Plateforme de Hacking

HackBBS.org est une communauté faisant évoluer un système de services vulnérables.

Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet d'améliorer les technologies que nous utilisons et/ou de mieux comprendre l'ingénierie social.

Nous défendons les valeurs de l'entraide, du challenge personnel et contribuons modestement à rendre l'expérience des utilisateurs finaux la plus agréable possible.

Vous pouvez nous rencontrer via notre salon irc.
Le forum est en cours de remplacement par une version plus moderne, et tout aussi faillible que l'ancien ^^.
A ce jours nous enregistrons plusieurs dizaines de hack réussi contre notre site, et ce chiffre est en constante évolution. Merci a tous les contributeurs!

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
Hacker
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.
Flux RSS

flux RSS d'HackBBS Abonnez-vous. Soyez prévenu des tournois, challenges, actualités, ...
Recevez nos dernières actualités sur notre flux RSS.



Challenges
Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: p26-04.txt
                                ==Phrack Inc.==

                     Volume Three, Issue 26, File 4 of 11

                   The Future Transcendent Saga continues...
              ___________________________________________________
             | |                                               | |
             | |                    NSFnet                     | |
             | |                                               | |
             | |      National Science Foundation Network      | |
             | |                                               | |
             | |               brought to you by               | |
             | |                                               | |
             | |               Knight Lightning                | |
             | |                                               | |
             | |                April 16, 1989                 | |
             |_|_______________________________________________|_|


       NSF Network Links Scientific Community And SuperComputer Centers

When the National Science Foundation (NSF) established its national
supercomputer centers in 1985, it also planned to create a communications
network that would give remote locations access to these state-of-the-art
facilities.  NSF planners envisioned a system they dubbed "NSFNET."  Based on a
"backbone" connecting the supercomputer centers, NSFNET would combine existing
networks and newly created ones into an InterNet, or network of networks, to
serve the centers and their users.  In addition to gaining access to the
centers' computing technology, researchers at geographically dispersed
locations would be part of a nationwide research network across which they
could exchange scientific information.  Although the primary role of NSFNET
remains access to NSF-funded supercomputers and other unique scientific
resources, its use as a general-purpose network, which enables scientists to
share research findings, is becoming increasingly important.


NSFnet Components
%%%%%%%%%%%%%%%%%
NSFNET is organized as a three-level hierarchy:  The backbone; autonomously
administered wide-area networks serving communities of researchers; and campus
networks.  The backbone has been in use since July 1986 and is fully
operational.  It provides redundant paths among NSF supercomputer centers.
While several wide-area networks are already connected to the NSFNET backbone,
more are being built with partial funding from NSF and will be connected as
they are completed (see the section on NSFnet Component Networks).


SuperComputer Centers
%%%%%%%%%%%%%%%%%%%%%
NSF created the supercomputer centers in response to a growing concern that a
lack of access to sophisticated computing facilities had severely constrained
academic research.  A project solicitation in June 1984 resulted in the
creation of the following centers -- the John Von Neumann National
Supercomputer Center in Princeton, New Jersey, the San Diego Supercomputer
Center on the campus of the University of California at San Diego, the National
Center for Supercomputing Applications at the University of Illinois, the
Cornell National Supercomputer Facility at Cornell University, and the
Pittsburgh Supercomputing Center under joint operation by Westinghouse Electric
Corporation, Carnegie-Mellon University, and the University of Pittsburgh.  All
the centers are multi-disciplinary and are available to any researcher who is
eligible for NSF support.  They offer access to computers made by Cray
Research, Inc., Control Data Corporation, ETA, and IBM.  The Scientific
Computing Division of the National Center for Atmospheric Research is the sixth
center which is part of NSFNET.  The SCD has been providing advanced computing
services to the atmospheric sciences community since the late 1960s.


Protocols
%%%%%%%%%
NSFNET is using the TCP/IP protocols of the DARPA InterNet as the initial
standard.  The system will work toward adopting international standards as they
become established.  The protocols link networks that are based on different
technologies and connection protocols, and provide a unified set of transport
and application protocols.  As the NSFNET system continues to evolve, the
typical user working at a terminal or work station will be able to connect to
and use various computer resources -- including the supercomputer centers -- to
run interactive and batch jobs, receive output, transfer files, and communicate
with colleagues throughout the nation via electronic mail.  Most researchers
will have either a terminal linked to a local super-minicomputer or a graphics
work station.  These will be connected to a local area network that is
connected to a campus network, and, via a gateway system, to a wide-area
network.


Management
%%%%%%%%%%
Four institutions are sharing the interim management of NSFNET:  The University
of Illinois (overall project management and network engineering), Cornell
University (network operations and initial technical support), the University
of Southern California Information Sciences Institute (protocol enhancement and
high-level technical support), and the University Corporation for Atmospheric
Research (management of the NSF Network Service Center through a contract with
BBN Laboratories, Inc.).


NSF Network Service Center
%%%%%%%%%%%%%%%%%%%%%%%%%%
The NSF Network Service Center (NNSC) is providing general information about
NSFNET, including the status of NSF-supported component networks and
supercomputer centers.  The NNSC, located at BBN Laboratories Inc. in
Cambridge, MA, is an NSF-sponsored project of the University Corporation for
Atmospheric Research.

The NNSC, which currently has information and documents on line and in printed
form, plans to distribute news through network mailing lists, bulletins,
newsletters, and on-line reports.  The NNSC also maintains a database of
contact points and sources of additional information about the NSFNET component
networks and supercomputer centers.

When prospective or current users do not know whom to call concerning their
questions about NSFNET use, they should contact the NNSC.  The NNSC will answer
general questions, and, for detailed information relating to specific
components of NSFNET, will help users find the appropriate contact for further
assistance.

In addition the NNSC will encourage the development and identification of local
campus network technical support to better serve NSFNET users in the future.


Connecting To NSFnet
%%%%%%%%%%%%%%%%%%%%
NSFNET is part of a collection of interconnected IP-networks referred to
as the InterNet.  IP, the Internet Protocol, is a network protocol which allows
heterogeneous networks to combine into a single virtual network.  TCP, the
Transmission Control Protocol, is a transport protocol which implements the
packet loss and error-detection mechanisms required to maintain a reliable
connection between two points on the network.  TCP/IP therefore offers reliable
delivery of data between heterogeneous computers on diverse networks.  An
example of an application which uses TCP/IP is TELNET, which provides virtual
terminal service across the network.

Only IP-based networks can connect to the Internet; therefore, an organization
that plans to use NSFnet either must have an existing IP network or have access
to one.  Many large universities and technical firms have links to the InterNet
in place.  The computer science department of a university or the engineering
support division of a company are most likely to have IP connectivity or to
have information on the local connections that exist.  Prospective users can
ask the NNSC to determine whether an organization is already connected to the
Internet.

If an organization does not have an IP link, it can obtain one in several ways:

     *NSF has a program that funds the connecting of organizations to the
      NSF regional/state/community networks that are part of NSFNET.  The
      NNSC has more information on this program.

     *The Computer Science Network, CSNET, provides gateway service to
      several IP-networks, including NSFNET.  To get CSNET service, an
      organization must become a CSNET member.

     *Users may be able to get access to NSFNET through time-share
      accounts on machines at other organizations, such as local
      universities or companies.

Some supercomputer centers support access systems other than NSFNET,
such as Bitnet, commercial X.25 networks, and dial-up lines, which do not
use IP-based protocols.  The Supercomputer Centers' user services
organizations can provide more information on these alternatives (see
list).

NSF COMPONENT NETWORKS

STATE AND REGIONAL NETWORKS

    BARRNET (California's Bay Area Regional Research Network)
    MERIT  ( Michigan Educational Research Network)
    MIDNET  (Midwest Network)
    NORTHWESTNET (Northwestern states)
    NYSERNET (New York State Educational and Research Network)
    SESQUINET  (the Texas Sesquicentennial Network)
    SURANET  (the Southeastern Universities Research Association Network)
    WESTNET  (Southwestern states)


CONSORTIUM NETWORKS

    JVNCNET connects the John Von Neumann National Supercomputer Center
       at Princeton, NJ, with a number of universities.
    PSCAANET is the network of the Pittsburgh Supercomputing Center
       Academic Affiliates group.
    SDSCNET is centered at the San Diego Supercomputer Center.
_______________________________________________________________________________





Manifest
Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox


Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.
ET À CE TITRE, NI LA COMMUNAUTÉ, NI L'ADMINISTRATEUR, NI L'HÉBERGEUR, NE POURRONT, NI NE SERONT RESPONSABLE DE VOS ACTES.