DigitalOcean using same common password for 1-Clicks running MySQL

Have fun scanning before DigitialOcean releases their public notice:
1-Click users potentially remotely exploitable unless they have changed the debian-sys-maint password {MySQL, PHPMyAdmin,LAMP, LEMP, WordPress, OwnCloud}
In the MySQL Debian/Ubuntu packaging, there is an additional MySQL user being created: debian-sys-maint.
Any Droplet created fr...

Read More

Happy 15th Birthday to illmob!

It’s been a fun 15 years, nothing’s changed since our inception , the industry still sucks and is full of greedy fucks selling bullshit, 0days still dropping because of shitty code, celebrities still getting exposed, and the government treats still treats hackers like terrorists with obscenely high sentences...

Read More

Windows 10 RS1 14316

The build brings new changes targeting previously exploited dll-hijacking and uac bypass method vulnerabilities.

cliconfg.exe – can no longer be used as target for autoelevation as MS changed it manifest to autoelevate=false.

mmc.exe – event viewer console fixed, dll hijacking no longer works.

fake IIS inetmgr...

Read More

Vovnenko / Fly / MUXACC1 pleads guilty


Vovnenko and his lawyers agreed to a plea agreement where Vovnenko took the rap, agreeing that he could face a sentence of 20 years imprisonment and $250,000 fine. Because he also faced the charge of Aggravated Identity Theft, there is an additional two year mandatory minimum sentence that cannot run concurrently with any other sentence...

Read More

The End of illmob?

well as far as fund to support the server we have none, we do this as a hobby,not a job, we dont get piad, we like what we do we like to present the latest tools in internet hacking/security....

Read More