Pastebin launched a little side project called HostCabi.net, check it out ;-)Don't like ads? PRO users don't see any ads ;-)
Guest

loldhs pr0f

By: a guest on Nov 18th, 2011  |  syntax: None  |  size: 2.97 KB  |  hits: 46,099  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. -----BEGIN PGP SIGNED MESSAGE-----
  2. Hash: SHA1
  3.  
  4.               ___   __
  5.              / _ \ / _|
  6.   _ __  _ __| | | | |_
  7.  | '_ \| '__| | | |  _|
  8.  | |_) | |  | |_| | |  
  9.  | .__/|_|   \___/|_|  
  10.  | |                  
  11.  |_|                  
  12.  
  13.  
  14. ___ _  _ ____    ____ ____ _ ___      
  15.  |  |__| |___    | __ |__/ | |  \      
  16.  |  |  | |___    |__] |  \ | |__/ .    
  17.                                   '    
  18.  
  19. ____    ___  _ ____ _ ___ ____ _       ____ ____ ____ _  _ ___ _ ____ ____
  20. |__|    |  \ | | __ |  |  |__| |       |___ |__/ |  | |\ |  |  | |___ |__/
  21. |  |    |__/ | |__] |  |  |  | |___    |    |  \ |__| | \|  |  | |___ |  \
  22.                                                                            
  23.  
  24. So, early this morning I was linked to an article about SCADA pumps from someone in IRC.
  25. This article was located here:
  26.  
  27. http://www.theregister.co.uk/2011/11/17/water_utility_hacked/
  28.  
  29. My eyes were drawn, nary, pulled, to a particular quote.
  30. 'In an email sent several hours after this article was first published, DHS spokesman Peter Boogaard wrote: "DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Illinois. At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety."'
  31.  
  32. This was stupid. You know. Insanely stupid. I dislike, immensely, how the DHS tend to downplay how absolutely FUCKED the state of national infrastructure is.
  33. I've also seen various people doubt the possibility an attack like this could be done.
  34.  
  35. So, y'know.
  36. The city of South Houston has a really insecure system. Wanna see? I know ya do.
  37. http://i41.tinypic.com/ip0aa0.png
  38. http://i42.tinypic.com/eun021.png
  39. http://i42.tinypic.com/1znptuu.png
  40. http://i41.tinypic.com/2m6o0au.png
  41. http://i40.tinypic.com/k386ep.png
  42.  
  43. These are also archived here:
  44. http://www.mediafire.com/file/38m3pvwrc8ckh7s/HMI.zip
  45.  
  46. I'm not going to expose the details of the box. No damage was done to any of the machinery; I don't really like mindless vandalism. It's stupid and silly.
  47. On the other hand, so is connecting interfaces to your SCADA machinery to the Internet. I wouldn't even call this a hack, either, just to say. This required almost no skill and could be reproduced by a two year old with a basic knowledge of Simatic.
  48.  
  49. Greetz to a select group of big heckers. You know who you are.
  50.  
  51. pr0f_srs@ue.co.ro.
  52. My public key is located here pastebin.com/fAa4uZDx and somewhere on pastebay. Useitfgts.
  53. -----BEGIN PGP SIGNATURE-----
  54. Version: GnuPG v1.4.11 (GNU/Linux)
  55.  
  56. iQEcBAEBAgAGBQJOxlzeAAoJEFI8uH13Tfpa5P8H/Rdp8MqVbqgaLZuW2lWOjRjo
  57. A7lp47L7C2beyWEXr3CS7Do99BWjJg5Ybh1dd/ahXbIM0bzSxwJwZzJqDPFsu7Ma
  58. N4JgzgD3pOh9BUEDar5C6X4iKeHek0y7gPSy2fublOgrO3UICiy1PEElXOLXzh9X
  59. XyLYwykaE/9yeKuYBH/MyAjAP/sDChp7bxZP6oP/4J3CVii9NXxLtnDWW5Rer9Hr
  60. mzLcDiLirXieAw6CGwAa1l9sGqASO2GH3iXLRMBw87suKprUy+moO++AnW7seB0H
  61. UiU+72leI9KARru3KCxeuReAW5Xo1UgHESeGgXpgSCzsbC3mvBNk7Z3yZTtjV5s=
  62. =wjgE
  63. -----END PGP SIGNATURE-----
  64.  
  65.