Kosova Hacker's Security group today
release very sensitive server info of "The National Weather Service",
which was gathered due to a "Local file inclusion" Vulnerability
in weather.gov .
By definition, Local File
Inclusion (also known as LFI) is the process of including files on a server
through the web browser. This vulnerability occurs when a page include is not
properly sanitized, and allows directory traversal characters to be injected.
Hackers publish complete data in a pastebin
file uploaded today, but the hack was performed two day back and in
meantime, server administrator fix the vulnerability.
We just talk with the hacking crew to know the reason of hack and data exposure, one of them explain that they are against US policies, who are targeting muslim countries. "They hack our nuclear plants using STUXNET and FLAME like malwares , they are bombing us 27*7, we can't sit silent - hack to payback them"
We just talk with the hacking crew to know the reason of hack and data exposure, one of them explain that they are against US policies, who are targeting muslim countries. "They hack our nuclear plants using STUXNET and FLAME like malwares , they are bombing us 27*7, we can't sit silent - hack to payback them"
Hacker expose data from
sensitive files :
/etc/passwd
/etc/groups
/etc/hosts
/etc/samba/dhcp.conf
/etc/apache2/conf.d
/proc/version
/proc/cpuinfo
/proc/self/mounts
/proc/self/status
/proc/self/stat
/etc/security/access.conf
/etc/ldap/ldap.conf
/etc/cups/printers.conf
/etc/gconf
/etc/syslog.conf
/etc/snmp/snmpd.conf
/share/snmp/snmpd.conf
/etc/ca-certificates.conf
/etc/mysql/conf.d
/etc/security/limits.conf
/etc/security/group.conf
For a server administrator
this information is very sensitive, whereas for a Hacker
this information could be too much juicy like members of /bin/bash
shell are root, cmccan, darnold, mstrydom, nscanner who
can login via console. That means, hackers can try to brute
force there usernames against password list
to compromise whole server.
In their note
hackers wrote, "Months ago in the American media write that as
Americans have in the field control cybernetics Muslim country servers. We as
an organization have taken the order we receive checks in some American servers
as it is one of to Weather.Gov. We do not want Americans to take control
servers Muslim country .We have infected computers with botnets very few
organizations that deal with anti-Muslim purposes. We will soon publish the
many other things the U.S. government and we will never stop year after year .
This is our mission ."
UPDATE: A 'The Hacker News' Readers - Chirag Singh just reported another vulnerability in same site. This time its Cross site scripting, Proof of concept is as shown below in screenshot.
UPDATE: A 'The Hacker News' Readers - Chirag Singh just reported another vulnerability in same site. This time its Cross site scripting, Proof of concept is as shown below in screenshot.
You can write some thing here..