[got-r00t]

Hacking Blog: Adjust resolution/zoom until the --==##==-- line below stays on one line.

----------------==========###########==========----------------

15-01-2020

Neocities Free Restrictions and Workarounds

As a free member of necoties you get a couple of restrictions. You only have 1GB to upload, which for most sites is more than enough. However, you can't upload most media files, which can really limit your site. mp4s mp3s and other files you might want to host like zips exes, are not allowed. Attempts to upload those files to your site will be met with "File type (or content in file) is only supported by supporter accounts"and the reason they do this is to "prevent neocities becoming a file dump". Spoiler alert: With 1GB to go around, aint NO ONE going to use this as a file dump. The real reason is they just want your money. But this is easily worked around.

Music

Upload whatever music you want to Youtube, you can even make it unlisted, and then play it through your site by implementing this script in your sites header
<div data-video="VttoGrOKfv4" data-autoplay="1" data-loop="1" id="youtube-audio"> </div> <script src="https://www.youtube.com/iframe_api"> </script>

File hosting >:)

This requires simply changing the file enough so that it can't be identified by neocities as a "forbidden" file-type. Usually this can be done by just changing the extension. So as an example, rename Example.mp3 as Example.mp3.txt, it'll only require the downloader to change the extension back. For uploading things like .zips or .rars you need to go a step further, after changing the extension to .txt, open it and on the first line move the #RAR / #ZIP identifiable components down one line, and on the first line replace it with misc text. Usually instructions for the downloader to make it useable like "Replace the contents of the first line with the contents of the second line"
Speaking of hosted files, I've added a couple new ones to my files page. Check out my vbs spambot that you can use to fill up Discord/Steam or anything with an input box. Have fun. Next post should be more technical.

----------------==========###########==========----------------

14-01-2020

Digital Grafitti and the death of the Computer Underground

I like grafitti. I like digital grafitti. Commonly known as website defacement, digital grafitti is hacking into a web server and getting enough permissions to change the website and add your own .html Some grafitti is just hackers getting up. Something to post to zone-h for the clout. a simple change, replacing the homepage with their handle just to show that they did it. Theres oppurtunistic attacks and targeted attacks. Most zone-h posts are oppurtunistic attacks. Someone finds an unpatched server with a shodan query and then busts it in a few minutes and plasters their name on the homepage. Targeted attacks are not as common. Targeted attacks are usually done as a political attack. Like this hack of a government site.

Most of these attacks were done by US/EU teens a couple decades ago. But the Cyber Security market in first world countries has developed and matured. And with CTF challenges and plenty of other legal challenges to take part in, teens direct their energy there, and consequentially, the first world Computer Underground is pretty much dead. Anyone that's any good at it makes six figs as a Security Consultant. All of the excitement has moved over to the middle east and other developing countries, russias still pretty active though But the local scene is a ghost of it's former self. Hackers are now foreigners with broken english, doing oppurtunistic attacks, posting to facebook and instagram, and making skiddys first ransomware. Is this a bad thing? Not necessarilly, I might be talking about it rant like, but things evolve. Tech evolves. Scenes evolve. And if you want to keep your edge you gotta evolve with it.

----------------==========###########==========----------------

30-12-2019

r00ts End of Year Onion Directory

Theres a lot of directories like this and by no means is mine the best, but its my personal one that I consult. Entries include things that I actually visit on a semi-frequent basis or just sites that I go "huh, neat" and theres a couple of entries that I've thrown in just for this post here. If you're a huge n00b. All of these are onion links and can be accessed using the Tor browser. Located at https://www.torproject.org/ . Anyways, onto the list:

Clearnet Clones:
http://expyuzz4wqqyqhjn.onion/ - The Tor Project
https://www.facebookcorewwwi.onion/ - Facebook
https://www.bbcnewsv2vjtpsuy.onion/ - BBC
http://ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion/ - The CIA
http://ncidetf3j26mdtvf.onion/ - Norther California Illicit Digital Economy Task Force (NCIDE)
http://darkfailllnkf4vf.onion/ - Dark.fail
http://jthnx5wyvjvzsxtu.onion/ - 8kun
http://endchan5doxvprs5.onion/ - Endchan

White:
http://3kyl4i7bfdgwelmf.onion/ - We fight censorship, News and articles fighting censorship and corruption
http://deeptehvdjx3xbek.onion/ - Deep Tech Group, Articles and forums to help keep privacy
http://nzh3fv6jc6jskki3.onion/ - Riseup, Site that promotes liberatory social change
http://yniir5c6cmuwslfl.onion/ - The Meme bay, Meme site
http://travian3ryanipfs.onion/ - The Travian Browser Game hosted as a hidden service
http://zsolxunfmbfuq7wf.onion/ - RiseUp, Email Service
http://torbox3uiot6wchz.onion/ - TorBox, Email Service
https://protonirockerxow.onion/ - ProtonMail, Email Service
http://mail2tor2zyjdctd.onion/ - Mail2Tor, Email Service
http://eludemaillhqfkh5.onion/ - EludeMail, Email Service
http://tetatl6umgbmtv27.onion/ - Chat With Strangers, Deep web omegle
http://hss3uro2hsxfogfq.onion/ - Not Evil, Tor search engine
http://gjobqjj7wyczbqie.onion/ - Candle, Tor search engine
http://msydqstlz2kzerdg.onion/ - Ahmia, Tor search engine
http://3g2upl4pq6kufc4m.onion/ - DuckDuckGo, Tor search engine
http://galaxy3m2mn5iqtn.onion/ - Galaxy3, Tor twitter
http://nzxj65x32vh2fkhk.onion/ - Stronghold Paste, Tor Pastebin
http://wbaidlaw6quwv7h3.onion/ - Wistleblower Aid, Help site for whistleblowers
http://enotegggr635n4lw.onion/ - Burn Notes, Tor notemaker
http://torpress2sarn7xw.onion/ - TorPress, Free WordPress Hosting on Tor
http://crappriuroorf6uyaa45a2lqaa2l7475me36hqzv3w4oem4w4g2fzyyd.onion/ - CHANGOLIA, Hidden Service Imageboard
http://jzn5w5pac26sqef4.onion/ - WeBuyBitcoins, Don't know if legit
http://matrixtxri745dfw.onion/ - Matrix Image Host, Tor image host
http://76qugh5bey5gum7l.onion/ - Deep Web Radio, Tor radio

Grey: [Some sites are white, but due to ads links to 'Black' pages, are put here]
http://jh32yv5zgayyyts3.onion/ - Hidden Wiki, Directory like this one (Most links dead)
http://dirnxxdraygbifgc.onion/ - OnionDir, Directory like this one
http://dreadditevelidot.onion/ - Dread, Tor reddit clone
http://darknetq7skv7hgo.onion/ - Darknetlive, News relating to the Darkweb and marketplaces
http://warezlrg54cefgmp.onion/ - Warezloaders, Underground encrypted marketplace
http://thehub7xbw4dc5r2.onion/ - The Hub, General forum most active topics are marketplaces
http://avengersdutyk3xf.onion/ - DNM Avengers, General forum most active topics are marketplaces
http://xmh57jrzrnw6insl.onion/ - Torch, Tor search engine with EXTRA scam ads
http://secmailw453j7piv.onion/src/login.php - SecMail, Email Service with EXTRA scam ads
http://uj3wazyk5u4hnvtk.onion/ - The Pirate Bay
http://suprbayoubiexnmp.onion/ - SuprBay, Onion link for Pirate Bay Forum

Black:
http://tuu66yxvrnn3of7l.onion/ - UK Guns & Ammo, Firearms e-seller serving the UK
http://vfqnd6mieccqyiit.onion/ - UK Passports, Fake passports for the UK
http://hbetshipq5yhhrsd.onion/ - Fixed Matches Betting, Purchase information to bet on a fixed sports match

----------------==========###########==========----------------

17-12-2019

Real Hacker Shit

I did it. I did the write of passage. The CLASSIC movie hacker type shit. I changed a College students grades for money. I feel slick. Just wanted to brag about it. Can't really do that to people I know IRL xP.

----------------==========###########==========----------------

02-12-2019

Encrypted Persistence on Parrot Security

Heres a guide because I have to do this every once in a while and I forget the commands, and the current existing guide is rather lackluster and I have to keep altering commands. So heres EZ mode to setup Encrypted persistence on any Debian (Sid) OS that supports encrypted persistence as a live boot option. Anyways, heres the basic guide.

sudo apt install gparted

sudo gparted

using gparted make an ext4 partition to the size you want and label it "persistence"

sudo cryptsetup --verbose --verify-passphrase luksFormat /dev/sdc4

sudo cryptsetup luksOpen /dev/sdc4 UUI

sudo mkfs.ext4 -L persistence /dev/mapper/UUI

sudo e2label /dev/mapper/UUI persistence

sudo mkdir -p /mnt/UUI

sudo mount /dev/mapper/UUI /mnt/UUI

sudo apt install pcmanfm

sudo pcmanfm

navigate to /mnt/UUI

create a new file "persistence.conf"

write in it "/ union"

sudo umount /dev/mapper/UUI

sudo cryptsetup luksClose /dev/mapper/UUI

----------------==========###########==========----------------

28-11-2019

Get Physical!

I recently did a pentest against a quite large environment. A community college. This had a lot of users, of varying privelage. Everything was locked pretty tight remotely. Certs and software all up to date, strong password rules for accounts. I managed to find a plain text user list of about 400 accounts, trying to create an account I found the password rules were 8 characters, 1 uppercase, 1 lowercase, 1 number, 1 special character. I put together a wordlist, shit like Password1! or Trump2020! becuase you K N O W some dumbass probably has that as a password. Foolishly I started spraying loud and got my IP blasted. So I changed and tried again, doing a (quiet) password spray, while waiting for this 2.5 day attack to complete I scoped out the building and security to see if I couldn't get physical access

Being a College I was able to blend in pretty easily. Went to class, snooped around in computer labs, professor office spaces. Tried to figure out who would have more elevated privelages, checked the floor maps, class times, staff directory, etc. All the professors used the University mini-pcs that were hooked up to this 'lil podium thing. The important thing is... it's IO ports were exposed! The admin did take care as it's bios were password protected, sidepanel was key-locked, and secure boot was enabled. No live-booting on this machine. But I just slipped a keylogger on the back of the machine, hoping I'd be able to do something with professor creds. Other accessible target was the IT student workers, as they occupied a litte area of the library, and past 5pm they were gone. At around 8pm I put a keylogger on one of their machines as well. Both of these I was able to do in the same day

Second day, about 36 hours left on my password spray. So I went to "class" again to retrive the keyloggers I installed earlier. I was able to get them both back no trouble. In the evening I analyzed what I got. It was pretty easy to find creds in the professor logs as they pretty much only used the keyboard to log in and find their PP slides. I was able to get 5 different professors usernames and passwords. One of which contained "Poochie" which was kind of funny :P The IT workers though, WOW, there was a lot of keystrokes made. I only got one set of creds.

Professors didn't have much privilage, they could only change stuff of their class. Which makes sense. The student worker had a bit more, he could reset passwords to accounts below him, but nothing that I could really escelate from there though.

8 hours left on the password spray, still nothing. Digging through the emails of the compromised accounts, turns out the student worker is friends with the SysAdmin! Dude seems to be mentoring him. So I sent over a cool "Personal project" of his that I wanted his opinion on. A neat .exe text adventure. So the file would be opened and exected in cmd, it'd run all the important code first on one line, then would echo a whole bunch of garage text, and then a cool ASCII skeleton dude and the text "game" would begin. I'm actually pretty proud of that little creation, I made like, a genuine 7 minute text adventure with ascii mobs and stuff. ANYWAYS, sent the email and then deleted it from 'my' account, and watched it like a hawk. He replied not 10 minutes later! Replied with some "Neat, I liked the text art" or whatever, I caught a glimpse as I deleted it. But the important thing is: He ran it. I got the SAM dump of his system and for the rest of that computers current uptime any keystrokes.

The password spray never did yield any results. But I was able to crack his login pass with Hashcat in 18 hours and got his creds for his gmail and reddit with the keylogger. So no, I didn't get root. But it was fun regardless. I got a handful of users, and all of it was pretty much social engineering. Besides the .exe I made there wasn't really any technical knowledge being used to get what I got. Any College aged yoohoo could've gotten all but the Admins deets just by plugging in a usb keylogger with virtually 0 risk of getting caught, installation or retrieval.

Point is. They had a really secure system online, but very WEAK physical security. I didn't need a Student ID to get in to class rooms or to move around campus, and the computers physically exposed. To prevent this, use RFID! Only let students in where student should be. Most Student IDs are also Student Keycards, but being a Community College I guess they were behind the curve. PC wise you can keep computers in a cabinet which is locked. Unfortunately there really isn't that many solutions to prevent Physical exploitation. The saying of "If they have physical access it's already too late" remains true, but it honestly shouldn't. Is it really that hard to keep IO ports unexposed?

Bottom line: Don't forget physical security.

----------------==========###########==========----------------

25-11-2019

Self Hosting is Better

To make entries with neocities I have to actually go to the neocities webpage, open up and MANUALLY edit the html! How tedious! If this was self hosted I could use a bash script in the /html directory to make posting things a 'lil easier. But not too big of deal. It only saves like, 10 seconds per entry anyways. Further on the note of self hosting vs "the cloud", the cloud is just someone elses computer. Yeah, I get it, it's real fashionable to cough up some money to make webhosting someone elses problem. But when so many people RELY on one specific "someone else" that could create a problem. Up to 50% of the clearnet is hosted on JUST Amazon Web Services (AWS) according to sportonet. In August 2019, the U.S. Navy said it moved 72,000 users from six commands to an AWS cloud system as a first step toward pushing all of its data and analytics onto the cloud. So thats cool! Not only is the consumer internet reliant on a single company, but so is parts of the US Armed Forces... Talk about putting your eggs in one basket. It's not like outages are too far out of the question either. In 2011 AWS suffered a major outage, and in 2012 AWS suffered three Major Outages, and in 2017 there was a 5 hour outage caused by classic human error. This 5 hour outage caused a $150 million dollar loss of revenue. This was back in 2017. Even more of the internet relies on AWS now, including parts of the US Government.

It wont be too long until another one of these outages happen. No system is full proof. AWS has centers in certain geographic zones, but neither zones can give backup to other zones. Each center serves their "zone" and only their zone. So if the AWS zone in Virginia goes out again, sucks for the west coast. (Oh isn't silicon valley down there? Oh shucks, well it's not like the majority of web commerce is based out of there or anything.) Point is, the cloud aint safe, you lose control. That shitbox of a site 8chan or 8kun or whatever they call it now, are so hardfocused on getting someone to host for them (which of course no one wants to do) that they'd rather just not exist than host locally. Just seems weird to me.

Self hosting has its own sets of problems. Scalability is a bit more difficult. But the benefits, in my opinion, far outweigh the cons.

----------------==========###########==========----------------

23-11-2019

Hope you all like my stereotypical "l33t h4ck3r" green. Inspired with love from textfiles.com and hackbloc.org much love to both. This'll be documenting my ramblings, and more "black hat" type stuff. This'll be hosted on geocities as its own standalone site, and if you're here from the main, then you're just a special someone aren't you ;)

I'll make more entries soon, as I have a fair amount of stories I've been wanting to tell I've been holding on to.

Peace!