Re: Romanian hacker unknown string

[James Condron <james () zero-internet org uk>]

It could mean anything. I'm just asking how you got that string. Hell, the
string of numbers '199403' could be there because in the 1994 world cup
Romania got to the 3rd to last game from the World Cup Final. Given enough
random chars in a random file you could probably get lots of allusions to
Romania. Given a string in a passwd file somewhere it could be less likely
to be a coincidence.


On Fri, Jan 17, 2014 at 12:01 PM, Asheesh Tripathi <
informationhacker08 () gmail com> wrote:

> yes chances are their , if we search last 8 alphabet in search engine the
> result will come as "*szrtech1* is a Registered user in the Romanian
> Security Team" , it might be a coincidence
>
>
> On Fri, Jan 17, 2014 at 5:19 PM, James Condron <james () zero-internet org uk
> > wrote:
>
> > How are you capturing this password? Chances are its just a random string
> > they're using
> >
> >
> > On Fri, Jan 17, 2014 at 11:37 AM, Asheesh Tripathi <
> > informationhacker08 () gmail com> wrote:
> >
> > > Yes Tried to reset password of one user account with this string
> > >
> > >
> > > On Fri, Jan 17, 2014 at 4:57 PM, James Condron <
> > > james () zero-internet org uk> wrote:
> > >
> > > > Okay, thats fair enough but where was that string? What makes you think
> > > > it means anything? You said something about it being a password, did you
> > > > not?
> > > >
> > > >
> > > > On Fri, Jan 17, 2014 at 11:21 AM, Asheesh Tripathi <
> > > > informationhacker08 () gmail com> wrote:
> > > >
> > > > > There was many scripts in which it contains an URL to a Romanian
> > > > > hacking forum
> > > > > printf "for any info vizit http://hacking.3xforum.ro/ \n";
> > > > > printf "daca nu pica in 10 min dai pe alt port \n";
> > > > >
> > > > > I am looking for  what does this string mean
> > > > > "rt3y(iii#$%)yhyuhub3p3scpb3ll3muuulttreb265199403199403reb265tgzszrtech1"
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Fri, Jan 17, 2014 at 4:08 PM, James Condron <
> > > > > james () zero-internet org uk> wrote:
> > > > >
> > > > > > Where was it? And how do you know 'Romanian hackers' have been near
> > > > > > your server?
> > > > > >
> > > > > > -James
> > > > > >
> > > > > >
> > > > > > On Fri, Jan 17, 2014 at 10:19 AM, Asheesh Tripathi <
> > > > > > informationhacker08 () gmail com> wrote:
> > > > > >
> > > > > > > Hi All
> > > > > > >
> > > > > > > During log analysis of Linux server we have found a  strings
> > > > > > > passwd
> > > > > > >
> > > > > > > rt3y(iii#$%)yhyuhub3p3scpb3ll3muuulttreb265199403199403reb265tgzszrtech1
> > > > > > >
> > > > > > > Can anybody help me out in understanding  above string we have
> > > > > > > already found some traces of  Romanian hackers
> > > > > > >
> > > > > > > Thanks
> > > > > > > Anaconda
> > > > > > >
> > > > > > > _______________________________________________
> > > > > > > Full-Disclosure - We believe in it.
> > > > > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > > > > > Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/