A group calling themselves the Brazilian Army has continued to breach websites all over Brazil and in some cases other parts of South America. Since this is one of the few regions around the world that is actually seeing some decent economic growth many attackers find it ripe for exploitation. As always this information is for educational purposes. We show these compromised systems so that you understand the current threat environment that surrounds us everyday and how significant it is to take the appropriate countermeasures to safeguard your critical data no matter what size your organization is as well as your individual data driven devices. Below is POC of the www.alcidesmaya.com.br Exploit .Again as always be proactive not reactive in safeguarding your critical data and stay safe out there. Subsequently as you are aware this blog is provided to the public to offer education in the area of IT security, creating awareness and increasing collaboration so you can implement the appropriate countermeasures such as those described in ISO13335 to prevent yourselves from becoming victims in the current threat environment,
The Breach is provided below as I will continue to monitor the net to safeguard systems and individuals critical data. Additionally this information is provided to our readers as an addendum to the California Database Security Breach Act. Please do your part in helping to inform those who have been exploited as you would want others to notify you if your critical data had been compromised. Karma!
# WebSite Hacked Brazilian Cyber Army
# https://twitter.com/TeamBCA
www.alcidesmaya.com.br Breached By Brazilian Cyber Army
Host: http://www.alcidesmaya.com.br/
Host IP: 67.222.17.134
#####################
### alcidesm_2010 ###
#####################
Table Name Columns
__interesse_cursos__ id curso nome email telefone ip datahora atendente repassado_em
acessos id ip_id pagina_id data
agendamento_atendimento id nome telefone email data_agendada data_cadastro
apostilas id arquivo
avaliacao_site id codigo_aluno resposta1 resposta2 comentario
avisos id titulo resumo texto data data_final publicado_por imagem destaque ativo
cadastro_visitantes id nome sobre_nome email data_cadastro opt_in
cadastros_landing_page id data nome email telefone mensagem curso atendido data_atendido
cursos id nome resumo descricao id_intra id_totvs status foto qualificacao_para carga_horaria mes_previsto
interesse_cursos id curso nome email telefone ip datahora atendente repassado_em
log_acessos id url ip data_hora
noticias id titulo resumo texto data fonte fonte_link ativo categoria publicado_por ip_publicacao data_publicacao imagem destaque
prev_cursos id cod_curso texto status data
wp_commentmeta meta_id comment_id meta_key meta_value
wp_comments comment_ID comment_post_ID comment_author comment_author_email comment_author_url comment_author_IP comment_date comment_date_gmt comment_content comment_karma comment_approved comment_agent comment_type comment_parent user_id
wp_links link_id link_url link_name link_image link_target link_description link_visible link_owner link_rating link_updated link_rel link_notes link_rss
wp_options option_id option_name option_value autoload
wp_postmeta meta_id post_id meta_key meta_value
wp_posts ID post_author post_date post_date_gmt post_content post_title post_excerpt post_status comment_status ping_status post_password post_name to_ping pinged post_modified post_modified_gmt post_content_filtered post_parent guid menu_order post_type post_mime_type comment_count
wp_sharebar id position enabled name big small
wp_term_relationships object_id term_taxonomy_id term_order
wp_term_taxonomy term_taxonomy_id term_id taxonomy description parent count
wp_terms term_id name slug term_group
wp_usermeta umeta_id user_id meta_key meta_value
wp_users ID user_login user_pass user_nicename user_email user_url user_registered user_activation_key user_status display_name
information_schema
Table Name Columns
#########################################
######## alcidesm_atendimento ###########
#########################################
Table Name Columns
atendimento id_atendimento nome email telefone cpf data operador situacao online onlineoperador ip
atendimentoconversa id_conversa atendimento datahora mensagem origem
operador id_operador nome usuario senha online ativo
################################################################################################
Wp_users Dump
ID=1
user_login=amblog_admin
user_pass=$P$B1Lu3mJMpdpv3l3IEtyJ1rFtKqXhCn0
user_nicename=amblog_admin
user_email=lucascoiro@alcidesmaya.com.br
ID=2
user_login=alcidesmaya
user_pass=$P$BVYRoFRk9dL3YpcvFLvr5AhpOmQbCL1
user_nicename=alcidesmaya
user_email=lucascoiro@gmail.com
Operador ID , Name , Password , Login .
id_operador nome usuario senha ativo
1 Viviana Maria Kosloski kosloski f7ea712e1b55a90de175172101d86f20 S
2 Kelen Almeida Crispim kelen 5f6dd896bf30d7b1acb1c72c7ef63210 N
3 Shauana Demetrio Nold shauana 04e44d91821ae681e4519db5ae1f3e72 N
4 Maria Alice Cruz Martins maria_alice 5bbe28199d9c56e6fb2b1f79b7192e61 S
5 daniela_scott b3624e1868c06427155d7f1dc09c422f N
6 JULIANA CRISTINA DUARTE juliana_duarte 192309aaddc500140db28668e1bbd8b5 S
7 Deise silvana Oss-Emer Dal Ross deise 734feca82a1516ee4a5d9774576982c0 N
8 Luciana Franco lfranco ec8f44022ee0292f160fc55c0807c496 S
9 JULIANA CAMARATTA SANTOS juliana_camaratta e83e630774ff5a2d472b4fddbfa31343 N
10 Anderson Ceresa aceresa 3da3c5074acaca2dc460227a1bedcc13 S
11 evelyn_camara 63f212ca5d9787654ef31bc7f1cc3055 N
12 RITA DE CASSIA HAUSSEN rita_haussen e11fd1fac4febf388e9f517a59b8c3a9 N
13 FRANCIELLE PINTO BRITO francielle_brito 25d55ad283aa400af464c76d713c07ad N
14 NATASHA DE OLIVEIRA natasha_oliveira bc062b5ecbff1d6b6b2b291d0d8f83be N
15 MARIELLY COSTA DA CRUZ marielly_cruz 110eff7d40a3779f4513c1be6f8fffcf N
16 mari fe97e5296850c2dd9279b95644422b32 S
17 GRAZIELE FERNANDA BOITA graziele_boita 07825812126ddc5c31ecbac5854df209 N
18 BRUNA MAXWELL DA CONCEI bruna_conceicao 2a31104f022dc41c6f286a3676f727c3 S
19 GABRIELA SILVEIRA TAVARES gabriela_tavares 437b930db84b8079c2dd804a71936b5f S
20 CASSIA DE AVELLAR BERZAGUI cassia_berzagui 130c7d1ed3539a48996bcada0d468d5a S
21 ELIEZER VARGAS eliezer_vargas bd9e4cec79c2a736932d1d723a2c58f8 N
22 JENIFER ROLDAO COIRO jenifer_coiro 97949a1d71d765f34993ab5cebc96b9b S
23 JEOVANI OLIVEIRA DE SOUZA jeovani_souza 1078703742ff0577984f13c025cf2956 S
24 LETICIA LEIVAS MIRO leticia_miro 47114a3d1cd22455431eb5ff421b5d1d S
##############################################################################################
Others Vulnerability
Cross Site Scripting ( XSS )
/portal/atendimento-email.php
File Upload
/portal/trabalhe-conosco/index.php.
PhpInfo
/portal/info.php
#############################################################################################
Contato ? brazilliancyberarmy@gmail.com
The Breach is provided below as I will continue to monitor the net to safeguard systems and individuals critical data. Additionally this information is provided to our readers as an addendum to the California Database Security Breach Act. Please do your part in helping to inform those who have been exploited as you would want others to notify you if your critical data had been compromised. Karma!
# WebSite Hacked Brazilian Cyber Army
# https://twitter.com/TeamBCA
www.alcidesmaya.com.br Breached By Brazilian Cyber Army
Host: http://www.alcidesmaya.com.br/
Host IP: 67.222.17.134
#####################
### alcidesm_2010 ###
#####################
Table Name Columns
__interesse_cursos__ id curso nome email telefone ip datahora atendente repassado_em
acessos id ip_id pagina_id data
agendamento_atendimento id nome telefone email data_agendada data_cadastro
apostilas id arquivo
avaliacao_site id codigo_aluno resposta1 resposta2 comentario
avisos id titulo resumo texto data data_final publicado_por imagem destaque ativo
cadastro_visitantes id nome sobre_nome email data_cadastro opt_in
cadastros_landing_page id data nome email telefone mensagem curso atendido data_atendido
cursos id nome resumo descricao id_intra id_totvs status foto qualificacao_para carga_horaria mes_previsto
interesse_cursos id curso nome email telefone ip datahora atendente repassado_em
log_acessos id url ip data_hora
noticias id titulo resumo texto data fonte fonte_link ativo categoria publicado_por ip_publicacao data_publicacao imagem destaque
prev_cursos id cod_curso texto status data
wp_commentmeta meta_id comment_id meta_key meta_value
wp_comments comment_ID comment_post_ID comment_author comment_author_email comment_author_url comment_author_IP comment_date comment_date_gmt comment_content comment_karma comment_approved comment_agent comment_type comment_parent user_id
wp_links link_id link_url link_name link_image link_target link_description link_visible link_owner link_rating link_updated link_rel link_notes link_rss
wp_options option_id option_name option_value autoload
wp_postmeta meta_id post_id meta_key meta_value
wp_posts ID post_author post_date post_date_gmt post_content post_title post_excerpt post_status comment_status ping_status post_password post_name to_ping pinged post_modified post_modified_gmt post_content_filtered post_parent guid menu_order post_type post_mime_type comment_count
wp_sharebar id position enabled name big small
wp_term_relationships object_id term_taxonomy_id term_order
wp_term_taxonomy term_taxonomy_id term_id taxonomy description parent count
wp_terms term_id name slug term_group
wp_usermeta umeta_id user_id meta_key meta_value
wp_users ID user_login user_pass user_nicename user_email user_url user_registered user_activation_key user_status display_name
information_schema
Table Name Columns
#########################################
######## alcidesm_atendimento ###########
#########################################
Table Name Columns
atendimento id_atendimento nome email telefone cpf data operador situacao online onlineoperador ip
atendimentoconversa id_conversa atendimento datahora mensagem origem
operador id_operador nome usuario senha online ativo
################################################################################################
Wp_users Dump
ID=1
user_login=amblog_admin
user_pass=$P$B1Lu3mJMpdpv3l3IEtyJ1rFtKqXhCn0
user_nicename=amblog_admin
user_email=lucascoiro@alcidesmaya.com.br
ID=2
user_login=alcidesmaya
user_pass=$P$BVYRoFRk9dL3YpcvFLvr5AhpOmQbCL1
user_nicename=alcidesmaya
user_email=lucascoiro@gmail.com
Operador ID , Name , Password , Login .
id_operador nome usuario senha ativo
1 Viviana Maria Kosloski kosloski f7ea712e1b55a90de175172101d86f20 S
2 Kelen Almeida Crispim kelen 5f6dd896bf30d7b1acb1c72c7ef63210 N
3 Shauana Demetrio Nold shauana 04e44d91821ae681e4519db5ae1f3e72 N
4 Maria Alice Cruz Martins maria_alice 5bbe28199d9c56e6fb2b1f79b7192e61 S
5 daniela_scott b3624e1868c06427155d7f1dc09c422f N
6 JULIANA CRISTINA DUARTE juliana_duarte 192309aaddc500140db28668e1bbd8b5 S
7 Deise silvana Oss-Emer Dal Ross deise 734feca82a1516ee4a5d9774576982c0 N
8 Luciana Franco lfranco ec8f44022ee0292f160fc55c0807c496 S
9 JULIANA CAMARATTA SANTOS juliana_camaratta e83e630774ff5a2d472b4fddbfa31343 N
10 Anderson Ceresa aceresa 3da3c5074acaca2dc460227a1bedcc13 S
11 evelyn_camara 63f212ca5d9787654ef31bc7f1cc3055 N
12 RITA DE CASSIA HAUSSEN rita_haussen e11fd1fac4febf388e9f517a59b8c3a9 N
13 FRANCIELLE PINTO BRITO francielle_brito 25d55ad283aa400af464c76d713c07ad N
14 NATASHA DE OLIVEIRA natasha_oliveira bc062b5ecbff1d6b6b2b291d0d8f83be N
15 MARIELLY COSTA DA CRUZ marielly_cruz 110eff7d40a3779f4513c1be6f8fffcf N
16 mari fe97e5296850c2dd9279b95644422b32 S
17 GRAZIELE FERNANDA BOITA graziele_boita 07825812126ddc5c31ecbac5854df209 N
18 BRUNA MAXWELL DA CONCEI bruna_conceicao 2a31104f022dc41c6f286a3676f727c3 S
19 GABRIELA SILVEIRA TAVARES gabriela_tavares 437b930db84b8079c2dd804a71936b5f S
20 CASSIA DE AVELLAR BERZAGUI cassia_berzagui 130c7d1ed3539a48996bcada0d468d5a S
21 ELIEZER VARGAS eliezer_vargas bd9e4cec79c2a736932d1d723a2c58f8 N
22 JENIFER ROLDAO COIRO jenifer_coiro 97949a1d71d765f34993ab5cebc96b9b S
23 JEOVANI OLIVEIRA DE SOUZA jeovani_souza 1078703742ff0577984f13c025cf2956 S
24 LETICIA LEIVAS MIRO leticia_miro 47114a3d1cd22455431eb5ff421b5d1d S
##############################################################################################
Others Vulnerability
Cross Site Scripting ( XSS )
/portal/atendimento-email.php
File Upload
/portal/trabalhe-conosco/index.php.
PhpInfo
/portal/info.php
#############################################################################################
Contato ? brazilliancyberarmy@gmail.com
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information