lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <04F61F8A4F40C7408D3A33BAE7828357F3272BD102@susday214.corp.ncr.com>
Date: Thu, 9 Jun 2011 04:43:40 -0400
From: "McGhee, Eddie" <Eddie.McGhee@....com>
To: Jen Savage <savagejen@...il.com>, "full-disclosure@...ts.grok.org.uk"
	<full-disclosure@...ts.grok.org.uk>
Subject: Re: LulzSec EXPOSED!

Lol wtf is a bugdoor hahaha 

-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Jen Savage
Sent: 07 June 2011 00:09
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] LulzSec EXPOSED!

ooo ooo speculation time!

- Hacker creates website that offers "free online password management"
- in javascript
- bugdoors it
- collects passwords
- uses passwords

TL;DR: over 9000 lulz were had

-Jen

On Mon, Jun 6, 2011 at 8:26 AM, T Biehn <tbiehn@...il.com> wrote:
> LOL @
> "A timing attack on ssh passwords over the net?"
>
> and
>
> "I think its just a bruteforce."
>
> -Travis
>
> On Mon, Jun 6, 2011 at 7:58 AM, Gichuki John Chuksjonia 
> <chuksjonia@...il.com> wrote:
>>
>> I think its just a bruteforce.
>>
>>
>>
>>
>> On 6/6/11, Andreas Bogk <andreas@...reas.org> wrote:
>> > Excerpts from lulzfail's message of Mo Jun 06 08:39:42 +0200 2011:
>> >> Lulzsec == pwnt
>> >
>> > I've seen the log you pasted to pastebin.  Is this:
>> >
>> >  * A timing attack on ssh passwords over the net?
>> >  * Fake, to distract us from your real 0day?
>> >
>> > Andreas
>> >
>> > Log:
>> >
>> > root@...son:~# ./1337hax0r 204.188.219.88 -root Attempting too 
>> > hax0r root password on 204.188.219.88
>> >
>> > h,VhXz<avMm
>> > 3xL<l1-_\wC
>> > ffsakTgyc~H
>> > ZZrz,pJrg<B
>> > b{4Bv_Y$$Z6
>> > XDh;vDU-;3>
>> > FB-hvg%g_'t
>> > }qHNvkS"'>g
>> > RNBKvUi5yO|
>> > z`(}v<1^>u&
>> > *V4?vh9#^f2
>> > /R*9vf<h"Z#
>> > 9P65vjKhh.N
>> > \rfsv~PhNDz
>> >>Bfpv|uhGpy
>> > J%"kvf]hGf0
>> > sY0"v{2hf7p
>> >>9dev%Qh6_v
>> > *<Tbv7?h.**
>> > }:lkvV^hN2U
>> > ;&5Xv'Sh#}_
>> > MOqpvi_hg+#
>> > Md9/viVh&u7
>> > M(%rvomhb'"
>> > MI"5v_shEVe
>> > M=@....hZge
>> > MPk5v:WhUTe
>> > M=3vvrzh7Te
>> > M&'?v]sh`Te
>> > M/Z,vI1h`Te
>> > M.9>vO$hTTe
>> > Ms!(vY;hpTe
>> > MA)SvYLhnTe
>> > M7eCv@...Te
>> > MkeCvFLh$Te
>> > M'eCv?LhaTe
>> > M&eCvLLh|Te
>> > M*eCv5Lh\Te
>> > MmeCvcLhCTe
>> > MTeCv&LhrTe
>> > M,eCv1LhYTe
>> > MEeCv}LhHTe
>> > M_eCvSLhnTe
>> > MPeCvSLh+Te
>> > M[eCvSLh,Te
>> > MOeCvSLh"Te
>> > M7eCvSLh"Te
>> > MGeCvSLhdTe
>> > M$eCvSLhkTe
>> > MCeCvSLhkTe
>> > MLeCvSLhkTe
>> > M=eCvSLhkTe
>> > M-eCvSLhkTe
>> > MweCvSLhkTe
>> > M=eCvSLhkTe
>> > M3eCvSLhkTe
>> > M6eCvSLhkTe
>> > MreCvSLhkTe
>> > M6eCvSLhkTe
>> > MFeCvSLhkTe
>> > MSeCvSLhkTe
>> > M8eCvSLhkTe
>> >
>> > Password hax0rd! root password: M8eCvSLhkTe
>> >
>> > root@...son:~# ssh 204.188.219.88
>> >
>> > root@....188.219.88's password:
>> >
>> > root@xyz:~# hostname; id; w
>> > xyz
>> > uid=0(root) gid=0(root) groups=0(root)
>> >
>> > _______________________________________________
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>> >
>>
>>
>> --
>> --
>> Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst 
>> and Penetration Tester jgichuki at inbox d0t com
>>
>> {FORUM}http://lists.my.co.ke/pipermail/security/
>> http://chuksjonia.blogspot.com/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> --
> FD1D E574 6CAB 2FAF 2921  F22E B8B7 9D0D 99FF A73C 
> http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint
> =on
> http://pastebin.com/f6fd606da
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ