Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label r00tw0rm. Show all posts

r00tw0rm hack and leaked United Nations Environment Programme database


A Hackers group known as r00tw0rm hacked into the website belong to United Nations Environment Programme and leaked 82.8MB database.  The leaked database is uploaded in different file hosting service including rapdishare, depositfiles.

r00tw0rm announced the attack and post a link to leak in twitter account. The leak contains 5 databases and 100's of tables with admin logins and users data.

At the time of writing this article, the unep.org website is down and displays a "Service Unavailable" message.

Pastebin leak:
http://pastebin.com/pXXNv2rH

NASA and US Census Bureau Hacked by r00tW0rm and inj3ct0r


Hackers from r00tW0rm and inj3ct0r hacked into the websites belong to NASA and US census Bureau using the SQL Injection vulnerability.

Hackers exploited the SQL Injection vulnerability in one of sub domain of NASA(nasa.gov) and obtained a 6GB data from the database.  The obtained data contains the information such as usernames, email id, passwords and other data.

"Complete Database is in GB's, well we aren't leaking it. We may Keep all parts in our private home! Yet only little bit dump or few columns data is released just to inform NASA that being National Aeronautics and Space Administration you must also keep your Servers up to date! 'F*** your security team, what are they being paid for ?' " Hackers said.

They notified about the vulnerability to NASA but there is no response from their side.

Hackers also obtained the data from the US Census Bureau database but exposed a sample of the data in pastebin, includes table name and columns.

http://pastebin.com/ug2u0DVh