Fun Forum™ | BinaryChat gets teh action

Author	Message	Time
Spht	Happened to be tracing UDP traffic, and this was sent to one of my BinaryChat instances: [pre]UDP :Source Port: 3026, Destination Port: 1026 Length: 317, CheckSum: 0xA82D DATA:00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 01 00-00 00 00 00 00 00 00 00 ................ FF FF FF FF 00 00 00 00-00 00 05 00 00 00 00 00 яяяя............ 00 00 05 00 00 00 00 00-00 00 00 00 00 00 05 00 ......Lisa...... 00 00 00 00 00 00 05 00-00 00 48 65 79 20 00 00 ..........Hey .. 00 00 B1 00 00 00 00 00-00 00 B1 00 00 00 48 69 ..±.......±...Hi 20 74 68 65 72 65 20 73-77 65 65 74 69 65 2C 0D there sweetie,. 0A 20 0D 0A 68 61 76 65-20 79 6F 75 20 73 65 65 . ..have you see 6E 20 6D 79 20 61 77 65-73 6F 6D 65 20 6E 65 77 n my awesome new 20 68 6F 6D 65 70 61 67-65 20 79 65 74 3F 0D 0A homepage yet?.. 0D 0A 69 20 68 61 76 65-20 66 6F 75 6E 64 20 61 ..i have found a 6C 6C 20 6F 66 20 74 68-65 20 66 72 65 65 20 70 ll of the free p 6F 72 6E 20 6F 6E 20 74-68 65 20 6E 65 74 20 66 orn on the net f 6F 72 20 79 6F 75 0D 0A-0D 0A 43 75 6D 20 53 65 or you....Cum Se 65 20 20 20 20 20 20 57-57 57 2E 32 53 45 58 45 e WWW.2SEXE 2E 43 4F 4D 0D 0A 0D 0A-4C 49 53 41 20 58 58 58 .COM....LISA XXX 58 58 58 58 58 58 58 58-58 58 58 58 58 58 00 XXXXXXXXXXXXXX.[/pre] You bad boy, BinaryChat. Meow.	March 31, 2004, 11:33 PM
Newby	It's gonna go BinaryPorning 8)	April 1, 2004, 12:42 AM
iago	Is that a protocol for an IM'er or something?	April 1, 2004, 12:54 AM
Myndfyr	[quote author=iago link=board=4;threadid=6100;start=0#msg52929 date=1080780845] Is that a protocol for an IM'er or something? [/quote] I would guess that's the windows Messenger service that makes those annoying popups pop up. Either that, or Yoni/Skywing wrote a new .bcp plugin for Binary Chat.... :P [edit] That's what the new protocol version is for :P [/edit]	April 1, 2004, 1:11 AM
Spht	Others that appeared afterwards: [pre] 00 00 10 00 00 00 53 50-59 57 41 52 45 20 43 48 ......SPYWARE CH 45 43 4B 45 52 00 10 00-00 00 00 00 00 00 10 00 ECKER........... 00 00 55 53 45 52 00 00-00 00 00 00 00 00 00 00 ..USER.......... 00 00 A1 02 00 00 00 00-00 00 A1 02 00 00 44 6F ..Ў.......Ў...Do 20 79 6F 75 20 6B 6E 6F-77 20 69 66 20 79 6F 75 you know if you 72 20 63 6F 6D 70 75 74-65 72 20 69 73 20 69 6E r computer is in 66 65 63 74 65 64 20 77-69 74 68 20 53 70 79 77 fected with Spyw 61 72 65 3F 0D 0A 0D 0A-53 70 79 77 61 72 65 20 are?....Spyware 61 72 65 20 70 72 6F 67-72 61 6D 73 20 74 68 61 are programs tha 74 20 68 69 64 65 20 6F-6E 20 79 6F 75 72 20 63 t hide on your c 6F 6D 70 75 74 65 72 20-61 6E 64 20 61 72 65 20 omputer and are 6B 6E 6F 77 6E 20 74 6F-20 73 74 65 61 6C 20 69 known to steal i 6E 66 6F 72 6D 61 74 69-6F 6E 20 73 75 63 68 20 nformation such 61 73 0D 0A 63 72 65 64-69 74 20 63 61 72 64 20 as..credit card 6E 75 6D 62 65 72 73 2C-20 65 2D 6D 61 69 6C 20 numbers, e-mail 61 64 64 72 65 73 73 65-73 2C 20 79 6F 75 72 20 addresses, your 73 75 72 66 69 6E 67 20-68 61 62 69 74 73 20 61 surfing habits a 6E 64 20 6D 6F 72 65 2E-0D 0A 0D 0A 41 6E 64 20 nd more.....And 79 6F 75 72 20 61 6E 74-69 2D 76 69 72 75 73 20 your anti-virus 6F 72 20 66 69 72 65 77-61 6C 6C 20 73 6F 66 74 or firewall soft 77 61 72 65 20 63 61 6E-27 74 20 73 74 6F 70 20 ware can't stop 69 74 2E 0D 0A 0D 0A 49-66 20 79 6F 75 20 61 72 it.....If you ar 65 20 6E 6F 74 20 31 30-30 25 20 70 6F 73 69 74 e not 100% posit 69 76 65 20 74 68 61 74-20 79 6F 75 72 20 63 6F ive that your co 6D 70 75 74 65 72 20 69-73 20 63 6C 65 61 6E 2C mputer is clean, 20 77 65 20 72 65 63 6F-6D 6D 65 6E 64 20 79 6F we recommend yo 75 20 63 68 65 63 6B 20-69 74 20 66 6F 72 20 53 u check it for S 70 79 77 61 72 65 2E 0D-0A 0D 0A 54 79 70 65 20 pyware.....Type 74 68 69 73 20 61 64 64-72 65 73 73 20 69 6E 20 this address in 79 6F 75 72 20 77 65 62-20 62 72 6F 77 73 65 72 your web browser 20 66 6F 72 20 6D 6F 72-65 20 69 6E 66 6F 72 6D for more inform 61 74 69 6F 6E 3A 0D 0A-0D 0A 20 20 20 20 20 77 ation:.... w 77 77 2E 73 70 77 33 63-2E 63 6F 6D 0D 0A 0D 0A ww.spw3c.com.... 4E 4F 54 45 3A 20 50 72-65 73 73 69 6E 67 20 4F NOTE: Pressing O 4B 20 77 69 6C 6C 20 6E-6F 74 20 74 61 6B 65 20 K will not take 79 6F 75 20 74 6F 20 77-77 77 2E 73 70 77 33 63 you to www.spw3c 2E 63 6F 6D 0D 0A 50 6C-65 61 73 65 20 77 72 69 .com..Please wri 74 65 20 64 6F 77 6E 20-77 77 77 2E 73 70 77 33 te down www.spw3 63 2E 63 6F 6D 20 61 6E-64 20 74 68 65 6E 20 74 c.com and then t 79 70 65 20 69 74 20 69-6E 20 79 6F 75 72 20 77 ype it in your w 65 62 20 62 72 6F 77 73-65 72 0D 0A 0D 0A 20 20 eb browser.... 20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20 20 77 77 77 2E 73 70 77-33 63 2E 63 6F 6D 00 www.spw3c.com.[/pre] [pre] 00 00 0E 00 00 00 4B 61-72 65 6E 20 43 61 6D 67 ......Karen Camg 69 72 6C 00 00 00 0E 00-00 00 00 00 00 00 0E 00 irl............. 00 00 48 65 79 20 73 65-78 79 00 00 00 00 00 00 ..Hey sexy...... 00 00 2A 01 00 00 00 00-00 00 2A 01 00 00 0D 0A .............. 2A 2A 2A 2A 2A 20 46 52-45 45 20 57 65 62 63 61 *** FREE Webca 6D 20 47 69 72 6C 20 41-63 63 65 73 73 20 66 6F m Girl Access fo 72 20 4C 49 46 45 20 2A-2A 2A 2A 2A 0D 0A 0D 0A r LIFE ***.... 57 65 20 61 72 65 20 47-49 56 49 4E 47 20 41 57 We are GIVING AW 41 59 20 31 30 2C 30 30-30 20 46 72 65 65 20 57 AY 10,000 Free W 45 42 43 41 4D 20 50 61-73 73 65 73 20 54 6F 64 EBCAM Passes Tod 61 79 2E 0D 0A 0D 0A 4E-4F 20 52 45 43 55 52 52 ay.....NO RECURR 49 4E 47 20 43 48 41 52-47 45 53 2E 0D 0A 4E 4F ING CHARGES...NO 20 53 49 47 4E 55 50 20-43 48 41 52 47 45 53 2E SIGNUP CHARGES. 0D 0A 54 68 69 73 20 69-73 20 61 20 31 30 30 25 ..This is a 100% 20 46 52 45 45 20 4C 69-66 65 74 69 6D 65 20 4D FREE Lifetime M 65 6D 62 65 72 73 68 69-70 2E 0D 0A 0D 0A 54 61 embership.....Ta 6C 6B 20 77 69 74 68 20-6D 65 2C 20 4B 61 72 65 lk with me, Kare 6E 2C 20 6F 72 20 61 6E-79 20 6F 66 20 74 68 65 n, or any of the 20 6F 74 68 65 72 20 32-30 30 30 20 57 65 62 63 other 2000 Webc 61 6D 20 47 69 72 6C 73-21 0D 0A 0D 0A 43 75 6D am Girls!....Cum 20 67 65 74 20 75 73 2E-0D 0A 57 57 57 2E 46 52 get us...WWW.FR 45 45 50 41 53 53 45 53-54 4F 44 41 59 2E 43 4F EEPASSESTODAY.CO 4D 0D 0A 0D 0A 0D 0A 00- M.......[/pre] Most likely infected systems sending messages to a range of IPs, to a service I don't have running.	April 1, 2004, 5:19 AM

Others that appeared afterwards:

[pre] 00 00 10 00 00 00 53 50-59 57 41 52 45 20 43 48 ......SPYWARE CH
45 43 4B 45 52 00 10 00-00 00 00 00 00 00 10 00 ECKER...........
00 00 55 53 45 52 00 00-00 00 00 00 00 00 00 00 ..USER..........
00 00 A1 02 00 00 00 00-00 00 A1 02 00 00 44 6F ..Ў.......Ў...Do
20 79 6F 75 20 6B 6E 6F-77 20 69 66 20 79 6F 75 you know if you
72 20 63 6F 6D 70 75 74-65 72 20 69 73 20 69 6E r computer is in
66 65 63 74 65 64 20 77-69 74 68 20 53 70 79 77 fected with Spyw
61 72 65 3F 0D 0A 0D 0A-53 70 79 77 61 72 65 20 are?....Spyware
61 72 65 20 70 72 6F 67-72 61 6D 73 20 74 68 61 are programs tha
74 20 68 69 64 65 20 6F-6E 20 79 6F 75 72 20 63 t hide on your c
6F 6D 70 75 74 65 72 20-61 6E 64 20 61 72 65 20 omputer and are
6B 6E 6F 77 6E 20 74 6F-20 73 74 65 61 6C 20 69 known to steal i
6E 66 6F 72 6D 61 74 69-6F 6E 20 73 75 63 68 20 nformation such
61 73 0D 0A 63 72 65 64-69 74 20 63 61 72 64 20 as..credit card
6E 75 6D 62 65 72 73 2C-20 65 2D 6D 61 69 6C 20 numbers, e-mail
61 64 64 72 65 73 73 65-73 2C 20 79 6F 75 72 20 addresses, your
73 75 72 66 69 6E 67 20-68 61 62 69 74 73 20 61 surfing habits a
6E 64 20 6D 6F 72 65 2E-0D 0A 0D 0A 41 6E 64 20 nd more.....And
79 6F 75 72 20 61 6E 74-69 2D 76 69 72 75 73 20 your anti-virus
6F 72 20 66 69 72 65 77-61 6C 6C 20 73 6F 66 74 or firewall soft
77 61 72 65 20 63 61 6E-27 74 20 73 74 6F 70 20 ware can't stop
69 74 2E 0D 0A 0D 0A 49-66 20 79 6F 75 20 61 72 it.....If you ar
65 20 6E 6F 74 20 31 30-30 25 20 70 6F 73 69 74 e not 100% posit
69 76 65 20 74 68 61 74-20 79 6F 75 72 20 63 6F ive that your co
6D 70 75 74 65 72 20 69-73 20 63 6C 65 61 6E 2C mputer is clean,
20 77 65 20 72 65 63 6F-6D 6D 65 6E 64 20 79 6F we recommend yo
75 20 63 68 65 63 6B 20-69 74 20 66 6F 72 20 53 u check it for S
70 79 77 61 72 65 2E 0D-0A 0D 0A 54 79 70 65 20 pyware.....Type
74 68 69 73 20 61 64 64-72 65 73 73 20 69 6E 20 this address in
79 6F 75 72 20 77 65 62-20 62 72 6F 77 73 65 72 your web browser
20 66 6F 72 20 6D 6F 72-65 20 69 6E 66 6F 72 6D for more inform
61 74 69 6F 6E 3A 0D 0A-0D 0A 20 20 20 20 20 77 ation:.... w
77 77 2E 73 70 77 33 63-2E 63 6F 6D 0D 0A 0D 0A ww.spw3c.com....
4E 4F 54 45 3A 20 50 72-65 73 73 69 6E 67 20 4F NOTE: Pressing O
4B 20 77 69 6C 6C 20 6E-6F 74 20 74 61 6B 65 20 K will not take
79 6F 75 20 74 6F 20 77-77 77 2E 73 70 77 33 63 you to www.spw3c
2E 63 6F 6D 0D 0A 50 6C-65 61 73 65 20 77 72 69 .com..Please wri
74 65 20 64 6F 77 6E 20-77 77 77 2E 73 70 77 33 te down www.spw3
63 2E 63 6F 6D 20 61 6E-64 20 74 68 65 6E 20 74 c.com and then t
79 70 65 20 69 74 20 69-6E 20 79 6F 75 72 20 77 ype it in your w
65 62 20 62 72 6F 77 73-65 72 0D 0A 0D 0A 20 20 eb browser....
20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20
20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20
20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20
20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20
20 77 77 77 2E 73 70 77-33 63 2E 63 6F 6D 00 www.spw3c.com.[/pre]

[pre] 00 00 0E 00 00 00 4B 61-72 65 6E 20 43 61 6D 67 ......Karen Camg
69 72 6C 00 00 00 0E 00-00 00 00 00 00 00 0E 00 irl.............
00 00 48 65 79 20 73 65-78 79 00 00 00 00 00 00 ..Hey sexy......
00 00 2A 01 00 00 00 00-00 00 2A 01 00 00 0D 0A ..*.......*.....
2A 2A 2A 2A 2A 20 46 52-45 45 20 57 65 62 63 61 ***** FREE Webca
6D 20 47 69 72 6C 20 41-63 63 65 73 73 20 66 6F m Girl Access fo
72 20 4C 49 46 45 20 2A-2A 2A 2A 2A 0D 0A 0D 0A r LIFE *****....
57 65 20 61 72 65 20 47-49 56 49 4E 47 20 41 57 We are GIVING AW
41 59 20 31 30 2C 30 30-30 20 46 72 65 65 20 57 AY 10,000 Free W
45 42 43 41 4D 20 50 61-73 73 65 73 20 54 6F 64 EBCAM Passes Tod
61 79 2E 0D 0A 0D 0A 4E-4F 20 52 45 43 55 52 52 ay.....NO RECURR
49 4E 47 20 43 48 41 52-47 45 53 2E 0D 0A 4E 4F ING CHARGES...NO
20 53 49 47 4E 55 50 20-43 48 41 52 47 45 53 2E SIGNUP CHARGES.
0D 0A 54 68 69 73 20 69-73 20 61 20 31 30 30 25 ..This is a 100%
20 46 52 45 45 20 4C 69-66 65 74 69 6D 65 20 4D FREE Lifetime M
65 6D 62 65 72 73 68 69-70 2E 0D 0A 0D 0A 54 61 embership.....Ta
6C 6B 20 77 69 74 68 20-6D 65 2C 20 4B 61 72 65 lk with me, Kare
6E 2C 20 6F 72 20 61 6E-79 20 6F 66 20 74 68 65 n, or any of the
20 6F 74 68 65 72 20 32-30 30 30 20 57 65 62 63 other 2000 Webc
61 6D 20 47 69 72 6C 73-21 0D 0A 0D 0A 43 75 6D am Girls!....Cum
20 67 65 74 20 75 73 2E-0D 0A 57 57 57 2E 46 52 get us...WWW.FR
45 45 50 41 53 53 45 53-54 4F 44 41 59 2E 43 4F EEPASSESTODAY.CO
4D 0D 0A 0D 0A 0D 0A 00- M.......[/pre]

Most likely infected systems sending messages to a range of IPs, to a service I don't have running.

Valhalla Legends Forums Archive | Fun Forum™ | BinaryChat gets teh action