10/29/2013

belgoleaks this is why cmdstud.khlim.be/ got hacked from time to time

look at the passwords in their applications

 

cert notified

Permalink | |  Print |  Facebook | | | | Pin it! |

10/28/2013

belgoleaks a direct line to the technical info of webline.be

this is the frontend

this is the backend with all necessary info

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks hackable php site KUL

cert notified wednesday

Permalink | |  Print |  Facebook | | | | Pin it! |

Belgoleaks museum Magritte has a surreal vision about helping hackers

not only are they on a very old and dangerous server

but they are publishing - instead of a 404 without any technical information

a full description of every technical detail except for the passwords but that is no problem for a real hacker

cert was informed 5 days ago

Permalink | |  Print |  Facebook | | | | Pin it! |

10/25/2013

belgoleaks internal pages intranet inami.fgov.be

cert was informed 36h ago

inami is part of e-health

in reality you could find the names of the servers and where they are placed in the infrastructure

this makes it much more easy to prepare a penetration attack

running on an older IIS server is asking for problems

Permalink | |  Print |  Facebook | | | | Pin it! |

Belgoleaks flanders innovatiefaanbesteden.be publishes all its technical serverdetails

this is a governmental website from Flanders

http://prod.innovatiefaanbesteden.be/project/test2/documents

the security of it is a bit innovative, aside from probably being on an older server

but publishing all your technical internal information is not a good idea - even if you are creative

and the most interesting technical info we didn't publish

the cert was warned wednesday

this is the reason why test and production servers aren't on the same platform or network

and why the testplatforms are best NOT public but hidden

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks : if want to give internetsolutions you should not be part of the problem

first we found by Googling the administrative password of them

than we found this

and we didn't control if the password we found was the one that we needed here

but it all seems old and time to clean up especially if you find passwords by Googling

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks : online.be why hack if the php panel is just public

this is it

cert informed

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks openminds not sure this is the way to make your servers visible

and this is the link

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks full technical fiche and passwords for tmabevents.be

this is the website

this is the detailed information to enter the website

cert informed

Permalink | |  Print |  Facebook | | | | Pin it! |

are all the snowden internal NSA documents being reviewed for global release ?

Many press reports talk about the Snowden leaks or Snowden documents but they aren't the documents from Snowden, it are OFFICIAL INTERNAL SECRET NSA documents for which Snowden was employed to control who was doing what with them (which means that somebody forgot three principles of intelligence security, the seperate containers so very few people have a global view), the need to know (so you only see what you need to know and in the case of Snowden it was the userlogs and not the data itself) and a good implementation of the 4 eyes principle for very critical functions (so somebody controls the controller or administrator if he has specfic access rights)

you have to see them as OFFICIAL INTERNAL SECRET NSA documents which were stolen from an official internal server

secondly as Greenwald is having a new job soon he is considering throwing all the documents online in one batch because for him personally there is no need and no time anymore to milk them one by one. He is speaking with the Washington Post and The Guardian and experts which kind of information and documents could be liberated in one 'batch' and which should be reviewed and which could in no case be published without putting the lives of agents and people in danger.

thirdly Greenwald and the owners of the publications will also want some advice to know if they could be prosecured if these documents were published in full - instead of a very small number incomplete documents.

there is a momentum building and there is the feeling that with one big batch of documents drastic changes could be inevitable for the NSA and the intelligencegathering by the USA because the economic, diplomatic and political relationships with a list of countries could be endangered for some time to come if some operations and interceptions aren't stopped now or are to be transferred to something that has more oversight and is build upon cooperation and exchange of information.

we are talking about 20.000 to 30.000 documents

it will not be possible to go over them one by one so if there is to be a publication it will be a whole bunch of them with several mistakes

for the security of the 'innocent bystanders' the USA should at least have a prewarning of a few days before you liberate all those documents (even if the US is already doing so - which means that the talks between Greenwald and the others are very real)

Permalink | |  Print |  Facebook | | | | Pin it! |

10/24/2013

belgoleaks volksgezondheid is running on a very old Oracle application server

this is the resulit means that the server in the states would not be FIPS ready it would not be acceptable as a platform for an volksgezondheid platform 

Federal Information Processing Standards (FIPS) are publicly announced standardizations developed by the United States federal government for use in computer systems[1] by all non-military government agencies and by government contractors, when properly invoked and tailored on a contract. Many FIPS pronouncements are modified versions of standards used in the technical communities, such as the American National Standards Institute (ANSI), the Institute of Electrical and Electronics Engineers (IEEE), and the International Organization for Standardization (ISO). The purpose of FIPS is to ensure that all federal government and agencies adhere to the same guidelines regarding security and communication.
http://en.wikipedia.org/wiki/Federal_Information_Processi...

the reason is that if we type the version of the server in the exploit database there are two pages with exploits that are possible, which means that there is an enormous lot of work keeping the server secure, money that should be invested in upgrading and keeping current

http://www.cvedetails.com/vulnerability-list/vendor_id-93/product_id-707/version_id-26592/Oracle-Application-Server-10.1.2.0.2.html

and more recent one can be found here http://www.cvedetails.com/vulnerability-list/vendor_id-93/product_id-707/cvssscoremin-5/cvssscoremax-5.99/Oracle-Application-Server.html

and even if you don't upgrade to Oracle 11 even than there seems - I could be wrong - to be a new version

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks how to get a password for our volksgezondheid

the most stupid trick because one of the most stupid methods for very important sites

one billion stolen passwords were collected the last two years of which many of emailaddresses

we have sent the last days lists with logins to the cert.be new ones

the idea we got from a document online  http://www.health.belgium.be/internet2Prd/groups/public/@public/@dg4/@foodsafety/documents/ie2divers/19083635_en.pdf

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks is this an open or not configured Oracle server at volksgezondheid

I hate to see such things at such important portals

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks do you want to see a test or dev version of volksgezondheid

this is the site

 

this is the version in the Oracle Content server for developers

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks did google bypass the logon for the administration of volksgezondheid

this is the logon page

look at the link

and now look at this link

8. Bijkomende specifieke verplichte vermeldingen overeenkomstig ...

www.health.belgium.be/internet2Prd/idcplg?IdcService...
De etiketteringsbepalingen voor voedermiddelen en mengvoeders zijn opgenomen in de artikelen 11 t.e.m. 23 van verordening (EG) nr. 767/2009 (.PDF).

not that there seems to be patient or other personal information
but it shouldn't be messy like that

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks patient-partners.be publishes its own administrative passwords online

this is the sqldump they have published on their own site with the hashed administratorpasswords more down

http://www.patient-partners.be/ppp.sql

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks : volksgezondheid certificate still supports broken RC4

we shouldn't use it point final

Start warning our users about RC4 weaknesses. RC4 is demonstrably broken and unsafe to use in TLS as currently implemented. The difficulty is that, for public web sites that need to support a wide user base, there is practically nothing 100% secure they can use to replace RC4. We now have no choice but to accept that, no matter what settings we use, some segment of the user base will be at risk.
https://community.qualys.com/blogs/securitylabs/2013/03/1...

the rest of the certificate is an example for many other Belgian sites, but they should take the minimal risk and desactivate it

ssllabs.com

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks : play security administrator at the site of volksgezondheid

we have no idea what it is but we have to stay in the strict interpretation of the law and even if we would click next we could be doing some thing illegal or that could be interpreted like that in some harassment complaint just to make me shut up

so we didn't click on anything

but it looks scary and stupid... for ehealth

and it will attract attention from people who don't care about our law and ehealth

but we continued with the fun and googled some tricks

and than we arrived at googledork site:http://www.health.belgium.be/internet2Prd/groups/ -filetype:pdf  admin

and that gave us the following link

http://www.health.belgium.be/internet2Prd/groups/public/@public/documents/ie2templates/180014~35.hcsp

now it looks chinese to me but there is a lot of code and information in it even if this picture is only part

and you can ask yourself what else can be found that shouldn't be there

the less technical information you are giving away, the better

Permalink | |  Print |  Facebook | | | | Pin it! |

belgoleaks instead of hacking publish yourself the info about your adminstrators

why don't you publish all the details about the administrators of your site online

just to make it easy

http://77.241.93.48/webroot/dichtbijhuisgidsen/sources/Administrators.sql

Permalink | |  Print |  Facebook | | | | Pin it! |

1 2 3 4 5 6 Next