Monday, May 29, 2017
Home / Security / Breaches / Dakia & ITChowk Hacked

Dakia & ITChowk Hacked

A Site that provides SMS and additional IT based services, SMS Dakia has been hacked in addition to a IT Forum that is committed to teaching IT to others in the Urda language.

This was just announced a short time ago via twitter from @0x00x00.
https://twitter.com/0x00x00/status/244075882115903488

The SMS Dakia leakage was uploaded to dropbox in the format of 2x sql files that carry a raw export from the phone book, users database and ITchowk.com was uploaded to the Ubuntu based paste bin in the format of a raw sql dump.

The files for SMS Dakia are from the user and phone number databases and contain all the user credentials for the sites login as well as all their phone numbers and account details plain text.

All together there is just over 9000 accounts with emails detected, time of publishing the website appeared to be unaffected from this attack.  The attack on the ItChowk.com website has left the website featuring the same 404 page that the previous Pakistani forums were when they got hacked in similar fashion.

The leak contains just over 3000 user accounts from the data base that is said to have over 200k users.

A snippet from the paste bin leak:

*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= _ | | _____ ___ __ ___  __| | / _ \ \ /\ / / '_ \ / _ \/ _` |
| (_) \ V  V /| | | |  __/ (_| | \___/ \_/\_/ |_| |_|\___|\__,_|
 www.twitter.com/0x00x00
www.twitter.com/0x666x0
 Non-authoritative answer:
Name: itchowk.com
Address:  70.84.166.69
 IT Forum ayy ? Security .. wait what security o_0
 *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= _ __ _ _ (_) / _| | | (_) _ _ __ | |_ ___  _ __ _ __ ___ __ _| |_ _  ___  _ __ | | '_ \|  _/ _ \| '__| '_ ` _ \ / _` | __| |/ _ \| '_ \ | | | | | || (_) | |  | | | | | | (_| | |_| | (_) | | | |
|_|_| |_|_| \___/|_|  |_| |_| |_|\__,_|\__|_|\___/|_| |_|
 $ id
 714(itchowkc) - uid=714 (itchowkc) gid=710(itchowkc)
 $ uname -a
 Linux lcp2.hostriplex.com 2.6.18-308.13.1.el5 #1 SMP Thu Jul 26 05:45:09 EDT 2012 x86_64
 $ ls -la
 total 97192
drwxr-x--- 32 itchowkc nobody 4096 Sep  7 09:05 .
drwx--x--x 13 itchowkc itchowkc 4096 Sep  7 09:02 ..
-rw-r--r--  1 itchowkc itchowkc 1108 Jun 20  2011 .htaccess
-rw-r--r--  1 itchowkc itchowkc 17882813 Sep  6 05:56 AlaramClockNew.zip
drwxr-xr-x  2 itchowkc itchowkc 4096 Jun 13 09:12 Irie.app
-rw-r--r--  1 itchowkc itchowkc 17862 Jun 20  2011 LICENSE
-rw-r--r--  1 itchowkc itchowkc 44333645 Sep  6 10:48 Payload.ipa
-rw-r--r--  1 itchowkc itchowkc 119 Jun 20  2011 Read Me.URL
-rw-r--r--  1 itchowkc itchowkc 192793 Jun 30  2011 Reg.jpg
-rw-r--r--  1 itchowkc itchowkc 214581 Jun 30  2011 Register.png
drwxr-xr-x  4 itchowkc itchowkc 4096 Jul  9  2011 XML
drwxr-xr-x  2 itchowkc itchowkc 4096 Jun 26 07:29 admincp
-rw-r--r--  1 itchowkc itchowkc 37889 Jun 20  2011 ajax.php
-rw-r--r--  1 itchowkc itchowkc 77827 Jun 20  2011 album.php
-rw-r--r--  1 itchowkc itchowkc 19607 Jun 20  2011 announcement.php
-rw-r--r--  1 itchowkc itchowkc 401 Sep  3 04:36 app.php
drwxr-xr-x  2 itchowkc itchowkc 4096 Jul  2  2011 archive
-rw-r--r--  1 itchowkc itchowkc 8998 Jun 20  2011 asset.php
-rw-r--r--  1 itchowkc itchowkc 21119 Jun 20  2011 assetmanage.php
-rw-r--r--  1 itchowkc itchowkc 16268 Jun 20  2011 attachment.php
-rw-r--r--  1 itchowkc itchowkc 6893 Jun 20  2011 attachment_inlinemod.php
-rw-r--r--  1 itchowkc itchowkc 1430 Jun 20  2011 autotagger_ajax.php
-rw-r--r--  1 itchowkc itchowkc 3574 Jun 20  2011 blog_attachment.php
-rw-r--r--  1 itchowkc itchowkc 98779 Jun 20  2011 calendar.php
drwxr-xr-x  2 itchowkc itchowkc 4096 Sep  2 22:22 chatroom
-rw-r--r--  1 itchowkc itchowkc 43 Jun 20  2011 clear.gif
drwxr-xr-x 10 itchowkc itchowkc 4096 Jun 21 03:36 clientscript
-rw-r--r--  1 itchowkc itchowkc 15744 Jun 20  2011 converse.php
drwxr-xr-x  7 itchowkc itchowkc 4096 Aug 12 09:57 cpstyles
-rw-r--r--  1 itchowkc itchowkc 3362 Jun 20  2011 cron.php
-rw-r--r--  1 itchowkc itchowkc 4200 Jun 20  2011 css.php
drwxr-xr-x  3 itchowkc itchowkc 4096 Jul  2  2011 customavatars
drwxr-xr-x  3 itchowkc itchowkc 4096 Jul  2  2011 customgroupicons
drwxr-xr-x  2 itchowkc itchowkc 4096 Jul  2  2011 customprofilepics
drwxr-xr-x  8 itchowkc itchowkc 4096 Aug 26  2011 dbtech
-rw-r--r--  1 itchowkc itchowkc 105636 Aug 16  2011 default.jpg
-rw-r--r--  1 itchowkc itchowkc 3413 Aug 16  2011 dnp_fw.php
-rw-r--r--  1 itchowkc itchowkc 997 Aug 16  2011 dnp_fw_config.php
-rw-r--r--  1 itchowkc itchowkc 1138 Aug 16  2011 dnp_fw_template.php
-rw-r--r--  1 itchowkc itchowkc 1781 Jun 20  2011 editor.php
-rw-r--r--  1 itchowkc itchowkc 48263 Jun 20  2011 editpost.php
-rw-r--r--  1 itchowkc itchowkc 1385 Jun 20  2011 entry.php
-rw-r--r--  1 itchowkc itchowkc  4341104 Sep  4 00:32 error_log
-rw-r--r--  1 itchowkc itchowkc 30935 Jun 20  2011 external.php
-rw-r--r--  1 itchowkc itchowkc 10266 Jun 20  2011 faq.php

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Top Massachusetts hospital suffers a data breach

One of the United State’s leading hospitals, Massachusetts General (MGH), has fallen victim to a …