Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label TeamHav0k. Show all posts

NASA, Sega, verizon, Cisco, Discovery sites vulnerable to XSS ~TeamHav0k

TeamHav0k, a well known hacker group who interested in finding XSS vulnerabilities in University sites, this time come with xss vulnerabilities in high profile sites.

They exposed Cross site scripting vulnerability in NASA, Sega, verizon, adidas and Discovery website.  The Cisco site is vulnerable to Redirection vulnerability. Hacker claimed that they got bored so they searched for XSS.

Also ,hackers claimed that the XSS security flaws present on those websites can be used to malicious activity such as cookie stealing, XSS tunneling.

Yesterday, they discovered XSS vulnerabilities in AOL and ask.com.  It seems that they move the target from university to high profile sites.

AOL and ASK.com vulnerable to XSS attack , found by TeamHav0k

Hacker group "TeamHav0k" discovered Cross site scripting vulnerabilities in two High profile websites; Two XSS vulnerabilities found in AOL.COM and 1 vulnerability in Ask.com.

AOL is best known for its online software suite, also called AOL, that allowed customers to access the world's largest "walled garden" online community and eventually reach out to the Internet as a whole.

Ask.com is the #1 question answering service that delivers the best answers from the web and real people - all in one place. The map application of Ask.com is vulnerable to Xss attack.

"Well i just got bored and decided to find a few more XSS for ya guys :)"TeamHav0k Member said in the pastebin release.

Poc:

http://shopping.aol.com/articles/search/?q=XSSTest--></script><script>alert(1)</script>
http://www.aol.com/?icid=aolcomlogorefresh5&dlact=XSSTest</script><script>alert("1")</script>

http://www.ask.com/maps?qsrc=2930&sa="><script>alert(String.fromCharCode(34,69,114,114,111,114,34))</script>&fa="><script>alert(String.fromCharCode(34,69,114,114,111,114,34))</script>290+Atlanta,+GA

In the past, TeamHav0k joined with Zer0Lulz team and discovered xss vulnerabilities in lot of Educational institute websites.

Zer0Lulz & TeamHav0k discovered XSS vulnerability in Top 10 Universities: #OPBig10

The well known Grey hat hacker groups Zer0Lulz and TeamHav0k joined and launched an operation called "#OP Big10".  Big10P was an operation to make colleges and universities aware that even the best colleges in the world are still insecure.

As part of the operation, they identified Cross site scripting(XSS) Vulnerabilities in Ten popular university websites.   The university Northwestern uinv ,Purdue univ,University of Illinois,University of Michigan,Penn State,University of Minnesota,University of Wisconsin,Ohio State ,University of Iowa and Indiana University are vulnerable to XSS attack.

Hackers listed some university website as High risk websites, those sites can be used to steal cookies from users.They also provide a proof of concept(POC) in pastebin release.

TeamHav0k found XSS vulnerability in DcShoes, SpikeTV, Adidas shoes, 2 UK & 1 brazilian govt. site

TeamHav0k yet again discovered XSS vulnerability in high profile sites, this time in the sites of DcShoes, SpikeTV, Adidas shoes, two UK government sites and a brazilian government site.
"...the "aaib.gov.uk" can be utilized for cookie stealing, claiming slaves for your XSS Tunnel or XSSF among other nasty things that can be done if you have the knowledge to properly utilize XSS that is." Hacker said in pastebin release.

Poc:

http://www.brighton-hove.gov.uk/index.cfm?fuseaction="><img src=1 onerror=alert("1");>

http://www.aaib.gov.uk/publications/index.cfm
input into "Keywords": "><img src=1 onerror=alert("1");>

http://to.gov.br/busca/"><img src=1 onerror=alert("1");>

http://www.spike.com/search/?term="><script>alert(String.fromCharCode(34, 69, 114, 114, 111, 114, 34))</script>

http://www.shopadidas.com/product/mens-training-revolution-iii-pants/U5020?cid=P57126&search=HIII"><script>alert(String.fromCharCode(34, 69, 114, 114, 111, 114, 34))</script>

http://www.dcshoes.com/us/en/content/search?SearchText=HIII"><script>alert(String.fromCharCode(34, 69, 114, 114, 111, 114, 34))</script>

They have also previously found XSS vulnerabilities in DoD.mil, army.mil, ftc.gov and many many more.

Sony.net redirection vulnerability can result in phishing attack


A Hacker Echelon,TeamHav0k has found a redirection vulnerability in sony official website(sony.net). The vulnerability on sony site can be used for social engineering attacks.

Vulnerable link: 
http://www.sony.net/cgi-bin/nph-GO.cgi?url=http://targetsite

By changing the target site URL, an attacker can redirect the innocent users to malicious/phishing websites.

"This vulnerability is a critical one because an attacker could have it redirect to a ripped sony phishing site and personal info will be easily obtained." Hacker said.

Also , they have discovered XSS vulnerability in Sub domain of NASA website. The search box in the spaceplace.nasa.gov found to be vulnerable to XSS attack.

"This was found last week, a hacker by the name of "FastFive" requested the help of one of the TeamHav0k Members in figuring out if this subdomain of NASA was vulnerable to XSS or not, so with a little magic from the teams bag of XSS tricks he pulled it off finding yet another XSS in NASA" The TeamHav0k Spokesman said.

POC:
http://spaceplace.nasa.gov/search/?q=";alert("XSS");"

Team Hav0k found SQLi vulnerability in government sites : #OP RETURN

After a team member found SQLi vulnerabilities in .gov's and .edu's last year and didn't exploit them, they went back in a op they are calling RETURN to this time go back and exploit them. It turned out that the .edu's patched up the vulns but the .gov's didn't do so.

TeamHav0k managed to dump the DataBases of
  • jigawastate.gov.ng
  • ojj.la.gov
  • multan.gov.pk
  • pdma.gov.pk
  • gjtmap.gov.pk

Pastebin Link:
http://pastebin.com/WwukETJ7

The pastebin contains a download like to uppit.com of the .txt file that contains the Databases, aswell as 2 XSS's (not part of the op) on songfacts and cnet.com, the .txt that contains the DB dumps of the OP and the XSS's has a short statement about it from one of the team members.

Submitted by: TeamHav0k Spokesman

TeamHav0k exposed the Vulnerability in Gov and .edu sites : #OP XSS 2.0

The Hacker group TeamHav0k who found XSS vulnerabilities in high profile sites(EA, imageshack, NYTimes,..), initiated the operation called #OPXSS2.0. Apart from high profile sites, they focused on Government(.Gov) and education institute(.edu) websites in this operation.

Hackers managed to find the Reflected XSS Vulnerability in the following Government sites:  Official web site of the State of Rhode Island, OurDocuments.gov, Library of Congress,Virginia Employment Commission, Feds Hire Vets and The Nation's Report Card.

Also they found xss vulnerability in education sites:Rochester Institute of Technology(RIT),Arizona State University(ASU),Polytechnic Institute of New York University,Michigan State University(MSU),Aurora University, Berkeley University , DeVry University ,University of Hawaii System .
In addition to education and govt sites ,they also discovered vulnerability in some high profile sites.  Hackers revealed the vulnerability in the free web hosting rating site "free-webhosts.com" and Turner Broadcasting Systems (TBS).

The proof of concept and vulnerable link can be found the in the pastebin release: http://pastebin.com/yCH4x44J