siDz | SysStream

im always with my gmail. ALWAYS. every single second i had with an internet connection, some of the bandwidth will be used for gmail in the browser. when i go out, gmail is the only reason why i didn't turn off my pc.

so.. today, after playing DoTa with some of the noobs, i saw this:



i was like.. WHAT THE FUCK? an email sent by me?

i panicked. shit. if someone had the access to my mail, i'm doomed. almost all my passwords are there.

then i smsed siti, asked her whether she had opened my gmail account.
she replied: no.

calmed down after 5 mins.



that's the email. okay. that looks so weird for me. i dunno, had some deja vu when staring at the '1359989' figure. hmm...

so..

i did this:



SHOW ORIGINAL



it spawns a new window and displayed the original ascii data. so.. by analyzing the data, i saw:



nice. FUHHH. at that time, i was sooo damn relieved!. clearly, it shows that the message is not sent by me, the mail has been sent from this:

abts-mum-dynamic-149.11.169.122.airtelbroadband.in ([122.169.11.95])

first glimpse is: FUCKING pure indian dynamic IP nigger sending mail posing as me. pui!



i demand more fun. my counterattack begins straight away.

i spawned a new tab on safari (safari is nice for pentesting), put that damn IP in the address bar, and..

(shit at this point of time they changed their IP already)

pointed abts-mum-dynamic-149.11.169.122.airtelbroadband.in ([122.169.11.95]) on my browser. 5 secs later, the server responds and asks me for a login and password.

YAY! there's life!

im encountering bcm96338, an adsl wireless router, not sold in malaysia. with some help of bruteforceing the password, i gained access to their router



this is the router before it went 404.

also, i spawned zenmap (pity that i'm on windows, and still craving for nmap) and run some test on the ip. and guess what?

port 80
port 23
port 21

are open.

this leads to an another massive lul. i spawned msdos and quickly telnet-d to the ip.



lol.

shit. a built-in menu?
hmm... instead of pressing number. i tried typing sh and what i get was:

SHELL ACCESS.



shit that was sick. the problem is, i can't do ls or dir (lol).

hmmmmm...

i tried echo * and it works lol. i wonder why they didnt REMOVE echo aswell.

after 10 mins of searching the router, i did fetch the pppoe's username and password.


when i tried to do more lulz by using the retarded native indian nigger script kiddie's username and password, my friend called for an another DoTA round. i would steal his money in his banks and his credit cards information.. but....

DoTA was too much important than that.


so i closed all of them.

so.. who want the username/password come and tell me why.