DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Vulnerable machines

Collapse

Blog Summary

Collapse

Vulnerable machines

About this Blog

Blog where we'll post all vulnerable machines we reach over the Internet.

Blog entries: 2
Comments: 5

Owner

Subscribers (5)

Container Module

Collapse

Latest Comments

Collapse

  • slashman
    Mail thread that contains server creds
    by slashman
    One of my scrawlers has just found a paste that contains a mail thread between workers of Repsol that contains RDP credentials.


    Code:
    [B]Repsol RDP creds[/B]
    
    
    stolenstuff@stolenstuff · 14 Dec 2021
    
    German Lopez
    Fri, Nov 12, 9:25 AM
    to it-department
    ...
    December 19, 2021, 23:26
  • slashman
    Reply to Welcome post
    by slashman
    LOL, thanks th3hack34 ! I’d never think that a simple Pastebin script could find such a big rabithole hehe
    October 25, 2021, 08:36
  • th3hack34
    Reply to Welcome post
    by th3hack34
    Yeah, slashman. Creds totally work. I’ve dug a bit into the hostname and other keywords I could find on the net and it looks something related to the Spanish electrical company “Red Electrica Espanola”. Get away from there, governments involved...
    October 25, 2021, 08:27
  • slashman
    Reply to Welcome post
    by slashman
    I was developing a simple API integration with Pastebin and I found a paste with some credentials. I tested them and it looks like some kind of HMI at 88.26.254.22:5900 (gonsalpe-operador:OUSTicHolDes). I’d never messed around with OT stuff but it was interesting :)
    October 25, 2021, 02:19
  • th3hack34
    Reply to Welcome post
    by th3hack34
    I saw this (http://4m6omb3gmrmnwzxi.onion/show.php?md5=a6d824e258b00f6536c84762f0816055) and I accessed that server via RDP.

    Look what I discovered:

    1. This machines has a WebSphere
    2. Domain controller on 10.0.0.200
    3. SQL server on 10.0.0.66
    October 18, 2021, 07:44
  • _cr4ck1ng_
    Reply to Welcome post
    by _cr4ck1ng_
    That's nice brother!

    If you let me, I'll started....

    Until now I was only a spectator of this forum, I had not created an account until today, as I did not see the need to do so (I could see the posts that interested me without having an account but today that I have seen...
    September 29, 2021, 08:52
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
There are no conversations in this channel.
Show More
 
  • Filter
  • Time
  • Show
  • Subscribed
Clear All
new posts
Please log in to your account to view your subscribed posts.
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
Topics Statistics Last Post
Started by slashman, December 19, 2021, 23:26
0 responses
143 views
0 likes
Last Post slashman  
Started by slashman, September 29, 2021, 04:31
5 responses
124 views
0 likes
Last Post slashman  
No topics found.
Working...
X