Saturday, July 25, 2009

Gadi Evron trashes Matasano Security

Gadi Evron, prize winning turkey farmer, accomplished zoologist, and leader of the underground hacker cult known as "antisec" struck an epic blow against the white hat community this morning by defacing the website of Matasano Security.

haxlog http://seclists.org/fulldisclosure/2009/Jul/0388.html
screenshot http://twitpic.com/blss1

A funny note from our favorite appelbaum mentions that the matasano web server is actually being hacked from an idefense mail server(209.112.118.10). Lulzy extreme.

I spent a couple hours bruting the hash for this "adam" character mentioned in the haxlog, and either my machine is way too slow, or adam was NOT using a trivial password. If that is the case, and assuming antisec didn't tamper with the log (TERRIBLE ASSUMPTION), then the attack being used is not a simple ssh password enumeration like many seem to be claiming. This raises the possibility that antisec is actually in possession of some rather 1337 0day.

I really hope those running forensics on the penetration come up with something awesome, and can finally provide some solid evidence one way or the other on this mystical claims of ssh 0day. From what I can make out, it also looks like Gadi is going to attempt to sell his ssh 0day at infosecsellout's auction next week for 500k.