by illwill
Monday, February 7th, 2011 at 3:18 pm
Seems Comcast has a hidden admin user account on their business class modems other than the usual user:cusadmin-pw:highspeed. You can log in locally using the username mso and password: D0nt4g3tme . Furthermore you can also use Cross Site Request Forgery in iframes to set the modem to open up its remote admin ports to all IP’s not just the ones Comcast has preconfigured. If you wanna test this out you can visit this URL http://illmob.org/comcast BEWARE, if you are on vulnerable Comcast modem it will open remote access to your modem on http port 80, https port 8181 and telnet 2323.
Props to the guys @ Trustwave for the iframe POC.
by illwill
Thursday, January 13th, 2011 at 11:54 am
Used by Stuxnet to escalate privs in win2k and XP Explanation of the code ::here:: and source code ::here::
by admin
Thursday, January 6th, 2011 at 12:29 pm
Circumvent Apples Mac App store receipt validation.
Install the latest Snow Leopard update(10.6.6). Sign into the new App Store (in your dock). Download Twitter, it’s free. Then go to Applications folder, locate Twitter, right click, Show Package Contents, navigate to Contents folder and copy _CodeSignature, _MASReceipt and CodeResources.
Download Angry Birds ( http://bit.ly/gy9wzk ).. run the dmg file.. drag Angry Birds into the Applications folder. right click, Show Package Contents, navigate to Contents folder and delete _CodeSignature, _MASReceipt and CodeResources. Now paste in the files you copied from the Twitter.app .
Done. Enjoy Angry Birds and any other .app file from the new Mac App Store that you can find online 😉
by illwill
Tuesday, January 4th, 2011 at 8:53 pm
Thats right bitches, after 6 long retarded years being under the government’s thumb for some bullshit charges ,I am finally a free man!!!!
by admin
Wednesday, August 18th, 2010 at 7:40 am
Piotr, who made kon-boot, finally decided to release the Vista smb2 Negotiate ProcessID Function Table Dereference exploit code he’s been sitting on since last fall.
Download: smb2_exploit_release.zip
It should spawn a shell on TARGET_IP on port 28876
Sample usage
————
> smb2_exploit.exe 192.167.0.5 45 0
> telnet 192.167.0.5 28876
by admin
Thursday, July 8th, 2010 at 6:23 am
http://en.wikipedia.org/wiki/Robin_Sage
Thomas Ryan tricked people into becoming friends with “Robin Sage”
We decided to find her real identity
We started by tracking down the image to
http://www.godsgirls.com/girls/katya/album and expanded our search from there…
Katharine Cole
San Fransico,CA
DOB: july 6 1989
http://www.myspace.com/teez_bunny_
http://en-gb.facebook.com/katharinecole
We even have her cell phone number but since she was probably an unwilling participant in this experiment we decided not to make that public. Just goes to show that you cant fool everyone. 🙂
by admin
Wednesday, July 7th, 2010 at 8:38 pm
Guess this is how P Diddy wakes up in the morning.
btw Fuck DJ Stolen..
Skype
Email
Keybase.io
