Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CyberZeist here,
- twitter.com/cyberzeist
- NOTE : If you are not interested in how DNC system is/was hacked, please scroll down towards the end to see the hillaryclinton.com Passwords!
- When I released the Democratic party leaks at http://pastebin.com/3uFDqVWq along with the financial details of some prominent members of the party, many reporters contacted me to give the details of how the hack was carried out and how I got access to such details and that they are trying to reach the party members to get confirmation of the details.
- Well, take my word on this, they will for sure deny to reply you back unless of course you are CNN *wink*...
- Being said that, DNC servers are not yet bulletproof to hacking just because they use Amazon services for hosting purposes.
- Also its about time to release the methodology which was used to penetrate the DNC Servers as the Wikileaks Editorial Members have all the data they need to keep the leaks coming out for AT LEAST 5 more weeks and there was nothing more to put forward from the DNC Servers.
- (Please do not link me "directly" to the Wikileaks because of my above comments)
- Tip to confirm the leaks : I am no one to tell the accomplished reporters out in wild on how to confirm the leaks in this particular case of DNC hacks, but believe me when I say this, none of the DNC members will comply to reply with the queries related to recent DNC hacks at least till the elections are not over Generally I release my leaks in a format so that a general audience can easily comprehend the data that was leaked by performing the hacks. But this time just to prove my point that DNC is not "un-hackable" and to provide a substantial proof of the actual system structure used by the DNC servers, starting from DNC donation collecting server to DNC file hosting system and the project underlying the code of the DNC Server.
- With this data, please do not call the DNC office to confirm the leaks, but target the lower level of workers who manage to day-to-day functioning of the DNC web servers as the details given below can be easily denied by any DNC member even by the higher post officials because they are just unaware of how their "web system" works but DNC webmasters cannot deny the facts given below as they themselves maintain it.
- I have also used some "indecent" ways of hacking like phishing to gain access to the accounts of DNC party members, but I am not going to explain those here.
- ----------------------------------------------------------------------------------
- First Target : DNC Main server holding the mailboxes of DNC party members
- Although the main site of operation is https://democrats.org, but the party members are provided mailboxes present at dnc.org. Now, this specific URL was not directly accessible when I was trying to hack the DNC server. Only demsweb-stage.dnc.org was accessible for me to get inside. The main website allows visitors to chip-in the donation to the party funds or whatever they call it. The transaction details are saved in a backup file to keep a track of (I don't know why they do this) how many and who specifically are donating the money via online process. By looking at those details it could be clearly told that the party members where themselves the first one to donate to the party funds. Now those files gave me access to the financial details of the top party members of DNC whose details are disclosed at http://pastebin.com/3uFDqVWq
- Now this DNC server uses Apache HTTPD v2.4.7 (port 80) and the underlying architecture is based on Linux Kernel v3.13.0, fortunately for which I have an exploit handy which provides privilege escalation.
- The server runs cron job(automated script) which takes backup of the main database of the website and other cron job that writes the transaction details of the people who have
- donated money via DNC main website. These cron jobs tell the location where the file backup are being saved. From there on, it was just a matter of copying and pasting the data
- Now for more confirmatory purposes I would like to give some more in-depth details of the DNC servers:
- The main coding of DNC websites was done in 2015 on http://github.com/ (Enterprise Account) by webmasters at DNC and the project name was dncweb2015 (whose backup is still currently saved in the "MAMP_root/" directory of the DNC server as of today)
- The underlying Database is MySQL, location of local MySQL command file is /applications/MAMP_MySQL/library/bin
- Dump of Database Tables used inside DNC server:
- -------------------------------------------------------
- _category_posts
- _category_entries_autosave
- _category_titles
- _comments
- _comments_subscriptions
- _email_cache
- _email_cache_mg
- _email_cache_ml
- _email_console_cache
- _entry_versioning
- _files
- _files_categories
- _file_watermarks
- _low_reorder_orders
- _members
- _member_bulletin_board
- _member_data -> /* location of DNC Member passwords */
- _member_fields
- _member_groups
- _member_homepage
- _member_search
- _message_attachments
- _message_copies
- _message_data
- _message_folders
- _message_listed
- _module_member_groups
- _online_users
- _pages_configuration
- _password_lockout
- _playa_relationships
- _referrers
- _relationships
- _reset_password
- _revision_tracker
- _rte_tools
- _rte_toolsets
- _search
- _search_log
- _security_hashes
- _sessions
- _sites
- _snippets
- _stats
- _tagger
- _tagger_groups
- _tagger_groups_entries
- _tagger_links
- _throttle
- _upload_no_access
- PS : Ask DNC Webmasters about this DB schema, they WILL NOT deny it!
- using the details in this system I was able to get into other parts of the dnc.org website such as:
- http://toolbox.dnc.org, which runs Nginx v1.10.1 and Phusion Passenger v5.0.29 app server
- http://hrb.dnc.org, whose underlying architecture is OpenBSD v4.0 with HTTP Load balancer.
- The mail account passwords stored in the database where fortunately same that are used to login in the mail accounts used in Gmail for Business used by DNC members.
- Security Tip : never use same passwords everywhere!!!!!!!!!!!!
- Put altogether, all the mail accounts and private files are plainly visible like:
- allenz@dnc.org, b48b4acc897c2a677cded35a73e2f7e5
- bagchik@dnc.org, cbec198f51b5fd2629444846f108db03
- bartletts@dnc.org, 2e17feac85d94174f4d87c6b97aa92f3
- bernsj@dnc.org, d992be442ad39284054e1a69a5a57a52
- brinsterj@dnc.org, ee5c5c468de2a533450d81c326986f2d
- chalupaa@dnc.org, 68c437197ae77a373a98d5743ef65126
- cicconec@dnc.org, 69d0eccdac5f108d00e643c607f3cec5
- comers@dnc.org, 00d7c5329263f8a382b403f1ede041ca
- coxc@dnc.org, 79a897332e51d40f21e96bbb63e0f2c9
- daceya@dnc.org, acb75859203dfc1b1bf0524b3541585d
- davism@dnc.org, 43a8f800fb1532add3b70930fad23760
- dncjobs@dnc.org, 3fcdb76ba0158840e0480e52a48fe801
- dncpress@dnc.org, 378c6214b35059cec7324611c275c8dd
- dyera@dnc.org, c4a0f88d4827ca308d8fe87390ca06fb
- eakesp@dnc.org, e9ab994bc2a07e25d027f7323232378a
- elleitheem@dnc.org, b1cceab5ecb519b15416d9da2062637d
- fahlj@dnc.org, 64344291e81f08355554d68b88d91e87
- frankc@dnc.org, 065e4b8cdfe1c604f6986d82723c2b88
- freundlichc@dnc.org, 6835916e7febb2dddd1843b530270419
- friedd@dnc.org, 31415364d5b4d1f4a9072b367fb40d44
- germonda@dnc.org, 5009a62ed9401ac52c14cdaf29e42540
- greesonk@dnc.org, bc29b98410c7c0d8572190e922f5e96c
- herriesr@dnc.org, 8cc9c695f22cde46a169aedacec7e686
- innovationlab@dnc.org, 809195e0b32f7de853919a431866fb7f
- internapp@dnc.org, 3402a6a080e5bcad1f61645b3194b5f5
- jimenezd@dnc.org, f3973e6a41c65c14b5944d70190ccfeb
- kaplanj@dnc.org, 0672d70a81c11920e54f05eba1d8249c
- lykinst@dnc.org, 90dedb0b42ec0816850f91d43308bbd5
- manriquezp@dnc.org, d692938ca810f9386ad0f2a56f6c6fa1
- marshall@dnc.org, 0627208a35801e447b98ae2f3aa3737a
- melendezs@dnc.org, af02a79bcc0ee99e5ca37749d2938120
- millerl@dnc.org, a88370fc4f247bdb15dcedd7a4a27b66
- olszewskic@dnc.org, 7ce25df79759d351b2a94e4453efca0a
- palermor@dnc.org, 0612351f96a83b8e2ecbe8db16a91617
- partyaffairs@dnc.org, 540c1b78ea336b1b8b671c3889b8c11c
- paustenbachm@dnc.org, 3e86f031e671fcba5d1c96471ec4f75a
- pought@dnc.org, f5ab179226828abc759ddf3fdd617a74
- psustenbachm@dnc.org, 8a07c88ecdd02c97731f519b4bceadf8
- regionalpress@dnc.org, 0f9834b0db470edc621629dc3293fdf6
- reife@dnc.org, 7ed2016ae2b9591a9b4e9c6d2fd19d0a
- richs@dnc.org, c1787d3ee91d64f04bf6a314ed5ae13b
- rivardc@dnc.org, 953c7993cc55dbcebcc0082482ac2509
- robertske@dnc.org, b97cef6d90ab269e186feb62d7a494f8
- seminerion@dnc.org, bcc4bc237316fcba48bca85983fbdf23
- shapiroa@dnc.org, a61dea30b8bd8e3c56a611a918bcc2fd
- systems@help.dnc.org, 2c8bc2cf30d729a7d54ee3e14fd62fca
- tesellej@dnc.org, 3232a7fcc35ac2aadfb55d09488fbed3
- vanessac@dnc.org, 9fb67193b62b77549d9be31d1a791451
- walkere@dnc.org, a0e8b114226811b98801c373f327976d
- weis@dnc.org, 84f1f2b8c773e69fc16fdaf5d1638247
- wileyp@dnc.org, ef343052d49fff7d7e16bbc480b67d6d
- wilsone@dnc.org, fa1e7d49a5cfe45603669b21a082eb31
- youthcouncil@dnc.org, 5dba2082f283087ac6648d97a52c094c
- ----------------redacted--------------
- ---------------------------------------------------------------------------------------
- Second Target : hillaryclinton.com
- This website runs Varnish v1.1 HTTP reverse proxy which is highly unstable and totally hack-able, that latest version of which is v5.0.
- Fortunately I have exploit for Varnish v1.1 which allows brute force attack to the CLI instance, which in case of being successful gave me root privileges in the System
- Whoever manages this website uses Crestron XPanel 2nd Series control system which gives him full control of the system from his MAC based laptop while on the go.
- Dump of /etc/shadow/ file:
- root:$6$4lRwECOG$FogtN6rsVHWirg93JbJCL.GYf75muM9tCrQrTj.k86yZfoeiDYYMCmcZv.PVl4b.x6oRIz3BKKzAJjrNK3pUt1:17030:0:99999:7:::
- daemon:*:16820:0:99999:7:::
- bin:*:16820:0:99999:7:::
- sys:*:16820:0:99999:7:::
- sync:*:16820:0:99999:7:::
- games:*:16820:0:99999:7:::
- man:*:16820:0:99999:7:::
- lp:*:16820:0:99999:7:::
- mail:*:16820:0:99999:7:::
- news:*:16820:0:99999:7:::
- uucp:*:16820:0:99999:7:::
- proxy:*:16820:0:99999:7:::
- www-data:*:16820:0:99999:7:::
- backup:*:16820:0:99999:7:::
- list:*:16820:0:99999:7:::
- irc:*:16820:0:99999:7:::
- gnats:*:16820:0:99999:7:::
- nobody:*:16820:0:99999:7:::
- systemd-timesync:*:16820:0:99999:7:::
- systemd-network:*:16820:0:99999:7:::
- systemd-resolve:*:16820:0:99999:7:::
- systemd-bus-proxy:*:16820:0:99999:7:::
- _apt:*:16820:0:99999:7:::
- messagebus:*:16820:0:99999:7:::
- mysql:!:16820:0:99999:7:::
- ntp:*:16820:0:99999:7:::
- stunnel4:!:16820:0:99999:7:::
- uuidd:*:16820:0:99999:7:::
- Debian-exim:!:16820:0:99999:7:::
- statd:*:16820:0:99999:7:::
- arpwatch:!:16820:0:99999:7:::
- couchdb:*:16820:0:99999:7:::
- sshd:*:16820:0:99999:7:::
- snmp:*:16820:0:99999:7:::
- postgres:*:16820:0:99999:7:::
- sslh:!:16820:0:99999:7:::
- dncwebadmin:$6$jz2P.mQPe5sQBufd$JkyQ7EjKLZ2lkx4xaLanTiWSvzt0zsbk.CuogI69Ynng36PygUVD.a1/AIka4tA4sxazjUcFc.6bss/EbnlwB0:16962:0:99999:7:::
- Now this website also stores the details of the people making donations to the party fund. But this time I am not releasing the details of people not related to DNC .
- Enough with these technical details, for more juice and "popcorn" times, stay tuned to Wikileaks releases in the coming days, you will not be disappointed!
- DNC Member Details
- -----------------------
- Name : Alisa La
- Email : ala@hillaryclinton.com
- Password : @buster789
- Mastercard : 5152 1136 3749 127X
- CVC2 : 456
- Expires : 2/2020
- Name : Amanda Litman
- Email : alitman@hillaryclinton.com
- Password : lit.amen66224
- Visa : 4532 4740 4271 765X
- CVV2 : 422
- Expires : 8/2017
- Name : Alexandria Phillips
- Email : aphillips@hillaryclinton.com
- Password : 456aphillips
- Mastercard : 5237 5231 1257 398X
- CVC2 : 169
- Expires : 9/2021
- Name : Amanda Renteria
- Email : arenteria@hillaryclinton.com
- Password : amanda@#cubeshillary
- Mastercard : 5371 7375 8257 807X
- CVC2 : 773
- Expires : 5/2019
- Name : Ashley Woolheater
- Email : awoolheater@hillaryclinton.com
- Password : alyssa.ashley8
- Mastercard : 5311 2592 1557 720X
- CVC2 : 746
- Expires : 5/2021
- Name : Carl Gray
- Email : cgray@hillaryclinton.com
- Password : 777graycarl
- Mastercard : 5168 4101 8855 875X
- CVC2 : 944
- Expires : 2/2017
- Name : Connolly Keigher
- Email : ckeigher@hillaryclinton.com
- Password : connolly.k$@dnc
- Visa : 4716 6850 8548 404X
- CVV2 : 200
- Expires : 10/2020
- Name : Christina Reynolds
- Email : creynolds@hillaryclinton.com
- Password : 87168824ZM
- Visa : 4539 0348 9463 265X
- CVV2 : 058
- Expires : 2/2021
- Name : David Huynh
- Email : dhuynh@hillaryclinton.com
- Password : iamdavidh
- Mastercard : 5114 8250 8812 564X
- CVC2 : 512
- Expires : 9/2021
- Name : Eric Blackwell
- Email : eblackwell@hillaryclinton.com
- Password : jerry9970
- Visa : 4532 5392 5100 038X
- CVV2 : 240
- Expires : 7/2019
- Name : Greg Goddard
- Email : ggoddard@hillaryclinton.com
- Password : @greg.garcia
- Mastercard : 5306 1252 9763 928X
- CVC2 : 176
- Expires : 9/2018
- Name : Gita Tiku
- Email : gtiku@hillaryclinton.com
- Password : 14bigmacgt
- Visa : 4716 0815 6324 580X
- CVV2 : 103
- Expires : 1/2019
- Name : Huma Abedin
- Email : ha16@hillaryclinton.com
- Password : abedinhuma
- Mastercard : 5267 3032 3474 678X
- CVC2 : 442
- Expires : 10/2017
- Name : Harrell Kirstein
- Email : hkirstein@hillaryclinton.com
- Password : katie@love12
- Visa : 4485 0989 1353 441X
- CVV2 : 703
- Expires : 9/2018
- Name : Jennifer Palmieri
- Email : jpalmieri@hillaryclinton.com
- Password : 564ab7244ebb51de8774746c2e37e33f (not cracked)
- Mastercard : 5117 5053 2101 693X
- CVC2 : 683
- Expires : 6/2020
- Name : Kristina Schake
- Email : kschake@hillaryclinton.com
- Password : dc1b81fcb0125d3f0ef4c4114361283f (not cracked)
- Mastercard : 5526 6150 7641 396X
- CVC2 : 061
- Expires : 2/2020
- Name : Lisa Changadveja
- Email : lchangadveja@hillaryclinton.com
- Password : qwertylol123
- Mastercard : 5479 8593 9562 652X
- CVC2 : 636
- Expires : 1/2021
- Name : Milia Fisher
- Email : mfisher@hillaryclinton.com
- Password : 9d7dd4c7644e3baf6ebe97d11f2196e2 (not cracked)
- Visa : 4556 5690 9989 278X
- CVV2 : 199
- Expires : 9/2017
- Name : Michael Gwin
- Email : mgwin@hillaryclinton.com
- Password : 1982mgwin
- Visa : 4532 0459 9849 897X
- CVV2 : 669
- Expires : 8/2021
- Name : Maia Johnson
- Email : mjohnson@hillaryclinton.com
- Password : mj159753226
- Mastercard : 5168 4828 2043 197X
- CVC2 : 707
- Expires : 7/2020
- Name : Michael J. Stennis
- Email : mstennis@hillaryclinton.com
- Password : j.michael1s
- Visa : 4532 8021 5247 754X
- CVV2 : 239
- Expires : 5/2017
- Name : Marissa Trambley
- Email : mtrambley@hillaryclinton.com
- Password : 13579basket
- Mastercard : 5571 0852 1746 332X
- CVC2 : 513
- Expires : 4/2021
- Name : Robby Mook
- Email : re47@hillaryclinton.com
- Password : robbymook@dnc
- Mastercard : 5576 4540 6183 802X
- CVC2 : 741
- Expires : 2/2018
- Name : Rebecca Keate
- Email : rkeate@hillaryclinton.com
- Password : 85startrek58
- Visa : 4539 4720 7885 305X
- CVV2 : 888
- Expires : 1/2017
- Name : Tony Carrk
- Email : tcarrk@hillaryclinton.com
- Password : theman777
- Mastercard : 5365 7133 7423 531X
- CVC2 : 556
- Expires : 5/2017
- Name : Varun Anand
- Email : vanand@hillaryclinton.com
- Password : vanand#1601
- Mastercard : 5435 6187 7125 134X
- CVC2 : 260
- Expires : 11/2021
- -- CyberZeist
- twitter.com/cyberzeist
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement