Plateforme de Hacking est une communauté faisant évoluer un système de services vulnérables.

Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet d'améliorer les technologies que nous utilisons et/ou de mieux comprendre l'ingénierie social.

Nous défendons les valeurs de l'entraide, du challenge personnel et contribuons modestement à rendre l'expérience des utilisateurs finaux la plus agréable possible.

Vous pouvez nous rencontrer via notre salon irc.
Le forum est en cours de remplacement par une version plus moderne, et tout aussi faillible que l'ancien ^^.
A ce jours nous enregistrons plusieurs dizaines de hack réussi contre notre site, et ce chiffre est en constante évolution. Merci a tous les contributeurs!

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.
Flux RSS

flux RSS d'HackBBS Abonnez-vous. Soyez prévenu des tournois, challenges, actualités, ...
Recevez nos dernières actualités sur notre flux RSS.

Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: p18-09.txt
                               ==Phrack Inc.==

                     Volume Two, Issue 18, Phile #9 of 11

                     The Tribunal of Knowledge presents..

                          A Few Things About Networks

                    Brought to you by  Prime Suspect (TOK)

                                June 1,  1988

   Seems like if you're into hacking you sometime or  another run into  using
networks,  whether it  be Telenet, Tymnet,  or one of the  Wide Area Networks.
One  popular Network that hackers have used for some time is Arpanet.  Arpanet
has been  around for quite a  long time.  There are changes made  to it almost
daily and  the uses  of it are much more than just logging into other systems.
Many  college  students find themselves getting acquainted  with  Bitnet these
days.  Bitnet  is SO  new compared  to other  networks that it's  got a lot of
potential left.  There is  much more  to it then just mail and file transfers.
There are  interactive uses such as the  RELAY for real-time  discussion  with
others  (equivalent  to a  CB mode)  and  another popular  use is the  network
information  center  to receive  technical files  about networking.  There are
many many mail addresses that are used for database searching, and subscribing
to electronic  magazines.  You will  find these same  uses on other  Wide Area
Networks also.  I will  give you 3  related network areas.  These three  areas
include: The AT&T company networks,  UUCP,  and  Usenet  cooperative networks.
Please  note that some  of the information I gathered for this file dated back
to 1986.  But I tried to keep it as current as possible.

AT&T (Company Network)

   AT&T has  some internal  networks,  most of which  use internally developed
transport mechanisms.  Their most  widely used  networks are  UUCP and USENET,
which are not limited to that corporation and which  are discussed later.  All
internal AT&T networks support UUCP-style  h1!h2!h!u source routing syntax and
thus appear  to the user  to be UUCP.  Within  AT&T, UUCP  links are typically
over 1,200-bps dial-up telephone lines or Datakit (see below).
   Among AT&T's  other  networks,  CORNET is an internal  analog phone network
used by UUCP and  modems as an  alternative to  Direct Distance Dialing (DDD).
Datakit is  a circuit-switched  digital net  and is  similar  to X.25  in some
ways.  Most of Bell Laboratories is trunked together on Datakit.  On top of DK
transport  service, people run  UUCP for mail and  dkcu  for remote login.  In
addition to  host-to-host connections.  Datakit supports RS232 connections for
terminals, printers,  and hosts.  ISN is the  version of  Datakit supported by
AT&T Information Systems.  Bell Laboratories in  Holmdel, New Jersey, uses ISN
for  internal data  communication.  BLICN  (Bell Labs  Interlocation Computing
Network)  is an  IBM mainframe  RJE network dating from  the early  1970s when
Programmer's  Workbench  (PWB)  was a common  version  of the  UNIX  operating
system.  Many UNIX  machines with PWB-style RJE links use  BLICN to queue mail
and netnews for other UNIX machines.  A major  USENET host uses this mechanism
to feed  news  to about  80  neighbor hosts.  BLICN  covers  Bell Laboratories
installations  in  New Jersey,  Columbus, Ohio,  and Chicago,  and links  most
computer  center machines.  BLN (Bell Labs Network)  is an NSC Hyperchannel at
Indian Hill, Chicago.
   AT&T Internet is a TCP/IP internet.  It is not a major AT&T network, though
some of the best-known machines are on it.  There are many ethernets connected
by  TCP/IP over  Datakit.  This  internet may  soon be  connected to  the ARPA
   ACCUNET  is AT&T's  commercial  X.25 network.  AT&T  MAIL  is a  commercial
service that is  heavily used  within  AT&T Information Systems  for corporate
internal mail.

UUCP (Cooperative Network)

   The name "UUCP,"  for Unix to Unix CoPy,  originally applied to a transport
service used over dial-ups between adjacent systems.  File transfer and remote
command execution were the original intent and main use of UUCP.  There was an
assumption that  any pair of communicating  machines had direct dial-up links,
that is,  that no relaying was done through intermediate machines.  By the end
of 1978,  there were  82  hosts within  Bell Laboratories  connected by  UUCP.
Though remote command execution and file transfer were heavily used,  there is
no  mention  of mail in  the standard  reference.  There was  another  similar
network of  "operational"  hosts with  UUCP links that were apparently outside
Bell  Laboratories,  but  still within  the  Bell  System.  The  two  networks
intersected at one Bell Laboratory machine.
   Both  of these  early  networks  differed  from the current UUCP network in
assuming  direct  connections  between  communicating  hosts and in not having
mail service.  The  UUCP mail network proper developed from the early networks
and spread as the UUCP programs were  distributed as part of the  Unix system.
   Remote command  execution  can be made  to work  over  successive  links by
arranging for each job in the chain to submit the next one.  There are several
programs that do this: Unfortunately, they are  all incompatible.  There is no
facility  at the  transport level for  routing beyond  adjacent systems or for
error acknowledgement.  All routing and end-to-end reliability support is done
explicitly  by  application protocols  implemented  using the  remote  command
execution facility.  There has never been any remote login facility associated
with UUCP, though the  cu  and  tip  programs are sometimes used over the same
telephone links.
   The UUCP  mail network  connects a very  diverse set of machines and users.
Most of the host  machines run the  UNIX  operating  system.  Mail is the only
service provided  throughout the  network.  In addition  to the  usual uses of
mail,  much  traffic  is  generated as  responses to  USENET  news.  The  same
underlying   UUCP   transport   mechanisms  are  also  used  to  support  much
   The UUCP  mail network has many problems with routing (it is one of the few
major networks that uses source routing)  and with its scale.  Nonetheless, it
is extremely popular and still growing rapidly.  This is attributable to three
circumstances:  ease of connection,  low cost, and its close relationship with
the USENET news network.
   Mailing lists  similar  to those  long current on the ARPANET have recently
increased in popularity on the UUCP mail network.  These permit a feature that
USENET  newsgroups  cannot  readily  supply:  a  limitation  on  access  on  a
per-person basis.  Also,  for low-traffic  discussions  mailing lists are more
economical,  since traffic  can be directed  to individuals according to their
specific interests.
   There  is no  central administration.  To connect  to the network, one need
only  find one machine that will  agree to be a neighbor.  For people at other
hosts to be able to  find your host,  however,  it is good to be registered in
the UUCP map,  which is  kept by the  group of  volunteers  known as  the UUCP
Project.  The map is posted monthly in the USENET  newsgroup "comp.mail.maps".
There is a directory of  personal addresses on the UUCP network, although this
is a commercial venture unrelated to the UUCP Project.
   Each host pays for it's own links;  some hosts  encourage others to connect
to them in order to shorten mail delivery paths.
   There is no clear distinction between transport and network layers in UUCP,
and there is  nothing  resembling an  Internet  Protocol.  The details  of the
transport protocol  are undocumented  (apparently not  actually proprietary to
AT&T,  contrary to rumor,  though the source code that implements the protocol
and is distributed with UNIX is AT&T's trade secret).
   Mail is  transferred by submitting  a mail command over a direct connection
by the  UUCP  remote command  execution mechanism.  The arguments  of the mail
command  indicate whether  the mail is to be  delivered locally on that system
or resubmitted  to another system.  In the  early days, it  was  necessary  to
guess the  route to a given  host and hope.  The only method of acknowledgment
was to  ask the  addressee to reply.  Now  there is a program (pathalias) that
can compute  reasonable routes  from the  UUCP map, and there is software that
can automatically look up those routes for users.
   The UUCP mail  network is  currently supported  in North America  mostly by
dial-up  telephone links.  In Europe  there is  a closely  associated  network
called EUnet, and in Japan there is JUNET.
   The most  common  dial-up link  speed on the UUCP mail network is 1,200 bps
though  there  are  still  a few  300-bps  links,  and  2,400 bps  is becoming
more popular.  Actually,  now I believe  that 1200-bps  is still very  common,
but 2400  may be just as common,  and 9600-bps  is much more common  than ever
thought it would be in 1986.  There are  also many  sites that  use 19,200-bps
for  using  UUCP.  When  systems are very close, they are sometimes  linked by
dedicated  lines, often  running at  9,600 bps.  Some UUCP  links are run over
local-area networks such as ethernets, sometimes on top of TCP/IP (though more
appropriate  protocols than  UUCP are usually  used over such transport media,
when UUCP is used it's usual point-to-point error  correction code is bypassed
to take advantage of the reliability of the  underlying network and to improve
bandwidth).  Some such links even exist on long-haul packet networks.
   The widespread  use of  more sophisticated  mail relay  programs  (such  as
sendmail and  MMDF) has  increased  reliability.  Still, there  are many hosts
with none of  these new  facilities,  and the  sheer size of the network makes
it unwieldly.
   The UUCP mail  network has  traditionally used  source code  routing with a
syntax like hosta!hostb!hostc!host!user.  The UUCP map and pathalias have made
this bearable, but it is still a nuisance.  An effort is underway to alleviate
the routing  problems by  implementing naming  in the  style of  ARPA Internet
domains.  This  might  also allow  integration  of the  UUCP name  space  into
the ARPA Internet domain name  space.  In fact there  is now an ATT.COM domain
in which most hosts are only on UUCP or CSNET.  Most UUCP hosts are not yet in
any Internet domain, however.  This domain effort is also handled  by the UUCP
Project and appears to be proceeding at a methodical but persistent pace.
   The hardware  used in  the UUCP  mail network  ranges from  small  personal
computers  through  workstations  to  minicomputers,   mainframes  and  super-
computers.  The network extends throughout  most of North America and parts of
Asia (Korea  and  Israel).  Including hosts  on the related networks JUNET (in
Japan) and  EUnet (in Europe),  there are at least 7,000 hosts on the network;
possibly 10,000 or more.  (EUnet and JUNET hosts are listed in the UUCP maps.)
The UUCP Project addresses are:


       Much information about UUCP is published in USENET newsgroups.

USENET (Cooperative Network)

   USENET began  in 1980  as a medium  of communication  between  users of two
machines,  one  at  the  University  of  North Carolina,  the  other  at  Duke
University.  It has since grown exponentially to its current size of more than
2000 machines.  In the process, the software has been rewritten several times,
and the  transport  mechanisms  now used  to support  it include  not only the
original UUCP links, but also X.25, ACSNET, and others.
   USENET combines  the idea of mailing lists as long used on the ARPANET with
bulletin-board service such as has existed for many years on TOPS-20 and other
systems,  adding a  freedom of  subject  matter that  could never exist on the
ARPANET,  and reaching a more varied constituency.  While  chaotic  and  inane
ramblings abound, the network is quite popular.
   The  USENET news network  is a  distributed  computer  conferencing  system
bearing some similarities to commercial conferencing  systems like CompuServe,
though  USENET is  much more  distributed.  Users pursue  both  technical  and
social  ends  on USENET.   Exchanges are  submitted to  newsgroups on  various
topics, ranging from gardening to astronomy.
   The name "USENET"  comes from the USENIX Association.  The Professional and
Technical UNIX User's Group.  The name UNIX is a pun on Multics,  which is the
name  of a major  predecessor operating  system.  (The pun indicates that,  in
areas where Multics tries to do many things, UNIX tries to do one thing well.)
USENET has  no central  administration,  though there  are newsgroups to which
introductory  and other  information about  the  network  is  posted  monthly.
USENET  is  currently  defined as  the set  of hosts  receiving the  newsgroup
news.announce.  There are about  a dozen hosts that constitute the backbone of
the network,  keeping transit  times low by  doing  frequent  transfers  among
themselves and with other  hosts that  they feed.  Since these hosts bear much
of the burden of the network, their administrators tend to take a strong
interest  in the  state of  the network.  Most newsgroups  can be posted to by
anyone on  the network.  For others, it is necessary to mail a submission to a
moderator,  who decides whether  to post it.  Most moderators  just filter out
redundant  articles, though  some make  decisions  on  other  grounds.   These
newsgroup  moderators  form  another  group  interested  in  the  state of the
network.  Newsgroups  are created  or deleted  according to the decisions made
after the discussion in the newsgroup "news.groups".
   Each host  pays its  own telephone  bills.  The  backbone hosts have higher
bills than most other hosts due to their long-distance links among themselves.
The unit  of communication is  the news  article.  Each  article is  sent by a
flooding routing  algorithm to all  nodes on the network.  The transport layer
is UUCP for most  links, although  many others  are used, including ethernets,
berknets, and long-haul packet-switched networks; sometimes UUCP is run on top
of the others, and sometimes UUCP is not used at all.
   The many  problems with  USENET  (e.g. reader overload,  old software, slow
propagation speed, and high and unevenly  carried costs of transmission)  have
raised the possibility of  using the experience  gained in  USENET to design a
new  network to  replace it.  The  new network  might also  involve at least a
partial replacement for the UUCP mail network.
   One unusual mechanism that has been  proposed to support the new network is
stargate.   Commercial  television   broadcasting  techniques   leave   unused
bandwidth in  the vertical  blanking  interval  between picture  frames.  Some
broadcasters  are currently using this part of the signal to transmit Teletext
services.   Since   many   cable-television   channels   are  distributed  via
geo-synchronous satellites, a single input to a satellite  uplink facility can
reach all of  North America  on  an  appropriate  satellite  and  channel.   A
satellite uplink  company interested  in allowing  USENET-like articles  to be
broadcast  by  satellite on  a well-known  cable-television  channel has  been
found.  Prototypes of hardware  and software to encode  the articles and other
hardware to decode them  from a  cable-television  signal have  been built and
tested in  the field for  more than  a year.  A new, reasonably price model of
the decoding box may be available soon.
   This  facility would  allow most  compatible systems  within the  footprint
(area of coverage)  of the satellite and with access to the appropriate cable-
television channel to obtain decoding equipment and hook into the network at a
very reasonable cost.  Articles  would be submitted  for transmission by  UUCP
links to  the satellite  uplink  facility.  Most of the technical  problems of
Stargate seem to have been solved.
   More than  90 percent of all  USENET articles reach 90 percent of all hosts
on the network within  three days.  Though  there have  been some  famous bugs
that caused loss of articles, that particular problem has become rare.
   Every  USENET host  has a name.  That host  name and the name of the poster
are used to identify the source of an article.  Though those hosts that are on
both the UUCP mail and USENET news networks usually have the same name on both
networks, mail addresses  have no meaning  on USENET:  Mail related to  USENET
articles is usually sent via  UUCP mail;  it cannot be  sent over  USENET,  by
definition.  Though  the two networks have  always been closely related, there
are many more  hosts on UUCP than on USENET.  In Australia the two networks do
not even intersect except at one host.
   There  are  different  distributions  of  newsgroups  on  USENET.  Some  go
everywhere,  whereas  others are  limited to a  particular  continent, nation,
state or province, city,  organization, or even machine, though the more local
distributions  are not  really part  of USENET  proper.  The  European network
EUnet carries some  USENET newsgroups  and has another set of it's own.  JUNET
in Japan is similar to EUnet in this regard.
   There are about 2000  USENET hosts in the United States, Canada, Australia,
and  probably  in  other  countries.  The  hosts  on  EUnet,  SDN,  and  JUNET
communicate  with USENET hosts:  The total number of news hosts including ones
on those  three networks  is probably  at least  2500.  The  UUCP map includes
USENET  map  information  as  annotations.   A  list  of  legitimate   netwide
newsgroups  is  posted  to   several  newsgroups   monthly.   Volunteers  keep
statistics  on the  use of  the various  newsgroups (all  250 of  them) and on
frequency of posting by persons and hosts.  These are posted to news.newslists
once  a month, as  is the list  of  newsgroups.  Important  announcements  are
posted  to  moderated  newsgroups, news.announce  and  news.announce.newusers,
which are  intended to  reach all users (the current moderator is Mark Horton,
cbosgd!mark).  An address for information on the network is

News on UUNET - June 1988

   A year ago,  UUNET (Fairfax, VA)  was formed to help ease the communication
load  of  the  beleaguered Usenet  network of  UNIX users.  Usenet connections
were becoming  increasingly costly and difficult to maintain, a situation that
prompted  the   Usenix  Association   to  fund  the  creation  of  the   UUNET
Communications Service  to assist users in accessing  Usenet.  Now,  UUNET has
become  the  "best connected"  UNIX  computer  in  the  world,  and  has  been
authorized to function as an Arpanet mail gateway.  Gateways to other networks
are expected to be established in the future.

   I guess  all use  of  UUNET  is done through the UUCP program found on Unix
operating systems.  Many people are  getting PC versions of the Unix Operating
system now-a-days,  so knowing  what's  available  before  getting hooked into
a network,  if that's your plan,  is advised.  There is an advertisement about
UUNET  on Bix  in the  networks conference somewhere.  The message may be old,
but still useful.

The cost of using UUNET is:  $30/month...  and $2/hour.  I  think  the  hourly
charge may only apply if connecting through Tymnet.  Not sure.

Accessible via Tymnet, their 800 number, or a regular local POTS number.

Connections can definitely  be made  up to  9600 baud.  19.2K baud  access may
also exist.  I think it does.

   If you're a UUNET user,  and want  to receive mail from someone through the
UUCP network,  they would  address it  just as any  other  UUCP mail  address.
An example is:   ...uunet!warble!joeuser

 This file has been brought to you by Prime Suspect and Tribunal of Knowledge

Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox

Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.