[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Webiron



What does it change that webiron know or doesn't know if you have seen those f*cking abuse email?

My exit node IP is listed as having an email sent to abuse@... and I never received any email at abuse@...

I might be missing something but who cares about webiron? I care about what my ISP thinks and they don't seems to think so highly of them because it's one of the largest ISP on the webiron list and according to that new feature of webiron, they never open their email.

On 2016-01-29 2:13 PM, Schokomilch NOC wrote:
We quickly have created a poc to prevent their webbug of being useful:

https://github.com/TheSchokomilchFoundation/IronFist

IronFist will parse their latest JSON data (by downloading it via a Tor connection if a Tor-socks is available on 127.0.0.1:9050)
It then generates a list of all current ip + email combinations, e.g.

https://www.webiron.com/images/misc/2__._40.6.20_/quanhf@xxxxxxxxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/_88.93._44.86/noc@xxxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/_48.25_.83._6/abuse@xxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/__.24_._8_._65/abuse@xxxxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/__.24_._8_._65/abuse@xxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/_08.__9._96._29/ipadmin@xxxxxxxxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/6_._64._._4/security@xxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/6_._64._._4/antispam@xxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/6_._64._._4/anti_spam@xxxxxxxxxxxxx/webiron-logo_abuse.png

Those urls could then be visited via the same Tor connections which would then make the tracker hopefully useless, as 100% of all URLS are visited.

The latter functionality has not yet been included. It might not be prudent to do this after all.


On 27.01.2016 05:10 AM, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including
a web bug in the mail to see if you've opened it:

https://www.webiron.com/images/misc/91.219.236.218/abuse@xxxxxx/webiron-logo_abuse.png

https://www.webiron.com/abuse_feed/abuse@xxxxxx
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays