Archive | 2012

Recent in Site News:
- A Look Back At 2015 – Tools & News Highlights
- A Look Back At 2014 – Tools & News Highlights
- Yes – We Now Have A Facebook Page – So Please Like It!

Related Posts:

Most Read in Site News:
- Welcome to Darknet – The REBIRTH - 36,563 views
- Get the ball rollin’ - 18,990 views
- Slashdot Effect vs Digg Effect Traffic Report - 12,250 views

Get 50% off your second year with our 2-year deal!


TLSSLed v1.2 – Evaluate The Security Of A Target SSL Or TLS (HTTPS) Web Server Implementation

Don't let your data go over to the Dark Side!


When running web application security assessments it is mandatory to evaluate the security stance of the SSL/TLS (HTTPS) implementation and configuration. OWASP has a couple of references the author strongly recommends taking a look at, the “OWASP-CM-001: Testing for SSL-TLS” checks, part of the OWASP Testing Guide v3, and the Transport Layer Protection Cheat Sheet.

There have been several tools to test for SSL and TLS security misconfiguration along the years, but still today, lots of people get the output from all these tools and are not very sure what they need to look at. Apart from the SSL/TLS web application best practices, it is important to also check the security of SSL/TLS at the web platform layer. One such tool is:

SSLyze v0.4 Released – Scan & Analyze SSL Server Configuration

The purpose of the TLSSLed tool (named from the idea of your website being TLS/SSL-ed, that is, using “https;//”) is to simplify the output of a couple of commonly used tools, and highlight the most relevant security findings of any target SSL/TLS implementation. It is based on sslscan, a thorough SSL/TLS scanner that is based on the openssl library, and on the “openssl s_client” command line tool.

TLSSLed is a Linux shell script inspired on ssl_test.sh by Aung Khant, where a few optimizations have been made to reduce the stress on the target web server (sslscan is run only once and the results are stored on a local file), and some tests have been added and tuned.

The current tests include checking if the target supports the SSLv2 protocol, the NULL cipher, weak ciphers based on their key length (40 or 56 bits), the availability of strong ciphers (like AES), if the digital certificate is MD5 signed, and the current SSL/TLS renegotiation capabilities.

New in version 1.2: Mac OS X support, an initial check to verify if the target service speaks SSL/TLS, a few optimizations, and new tests for TLS v1.1 & v1.2 (CVE-2011-3389 aka BEAST).

New in version 1.1: Certificate public key length, the certificate subject and issuer (CA), as well as the validity period. It also checks the existence of HTTP secure headers, such as Strict-Transport-Security and cookies with and without the “secure” flag set.

You can download TLSSLed v1.2 here:

TLSSLed_v1.2.sh

Or read more here.


Posted in: Cryptography, Web Hacking

Tags: , , , , , , , , ,

Posted in: Cryptography, Web Hacking | Add a Comment
Recent in Cryptography:
- DROWN Attack on TLS – Everything You Need To Know
- Dell Backdoor Root Cert – What You Need To Know
- ISIS Running 24-Hour Terrorist Crypto Help-desk

Related Posts:

Most Read in Cryptography:
- The World’s Fastest MD5 Cracker – BarsWF - 47,611 views
- Hackers Crack London Tube Oyster Card - 44,568 views
- WPA2 Vulnerability Discovered – “Hole 196” – A Flaw In GTK (Group Temporal Key) - 32,836 views

Get 50% off your second year with our 2-year deal!


Noted Chinese Hacker Wicked Rose Heading Antivirus Company Anvisoft

Don't let your data go over to the Dark Side!


The latest scandal on the block, it seems like a noted Chinese hacker known as Wicked Rose or Withered Rose is involved with the Antivirus startup Anvisoft. The hackers real name is Tan Dailin and he was previously involved in the hacking of some US defence contractors.

Anvisoft even posted on their official Facebook group a simple response to the original article “Yes it’s true”.

Antivirus startup Anvisoft was founded by an infamous Chinese hacker who allegedly cut his teeth exploiting Microsoft Office security holes to hack US defence contractors, it has emerged.

Investigative journalist Brian Krebs uncovered evidence – largely based on historic domain records for Anvisoft and reports compiled by VeriSign on Chinese hacking activities – to allege that black-hat Tan Dailin established the antivirus startup.

In response to inquiries from The Reg, Anvisoft confirmed via a message from its official Facebook account that the report is accurate. “Yes, it is true,” it simply stated.

Dailin, AKA Wicked Rose or sometime Withered Rose, allegedly led a state-sponsored four-man crew called NCPH – Network Crack Program Hacker. According to VeriSign’s iDefense, NCPH developed a rootkit [PDF] that was used to infiltrate the US defence establishment in 2006. The group is accused of launching Microsoft Office-based attacks for two years before it disbanded in 2008.

Krebs followed various online clues to piece together his tentative conclusion that Dailin, a 28-year-old graduate of Sichuan University of Science and Engineering in Zigong, registered Anvisoft’s domain in 2011, and may still be a key player at the startup.

One of Dailin’s cohorts in NCPH, a hacker nicknamed Rodag, wrote a blog post describing Anvisoft’s Smart Defender as a “security aid from abroad” and praised the technology, Krebs noted.

From Kreb’s research is seems like it could have been Dailin that actually registered the domain for Anvisoft, which would indicate he is a key player in the operation and perhaps even the founder or co-founder.

Even so, the evidence that has been turned up so far is far from conclusive and as well know just because this chap was mixed up in some dubious activity a few years back – doesn’t mean he isn’t ethically sound now. Some of the best ‘whitehat’ security folks have some distinctly grey stains on their hats.


Trademark registration records pinpoint Anvisoft’s genesis in the Chinese city of Chengdu although the company states it is based in Toronto, Canada.

Kreb’s digital detective work, though persuasive, was far from conclusive, which he admits. There is no suggestion of any wrongdoing by Anvisoft.

“Anvisoft may in fact be a legitimate company, with a legitimate product; and for all I know, it is. But until it starts to answer some basic questions about who’s running the company, this firm is going to have a tough time gaining any kind of credibility or market share,” Krebs noted.

Anvisoft’s technology has not been widely reviewed, but that’s not to say it is ineffective or untrustworthy. Against this Trend Micro, alone among mainstream antivirus software, flags up Anvisoft’s Anvi Smart Defender Free setup utility as malign, according to results from VirusTotal.

Western antivirus firms, at least, generally have a policy of not employing former malware writers. Aside for presenting a negative image to potential customers, and sustaining the myth that antivirus firms employ an underground army of virus programmers to ramp up demand for their products, VXers are thought to be ill-suited to life in an antivirus firm.

Not only have they shown themselves to have dubious morals but from a purely practical view the skills required to write a decent antivirus program are not the same as those necessary to construct modern malware.

You can read more by Brian Krebs here:

Infamous Hacker Heading Chinese Antivirus Firm?

Most Western Antivirus companies and providers have a standing ban on hiring people that have been mixed up in blackhat activities or malware creation, more from Sophos here:

Did anti-virus company hire convicted Chinese malware author?

Source: The Register


Posted in: Countermeasures, Legal Issues, Malware, Security Software

Tags: , , , , , , , , ,

Posted in: Countermeasures, Legal Issues, Malware, Security Software | Add a Comment
Recent in Countermeasures:
- PEiD – Detect PE Packers, Cryptors & Compilers
- NAXSI – Open-Source WAF For Nginx
- Defence In Depth For Web Applications

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,981 views
- Password Hasher Firefox Extension - 117,687 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,695 views

Get 50% off your second year with our 2-year deal!


HoneyDrive – Honeypots In A Box

Cybertroopers storming your ship?


HoneyDrive is a pre-configured honeypot system in virtual hard disk drive (VMDK format) with Ubuntu Server 11.10 32-bit edition installed. It currently contains Kippo SSH honeypot. Additionally it includes useful scripts and utilities to analyze and visualize the data it captures. Lastly, other helpful tools like tshark (command-line Wireshark), pdftools, etc. are also present.

In the future more software will be added such as Dionaea malware honeypot and Honeyd.

You can get the latest version (0.1) of HoneyDrive which contains Kippo SSH honeypot and related scripts (kippo-graph, kippo-stats, kippo-sessions, etc). Everything is pre-configured to work.

After downloading the file, you must uncompress it and then you simply have to create a new virtual machine (suggested software: Oracle VM VirtualBox) and select the VMDK drive as its hard disk.

You can download HoneyDrive here:

HoneyBox.7z

Or read more here.


Posted in: Countermeasures, Network Hacking

Tags: , , , , , , , ,

Posted in: Countermeasures, Network Hacking | Add a Comment
Recent in Countermeasures:
- PEiD – Detect PE Packers, Cryptors & Compilers
- NAXSI – Open-Source WAF For Nginx
- Defence In Depth For Web Applications

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,981 views
- Password Hasher Firefox Extension - 117,687 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,695 views

Get 50% off your second year with our 2-year deal!


Hack.me – Build, Host & Share Vulnerable Web Application Code

Don't let your data go over to the Dark Side!


Hack.me is a FREE, community based project powered by eLearnSecurity. The community allows you to build, host and share vulnerable web application code for educational and research purposes.

It aims to be the largest collection of “runnable” vulnerable web applications, code samples and CMS’s online. The platform is available without any restriction to any party interested in Web Application Security: students, universities, researchers, penetration testers and web developers.

Hack.me - Build, Host & Share Vulnerable Web Apps

Features

  • Upload your own code
  • Online IDE for PHP & MySQL
  • Your code hosted in the cloud
  • FREE!!
  • Practice webapp security
  • Isolated enviroment
  • Online: nothing to download!

Safety

Every time you run a new Hackme the site will initiate a new sandbox for you. You will get isolated access to it so that you will always know that the application is safe for you to use. No other students can add malware or exploits in your sandbox. This ensures 99% safety.

What about the 1%? While the team makes the best effort to moderate every and each new web app uploaded on Hack.me, chances are that something can and will slip through. If you are not 100% comfortable to trust us or the Hackme developer, please just run new Hackmes from a virtual machine or from a non production OS.

We have written about a variety of web apps where you can practice your hack-fu such as:

So head over to hack.me and see what you think:

https://hack.me/


Posted in: Advertorial, Exploits/Vulnerabilities, Programming, Web Hacking

Tags: , , , , , , , , ,

Posted in: Advertorial, Exploits/Vulnerabilities, Programming, Web Hacking | Add a Comment
Recent in Advertorial:
- 13 WordPress Security Tips From Acunetix
- Acunetix WVS 10 Released – Keeping Your Website Secure just got Easier
- Double For Your Money With Acunetix Vulnerability Scanner

Related Posts:

Most Read in Advertorial:
- eLearnSecurity – Online Penetration Testing Training - 41,134 views
- Acunetix Web Vulnerability Scanner 6 Review - 15,212 views
- Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements - 15,024 views

Get 50% off your second year with our 2-year deal!


VMWare ESX Source Code Leaked On The Internet

Don't let your data go over to the Dark Side!


Another big source code leak, this time VMWare ESX, software which I’m sure most of the readers here have used at some point (I know I have).

There was a time back in 2006 when VMWare Rootkits seemed like they might be the next big thing, but nothing much ever came out of it.

VMware is playing it down, but I think this is a fairly serious leak – we all know what happens when the bad guys get access to source code – they find lovely new 0day bugs to play with.

VMware has confirmed that the source code for old versions of its ESX technology was leaked by hackers over the weekend – but played down the significance of the spill.

The virtualisation giant said on Sunday that the exposed portions of its hypervisor date back to 2004, and the leak follows the disclosure of VMware source code in April.

“It is possible that more related files will be posted in the future,” Iain Mulholland, VMware’s director of platform security, explained. “We take customer security seriously and have engaged our VMware Security Response Center to thoroughly investigate.”

Mulholland said customers who apply the latest product updates and patches, in addition to following system hardening guidelines, ought to be protected against attacks developed in the wake of the code leak.

“By applying the combination of the most current product updates and the relevant security patches, we believe our customer environments will be best protected,” he said.

A 2MB compressed archive of the software blueprints was uploaded into file-sharing networks and promoted by various tweeters on Sunday. Some of these tweets, posted with the hashtags #Anonymous #AntiSec and #SourcySleazySundays, claimed that the leaked code was the “full VMware ESX Server Kernel”.

Some of the people posting the code were hash-tagging with Anonymous – but there’s been no ‘official’ announcement from any of the Anonymous channels so I doubt it’s really related.

As usual VMWare are saying if you’re using the latest patched version and have applied the ‘hardening measures’ you will be safe. I’d except something nasty to come out of this within the next month or so.


A person going by the name of Stun, who made the source code available, wrote: “It is the VMKernel from between 1998 and 2004, but as we all know, kernels don’t change that much in programs, they get extended or adapted but some core functionality still stays the same.”

The previous VMWare source code leak was accompanied by the publication of the company’s internal emails via Pastebin by someone called Hardcore Charlie. The Anonymous-affiliated hacker claimed the information came from China National Electronics Import and Export (CEIEC), an engineering and electronics company outfit.

VMware said at the time that customers were not necessarily at greater risk as as result of the leak.

Hacktivists, to say nothing of state-sponsored cyber-espionage, have increased the threat of intellectual property theft for high-tech firms. The VMWare case is not unprecedented.

Earlier this year Symantec admitted source code for the 2006-era versions of the following products had been exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere. The security biz took the highly unusual step of advising customers of pcAnywhere to suspend use of the older versions of remote control desktop management software pending the release of a patch, which arrived within days of the warning.

An Indian hacktivist crew called the Lords of Dharmaraja claimed they lifted Symantec’s source code from systems belonging to the Indian government.

One upside is it’s only the kernel, and it is 8 years old (the kernel is from 1998-2004) – but then again the kernel does provide key functionality and kernels don’t change that much. There have been some major leaks of source code in the last couple of years including Symantec and Kaspersky.

Intellectual Property theft from large corporations is becoming a big thing and a very tasty target for hacktivists as source code and development systems don’t tend to be as highly secure as those containing say financial records or purchase transactions.

Source: The Register


Posted in: Legal Issues, Privacy, Programming

Tags: , , , , , , ,

Posted in: Legal Issues, Privacy, Programming | Add a Comment
Recent in Legal Issues:
- FBI Backed Off Apple In iPhone Cracking Case
- TalkTalk Hack – Breach WAS Serious & Disclosed Bank Details
- More Drama About Hillary Clinton’s E-mail Leak – VNC & RDP Open

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,681 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,582 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,592 views

Get 50% off your second year with our 2-year deal!


Web-Sorrow v1.48 – Version Detection, CMS Identification, Enumeration & Server Scanning Tool

Cybertroopers storming your ship?


Web-Sorrow is a PERL based tool for misconfiguration, version detection, enumeration, and server information scanning. It’s entirely focused on enumeration and collecting information about a target server. Web-Sorrow is a “safe to run” program, meaning it is not designed to be an exploit or perform any harmful attacks.

There’s a couple of other tools that focus more on the identification part:

WhatWeb – Next Gen Web Scanner – Identify CMS (Content Management System)
Wappalyzer – Web Technology Identifier (Identify CMS, JavaScript etc.)

There’s also a pretty cool web app I use often which is – http://builtwith.com/

Features

  • Web Services: Identify a CMS and it’s version number, social media widgets and buttons, hosting provider, CMS plugins, and favicon fingerprints
  • Authentication areas: logins, admin logins, email webapps
  • Bruteforce: Subdomains, files and directories
  • Stealth: with -ninja you can gather valuable info on the target with as few as 6 requests, with -shadow you can request pages via google cache instead of from the host
  • AND MORE: Sensitive files, default files, source disclosure, directory indexing, banner grabbing

In some ways it overlaps with other tools too like:

GoLISMERO – Web Application Mapping Tool
Skipfish 1.94b Released – Active Web Application Security Reconnaissance Tool
Nikto 2.1.0 Released – Web Server Security Scanning Tool
Lilith – Web Application Security Audit Tool

But as always, you should try them all and see which ones suits the way you work best.

You can download Web-Sorrow here:

Web-Sorrow_v1.4.8.zip

Or read more here.


Posted in: Hacking Tools, Privacy, Web Hacking

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Privacy, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool
- DNSRecon – DNS Enumeration Script

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,968,747 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,385,063 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 673,829 views

Get 50% off your second year with our 2-year deal!


Hackers Break Into White House Military Network

Don't let your data go over to the Dark Side!


It’s been a while, but hey I’m back! So here’s a news story that caught my eye today – it’s been a while since we’ve reported on a Spear Phishing attack, and guess what? Yes, last time it was also perpetrated by Chinese, but it was targeting Google’s Gmail.

Targeted Phishing Attacks Carried Out On Gmail – Likely From China

This time however the target was a little more serious, the US White House military network (WHMO). It’s pretty scary stuff, if a foreign power was able to take over control of the network used to co-ordinate nuclear attacks..

Hackers reportedly attempted a brazen attack on a White House military network in charge of the president’s nuclear football.

US officials familiar with the incident said unidentified hackers launched an attack early last month on the network used by the White House Military Office (WHMO), an military office in charge of sensitive communications, including systems to send and authenticate nuclear strike commands. The office is also responsible for arranging presidential communications and travel. However it seems only less significant systems were targeted by an assault that was, in any case, ultimately unsuccessful.

An unnamed Obama national security official said: “This was a spear phishing attack against an unclassified network.”

“In this instance the attack was identified, the system was isolated, and there is no indication whatsoever that any exfiltration of data took place,” the official said, the Washington Free Beacon (a Conservative blog that broke the story) reports.

It seems like some people in the White House need some education though if these kind of attacks are getting through, even if no data was actually lost – it’s not a good sign. And why are such critical systems even accessible from the Internet?

Even if the attack failed, it shows that something is very wrong with the architecture and network segregation.


Follow-up reports suggest that a dodgy email with a malicious attachment made it past perimeter defences and onto someone’s desktop, where it might have been opened, and a machine infected. But this machine was quickly identified and isolated before any damage was done.

Rob Rachwald, director of security strategy at Imperva, said the attempted attack should nonetheless act as a wake up call.

“Yet again traditional security software has failed to keep the bad guys out. Enterprise needed to assume that they have been compromised which means we need to detect abnormal access to data and Intellectual Property. This is yet another example of why we need to rethink the current security model and implement a new one that puts cameras on sensitive information.”

The attack was launched from Chinese networks, which by itself doesn’t mean much. However some officials seem to reckon the Chinese military cyber warfare specialists, working as part of a unit called the 4th Department of General Staff of the People’s Liberation Army, or 4PLA, are the most likely suspects behind the attack.

Obviously the Cyber Security Czar that was talked about at the start of the Obama administration isn’t doing a very good job.

It just goes to show how hard it is to secure critical data, and still give people reasonable access rights to it. It’s a constant struggle between security and usability, as security levels increase – usability decreases and everything tends to become a pain in the arse.

Either way it gives some good insights into the fact that the White House needs to get their act together.

Source: The Register


Posted in: General Hacking, Legal Issues, Phishing

Tags: , , , , , , , , , , , , , , ,

Posted in: General Hacking, Legal Issues, Phishing | Add a Comment
Recent in General Hacking:
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS
- Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,167,376 views
- Hack Tools/Exploits - 620,522 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 431,875 views

Get 50% off your second year with our 2-year deal!


CrowdRE – Crowdsourced Reverse Engineering Service From CrowdStrike

Cybertroopers storming your ship?


Reversing complex software quickly is challenging due to the lack of professional tools that support collaborative analysis. The CrowdRE project aims to fill this gap. Rather than using a live distribution of changes to all clients, which has proven to fail in the past, it leverages from the architecture that is being used with success to organize source code repositories: a system that manages a history of changesets as commit messages.

CrowdRE

There’s a great video here, which explains more about CrowdRE and how to get started:

The central component is a cloud based server that keeps track of commits in a database. Each commit covers one or more functions of an analyzed binary and contains information like annotations, comments, prototype, struct and enum definitions and the like. Clients can search the database for commits of functions by constructing a query of the analyzed binary’s hash and the function offset. Different concurring commits for a function are possible; in such cases it is up to the user to decide which commit is better.

This basic concept is sufficient for a collaborative workflow on a per-function basis for a shared binary. One exciting feature is a similarity hashing scheme that considers the basic block boundaries of a function. Each function is mapped on a similarity preserving hash of fixed size. A database query for such a functions similarity hash returns a set of functions sorted by their similarity value, and the analyst can choose amongst them. This is extremely helpful when analyzing variants based on the same code or generations of a malware family, for example.

The CrowdRE client is now freely available as an IDA Pro plugin. CrowdStrike maintains a central cloud for the community to share their commits amongst each other. It is our goal to help building a public database of known, well annotated functions to speed up the analysis of standard components, somewhat similar to what BinCrowd (which is offline nowadays) offered but with support for multiple co-existing commits for the same function. We also supports list-based commit visibility to give users control over who else can see and import their contributions.

You can check out the service here:

https://crowdre.crowdstrike.com/sign-in


Posted in: Hacking Tools, Malware, Programming

Tags: , , , , , , ,

Posted in: Hacking Tools, Malware, Programming | Add a Comment
Recent in Hacking Tools:
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool
- DNSRecon – DNS Enumeration Script

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,968,747 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,385,063 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 673,829 views

Get 50% off your second year with our 2-year deal!


1 Million Accounts Leaked From Banks, Government Agencies & Consultancy Firms

Cybertroopers storming your ship?


Seems like some hactivists have been working hard, 1 million accounsts were leaked over the weekend from some pretty serious sources by the group Team GhostShell – who are affiliated with Anonymous.

It seems like these weren’t particularly complex or technically adept multi-layer attacks, they were carried out via the most common avenue – SQL Injection.

In saying that though, they did yield a massive amount of data with some of the leaked databases providing over 30,000 records.

Hacker collective Team GhostShell leaked a cache of more than one million user account records from 100 websites over the weekend.

The group, which is affiliated with hacktivists Anonymous, claimed they broke into databases maintained by banks, US government agencies and consultancy firms to leak passwords and documents. Some of the pinched data includes credit histories from banks among other files, many of which were lifted from content management systems. Some of the breached databases each contained more than 30,000 records.

An analysis of the hacks by security biz Imperva reveals that most of the breaches were pulled off using SQL injection attacks – simply tricking the servers into handing over a bit more information than they should. “Looking at the data dumps reveals the use of the tool SQLmap, one of two main SQL injection tools typically deployed by hackers,” the company’s researchers explained in a blog post.

It looks like they even used off the shelf software too, if you look at the dumps you can actually see some references to sqlmap – which is a pretty powerful tool.

You can check it out in the analysis by Imperva here:

Analyzing the Team GhostShell Attacks

It seems like all the apps attacked were PHP CMS type web applications, there’s no information if they were all using the same platform though.


Team GhostShell said the online leaks, which are part of its Project Hellfire campaign, were made in protest against banks and in revenge for the rounding up of hacktivists by cops and government agents.

The team said it worked with other hacking crews, MidasBank and OphiusLab, on the attacks – and claims to have accessed a Chinese technology vendor’s mainframe, a US stock exchange and the Department of Homeland Security. It plans to offer access to these compromised systems to hackers who have the chops to handle them.

In a statement, the group threatened to carry out further attacks, leak more sensitive data and generally unleash hell.

“All aboard the Smoke & Flames Train, Last stop, Hell,” Team GhostShell wrote. “Two more projects are still scheduled for this fall and winter. It’s only the beginning.”

Team GhostShell is lead by self-proclaimed black hat hacker DeadMellox.

The leaks are part of the Project Hellfire campaign and the collective claims it will be ongoing and more attacks will follow. You can check out the leader on Twitter here @DeadMellox.

You can see a list of all the leak files here and the manifesto by Team GhostShell – http://pastebin.com/BuabHTvr.

Source: The Register


Posted in: Database Hacking, Exploits/Vulnerabilities, Legal Issues

Tags: , , , , , , , , , , , , ,

Posted in: Database Hacking, Exploits/Vulnerabilities, Legal Issues | Add a Comment
Recent in Database Hacking:
- Onapsis Bizploit v1.50 – SAP Penetration Testing Framework
- OAT – Oracle Auditing Tools For Database Security
- ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security

Related Posts:

Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 75,963 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 54,294 views
- SQLBrute – SQL Injection Brute Force Tool - 40,533 views

Get 50% off your second year with our 2-year deal!