Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Just Another proof from Comodo Hacker

By: ComodoHacker on Mar 28th, 2011  |  syntax: None  |  size: 4.46 KB  |  views: 29,902  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. Some stupids in internet still cannot understand I'm behind the attack on SSL, talks about their small understandings about my hack and makes me nervous.
  2.  
  3. Why you can't understand? What's your problem? If you have Psychological or mental problems, don't write your ideas in internet, just surf, ok?
  4.  
  5. Here is another proof:
  6. http://rapidshare.com/files/454806052/GlobalTrustTable.rar
  7.  
  8. I uploaded JUST 1 table of their ENTIRE database which I own.
  9.  
  10. Also ask Comodo about my hack, ask them what I did to them. Let me tell you what I did:
  11.  
  12. I was logged in into their server via RDP (remote desktop), they detected me and via hardware firewall, they added allowed IP for RDP, so I was no longer able to login via RDP.
  13.  
  14. But I got UI control in their server just 2 days later, then I logged in via roberto franchini's user/pass, then I formatted their external backup HDD, it was LG with backup of all files inside it. I formatted it.
  15.  
  16. Then I stopped IIS, deleted all logs, not normal delete which could be recovered with recovery tools, I deleted it with secure delete method and infact I wiped them.
  17.  
  18. Then I noticed another backup in another drive, I deleted ALL files of it with secure wiping method also and I left this session open with a notepad message in their desktop with this text: "SURPRISE!"
  19.  
  20. What more I should say?
  21.  
  22. Stop talking about who was behind it, it's already proven.
  23.  
  24. Some people says, Microsoft wasn't aware of issue to patch Printer vulnerability. It's simply wrong, it was in a security magazine, you never saw this:
  25. http://www.computerworld.com/s/article/9187300/Microsoft_confirms_it_missed_Stuxnet_print_spooler_zero_day_
  26.  
  27. Some others said I don't know about RSA, it's impossible to hack RSA, etc. etc. etc.
  28. Never judge so fast, never write anything you think in your head in internet, most of my daily work focuses on encryption algorithms, differential cryptanalysis, inventing new methods of attacks on encryption algorithms, creating new secure encryption algorithms (symmetric and asymmetric), creating secure hash algorithm, I told you, I can't talk about other things I did, I don't see any use for it just giving away my work and causing more updates. So simply keep your mouth shut and wait. I already created my own encryption protocol, from asymmetric algorithm (for key exchange) to symmetric algorithm for encrypting data to my own hash algorithm to sign encrypted algorithms. You are so far from knowing about me...
  29.  
  30. Some others says APIs was easy, it was all documented, everything was inside DLL so what I did about re-writing APIs, a person with experience of 1000 programmers had problems with APIs, LOL.
  31. Do you know how many codes I wrote in C++ and Assembly language? Do you know how much work I did in reversing Skype and it's undisclosed protocol? Man! I create my own APIs, from web SOAP XML APIs to windows DLLs with exports.
  32. I said I wasn't aware of !ApplySSL API and other needed APIs like PickUpSSL and others.
  33. I found that out when I was already logged into Comodo Partner's account and I was sure they'll notice me soon, so I had to do my job fast.
  34. TrustDLL.dll was too old, it's last modify date was end of 2007, APIs of Comodo was changed and a lot of more crucial parameters was added, they wasn't using TrustDLL anymore, as far as I understood, they was doing processing and authenticating orders and signing CSRs manually. They had not too much order in last years, about 1 order per 4-5 days for example. So don't worry, I'm aware of APIs ;)
  35.  
  36. Some other said I'm not religious, "Janam Fadaye Rahbar" is political, not religious, you are simply wrong. No need to explain more.
  37.  
  38. Some others said I said too much about myself and enjoyed myself too much, if you were did same thing, wouldn't you enjoy like me? :))
  39.  
  40. Enough said, huh? Let's think more before writing stuff...