Slater Publishing


#1

Hello, everyone!

As I have mentioned before, I have recently found a potential target during a several-hours-long session of looking for some data scraps about Samsara. During this session, I have hacked into Robinson Nautics' database (it wasn't all that hard to get in there) and searched around a bit. The results were... intriguing.

Apparently, there's a company related to Samsara called "Slater Publishing". It's a small, obscure publishing company which distributes academic journals, all of which had articles praising Samsara's CLDSP (I really don't want to type out the whole thing). Because I was curious, I've tried to hack into Actuarial Site Zeta as well, and while it took an entire day to get in there, it was worth it: I found that Slater Publishing is one of the best customers of Samsara, further increasing my suspicions.

Naturally, I was interested in finding out more about this company. However, apparently they were smart enough to isolate their databases from the 'net, so I couldn't just turn on the computer and get cracking. Thankfully, its headquarters just so happen to be a 5-minute drive away from my home. Convenient, is it not? Anyway, I went there during the night, and found that for a small publisher, it has an awful lot of security. Laser tripwires, cameras, electronic locks, all that.

Thus, I was able to concoct a theory. Slater Publishing's owner (who is apparently pretty paranoid), has found an agreement with Samsara: they would store Samsara's data in their well-protected databases, in exchange for an insurance, so if they get in trouble due to this agreement, they'll get some compensation. Win-win for both sides.


The goal is pretty obvious from here on out. Hack into the security systems, gain access to database, crack into it, gain data. But of course, that's difficult to do when everything is offline and always was. But I have a plan.

I have a little USB stick, with an old, vulnerable version of Google Chrome on it: perfect to make systems crackable from the web. And along with it, I have a lightweight laptop with Bluetooth, and a smartphone which I use as a mobile wi-fi hotspot.

So here's the plan: I'll go to the Slater Publishing HQ and try to plug in the USB stick into the computers there if I can; if I can't, I'll plug it into my own computer and send the old version of Chrome to the systems via Bluetooth. Then, after all's said and done, we can hack into the systems.

As soon as you see this letter, I'll already be at the headquarters. In a few minutes, I'll come here again and send you guys a link so you can gain access to the systems.


So, let's take a quick recap:

I've found a target called Slater Publishing, which is apparently closely related to Samsara Digital, is one of its top customers, and may be holding a large portion of their data. However, their systems are not directly accessible from the web, which forces me to go there myself and install a browser on them so we can crack into them. In a few minutes I'll be posting a link to let you gain access to the systems.

Well, I guess I have to go now. We have no time to waste.

Stay classy.

~hamuka


(OOC: Holy hell that's a large wall of IC text there.)

(Anyway, I've recently made a cluster of 5 levels for those who considered Actuarial Site Zeta a cakewalk, and completed the entire story mode of Exploit in 15 minutes. I'll post a link in a few minutes in another post, just to stay IC (and to make this post that much shorter because oh my god that's a lot of text).)


#2

Hello again, everyone! This is hamuka, reporting in from the HQ of Slater Publishing!

Alright, here's a link to the systems I've found so far:

https://exploitzeroday.com/cluster/ONBxzZ/

The barrier blocking the entrance seems pretty haphazardly put together; looks like they didn't put too much effort into that one. As such, I cracked that one with ease; you can try your hand at it if you want, though. However, the other systems are different: seems like those have elaborate patterns, and are much more difficult than anything I've seen before.

Anyway, I think that if we can break all of these security systems, I could get in the building without anyone noticing, making us able to gain access to the databases holding all of the data. Though those are probably protected with another, even more complicated firewall.

Stay classy.

~hamuka


#3

I just want to say that this is some hardcore stuff. Even their camera control system is complex. This goes beyond paranoia. Are you sure they're just a publishing company?

peace,
sk3tch


The other type of "cracking"
#4

@sk3tch, I'm pretty sure they did some upgrades to their systems after the deal with Samsara, but it's still pretty odd, I have to admit. I guess once we break into the database, we'll find out more about them.

Speaking of which, I've just noticed that some people have already cracked the firewall protecting them. I'll go check out if I can access them by using those breaches.

Stay classy.

~hamuka


#5

Aww, it looks like everybody got in on the fun before I did! I just knocked over Slater's systems again. They're probably pretty tired of the 3am pager wake-up calls at this point...