Contest!

iago · October 22, 2005, 03:44:52 PM

The contest is to break into this server:

cash.sexchinatown.com

If you go to http://cash.sexchinatown.com (possibly https), you should get a login page. If you find a valid password, post what is on the actual page here!

I wouldn't recommend portscanning it, but here is the output I get:

iago@slayer:~$ sudo nmap -O cash.sexchinatown.com
Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2005-10-22 14:54 CDT
Interesting ports on cash.sexchinatown.com:
(The 1667 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
80/tcp open http
Device type: general purpose
Running: Linux 2.4.X|2.5.X|2.6.X
OS details: Linux 2.4.7 - 2.6.11
Uptime 25.130 days (since Tue Sep 27 11:47:11 2005)

Bruteforcing is OK (I swear -- you won't get in trouble)

<edit> by the way, www.sexchinatown.com has the same problem. I just noticed that.

Quik · October 22, 2005, 03:56:38 PM

Who is running this contest, and where is the explicit notification declaring this contest legitimate?

iago · October 22, 2005, 03:57:22 PM

I am, and it's right here.

[holds up note]

Would I ever try to get somebody in trouble?

..ok, would I ever try to get my friends in trouble? :)

Quik · October 22, 2005, 06:16:53 PM

Quote from: iago on October 22, 2005, 03:57:22 PM
I am, and it's right here.

[holds up note]

Would I ever try to get somebody in trouble?

..ok, would I ever try to get my friends in trouble? :)

Whos domain is sexchinatown.com and why does it seem to be a lookback address to my router?

iago · October 22, 2005, 06:31:56 PM

Quote from: Quik on October 22, 2005, 06:16:53 PM
Quote from: iago on October 22, 2005, 03:57:22 PM
I am, and it's right here.

[holds up note]

Would I ever try to get somebody in trouble?

..ok, would I ever try to get my friends in trouble? :)

Whos domain is sexchinatown.com and why does it seem to be a lookback address to my router?

I don't know whose domain it is, look it up.

"lookback address"?

Ergot · October 22, 2005, 06:32:07 PM

Ron: Stop looking for asian porn.

Quik:
jimmy@x86:~/public_html$ host www.sexchinatown.com
www.sexchinatown.com has address 192.168.1.1

Unfortunately there is no 192.168.1.1 on my network :(

WHOIS information for sexchinatown.com:

[whois.enom.com]

Registration Service Provided By: HK82.COM Web Hosting Company
Contact: sales@hk82.com
Visit: http://82name.com

Domain name: sexchinatown.com

Registrant Contact:
Cheung Sze Chun
Cheung Sze Chun (group@asianude4u.com)
+852.25183779
Fax:
23/F, Sun Hing Ind., Bldg, - 46 Wong chuk Hang Road
Hong Kong, 852
HK

Administrative Contact:
Cheung Sze Chun
Cheung Sze Chun (group@asianude4u.com)
+852.25183779
Fax:
23/F, Sun Hing Ind., Bldg, - 46 Wong chuk Hang Road
Hong Kong, 852
HK

Billing Contact:

Cheung Sze Chun (group@asianude4u.com)
+852.25183779
Fax:
23/F, Sun Hing Industrial Bldg,
46 Wong Chuk Hang Rd, Hong Kong
Hong Kong, 00852
HK

Technical Contact:
Cheung Sze Chun
Cheung Sze Chun (group@asianude4u.com)
+852.25183779
Fax:
23/F, Sun Hing Ind., Bldg, - 46 Wong chuk Hang Road
Hong Kong, 852
HK

Status: Locked

Name Servers:
DNS27.REGISTER.COM
DNS28.REGISTER.COM

Creation date: 05 Mar 2003 05:08:19
Expiration date: 05 Mar 2008 05:08:19

iago · October 22, 2005, 06:39:52 PM

Yeah, you guys are right.

The DNS name points to 192.168.1.1, which is normally a router, which normally requires authentication. So I figured it'd be fun to post this and see who noticed :-)

And in case you're wondering, I found the URL with a reverse DNS lookup tool:
http://www.searchmee.com/web-info/ip-hunt.php?hosttofind=&ip=192.168.1.1&cidr=24&action=Search

Newby · October 22, 2005, 07:43:19 PM

Too bad I'm not on 192.168.1.x =P

iago · October 22, 2005, 07:50:00 PM

Quote from: iago on October 22, 2005, 06:39:52 PM
The DNS name points to 192.168.1.1, which is normally a router, which normally requires authentication. So I figured it'd be fun to post this and see who noticed :-)

Newby · October 22, 2005, 09:31:25 PM

Quote from: iago on October 22, 2005, 07:50:00 PM
Quote from: iago on October 22, 2005, 06:39:52 PM
The DNS name points to 192.168.1.1, which is normally a router, which normally requires authentication. So I figured it'd be fun to post this and see who noticed :-)

I hate you.

Quik · October 23, 2005, 12:57:44 AM

My router IS on 192.168.1.1, I believe that's default for all linksys. I noticed immediately when I hit 'cancel' and found the 401 Not Authorized page my router gives me. Quality. Do I win?

Ergot · October 23, 2005, 02:38:39 AM

Well, if it went to 192.168.0.1 mine would ask "Enter Username and Password for 'RP114' at '192.168.0.1'" or something.

Screenor · October 23, 2005, 09:48:28 AM

I don't have a router, so I don't know. -_-

As soon as my damned mother shows her face to me for once this week, I'm going out to buy one.

Blaze · October 23, 2005, 11:28:06 PM

"Please enter the username for '3AD48F'. Hey... that sounds familiar!"

btw, I got in, what do I win? :D

Ergot · October 23, 2005, 11:37:10 PM

Chinese porn.

Clan x86

News:

Contest!

iago

Quik

iago

Quik

iago

Ergot

iago

Newby

iago

Newby

Quik

Ergot

Screenor

Blaze

Ergot