Results 1 to 2 of 2

Thread: The Haxing Adventures of CrypticGhost

  1. #1
    Elite Hacker
    Join Date
    Mar 2003

    The Haxing Adventures of CrypticGhost

    The Haxing Adventures of CrypticGhost: Episode 1

    ..........Twas the night before Christmas and all through the house, not a creature was stirring
    except me and my mouse. Although tonight is Christmas eve, it is no different than any other
    night for me, which is a night of coding or hacking. On this particular night, I am writing a
    script to help with the tomorrow nights hack. You see, I was looking at a cgi script for a cgi
    bulletin board, and I just happened to notice a hole that may allow for remote command execution
    on the host machine. The script I am writing will attempt to rename a sites index page to index.
    bak and replace it with a page that I provide. I think I have just about finished, we'll see when
    I test it in the morning.
    ..........Yippie, it's Christmas! Or not. I live in apartment by myself. I don't keep in touch
    with any family, and basically sit at my computers all day, so Christmas isn't exactly a big
    deal for me. Time to test my script. Just before bed last night I installed the bulletin board
    with the hopefully vulnerable CGI. I figured it was best to test on my own box just in case
    anything goes wrong.
    [CrypticGhost@GhostMachine scripts]$ ./ /home/CrypticGhost/index.html
    bash: ./ Permission denied
    Sh*t! Oh wait, forgot to change the permissions.
    [CrypticGhost@GhostMachine scripts]$ chmod 755
    [CrypticGhost@GhostMachine scripts]$ ./ /home/CrypticGhost/index.html
    Connecting to proxy...
    Connecting to host...
    Renaming index...
    Replacing index...
    Closing connection...
    [CrypticGhost@GhostMachine scripts]$
    w000000000t! It worked. Wait, I'm an uber leet haxer, it's supposed to work.
    I can't wait till tonight...
    ..........It's 12 am now. I'm not your typical hacker. I don't have a bunch of empty Jolt Cola
    cans laying around my desk, I drink ice water. Keeps me sane. Time to try my hack on a real
    site. I open up my browser to and type into the search field:
    A fair amount of results. Now to pick the victim. Hmm, who doesn't have a domain but still
    registers their site with a search engine? We'll teach them.
    [CrypticGhost@GhostMachine scripts]$ ./ /home/CrypticGhost/index.html
    Connecting to proxy...
    Connecting to host...
    Renaming index...
    Error: index.html not found.
    [CrypticGhost@GhostMachine scripts]$
    Not Found

    The requested URL /index.html was not found on this server.
    /me slaps himself.
    That works. I'm such an idiot. I guess I have to modify my script to check what extension the
    index page is and use the corresponding replacement. Ok, all done with that. I hope this works.
    [CrypticGhost@GhostMachine scripts]$ ./ /home/CrypticGhost/index.php
    Connecting to proxy...
    Connecting to host...
    Renaming index...
    Replacing index...
    Closing connection...
    [CrypticGhost@GhostMachine scripts]$
    Ok, now let's go and check to make sure everything worked.
    The renamed index is there. Now let's check to see if it was replaced with my page.
    w00000000t! It worked. Well, it's late now. I better get some sleep to prepare for my next hack
    tomorrow night.

    Stay tuned for the next episode of "The Haxing Adventures of CrypticGhost".

  2. #2
    Join Date
    Apr 2003
    LOL when i saw the AO logo i laughed my ass off. dont u need permission to use their logo though, we dont wanna get into legal trouble here.....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts