@LegendBegins I did leave the server mostly cuz I have some stuff going on in my life rn that made me cut some RPs but I never blocked you. We were just never friends on discord which makes it so you cant PM me if we are not on the same server
But yeah, I'm really interested but soon becoming possibly overextended. What would the pacing be/ how often would I be expected to post? Would it be more of a daily, around every other day, or weekly thing?
Hey! Sorry for the late response; I wasn't monitoring this thread. We're definitely still open and you're more than welcome to join (and I'd be more than glad to discuss the IRL security field if you're interested. The pacing is about 1/week, but there are ARG-style puzzles in the Discord groups in between posts to drive the story. Hope to see you there!
T.R.Y.H.A.R.D.E.R. This password Freischutz had entered into the chat window after solving the final puzzle, sending the server's helpbot, The Oracle ReplAI, into a frenzy.
PASSWORD ACCEPTED. FORWARDING DATA TO THE ELDER. PLEASE STAND BY; YOU WILL BE ALERTED AUTOMATICALLY.
Moments later, The Oracle said something new, but the tone seemed strange. Almost... human.
This seemed to be The Elder, creator of Th3_Storm, present in real time. Sure, it was a bit fun to solve his puzzles, but was there really any more to it? And still then, how did he get the personal information of each of the five invitees?
All of you have the ability to target particular aspects of various flawed industries. I believe we can reach an agreement to take advantage of each one of those skills.
Naturally, the unlikely group inquired regarding payment.
Of course. I can provide something even more valuable to you than money. How does a collection of undiscovered 0-days sound to you? Thousands upon thousands of vulnerable systems in the palms of your hands. As a gesture of goodwill, I will provide 0-days. You prove that you can properly handle them and I will supply more.
This had finally started to get interesting. The right 0-days could be worth millions of dollars, or even better, millions of lives. There was an element of power to hacking, of course, one that allowed each attacker to salivate for a moment too long over the enter key, tempted, just hoping that an unforeseen force would push them over the line, a darkness where they could watch the world burn in peace like a fire on a snowy Christmas day. But the only question remaining was why this Elder character would be willing to entrust that kind of power into the hands of those who he did not know, those who may help or harm the world, or even each other.
I am going to die soon. I could simply mark the world myself, but I would rather it fall into the hands of those who can continue to manipulate it like clay.
ATTACK #1: Biotronik Pacemakers: All versions Vulnerable to RCE upon compromise of management systems Management interface exposed through web portal on port 33892 All vulnerable to SQLi through the use of the following query Admin' OR TRUE; DROP TABLE auth00334; -- Refresh the portal and the following credentials will provide access: Admin:Default00334 ATTACK #2 Insulet Insulin Pumps Vulnerable to DoS-bricks device When exposed to 13.56 MHz waves with the following encoded payload, the device will automatically short due to a hardware malfunction (Data represented in bytecode, little endian): FE01225DC47A9901010000000000000000 ATTACK #3 Medistore Medical Record Storage: Versions 0.1-9.9, except for 8.22 Vulnerable to File System Compromise and Data Exfiltration All medical records can be leaked at will from this ubiquitously implemented software. On port 21, a developer backdoor was left with RW credentials to the records database, left unencrypted. Credentials are daniel:BrokenRecordsAreAsIrritatingAsLongPasswords ATTACK #4 CareWatch Devices All CareWatch devices are vulnerable to wireless port knocking. Probe ports 111, 777, 665, 1922, and 65535 in that order and a shell will open on port 1.
Well, this is an interesting turn of events. After trolling around on the new Discord group, OffByNone had successfully taken advantage of one of the exploits that The Elder released to the group and wrote a script that would automatically infect hospital networks through the Biotronik Pacemaker interface and add them to OBN's personal botnet. Of course, they deserved it. Any organization playing with peoples' lives had no right to take their security lightly, and OBN intended to prove that fact to them. Hovering over Enter, OBN hesitated. Of course, every test had succeeded. Every connection was still established. But what if? OBN fished a stray hair from their keyboard to delay the decision further. Something always goes wrong. What if they find out? But in the midst of the usual self-doubt, OBN's eyes drifted toward the shimmering glow of the pulsating RGB keys. It was now or never. [Enter]
bash: ./reportFsailAll: No such file or directory
A typo. Of course. Always something something Murphy's Law.
[None@lolstationC2 ~]$ ./reportFailAll Generating Payloads. [▮▮▮▮▮▮▮▮▮▮▮▮▮▮▮▮] Payloads complete Transmitting. . . . . . . . Success ERROR: Could not establish a secure connection to [3/988] hosts Retrying.... Success Changing Settings...
Exploit Complete. [None@lolstationC2 ~]$
OffByNone laughed, fueled by the adrenaline. It would only be hours before news stations across the planet started broadcasting this little endeavor. Nothing lethal, of course, just a fun prank. Not that the hospitals would see it that way; in fact, they might even start panicking when their pacemakers started falsely reporting that every patient's heart had stopped. OffByNone smiled in anticipation of the mayhem that would ensue.
Pakistani VPN. Authorities have traced potentially correlated traffic to Israel, but no concrete details have been confirmed.
Dragon's Scythe (Ad Hoc). The organization is responsible for releasing secret government documents exposing corruption and generating significant public unrest in over 30 countries across the globe. Chile has offered a $150,000 bounty for information related to Dragon's Scythe and President Trump has described the organization as "a major threat to cyber for the U.S., maybe even the world." While not a consistent member, OffByNone has proven him/herself regularly valuable.
OffByNone is rarely active on Saturday afternoons and has an interest in all things scientific and technological. Attempts to pin down precise working hours have failed, but OffByNone willingly reveals trivial personal hobbies such as shows he/she is following, recent memes, and qualms with societal structure and customs. Authorities have built a comprehensive personality profile of OffByNone.