Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

أخبار المسلمين akhbar almuslimin: Muslim News

leave a comment »

Screenshot from 2016-08-08 12-17-55

Yep, yet another Da’esh darknet site popped up this morning. This one is a rather bare bones effort that relies on free DynDNS, Tor2web and links back to things like WordPress and imgur and Cloudflare. The site came up and then went down after the kids from OpISIS came and went. The cloudflare though seemed to help as well as the tor2web linkage. As of this writing Cloudflare started to act up and the site was losing bits of itself as I was interrogating it for information.

Anyway, this site is pretty sparse design wise but has a lot of content to click. As you can see below it is low tek but the content is brand new. No mention of official ties but it has the flag in the tab as you can see. All of the links go to external clearnet sites for content so much of the work is being placed on the clearnet sites that the daeshbags upload shit to like mega and the like.

Screenshot from 2016-08-08 12-18-31Videos from Syria

 

Screenshot from 2016-08-08 12-21-37Dabiq 15 linked to clearnet dump

 

Screenshot from 2016-08-08 12-24-34Other mags

 

Screenshot from 2016-08-08 12-24-56Al Bayan radio streams

 

Screenshot from 2016-08-08 12-25-51Martyrs and usual propaganda crap

 

Screenshot from 2016-08-08 12-26-35Single page content links

 

Screenshot from 2016-08-08 14-00-25Page info

 

Overall, not much to write home about. The site I assume will be down and up for a while but this just shows you that the daeshbags are trying to get content in the darknet but they seem to be unable to host it all themselves on a single server. Until they can do this, then technically they will continue to be taken offline pretty easily by the kids.

I will be pulling all the metadata since I have already archived the site en toto with wget… More when I have it.

Dr. K.

 

–UPDATE–

I ran an onion scan on this site for all you kids.. Go.. play..

krypt3ia@krypt3ia:~/go$ sudo ./bin/onionscan http://ou7zytv3h2yaosqq.onion/
2016/08/10 12:59:25 Starting Scan of http://ou7zytv3h2yaosqq.onion/
2016/08/10 12:59:25 This might take a few minutes..

————— OnionScan Report —————
High Risk Issues: 0
Medium Risk Issues: 0
Low Risk Issues: 0
Informational Issues: 4

Info: Missing X-Frame-Options HTTP header discovered!
Why this is bad: Provides Clickjacking protection. Values: deny – no rendering within a frame, sameorigin
– no rendering if origin mismatch, allow-from: DOMAIN – allow rendering if framed by frame loaded from DOMAIN
To fix, use X-Frame-Options: deny
Info: Missing X-XSS-Protection HTTP header discovered!
Why this is bad: This header enables the Cross-site scripting (XSS) filter built
into most recent web browsers. It’s usually enabled by default anyway,
so the role of this header is to re-enable the filter for this particular website if it was disabled by the user.
To fix, use X-XSS-Protection: 1; mode=block
Info:  Missing X-Content-Type-Options HTTP header discovered!
Why this is bad: The only defined value, “nosniff”, prevents browsers
from MIME-sniffing a response away from the declared content-type.
This reduces exposure to drive-by download attacks and sites serving user
uploaded content that, by clever naming, could be treated as executable or dynamic HTML files.
To fix, use  X-Content-Type-Options: nosniff
Info: Missing X-Content-Type-Options HTTP header discovered!
Why this is bad: Content Security Policy requires careful tuning and precise definition of the policy.
If enabled, CSP has significant impact on the way browser renders pages (e.g., inline
JavaScript disabled by default and must be explicitly allowed in policy).
CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections.
To fix, use  Content-Security-Policy: default-src ‘self’
krypt3ia@krypt3ia:~/go$

 

Written by Krypt3ia

2016/08/08 at 20:44

Posted in Da'esh, DARKNET

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: