Early this morning kalinga province website defaced by manila pride urging netizens to join Million Mask March On November 5, 2013
kalingaprovince.com/index.htm
Can you Join Million Mask March?
Critical vulnerability in Twitter allows attacker to upload Unrestricted Files
Unrestricted File upload vulnerability. Such flaws allow an attacker to upload and execute arbitrary code on the target system
which could result in execution of arbitrary HTML and script code or system compromise.
According to Ebrahim, when a developer creates a new application for Twitter i.e. dev.twitter.com - they have an option to
upload an image for that application.
While uploading the image, the Twitter server will check for the uploaded files to accept certain image extensions only, like
PNG, JPG and other extensions won’t get uploaded.
But in a Video Proof of Concept he demonstrated that, a vulnerability allowed him to bypass this security validation and an
attacker can successfully upload .htaccess and .PHP files to twimg.com server.
Twimg.com is working as a CDN (content delivery network) which mean that every time attacker will upload a file, it will be
hosted on a different server or subdomain of twimg.com.
In CDN's usually scripting engines are not allowed to run. So, in normal scenarios a successful Exploitation of uploading
htaccess & PHP files to a server that supports the PHP i.e. Remote Code Execution on that server.
But in the case of Twitter:
Vulnerability could be used to make twimg.com as a Botnet Command server by hosting a text file with commands,
so infected machines would connect to that file to take its commands. Since twimg.com is a trusted domain by
users so it won’t grab the attention.
For hosting of malicious files.
At least it could be used to upload a text page with a defacement content and then add the infected sub-domains
of twimg.com as a mirror to Zone-h.org which would affect the reputation of Twitter.
Twitter recognized the criticality of the Unrestricted File Upload Vulnerability and added Hegazy
name to their Hall of Fame . I
personally reached Ebrahim Hegazy that revealed me that he has also found an Open redirection Vulnerability in Twitter on
15th Sept. that has also been fixed.
I conclude with a personal consideration, it's shame Twitter hasn't a bounty program, in my opinion is fundamental to
incentive hackers to ethical disclosure of the bug. An attack against a social media could have serious repercussion on the
users and on the reputation of the platform, if hackers sell the knowledge of the flaw on the black market a growing number of
cyber criminals could benefit from it.
Source : THN
Gloria.gov.ph defaced
Hackers from Magdalo Cyber Army defaces the official website of Gloria municipality ( www.gloria.gov.ph ) for the second time since last month.
Telling netizens to help the earthquake victims in bohol.
MCA added Clifford trigo's info for those who want's to help.
Telling netizens to help the earthquake victims in bohol.
MCA added Clifford trigo's info for those who want's to help.
Techzone-ph defaced!
Techzone-ph at new community forum was hacked by "zyber" from strawhat pirates crew. (Techzone-ph.com)
Base on the defaced page zyber want's to tell the administrator to secure their website.
Base on the defaced page zyber want's to tell the administrator to secure their website.
Bacoor Website Hacked!
Bacoor website was hacked and defaced by "invectus" of "madleets"
As shown on this picture the login page of bacoor was defaced by invectus.
We were trying to contact invectus for his statement.
As shown on this picture the login page of bacoor was defaced by invectus.
We were trying to contact invectus for his statement.
Purefoods & Magnolia Ice Cream Website Defaced
Purefoods.ph and magnoliaicecream.com.ph website hacked and defaced by "invictus" of "Phantom Hackers.PH"
According to invictus He Defaced it for "Security Purpose"
Here's a screenshot of the defaced website
According to invictus He Defaced it for "Security Purpose"
Here's a screenshot of the defaced website
Garena Portal Defaced
"Garena portal was hacked and defaced yesterday by unknown hacker (portal.garena.ph)"
Here's the screenshot of the defaced site yesterday
Now Garena portal website was working properly.
Here's the screenshot of the defaced site yesterday
Now Garena portal website was working properly.