lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 7 Aug 2011 03:20:27 +0530 (IST)
From: Max Caps <maxcaps_7@...oo.com>
To: eSploit Guy <satyamhax@...il.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Hacked data on open sale ?

The data you posted seems like the stuff from SRBLCHE.... Seem him around and he's a nice guy. Well coming to think of it his site is currently not selling military data.. Its just maintaining a repository of SQLi sites like the hell lot of sites around... There are sites like thehackernews.com etc which leak out all the dumps to the public that these hackers get...


So why all the fuss?? YouJellyBruh?? =))

Cheers,
MaxCaps

PS:  http://esploit.blogspot.com/p/exploit.html  is from your site right! You sure this is all legal stuff? Trust me you can get into lots of shit cause of this so why create rukus around when others are just having some fun and sharing knowledge.


________________________________
From: eSploit Guy <satyamhax@...il.com>
To: full-disclosure@...ts.grok.org.uk
Sent: Thursday, 4 August 2011 12:45 AM
Subject: [Full-disclosure] Hacked data on open sale ?

Hello List,

I stumbled upon a site selling the below services in January this
year, it was in the news then and many (including me)blogged, tweeted
about it.

Hacking a military website    $150 USD
Hacking an Government website    $99 USD
Hacking Educational website    $66 USD
Hacking Online game website    $55 USD
Hacking forums, shopping carts    $55 USD
Immunity's CANVAS reliable exploit development framework LATEST
VERSION! 2011!    $66 USD
Undetected Private Java Driveby Exploit  $150 Source code and $30 for binary
Fresh shopadmin/forums, USA, UK, AU, DE, Valid Email lists    $10 per 1mb
PHP mailers %100 inbox    $5 USD per 1
Selling Edu/Gov database contain Firstnames, Lastnames, Email,
Country, Address, Phone, Fax details     $20 per 1k
Selling fresh Emails for spam from Edu's websites and shop websites
SQL Injection attacker bot (srb0tv2.0)

Thought it'll go down in a day or so. However, today after nearly 7
months saw the same news in imperva blog, checked the site and found
that it's not only still up and running but even updating frequently !

Apart from selling the services above, this guy also discloses SQL
injection vulnerabilities in major websites including banks,
universities, large corporations and Government organizations :

https://www.playstation.ru/
http://www.playstation.ca/
http://www.hartford.edu/
http://armani.com/
http://www.parliament.gov.bw/
http://www.nbc.org.kh/
http://www.bot-tz.org/
http://www.na.gov.pk/
http://www.presidentofpakistan.gov.pk/
http://www.cbp.gov/
http://www.ad.gov.ir/
http://www.tacp.toshiba.com/
http://labs.oracle.com/

Check out the details here:

http://esploit.blogspot.com/2011/08/open-sale-hacked-data-sqli.html

Regards,
Satyamhax
http://esploit.blogspot.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists