[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Webiron



It was more of an idea to disrupt whatever they are trying to build.
They actually banned our email server (which does not share its IP with Tor) so even if we reply to their shitty mails, we can't get off their list anymore... hah

On 30.01.2016 02:26 AM, Operator AnonymizedDotio1 wrote:
What does it change that webiron know or doesn't know if you have seen
those f*cking abuse email?

My exit node IP is listed as having an email sent to abuse@... and I
never received any email at abuse@...

I might be missing something but who cares about webiron? I care about
what my ISP thinks and they don't seems to think so highly of them
because it's one of the largest ISP on the webiron list and according
to that new feature of webiron, they never open their email.

On 2016-01-29 2:13 PM, Schokomilch NOC wrote:
We quickly have created a poc to prevent their webbug of being useful:

https://github.com/TheSchokomilchFoundation/IronFist

IronFist will parse their latest JSON data (by downloading it via a Tor connection if a Tor-socks is available on 127.0.0.1:9050)
It then generates a list of all current ip + email combinations, e.g.

https://www.webiron.com/images/misc/2__._40.6.20_/quanhf@xxxxxxxxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/_88.93._44.86/noc@xxxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/_48.25_.83._6/abuse@xxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/__.24_._8_._65/abuse@xxxxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/__.24_._8_._65/abuse@xxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/_08.__9._96._29/ipadmin@xxxxxxxxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/6_._64._._4/security@xxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/6_._64._._4/antispam@xxxxxxxxxxxx/webiron-logo_abuse.png https://www.webiron.com/images/misc/6_._64._._4/anti_spam@xxxxxxxxxxxxx/webiron-logo_abuse.png Those urls could then be visited via the same Tor connections which would then make the tracker hopefully useless, as 100% of all URLS are visited.

The latter functionality has not yet been included. It might not be prudent to do this after all.


On 27.01.2016 05:10 AM, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including
a web bug in the mail to see if you've opened it:

https://www.webiron.com/images/misc/91.219.236.218/abuse@xxxxxx/webiron-logo_abuse.png https://www.webiron.com/abuse_feed/abuse@xxxxxx
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays