Backbox Linux Releases Update To Version 6.0

While I was away last month I got an interesting email/request by Backbox Linux Community Staff to release an article covering the release of their latest version; upgraded to version 6.0. Before getting into that however, for those of you whom might be unfamiliar with the product, Backbox Linux is an increasingly popular ethical hacking and penetration testing Linux distro – complete with all of the most modern tools and programs utilized by professionals working in these fields. In fact, Backbox Linux made Rogue Security Labs list of the most popular/widely used hacking-based Operating Systems earlier this year after receiving a review of it from “Al1ne3737” – formerly of “Pryzraky.

Learn More About Backbox & Other Hacking OS’s: https://roguesecuritylabs.ltd/all-about-hacking-based-operating-systems/

But, without any further adieu, here is everything you need to know about Backbox Linux‘s update to version 6.0, along with everything that’s new and where you can go to download the latest version.

About Backbox Linux

BackBox Linux is a penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It includes some of the most commonly known/used security and analysis tools, aiming for a wide spread of goals, ranging from web application analysis to network analysis, stress tests, sniffing, vulnerability assessment, computer forensic analysis, automotive and exploitation. It has been built on Ubuntu core system yet fully customized, designed to be one of the best Penetration testing and security distribution and more.

About The Update

As usual, this major release includes many updates. These include new kernel, updated tools and some structural changes with a focus on maintaining stability and compatibility with Ubuntu 18.04 LTS.

What’s New:

  • Updated Linux Kernel 4.18
  • Updated desktop environment
  • Updated hacking tools
  • Updated ISO Hybrid with UEFI support

System Requirements:

  • 32-bit or 64-bit processor
  • 1024 MB of system memory (RAM)
  • 10 GB of disk space for installation
  • Graphics card capable of 800×600 resolution
  • DVD-ROM drive or USB port (3 GB)

The ISO images for both 32bit & 64bit can be downloaded from the official web site download section.

Download Latest Version Here: https://www.backbox.org/download

Pryzraky Hackers Responsible for 39 International Hacks, Leaks & DDoS Attacks Over The Last 4 Days

Dating back to the weekend, “Pryzraky” hackers have been extremely active in a number of hacks, leaks and DDoS attacks targeting Government institutions in and around Europe, United States, United Kingdom and South America. However, while their hacks have primarily been carried out under the banners of #OpAssange, #OpEcuador and #OpUK, Pryzraky is doing as much as possible to distance themselves from the Anonymous hacker collective, whom been extremely active in publicizing these operations online.

All told, group members “Mecz1nho Markov” (@Mecz1nho), “Alne3737” (@Al1ne3737) and “PopTart” are responsible for a 39 cyber attacks over the last 4 days, including attacks targeting the Association of Police Investigators (Brasil), International Police (France), Department of Defense (USA) and National Police Association of the United Kingdom – with some attack bringing websites down for days at a time. A full list of their attacks is chronicled below.

Hacked/Leaked:

Association of Civilian Police Investigators: hxxp://sinpol-assinpol.com.br/
Faculdade Integrada Tiradentes: hxxp://fits.edu.br/
Data Download: https://anonfile.com/fem19fd4n9/PryzrakyLeaks_-_14.04.2019_zip

[Target]: hxxps://www.correosdelecuador.gob.ec/
[Database]: https://pastebin.com/raw/KQXRbqCQ

DDoS Attacks:

International Police (INTERPOL) – hxxp://interpol.int/ (Tango Down’d)
US Department of Defense (DoD) – hxxp://defense.gov/ (Tango Down’d)
UK National Police – hxxp://police.uk/ (Tango Down’d)
Supreme Court of The United Kingdom – hxxp://supremecourt.uk/ (Tango Down’d)

SQLi Injection Vulnerabilities:

hxxp://bedale-tc.gov.uk/
hxxp://www.exning-pc.gov.uk/
hxxp://www.rosstc-herefordshire.gov.uk/

.GOV
hxxp://www.wraysburyparishcouncil.gov.uk/cllr-profile.php?id=24%27
hxxp://www.localplan.charnwood.gov.uk/content/index.php?id=1%27

.CO
hxxp://www.thelexington.co.uk/event.php?id=311%27
hxxp://chatterboxvoices.co.uk/profile.php?id=351%27
hxxp://www.mexicolore.co.uk/can.php?id=1%27
hxxp://fieh.co.uk/index.php?Id=51%27
hxxp://www.facetpublishing.co.uk/title.php?id=301829%27#.XLPCxuhKjIU
hxxps://www.ileswastesystems.co.uk/index.php?id=1%27
hxxp://www.mcstone.co.uk/kitchens.php?id=11%27
hxxp://www.elmslie.co.uk/project.php?id=61%27
hxxp://www.sequoia.co.uk/news.php?id=134%27
hxxp://www.mwnuk.co.uk/resourcesDetail.php?id=97%27
hxxp://www.windowfrance.co.uk/about_infos.php?id=1%27
hxxp://emjplastics.co.uk/project.php?id=14%27
hxxp://dementiabuddy.co.uk/event.php?id=162%27
hxxps://www.fusionworcs.co.uk/news/article.php?id=579%27
hxxps://www.nottspeed.co.uk/news_item.php?ID=243%27
hxxp://www.falkirklocalhistorysociety.co.uk/home/index.php?id=124%27
hxxps://www.trinitycollege.com/news/viewarticle.php?id=502%27
hxxps://www.restons.co.uk/index.php?id=79%27

.ORG
hxxps://www.pysc.org.uk/new/article.php?id=426%27
hxxp://www.bicga.org.uk/hub.php?ID=41%27
hxxps://www.lmc.org.uk/page.php?id=17%27
hxxp://www.linksparkct.org.uk/course.php?id=47%27
hxxp://www.gracechurchgreenwich.org.uk/churchbuilder/medialib.php?id=384
hxxps://garyhall.org.uk/maths-resource.php?id=80
hxxps://www.outward.org.uk/vacancy.php?id=104%27

https://twitter.com/al1ne3737/status/1117578169496866816

#FreeAssange: Attacks Against Ecuadorian Infrastructure Carry On Into The Weekend

No photo description available.

On April 12th 2019, in what would go on to become one of my most read articles in weeks, Rogue Media Labs documented a string of ongoing cyber attacks targeting the Government of Ecuador and Ecuadorian infrastructure worldwide. However, as it would turn out, these attacks weren’t just limited to the 11th and 12th, but have instead evolved into something greater – with even larger and more pronounced attacks occurring throughout the course of the weekend. The attacks themselves are now being carried out under the banners of “Operation Ecuador” (#OpEcuador) and “Operation Assange” (#OpAssange), with promises to continue the attacks well into the foreseeable future.

I’ve done my best to document most of them, but I am certain I did not catch them all. If you would like to learn more, you are invited to follow the operations hashtags on Twitter as they are featured above.

Learn More About Last Weeks Attacks: https://roguemedia.co/2019/04/12/hacktivists-team-up-to-hack-deface-leak-or-crash-39-ecuadorian-websites-within-first-24-hours-after-assanges-arrest/

https://twitter.com/AnonymousWrId/status/1116923487875207169

CYB3R C0V3N S3CURITY (@Cyb3rC0v3nSec):

Superior Educational Consultants: hxxp://caces.gob.ec/ (Tango Down’d)
Ecuadorian Consulate of Los Angels: hxxp://losangeles.consulado.gob.ec/ (Tango Down’d)
Ecuadorian Consulate of Chicago: hxxp://chicago.consulado.gob.ec/ (Tango Down’d)
Ecuadorian Embassy of Malaysia: hxxp://malasia.embajada.gob.ec/ (Tango Down’d)
Ecuadorian Consulate of Houston: hxxp://houston.consulado.gob.ec/ (Tango Downd)
Ecuadorian Embassy of Venezuela: hxxp://venezuela.embajada.gob.ec/ (Tango Down’d)

Iznaye Cyber Team (@Iznaye):

Secretary of Environment: hxxp://www.quitoambiente.gob.ec/ (Tango Down’d)
Ecuadorian Council of The Judiciary: hxxp://www.funcionjudicial.gob.ec/ (Tango Down’d)
Municipal GAD of Latacunga: hxxp://latacunga.gob.ec/ (Tango Down’d)
Colegio Jimirwin: hxxp://colegiojimirwin.edu.ec/ (Hacked)
Ombudsman of Ecuador: hxxp://consulta.dpe.gob.ec/ (Hacked/Leaked)
Universidad Técnica del Norte: hxxp://eduvirtual.utn.edu.ec/ (Hacked/Leaked)

Tapi Combat Educational Unit: hxxp://www.uecombatientesdetapi.edu.ec/
Data Leak: https://ghostbin.com/paste/osohr

Fiscomisional Educational Unit of San Jose: hxxp://www.calasanz-saraguro.edu.ec/
Data Leak: https://ghostbin.com/paste/qkofa

Educational University of Hispanic Americans: hxxp://www.institutohispanoamerica-riobamba.edu.ec/
Data Leak: https://ghostbin.com/paste/xsyv7

Municipal del Cantón Sucúa: hxxp://sucua.gob.ec/
Deface Mirror: http://www.zone-h.org/mirror/id/32335260?hz=1

Target: hxxp://www.bomberosvalencia.gob.ec/
BombersValencia Leak: http://cryptb.in/M3Cp14FR9q
Archive: http://archive.fo/6lmty

Target: hxxp://sageslaut.democrat/
Leak: http://cryptb.in/WaYCs784
Archive: http://archive.fo/uY2PC

Pryzraky (@Pryzraky):

Ecuadorian Embassy of The United Kingdom: hxxp://reinounido.embajada.gob.ec/ (Tango Down’d)

Ecuadorian Military Intelligence: hxxps://www.inteligencia.mil.ec/
Ecuadorian Internal Revenue Service: hxxp://descargas.sri.gob.ec/
Cooperative CREA: hxxp://virtual.crea.fin.ec:9192/
Infos/Vul: https://pastebin.com/raw/r5K4DFJM

Empresa Eléctrica Regional del Sur: hxxps://www.eerssa.gob.ec/
Database Leak: https://pastebin.com/raw/uiLZjraE

Anonymous:

Ecuadorian National Police: hxxp://policiaecuador.gob.ec/ (Deface)
Ecuadorian Embassy of Ukraine: hxxp://bce.fin.ec/ (Defaced)
Central Bank of Ecuador: hxxp://bce.fin.ec/ (Tango Down’d)

FBI Mail Servers: 153.31.160.5
CF-RAY: 4c751ebe4e98a875-CDG

Broadcast IP’s : 147.67.255.255 (Leaked)

Liceo Military: hxxp://liceonaval.mil.ec/ (Defaced)

Ecuadorian University Leaks: https://ghostbin.com/paste/wx8rh

Ecuador’s School of the Judicial Function: hxxps://escuela.funcionjudicial.gob.ec/
Data Leak: https://ghostbin.com/paste/r4by3
Leak Backup: https://pastebin.com/GHcbk12n

#OpEcuador Hit List: https://hastebin.com/yavudususu.rb

https://twitter.com/AnonymousWrId/status/1117148232315019271

And perhaps most importantly of all, I know it’s the burning question on everyone’s mind, but have no fears, Julian Assange’s cat is indeed safe!

Hacktivists Team Up To Hack, Deface, Leak or Crash 39 Ecuadorian Websites Within First 24 Hours After Assange’s Arrest

At this point it should go without saying, but yesterday morning the Ecuadorian Embassy  in London decided against continuing Julian Assange’s protection/asylum and he is now going to be extradited to stand trial in the United States – where he faces life in prison. While every news outlet between here and the moon has already done their own spinoff story on these developments, what I haven’t seen anyone else covering is the response from at least some of the hacking/cyber security community – so this is what I will attempt to do here today.

First off, the very reason why Wikileaks founder was arrested yesterday was most likely for his open support for a number of leaked documents implicating Ecuador’s President recently – likely leaked for his decision to put so much pressure on Julian Assange in the first place over recent weeks. The leaked cache of documents in question is officially referred to as the INA Papers – which you can browse in their entirety below.

Browse INA Papers Leak: http://inapapers.org/

With that established, within the first 24 hours of Assange’s arrest different hackers from all around the world appear to have teamed up together to launch a massive and coordinated series of cyber attacks against the Ecuadorian Government and its infrastructure. While it would be impossible to find them all, here is everything I was able to research – 39 different targets of hacks, leaks, defaces and/or DDoS attacks April 11th-12th 2019. Among the participants were Anonymous, LulzSec, Pryzraky, CYB3R C0V3N and many more.

Defaced:

Target: hxxps://www.utpl.edu.ec/
Deface: https://www.utpl.edu.ec/salas/view_entry.php?id=103164

Target: hxxp://www.esmena.edu.ec/
Deface Mirror: http://www.zone-h.org/mirror/id/32332771?hz=1

Target: hxxp://reinounido.embajada.gob.ec/
Deface: pic.twitter.com/2cSkC3Zndy

Tango Downed:

Ecuadorian Embassy of the United Kingdom: hxxp://reinounido.embajada.gob.ec/
Ecuadorian Consulate of Chicago: hxxp://chicago.consulado.gob.ec/
Official Guide of Protocols & Procedures of the State of Ecuador: hxxp://gob.ec/
National Institute of Investigation: hxxp://inigemm.gob.ec/

https://www.bce.fin.ec/en/
https://www.ministeriointerior.gob.ec/
http://reinounido.embajada.gob.ec/
https://www.presidencia.gob.ec/
https://www.finanzas.gob.ec/
http://cti.administracionpublica.gob.ec/
http://encuestas.gobiernoelectronico.gob.ec/
http://viajes.administracionpublica.gob.ec/
http://www.cege.gob.ec/
http://www.reconstruyoecuador.gob.ec/
http://www.yogobierno.gob.ec/
http://viajes.presidencia.gob.ec/
http://innovacionlab.gob.ec/
http://cti.gobiernoelectronico.gob.ec/
http://acuerdosconsulta.cege.gob.ec/

Targets w/ SQLi Vulnerabilities:

http://www.palenque.gob.ec/docs.php?id=docs34
http://www.goberguayas.gob.ec/prensaexpose.php?cod=1986
http://www.latroncal.gob.ec/WEB17/NOTICIAS/CONTROL/VISOR_MUESTRA.PHP?valores=aut_445

http://www.espiritusanto.edu.ec/fes/noticia.php?id=192
http://www.uteq.edu.ec/revistacyt/contenidorevista.php?id=19
http://biblio.ecotec.edu.ec/revista/articulo.php?id=279
http://www.bluehill.edu.ec/news.php?id=8
http://www.lainmaculada.edu.ec/web/pagina.php?id=2
https://www.utpl.edu.ec/salas/view_entry.php?id=26072&area=1&day=03&month=12&year=2008
http://www.esmena.edu.ec/pages.php?id=1

http://www.windowfrance.ec/news_detail.php?id=106
http://www.emetebe.com.ec/blog/index.php?id=22
https://www.inmot.com.ec/accesorios.php?id=10002443
http://www.blacksun.com.ec/news.php?id=16
http://www.espiritusanto.edu.ec/fes/noticia.php?id=68
http://madetec.com.ec/en/proyecto.php?id=7
http://www.ales.com.ec/noticia.php?id=2
http://www.fritega.com.ec/panaderia.php?id=283

Press Releases:

Pryzraky: https://hastebin.com/zecicifade.coffeescript
Anonymous: https://hastebin.com/yavudususu.rb

More Information:

https://twitter.com/LulzSeguridad/status/1116533381607641088

https://twitter.com/cyb3rc0v3nsec/status/1116336514387066885

https://twitter.com/al1ne3737/status/1116603345181921284

https://twitter.com/cyb3rc0v3nsec/status/1116393682482139136

https://twitter.com/cyb3rc0v3nsec/status/1116541062217121793

https://twitter.com/cyb3rc0v3nsec/status/1116541062217121793

NASA’s Chandra X-Ray Observatory, UAE’s Sharaj Exports Development Center & Mackenzie Presbyterian Institute of Brasil Hacked by Al1ne3737 of Pryzraky

Last night, April 8th 2019, “Al1ne3737” of “Pryzraky” announced a hack/leak associated with 3 different international organizations – NASA’s Chandra X-Ray Observatory in the United States, the Sharaj Exports Development Center in the United Arab Emirates and Mackenzie Presbyterian Institute of Brasil. While leaks effecting the USA and UAE were simply limited to the names and passwords of site administrators, granting access to the back-end of the websites, the leak of the Mackenzie Institute was significant – literally over 1 Megabyte (MB) of data contained within a text file.

The file itself contains the names, emails, cell phone numbers, accounts and passwords of countless thousands of individuals – one of the largest text files I have seen in the last half year of online leaks. The file itself is contained below, and is certified safe to the public.

Targets:

NASA Chandra X-Ray Observatory: hxxp://chandra.harvard.edu/
Sharaj Exports Development Center: hxxp://sharjahexports.gov.ae/
Mackenzie Presbyterian Institute: hxxp://news.mackenzie.br/

Data Download (1.72 MB): https://anonfile.com/o41457a7nc/_ep1_al1ne3737_txt

https://twitter.com/al1ne3737/status/1115358701005824002

Associação Nacional do Auditores Fiscais, Conselho Federal de Estatistica & SigProJ Administration of Brasil Hacked by Pryzraky

Yesterday, April 4th 2019, “Al1ne3737” of “Pryzraky” announced a hack of 4 Government agencies, organizations and websites across Brasil, leaking sensitive information tied to their databases online. More specifically implicated in the hacks/leaks were the SigProJ Administration, National Association of Tax Auditors (ANFIP), the online web portal of the 8th Region of Brasil (Pará and Amapá), as well as the Federal Council of Statistics (CONFE).

The leaks are significant, exposing information such as CPF numbers, telephone numbers, email addresses, psychical addresses, usernames and passwords of literally tens of thousands government employees and registered users. However, while the entirety of all the file folders contained within the leak add up to tens of thousands, due to file/time constraints, Al1ne3737only” released a couple thousand records to the general public. You can find all of these and more via the leaks provided below. Please note that all of the downloads are safe to the public – enjoy!

Target: hxxp://sigproj1.mec.gov.br
Leak: https://pastebin.com/raw/D8nA97UT

Associação Nacional do Auditores Fiscais da Receita Federal do Brasil: hxxp://www4.anfip.org.br/
Portal do TRT 8ª Região – Pará e Amapá: hxxp://www2.trt8.jus.br/
CONSELHO FEDERAL DE ESTATÍSTICA: hxxp://confe.org.br/
Database Download (688.79 KB): https://anonfile.com/v7j2QfY3me/dates_confe_anfip_trt8_al1ne3737_txt

https://twitter.com/al1ne3737/status/1114053833460731904

https://twitter.com/al1ne3737/status/1114030177586118656

Conselho Nacional de Justiça Wholly Pwned by Al1ne3737 – 94 Site Databases, 53,270 Individuals Compromised by The Data Breach

In the early morning hours of April 1st 2019, “Al1ne3737” of the international hacking group known as “Pryzraky” announced a hack and data leak effecting the National Council of Justice (CNJ) of Brasil. While the leak itself was only hosted online for a short period of time, it was substantial. For example, the leak contains personally identifiable information, including logins, of approximately 2,936 people stolen across 94 site databases. This information includes state officials, government personnel members, judges, magistrates – et cetera. In a message attached to the leak, Al1ne3737 simply stated “F*ck Brasil!

It is also important to understand that this was also only a sample of the leak mind you, the entirety of the full raw leak contains personally identifiable information, including logins, of approximately 53,270 individuals in total. Due to file size limits however, Al1ne373 only decided to release 2,936 of them to the public – keeping the rest to herself. Included in the leak was sensitive information including full names, user names, physical mailing addresses, email addresses, telephone numbers, national CPF numbers, passwords and much more. You can see a break down of some of the most important folders contained within the leak below.

Highlights from Leak:

306 entries from the usario Folder of the SGT Database- including their full names, emails, login user names and passwords
256 entries from the usario Folder of the ADOCAO Database – of 8,529 total- including full names, login user names and their passwords
66 entries from the user_web_service Folder of the BNPR Database – including organization ID numbers and passwords
256 entries from the sag_usario Table in the CNCA Database – from 13,537 total- including full names, login email addresses and passwords
256 entries from the usario table of the comparilhado Database – from 12,967 total – including user name, login names, passwords and CPF numbers
15 entries from the usario Folder of the boletim_servico Database – including full names, email addresses, passwords, CPF numbers and IP Addresses
51 entries from the usario Folder of the CAPG Database – including user code numbers and passwords
241 entries from the paciente Folder of the CADNT Database – including full names, CPF numbers, email, telephone numbers, Addresses and CEP numbers
4 entries from the usario Folder of the contatos_cnj Database – including their usernames and passwords
256 from the usario Folder of the Corporative Database – from 11,972 total – including CPF numbers, user numbers, full names, user names and passwords
4 entries from the usario Folder of the infojuris_i2 Database – including first names, user names and passwords
46 entries from the intra_users Folder of the Intranet2016 Database – including names, emails, user names and passwords
8 entries from the lime_users Folder of the LimeSurvey Database – including full names, emails, user names and passwords
79 entries from the kdali_users Folder of the NoveIntranet Database – including names, emails, usernames and passwords
3 entries from the cx0pf_users Folder of the observatorionacional Database – including name, email, usernames and passwords
256 entries from the juscnj_users Folder of the portalcnj2017 Database – out of 383 total – including names, emails, usernames and passwords
162 entries from the usario Folder of the SAPRS Database – including  full names, CPF numbers, emails, usernames and passwords
– The administrator login username, email and password for the WikiDB Database
64 entries from the wikipjeuser from the WikiDB Database – including email addresses, user names and passwords
256 entries from the login Folder of the sistemaemprego Database – of 2,073 total including login user numbers and passwords
256 entries from the usario Folder of the SEI Database – out of 816 total – including names and user information
154 entries from the usario Folder of the processometro Database – including user names, CPF numbers, email addresses, telephone numbers and passwords
256 entries from the usario_sgq Folder of the SGQ Database – including usernames, emails and CPF numbers

Alvo: hxxp://cnj.jus.br/

** EDITOR’s NOTE: Al1n3737 has asked Rogue Media Labs to remove the File from the CLearNet as to make the job of any would be investigators harder. So I have complied 😉 **

#OpSudan: International Hackers Continue Onslaught Against al-Bashir & Government of Sudan

Largely led by the efforts “Lorian Synaro,” hackers from all across the world continue to come together to launch onslaught after onslaught against Omar al-Bashir and the Government of Sudan, this time crashing, hacking, defacing and/or leaking the contents of 24 websites across Sudan – all within the course of the last week alone, that I am even aware of! Their efforts all come in conjunction with “Operation Sudan” (#OpSudan), perhaps one of the single largest and most successful international cyber operations of the last decade.

Learn More – #OpSudan: https://roguemedia.co/?s=%23OpSudan&x=0&y=0

As for all of hackers behind this weeks attacks, there are many. Including, but perhaps not limited to DemonSad, Tiosan and Angel Cracking of “NewSec Group,D3xter, Al1ne3737, Ergo Hacker and Mecz1nho Markov of “Pryzraky,Lorian Synaro and System D of “Anonymous,” as well as an independant hacker known as _W4rl0ck. My apologies to anyone whom may have been left off the list! Until next time 😉

Hacked/Leaked:

Mashreq University: hxxp://mashreq.edu.sd/
Leak: https://www.hastebin.com/vujumifozo.cs/
Leak Backup: https://pastebin.com/raw/n1Yj9YJE

Sudan Specialized Medical Insurance Company: hxxp://mmi.sd/
Leak: https://www.hastebin.com/atideheyeg.md
Leak Backup: https://pastebin.com/bGZVCgNu

Sudania 24 Television: hxxp://sudania24.tv/
Leak: https://pastebin.com/raw/R5Vzzbzm
Data Download: https://anonfile.com/J1O1z4Tbm7/sudania24.tv_al1ne3737_txt

جامعة القضارف : hxxp://gaduniv.edu.sd/
Elrazi University: hxxp://elrazi.edu.sd/
File Download: https://anonfile.com/Hby0nbTem9/sudansqli_rar

Tango Down’ed via DDoS:

The Bank Of Khartoum: hxxp://bankofkhartoum.com/
Khartoum Police: hxxp://ksp.gov.sd/
Khartoum International Airport: hxxp://krtairport.gov.sd/
Sudan Council of Ministers: hxxp://sudan.gov.sd/
Military Industry Corporation of Sudan: hxxp://mid.sd/
National Medicinal Plant Board: hxxp://www.nmpb.gov.sd/
Ashorooq News: hxxp://ashorooq.net/
Almeghar News: hxxp://almeghar.com/
Presidency of Sudan: hxxp://presidency.gov.sd/

Target Reconnaissance via JTSec:

hxxp://trafficpolice.gov.sd/https://pastebin.com/a4xEfSB0
hxxp://sudarecboard.gov.sdhttps://pastebin.com/eTrqnEhv
hxxp://rivernilestate.gov.sdhttps://pastebin.com/m7c1fkyE
hxxp://presidency.gov.sdhttps://pastebin.com/fPuzP8XH
hxxp://gezirainvest.gov.sdhttps://pastebin.com/55yi1Qcc
hxxp://health.gov.sdhttps://pastebin.com/3uJnQEtv
hxxp://tpsudan.gov.sdhttps://pastebin.com/2uCELVCA

Hacked/Defaced:

The Murtada Maaz Consultancy – Contractor for NCC and Government Buildings.

Website: hxxp://murtadamaaz.com/

Deface:

Image may contain: outdoor and text

Sudanese Ministry of Investment, Industry and Tourism.

Website: hxxp://northinvestment.gov.sd/

Deface:

Image may contain: text

Elobeid Refinery Company (ORC)

Website: hxxp://ord.sd/

Deface:

Image may contain: text

https://twitter.com/al1ne3737/status/1109858696329420801

https://twitter.com/ergo_hacker/status/1110303108171730944

https://twitter.com/N1ghtBlack/status/1110353693868769280

8 Government Agencies Across Colombia Hacked, Thousands of Contractors, Users, Administrators, Employees & Personnel Exposed in Data Breaches

I’ve told different hackers and hacking groups in the past that I want to see them leave their hands off Colombia, but I cant control them anymore than I can control the news now can I? To this effect, throughout the course of the day Tuesday, March 19th 2019, “Al1ne3737” of “Pryzraky” announced a new round of hacks and leaks – this time effecting the six Government agencies across Colombia. More specifically implicated in today’s release were Colombia’s Secretary of Education, Observatory of Interinstitutional Environmental Agendas, Municipal Council of San Jose de Cúcuta, the Developmental Department of Planning of Tolima, Hospital of San Rafael de Tunja and ESE Moreno y Clavijo.

The most significant of the data breaches implicated the first round of leaks was the Secretary of Education, exposing the names, login and passwords of 313 global users, along with access to the emails of 517 users. The website was also defaced with Alne3737‘s cover photo and a repeating sentence reading “Hacked by @Al1ne3737.” Meanwhile, the logins of the primary administrator of the Observatory of Interinstitutional Environmental Agendas was also exposed in the data breach, as was the logins of 46 other users and access to the personal emails of 48 more – including government employees. Lastly, the hack of the Municipal Council of San Jose de Cúcutam revealed the logins of 2 site administrators, granting full access to the pages back-end.

Targets Round 1:

SedTolima: hxxps://sedtolima.gov.co/
Observatorio de Agendas Interinstitucionales Ambientales – CAR: hxxp://oaica.car.gov.co/
Corporación Concejo Municipal De San Jose de Cúcucta: hxxp://concejocucuta.gov.co/

Deface Location: https://www.sedtolima.gov.co/administrador/modulos/instituciones/noticias/vista_previa_noticia.php?cod=682
Deface Mirror: http://www.zone-h.org/mirror/id/32278133?hz=1
Original Leak: https://www.hastebin.com/aguqamuwav.nginx
Leak Backup: https://pastebin.com/3d9GxdFS

The most significant data breach of the evening hours effected the Developmental Department of Planning of Tolima, exposing the login username and passwords of 171 politicians. As of the early morning hours of March 20th 2019, the website belonging to the Department of Tolima has been shut down and remains offline, presumably “for repairs” – lol. Additionally, the login user names and joint passwords of 256 contractors of the Hospital San Rafael de Tunja were also exposed by the data breach, trimmed from a larger table of 758 contractors. Lastly, the hack/leak of ESE Moreno y Clavijo exposed the login usernames and passwords of 9 site administrators.

Serving as proof of how she gained access to each of the websites, Alne3737 also released the SQL Injection (SQLi) points of vulnerability attached to each website – as well as the SQLi point of vulnerability of two additional website not named in the leaks. As for why the hacks were pulled off or why she decided to hack Colombia here today, Al1ne3737 said she did it as a favor for a friend – lol. In a message accompanying each leak, Al1n3737 also left behind a message translated from Indonesian reading “A child will be born today and grow old with no conception of privacy. They will never know what it means to have a private moment to themselves, or thoughts which aren’t registered and analyzed. And this is a problem because privacy is important; privacy and peace of mind is what we all need to determine who we are and who we want to be.

Targets Round 2:

Ejecutor Tolima: hxxp://www.ejecutortolima.gov.co/
Hospital San Rafael de Tunja: hxxp://www.hospitalsanrafaeltunja.gov.co/
ESE Moreno y Clavijo: hxxp://www.esemorenoyclavijo.gov.co/

Additional SQLi Target 1: hxxps://www.idrd.gov.co/SIM/CS_RendimientoDeportivo/Presentacion/MedalleroDeportista.php?id=1016084157
Additional SQLi Target 2: hxxps://www.emserpa.gov.co/modulos/contrato.php?id=38

Leak: https://www.hastebin.com/yomipemozi.nginx
Leak Backup: https://pastebin.com/ubjnir0y

Screen Shot of Defaces:

Image may contain: 1 person

Image may contain: text

https://twitter.com/al1ne3737/status/1108046306847744001

https://twitter.com/al1ne3737/status/1107845965522845696

#OpCatalonia: 10 Websites Across Spain Hacked, Defaced and/or Leaked by Al1ne3737 of Pryzraky

In solidaridad with #OpCatalonia and the ongoing Supreme Court trials of political dissidents being held at the hands of Spanish authorities, “Al1ne3737” of “Pryzraky” unleashed a massive round of hacks, leaks and defaces targeting various businesses and organizations around Spain. More specifically, Al1ne3737 announced a data leak effecting FAIN Elevators in Spain, along with the websites of Astigarraga Kit Line, a high end Spanish furniture retailer, Flins & Piniculas, a online digital media retailer, as well as Dragados S.A., an international business conglomerate basing their operations out of Spain. Al1ne3737 also released the SQLi points of failure of 6 additional websites, offering to give the website owners consultation to patch their vulnerabilities with the release – lulz.

Stepping a bit outside their norm, Al1ne3737 also defaced several of the websites and released a message in Indonesian attached to the leaks reading: “A child will be born today and grow old with no conception of privacy. They will never know what it means to have a private moment to themselves, or thoughts which aren’t registered and analyzed. And this is a problem because privacy is important; privacy and peace of mind is what we all need to determine who we are and who we want to be.

Targets via Data Breach:

FAIN FRANCE: hxxps://fain.es/
Astigarraga kit line: http://astikitline.es/
Flins y Piniculas: hxxp://flinsypiniculas.com/
Dragados S.A: hxxps://dragados.es/

Deface Mirror: http://www.zone-h.org/mirror/id/32273657?hz=1
Leak: https://www.hastebin.com/avasimehek.nginx
Leak Backup: https://pastebin.com/36Wa6J6g

Screen Shot of Deface:

No photo description available.

Additional SQLi Target Locations:

http://www.ordisi.es/index.php?id=Y29uOzQ=1
http://www.listadotren.es/motor/series.php?id=3
http://www.astikitline.es/fr/blog_detalle.php?id=5
http://www.flinsypiniculas.com/ficha.php?id=226
https://www.dragados.es/en/contentdetail.php?id=19
https://fain.es/fr/obras-emblematicas-detalle.php?id=99

4 Argentinian Business Hacked/Leaked by Al1ne3737 of Pryzraky, SQLi Vulnerabilities of 12 More Dumped Online

Earlier this week, March 13th 2019, “Al1ne3737” of “Pryzraky” unleashed a massive string of hacks and leaks effecting website across Argentina. Included in a data leak effecting 4 corporations was the Aeronavegantes, an Argentinian travel booking agency, the Argentine Agency of Investments and International Trade, Ojo Ciudadano, an Argentinian website offering security advice to online customers, businesses and consumers, as well as the Center of Language Studies.

At the present moment in time it is not necessarily known what first motivated the attacks, though if I had a guess it would be a result of the fact that Al1ne3737 hates the country and was just bored. The hacks also add to a separate attack launched against the country by Al1ne3737 just last week, an attack which saw a hack/leak effecting the countries Secretary of Tourism and Government of Labrida – among others.

Websites Targeted via Data Breach:

ASOCIACIÓN ARGENTINA DE AERONAVEGANTES: hxxps://aeronavegantes.org.ar/
Agencia Argentina de Inversiones y Comercio Internacional: hxxp://inversionycomercio.org.ar/
Ojo Ciudadano: hxxp://ojociudadano.org.ar/
Asociación de Centros de Idiomas: hxxp://idiomas.org.ar/

Database Leak: https://www.hastebin.com/igiresidob.nginx
Data Backup: https://pastebin.com/kku04DeG
Data Download: https://anonfile.com/7d92O1wcb4/argentina_s_fucking_al1ne3737_txt

FUTURE TARGET’S FOR CONSULT VIA SQLi:

http://www.idiomas.org.ar/novedades_show.php?id=101
http://bibliotecavirtual.clacso.org.ar/novedades/mas_novedades_detalle.php?id=13185&pageNum_rs_novedades=9&totalRows_rs_novedades=5237
http://catcyc.org.ar/novedades-detalle.php?id=1
http://somu.org.ar/promo_detail.php?id=99
http://www.ojociudadano.org.ar/legislacionJurisprudencia.php?id=263
http://www.stp.org.ar/turismo_interna.php?id=29&categoria1=hoteles
http://www.inversionycomercio.org.ar/exportar_calendario_detalle_ronda_crm.php?id=a0Q3600000Q2sYdEAJ
http://congresojudio.org/novedades_nota.php?id=71
http://www.iram.org.ar/index.php?id=Eventos
https://www.aeronavegantes.org.ar/noticia.php?id=21

https://twitter.com/al1ne3737/status/1105876453948903424

#OpNicaragua: Costa Rican Foreign Ministry & Government of Nicaragua Come Under Heavy Fire from International Hackers

Dating back to March 9th 2019, over the course of the last several days a host of Nicaraguan websites and government agencies have been targeted via cyber attack. The attacks themselves are being carried out on behalf of “Operation Nicaragua” (#OpNicaragua), an international hacking campaign against President Daniel Ortega, raising awareness on behalf of his countless human rights violations against students, activists and political protesters alike.

Learn More About The Situation In Nicaragua: https://roguemedia.co/2018/11/17/anonymous-hackers-launch-massive-campaign-ahead-of-2018-ibero-american-summit/

As was reported by Defcon Labs on March 10th 2019, an unknown group of hackers working under the flag of #OpNicaragua announced a massive hack of the Foreign Ministry of Costa Rica, leaking personally identifiable information on over 730 Government officials online. However, it must be noted that despite the fact that the attack targeted Costa Rica, in a massage attached to the leak the hackers stated “Sorry Costa Rica for using your platform for this (we promise not to damage anything or compromise your government’s sensitive information), but this is an AID message! by the prisoners that Daniel Ortega kidnaps and tortures every day. Nothing is normal in Nicaragua.

Foreign Ministry of Costa Rica:

Target: hxxp://rree.go.cr/

Intranet: hxxp://196.40.57.131/extranet/main_login.php?request=%2Fextranet%2F
WebService: hxxp://196.40.57.131/webser/main_login.php?request=%2Fwebser%2F
Backend: hxxps://www.rree.go.cr/login.php?site=intranet

Leak: https://ghostbin.com/paste/bwd7k/raw
Data Download: https://anonfile.com/taz4Gcw5be/Costa_Rica_Foriegn_Ministry_txt

This came in addition to two hacks and leaks posted by “Al1ne3737” of “Pryzraky,” whom managed to exploit the National University of Engineering in Nicaragua and Mayors Office of Somoto, exposing the names, emails, telephone numbers and student identification numbers belonging to 131 students, along with the root login information of three site administrators of the mayors office respectably.

UNI – Recinto Augusto C. Sandino: hxxp://www.norte.uni.edu.ni/
Leak: https://www.hastebin.com/sariqequhe.coffeescript

Alcaldía de Somoto: hxxp://www.alcaldiasomoto.gob.ni/
Leak: https://www.hastebin.com/gojiyakoto.cs

This also can in addition to a string of DDoS attacks launched by Anonymous hackers effecting the websites of Nicaragua’s National Police and Viva Nicaragua – Television Channel 13.

Targeted via DDoS Attack:

Policía Nacional: hxxp://www.policia.gob.ni/
Viva Nicaragua Canal 13: hxxp://vivanicaragua.com.ni/

We Nicaraguans are kidnapped by a murderous and terrorist government.

Protests against the government began on April 18, 2018 by a group of university students, however peasants and different sectors have protested against the government since 2010. because the way of governing Daniel Ortega (president) and Rosario Murillo (his wife and vice-president) it is merely authoritarian and since 2007 which governs Nicaragua does not allow people make manifestation, people who have tried, are now dead.

Now there are more than 600 people killed by the Nicaraguan police, by orders of the president. Among them, children 10 months of age, students, university students, women, and adults.

More than 1200 young university students kidnapped, and more than 2,500 missing persons that police probably killed them. In Nicaragua there is no normality, it is a crime to carry a blue and white flag in your hand, they criminalize you and the government accuses you of terrorist you are imprisoned, and if you are a woman you are raped up to 10 policemen.

Anonymous Nicaragua (@AnonNic on Twitter and #OpNicargua our hashtag) has been protesting since April 19 of 2018. We can not stop because we have a commitment of solidarity with our brothers and family. Attacking the government we show him that citizen struggle does not stop, more than eighty percent of Nicaraguans do not recognize him as president.

We urge a change of government, the civic struggle has been without weapons, just protesting in the streets, with a flag in our hands. We do not want war, nor more deaths, we suffer a lot in our country, we urge that the president be tried for crimes against humanity.

We need to attack government systems, not allow them to work, until they stop killing and leave, because they are not our rulers.

Government Media, full of lies and news manipulation
Medios del gobierno, llenos de mentiras y manipulación de noticias.

Lastly, Anonymous hackers left the following list of online websites they would like to see targeted via Operation Nicaragua…..

https://www.el19digital.com
http://canal2tv.com
http://canal6.com.ni
https://www.tn8.tv
https://www.vivanicaragua.com.ni
https://nuevaya.com.ni

Government sites
Sitios del Gobierno

https://www.migob.gob.ni
https://www.cetrex.gob.ni
http://www.hacienda.gob.ni
https://www.mific.gob.ni
http://www.managua.gob.ni
http://www.dga.gob.ni
https://www.poderjudicial.gob.ni
https://mined.gob.ni
https://ministeriopublico.gob.ni
http://pronicaragua.gob.ni
http://www.telcor.gob.ni
https://www.intur.gob.ni
http://www.policia.gob.ni
https://tramitesenlinea.policia.gob.ni
https://www.dgi.gob.ni
http://yota.com.ni
http://www.ibw.com.ni
http://www.superintendencia.gob.ni
http://www.siboif.gob.ni
http://www.uaf.gob.ni
https://mail.agaton.ni
http://grupopellas.com

https://twitter.com/al1ne3737/status/1105336208639569920