Return to Unfiction unforum
 a.r.g.b.b 
FAQ FAQ   Search Search 
 
Welcome!
New users, PLEASE read these forum guidelines. New posters, SEARCH before posting and read these rules before posting your killer new campaign. New players may also wish to peruse the ARG Player Tutorial.

All users must abide by the Terms of Service.
Website Restoration Project
This archiving project is a collaboration between Unfiction and Sean Stacey (SpaceBass), Brian Enigma (BrianEnigma), and Laura E. Hall (lehall) with
the Center for Immersive Arts.
Announcements
This is a static snapshot of the
Unfiction forums, as of
July 23, 2017.
This site is intended as an archive to chronicle the history of Alternate Reality Games.
  

The time now is Wed Nov 13, 2024 2:49 am
All times are UTC - 4 (DST in action)		 View posts in this forum since last visit
View unanswered posts in this forum
Calendar
 Forum index » Archive » Archive: General » Old News & Rumors
[TRAILHEAD?] meningrey.net
View previous topicView next topic
Page 1 of 2 [18 Posts]   Goto page: 1, 2 Next
Author Message
CatasTrope
Boot


Joined: 25 Mar 2010
Posts: 55

 		[TRAILHEAD?] meningrey.net
Hey guys, a link to http://www.meningrey.net was posted on 4chans /x/ board earlier. Just wanted to see what you guys made of it.

WARNING - This site purports to log various information on you, your ISP, IP range, location etc. It also (possibly) lists files being torrented by PC's in your IP range, I'm not torrenting anything at the moment so don't know if this is accurate, however /x/ didnt seem to think so. Basically if you have concerns about privacy this may not be for you. Any thoughts would be appreciated though.

Thanks in advance.

PostPosted: Tue Apr 27, 2010 1:57 pm
 View user's profile
 Back to top 
degravedi
Unfictologist


Joined: 17 Jan 2007
Posts: 1458
Location: New Orleans

 		Interesting, they mistakenly say that according to my ISP I'm from San Diego? However, it does indeed show a list of my public torrents anyway. The ones from private trackers don't show up.
Edit: I looked at the list again and not only were a number of the torrents I downloaded not there, but there were a bunch of torrents I've never downloaded either. Razz

There's a TorrentFreak article here: http://torrentfreak.com/the-mysterious-and-scary-bitorrent-monitoring-site-100427/ The end of it though seems to suggest that the site isn't really a threat:
Quote:
Having looked around this site and done quite a bit of research trying to find out who is behind it, TorrentFreak found some rather interesting links back to several individuals which leads us to go "Hmmmmm……". We won't reveal them here right now.
...
We'd also like to see if you find what we found (hint: it's not as scary at it looks).


And that video is both really frightening and really friggin cool! http://vimeo.com/10282858

PostPosted: Tue Apr 27, 2010 2:34 pm
 View user's profile AIM Address Yahoo Messenger MSN Messenger
 ICQ Number 
 Back to top 
Syke
Decorated


Joined: 28 Aug 2004
Posts: 258
Location: CA

 		im watching that video as we speak. on the site though. along with a bunch of other internet language and a "memo"

also there seems to be a console program similar to a cisco switch/router, or DOS prompt which I havent gone all the way through. Thats how I got to the video actually.

http://meningrey.net/%5C/home/mig/video/
_________________
-Syke (AKA Fazer)
NowPlaying:
NUNYA
Lurking...AlwaysLurking Shifty Eyes

PostPosted: Tue Apr 27, 2010 2:45 pm
 View user's profile AIM Address
 Back to top 
SkepticalOne
Boot

Joined: 27 Apr 2010
Posts: 19

 		Awesome.

What do you guys make of the remote audit console?
http://www.meningrey.net/%5c/home/mig/cli/

I only typed in help so far and it said:
"Refer to handbook H81: Introduction to the Bourne Shell"

Now I'm getting "Forbidden" errors.

Also, like you said degravedi, there are torrents on there that i'm not downloading, but if you click through it gives you the IP address of the person who is downloading that specific file. Going to have to figure out which of my neighbors is which....

This is cool if you know anything about IRC, http://meningrey.net/%5c/home/mig/monitor/chat/IRC/
But it also shows they're not as good as they make themselves out to be, they got kick/banned from every channel they're in and k-lined from one network.

This is odd: http://www.meningrey.net/%5C/home/officer156/_.......

Apparently they have their whole site with the directories accessible making it possible to get into almost anything.

PostPosted: Tue Apr 27, 2010 2:48 pm
 View user's profile
 Back to top 
Syke
Decorated


Joined: 28 Aug 2004
Posts: 258
Location: CA

 		any ideas on this?

http://www.meningrey.net/%5C/home/officer156/_.......

sorry just noticed you already posted it Razz
_________________
-Syke (AKA Fazer)
NowPlaying:
NUNYA
Lurking...AlwaysLurking Shifty Eyes

PostPosted: Tue Apr 27, 2010 3:12 pm
 View user's profile AIM Address
 Back to top 
SkepticalOne
Boot

Joined: 27 Apr 2010
Posts: 19
Syke wrote:
any ideas on this?

http://www.meningrey.net/%5C/home/officer156/_.......

sorry just noticed you already posted it Razz


Yeah, I edited it probably just moments before you posted Smile

There's a good chance it might lead to a login/pass on the main homepage. If someone can decrypt it, which I'm not so good at. The url looks like morse, but from my quick look at morse code it could be anything because there are no spaces.

ETA: Apparently they sing: http://www.meningrey.net/%5C/tmp/n10020468900_918433_1288.jpg

ETA2: Nope, after reading the source, the login/pass are in the source, it's "Officer" and "DENIED". (I know this is right because if you type in anything else a box pops up and says something about mangled http) However this just leads to the RFC's which is where you are sent if you type in an invalid file after the url. Somehow I think in order to login correctly you have to mask your IP or find the correct one.

PostPosted: Tue Apr 27, 2010 3:18 pm
 View user's profile
 Back to top 
Mehetabel
Decorated


Joined: 06 Apr 2009
Posts: 201
Location: Hiding behind Tim Almighty

 		So, I started picking apart the javascript that makes up the command line interface, and I managed to strip out the contents of the 'files' in the fake filesystem:

Code:
Filesystem = {
   'welcome.txt': {type:'file', read:function(terminal) {
      terminal.print($('<h4><pre>').text('Welcome to the 802.11 Dissector\'s Civilian Auditing Console.'));
      terminal.print('Use "ls", "cat", and "cd" to navigate the filesystem.');
   }},
   'license.txt': {type:'file', read:function(terminal) {
      terminal.print();
      $.each([
         'This program is free software; you can redistribute it and/or',
         'modify it under the terms of the GNU General Public License',
         'as published by the Free Software Foundation; either version 2',
         'of the License, or (at your option) any later version.',
         '',
         'This program is distributed in the hope that it will be useful,',
         'but WITHOUT ANY WARRANTY; without even the implied warranty of',
         'MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the',
         'GNU General Public License for more details.',
         '',
         'You should have received a copy of the GNU General Public License',
         'along with this program; if not, write to the Free Software',
         'Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.',
      ], function(num, line) {
         terminal.print(line);
      });
   }}
};
Filesystem['home'] = Filesystem['home'] = linkFile('http://meningrey.net/%5C/home/mig');
Filesystem['civilian'] = Filesystem['civilian'] = linkFile('http://meningrey.net/%5C/home/mig/civilian');
Filesystem['legal'] = Filesystem['legal'] = linkFile('http://meningrey.net/%5C/home/mig/documents/legal');
Filesystem['monitor'] = Filesystem['monitor'] = linkFile('http://meningrey.net/%5C/home/mig/monitor/chat/IRC');
Filesystem['protocol'] = Filesystem['protocol'] = linkFile('http://meningrey.net/%5C/home/mig/video');


Looks like a couple of links you guys haven't hit, yet... and the short form of the GPL. *shrugs* Anyway, the entirety of mig_cli.js is attached to this post as a text file. The oneliners are HILARIOUS. ... if you're a giant nerd, like me.
mig_cli.txt
Description  One of the javascripts that runs the CLI, saved as text, so you can read it, instead of screwing around with it.
 txt

 Download 
Filename  mig_cli.txt 
Filesize  13.6KB 
Downloaded  135 Time(s) 
_________________
Playing: In Defence of Summer (Columbine)
Lurking: Willow Adder, Whispered Faith, Marble Hornets, Scarlett House

PostPosted: Tue Apr 27, 2010 4:46 pm
 View user's profile Visit poster's website
 Back to top 
SkepticalOne
Boot

Joined: 27 Apr 2010
Posts: 19

 		Very nice Mehetabel. However i can't find anything actually useful in there :/

Did you guys notice you can scan someone else's IP for torrents?

Go here: http://meningrey.net/bt_watch/?host=
and type in the ip address after the =

One more way to scare the crap out of people...

Makes me want to get on IRC and see who's downloading what.

PostPosted: Tue Apr 27, 2010 5:32 pm
 View user's profile
 Back to top 
PerdíElJuego
Guest
Mehetabel wrote:
So, I started picking apart the javascript that makes up the command line interface, and I managed to strip out the contents of the 'files' in the fake filesystem:

Code:
Filesystem = {
   'welcome.txt': {type:'file', read:function(terminal) {
      terminal.print($('<h4><pre>').text('Welcome to the 802.11 Dissector\'s Civilian Auditing Console.'));
      terminal.print('Use "ls", "cat", and "cd" to navigate the filesystem.');
   }},
   'license.txt': {type:'file', read:function(terminal) {
      terminal.print();
      $.each([
         'This program is free software; you can redistribute it and/or',
         'modify it under the terms of the GNU General Public License',
         'as published by the Free Software Foundation; either version 2',
         'of the License, or (at your option) any later version.',
         '',
         'This program is distributed in the hope that it will be useful,',
         'but WITHOUT ANY WARRANTY; without even the implied warranty of',
         'MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the',
         'GNU General Public License for more details.',
         '',
         'You should have received a copy of the GNU General Public License',
         'along with this program; if not, write to the Free Software',
         'Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.',
      ], function(num, line) {
         terminal.print(line);
      });
   }}
};
Filesystem['home'] = Filesystem['home'] = linkFile('http://meningrey.net/%5C/home/mig');
Filesystem['civilian'] = Filesystem['civilian'] = linkFile('http://meningrey.net/%5C/home/mig/civilian');
Filesystem['legal'] = Filesystem['legal'] = linkFile('http://meningrey.net/%5C/home/mig/documents/legal');
Filesystem['monitor'] = Filesystem['monitor'] = linkFile('http://meningrey.net/%5C/home/mig/monitor/chat/IRC');
Filesystem['protocol'] = Filesystem['protocol'] = linkFile('http://meningrey.net/%5C/home/mig/video');


Looks like a couple of links you guys haven't hit, yet... and the short form of the GPL. *shrugs* Anyway, the entirety of mig_cli.js is attached to this post as a text file. The oneliners are HILARIOUS. ... if you're a giant nerd, like me.
Yeah, I remember seeing xkcd's homepage on April 1.

Using this same script, it became linuxkcd.

PostPosted: Tue Apr 27, 2010 10:26 pm
 Back to top 
PerdíElJuego
Guest


 		My friend and I figured it out using the YouTube video in the Men in Grey video to find the username [url=youtube.com/binarykoala]binarykoala[/url] which leads to k0a1a.net which leads to http://k0a1a.net/cv/danja-vasiliev-cv.pdf

It wasn't much of an ARG. Oh well.

PostPosted: Tue Apr 27, 2010 10:37 pm
 Back to top 
Rogi Ocnorb
I Have 100 Cats and Smell of Wee


Joined: 01 Sep 2005
Posts: 4266
Location: Where the cheese is free.

 		So, this artist hacked the 'nix box of a VMI cadet who sings in their choir?

Or is this site a contract gig by a German artist to help them sell their CD that just came out?
_________________
I'm telling you now, so you can't say, "Oh, I didn't know...Nobody told me!"


PostPosted: Tue Apr 27, 2010 11:30 pm
 View user's profile AIM Address Yahoo Messenger MSN Messenger
 Back to top 
blaqueice
Decorated


Joined: 15 Jun 2005
Posts: 287
Location: Vancouver, Canada
PerdíElJuego wrote:
My friend and I figured it out using the YouTube video in the Men in Grey video to find the username [url=youtube.com/binarykoala]binarykoala[/url] which leads to k0a1a.net which leads to http://k0a1a.net/cv/danja-vasiliev-cv.pdf

It wasn't much of an ARG. Oh well.


I found [url]youtube.com/binarykoala[/url] from the video as well. Though I was thinking more that he was a user that the Men In Grey were documenting rather than a lead in the ARG. But then I see there is a M.I.G. logo at the bottom of his CV....I'll message him and see what he comes back with

I felt the same for the other "users" in the video

There was a "Kelly Yates" on facebook...I looked for her but there are too many results so I'm not sure which one is the one from the video.

I wrote down the IP addresses that were found in the video...as it might help someone...somehow...

Kelly Yates (also on facebook)
192.168.1.35

Mitch Van
78.52.137.189

Pavel Durov
35.215.73.63

Peter Arn
192.168.1.33

Kevin Troy
96.241.175.54

Trisha Arman
166.70.99.91

Cenicienta12
66.90.75.206

EDIT: http://vimeo.com/10282858 is a password protected video the password can be found at the link mentioned earlier
http://www.meningrey.net/%5C/home/officer156/_.......

A note under the video reads

Quote:
this clip turned up in our our studio the other day, on a usb-stick sent in a blank envelope...

the only other thing in there was a businesscard with this URL:

[url]meningrey.net[/url]

(this is absolutely not a moddr prank! we promise!)


EDIT: I just had a thought...if this video was indeed sent to moddr by MIG...why would they password protect it with a password hidden in the MIG website...
_________________
---------------------------
cityofdomes | ARGTalk | You Suck At Photoshop
---------------------------

PostPosted: Wed Apr 28, 2010 12:56 am
 View user's profile Yahoo Messenger MSN Messenger
 Back to top 
Max5684
Boot

Joined: 28 Apr 2010
Posts: 20
Location: Illinois

 		Site Tracking
Apparently they're tracking Delicious and the sites that are visited through it:

http://www.meningrey.net///home/mig/civilian/pending/Dataset154R_DELICIOUS-user-pop.sql

Also, they're tracking Twitter's social network. Found here:

http://www.meningrey.net///home/mig/civilian/pending/Dataset413R_TWITTER-social-graph.txt

It also looks kind of like they have full user logs for Twitter, or maybe just the people they picked up using Twitter as they walked around with their "Interceptors."

http://www.meningrey.net///home/mig/civilian/pending/Dataset413R_TWITTER-user-logs.txt

The next link indicates they're watching a network from a "large European Research Institution":

http://www.meningrey.net///home/mig/civilian/pending/Dataset5113_Email-EU-RS.txt

This next one indicates that they're watching certain groups that work with Amazon and the products being purchased through them:

http://www.meningrey.net///home/mig/civilian/pending/Dataset801C_Amazon-Co-Purchase.txt

Finally, this one indicates that they're watching who is voting on whom to make them Wikipedia administrators:

http://www.meningrey.net///home/mig/civilian/pending/Dataset93V_WikiPedia-admins.txt

PostPosted: Wed Apr 28, 2010 10:43 am
 View user's profile AIM Address
 Back to top 
Max5684
Boot

Joined: 28 Apr 2010
Posts: 20
Location: Illinois

 		Holy Crap
Guys, check this out - Go here:

http://www.meningrey.net///home/mig/www/

And download passwd.bak.

Open it in Notepad (or whatever text editor you have). Make sure word-wrap is turned off. It is very large, so give it a while to load. Originally I just thought it was a record of failed login attempts, but there are some ridiculous things in there, including an email address: ivzeSPLATivze.sknt.ru and some ASCII art. Also, the last 100 lines or so all say "forgive me" over and over again.

I think this file is worth scouring.

EDIT: There are TONS of email addresses in the file.

EDIT2: There is all kinds of junk in here. Quotes from War and Peace, stuff only found on Pastebin, etc... It seems too pulled-together to all just be completely random.

PostPosted: Wed Apr 28, 2010 10:53 am
 View user's profile AIM Address
 Back to top 
SkepticalOne
Boot

Joined: 27 Apr 2010
Posts: 19

 		Re: Holy Crap
Max5684 wrote:
Guys, check this out - Go here:

http://www.meningrey.net///home/mig/www/

And download passwd.bak.

Open it in Notepad (or whatever text editor you have). Make sure word-wrap is turned off. It is very large, so give it a while to load. Originally I just thought it was a record of failed login attempts, but there are some ridiculous things in there, including an email address: ivzeSPLATivze.sknt.ru and some ASCII art. Also, the last 100 lines or so all say "forgive me" over and over again.

I think this file is worth scouring.

EDIT: There are TONS of email addresses in the file.

EDIT2: There is all kinds of junk in here. Quotes from War and Peace, stuff only found on Pastebin, etc... It seems too pulled-together to all just be completely random.


It's a record of what people have typed in the login/password on the main site, I think it may also be a record of some stuff that's typed into the console.

ETA: here's a direct link to the file http://www.meningrey.net/%5c/home/mig/www/passwd.bak

PostPosted: Wed Apr 28, 2010 11:10 am
Last edited by SkepticalOne on Wed Apr 28, 2010 11:21 am; edited 1 time in total
 View user's profile
 Back to top 
Display posts from previous:   Sort by:   
Page 1 of 2 [18 Posts]   Goto page: 1, 2 Next
View previous topicView next topic
 Forum index » Archive » Archive: General » Old News & Rumors
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
You cannot post calendar events in this forum



Powered by phpBB © 2001, 2005 phpBB Group