The Sanctuary Market Pwn3d By Cipher0007

hi to all i like to warning all users to stay away from this market and from any new market, this market has been hacked a few minutes ago.

this is info of panel admin :

user_name user_pass

admin $2y$10$3lvQG2epkFI6DZbzvOUQlO/kcKLAfHCZUDKdt3k/Z59gQnzVINOZi admin2 $2y$10$DEHjWfIBMUGFOj8CQkTZ0.toG/nurhi9IumPAbbtBaBmoCbqFL8va

this is info of access to database remotely by using (/phpmyadmin)

Host User Password

pma *67E8480887AD78875162CCB6927B0AAC08409A20

root *67E8480887AD78875162CCB6927B0AAC08409A20

if moderators need proof i can send to him url of exploit sqli.

update

this is proof of uploaded shell and dumped private key of url onion of market and info of config of login db using /phpmyadmin ;)


proof1 :

uploaded shell with sqli using sqlmap on vmware :

http://matrixtxri745dfw.onion/neo/uploads/170531/MATRIX_021953_uTY_proof2.png


proof 2 :

-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQDCmAaCBiW1x6trqiVXBw+DdGcEpguPfgcjbUcVKhFzhyeL8Zmm Fj+GQmLDhFgu3lTWQQDdIRmKetCJe5gMtSeg9y2yTUIiArZz5bOFZFp5/i9Kt1c7 /Qxagfg7/iOsWNvE01ey3/wV8Ki5bmAxLYRnFEK6pCrxB1i4zLZ1GOv10wIDAQAB AoGAKtAt5l+Z3mO+2GJH8tzP0flDTSeHNZvh0C6TzBlEW6mpzsVqK7uLYGustR2i FTW/bqBAo2ZL60bYKNdzfaBBxmtERV/CN7OeGS9TXsL+QlAMo+exkjxTwwmcEmw0 mJVo0WXQIottkxOtjmSCS1Zm0+hEkO/JOzbskSy7NRJlN/kCQQDhEDvnBDwEHZHS VLDG6Ll/V9RhNnDKQF0sNAmH7TgyMBD+mwblyQ4svQMbBI2WujG4q2XJR8P8+weU +9KimWPtAkEA3VeYvFuOyb78ydb9jNNuUqbjHIZHZFTegcJ9+938zmOR6LOBEqUc X6aTVKRPcFS9eovbyCdRL4MQO9LRzWcIvwJAQ7tJ+8U3dpmbh+v643GoWZ2KCdOD cCqcn6/tal3GurvicW0gT0kJngcoBxqArerNCeFzGXcikWDOsFR02IBHJQJAb35U XWzxPAaMZ094YJuQEuoltJSfGZb2jf5eX6SuV3goY0MoXS/2XugVhqlNqpPE7hnN F8FWT8yBPOEw9XpVGQJBAICX3Ikq7uIOSj/GGjH9w62IGOxQOkqIwbZXKV8ixzBd rM0PlhvrlQyN+c+u1Ef3bXvJE5xNTyM2oM6TE4jXSOA= -----END RSA PRIVATE KEY-----

tor_service42 http://yu3qmx5ha2eotxln.onion site42.local:8170 D:/xampp/htdocs/wiki wiki


proof3 :

information of config :

mysql_connect("127.0.0.1", "root", "9QjBj2D3V836b2vH");



Comments


[9 Points] ForLol_Serious:

I bet you can't hack my gmail.


[4 Points] ptbmnnn:

Wtf is a sanctuary market?


[5 Points] None:

I mean yeah that's not great.... But are you capable of doing anything besides dumping? Injecting, modifying, etc (actually having more control over the server/db)

Right now you just dumped encrypted data, not good, but its not like anyone will just decrypt* bscrypt (Blowfish?) and what looks to be sha1.

So far what im seeing should just be fixed quickly and appropriate measures taken.

Also shouldn't you have notified admins 24-48hrs ahead before publicly boasting\warning? I mean just to be polite.

Any way there could be more, just saying stuff about what I see so far


[3 Points] None:

[deleted]


[1 Points] WrecklessNES:

Your title reeks of "GIVE ME ATTENTION". a cool blackhat just says "lol owned. here's there passwords." And those are encrypted?


[1 Points] None:

And why don't marketplaces make you a mod already again?


[-1 Points] JburnaDNM:

People like u/cipher0007 blow my mind and how they can hack sites like this. Unreal. I wouldn't even know where to start.