CONNEXION ✔ Connexion INSCRIPTION ✔ Inscription Un Bug ? ✐ Un Bug?



Plateforme de Hacking

HackBBS.org est une communauté faisant évoluer un système de services vulnérables.
Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet alors d'améliorer la technologie, les relations humaines et les intérêts.
Nous défendons les valeurs de l'entraide et du challenge et contribuons
modestement à rendre l'expérience des utilisateurs finaux
la plus agréable possible.

L'irc est assez actif. Le forum doit être remplacé par une version plus moderne.
Il rentre donc à son tour dans la liste des cibles disponible.

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
Hacker
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
  • Cours en ligne
We make porn
Donate Button
Loading

Please Donate To Bitcoin Address: [[address]]

Donation of [[value]] BTC Received. Thank You.
[[error]]
Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.
Flux RSS

flux RSS d'HackBBS Abonnez-vous. Soyez prévenu des tournois, challenges, actualités, ...
Recevez nos dernières actualités sur notre flux RSS.


Dernières mises à jour
Déploiement du vpn en mode TUN pour supporter les devices mobile Android.
Publication officielle de l'existence du FTP de hackBBS
Mise en place d'un nouveau système de publication d'article. Désormais, les contributeurs pourront aisément publier du contenu.
Implémentation d'un nouveau service vulnérable sur le dédié. (source du service dispo dans /usr/local/src/)
Création de 2 nouveaux comptes sur le dédié.
Mise en ligne de nouveaux articles sur les réseaux de neurones.
Premier tournois Battle-bot sur irc.hackint.eu.
Mise en production du flux rss.
Lancement du projet battle-bot. Ce projet est l'organisation et le développement d'un tournoi de bot sur #hackbbs-battle. Pour plus d'informations se référer à la section tournois dans le menu de gauche.
Mise en production de l'outil turtle search. Cet outil permet de chercher dans notre base de donnée les liens, documents, programmes, qui ont été utiles à la communauté.
Mise en place outil RSS. Nebojsa est nommé "responsable news". Cette responsabilité touche les nouvelles du site et les m-a-j effectué sur le flux rss.
M-a-j du syst. de ban anti-scan. Rien n'est fini, et scan autorisé ! C'est juste un challenge de plus, et le ban n'est que temporaire
M-a-j pages toolbox, merci à the-death pour sa contribution

Challenges
Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: Kinko'sHack.txt
   B    U    R    N  -  I    N    G     ...or...How to work on a Kinko's 
   %% %% %% %%  %% %% %%  %%% % %%%         Graphic Design Workstation 
   %% %% %% %%% %% %% %% %% %% %%         ALL Day and Not Pay a Red Cent      
   %%%%  %% %%%%%% %%%%  %% %%  %%          Plug Nickle or Thin Dime!
   %% %% %% %% %%% %% %% %% %%   %%            Concept by Arcangel
   %% %% %% %%  %% %% %%  %%%  %%%            Written by oleBuzzard 
-------------------------------------------------------------------02-FEB-96--

 INTRO
  
  I like this one. In Colorado (where I live), Kinko's has been running this 
  Ad Campaign: 'Have you been to Kinko's Lately?' This alludes to Kinkos' 
  complete architecural and technological overhaul of their 'Consumer Branch 
  Offices.' Kinko's in case you don't know, is a print related Business 
  Services company that offers Corporate Quality Printing services for Small 
  Business and your everyday Joe. Anyway, Kinko's is expanding, and every 
  Kinko's in town has moved from Strip Mall shacks, to 4000+ Sq.ft. 
  facilities, complete with bright lights, conference rooms, state of the art 
  Copiers and Color Copiers, and, upgraded Self-service computers. Quite an 
  improvement considering last year (1995), Kinko's offered just 2 each Mac LC 
  IIs and IBM 486SX 30s with barely enough room to accomodate those. For '96, 
  nothin but P-90s, PowerPCs and plenty of room!

  Awesome, huh? Well not exactly. I was there for the Grand Opening, and you 
  should have seen my jaw drop when my eyes zeroed in on that Macinosh 9500 
  PowerPC 604 Graphics Workstation. I was like 'Cool!' I immediatley plopped 
  my ass down in front of it and proceeded to work on a little Graphic Design 
  job I was working on. You know it's funny how a little job can turn into a 
  BIG job at the drop of hat when you're working on a computer. That 'little 
  job' ended up takin four hours and 17 printous. Anyway, I was like 'Damn... 
  oh well there's $30 bucks down the drain.' $30 bucks my ASS!..."HOW MUCH?!? 
  $123.97?!!' I couldn't f---in' believe it. Kinko's computer rental rate USED 
  to be $6.50/hour for any computer. To use that f---in' Workstation cost me 
  $19.25/hour! Plus they charged me half price for each messed up Color 
  printout. I was so pissed! I mean, it was cool Kinko's Expanded and 
  Remodelled and stuff, but make no mistake...they did pass the cost onto the 
  consumer. Anyway, I had been plotting my revenge ever since. Thank you 
  Arcangel.


 DESK TRACY

  Arcangel is an up and commer in (303) who hipped me to how you can use those 
  damn Kinko's Self-service computers for FREE! Kinko's uses an Accounting 
  Package on their Macs called Desk Tracy. Basically Desk Tracy keeps an 
  accounting of:

   * Hours, minutes, and seconds online
   * Pages printed
   * Actions performed

  The way Desk Tracy works is: when you get on one of Kinkos' self-service 
  machines, you have to 'Login', and from that point forth, all time and 
  printing is accounted. Once you're done, Desk Tracy sends a printout of 
  charges to the Main Checkout Desk, and....they gotcha!

  As part of Desk Tracy's security: it protects against Restarts by keeping 
  you you logged in and all of your charges added up if you fail to logout 
  before Restarting. If you try and Restart with Extensions Off, it WON'T 
  disable Desk Tracy. If you try and Delete anything from the computer, or try 
  and alter the System Folder in anyway, i.e. drag something into it, or take 
  something out of it, it will prevent you from doing so. And finally, you 
  can't access the Desk Tracy Configuration (to override all of this 
  protection) without a password. Not a bad little package. Thankfully, 
  because of Arcangel's genius, there's a way around all of this sh#t.


 BURN BABY, BURN

  One of the most common ways of defeating protected Control Panels 
  (AfterDark, SAM, Virex, etc), is to delete the Prefs. By deleting the Prefs 
  you can effectivley remove a files protection because it's configuration is 
  gone, and it's password is nulled out. Unfortunatley, some programs protect 
  the Prefs file to prevent just this. In the case of Desk Tracy the Prefs 
  file is protected in that, first off, nothing can be deleted from a 'Desk 
  Tracy-ed' computers anyway. On top of that, Desk Tracy prevents anything 
  from being moved into or out of the System Folder. So much for Deleting the 
  Prefs or Restarting without them. Enter: Arcangel. Arcangel discovered that 
  all though you can't Delete or move the Desk Tracy Prefs, you can BURN them!
 
  BURN 2.2 is, what's called, a File Wiper. File Wipers permanently destroy a 
  file by writing over every sector of it with null data (0s). By this way of 
  erasing a file, the file is not Deleted, it's physically written over. 
  Wholey by coincedence (I suppose) this 'writing over' process circumvents 
  the mechanics involved in Deleting a file (a process which simply takes a 
  file out of the Desktop Database) and thereby DEFEATS protection against 
  deleting files. Say good bye to Desk Tracy's protection. 

  Steps:

   1. Login to a Kinko's Self-service Mac and Insert your Disk with Burn on it
   2. Open -> System Folder: Extensions: Desk Tracy Folder
   3. Drag the files 'DTPreferences' and 'UData' onto the Burn 2.2 Icon.
   4. Go up to the Menubar, you should see your Login name up there, drag down 
      to 'Configuration'
   5. Don't change anything, just click the Close Box and it will ask you if 
      you want to Save. Click 'Yes'
   6. Now go up to the Apple Option Menu and Select 'About Desk Tracy'. It 
      should beep at you, and then show you the Desk Tracy 'About' Window.
   7. By this process, you have just Returned Desk Tray to it's Virgin 
      Installation State! All accounting is Off, and Desk Tracy is like it was 
      when it was First installed, BEFORE it was configured!

  Now I tried this and it worked great! But I discovered one problem; Kinko's 
  already (kinda) knows about this trick (I think). As part of the 'NEW' 
  Kinkos' there's a Camera aimed from the ceiling at every other Computer, AND 
  the Employees walk around looking over the shoulder of Self-service Computer 
  patrons. This policy probably stems from fraudulent use of their Color 
  LaserWriter 600 ;>. In any event I'm at Kinko's about to try Arcangel's 
  trick for the second or third time, when this Employee comes up behind me 
  and says, 'Hey, what are you using Burn for?' I'm like, 'Excuse me?!' He's 
  all, 'We don;t allow Burn on our computers.' I asked why and he responded 
  'Company policy'. Now I'm not sure what THIS stems from--Arcangels' is, as
  as far as I know, a fairly new and original trick. Despite this there is NO 
  question, Kinko's does not want you using Burn on their computer. Now if 
  they're going to be spying on you and looking over your shoulder for 
  whatever reason, and they don't want you using Burn for whatever reason, 
  it's obvious you're going to need a subterfuge...


 THE CLANDESTINE BURN

  Basically what the following does is hide Burn's existence and actions. See, 
  the Burn icon looks like a flaming Trashcan, a dead giveaway, so we need to 
  change this. Also, Burn's called Burn--to obvious--so we need change this 
  too. Third, Burn puts up a dialog that beeps and says 'Are you sure you want 
  to delete the file [whatever]?' WAY to obvious, we definitley need to change 
  this.

  The first two are easy, a couple of simple Finder mods. The last change, 
  getting rid of the dialog, requires a patch. For the patch I went to that 
  virtuoso of Cracking, Observer. Now, he pointed out to me that in Burn's 
  Preferences you can just turn Off 'Confirm Delete' thereby preventing any 
  Dialog from showing when you Burn the Prefs file. The only problem is, you 
  want to try and be as inconspicuous as possible about this whole thing. Now, 
  if you have to Load up Burn, select the Preferences, and configure the 
  options...so much for being inconspicuous. And, because Burn defaults to 
  'Confirm Deletes', the only way to prevent it from doing this without 
  configuring it when you move it to a new computer, is to do a patch. So, 
  a-patching we will go

  Steps:

   1. If you don't have it, go get Burn 2.2:
      ftp://mirrors.aol.com/pub/info-mac/disk/burn-22.hqx
   2. Create and Save a Microsoft Word or Teach Text document.
   3. In the Finder, go up to File and Get Into on the Saved document. Within  
      the Get Info information, click on the document Icon, and select Copy.
   4. Get Info for Burn 2.2, select the Burn Icon and Paste. Burn 2.2 should 
      now look like a Teach Text or Word Document.
   5. Rename Burn to 'Assignment #1' or something.
   6. Use Resourcer or ResEdit to make the following patch to remove the 
      Delete Confirmation Dialog:

      CODE 1, Offset $C12--change from: 67 1C
                                    to: 60 1C

  That's it, The Clandestine Burn. Flame up those Desk Tracy prefs files in 
  complete obscurity. Noone, except Happy future customers will know a thing!


 OUTRO

  Ah, revenge is sweet! That'll teach those bastards to charge me $19.25 an
  hour to use their f---kin' computer! ;>, I'd like to thank Arcangel for his 
  *KILLER* concept, and Observer for his Programming Prowess. If you'd like to
  contact Arcangel he can be found at The Gravity Well (303)-YOU-WISH. If you'd 
  like to contact Observer he can be reached at <k0p> BBS, user #158. If you'd 
  like to contact me or read more of my Infamous T-Philes (nearly 40), you can
  goto the kn0wledge phreak WWW site at: http://iti2.net/k0p or call <k0p> BBS:

          oleBuzzard's                  7  Macintosh/PC Underground
                    /<n0wledge phreak   1  PowerPC 9500-604
        ###       #########             9  5500+ Philez/1.2 Gigz
        ### ### ##  ###_{_}##  ######   5  Hack/Phreak/Phraud/Anarchy
        ###### ##  / ###\_/ ## ### ###  7  UnionNET/IIRG-Net
        #####  ##,(___###   ## ### ###  8  Home of the UNDERGROUNDMAC
        ######  ## o \ \## ##  ### ###  8  SCAM! Magazine Distro Site
        ### ###   #########    ######   2  Runnin Hermes v3.4
                   /           ###      8  2400-28.800 kbaud  
          'No Bullshit!'                8  Only like US$6.50/month

---------------------------------229111518129439--

Manifest
Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox


Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.
ET À CE TITRE, NI LA COMMUNAUTÉ, NI L'ADMINISTRATEUR, NI L'HÉBERGEUR, NE POURRONT, NI NE SERONT RESPONSABLE DE VOS ACTES.