Updated with article

ExploitHub admits 'embarrassing oversight' lead to hack

2012-12-12

Jeremy Kirk

http://www.networkworld.com/news/2012/121212-exploithub-admits-39embarrassing-oversight39-lead-265019.html


[...]

The Inj3ct0r Team's hack took advantage of "an accessible install script that was left on the system rather than being removed after installation, which was an embarrassing oversight on our part," ExploitHub said. The problem allowed the Inj3ct0r Team to extract the exploit information from ExploitHub's SQL database.

ExploitHub said it had architected its public-facing web application server in a way to limit the damage if it was compromised. "Being a high profile target, the ExploitHub endures attacks daily," it added.

The marketplace said the hackers only accessed information that was already publicly available by searching through its online catalog. The information included exploit names, prices and the names of researchers but not any actual exploit code, which could be used in attacks.

"The product data is stored elsewhere, and there is currently no evidence that the storage location was accessed by any unauthorized party or that any of the exploit code or other product data has been compromised or stolen as has been claimed," ExploitHub said. "However, our investigation is ongoing."

ExploitHub does not allow zero-day exploits to be included in its marketplace. Zero-day exploits are considered the most dangerous type of attack since it means the software manufacturer has not patched the vulnerability and the exploit is actively being used in attacks.

ExploitHub.com Hacked

2012-12-11

Inj3ct0r Team

http://priv8.1337day.com/exploitHUB.txt

[ExploitHub.com, described as an "iTunes for exploits" has itself been exploited by Inj3ct0r Team who claim to have stolen $242,333 worth of private exploits from the site.]
# Title  : Inj3ct0r Team has hacked ExploitHub.com
# Inj3ct0r-zine : http://priv8.1337day.com/exploitHUB.txt
# Proof: http://priv8.1337day.com/proof_exploit_list.sql
# Home   : 1337Day Exploits Market
# Web    : 1337day.com .net .org
# Fb     : http://fb.me/inj3ct0rs
# Tw     : https://twitter.com/inj3ct0r

[..]

Today (December 11th), the Inj3ct0r Team has hacked http://exploithub.com and we like to add a small line here "
This is for Educational Purpose Only " Inj3ct0r Team stole private exploits worth $242333 (i ll calculate) from
Exploithub

[..]

I show a piece of the database:

"product_name", "product_price",   "created_date",   "author_id", "author_username"

CA Total Defense Suite deleteReportFilter Stored Procedure SQL Injection,100.0000,2012-01-02 14:45:13,"60",Mario
Novell iPrint Client ActiveX Control debug Buffer Overflow,50.0000,2012-01-02 14:45:43,"60",Mario
Trend Micro Internet Security Pro 2010 ActiveX Control Buffer Overflow,50.0000,2012-01-02 14:46:06,"60",Mario
[..]

main page ATTRITION feedback