Cyberhack getting OwNed..

[xwarlordx]

me and toxic thought of havn little fun with cyberhack..for fuckn my site ..so badly

joseph >cyberhack

xwarlordx said:
ur pp id
leechbot@rocketmail.com
this ryt
Joseph said:
yh
xwarlordx said:
ok send
check
Payment Sent (Unique Transaction ID #80W7917526834771B)

Business Name:
trich Imports
Email:
aiyeki@yahoo.co.uk
Payment Sent to:

leechbot@rocketmail.com
so now
starts teh procedure
hmm fuck tell me

xwarlordx says:
explain man

Joseph says:
and since then u've been using that database so I've been able to get in.
So all you have to do is delete a plugin which has ajax_complete as the hook.
xwarlordx says:
from starting please
i think i missed a chat
got disconnected
Joseph says:
k
Well, I firstly got in by Rapt1le reusing his pass everywhere. (pr0x0r).
So I then injected a webshell via plugins
and since then u've been using that database so I've been able to get in.
So all you have to do is delete a plugin which has ajax_complete as the hook.
are u disconnected again?
xwarlordx says:
no
got it mate
Joseph says:
The following message could not be delivered to all recipients:
So I then injected a webshell via plugins
I got dat lol,
xwarlordx says:
oh i c
Joseph says:
did u get dat part?
xwarlordx says:
yup
thats it ?
Joseph says:
yh. There's no other way I can get in.
xwarlordx says:
but i changed teh cp path etc
u uploaded any file or somethin
?
Joseph says:
I could connect via the database and edit the email on any admins account
so then: forget pass.
that would reset the pass and I could access admincp.
xwarlordx says:
oh i c
ok thanks man
can u give any secuirty tips
etc
Joseph says:
Tell your admins to not re-use passes. Since your on a VPS. It seems it's pretty secure.
xwarlordx says:
re-use ..means?
Joseph says:
Use their passes on other sites.
xwarlordx says:
ok
wer u responsible for database user table deletion
Joseph says:
yep
xwarlordx says:
wen i reupped with 3.8.4 vbulletion
oh
u used teh same method ?

Joseph says:
yep
also let me give u a little advice.
BoxHead has ur info.
I think he rooted your server
delete all plugins with ajax_complete.

xwarlordx says:
huh ok

Joseph says:
and check for any plugin with the name "DEFAULT".
I was speaking to him.

xwarlordx says:
ok
how to prevent from being getting rooted and stuff

Joseph says:
oh shit.
http://belegit.org/showthread.php?t=**
http:/belegit.org/showthread.php?t=**
change root details and remove those shells.


xwarlordx says:
but how to prevent them

he will do it again

Joseph says:
admins need to change their details aswell. He got their password log.
I know how BoxHead works. He rooted ur server through that webshell
and he first got in via Pr0x0r aswell

xwarlordx says:
fuck

Joseph says:
A site Rapt1le registered on got hacked. And he sadly used his pass everywhere.

xwarlordx says:
i need to remove teh ajax_complete
and other DEfault
ryt

Joseph says:
yep

xwarlordx says:
to get rid of teh shell u people injected?

Joseph says:
yes
xwarlordx says:
after removing these will boxhead would be able to
hack again
?

Joseph says:
Don't think so. The info he posted seems to be a month old.

xwarlordx says:
IP Address: 94.102.55.229
Username : root
Password : warez-host

yea noticed
its all becouse of pr0x0r i think
boxhead uses teh same method as u did/?

Joseph says:
Yea. All I do is deface. I don't get root login though. He get's a proper shell on the server and then uses Root exploits to gain root login.

xwarlordx says:
how to make my forum secure
from all these stuff

Joseph says:
I suggest you could hire somebody. I ain't good when it comes to the securing side of things

xwarlordx says:
ok
i dont see plugin named default

Joseph says:
do you see vbulletin 3.7?
or something with the hook: ajax_complete

xwarlordx says:
thats ajax_complete
Joseph says:
yea remove it
xwarlordx says:
yea i deleted that
anything else
?
Joseph says:
Check for ajax_complete as the hook on plugins
if nothing else then he won't be able to get in
xwarlordx says:
btw how to detect or know wen shell is injected
Joseph says:
What I do is, get the webshell program. and see if I can connect via : website.*********ajax.php If I can't. Then I know that no shell is still on the server
xwarlordx says:
ok
Joseph says:
http://belegit.org/showthread.php?t=1 - That's the program
xwarlordx says:
how ur able to point out my admincp path
Joseph says:
In the footer, when logged in as admin it shows the link to admincp lol.
xwarlordx says:
silly stuffs
ur staff in belegit ?
Joseph says:
no
xwarlordx says:
ok
warezconnect is ur site ryt
Joseph says:
yh.
time for dat extra $5?
xwarlordx says:
yeah sure
can u give me some mins
Joseph says:
k
xwarlordx says:
hope u given all information
/?
Joseph says:
Yeah m8 I have
xwarlordx says:
ok alright

toxic has been added to the conversation.

xwarlordx says:
ooops
toxic says:

thanks for info
xwarlordx says:
fuck man ..
toxic says:

xwarlordx says:
ur awesome
i love u
Joseph says:
lol

toxic has left the conversation.

toxic has been added to the conversation.

xwarlordx says:
man
u need 5$ ?
Joseph says:
We agreed on $30 lol.
xwarlordx says:
ok alright
toxic says:
wat if v dont pay $5?
u gonna hack again?

Joseph says:
I won't.
Can't get in anyway now.

toxic says:
oh
xwarlordx says:
oh ok
sending 5$ now

toxic says:
yeah dude send it
he's guy
just he dont have money
i think u should pay him 10$ instead of 5
xwarlordx says:
hm.m
toxic says:
yeah send $10 to him
xwarlordx says:
ok alright
sending u 10$

toxic has left the conversation.

toxic has been added to the conversation.

xwarlordx says:
hoy
send u 54
5$
check ur pp
now
Joseph says:
didn't get it.
toxic says:
huh
u dint get any money?
Joseph says:
I got the $25 u sent last time.
xwarlordx says:
check ur email or somethin
Joseph says:
u sure u sent to: leechbot@rocketmail.com ?
xwarlordx says:
yea
toxic says:
how much u got?
xwarlordx says:
check ur pp email
so ?
toxic says:

xwarlordx says:

Joseph says:
1 sec
nope didn't get it
xwarlordx says:
hold on
toxic says:
u got
25$ right?
Joseph says:
yh
toxic says:
okay
did u check ur paypal?
Joseph says:
yh
xwarlordx says:
check now
u should have got now
Joseph says:
yea
how much did u send me lol?
xwarlordx says:
shit
50$
Joseph says:
rofl.
xwarlordx says:

damn
Joseph says:
I'll send it bak
xwarlordx says:
nah u keep it
its hacked paypal anyway
Joseph says:

xwarlordx says:

Joseph says:
is dat how u've been paying for ur vps? lol
toxic says:
yeah

xwarlordx says:
yeah
fuck man u got pawned
oops
toxic says:
but hacker cant get pawned?
how did this happen
damn
xwarlordx says:
shit omg ..i just fucked him

Joseph says:
umm how?
toxic says:

ur pp gonna get blacklisted soon
to tell tat

Joseph says:
um. This has happened before.
I'm on a business paypal
and verified
If I have a prob I never get blacklisted
xwarlordx says:
like i care
Joseph says:
so fail
toxic says:
lmao
xwarlordx says:
ur really sure?
wait and see
toxic says:
it vll take min of 6 days
Joseph says:
This has happened before
toxic says:
to solve this issue
from pp
even if ur son of pp
owner
lmao
Joseph says:
lol failing hard.
xwarlordx says:
we just fucked u with 3 paypal account
Joseph says:
XtremeSharez is going down soon
xwarlordx says:
omg ..run now
toxic says:
luck
bitch
Joseph says:
you enjoy your time while it lasts
xwarlordx says:
im enjoying
toxic says:
yeah enjoyin a lot
xwarlordx says:
u enjoy with 75$
toxic says:
and u would be gettin weekly payments from us

lmao
xwarlordx says:
yeah
how much u want ?
Joseph says:
ok
xwarlordx says:
so ull be hacking us again ..ryt
now listen ..
we said this
damn wat am i saying
u GOT OWNED
Joseph says:
lol?
free money and I'm getting OWNED?
FUCK YEA
I've received $300 of hacked money before
you guys think you know me
Well TO ALL NOOBS ON KWWHUNCTION
toxic says:
u vll get more then tat soon
Joseph says:
CYBERHACK = BOXHEAD
toxic says:


cyberhack - dick head?
xwarlordx says:
wow..omg ..run away
Joseph says:
I just built nice rep on KWWHunction so I can scam money
toxic says:

Joseph says:
I've received lots of cash from scamming
just last time I got caught
$600 + a 5* katz site
and guess wat?
xwarlordx says:
fuck i care
toxic says:
oh how did u make
Joseph says:
BoxHead = SECUR
xwarlordx says:
secure ur dick
Joseph says:
so all dat shit about WarezTheGFX = me
toxic says:
how u got $600
xwarlordx says:
nice
toxic says:
did u scam katz?

Joseph says:
$300 by pretending to own a warez site. The noob's didn't even ask for proof
then other $100 and $50 assortions of cash from little scams

Joseph has left the conversation.

toxic says:
oh u ran out?
lmao


xwarlordx says:

man he ran away
hes one warez drama queen
toxic says:
yeah
xwarlordx says:
now this shit is for KWWHunction

so in short we just gave him alot of hacked pp money to him as gift ..got issues worked out

xwarlordx Reviewed by xwarlordx on 20th Feb 2010. Cyberhack getting OwNed.. me and toxic thought of havn little fun with cyberhack..for fuckn my site ..so badly joseph >cyberhack so in short we just gave him alot of hacked pp money to him as gift :P ..got issues worked out Rating: 5

[Nemesis]

Why would you do that? you give him money from other peoples accounts?

[ElementSnake]

So why Do u need to post this here

[Flash]

Your a noob. You can easily get that money from the hacked PP with some GFX edits. FAIL.

[Nemesis]

"i scammed a fucker for 1000$ "

Someone ban this scamming fag. A scammer is a scammer whether it's to someone who deserves it or not

[ElementSnake]

Who are u talkin about Nemesis

[Nemesis]

read his convo he says he scammed someone. I didn't read it all but I saw scammed and his name lol

[ElementSnake]

oh shit same as me i just saw it now WTF

[-Im.z2ight-]

Wow that was dumb. You didnt pwn anything. I hope he hacks your shit and rapes it.


PWN your self much?

[ElementSnake]

LOL -Im.z2ight-