Plateforme de Hacking


HackBBS.org est une communauté faisant évoluer un système de services vulnérables.

Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet d'améliorer les technologies que nous utilisons et/ou de mieux comprendre l'ingénierie social.

Nous défendons les valeurs de l'entraide, du challenge personnel et contribuons modestement à rendre l'expérience des utilisateurs finaux la plus agréable possible.

Vous pouvez nous rencontrer via notre salon irc.
Le forum est en cours de remplacement par une version plus moderne, et tout aussi faillible que l'ancien ^^.
A ce jours nous enregistrons plusieurs dizaines de hack réussi contre notre site, et ce chiffre est en constante évolution. Merci a tous les contributeurs!

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
Hacker
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
We make porn
make a donation
loading...

Please Donate To Bitcoin Address: [[address]]

Donation of [[value]] BTC Received. Thank You.

[[error]]

Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.

Challenges
Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: p59-0x02.txt
phrack.org:~# cat /dev/random

                           ==Phrack Inc.==

               Volume 0x0b, Issue 0x3b, Phile #0x02 of 0x12

|=----------------------=[ L O O P B A C K ]=----------------------------=|
|=-----------------------------------------------------------------------=|
|=------------------------=[ phrackstaff ]=------------------------------=|


----| QUOTE of the month
 is it legal?
 dont know, im doing it from bonds box

----| EXPLOIT of the month
apache-scalp & OpenBSD memcpy() madness^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H
openssh remote.

----| TOPIC of the month (regarding OpenSSH)
-:- Topic (#somewhere): changed by someone:
"8 hours and 53 minutes without a remote hole in the default install!"

----| LAMERZ of the month

http://www.idefense.com/Intell/CI022702.html

    [ or: how to convert public whois db files into .xls and finding
      people who buy this bullshit. ]

http://hackingtruths.box.sk/certi.htm

    [ They try to make money out of everything: "Become a certificated
      hacker today". ]

|=[ 0x00 ]=--------------------------------------------------------------=|

From: "Kenneth J. Bungert,,," 
Subject: harassment

I have a question ?

  [ I don't know... do you? ]

Is there any way I can find out who is calling if it is from a computer...
I think that is where the annoying calls are being made?

  [ If you are in a country that does not have consumer Caller ID, or
    provider ANI, then just follow the cord attached to the end your
    telephone until you find the person at the other end.  Ask them
    nicely if they called you. ]

Rob
Kenneth J. Bungert,,,

|=[ 0x01 ]=--------------------------------------------------------------=|

http://www.atstake.com/company_info/management.html#mudge

  [ Look what they did to mudge/Peiter Zatko. They cut his hair,
    tied a tie around his neck and covered his body with a suite.
    They wrote that he was the CEO (CEO?, #1?) of [the company named]
    "L0pht Heavy Industries".
    My comment: 'They made a clown out of a well respected smart guy/hacker
    who should be better descriped as 'a key figure in americans famous
    underground hacking group known as L0pft Heavy Industries'. I hope
    the tie will not become too tight mudge :/ ]


|=[ 0x02 ]=--------------------------------------------------------------=|

From: mac119@hotmail.com

Hello i need some help.

   [ Come to us, we enlight and answer all your worries! ]

if someone can hack down 172.26.100.10:8080 and take down the proxy server,
would make me very happy.

   [ ..would pretty much impress me. Most of your questions can be
     answered by reading RFC1918. ]

NB! if someone do that, they will get a little reward from me, $120.
tanks again
                   Ice

|=[ 0x03 ]=--------------------------------------------------------------=|

Dear Hacker

i am 29 y/o male and very intrested in hacking my girlfriends Emails
in "Yahoo" and "Hotmail" . please instruct me if it has an straighforward
solution or anything help me in this regard.
i have tried some softwares about this but they didnt work properly
and no result achieved. please Email ur hints to ab_c28@yahoo.com
thank you for your prompt attention.
regards.

Bob Z.
NEVER SEND SPAM. IT IS BAD.

  [ Dear Lamer

    After hacking your Yahoo! account we acquired your girlfriend's email
    address and proceeded to inform her about your curiosity.

    After speaking with her about this incident she agreed that we should
    expose you for the perverse idiot that you are.  Get a life. ]

|=[ 0x04 ]=--------------------------------------------------------------=|

From: "brad" 

Hey guys..I am a beginner and i am trying to find all the information that
i can on how to learn everything that you guys know...i am not asking for
you to tell me how to hack into hotmail or yahoo mail like some of the
other people here but i just want any kind of information that you can give
me on how to learn anything and everything about what you guys do,

  [ Do you know what it is that we know?  We don't know what we know, we
    just know that we know it.

    An obvious self-promotional answer would be to read Phrack... ]

With much respect,
Ryan

|=[ 0x05 ]=--------------------------------------------------------------=|

From: Jason De Grandis 
Subject: [phrackstaff] Hacking / Cracking

I am new to the world of hacking and cracking, and I want to get some info
on the above.

  [ Welcome to our world, Jason. ]

What I want to do is, obtain credit card numbers, get email passwords and
get into NASA and the FBI, if I am lucky.  The sort of stuff the movie
"Hackers" illustrated.  I don't know if this can be done, if it can, can
someone email me the information or point me into the right direction on
were to start.

  [ Sounds like some pretty serious stuff you want to get into.  I
    recommend watching Hackers a few more times and then getting yourself
    some Gibsons.  Remember -- the most commonly used passwords are "love",
    "sex", "secret" and "god" -- BUT NOT NECESSARILY IN THAT ORDER YOU
    FUCKING LAMER! ]

Where do I go and what do I need.  I have started learning LINUX, as I have
been told it is something to know and learn.  What else do I need???

  [ A system, a clue, some Phrack issuez for you
    Learn Unix and learn it good, learn it like a ninja would
    If you do not have a clue yet, some 0day you must get
    Hack the planet in a night, backdoor that shit up tight
    Sell each root for a buck...
    OH MY GOD YOU FUCKING SUCK!@#!#!$ ]

J.

  [ S. ]

|=[ 0x06 ]=--------------------------------------------------------------=|

Hey again Phrack

  [ Hello ]

I have now read quite a few of your magazines. BUT there is a pretty
nasty failure in number 56... Either the index file is misplaced or the
articles are. They don't match, that's for sure!

  [ It is all fine.  It is indexed in hex (the index file is quite clear if
    you bother to read it -- p56-0x01) ]

If you have gotten the time for it could you then please fix it. And I
would be happy if you would send me a copy of the correct one when
finished..

  [ No.  It's not broken, chump. ]

Thank you.

/Dark Origin

~If you think nobody cares, try missing a  couple of payments.~

  [ Trust me.  Nobody cares. ]

|=[ 0x07 ]=--------------------------------------------------------------=|

From: syiron the sex man 
To: 
Subject: i would like to surf telnetd daemon services

hello  the best crew in the world

  [ Thank you. ]

i had search remote buffer to gain access root in telnetd port daemon but
i fail to do it

  [ I feel your pain. ]

can you make me one of the remote to attack solaris sparc ... attack from
linux or solaris

  [ Nope! ]

thanks
need code

  [ Need life. ]

syiron

|=[ 0x08 ]=--------------------------------------------------------------=|

Hi! Can you to speak to me the learn for to speak the Unix?

  [ I wish Unix I knew to speak it to you good hehe! ]

|=[ 0x09 ]=--------------------------------------------------------------=|

From: "I. O. Jayawardena" 
Subject: [phrackstaff] Best wishes

Greetings guys (and gals?),

  [ Greetings, I. O. ]

        First things first: Phrack is a really good e-zine, and loopback is
just great, but you knew this already ;)

  [ Of course! ]

I'm an aspiring hacker and all-round geek. Girls are scarce over here;
knowledge even more so. I developed the hacker state of mind when I was
exposed to the Net, while I was studying like a demon for a competition
which landed me my Celeron (with some peripherals). While surfing two
days ago, I stumbled onto phrack.org and an old flame was rekindled; So
here I am...
        Really guys, Phrack is a good thing. Keep up the good work. The
home page is very nice too... Maybe even chicks will dig it ;)

  [ The webmaster has been hoping they would since day 1. ]

        I'm a pretty good C and C++ programmer, and the only difficulty I
have is money. NO credit cards to pay for books I can buy only online. I'd 
be very grateful if anyone over there could give me the location of a
_free_ machine-readable copy of "The C Programming Language" by K&R. I
doubt if even the universities over here have it (off the record, some
professors here don't know that printf(...) actually returns something, but
claim to have written Linux kernel modules :| ).

  [ If you're a pretty good C programmer, why do you need that particular
    book?  Are you lying to us?  Try a library. ]

        Anyway, thanks, and I can say with absolute, nay, non-relative
certainty that the number of Phrack readers has increased by one
non-atomically.

  [ Geek! ]

        alvin

PS: if the only "alvin" you can recall is alvin of the chipmunks, read
up a bit on the works of Sir Arthur C. Clarke.

  [ No thanks, I'll take your word for it, chipmunk. ]

|=[ 0x0a ]=--------------------------------------------------------------=|

From: "RAZ" 

HI
I WONDER IF U CAN HELP ME

  [ HI, MAYBE IF YOU STOP SHOUTING! ]

MY NAME IS RAZ AND I LIVE IN LONDON, I HAVE A CONNECTION LINE WITH BT FOR
OUR PHONE.

  [ That's very nice, Baz.  But you're still shouting! ]

RECENTLY WE REC.D OUR BILL WHICH WERE PHONES MADE WHICH WE HAVE NOT MADE,
LONG MOBILE PHONES AND INTERNATIONAL, AND WE EVEN THINK WE KNOW WHO DID BUT
HOW?? IS IT POSSIBLE TO DO PHONE HACKING OR TAPPING ?

  [ Of course.  Don't you read Phrack? ]

IF SO HOW..
BT SAID THERE IS NOT WAY AND WE HAVE TO PAY THE BILL WHICH WE WILL BUT
INSIDED OUR HEARTS WE KNOW WE DID NOT DO THEM..
CAN U HELP

  [ I think you're beyond help. ]

|=[ 0x0b ]=--------------------------------------------------------------=|

From: "Marcel Feuertein" 
Subject: [phrackstaff] You have a slight problem on your site.

Hello, to whom it may concern;

When I went to your 'download' link it opened in 'edit' mode..
showing me the total >> Index of /archives>> without the HTML.

  [ Really?  That's disgraceful! ]

Found your site while searching Yahoo on how to play a video file I
downloaded with an .AVI extension with a comment " EG-VCD" after the name
of file, which causes my Windows Media Player to play only the sound ..
without the video.

  [ Interesting. ]

Thus I was looking for a player/codec to solve this problem.

  [ Good luck. ]

Any suggestions are appreciated.

  [ I'm all out of ideas. ]

Your site has been added to my favorites. I truly enjoy your content.
Congratulations.

  [ Thanks. ]

Take care

Marcel

|=[ 0x0c ]=--------------------------------------------------------------=|

From: richard fraser 
Subject: [phrackstaff] problem

what do i run the programmme under ,you know like what programme do i run
it in

  [ I've been asking myself that question all my life. ]

richard

|=[ 0x0b ]=--------------------------------------------------------------=|

From: bobby@bobby.com
Subject: [phrackstaff] phrakz

Hi,
My nickname is Bobby - Happy Bobby, im 14 years hacker, & im so happy
becouse of pCHRAK (or sumthin) 58 issue, finally i had found
information how to break into pentagon server, but i have one littl3
pr0blem, i dunno how to log into this server i had tried telnet
pentagon.org but my Windows said "Cannot found telnet.exe file", could you
tell me what am i doing wrong?

PS.My dick is now 32cm long!, one year ago it was only 5cm, how about
yours?

s0ry 4 my b4d inglish (i ate all sesame-cakes :),

ps0x01.gr33tz to all hacker babes (if they really exists i bet they
would like to hack into my pants & meet Big Bobby :)
ps0x02.i tak mierdzicie ledziem :)
ps0x03.pana guampo kanas e ribbon hehe
psx.cya

Happy Bobby

   [ ... ]

|=[ 0x0c ]=--------------------------------------------------------------=|

From: "DANIEL REYNOLDS" 

hey yall, I havent done many articles but i think i am up to the
challenge.  Do you know a subject that I could write on that the
ppl that read phrack would enjoy?  thankz,

           ~][cyflame

    [ Try it with "The insecurity of my ISP, MSN.COM" ]

|=[ 0x0d ]=--------------------------------------------------------------=|

From: piracy 
To: phrackedit@phrack.com
Subject: [phrackstaff] How are you

     [ ?! thnx, and you guys? ]


|=[ 0x0e ]=--------------------------------------------------------------=|

I got this message from you:

> To:      luigi@cs.berkeley.edu
> From:    phrackstaff-admin@phrack.org
> Subject: Your message to phrackstaff awaits moderator approval
>
> Posting to a restricted list by sender requires approval
> Either the message will get posted to the list, or you will receive
> notification of the moderator's decision.

   [ hmm, yes indeed, interesting. Hmm. What might this be Dr.Watson?
     The moderator's decision is to investigate this posting a little
     bit further. ]

However, I never sent a message to phrackstaff before this one.  So there
seems to be a problem.  I would kindly request that you do NOT post the
message, since I don't know what it contains and don't want it to be
attributed to me.

Thank you very much
Luigi Semenzato

|=[ 0x0f ]=--------------------------------------------------------------=|

From: gobbles@hushmail.com
Subject: ALERT! BLUE BOAR IS IN #PHRACK! ALERT!

The Blue Boar is currently chatting in #phrack!
ALERT!  ALERT!  ALERT!

   [ Noone of us is in control of this channel. We chill where no
     phrack staff has chilled before... ]

|=[ 0x10 ]=--------------------------------------------------------------=|

From: "Brian Herdman"       

Hey.                                                                            

    [ y0! ]

      im looking for a copy of the jolly rodger cook book                       
i used to have it but my hard drive fried and i thought it was gone             
forever.....                                                                  

    [ Man, I've been looking for that one for the last 15 years
      on www.phrack.org but i guess one of the previous editors just
      rm'ed it. jolly rodger cook book, yummm yumm, that's what's
      missing on our page....]

|=[ 0x11 ]=--------------------------------------------------------------=|

From: son gohan 
Subject: [phrackstaff] phreak boxes       

Hi can i get some info on the tron box?                                     

    [ PHRACK != GOOGLE ]

|=[ 0x12 ]=--------------------------------------------------------------=|

From: "Bruce's Email" 
Subject: [phrackstaff] Passwords
Date: Wed, 10 Apr 2002 13:45:44 -0500

How do I figure out someone's password and user name if I have their e-mail
address?

    [ The easiest way is just to ask him:
      echo "ALL UR PASSW0RDZ R BEL0NG TO US!" | mail target@hotmail.com ]

|=[ EOF ]=---------------------------------------------------------------=|





Manifest
Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox


Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.
ET À CE TITRE, NI LA COMMUNAUTÉ, NI L'ADMINISTRATEUR, NI L'HÉBERGEUR, NE POURRONT, NI NE SERONT RESPONSABLE DE VOS ACTES.