• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

I am having issues accessing Babiato

Use a Raspberry Pi 4 TOR Gateway as your access point + Residential Socks 5 Proxy on workstation side, change user agent on the browser, check your anonimity score at https://whoer.net and if no anonymizer is detected and the IP address is clean works like a charm!

Let's bet $50 worth of Crypto? If i prove I'm right, I teach you how and you pay me 50 USD in crypto. Deal?

See attached screenshot for your reference :) That's ^31337 (which is also a prime number) ;)


1659670667130.png
Wait, I mention you about your tool's efficiency an higher plan of Cloudflare you anwser me the the theory below that I never deny it 🤣
Are you kidding ???
I know clearly how Babak set the rule on CF
 
  • Haha
Reactions: RoninHood
Wait, I mention you about your tool's efficiency an higher plan of Cloudflare you anwser me the the theory below that I never deny it 🤣
Are you kidding ???
I know clearly how Babak set the rule on CF
LOL Fight, fight, fight!!! Oooops! Bad Taz. Deep breath. All keep calm please! 😜
 
I can easily access
With my network
😀 no problems
internal love for babiatooooooooooo
Me too LOL You know I travel a lot during last time and access from many countries, Netherlands is one of my favourite cos it's so lekker, friendly people, good vibes, lot of bicycles and controlled carbon emissions, good renewable energy policies and investments on infrastructures, who doesn't like NL is an idiot!

I went there for King Fest on April 27, so dank je wel! as always for your warm hospitality! :)

@TassieNZ I rarely try to monetize on my skills and/or job, rising crypto kitties is a hard work but honest work (see attached meme for the lolz) XD

1659671575899.png
 
  • Love
Reactions: TassieNZ
Wait, I mention you about your tool's efficiency an higher plan of Cloudflare you anwser me the the theory below that I never deny it 🤣
Are you kidding ???
I know clearly how Babak set the rule on CF
Bro, ask @Babak and @andykim who passed them IPTABLES rules to bind the infrastructure behind cloudflare (I can still see some match on Censys because the IPTABLES it wasn't implemented properly between different instances and in addition CertBot is to avoid because exposes the IP address of the VPS when generating SSL certificates). Aside to this, I given some advices for infrastructure hardening, incident response and disaster recovery strategy after the SSD failure incident, probably you're missing some point. :)

I'm not here to fight anyone, rather I'm here to Build and help others as I've been helped when I've need to! Since I joined this community I found friends other then resources, some of them given me their trust and this has a certain value for me, I'm not a lame but an old-school muthafucka who likes to chew bubblegums and kickass bad guys, and I'm all out of bubblegums!

Jokes apart: I'm a white-hat ethical hacker with OWASP certifications and a good score on hackerrank (I'm somewhere in between the top 200, with a different name which I can't disclose of course).

My motto is: with great power comes great responsibility. Like Master Yoda.

:)
 
Last edited:
  • Love
Reactions: TassieNZ
LOL We are getting cannons installed down on the wharf ................. just in case!!! 😜
If you need lethal FUD weapons feel free to ask, suddenly no cannons but hypersonic multiple missile launchers :) LKM and Sidechannel FTW. 😜
 
  • Love
Reactions: TassieNZ
Bro, ask @Babak and @andykim who passed them IPTABLES rules to bind the infrastructure behind cloudflare (I can still see some match on Censys because the IPTABLES it wasn't implemented properly between different instances and in addition CertBot is to avoid because exposes the IP address of the VPS when generating SSL certificates). Aside to this, I given some advices for infrastructure hardening, incident response and disaster recovery strategy, probably you're missing some point. :)

I'm not here to fight anyone, rather I'm here to Build and help others as I've been helped when I've need to! Since I joined this community I found friends other then resources, some of them given me their trust and this has a certain value for me, I'm not a lame but an old-school muthafucka who likes to chew bubblegums and kickass bad guys, and I'm all out of bubblegums!

Jokes apart: I'm a white-hat ethical hacker with OWASP certifications and a good score on hackerrank (I'm somewhere in between the top 200, with a different name which I can't disclose of course).

My motto is: with great power comes great responsibility. Like Master Yoda.

:)
Yeah, you are right
Just combine IPTables + Fail2Ban + Cloudflare API + 6G-7G NGNIX Firewall & we have already owned an intermediate level Anti-DDoS system but the core issue here is that they don't clearly know how to make it well @@
Moreoever, I think the server IP has been leaked out partly before so currently the attackers come frequently :)
Too hard for them
 
  • Like
Reactions: RoninHood
Didn't understand all the tech lingo you guys talk about... but damn for all those Ddos.. I love babiato
 
Yeah, you are right
Just combine IPTables + Fail2Ban + Cloudflare API + 6G-7G NGNIX Firewall & we have already owned an intermediate level Anti-DDoS system but the core issue here is that they don't clearly know how to make it well @@
Moreoever, I think the server IP has been leaked out partly before so currently the attackers come frequently :)
Too hard for them
Nginx as a web-server and Envoy as a Load-Balancer and Reverse Proxy is the safest choice out there. Binance uses the same stack for server infrastructure. As for the DDoS, I'm still moving myself to find the IP2Location updated database DB24 package through my PV8 IRC channels, I think I will get it in matter of 1 or 2 weeks, I'm avoiding XMPP since the last vulnerability discovered and aside to this is not being maintained since years, otherwise I had it already.

The IP Address can still be changed running the website as a TOR Hidden Service and then proxying to one reverse proxy that works as a bridge between dark-net and clearnet, otherwise also IPFS is a good way to go! ;)
 
  • Love
Reactions: MrDoCtor
Nginx as a web-server and Envoy as a Load-Balancer and Reverse Proxy is the safest choice out there. Binance uses the same stack for server infrastructure. As for the DDoS, I'm still moving myself to find the IP2Location updated database DB24 package through my PV8 IRC channels, I think I will get it in matter of 1 or 2 weeks, I'm avoiding XMPP since the last vulnerability discovered and aside to this is not being maintained since years, otherwise I had it already.

The IP Address can still be changed running the website as a TOR Hidden Service and then proxying to one reverse proxy that works as a bridge between dark-net and clearnet, otherwise also IPFS is a good way to go! ;)
Yeah, you know there are tons of technologies to protect our server from attackers but we have to choose the simplest way for them to execute it well. Even with the simplest method, they can still have trouble in implementing it without basic knowledge @@
 
Let me have the logs with the attackers IP addresses when DDoS attacks happens, this way I can try to understand from where they start and give a try to a new toy to take over the botnets to these lamers.

Do you have a list of banned users/haters with hacking skills on which we can work on? I remember after the SSD failure incident someone appeared claiming to be the responsible for the attacks because he was banned, I don't remember his nickname now but I'm sure with a bit of cooperation we can find the responsible and punish him with a shower of poisoned packages through the use of honey pots. ;)

I'm master in data exfiltration, reverse engineering, privilege escalation and APT delivery, I'm the Amazon of 0day tools and techniques! :D
 
  • Like
Reactions: Auwal
Yeah, you know there are tons of technologies to protect our server from attackers but we have to choose the simplest way for them to execute it well. Even with the simplest method, they can still have trouble in implementing it without basic knowledge @@
I'm here to help, I have the know-how to reach top-grade enterprise security bro! Available to every test on HackTheBox or similar websites whenever you want, and I do this for free because I fucking love this place because I found friends like @TassieNZ and many others who gave me their trust out of nothing, this has to be paid back somehow and I'm available to do it whenever is needed!
 
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock