MyLipas :: The Defacement Crawler
Posted: July 20th, 2011 | Author: xanda | Filed under: IT Related, Project | Tags: deface, defacement, lipas, mylipas, zoneh | 21 Comments »If you are a system administrator of websites that is hosted in Malaysia or owner of the domains ended with .MY.. or.. hosting company, you might heard/read about “MyLipas” somewhere, somehow.. maybe in the email subject or something 😉
Ok here are short descriptions of MyLipas and what is he capable with:
- Named MyLipas due to the ugly code (coded in 2 nights)
- Was around since early February 2009
- Highly inspired by Shaun’s (Australian Honeynet Project) Skynet project
- Crawl for the defaced/hacked websites that are hosted in Malaysia (Malaysia IP range) or domain ended with .MY
- Crawler “abuse” Google search and Zone-H list to look for the defaced websites (based on keywords)
- Yes it can bypass the Zone-H’s captcha 😀
- If you are a CSM staff and you claim yourself as a Google-Fu, but you don’t know how to Google for websites that is hosted in Malaysia but not limited to those ended with .MY, you brought shame upon yourself
- MyLipas can also receive manual (single or bulk) URL submission
- All URLs will be grouped by IP (of the hosting) and the following information will be collected (automagically!) :
- IP address
- Web server information
- Domain owner/hosting email address (for reporting)
- Email will be sent to MyCERT (grouped by IP) with the information above, for incident escalation process
- Screenshot will automagically be taken for each URL
- Defacer name will be captured into database
- Data will be mapped into damn nice Ajax and flashy Flash graphs and bars.. [Thanks to Nymkum mYnN and @m4ysix]
- The main job of MyLipas is to crawl for defaced website.. But it can easily customized to become SQL injection vulnerability crawler, leaked information crawler etc etc..
- Enough for now…
Updated on 1 Feb 2012
MyLipas is now integrated with few more defacement archiver websites (which wont be listed here)
great…good job xanda.
awesome!!
To point no 2, one word,with exclamation mark, LOL!
[…] at fivefilters.org/content-only/faq.php#publishers. Five Filters recommends: Donate to Wikileaks. E-mail this Job Job Number: 6186742 Title: Security officer (Mobile Patrol Driver) ( NOC: 6651 ) Te…etc.): Security Guard basic (pre-assignment ) training program certificate, Security Guard Licence, […]
Hi, your ‘MyLipas’ is such a great thing.
Actually I’m visiting your blog by searching google with ‘crawl zone-h’.
And your MyLipas project seems to be an answer to this question.
Would you mind if I ask you offering ‘MyLipas’ or give a tip for me.
Thank you.
@KevinPark
I’ve replied you to your email 🙂
[…] crawler’ aka Google web-scraper. So it is not a surprise if I say.. It was part of MyLipas Defacement Crawler as […]
Can you share the captcha breaking you are doing?
Email sent..
would you mind sharing this with me ??would be grateful 🙂
Hi there. Im trying to scrape zone-h website using scrapy and stumbled upon your blog. May i know what was the approach you used? Tried to get xpath working but somehow its not working on zone h. THanks!
Hi, can you share the zone-h “captcha breaker”?
Thanks.
Hello Xanda
Would you please share Zone-h CAPTCHA Breaker ?
Thnx
Hello XANDA,
Where can I find access to MyLipas?
Sorry.. I worked on this project when i was working with Malaysian CERT.. The ownership of the code is belong to MyCERT
Hey there Xanda, good job on this project, seems like a useful tool. A very good example of proper scrapper usage to gather intelligence.
I’m working on something similar and would like to get some advice, could you please help me?
Hi. I am currently also trying to scrape zone-h as well, may I know what is your approach to bypass the captcha?
Thanks in advance!
Hi,
I am also trying to crawling defaced websites in zone-H (Python).
Any advice or code snippets ?
Best Regards
Hi,
I’m also working for a national CERT in Europe and I’m interested to crawl ZONE-H for defaced websites from my .TLD. Can you share with me the way we’ve managed to bypass the captcha verification? Thanks a lot!
Hi,
Your tool sounds great. Thank to share the things it can do.
Do you mind helping me with the zone-h captcha ? Can you share the additionnal defacement archiver websites ?
Regards,
where tool