Last active
December 10, 2022 22:35
-
-
Save toufik-airane/377f41b7ad2457ffda1f2a622aacf42a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Hello | |
| I'm writing this to all the world, so you'll know more about us.. | |
| At first I want to give some points, so you'll be sure I'm the hacker: | |
| I hacked Comodo from InstantSSL.it, their CEO's e-mail address mfpenco@mfpenco.com | |
| Their Comodo username/password was: user: gtadmin password: globaltrust | |
| Their DB name was: globaltrust and instantsslcms | |
| Enough said, huh? Yes, enough said, someone who should know already knows... | |
| Anyway, at first I should mention we have no relation to Iranian Cyber Army, we don't change DNSes, we | |
| just hack and own. | |
| I see Comodo CEO and other wrote that it was a managed attack, it was a planned attack, a group of | |
| cyber criminals did it, etc. | |
| Let me explain: | |
| a) I'm not a group, I'm single hacker with experience of 1000 hacker, I'm single programmer with | |
| experience of 1000 programmer, I'm single planner/project manager with experience of 1000 project | |
| managers, so you are right, it's managed by 1000 hackers, but it was only I with experience of 1000 | |
| hackers. | |
| b) It was not really a managed hack. At first I decided to hack RSA algorithm, I did too much | |
| investigation on SSL protocol, tried to find an algorithm for factoring integer, for now I was not | |
| able to do so, at least not yet, but I know it's not impossible and I'll prove it, anyway... I saw | |
| that there is easier ways of doing it, like hacking a CA. I was looking to hack some CAs like Thawthe, | |
| Verisign, Comodo, etc. I found some small vulnerabilities in their servers, but it wasn't enough to | |
| gain access to server to sign my CSRs. During my search about InstantSSL of Comodo, I found | |
| InstantSSL.it which was doing same thing under control of Comodo. | |
| After a little try, easily I got FULL access on the server, after a little investigation on their | |
| server, I found out that TrustDll.dll takes care of signing. It was coded in C#. | |
| Simply I decompiled it and I found username/password of their GeoTrust and Comodo reseller account. | |
| GeoTrust reseller URL was not working, it was in ADTP.cs. Then I found out their Comodo account works | |
| and Comodo URL is active. I logged into Comodo account and I saw I have right of signing using APIs. I | |
| had no idea of APIs and how it works. I wrote a code in C# for signing my CSRs using POST request to | |
| APIs, I learned their APIs so FAST and their TrustDLL.DLL was too old and was sending too little | |
| parameters, it wasn't enough for signing a CSR. As I said, I rewrote the code for !AutoApplySSL and ! | |
| PickUpSSL APIs, first API returns OrderID of placed Order and second API returns entire signed | |
| certificate if you pass OrderID from previous call. I learned all these stuff, re-wrote the code and | |
| generated CSR for those sites all in about 10-15 minutes. I wasn't ready for these type of APIs, these | |
| type of CSR generation, API calling, etc. But I did it very very fast. | |
| Anyway, I know you are really shocked about my knowledge, my skill, my speed, my expertise, that's all | |
| OK, all of it was so easy for me, I did more important things I can't talk about, so if you have to | |
| worry, you can worry... I should mention my age is 21 | |
| Let's back to reason of posting this message. | |
| I'm telling this to the world, so listen carefully: | |
| When USA and Israel write Stuxnet, nobody talks about it, nobody gots blamed, nothing happened at all, | |
| so when I sign certificates nothing happens, I say that, when I sign certificates nothing should | |
| happen. It's a simple deal. | |
| When USA and Isarel could read my emails in Yahoo, Hotmail, Skype, Gmail, etc. without any simple | |
| little problem, when they can spy using Echelon, I can do anything I can. It's a simple rule. You do, | |
| I do, that's all. You stop, I stop. It's rule #1 (My Rules as I rule to internet, you should know it | |
| already...) | |
| Rule#2: So why all the world got worried, internet shocked and all writers write about it, but nobody | |
| writes about Stuxnet anymore? Nobody writes about HAARP, nobody writes about Echelon... So nobody | |
| should write about SSL certificates. | |
| Rule#3: Anyone inside Iran with problems, from fake green movement to all MKO members and two faced | |
| terrorist, should afraid of me personally. I won't let anyone inside Iran, harm people of Iran, harm | |
| my country's Nuclear Scientists, harm my Leader (which nobody can), harm my President, as I live, you | |
| won't be able to do so. as I live, you don't have privacy in internet, you don't have security in | |
| digital world, just wait and see... | |
| Rule#4: Comodo and other CAs in the world: Never think you are safe, never think you can rule the | |
| internet, rule the world with a 256 digit number which nobody can find it's 2 prime factors, I'll show | |
| you how someone in my age can rule the digital world. | |
| Rule#5: To microsoft, mozilla and chrome who updated their softwares as soon as instructions came from | |
| CIA. You are my targets too. Why Stuxnet's Printer vulnerability patched after 2 years? Because it was | |
| need in Stuxnet? So you'll learn sometimes you have to close your eyes on some stuff in internet, | |
| you'll learn... You'll learn... I'll bring equality in internet. My orders will equal to CIA orders, | |
| lol ;) | |
| Rule#6: I'm a GHOST | |
| Rule#7: I'm unstoppable, so afraid if you should afraid, worry if you should worry. | |
| A message in Persian: Janam Fadaye Rahbar | |
| [Proof Of Hack 1]: http://pastebin.com/DBDqm6Km | |
| [Proof of Hack 2]: http://pastebin.com/X8znzPWH | |
| [UPDATE 1]: http://pastebin.com/CvGXyfiJ | |
| [UPDATE 2]: http://pastebin.com/kkPzzGKW (response to all comments) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Some stupids in internet still cannot understand I'm behind the attack on SSL, talks about their small understandings about my hack and makes me nervous. | |
| Why you can't understand? What's your problem? If you have Psychological or mental problems, don't write your ideas in internet, just surf, ok? | |
| Here is another proof: | |
| http://rapidshare.com/files/454806052/GlobalTrustTable.rar | |
| I uploaded JUST 1 table of their ENTIRE database which I own. | |
| Also ask Comodo about my hack, ask them what I did to them. Let me tell you what I did: | |
| I was logged in into their server via RDP (remote desktop), they detected me and via hardware firewall, they added allowed IP for RDP, so I was no longer able to login via RDP. | |
| But I got UI control in their server just 2 days later, then I logged in via roberto franchini's user/pass, then I formatted their external backup HDD, it was LG with backup of all files inside it. I formatted it. | |
| Then I stopped IIS, deleted all logs, not normal delete which could be recovered with recovery tools, I deleted it with secure delete method and infact I wiped them. | |
| Then I noticed another backup in another drive, I deleted ALL files of it with secure wiping method also and I left this session open with a notepad message in their desktop with this text: "SURPRISE!" | |
| What more I should say? | |
| Stop talking about who was behind it, it's already proven. | |
| Some people says, Microsoft wasn't aware of issue to patch Printer vulnerability. It's simply wrong, it was in a security magazine, you never saw this: | |
| http://www.computerworld.com/s/article/9187300/Microsoft_confirms_it_missed_Stuxnet_print_spooler_zero_day_ | |
| Some others said I don't know about RSA, it's impossible to hack RSA, etc. etc. etc. | |
| Never judge so fast, never write anything you think in your head in internet, most of my daily work focuses on encryption algorithms, differential cryptanalysis, inventing new methods of attacks on encryption algorithms, creating new secure encryption algorithms (symmetric and asymmetric), creating secure hash algorithm, I told you, I can't talk about other things I did, I don't see any use for it just giving away my work and causing more updates. So simply keep your mouth shut and wait. I already created my own encryption protocol, from asymmetric algorithm (for key exchange) to symmetric algorithm for encrypting data to my own hash algorithm to sign encrypted algorithms. You are so far from knowing about me... | |
| Some others says APIs was easy, it was all documented, everything was inside DLL so what I did about re-writing APIs, a person with experience of 1000 programmers had problems with APIs, LOL. | |
| Do you know how many codes I wrote in C++ and Assembly language? Do you know how much work I did in reversing Skype and it's undisclosed protocol? Man! I create my own APIs, from web SOAP XML APIs to windows DLLs with exports. | |
| I said I wasn't aware of !ApplySSL API and other needed APIs like PickUpSSL and others. | |
| I found that out when I was already logged into Comodo Partner's account and I was sure they'll notice me soon, so I had to do my job fast. | |
| TrustDLL.dll was too old, it's last modify date was end of 2007, APIs of Comodo was changed and a lot of more crucial parameters was added, they wasn't using TrustDLL anymore, as far as I understood, they was doing processing and authenticating orders and signing CSRs manually. They had not too much order in last years, about 1 order per 4-5 days for example. So don't worry, I'm aware of APIs ;) | |
| Some other said I'm not religious, "Janam Fadaye Rahbar" is political, not religious, you are simply wrong. No need to explain more. | |
| Some others said I said too much about myself and enjoyed myself too much, if you were did same thing, wouldn't you enjoy like me? :)) | |
| Enough said, huh? Let's think more before writing stuff... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I got a lot of messages and responses with different ideas and I thought it's time to response all of them: | |
| a) "He (referring to me) is so self proud and bluffs about RSA", etc. | |
| Yes, maybe I wrote too much good words about myself, but none of them was wrong. Just I was too happy about my work, maybe I wrote more than what I should. | |
| About RSA. Some people who have no idea about encryption and encryption protocols says that it's all wrong, I'm lying, it's impossible, etc. | |
| I should say that about last 6 years of my life had been spent on encryption and cryptanalysis, I cryptanalysis all type of encryption algorithms, I don't want to talk about details of research and my work, just know that when people in blackhat presented A5/1 rainbow table, that was too funny for me, such huge database with problem of frequency hopping remaining unresolved, means nothing. A5/1 could be broken easier with solution to frequency hopping in so reasonable time. Just in addition I should say, I program for ARM and AVR processors. Find it's relation and get what you should get. Forget it if you don't understand relation. There is really much more to say on my cryptanalysis work, but there is no use as more updates will come to corrupt my work. | |
| Anyway, yes, you are right I didn't broke RSA, but I'm in it's way, current algorithm I own (for integer factorization) is far far faster than others like Pollard's. I just don't focus on integer factoring, also I work on cryptanalysis RSA itself, yes, I didn't found a way YET, but even if find I won't publish it, just I'll use it. I hope RSA stuff keep close after this comment. | |
| b) "If he already broke UltraSurf or TOR, why he was looking for breaking RSA or stealing certificates?" | |
| - Good point, even if you break UltraSurf or TOR, you can't intercept HTTPS traffic without them. | |
| c) "Comodo hack was so easy, Italian reseller was insecure, hack was nothing, it's trivial, simple hack, ..." etc. | |
| - First of all, for some people, if you split the moon in the half, it's nothing, they'll say you are a good magician, that's all, like what people said to our Prophet when he actually did it. | |
| Anyway, for whom who is not like people I mentioned above, it's not so simple hack, it took me time, I hacked a lot of resellers, but I found out that most of CAs verify customers in their own way. After a lot of research and talking as a customer to CAs, I found out there is possible potential in Comodo, I saw resellers can't verify customers, but Comodo partners can, I hacked so much Comodo reseller account, but all of them was not able to use ApplySSL API. They was able to use only OrderSSL API (I learned these stuff after I owned instantssl.it) Anyway... From listed resellers of Comodo, I owned 3 of them, not only Italian one, but I interested more in Italian brach because they had too many codes, works, domains, (globaltrust, cybertech, instantssl, etc.) so I thought they are more tied with Comodo. | |
| After breach in insantssl.it, as you know default IIS configuration doesn't let you to do so much thing, getting SYSTEM (highest level in windows OS, like root in *nix) shell from that server with all updates installed and AVG Anti-Virus wasn't easy. | |
| After that I even installed keylogger on their server and I was monitoring administrators who logged in, keylogger was mine which bypasses all AV and Firewalls (including Kaspersky heuristic engine to Comodo Internet Security). So do not try to make it look simple. | |
| d) He's connected to somewhere, he's not alone, he's not 21 years old, he's not from Iran, his english is good, his english is bad, .......... | |
| - You don't deserve an actual answer, just I repeat, I'm from Iran, acting alone, work and research on cryptography daily, I don't care ideas about my english. That's all | |
| At the end, I want to say my message to world leaders with problems with Iran and Iranian people: | |
| 1) So counted green movement people in Iran isn't most of Iran, so when Obama says I'm with Iranian young community, I should say as Iranian young simply I hate you and I'm not with you, at least 90% of youngs in Iran will tell you same thing, it's not my sentence. But you have bad advisors, they report you wrong details, maybe you would think better if you have better advisors. | |
| 2) To Ashton and others who do their best to stop Iranian nuclear program, to Israel who send terrorist to my country to terror my country's nuclear scientist (http://www.presstv.com/detail/153576.html), these type of works would not help you, you even can't stop me, there is a lot of more computer scientist in Iran, when you don't hear about our works inside Iran, that's simple, we don't share our findings as there is no use for us about sharing, so don't think Iran is so simple country, behind today's technology, you are far stronger then them, etc. | |
| Iran will do it's job about nuclear program, as it's simple right of each nation. Instead of struggling and obeying a fake regime's orders 22,072 km area (sum of area of some cities in Iran) and 63 years back, join Iranian people with 1000s years of civilization. Only loser of this fight is you. | |
| If a person in my age reached this level of expertise and knowledge keep the rest of olders and scientist in different areas like Physics, Chemistry, Math and Technology. | |
| Let's have a better world by not obeying 63 years old fake regime. That's all I have to share with you right now. | |
| Anyone interested in talk? Contact me at: ichsun [at sign goes here] ymail [put a dot here] com |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment