Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Godzilla hacker. Show all posts

NSA Server vulnerable to SMTP Spoofing, can be used for Social Engineering


An Indian hacker known as "Godzilla" has identified a vulnerability in the NSA website that allows an attacker to send fake emails from NSA's SMTP server.

NSA's SMTP server allows anyone to use the service without verifying the IP address and password.  The most interesting part is that it allows you to use any email address(for eg: admin@nsa.gov).

This vulnerability can be exploited by an attacker for launching a Spear phishing attack. An attacker can send email to anyone inside the organization(for eg to: admin2@nsa.gov).  As it is using the NSA SMTP server, it is need not to worry about firewalls.

In a screenshot provided to EHN, the hacker used the email id of the NSA Director "Gen Keith B Alexander"(KeithAlexander@nsa.gov) to send email to another email id.

"sending a mail with a link attach to it. That can be a bot link. Everyone will receive the mail with .nsa.gov domain as the mail is shooted from the same network." The hacker said.

"The mail will be send with the name of Director as no one will dare to skip the mail and have to read it. After opening the mail the attacking vector will get active. After this the ball will be in the attackers court."

"SMTP is a dangerous protocol and if you dont know how to secure it, its better you shut it down."

"Stupid NSA you are lucky its 31st December and we are not in a mood to shoot are malwares in your server." Hacker said.

Pakistan goverment site again hacked via SQL Injection vulnerability


Indian hacker Godzilla has once again hacked a very important Pakistani site  www.pakistan.gov.pk .

He took down lots of Pakistani sites just a few days ago. http://www.ehackingnews.com/2013/03/indian-hacker-godzilla-leaked-pakistan.html

Then he told the reason behind the attacks that "Pakistan is a country which is currently supporting terrorist activities through ISI, and if they regret Pakistan army and Ministry of Defense mail server backups are enough to proof how closely the are related to terrorism. Pakistan stop these activities before its too late."

The attack seems to be done via SQL injection.





He finally noted that "No matter how hard you try we will get inside in no time." 

Speaking to EHN the hacker said "Admins and Governments takes website security lightly thinking that they are hosted outside  gets treated through your inside network. Thats enough to get inside your network"

Indian Hacker Godzilla leaked Pakistan Government website's Database details


We reported yesterday that the Pakistani Government websites suffers cyber attack from the Indian Hacker 'Godzilla' aka G.O.D , today he has completed the cyber attack against the Pakistan.

He has managed to compromise details from the databases of Pakistan government websites and leaked earlier today in a paste (pastebin.com/ZWdxE8CW)

The hacker found there are three admins is managing the whole stuff of important Pakistan Cyberspace and common database structure is used for all the websites. He also mentioned that all websites are vulnerable to SQL injection.

In the dump, the hacker leaked the database information such as username, password(plain-text format), database name, table name and other details.

After analyzing the dump, we found the same password is being used for all database and is very weak password.   

"I must say without you it would have been difficult for us to penetrate into the system and your common password "111111" was like a magical stick for us." Hacker criticized the admin for their poor password.

"Pakistan is a country which is currently supporting terrorist activities through ISI, and if they regret Pakistan army and Ministry of Defense mail server backups are enough to proof how closely the are related to terrorism. Pakistan stop these activities before its too late." Hacker noted.

Pakistani Government under cyber attack from hacker 'Godzilla'



It is third day since the Indian hacker "Godzilla" took control of the Proxy used by Pakistan Government websites, Pakistan temporarily lost access to their proxy network.

Today, the hacker claimed to have got access of the back up server and found the back up server is also saved in the same network. 

He also found that the pakistan.gov.pk is not running but just pretending that they are up.

"One thing is true Pakistan is good at pretending like nothing happened, let it be a cyber attack or a TERRORIST attack. " The hacker said.

We have also checked the Pakistan.gov.pk website by clicking the login button, it just redirects to an IP address(202.83.164.27/wps/portal) that was used by Pakistan government when they didn't have proxy system.

The IP address is down now because the govt have made it down long time when they shifted to proxy network.

Hacker also said he is extracting the data from the Database.  Once he finished the extracted the data, he will take down the rest of IPs .

*Update*:
Pakistan Datatbase dumped :
http://www.ehackingnews.com/2013/03/indian-hacker-godzilla-leaked-pakistan.html

All Pakistani Ministry & other Pakistani government sites hacked by Indian hacker


After hacking the main Pakistani government and Army site,  the Indian hacker "Godzilla" today notified EHN about another cyber attack against the Pakistani Government websites.

Yesterday, the hacker hacked the Pakistani main government website(pakistanarmy.gov.pk) by exploiting the proxy-misconfiguration vulnerability.  Today he managed to hack more Pakistani website by gaining access to the Internal Networks.

"proxy was configured in such a way that the local ip 192.168.70.103 was running through that proxy" The hacker told EHN.  "It is a local ip switched through the proxy"

"Pakistan Government Switches under control. Pakistan admins please dont disturb us when we are working. Your official website www.pakistan.gov.pk will be up as soon as we finish are work." The hacker said.

"You tried to use proxy for your security and we used the same proxy to crush you."

"IBM SERVER AND Layer 2-3 Gigabit Ethernet Switch Module for IBM eServer BladeCenter and 22 local machines were used to build the proxy and secure the digital cyber space of Pakistan. which is owned badly."

List of hacked sites:

Ministry of Information Technology of Pakistan
www.moitt.gov.pk

Ministry of Railways of Pakistan
www.railways.gov.pk

Ministry of Economic Affairs & Statistics of Pakistan
www.ead.gov.pk

Ministry of Interior of Pakistan
www.interior.gov.pk

Ministry of Inter Provincial Coordination of Pakistan
www.ipc.gov.pk

Ministry of Religious Affairs Pakistan
www.mora.gov.pk

Establishment Division of Pakistan
www.establishment.gov.pk

Ministry of Housing & Works of Pakistan
www.housing.gov.pk

Ministry of Science and Technology of Pakistan
www.mosp.gov.pk

Planning Commission of Pakistan
www.planningcommission.gov.pk

Ministry of Minorites Affair of Pakistan
www.minorities.gov.pk

Local Government Division of Pakistan
www.lgrd.gov.pk

Ministry of Environment of Pakistan
www.moenv.gov.pk

*Update 1:
 Pakistani Government under heavy cyber attack from hacker 'Godzilla' 
http://www.ehackingnews.com/2013/03/pakistani-government-under-cyber-attack.html

*Update 2:
 Indian Hacker Godzilla leaked Pakistan Government website's Database details
http://www.ehackingnews.com/2013/03/indian-hacker-godzilla-leaked-pakistan.html