This site is some kind of personal database gathering notes about my day-to-day discoveries in the IT world basically about security.
While some are howtos and tips (we learn a new thing every day eh), hopefully you'll find some of them informative !

Showing posts with label Defacements. Show all posts
Showing posts with label Defacements. Show all posts

March 14, 2007

Another .gov.ph Defacements

Very cool hack. This site is Mambo based. I've seen a lot or should I say soooo many Mambo site that got hacked. So I advised, migrate to Joomla! :)

0 comments

February 5, 2007

Another .gov.ph Defacements

Energy Regulatory Commission
http://www.erc.gov.ph/sina.html
National Power Corporation
http://www.napocor.gov.ph/webnpc/main.htm

0 comments

January 25, 2007

Another .gov.ph Defacement

Philippine Institute for Development Studieshttp://webmail.pids.gov.ph

0 comments

January 24, 2007

Another .gov.ph Defacements

House of Representatives Official Website
Philippine Children's Medical Center

0 comments

Zone-H is back!

Have you recently seen a different Zone-H when trying to access our pages? Magic of DNS redirection.

It appears that Saudi Arabia crackers managed to get the passwords of our registrar (our registrant panel to be precise), accessed the domain management page and changed the DNS entries, pointing the zone-h domain to an IP address belonging to the crackers on which they mounted the page you saw in the last 48 hours.

48 hours!?! So long it took to take contact with the registrar (they work only through email communication), explain the problem to 8 different people then finally getting a reset of our credentials, taking the domain back in control.

On the funny side, the same problem happened to Google in its German version which yesterday evening was redirected to a different page (different owner actually). In this case (automatic German/English translation) the trick was a bogus domain transfer request that a German provider accepted without explicit authorization from Google Inc. (silence-consense).

What a day! We are so glad we deserve so much of attention.

PS: you will soon find the mirrors in our DB as even though Zone-H wasn't hacked, from the users' point of view it appeared defaced, as only a few users realized they weren't visiting the actual Zone-H server. From the historycal point of view exactly the same incident happened to the Al jazeera sat tv network website, where a hacker managed to trick the registrar to send him the domain control passwords after sending a bogus passport copy during the ID verification process, subsequently changing Al Jazeera's DNS pointing to a different server.

0 comments

January 23, 2007

Zone-H GOT DEFACED Again!!!

Oh man! This is headline! The well known IT security resource on the planet is not well secured?
Well, zone-h have been dafeced several times. Dec. 21 or Dec. 22 of last year was the most recent.
And now, the latest! It has music... It's everywhere on it's directory.
hahaha!!!
www.zone-h.org are very pissed right now!
I guess zone-h can now add their website to their archive.

0 comments

December 29, 2006

Oh Sarah...

I don't know what this website is for. But this site is reported hacked.
Now the accessibility to this site is filtered. wahaahaha... Think again.

It's is running too much services leaving it vulnerable to attacks and exploit.

0 comments

Subscribe to: Posts (Atom)