Author Topic: To people/companies using the MDL.  (Read 109132 times)

0 Members and 1 Guest are viewing this topic.

August 07, 2008, 08:05:36 pm
Read 109132 times

JohnC

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1964
A lot of the members of this site are getting tired of contributing their time and effort into the MDL, to have people not contribute anything back. And I think it is a very valid point. Especially as some of them have worked very hard for this site and been here from the beginning practically. We are aware quite a few companies are using the site, and we're thinking does it really hurt to contribute something back? A few sites per week even.

Just something so it doesn't seem like the time, money and effort that goes into running this site are in vain. If you're registered here on the forum, they can be posted in the Malicious Domains section. Or you can submit them through the Contact page.

Thank you.

August 10, 2008, 12:01:54 pm
Reply #1

CM_MWR

  • Special Members
  • Hero Member

  • Offline
  • *

  • 319
Id like to give everyone the chance to show thier colors,I will drop here for all to take,some recently collected urls.

If non-speaking members or non-members who can see this,would like to continue to have access to the MDL Database,show us,contribute back,doesnt matter if its a small collection of links or a large collection,if all you have is one unique active link to contribute,thats more than 0.  ;)

So here we go,lets see if yall are everything Ive said you were.  :P

Code: [Select]

213.155.0.242/cgi-bin/in.cgi?fff33cd50100f0600055f2fb0606bbac566d02b76d7b79ff03656e2d75730000000000
213.155.0.242/cgi-bin/in.cgi?fff33cd50100f0600255f2fb0606bbac566d02b76d7b7800030409000000000200
213.155.0.242/cgi-bin/in.cgi?fff33cd50100f0600255f2fb0606bbac566d02b76d7b7800030409000000000201
213.155.0.242/cgi-bin/in.cgi?fff33cd50100f0600255f2fb0606bbac566d02b76d7b7800030409000000000202
213.155.0.242/cgi-bin/in.cgi?us17
77.221.133.171/.dif/go.php?sid=1
77.221.133.171/.if/go.html?4272b4
77.221.133.171/.sp/check.cgi?o
91.203.92.14/cgi-bin/index.cgi?ffc827980100f06000625fe47906403998f702b7566e6eff03656e2d75730000000000
91.203.92.14/cgi-bin/index.cgi?user3
codechost.com/codecpack.v.1.0.131.exe
etds0.net/?id=00237&t=other&o=0
etds0.net/animan.class
etds0.net/anr/us00237.anr
etds0.net/lc237.html
famoutoito.net/progs/luagqdak/odaxgua.php?adv=adv449&code1=JO00&code2=0203&id=-186345958&p=1
famoutoito.net/progs/luagqdak/rkdnxghe
famoutoito.net/progs/luagqdak/wyibby.php?adv=adv449
famoutoito.net/progs/luagqdak/yflhrol.php
famoutoito.net/uniq.php?id=-186345958
free-viruscan.com/ie-av.exe
hardpornmpg.com/55.php
hardpornmpg.com/suko.php?id=4441
hardpornmpg.com/test.php?id=4441
opana.cn/aba.html
opana.cn/opa.html?
opana.cn/ya.html
p0llko.com/v3/index.php
p0llo.com/protektor/in.cgi?dogm1
p0llo.com/protektor/in.cgi?dogm3
p0llo.com/su/in.cgi?2
p0llo.com/su/in.cgi?4
podra.cn/atds/out.php?s_id=1
podra.cn/fi/index.php
podra.cn/spl/index.php
search-biz.org/000/loader.exe
search-biz.org/000/r.php
search-biz.org/2.ani
search-biz.org/test.html
searchmeup.biz/img/cmd.php?c=I0&v=22&b=3002&id=B7ECB35&cnt=ENU&q=5C5F7
searchmeup.biz/img/cmd.php?c=R0&cmdid=581&v=22&b=3002&id=B7ECB35&cnt=ENU&q=5EFC6
ultracodec.net/download/ultracodec.v3.001.exe
veryblomar.com/FG/1.swf
veryblomar.com/FG/index.php
veryblomar.com/FG/load.php?id=1622&spl=2
veryblomar.com/FG/load.php?id=1622&spl=5
veryblomar.com/vb/in.cgi?2


August 12, 2008, 08:55:25 am
Reply #2

Kayrac

  • Guest
Small contribution from me!

from
Code: [Select]
www.sanseg.com/eng/Product.as(now dead)

I tried to sort through and grab stuff i knew was useless, but i dunno how good i did

edit forgot, credits to blender for the find :)

-Brian

few more randoms

Code: [Select]
888.843call.cn/minidll.txt
219.148.34.9/dmmodule/p1.dll
122.770304123.cn/ue000/38sw.e?uid=122336026012863011171471
110.770304123.cn/player/blog.updata?v=1.7.5.6&mid=b717aba3586088c34b611ec991e7bc7d&r1=c4fb61aee3d1babba11542e0a8dfb308&tm=2008-08-12%2012:39:32&av=TD&os=Windows%20XP.2600%20with%20Service%20Pack%202&uid=122336026012863011172909&cht=0
122.770304123.cn/list/2008-08-12/NO.y
219.148.34.9/dmmodule/p2.dll
122.770304123.cn/list/bl.y
219.148.34.9/dmmodule/p3.dll
122.770304123.cn/list/2008-08-12/ut_NO.y
219.148.34.9/dmmodule/miniDll.dll
888.843call.cn/supper.txt
888.843call.cn/supper.txt
888.843call.cn/supper.txt
888.843call.cn/supper.txt

August 14, 2008, 06:11:49 pm
Reply #3

CM_MWR

  • Special Members
  • Hero Member

  • Offline
  • *

  • 319
lol...ty K....I dont think anyone here needs any further convincing that a leeching policy should be implemented.

Too many takers and not enough givers...sounds like my marriage  :'(

September 10, 2008, 07:46:45 pm
Reply #4

amesdaq

  • Special Members
  • Newbie

  • Offline
  • *

  • 4
    • http://www.WebsenseSecurityLabs.com
Hello Everyone. I am new around here but I support your cause. Hopefully these URLs help out others in their research.

Here are some heavy obfuscation URLs

Code: [Select]
http://google-analysis.com/cgi-bin/neo3/index.cgi?usa1
http://91.142.64.91/cgi-bin/news.cgi?user3
http://aspx46.com/cgi-bin/index.cgi?script
http://www.24aspx.com/cgi-bin/index.cgi?script
http://cdm1djeni.com/cgi-bin/index.cgi?dx
http://24aspx.com/cgi-bin/index.cgi?script

Here are some URLs that use function(p,a,c,k,e,d) method of obfuscation and compression and do some flash exploits

Code: [Select]
http://www.macromidias.com/c/flink.html
http://www.rigoogle.com/issf.html

Here are some base64 obfuscation URLs

Code: [Select]
http://emanoncreations.com/
http://sexis.host.sk/
http://twitthis.com/
http://centralstudy.chachoengsao1.go.th/
http://boofey.myweb.hinet.net/
http://www.stanarotrans.ro/
http://www.nouhau.com.ua/
http://hbo-aci.com/
http://www.corporateadmin.com/
http://www.zsbn.ru/
http://www.tattooflash.hotbox.ru/
http://yenze.myweb.hinet.net/
http://tattooflash.hotbox.ru/
http://demo.web-console.org/
http://www.bad-sooden.ru/
http://www.duende.hu/
http://www.jemna.org/


Here are some various Exploits

Code: [Select]
http://las1974.home.sunbo.net/
http://www.web360software.com/
http://211.155.224.211/
http://www.clint.arvixe.com/
http://wyt1007.ifastnet.com/
http://www.maine-coons.com/
http://pus.jeeran.com/
http://www.blogat.net/
http://zloi-4elovek.jino-net.ru/
http://www.recicla.it/
http://www.cypress.jino-net.ru/
http://205.142.52.238/safe2/bfyy.htm
http://liangqian6336.vip.sina.com/
http://205.142.52.238/safe2/lz.htm
http://205.142.52.238/safe2/real.htm
http://www.wq9q.cn/root/bfyy.htm
http://ledomainedetest.free.fr/
http://www.donghyuklee.com/
http://www.059e.net/
http://www.jejudance.or.kr/
http://brcaseiras.iespana.es/
http://marzipann.com/sarona2.html
http://www.baixakibrasil.xpg.com.br/
http://vern.creativenetwork.it/
http://www.blogg2007.kit.net/
http://www.parperfeito00.kit.net/
http://www.realityshow.kit.net/
http://www.boua9a.org/
http://lordcode.host.sk/
http://www.bia2.mihanblog.com/
http://www.myserver.110mb.com/
http://www.imoveisblumenau.com.br/
http://www.mediaplayer.mail15.su/
http://www.wehlingm.de/
http://www.urgentissimo.hotbox.ru/
http://www.ami1gosparasempre18.xpg.com.br/
http://fotolog-br.4t.com/juzinha/fotos/index.html
http://orkut-com-conmunity-aspx-cm-55475.4t.com/
http://img25imageshack.ifastnet.com/
http://cartaocard.vilabol.uol.com.br/
http://www.fotosnew.smtp.ru/
http://www.cefexcardslipo.xpg.com.br/
http://liangkang.sitesled.com/
http://www.stranjiyane.com/
http://leds.sitesled.com/
http://www.100meiaspalavras.xpg.com.br/
http://directory.theclubreview.com/
http://www.xtrocardslego.xpg.com.br/
http://www.abaixarapido.xpg.com.br/
http://www.amigosparasempre11.xpg.com.br/
http://www.orkutonline.xpg.com.br/
http://www.acidente-gol-brasil.pisem.net/
http://www.amigosparrasempre200.xpg.com.br/
http://orkut-com-conmunity-aspx-cm-6698468108907633538624.4t.com/index.html
http://viet8x.evonet.ro/
http://www.anonimosdoorkut.kit.net/
http://www.amigosparasemore04.xpg.com.br/
Ali Mesdaq (CISSP, GIAC-GREM)
Sr. Security Researcher
Websense Security Labs
http://www.WebsenseSecurityLabs.com

September 10, 2008, 08:54:12 pm
Reply #5

JohnC

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1964
Thank you very much, we appreciate the contribution.

September 11, 2008, 01:21:59 am
Reply #6

CM_MWR

  • Special Members
  • Hero Member

  • Offline
  • *

  • 319
 ;D

TY very much,nice to see these!  ;)