March 2011

A funny song share by one of our friend from UGHackers community.

Hackers’ Song

“Put another password in,
Bomb it out and try again
Try to get past logging in,
We’re hacking, hacking, hacking
Try his first wife’s maiden name,
This is more than just a game,
It’s real fun, but just the same,
It’s hacking, hacking, hacking”

Today i was reading interesting post by Zone-h.org Which says 1.5 million websites were defaced and reported on Zong-h. Most of the attacks were SQL Injections, LFI, RFI, Web Dav and misconfiguration of the web server or application itself.

The report further says, large number of attacks happened on Linux Operating System. We talk too much about Linux kernel but the first thing is code which need to be written in efficient way.

Some interesting numbers in chart is mentioned on this page too, Up to date stats

MySQL.com was compromised via amazing blind SQL injection. You can see the database, tables & users informations on full disclosure website.

Vulnerable Target : http://mysql.com/customers/view/index.html?id=1170
Host IP : 213.136.52.29
Web Server : Apache/2.2.15 (Fedora)
Powered-by : PHP/5.2.13
Injection Type : MySQL Blind
Current DB : web

The worse is they posted passwords dump and hundreds of people have already cracked it. We recommend you to change your password on urgent basis as it is the normal bad practice people use same password for all online portals e.g web mail, paypal and so on.

 

The good or bad guy who had fun with it is ;

[+] Author: Jackh4xor @ w4ck1ng
[+] Site: http://www.jackh4xor.com