What content has redsecurity.info/cc/?

electrify

Well-Known Member
414
78
28
2019
810
Here my story so far... I decided to force my way in to know what this suser has to offer

At first when a user tries to enter the site the machine friezes and there is a memory corruption. There is no way to bypass this as it affects all browsers (Mozilla, Chrome, Opera, Etc). As an alternative way to get inside i install noscript extension to remove useless client scripts but it didn't work either.

So i changed to coding...
The forum is using MyBB and i just wanted to know what the forum is all about, so i jump in to the rss feed. In MyBB the rss feed is always located at /syndication.php?limit=50 and in this case the server rules aren't blocking bots, so all good. Soon i got the rss feed which is plain text i accessed from a tool called Hacxx RSS Client. RSS feeds normally are in plain text and i use a rss service that validates the rss feed, this means that this suser will not be able to inject code into the feed.

The RSS feed...
The RSS feed client i have show 10 entries from the forum (even if i change the limit to 50) After reading it, i understand what is all about. It's a exploits Forum.

Now time to access...
As a normal user will not be able to visit the site, i decided to code my own app by changing a few lines in one of my RSS clients. What i did was access the links using a Glype Proxy and try to access the content with javascript and objects disabled from a diferent ip. Soon, i reach the page i get knock out.

While i'm booting up i got another idea, use a image proxy to access the site and take screenshots of the articles available in the rss client. This way i will know a bit more about the forum content and keep a close eye on the articles. Once i read the 10 articles i got frustrated as i was looking for source codes and this forum is just exploits news without any examples to play with :(

Here the source code for the rss client and image proxy that let me inside the site.

Download: (RedSecurity Forum RSS Client (Imagyfied))

The forum is owned by a suser called Mr.Kurd, i did a dox with Forums Username Dox as it seems that i had read this username somewhere on Sinisterly but the only forum where MR.Kurd has it's name is on redsecurity and sinisterly.

Download: (Forums Username Dox)
 
1 comment
Top Bottom