Here skiddie skiddie... a collection of obviously fake "hacking tools" that bait skids into doxing themselves.

I have been strongly considering writing a small fb app today named something along the lines of "Hack your fb friends - for realz". Then add basic oauth (You have to login to pick the friend to hack duh), retrieve their friends list and then publicly post to their own timeline and the friends they chose humorously stating they attempted to hack the persons account "for realz". You know just enough to alert people that the "hacker" is a idiot with bad intentions but with just humour enough to fall under "satire" so fb doesn't remove it.

If your bored please feel free steal and implement my idea, it's hereby open sourced and I will even fund this shit on kickstarter 😂

We have a bruteforce?

[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /a
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /ac
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /acc
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /acco
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /accou
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /accoun
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /account
[30.01.19 11:26]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/lo
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/log
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/logi

No only a skiddie who try very hard

Earlier I signed up on this forum called NulledBB. Basically some hacker skiddie forum that had a dump of an archive I wanted, unfortunately behind a paywall which I didn't want to bother with.

On signup I noticed that I couldn't use my domain as an email address, as I usually do (the domain is a catch-all which means that mail addresses can be made up for each service I sign up to on the fly, super useful). They did expose the regex that they accepted email as however, which included something along the lines of "@live.*".

So I figured, why not register a subdomain live.nixmagic.com real quick and put that into the mail servers? Didn't take too long and that's what I eventually went with, and registered as somepissedoffsysop@live.nixmagic.com (which I have no trouble putting on a public forum as you'll see in a minute).

Still didn't manage to get that archive I wanted but I figured, fuck it. It's a throwaway account anyway. But eventually that email address started to receive spam. Stupid motherfucker of a forum operator with his Kali skidmachine probably leaked it.

Usually I just blacklist the email address in SpamAssassin by adding an additional spam score of 100 to email sent to such addresses. But in that case it didn't even sit on the main domain, thanks to that stupid regex block from earlier... 😏

*Logs into my domain admin panel*
*Le rm on the live.nixmagic.com record*

Null routed entirely.. nulled, if you will! 🙃

Either CloudFlare itself has decided to join the fun of attacking my DNS server, or somebody is just spoofing their IP in the UDP packets.
Crap, my ipset script is basically useless now, since the real source could be from anywhere :(

Any suggestions on what could I do to make this attack stop? It's not causing any real issues (at least for now), but it's still annoying as hell.
Get fucked, stupid skiddie who keeps manually changing the ip source in his script