ESET NOD32 Hong Kong Hacked

#NOD32 Hong Kong@ VMw4r3 & TinKode

Screenshot:

#cat /etc/passwd

bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
v2admin:x:500:500::/home/v2admin:/bin/bash
nod32:x:501:501::/var/www/html:/bin/bash
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
distcache:x:94:94:Distcache:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
uploadfile:x:501:501::/var/www/html/UpFile:/bin/bash

NOD32 URL: http://www.eset.hk/templates_c/
Zone-h URL: http://zone-h.org/mirror/id/10409367

Simple but powerfull!
* We have not changed anything
Thanks!

Advertisements

8 thoughts on “ESET NOD32 Hong Kong Hacked

  1. Pingback: uberVU - social comments

  2. I couldn’t understand some points of this post, but I guess I just need to learn a bit more about this, because it definitely sounds interesting and kind of though-proviking! By the way, how did you first get involved with this?

  3. @resveratrol
    I think the point of this post is just to show how insecure a large web security/anti-virus site like http://www.eset.hk is.

    Many thousands of people rely and pay good money to big companies like eset to keep their computers secure.

    It doesn’t reassure users when they cant even protect their own.

  4. and another thing, lets say Tinc0de or say a blackhatter did this, and got access to the eset anti-virus download app and binded an encrypted trojan to their anti-virus software.

    In my opinion this could of already happened.
    Lets face it, if a white hatter can do this and post the vulnerabilites, The black hatters have more than likely done it already and kept quite…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s