- Apocalipsa dupa Nemessis
- Cand dorinta de afirmare depaseste granitele bunului simt – PaxNwo un leecher ordinar
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac?
- Experiment social II – andimoisescu.ro
- Pentru posteritate
- In curand…
- “Hot” de id-uri messenger
- Chiar ca sunteti retardati
- Ce nu se invata la scoala – Vendetta (6)
- Apocalipsa dupa Nemessis in (103 Visits)
- Ce servicii de mail folositi? in (42 Visits)
- This is the end in (28 Visits)
- Hackersblog.org is now blog.rstcenter.com in (27 Visits)
- Short news in (22 Visits)
- La multi ani România, la multi ani românilor in (22 Visits)
- Azi este ziua userilor hackersblog.org in (15 Visits)
- Raportare vulnerabilitati in (14 Visits)
- Inca o pierdere de timp in (14 Visits)
- Update in (11 Visits)
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac? in (313 Visits)
- Hi5.com coders read this in (37 Visits)
- SMS scam (1) in (28 Visits)
- Phishing Bancpost in (12 Visits)
- Dezinformare sau proasta informare? in (11 Visits)
- Si tentativele de phishing pot fi amuzante in (9 Visits)
- Phishing Raiffeisen cu atasament html in (6 Visits)
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta in (96 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (54 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (49 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (42 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (34 Visits)
- Virusi in clipuri video [how to] in (33 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (29 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (24 Visits)
- Yahoo! redirects - a big issue (with video) in (15 Visits)
- Ca musca in... in (12 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (173 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (114 Visits)
- Yahoo! epic fail - permanent xss unleashed in (90 Visits)
- Telegraph.co.uk hacked, sql injection in (66 Visits)
- RedTube.com ... The Free Sex Video Community in (59 Visits)
- Kaspersky Thailand hacked by TinKode in (48 Visits)
- Conquiztador Hacked Again in (48 Visits)
- Telegraph.co.uk hacked - when will they learn? in (43 Visits)
- Simona Sensual si profilul ei de hi5 in (40 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (39 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (33 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (30 Visits)
- Digital Photocopiers Loaded With Secrets in (26 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (16 Visits)
- Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (11 Visits)
- [Video] The History Of Hacking in (9 Visits)
- OWASP Phishing demo in (9 Visits)
- Christopher "moot" Poole: The case for anonymity online in (9 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (8 Visits)
- Owasp5005 Part1 - New zero-day browser exploits - ClickJacking in (8 Visits)
- Se poate sparge parola de Yahoo? in (347 Visits)
- phpBB.ro hacked in (105 Visits)
- Experiment social in (71 Visits)
- Cand dorinta de afirmare depaseste granitele bunului simt - PaxNwo un leecher ordinar in (61 Visits)
- Oare cum e pana la urma? in (57 Visits)
- "Hot" de id-uri messenger in (53 Visits)
- Concurs fara premii in (52 Visits)
- Forumul Andreei Balan spart in (47 Visits)
- Ce nu se invata la scoala – Vendetta (6) in (45 Visits)
- Experiment social II - andimoisescu.ro in (44 Visits)
Posted on September 27th, 2009
Ok. First let me start with this image http://i34.tinypic.com/zw0x34.png. This image was posted yesterday by TinKode on RST board. But I won’t talk about this now.
Now let’s try something. What is happening if I use https://eset.ro instead of http://eset.ro?
1. I will be redirected to https://partner.axelsoft.ro/partner/
2. After I press “Login” this will show up:
3. Bingo! We have a cookie 
Now let’s see what we have here.
a) a security product website
b) a security product website with login credentials already filled in
c) a security product website with login credentials already filled in, that gives access to anyone in some areas that should stay private.
Probably someone from Eset will tell us that eset.ro is just an partener. But they use Eset logo and we can see in the footer “Copyright © 2008 ESET, LLC si ESET, spol. s.r.o. Toate drepturile rezervate.”
Just take the right conclusions by yourself.
September 27th, 2009 at 12:59 pm
WTF? No hacking? They just hacked themselves and left the door open..
September 27th, 2009 at 3:47 pm
One word : NICE !
September 28th, 2009 at 12:51 pm
Este de plans cand ne gandim ca aceste site-uri promoveaza securitatea.Dar ce securitate promoveaza cand nu se protejeaza pe ei insusi?
October 1st, 2009 at 6:27 pm
Look at the eset staff try to come up with excuse(?) here: http://www.wilderssecurity.com/showthread.php?t=254446
October 4th, 2009 at 3:51 am
@Bob – Yes, it’s a lame excuse used by ALL security vendors when they were hacked. You can see the proof of that right here on hackersblog. Just take a look on our articles about hacked security vendors, and search on Google for their official response. They always say “it was vulnerable just for few hours or a day or two”. This is just PR bullshit, believe me. And btw just take another look at the first link posted in this article. That was a successful hacking intrusion and I heard that few guys still have access to that page because eset.ro staff didn’t realised yet what method was used for this intrusion.
But, and this is very important, i’m pretty sure that eset.ro wasn’t coded (entirely at least) by Eset.com coders. I like nod32 antivirus, I used nod32 AV on my machines from work, and I was very satisfied to see this product working very good.
Eset.ro is just a crappy website, probably coded by some noobs (I hate this word but it’s true in this case), but we can’t judge the entire Eset network/products by looking just at this (bad) example.
October 28th, 2009 at 3:55 am
Um, just one thing. That .ro at the end of the URL marks the sight as a ROMANIAN SITE.
October 29th, 2009 at 1:42 pm
it’s called a TLD (Top Level Domain)