+- Sinisterly (https://sinister.ly)
+-- Forum: General (https://sinister.ly/Forum-General)
+--- Forum: The Lounge (https://sinister.ly/Forum-The-Lounge)
+---- Forum: Serious Discussion (https://sinister.ly/Forum-Serious-Discussion)
+---- Thread: Want to hack something valuable? (/Thread-Want-to-hack-something-valuable)
Pages:
1
2
Want to hack something valuable? - hacxx - 07-08-2018
Blogger/Blogspot service administration is handled in the url below.
Code:
https://google-admin.corp.google.com/If anyone succefully bruteforce or use any hacking method to get inside pls share it.
(I'm happy to get my hands on all the Blogger/Blogspot database and share/sell, lol)
Here are some legit emails possible to be targeted:
Code:
press-se@google.com
press@google.com
collections-row@google.com
proposals@google.com
david@google.com
viewer-feedback@google.com
google-code-shutdown@google.com
cdibona@google.com (Google Employer)RE: What to hack something valuable? - mothered - 07-08-2018
I successfully hit Wordpress yesterday morning.
Pushing aside my other tasks, I'll have a look.
RE: What to hack something valuable? - hacxx - 07-08-2018
(07-08-2018, 05:34 PM)mothered Wrote: I successfully hit Wordpress yesterday morning.
Pushing aside my other tasks, I'll have a look.
Share your Wordpress findings
Also what tools did you use?
RE: What to hack something valuable? - mothered - 07-08-2018
(07-08-2018, 05:42 PM)hacxx Wrote:(07-08-2018, 05:34 PM)mothered Wrote: I successfully hit Wordpress yesterday morning.
Pushing aside my other tasks, I'll have a look.
Share your Wordpress findings
Also what tools did you use?
What I do Is very critical and remain within the confines of my environment.
As per this thread 35 minutes ago, the only thing I contribute Is screenshots In their edited form. My attacks are predominantly performed manually.
RE: What to hack something valuable? - hacxx - 07-08-2018
(07-08-2018, 05:47 PM)mothered Wrote: What I do Is very critical and remain within the confines of my environment.
As per this thread 35 minutes ago, the only thing I contribute Is screenshots In their edited form. My attacks are predominantly performed manually.
I also have penetrate successfully a few sites. Some critical and some not. All of them manually crafted...
The easiest one i hacked till now was a support ticket that was poorly coded. All i had to do was login to the platform as a normal user, navigate to the support ticket, create a new ticket and with the number of my ticket go back a number and it reveal other persons support tickets.
I could had use the information for my personal use but i just did it for the LOLZ
The disclosed information was the name, email, site and support message.
RE: What to hack something valuable? - mothered - 07-09-2018
(07-08-2018, 06:17 PM)hacxx Wrote: I could had use the information for my personal use but i just did it for the LOLZ
This Is a pleasure to read, that Is, no malicious Intent.
I've compromised organizations on a very large scale (proof on request In edited form can be provided via a secure gateway), Inclusive of quite a few Fortune 500 companies. The entities I target Is Immaterial- anyone, anywhere.
RE: What to hack something valuable? - Vultra - 07-09-2018
Only if I can code an actual BF or, use a dictionary method. Anyway, wouldn't you be breaking into googles database from this?
RE: What to hack something valuable? - mothered - 07-09-2018
(07-09-2018, 05:22 AM)Mimiakira Wrote: Only if I can code an actual BF or, use a dictionary method.
For mediocre sites, It'll probably work but most entities on a large scale have account lockout policies, so such attack vectors are futile.
RE: What to hack something valuable? - hacxx - 07-09-2018
(07-09-2018, 05:22 AM)Mimiakira Wrote: Anyway, wouldn't you be breaking into googles database from this?Theorically speaking yes you should have access to the Blogger / Blogspot database or at least part of the administration interface.
RE: What to hack something valuable? - mothered - 07-09-2018
(07-09-2018, 11:15 AM)hacxx Wrote:(07-09-2018, 05:22 AM)Mimiakira Wrote: Anyway, wouldn't you be breaking into googles database from this?Theorically speaking yes you should have access to the Blogger / Blogspot database or at least part of the administration interface.
I'd say It's the latter and not the central DB.
There's no data sanitization In the back-end, which Is quite surprising.