feb 18 2011 

00:30 http://ai.moh.gov.bh/FAQp2.asp?rid='10 

00:30 http://www.noga.gov.bh/en/eventdetails.asp?event='1064 

00:30 http://www.noga.gov.bh/en/media_events.asp?event='1067 

00:30 http://www.noga.gov.bh/en/newsdetails.asp?news='939 

00:30 have fun 

00:44 -!- evey [ouija@HA-b0c.smh.b454mb.IP] has quit [Ping timeout: 121 seconds] 

01:14 hey Topiary you around 



05:22 -!- evey [user@HA-4tt.nib.lci946.IP] has joined #hq 


07:01 -!- evey [user@HA-4tt.nib.lci946.IP] has quit [Quit: ] 

08:02 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @armitage, 

@Nessuno, @tflow, @Topiary 

10:51 Laurelai, ?? 

11:00 -!- Nessuno834 [nessuno@HA-6c4.s5e.qempvl.IP] has joined #hq 




11:56 -!- mode/#hq [+ao armitage armitage] by HQBot 

12:04 Hmmm 

12:04 Sabu 


12:04 where art thou? :( 

12:05 -!- Sabu [sabu@HA-gtr.7ha.1dmvoo.IP] has quit [Ping timeout: 121 seconds] 

12:05 ungh 

12:53 !isla.operationfreedom.ru *** HQBot invited Topiary into the channel 

12:53 -!- Topiary [trouble@do.the.impossible] has joined #hq 



12:58 -!- evey [user@HA-4tt.nib.lci946.IP] has joined #hq 


12:58 hey 

13:00 ohai! 

13:00 wtf is going on? 

13:00 laurelai is still online.. on both nets. just idle? 

13:01 also.. search is broken for some reason. 

13:01 and i am talking to gregg atm 

13:06 currently, from what i can put together, it looks like somoneone is trying to play you 

and laurelai against gregg 

13:24 If it's worth anything, I've talked to Gregg frequently since early December, and I 

don't think he's doing any of the shit these people are accusing him of 

16:09 -!- Nessuno834 [nessuno@HA-6c4.s5e.qempvl.IP] has quit [Quit: Leaving] 

16:15 !isla.operationfreedom.ru *** HQBot invited nessuno into the channel 

16:15 -!- nessuno [fag@fagz.fagz] has joined #hq 

16:15 -!- mode/#hq [+o nessuno] by HQBot 

16:16 this network need more jb 

17:00 this network needs more sabu 

17:09 !isla.operationfreedom.ru *** HQBot invited kayla into the channel 



17:09 hey kayla

17:19 was curious about that 

17:19 "can't help but think that Alyona is boning one of the leaders of Anonymous..and if 

she isn't...does she want to? ;) 

17:19 infastructureFissure 3 days ago" 

17:19 * Topiary zips up 

17:20 lol :D 

17:20 naughty!!! 

17:20 :D 

17:20 i though you loved me D: 

17:21 * molly still lubs kayla madly 

17:21 Un4chanately not 

17:21 you know the second time I did the Alyona Show, a couple of Anon's voices 

accidentally got broadcast to the entire studio (including control room computers) while we were doing 

sound test with one of their producers 

17:21 we were listening in on one of their live practices (we could actually fucking see 

them through video too) and we started giggling 

17:21

17:29 yes.. well, thats why i got away from q (although i never used that nick before) 

17:29 but it got too much attention 

17:29 but one letter nicks are good 

17:29 they are hard to google 

17:29 but googleing Q would have returned millions of results on google 

17:29 kayla: That's smart 

17:29 yup 

17:32 I am now the proud owner of two ikiLeaks' shirts, a duffel bag, four stickers, three 

mugs and ten buttons. 

17:32 :D 

17:32 iki 

17:32 * molly brb 

17:32 lol stickyleaks xD 

17:32 eww 

17:32 The Internet po-po cut out my dubya 

17:33 thats tht deep packet inspection!!! :D 

17:33 your shits getting monitored :D 

17:33 do you SSH proxy ? 

17:33 :D 

17:33 you should! 

17:34 http://en.wikipedia.org/wiki/Deep_packet_inspection it happens more commonly than 

you think 

17:35 Lawful interception 

17:35 Service providers are required by almost all governments worldwide to enable lawful 

intercept capabilities. Decades ago in a legacy telephone environment, this was met by creating a traffic 

access point (TAP) using an intercepting proxy server that connects to the government's surveillance 

equipment. This is not possible in contemporary digital networks. The acquisition component of this 

functionality can be provided in many ways, including DPI, DPI enabled products that a 

17:35 HTTP over SSH 

17:36 allways :) 

17:36 SSL is not enough 

17:36 and some browsers default to DES 

17:36 xD 

17:36 fucking DES 

17:36 you have to force your broswer to use AES 

17:37 i don't trust SSL 

17:37 ssl stripped has been public for a long time now 

17:37 and SSL can be MITM 

17:37 not hard to forge certificates 

17:38 i don't trust TOR either, traffic is only encrypted untill it reaches the exit node it even 

says this on their site 

17:38 and people have been sniffing exit nodes for years now 

17:39 the huuuuuge embasy leak tht happend a few years back was because of TOR nodes 

being sniffed 

17:39 connecting to any US TOR exit nodes is bad too, alot of gov honeypots who work 

with child protection services monitor TOR because disgusting pedos use it 

17:40 the gov and everyone WANT you to think such means are "secure" 

17:40 so you get in your comfort zone and think you are safe 

17:41 tbh there's not alot i do trust :D 


17:42 * kayla puts her tinfoil hat on :3 

17:45 As long as you don't go past your front door and think the people on the street are 

all working together in an elaborate conspiracy to kill you, you're fine 

17:45 people outside trying to do what to me :O? 

17:45 * kayla peeks through the curtain :3 

17:45 xD 

17:46 kayla whyusohot? 

17:47 http://luxsci.com/blog/256-bit-aes-encryption-for-ssl-and-tls-maximal-security.html 

17:47 atleast force your browser to use AES ^^^^ 

17:47 nessuno :p 

17:48

to the server 

18:03 im worried more about other stuff 

18:04 yup in general you're right 

18:04 but it's just convenient .. especially if you have like 4+ networks and 50 channels 

18:05 but the most convenient is never the most secure :p 

18:06 of course not. it contradicts usually 

18:06 the more convenient the less secure 

18:06 http://i.imgur.com/OblRW.gif 

18:07 it's always a compromise 

18:07 that gif is amazing 

18:09 ppi just dont want to see anyone go to prison \:D/ 

18:09 -pp 

18:09 xD 

18:09 i think ppl here know what they are doing 

18:10 also, even IF they could grab me.. they would have nothing on me 

18:10 they would find no logs no anything. 

18:10 Of course, no proxy, Internet Explorer 8, Windows Vista, Norton antivirus, parishilton.exe 

18:10 :-) 

18:10 :D Topiary you have to have Limewire.exe too to be pr0 

18:11 That being said I could probably learn a lot more from you fags 

18:11 Limewire is completely safe :3 

18:11 btw kayla.. did Q on wikileaks actually took note of aaron's research and that 

omnious Q, Co-Leader of anonymous? 

18:13 how do i know lol xD 

18:13 i dunno i thought maybe you had heard somthing 

18:13 just curious 

18:14 now im confused xD i thought you were q 

18:14 xD? 

18:14 yeah.. but apparently there is a Q on wikileaks. several ppl asked me if i was him 

18:15 i love hit how diff. ppl on diff. networks use same nicks 

18:15 it makes the job of all the aaron's so much more difficult heh 

18:15 yeh :D 

18:15 In my many years of IRC, nobody has ever used Topiary 

18:16 i can confirm that 

18:16 never seen that nick before :) 

18:16 like i say "kayla" and "q" are very common :D 

18:17 yep, so is molly i guess 

18:17 I seen topiary 

18:17 also a cbherphunk reference is always good 

18:17 it was some polish 

18:17 polska :3 

18:18 u polish kayla 

18:23 http://www.psnathome.com/general/ps3-hackers-can-now-ban-legitimate-users-andunban-consoles.html 

18:23 lulz 

18:23 reminds me of hbgary 

18:25 I love how that story is developing 

18:25 it's like m$ whining about Xbawks hackers upgrading firmware all day every day 


18:25 fun times indeed 

18:25 did you read that cryptome article? 

18:26 >implying anyone would pay 40USD for Assassin's Creed 

18:26 hehe 

18:38 http://arstechnica.com/tech-policy/news/2011/02/black-ops-how-hbgary-wrotebackdoors-and-rootkits-for-the-government.ars? 

utm_source=twitterfeed&utm_medium=twitter&utm_campaign=rss 

18:39 ars have been digging deep in those mails :D 

18:40 that's why the webinterface rox so much 

18:40 any press can dig as deep as they want 

18:41 :D 

18:50 That's fucking deep. 

18:58 Topiary, http://twitter.com/#!/aaronbarr 

18:58 he got it back heh 

18:59 He did indeed 

18:59 I've been tweeting to the twat 

18:59 let me guess, he is ignoring you? 

19:00 Yessir 

19:00 When I was in his account, I deleted all of his PMs except one to some Chinese 

security firm, then I replied with "you are a faggot" 

19:00 I wonder if he saw that 

19:00 lol 

19:21 [01:20] there are indeed no emails to embassy stored that xould e if 

interest 

19:22 [01:20] what i catched was mass of persoal data(also from other hosted 

sites= 

19:22 well, that guy has a dump of bahrain gov emails 

19:22 they are in english 

19:22 this may be very juicy 

19:25 [01:24] someone familiar with cold fusion coding? 

19:25 [01:24] i need a dump class placed, how do i register it as custom cfc 

tag 

19:27 he said that there are no emails of interest tho 

19:28 he did? uhhm. 

19:28 >there are indeed no emails to embassy stored that xould e if interest 

19:28 mhh 

19:30 -!- evey [user@HA-4tt.nib.lci946.IP] has quit [Ping timeout: 121 seconds] 



21:22 Topiary, ? 

21:22 jester gives you 6 minutes *gasp* 

21:23 you're under an ultimatum! 

21:32 tflow, regarding govt IPs 

21:32 it would be interesting to see, WHAT they are looking at 

21:32 do they search something specific, etc 

21:34 Topiary 

21:34 confirm if you're there 


21:37 -!- evey [evey@HA-g7p.j9k.65sbfj.IP] has joined #hq 



22:12 oh noez 

22:12 04:11 believe in the fact that a 16 year old kid from wiscosin will take 

some heat. 

22:12 poor kayla being DIRECTLY threatened! /o\ 

22:19 :O 

22:19 she is from states? 

22:19 :( 

22:19 don't worry about her 

22:19 :) 

22:19 k 

22:20 jester... seems like a bit of a clown 

22:20 why is topiary doing this dance with him 

22:27 LOL 

22:27 I am one line away form blowing Jester's fucking brains 

22:43 hmm 

22:43 need new persona! 

22:43 lulz 

22:43 he's really touchy if someone mentioned he is doxxed 

22:48 Do you know p35t3r? 

22:48 nope 

22:48 i dont know anyone there except rodent 

22:49 he's an ircop and cool 

22:49 rather neutral 

22:49 well, "know" is exaggerated lol 

22:49 Nah, Pester is a twitter troll that Jester hates entirely 

22:49 the only nick i know :) 

22:50 nah, i usually stayed away from that entirely 

22:50 just enjoyed some entertainment 

22:59 he seems like an idiot 

22:59 why do you talk to him? 

23:00 To understand him more 

23:00 oh look it's 4am UTC 

23:01 I knew what I was doing, don't worry 

23:01 I'm not worried it just seemed like a waste of time 

23:01 Ah, a small waste of time now leads to things later 

23:01 he is like the man who would be king in there 

23:59 [05:56] are there any old school anonymous present??? any that 

go way back?? 

23:59 oh 

23:59 not in there? 

23:59 #anonymous on anonops 

23:59 oh you are 

23:59 my client fails 

--- Day changed Sat Feb 19 2011 

00:16 anyone here? 

00:16 Topiary, 

00:16 tflow, 

00:16 evey, ? 


00:40 what? 

00:40 someone die? 

00:40 hm no all good 

00:41 just been invited to some strange chan on anonops 

00:41 have the nagging feeling it's a trap 

00:44 trap? 

00:44 like #kill? 

00:44 or like #partyvan 

00:45 the latter 

00:45 how would they go about trapping you? 

00:48 hmm 

00:48 sec 

00:49 hm nah cant copy all that... well 

00:49 they basically want to reform anonymous 

00:49 and are looking for people who have influence 

00:49 to navigate them somehow 

00:49 i am not sure yet 

00:51 how do they want to reform anonymous? 

00:52 not sure okay, lemme paste some stuff 

00:52 [06:44] anon was a force to be reckoned with 

00:52 [06:44] now it is largely ignored... 

00:52 [06:45] oh 

00:52 [06:45] so will you support us... 

00:52 [06:45] actually HBGary showed quite the opposite 

00:52 [06:45] 'expect us' 

00:52 [06:46] expect...yah...but where are we?? 

00:52 [06:46] on the irc...oooo... 

00:52 [06:46] we don;t attack...we don't use force... 

00:52 [06:47] wtf is the point if not to make our point... 

00:52 [06:47] * Eyecon|afk is now known as Eyecon 

00:52 [06:47] well what is YOUR point? 

00:52 I don't fucking trust his "..." one bit, that is how Aaron talks. 

00:52 [06:47] i still don't really get it, apart from "Lets make a darknet" and do stuff 

00:52 [06:47] not much difference from here 

00:52 [06:48] that we need to step up as a whole...that those with the 

skills take action instead of sitting back and waiting... 

00:53 [06:48] that anonmyous become the collective it once was... 

00:53 [06:49] that as a collective we take out those who opress 

00:53 [06:49] I'm not certain, as regards the "how" or "what", specifically... but it 

is grossly obvious - to me, at least - that SOME sort of dramatic change needs to happen in 

Anonymous. 

00:53 [06:49] What those changes should be, or how they should be brought to 

fruition, as I said, I just don't know at this point. But... 

00:53 [06:50] Meh. That's all I got. 

00:53 [06:50] lol 

00:53 [06:50] one thing we can agree on already 

00:53 [06:50] we must make clear that we are NOT wikileaks 

00:53 [06:50] especially after anonleaks 

00:53 [06:50] ^ 


00:53 [06:51] it needs to happen...wheather we take out the current 

anon and repalce it with an active one...or we work behind the script...that remains to be seen 

00:53 [06:52] wikileaks....thats the fucking most retarded thing i've 

seen yet... 

00:53 Topiary, EXACTLY 

00:53 my thought 

00:53 but.. i dont wanna be so paranoid to cry "it's aaron" just yet 

00:53 i play along 

00:53 dwaan is in that channel too 

00:53 wtf is he? 

00:54 probably invited by aaron 

00:54 as the australian keyplayer 

00:54 lol 

00:54 We have to be fucking careful of these troll bastards. 

00:54 yup 

00:54 and who is eyecon? 

00:54 Not sure about that either... people keep changing nicks and it confuses the hell out 

of me. 

00:54 let me ask them 

00:54 if i can invite you? 

00:55 Which channel is it? 

00:55 well you will know then 

00:55 is it okay? 

00:55 Sure. 

00:55 ill ask first there 

00:56 [06:55] can i invite topiary? 

00:56 [06:55] or can you. 

00:56 [06:55] his input may be valuable. 

00:56 [06:56] if they are trusted yes... 

00:56 [06:56] yes he is 

01:13 lulz 

01:13 [06:12:51] thegreengateway: You're a delusional troll, fuck off. 

01:13 [06:12:53] =-= q was booted from #opReform by Hal9000 (Requested 

(thegreengateway)) 

01:13 [06:12:56]

01:19 Jesus fucking hell 

01:20 ./whois tflow :) 

01:20 Just noting the lack of access in all of those 

01:20 mm 

01:20 yeah 

01:20 fits 

01:20 trolls or even garytrolls 

01:21 he's in #over9000 too 

01:21 very trolly 

01:22 yup 

01:22 i think ju will put out a nice article 

01:23 he was truly impressed 

01:23 i'll scan it.. though he will probably send us a copy anyway 

01:27 Indeed 

01:28 it was a good interview, you did well 

01:29 he won't quote anything out of context either 

01:29 i know c't, we did that precious interview.. we translated that. 

01:40 Topiary, #anonnews 

01:40 that one guy is active there, too 

01:43 -!- armitage [armitage@freeside.tessier-ashpool.org] has quit [Killed (molly (go away))] 

01:43 -!- molly is now known as armitage 

01:43 -!- mode/#hq [+a armitage] by HQBot 

01:43 -!- armitage [millions@freeside.tessier-ashpool.org] has quit [Changing ident] 



04:28 -!- Avunit [Avunit2@netadmin.operationfreedom.ru] has quit [Ping timeout: 121 seconds] 

09:21 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru, 

triumph.operationfreedom.ru quits: @evey, @armitage, @nessuno, @tflow, @Topiary 




09:29 -!- Netsplit over, joins: @evey, @tflow, @Topiary, @nessuno 

09:29 -!- Netsplit trust.operationfreedom.ru tackle.operationfreedom.ru quits: @evey, @nessuno, 

@tflow, @Topiary 











09:52 Topiary, ? 


10:17 armitage: ? 

10:18 heya Topiary .. hmm care to check with sabu? 

10:18 Sure, in a bit 


10:18 coo 


11:16 tflow, also, heard anything from av, is he good? 

13:44 hi 

16:50 Just called, it was Sabu's friend, Sabu is all fine 

16:51 good :-) 

16:51 thx topi 

17:03 ? 

17:03 what happened? 

17:05 nothing.. was just a little worried since sabi been offline for a while 

17:05 sabu* 

17:06 do u worry abt me armitage 

17:07 you're around often enough, don't need to :) 

17:08 im not around enought aparent 

17:11 I worry about everyone :S 

17:11 I'm a professional though 

17:11 nessuno hmm? we talk basically daily.. 

17:18 yag 

20:41 armitage 

20:41 can you retweet this? http://twitter.com/#!/atopiary/status/39137351015862272 

20:41 tl;dr donation fund to help protests in oppressed countries not get sniffed out 

20:41 helps buy them nice things 

20:42 already did that 

20:42 well shit 

20:42 you active motherfucker 

20:42 twitterfall usually always running on one screen 

20:43 ah, how many displays you got up? 

20:43 just 2 atm 

--- Log closed Sat Feb 19 21:46:50 2011 

\ 


Hubris I will hunt you down to the ends of the earth and the end of time. 

You will take your own miserable life rather than endure what I will bring 

down upon you which will be nothing short of the Wrath of mother fucking 

God you miserable lousy fucking piece of shit. And if you are a member of 

this rotten little association of liars pass the word, and you might want 

to reconsider your alliance because when I find you you will PRAY for death 

to come to you. 

Commander X 

PLF Field Commander 

PeoplesLiberationFront.org 

opV@mailinator.com 

64.134.144.41 

64.134.144.41 IP address location & more: 

IP address [?]: 64.134.144.41 Copy [Whois] [Reverse IP] 

IP country code: US 

IP address country: ip address flag United States 

IP address state: Virginia 

IP address city: Sterling 

IP postcode: 20166 

IP address latitude: 38.9881 

IP address longitude: -77.4755 

ISP of this IP [?]: WAYPORT 

Organization: Washington Dulles International Airport 

Local time in United States: 2011-03-19 12:45 

WHOIS information for PeoplesLiberationFront.org : 

[Querying whois.publicinterestregistry.net] 

[whois.publicinterestregistry.net] 

NOTICE: Access to .ORG WHOIS information is provided to assist persons in 

determining the contents of a domain name registration record in the Public 

Interest Registry 

registry database. The data in this record is provided by Public Interest 

Registry 

for informational purposes only, and Public Interest Registry does not 

guarantee its 

accuracy. This service is intended only for query-based access. You agree 

that you will use this data only for lawful purposes and that, under no 

circumstances will you use this data to: (a) allow, enable, or otherwise 

support the transmission by e-mail, telephone, or facsimile of mass 

unsolicited, commercial advertising or solicitations to entities other than 

the data recipient's own existing customers; or (b) enable high volume, 

automated, electronic processes that send queries or data to the systems of 

Registry Operator or any ICANN-Accredited Registrar, except as reasonably 

necessary to register domain names or modify existing registrations. All 

rights reserved. Public Interest Registry reserves the right to modify 

these terms at any 

time. By submitting this query, you agree to abide by this policy. 


Domain ID:D161561878-LROR

Domain Name:PEOPLESLIBERATIONFRONT.ORG 

Created On:20-Feb-2011 19:11:46 UTC 

Last Updated On:20-Feb-2011 19:11:51 UTC 

Expiration Date:20-Feb-2012 19:11:46 UTC 

Sponsoring Registrar:Lime Labs LLC (R1764-LROR) 

Status:CLIENT DELETE PROHIBITED 

Status:CLIENT TRANSFER PROHIBITED 

Status:CLIENT UPDATE PROHIBITED 

Status:TRANSFER PROHIBITED 

Registrant ID:4511142002207680 

Registrant Name:Freedom Fighter 

Registrant Organization:PLF 

Registrant Street1:1206 Masonic Avenue 

Registrant Street2: 

Registrant Street3: 

Registrant City:San Francisco 

Registrant State/Province:CA 

Registrant Postal Code:94117 

Registrant Country:US 

Registrant Phone:+1.8315158571 

Registrant Phone Ext.: 

Registrant FAX: 

Registrant FAX Ext.: 

Registrant Email:plf666@mailinator.net 

Admin ID:4511142002207680 

Admin Name:Freedom Fighter 

Admin Organization:PLF 

Admin Street1:1206 Masonic Avenue 

Admin Street2: 

Admin Street3: 

Admin City:San Francisco 

Admin State/Province:CA 

Admin Postal Code:94117 

Admin Country:US 

Admin Phone:+1.8315158571 

Admin Phone Ext.: 

Admin FAX: 

Admin FAX Ext.: 

Admin Email:plf666@mailinator.net 

Tech ID:4511142002207680 

Tech Name:Freedom Fighter 

Tech Organization:PLF 

Tech Street1:1206 Masonic Avenue 

Tech Street2: 

Tech Street3: 

Tech City:San Francisco 

Tech State/Province:CA 

Tech Postal Code:94117 

Tech Country:US 

Tech Phone:+1.8315158571 


Tech Phone Ext.: 

Tech FAX: 

Tech FAX Ext.: 

Tech Email:plf666@mailinator.net

Name Server:NS1.LIMEDOMAINS.COM 

Name Server:NS2.LIMEDOMAINS.COM 

Name Server: 

Name Server: 

Name Server: 

Name Server: 

Name Server: 

Name Server: 

Name Server: 

Name Server: 

Name Server: 

Name Server: 

Name Server: 

DNSSEC:Unsigned 

Official reply: "To the PLF Commander, NUTS!, The American 

Commander"

backtracesecurity.com - AnonymousDown

Create successful ePaper yourself

Delete template?

Save as template?