The In3ct0r team that owns 1337day.com has contacted with news and proof of them gaining access and dumping FTP files and databases. In the official statement, 1337day said “stole private exploits worth $242,333 from Exploithub”
The process they went through:
1) We scan server and site
2) We reinstall Magento CMS https://www.exploithub.com/install/ <= We reinstall Magento CMS
3) Upload shell and phpinfo https://www.exploithub.com/phpinfo.php
4) Back all files and database.
5) Upload piece of the database https://www.exploithub.com/export/
6) Increased privilegesWe have exploithub.com private database and FTP files
0Daylist list provided:
Exploithub’s phpinfo:
Exploithub was a popular site to buy and sell exploits and a competitor of 1337day.com up until now. The zero-days will be available on 1337day soon. The site seems to be down at the time of posting. They also made an announcement via their site, you can view that HERE.
