_____ _____ _ _ ___ _ _ __ _____ _____ __ __
| _ | |____ | | | | | / | _| || |_ / | / __ \| _ |/ | / |
| |/' |_ __ / /_ __ | |_| |/ /| |__ __ |_ __ _|`| | `' / /'| |/' |`| | `| |
| /| | '_ \ \ \ '_ \| _ / /_| |\ \/ / _| || |_ | | / / | /| | | | | |
\ |_/ / |_) |.___/ / | | | | | \___ | > < |_ __ _|_| |_ ./ /___\ |_/ /_| |__| |_
\___/| .__/ \____/|_| |_\_| |_/ |_//_/\_\ |_||_| \___/ \_____/ \___/ \___/\___/
| |The Underground Cyber Hacking Challenge Ezine #3
|_|
~~~ Menu of the day ~~~
0x00 - General Info - Ezine #3
0x01 - 0p3nH4x #2 and 0p3nH4x #3
0x02 - Poisonhack.info
0x03 - Team-xpc.com
0x04 - W4N73D
0x05 - Final words
~~~ Menu of the day ~~~
[ 0x00 - General Info - Ezine #3 ]
Dear readers,
First we want to apologize for early post of the ezine but due to we being very busy over the
following weeks we've decided to post it.
Although our geniune intentions to keep this ezine focused only around 0p3nH4x, we have decided to
disclose some script-kiddies who think and believe themselves that "they are the bomb". I had a
really *interesting* session today with chroniccomand, their leader, who claims that he is a black
hat and that black hats job is to find vulnerability, write PoC and disclose... Do I have to give
you any more information how retarded they are? Hope you know the answer by now.
We said to them that we are going to disclosure in #2 and that they had to remind us... they didn't
so we forgot since it was/is irrelevant. They asked for disclosure, claiming that we are all about
words when that's not even the case. We only want to keep our hacks (of targets) to ourselves, can't
we have privacy or we have to prove absolutely everything? We're not saying to take everything granted,
always doubt, but do not challenge forces beyond your strenght or control(tip). Of course we could have
disclosured more of their script-kiddie network of retardedness (forums) but we decided to not temper
again and keep it to ourselves.
Now onto what's relevant... 0p3nH4x #1 is almost over! Targets are quite tough and participants by now
almost meet our expectations, we would be more surprised if we saw more struggle though... Winners will
been announced at our forum. We hope they still will enjoy owning white hats as much as we did. No.4 issue
of our ezine will be posted after #3 is over and No.5 after #4. That's final.
We are looking forward to meeting you on the next 0p3nH4x event.
Yours trully,
DUS
creators of 0p3nH4x
P.S. You can see disclosure of one of the targets because the domain expired (protection-plus.info).
[ 0x01 - 0p3nH4x #2 and 0p3nH4x #3 ]
To register for 0p3nH4x #2 2011 simply register in the forum and post your registration request in
the appropriate forum of the "0p3nH4x 2011" section. Your account will be approved shortly (anyone
can join). Deadline for registrations for the second underground hacking challenge is 9th June 2011
at 00:00 GMT. Afterwards, DUS forum registrations(probably) will be opened but the "Registrations"
section will be closed/hidden. Additional information including extra instructions, rules, targets
etc.will be posted on 10th June, around 17:30 GMT.
The forum can be found here(it does NOT and will NOT have any domain name, last time posted on ezine)
-> http://178.86.5.192/f0rum/
Regarding #3... we would like your input. We are almost out of ideas what to own next so please if you have
some nice white hat resource/community/group/whatever to share with us, please do. And again we ask those who
still believe and want the old scene (maybe slightly transformed?) to be back, to join 0p3nH4x.
[ 0x02 - Poisonhack.info ]
Welcome to Poison. Your entrance to the underground
/\ _`\ __
\ \ \L\ \___ /\_\ ____ ___ ___
\ \ ,__/ __`\/\ \ /',__\ / __`\/' _ `\
\ \ \/\ \L\ \ \ \/\__, `\\ \L\ \\ \/\ \
\ \_\ \____/\ \_\/\____/ \____/ \_\ \_\
\/_/\/___/ \/_/\/___/ \/___/ \/_/\/_/
*** NOTE: This retarded text+ascii is not part of our ezine ***
Poison/Poisonhack are a (what they claim to be) "an underground hacking forum" but infact they are just a few
skids from team-xpc and iexploit. As you, the reader, already know, these 3 communities are quite retarded as
they are white/grey hat centralized.
You can thanks us later for not posting your personal info. It's not because we like you but because there is
no point in doing this. Oh, we almost forgot, here is your license you obtained through your 1337 python work.
______________________/%%*%%*%%*%%*%%*%\_____________________
//~~~~~~~~~~~~~~~~~~| I\ I ___ I ~~~~~~~~~~~~~~~~~~~~~~~~~~~~\\
I: ##### | I \ | (__ | OFFICIAL RETARDED SCRIPT :I
I: #### _\_ | I \| ___) |__ KIDDIE LICENSE :I
I: ##=-[.].] | <-><-><-><->expiration NEVER <-><-><-><->:I
I: #( _\ | Name: CHRONICCOMAND :I
I: # \__| | Email: chroniccommand@gmail.com :I
I: \___/ | Occupation: SUCKING EVERYTHING IN SIGHT :I
I: .' `. | Skills: ACTING LIKE A FAG(PRO-PEDO) :I
I: ( ) , ) | Hat color: WHITE/SUCKER FOR MONEY :I
I: | | | | | Location: USA, NEW YORK :I
I: | | n | | | Additional: RAPED ANUS BY HIS MOM :I
*__________________|__________________________________________*
\%%%%%%%%%%%%%%%%%%%%%%%%%%%/
uname
Linux server.infomove.org 2.6.18-194.32.1.el5 #1 SMP Wed Jan 5 17:53:09 EST 2011 i686 i686 i386 GNU/Linux
id
uid=0(root) gid=0(root) groups=0(root)
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
cpanel:x:32001:32001::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell
cpanelhorde:x:32002:32002::/var/cpanel/userhomes/cpanelhorde:/usr/local/cpanel/bin/noshell
cpanelphpmyadmin:x:32003:32003::/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell
cpanelphppgadmin:x:32004:32004::/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell
cpanelroundcube:x:32005:32005::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell
named:x:25:25:Named:/var/named:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
mysql:x:101:103:MySQL server:/var/lib/mysql:/bin/bash
mailman:x:32006:32006::/usr/local/cpanel/3rdparty/mailman/mailman:/usr/local/cpanel/bin/noshell
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
cpaneleximfilter:x:32007:32009::/var/cpanel/userhomes/cpaneleximfilter:/usr/local/cpanel/bin/noshell
xpcadmin:x:762:762::/home/xpcadmin:/usr/local/cpanel/bin/noshell
infomove:x:763:763::/home/infomove:/usr/local/cpanel/bin/noshell
chronic:x:764:764::/home/chronic:/usr/local/cpanel/bin/noshell
eztoolz:x:765:765::/home/eztoolz:/usr/local/cpanel/bin/noshell
fbproxy:x:766:766::/home/fbproxy:/usr/local/cpanel/bin/noshell
kogee4:x:769:769::/home/kogee4:/usr/local/cpanel/bin/jailshell
py1337:x:770:770::/home/py1337:/usr/local/cpanel/bin/noshell
ambient4:x:771:771::/home/ambient4:/usr/local/cpanel/bin/noshell
kogee07:x:772:772::/home/kogee07:/usr/local/cpanel/bin/noshell
openvpn:x:32008:32010::/home/openvpn:/sbin/nologin
openvpn_as:x:32009:32011::/home/openvpn_as:/sbin/nologin
co19:x:32010:32012::/home/co19:/bin/bash
upteamx:x:773:773::/home/upteamx:/usr/local/cpanel/bin/noshell
xpcadm2:x:774:774::/home/xpcadm2:/usr/local/cpanel/bin/noshell
ls -la
total 53036
drwxr-x--- 24 chronic nobody 4096 May 17 21:22 .
drwx--x--x 23 chronic chronic 4096 May 15 23:33 ..
-rw------- 1 chronic chronic 14 May 8 00:07 .ftpquota
-rw-r--r-- 1 chronic chronic 65 May 17 21:21 .htaccess
drwxr-xr-x 2 chronic chronic 4096 Jan 28 23:19 .smileys
-rw-r--r-- 1 chronic chronic 633 Jan 30 00:06 401.shtml
-rw-r--r-- 1 chronic chronic 613 Jan 30 00:04 403.shtml
-rw-r--r-- 1 chronic chronic 747 Feb 11 21:33 404.html
-rw-r--r-- 1 chronic chronic 737 Feb 11 23:22 404.shtml
-rw-r--r-- 1 chronic chronic 65875 Feb 20 05:35 CSQLi.tar.gz
-rw-r--r-- 1 chronic chronic 9815736 Apr 2 17:19 Pokemonz.tar.gz
drwxr-xr-x 2 chronic chronic 4096 Apr 5 21:17 _private
drwxr-xr-x 4 chronic chronic 4096 May 16 00:08 _vti_bin
drwxr-xr-x 2 chronic chronic 4096 Apr 5 21:17 _vti_cnf
-rw-r--r-- 1 chronic chronic 1754 Feb 1 20:28 _vti_inf.html
drwxr-xr-x 2 chronic chronic 4096 Apr 5 21:17 _vti_log
drwxr-x--- 2 chronic nobody 4096 Apr 5 21:17 _vti_pvt
drwxr-xr-x 2 chronic chronic 4096 Apr 5 21:17 _vti_txt
-rw-r--r-- 1 chronic chronic 2061 Apr 7 20:24 about.html
drwxr-xr-x 2 chronic chronic 4096 Apr 2 00:01 acp
-rw-r--r-- 1 chronic chronic 4719005 Apr 7 02:43 aossa.chm
-rw-r--r-- 1 chronic chronic 35383218 Jan 30 03:12 books.tar.gz
drwxr-xr-x 2 chronic chronic 4096 Apr 5 21:17 cgi-bin
drwxr-xr-x 9 chronic chronic 4096 May 17 20:43 forum
drwxr-xr-x 5 chronic chronic 4096 Apr 19 04:41 ftps
drwxr-xr-x 2 chronic chronic 4096 May 17 21:22 hash
drwxr-xr-x 4 chronic chronic 4096 Feb 19 00:28 iemag
drwxr-xr-x 3 chronic chronic 4096 Feb 11 21:33 images
-rw-r--r-- 1 chronic chronic 4249 Apr 20 19:23 index.html
-rw-r--r-- 1 chronic chronic 1166 Feb 19 02:07 links.html
drwxr-xr-x 2 chronic chronic 4096 Mar 6 23:53 localroot
drwxr-xr-x 2 chronic chronic 4096 Feb 21 03:20 myip
-rw-r--r-- 1 chronic chronic 2161321 Apr 15 23:32 netdog.tar.gz
-rw-r--r-- 1 chronic chronic 224394 Mar 13 23:19 newbieguide-2.pdf
-rw-r--r-- 1 chronic chronic 17164 Apr 22 20:19 paceage-v10rc2.tar.gz
drwxr-xr-x 3 chronic chronic 4096 Apr 6 20:25 poisonhack.info
-rw-r--r-- 1 chronic chronic 4507 Apr 11 01:04 preview.html
drwxr-xr-x 2 chronic chronic 4096 Apr 11 01:03 preview_content
drwxr-xr-x 2 chronic chronic 4096 Apr 10 23:39 preview_images
-rw-r--r-- 1 chronic chronic 2806 Apr 10 17:55 public.key
-rw-r--r-- 1 chronic chronic 8 Apr 22 19:56 pversion.txt
-rw-r--r-- 1 chronic chronic 2056 Jan 29 19:59 pybackdoor.tar.gz
-rw-r--r-- 1 chronic chronic 467 Mar 13 22:46 robots.txt
-rw-r--r-- 1 chronic chronic 214666 Feb 26 09:48 scans.txt
-rw-r--r-- 1 chronic chronic 371027 Feb 27 20:27 scans2.txt
drwxr-xr-x 2 chronic chronic 4096 Feb 6 05:43 scgi-bin
-rw-r--r-- 1 chronic chronic 598895 Feb 8 00:21 shells.tar.gz
-rw-r--r-- 1 chronic chronic 271 May 4 02:04 siezed.html
drwxr-xr-x 3 chronic chronic 4096 Apr 24 16:20 test
drwxr-xr-x 10 chronic chronic 4096 Mar 31 02:42 tests
-rw-r--r-- 1 chronic chronic 297935 Apr 10 04:24 weed.html
-rw-r--r-- 1 chronic chronic 71644 Feb 16 23:58 winblows.swf
-rw-r--r-- 1 chronic chronic 61308 Jan 30 06:33 wordlist.torrent
cat config.php
365, // Administrator logs
'mod_logs' => 365, // Moderator logs
'task_logs' => 30, // Scheduled task logs
'mail_logs' => 180, // Mail error logs
'user_mail_logs' => 180, // User mail logs
'promotion_logs' => 180 // Promotion logs
);
?>
*** Warning:1337 skillz from anon2011 ***
cat /test/index.php
","<","[","]",".","@");
$replace = "\\".$data."\\";
$data = str_ireplace($bad_keyword," ** ",$data);
$data = strip_tags($data);
$data = htmlspecialchars($data, ENT_COMPAT);
$data = htmlspecialchars($data, ENT_QUOTES);
$data = htmlspecialchars($data, ENT_NOQUOTES);
return $data;
}
if(isset($_GET['rd']))
{
echo "
Thanks for taking the test, we will notify you by email if you are successfull and will send you instructions.
";
}
elseif(!isset($_GET['submit']))
{
echo "Enter your name and contact answers below
We will use your name and contact information to contact you if your successfull.
Note you can leave answers blank, but they will not be scored.