28 Gigabytes of full disclosure information. How many systems did they even compromise? If they are all as big as Linode this could bring some bad heat on them.

Oh god, LOL

This post was edited by killgoreisleet on May 1 2013 02:40pm

Via Abduct:


https://twitter.com/HackThePlanet
http://straylig.ht

Via Abduct:

Great post. Been reading it. Those guys went all out. They've posted 5+ gigs of emails stolen from MIT, and a list containing the domain logins for a majority of *.edu sites, and more! It's crazy!

Name.com just realized theyve been breached. only took them over 24 hours since release of the zine and another 1-3 months since the intitial breach.

at least they can joke about it unlike Fyodor of NMAP which filed a DMCA over HackThePlanet releasing their /etc/shadow file

This post was edited by VxDoomxV on May 8 2013 08:16pm

Not Really hacker news, but I haven't seen any chatter amongst us over this.

Snowden's asylum bid 'may take weeks' as NSA whistle-blower remains stranded in Moscow

Via TweakTown:

Edward Snowden was given another option of a possible safe haven yesterday, as the Venezuelan President said he would consider an asylum request for the former NSA contractor. However, there have been reports that Mr Snowden's annulled US passport meant he was stranded at Moscow's Sheremetevo Airport, unable to enter Russia properly or buy a ticket out.

Russia has confirmed yesterday that Mr Snowden was still in a transit zone at the Moscow airport. Although the country has no extradition treaty with the US, Washington said it wanted Moscow to extradite Mr Snowden without delay. But Russia said that the American was technically not yet under its jurisdiction because he had not passed through immigration.
However, the United States is in ongoing discussions with the Russian authorities over the fate of Edward Snowden, according to White House spokesman Jay Carney. He told reporters travelling with the US President to Africa that he was "not at liberty to get into the details of those conversations" but that they were taking place.

In the meantime, Venezuela's President Nicolas Maduro has responded to rumours of a possible asylum bid: "If they proposed it, and it seems that it has been requested of Ecuador, we would also consider it," the Venezuelan president said. He added that the "information on the violation of civil liberties" leaked by Snowden could "change the world". Ecuador on the other hand said it would consider the American's application "responsibly" and would weigh "human rights obligations". It added that the U.S. would have to submit its position in writing regarding Mr Snowden. Mr Snowden's case has caused a diplomatic spat, with the US accusing Russia and China of assisting the fugitive. Both nations have rejected the charges.
Wikileaks has been lending legal support to Mr Snowden. A Wikileaks tweet said the American was "well" and being accompanied by one of its legal advisers "at all times". The website has not further elaborated on Mr Snowden's exact whereabouts. Both Wikileaks and Russia have denied reports that the Russian secret police have questioned the American.
Ecuadorian officials now say that it could take weeks to rule on an asylum bid. Foreign Minister Ricardo Patino said it had taken Ecuador two months to grant asylum to Julian Assange, the founder of whistle-blowing website, Wikileaks. Mr Patino confirmed that Snowden has indeed applied for asylum in the country, and compared the Snowden case to that of Mr Assange who has been living inside the Ecuadorean embassy in London for more than a year now.

Mr Assange walked into the embassy when his appeal against extradition to Sweden for questioning on accusations of sex crimes was turned down last June. "It took us more than two months to make a decision in the case of Assange, so do not expect us to make a decision sooner this time," Mr Patino told reporters. He also said that Ecuador had not yet decided whether to offer protection to Mr Snowden in the meantime. "If he goes to an embassy, then we will make a decision," the foreign minister said.
Mr Patino denies reports that Ecuador has already issued travel documents for Mr Snowden. The question at this point is whether Snowden might end up being stuck in the kind of limbo that Assange still endures, or whether the NSA whistle-blower will be able to continue on to Venezuela or Ecuador after all. Snowden was booked on a scheduled Aeroflot flight to Havana on Monday, but he did not board that flight. The Cuba route still seems the most logical way to get from Moscow to Latin America without passing countries that might extradite him to the US. The Aeroflot plane however, does ordinarily fly through US airspace.

Russian President Vladimir Putin said yesterday that Mr Snowden was a "free man" and that the sooner he buys a ticket to leave to a destination of his choice, "the better for him, and for us". However, Russian agency Interfax quoted a source close to Mr Snowden this morning saying that his annulled passport meant he could not travel. He was apparently provided refugee documents by Ecuador which enabled him to leave Hong Kong for Moscow, but it is unclear whether these are still valid. Interfax has previously published false information about Mr Snowden's case attributed to unnamed sources.
Reactions from the U.S. have been stern. The chairman of the US Senate Foreign Relations Committee, Robert Menendez, has suggested punishing Ecuador economically if it does offer asylum. He said he was ready to campaign to end preferential trade access for Ecuador. Senator Menendez has also called on Russia to stop sheltering Mr Snowden immediately and turn him over to the United States. Mr Putin appeared to rule that out yesterday, saying that pursuing such a course was like "shaving a piglet - there are lots of squeals, but little wool." Meanwhile, China described accusations that it allowed Mr Snowden to leave Hong Kong despite an arrest warrant as "groundless and unacceptable". The Chinese government has expressed deep concern about the leaker's allegations that the US had hacked into networks in China.
Mr Snowden is wanted by the US for leaking highly sensitive information to the media about a secret government surveillance programme, which he obtained while working as a contractor for the National Security Agency (NSA). He is charged with theft of government property, unauthorised communication of national defence information and wilful communication of classified communications intelligence. His leaks have led to revelations that the US is systematically seizing vast amounts of phone and web data under an NSA programme known as Prism. US officials have defended the practice of gathering telephone and internet data from private users around the world. They say Prism cannot be used to target intentionally any Americans or anyone in the US, and stress that it is supervised by judges.



This post was edited by VxDoomxV on Jun 28 2013 08:56am

someone discovered a vuln in facebook in the way facebook auths mobile phones. it is possible to forge an http request to reauth your own cell phone to someone elses account and then issue a password request which facebook would text to your phone or some shit.
founder got 10 grand from facebook and has since been patched

Brittan and the NSA were found to be cooperating in tapping over 250 fiber optic subsea lines to monitor internet and telephone traffic. Brittan has enough processing power to monitor 46 of 250 fiber optic lines at once and enough data storage to store everything for up to 30 days.

new linux rootkit out that takes advantage of the PAM module system to inject itself into every running daemon on the system.


////////////////////////////

as for my personal adventures, i've hacked 2 new mobile android games as well as a popular asian mmo. the two android games are called avatar fight, and galaxy empire. the avatar fight was a simple protocol analysis which conveyed into an account brute forcer and self playing bot, while the galaxy empire hack was a bit more indepth. i had to reverse their protocol which consisted of json string -> AES256 -> base64 -> gzip. once that was done i mapped the entire game to a sql library so i could pull up any players stats on a whim which is supposed to remain anonymous. as for the asian mmo, i created a injectable library that once injected hijacks directx 8 and 9 so i can inject my own drawable content as i please, as well as get any information i need from the game.

random tips and news.

• fedora 19 released
• NSA is monitoring google and facebook now

Microsoft Windows Local Privilege Escalation

Microsoft Windows contains a vulnerability (CVE-2013-3660) that could allow an local attacker to gain elevated privileges on a targeted system. The vulnerability classified as critical has been found in Microsoft Windows XP/Vista/7/2000/Server 2003/2008. This affects the function win32k!EPATHOBJ::pprFlattenRec of the component Kernel. The vulnerability is due to improper handling of certain objects in kernel memory by the affected software. A local attacker with access to a targeted system could exploit this vulnerability by running a malicious program that is designed to cause the Windows kernel to perform improper memory operations on certain objects. If successful, the attacker could execute arbitrary code on the system with the privileges of the kernel, resulting in a complete system compromise. Proof of concept code that exploits this vulnerability is publicly available.