Skip to main content again | several vulnerabilities, system compromise

Old vulnerabilities and other informations.

The main website shares the same problems with

NOTE/Disclaimer: if you are supposing to vote in a safe manner (It's less safe than the cheapest italian service provider with an old version of commoly used scripts, like wordpress or joomla, installed by your "cousin") I can tell you without problems that you are wrong and you've been tricked by your own leaders. I'm not responsible for what they are saying and doing ... you are.
The server mostly haven't been updated for years, except for just what they thought was worth updating.
Please, do not contact me for legal issues. I haven't saved/stored and I do not share any particular *confidential* information. I've nothing to do with any problem that you are facing on those websites.
No, I'm not "politically attacking" anybody. Those, that you are probably supposing, are political speculations from your respective leaders (the same goes for the websites and leaders of other political parties). I'm not involved in any political party.
Think that  I'm helping you to understand that your data is not safe at all.
You must point your finger to those that are managing your confidential informations (and possibly allowing to tamper your vote) without using the most basic good practices and attitude.
I'm not even talking about having the best technology, even the old one could be good as long as they are fixed/patched when/where needed.
I'm not a threat to the future political votes (I'm not tampering data), the party itself is falling in those, and several other, issues and they have been there for years (since 2009?).

Your vote for #parlamentarie in 17/01/2018 was totally insecure as the previous ones. I sent a long time ago, and then published, the informations before the votes but the security problems are still there.
I cannot show more informations than those that can be reached from the "web" (you can use a search engine, the flawed website and your brain to verify) since I got too much attention, even from newspapers, and it's not the purpose of this blog to be somewhat "famous".
Read and think whatever you like, understand, fix whatever you want, don't bother me with silly questions or childish offenses.

Local and remote exploitable problem
Perl eval injection vulnerability in the digest module (The payload can be sent via movable type - see below).

Movable Type 4* is vulnerable to specific problems.
In another CVE reports "unspecified vectors". A diff of the files between the MT versions leads to the specific problem.

I don't need to (and I can't - see disclaimer) show anything.
It works for sure, just rewrite old (perl) exploits (see the CVE) and add a few lines of extra code.
In around 1 hr of cut/paste/write/run you are root.
Some interesting paths

Smarty Demo (with errors since the templates_c is missing):
It can be mis-used
on the same server of shares the same problems and the same database.

(no explanation is needed)

other interesting paths*


#!/usr/bin/perl -w

# Movable Type (r) Open Source (C) 2001-2009 Six Apart, Ltd.
# This program is distributed under the terms of the
# GNU General Public License, version 2.
# $Id: mt-testbg.cgi 3455 2009-02-23 02:29:31Z auno $

use strict;

local $| = 1;
print "Content-Type: text/html\n\n";
print "<html>\n<body>\n<pre>\n\n";

eval {
    local $SIG{__WARN__} = sub { print "**** WARNING: $_[0]\n" };

    my $pid = fork();
    if (defined $pid)
        if ($pid) {
            print wait() > 0
                   ? "Background tasks are available\n"
                   : "Background tasks are not available\n";
        } else {
            sleep 1;
    } else { print "Background tasks are not available\n"; }
print "Got an error: $@" if $@;

print "\n\n</pre>\n</body>\n</html>";

mt-tb.cgi - trackback

#!/usr/bin/perl -w

# Movable Type (r) Open Source (C) 2001-2009 Six Apart, Ltd.
# This program is distributed under the terms of the
# GNU General Public License, version 2.
# $Id: mt-tb.cgi 3455 2009-02-23 02:29:31Z auno $

use strict;
use lib $ENV{MT_HOME} ? "$ENV{MT_HOME}/lib" : 'lib';
#use MT::Bootstrap App => 'MT::App::Trackback';
require MT::Bootstrap; MT::Bootstrap->import(App => 'MT::App::Trackback');
# Movable Type (r) Open Source (C) 2006-2009 Six Apart, Ltd.
# This program is distributed under the terms of the
# GNU General Public License, version 2.
# $Id: 3455 2009-02-23 02:29:31Z auno $

# Original copyright (c) 2004-2006, Brad Choate and Tobias Hoellrich

package spamlookup;

use strict;
use MT::JunkFilter qw(ABSTAIN);

sub tborigin {
    my $plugin = shift;
    my ($obj) = @_;

    # only filter TrackBack pings...
    return (ABSTAIN) unless UNIVERSAL::isa($obj, 'MT::TBPing');

    my $domain = extract_domains($obj->source_url, 1);

    my $config = $plugin->get_config_hash('blog:' . $obj->blog_id); # config($plugin);
    my $pingip = $obj->ip;

    if (domain_or_ip_in_whitelist($domain, $pingip, $config->{whitelist})) {
        return (ABSTAIN);

original code sources:

The store of movimento5stelle is located on different servers, probably managed  by "upcommerce". The server are managed far better than those of the m5s but not good as supposed.
The store is using magento (more than obvious) but it's not updated to the latest version and there are still some sec. fixes to be added. The good part is that they *hide* the administration panel but it's available via the customers' account.
The main problem is not in the store.m5s scripts but in the configuration of  the server.
hosted websites


Fun fact:

The theme, with modifications, is almost the same since 2009
In the css we can even read it in the comments.

Archived page:

In 2009: /*by Pier Antonio Romano @ Casaleggio Associati - 2009*/
and now: /* Casaleggio Associati - 2009 */ (2017)


Updated 01/2018 moved to a new website with different ip addresses (on cloudfront)

The mail  server is still the same and the accounts are mostly unchanged: |

Old ip addresses of the website (still configured on the servers):

-Old domains-

 ... -
It was used for the mailing list (spam - without optin) by using the lyris "mail marketing software" (as specified by accessing the web interface).



Popular posts from this blog

iPod Shuffle reset Utility for 64bit windows 10 (xp and above)

iPod Shuffle reset Utility (if iTunes fails)

Download the uncompressed "iPodResetUtilitySetup.exe" from one of the following links (mirrors):

Download from Onedrive
Mirror -  Tinyupload
Mirror -  Filesharing1
Mirror -  Exoshare
Mirror - EmbedUpload
Mirror - Multiup
Install iTunes for drivers etc (needed on Windows 64bit)Make sure that iTunes is fully installed (the services are running).Check if the iPod can be detected and sync by iTunes.Close iTunes.Run "iPodResetUtility.exe" with Windows XP compatibility mode and "Run as Administrator".If the reset fails try to run  with Windows XP SP2 compatibility mode and "Run as Administrator".

Should work to:
reset iPod Shuffle on Windows XP 32 bit
reset iPod Shuffle on Windows Vista 32 bit
reset iPod Shuffle on Windows 7 32 bit
reset iPod Shuffle on Windows 8 32 bit
reset iPod Shuffle on Windows 8.1 32 bit
reset iPod Shuffle on Windows 10 32 bit

reset iPod Shuffle on Windows XP 64 bit
reset iPod Shuffle on Win…

Hashes Algorithms used in different web applications

Hashes Algorithms used in different web applications.
I've done this list by hand. Not all the hashes algos are correct (I've generically added md5 or ??? where is unkwnown).
If you are interested send corrections and I will update it.
I will publish also a better version with tabs.
You can reproduce it without problems. It's part of the project mdcrack gui on sourceforge.
Use the | as data separator.

| Title | Hash Algorithm | TablePrefix | Table Name | Website |
| 1C Битрикс | md5($pass) | | |
| 1024cms | md5($pass) | | |
| 4images | md5($pass) | | |http://www.4homepage…

Force Unmount and Clean up of a Wim Image using DISM

Force Unmount and Clean up of a Wim Image using DISM

When you use RT7 (+ AIK) sometimes an error occurs stating that there's a mounted wim (ex.  boot.wim).
To solve the problem you should run, as administrator, the command:

dism /cleanup-wim
If it doesn't work I've found another solution by editing the registry and deleting all the (necessary) entries within:

"HKLM\SOFTWARE\Microsoft\WIMMount\mounted images\"

It should work as long as you are an administrator.