Behind The US’s Use of Hacktivists Groups As Cover for Cyber Campaigns Targeting Brasil

As someone whom has covered hacking news and hacktivists quite heavily for the last 5 years now, I found many events which took place between the later half of 2018 and beginning of 2019 particularly interesting. For those of you whom might not have been paying attention, over this time period the country of Brasil came under heavy fire from seemingly every direction – with many local, state and federal political/Government agencies and organizations getting hacked/leaked.

However, as a hacking news journalists whom got many exclusives over this time period, what was particularly interesting to note were the people whom were behind at least some of these attacks. While some were Brasilians, such as Pryzraky, the longer all of the hacks went on, the more different groups began outing themselves as internationals – particularly Americans. Such as was the case of the group known as “Shadow Squad Hackers” whom were Americans and claimed they were targeting Brasil because they were “disgusting and dirty people.” They claimed they were targeting Brasil for know other reason that they “hate Brasil and Brasilians.” Many also claimed to the be former members of the US Department of Defense at the same time.

While those are just some examples, they were far from alone. As you can see by following the tag below, the number of new or previously unknown hacktivists groups targeting Brasil in 2018/2019 were almost too many to count.

Read More – Brasil Tag on Rogue Media: https://roguemedia.co/tag/brasil/

Why Is This Happening?

This is a two part answer. The first is the fact that Brasilian Government and political websites are far behind the rest of the world when it comes to sound cyber security practices. For example, the vast majority of hacks were all pulled off via SQL injection (SQLi) – because their website’s IT staff apparently doesn’t know how to block bad query strings. Upon further investigation, many political websites leave their login pages out in the open, on the front end landing page, making themselves an easy target for brute force attacks. Still even further, many of the smaller, local government websites don’t even utilize a Secured Socket Layer (SSL) – making them easier targets for DDoS attacks and defacement campaigns, of which there were many.

https://twitter.com/geekwiresec/status/1148940713167663106

However, the second reason is far more interesting – geopolitics. What you may not know is that Brasil is a member/signatory the the BRICS Alliance. Built by an international outreach campaign by Russian President Vladimir Putin over the years, what you should know is that BRICS is built on a long term economic/military strategy to lock the United States out of South Pacific and South Atlantic trading routes, opening up trade routes for developing countries and emerging economies – such as Brasil, Russia, India, China and South Africa (BRICS).

If you think about it logistically or tactically it makes sense, Brasil has potential for the largest economy in South America and sticks the furthest out into the South Atlantic, which gives them the best chance at controlling the South Atlantic and sealing out countries from doing business in those waters. South Africa, for example, can control the Cape of Good Hope – the only route for Western Countries to cross over the African continent and reach Eastern markets by sea. Moving further East, India could have full control over the Indian ocean and has already begun sealing out the US from shipping rubbage to their country. And still yet, further East, Russian and China have the military power necessary to completely lock out the US from reaching all Eastern countries if they really wanted – with an all out attack on Japan not withstanding (RIP).

With that established and with countless coverage of all the Brasilian attacks, along with interviews with each of the hackers and hacking groups behind the hacks, it is my firm belief that the United States Government was using “hacktivist” groups as a cover for the hacks of major political parties and Government websites across Brasil, as revenge for the Brasilians having signed new alliances with Vladimir Putin and the Russian Government. Moreover, do you believe that all of these cyber attacks targeting Brasil occurring over the same exact timeline of the US’s attacks against Venezuela were any coincidence?

It is my firm belief that the US Government used these groups and these tactics not only to expose information on the Brasilian Government and its members, but also to show them how weak their cyber security practices were. As we already know, the USA does also have a long and extensive history of “meddling” in South America as well. Many of these attacks were no different, they just didn’t have computers in the 60s and 70’s.

Read More – Declassified Documents from CIA Reveal US Political Interference Throughout South America During Cold War: https://roguemedia.co/2019/04/20/newly-declassified-documents-from-cia-depict-interesting-timeline-of-us-political-interference-meddling-in-south-america-throughout-the-cold-war/

Scores of Turkish Government Websites Deleted Offline by Azerbaijan Hackers

This past Sunday, May 5th 2019, Rogue Media Labs was informed of series of ongoing cyber attacks targeting the Government of Turkey. However, it must be noted that the social accounts, website and archive profile of the hackers behind the cyber attacks has since been suspended and/or taken offline – perhaps because of these very events. While the details behind the hacks are a little vague at this point, what we do know is that all of the websites were compromised via “SQL Injections” (SQLi), and the hackers behind the breaches refer to themselves as the “Azerbaijan Hackers.

After investigating, it does appear as though the hacks were indeed real. I say this because at one point earlier today both of the websites listed below were blank. Then, a little later in the day, after the sites had been restored, they were each flagged by my anti-virus as unsafe or harmful to visit – messages I have never seen attached to any Government run website, never mind multiple. Unfortunately, as previously mentioned, the website, social accounts and web archive that originally featured news of the hacks was already been taken offline before I could view it – meaning that there is no telling how many sites were compromised. All I know is that the source behind news of the breaches told me that “a load” of Turkish websites had been “Hacked, Injected and Wipped Offline.” Should more details arise, I will publish an update as I receive them.

Confirmed Websites Hit:

hxxp://halfetiih.gov.tr/
hxxp://urfadis.gov.tr/

Pryzraky Hackers Responsible for 39 International Hacks, Leaks & DDoS Attacks Over The Last 4 Days

Dating back to the weekend, “Pryzraky” hackers have been extremely active in a number of hacks, leaks and DDoS attacks targeting Government institutions in and around Europe, United States, United Kingdom and South America. However, while their hacks have primarily been carried out under the banners of #OpAssange, #OpEcuador and #OpUK, Pryzraky is doing as much as possible to distance themselves from the Anonymous hacker collective, whom been extremely active in publicizing these operations online.

All told, group members “Mecz1nho Markov” (@Mecz1nho), “Alne3737” (@Al1ne3737) and “PopTart” are responsible for a 39 cyber attacks over the last 4 days, including attacks targeting the Association of Police Investigators (Brasil), International Police (France), Department of Defense (USA) and National Police Association of the United Kingdom – with some attack bringing websites down for days at a time. A full list of their attacks is chronicled below.

Hacked/Leaked:

Association of Civilian Police Investigators: hxxp://sinpol-assinpol.com.br/
Faculdade Integrada Tiradentes: hxxp://fits.edu.br/
Data Download: https://anonfile.com/fem19fd4n9/PryzrakyLeaks_-_14.04.2019_zip

[Target]: hxxps://www.correosdelecuador.gob.ec/
[Database]: https://pastebin.com/raw/KQXRbqCQ

DDoS Attacks:

International Police (INTERPOL) – hxxp://interpol.int/ (Tango Down’d)
US Department of Defense (DoD) – hxxp://defense.gov/ (Tango Down’d)
UK National Police – hxxp://police.uk/ (Tango Down’d)
Supreme Court of The United Kingdom – hxxp://supremecourt.uk/ (Tango Down’d)

SQLi Injection Vulnerabilities:

hxxp://bedale-tc.gov.uk/
hxxp://www.exning-pc.gov.uk/
hxxp://www.rosstc-herefordshire.gov.uk/

.GOV
hxxp://www.wraysburyparishcouncil.gov.uk/cllr-profile.php?id=24%27
hxxp://www.localplan.charnwood.gov.uk/content/index.php?id=1%27

.CO
hxxp://www.thelexington.co.uk/event.php?id=311%27
hxxp://chatterboxvoices.co.uk/profile.php?id=351%27
hxxp://www.mexicolore.co.uk/can.php?id=1%27
hxxp://fieh.co.uk/index.php?Id=51%27
hxxp://www.facetpublishing.co.uk/title.php?id=301829%27#.XLPCxuhKjIU
hxxps://www.ileswastesystems.co.uk/index.php?id=1%27
hxxp://www.mcstone.co.uk/kitchens.php?id=11%27
hxxp://www.elmslie.co.uk/project.php?id=61%27
hxxp://www.sequoia.co.uk/news.php?id=134%27
hxxp://www.mwnuk.co.uk/resourcesDetail.php?id=97%27
hxxp://www.windowfrance.co.uk/about_infos.php?id=1%27
hxxp://emjplastics.co.uk/project.php?id=14%27
hxxp://dementiabuddy.co.uk/event.php?id=162%27
hxxps://www.fusionworcs.co.uk/news/article.php?id=579%27
hxxps://www.nottspeed.co.uk/news_item.php?ID=243%27
hxxp://www.falkirklocalhistorysociety.co.uk/home/index.php?id=124%27
hxxps://www.trinitycollege.com/news/viewarticle.php?id=502%27
hxxps://www.restons.co.uk/index.php?id=79%27

.ORG
hxxps://www.pysc.org.uk/new/article.php?id=426%27
hxxp://www.bicga.org.uk/hub.php?ID=41%27
hxxps://www.lmc.org.uk/page.php?id=17%27
hxxp://www.linksparkct.org.uk/course.php?id=47%27
hxxp://www.gracechurchgreenwich.org.uk/churchbuilder/medialib.php?id=384
hxxps://garyhall.org.uk/maths-resource.php?id=80
hxxps://www.outward.org.uk/vacancy.php?id=104%27

https://twitter.com/al1ne3737/status/1117578169496866816

Hazard Analysis & Critical Control Points/Análise de Perigos Hacked by Mr. Joker aka “Error Toxic”

Least week, March 22nd 2019, a hacker going by the name of “Mr. Joker” posted a data leak effecting the Hazard Analysis & Critical Control Points/Análise (HACCAP) de Perigos, Brasil – essentially a food and safety administration similar in many ways to the Food and Drug Administration of the United States. At the present moment in time not much is known about the hacker or their methodology/rationale, but their Twitter timeline was created a little less than 2 weeks ago and is full of 11 Tweets tied to various hacks, leaks and exploits effecting websites all over the world.

What we do know about this particular hack is that Mr. Joker was able to breach the site via SQL Injection (SQLi) granting him full access to the websites back-end. Moreover, I only covered their hack/leak of the HACCAP today because it effects a Government organization, exposing the name, email, passwords and addresses of 197 personnel members employed by the organization. You can learn more about the hacker and their leaks through the Twitter timeline provided below.

Full Raw Leak: https://ghostbin.com/paste/yvasx

https://twitter.com/ErrorToxic3/status/1109038091522723840

8 Government Agencies Across Colombia Hacked, Thousands of Contractors, Users, Administrators, Employees & Personnel Exposed in Data Breaches

I’ve told different hackers and hacking groups in the past that I want to see them leave their hands off Colombia, but I cant control them anymore than I can control the news now can I? To this effect, throughout the course of the day Tuesday, March 19th 2019, “Al1ne3737” of “Pryzraky” announced a new round of hacks and leaks – this time effecting the six Government agencies across Colombia. More specifically implicated in today’s release were Colombia’s Secretary of Education, Observatory of Interinstitutional Environmental Agendas, Municipal Council of San Jose de Cúcuta, the Developmental Department of Planning of Tolima, Hospital of San Rafael de Tunja and ESE Moreno y Clavijo.

The most significant of the data breaches implicated the first round of leaks was the Secretary of Education, exposing the names, login and passwords of 313 global users, along with access to the emails of 517 users. The website was also defaced with Alne3737‘s cover photo and a repeating sentence reading “Hacked by @Al1ne3737.” Meanwhile, the logins of the primary administrator of the Observatory of Interinstitutional Environmental Agendas was also exposed in the data breach, as was the logins of 46 other users and access to the personal emails of 48 more – including government employees. Lastly, the hack of the Municipal Council of San Jose de Cúcutam revealed the logins of 2 site administrators, granting full access to the pages back-end.

Targets Round 1:

SedTolima: hxxps://sedtolima.gov.co/
Observatorio de Agendas Interinstitucionales Ambientales – CAR: hxxp://oaica.car.gov.co/
Corporación Concejo Municipal De San Jose de Cúcucta: hxxp://concejocucuta.gov.co/

Deface Location: https://www.sedtolima.gov.co/administrador/modulos/instituciones/noticias/vista_previa_noticia.php?cod=682
Deface Mirror: http://www.zone-h.org/mirror/id/32278133?hz=1
Original Leak: https://www.hastebin.com/aguqamuwav.nginx
Leak Backup: https://pastebin.com/3d9GxdFS

The most significant data breach of the evening hours effected the Developmental Department of Planning of Tolima, exposing the login username and passwords of 171 politicians. As of the early morning hours of March 20th 2019, the website belonging to the Department of Tolima has been shut down and remains offline, presumably “for repairs” – lol. Additionally, the login user names and joint passwords of 256 contractors of the Hospital San Rafael de Tunja were also exposed by the data breach, trimmed from a larger table of 758 contractors. Lastly, the hack/leak of ESE Moreno y Clavijo exposed the login usernames and passwords of 9 site administrators.

Serving as proof of how she gained access to each of the websites, Alne3737 also released the SQL Injection (SQLi) points of vulnerability attached to each website – as well as the SQLi point of vulnerability of two additional website not named in the leaks. As for why the hacks were pulled off or why she decided to hack Colombia here today, Al1ne3737 said she did it as a favor for a friend – lol. In a message accompanying each leak, Al1n3737 also left behind a message translated from Indonesian reading “A child will be born today and grow old with no conception of privacy. They will never know what it means to have a private moment to themselves, or thoughts which aren’t registered and analyzed. And this is a problem because privacy is important; privacy and peace of mind is what we all need to determine who we are and who we want to be.

Targets Round 2:

Ejecutor Tolima: hxxp://www.ejecutortolima.gov.co/
Hospital San Rafael de Tunja: hxxp://www.hospitalsanrafaeltunja.gov.co/
ESE Moreno y Clavijo: hxxp://www.esemorenoyclavijo.gov.co/

Additional SQLi Target 1: hxxps://www.idrd.gov.co/SIM/CS_RendimientoDeportivo/Presentacion/MedalleroDeportista.php?id=1016084157
Additional SQLi Target 2: hxxps://www.emserpa.gov.co/modulos/contrato.php?id=38

Leak: https://www.hastebin.com/yomipemozi.nginx
Leak Backup: https://pastebin.com/ubjnir0y

Screen Shot of Defaces:

Image may contain: 1 person

Image may contain: text

https://twitter.com/al1ne3737/status/1108046306847744001

https://twitter.com/al1ne3737/status/1107845965522845696

#OpCatalonia: 10 Websites Across Spain Hacked, Defaced and/or Leaked by Al1ne3737 of Pryzraky

In solidaridad with #OpCatalonia and the ongoing Supreme Court trials of political dissidents being held at the hands of Spanish authorities, “Al1ne3737” of “Pryzraky” unleashed a massive round of hacks, leaks and defaces targeting various businesses and organizations around Spain. More specifically, Al1ne3737 announced a data leak effecting FAIN Elevators in Spain, along with the websites of Astigarraga Kit Line, a high end Spanish furniture retailer, Flins & Piniculas, a online digital media retailer, as well as Dragados S.A., an international business conglomerate basing their operations out of Spain. Al1ne3737 also released the SQLi points of failure of 6 additional websites, offering to give the website owners consultation to patch their vulnerabilities with the release – lulz.

Stepping a bit outside their norm, Al1ne3737 also defaced several of the websites and released a message in Indonesian attached to the leaks reading: “A child will be born today and grow old with no conception of privacy. They will never know what it means to have a private moment to themselves, or thoughts which aren’t registered and analyzed. And this is a problem because privacy is important; privacy and peace of mind is what we all need to determine who we are and who we want to be.

Targets via Data Breach:

FAIN FRANCE: hxxps://fain.es/
Astigarraga kit line: http://astikitline.es/
Flins y Piniculas: hxxp://flinsypiniculas.com/
Dragados S.A: hxxps://dragados.es/

Deface Mirror: http://www.zone-h.org/mirror/id/32273657?hz=1
Leak: https://www.hastebin.com/avasimehek.nginx
Leak Backup: https://pastebin.com/36Wa6J6g

Screen Shot of Deface:

No photo description available.

Additional SQLi Target Locations:

http://www.ordisi.es/index.php?id=Y29uOzQ=1
http://www.listadotren.es/motor/series.php?id=3
http://www.astikitline.es/fr/blog_detalle.php?id=5
http://www.flinsypiniculas.com/ficha.php?id=226
https://www.dragados.es/en/contentdetail.php?id=19
https://fain.es/fr/obras-emblematicas-detalle.php?id=99

Air Dominica & Costa Rican Travel Agency TourPlan.com Hacked by KelvinSec Team, Vulnerabilities & Partial Databases Leaked Online

In news first brought to my attention via Defcon Lab this morning, February 16th 2019, an international hacking group known as “Kelvin Security” (KelvinSec Team) has claimed responsibility for a string of hacks and leaks effecting airlines across the Dominican Republic, Cuba and Slovakia. The hacks themselves appear to have carried out on the morning of February 13th 2019, before ultimately being published online for the first time on the evening of February 14th. Additionally, while there wasn’t necessarily too much information contained within the leaks themselves, the information does appear to be legitimate – at least at this time.

In the leaks provided below, KelvinSec Team primarily targeted Tourplan.com, an international travel booking agency operating out of Costa Rica, as well as Air Dominica, a national airlines service flying to and from the Dominican Republic. While there was no motivation given for the attacks themselves, the hackers did leave behind a message in Belarusian reading “hacker is a person looking for information, gathering great people around the world, connecting to a network and scanning for vulnerabilities on their platforms” – perhaps indicating that the hackers are recruiting, and thus used the hacks/leaks as a means of getting publicity. While the initial reporting from Defcon Labs pointed to two other hacks and leaks effecting airlines in Slovakia and Cuba, also carried out by KelvinSec TeamRogue Media Labs was unable to independently confirm or deny the authenticity of the incidents. 

Contained within a leak pertaining to Tourplan.com are list of SQL vulnerabilities which can theoretically land you straight inside any one of the sites databases, exposing information such as customer user names, passwords, birth names, emails and much more – theoretically granting you access over all the information these customers have entered onto the website about themselves, such as payment methods and history – et cetera. The hack/ leak of Air Dominica was unique in the fact that so little information was contained within it. For example, the leak only contained information on 34 passengers, exposing information such as their full names, email addresses, passwords and country codes. Presumably though, this wouldn’t even be enough information to cover a single flight into or out of the country, so it remains unknown what the hackers motives were for posting the – or what they did with all of the information uncovered.

Target: Air Dominica
Leak: https://pastebin.com/jcAnUTDd?fbclid=IwAR0FzUQyHzVNb6ivHjXO1QX5NnT_owC3U0Cp9WI4k__NXRFqjfO5S1Csu5g

Target: hxxp://tourplan.com
Leak: https://pastebin.com/i0EgCa5U?fbclid=IwAR2k4W0zxMRq4b4fQzZ-R66cLPKAE5rbOO0o5NrJYVAVCemdbuvgINz5wh4

MAPH EDITORA – INFORMAÇÕES TRABALHISTAS E TRIBUTÁRIAS Hacked by Darkness Ghost

Earlier this week, January 29th 2019, a hacker going by the name of “Darkness Ghost” claimed credit for a hack and leak effecting MAPH EDITORA, a Brasilian based firm dealing in tax, finance and wage/labor consultation services. In a leak made available to the general public via Twitter, Darkness Ghost posted the email address and passwords used to login to the online accounts of 138 customers, theoretically granting access to whatever information each customer had entered into the website about themselves. Considering that this is a labor and tax service, it is fairly safe to assume that this includes personal finance, banking and tax return information – along with much more.

Having a look through the leaked information, it is clear that the website was compromised via an SQL injection tied to a web page featuring one of their online products. More specifically, product ID #153 (http://www.maph.com.br/ler_capitulo.php?products_id=153). The methodology behind this hack is almost identical in many ways to a hack of Lenovo last month, whom also had their sites PHP files compromised through a vulnerability attached to an outdated product ID page featuring a product which had long since been discontinued – but its web-page never taken deleted or taken offline.

Alvo: hxxp://maph.com.br/
Raw Leak: https://ghostbin.com/paste/taffh

Browse Full Leak:

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2019/02/taffh-Ghostbin.pdf” title=”taffh – Ghostbin”]

Servers Belonging To Vermont’s Department of Financial Regulation Rooted, 41.48 Megabytes of Data Leaked Online

Late last night, January 27th 2019, a French based hacker belonging to the New World Hackers group going by the name of “Mizaru” announced a data dump of Vermont’s Department of Financial Regulation. The leak itself is too big to possibly explain in a couple of brief sentences here, but what I can report on is that approximately 41.48 Megabytes (MB) of data comprising of PHP Version: 5.6.15 files hosted on a 10.1.9-MariaDB database were hacked/leaked online, and that the departments servers were hacked via SQL vulnerabilities tied to URL’s addresses attached to the website back-end.

Included in the leak is information tied to various banks affiliated with the Government of Vermont, including their unique ID’s, code numbers, license numbers, issuance date, company name, trade name and addresses. The leaked data also includes access to state registration files, along with the hashed passwords necessary to access them, as well as full copies of internal memos, emails, documentation and much more. Honestly, the leak is so big that it’s almost impossible to summarize all at once here, so you are just going to have to browse through the leak for yourself this time.

Site: hxxp://dfr.vermont.gov/
Location of SQL Database Dump: http://dfr.vt.gov/bishcain_drupal.sql
Download Site Databases (41.48 MB): https://anonfile.com/o983S6r4b8/dfr.vt.gov_txt

https://twitter.com/MZR_h4x0r/status/1089617826284032001

India’s Jamal Mohamed College Hacked by New World Hackers, Student Email Archives Dumped Online

Two nights ago, January 25th 2019, a member of the New World Hackers group going by the name of “Mizaru” claimed responsibility for the hack of Jamal Hohamed College in Khajanagar, Tiruchirappalli – India. Comprising of over 3,200 lines, this is one of the largest data leaks I have ever seen Mizaru publish. This is also because it contains the personal email messages/exchanges of hundreds of students, as well as a full database of university staff members – including their full names, positions, emails and contact information. On top of having their emails exposed, the hackers also managed to uncover and release even more student data, including their course catalogs, contact information and home addresses.

Browsing through the leak, Mizaru also made it quite clear that they were originally able to compromise the website via SQL Injection, granting administrator level access/privileges over the entire site.

Target: hxxps://www.jmc.edu/
Data Leak: https://ghostbin.com/paste/96eg8

https://twitter.com/MZR_h4x0r/status/1088943913161932800

Team PARANOID CODEIN Releases Database Leaks Along with XSS & SQLi Vulnerabilities Effecting 7 Brasilian Websites

Every now and again I come across some truly unique leaks, such as was the case yesterday. This is when I cam across a string of leaks posted by a hacker going by the name of “Etico Kartovy,” uncovered by a group of hackers going by the name of “Team PARANOID CODEIN” – aka “PCOD Team.” The leaks provided below are unique in that only some provide any actual data uncovered from within websites, instead choosing to publish the vulnerabilities of certain websites and how they can be exploited via “Cross-Site Scripting Attacks” (XSS) or “SQL Injection” (SQLi). These are the first such leaks of their kind I have ever come across, and there were se7en of them at that.

Effected by the data breaches provided below are the Hospital of Santa Casa, the Institute of Lands of the State of Piauí, Ligas Acadêmicas of the Federal University of Uberlandia, the Union of the Administrators of the Federal District of Sinda, the website of Support for Aquaculture, Brasil, the Federal Saving Bank of Caixa and the Interlegis Program, a Brasilian based political news outlet.

Website: hxxp://santacasacm.org.br
Raw Data Leak:

Website: hxxp://www.interpi.pi.gov.br
Raw Data Leak:

Website: hxxp://cardioliga.famed.ufu.br
Raw Data Leak:

Website: hxxp://www.sinda.org.br
SQL Injection Methodology:

Website: hxxp://sc-aqua.com.br
SQL Injection Methodology:

Website: hxxps://sidmfextrato.caixa.gov.br/
XXS Vulnerability:

Website: hxxp://www.interlegis.leg.br
SQL Injection Methodology:

Kementerian Energi dan Sumber Daya Mineral Republik Indonesia & Sistema de Gestión SUMAR Hacked by New World Hackers

No photo description available.

Yesterday morning, January 23rd 2019, two new members of New World Hackers going by the name of “Mizaru” and “Ftp” announced the hack and leak of two international Government agencies/departments. More specifically, the Ministry of Energy and Mineral Resources of The Republic of Indonesia (ESDM) and a branch of the Argentinian Ministry of Health known as Sistema de Gestión (SUMAR) were compromised by the breaches.

Once again however, just as with their hacks earlier this week, the leaked data is somewhat unconventional. Meaning that instead of leaking any data or information contained within the hacked databases, the hackers have instead chosen to leak the various SQL vulnerabilities used to compromise the databases in the first place – essentially showing others how the hack was physically pulled off for them to replicate, or for site administrators to patch.

Ministry of Energy and Mineral Resources: hxxp://tpdk.esdm.go.id
Vulnerabilities Leak: https://ghostbin.com/paste/kc6jo

Sistema de Gestión (SUMAR): hxxp://plannacer.larioja.gov.ar/
Vulnerabilities Leak:

https://twitter.com/MZR_h4x0r/status/1088037279627649024

https://twitter.com/MZR_h4x0r/status/1088112570421129216