| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAF7zQxMCK4zmbT4DqAjyipjcgMLc4dG0oBVEDL=gStkR0b6FRw@mail.gmail.com> Date: Thu, 4 Aug 2011 00:45:54 +0530 From: eSploit Guy <satyamhax@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Hacked data on open sale ? Hello List, I stumbled upon a site selling the below services in January this year, it was in the news then and many (including me)blogged, tweeted about it. Hacking a military website $150 USD Hacking an Government website $99 USD Hacking Educational website $66 USD Hacking Online game website $55 USD Hacking forums, shopping carts $55 USD Immunity's CANVAS reliable exploit development framework LATEST VERSION! 2011! $66 USD Undetected Private Java Driveby Exploit $150 Source code and $30 for binary Fresh shopadmin/forums, USA, UK, AU, DE, Valid Email lists $10 per 1mb PHP mailers %100 inbox $5 USD per 1 Selling Edu/Gov database contain Firstnames, Lastnames, Email, Country, Address, Phone, Fax details $20 per 1k Selling fresh Emails for spam from Edu's websites and shop websites SQL Injection attacker bot (srb0tv2.0) Thought it'll go down in a day or so. However, today after nearly 7 months saw the same news in imperva blog, checked the site and found that it's not only still up and running but even updating frequently ! Apart from selling the services above, this guy also discloses SQL injection vulnerabilities in major websites including banks, universities, large corporations and Government organizations : https://www.playstation.ru/ http://www.playstation.ca/ http://www.hartford.edu/ http://armani.com/ http://www.parliament.gov.bw/ http://www.nbc.org.kh/ http://www.bot-tz.org/ http://www.na.gov.pk/ http://www.presidentofpakistan.gov.pk/ http://www.cbp.gov/ http://www.ad.gov.ir/ http://www.tacp.toshiba.com/ http://labs.oracle.com/ Check out the details here: http://esploit.blogspot.com/2011/08/open-sale-hacked-data-sqli.html Regards, Satyamhax http://esploit.blogspot.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists