TheShadowBrokers Monthly Dump Service – June 2017

From: https://steemit.com/shadowbrokers/@theshadowbrokers/theshadowbrokers-monthly-dump-service-june-2017

From: https://bit.surf:43110/theshadowbrokers.bit/post/june2017/


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Welcome to TheShadowBrokers Monthly Dump Service – June 2017

Q: How do I subscribe and get the next theshadowbrokers’ dump (June 2017)?

#1 - Between 06/01/2017 and 06/30/2017 send 100 ZEC (Zcash) to this z_address:

zcaWeZ9j4DdBfZXQgHpBkyauHBtYKF7LnZvaYc4p86G7jGnVUq14KSxsnGmUp7Kh1Pgivcew1qZ64iEeG6vobt8wV2siJiq

#2 – Include a “delivery email address” in the “encrypted memo field” when sending Zcash payment

#3 – If #1 and #2 then a confirmation email will be sent to the “delivery email address” provided

#4 – Between 07/01/2017 and 07/17/2017 a “mass email” will be send to the “delivery email address” of all “confirmed subscribers” (#1, #2, #3)

#5 – The “mass email” will contain a link and a password for the June 2017 dump

Q: What is ZEC or Zcash?

Be looking it up. Zcash is making claiming bitcoin + privacy. TheShadowBrokers is not making endorsements of Zcash. Theoretically only party seeing payment info is theshadowbrokers and theshadowbrokers only seeing amount and encrypted memo field, no sending address.

Q: Is Zcash safe and reliable?

Fuck no! If you caring about loosing $20k+ Euro then not being for you. Monthly dump is being for high rollers, hackers, security companies, OEMs, and governments. Playing “the game” is involving risks. Zcash is having connections to USG (DARPA, DOD, John Hopkins) and Israel. Why USG is “sponsoring” privacy version of bitcoin? Who the fuck is knowing? In defense, TOR is originally being by similar parties. TheShadowBrokers not fully trusting TOR either. Maybe USG is needing to be sending money outside from banking systems? If USG is hacking and watching banking systems (SWIFT) then adversaries is also hacking and watching banking systems. Maybe is for sending money to deep cover foreign assets? Maybe is being trojan horse with cryptographic flaw or weakness only NSA can exploit? Maybe is not being for money? Maybe is being for Zk-SNARKs research? Maybe fuck it, lets be finding out. This month theshadowbrokers using Zcash. If being not good, then maybe theshadowbrokers doing different for July?

Q: What is going to be in the next dump?

TheShadowBrokers is not deciding yet. Something of value to someone. See theshadowbrokers’ previous posts. The time for “I’ll show you mine if you show me yours first” is being over. Peoples is seeing what happenings when theshadowbrokers is showing theshadowbrokers’ first. This is being wrong question. Question to be asking “Can my organization afford not to be first to get access to theshadowbrokers dumps?”

Act quickly is good chance Zcash price increasing over time
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJZJ6CSAAoJEAQSTyzLXAwb3SUQAKE/vhp/72n0ykVvlBC9F/sY
hnlXfTqU6sClsL10xjuxgHnjgetnvhD79LRSXmsDqFS1M/sn5dvNwNqovLEi0uWi
7xZpedImrZEx/ZGQuGdlez19INHb4ulQa5VvakHFhN+ccZbFZjRMEGkNFYeAyxde
lHjd0xLCBzBkpd/WFT+aJOczltUy3o0Jyk1xUHa2BkpG23anXx0n1xehV65DL5BU
ODnA/do3sRbjQklvU6ASN9w/LKJYI+0OVqZKwlmr83djmhkWeoLXYbiRXfgK/eja
dHsrrnGu6OL7O0EBCezmR0/oSABp0YZzreCtZrqjGTGNQ/6LNRsu3ls4js7NVxrr
o7xuCEHbcul7JSfg9Stussg6Uc6x4VdUyqXy/aeBfMX/MK2nNvcPDPk9m9Hsm9Jr
vSYR3qkj4Rpz3Akf+C0ZV2II5WgFTMfg5igsXyggqh8vUI5LorNBd5tVj7vJaS6p
2IsSFUC1tr0yRMzzzxYjIJbyVYoIbePSZUirbHtgC1sn++DMuhj3aYx1lYqINhEj
bOZ3wGEMFifVjnV+dd244k+gWr6uMwDaeb1XOMWdoLw5boumsULRoimWK4yDuNdj
cjsV9qPUnideR41EdIras7bYRun3EFemHPgqII/NK8FalvDDbYcou41IZP5ZW9i1
7FvOejKT1njakqHWyB8D
=s3je
-----END PGP SIGNATURE-----

Signed message also at ZeroNet site theshadowbrokers.bit

https://bit.surf:43110/theshadowbrokers.bit/post/june2017

OH LORDY! Comey Wanna Cry Edition

From: https://steemit.com/shadowbrokers/@theshadowbrokers/oh-lordy-comey-wanna-cry-edition


Q. What is being difference between ransom and sale?

A. Sale is buy or no buy, no bad things happen if no buy. Ransom is buy or bad things happen to you. Yes?

TheShadowBrokers is feeling like being very responsible party about Windows dump. Do thepeoples be preferring theshadowbrokers dump windows in January or August? No warning, no time to patch? this is being theshadowbrokers version of alternative facts.

In August theshadowbrokers is telling thepeoples theequationgroup fails at security, theequationgroup is losing their data. Is telling thepeoples, theshadowbrokers is having equation group data, hacker tools for auctioning. Auctioning is sale, bid or no bid. Auction is not ransom. TheShadowBrokers is releasing theequationgroup 2013 firewall tools as proof and advertising. Only Zero-Day is old Cisco. All thepeoples laughing or not paying attention. No peoples is believing theshadowbrokers.

ThePeoples is asking "why not do X or Y or Z?" "Why auction?" TheShadowBrokers is not being interested in bug bounties, selling to cyber thugs, or giving to greedy corporate empires. TheShadowBrokers is taking pride in picking adversary equal to or better than selves, a worthy opponent. Is always being about theshadowbrokers vs theequationgroup.

But theequationgroup didn't bid in auction. The Five Eyes, Russia, China, Iran, Korea, Japan, Israel, Saudi, the UN, NATO, no government or countries didn't bid in auction. Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn't bid in auction.

In December theshadowbrokers canceling auction, offering direct sales, advertising list of warez with reasonable on website. No new Zero-Days.

But theequationgroup didn't buy back lost warez. The Five Eyes, Russia, China, Iran, Korea, Japan, Israel, Saudi, the UN, NATO, no government or countries didn't buy lost warez. Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn't buy lost warez. TheShadowBrokers was very very sad! Story is now sounding like silly children's' book. TheShadowBrokers is writing to audience reading level, thepeoples is having average reading level of 8th grade.

TheShadowBrokers is asking selves, selves why is no peoples making offer on theshadowbrokers equation group warez? Are thepeoples not understanding? No, theshadowbrokers canceling complex auction? Is thepeoples not wanting warez? No, much great interest in free warez. Is thepeoples not really caring about security and public safety? No, governments and corporations caring about thepeoples, yes? Do thepeoples thinking theshadowbrokers are scammers? Maybe, no peoples is buying because thinking theshadowbrokers are scammers and not having anymore theequationgroup data.

In January theshadowbrokers is deciding to show screenshots of lost theequationgroup 2013 Windows Ops Disk. TheShadowBrokers is knowing if showing screenshots, then vulnerabilities is being reported by theequationgroup to Microsoft and is being patched. TheShadowBrokers is goes dark and is watching. No new Zero-Days.

In February Microsoft is missing patch Tuesday. TheShadowBrokers is knowing, Microsoft is missing to be making patches for Eternal exploits. No new Zero-Days.

In March Microsoft is releasing patch for SMB vulnerabilities. TheShadowBrokers is knowing this is being for Eternal exploits. TheShadowBrokers is still waiting and not releasing. No new Zero-Days. Oracle is patching huge numbers of vulnerabilities but TheShadowBrokers is not caring enough to be look up exact dates.

In April, 90 days from theequationgroup show and tell, 30 days from Microsoft patch, theshadowbrokers dumps old Linux (auction file) and windows ops disks. Because why not? TheShadowBrokers is having many more where coming from? "75% of U.S. cyber arsenal" TheShadowBrokers dumped 2013 OddJob from ROCTOOLS and 2013 JEEPFLEAMARKET from /TARGETS. This is theshadowbrokers way of telling theequationgroup "all your bases are belong to us". TheShadowBrokers is not being interested in stealing grandmothers' retirement money. This is always being about theshadowbrokers vs theequationgroup.

Eternal exploits is not being ZeroDays. Is being gay to be using this term, but if being gay then correct terminology is being ThirtyDays because Microsoft patch was being available for 30 days before theshadowbrokers is releasing dump to public. Despite what scumbag Microsoft Lawyer is wanting the peoples to be believing Microsoft is being BFF with theequationgroup. Microsoft and theequationgroup is having very very large enterprise contracts millions or billions of USD each year. TheEquationGroup is having spies inside Microsoft and other U.S. technology companies. Unwitting HUMINT. TheEquationGroup is having former employees working in high up security jobs at U.S. Technology companies. Witting HUMINT. Russian, China, Iran, Israel intelligence all doing same at global tech companies. TheShadowBrokers is thinking Google Project Zero is having some former TheEquationGroup member. Project Zero recently releasing "Wormable Zero-Day" Microsoft patching in record time, knowing it was coming? coincidence?

If theshadowbrokers is telling thepeoples theequationgroup is paying U.S technology companies NOT TO PATCH vulnerabilities until public discovery, is this being Fake News or Conspiracy Theory? Why Microsoft patching SMB vulnerabilities in secret? Microsoft is being embarrassed because theequationgroup is lying to Microsoft. TheEquationGroup is not telling Microsoft about SMB vulnerabilities, so Microsoft not preparing with quick fix patch. More important theequationgroup not paying Microsoft for holding vulnerability. Microsoft is thinking it knowing all the vulnerabilities TtheEquationGroup is using and paying for holding patch. Douche bag, dumbass, libtard, rich prick Head Microsoft Lawyer is running his cock holster because he is having ruff weekend doing real work. Head Microsoft Lawyer being angry because he is missing leisurely weekend playing the skin flute behind the country club. Real work is not being for executives. Real work is being for dirty foreign H1B workforce, happily working for less than stupid lazy American workers.

In May, No dumps, theshadowbrokers is eating popcorn and watching "Your Fired" and WannaCry. Is being very strange behavior for crimeware? Killswitch? Crimeware is caring about target country? The oracle is telling theshadowbrokers North Korea is being responsible for the global cyber attack Wanna Cry. Nukes and cyber attacks, America has to go to war, no other choices! (Sarcasm) No new ZeroDays.

In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.

TheShadowBrokers Monthly Data Dump could be being:

- web browser, router, handset exploits and tools

- select items from newer Ops Disks, including newer exploits for Windows 10

- compromised network data from more SWIFT providers and Central banks

- compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs

More details in June.

OR IF RESPONSIBLE PARTY IS BUYING ALL LOST DATA BEFORE IT IS BEING SOLD TO THEPEOPLES THEN THESHADOWBROKERS WILL HAVE NO MORE FINANCIAL INCENTIVES TO BE TAKING CONTINUED RISKS OF OPERATIONS AND WILL GO DARK PERMANENTLY YOU HAVING OUR PUBLIC BITCOIN ADDRESS

-TSB

Ubuntu Server + Caddy + Mediawiki

Ubuntu Server 16.04 + Caddy 0.10.2 + Mediawiki 1.28.2

For use on your private LAN (no LetsEncrypt).

sudo ufw limit 22/tcp && sudo ufw allow 80/tcp && sudo ufw allow out 22/tcp && sudo ufw allow out 25/tcp && sudo ufw allow out 53/udp && sudo ufw allow out 80/tcp && sudo ufw deny out to any && sudo ufw enable && sudo ufw status verbose
sudo vim /etc/apt/sources.list

Delete all lines, use these instead:

deb https://mirrors.wikimedia.org/ubuntu/ xenial main restricted universe multiverse
deb https://mirrors.wikimedia.org/ubuntu/ xenial-updates main restricted universe multiverse
deb https://mirrors.wikimedia.org/ubuntu/ xenial-backports main restricted universe multiverse
deb https://mirrors.wikimedia.org/ubuntu/ xenial-security main restricted universe multiverse
sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get dist-upgrade -y && sudo shutdown -r now
sudo apt-get install mysql-server
mysql -u root -p
CREATE DATABASE mediawiki_db DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

At the least, change the user and password:

GRANT ALL ON mediawiki_db.* TO 'mediawiki_user'@'localhost' IDENTIFIED BY 'mediawiki_pass';
FLUSH PRIVILEGES;
EXIT;
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update && sudo apt-get install php7.1-fpm php7.1-cli php-mysql php7.1-intl php7.1-curl php7.1-gd php7.1-mbstring php7.1-xml
curl https://getcaddy.com | bash && sudo chown root:root /usr/local/bin/caddy && sudo chmod 755 /usr/local/bin/caddy && sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy && sudo mkdir /etc/caddy && sudo chown -R root:www-data /etc/caddy && sudo mkdir /etc/ssl/caddy && sudo chown -R www-data:root /etc/ssl/caddy && sudo chmod 0770 /etc/ssl/caddy
sudo vim /etc/caddy/Caddyfile
*:80 {
        root /var/www/
        log stdout
        errors stderr

header / {
        Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'"
        Referrer-Policy "strict-origin, strict-origin-when-cross-origin"
        X-XSS-Protection "1; mode=block"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
        }

fastcgi / /var/run/php/php7.1-fpm.sock {
        ext .php
        split .php
        index index.php
        }

rewrite / {
        to {path} {path}/ /index.php?{query}
        }
}
sudo chown www-data:www-data /etc/caddy/Caddyfile && sudo chmod 444 /etc/caddy/Caddyfile && sudo mkdir /var/www && sudo chown -R www-data:www-data /var/www && sudo chmod -R 555 /var/www && cd /tmp && wget https://releases.wikimedia.org/mediawiki/1.28/mediawiki-1.28.2.tar.gz && tar -xvzf mediawiki-1.28.2.tar.gz && sudo mv mediawiki-1.28.2/* /var/www/ && sudo chown www-data:www-data -R /var/www/
cd ~ && wget https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service && sudo cp caddy.service /etc/systemd/system/ && sudo chown root:root /etc/systemd/system/caddy.service && sudo chmod 644 /etc/systemd/system/caddy.service && sudo systemctl daemon-reload && sudo systemctl enable caddy.service && sudo /usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp

Setup Mediawiki by navigating to the internal IP address of the server. Upon completion, download LocalSettings.php then paste its contents to:

sudo vim /var/www/LocalSettings.php

Restart the server:

sudo shutdown -r now

Caddy will automatically start and you can start using your wiki!

Secure Messenger Scorecard (May 2017)

This is a draft.

I’m starting my own Secure Messenger Scorecard based on the prior work of the Electronic Frontier Foundation.

I’ve created an editable Google Doc for further input and development.

Please scrutinize and contribute by Signaling me, emailing me or tweeting at me.

version one

version two

version three