|
Full Disclosure
mailing list archives
Re: LulzSec EXPOSED!
From: "McGhee, Eddie" <Eddie.McGhee () ncr com>
Date: Thu, 9 Jun 2011 04:43:40 -0400
Lol wtf is a bugdoor hahaha
-----Original Message-----
From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of
Jen Savage
Sent: 07 June 2011 00:09
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] LulzSec EXPOSED!
ooo ooo speculation time!
- Hacker creates website that offers "free online password management"
- in javascript
- bugdoors it
- collects passwords
- uses passwords
TL;DR: over 9000 lulz were had
-Jen
On Mon, Jun 6, 2011 at 8:26 AM, T Biehn <tbiehn () gmail com> wrote:
LOL @
"A timing attack on ssh passwords over the net?"
and
"I think its just a bruteforce."
-Travis
On Mon, Jun 6, 2011 at 7:58 AM, Gichuki John Chuksjonia
<chuksjonia () gmail com> wrote:
I think its just a bruteforce.
On 6/6/11, Andreas Bogk <andreas () andreas org> wrote:
Excerpts from lulzfail's message of Mo Jun 06 08:39:42 +0200 2011:
Lulzsec == pwnt
I've seen the log you pasted to pastebin. Is this:
* A timing attack on ssh passwords over the net?
* Fake, to distract us from your real 0day?
Andreas
Log:
root () gibson:~# ./1337hax0r 204.188.219.88 -root Attempting too
hax0r root password on 204.188.219.88
h,VhXz<avMm
3xL<l1-_\wC
ffsakTgyc~H
ZZrz,pJrg<B
b{4Bv_Y$$Z6
XDh;vDU-;3>
FB-hvg%g_'t
}qHNvkS"'>g
RNBKvUi5yO|
z`(}v<1^>u&
*V4?vh9#^f2
/R*9vf<h"Z#
9P65vjKhh.N
\rfsv~PhNDz
Bfpv|uhGpy
J%"kvf]hGf0
sY0"v{2hf7p
9dev%Qh6_v
*<Tbv7?h.**
}:lkvV^hN2U
;&5Xv'Sh#}_
MOqpvi_hg+#
Md9/viVh&u7
M(%rvomhb'"
MI"5v_shEVe
M= () ?vl hZge
MPk5v:WhUTe
M=3vvrzh7Te
M&'?v]sh`Te
M/Z,vI1h`Te
M.9>vO$hTTe
Ms!(vY;hpTe
MA)SvYLhnTe
M7eCv () Lh0Te
MkeCvFLh$Te
M'eCv?LhaTe
M&eCvLLh|Te
M*eCv5Lh\Te
MmeCvcLhCTe
MTeCv&LhrTe
M,eCv1LhYTe
MEeCv}LhHTe
M_eCvSLhnTe
MPeCvSLh+Te
M[eCvSLh,Te
MOeCvSLh"Te
M7eCvSLh"Te
MGeCvSLhdTe
M$eCvSLhkTe
MCeCvSLhkTe
MLeCvSLhkTe
M=eCvSLhkTe
M-eCvSLhkTe
MweCvSLhkTe
M=eCvSLhkTe
M3eCvSLhkTe
M6eCvSLhkTe
MreCvSLhkTe
M6eCvSLhkTe
MFeCvSLhkTe
MSeCvSLhkTe
M8eCvSLhkTe
Password hax0rd! root password: M8eCvSLhkTe
root () gibson:~# ssh 204.188.219.88
root () 204 188 219 88's password:
root () xyz:~# hostname; id; w
xyz
uid=0(root) gid=0(root) groups=0(root)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst
and Penetration Tester jgichuki at inbox d0t com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://chuksjonia.blogspot.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C
http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint
=on
http://pastebin.com/f6fd606da
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
|
