Plateforme de Hacking

HackBBS.org est une communauté faisant évoluer un système de services vulnérables.

Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet d'améliorer les technologies que nous utilisons et/ou de mieux comprendre l'ingénierie social.

Nous défendons les valeurs de l'entraide, du challenge personnel et contribuons modestement à rendre l'expérience des utilisateurs finaux la plus agréable possible.

Vous pouvez nous rencontrer via notre salon irc.
Le forum est en cours de remplacement par une version plus moderne, et tout aussi faillible que l'ancien ^^.
A ce jours nous enregistrons plusieurs dizaines de hack réussi contre notre site, et ce chiffre est en constante évolution. Merci a tous les contributeurs!

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
Hacker
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.
Flux RSS

flux RSS d'HackBBS Abonnez-vous. Soyez prévenu des tournois, challenges, actualités, ...
Recevez nos dernières actualités sur notre flux RSS.



Challenges
Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: p41-03.txt
                                ==Phrack Inc.==

                   Volume Four, Issue Forty-One, File 3 of 13

                              ==Phrack Pro-Phile==

                          Created by Taran King (1986)

_______________________________________________________________________________

     Welcome to Phrack Pro-Phile.  Phrack Pro-Phile is created to bring info to
you, the users, about old or highly important/controversial people.  This
month, we bring to you certainly one of the most controversial people (and
handles) to ever emerge in the computer underground...

                                  Supernigger
                                  ~~~~~~~~~~~
_______________________________________________________________________________

 Personal
 ~~~~~~~~
           Handle:  Supernigger
         Call him:  SN
    Date of Birth:  Years ago
              Age:  Getting along in the years.
           Height:  Medium
           Weight:  Medium
  Computers owned:  Commodore Vic-20, C64, Amiga, 386 Compatible

     How did this handle originate?  Back in 1985, I had blueboxed to a bridge.
Someone on there, for some reason, decided that he didn't like me, and shouted,
"Get off, nigger!"  He then proceeded to knock me off with a 2600 Hz tone.  I
immediately called back with something "un-2600 hz-able" and, when he shouted,
"Get off nigger!" and blew 2600 hz, I then said, "I'm SUPERnigger, you can't
knock me off, I've got the POWER!!"  Fun, eh?


 How I Got Started
 ~~~~~~~~~~~~~~~~~
     Back in '82 or '83, I got a wonderful computer called a Commodore Vic-20.
With that, I wrote a few irrelevant programs and played "Gorf!" a lot.  Then, a
friend suggested that I get a Commodore C-64 and disk drive for all the RAD
WhErEz! it had.

       Needless to say, I was not disappointed.  Then a friend showed me a
5-digit number you could put in after calling an access number, and it would
put a call through for you!  Imagine that!  This, I thought, was the key to
UNLIMITED WARES!

     Then, the new ware scene became tiresome and boring REAL quick.  I had
them all.  New ones.  Old ones.  Middle-aged ones.  I had wares coming out of
my ass.  Just when I was about to drop out of the scene, I saw a number posted
on a board for InterCHAT (201), a multi-line chat system.

     That's where the cavalcade of fun and interesting endeavors began.  That's
where I met Sharp Remob, Lord_foul (DP), Dark Wanderer and other members of
DPAK.

     Speaking of DPAK, the group was created when we found a glitch in the MCI
access # that allowed any 14-digit code to work.  We then made up the joke,
"Today at 2:00 PM, DPAK Agents cornered an MCI official and said, 'You WILL
give these people free calls!'" and proceeded to tell people about the glitch
("DPAK" came from Mad Hacker 312, who, when asked about obtaining non-published
numbers, said, "Oh, you'd have to be a DPAK Agent to get that.").

     After that, DPAK was tracing people before Caller ID came out, finding and
creating bridges, setting up an 800 # for InterCHAT (actually 2 if you were
quick enough to catch the second one), putting out Sharp Remob's Social
Engineering file, and other things that I had better not mention (I would go
on, but I think I might frighten you.).

     I would have to say that I feel negatively toward "elite posers," people
who claim to know things with the sole purpose of trying to seem "cool."  These
are the people you see boasting about how long they have been around (which is
irrelevant), spurting out random acronyms when they have no idea how they are
actually used, and trying to make something complicated and mysterious out of
something mundane and simple.  For example:  "Hey dude, watch out, I may be
listening in on your line right now with a DAMT," or "Oh, I'll just use the DRT
trunk multiplexor to do a Random Interphase-seizure of the tandemized trunk."
(Barf!)

     Also, I think this government crackdown really sucks.  What sucks is the
fact that the government is going after big NAMES instead of big -CRIMES-.
Rather than stopping crimes, they just want to "show who's boss."  A lot of
innocent lives are being ruined.  In fact, after this issue of Phrack comes
out, I plan to lay VERY low because they will probably want to get me now that
my handle was in a phreak/hack publication.


 Interests
 ~~~~~~~~~

              Women:  Fast
               Cars:  Fast (VWs)
               Food:  Fast
              Music:  All kinds (Rap, Rock, Metal, you name it)
Favorite performers:  2 Live Crew
    Favorite author:  Lord Digital (the father of ELITE!ness)
      Favorite Book:  Nat!onal Enl!ghtener


 Most Memorable Experiences
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
     "It works!  It works!!" -- when the 800 # for InterCHAT actually worked.
If you called it, you remember.  That took a lot of work...

     Also, at one point in time, every chat system in New Jersey was forwarded
to InterCHAT..  That was truly hilarious.  I strongly suggest, at this point,
that everyone refrain from attempting these things.  The consequences are a bit
more serious now.  But if you must, be VERY very careful.

     ...And, I would like to take this opportunity to clear up the "Free World
II Incident" and other vague and unclear statements chronicled in Phrack 28.
First of all, I -DID NOT- crash Black Ice BBS.  In fact, some hick from Texas
already stated to me that he wrote my name on the BBS when it was crashed.  The
same hick tends to lie and spread rumors a lot, so I don't actually know if it
was him that wrote my name.  Suffice to say that I didn't crash it.

     Secondly, and most important, Free World II BBS was forwarded to InterCHAT
because Major Havoc was a complete and total ASSHOLE.

     I called his system and applied for access.  When I tried to get back on,
I found that my application had been deleted without so much as a notification,
so I thought that the BBS hadn't saved it correctly and applied again.  I found
the BBS hadn't saved it correctly a second time, and when I tried to fill out
the application once more, Major Havoc broke in and typed things like "Get the
fuck off here" and "Hang the fuck up."  I typed "Fine, have it your way" and
proceeded to forward his BBS # to InterCHAT.  You can't just treat people like
that and expect nothing to happen.

     The opening message on InterCHAT said:  "Until Major Havoc learns the
meaning of the word TACT (dealing with people in a non-offensive manner), his
BBS has been put to better use."

     (I had called the BBS in the first place to try to clear up wild rumors
that The Blade had said were being tossed about on there).

     I hope this has cleared things up.


 Some People To Mention
 ~~~~~~~~~~~~~~~~~~~~~~

Sharp Remob :       He showed me the wonders of Social Engineering.  He is
                    making the big dollars now.

Lord_foul :         I never realized how many people he was in contact with.
                    Some pretty heavy hitters.  He never let on how much he
                    knew.

Applehead :         The best DJ in the phreak/hack world.  Truly, in mixing
                    records, no one is his equal.  Seems to be able to
                    mesmerize phone company employees into doing his bidding as
                    well.  Could these two things be related?

Meat Puppet :       "Money for nuthin, EVERYTHING for free."  Why anyone would
                    want 800 watts in their car I will never know.

Lung C00kiez :      He had the best conference ideas, like Want-Ad Fun and
                    Operator Frenzy.

*DETH*-2-*J00Z* :   So much for political correctness.  First person I know to
                    theorize how to trace people before Caller ID came out.

Dark Wanderer :     Works for Sun Microsystems now.  One of the few hackers I
                    know that has a technical computer-oriented career.

Krak Dealer :       Takes consciousness-altering to the level of an art form.

Squashed Pumpkin :  The enforcer.

DeeDee :            The only cool bridge chick.

Dr. Mike :          Cool guy when he's not threatening his girlfriend with a
                    knife.

Gatsby :            Gets the award for quick learner.

orpheus :           One of the true devotees of InterCHAT, and one of the few
                    people I know who is actually interested in HP-3000.

The whole InterCHAT crowd...  Made modeming fun.

     I should also mention a group of NYC individuals at this time.  I would
mention their names, but certain legal situations preclude that.  They showed
me what someone can REALLY do with an in-depth understanding of many systems.

     Suffice to say that they are the creme de la creme, probably the only
group up to par with DPAK.

     Oh, and I cannot, I MUST NOT forget to mention The Blade, who is truly a
legend in his own mind.


 The Future
 ~~~~~~~~~~
     I see the future for hacking/phreaking as pretty bleak.  Big Brother is
watching.  System Administrators are finally realizing that it is better to
make your system impenetrable than to prosecute kids (I wish the government
would realize this).  If you combine these two things, there is not much to
look forward to.

 In Closing...
 ~~~~~~~~~~~~~
     As for the standard Pro-Phile question (are most of the phreaks and
hackers that I've met computer geeks?), I have not met any phreakers or
hackers, so I can't say if they are geeks or not.  From phone conversations,
some seem like geeks, some don't.
_______________________________________________________________________________





Manifest
Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox


Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.
ET À CE TITRE, NI LA COMMUNAUTÉ, NI L'ADMINISTRATEUR, NI L'HÉBERGEUR, NE POURRONT, NI NE SERONT RESPONSABLE DE VOS ACTES.