Monday, January 23, 2012
Wikileaks.org hacked By Rwandan Hackers
Wikileaks official website Hacked by Rwandan Hackers.
And as expected they have found a Cross-site request forgery (CSRF) vulnerability in wikileaks website. Rwandan Hackers also submitted the vulnerable link. To know that link click
DEFACE PAGE:http://wikileaks.org/w/index.php?title=hacked by Rwandan hackers&fulltext=HACKED
Publié par
Rwandan hackers
Saturday, January 21, 2012
Nigeria Gov Website Hacked by Rwandan Hackers
Multiple vulnerability found on www.nphcda.gov.ng and other nigeria gov website,By Rwandan Hackers.there are multiple SQLi vulnerability.
Using the vulnerability an attacker can exploit the entire database and gain illegal access
Using the vulnerability an attacker can exploit the entire database and gain illegal access
Other 5 website hacked http://pastebin.com/YqHvCpLx
deface page :http://nphcda.gov.ng/index2.php?s_id=2&page_id=2
Publié par
Rwandan hackers
Friday, January 20, 2012
Replace Megaupload?
Well girls, we'll stop crying 5 minutes ... There's not that Megaupload in life :-) For us to exchange files (not pirated it, of course ^ ^), we have lots of solutions available. Here is a little review (although opportunistic, I confess ^ ^) Megaupload replacements.
Clones Megaupload
Megaupload is now gone, many of you wrote me to say: "I am perduuuuuuuu". Well, there are really lots of sites that do exactly the same thing as Megaupload. Probably less, sometimes more, and also limit limit if you put the files "eration." Rather than recommend a replacement for Megaupload, I propose a short list of Meta engines that use Google for most allowing you to find what you want on all these strange sites. Oh and while I think your best friend will be in direct download JDownloader.
http://ddlsearch.free.fr/
http://dlseek.free.fr/
http://www.keotag.com/ (very original one)
http://dscargalo.com/
http://www.filestube.com/
http://search.axiomcafe.fr/
http://uprius.com/
http://www.5fox.org/
http://www.buskka.com/
http://www.rsdown.org/
http://www.leechaa.com/
http://www.bioscience.ws/search/sharedfiles/
http://sharedigger.com/
http://rapidsearch.infobind.com/
http://www.daleya.com/
Non-exhaustive list of course, knowing that the largest meta-Engine for direct download is Google. Simply enter quotes part of the download url + keywords. For example, to fire Megaupload, it was:
The newsgroups
Newsgroups, it's fast, it's secure (SSL) but against it is the same as the centralized direct download. In addition, good Usenet are not free. It also requires the installation of software consulting and newsgroups dedicated to downloading files as Sanbzd. The best known service is undoubtedly Giganews newsgroups.
The P2P
Well, you know it all ... This is the best of the best because it's free, it's peer to peer so it is not likely to be cut and it goes fast if there's the seed.
For bittorrent, there is one side software like uTorrent or Transmission and the other sites (very unpopular) as The Pirate Bay or Clear Bits (100% legal). For the network eDonkey, eMule always there but since the arrival of the direct download and shit like Hadopi, the quality of legal content as well as illegal although largely decreased.
After there are lots of different p2p software, tailored to your needs, whether for sharing with family or exchange with max world. And for those who are afraid of being knocked down by the Hadopi nazes home, you have the margin with the first two warnings, then there are always fallback VPN and Proxy that exploded in France with the Hadopi and now relate to their major designers.
USB drives
A former ... what with friends :-)
Conlusion
When I see the dosh that was done Megaupload, I wonder why boxes as Universal and co, do not associate to a legal-like Megaupload with subscription? A kind of direct download from spotify. So they combined the money earned in a traditional way (CD, MP3, Concerts ... etc..) And puffed a big part of the part of the beneficiary that these boxes are all playing on the boundary between file storage and illegal downloading. Same with VOD example.
In short, the ways of the beneficiaries are impenetrable.
Publié par
Rwandan hackers
Thursday, January 19, 2012
Megaupload inaccessible?
Big surprises tonight, Megaupload, the 13th most visited site in the world has been shut down by the FBI and Kim Dotcom, its founder was accused of violating copyright laws. Megaupload would be accused of causing a loss of over $ 500 million to the beneficiaries due to hosting films and other content made available illegally by clients of Megaupload.
How Megaupload has been closed?
I thought that was not Megaupload hosted in the United States, yet it would seem that some of the staff were there. For info, Megaupload is a company based in Hong Kong. According Erebuss (via Twitter) is Carpathia Hosting company that hosts some of the infrastructure Megaupload and this company is located in Virginia. This is also from Virginia came the complaint. Therefore relatively easy for the FBI to shut down the site (or at least, make it inaccessible temporarily) through Carpathia.
The FBI also seized 18 domain names belonging to the Galaxy Mega.
Who was arrested?
They are seven people and two companies (Megaupload Limited and Limited Vestor) who have been indicted in the United States. In the announcement of the FBI, Megaupload is designated as an international criminal enterprise. All these people risk 20 years in prison. Charged are:
Kim Kim Schmitz aka Dotcom or Jim Kim Tim Vestor, CEO of Megaupload, a resident of Hong Kong which I had reported the interview here.
Batato Finn, director of marketing, based in Germany
Julius Bencko, designer living in Slovakia
Sven Echternach, technical director, living between Germany and Hong Kong
Andrus appointed, a Estionien resident in Turkey and Estonia, which is the lead developer of the Galaxy Mega products.
Bram van der Kolk, alias Bramos, a Dutch living between the Netherlands and New Zealand, which manages all the infrastructure network
They were all arrested in New Zealand today, except Bencko Echternach and who are appointed at large.
What is wrong with Megaupload one?
The charges relate mainly to the failure of U.S. law against piracy. For full details, I recommend reading the pavement of the FBI.
Stats Megaupload
According to the FBI, Megaupload, 150 million was recorded (and me and me and me ...) and 50 million visitors per day.
Is Megaupload return?
I doubt it ... saw that Kim was arrested, it seems over ... You can write off your premium subscription.
Do we go to jail because we made a premium account with Megaupload?
Frankly, I do not think ... Unless they start to build a prison for 150 million people of that side, I think we all will be quiet. So do not worry, I'll keep you posted.
Does it have to be sad?
No ... There are still thousands of sites that do exactly the same thing as Megaupload. Some will be afraid and close in the coming days, but others will take the place of Megaupload fairly quickly.
What would replace Megaupload?
I'll let you look ;-) I have published what is on this site.
Wednesday, January 18, 2012
100 Kenya government websites breached by Indonesian hacker
An Indonesian hacker on Tuesday attacked and defaced more than 100 Kenya government websites Among the ministries affected include the Ministries of Local Government, Livestock, Environment, Fisheries, Housing, and Industrialisation in a major cyber security breach. A Kenyan expert aware of the incident said an Indonesian hacker known as direxer was responsible for the hacking.
The hacker, referred to as Direxer, broke into the sites and defaced them to show that he had managed to access them. Others hacked sites are ministries of Finance, Education, Public Health, Youth Affairs, National Heritage and Roads; as well as sensitive departments such as Administration Police, Immigration, Prisons and various city, municipal and county councils. Check List here.
A Cyber Incidence Response Team (CIRT) based at the Communications Commission of Kenya (CCK) has moved into action and was making efforts to restore the affected websites.The CIRT was formed to handle such situations and ensures Kenya's security in cyber space. Officials at the commission said the experts had located the hacker who appears to have a website at http://www.direxer.com/
According to a post on Hacker's Website,He is part of an online Indonesian security forum known as Forum Code Security and says he took down the websites following tutorials from the forum.Such tutorials usually exploit programming errors in code, known as bugs, which have not been fixed.
On his site the hacker said, "and I will carry out attacks on other servers if the Government is still neglecting security. My Security Code on behalf of Indonesia, Security is a necessity."
Publié par
Rwandan hackers
Saturday, January 14, 2012
Multiple vulnerability found in University of Ghana's website
Multiple vulnerability found in University of Ghana's website By Rwandan Hackers. According to him there are non-persistence XSS vulnerability and also SQL-i vulnerability.
Vulnerable Website:-
http://www.ug.edu.gh/
Vulnerable link xss :CLICK HERE
Rwandan hackers are also exposed the Database including Admin credentials (User Name & Password Hash) and other users login details.
Database :-
http://pastebin.com/Guqefc4j
Publié par
Rwandan hackers
URL redirection Vulnerability in Google & Facebook
An open redirect is a vulnerability that exists when a script allows redirectionto an external site by directly calling a specific URL in an unfiltered,unmanaged fashion, which could be used to redirect victims to unintended,malicious web sites. A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect.
A similar vulnerability is reported in Google by "Ucha Gobejishvili ( longrifle0x )". This problem may assist an attacker to conduct phishing attacks, trojan distribution, spammers.
Url: https://accounts.google.com/o/oauth2/auth?redirect_uri=http://rwandan-hackers.blogspot.com
Same vulnerability in Facebook, Discovered by ZeRtOx from Devitel group:
http://www.facebook.com/l.php?h=5AQH8ROsPAQEOTSTw7sgoW1LhviRUBr6iFCcj4C8YmUcC8A&u=http://rwandan-hackers.blogspot.com
Impact of Vulnerability :
The user may be redirected to an untrusted page that contains malware which may then compromise the user's machine. This will expose the user to extensive risk and the user's interaction with the web server may also be compromised if the malware conducts keylogging or other attacks that steal credentials, personally identifiable information (PII), or other important data.
The user may be subjected to phishing attacks by being redirected to an untrusted page. The phishing attack may point to an attacker controlled web page that appears to be a trusted web site. The phishers may then steal the user's credentials and then use these credentials to access the legitimate web site.
Publié par
Rwandan hackers
Sunday, January 8, 2012
SQL Vulnerability Found on Facebook Application
Rwandan hacker found SQL-i vulnerability on Facebook applications
Details of hacking:
Details of hacking:
Database : adminclt_testsite
Database User : adminclt_13@209.68.2.10
MySQL Version : 5.0.67-log
1) AdCode
2) AdTrack
3) Admin_DataStore
4) Admin_User
5) Challenges
6) ChallengesCompleted
7) Comments
8) ContactEmails
9) Content
10) ContentImages
11) FeaturedTemplate
12) FeaturedWidgets
13) Feeds
14) FolderLinks
15) Folders
16) ForumTopics
17) Log
18) LogDumps
19) Newswire
20) NotificationMessages
21) Notifications
22) Orders
23) OutboundMessages
24) Photos
25) Prizes
26) RawExtLinks
27) RawSessions
28) SessionLengths
29) Sites
30) Subscriptions
31) SurveyMonkeys
32) SystemStatus
33) Templates
34) User
35) UserBlogs
36) UserCollectives
37) UserInfo
38) UserInvites
39) Videos
40) WeeklyScores
41) Widgets
42) cronJobs
43) fbSessions
Admin_User
1) id
2) name
3) email
4) password
5) userid
6) ncUid
7) level
User
1) userid
2) ncUid
3) name
4) email
5) isAdmin
6) isBlocked
7) votePower
8) remoteStatus
9) isMember
10) isModerator
11) isSponsor
12) isEmailVerified
13) isResearcher
14) acceptRules
15) optInStudy
16) optInEmail
17) optInProfile
18) optInFeed
19) optInSMS
20) dateRegistered
21) eligibility
22) cachedPointTotal
23) cachedPointsEarned
24) cachedPointsEarnedThisWeek
25) cachedPointsEarnedLastWeek
26) cachedStoriesPosted
27) cachedCommentsPosted
28) userLevel
Publié par
Rwandan hackers
Sunday, January 1, 2012
www.izuba.org.rw database compromised by Rwandan Hackers
Rwandan Hackers found multiple vulnerability on izuba.org.rw.The database has been hacked and exposed by Rwandan hackers
on pastebin.
Database link: http://pastebin.com/xKrumw7z
Publié par
Rwandan hackers
Subscribe to:
Posts (Atom)