Author Topic: PDF exploit + Koobface  (Read 3075 times)

0 Members and 1 Guest are viewing this topic.

June 18, 2009, 02:13:59 am
Read 3075 times

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Ref: http://forum.hosts-file.net/viewtopic.php?p=11777#p11777

Bog standard PDF exploit;

updatedb87.cn/out/index.php
-> updatedb87.cn/out/pdf.php
--> updatedb87.cn/out/load.php <--Koobface

Domain resolves to: 83.133.123.139 - t492.1paket.com

Code: [Select]
inetnum: 83.133.96.0 - 83.133.127.255
netname: LNCDE-GREATNET-NEWMEDIA
descr: Greatnet New Media.
country: DE
admin-c: FL1331-RIPE
tech-c: FL1331-RIPE
status: ASSIGNED PA
mnt-by: LNC-MNT
mnt-lower: LNC-MNT
source: RIPE # Filtered

person: Frazzetta Lindner
address: Greatnet New Media
address: Brentenstrasse 4a
address: D-83734 Hausham
address: Germany
phone: +49 1805 47328638
fax-no: +49 1805 444894696
nic-hdl: FL1331-RIPE
abuse-mailbox: abuse@greatnet.de
mnt-by: LNC-MNT
source: RIPE # Filtered

:: Information related to '83.133.0.0/16AS13237'

route: 83.133.0.0/16
descr: Lambdanet Operations - German region
origin: AS13237
mnt-by: LNC-MNT
source: RIPE # Filtered

Relations:
http://hosts-file.net/?s=83.133.123.139&view=matches
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net