Raise Your Voice hacks most government sites

Raficoo · 2012-04-16T23:36:53+00:00

what they pasted http://pastebin.com/G7Dz01Dc http://www.presidencyinfo.gov.lb http://www.isc.gov.lb http://www.nna-leb.gov.lb http://www.omspa.gov.lb http:...

babum

or they could have spotted a small flaw in the website and exploited it? It does happen, once a venezuelan guy hacked into the US defense department server by exploiting a flaw on the website.

Either way just as Rahmu posted, it is completely meaningless.

mezin

rtp wrote
mezin wrote
rtp wrotethe now famous anonymous mask actually belong to Guy Fawkes, it now represents rebellion against the government...
It actually belongs to warner bros and it represents consumerism at its finest
so true, I was pointing out the real person behind the mask. Not sure how warner bros became entitled to that...

it's their design of the mask (from the movie) that's famous and is being used in protests, so every time the mask is used warner bros is collecting royalties

454447415244

We at Sync found the hackers from the first date of attack and we coordinated and still coordinating with colonel Elie Bitar the head of the office of cybercrime and intellectual property to reveal the full information about the hack. We went today and yesterday to major hosting providers and ISPs doing foreinsics analysis on some servers. The investigation is still an ongoing process.
Note that we have signed a maintenance contract with the ministry of tourism concerning the nna-leb.gov.lb website few days before the hack. So we had to recover the website, do a foreinsics analysis on the server and point to the sources of the attack. That's all I can say and we're not trying to get some spotlight, our team is very professional (we already hacked big names, like facebook...).

Anyway...

eurybaric

I was thinking that sync, or whatever were trying to get some spotlight and stuff.. but now that i know that eddy aka 454447415244 is on the team i very doubt that it's lies...

But then again... Eddy... why would you do such a thing? i mean.. i know we all try as hard as we can to get some cash in lebanon - for the lack of it - but this would be something i wouldn't have put my expertise in ( not that i have any in hacking...).

But then again... That's just me, and there's a million reasons why you (or anyone else) wouldn't do what i would..

Anyhow, cheers!

samer

@someone: stop trolling. If you doubt Edgard's technical abilities, have a debate. Don't resort to ad hominem, and please don't hijack the thread.

454447415244

@eurybaric, I didn't get you. Why would you refuse an offer from the government? Note again that the hack hapened few days after we signed the contract with the ministry. If the hack hapened before we signed the contract, me myself (maybe also Sync) wouldn't go on with this.

I just want to mention that we started the investigations alone and knew the sources behind the attacks on NNA server. However, we're not the only ones investigating now, there is one person (not from Sync), who was (and still) investigating with us yesterday at some ISPs data centers. This guy should also be given credit for his effort but I don't want to mention his name without his permission.

Websites were spread among different servers where each one has a different story. I will let you know how these guys managed to hack each of these websites once the Investigations are over. But all I can say now is that they couldn't have been smarter.

MrClass

I hope they hack these sites again; wanted to show our students a sample of a hacked website during my presentation about Malwares and Site Infiltration (wanted to show them the site with the funny black screen with the light booming mouse cursor, but it was fixed; that was a cool effect :P )

Padre

I still can't see how they can get traced back...if they are as smart as you say they are. I dunno, still can't imagine them using a single bounce :/
Once your report is done, would love to see where they fucked up, and what are today's kids about.

nuclearcat

Oh please, i don't know what is voiced here about "security" and "professional team", but:

(ip of nna-leb.gov.lb)
probe ~ # telnet 212.28.240.91 3389
Trying 212.28.240.91...
Connected to 212.28.240.91.
Escape character is '^]'.

http://secunia.com/advisories/48395/

I will not be surprised, if it will be hacked again, and the only you will find, some kid. Windows with all ports opened for the world...

And sorry to say, i am very sarcastic, when lebanese person say "i am professional".

scorz

As I mentioned in a thread before, it's a shame to call those kids 'hackers' or pro...
Honestly, I still can't understand why would someone break into some machines and let everybody knows.
And I'd like to add my voice to Padre's, we would like to see some logs!

m0ei

hahahahaha @ibxoful

As Padre said "I still can't see how they can get traced back". By getting their IPs from the server logs, your not tracing anything.

For god sake, THEY ARE NOT STUPID AS YOU THINK @454447415244. Imagine they were using their neighbors WIFI, they are on a VPN and they're using a proxy on their browser. They might be using an RDP also. Can you simply tell me know how the fuck are you going to find out their identities ?

As I said, I insist and I will repeat this is just a game that this guy is playing. He is trying to get some attention for his company.

You're saying

454447415244 wroteand knew the sources behind the attacks on NNA server.
But all I can say now is that they couldn't have been smarter.

This means that "you" are the smartest and smarter than them because you were able to find out.

Even if this game ends up to be true, please and please DO NOT SAY THEY ARE SMART THEN. If "they" are actually smart as you say they are, I'm 10000000% sure you won't even find any clue to solve the mystery Mr. Sherlock Holmes.

Finally, if you did find out then simply I can conclude THAT THESE SO CALLED HACKERS ARE SOME FREAKING KIDS PLAYING AROUND WITH METASPLOIT AND NMAP OR ANY OTHER TOOLS.

The End!

454447415244

nuclearcat wroteOh please, i don't know what is voiced here about "security" and "professional team", but:

(ip of nna-leb.gov.lb)
probe ~ # telnet 212.28.240.91 3389
Trying 212.28.240.91...
Connected to 212.28.240.91.
Escape character is '^]'.

http://secunia.com/advisories/48395/

I will not be surprised, if it will be hacked again, and the only you will find, some kid. Windows with all ports opened for the world...

And sorry to say, i am very sarcastic, when lebanese person say "i am professional".

Yes, this is RDP and we know about it. This service is essential for NNA news (don't ask me why).
We are not the team who configured this server and we are not the ones who coded the web application. And I just mentioned before that we signed the contract with the ministry few days ago.
Just for the record, all NNA infrastructure will be changed soon ;) Comeback later and show me how you hack it like a boss :)
Too bad, we're Lebanese and proud.

454447415244

m0ei wrotehahahahaha @ibxoful

As Padre said "I still can't see how they can get traced back". By getting their IPs from the server logs, your not tracing anything.

For god sake, THEY ARE NOT STUPID AS YOU THINK @454447415244. Imagine they were using their neighbors WIFI, they are on a VPN and they're using a proxy on their browser. They might be using an RDP also. Can you simply tell me know how the fuck are you going to find out their identities ?

As I said, I insist and I will repeat this is just a game that this guy is playing. He is trying to get some attention for his company.

You're saying
454447415244 wroteand knew the sources behind the attacks on NNA server.
But all I can say now is that they couldn't have been smarter.
This means that "you" are the smartest and smarter than them because you were able to find out.

Even if this game ends up to be true, please and please DO NOT SAY THEY ARE SMART THEN. If "they" are actually smart as you say they are, I'm 10000000% sure you won't even find any clue to solve the mystery Mr. Sherlock Holmes.

Finally, if you did find out then simply I can conclude THAT THESE SO CALLED HACKERS ARE SOME FREAKING KIDS PLAYING AROUND WITH METASPLOIT AND NMAP OR ANY OTHER TOOLS.

The End!

You are putting lots of assumptions while you don't have any information of what's really going on the servers. I didn't say they're stupid. I said that they could have been smarter than this (I wrote couldn't instead of could; typo error) and I know what I mean ;) Calm down dude, I don't want to imagine. I'll leave the imagination for you. Why are you guys so offensive? Do you have any relation with the hackers?

Stop posting stupid things. Stop taking assumptions on what's going on and what the hackers did because you don't know a shit of what's going on (unless you are one of them, and you might be a suspect => YOU WILL BE INTERROGATED!). Stop this flame war! I don't know why you all start to be aggressive once you hear about a company revealing identities behind hack attacks.

samer

@m0ei: it is quite possible that you things you said are true. Why would you formulate them like that? Once you started accusing the guy without any proof, you got discredited. The assumptions you have made should have formulated more diplomatically.

This is turning into a flamewar. There is no point to continue this until Edgard closes down his report. We will be able to critique his work (favorably or otherwise) once the advisory is released.

@454447415244: please contact me when the work is done, so that I can open this topic again.

samer

I re-opened the topic as there have been new developments.

nuclearcat

3rd time in row hacked.
www.nna-leb.gov.lb hacked too, and www.isf.gov.lb too.

Uploaded with ImageShack.us

Probably time to get service from company where i work to have secure websites, hehe.

nuclearcat

I bet $5000, that i can secure 5 of those websites in 24 hour :)
And they wont be hacked again.

Padre

As much as I don't like defaces, this is starting to become interesting to watch.
I think it's time someone sends nuc his overdue contract :P

ballad

nuclearcat wroteI bet $5000, that i can secure 5 of those websites in 24 hour :)
And they wont be hacked again.

it's secured now in a couple of hours
that's the gov't power

454447415244

@nuclearcat, stop showing how 1337 you and your company are. I can r00t any website YOU "secure"! The company you work for has a well known history in security breaches... :) The thing is that some of the websites are left as they are for a reason and I know what I'm talking about. I know every single file that is being uploaded on any of the servers that host the websites that are currently under attack. We are still coordinating with colonel Elie Bitar (Note that we're not responsible for catching the bad guys, it's the colonel responsibility and we're providing him with enough information to do the job). It is not about securing 5 or x of these websites. If I give my 4 years old little brother the information I know he can surely hack all the websites on these servers and not just the government websites. eg, my little brother could take down http://www.idm.net.lb/ if he wants to... There is no secure hosting in Lebanon and many people know this. Now don't be surprised if some of these websites get hacked again. They could be hacked at any time (the tools are there and could be used by anyone who knows about them, until someone decides to take them off and clean the place...)

« Previous Page Next Page »