Kerberos, Risk, Dont use

slimsz1

Don't buy from me
New Member
Joined
Feb 19, 2023
Messages
1
Reaction score
0
Points
1
I have found too far information about their system
including IP's
Locations
Software
Code

I have sent a message to their administrators, they have not replied

The system also has a vulnerability (RCE)

So I suggest not using this market, as its easy for LE to get them

I can provide proofs here

If they dont answer me within 24 hours, i will probably post all findings publicly

Sample:

37.148.213.118
185.130.47.221

PHP/CodeIgniter
Nginx 1.14.0
 

xoxo2.0

Don't buy from me
Resident
Language
🇺🇸
Joined
Aug 26, 2022
Messages
95
Reaction score
163
Points
43
hey
clown i guess you just saw this video
and want some attention. the details you provide are extremly basic a noobie can harvest more information then that in an incomplete site. one single sqlmap command or any sniffing tool can get you much more then that.
 

Lucifer

Don't buy from me
Resident
Joined
Apr 19, 2022
Messages
24
Reaction score
20
Points
3

This is the IP from our clearnet information website which is neither secret nor has anything to do with our marketplace servers.

If you have no idea what you're talking about, don't post crap anywhere.

We have already answered to you on the market that you are welcome to post anything you find and make a fool of yourself, like this from a backproxy to a Tor descripter.

Rarely laughed so much.
 

freeTheWeb

Don't buy from me
New Member
Joined
Mar 18, 2023
Messages
2
Reaction score
2
Points
1
I dug deeper than @slimszi

Allow me to hypothesize here:

Information:
- At least 2 of Kerberos mirrors are exposed (Privex Datacenter in Stockholm, using port 81 lol) (not the ones @slimzi posted)
- AB "welcome" page is hosted in the same data center (probably law enforcement), IPs are NOT far from those of Kerberos (185.130.46.136). "hell", they might be in the same rack even, as that switch is misconfigured.

Hypothesis 1:
- AlphaBay is seized by LE, their server is just a honeypot to catch yall
... if this is true, how the hell Kerberos is running in the same Datacenter "Privex" FOR A YEAR, while being exposed! LE? dumb luck?
- AB and Kerberos are connected somehow and exit scams are more profitable.

Hypothesis 2:
- Both are in the same datacenter, pure luck. (still Kerberos is exposed, SINCE A YEAR)

Fact:
Kerberos mirrors are exposed.
hell, I will sell you the IP if you pay enough and guarantee the safety of it's users and their funds.

In any case, safety of users should be every DNM operator #1 priority, and even funny people like @simzi should be taken seriously. double check your logs maybe? laughing off everyones safety is not a joke. (neither exit scams lol)

For users:
- If you are a vendor, make sure your JS is turned off, use only Tails OS when connecting to Kerberos (or generally), ask your customers to encrypt addresses (don't trust market encryption) if you're using windows, get a life!.

- Don't use a wallet, don't deposit much, don't leave a lot in your wallet... you've been warned (This applies to all markets)

For lucifer:
@Lucifer double check your servers, no need to make fun of anyone who is trying to protect themselves and the rest of your users.

suggestion (encoded): block all ICMP & UDP incoming traffic (I know TOR doesn't have UDP, your server still has it), and ask your datacenter to block ICMP on the switch connecting your 2 servers in the rack.
 
Last edited:

Osmosis Vanderwaal

Moderator in US section
Resident
Joined
Jan 15, 2023
Messages
1,560
Solutions
4
Reaction score
1,077
Points
113
Deals
1
Jesus you people scare me. It's like when middle easterners are shouting on a flight. I don't know what you are saying but the tone you use is alarming. I'm only getting my drugs off of Amazon from now on.🤫
 

godfathe07

Don't buy from me
New Member
Joined
Apr 11, 2023
Messages
2
Reaction score
0
Points
1
Another fake Extortor Go get a Job, Or start a business
 
Top