Leaked line

dexyweescot

DW Regular ++
Joined
Jun 18, 2007
Messages
1,027
Reaction score
190
Location
Scottish Meat
So it seems my m3u line has been leaked online. Ive not posted it anywhere.

How can that be?
 

dexyweescot

DW Regular ++
Joined
Jun 18, 2007
Messages
1,027
Reaction score
190
Location
Scottish Meat
The line was leaked but not my own DNS. It was the provider DNS that was posted but my username and password. So im lost how thats happened.
 

turner brown

VIP Member
VIP Member
Joined
Oct 24, 2010
Messages
3,169
Reaction score
981
surely it would be providers dns as yours wouldn't work with line
 

monkeyMan3

DW Member +
Joined
Sep 22, 2010
Messages
234
Reaction score
85
Simple username and password? Could well be brute force against the server if so.
As for DNS I'm presuming yours and providers point to the same IP then?
 

hackmax

VIP Member
VIP Member
Joined
Feb 11, 2006
Messages
2,074
Reaction score
263
Location
given up.
or perhaps the server admin posted it himself (after banning it) as a way to blame you and get you to pay him more money for a replacement line?
 

shabbaranks

VIP Member
VIP Member
Joined
Jul 14, 2001
Messages
1,454
Reaction score
233
Location
Cornwall
The xtreme codes servers were hacked a while back - these servers running the software to provide the streams were compromised. Wouldn't surprise me if its a similar occurrence strange why its just one line though, what are you running it on?
 

dexyweescot

DW Regular ++
Joined
Jun 18, 2007
Messages
1,027
Reaction score
190
Location
Scottish Meat
Dragging this back up. Found a E2 box been hacked that was running with Suls plugin.

Line was posted online with that box's DNS. No ports were open. Anyone any idea how they would have got it in or sniffing the traffic?

I dont know enough of how Suls works to understand.

Anyone on here in the know?
 

Grimeire

VIP Member
VIP Member
Joined
Dec 3, 2012
Messages
996
Reaction score
429
Dragging this back up. Found a E2 box been hacked that was running with Suls plugin.

Line was posted online with that box's DNS. No ports were open. Anyone any idea how they would have got it in or sniffing the traffic?

I dont know enough of how Suls works to understand.

Anyone on here in the know?
They could of gotten access to another device on your network and used it as a jump box to the E2.

How do you know the E2 box was hacked?

are you running a NIDS or HIDS on your network and devices? Most of the traffic coming from E2 is unencrypted so they dont need access to your network to sniff the packets just a HOP on the way.

They could also get access to it if you install a plugin or some script that creates a connection back to a C&C or similar, they can use that connection to control your box without you having a port open.
 

Hippie

DW Member +
Joined
May 5, 2007
Messages
112
Reaction score
60
If the provider has a stalker portal, you can brute the MACs (and then find the user/pass)
You can brute the reseller portal - to create new accounts and see account details
Or you can brute the reseller or the provider to find active accounts (and banned and expired ones lol)
The same methods work for any user/pass websites at the moment so it's best not to use shit user/pass combos or reuse old ones incase they're on a list somewhere and get copy pasta'd into my their :) combo lists for the bruteforce tools.
Lots of ways tbh m8
 

alimac

VIP Member
VIP Member
Joined
Feb 21, 2013
Messages
7,025
Reaction score
5,484
brute force can open a lot does take time though
 

monkeyMan3

DW Member +
Joined
Sep 22, 2010
Messages
234
Reaction score
85
be good to know how this is done so I can prevent it.
Brute is done using software Hippie describes it above, common use software for this is Sentry (old now), Letsbruteit and Snipr (new kid on the block).
 

Hippie

DW Member +
Joined
May 5, 2007
Messages
112
Reaction score
60
Yep sentry, snipr, hitman, storm, letsbrutit... are all configurable brute forcers, then there's loads of scanners and checkers dedicated to individual sites or particular services like vpn or iptelly services too like panel taram, IPTV scanner, playlist scanner, panel ariyici ... there's loads of them.
You can set them up with proxy lists (or not) and lists of user:pass combos to cycle through and monitor the responses from millions of login attempts automatically so as I say ^^ don't reuse passwords that may already have been leaked and therefore on my a list already or any lazy generic shite like jon:jon, jon:jon1, jon:jon123, jon:123456 ..... cos they're on my oops I mean a list somewhere too :)
 

dexyweescot

DW Regular ++
Joined
Jun 18, 2007
Messages
1,027
Reaction score
190
Location
Scottish Meat
Yep sentry, snipr, hitman, storm, letsbrutit... are all configurable brute forcers, then there's loads of scanners and checkers dedicated to individual sites or particular services like vpn or iptelly services too like panel taram, IPTV scanner, playlist scanner, panel ariyici ... there's loads of them.
You can set them up with proxy lists (or not) and lists of user:pass combos to cycle through and monitor the responses from millions of login attempts automatically so as I say ^^ don't reuse passwords that may already have been leaked and therefore on my a list already or any lazy generic shite like jon:jon, jon:jon1, jon:jon123, jon:123456 ..... cos they're on my oops I mean a list somewhere too :)
Quality mate, thanks for the heads up ;)
 
TEST
Top