MyLipas :: The Defacement Crawler
Posted: July 20th, 2011 | Author: xanda | Filed under: IT Related, Project | Tags: deface, defacement, lipas, mylipas, zoneh | 21 Comments »If you are a system administrator of websites that is hosted in Malaysia or owner of the domains ended with .MY.. or.. hosting company, you might heard/read about “MyLipas” somewhere, somehow.. maybe in the email subject or something 😉
Ok here are short descriptions of MyLipas and what is he capable with:
- Named MyLipas due to the ugly code (coded in 2 nights)
- Was around since early February 2009
- Highly inspired by Shaun’s (Australian Honeynet Project) Skynet project
- Crawl for the defaced/hacked websites that are hosted in Malaysia (Malaysia IP range) or domain ended with .MY
- Crawler “abuse” Google search and Zone-H list to look for the defaced websites (based on keywords)
- Yes it can bypass the Zone-H’s captcha 😀
- If you are a CSM staff and you claim yourself as a Google-Fu, but you don’t know how to Google for websites that is hosted in Malaysia but not limited to those ended with .MY, you brought shame upon yourself
- MyLipas can also receive manual (single or bulk) URL submission
- All URLs will be grouped by IP (of the hosting) and the following information will be collected (automagically!) :
- IP address
- Web server information
- Domain owner/hosting email address (for reporting)
- Email will be sent to MyCERT (grouped by IP) with the information above, for incident escalation process
- Screenshot will automagically be taken for each URL
- Defacer name will be captured into database
- Data will be mapped into damn nice Ajax and flashy Flash graphs and bars.. [Thanks to Nymkum mYnN and @m4ysix]
- The main job of MyLipas is to crawl for defaced website.. But it can easily customized to become SQL injection vulnerability crawler, leaked information crawler etc etc..
- Enough for now…
Updated on 1 Feb 2012
MyLipas is now integrated with few more defacement archiver websites (which wont be listed here)