Search This Blog

Showing posts with label Hackers Team. Show all posts

XSS Vulnerability found in CyberGhost VPN by Team INTRA

Team INTRA found XSS vulnerability in CyberGhost website.  CyberGhost is one of famous VPN that provides complete privacy when surfing, downloading, and sharing files on the Internet.

Vulnerability Status:
  • Type: XSS
  • website:cyberghostvpn.com
  • Status: Fixed
  • Researcher: Team Intra

Proof of XSS:





Here you can check more news about Team INTRA:
Team INTRA

19 Sites Hacked and Defaced BY KALIMNDOR TEAM


A new Hacker team named as "KALIMNDOR TEAM " hacked and defaced 19 websites.

Hacked sites:
http://www.accesoriosyacabados.com/index.php
http://nizamonserratefc.com/images/smilies/
http://www.medicinaintegralips.com/
http://maosof.com/DESCARGAS/
http://luisalbertomonsalvo.com/modules/
http://jurisasociados.com.co/Chat/index.html
http://innovaviajes.com/imagenes/
http://gransegura.com/inmobiliaria/index.html
http://gransegura.com/inmobiliaria/index.html
http://eventokeystone.com/
http://equiparmuebles.com/sitio/
http://elkinbuenoalcalde.com/ciudad_futuro/music/
http://artecnologico.com/webassist/
http://oleajesdelasierra.com/
http://paisajismoyzonasverdes.com/cache/
http://www.bunker440.com/
http://semi.prot.us/fileupload/
http://mdsecurity.com.co/configuration.php
http://tucuerpoperfecto.com/uploads/images/

200+ Chinese Websites Hacked by Team Grey Hat


A Hackers Team named as "Team Grey Hat" hacked 200+ chinese sites and defaced them.  They upload tgh.html(defacement page) to the server.

Few Hacked sites:
http://www.rtrujillo.org/tgh.html
http://www.globedu.eu/tgh.html
http://www.789120.com/tgh.html
http://www.pfb114.com/
http://www.china-quality.cn/tgh.html
http://www.china-quality.net/tgh.html
http://www.china-sports.com.cn/tgh.html
http://www.hbzjy.cn/tgh.html
http://www.sohoally.com/tgh.html
http://x068.com/tgh.html
http://12407.z6.cn/tgh.html
http://16342.z6.cn/tgh.html
http://17679.z6.cn/tgh.html

You can check the full list of sites here:
http://pastebin.com/K43gefEN

LG Australia website Hacked and Defaced by INTRA Team


A famous electronics firm LG's Australia website is hacked by INTRA Team.   They defaced the website.

Hacked Site:-
www.lge.com.au
Mirror Link:-
http://www.zone-h.org/mirror/id/15669350

Hackers Message:
It seems as though your website has been hacked.

How did we get past your security?

What security? ;)
The LGE site was taken off the air mid-afternoon Sydney time. They recovered it back and redirect it to www.lg.com/au

It looks they defaced the website using the common Web application vulnerability SQL Injection.

LG said it was alerted to the hack on Friday morning and immediately suspended the site "until the incident is fully investigated". It said the attack only affected lge.com.au, not lg.com.au, which had replaced the former as the "local primary hosting solution" a number of years ago.

You can check the past hacks of INTRA team here:
INTRA Team

60+ Sites Hacked By No Swear & Cyb3r0ck3r. - Team Pak Cyber PYRATES


60+ Sites Hacked By No Swear & Cyb3r0ck3r. - Team Pak Cyber Pyrates. Yesterday this team has hacked 28+ Indian sites!! Total hacked in 2 days: 88+ Sites hacked in 2 days!!

Message of Hackers:
===============================
We protest against ban of Hijab in Australia.
We protest against killings of Innocents in Kashmir and Palestine.
we protest against war provoked by America in Libia.
We protest against America India & isreil who is killing thousands of Innocents in Afghanistan Iraq Pakistan
Kashmir Palestine Libia and other Muslim countries.
We protest against those media who claim Islam as a Terrorist Religion.
===============================

Hacked websites and Mirrors:
http://pastebin.com/GaN8KE7h

Venezuela Government hacked and database leaked by @SwichSmoke


A hacker known as SwichSmoke hacked Venezuela NATIONAL LIBRARY. He divide tha database details into two part and dumped the database in pastebin. The leak contains email,password,first name,last name,phone city,aliasforo,professional,institution.



Pastebin leak:
Part 1
Part 2

He also released the screenshot of attack.
http://imagesk.com/sWY0Z4tO.jpg
http://imagesk.com/mSb8uAFG.jpg
http://www.imagesk.com/WN1usPkz.jpg

15 Websites Hacked By PakCyberPolice [PCP]

 A hacker team known as "PakCyberPolice" hacked 15 websites today. 

Screenshot of Defacement:


Defaced website and their Mirror Link:

http://affiliatemarketing-success.com/
http://mirror.sec-t.net/defacements/?id=67950
http://bestbuytampabayhomes.com/
http://mirror.sec-t.net/defacements/?id=67949
http://quickdashfastweightloss.com/
http://mirror.sec-t.net/defacements/?id=67948
http://quickfastweightloss.net/
http://mirror.sec-t.net/defacements/?id=67946
http://shedsdesign.net/
http://mirror.sec-t.net/defacements/?id=67945
http://traffichybrid.net/
http://mirror.sec-t.net/defacements/?id=67944
http://tampasell.com/
http://mirror.sec-t.net/defacements/?id=67947

Victoire
http://hundreddollarsadaysystem.com/index.html
http://mirror.sec-t.net/defacements/?id=67976
http://magniworksystem.info/
http://mirror.sec-t.net/defacements/?id=67975
http://solar-powered-homes.net/index.html
http://mirror.sec-t.net/defacements/?id=67974
http://spybubblesystem.info/
http://mirror.sec-t.net/defacements/?id=67973
http://spyformmobilephones.com/
http://mirror.sec-t.net/defacements/?id=67972
http://wordpressswissarmyknife.com/
http://mirror.sec-t.net/defacements/?id=67971
http://wpsimplicitybonus.com/
http://mirror.sec-t.net/defacements/?id=67970
http://wpsimplicitysystem.com/
http://mirror.sec-t.net/defacements/?id=67969

20 sites exploited by Team INTRA


Today,Team INTRA hacked and exploited 20 sites. They upload text file in the portals folder.

Screenshot of  Defacement:

List of hacked sites:

http://triview-group.com/Portals/0/TeamIntra.txt
http://genesphotos.com/Portals/0/TeamIntra.txt

http://washingtonpto.org/Portals/0/TeamIntra.txt
http://chipa.org/Portals/0/TeamIntra.txt
http://www.drjbaldwinod.com/Portals/0/TeamIntra.txt
http://iwlstore.com/Portals/0/TeamIntra.txt
http://www.parkersburgcardiology.com/Por...mIntra.txt
http://www.creativeprism.com/Portals/0/TeamIntra.txt
http://www.classicrenovators.com/Portals...mIntra.txt
http://www.cvs.net.au/Portals/0/TeamIntra.txt
http://www.apologetics.org/Portals/0/TeamIntra.txt
http://theoratory.org.uk/Portals/0/Images/TeamIntra.txt
http://www.targetmetabolism.com/Portals/0/TeamIntra.txt
http://www.eslua.org/Portals/0/TeamIntra.txt
http://www.dingbooking.nl/Portals/0/TeamIntra.txt
http://www.nsuro80australia.net/Portals/0/TeamIntra.txt
http://web.scalepoint.com/Portals/0/TeamIntra.txt
http://www.elevatorsrus.com/Portals/0/TeamIntra.txt
http://tidbs.com/Portals/0/TeamIntra.txt
http://www.electromagnetic.biz/Portals/0/TeamIntra.txt



Apple Website Hacked and defaced by HodLuM

Hacker HoduM hacked the one of subdomain of Apple and upload a Image file to the domain.
Here is the link to:
http://edseminars.apple.com/seminars/eventfiles/668/0wnz.jpg
The hacker claimed that anonymous, Lulsec, Turkish Hackers, inj3ctor as n00bs.

The message from Hacker:
Special greetings to all those turkish 1337l4m3rz iskorptix,1923Turk, GHoST61 & Ashiyane crew, this is a special message for YOU.

Keep defacing some random websites that nobody gives a f'ck about. Are 1337day.com and exploit-db.com good enough to find some b0x3z to 0wn? LOL.
NOObz.;))

./EOF. SOuc3 c0d3 f0r d4 w1n. (w4nn4 h3Lp bUnny?) - 2011 baby!

oh.. and btw, Anonymous/Lulsec, go F'CK yourself too, your group is full of noobs and lamers. Don't think you're leets, as it not the case. At all.



Screenshot of Defacement:

Note:
Also HodLum hacked AOL website

9 websites hacked and defaced by @NetBashers

This is recent hacks from Netbashers. List of 9 websites hacked by them.

http://www.abujudom.com/index.html
http://illustrationmedia.com/index.html
http://process-servers.com.au/index.html
http://www.neffrental.com/index.html
www.thepostofficesd.com
http://symonsfp.com/index.htm
http://www.greggstockwell.com/
http://nextalliance.net/
http://ipcsd.com/

Rankmyhack got hacked by HaxOr (INTRA Team )

HaxOr, INTRA team member hacked Rankmyhack.com. Rankmyhack.com gives rank for hackers based on their hack.  Hackers can submit their hacking , they will be ranked depending on the priority of website.   The bounty section of this site was created in an attempt to focus the abilities of talented hackers against political and government forces that need to be put back in line.

Hax0r use the vulnerability of website and upload the hackedbyhaxor.txt .  This text file contains the following message.
"Greetz to all members of Team INTRA...Secure your shit!"

Hackers upload the PHP shell with image extension in the uploads folder and exploit the website.

I don't know How much rank will they give for this? Ha..Ha.. Even my forum also has some vulnerability,i fixed some vulnerability but still hidden vulnerability.  I hope it will be exposed some other hackers.


CSLSecurity website Hacked by TeaMp0isoN~Hackers hacked by Hackers

Cslsecurity is defaced by TeaMp0isoN. CSLSecurity is one of hackers group. They claim to be "New Lulsec "group.
Hackers group hacked by hackers group.

Hackers(TeaMp0isoN) to hackers(CSLSecurity):
CSLSecurity = Cant Stop Laughing Security?..... oh the irony... DDoSing Random Sites does _NOT_ make you hackers.
TeaMp0isoN: TriCk -iN^SaNe - Hex00010 - MLT - C0RPS3 - BlackHacker -
4ll j00r sh1t r b3l0ng t0 u5! - w4tch 0ut f0r TeaMp0isoN Issue3, CSLSecurity will be f34tur3d!

hacked website:http://www.cslsecurity.com/
mirror:http://zone-h.org/mirror/id/14799769

2000+ VIP's Email Accounts leaked by @ThEhAcKeR12

A hacker known as ThEhAcKeR12 hacked allianceforbiz.com (A company managing events)and leaked the username, email and passwords(plain text). It includes the users from US Millitary, Governments & Corporate giants.

The Partial Leak can be found in :http://pastebin.com/gh6fuRrV

The full Leak is available at:http://www.mediafire.com/?5univ5uggsi7nyn

Metropolitan UK Police hacked for #Antisec by CSL Security|SQL injection Vulnerability exposed

CSL Security (one of anonymous Hacker) exposed the SQL Injection vulnerability in Metropolitan UK Police. He tweeted this in twitter. He posted the vulnerable link in pastebin.

CSL security said in Pastebin:
CAN’T STOP LAUGHING AT YOUR DISRESPECT
CAN’T STOP LAUGHING AT YOUR INCOMPETENCE
CAN’T STOP LAUGHING AT YOUR SECURITY!!!

Status: No database is dumped . No defacements.