Tuesday, May 29, 2018
Home / Security / Breaches / Inj3ct0r Team hacked & stole 200k worth of zero-days from Exploithub.com

Inj3ct0r Team hacked & stole 200k worth of zero-days from Exploithub.com

The In3ct0r team that owns 1337day.com has contacted with news and proof of them gaining access and dumping FTP files and database.  In the official statement 1337day said “stole private exploits worth $242333 (i ll calculate) from Exploithub”

The process they went through:

1) We scan server and site
2) We reinstall Magento CMS https://www.exploithub.com/install/  <= We reinstall Magento CMS
3) Upload shell and phpinfo https://www.exploithub.com/phpinfo.php
4) Back all files and database.
5) Upload piece of the database https://www.exploithub.com/export/
6) Increased privileges

We have exploithub.com private database and FTP files

0Daylist list provided:

Exploithub’s phpinfo:

Exploithub was a popular site to buy and sell exploits and a competitor of 1337day.com up until now.  The zero-days will be available on 1337day soon. Site seems to be down at time of posting. They also made an announcement via their site, you can view that HERE.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …