Xanda's Blog !~!

MyLipas :: The Defacement Crawler

Jul
20

If you are a system administrator of websites that is hosted in Malaysia or owner of the domains ended with .MY.. or.. hosting company, you might heard/read about “MyLipas” somewhere, somehow.. maybe in the email subject or something 😉

Ok here are short descriptions of MyLipas and what is he capable with:

  • Named MyLipas due to the ugly code (coded in 2 nights)
  • Was around since early February 2009
  • Highly inspired by Shaun’s (Australian Honeynet Project) Skynet project
  • Crawl for the defaced/hacked websites that are hosted in Malaysia (Malaysia IP range) or domain ended with .MY
  • Crawler “abuse” Google search and Zone-H list to look for the defaced websites (based on keywords)
    1. Yes it can bypass the Zone-H’s captcha 😀
    2. If you are a CSM staff and you claim yourself as a Google-Fu, but you don’t know how to Google for websites that is hosted in Malaysia but not limited to those ended with .MY, you brought shame upon yourself
  • MyLipas can also receive manual (single or bulk) URL submission
  • All URLs will be grouped by IP (of the hosting) and the following information will be collected (automagically!) :
    1. IP address
    2. Web server information
    3. Domain owner/hosting email address (for reporting)
  • Email will be sent to MyCERT (grouped by IP) with the information above, for incident escalation process
  • Screenshot will automagically be taken for each URL
  • Defacer name will be captured into database
  • Data will be mapped into damn nice Ajax and flashy Flash graphs and bars.. [Thanks to Nymkum mYnN and @m4ysix]
  • The main job of MyLipas is to crawl for defaced website.. But it can easily customized to become SQL injection vulnerability crawler, leaked information crawler etc etc..
  • Enough for now…

Updated on 1 Feb 2012
MyLipas is now integrated with few more defacement archiver websites (which wont be listed here)

15 Responses to MyLipas :: The Defacement Crawler

  1. great…good job xanda.

  2. awesome!!

  3. To point no 2, one word,with exclamation mark, LOL!

  4. Pingback: Security officer (Calgary – Alberta) | Employment Canada and work Canada choice

  5. Hi, your ‘MyLipas’ is such a great thing.
    Actually I’m visiting your blog by searching google with ‘crawl zone-h’.
    And your MyLipas project seems to be an answer to this question.
    Would you mind if I ask you offering ‘MyLipas’ or give a tip for me.
    Thank you.

  6. @KevinPark
    I’ve replied you to your email 🙂

  7. Pingback: Hello Nokogiri | Xanda's Blog !~!

  8. Can you share the captcha breaking you are doing?

  9. Hi there. Im trying to scrape zone-h website using scrapy and stumbled upon your blog. May i know what was the approach you used? Tried to get xpath working but somehow its not working on zone h. THanks!

  10. Hi, can you share the zone-h “captcha breaker”?

    Thanks.

  11. Hello Xanda

    Would you please share Zone-h CAPTCHA Breaker ?

    Thnx

  12. Hello XANDA,

    Where can I find access to MyLipas?

    • Sorry.. I worked on this project when i was working with Malaysian CERT.. The ownership of the code is belong to MyCERT

Leave a Reply

Your email address will not be published. Required fields are marked *