• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2016
  • April
  • 21
  • The Vigilante Hacker that hacked Hacking Team

The Vigilante Hacker that hacked Hacking Team

April 21, 2016November 18, 2017 Comments Off on The Vigilante Hacker that hacked Hacking Team
diy hacking guide hack back guide hacker that hacked hacking team phineas fisher guide phineas fisher hacking guide

The hacker who hacked the Hacking Team explains how he did it and includes tips to avoid being busted

finfisher-s-account-of-how-he-broke-into-hackingteam-servers-503078-3

The hacker responsible for bringing pwnage pain to the Hacking Team last July has published an in-depth “DIY guide” for how he pulled it off. It’s a detailed, really great read.

The hacker is none other than Phineas Fisher. He runs the @GammaGroupPR Twitter account, now referred to as “Hack Back,” and previously leaked FinFisher spyware documents, including details such as which antivirus solutions could detect Gamma International’s surveillance malware.

On Friday, Phineas Fisher tweeted a link to his original post, which is in Spanish, giving a technical blow-by-blow on the tools he used and how he breached the Hacking Team’s system. On Saturday, he tweeted a link to an English translation.

Hacking Team hacker explains how he pwned the company

He makes no bones about it; he’s a black hat hacker. Phineas Fisher wrote, “You used to have to sneak into offices to leak documents. You used to need a gun to rob a bank. Now you can do both from bed with a laptop in hand.”

After giving tips on how to avoid being caught and sent to prison, such as encrypt your hard drive, “use a virtual machine with all traffic routed through Tor” and “don’t connect directly to Tor,” he described how he uses Tor to protect his anonymity while connecting to the infrastructure he uses for hacking.

Phineas Fisher credited “hardworking Russians” for developing exploits that have already compromised “almost all of the Fortune 500 networks.” Hacking Team, however, had not been.

A discussion on Hacker News suggested that law enforcement might use the hacker’s post—dialect, spelling, phrases or other “strong markers”—to attempt to identify him. Then again, Phineas Fisher might have crafted the document in a style that is not his usual type. That’s exactly what he said he did when he hacked The Hacking Team.

I didn’t want to make the police’s work any easier by relating my hack of Hacking Team with other hacks I’ve done or with names I use in my day-to-day work as a blackhat hacker. So, I used new servers and domain names, registered with new emails and payed for with new bitcoin addresses. Also, I only used tools that are publicly available, or things that I wrote specifically for this attack, and I changed my way of doing some things to not leave my usual forensic footprint.

Under technical exploitation, Phineas Fisher explained that his reconnaissance into the Hacking Team revealed three choices to hack the company. He could “look for a zero-day in Joomla, look for a zero-day in Postfix or look for a zero-day in one of the embedded devices.” He added, “A zero-day in an embedded device seemed like the easiest option, and after two weeks of work reverse engineering, I got a remote root exploit.” He did not detail that vulnerability, since it still hasn’t been patched, but he did point to sources for finding such vulnerabilities.

Phineas Fisher did a lot of testing on his zero-day “backdoored firmware” before deploying it. Once he did, he said, “Although it was fun to listen to recordings and see webcam images of Hacking Team developing their malware, it wasn’t very useful. Their insecure backups were the vulnerability that opened their doors.”

He discovered several vulnerabilities, such as an unprotected MongoDB, which is where Hacking Team’s Remote Control Software audio is stored. He noted, “The audio folder in the torrent came from this. They were spying on themselves without meaning to.”

Eventually, he went after the Exchange email server and mounted the backup. This was where he found a working BlackBerry Enterprise Service admin password. Then with access to the Domain Admin server, he had the passwords for users.

The fact that Hacking Team’s Christian Pozzi used “P4ssword” was pointed out as “lol great sysadmin.” Phineas Fisher goes into a lot more depth, adding how he included the Pozzi material “in the leak as a false clue, and to laugh at him. The reality is that Mimikatz and keyloggers view all passwords equally.”

After reading the company’s emails, he discovered the company’s GitLab server. He used a password reset option to gain access into that server, as well as the Hacking Team’s Twitter account.

Despite the massive pwnage, the Hacking Team is still around; however, it did recently lose its global export license. After giving his detailed account of how he hacked the company, Phineas Fisher concluded:

That’s all it takes to take down a company and stop their human rights abuses. That’s the beauty and asymmetry of hacking: with 100 hours of work, one person can undo years of work by a multi-million-dollar company. Hacking gives the underdog a chance to fight and win.

To the self-described black hat, “leaking documents, expropriating money from banks and working to secure the computers of ordinary people is ethical hacking.” Phineas Fisher dedicated his guide “to the victims of the raid on Armando Diaz school and to all those who have had their blood spilled by Italian fascists.”

He hopes that the write-up about how Hacking Team was hacked, which he promised to do last July, will be enough “to laugh them off the internet for good.”

 

Download the guides here, if they remove the official links.

DIY hacking guide – Phineas Fisher part 1

DIY hacking guide – Phineas Fisher part 2

Post navigation

How to Bypass URL shortener links
The Hacker that Hacked Facebook shows us how

Related Articles

Austrian Resold Drugs Purchased on The Dark Web

Austrian Resold Drugs Purchased on The Dark Web

- Dark Web News
January 29, 2023
Former Doctor Imprisoned for Attempting to Hire Hitmen

Former Doctor Imprisoned for Attempting to Hire Hitmen

- Dark Web News
January 26, 2023
Counterfeit Oxycodone Vendor “MadHatterPharma” Pleads Guilty

Counterfeit Oxycodone Vendor “MadHatterPharma” Pleads Guilty

- Dark Web News
January 22, 2023
hacker gadgets
hacker phone covers

Recent Posts

Alcatraz: x64 binary obfuscator

Alcatraz: x64 binary obfuscator

January 31, 2023
CVE-2022-27596: QNAP Patches Critical Vulnerability in QNAP devices

CVE-2022-27596: QNAP Patches Critical Vulnerability in QNAP devices

January 31, 2023
PhoneSploit-Pro: remotely exploit Android devices using ADB and Metasploit-Framework

PhoneSploit-Pro: remotely exploit Android devices using ADB and Metasploit-Framework

January 30, 2023
DFShell - The Best Forwarded Shell

DFShell – The Best Forwarded Shell

January 30, 2023
APT-Hunter v3.0 releases: Threat Hunting tool for windows event logs

APT-Hunter v3.0 releases: Threat Hunting tool for windows event logs

January 30, 2023
Hackers are exploiting CVE-2023-0558 and CVE-2023-0557 in WordPress plugin

Hackers are exploiting CVE-2023-0558 and CVE-2023-0557 in WordPress plugin

January 29, 2023

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Join Our Community!

Please wait...
Get the latest News and Hacking Tools delivered to your inbox.
Don't Worry ! You will not be spammed

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW