剑桥大学被黑，黑客组织NullCrew要求释放阿桑奇 Secer's Blog - 记录互联网安全历程与个人成长经历

黑客组织Anonymous有关的团伙NullCrew日前攻破了英国剑桥大学一些院系的计算机系统，获取了数据信息，并公开了一些用户名和密码。组织还发表声明，威胁还会空开更多东西，NullCrew和Anonymous一同采取的行动还远没有结束，也绝不会在对阿桑奇的正义得以伸张之前结束。

“My weapon is my voice. Time to raise yours.” – @AnonyOps

                                 _   _       _ _ _____                  
                                | \ | |     | | /  __ \                  
                                |  \| |_   _| | | /  \/_ __ _____      __
                                | . ` | | | | | | |   | '__/ _ \ \ /\ / /
                                | |\  | |_| | | | \__/\ | |  __/\ V  V /
                                \_| \_/\__,_|_|_|\____/_|  \___| \_/\_/  
                          	   @OfficialNull - @manst0rm - Vlad
                                #######################################

#OpFreeAssange
#FuckThePolice
#NullCrew

"My weapon is my voice. Time to raise yours." - @AnonyOps

				#######################################

University of Cambridge Hacked, multiple sub-domains.

There is much more where this came from, and don't think this is the end. NullCrew, along with the whole Anonymous movement isn't near finished with you. And we never will be, until the right thing is done with Julian Assange. Next time it will be worse, we guarantee it.

				#######################################

#1: http://www.crassh.cam.ac.uk/

user_name 	user_pass
_________________________

apm50 	819b0643d6b89dc9b579fdfc9094f28e
ch335 	cac0da76054a2c60f2912895135ff1b4
crassh 	648973eafcbefad340434268d258e2fd
el269 	b330516f8678c6f8c0b28f8332f6ff32
gjj24 	5f4dcc3b5aa765d61d8327deb882cf99
hb380 	7c6a180b36896a0a8c02787eeafb0e4c
ic223 	7c6a180b36896a0a8c02787eeafb0e4c
jmk28 	7c6a180b36896a0a8c02787eeafb0e4c
lw243 	629ab14fab772d78a58eea752bdfc0dc
lw243 	629ab14fab772d78a58eea752bdfc0dc
mm405 	7c6a180b36896a0a8c02787eeafb0e4c
raa43 	5f4dcc3b5aa765d61d8327deb882cf99
rhr32 	73f48104be856eee268178cd2a5eb808
sdg1001 	3d4e992d8d8a7d848724aa26ed7f4176
sjrm2 	f8dbe37170ce10aded2eb0e412a6957f
tba20 	de1cf6d0f0ead7e81b38e0d87adf21d6
test 	ae2b1fca515949e5d54fb22b8ed95575




#2 http://www.bss.phy.cam.ac.uk/steiner/

Username: admin
Password: admin




#3 http://www-hki.fitzmuseum.cam.ac.uk/archives/wn/search.php?pid=gSearch&s_arg[]=Field&bln[]=PHRASE&fld[]=named_individuals_sum&cnt=25

SQL Injection vulnerability, nothing too important in the database.




#3 http://como.cheng.cam.ac.uk/

MySQL Database Users:

User: root
Pass: 373f9da34562cf25
Host: localhost

User: root:
Pass:
Host: como.cheng.cam.ac.uk

User:root:
Pass:
Host: 127.0.0.1

User: bibtex
Pass: 7807b39746f522b2
Host: localhost

User: cbs
Pass: 3a7876553a3c0066
Host: localhost

User: prime
Pass: 4a8de62465af89be
Host: localhost

User: como
Pass: 7807b39746f522b2
Host: localhost


/etc/passwd:

root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin avahi-autoipd:x:499:499:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin vcsa:x:69:498:virtual console memory owner:/dev:/sbin/nologin ntp:x:38:38::/etc/ntp:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin distcache:x:94:494:Distcache:/:/sbin/nologin nscd:x:28:493:NSCD Daemon:/:/sbin/nologin rpcuser:x:29:492:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin tcpdump:x:72:72::/:/sbin/nologin avahi:x:498:491:avahi-daemon:/var/run/avahi-daemon:/sbin/nologin apache:x:48:490:Apache:/var/www:/sbin/nologin abrt:x:497:489::/etc/abrt:/sbin/nologin openvpn:x:496:488:OpenVPN:/etc/openvpn:/sbin/nologin rtkit:x:495:487:RealtimeKit:/proc:/sbin/nologin saslauth:x:494:486:"Saslauthd user":/var/empty/saslauth:/sbin/nologin mailnull:x:47:485::/var/spool/mqueue:/sbin/nologin smmsp:x:51:484::/var/spool/mqueue:/sbin/nologin sshd:x:74:483:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin webalizer:x:67:482:Webalizer:/var/www/usage:/sbin/nologin torrent:x:493:481:BitTorrent Seed/Tracker:/var/lib/bittorrent:/sbin/nologin haldaemon:x:68:480:HAL daemon:/:/sbin/nologin exim:x:93:93::/var/spool/exim:/sbin/nologin clamupdate:x:492:479:Clamav database update user:/var/lib/clamav:/sbin/nologin smolt:x:491:478:Smolt:/usr/share/smolt:/sbin/nologin mysql:x:27:477:MySQL Server:/var/lib/mysql:/bin/bash squid:x:23:23::/var/spool/squid:/sbin/nologin pulse:x:490:476:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin gdm:x:42:474::/var/lib/gdm:/sbin/nologin ajs224:x:500:501:Alastair J. Smith:/home/ajs224:/bin/bash tomcat:x:91:91:Apache Tomcat:/usr/share/tomcat6:/bin/sh ras81:x:502:501:Raphael Shirley:/home/ras81:/bin/bash wp214:x:503:501:Weerapong Phadungsukanan:/home/wp214:/bin/bash ganglia:x:489:473:Ganglia Monitoring System:/var/lib/ganglia:/sbin/nologin nx:x:504:502::/var/lib/nxserver/home:/usr/libexec/nx/nxserver tst25:x:505:501:Timothy Totton:/home/tst25:/bin/bash lrm29:x:506:501:Labs "Grumpy" McGlashan:/home/lrm29:/bin/bash ss663:x:507:507:Shraddha Shekar:/home/ss663:/bin/bash wjm34:x:508:501:William Menz:/home/wjm34:/bin/bash ircd:x:488:472:IRC service account:/usr/lib64/ircd:/sbin/nologin





#4: http://saffron.caret.cam.ac.uk/

Username: admin
Password: ef3c2add5c1d158138f821bd3a0a07f550696677942d

剑桥大学被黑，黑客组织NullCrew要求释放阿桑奇

Hacking more