EvilZone
Hacking and Security => Hacking and Security => Topic started by: L0rd_M@dness on September 03, 2012, 11:46:15 PM
-
Has anyone seen some of these hackers claim to have a blog but once you enter the blog there's nothing to see?
It's just an empty page! example: [size=78%]http://www.pyr0.net/ (http://www.pyr0.net/)[/size] (the source doesnt show anything either)
I don't know if it's common among hackers and I'm probably such a n00b...
What is this for?
-
secret underground hacking community bro. you need to know the codes that need to be typed after the url.
-
asdf
-
lol saw the images. so weird...
why not just establish a blog like a human being?
well I could scan the website and find out the dirs...
http://www.rootcompromise.org/ (http://www.rootcompromise.org/)
another one...
Staff Edit
Don't double post. Simply edit your first post please
-
Some use the servers as file stashing servers, and other stuff like FTP, IRC, proxy, etc. idk why you thought it was a "blog", it's just a webserver.
-
http://www.rootcompromise.org/ (http://www.rootcompromise.org/)
another one...
Idk. Just googled site explorer and all related text was for defcon. I used the second one down, opensite explorer or something. Could be a site they used to redirect traffic to their site and they no longer have the link in place or something. Interesting indeed lol
-
no it's not just a webserver since the defcon member who owns the url claims it as his BLOG on his official page.
I also remember another one I'd bumped into and on the first page, with giant letters, it had written "This page has been intentionally left empty!" So they use it for some sort of sharing purposes but they also want to keep some sort of privacy...
After figuring that the sites are for defcon members I went to their "Goons" page and explored a bit, and lots of other blogs are also the same way. (not all tho)
I'm also sure that this method is not particular to defcon members cuz I remember seeing other blogs before that were like this and had nothing to do with defcon.
-
Honestly I would assume they are temporary sites that don't have anything on them perse...
For example take Kevin Mitnick. He avoided getting caught by uploaded all files on various FTP servers so nothing was stored on a local hard drive.
Having a domain name for these are what I find weird.. What would be the purpose? A simple Whois will give information, unless its falsified information:
Domain ID:D74786213-LROR
Domain Name:ROOTCOMPROMISE.ORG
Created On:07-Jul-2001 22:58:12 UTC
Last Updated On:02-Jul-2012 18:22:52 UTC
Expiration Date:07-Jul-2014 22:58:10 UTC
Sponsoring Registrar:GoDaddy.com, LLC (R91-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant ID:CR62148012
Registrant Name:Neil Wyler
Registrant Street1:P.O. Box 2356
Registrant Street2:
Registrant Street3:
Registrant City:Layton
Registrant State/Province:Utah
Registrant Postal Code:84041
Registrant Country:US
Registrant Phone:+1.8017736103
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:nwyler@gmail.com
Admin ID:CR62148016
Admin Name:Neil Wyler
Admin Street1:P.O. Box 2356
Admin Street2:
Admin Street3:
Admin City:Layton
Admin State/Province:Utah
Admin Postal Code:84041
Admin Country:US
Admin Phone:+1.8017736103
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:nwyler@gmail.com
Tech ID:CR62148014
Tech Name:Neil Wyler
Tech Street1:P.O. Box 2356
Tech Street2:
Tech Street3:
Tech City:Layton
Tech State/Province:Utah
Tech Postal Code:84041
Tech Country:US
Tech Phone:+1.8017736103
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:nwyler@gmail.com
Name Server:NS1.BLUEHOST.COM
Name Server:NS2.BLUEHOST.COM
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
DNSSEC:Unsigned
However as said they could be used to store files on a remote server, act as a site to host a shell to attack other sites, part of a DDoS network, etc. There is also the high probability that it is for an SMTP server for secure email. Also there is the option that it could be used for a proxy, etc. There are a lot of options, what the actual use is for idk...
As for pyr0 they are a lot more secure:
Registrant:
Domains By Proxy, LLC
DomainsByProxy.com
14747 N Northsight Blvd Suite 111, PMB 309
Scottsdale, Arizona 85260
United States
Registered through: GoDaddy.com, LLC (http://www.godaddy.com)
Domain Name: PYR0.NET
Created on: 15-May-03
Expires on: 15-May-13
Last Updated on: 16-May-12
Administrative Contact:
Private, Registration PYR0.NET@domainsbyproxy.com
Domains By Proxy, LLC
DomainsByProxy.com
14747 N Northsight Blvd Suite 111, PMB 309
Scottsdale, Arizona 85260
United States
(480) 624-2599 Fax -- (480) 624-2598
Technical Contact:
Private, Registration PYR0.NET@domainsbyproxy.com
Domains By Proxy, LLC
DomainsByProxy.com
14747 N Northsight Blvd Suite 111, PMB 309
Scottsdale, Arizona 85260
United States
(480) 624-2599 Fax -- (480) 624-2598
Domain servers in listed order:
NS1.DREAMHOST.COM
NS2.DREAMHOST.COM
NS3.DREAMHOST.COM
Registry Status: clientDeleteProhibited
Registry Status: clientRenewProhibited
Registry Status: clientTransferProhibited
Registry Status: clientUpdateProhibited
So possible reasons for a "blank" [hacker] site
1. Secret Underground Community (invite only usually)
2. Mail Server
3. File Server
4. Proxy Server
5. Exploit Server
6. IRC server/bouncer
6. etc.
Hope that clears some stuff up for you.
My honest opinion for the ones that have a domain name are UG communities, email, and or irc server. For FTP, exploit, etc I wouldn't purchase a domain name.