Are You In Favor Of Being Hacked?

[holyangel]

I have been doing alot of research lately... on most fansub group and their distro system, and it seems that almost all groups uses hacked distro, I won;t mention out their names though, and I have nothing againist rooted bots btw.. just curious....

Also, about more then 60% of new fansub groups that sprung out of lately has rooted or rather hacked bots as their distro. Commonly refered to as XDCC Bots...
However, no one is taking actions... IRC server says that no hacking script or dangerous stuff blah blah u know should be there, or some bad thing will happen to the user. However we all know that XDCC Bots are mostly hacked, and yet these servers allow them to stay on and let those bots scan and root more bots and more and more.

And so now my question is, Is rooted bots really so damn unnoticeable or has it become a everyday's item? And then again, how would you like seeing yourself in IRC serving when u happen to join your favourite's anime fansub group channel in the future?

[Banisher]

Both of them : they are very common, and it is not always that easy to make the distinction between hacked bots and legits ones. Most people don't care about the bot being hacked or not, as long as it provides lots of bandwidth. For myself, I find it funny that some groups brag about their respect of licences and stuff, and at the same time don't hesitate to break into someone else computer for the sake of distroing.

But the thing that pisses me off the most is people thinking "xdcc = hacked" and "xdcc = goddamn high speed". Damn, get a clue, xdcc is nothing else than offering file with the pack system.

[Wucherkater]

Ok I think there are many hacked Bots around and often these Bots are fast but when they have good speed these Bots are not very stable .

But nevertheless their are Groups and I think it is the majority of Fansub Groups who have legal Bots of people with fast or slow connections who like the work of a Fansub Group and want to support them.

For example I am running a xdcc server with only 17 kb/s on my box, it is slow, but a legal distro

[bayoab]

Quote:

Originally Posted by holyangel

Also, about more then 60% of new fansub groups that sprung out of lately has rooted or rather hacked bots as their distro. Commonly refered to as XDCC Bots...

No, its just iroffer is so easy to run silently that it makes it the program of choice to use. XDCC bot != hacked/rooted. You can have hack a computer to serve through any medium via any method. (Well...basically...)

Quote:

However we all know that XDCC Bots are mostly hacked, and yet these servers allow them to stay on and let those bots scan and root more bots and more and more.

Uh, at this time, yes, this is true. Back when iroffer was first being used by fansub groups, most of the people were knowingly putting it on computers. (Whether that computer was theirs or not was another story, but they were not illegally accessing it.) And the majority of bots that are hacked for serving do not come with intrusion/attack kits. The rooter does not want others to have access to his kit.

Quote:

And so now my question is, Is rooted bots really so damn unnoticeable or has it become a everyday's item? And then again, how would you like seeing yourself in IRC serving when u happen to join your favourite's anime fansub group channel in the future?

No, just most dont really care or make a big deal out of it. They are usually quite obvious in some way or another.

[gravitation]

im sorry if it sounds dumb but can someone explain this to me lol soz ^_^ >_<

[Shii]

Quote:

Originally Posted by holyangel

Also, about more then 60% of new fansub groups that sprung out of lately has rooted or rather hacked bots as their distro. Commonly refered to as XDCC Bots...

Woah, I've stepped out of reality and into adequacy.org.

Quote:

im sorry if it sounds dumb but can someone explain this to me lol soz ^_^ >_<

The OP is making stuff up about people getting hacked to serve anime.

[AnimeFangirl]

I think he's referring to the discussion in this thread here: http://forums.animesuki.com/showthread.php?t=1167

It makes good reading, especially for people like me who had absolutely no clue that many of those yummy XDCC bots were actually illegal. -_-

[Forse]

Hmm...first of all you need to be a real "#"#¤"¤ not to see that something is eating all your bandwidth. Second...most bots I've seen are legal. Most xdcc bots run iroffer or one of it mods from UNIX-like shell account which is legal as long as it's yours and u have permission for that (which u do if you pay for it).

Iroffer is perfect weapon for hack distro since u can make it to run as service (that way it will always be on even if u logout) and it can be fully administrated via DCC chat session. Here are some tips for Windows users to see if they have iroffer based xdcc bots on them. First close all irc related apps (bots, fservs, mirc...etc) now go to command prompt and issue command netstat -a now see if u have anything like this

Quote:

TCP bart:2348 216.152.67.21:6667 ESTABLISHED

Just see if your computer is connected to some IP/Host on port 6667-6669 using TCP. If you found something then it's now time to hunt down the abusers and make them pay Lunch your firewall and open stats windows (most firewalls in windows have windows where you can see what exe is connected to what port and where) and search for program that uses port 6667-6669 and DON'T kill it. Now it's time to see from where is it started and to find it config file to know on what channel it sits. Go to Control Panel-->Administrative tools-->Services and go through every service and see if there is that exe (from firewall window). If you found it there then disable it and see if any parameters were passed to it like this: "C:\WINDOWS\System32\something.exe -b something".

If you didn't find it there then search for that exe in registry and you'll probably find it there.

Now search that file that was passed as paramenter (in my example it's "something") and open it in notepad and search for line similar to this:

Quote:

server irc.mircx.com 9000

now you know what IRC server it connects to. Now search line similar to this:

Quote:

channel #something

Now you know on what channels it sits. Now time to find out what nick they use for your bot, search line similar to this

Quote:

user_nick A-B|Kaminari

(note that lines starting with #are just comments so search lines that don't have # in beginning) Now we need to know who is admin of your hacked bot...search line similar to this:

Quote:

adminhost Forse!artem@goldenrain.net

Sometimes it doesn't work coz they specify *!*@*, but it's ok.

Now join channel that ur bot sits on (REMEMBER not to KILL the bot) and try to do it from different IP then your own. After u're in chan do /msg nick_of_your_bot xdcc list and see what it offers and record output to notepad. Now see on channel is some1 mentions your bot...and also see who's admin of it.. (it can be also in config file on adminhost line and sometimes they're so stupid that asking "WOW that bot is nice...who's is it?" will do the trick). Just be creative and you'll know who's admin (there are better ways but they're harder for newbies). Then file a report on all what u have found and also logs from xdcc bot and channel itself also the config file for irforrer to IRCops (see /motd to get contact info for IRCops) and usually after a while that person will get Kline also now remember to kill the bot Now find out who's his ISP and file a report there too to get him a warning

P.S. This is only for iroffer based xdcc bots that are used as hack distro. Sorry that I couldn't include more info and details...it would just take too long. This should give you the idea atleast how to fight hack distro. Also sorry for my spelling

[bayoab]

Quote:

Originally Posted by Forse

Hmm...first of all you need to be a real "#"#¤"¤ not to see that something is eating all your bandwidth. Second...most bots I've seen are legal. Most xdcc bots run iroffer or one of it mods from UNIX-like shell account which is legal as long as it's yours and u have permission for that (which u do if you pay for it).
........etc etc

a) Most ircops dont give a damn. They usually dont care unless they are attack/intrusion bots (aka "hacked bot net").
b) Most bots currently are "hijacked". Some student goes to said company or school and installs a kit manually on random public computer.
c) If you are on a edu, most users wont notice, its up to the net admin to notice. And then "its not always easy to figure out who is chatting and who is hacked"

[Forse]

Quote:

Originally Posted by bayoab

a) Most ircops dont give a damn. They usually dont care unless they are attack/intrusion bots (aka "hacked bot net").

I disagree on that one...it all depends on network.

[NenMaster]

Quote:

Originally Posted by Forse

Hmm...first of all you need to be a real "#"#¤"¤ not to see that something is eating all your bandwidth. Second...most bots I've seen are legal. Most xdcc bots run iroffer or one of it mods from UNIX-like shell account which is legal as long as it's yours and u have permission for that (which u do if you pay for it).

Iroffer is perfect weapon for hack distro since u can make it to run as service (that way it will always be on even if u logout) and it can be fully administrated via DCC chat session. Here are some tips for Windows users to see if they have iroffer based xdcc bots on them. First close all irc related apps (bots, fservs, mirc...etc) now go to command prompt and issue command netstat -a now see if u have anything like this

Just see if your computer is connected to some IP/Host on port 6667-6669 using TCP. If you found something then it's now time to hunt down the abusers and make them pay Lunch your firewall and open stats windows (most firewalls in windows have windows where you can see what exe is connected to what port and where) and search for program that uses port 6667-6669 and DON'T kill it. Now it's time to see from where is it started and to find it config file to know on what channel it sits. Go to Control Panel-->Administrative tools-->Services and go through every service and see if there is that exe (from firewall window). If you found it there then disable it and see if any parameters were passed to it like this: "C:\WINDOWS\System32\something.exe -b something".

If you didn't find it there then search for that exe in registry and you'll probably find it there.

Now search that file that was passed as paramenter (in my example it's "something") and open it in notepad and search for line similar to this:
now you know what IRC server it connects to. Now search line similar to this:
Now you know on what channels it sits. Now time to find out what nick they use for your bot, search line similar to this
(note that lines starting with #are just comments so search lines that don't have # in beginning) Now we need to know who is admin of your hacked bot...search line similar to this: Sometimes it doesn't work coz they specify *!*@*, but it's ok.

Now join channel that ur bot sits on (REMEMBER not to KILL the bot) and try to do it from different IP then your own. After u're in chan do /msg nick_of_your_bot xdcc list and see what it offers and record output to notepad. Now see on channel is some1 mentions your bot...and also see who's admin of it.. (it can be also in config file on adminhost line and sometimes they're so stupid that asking "WOW that bot is nice...who's is it?" will do the trick). Just be creative and you'll know who's admin (there are better ways but they're harder for newbies). Then file a report on all what u have found and also logs from xdcc bot and channel itself also the config file for irforrer to IRCops (see /motd to get contact info for IRCops) and usually after a while that person will get Kline also now remember to kill the bot Now find out who's his ISP and file a report there too to get him a warning

P.S. This is only for iroffer based xdcc bots that are used as hack distro. Sorry that I couldn't include more info and details...it would just take too long. This should give you the idea atleast how to fight hack distro. Also sorry for my spelling

i doubt they leave netstat alone, so easy to get ure ips etc

[JediNight]

MircX probably would do something about it, as well as ETG. Aniverse wouldn't do jack really, which is sad given the hardcore pure fansubber stance the owners of the network always had on EFnet back in the day. (Only rip and sub titles you physically own)

[Masuki]

My finger is a little stiff,it needs to be stretched.And my throat is itchy,cough cough*animejunkies*,aka cough*bandwidth bandit junkies*.

[Forse]

Quote:

Originally Posted by Masuki

My finger is a little stiff,it needs to be stretched.And my throat is itchy,cough cough*animejunkies*,aka cough*bandwidth bandit junkies*.

lol...what happened to you?

[Poemi]

hehe, yeah lotta kiddies on irc takes pride of being a "r00ter" and flock distro.
i saw this discussion and i had to sign up cuz talking about this on irc is retarded >.<

i personally run a bot and a ftp serving unlicensed stuff. i havent encounterd any legal issues YET, but who knows how long i can hold out (been doing this for the past year).

regarding unlicensed anime on "rooted" boxes, funny eh?
i even had someone in charge of distro saying that he was "forced" to root to distro the anime out to people, but he agrees w/ me that rooting is wrong. (anybody else find that funny?)

sys admins are part of this too. its their responsiblility to make sure their computers are safe and not doing stuff its not supposed to do. being a sys admin somewhat myself, most of these "rooted" stuff can be prevented with REALLY basic and elementary stuff (actually use a good admin password?), it almost serves them right.. ALMOST..

well, to those "rooters" (which i use so loosely cuz most of them are just script kiddies), be safe, dont get caught and sent to ass-fscking colony.

[Forse]

hehe...I run xdcc and ftp too Anyway I suggest using external firewall/router that way even if u get rooted they can't do much. Anime groups that use rooted distro are just sad...sad I tell you

[Zerox20]

Do these threads ever stop? Hacked bots are everywhere, its wrong to do it, however since most people don't care enough where that file comes from they download it and complain if that bot goes below their 500 KB download limit. Its sad what people have become nowadays. ^_^ but threads like this are pointless. Somebody bringing it up just causes flaming and other crap. This thread should be closed imo. Any group out there who doesn't have any hacked bots if were offered I would imagine would say yes. Its just one of those things, they exist people use them. Its illegal yes, is fansubbing illegal? yes. everything is illegal! yet we still do it. IF a group wants to pride themselves on paying for a server thats fine, more power to them. However once you break 1000 leechers in your channel, that server bill go sky high. There is no such thing as server packages with 'unlimited' bandwidth. Those deals basically mean this:

You have unlimited BW until we say your using too much.

hehe.

Just some thoughts, does not even need a response!

[complich8]

Quote:

Originally Posted by Zerox20

Do these threads ever stop?
...
Somebody bringing it up just causes flaming and other crap. This thread should be closed imo.

I agree.

Quote:

Any group out there who doesn't have any hacked bots if were offered I would imagine would say yes.

I disagree. Until you put the "break 1000 leechers" clause on there, then I mostly agree.

Quote:

However once you break 1000 leechers in your channel, that server bill go sky high.

He's right here too. I've done this cost breakdown in other threads on the same topic.

Until people as individuals have a good understanding of computer security and how it relates to their day to day lives, sysadmins stop being overworked or underskilled, and people lose their massive impatience, I don't see hacked distro bandwidth going away.

[Forse]

Quote:

Originally Posted by Zerox20

Any group out there who doesn't have any hacked bots if were offered I would imagine would say yes.

Not really. I think many ppl would gladly donate their bandwidth to help distro if asked.

[zalas]

Quote:

Originally Posted by Forse

Not really. I think many ppl would gladly donate their bandwidth to help distro if asked.

I know back in the day, all you had were fserves, and they worked fine. Granted, you had to be more patient to get your files, but that gets rid of a lot of leechers who are just downloading because it's convenient and not because they really want to see a show or actually respect a show.