1. Once you send me SYN packet to commonly used ports that involved in botnet bruteforce attacks, which include but not limited to SSH and/or RDP, you provide to "NAH" and the owner exclusive right to attack back in any way your public IP address, disclose/share/sell your IP and/or data to the public, including wordlist that have been used in your attack.
2. Once correct credentials recovered, you completely agree and provide to "NAH"/owner/third parties choosed by the owner exclusive right to perform any manipulation with your machine and/or IP and/or internet access, you agree to removal of all known/unknown malicious software and/or botnet agents.
3. With that said, you provide to "NAH" and the owner FULL and LEGAL access to your network-connected device.
# ./attackback.py Found a new jerk! [censured].XXX.XXX:22 Bruteforcing SSH: [censured].XXX.XXX [ssh] host: [censured].XXX.XXX login: root password: ThisPassw0rdMightBeDefault! 1 of 1 target successfully completed, 1 valid password found Credentials found! Getting whois info... Gathering system information... Finding malware/botnet agents... Found! Removing... Sending email... Waiting for another one...
Proof of Concept will be soon. Stay tuned.
Post a Comment