Code:
[B]Repsol RDP creds[/B] stolenstuff@stolenstuff · 14 Dec 2021 German Lopez Fri, Nov 12, 9:25 AM to it-department
Owner
Subscribers (5)
-
One of my scrawlers has just found a paste that contains a mail thread between workers of Repsol that contains RDP credentials.
...December 19, 2021, 23:26 -
Reply to Welcome postLOL, thanks th3hack34 ! I’d never think that a simple Pastebin script could find such a big rabithole heheOctober 25, 2021, 08:36
-
Reply to Welcome postYeah, slashman. Creds totally work. I’ve dug a bit into the hostname and other keywords I could find on the net and it looks something related to the Spanish electrical company “Red Electrica Espanola”. Get away from there, governments involved...October 25, 2021, 08:27
-
Reply to Welcome postI was developing a simple API integration with Pastebin and I found a paste with some credentials. I tested them and it looks like some kind of HMI at 88.26.254.22:5900 (gonsalpe-operador:OUSTicHolDes). I’d never messed around with OT stuff but it was interesting :)October 25, 2021, 02:19
-
Reply to Welcome postI saw this (http://4m6omb3gmrmnwzxi.onion/show.php?md5=a6d824e258b00f6536c84762f0816055) and I accessed that server via RDP.
Look what I discovered:
1. This machines has a WebSphere
2. Domain controller on 10.0.0.200
3. SQL server on 10.0.0.66October 18, 2021, 07:44 -
Reply to Welcome postThat's nice brother!
If you let me, I'll started....
Until now I was only a spectator of this forum, I had not created an account until today, as I did not see the need to do so (I could see the posts that interested me without having an account but today that I have seen...September 29, 2021, 08:52