Wednesday, June 27, 2012

Personal Thoughts About #WikiBoatWednesday 's 1337 Data Leaks

This blog post comes partly because I just remembered I have a blog that I never update, and partly because I just read about one of @TheWikiBoat's dump and found it hilarious.

So here we go ...

This post is in reference to the following dump: http://pastebin.com/kUzhSFFP
and the related news posted about it (http://news.cnet.com/8301-1009_3-57462403-83/latest-hacker-dump-looks-like-comcast-at-t-data/)

So TWB claims to have gotten its hands on Comcast employee's names and salaries huh?

Wow! How were they able to get their hands on this super sensitive database?
Could it be from this link?? http://home.comcast.net/~drbrucehartman/exercise5_4.sql
It clearly says "comcast.net", it gotta be comcast's own database backed up in Dr. Bruce Hartman's (Professor of Operations Management and Statistics) personal folder, right?

Well, wait don't these links have the same info?
http://pages.cs.wisc.edu/~dbbook/openAccess/thirdEdition/exercise_data/emp.txt
http://medicalopensource.net/mcs/ex5sql.html


Turns out these information are the tables used in Ramakrishnan's textbook Database Management Systems for Chapter 5 (exercise 5.4 more specifically).

Moving on to the facebook quiz UB3R leak (that contains data as fresh as 2009):
You can visit this link for even more "dumps", http://c-76-24-66-27.hsd1.ma.comcast.net/facebook/facebook-platform/Cron/ now how's that for a leak?

Not that I'm disrespecting any of your accomplishments, but you gotta admit the "Comcast database leak" is just hilarious. At least do a little bit of research before claiming to have leaked something - for your credibility's sake.

I'm now reading some twitter feeds about "#UGNazi and #TheWikiBoat will be teaming up to give you all a show this Friday!" ... I would love to see what they got in store ... I hope it's not DDoS attacks as these are becoming more and more lame.
(NB: some UGNazi members, including its self-proclaimed leader, have been arrested by the FBI a couple of days ago).

Goodnight!

EDIT: I just read TheWikiBoat's statement (http://pastebin.com/43ft5UU4), and saw the "GOVERNMENT PROXY LIST LEAKED", which is in fact a list from MIT's host files (ftp://amusing.mit.edu/afs/net/admin/hosts/hosts.campus , ftp://amusing.mit.edu/afs/net/admin/hosts/hstath.txt, etc.. you can get more info by digging into the folders: ftp://amusing.mit.edu/afs/ )

EDIT 2: The "Uganda Education System Leak" also goes back to 2009 http://emailactivate.mak.ac.ug/emails-2009-2010.sql