MyLipas :: The Defacement Crawler
If you are a system administrator of websites that is hosted in Malaysia or owner of the domains ended with .MY.. or.. hosting company, you might heard/read about “MyLipas” somewhere, somehow.. maybe in the email subject or something 😉
Ok here are short descriptions of MyLipas and what is he capable with:
- Named MyLipas due to the ugly code (coded in 2 nights)
- Was around since early February 2009
- Highly inspired by Shaun’s (Australian Honeynet Project) Skynet project
- Crawl for the defaced/hacked websites that are hosted in Malaysia (Malaysia IP range) or domain ended with .MY
- Crawler “abuse” Google search and Zone-H list to look for the defaced websites (based on keywords)
- Yes it can bypass the Zone-H’s captcha 😀
- If you are a CSM staff and you claim yourself as a Google-Fu, but you don’t know how to Google for websites that is hosted in Malaysia but not limited to those ended with .MY, you brought shame upon yourself
- MyLipas can also receive manual (single or bulk) URL submission
- All URLs will be grouped by IP (of the hosting) and the following information will be collected (automagically!) :
- IP address
- Web server information
- Domain owner/hosting email address (for reporting)
- Email will be sent to MyCERT (grouped by IP) with the information above, for incident escalation process
- Screenshot will automagically be taken for each URL
- Defacer name will be captured into database
- Data will be mapped into damn nice Ajax and flashy Flash graphs and bars.. [Thanks to Nymkum mYnN and @m4ysix]
- The main job of MyLipas is to crawl for defaced website.. But it can easily customized to become SQL injection vulnerability crawler, leaked information crawler etc etc..
- Enough for now…
Updated on 1 Feb 2012
MyLipas is now integrated with few more defacement archiver websites (which wont be listed here)
Comments
great…good job xanda.
awesome!!
To point no 2, one word,with exclamation mark, LOL!
Hi, your ‘MyLipas’ is such a great thing.
Actually I’m visiting your blog by searching google with ‘crawl zone-h’.
And your MyLipas project seems to be an answer to this question.
Would you mind if I ask you offering ‘MyLipas’ or give a tip for me.
Thank you.
@KevinPark
I’ve replied you to your email 🙂
Can you share the captcha breaking you are doing?
Email sent..
would you mind sharing this with me ??would be grateful 🙂
Hi there. Im trying to scrape zone-h website using scrapy and stumbled upon your blog. May i know what was the approach you used? Tried to get xpath working but somehow its not working on zone h. THanks!
Hi, can you share the zone-h “captcha breaker”?
Thanks.
Hello Xanda
Would you please share Zone-h CAPTCHA Breaker ?
Thnx
Hello XANDA,
Where can I find access to MyLipas?
Sorry.. I worked on this project when i was working with Malaysian CERT.. The ownership of the code is belong to MyCERT
Hey there Xanda, good job on this project, seems like a useful tool. A very good example of proper scrapper usage to gather intelligence.
I’m working on something similar and would like to get some advice, could you please help me?
Hi. I am currently also trying to scrape zone-h as well, may I know what is your approach to bypass the captcha?
Thanks in advance!
Hi,
I am also trying to crawling defaced websites in zone-H (Python).
Any advice or code snippets ?
Best Regards
Hi,
I’m also working for a national CERT in Europe and I’m interested to crawl ZONE-H for defaced websites from my .TLD. Can you share with me the way we’ve managed to bypass the captcha verification? Thanks a lot!
Hi,
Your tool sounds great. Thank to share the things it can do.
Do you mind helping me with the zone-h captcha ? Can you share the additionnal defacement archiver websites ?
Regards,
where tool