I can't even remember what I posted but it can't have been that bad because I didn't get a warn.

Truly an awesome thread

and im back after 30 days of being suspended.

Internet Explorer 6, 7 and 8 vulnerable to remote code execution

Last Friday, we reported that the website of the U.S. Council of Foreign Relations was allegedly compromised by Chinese hackers who exploited the zero-day bug that was only discovered that same day. The CFR website was compromised with JavaScript that served malicious code to older IE browsers and the code then created a heap-spray attack using Adobe Flash Player.

Yesterday former hacker Bryce Case Jr (YTCracker) tweeted about a new zero day exploit threatening all users of IE8, "internet explorer 6-8 0day making the rounds force them toolbar installs and keyloggers on exgf while you still can...".

On Saturday, Microsoft published a security advisory warning users of Internet Explorer 6, 7, and 8 that they could be vulnerable to remote code execution hacks. The vulnerability is a remote code execution vulnerability that exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated.

The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

Meanwhile, the software giant will be shipping a software fix, available from its Fix It Solution Center, to protect systems before the patch is ready. Microsoft also has posted several mitigation options for users of Internet Explorer 8 or earlier to protect the Windows operating system from the exploit.

The best measure - of course, switch to Google Chrome and Mozilla Firefox.


Official Debian and Python Wiki Servers Compromised



Administration from Debian and Python project official websites confirmed that their WIKI servers were compromised by some unknown hackers recently. Hackers was able to hack because of several vulnerabilities in "moin" package.

According to Brian Curtin at Python Project, Hacker user some unknown remote code exploit on Python Wiki server (http://wiki.python.org/) and was able to get shell access. The shell was restricted to "moin" user permissions, where but no other services were affected. Attacker deleted all files owned by the "moin" user, including all instance data for both the Python and Jython wikis.

Python Software Foundation encourages all wiki users to change their password on other sites if the same one is in use elsewhere. For now, Python Wiki is down and team is investigating more about breach.

Where as in Debian Wiki (http://wiki.debian.org/) security breach, user use some known vulnerabilities Directory traversal (CVE-2012-6080, CVE-2012-6495), Multiple unrestricted file upload vulnerabilities (CVE-2012-6081), Cross-site scripting (XSS) vulnerability (CVE-2012-6082).

Luca from Debian also mention,"We have reset all password hashes and sent individual notification to all Debian wiki account holders with instructions on how to recover their passwords".

In case of Debian, hacker compromise only 'wiki' user and have captured the email addresses and corresponding password hashes of all wiki editors. "The attacker(s) were particularly interested in the password hashes belonging to users of Debian, Intel, Dell, Google, Microsoft, GNU, any .gov and any .edu."

Both servers was compromised in December 2012, but it is not clear yet that same hacker do both hacks or not.


Exploit Packs updated with New Java Zero-Day vulnerability



A new Java 0-day vulnerability has been discovered, already wind in use by an exploit pack, taking advantage of a fresh zero-day vulnerability in Java and potentially letting hackers take over users’ machines.

Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The flaw was first spotted by ‘Malware Don’t Need Coffee’ blog. This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits.

This exploit is already available in two Exploit Packs, that is available for $700 a quarter or $1,500 for a year. Similar tactics were used in CVE-2012-4681, which was discovered last August. Source of this new Exploit available to download Here.

The two most popular exploits packs used by hackers to distribute malware, the BlackHole Exploit Kit and the Cool Exploit Kit already having this latest Java Zero-Day exploit. Blackhole kit is usually installed on compromised websites and uses vulnerabilities in web browsers and other software to inject malware into visitors' PCs.

The creator of Blackhole, who uses the nickname 'Paunch,' announced yesterday on several Under web forums that the Java zero-day was a 'New Year's Gift,' to customers who use his exploit kit. Vulnerability was later confirmed by security firm AlienVault Labs, "On the other hand we expect a Metasploit module in the upcoming days as it has been happening during the last year as well as most of the exploit kits adopting this new zeroday sooner than later."

Don't you love getting suspended and warned for dumb reasons lol

apparently it was for the image i posted of anonymous that had nazi symbolism and the trade centers being crushed down by white naked chicks with anti jewish symbols etched over their faces.

Got suspended 2 times for 24hours one for posting a modified user pictures that was made by a friend of the owner of the picture and for posting a d2 item image but it was from a d2 shop site lol

MIT.EDU HACKED

fresh news i just discovered. MIT.EDU has been compromised by who is claiming to be Sabu from team lulzsec. Not only has a deface page been put in place of the original MIT website their DNS has been hijacked and has been placed behind cloudfare services. Among the front facing name of Sabu on the deface the names ``hacked by aush0k and tibitximer`` also appear inside the html source of the page, along with a quote from the movie ``Hackers`` inside the title of the page. With so many miss leading names and aliases thrown about it is really hard to tell who actually did the breach. Only time will tell and we will have to watch out for any signs of groups claiming to have done the hack.

Welcome back

Didn't the FBI say they caught the leader of Lulzsec not to long ago? Some ~25 y/o black guy that lived in an apt with 15 other people hacking from a mac?

I can't remember where I saw the article but I half ass figured it was bullshit.


The site is back up now.

This post was edited by VxDoomxV on Jan 22 2013 11:46am

and now the proper writeups come flowing in

http://betabeat.com/2013/01/mit-edu-hacked-in-name-of-aaron-swartz-allegedly-by-lulzsec/

Hackers have defaced the MIT.edu website in response to the death of Internet activist Aaron Swartz, who was being prosecuted with the cooperation of M.I.T for illegally downloading JSTOR files over the university’s network and uploading them for free use by the public. Mr. Swartz hung himself in his Brooklyn apartment 10 days ago, and a memorial was held for him at Cooper Union in New York on Saturday.

The MIT website has been defaced to display a black screen with the text of a blog post from Mr. Swartz’s blog superimposed overtop. “R.I.P. Aaron Swartz,” reads bolded white text in the middle of the site. “Hacked by grand wizard of Lulzsec, Sabu. God Bless America. Down with Anonymous.”

Betabeat has been unable to confirm whether or not the hack was indeed the responsibility of the hacker crew Lulzsec, though we have to guess it wasn’t done by Sabu, since the former LulzSec operative was outed as an FBI informant last year.



more news can be found here:

http://www.google.ca/#q=mit.edu+hacked&hl=en&tbo=u&source=univ&tbm=nws&sa=X&ei=H9T-UO34C-e90QG8qYDIBQ&ved=0CCwQqAI&bav=on.2,or.r_gc.r_pw.r_qf.&bvm=bv.41248874,d.dmQ&fp=a33f2712d4a89312&biw=696&bih=645