Dec 30 2007

Just Like Sudoku

Published by at 10:26 pm under Hacker Hunting

  sudoku.JPG

    Ever played Sudoku? There was a time when I couldn’t get away from the game.  Maybe it is my obsessive-complusive personality but finding out who hacked what is getting to be a lot like that.

Fair warning, this Chinese hacker hunt isn’t very satisfactory, no picture of the guy at the end of the trail.  Still, I did it, so you will have to suffer the disappointment with me.

Went back to an old favorite of mine, zoneh.cn and started looking at the hacked websites.  I don’t bother with  internal Chinese hacks but the ones outside of China just annoy me.

Coming in at number 6 in the standings of Top 20 Users is Webshell with 689:

webshell1.JPG

One of the websites outside of China, listed under Webshell’s credits is http://www.photozone.co.kr: (Korean)

Webshell hacks

Here is the mirror of Webshell’s hack:

webshell3.JPG

Translation: Whoosh, an amateur passed by. I am just a very young amateur.

The next website was http://www.casepower.com.tw: (Taiwanese)

webshell4.JPG

 and Webshell’s hack…

webshell5.JPG

    So what has Webshell given us to go on?  His e-mail address of course.  If Chinese hackers use e-mail addresses to recon their potential victims, I figure we can use them to find out about these guys.  Spare you the details of popping through a bunch of websites but finally it led to his blog at http://www.webshell.cn/.

webshell6.JPG

     Unfortunately, the only two pieces of information from the site of any use are that he was born on 27 April 1990 (yeah, a young one) and that he comes from Guangzhou City, Guangdong. While not useful, he also has a storefront on Taobao.com titled 0-day work room under http://shop35213037.taobao.com:

webshell7.JPG

    But, you roll through enough websites and you hit some interesting tid-bits.  Under an ICANN thread on registry failure he made the following post http://blog.icann.org/?p=134:

webshell8.JPG

     Tried to find listings under the name Lidongwei (wasn’t sure if this was a play on the name Li Deng Hui) but no  luck. However, a little more running around and I did bump into another one of his hacks on a Chinese website:

webshell9.JPG

    The hack is on a Chinese site that advertises bathroom fixtures.  Webshell tells the site admin, much like our friend Tom, that he has fixed the loopholes and is welcome to join his website security group.  Once again, this is for a bathroom fixture site admin.

webshell10.JPG

5 responses so far

5 Responses to “Just Like Sudoku”

  1. Eastwoodon 31 Dec 2007 at 2:27 am

    a lot of research!

  2. Heikeon 31 Dec 2007 at 11:28 am

    I really do need to find a new hobby. Happy New Year!

  3. jumperon 31 Dec 2007 at 2:14 pm

    I like that vessel sink. Maybe he can hack the site again and have one sent to me. Can I use latex paint to cover lead paint?

  4. free sudokuon 02 Jan 2008 at 6:15 am

    Nice blog, if you are into Sudoku you should give http://www.sudokulive.net a look.

  5. Heikeon 02 Jan 2008 at 8:47 pm

    Just might do that, hate to have to break the habit again though. :)