Roskomnadzor: Difference between revisions

From Enlace Hacktivista
Jump to navigation Jump to search
(Created page with "Hack of over 360,000 files or 820GB of data from the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media, commonly known as Roskomnadzor - the government agency responsible for monitoring, controlling and censoring Russian mass media. https://ddosecrets.com/wiki/Roskomnadzor The hacker who identified themselves only as being part of the hacktivist collective Anonymous stated that they urgently felt the Russian people should...")
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Hack of over 360,000 files or 820GB of data from the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media, commonly known as Roskomnadzor - the government agency responsible for monitoring, controlling and censoring Russian mass media.
Hack of over 360,000 files or 820GB of data from the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media, commonly known as Roskomnadzor - the government agency responsible for monitoring, controlling and censoring Russian mass media and the internet.


https://ddosecrets.com/wiki/Roskomnadzor
https://ddosecrets.com/wiki/Roskomnadzor


The hacker who identified themselves only as being part of the hacktivist collective Anonymous stated that they urgently felt the Russian people should have access to information about their government's involvement in the Russo-Ukrainian War. They also expressed their opposition to the Russian people being cut off from independent media and the outside world.
The hacker who identified themselves only as being part of the hacktivist collective Anonymous stated that they urgently felt the Russian people should have access to information about their government's involvement in the Russo-Ukrainian War. They also expressed their opposition to the Russian people being cut off from independent media and the outside world.
== Explanation of the Hack ==
According to the hacker:
I found a mailserver that had the word Roskomnadzor in the SMTP banner. I checked what's on the same /24 subnet and found a Windows 2008 domain controller. With a public IP address. I tried zerologon and it worked. Then I copied all of the files that were on a fileserver on the local network.
See [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md#zerologon PayloadsAllTheThings] for a reference on testing for and exploiting zerologon.


== Media Coverage ==
== Media Coverage ==
Line 9: Line 15:
* https://www.vice.com/en/article/xgdmj7/russian-censorship-roskomnadzor-hacked-leak-distributed-denial-of-secrets
* https://www.vice.com/en/article/xgdmj7/russian-censorship-roskomnadzor-hacked-leak-distributed-denial-of-secrets
* https://torrentfreak.com/anonymous-hacks-russias-roscomnadzor-site-blocking-agency-220311/
* https://torrentfreak.com/anonymous-hacks-russias-roscomnadzor-site-blocking-agency-220311/
* https://www.nytimes.com/interactive/2022/09/22/technology/russia-putin-surveillance-spying.html


[[Category:Hacks]]
[[Category:Hacks]]

Revision as of 21:08, 15 October 2022

Hack of over 360,000 files or 820GB of data from the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media, commonly known as Roskomnadzor - the government agency responsible for monitoring, controlling and censoring Russian mass media and the internet.

https://ddosecrets.com/wiki/Roskomnadzor

The hacker who identified themselves only as being part of the hacktivist collective Anonymous stated that they urgently felt the Russian people should have access to information about their government's involvement in the Russo-Ukrainian War. They also expressed their opposition to the Russian people being cut off from independent media and the outside world.

Explanation of the Hack

According to the hacker:

I found a mailserver that had the word Roskomnadzor in the SMTP banner. I checked what's on the same /24 subnet and found a Windows 2008 domain controller. With a public IP address. I tried zerologon and it worked. Then I copied all of the files that were on a fileserver on the local network.

See PayloadsAllTheThings for a reference on testing for and exploiting zerologon.

Media Coverage