[tor-relays] Webiron

Schokomilch NOC noc at schokomil.ch
Fri Jan 29 19:13:37 UTC 2016


We quickly have created a poc to prevent their webbug of being useful:

https://github.com/TheSchokomilchFoundation/IronFist

IronFist will parse their latest JSON data (by downloading it via a Tor 
connection if a Tor-socks is available on 127.0.0.1:9050)
It then generates a list of all current ip + email combinations, e.g.

https://www.webiron.com/images/misc/2__._40.6.20_/quanhf@_____inamobile.com/webiron-logo_abuse.png
https://www.webiron.com/images/misc/_88.93._44.86/noc@_____omein.nl/webiron-logo_abuse.png
https://www.webiron.com/images/misc/_48.25_.83._6/abuse@m____kauf.de/webiron-logo_abuse.png
https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___servers.net/webiron-logo_abuse.png
https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___rce.com/webiron-logo_abuse.png
https://www.webiron.com/images/misc/_08.__9._96._29/ipadmin@_____tewelcome.com/webiron-logo_abuse.png
https://www.webiron.com/images/misc/6_._64._._4/security@___ic.net/webiron-logo_abuse.png
https://www.webiron.com/images/misc/6_._64._._4/antispam@___.hz.zj.cn/webiron-logo_abuse.png
https://www.webiron.com/images/misc/6_._64._._4/anti_spam@____.hz.zj.cn/webiron-logo_abuse.png

Those urls could then be visited via the same Tor connections which 
would then make the tracker hopefully useless, as 100% of all URLS are 
visited.

The latter functionality has not yet been included. It might not be 
prudent to do this after all.


On 27.01.2016 05:10 AM, Nicholas Suan wrote:
> Looks like Webiron is spamming again, and this time they're including
> a web bug in the mail to see if you've opened it:
> 
> https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo_abuse.png
> 
> https://www.webiron.com/abuse_feed/abuse@1d4.us
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


More information about the tor-relays mailing list