January 23, 2012

#SCADA IDIOTS #FULLDISCLOSURE By @ntisec part-II



#fulldisclosure #US United States of America Wide open #SCADA systems #PART-II

                         _..._             _____                         _____     
                      .-'_..._''.         /    /     _______            /    /     
                    .' .'      '.       /    /        ___ `'.        /    /      
       /|  /|      / .'                 /    /        ' |--.        /    /       
   ___//__//__    . '                  /    /         | |      '    /    /        
  '--//--//---'   | |                 /    /  __      | |     |  '  /    /  __     
 ___//__//__   _  | |                /    /  |  |     | |     |  | /    /  |  |    
'--//--//---'.' | . '               /    '   |  |     | |     ' .'/    '   |  |    
  |/  |/    .   | / '.          . /    '----|  |---. | |___.' /'/    '----|  |---.
          .'.'| |// '. `._____.-'//          |  |   |/_______.'//          |  |   |
        .'.'.-'  /    `-.______ / '----------|  |---'_______|/ '----------|  |---'
        .'   _.'              `             |  |                          |  |    
                                            /____                        /____   

@ntisec
Exposes American #SCADA systems #fulldisclosure

The world has been warned enough, and corporate power has done nothing. People are at risk. We all need to be made aware of
our infrastructure lacking normal forms of safety procedures.

Hackers are targeting #SCADA this year and we have to do something about it.!

So here we go.

Please take some Screenshots and show them to me on @twitter @ntisec.
Be careful and don’t cause rampant anarchy. They might trace you and I have warned you not to alter control states. Just have a look around
To see 4 yourself how these systems affect our everyday life.

Maybe its time politics pointed their attention to bigger problems then #SOPA #PIPA etc.
Trying to regulate the last freedom, will cause uprising and dangerous cyber threats.
As our financial state gets worse and the smart IT and SEC workers have nothing to da
they will at least cause mayhem against what in our view is injustice.
Arresting and kidnapping foreign people for spreading bandwidth? #OPMEGAUPLOAD?
Go try and fix your infrastructure first. Its wide open to legally expose and enter your
buildings. Like urban exploring from behind my PC.

Locking up Bradley manning? Better be careful a hacker does not open his jail-doors 4fun!

Don’t even need an exploit to get in here. Don’t even have to be a hacker. No passwords what so ever.

So how is the state of your other #SCADA systems like your electrical grid? Or traffic management?
What about chemical industry? Or can hackers switch some stuff that sends trains to another fail?

That pump you saw a while back is just the first sign of being infiltrated.

It can be your vent system, a cooky factory up to a switch that switches of an entire country and economy.

These systems where found through google and shodanHQ by using the search term:


 :|slot:/

After this leak/fulldisclosure I am leaving the #TRIDIUM / #NIAGARA vector alone and will show one of  many new flaws.

Finding them and linking them is completely legal.

Be careful not to touch anything.

http://69.147.183.35/ord?station:|slot:/
http://204.77.52.109/ord?station:|slot:/
http://67.63.151.10/ord?station:|slot:/
http://64.147.37.63/ord?file:^px/Home.px
http://64.222.74.174/ord?file:^nav/cti/PI.html
http://76.164.24.92/ord?file:^px/ArborMain.px
http://207.75.101.203/ord?file:^px/HomePage.px
http://75.127.232.182/ord?station:|slot:/Graphics
http://206.216.159.139/ord?station:|slot:/Energy/Page1
http://206.216.159.139/ord?station:|slot:/Energy/Page1
http://70.169.56.157/file/Site_1024x768/Main.html
http://128.197.213.239/ord?station:|slot:/pxTank
http://69.196.103.45/ord?station:|slot:/fxApp

http://71.159.173.190/ord?station:|slot:/fxApp
http://12.236.111.59/ord?station:|slot:/fxApp
http://12.175.24.254/ord?file:^px/Graphic.px
http://70.148.94.36/ord?station:|slot:/HomePage
http://207.157.127.14/ord?station:|slot:/
http://204.77.52.67/ord?station:|slot:/pxHome
http://216.49.115.10/ord?station:|slot:/HomeGraphic




     ______      __    __    __      __                              
   _/      _   |    |    |      |                               
  /   $$$$$$   | $$ | $$ _| $$_    $$  _______   ______    _______
 /  $$$____$$$ | $$$| $$|   $$   |  /       /        /      
|  $$/     $$| $$$$ $$ $$$$$$  | $$|  $$$$$$$|  $$$$$$|  $$$$$$$
| $$|  $$$$$| $$| $$$$ $$  | $$ __ | $$ $$    | $$    $$| $$     
| $$| $$| $$| $$| $$ $$$$  | $$|  | $$ _$$$$$$| $$$$$$$$| $$_____
| $$ $$  $$| $$| $$  $$$   $$  $$| $$|       $$ $$     $$    
 $$ $$$$$$$$  $$   $$    $$$$  $$ $$$$$$$   $$$$$$$  $$$$$$$
  $$ __/                                                          
   $$$    $$$       Released Fulldisclosure by https://twitter.com/#!/ntisec
     $$$$$$                            @ntisec

No comments:

Post a Comment

-