Blog Archives

Indian hackers Planning for Fireworks On 15th August


As we all know Indians celebrate their independence day on 15th of august.

Some of Indian patriotic hackers have found their own way to celebrate this special day.

According to our sources, some Indian hacking groups are planning to attack Pakistani govt and commercial websites on 15th august as a gift to Pakistan on India’s independence day.

It has been history of these two countries that whenever their independence day comes both country hackers start targeting each other country website.

so lets see how much they got 😀

Advertisements

How Hackers Use Google Search For Hacking


As you all know that Google indexes 80% of the internet providing you all information you require, but it also provides some confidential information, which in hands of a hacker can prove fatal.

and you can do it by just right search query.

here are some examples for you.

 

HOW HACKERS USE GOOGLE FOR HACKING SECURITY CAMERAS?

There are many security cameras used for monitoring places like parking lots, college campus, road traffic etc and which provide the information on web.

All You have to do is Type in Google search box exactly as follows and hit enter

inurl:”viewerframe?mode=motion”

Open any of the link and you will gain access to the live camera which has full controls. You are now all done. You can perform all the actions on that camera, such as: zoom in, zoom out,rotate the camera etc.

How To Gain Personal and Confidential Documents.

You can gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc via Google search.

Just type in

intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”

if you want to get excel file, then

filetype:xls inurl:”email.xls”

and for gaining access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query.

intitle:index.of finances.xls

Using Google To Get Free Stuffs

Using Google search You can get free music,ebooks and lot more free stuffs.

you just need to enter this quire.

“?intitle:index.of?mp3 Lady Gaga“

after hitting this you will get all album list of Lady Gaga, where you can download her songs by your choice.

similarly if you want to get free ebooks type :

“?intitle:index.of?pdf ebooks“

it will provide you all pdf with the name ‘ebooks’.

You can do a lot more by just entering the right keyword.

Now Anonymous Strikes In The Name Of Antisec


Anonymous has picked up where the recently disbanded LulzSec left off.

The hacking organization released information to the Web last night from the Cyberterrorism Defense Initiative’s Security and Network Training Initiative and National Education Laboratory (SENTINEL) program. The SENTINEL program was “administered” by the U.S. Department of Homeland Security and the Federal Emergency Management Agency (FEMA) to “educate technical personnel in cyberterrorism response and prevention.”

The SENTINEL training program was designed for personnel in public safety, law enforcement, state and local government, and public utilities. Health care professionals and employees at colleges and universities were also trained in the program.

Anonymous used its Twitter account yesterday to announce its intention to post data from the program on the Web, asking its followers if they were “ever interested in anti-cyberterrorism training.” Not long after, Anonymous published information on the program.

According to Australia’s ABC, the files, which were apparently published in 2009, include information on publicly available hacking resources and lists of FBI bureau addresses. The data also includes information on “hacking and counter-hacking tools,” as well as form letters that could be used to obtain user information from Internet Service Providers, the ABC is reporting.

The latest data release from Anonymous comes just two days after its fellow hacking group LulzSec announced that it had disbanded. The group said in a statement on Saturday that it had planned to operate for just 50 days with the ultimate goal of putting people on notice.

“It’s time to say bon voyage,” LulzSec wrote in its statement. “Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind–we hope–inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere.”

Over that 50-day period, LulzSec made headlines by attacking PBS, Sony Pictures, and the Central Intelligence Agency, among other prominent organizations. More recently, the group announced an alliance with Anonymous called Operation Anti-Security, or AntiSec. The goal of their alliance, they said earlier this month, was “to steal and leak any classified government information…Prime targets are banks and other high-ranking establishments.”

The groups said that if they were censored in anyway, “we will obliterate the censor with cannonfire anointed with lizard blood.”

The SENTINEL release is a continuation of AntiSec. Following LulzSec’s disbandment, the group’s members joined Anonymous and continued their operation.

“We can confirm that all @LulzSec members have reported aboard,” Anonymous wrote on its Twitter account yesterday. “#AntiSec will have full support from #Anonymous and LulzSec. Expect us, soon.”

WordPress.org plugins hacked


Earlier today the WordPress team noticed suspicious commits to several popular plugins (AddThis, WPtouch, and W3 Total Cache) containing cleverly disguised backdoors. We determined the commits were not from the authors, rolled them back, pushed updates to the plugins, and shut down access to the plugin repository while we looked for anything else unsavory.

We’re still investigating what happened, but as a prophylactic measure we’ve decided to force-reset all passwords on WordPress.org. To use the forums, trac, or commit to a plugin or theme, you’ll need to reset your password to a new one. (Same for bbPress.org and BuddyPress.org.)

They also offer standard good advice:

As a user, make sure to never use the same password for two different services, and we encourage you not to reset your password to be the same as your old one.

Second, if you use AddThis, WPtouch, or W3 Total Cache and there’s a possibility you could have updated in the past day, make sure to visit your updates page and upgrade each to the latest version.

WordPress has had similar problems in the past, including an occasion when a fake “new” version was rolled out with a backdoor in it.

Meanwhile Dropbox, the digital locker service, has had to face the fact that it broke its own authentication system for four hours on Tuesday – which meant that anyone could log in to anyone else’s account. Dropbox says that it thinks only 1% of people logged into accounts in that time, though of course it doesn’t know if they were the ones who were meant to log in to them.

Many people might say “no harm done – all that’s happened is that someone might stick some files in your Dropbox.” Yes, or read them. Or, as someone suggested, stick a malware-infected file in. It’s a bad lapse for Dropbox. There’s enough hacking going on as it is without this.