Showing posts with label copyright. Show all posts
Showing posts with label copyright. Show all posts

Monday, August 22, 2011

GEMA hacked by anonymous



The GEMA (A german music copyright watchdog) has been hacked a few hours ago by @THE_SENQU / @AnonyPwnies




Several hours the website has been defaced with a Youtube apology screen, like we have seen many times before. (Sorry, this song... etc.)

It says:
"Sorry, this page isn't (not only) available in germany, because it could link to a company for which ANONYMOUS didn't release the necessary "freedom rights". We are sorry. NOT!"

The hackers released a ~17 MB (~350 MB unzipped) SQL-Dump file @ multiple OCHs.
Pic related.
( dump_p-www-direkt.gema.de_interP1_16-07-2011-05-53-34.rar )



Funny about this:
Over one month ago, a unkown person attacked the gema.de website successfully. (SQL Injection).
He released some user names and passwords. Pastebin


Last night all GEMA printers had been attacked, too. The attackers changed / set a random password. "Have fun, setting up the printers. But please use a password this time!"


Right now ( ~16:30) it's still defaced. Or to be more precise it's routed to a HTML-Pastebin ( http://pastehtml.com/view/b4pzxvn2x.html )


"The hackers claim to have stolen a massive amount of GEMA data"
computer.t-online.de


Background music: "Portal - Credits song 'Still alive' http://www.youtube.com/v/Y6ljFaKRTrI

"The GEMA is an association, which represents the copyright musicians and songwriters."
So a translation states. In fact, the GEMA is more like a surveillance agency with shady (nearly gestapo-like) methods to find and bring down potential copyright violaters.


Inside GEMA






Update:

17:22 - The battle still continues..
Sometimes the visitors are redirected to the pasteHTML page, sometimes they just get a "503 - service temporary unavailable" message.
The gema IT "experts" managed to put the website back on 5 times, but without solving the security issue.

Link GEMA Statement


17:40 - Video message released / fifth defacement.

Translation:
We are anonymous. Since you didn't follow our last call we are forced to attack your website. Have a nice day. P.S.: IF the admins would spent more time with security then with WoW (World of Warcraft) this attack possibly wouldn't be that effective. thanks for your support!
http://www.youtube.com/watch?v=Kq4R0Bv6xws
Video:




23:17 - Hack "documentation"

It all started with a SQL Injection vulnerability and went to #root on XX virtual machines.
Sometimes the password was the username, sometimes it was just "bla" (Webserver)
UserDump


Big "documentation" picture:

http://img7.imagebanana.com/img/w4ro8rt2/gemahack2.png

Links:

Internal NMap Scans
http://pastebin.com/KNYP6J0f
http://pastebin.com/vD2Rc4CB
Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)