Archive for the ‘hax’ Category
Yesterday, the official SourceForge.net blog reported a successful attack on its servers. Today another update post was published and hopefully tomorrow a more detailed one will be released.
So, today SourceForge.net published another blog post (available here) but it doesn’t contain any technical details regarding the attack. They only important point in this post is that the attacker(s) were sniffing for passwords and SourceForge.net suggests that the users should reset their passwords.
Finally, SourceForge.net released a detailed report which you can read here. Unfortunately, the juicy attack details have not been released and we just know that the attacker used a privilege escalation vulnerability to root a SourceForge.net box. Later, using the hacked accounts he attempted to penetrate to other servers. Too bad… I was hoping for a “Full Report“. Anyway…
I have just been informed through Dennis Fisher’s post that Fedora project was compromised using a hacked contributor’s SSH account. However, Fedora Infrastructure Team states that no changes were made by the attacker since they were informed of the compromised account incident fast by the legitimate owner of the account and performed to the required operations.
I was reading the Full-Disclosure mailing list when I came across this thread. I don’t know how valid this is since I didn’t have the opportunity to see it myself and I only got the following screen capture from the mailing list.
From the FD mailing list Juha-Matti Laurio posted the following zone-h mirror of the hack:
Merry Christmas! Today the “Owned and Exposed No.2” was released featuring:
And many many lulz… Enjoy!
I have just been informed via twitter that dumps of the carders.cc, inj3ct0r and free-hack are now publicly available. You can find more information in this URL.
Heh… This week has more disclosed hacks and discovered backdoors than killed bug. :P
This one was disclosed by VUPEN Security and it’s about this PHP project. The backdoor is installed in releases 2.6.11 and 2.6.12 and it’s placed in getTopTen() function located in inc/Faq.php file. For completeness, here is the official VUPEN’s security advisory for this backdoor, and here is the project’s one.
Unfortunately, the backdoored version of the project was removed from the tubes and that’s why the hacked code isn’t part of this post. :(
If you have the source code of inc/Faq.php downloaded between December 4 and 15 and you want me to publish it here, drop me an email.