Question hi guys, can you help? are you familiar with this hardware?

DRKSKY · Jun 5, 2019

What would this hardware be used for? this hardware will be used as OTH (one time hardware)

Buffalo TeraStation
8TB
5410DNX
4-Bay
NAS - (4 x 2TB)
Overclocked 12x
Overcooked 2x
Price - 1500 Euro (Approx)

MAS - ODL Mod (J Pack)
Octa-Core
REF Modulated
Web - (2 X 2TB)
Overclocked 8x
Overcoocked 2x
Price - 300 Euro (Approx)

De-Crypto R-N
ROM/ZEM Processed
2011 OEMR
Anti-Firewall -(1 x 2TB)
Overclocked 1x
Overcooked 2x
Price - 200 Euro (Approx)

OCR Mod
2x Penta Core
Dubbles+HDD included
VMR 2x
Pitching Speed - 7x
Patcher/DeAuth - (3 x 4TB)
Overclocked 5x
Overcooked 1x
Price - 200 Euro (Approx)

please get back to me, thanks

Rogue Leader · Jun 5, 2019

Much of it sounds like its set up for mining cryptocurrency. Why do you ask, where did you find this?

SgtScream · Jun 5, 2019

Buffalo is a network attached storage company (NAS). If it has multiple drives (ie 4 bay), it's used for mas redundant storage.
https://www.buffalotech.com/products/terastation-3000-series

DRKSKY · Jun 5, 2019

Rogue Leader said:
Much of it sounds like its set up for mining cryptocurrency. Why do you ask, where did you find this?

This equipment has been requested in order to carry out a whitehat hack using RFI (remote file inclusion) and SH (shell hacking).

My question is - would the ethical hacker need these items in order to carry out the hack and why would he only use these components once for the hack and never use again? OTH (one time hardware)

Rogue Leader · Jun 5, 2019

DRKSKY said:
This equipment has been requested in order to carry out a whitehat hack using RFI (remote file inclusion) and SH (shell hacking).

My question is - would the ethical hacker need these items in order to carry out the hack and why would he only use these components once for the hack and never use again? OTH (one time hardware)

To be honest I'm not knowledgable enough to tell you for sure, however from what I do know I seriously doubt the need for an 8TB Buffalo TeraStation and only use it once ever.

Something sounds a bit sketchy, but I'll share this with some others who may be more knowledgable.

DRKSKY · Jun 5, 2019

Rogue Leader said:
To be honest I'm not knowledgable enough to tell you for sure, however from what I do know I seriously doubt the need for an 8TB Buffalo TeraStation and only use it once ever.

Something sounds a bit sketchy, but I'll share this with some others who may be more knowledgable.

I appreciate your fast responses, when will you be able to get back to me?

Rogue Leader · Jun 5, 2019

DRKSKY said:
I appreciate your fast responses, when will you be able to get back to me?

I shared with some people, they will reply here if they have an answer when they can.

Maybe a little more info about what you need and where this is coming from and why could help them?

COLGeek · Jun 5, 2019

The NAS could be used to capture exploited data, but that is hardly a one time use sort of thing for a device of that cost and normal use.

USAFRet · Jun 5, 2019

"1500 EUR" is far too much for a 4 bay NAS and 4x 2TB drives.
That's about twice what my 4 bay QNAP + 4x4TB drives cost.

And that device is absolutely NOT a requirement for any 'white hat' function.
There is no whitehat thing he couldn't do with one or two 1TB external SSD's for $150 each.

Rogue Leader · Jun 5, 2019

DRKSKY said:
I appreciate your fast responses, when will you be able to get back to me?

Ok in discussing with my colleagues we've determined whoever delivered you this list is trying to rip you off. Someone else may reply here, but between the 8TB nas and the other nonsense, you're not getting what you're looking for.

Turb0Yoda · Jun 5, 2019

I'll double down on that last comment.
Any sort of engagement eg pentesting, a company brings their own devices. My guess is the "company" you're getting this info from is gonna take the hardware and scram. You get what you pay for and this looks like payment for a scam.

DRKSKY · Jun 6, 2019

USAFRet said:
"1500 EUR" is far too much for a 4 bay NAS and 4x 2TB drives.
That's about twice what my 4 bay QNAP + 4x4TB drives cost.

And that device is absolutely NOT a requirement for any 'white hat' function.
There is no whitehat thing he couldn't do with one or two 1TB external SSD's for $150 each.

Would this type of equipment be used to outperform (overwhelm) other servers in order to carry out a black hat attack?

DRKSKY · Jun 6, 2019

Hi guys, appreciate all of your replies. I understand that you believe 1500 EUR to be far too much for the nas BUT this hardware is being overclocked and modified which comes with extra cost. Is this price still too high after considering this?

Does this list of hardware make recipe for a black hat attack on a server?

COLGeek · Jun 6, 2019

DRKSKY said:
Hi guys, appreciate all of your replies. I understand that you believe 1500 EUR to be far too much for the nas BUT this hardware is being overclocked and modified which comes with extra cost. Is this price still too high after considering this?

Does this list of hardware make recipe for a black hat attack on a server?

Yes, the price is too high. Those tweaks are not needed for a NAS. They would serve no purpose. Good luck.

USAFRet · Jun 6, 2019

DRKSKY said:
Hi guys, appreciate all of your replies. I understand that you believe 1500 EUR to be far too much for the nas BUT this hardware is being overclocked and modified which comes with extra cost. Is this price still too high after considering this?

Does this list of hardware make recipe for a black hat attack on a server?

Still far too high for the supposed use case.
A single $150 1TB SSD is 'faster', and 8TB drive space is absolutely not needed.

Pen testing or 'ethical hacking' can be done with a $200 laptop.
I can't imagine what they'd need 8TB of actual drive space for.

For the rest of that equipment? We'd need a much better description of that stuff.

USAFRet · Jun 6, 2019

Additionally, a consultant you hire would bring his own tools and equipment.
You spending 2k EUR for a one time use? Not even...

USAFRet · Jun 6, 2019

And for the backstory on this...

What type of service do you have that needs this testing?
How did you come into contact with this particular person?

mrface · Jun 7, 2019

"Does this list of hardware make recipe for a black hat attack on a server? "

Depends on what you are trying to do? Are you the one going to do the "pentest" or hacking?

from a personal perspective, all this equipment can be purchased for a lot cheaper and being "overclocked" is a load of horse hockey. You dont need all of that for any threat vector unless you are trying to break cryptography things. Much less you can always just purchased these items(hak5.org) for cheaper and if you are hiring white hats re-use them.

On a side note, for 1500 euro for a one time hack, heh, sign me up 😛

captaincharisma · Jun 7, 2019

from the way the OP is talking it sounds more like this equipment is being bought off the black market lol

and there is no reason why a NAS would be overclocked.

DRKSKY · Jun 7, 2019

Thanks again for your comments, everyone.

We are undertaking an authorised attack on a server from a large financial services company. Our job is to gain access to the databases and website, to gain control of .php scripts, make changes and export data without detection or alerts to admin. Essentially a spy on the site. I am told that we need to overclock so our hardware is able to gain access without detection. Standard powered hardware would not be able to gain access or crack without triggering alerts to admin. Your thoughts?

The job will be carried out as follows.

1 Attain hardware listed
2 Bring in hardware from a local vendor
3 Install and Pre-Setup Hardware
4 Start working on target by gaining access by SH aka Session Hijacking (Admin Session)
5 Once Admin session is hijacked, Inject RFI module to edit PHP file to send user submitted data to another test email in real time.
6 Remove logs, fingerprints and footprints and traces from target
7 Logout and remove session - Test with few submits
8 Deliver and finalise with the company if the detection has been made
9 Work is done.

I am outsourcing a (supposedly) highly qualified hacker residing in Russia, an expat from Asia. Execution of job is 2 days.

This job is for a large comparison website so a lot of consumer data is being entered and this is the data that is being targetted.

COLGeek · Jun 7, 2019

DRKSKY said:
Thanks again for your comments, everyone.

We are undertaking an authorised attack on a server from a large financial services company. Our job is to gain access to the databases and website, to gain control of .php scripts, make changes and export data without detection or alerts to admin. Essentially a spy on the site. I am told that we need to overclock so our hardware is able to gain access without detection. Standard powered hardware would not be able to gain access or crack without triggering alerts to admin. Your thoughts?

The job will be carried out as follows.

1 Attain hardware listed
2 Bring in hardware from a local vendor
3 Install and Pre-Setup Hardware
4 Start working on target by gaining access by SH aka Session Hijacking (Admin Session)
5 Once Admin session is hijacked, Inject RFI module to edit PHP file to send user submitted data to another test email in real time.
6 Remove logs, fingerprints and footprints and traces from target
7 Logout and remove session - Test with few submits
8 Deliver and finalise with the company if the detection has been made
9 Work is done.

I am outsourcing a (supposedly) highly qualified hacker residing in Russia, an expat from Asia. Execution of job is 2 days.

This job is for a large comparison website so a lot of consumer data is being entered and this is the data that is being targetted.

Over clocking the hardware has no bearing on the likelihood of detection. Who is telling you this? Have you done anything like this before?

USAFRet · Jun 7, 2019

DRKSKY said:
I am told that we need to overclock so our hardware is able to gain access without detection. Standard powered hardware would not be able to gain access or crack without triggering alerts to admin. Your thoughts?

Absolutely false.
An "overclocked NAS box" ? No.

DRKSKY said:
I am outsourcing a (supposedly) highly qualified hacker residing in Russia, an expat from Asia. Execution of job is 2 days.

You are being taken for a ride.

DRKSKY · Jun 7, 2019

COLGeek said:
Over clocking the hardware has no bearing on the likelihood of detection. Who is telling you this? Have you done anything like this before?

No, I am the the coordinator for this job

DRKSKY · Jun 7, 2019

USAFRet said:
Absolutely false.
An "overclocked NAS box" ? No.

You are being taken for a ride.

Why do you say this? do you have experience in web hacking and coding? SQL, RFI and SH?

By the way, he does not claim to be a specialist in hardware, he just requires this list in order to execute the job at hand

COLGeek · Jun 7, 2019

DRKSKY said:
No, I am the the coordinator for this job

I suggest walking away from this project. Nothing seems legitimate in this explanation.

Question hi guys, can you help? are you familiar with this hardware?

It's a trap!

Splendid

It's a trap!

It's a trap!

Cybernaut

Titan

It's a trap!

Expert

Cybernaut

Titan

Titan

Titan

Champion

Glorious

Cybernaut

Titan

Cybernaut

Share this page