29 marzo 2011

Facebook and Twitter Valuations May Show a New Tech Bubble

28 marzo 2011

Facebook and Twitter Valuations May Show a New Tech Bubble

[C#] Another proof of Hack from Comodo Hacker

Check out this website I found at pastebin.com

A message from Comodo Hacker

Check out this website I found at pastebin.com

27 marzo 2011

MySQL.com compromised | Sucuri

MySQL.com (the official site for the MySQL database) was compromised via (shocking!) blind SQL injection. A post was sent today to the full disclosure list explaining the issue and dumping part of their internal database structure.

Vulnerable Target : http://mysql.com/customers/view/index.html?id=1170
Host IP : 213.136.52.29
Web Server : Apache/2.2.15 (Fedora)
Powered-by : PHP/5.2.13
Injection Type : MySQL Blind
Current DB : web

So their customer view application was used as the entry point, where the attackers were able to list the internal databases, tables and password dump…

What is worse is that they also posted the password dump online and some people started to crack it already. Some of the findings are pretty bad, like that the password used by the MySQL director of product management is only 4 numbers (6661).

We will post more details as we learn more about it.


Share0  0share0shareNew


Full Disclosure: MySQL.com Vulnerable To Blind SQL Injection Vulnerability

fulldisclosure logo

Full Disclosure mailing list archives

MySQL.com Vulnerable To Blind SQL Injection Vulnerability From: Jack haxor <jackh4xor () h4cky0u org>
Date: Sun, 27 Mar 2011 05:46:30 +0000
--------------------------------------------------------------------------------------- [+] MySQL.com Vulnerable To Blind SQL Injection vulnerability [+] Author: Jackh4xor @ w4ck1ng [+] Site: http://www.jackh4xor.com ---------------------------------------------------------------------------------------  About MySQL.com : --------------------------------------------------------------------------------------------------------------------  The Mysql website offers database software, services and support for your business, including the Enterprise server,  the Network monitoring and advisory services and the production support. The wide range of products include: Mysql  clusters, embedded database, drivers for JDBC, ODBC and Net, visual database tools (query browser, migration toolkit)  and last but not least the MaxDB- the open source database certified for SAP/R3. The Mysql services are also made  available for you. Choose among the Mysql training for database solutions, Mysql certification for the Developers and  DBAs, Mysql consulting and support. It makes no difference if you are new in the database technology or a skilled  developer of DBA, Mysql proposes services of all sorts for their customers.  --------------------------------------------------------------------------------------------------------------------    Vulnerable Target  :   http://mysql.com/customers/view/index.html?id=1170 Host IP                  :   213.136.52.29 Web Server           :   Apache/2.2.15 (Fedora) Powered-by           :   PHP/5.2.13 Injection Type        :   MySQL Blind Current DB             :   web  Data Bases:      information_schema bk certification c?ashme cust_sync_interim customer dbasavings downloads feedback glassfish_interface intranet kaj license_customers manual manual_search mem mysql mysqlforge mysqlweb news_events partner_t?aining partners partners_bak phorum5 planetmysql qa_contribution quickpoll robin rp sampo sampo_interface sessions softrax softrax_interim solutions tco test track track_refer wb web web_control web_projects web_training webwiki wordpress zack  Current DB: web  Tables  xing_validation         v_web_submissions       userbk  user_extra       user  Columns: cwpid version lead_quality sfid industry address2 created last_modified lang notify newsletter gid title  fax cell phone country zipcode state city address business company position lastname firstname passwd verified bounces  email user_id  us_zip_state    us_area_state   unsub_log       trials  trial_external_log      trial_data      trial_alias     training_redirect       tag_blacklist   tag_applied     tag     support_feeds_DROP      support_entries_DROP    states  snapshots_builds        snapshots       sakilapoints    regions         quote_customer  quote   quicklinks      promo   product_releases        position        partner         paper_lead      paper_details_options   paper_details_old       paper_details   paper   newsletter_unsub        nav_sites       nav_items       mysql_history   mirror_status   mirror_country  mirror_continent        mirror  mailing_list_member     mailing_list    locks   lead_validity_rules     lead_source_xref        lead_source_external    lead_source     lead_routing_rule       lead_rep        lead_old        lead_note       lead_extra_old  lead_extra_new  lead_extra      lead_companies  lead_campaign_member    lead    language_strings        language_modules        imagecache      hall_of_fame    g_search_term   g_search_data   g_blog_data     forum_comment   forms   field_xref      field_options   field_match     email_blacklist         email_a_friend  drpl_manual_review      drpl_denied     drpl_check_log  drpl_cache      customer_meta_sets      customer_meta_set       customer_meta   customer        coupon_product  coupon_campaign_attribute       coupon_campaign         coupon  country         countries       campaign_type   campaign_topic  campaign_score  campaign_listdata       campaign_detail         business        bounces          Database : mysql Table:  user_info      user     Column: Update_pri Insert_priv Select_priv Password User Host  time_zone_transition_type     time_zone_transition     time_zone_name     time_zone_leap_second     time_zone     tables_priv     slow_log     ?ervers     procs_priv     proc     plugin     ndb_binlog_index     inventory     host     help_topic     help_relation     help_keyword     help_category     general_log     func     event     db     columns_priv   # mysql.user Data  Password                                      User            Host wembaster     % monitor     10.% sys             % sys             localhost *06581D0A5474DFF4D5DA3CE0CD7702FA52601412     forumread     % *0702AEBF8E92A002E95D40247776E1A67CD2CA3F     wb             % *2A57F767D29295B3CB8D01C760D9939649483F85     flipper     10.% *32F623705BFFFE682E7BD18D5357B38EF8A5BAA9     wordpress     % *66A905D4110DF14B41D585FDBCE0666AD13DD8C1     nagios             % *704EB56151317F27573BB4DDA98EDF00FFABAAF8     root             localhost *ED1BDC19B08FD41017EE180169E5CEB2C77F941A     mysqlforge     % *FD75B177FFEC3590FE5D7E8459B3DDC60AE8147B     webleads     10.% 00680dd718880337                             olof             % 077f61a849269b62     qa_r     % 077f61a849269b62     qa_rw     % 077f61a849269b62     qa_adm     % 0c2f46ba6b87d4ea     trials_admin     10.% 1856b9b03b5a6f47     cacti     % 19519e95545509b5     certification     % 1a39dcad63bbc7a6     gf_mschiff     % 2277fd7d562ec459     webslave     localhost 2277fd7d562ec459     webslave     % 304404b114b5516c     planetmysql_rw     % 35e376451a87adb0     planetmysql_ro     % 4e203d581b756a93     webmaster     localhost 4e203d581b756a93     webmaster     % 4e93479179a8ec93     sysadm     % 575ec47e16c7e20e     phorum5     % 575ec47e16c7e20e     lenz     % 5f340ec40a706f64     robin     % 61113da02d2c97a5     regdata     % 616075f256f111ba     myadmin     10.100.6.44 61711eea3de509ac     merlin     127.0.0.1 6302de0909a369a1     ebraswell     % 6b72b2824cc7f6fe     mysqlweb     % 6ffd2b17498cdd44     zack     % 70599cf351c6f591     repl     % 740284817e3ed5a8     webwiki     % 74c5529b41a97cc2     web_projects      Databsae: web_control  Table: system     system_command     service_request     run_control     request_daemon     rebuild_server     rebuild_queue     rebuild_control     quarterly_lead_report     newsletter_log     newsletter_control     ips     hosts  Columns:notes description name dns_servers Columns: name internal ip   Database: certification  Tables: signup     corpcustomers     certexamdata     certcandidatedata     certaccess   Database: wordpress  Tables:  wp_4_term_taxonom     wp_4_term_relationships     wp_4_posts     wp_4_postmeta     wp_4_options     wp_4_links     wp_4_comments     wp_3_terms     wp_3_term_taxonomy     wp_3_term_relationships     wp_3_posts     wp_3_postmeta     wp_3_options     wp_3_links     wp_3_comments     wp_2_terms     wp_2_term_taxonomy     wp_2_term_relationships     wp_2_posts     wp_2_postmeta     wp_2_options     wp_2_links     wp_2_comments     wp_1_terms     wp_1_term_taxonomy     wp_1_term_relationships     wp_1_posts     wp_1_postmeta     wp_1_options     wp_1_links     wp_1_comments     wp_11_terms     wp_11_term_taxonomy     wp_11_term_relationships     wp_11_posts     wp_11_postmeta     wp_11_options     wp_11_links     wp_11_comments     wp_10_terms     wp_10_term_taxonomy     wp_10_term_relationships     wp_10_posts     wp_10_postmeta     wp_10_options     wp_10_links     wp_10_comments     remove_queries    Database: bk  Table: wp_backupterm_taxonomy     wp_backupterm_relationships     wp_backupposts     wp_backuppostmeta     wp_backupoptions     wp_backuplinks     wp_backupcomments   ----------------------------------------------------------------------------------- Signed : Jackh4xor !   Greetz : rooto, Mr.52, zone-hacker, w4ck1ng  (In)Security -------------------------------------------------------------------------------------
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

  By Date  

     

  By Thread  

Current thread:
  • MySQL.com Vulnerable To Blind SQL Injection Vulnerability Jack haxor (Mar 27)

09 marzo 2011

Facebook Is AOLifying the Internet&mdash;and That Sucks

Sam BiddleFacebook Is AOLifying the Internet—and That Sucks

When an entire generation of computer users first poked our doe-eyed faces onto a young internet, many of us were greeted with a single, encompassing, monolithic face peering back: the AOL Home Screen. To call it a young internet isn't even fair—it was a mature, thriving AOL. It was ubiquitous, it was powerful, it was everything—and it ended up destroying itself, too flawed by design to last. And someone's trying to rebuild the Death Star.

How do we know nobody's learned shit since the days of the 56k Hindenburg? News like Warner Bros' decision to rent movies—starting with The Dark Knight—directly through Facebook. News like Rovio putting Angry Birds onto perhaps the only platform other than my dead grandfather's typewriter that doesn't yet support it—yup, Facebook. Which is just, really, wonderful! If there's one thing the internet is lacking right now, it's yet another fucking place to rent a movie for 48 hours for several bucks or play god damned Angry Birds. And it adds up—Facebook is reaching its tendrils into every single thing we like about the internet, far, far beyond the actual reasons we rolled up to Zuckerberg's site in the first place. IMing? Check. Email? Check. Photo sharing? Check. Apps? Check. Location check-ins? Yup. Twitter ripoff status updates? But of course! What Facebook hasn't stuffed into its maw by its own will, it's given developers plenty of incentive to do so themselves. The consequence? Over a decade after the web portal stopped making sense, Facebook is trying to assemble itself, like some ill-conceived Voltron, into the next.

After AOL began its decade-long implosion, gradually descending out of relevance, the real internet sprang up in the fertile mush that'd been left behind. AOL was hemorrhaging money like a hemophilic boxer, but the rest of us were having too much fun with the tools we'd be introduced to by this collapsing corpse to notice. IMing, emailing, video, websites, games—AOL didn't invent any of these things from thin air, but it brought them all together in one convenient (when you had a dial tone), hideously-90s Mecca. It was easy! It was slow! It was familiarly and comforting—and stifling. AOL's vision of the online world was what AOL deemed worthy of its walled topiary garden. It was closed—locked up tight. Integrated tightly, but, in retrospect, really pretty mediocre.

Now, I hear you: Facebook is different from AOL in at least two major ways. We're not saying these two things are exactly the same. Facebook is social, and we believe in a social internet because you can't fake the kind of content and recommendations that come from your friends. That's the engine in Facebook's growth. And secondly, Facebook is far from being as closed as AOL was, since it's a platform other companies can use. AOL didn't have either of those. But Facebook's still mediocre! Even if they're outsourcing a lot of that mediocrity (Dark Knight movie rentals) while keeping some of it in house (All of Facebook's messaging and whatever clones of popular services they're currently building). Even if it's your friends who are spamming you with next generation super pokes.

It's also mediocre, because no company online can be good at everything and so it's always ugly when they try. Which is why the the internet is great—we get to choose! Sites specialize! Want a trillion clips of obscura? YouTube! Want gorgeous music videos and mini-docs? Vimeo! Want to stream moves to every box and handset under the sun? Netflix is terrific!

But no. Facebook, realizing it has at least a few daily minutes of the attention of the most attention-impoverished step in our species' history, wants to be everything. It wants to be Netflix, it wants to be your Xbox, it wants to be Foursquare, it wants to be Gmail—Facebook wants to be the internet. Will you let it?

Illustration by Contributing Illustrator Sam Spratt. Become a fan of his Facebook Artist's Page and follow Sam on Twitter

08 marzo 2011

French Ministry hit by hacker attack, targeting secret G20 plans | Naked Security

Eiffel TowerThe French Ministry of Finance has reportedly confirmed that it has become the victim of an internet attack, targeting documents related to the French presidency of the G20 and international economic affairs.

Paris Match magazine, which broke the story, claims that more than 150 computers at the ministry have been infilitrated by hackers since December, and numerous documents stolen.

Budget Minister Francois Baroin confirmed in a radio interview that an investigation was taking place into the attacks, claiming that it was "probably the first time" that the French government's computer systems had been hit on such a scale. He told Europe-1 that it was documents about the G20 that especially interested the hackers.

France holds the rotating leadership of the G20 this year and is hosting a series of meetings aimed at improving relations among the world's top economies, including the US and China.

France holds the presidency of the G20 this year, and is hosting meetings designed to improve relationships between the world's top economies. No doubt such hacking reports are sending a shiver down the spine of staff who work at the ministry building known to most people as Bercy.

Paris Match report

According to the report, hackers were able to break into the Ministry's computers after emailing a malicious Trojan horse to users. Once the users were fooled into running the dangerous code, the hackers could access the computers remotely via a backdoor.

Inevitably the finger of suspicion is likely to point towards China for the hacking attack, but I think it's dangerous to conclude that a hack was state-endorsed unless there's definitive proof.

The truth is that proving the origin of a hack attack is complicated by the fact that cybercriminals can use compromised PCs owned by innocent people to act as a go-between when trying to break into someone's computer. In other words - yes, a Chinese computer might have tried to connect to yours, but it may be under the control of someone in, say, Great Britain.

We'd be naive to think that the Chinese (and just about every other country around the world) isn't using the internet for its political, commercial and military advantage, but we should be very cautious about making assumptions without having all the proof in front of us.

04 marzo 2011

Wordpress Denial of Service Attack Also Reveals New Economies of Scale Impacts - Haydn Shaughnessy - Re:thinking Innovation - Forbes

The lessons any business can learn: There is a new kind of scale out there. The historical mix of resources – capital, people, raw materials, knowledge are giving way to platforms that introduce new economies of scale as well as new vulnerabilities. People continue to speculate about the source of the denial of service attack – an emerging view is that it is a pro-Government attack from a regime where protesters are using Wordpress to gather support and distribute information. The impact of new economies of scale however is becoming more visible. Platform-based businesses, business that enable people (developers, customers, opinion formers) at low cost, are having a huge effect on the world around us.