A test of hackerstown.com on a foreign hacker forum

I have been too busy recently and have never updated my blog! Let's talk about the climate first. Nima's South is getting cold! I try to wear it all the way out! When will you come? I still like to blow an electric fan on a hot day ~ Hot days can also sleep naked, so cool! Okay, let's stop talking about it, in fact, when I was reading my Netease blog a few days ago, I suddenly saw a foreigner leaving a message in my Netease blog "About EvilShad0w Team" and leaving an address, I saw this comment a few days ago. I clicked on the website and saw it as a hacker forum. The content of this forum is still quite rich. Many of the articles are not bad. I suddenly attempted to intrude into the Forum, so let's first look at what program he is. By analyzing the Forum structure and determining it as "MyBB", I searched this program on a foreign exploit publication site that I previously added to my favorites and found a lot of results, SQL Injection, information leakage, XSS, and remote code execution. However, none of them are valid. It seems that all patches have been completed. Okay, now I have integrated my own dictionary! After scanning, we found that the paths are common. I click "403 Forbidden" when trying to access them one by one. During the access to xxxx/, we found that the root path leaked and directory traversal, then click the third-level directory to find the upload page. You can only browse the current directory and disable upload. You can only rename the file and write the txt file, Nima! I wrote a txt file through a small page, but I couldn't rename it. At this time, I sent it to Liuker. We both tried the suffixes, but we couldn't parse them. It must be a limit, failed to try to skip the directory while writing the file, and suddenly thought of uploading. htaccess to parse jpg similar to a normal suffix, but failed to test! Liuker used his dictionary to scan the non-content PHP page in the two root directories, and a single-sentence backdoor cracking was not successful. My God ............ Continue. I flipped through the current directory and found several compressed files. Download a 100 MB file and open it. Nima is new. Download another 1 GB compressed package! After waiting for two hours, I decompressed the files in the root directory and found that the page on which we uploaded the files was a micro-third-party upload program. The Administrator disabled uploading, also written. htaccess file restrictions. In fact, we think of them ...... Continue to flip the files under the root directory and find that a php script has the file upload function, Yeah! I wrote a sentence, and that's all done! This is lucky! Not only did I take the website, but I found the Administrator's security awareness quite weak. I logged in to GMAIL, but the guy bound his cell phone! But I still succeeded in his Twitter and made a joke! You can understand the rest. I have taken off more than five thousand Forum accounts, but it's not bad. I flipped through the passwords and mailboxes of mostly foreign hacker accounts. The data will not be publicly published here, otherwise, I would be blackmailed to those overseas hackers, more than 5000 blackmails! Fear !!!!!!!

Happy New Year!