API tools faq
paste
Advertisement
Guest User

Hillary Clinton #Wikileaks

a guest
Oct 15th, 2016
976
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 14.91 KB | None | 0 0
raw download clone embed print report
  1. CyberZeist here,
  2. twitter.com/cyberzeist
  3.  
  4.  
  5. NOTE : If you are not interested in how DNC system is/was hacked, please scroll down towards the end to see the hillaryclinton.com Passwords!
  6.  
  7. When I released the Democratic party leaks at http://pastebin.com/3uFDqVWq along with the financial details of some prominent members of the party, many reporters contacted me to give the details of how the hack was carried out and how I got access to such details and that they are trying to reach the party members to get confirmation of the details.
  8. Well, take my word on this, they will for sure deny to reply you back unless of course you are CNN *wink*...
  9.  
  10. Being said that, DNC servers are not yet bulletproof to hacking just because they use Amazon services for hosting purposes.
  11. Also its about time to release the methodology which was used to penetrate the DNC Servers as the Wikileaks Editorial Members have all the data they need to keep the leaks coming out for AT LEAST 5 more weeks and there was nothing more to put forward from the DNC Servers.
  12. (Please do not link me "directly" to the Wikileaks because of my above comments)
  13.  
  14. Tip to confirm the leaks : I am no one to tell the accomplished reporters out in wild on how to confirm the leaks in this particular case of DNC hacks, but believe me when I say this, none of the DNC members will comply to reply with the queries related to recent DNC hacks at least till the elections are not over Generally I release my leaks in a format so that a general audience can easily comprehend the data that was leaked by performing the hacks. But this time just to prove my point that DNC is not "un-hackable" and to provide a substantial proof of the actual system structure used by the DNC servers, starting from DNC donation collecting server to DNC file hosting system and the project underlying the code of the DNC Server.
  15. With this data, please do not call the DNC office to confirm the leaks, but target the lower level of workers who manage to day-to-day functioning of the DNC web servers as the details given below can be easily denied by any DNC member even by the higher post officials because they are just unaware of how their "web system" works but DNC webmasters cannot deny the facts given below as they themselves maintain it.
  16.  
  17. I have also used some "indecent" ways of hacking like phishing to gain access to the accounts of DNC party members, but I am not going to explain those here.
  18. ----------------------------------------------------------------------------------
  19.  
  20. First Target : DNC Main server holding the mailboxes of DNC party members
  21.  
  22. Although the main site of operation is https://democrats.org,  but the party members are provided mailboxes present at dnc.org. Now, this specific URL was not directly accessible when I was trying to hack the DNC server. Only demsweb-stage.dnc.org was accessible for me to get inside. The main website allows visitors to chip-in the donation to the party funds or whatever they call it. The transaction details are saved in a backup file to keep a track of (I don't know why they do this) how many and who specifically are donating the money via online process. By looking at those details it could be clearly told that the party members where themselves the first one to donate to the party funds. Now those files gave me access to the financial details of the top party members of DNC whose details are disclosed at http://pastebin.com/3uFDqVWq
  23.  
  24. Now this DNC server uses Apache HTTPD v2.4.7 (port 80) and the underlying architecture is based on Linux Kernel v3.13.0, fortunately for which I have an exploit handy which provides privilege escalation.
  25. The server runs cron job(automated script) which takes backup of the main database of the website and other cron job that writes the transaction details of the people who have
  26. donated money via DNC main website. These cron jobs tell the location where the file backup are being saved. From there on, it was just a matter of copying and pasting the data
  27.  
  28. Now for more confirmatory purposes I would like to give some more in-depth details of the DNC servers:
  29. The main coding of DNC websites was done in 2015 on http://github.com/ (Enterprise Account) by webmasters at DNC and the project name was dncweb2015 (whose backup is still currently saved in the "MAMP_root/" directory of the DNC server as of today)
  30.  
  31. The underlying Database is MySQL, location of local MySQL command file is /applications/MAMP_MySQL/library/bin
  32.  
  33. Dump of Database Tables used inside DNC server:
  34. -------------------------------------------------------
  35. _category_posts
  36. _category_entries_autosave
  37. _category_titles
  38. _comments
  39. _comments_subscriptions
  40. _email_cache
  41. _email_cache_mg
  42. _email_cache_ml
  43. _email_console_cache
  44. _entry_versioning
  45. _files
  46. _files_categories
  47. _file_watermarks
  48. _low_reorder_orders
  49. _members
  50. _member_bulletin_board
  51. _member_data -> /* location of DNC Member passwords */
  52. _member_fields
  53. _member_groups
  54. _member_homepage
  55. _member_search
  56. _message_attachments
  57. _message_copies
  58. _message_data
  59. _message_folders
  60. _message_listed
  61. _module_member_groups
  62. _online_users
  63. _pages_configuration
  64. _password_lockout
  65. _playa_relationships
  66. _referrers
  67. _relationships
  68. _reset_password
  69. _revision_tracker
  70. _rte_tools
  71. _rte_toolsets
  72. _search
  73. _search_log
  74. _security_hashes
  75. _sessions
  76. _sites
  77. _snippets
  78. _stats
  79. _tagger
  80. _tagger_groups
  81. _tagger_groups_entries
  82. _tagger_links
  83. _throttle
  84. _upload_no_access
  85.  
  86. PS : Ask DNC Webmasters about this DB schema, they WILL NOT deny it!
  87.  
  88. using the details in this system I was able to get into other parts of the dnc.org website such as:
  89. http://toolbox.dnc.org, which runs Nginx v1.10.1 and Phusion Passenger v5.0.29 app server
  90. http://hrb.dnc.org, whose underlying architecture is OpenBSD v4.0 with HTTP Load balancer.
  91.  
  92. The mail account passwords stored in the database where fortunately same that are used to login in the mail accounts used in Gmail for Business used by DNC members.
  93. Security Tip : never use same passwords everywhere!!!!!!!!!!!!
  94.  
  95. Put altogether, all the mail accounts and private files are plainly visible like:
  96. allenz@dnc.org, b48b4acc897c2a677cded35a73e2f7e5
  97. bagchik@dnc.org, cbec198f51b5fd2629444846f108db03
  98. bartletts@dnc.org, 2e17feac85d94174f4d87c6b97aa92f3
  99. bernsj@dnc.org, d992be442ad39284054e1a69a5a57a52
  100. brinsterj@dnc.org, ee5c5c468de2a533450d81c326986f2d
  101. chalupaa@dnc.org, 68c437197ae77a373a98d5743ef65126
  102. cicconec@dnc.org, 69d0eccdac5f108d00e643c607f3cec5
  103. comers@dnc.org, 00d7c5329263f8a382b403f1ede041ca
  104. coxc@dnc.org, 79a897332e51d40f21e96bbb63e0f2c9
  105. daceya@dnc.org, acb75859203dfc1b1bf0524b3541585d
  106. davism@dnc.org, 43a8f800fb1532add3b70930fad23760
  107. dncjobs@dnc.org, 3fcdb76ba0158840e0480e52a48fe801
  108. dncpress@dnc.org, 378c6214b35059cec7324611c275c8dd
  109. dyera@dnc.org, c4a0f88d4827ca308d8fe87390ca06fb
  110. eakesp@dnc.org, e9ab994bc2a07e25d027f7323232378a
  111. elleitheem@dnc.org, b1cceab5ecb519b15416d9da2062637d
  112. fahlj@dnc.org, 64344291e81f08355554d68b88d91e87
  113. frankc@dnc.org, 065e4b8cdfe1c604f6986d82723c2b88
  114. freundlichc@dnc.org, 6835916e7febb2dddd1843b530270419
  115. friedd@dnc.org, 31415364d5b4d1f4a9072b367fb40d44
  116. germonda@dnc.org, 5009a62ed9401ac52c14cdaf29e42540
  117. greesonk@dnc.org, bc29b98410c7c0d8572190e922f5e96c
  118. herriesr@dnc.org, 8cc9c695f22cde46a169aedacec7e686
  119. innovationlab@dnc.org, 809195e0b32f7de853919a431866fb7f
  120. internapp@dnc.org, 3402a6a080e5bcad1f61645b3194b5f5
  121. jimenezd@dnc.org, f3973e6a41c65c14b5944d70190ccfeb
  122. kaplanj@dnc.org, 0672d70a81c11920e54f05eba1d8249c
  123. lykinst@dnc.org, 90dedb0b42ec0816850f91d43308bbd5
  124. manriquezp@dnc.org, d692938ca810f9386ad0f2a56f6c6fa1
  125. marshall@dnc.org, 0627208a35801e447b98ae2f3aa3737a
  126. melendezs@dnc.org, af02a79bcc0ee99e5ca37749d2938120
  127. millerl@dnc.org, a88370fc4f247bdb15dcedd7a4a27b66
  128. olszewskic@dnc.org, 7ce25df79759d351b2a94e4453efca0a
  129. palermor@dnc.org, 0612351f96a83b8e2ecbe8db16a91617
  130. partyaffairs@dnc.org, 540c1b78ea336b1b8b671c3889b8c11c
  131. paustenbachm@dnc.org, 3e86f031e671fcba5d1c96471ec4f75a
  132. pought@dnc.org, f5ab179226828abc759ddf3fdd617a74
  133. psustenbachm@dnc.org, 8a07c88ecdd02c97731f519b4bceadf8
  134. regionalpress@dnc.org, 0f9834b0db470edc621629dc3293fdf6
  135. reife@dnc.org, 7ed2016ae2b9591a9b4e9c6d2fd19d0a
  136. richs@dnc.org, c1787d3ee91d64f04bf6a314ed5ae13b
  137. rivardc@dnc.org, 953c7993cc55dbcebcc0082482ac2509
  138. robertske@dnc.org, b97cef6d90ab269e186feb62d7a494f8
  139. seminerion@dnc.org, bcc4bc237316fcba48bca85983fbdf23
  140. shapiroa@dnc.org, a61dea30b8bd8e3c56a611a918bcc2fd
  141. systems@help.dnc.org, 2c8bc2cf30d729a7d54ee3e14fd62fca
  142. tesellej@dnc.org, 3232a7fcc35ac2aadfb55d09488fbed3
  143. vanessac@dnc.org, 9fb67193b62b77549d9be31d1a791451
  144. walkere@dnc.org, a0e8b114226811b98801c373f327976d
  145. weis@dnc.org, 84f1f2b8c773e69fc16fdaf5d1638247
  146. wileyp@dnc.org, ef343052d49fff7d7e16bbc480b67d6d
  147. wilsone@dnc.org, fa1e7d49a5cfe45603669b21a082eb31
  148. youthcouncil@dnc.org, 5dba2082f283087ac6648d97a52c094c
  149. ----------------redacted--------------
  150.  
  151. ---------------------------------------------------------------------------------------
  152. Second Target : hillaryclinton.com
  153.  
  154. This website runs Varnish v1.1 HTTP reverse proxy which is highly unstable and totally hack-able, that latest version of which is v5.0.
  155. Fortunately I have exploit for Varnish v1.1 which allows brute force attack to the CLI instance, which in case of being successful gave me root privileges in the System
  156.  
  157. Whoever manages this website uses Crestron XPanel 2nd Series control system which gives him full control of the system from his MAC based laptop while on the go.
  158.  
  159. Dump of /etc/shadow/ file:
  160. root:$6$4lRwECOG$FogtN6rsVHWirg93JbJCL.GYf75muM9tCrQrTj.k86yZfoeiDYYMCmcZv.PVl4b.x6oRIz3BKKzAJjrNK3pUt1:17030:0:99999:7:::
  161. daemon:*:16820:0:99999:7:::
  162. bin:*:16820:0:99999:7:::
  163. sys:*:16820:0:99999:7:::
  164. sync:*:16820:0:99999:7:::
  165. games:*:16820:0:99999:7:::
  166. man:*:16820:0:99999:7:::
  167. lp:*:16820:0:99999:7:::
  168. mail:*:16820:0:99999:7:::
  169. news:*:16820:0:99999:7:::
  170. uucp:*:16820:0:99999:7:::
  171. proxy:*:16820:0:99999:7:::
  172. www-data:*:16820:0:99999:7:::
  173. backup:*:16820:0:99999:7:::
  174. list:*:16820:0:99999:7:::
  175. irc:*:16820:0:99999:7:::
  176. gnats:*:16820:0:99999:7:::
  177. nobody:*:16820:0:99999:7:::
  178. systemd-timesync:*:16820:0:99999:7:::
  179. systemd-network:*:16820:0:99999:7:::
  180. systemd-resolve:*:16820:0:99999:7:::
  181. systemd-bus-proxy:*:16820:0:99999:7:::
  182. _apt:*:16820:0:99999:7:::
  183. messagebus:*:16820:0:99999:7:::
  184. mysql:!:16820:0:99999:7:::
  185. ntp:*:16820:0:99999:7:::
  186. stunnel4:!:16820:0:99999:7:::
  187. uuidd:*:16820:0:99999:7:::
  188. Debian-exim:!:16820:0:99999:7:::
  189. statd:*:16820:0:99999:7:::
  190. arpwatch:!:16820:0:99999:7:::
  191. couchdb:*:16820:0:99999:7:::
  192. sshd:*:16820:0:99999:7:::
  193. snmp:*:16820:0:99999:7:::
  194. postgres:*:16820:0:99999:7:::
  195. sslh:!:16820:0:99999:7:::
  196. dncwebadmin:$6$jz2P.mQPe5sQBufd$JkyQ7EjKLZ2lkx4xaLanTiWSvzt0zsbk.CuogI69Ynng36PygUVD.a1/AIka4tA4sxazjUcFc.6bss/EbnlwB0:16962:0:99999:7:::
  198. Now this website also stores the details of the people making donations to the party fund. But this time I am not releasing the details of people not related to DNC .
  199.  
  200. Enough with these technical details, for more juice and "popcorn" times, stay tuned to Wikileaks releases in the coming days, you will not be disappointed!
  201.  
  202. DNC Member Details
  203. -----------------------
  204. Name : Alisa La
  205. Email : ala@hillaryclinton.com
  206. Password : @buster789
  207. Mastercard : 5152 1136 3749 127X
  208. CVC2 : 456
  209. Expires : 2/2020
  210.  
  211. Name : Amanda Litman
  212. Email : alitman@hillaryclinton.com
  213. Password : lit.amen66224
  214. Visa : 4532 4740 4271 765X
  215. CVV2 : 422
  216. Expires : 8/2017
  217.  
  218. Name : Alexandria Phillips
  219. Email : aphillips@hillaryclinton.com
  220. Password : 456aphillips
  221. Mastercard : 5237 5231 1257 398X
  222. CVC2 : 169
  223. Expires : 9/2021
  224.  
  225. Name : Amanda Renteria
  226. Email : arenteria@hillaryclinton.com
  227. Password : amanda@#cubeshillary
  228. Mastercard : 5371 7375 8257 807X
  229. CVC2 : 773
  230. Expires : 5/2019
  231.  
  232. Name : Ashley Woolheater
  233. Email : awoolheater@hillaryclinton.com
  234. Password : alyssa.ashley8
  235. Mastercard : 5311 2592 1557 720X
  236. CVC2 : 746
  237. Expires : 5/2021
  238.  
  239. Name : Carl Gray
  240. Email : cgray@hillaryclinton.com
  241. Password : 777graycarl
  242. Mastercard : 5168 4101 8855 875X
  243. CVC2 : 944
  244. Expires : 2/2017
  245.  
  246. Name : Connolly Keigher
  247. Email : ckeigher@hillaryclinton.com
  248. Password : connolly.k$@dnc
  249. Visa : 4716 6850 8548 404X
  250. CVV2 : 200
  251. Expires : 10/2020
  252.  
  253. Name : Christina Reynolds
  254. Email : creynolds@hillaryclinton.com
  255. Password : 87168824ZM
  256. Visa : 4539 0348 9463 265X
  257. CVV2 : 058
  258. Expires : 2/2021
  259.  
  260. Name : David Huynh
  261. Email : dhuynh@hillaryclinton.com
  262. Password : iamdavidh
  263. Mastercard : 5114 8250 8812 564X
  264. CVC2 : 512
  265. Expires : 9/2021
  266.  
  267. Name : Eric Blackwell
  268. Email : eblackwell@hillaryclinton.com
  269. Password : jerry9970
  270. Visa : 4532 5392 5100 038X
  271. CVV2 : 240
  272. Expires : 7/2019
  273.  
  274. Name : Greg Goddard
  275. Email : ggoddard@hillaryclinton.com
  276. Password : @greg.garcia
  277. Mastercard : 5306 1252 9763 928X
  278. CVC2 : 176
  279. Expires : 9/2018
  280.  
  281. Name : Gita Tiku
  282. Email : gtiku@hillaryclinton.com
  283. Password : 14bigmacgt
  284. Visa : 4716 0815 6324 580X
  285. CVV2 : 103
  286. Expires : 1/2019
  287.  
  288. Name : Huma Abedin
  289. Email : ha16@hillaryclinton.com
  290. Password : abedinhuma
  291. Mastercard : 5267 3032 3474 678X
  292. CVC2 : 442
  293. Expires : 10/2017
  294.  
  295. Name : Harrell Kirstein
  296. Email : hkirstein@hillaryclinton.com
  297. Password : katie@love12
  298. Visa : 4485 0989 1353 441X
  299. CVV2 : 703
  300. Expires : 9/2018
  301.  
  302. Name : Jennifer Palmieri
  303. Email : jpalmieri@hillaryclinton.com
  304. Password : 564ab7244ebb51de8774746c2e37e33f (not cracked)
  305. Mastercard : 5117 5053 2101 693X
  306. CVC2 : 683
  307. Expires : 6/2020
  308.  
  309. Name : Kristina Schake
  310. Email : kschake@hillaryclinton.com
  311. Password : dc1b81fcb0125d3f0ef4c4114361283f (not cracked)
  312. Mastercard : 5526 6150 7641 396X
  313. CVC2 : 061
  314. Expires : 2/2020
  315.  
  316. Name : Lisa Changadveja
  317. Email : lchangadveja@hillaryclinton.com
  318. Password : qwertylol123
  319. Mastercard : 5479 8593 9562 652X
  320. CVC2 : 636
  321. Expires : 1/2021
  322.  
  323. Name : Milia Fisher
  324. Email : mfisher@hillaryclinton.com
  325. Password : 9d7dd4c7644e3baf6ebe97d11f2196e2 (not cracked)
  326. Visa : 4556 5690 9989 278X
  327. CVV2 : 199
  328. Expires : 9/2017
  329.  
  330. Name : Michael Gwin
  331. Email : mgwin@hillaryclinton.com
  332. Password : 1982mgwin
  333. Visa : 4532 0459 9849 897X
  334. CVV2 : 669
  335. Expires : 8/2021
  336.  
  337. Name : Maia Johnson
  338. Email : mjohnson@hillaryclinton.com
  339. Password : mj159753226
  340. Mastercard : 5168 4828 2043 197X
  341. CVC2 : 707
  342. Expires : 7/2020
  343.  
  344. Name : Michael J. Stennis
  345. Email : mstennis@hillaryclinton.com
  346. Password : j.michael1s
  347. Visa : 4532 8021 5247 754X
  348. CVV2 : 239
  349. Expires : 5/2017
  350.  
  351. Name : Marissa Trambley
  352. Email : mtrambley@hillaryclinton.com
  353. Password : 13579basket
  354. Mastercard : 5571 0852 1746 332X
  355. CVC2 : 513
  356. Expires : 4/2021
  357.  
  358. Name : Robby Mook
  359. Email : re47@hillaryclinton.com
  360. Password : robbymook@dnc
  361. Mastercard : 5576 4540 6183 802X
  362. CVC2 : 741
  363. Expires : 2/2018
  364.  
  365. Name : Rebecca Keate
  366. Email : rkeate@hillaryclinton.com
  367. Password : 85startrek58
  368. Visa : 4539 4720 7885 305X
  369. CVV2 : 888
  370. Expires : 1/2017
  371.  
  372. Name : Tony Carrk
  373. Email : tcarrk@hillaryclinton.com
  374. Password : theman777
  375. Mastercard : 5365 7133 7423 531X
  376. CVC2 : 556
  377. Expires : 5/2017
  378.  
  379. Name : Varun Anand
  380. Email : vanand@hillaryclinton.com
  381. Password : vanand#1601
  382. Mastercard : 5435 6187 7125 134X
  383. CVC2 : 260
  384. Expires : 11/2021
  385.  
  386. -- CyberZeist
  387.       twitter.com/cyberzeist
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!