PlanetCreator.Net has attacked this morning, A burmese hackers group named BurmeseHackers,

GMT +8 Malaysia :- 05:24am  02/02/2010,

Attacking IP : – 64.22.117.2, 60.22.117.8

Attacking Method :- DDoS (Distributed Denial-of-service)

To , BurmeseHackers Group

This is from PlanetCreator’s SecurityTe@m, I would like you all to know that If you attack us, you are taking your freedom into your own hands. You will be identified, you will be named, you will be caught, you will be prosecuted and then you will be sued in civil court even as you sit in your jail cell.

PlanetCreator

PlanetCreator has reported another critical MySQL Injection (vulnerability) on www.mymasjid.net.my

This vulnerability has been alerted to :- Webmaster : azrul.alwi@gmail.com

Applications:  ———— PlanetCreator’s_Universal_Advanced_Internet_Security_T00L
System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 2/01/2010 10:01:56 PM
Host IP:        202.75.48.131
Web Server:     Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8
Powered-by:     PHP/5.2.8
Current User:     myjodoh_rule@localhost
Sql Version:     5.0.87-community
Current DB:     myjodoh_mymasjid
System User:     myjodoh_rule@localhost
Host Name:     server1.myjodoh.net

Data Bases:     information_schema
—————– myjodoh_abuheakal
—————–myjodoh_dbwiki
—————– myjodoh_doc
—————– myjodoh_list
—————– myjodoh_myjodoh
—————– myjodoh_mymasjid
—————– myjodoh_ostt1
—————– myjodoh_trans
—————– myjodoh_wikidb
—————– myjodoh_wrdp2

Tables found:

markers,tbact,tbacttemplate,tbart,tbbab,tbcountry,tbforum,tbhadith,tbhadithrs,tbkitab,tbkuliah,tbloc,tblocation,tbmasjidcor,tbmsg,tbpenceramah,tbprofile,tbquran,tbsolat,tbstate,tbsurah,tbtarikh,tbunsub,useronline

In this case, Attacker (Hacker) can easy to retrieve all user and webmaster’s info and password from Database. Yes! there are more than 30,000 (Thirty Thousand) user’s account, mail, password, info

This is screen shot

PlanetCreator

Today!, We got some amazing news from CyberWar, Yeah!

Burmese Hackers Group! Named (“BurmeseHackers” or “UnderGround Hackers Group @ ughackersgroup{at}gmail.com”), Hacked Georgia Gorvernment’s Web  www.moh.gov.ge ,

Really rare event, cos i’ve never heard about this hackers group before!

They attacked till server’s root, and they put some more screenshots as follow,

The End

PlanetCreator has reported Critical XSS vulnerability on Official Portal of Kuala Lumpur, Malaysia Web Site,

http://www.planetcreator.net/2009/09/critical-xss-vulnerability-on-official-portal-of-kuala-lumpur-malaysia-web-site/

and

http://www.xssed.com/mirror/64058/

but nobody takes action ~~~ How come?

Hello, DBKL’s Staffs! Are you just looking for your license fees? (Yeah- I paid 300RM for my company and 100RM for your Teh Tarik (Coffe` Fees), cos if you don’t pay money to DBKL, you won’t get license as well… ) …

Don’t just going to around and finding some funds for urself, come up and check out ur web! Many Hackers are watching .Gov websites!….
(more…)

PlanetCreator had informed OUM’s XSS Vulnerability http://www.planetcreator.net/2009/11/critical-xss-vulnerability-on-open-university-malaysia/

But nobody cares , How come they all wana do like this so shit! Where is OUM’s Wemaster? Sleeping @ Camp?

Yeah, Hello OUM’s Webmaster!!! Let me remind you again that your Web has MsSQL Vulnerability! Don’t you believe or Don’t you know that?

Let me show you some hints!!!!

http://www.oum.edu.my

State @ne – started—-
Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Securi ty_T00L
System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 1/30/2010 11:01:56 PM
IP Address: ————202.76.239.80
Web Server: Apache/2.2.9 (Unix) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8h PHP/5.2.6 mod_apreq2-20051231/2.6.0 mod_perl/2.0.4 Perl/v5.10.0
Host Name: oumdev
Installation dir: /opt/lampp/ (more…)