Month: September 2011

Categories
Indian Hackers News

Chief Minister KPKWA Official Site cmkhyberpakhtunkhwa.gov.pk hacked by ICA

Click on Image to view full version.

Cyber War between two countries Pakistan & India is again seems re-established. I remember one meeting between Pakistan Cyber Army & Indian Cyber Army where they commit to stop these attacks and utilize their skills for good.

There are many websites related to Pakistani & indian government were defaced by these two groups.

This time two people Ro0t_d3vil & StRangeR from ICA involved in defacement of Chief Minister Khyber PukhtunKhwa Official Goverment website

We tried to check the site security and it looks really funny.

HG Analysis :

That’s from us. Stay tune for more updates.

Categories
HowTos Linux Troubleshootings

How to enable mod_rewrite module in apache2.2 on Ubuntu/Debian/backtrack 5

BackTrack 5 is the most popular Penetration testing among Security Analysts. We have also been using it for a very long time.

Today we were testing one application on our back track 5 Linux. It has Apache installed but with a limited modules. I couldn’t access any page of my application because all URLs were rewritten using mod_rewrite. I performed following troubleshooting and finally installed mod_rewrite module.

mod_rewrite module is actually available under back track 5 Linux, but you 
have to just activate it.

How to check module if it is already available?

Module path :
ls -l /usr/lib/apache2/modules/mod_rewrite.so

Module config path :
ls -l /etc/apache2/mods-available/rewrite.load

How to Enable mod_rewrite now?

a2enmod rewrite

Output :
Enabling module rewrite.
Run ‘/etc/init.d/apache2 restart’ to activate new configuration!

Restart Apache
/etc/init.d/apache2 restart

Test you application, all URLs that is rewritten should work now!

Categories
News Pakistani Hackers

SQL Injection on pandasecurity.pk by X-NerD

Click to View Full Image

Recently we released a bulletin about X-NerD 250+ domains defacement. This time X-NerD targets PandaSecurity’s channel domain for Pakistan.

Panda Security is a well known AntiVirus Company that delivery Antivirus applications globally to million of home and business users world wide.

As usual X-NerD publishes a message at http://www.pandasecurity.com.pk/why_panda.php

"OoooOOPss...I am ShockeD At YouR SecuritY..S3cuR!tY L3vEL Z3r0...YOu Dont KnoW
 HOw To SecurRe Your AsS n Pr0vidinG SEcurity to 0therS...Big LauGh..."

X-NerD performed SQL injection. There is no news about server’s security breach.

Categories
General News

Linux.com, LinuxFoundation.org are down due to a security breach

Once again Linux.com, Linuxfoundation.org and sub-domains have been taken offline for a possible security breach that is discovered on 8th September, 2011.

News bulletin from Linux.com says in the best interest of Linux community and security precautions  we have taken all domains offline. Initial analysis shows this breach is connected to intrusion on kernel.org

Recommendations for the Linux.com users :

Change your password, if you are using the same password  on other sites.

Services affected :

  • Linux.com
  • Open Printing
  • Linux Mark
  • Linux Foundation events.
Note : Kernel repositories are not affected. It is safe.

We will update you further, as soon we have further announcements from Linux.com

Categories
News Pakistani Hackers

250+ domains hacked by X-NerD

X-NerD identify his self as a part of Pakistan Cyber Army. X-NerD has defaced many websites that includes blogs, forums, brand domains. This time the attacked seems to be RFI/LFI type.

A sample page can be seen on

http://www.cga.com.pk/x.php

You can see complete list of domains on pastbin

http://pastebin.com/b6wSGzC8
Categories
Penetration Testing Privilege Escalation

Update FireSheep Extended – Now targets Google Search

You can find our previous post regarding HowTo use Firesheep on linux.

FireSheep is a small firefox extension that does big jobs for you 😀 e.g http sessions hijacking

What is FireSheep Extended?

This release is focused on Google search. If you are using Google Search services using a unsecured Wifi network, you searches are visible to MITM guys.

How it work?

When you are logged in on gmail.com and use google searches, Google’s sid cookie is easily captured through FireSheep. As soon you see sid cookie click on it and see visited links by victim.

How to be safe from FireSheep extended release?

Don’t use Google search while you are logged in on gmail.com on unsecured WiFi Networks.

What do you suggest for mitigation ? Share your thought in comments 🙂