When you can been stuck coding or away a while for you get rusty and thinking to hard makes my brain hurt. I hadn’t been out on adventures in about a month and this late Friday night i decided to look closer on a site that had elude me in the past. After an hour or so i found an old sub-domain that had some shitty code on it. Everything went well, after another hour i realized it was just a matter of time before i had whole server the adrenaline started to hammer me. In my sleep deprived state i might have rushed a little bit to much. While i was busy looking through the database and planting a shell. I accidentally for got a ‘>’ less and wiped the whole footer-page. So much for being a ninja in the dark night. As some end div-tags and what not was in that file the site looked like shit and you could clearly see something was wrong. As i do some coding myself i started to feel kind of bad about the whole situation. As a poor programmer needs to fix this problem one early Monday morning or even worse Saturday morning. So i decided to leave a little massage for the webmaster. It said something in the line of: “//Sorry. I fucked up, hope it wont ruin your day.”
It was a stupid mistake that shouldn’t have happened. I have check up on it a day or so later. I know they have fixed the page now, they haven’t said anything to their members or about any intrusion occurring. I haven’t checked up on my backdoors. If they are still alive but i would be surprised, after my little message, but then again i get surprised all the time by people.

UPDATE:
This all happened some months ago. I just checked up on the backdoors and they are still there alive and kicking. People need to get a grip and stop to think about that files don’t wipe them self.

You remember in the old days when there was a difference between a cracker and hacker? Now a hacker is a cracker and a cracker is something else entirely. Well the same thing is about to happen with what blind injection VS true/false injection. People should know why it is called a blind injection. It’s not because you can’t see the number of columns or anything like that. A blind injection is where no error message appears. Is all started with the MSsql injections where you could use the error message to your advantage by creating errors that would display the results. But this seems too have been forgotten by the new generation of exploiters out there. While looking into this I even found that some moron on wikipedia had got his facts wrong and is now teaching the whole world the wrong thing. Well, I guess I just to have to except people are sheep.
If(!true) {
echo ‘this is true, Baaa!’;
}

More sources:
http://www.cgisecurity.com/questions/blindsql.shtml
http://www.owasp.org/index.php/Blind_SQL_Injection

There are thing you just don’t do in life. One of dose thing is to fuck with a large number of people. Mr Aaron Barr did decided to try to find people that didn’t want to be found. He said he was researching vulnerabilities in “social media”. The research goal was to found out about the 4chan based group called anonymous. They have made some hacks that has has media exposer over the years. There is no doubt some of them know what they are doing. But that’s not their true power. They have a power that few has, they have a following of 10 000, 100 000 who know how many they really are. There is a good chance that 0.01% of are quite good at breaking into shit. But there only needs to be one crazy motherfucker for you to end up in a body bag. Aaron Barr isn’t yet dead. But as a security “expert” he might be fucked. They got his twitter, emails, site and along with that they scammed a guy for further access to a other server. A PDF leaked that described a plan to disrupt Wikileaks organization. The whole situation just blows up in his face. I find it all amusing. Mostly because of how they gain access to rootkit.com. That’s just sad.

The question is what now? He still has his research with names of what he claims is the top of the group. Anonymous said that the report was all bullshit and made up. But i am not so sure. That’s what i would say i was in their situation. The question is now. Will there be arrests? Will Aaron survive in the security community? Will he make a speech at Defcon or blackhat on how he got owned?
Lesson: You don’t want to get a mob of people motivated to bring you down. Especially people that don’t forgive or forget.

Links:
Twitter of Aaron
Overview
Wiki-shit
Price to pay

I might be repeating my self but a year ago or so my hacking took a new level. When you start getting paid for your evil deeds. You get thrown into a Hollywood film scenario where a nights work can get you money to get by the month, even thus it’s not wast sums of money it’s enough for a poor student like my self. But our whole view of things change. I now started to see other hackers as competition and the databases and servers i collect as information that can be translated into money. This makes me unwilling to teach people my tricks and skills that might set me one above the average hacker out there. But what have changed me the most is the in paranoia i feel. I have always been paranoid because i believe deep inside everyone they are looking out for them self and there advancement. But before i had control over everything, Only i knew what i was doing, i had control of the data and so on. But now am handing them off to a second party. That can cause me problems for me if they get caught. So ever time someone knocks at the door the first thing going through my head is “oh my god, the cops is here!”. This might seem a bit extreme but i am not joking around here. if the doorbell rings 6:00 in the morning i fly up from the bed like the fire alarm just went of. If i could afford it i would have rigged my computer with C4. Thank god for Truecrypt and small portable USB devices otherwise i would never leave my computer!

Edit: All this doesn’t apply yo any porn related hacks as all the paid hacks i have done is for commercial servers.

When i say the scene i mean the porn exploiting scene. This is an underground collection of forums, IRC channels and people. This is a community where the more shells and passfiles you have the bigger dick you have. This is the root to all the problems that exists in the community. We have forums where admins feel they need to get recognized as good exploiters and gives out passfile to any newbie that comes along to earn credits. We have people using fake nicknames trying to scam their way into multiple forums. People are cross posting and posting others work as their own. There has always been trouble with a couple of individuals but it seems that it has gotten worse with the years. I don’t know if the new generation lack morals and loyalty or i just remember the good things about old times. But i am sure the standers of being allowed to call one self an exploiter has sunk a level or to. I met people that only “know” sql injections (sqli), they don’t know what they are doing or why the vulnerability is there. They don’t even understand the base of SQL. They are just fumbling in the dark until they find the light switch. This is a real problem because some day the porn industry will wake up and put down more money on security. As it’s now i can’t see how they are surviving when 90% of all paysites are getting hacked. But how can you fix this problem? I really don’t know i think morals are something you learn and you do what you see others do. Maybe thats why goldenpirates has an awesome team. I love them all and what ever they do in life i wise them luck. Well, thats all for now iam need to get back to filter my javascript application from xss. =/

Well, as I am sitting here semi high and haven’t sleet for 27 hours. I am pondering about what I should do with my new found zeroday. It has gotten me allot of new pass files and it has been a fun day. but what should I do now? I could publish it and write an exploit, would be fun to try out my new found C# skills. Then I’ll lose the whole after a week or so. I think I might hang on to it so I have an edge. I was thinking about maybe hacking the main website for the application and maybe put in a small surprise in the source code. But it will someday be discovered by someone and I lose my access. Although it could be fun. But this application is so poorly coded that a monkey could do better. Worst is that it costs 2000$.

Exploit: My new zeroday tool uses first a “true or false” sql injection to get the admin login that is in plain-text. Then it logs in as admin, uploads an evil img (just a jpg with php-code) then it uses an lfi in the config file to execute my evil img.

Well, my blog career was cut short by a server crash and i haven’t had the time or desire to resurrect the blog but lately i have felt the need to have something to take care of. So respawning the blog came natural. So I got my nickname registered as the domain and starting putting it together again. Anyway I am going to try and post at least once a week and keep you all updated of what fun stuff i have been up to. I really have been busy during the time I have been gone. I still have some small stuff to fix and update but hopefully I’ll be up and running 100% at the end of this week. Stay tuned for more adventures of hithron.

Today I hacked a site where people upload pictures and other people rate’s them. The site has a 100 000 users and for a Swedish site’s it’s big. The problem is it had stored the passwords in the database in plain text. Obviously this is good news for me but for the users it’s really bad. Sites that big should take better care of their users. The point here is webmaster should really think more about encryption and to use the right one. Do not use MD5, SHA-1 or MYSQL(4), they are way too easy to crack with too days GPU cards . If I would encrypt I would use phpass or whirlpool, they are hard nuts to crack. But I’am happy there are ignorant webmasters out there to make my life easy. How would I otherwise get my kickass wordlists?

Last night I was sitting at my computer preparing to go to sleep. When “skalman” came into the IRC channel and told me he had a mission for me. A friend of his had some trouble with a former partner of his and now he wanted to get some evidence that he thought was on the server of another company the partner ran. I was really tired at that point, but I’ll have a go I thought because my girl is coming tomorrow and that mean no time for the fun stuff. I started looking around and it didn’t take that long before I have everything I needed, htpasswd-files, MYSQL tables and root login for MYSQL. But they had block access from remote locations in the MYSQL configuration file. Turns out they do the epic mistake almost everyone dose, they had en phpmyadmin. And sure enough I logged in, did my “into outfile” trick and puff, I had a shell. Everything went as planned when a thought entered my mind, “Didn’t I turn off the proxy before… did it turn it back on?” I felt the panic spreading thru my body and the error was obvious. I turned on the proxy as fast as I could. I don’t think this would have happened if I wasn’t so tired. Although I don’t think anything will happen, I really hope not. Just in case I’am going to try and root the box to clean out every clue I left behind. I didn’t find the evidence this individual was looking for but it was fun to take a look around. Well I need to take a shower my girl is on route to my secret hacker lair =)