Nuovocard Hacking Contest - Hack Us for $3000 (Bounty) - Phase 2 Started - page 4.

ForgottenPassword

full member

Activity: 154

Merit: 100

Quote from: ?? on ??

Part 1 with 1698 entries of a global ipv4 scan of the complete ipv4 space of all currently available online servers worldwide that are listen on port 18333 right at the moment
http://dustri.org/p/47d511
(Paste will be deleted after 1 week automatically for privacy reasons)
Part 2 should be ready soon after the scan is complete. So if your ip ends with 13 and is listening on port 18333 the chances are not that bad.

Um... the guy already said that he was using bitcoind over tor. I was planning to do what you did, but that won't work. The server does not listen on any port according to the OP. Additionally the default bitcoind listening port is 8333 not 18333.

neha

full member

Activity: 168

Merit: 100

Quote from: ?? on ??

Can I guess more than one?

You can guess as many as you want but you have to say how you got it if you got it right. You cant just list all the possible IP's of amazon and say its one of them.

Quote from: BitCoinDream on August 15, 2014, 03:52:58 PM

Quote from: neha on August 15, 2014, 03:46:56 PM

Interesting. That account is like 11 years old I think. but anyways good find. FYI, godaddy account is not that one and the actual paypal account works just fine.

And ya to remove confusion, Ill get the privacy added tomorrow.

Adding privacy wont work anymore. The information is already out in the open.

Yeah but thats not the right info. Thats the info of our PR guy. Wont help anyone. Moreover, its not like we wont give our office address or phone numbers to concerned people. In a business you cant really hide your place of work.

BitCoinDream

legendary

Activity: 2338

Merit: 1204

The revolution will be digital

Quote from: neha on August 15, 2014, 03:46:56 PM

Interesting. That account is like 11 years old I think. but anyways good find. FYI, godaddy account is not that one and the actual paypal account works just fine.

And ya to remove confusion, Ill get the privacy added tomorrow.

Adding privacy wont work anymore. The information is already out in the open.

neha

full member

Activity: 168

Merit: 100

Interesting. That account is like 11 years old I think. but anyways good find. FYI, godaddy account is not that one and the actual paypal account works just fine.

And ya to remove confusion, Ill get the privacy added tomorrow.

ForgottenPassword

full member

Activity: 154

Merit: 100

Quote from: neha on August 15, 2014, 03:29:08 PM

Who said the Whois details are for our office and which Paypal account is suspended??? Please share.

Moreover, finding us is not difficult at all(Read the About Us).

The problem with the WHOIS issue is that everyone knows that the email address for your Godaddy account is: [email protected]

Additionally when transferring a domain to another registrar it sends the verification email to that address, so if someone compromises your EPP code (or if you were using a registrar tht didn't use EPP) then they'd be able to transfer away the domain by hacking that email account.

So the main problem is if that account gets compromised they can steal your domain, or reset your Gapps account by verifying ownership using the DNS method.

The PayPal account for: [email protected] is the one that is suspended:

PS. If you know what you are doing you can trick PayPal into giving you information on the account holder (such as last 4 digits of your credit card which can be used to reset accounts for Apple and other services). Thats why I was poking around in there, sorry! they didn't give me any information anyway.

neha

full member

Activity: 168

Merit: 100

Who said the Whois details are for our office and which Paypal account is suspended??? Please share.

Moreover, finding us is not difficult at all(Read the About Us).

Quote from: ?? on ??

Quote from: neha on August 15, 2014, 02:41:43 PM

Quote from: ?? on ??

Quote from: Nico205 on August 15, 2014, 02:22:49 PM

I guess we need a team to do this ... IRC ? ^^

Regards

Nico

I'd have, if she escrowed 6+ BTC, i.e. the equivalent of 3000 USD at current market rate. Currently I dont feel the charm to hack her because the prize is uncertain. She is giving petty statements of reputation and bla bla. Let her launch and we'll see Wink

Find the IP, I will escrow 2800 instantly. If no one finds the IP, there is no point. Its not like the hard part is over as soon as the IP is discovered. There are 2 layers of firewalls before reaching the server firewall and all the ports are closed.

U are telling the hacker what route he'll take to hack u ? Your request is not to hack the web server, but the app server and that is also by finding IP ? Cheesy

Your whois details are not yet protected Tongue

Let us know once u gather some money from your customer. U'll see the real hunters then. Good Luck Wink

You cant even find the IP right now....forget find, guess it. I gave the last two digits so that every second someone doesnt post and did I ever say that this server is the actual server?

ForgottenPassword

full member

Activity: 154

Merit: 100

Quote from: ?? on ??

U are telling the hacker what route he'll take to hack u ? Your request is not to hack the web server, but the app server and that is also by finding IP ? Cheesy

Your whois details are not yet protected Tongue

Let us know once u gather some money from your customer. U'll see the real hunters then. Good Luck Wink

Yeah that is one thing I found funny. OP seems to think we actually need the IP to hack the server when we really don't. That is not how most modern hackers work.

I don't know if he'll pay up or not, I doubt he will tbh. The owners PayPal account is permanently suspended (not frozen, suspended indicates breach of TOS), I wonder why... But that doesn't make it less fun. Not everything is about money.

ForgottenPassword

full member

Activity: 154

Merit: 100

Hey guys, I'd recommend you read ALL of Neha's posts. Clearly most of you have missed all the details/hints provided.

BTW it isn't as hard as you guys think. Initially I thought that, but there are PLENTY of ways to get the IP of that server. You can do it by gaining access to GApps (I don't think it uses Tor to fetch mail), and there are literally hundreds of ways to do that. I have found a number of "potentially dangerous" things that nuovocard has done and I'll disclose them to them privately once I've given up and leave it up to them if they want to post them here in order to help you guys.

Nico205

full member

Activity: 130

Merit: 100

If anyone want to join #hack_challenge on freenode irc

Regards

Nico

Nico205

full member

Activity: 130

Merit: 100

Maybe it helps someone: https://forums.aws.amazon.com/ann.jspa?annID=1701 All Amazon public ip range from 8th Aug. 2014

Regards

Nico

neha

full member

Activity: 168

Merit: 100

Quote from: Nico205 on August 15, 2014, 02:35:09 PM

Does the ip start with 10 ?

10 is internal network ip.

Quote from: ?? on ??

Quote from: Nico205 on August 15, 2014, 02:22:49 PM

I guess we need a team to do this ... IRC ? ^^

Regards

Nico

I'd have, if she escrowed 6+ BTC, i.e. the equivalent of 3000 USD at current market rate. Currently I dont feel the charm to hack her because the prize is uncertain. She is giving petty statements of reputation and bla bla. Let her launch and we'll see Wink

Find the IP, I will escrow 2800 instantly. If no one finds the IP, there is no point. Its not like the hard part is over as soon as the IP is discovered. There are 2 layers of firewalls before reaching the server firewall and all the ports are closed.

Quote from: vit1988 on August 15, 2014, 02:38:51 PM

Let's summarise this:

- Webserver is behind cloudflare
- Application server runs bitcoind over tor

- Find the IP challenge is like "find my office in tokyo by sending a letter to my anonymous p/o box in panama which will trigger some street lights in london but"

I'm out.

I like your analogy but we wouldnt be offering money if it was easy. Moreover, we wouldn't be offering money if we knew for sure that its one of the most challenging hacks...way more than any other bitcoin service providers currently out there.

vit1988

sr. member

Activity: 313

Merit: 250

i ♥ coinichiwa

Let's summarise this:

- Webserver is behind cloudflare
- Application server runs bitcoind over tor

- Find the IP challenge is like "find my office in tokyo by sending a letter to my anonymous p/o box in panama which will trigger some street lights in london but"

I'm out.

Nico205

full member

Activity: 130

Merit: 100

Quote from: neha on August 15, 2014, 02:33:35 PM

Quote from: vit1988 on August 15, 2014, 02:23:39 PM

Quote from: neha on August 15, 2014, 02:10:36 PM

Ofcourse it has a public IP otherwise how else would it talk to the bitcoin network and check emails and how else will we connect to it if we need to?

Internal network, vpn, relays, proxies, firewalls, you name it...

I am not sure if you familiar with amazon architecture, see below. This will give you an idea(It was two servers, assume one):-

So there are enough firewalls.

Does the ip start with 10 ?

neha

full member

Activity: 168

Merit: 100

Quote from: vit1988 on August 15, 2014, 02:23:39 PM

Quote from: neha on August 15, 2014, 02:10:36 PM

Ofcourse it has a public IP otherwise how else would it talk to the bitcoin network and check emails and how else will we connect to it if we need to?

Internal network, vpn, relays, proxies, firewalls, you name it...

I am not sure if you familiar with amazon architecture, see below. This will give you an idea(It was two servers, assume one):-

So there are enough firewalls.

Nico205

full member

Activity: 130

Merit: 100

Quote from: BitCoinDream on August 15, 2014, 02:26:05 PM

Quote from: ForgottenPassword on August 15, 2014, 02:00:02 PM

Does the server running bitcoind listen on port 8333?

Also someone could potentially run a couple of Tor nodes and find out which amazon IP's connect to them that end in 13, I would doubt there are many.

Can there be a way to decrypt it ? Anyone ?

Code:

584262684250-52kri9btcso7bk6ohs3u8j0ur8dicmf4.apps.googleusercontent.com

Resolves to:

de-cix20.net.google.com
------------------------
80.81.193.108

BitCoinDream

legendary

Activity: 2338

Merit: 1204

The revolution will be digital

Quote from: ForgottenPassword on August 15, 2014, 02:00:02 PM

Does the server running bitcoind listen on port 8333?

Also someone could potentially run a couple of Tor nodes and find out which amazon IP's connect to them that end in 13, I would doubt there are many.

Can there be a way to decrypt it ? Anyone ?

Code:

584262684250-52kri9btcso7bk6ohs3u8j0ur8dicmf4.apps.googleusercontent.com

Equinoxx

hero member

Activity: 742

Merit: 500

62.115.13.13

vit1988

sr. member

Activity: 313

Merit: 250

i ♥ coinichiwa

Quote from: neha on August 15, 2014, 02:10:36 PM

Ofcourse it has a public IP otherwise how else would it talk to the bitcoin network and check emails and how else will we connect to it if we need to?

Internal network, vpn, relays, proxies, firewalls, you name it...

Nico205

full member

Activity: 130

Merit: 100

I guess we need a team to do this ... IRC ? ^^

Regards

Nico

neha

full member

Activity: 168

Merit: 100

Quote from: ForgottenPassword on August 15, 2014, 02:00:02 PM

Does the server running bitcoind listen on port 8333?

Also someone could potentially run a couple of Tor nodes and find out which amazon IP's connect to them that end in 13, I would doubt there are many.

Thats actually a brilliant idea considering I told you the last two digits.

Also, about your 8333, technically I think its 18332 but that irrelevant with TOR. Giving you 2 outputs from netstat below:-

tcp 0 0 localhost:9050 localhost:38319 ESTABLISHED
tcp 0 0 localhost:38319 localhost:9050 ESTABLISHED

Hope this helps somehow.

Quote from: vit1988 on August 15, 2014, 02:05:19 PM

Quote from: neha on August 15, 2014, 03:30:01 AM

Nope. Ill give a hint, the IP Address ends with 13.

10.4.16.13 or 192.168.0.13

Does it even have a public IP? And if so, why does it have one if the architecture is designed to not expose it anyways?

Ofcourse it has a public IP otherwise how else would it talk to the bitcoin network and check emails and how else will we connect to it if we need to?

Quote from: ForgottenPassword on August 15, 2014, 02:08:10 PM

I know you said it ends in 13, but was that a trick question? Is it xxx.xxx.xxx.13 Or xxx.xxx.xxx.x13?

Here is my guess:
54.194.115.213

Quote from: vit1988 on August 15, 2014, 02:05:19 PM

Does it even have a public IP? And if so, why does it have one if the architecture is designed to not expose it anyways?

How would it talk to Google Apps without a public IP?

Nope thats not the IP.

Topic: Nuovocard Hacking Contest - Hack Us for $3000 (Bounty) - Phase 2 Started - page 4. (Read 6542 times)