Vordar Posted April 4, 2017 Share Posted April 4, 2017 I'm trying to vandalize and/or shut down a large scam site called ogtrk.net, which has been used to take over many of my friends' social media accounts and spread spam. I found that they use cPanel: http://ogtrk.net:2082. Can someone point me to a good tutorial about brute-forcing a password through Kali Linux (or any other tool)? Thanks! Quote Link to comment Share on other sites More sharing options...
wolstech Posted April 4, 2017 Share Posted April 4, 2017 We don't endorse this type of behavior, not to mention it's illegal. Please report them to the relevant hosting company and registrar abuse addresses. 1 Quote Link to comment Share on other sites More sharing options...
Krydos Posted April 5, 2017 Share Posted April 5, 2017 Bruteforcing a password is illegal unless you are bruteforcing your own password, or you have permission from the account holder. The first step to take is checking the whois of the domain https://who.is/whois/ogtrk.net As you can see they have things locked down as tight as they can to prevent anyone from finding out who they are Registrant Contact Information: NameWHOISGUARD PROTECTED OrganizationWHOISGUARD, INC. AddressP.O. BOX 0823-03411 CityPANAMA State / ProvincePANAMA Postal Code00000 CountryPA Phone+507.8365503 Fax+51.17057182You can try calling that number or contacting them, but since the address is Panama I wouldn't bother with it too much. A lot of countries that aren't US, Canada, Australia, England, Germany, etc don't really care about illegal activity like this and would probably ignore you or stall indefinitely. Cloudflare is different. https://www.crunchbase.com/organization/cloudflare#/entity They operate out of San Francisco, California, USA so you're likely to get a much faster response from them. Fill out their abuse form https://www.cloudflare.com/abuse/ and then ogtrk.net will at least not be able to hide behind cloudflares nameservers anymore. Once they use their actual hosting companies nameservers contact that hosting company, and the company who owns the IP that they are using and work your way up the chain until you get a hold of someone who cares, and you can maybe get their IP nullrouted. Anyways, I'm going to unlock this thread if you have any follow up questions on how to accomplish your ends legally. Quote Link to comment Share on other sites More sharing options...
wolstech Posted April 6, 2017 Share Posted April 6, 2017 @krydos: All domains with whoisguard appear to be in panama. I have the same exact contact info on my domains. The email addresses listed (if they're listed, its optional, i don't see them here) are aliases that forward to the registrant. I've received emails from them before...they're noticeable because they have a banner at the top advising you that your email address may be revealed if you reply. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.