Anonymous elindította a “Magyarország Műveletet”/Anonymous started OPERATION HUNGARY

Az Anonymous néven ismert globális cracker/script kiddie/hívd ahogy akarod Å‘ket csoport elindította a Magyarország jelenlegi legitim kormánya elleni internetes támadását, az úgynevezett “Magyarország műveletet”. EZEN BLOGPOSZT CÉLJA, hogy TÁJÉKOZTASSA az internetes közvéleményt a történésekrÅ‘l. A blog írója semmilyen kapcsolatban nincs az Anonymous-szal, mindössze saját és látogatói érdeklÅ‘dését szem elÅ‘tt tartva ír arról, amit tudni lehet.
Amit eddig tudni lehet:
“Hivatalos logó”

“Hivatalos (?)” videó a támadásról:

Hivatalos “worklog”:
http://titanpad.com/xi5Kq8ZpmM

Egy érdekesebb találat a fenti worklogból:
Amint frissebb híreket találok, fogom frissíteni ezt a posztot.
UPDATE #1: Érdekes, amit írnak a munkanaplóban: “az Anonymousról keveset tudnak Magyarországon, ezért terjeszteni kell a hírünket”. Azt megkérdeztem azért, hogy az Anonymous honnan tud Magyarországról? Ha nem lenne ez a sajtócirkusz, valószínűleg azt sem tudnák, melyik földrészen keressék…a média híreire alapozzák a támadást, amely szerintem veszélyes és nem biztos, hogy jól megalapozott döntés.

Hey guys,
I created this post to show people the progress of Anonymous in their so called Operation Hungary (basically they are trying to bring down some websites of my country). This blog only tries to raise awareness of their achievements, so appropriate countermeasures could be taken. If any updates come along I will try to update this post too.

 UPDATE #1: I just found some stuff in the official worklog, which basically says “not many people now about Anonymous in Hungary, so we need to change this and make people know us”. I just want to ask, since when does Anonymous know about Hungary? I guess without this huge media-coverage we are getting these days they would not even now on which continent they should search for Hungary…meaning they just doing this operation without knowing anything else but what the media told them.

Bring A Siri Friend SALE!

I decided to change some stuff around BringASiriFiend, so fomr now on until the sale ends we are GIVING AWAY SERVERS for only 4.99 A MONTH!
Some people charge that much for one slot on a server and for a week! We give you the full server for a WHOLE MONTH!

So if you are interested, you can go to the Order NOW! page from here directly.
CLICK HERE TO ORDER!

BringASiriFriend is alive

I just decided to start a new “business” which is called Bring A Siri Friend. It is just a simple service for people who have an iPhone 4S and want to distribute its keys to other iPhones (4/3Gs or iPod Touhc 4G) either for profit or just fun. It is pretty cheap, at least I think so, but if you are interested, check out its cool website:
http://bringasirifriend.wordpress.com

Also if you already have a server, but doesn’t know how to install and setup SpireProxy you can always contact me and get a special price for this service. To contact me use this form:
http://bringasirifriend.wordpress.com/contact-us/

As I already said SpireProxy is an easy to use and convenient server program, that doesn’t eat up much of your server resources (I think it needs like 3% CPU and 10 MB of RAM or so), but combined with an iPhone 4S it is the best and most efficient way to distribute Siri keys to older iDevices.

I personally have been using the server program for more than a week and it works like charm. My first client @BringASiriFriend is also satisfied and had no glitches or server downtime since he ordered the server.

SpireProxy 0.1 released

Hello People,

Some asked me in my previous post to send them my code, so I decided to keep it easier and better I am going ot provide you a GIT-repo, so you can see, modify and easily download my code.

Before I paste in the link to my code I need to say thank you for some people:
-My dear friend Gábor, who kept helping me with various Ruby issues and kept me going even when I felt like a useless piece of wood
-Applidium for creating Cracking-Siri
-plamoni for using Cracking-Siri to create SiriProxy
-stantheripper for creating SiriAuth and AuthGrabber

Please, if you make some money from using this software, or just like my work consider donating!

Here is the link to the GIT-repo:
https://github.com/domi007/SpireProxy

If you have a nice Linux server and access to an iPhone 4S I would encourage you to run a SpireProxy server and make some money. The good part of it is that it doesn’t require any interaction (none from the 4S user and none from the 4 user) and it lets you use the internet and Siri all together.

If you need an awesome VPS-host which is compatible with SpireProxy, check out http://www.host1plus.com/vps-hosting/
I use them too, and for the first month they only charge you with 0.13 USD (=13 cents) which is I guess a nice price. Also they give you VNC-access so it is easy to run multiple programs and let them running (starting something via VNC and then closing the VNC connection doesn’t make it terminate the process – a lot easier then using nohup ssh).

SiriServer – polished and done

So I have really been working my @ss off to get this done as fast as possible, and now here it is: a SiriProxy server program which you can install on a cheap VPS or your own server and let it go! It does everything automatically: reads the key from a 4S every time it changes, and uses it when a 4, 3GS or iPod touch 4G makes a request

It uses this stuff:
-metasploit fakeDNS server – enhanced version by Wesley McGrew, modified to work with the latest Metasploit,
http://www.mcgrewsecurity.com/2008/08/04/man-in-the-middle-fake-dns-for-metasploit/

-Applidium’s Cracking Siri files, especially: eventmachineGuzzoni.rb (modified of course)

-StanTheRipper’s SiriAuth (modified a little bit)

How does it work?
Well, first we need to install our root certificate on the 4S, then set it up to use our DNS server. The big advantagr of McGrew’s fakeDNS server is that it passes through every request to a realDNS-server and alters only the requests you want, which means you can still use the 4S for everything (browse the web, check emails) because it does get valid DNS responses from our fakeDNS server.
Of course Siri wouldn’t work yet.
But I have found this awesome file called eventmachineGuzzoni.rb amongst Applidium’s Cracking-Siri files and it is good for one thing: get data from a 4S and pass it directly to Apple’s server.
I just needed to alter it a little bit so it interprets parts of the data before sending it to Apple, so I will be able to get the session validation key before talking to Apple.
So right now we have a setup that doesn’t change anything in the life of the 4S user but still gives us 4S keys to use.
Next I needed to alter the SiriAuth file to read the session validation data from the file my eventmachineGuzzoni server created. Once this was done my server-platform was ready.
To achieve the goal (no maintenance at all) I changed the SiriAuth’s port to something different than 443 so both eventMachineGuzzoni and SiriAuth can run on the same machine.
After a 4S makes a request the program reads the key and compares it with the stored one. If they match it doesn’t do anything, if they don’t match it writes out the captured 4S key to the file.
SiriAuth reads this file every time a request is made from a non-4S device, making it possible to always use the latest key without the need to change the server or restart anything.
It was a fun project to do, maybe I will add one more feature I miss: if the 4S key you use expires than I might send back Siri a response, so she will say: “your key has been expired, please get a new one to use Siri” or something like that.

If anybody needs the modified server files please leave a comment below and I will upload it somewhere for you.

DOMy