Wednesday, December 5, 2012

Website Persatuan Sepak Bola Malaysia - HACKED!!!


jtablesession::Store Failed
DB function failed with error number 145
Table './famuser_orgmy/jos_session' is marked as crashed and should be repaired SQL=INSERT INTO `jos_session` ( `session_id`,`time`,`username`,`gid`,`guest`,`client_id` ) VALUES ( 'bfb700afcf89a9249e2dbc8a72a21162','1354757186','','0','1','0' )
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 76 bytes) in /home/famuser/domains/fam.org.my/public_html/libraries/joomla/error/exception.php on line 117

Info Penyebab web ini di Defaced atau di rusak :
http://azizulhakim91.blogspot.com/2011/10/sembang-pasal-laman-web-fam-kena-hack.html
yang isinya sebagai berikut :

Hometiket mahal piala malaysiasembang pasal: Laman web FAM kena hack logo Harimau bertukar tak Syok la macamni

sembang pasal: Laman web FAM kena hack logo Harimau bertukar tak Syok la macamni

kerana bola sebijik dan harga tiket


ramai dah kot yang tau pasal ada orang hack Laman Web FAM..
apa sebabnya..sebab FAM tetap mengekalkan RM 50 harga tiket untuk perlawanan akhir piala Malaysia sabtu ini..
macam-macam cerita keluar,
ada subsidi la..
-tiket dijual dipasaran gelap lah,,,
-tiket habis dijual la...
-harga dipersetuju semua pihak lahh..
-ramai yang boikot lah..
-mana satu betul entahlah..

nampaknya Marah betul penyokong bola Malaysia ..

taknak tunjuk logo kena hack tu yang ada gambar B*BY..tak elok..

tapi yang tak bestnya,,,gambar harimau malaya tu ditukar kepada gambar lain yang tak berapa nak elok..
takkan nak jadi _____ malaya..?
jangan lah..aku pun Malayan Jugak,
Hackers len kali fikir dulu sebelum edit nohh..

taruh la harimau cukur misai ke..ok jugak,,
tak pun taruk gambar kucing...comel la jugak

tak percaya cepat-cepat tengok sini=http://www.fam.org.my/

SS : Cekidot : http://i.imgur.com/IoxTw.png

lagi : http://samposmen.blogspot.com/2011/10/fam-anjink-website-fam-kena-hack.html

SS lagi : http://i.imgur.com/EkvOh.jpg
at No comments:
Labels: ,

Monday, December 3, 2012

Multiple MySQL database Zero-day vulnerabilities published

Researcher discovered Multiple Zero-day vulnerabilities in MySQL database software including Stack based buffer overrun, Heap Based Overrun, Privilege Elevation, Denial of Service and  Remote Preauth User Enumeration.

Common Vulnerabilities and Exposures (CVE) assigned as :
CVE-2012-5611 — MySQL (Linux) Stack based buffer overrun PoC Zeroday
CVE-2012-5612 — MySQL (Linux) Heap Based Overrun PoC Zeroday
CVE-2012-5613 — MySQL (Linux) Database Privilege Elevation Zeroday Exploit
CVE-2012-5614 — MySQL Denial of Service Zeroday PoC
CVE-2012-5615 — MySQL Remote Preauth User Enumeration Zeroday


Currently, all reported bugs are under review and most of the researchers believed that some of these can be duplicate of an existing bugs.

CVE-2012-5612 and CVE-2012-5614 could cause the SQL instance to crash, according to researchers. Where as another interesting bug CVE-2012-5615 allow attacker to find out that either any username exist on the Mysql server or not by reply- "Access denied".

Eric Posted MySQL Database Privilege Elevation 0day Exploit Demo:
at No comments:
Labels:

Nmap 6.25 released with 85 new NSE scripts

After five months NMAP team release latest version of open source utility for network exploration or security auditing - NMAP 6.25 .

It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
Updates:
  • integration of over 3,000 IPv4 new OS fingerprint submissions, over 1,500 service/version detection fingerprints, and of the latest IPv6 OS submissions and corrections
  • better IPv6 traceroute support
  • new poll and kqueue I/O engines for improved performance on Windows and BSD-based systems including Mac OS X
  • added support for Unix domain sockets
  • 85 new NSE scripts
  • 12 new protocol libraries
  • Windows 8 improvements
  • targets-sniffer is now capable of sniffing IPv6 addresses
  • a number of bugs affecting the software's security, stability and productiveness fixed.

Download Nmap 6.25

source : http://thehackernews.com/2012/12/nmap-625-released-with-85-new-nse.html
at 1 comment:
Labels: , , , ,
Subscribe to: Posts (Atom)