Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label ThEhAcKeR12. Show all posts

Indian Stock Market site "bullshouse.com" hacked by @DestructiveSec


Today A Hacker group named as "DestructiveSec" hacked the Indian Stock Market site www.bullshouse.com and defaced the main site.  They also leaked the database in pastebin in three parts.

After some time, the website recovered by admin and bring the site back to online. What interesting thing, again the website is hacked by DestructiveSec itself(within 10 hours).

The admin bring the site back to online without fixing the vulnerability. It seem that the admin is not aware about the hacking attacks.

He left a message in defacement page:
Alright now ur just amusing me :D , Hacked AGAIN this is Defacement #2! What kind of Admin are you, Allowing me to senslessly delete ur data over and over =D


Database Leak:
http://pastebin.com/36NYqHje
http://pastebin.com/49qV1JB1
http://pastebin.com/cLUBx2yP
The leak contains username,encrypted password and their email id.


The website is hacked in july 2011 by the  thehacker12 and he leaked the part of the database in pastebin(it is still there):
http://pastebin.com/KW57b4Wn
(This leak contains password in plain text format instead.

Wikipedia Vulnerable to Xss(cross site Scripting)



Wikipedia, the worlds largest 'biased'information portal is vulnerable to XSS or Cross Site Scripting attack,discovered by @ThEhAcKeR12


Vulnerability Information:
  • Type: XSS
  • Vulnerable link: http://en.wikipedia.org/w/index.php?search=%27%20onmouseover%3dprompt%28952154%29%20bad%3d%27&title=Special:Search&useformat=mobile
  • Status: Fixed
  • Author: @ThEhAcKeR12
  • pastebin link 

    What is XSS or Cross Site Scripting ?- Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable link to fool a user in order to gather data from them. A Hacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.

      2000+ VIP's Email Accounts leaked by @ThEhAcKeR12

      A hacker known as ThEhAcKeR12 hacked allianceforbiz.com (A company managing events)and leaked the username, email and passwords(plain text). It includes the users from US Millitary, Governments & Corporate giants.

      The Partial Leak can be found in :http://pastebin.com/gh6fuRrV

      The full Leak is available at:http://www.mediafire.com/?5univ5uggsi7nyn

      Time wasters guide Database Leaked by ThEhAcKeR12

      @ThEhAcKeR12 hacked Time Wasters Guide Website(www.timewastersguide.com) and leaked the database in pastebin.  Time waster guide is known for game reviews, strategy guides, long-winded editorials, and the occasional game blog.

      The database contains 6500 emails and Encrypted passwords.

      Pastebin Leaked:
      http://pastebin.com/fYdHt3ni

      Script World Forum Databased Leaked in Pastebin by ThEhAcKeR12

      ThEhAcKeR12 hacked the Scriptworld(http://www.scriptworld.de) forum and dumped the database in Pastebin.  ScriptWorld.de is known for Scripting and Security forum.

      ThEhAcKeR12 leaked the two separate table . One for  Script users and another one is for Webmaster user. It has above 200 username(email) with passwords. 

      Here is the Pastebin Leak:
      http://pastebin.com/u4xfVwxW