It would seem some d!ck in the ass bitch going by name Az3ar "hacked" the HackBloc forums today i guess in some attempt boost his e-ego. I dont know any of the admins there really or any of the regs, i been looking mostly not really a poster there but still there was lots of good info and one hell of a good zine. I dont really know any of the details behind the attack but i hope they will explain what went down, i know ill be keeping a close eye on them for a while. This may even be the making of a hacker war?? LOL dont say it i can hear what your thinking.
Sunday, January 27, 2008
Friday, January 25, 2008
Monday, January 21, 2008
Well its spring semester anyway so that means work on the hacking 101 section may tapper off a bit as well as my posts. Work on AHG2 may suffer a little as well but i still plan an releasing it soon. Other then obtaining more information one good thing about all this is i have access to the online course software which i have already found a few interesting things about, come back soon im sure ill be talking about this more in the future
Tuesday, January 15, 2008
In this installment of the series we will be looking at ways to exploit a thin client based network and ways to exploit the thin client unit it self.
NOTE: If you didn’t read part one of this series I suggest you do so or you will be lost!!
Read it @ here
Ok here we are going to see where the thin client is getting the configuration file from. To do this we have to disconnect it from the network by removing the network cable from the back of the client. Then press and hold the power button so it turns off, then turn it back on. Right click on the desk top and select Network Manager, look to the bottom of the window that pops up. Here we should see the address to the FTP server and the home directory for that thin client. Now hoping that one of the apps your thin client is running is a web browser, connect to the FTP server and see if there are any other configuration files available. If there is great lets see what they got. Again remove the network cable from the back of the client, and power the unit down and back on again. Right click the desk top and go to Network Manager. Now at the bottom of the Network Manager window we once again see our FTP server and our home directory. Just replace our home directory with one of the others we found on the FTP server. Plug the network cable back in and get access to the apps linked to that user.
NOTE: Thin clients by default connect to FTP using anonymous login and more often then not the admin would rather setup a anonymous account on the FTP server then put usernames and passwords in all his/her thin clients.
Ok we are on our clients using an app, now remember we are really connected to the server using RDP or ICA protocol. So when we send commands while using the app in the apps window it is processed by the server. Try hitting “Ctrl + Alt + Delete” and see if you get that windows pop up with buttons on it for logging off and stuff. Look for “Task Manager” If you have access to that we are up for a gold mine! Once in Task Manager hit the “ New Task…” button and start any program you want off the server!!!! That’s not all, on top of that you get dumped to the desk top of the account the client is logged on as on the server!!!! If your really lucky it will be an admin account.
If one of the apps you have access to is a web browser then there are lots and lots of fun things you can do. In the address bar try putting c:\ and it should dump you to the c drive of the server. See if you can access sites out side of the networks intranet. If you have shitty luck and don’t have a web browser see if you can get to anything from on the server. An app might have a “Open file” option or a search option. If you look around the apps you have access to you most likely will be able to break out of the shell and up to a higher level. If not try to make the app you do have access to error, that might dump you somewhere with better access.
Now that we know how to get access to the Network Manager menu and can change where the configuration file comes from, lets take it a step up. If you managed to get access to the FTP server and downloaded one of the config files to the thin client server then emailed it to your self. Then edit it, setup a FTP server with anonymous access with your edited config file. Now set the thin client up to get the config file from your FTP server and poof the thin client is using your config file!!
Why do we need to get a config file from the FTP server to edit?
The config file holds user names and passwords in plan text that are needed to gain access to the network so we can connect to the apps.
NOTE: This theory has never been tested; I got as far as needing a FTP server with anonymous access that runs on port 21 “My ISP blocks port 21 :*(“. I was however able to get access to the FTP server, download a config file and send it to my gmail account from no access at all!! This theory could very well work but until it has been tested it stays a theoy.
Here is the config file I downloaded:
Description="Jacrux - Jackson" \
Application="JACRUX - JACRUX" \
Here is the edited version:
PRIVILEGE=High ==NOTE== I changed the priv level to high.
Description=" JACRUX pwned by Anarchy " \
Application="JACRUX pwned by Anarchy" \
Keep in mind this is the info in the .ini “configuration” file. This should give you admin access to the thin client and maybe the server.
::That’s all folks::
That’s all I have for you on this topic, feel free to email me about it. Please help me out and click the adds thanxs
Think Thin: The skinny on thin clients part 2
By: Anarchy Angel
anarchy[dot]ang31 [at] gmail
Sunday, January 13, 2008
I made this because I couldnt find anything worth adding to the Hacking 101 section on this subject so here we go. Follow the steps below.
First you need a SMTP server, Try searching your ISPs subnet for port 25 “The defualt SMTP port”. If you dont already have a port scanner google one.
Once you have a SMTP server, if your using XP “In vista you have to open a command prompt”, goto the start button then run and in run type:
telnet smtp.ip.addess.here 25
Hit enter, once the window opens you should see some kind of 220 message, thats good. Now type:
MAIL FROM: email@example.com
You should get a 250 ok message, if you get some other message saying something about helo or hello type:
then mail from. Now set the target address by typing:
RCPT TO: firstname.lastname@example.org
If you get some error try another SMTP server.
Hit enter then type: DATA and hit enter again, now start typing your message. At end of message hit enter, then type a “.” by it self w/o the “” and hit enter again. You should get a 250 email sent message. You can test this best by sending a email to your self.
More on spoofing HERE
Saturday, January 12, 2008
Well i didnt do any work on the gadget today, again i just didnt have it in me i did how ever start a new section for the site called hacking 101 to help out a friend of mine and i hope some other ppl can some use from it as you can tell it not done by a long shot but its a good start. I also added a full "as full as i could find" TCP/UDP port list and the deamons that run on them "for the most part".
Friday, January 11, 2008
I was going to work on AHG today but i just dont feel like it, its been a long week at work and things on the home front haven't really been all that great so i just dont have it in me to any thing ATM i did do some good reading on the other hand @ GNUCITIZIN about UPnP hacking that was really a fresh look at a really misunderstood and overlooked attack vector.
Wednesday, January 9, 2008
AHG development is going well, some new functions and the old ones remade with a little more power. The next rev should have some nice eye popping graphixs pending on how my graphixs bitch helps out or not. And i might be putting out a DC414 edition which will come with a few more options you cant get from the current RC. So come back soon to see what we been up too!