Empty Blogs/Websites

[L0rd_M@dness]

Has anyone seen some of these hackers claim to have a blog but once you enter the blog there's nothing to see?
It's just an empty page! example: [size=78%]http://www.pyr0.net/[/size] (the source doesnt show anything either)
I don't know if it's common among hackers and I'm probably such a n00b...
What is this for?

[puddi]

secret underground hacking community bro. you need to know the codes that need to be typed after the url.

[iTpHo3NiX]

asdf

[L0rd_M@dness]

lol saw the images. so weird...
why not just establish a blog like a human being?
well I could scan the website and find out the dirs...

http://www.rootcompromise.org/
another one...

Staff Edit
Don't double post. Simply edit your first post please

[s3my0n]

Some use the servers as file stashing servers, and other stuff like FTP, IRC, proxy, etc. idk why you thought it was a "blog", it's just a webserver.

[Daemon]

http://www.rootcompromise.org/
another one...

Idk. Just googled site explorer and all related text was for defcon. I used the second one down, opensite explorer or something. Could be a site they used to redirect traffic to their site and they no longer have the link in place or something. Interesting indeed lol

[L0rd_M@dness]

no it's not just a webserver since the defcon member who owns the url claims it as his BLOG on his official page.
I also remember another one I'd bumped into and on the first page, with giant letters, it had written "This page has been intentionally left empty!" So they use it for some sort of sharing purposes but they also want to keep some sort of privacy...
After figuring that the sites are for defcon members I went to their "Goons" page and explored a bit, and lots of other blogs are also the same way. (not all tho)
I'm also sure that this method is not particular to defcon members cuz I remember seeing other blogs before that were like this and had nothing to do with defcon.

[iTpHo3NiX]

Honestly I would assume they are temporary sites that don't have anything on them perse...

For example take Kevin Mitnick. He avoided getting caught by uploaded all files on various FTP servers so nothing was stored on a local hard drive.

Having a domain name for these are what I find weird.. What would be the purpose? A simple Whois will give information, unless its falsified information:

Code: [Select]

Domain ID:D74786213-LROR

Domain Name:ROOTCOMPROMISE.ORG

Created On:07-Jul-2001 22:58:12 UTC

Last Updated On:02-Jul-2012 18:22:52 UTC

Expiration Date:07-Jul-2014 22:58:10 UTC

Sponsoring Registrar:GoDaddy.com, LLC (R91-LROR)

Status:CLIENT DELETE PROHIBITED

Status:CLIENT RENEW PROHIBITED

Status:CLIENT TRANSFER PROHIBITED

Status:CLIENT UPDATE PROHIBITED

Registrant ID:CR62148012

Registrant Name:Neil Wyler

Registrant Street1:P.O. Box 2356

Registrant Street2:

Registrant Street3:

Registrant City:Layton

Registrant State/Province:Utah

Registrant Postal Code:84041

Registrant Country:US

Registrant Phone:+1.8017736103

Registrant Phone Ext.:

Registrant FAX:

Registrant FAX Ext.:

Registrant Email:nwyler@gmail.com

Admin ID:CR62148016

Admin Name:Neil Wyler

Admin Street1:P.O. Box 2356

Admin Street2:

Admin Street3:

Admin City:Layton

Admin State/Province:Utah

Admin Postal Code:84041

Admin Country:US

Admin Phone:+1.8017736103

Admin Phone Ext.:

Admin FAX:

Admin FAX Ext.:

Admin Email:nwyler@gmail.com

Tech ID:CR62148014

Tech Name:Neil Wyler

Tech Street1:P.O. Box 2356

Tech Street2:

Tech Street3:

Tech City:Layton

Tech State/Province:Utah

Tech Postal Code:84041

Tech Country:US

Tech Phone:+1.8017736103

Tech Phone Ext.:

Tech FAX:

Tech FAX Ext.:

Tech Email:nwyler@gmail.com

Name Server:NS1.BLUEHOST.COM

Name Server:NS2.BLUEHOST.COM

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

Name Server:

DNSSEC:Unsigned
However as said they could be used to store files on a remote server, act as a site to host a shell to attack other sites, part of a DDoS network, etc. There is also the high probability that it is for an SMTP server for secure email. Also there is the option that it could be used for a proxy, etc. There are a lot of options, what the actual use is for idk...

As for pyr0 they are a lot more secure:

Code: [Select]

Registrant:
Domains By Proxy, LLC

DomainsByProxy.com
14747 N Northsight Blvd Suite 111, PMB 309
Scottsdale, Arizona 85260
United States

Registered through: GoDaddy.com, LLC (http://www.godaddy.com)
Domain Name: PYR0.NET
Created on: 15-May-03
Expires on: 15-May-13
Last Updated on: 16-May-12

Administrative Contact:
Private, Registration PYR0.NET@domainsbyproxy.com
Domains By Proxy, LLC
DomainsByProxy.com
14747 N Northsight Blvd Suite 111, PMB 309
Scottsdale, Arizona 85260
United States
(480) 624-2599 Fax -- (480) 624-2598

Technical Contact:
Private, Registration PYR0.NET@domainsbyproxy.com
Domains By Proxy, LLC
DomainsByProxy.com
14747 N Northsight Blvd Suite 111, PMB 309
Scottsdale, Arizona 85260
United States
(480) 624-2599 Fax -- (480) 624-2598

Domain servers in listed order:
NS1.DREAMHOST.COM
NS2.DREAMHOST.COM
NS3.DREAMHOST.COM


Registry Status: clientDeleteProhibited
Registry Status: clientRenewProhibited
Registry Status: clientTransferProhibited
Registry Status: clientUpdateProhibited
So possible reasons for a "blank" [hacker] site

1. Secret Underground Community (invite only usually)
2. Mail Server
3. File Server
4. Proxy Server
5. Exploit Server
6. IRC server/bouncer
6. etc.

Hope that clears some stuff up for you.

My honest opinion for the ones that have a domain name are UG communities, email, and or irc server. For FTP, exploit, etc I wouldn't purchase a domain name.