De novo, Microsoft desfigurada

02/08/2008 Written by Marcelo Almeida (Vympel)

billg_casuall Novamente a Microsoft teve seus sites desfigurados por uma falha de Injeção de SQL. Poucos dias atrás o defacer conhecido como Agd_scorp, desfigurou 6 websites da Microsoft, todos por uma falha de SQL no código dos sites.
Alguns anos atrás, a Microsoft era o alvo preferido dos defacers que queriam “divulgar” o Linux, hoje em dia, com a adoção em massa do Linux eles preferem apenas a “fama” de invadir um site famoso. Nos sites o defacer Agd_Scorp apenas deixou uma mensagem dizendo que o site tinha sido invadido.

O mesmo defacer vem atacando sites famosos nos últimos dias (por exemplo https://dol.hqda.pentagon.mil) todos por SQL Injection, em uma clara demonstração que empresas famosas e sites do Governo não estão dando a devida atenção ao código fonte de seus sites, ou seus administradores não tem a menor idéia do que significa segurança…

Abaixo segue os links de algumas invasões aos sites da Microsoft:

Date	Attacker	Flags	Domain	OS	View
2008/07/28	Agd_Scorp	R	…ner.microsoft.co.kr/pds/new_pds_list.asp	Win 2003
2008/07/28	Agd_Scorp	M	microsoft.com.mk/Licenciranje	Win 2003
2008/07/28	Agd_Scorp	H M	windowsxp.com.mk	Win 2003
2008/07/28	Agd_Scorp	H	microsoft.com.al	Win 2003
2008/06/20	Agd_Scorp	H	microsoft-press.dk	Win 2003
2008/06/20	Agd_Scorp	H M	microsoftpress.dk	Win 2003
2008/02/05	SPY-CX5	H	microsoft.com.tr	Win 2003
2006/06/18	TiTHacK		experts.microsoft.fr/default.aspx	Win 2003
2007/04/29	Cyber-Terrorist		ieak.microsoft.com/1.0/NewLicensee.asp	Win 2000
2007/03/10	blackwolf	R	…t.co.kr/msdn/Notice/Notice_View_List.asp	Win 2000
2007/06/27	rEmOtEr		…events/net/eventdetail.aspx?eventid=8399	Win 2003
2005/07/06	Apocalypse	R	microsoft.co.uk/Apocalypse.gif	Win 2003
2005/08/31	G.B.R TEAM		partner.microsoft.co.kr/map/gbr.asp	Win 2000
2004/03/30	r00t_system	H M	member.microsoft.co.kr	Win 2000
2004/03/30	c0d3rz		register.microsoft.co.kr/index.htm	Win 2000
2004/05/25	OutLaw		microsoft.com/mspress/uk	Win 2003
2002/03/25	Silver Lords	H	cust-supp-chat.one.microsoft.com	Windows
2002/03/16	Perfect.Br	H	officecouncil.rte.microsoft.com	Win NT9x
2002/03/13	Silver Lords		officecouncil.rte.microsoft.com/fp	Win 2000
2002/03/10	Silver Lords	H	olab2.research.microsoft.com	Windows
2001/06/22	Prime Suspectz	H	arulk.rte.microsoft.com	Windows
2001/06/21	Prime Suspectz	H	redsand.rte.microsoft.com	Windows
2001/05/09	Prime Suspectz	H	streamer.microsoft.com	Windows
2001/05/04	Prime Suspectz	H	microsoft.co.uk	Windows

Lista completa dos domínios Microsoft invadidos:

2005-05-11 00:20:24 Unknown Core http://www.microsoft.com.mx/cgi-bin
2004-03-29 01:58:58 c0d3rz http://register.microsoft.co.kr/index.htm
2004-05-25 04:42:26 OutLaw http://www.microsoft.com/mspress/uk
2004-05-16 17:24:47 iskorpitx http://www.microsoft.com.mx/cgi-bin
2003-11-09 18:24:30 Affix http://www.microsoft.pl
2002-03-16 11:00:00 Perfect.br http://officecouncil.rte.microsoft.com
2002-03-13 11:31:34 Silver Lords http://officecouncil.rte.microsoft.com/fp
2001-04-27 17:35:31 WoH http://www.microsoft.com.gr
2001-01-23 15:19:07 Prime Suspectz http://www.microsoft.co.nz
2001-04-21 03:55:23 Prime Suspectz http://www.microsoft.com.gr
2001-05-04 02:01:22 Prime Suspectz http://www.microsoft.co.uk
2001-05-04 23:59:01 Prime Suspectz http://www.microsoft.com.mx
2001-05-09 00:22:40 Prime Suspectz http://streamer.microsoft.com
2001-05-10 01:34:35 Prime Suspectz http://pc.microsoft.is
2001-06-21 17:56:07 Prime Suspectz http://redsand.rte.microsoft.com
2001-05-18 16:10:44 pentaguard http://www.microsoft.ro
2001-07-27 10:21:37 m0sad http://www.microsoft.com.sa
2000-01-08 07:18:39 inferno.br http://www.microsoft.com.tw
2001-05-13 11:04:35 cr1m3 0rg4n1z4d0 http://www.microsoft.nsk.ru
2000-12-19 08:53:25 BoLoDoRiO http://www.microsoft.si
2001-06-20 06:33:33 BlackSun http://www.interface.microsoft.co.za
2001-04-20 05:38:35 BLACK-FUUUUUUUU http://www.microsoft.be
2005-07-06 00:37:02 Apocalypse http://www.microsoft.co.uk/Apocalypse.gif
2005-08-12 08:05:13 Apocalypse http://ftp.microsoft.pa.no/index.htm
2005-08-30 23:17:47 G.B.R TEAM http://partner.microsoft.co.kr/map/gbr.asp
2006-04-24 06:22:53 Simiens http://blogs.microsoft.co.il
2006-06-18 19:19:41 TiTHacK http://experts.microsoft.fr/default.aspx
2004-03-30 07:40:25 r00t_system http://member.microsoft.co.kr
2003-11-09 18:24:30 Affix http://www.microsoft.com.pl
2002-12-06 14:56:17 Crime Perfect http://www.microsoft.co.yu/crimeperfect.html
2002-03-24 11:00:00 Silver Lords http://cust-supp-chat.one.microsoft.com
2002-03-25 03:25:37 Silver Lords http://cust-supp-chat.one.microsoft.com
2002-03-16 15:41:57 Perfect.Br http://officecouncil.rte.microsoft.com
2002-03-10 07:04:29 Silver Lords http://olab2.research.microsoft.com
2001-05-05 02:53:48 Prime Suspectz http://www.microsoft.com.sa
2001-06-22 00:40:18 Prime Suspectz http://arulk.rte.microsoft.com
2000-06-04 03:15:28 InSaNiTy ZiNe c0rp. http://www.microsoft.com.br
2000-12-15 05:47:19 Furia.BR http://www.microsoft.si
2007-03-10 02:50:59 blackwolf http://register.microsoft.co.kr/msdn/Notice/Notice_View_List.asp
2007-04-28 19:33:02 Cyber-Terrorist http://ieak.microsoft.com/1.0/NewLicensee.asp
2007-06-26 22:07:33 rEmOtEr http://www.microsoft.co.uk/events/net/eventdetail.aspx?eventid=8399
2007-10-18 18:48:49 mdx http://web03.microsoft.se/portfolio/
2007-12-19 22:53:44 SPY-CX5 http://www.microsoft.com.tr
2008-07-23 18:50:06 Agd_Scorp http://www.microsoft.com.mk/Licenciranje
2008-07-23 18:53:52 Agd_Scorp http://www.microsoft.com.al
2008-07-28 00:57:45 Agd_Scorp http://partner.microsoft.co.kr/pds/new_pds_list.asp

Share this content: