Thanks to Fix0r my (slowly coming back together after the tragedy) lab now has another INFOSEC related framed relic; a WeakNet Linux 3 Lite disk autographed and labeled by the FBI agent who investigated his hardware and software after the raid. Fix0r was kind enough to mail it to me along with an E.T.A. name tape which fits perfectly with the theme. I backed it with a cover from Linux Journal.
It fits perfectly next to my WEP poster snagged during a pen test from Ethermine. :) Thanks Fix!
New and Events
The Gawker compromise went down so hard it seems. I got an Email from them stating that:
“This weekend we discovered that Gawker Media’s servers were compromised,
resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel,
io9, Jalopnik, Kotaku, Deadspin, and Fleshbot. As a result, the user name
and password associated with your comment account were released on the
It turns out a different member of WNL was on there, but I got the Email because I am the owner of the domain. Shortly afterwords I got an Email from LinkedIn about the Gawker breach asking me to change my password there as well!
Here is a direct quote from one of the people from “Gnosis” who claim responsibility for the hack:
“So, here we are again with a monster release of ownage and data droppage. Previous attacks against the target were mocked, so we came along and raised the bar a little. Fuck you gawker, hows this for “script kids”? Your empire has been compromised, Your servers, Your database’s, Online accounts and source code have all be ripped to shreds! You wanted attention, well guess what, You’ve got it now!”
There’s a screenshot taken from one of the owners machines which is kind of humorous:
H.D. Moore released a huge CSV file with domain names and hashed email addresses. You can hash something in Linux quite easily with md5sum or use the md5(); function in PHP, or any other high level programming language. To use his CSV to see if your md5′ed password has been compromised, simply hash it and do a search under “Show Options” on the page.
Isn’t that cool? Gawker calls Gnosis “skiddies,” meanwhile, Gnosis pwns Gawker – entirely. Does Gawker even know what the word “gnosis” means?; far form being a script kiddie. (Although, “technically,” they could have been quite skiddish about their methodologies, of which I have no knowledge.)
In the nick of Time
I dropped GoDaddy like a bucket of mud after being hacked by Hebarieh. Just after the attack on WeakNet Labs’ website, Tully actually pursued a conversation with Hebarieh, who stated that it was a problem with my “provider” and not with my code. Coincidentally, just recently, a GoDaddy SE/XSS exploit was made public by Offensive Security! Then, a new Exim4 exploit was released. Wow, just in the nick of time! Not only have I dropped GoDaddy, but I have forsaken Exim4 as well, a long time ago!
Trust no one.