[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Hacked data on open sale ?
- To: eSploit Guy <satyamhax@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Hacked data on open sale ?
- From: Max Caps <maxcaps_7@xxxxxxxxx>
- Date: Sun, 7 Aug 2011 03:20:27 +0530 (IST)
The data you posted seems like the stuff from SRBLCHE.... Seem him around and
he's a nice guy. Well coming to think of it his site is currently not selling
military data.. Its just maintaining a repository of SQLi sites like the hell
lot of sites around... There are sites like thehackernews.com etc which leak
out all the dumps to the public that these hackers get...
So why all the fuss?? YouJellyBruh?? =))
Cheers,
MaxCaps
PS: http://esploit.blogspot.com/p/exploit.html ; is from your site right! You
sure this is all legal stuff? Trust me you can get into lots of shit cause of
this so why create rukus around when others are just having some fun and
sharing knowledge.
________________________________
From: eSploit Guy <satyamhax@xxxxxxxxx>
To: full-disclosure@xxxxxxxxxxxxxxxxx
Sent: Thursday, 4 August 2011 12:45 AM
Subject: [Full-disclosure] Hacked data on open sale ?
Hello List,
I stumbled upon a site selling the below services in January this
year, it was in the news then and many (including me)blogged, tweeted
about it.
Hacking a military website $150 USD
Hacking an Government website $99 USD
Hacking Educational website $66 USD
Hacking Online game website $55 USD
Hacking forums, shopping carts $55 USD
Immunity's CANVAS reliable exploit development framework LATEST
VERSION! 2011! $66 USD
Undetected Private Java Driveby Exploit $150 Source code and $30 for binary
Fresh shopadmin/forums, USA, UK, AU, DE, Valid Email lists $10 per 1mb
PHP mailers %100 inbox $5 USD per 1
Selling Edu/Gov database contain Firstnames, Lastnames, Email,
Country, Address, Phone, Fax details $20 per 1k
Selling fresh Emails for spam from Edu's websites and shop websites
SQL Injection attacker bot (srb0tv2.0)
Thought it'll go down in a day or so. However, today after nearly 7
months saw the same news in imperva blog, checked the site and found
that it's not only still up and running but even updating frequently !
Apart from selling the services above, this guy also discloses SQL
injection vulnerabilities in major websites including banks,
universities, large corporations and Government organizations :
https://www.playstation.ru/
http://www.playstation.ca/
http://www.hartford.edu/
http://armani.com/
http://www.parliament.gov.bw/
http://www.nbc.org.kh/
http://www.bot-tz.org/
http://www.na.gov.pk/
http://www.presidentofpakistan.gov.pk/
http://www.cbp.gov/
http://www.ad.gov.ir/
http://www.tacp.toshiba.com/
http://labs.oracle.com/
Check out the details here:
http://esploit.blogspot.com/2011/08/open-sale-hacked-data-sqli.html
Regards,
Satyamhax
http://esploit.blogspot.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/