Everhart,Glenn From: XiD@xyrix.slip.21VAX.net Sent: Sunday, March 08, 1998 3:49 AM To: Info-VAX@Mvb.Saic.Com Subject: Pentagon IP scan by XiD( new networks exposed)! Pentagon IP scan by XiD( new networks exposed)! -------------------------------------------------------------------------------- Hello All hackers: I have exposed some new networks, hosts, IP that i couldn't find on the WEB or GOPHER, or FTP so here is an update! Remember that i'll be exposing more info so someone could enter for FREE ( Without a password!) This Update is for the year: 1998-2000 XTAC Military Networks ------------------------------------- HEADER: opcode = QUERY, id = 12345, rcode = NOERROR header flags: reply, auth. answer, want recursion, recursion avail. questions = 1, answers = 1, auth. records = 4, additional = 5 QUESTIONS: 235.75.31.192.in-addr.arpa., type = PTR, class = 1 ANSWERS: -> 235.75.31.192.in-addr.arpa. type = PTR, class = 1, ttl = 86400, dlen = 29 host = PENTAGON-AIC-NOTES.ARMY.MIL. AUTHORITY RECORDS: -> 75.31.192.in-addr.arpa. type = NS, class = 1, ttl = 86400, dlen = 6 nameserver = NIC.MIL. -> 75.31.192.in-addr.arpa. type = NS, class = 1, ttl = 86400, dlen = 23 nameserver = XTAC-FTHUACHUCA.NIPR.MIL. -> 75.31.192.in-addr.arpa. type = NS, class = 1, ttl = 86400, dlen = 15 nameserver = XTAC-WHEELER.NIPR.MIL. -> 75.31.192.in-addr.arpa. type = NS, class = 1, ttl = 86400, dlen = 17 nameserver = XTAC-VAIHINGEN.NIPR.MIL. ADDITIONAL RECORDS: -> NIC.MIL. type = A, class = 1, ttl = 86400, dlen = 4 inet address = 192.112.36.5 -> NIC.MIL. type = A, class = 1, ttl = 86400, dlen = 4 inet address = 207.132.116.5 -> XTAC-FTHUACHUCA.NIPR.MIL. type = A, class = 1, ttl = 86400, dlen = 4 inet address = 198.26.80.66 -> XTAC-WHEELER.NIPR.MIL. type = A, class = 1, ttl = 86400, dlen = 4 inet address = 199.252.180.250 -> XTAC-VAIHINGEN.NIPR.MIL. type = A, class = 1, ttl = 86400, dlen = 4 inet address = 199.252.169.250 *** complete *** Here is some of the 140 IP block( top-secret)! probably connected to the Pentagon. Check this out! --------------------------------------------------------------- 9 728 109 140.185.0.42 c7k-bd972.pint.army.pentagon.mil [debug] 11013 00 00 00 00 HEADER: opcode = QUERY, id = 12345, rcode = NOERROR header flags: reply, want recursion, recursion avail. questions = 1, answers = 1, auth. records = 2, additional = 2 QUESTIONS: 42.0.185.140.in-addr.arpa., type = PTR, class = 1 ANSWERS: C0 0C 00 0C 00 01 00 00 A8 9F 00 22 09 63 37 6B ...........".c7k 2D 62 64 39 37 32 04 70 69 6E 74 04 61 72 6D 79 -bd972.pint.army -> 42.0.185.140.in-addr.arpa. type = PTR, class = 1, ttl = 43167, dlen = 34 host = c7k-bd972.pint.army.pentagon.mil. AUTHORITY RECORDS: 03 31 38 35 03 31 34 30 07 69 6E 2D 61 64 64 72 .185.140.in-addr 04 61 72 70 61 00 00 02 00 01 00 00 A8 9F 00 0B .arpa........... -> 185.140.in-addr.arpa. type = NS, class = 1, ttl = 43167, dlen = 11 nameserver = ns.hq.af.mil. C0 59 00 02 00 01 00 00 A8 9F 00 06 03 6E 73 32 .Y...........ns2 C0 7C C0 79 00 01 00 01 00 00 EE FB 00 04 86 CD ...y............ -> 185.140.in-addr.arpa. type = NS, class = 1, ttl = 43167, dlen = 6 nameserver = ns2.hq.af.mil. ADDITIONAL RECORDS: C0 79 00 01 00 01 00 00 EE FB 00 04 86 CD 83 06 .y.............. C0 90 00 01 00 01 00 00 EE FB 00 04 86 CD 7B 94 ..............{. -> ns.hq.af.mil. type = A, class = 1, ttl = 61179, dlen = 4 inet address = 134.205.131.6 C0 90 00 01 00 01 00 00 EE FB 00 04 86 CD 7B 94 ..............{. 4C 45 52 C0 99 C0 55 00 02 00 01 00 01 51 80 00 LER...U......Q.. -> ns2.hq.af.mil. type = A, class = 1, ttl = 61179, dlen = 4 inet address = 134.205.123.148 *** complete *** The top secret host 42.0.185.140 a big part of the US Military HeadQuarters . ha ha ha they are DUMB! and a big part of the 134 IP Block. ------------------------------------------------------------------------------------------------- HEADER: opcode = QUERY, id = 12345, rcode = NAME_ERR header flags: reply, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, auth. records = 1, additional = 0 QUESTIONS: 140.185.0.42.in-addr.arpa., type = PTR, class = 1 AUTHORITY RECORDS: 07 49 4E 2D 41 44 44 52 04 61 72 70 61 00 00 06 .IN-ADDR.arpa... 00 01 00 01 51 80 00 3E 01 41 0C 52 4F 4F 54 2D ....Q..>.A.ROOT- -> IN-ADDR.arpa. type = SOA, class = 1, ttl = 86400, dlen = 62 nameserver = A.ROOT-SERVERS.NET. mailaddress = hostmaster.INTERNIC.NET. serial = 1998030900, refresh = 1800, retry = 900, expire = 604800, minimum = 86400. *** complete *** NOTE: They are actualy connected to the INTERNIC.NET man... they are dumb.(i mean the Air-Force Military)! NOTE: The IP 42.0.185.140 has a parralel ip which is 134.205.123.148 and it's actualy opens the gateway to their EMAIL servers in the U.S military Headquarters: check this out: HEADER: opcode = QUERY, id = 12345, rcode = NOERROR header flags: reply, auth. answer, want recursion, recursion avail. questions = 1, answers = 1, auth. records = 4, additional = 3 QUESTIONS: 148.123.205.134.in-addr.arpa., type = PTR, class = 1 ANSWERS: C0 0C 00 0C 00 01 00 00 A8 C0 00 0F 03 6E 73 32 .............ns2 02 68 71 02 61 66 03 6D 69 6C 00 03 32 30 35 03 .hq.af.mil..205. -> 148.123.205.134.in-addr.arpa. type = PTR, class = 1, ttl = 43200, dlen = 15 host = ns2.hq.af.mil. AUTHORITY RECORDS: 03 32 30 35 03 31 33 34 07 49 4E 2D 41 44 44 52 .205.134.IN-ADDR 04 41 52 50 41 00 00 02 00 01 00 00 A8 C0 00 05 .ARPA........... -> 205.134.IN-ADDR.ARPA. type = NS, class = 1, ttl = 43200, dlen = 5 nameserver = ns.hq.af.mil. C0 49 00 02 00 01 00 00 A8 C0 00 02 C0 3A C0 49 .I...........:.I 00 02 00 01 00 00 A8 C0 00 06 03 73 6D 6F C0 3E ...........smo.> -> 205.134.IN-ADDR.ARPA. type = NS, class = 1, ttl = 43200, dlen = 2 nameserver = ns2.hq.af.mil. C0 49 00 02 00 01 00 00 A8 C0 00 06 03 73 6D 6F .I...........smo C0 3E C0 49 00 02 00 01 00 00 A8 C0 00 0C 04 6D .>.I...........m -> 205.134.IN-ADDR.ARPA. type = NS, class = 1, ttl = 43200, dlen = 6 nameserver = smo.hq.af.mil. C0 49 00 02 00 01 00 00 A8 C0 00 0C 04 6D 61 69 .I...........mai 6C 04 63 6F 6D 6D C0 3E C0 69 00 01 00 01 00 00 l.comm.>.i...... -> 205.134.IN-ADDR.ARPA. type = NS, class = 1, ttl = 43200, dlen = 12 nameserver = mail.comm.hq.af.mil. ADDITIONAL RECORDS: C0 69 00 01 00 01 00 00 A8 C0 00 04 86 CD 83 06 .i.............. C0 3A 00 01 00 01 00 00 A8 C0 00 04 86 CD 7B 94 .:............{. -> ns.hq.af.mil. type = A, class = 1, ttl = 43200, dlen = 4 inet address = 134.205.131.6 C0 3A 00 01 00 01 00 00 A8 C0 00 04 86 CD 7B 94 .:............{. C0 9A 00 01 00 01 00 00 A8 C0 00 04 86 CD 50 06 ..............P. -> ns2.hq.af.mil. type = A, class = 1, ttl = 43200, dlen = 4 inet address = 134.205.123.148 C0 9A 00 01 00 01 00 00 A8 C0 00 04 86 CD 50 06 ..............P. C0 99 C0 77 00 01 00 01 00 01 51 80 00 04 C0 70 ...w......Q....p -> mail.comm.hq.af.mil. type = A, class = 1, ttl = 43200, dlen = 4 inet address = 134.205.80.6 *** complete *** SO THEIR MAIL SERVER IS: MAIL.COMM.HQ.AF.MIL AND THE IP TO THIS SERVER IS: 134.205.80.6 The MAIL.COMM.HQ.AF.MIL ---------------------------------------------- This server is connected to the to the biggest host which is: AIR-FORCE.WASHINGTON.MCI.NET This domain is one of the most important hosts that holds all the connections to the AF.MIL hosts in the US Military. SO dear hacker if you want to FUCKUP THE ALMOST ENTIRE US Military Air-Force networks please fuckup first this host: 8 658 444 166.48.39.250 air-force.Washington.mci.net [debug] 11013 00 00 00 00