You are not logged in.

#1 2019-02-07 08:45:57

Gugi
Member
Registered: 2019-01-15
Posts: 23
Website

funny moment when you are from cyber-security and catch hacker n00b

It looks like someone is 'hacker' hahah very funny i catch them big_smile

------ 0.000s was the duration of 'RT_TABLES' ------

------ ROUTE TABLE IPv4 (ip -4 route show table 255) ------

broadcast 10.0.0.0 dev ccmni0  proto kernel  scope link  src 10.110.180.104

local 10.110.180.104 dev ccmni0  proto kernel  scope host  src 10.110.180.104

broadcast 10.255.255.255 dev ccmni0  proto kernel  scope link  src 10.110.180.104

broadcast 127.0.0.0 dev lo  proto kernel  scope link  src 127.0.0.1

local 127.0.0.0/8 dev lo  proto kernel  scope host  src 127.0.0.1

local 127.0.0.1 dev lo  proto kernel  scope host  src 127.0.0.1

broadcast 127.255.255.255 dev lo  proto kernel  scope link  src 127.0.0.1

------ 0.024s was the duration of 'ROUTE TABLE IPv4' ------

------ ROUTE TABLE IPv6 (ip -6 route show table 255) ------

local ::1 dev lo  proto none  metric 0

ff00::/8 dev ccmni0  metric 256

------ 0.024s was the duration of 'ROUTE TABLE IPv6' ------

------ ROUTE TABLE IPv4 (ip -4 route show table 254) ------

10.0.0.0/8 dev ccmni0  proto kernel  scope link  src 10.110.180.104

------ 0.024s was the duration of 'ROUTE TABLE IPv4' ------

------ ROUTE TABLE IPv6 (ip -6 route show table 254) ------

------ 0.023s was the duration of 'ROUTE TABLE IPv6' ------

------ ROUTE TABLE IPv4 (ip -4 route show table 97) ------

------ 0.023s was the duration of 'ROUTE TABLE IPv4' ------

------ ROUTE TABLE IPv6 (ip -6 route show table 97) ------

------ 0.021s was the duration of 'ROUTE TABLE IPv6' ------

------ ROUTE TABLE IPv4 (ip -4 route show table 98) ------

------ 0.019s was the duration of 'ROUTE TABLE IPv4' ------

------ ROUTE TABLE IPv6 (ip -6 route show table 98) ------

------ 0.019s was the duration of 'ROUTE TABLE IPv6' ------

------ ROUTE TABLE IPv4 (ip -4 route show table 99) ------

64.233.164.192 via 10.110.180.104 dev ccmni0  proto static

------ 0.019s was the duration of 'ROUTE TABLE IPv4' ------

------ ROUTE TABLE IPv6 (ip -6 route show table 99) ------

------ 0.019s was the duration of 'ROUTE TABLE IPv6' ------

------ ROUTE TABLE IPv4 (ip -4 route show table 1002) ------

default via 10.110.180.104 dev ccmni0  proto static

------ 0.019s was the duration of 'ROUTE TABLE IPv4' ------

------ ROUTE TABLE IPv6 (ip -6 route show table 1002) ------

------ 0.019s was the duration of 'ROUTE TABLE IPv6' ------

------ 0.255s was the duration of 'DUMP ROUTE TABLES' ------

------ ARP CACHE (ip -4 neigh show) ------

------ 0.020s was the duration of 'ARP CACHE' ------

------ IPv6 ND CACHE (ip -6 neigh show) ------

------ 0.019s was the duration of 'IPv6 ND CACHE' ------

------ MULTICAST ADDRESSES (ip maddr) ------

1:    lo

    inet  224.0.0.1

    inet6 ff02::1

    inet6 ff01::1

2:    ccmni0

    link  33:33:00:00:00:01

    link  01:00:5e:00:00:01

    inet  224.0.0.1

    inet6 ff02::1

    inet6 ff01::1

3:    ccmni1

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

4:    ccmni2

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

5:    ccmni3

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

6:    ccmni4

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

7:    ccmni5

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

8:    ccmni6

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

9:    ccmni7

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

10:    ccmni8

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

11:    ccmni9

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

12:    ccmni10

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

13:    ccmni11

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

14:    ccmni12

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

15:    ccmni13

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

16:    ccmni14

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

17:    ccmni15

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

18:    ccmni16

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

19:    ccmni17

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

20:    ifb0

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

21:    ifb1

    link  33:33:00:00:00:01

    inet6 ff02::1

    inet6 ff01::1

22:    tunl0

    inet6 ff02::1

    inet6 ff01::1

23:    sit0

    inet6 ff02::1

    inet6 ff01::1

24:    ip6tnl0

    inet6 ff02::1

    inet6 ff01::1
------ NETWORK DIAGNOSTICS (dumpsys -t 10 connectivity --diag) ------


NetworkDiagnostics:ifaces{ccmni0} index{2} network{100} nethandle{429513165534}

  .  ICMPv4 dst{185.89.185.2} src{10.110.180.104:2}: SUCCEEDED: 1/1 (71ms)

  .  ICMPv4 dst{8.8.8.8} src{10.110.180.104:1}: SUCCEEDED: 1/1 (64ms)

  .  ICMPv4 dst{10.110.180.104} src{10.110.180.104:4}: SUCCEEDED: 1/1 (1ms)

  .  ICMPv4 dst{89.108.195.21} src{10.110.180.104:3}: SUCCEEDED: 1/1 (64ms)

  .  DNS UDP dst{185.89.185.2} src{10.110.180.104:59725} qtype{1} qname{429418-android-ds.metric.gstatic.com}: SUCCEEDED: 1/1 NOERROR (102ms)

  .  DNS UDP dst{8.8.8.8} src{10.110.180.104:34303} qtype{1} qname{735571-android-ds.metric.gstatic.com}: SUCCEEDED: 1/1 NOERROR (84ms)

  .  DNS UDP dst{89.108.195.21} src{10.110.180.104:48254} qtype{1} qname{163211-android-ds.metric.gstatic.com}: SUCCEEDED: 1/1 NOERROR (84ms)

------ 0.162s was the duration of 'NETWORK DIAGNOSTICS' ------

------ INTERRUPTS (2) (/proc/interrupts) ------

           CPU0       CPU1       CPU2       CPU3  
Dump of WifiQualifiedNetworkSelector

WifiQualifiedNetworkSelector - Log Begin ----

03-11 07:58:50.266 - ==========start qualified Network Selection==========

03-11 07:58:50.271 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 /  dump for scanDetails at begin of selectQualifiedNetwork()


03-11 07:58:50.272 - no saved network

03-11 07:58:50.279 -  skipped due to low signal


03-11 07:58:50.279 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 /  skipped due to not saved

03-11 07:58:50.280 -  skipped due to not valid SSID


03-11 07:58:50.281 -

03-11 07:58:50.281 - Checking the externalScoreEvaluator for candidates...

03-11 07:58:50.282 - ExternalScoreEvaluator did not see any good candidates.

03-11 07:58:50.282 - Can not find any suitable candidates

03-11 07:59:11.243 - ==========start qualified Network Selection==========

03-11 07:59:11.244 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 /  dump for scanDetails at begin of selectQualifiedNetwork()


03-11 07:59:11.245 - no saved network

03-11 07:59:11.246 -  skipped due to low signal


03-11 07:59:11.247 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 /  skipped due to not saved

03-11 07:59:11.248 -  skipped due to not valid SSID


03-11 07:59:11.248 -

03-11 07:59:11.248 - Checking the externalScoreEvaluator for candidates...

03-11 07:59:11.249 - ExternalScoreEvaluator did not see any good candidates.

03-11 07:59:11.249 - Can not find any suitable candidates

03-11 07:59:31.266 - ==========start qualified Network Selection==========

03-11 07:59:31.267 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 / NETIASPOT-B21130:00:12:2a:b2:11:38 /  dump for scanDetails at begin of selectQualifiedNetwork()


03-11 07:59:31.268 - no saved network

03-11 07:59:31.271 - NETIASPOT-B21130:00:12:2a:b2:11:38(2.4GHz)-87 /  skipped due to low signal


03-11 07:59:31.271 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 /  skipped due to not saved

03-11 07:59:31.272 -  skipped due to not valid SSID


03-11 07:59:31.272 -

03-11 07:59:31.272 - Checking the externalScoreEvaluator for candidates...

03-11 07:59:31.273 - ExternalScoreEvaluator did not see any good candidates.

03-11 07:59:31.273 - Can not find any suitable candidates

03-11 07:59:52.560 - ==========start qualified Network Selection==========

03-11 07:59:52.562 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 /  dump for scanDetails at begin of selectQualifiedNetwork()


03-11 07:59:52.562 - no saved network

03-11 07:59:52.568 -  skipped due to low signal


03-11 07:59:52.569 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 /  skipped due to not saved

03-11 07:59:52.569 -  skipped due to not valid SSID


03-11 07:59:52.570 -

03-11 07:59:52.570 - Checking the externalScoreEvaluator for candidates...

03-11 07:59:52.571 - ExternalScoreEvaluator did not see any good candidates.

03-11 07:59:52.571 - Can not find any suitable candidates

03-11 08:00:12.524 - ==========start qualified Network Selection==========

03-11 08:00:12.525 - Livebox-F5F0:38:46:08:b8:f5:f0 / HUAWEI-h28Y:20:3d:b2:c2:6d:f4 / SAGEM_6FA7:3c:81:d8:2f:6f:a8 / Darmowe_Orange_WiFi:3e:46:08:b8:f5:f0 /  dump for scanDetails at begin of selectQualifiedNetwork()


03-11 08:00:12.525 - no saved network

03-11 08:00:12.527 -  skipped due to low signal

Its from Android 5.0 big_smile second-hand phone... someone is shit and have no idea about big_smile

pozderki

AllSafe,

Gugi _/

Last edited by Gugi (2019-02-07 08:50:46)


- I am using Arch BTW

Offline

#2 2019-02-14 20:21:42

RickDeckard
Member
From: Acworth, Georgia, USA
Registered: 2016-02-19
Posts: 59

Re: funny moment when you are from cyber-security and catch hacker n00b

I really and truly don't see anything out of the ordinary in your routing table or network/WiFi diagnostics.  UDP traffic over DNS is done for the purposes of domain name resolution.  I'm a little concerned that your phone is pinging a name server that shows up on malware tech support lists, but I suppose there could be legitimate reasons for traffic to be passing between you and an IP in your own country.  Is there anything else that leads you to believe this?  Maybe I'm just not loaded up on enough coffee to see it today.

Offline

#3 2019-05-06 20:17:17

raist356
Member
Registered: 2015-12-06
Posts: 5

Re: funny moment when you are from cyber-security and catch hacker n00b

It looks like someone connected to the free WiFi network that ISPs in Poland provide along standard one for their users.

And it not necessarily was a hacker. Looks likely that the device was infected and trying to spread.

But I am tired and tipsy, so correct me if I'm wrong.

Offline

Board footer

Powered by FluxBB