- Apocalipsa dupa Nemessis
- Cand dorinta de afirmare depaseste granitele bunului simt – PaxNwo un leecher ordinar
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac?
- Experiment social II – andimoisescu.ro
- Pentru posteritate
- In curand…
- “Hot” de id-uri messenger
- Chiar ca sunteti retardati
- Ce nu se invata la scoala – Vendetta (6)
- Apocalipsa dupa Nemessis in (166 Visits)
- Ce servicii de mail folositi? in (87 Visits)
- This is the end in (85 Visits)
- Hackersblog.org is now blog.rstcenter.com in (58 Visits)
- Raportare vulnerabilitati in (58 Visits)
- News in (55 Visits)
- La multi ani România, la multi ani românilor in (55 Visits)
- Un nou membru in (54 Visits)
- De reţinut in (54 Visits)
- So... lol in (51 Visits)
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac? in (781 Visits)
- SMS scam (1) in (97 Visits)
- Hi5.com coders read this in (94 Visits)
- Dezinformare sau proasta informare? in (78 Visits)
- Si tentativele de phishing pot fi amuzante in (76 Visits)
- Phishing Bancpost in (74 Visits)
- Phishing Raiffeisen cu atasament html in (71 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (228 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (188 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (164 Visits)
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta in (162 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (154 Visits)
- Virusi in clipuri video [how to] in (148 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (130 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (127 Visits)
- Ca musca in... in (87 Visits)
- Internet vs. privacy (1) in (60 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (738 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (544 Visits)
- RedTube.com ... The Free Sex Video Community in (186 Visits)
- Yahoo! epic fail - permanent xss unleashed in (155 Visits)
- In atentia BitDefender.com, SQL Injection in (149 Visits)
- Telegraph.co.uk hacked, sql injection in (138 Visits)
- No comment - o2.co.uk (forum) in (136 Visits)
- Facebook hacked - sql injection in (131 Visits)
- eJobs.ro si peste 1.300.000 de conturi cu date personale in (130 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (124 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (97 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (94 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (71 Visits)
- Digital Photocopiers Loaded With Secrets in (63 Visits)
- [Video] The History Of Hacking in (47 Visits)
- Christopher "moot" Poole: The case for anonymity online in (45 Visits)
- OWASP Phishing demo in (34 Visits)
- Owasp5005 Part1 - New zero-day browser exploits - ClickJacking in (33 Visits)
- Email Security - Why You Should Encrypt Your Email - Part One in (32 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (31 Visits)
- Se poate sparge parola de Yahoo? in (755 Visits)
- Forumul Andreei Balan spart in (309 Visits)
- phpBB.ro hacked in (291 Visits)
- Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (153 Visits)
- Experiment social in (145 Visits)
- Experiment social II - andimoisescu.ro in (136 Visits)
- Doua cu Netbridge si una cu Hi5 in (115 Visits)
- Site-ul Inspectoratului General al Politiei Romane (igpr.ro) a fost spart in (110 Visits)
- Cand dorinta de afirmare depaseste granitele bunului simt - PaxNwo un leecher ordinar in (110 Visits)
- Ce nu se invata la scoala – Vendetta (6) in (107 Visits)
Archive for February, 2009
Posted on February 19th, 2009
We would like to provide you with an update on the vulnerability reported yesterday, on hackersblog.org, for the emea.symantec.com website. Upon thorough investigation, we have determined that the Blind SQL Injection is, in fact, not effective. The difference in response between valid and injected queries exists because of inconsistent exception handling routine for language options.
Thanks again for notifying us of the issue. We will have the modified page up again soon with better exception handling.
HackersBlog note: We appreciate and support this type of response from a company, more so a vendor! This could help other organisation see and understand that the best way to approach things is by open communication and dialog.
Posted on February 18th, 2009
An unsecure parameter in the ddc section (Document Download Centre – The Norton Resource Centre for Resellers), being vulnerable to sql injection, permits access to their databases. The irony of the situation is that it’s done on https , on a login page , a page that promotes security products like Norton AntiVirus 2009 and Norton Internet SECURITY. What can I say: nice advertising , an sql injection in the page that promotes those products. I’ve sent emails to Symantec. Although, again, on the website there is no contact email address for cases such as this, I’ve sent an email to webmaster@symantec.com and security@symantec.com. The email didn’t bounce, so someone must have received it. No answer as of yet.
Let’s see what we’re talking about. In most blind sql injection cases not much info can be shown in pictures. Being blind the injection doesn’t return any results. I’ve made 3 print screens showing the base tests for a blind sqli.
From the first picture we see that by adding to the vulnerable parameter the normal condition AND 1=1 and the webpage loads normally.
In the picture I’ve highlited the text that will dissapear when the false condition AND 1=2 is inserted in the query.
The text has dissapeared. The condition for a blind sqli to be exploited is that the SELECT function must be enabled. That means that adding to the parameter AND (SELECT 1)=1 the content won’t dissapear because the query will return TRUE.
A little information about the server: WEB APP. Technology: PHP 5.2.6, Apache, comment injection fingerprint(Database Version): MySQL 5.0.22. I’m waiting for the problem to be solved and maybe after that I will post more detailed info.
RO Version:
Posted on February 17th, 2009
news, analysis, opinion and breaking news… and a sql injection vulnerability. International Herald Tribune is the global edition of the New York Times. A site and newspaper read by millions world wide.
I discovered an unsecured parameter which allows access to the data base.
Lets see the version, user and name of the database as well as all the other available data bases.
I will continue with other newspapers soon.
Romanian version:
Posted on February 17th, 2009
//Geeks talking//
Loading….
… waiting to receive a response from the new affected websites.
//End of geeks talking//
Sorry for this delay between articles but we must give people a chance to patch the vulns.
Hint: next article is about a sql injection in a big (international) newspaper website.
Posted on February 15th, 2009
Ce spune un “expert” roman in privinta atacurilor ddos? Ca umple banda de net alocata unui server.
Domnu’ “expert”, in cazul atacurilor dc++ nu teava de net este problema. Iar aici era vorba de un blog ce a avut de suferit in urma unui atac dc++. Ia duceti-va dumneavoastra frumos si puneti mana pe carte sa mai invatati chestii noi inainte de a induce in eroare lumea din fata televizorului.
P.S. – nu stiu daca “expertul” era un simplu reporter sau vreun angajat din domeniul IT dar paralelismul e in ambele cazuri la fel de penibil.
English version
Here is a romanian “expert’s” opinion about DDOS attacks: It fills up your bandwidth!
Posted on February 15th, 2009
Deoarece de nenumarate ori am vorbit despre rol.ro , despre insecuritatea bazei lor de date nu voi mai dezbate pe larg subiectul.
Deoarce de nenumarate ori am vorbit despre nesimtirea lor pentru modul cum isi trateaza userii, pe cei inregistrati , din moment ce iar permit full acces la baza de date, la datele personale ale acestora, acum doar voi mai trage inca un semnal de alarma. Degeaba le-am trimis emailuri –din auzite si altii au mai facut asta– n-au luat nicio masura concreta. Au securizat doar parametrul semnalizat , fara sa ia cea mai banala masura de siguranta: sa interzica functia select, union sau and. Din nou o singura interogare afiseaza pana in 10.000 de rezultate, randuri de date.
Din poza se vad denumirile bazelor de date de pe server. Mai pe romaneste se pot accesa toate sectiunile ce tin de rol.ro (antivirus, bancuri, bilete, bursa, calendar, cazare, gsm, imobiliare, jocuri, forum, ziare, turism, vremea,etc..TOT)
Userii chiar n-au nicio vina, asa ca nu voi mai publica poze cu datelel lor personale. In schimb voi arata fara blurare parolele de logare a userilor mysql
Posted on February 15th, 2009
This is just a message for the bitdefender team. Full story about a new sql injection in bitdefender.com will be posted soon.
Este frustrant si foarte enervant in aceasi timp ca o firma de talia bitdefender.com nu are o adresa email de contact pe site. In sectiunea contact us se pot trimite cateva randuri catre webmaster , de exemplu. Am si trimis. Raspuns n-am primit. Si vulnerabilitatea semnalata persista. Asa , stiind ca ne citesc, ii voi anunta pe aceasta cale, au un parametru vulnerabil, care de data asta nu este pe vreun site partener, ci insasi pe site-ul companiei. Un parametru care permite acces la baza de date. Nu voi publica prea multe, astept rezolvarea problemei. Parametrul vulnerabil este in sectiunea news, care se comporta cam ciudat la banalul test sqli.
AND+1=1 true
AND+1=2 false
SELECT -ul nu este interzis
Si cateva date despre server:
back-end DBMS: PostgreSQL
web server operating system: Linux Red Hat Enterprise 4 (Nahant)
web application technology: PHP 4.3.9, Apache 2.0.52
English version
It is frustrating and very annonying for a company the size and fame of BitDefender to have no contact email address on their website.
On their contact link, you can send a few words to the webmaster, which I did and to which I didnt get any reply. And the vulnearbility persists.
Posted on February 13th, 2009
Nu mi-a venit sa cred cand am deschis azi (11-02-2009) mailul si am vazut ce vulnerabilitate a raportat Sorin in siteul munca.ro. Pe pagina de listare a joburilor dintr-un anumit domeniu exista un hidden field sqlJoburiFormular care contine query-ul complet ce urmeaza a fi executat:
Valoarea field-ului poate fi modificata cu usurinta prin diverse metode: FireBug, TamperData, headere modificate, etc. Astfel se poate introduce orice query… INSERT-uri, UPDATE-uri, SHUTDOWN, etc
E plin de parametri vulnerabili peste tot in site, i-am anuntat si eu si poate si Sorin, nici un raspuns.
English version
I could not believe my eyes when I checked my email today and saw the vuln I got from Sorin this morning.
On munca.ro on a certain page listing the jobs there is a hidden field sqlJoburiFormular which contains the complet query that is going to be executed:
Posted on February 11th, 2009
English version:
After Kaspersky and BitDefender, it’s now time for F-Secure.com … vulnerable to SQL Injection plus Cross Site Scripting. Fortunately, F-Secure doesn’t leak sensitive data, just some statistics regarding past virus activity.
Exposed database tables:
MailboxInfo, VirusUpdated, dtproperties, Country, sysconstraints, VirusTrends, Virus_Top50_24h, Virus_Top50_30days, Virus_Top50_7days, Virus_Top50_90days, Virus_Top50_Month, Virus_Top50_Week, VirusDateTotal, VirusDate, VirusMonthTotal, VirusReports, VirusReportsTemp, VirusTrends.
Screenshots:
SQL Injection (SQL Server info / Extracting table names):
Cross Site Scripting (XSS):
=========================================================
Romanian version:
Dupa Kaspersky si BitDefender, a venit timpul si celor de la F-Secure.com… vulnerabil la SQL Injection si la atacuri de tip Cross Site Scripting. Din fericire, cei de la F-Secure nu au scurgeri de informatii sensibile, doar cateva statistici referitoare la raspandirea virusilor din ultima perioada.
Posted on February 11th, 2009
Mesajul complet era “Imi place **** la nebunie. RST Power!”, iar mesajul pe care il stergea de fiecare data senzuala se afla in contul ei de mail, acolo pe la signature. Greu de rezolvat pentru o blonda experta in matematica. Cei de la RST sunt nemernicii nesimtiti care au indraznit sa faca asa ceva.
Detalii obtinute de la cei care au facut-o:
Metoda folosita: xss
Mailul era desigur @yahoo.com.
Parola de pe hi5 a fost obtinuta prin simpla folosire a optiunii de recuperare a parolei, parola ce a venit in mailul Simonei, mail in care deja baietii de la RST aveau acces. Pfiuu ce greu a fost de explicat.
Imi cer scuze ca am pus un asemenea specimen pe blog dar sper sa intelegeti ca are legatura directa cu ce repetam noi la nesfarsit.