Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-22-2022, 20:48
WhoCares's Avatar
WhoCares WhoCares is offline
who cares
 
Join Date: Jan 2002
Location: Here
Posts: 390
Rept. Given: 10
Rept. Rcvd 15 Times in 13 Posts
Thanks Given: 23
Thanks Rcvd at 128 Times in 54 Posts
WhoCares Reputation: 15
Microsoft 37GB source code leaked?

lol

Lapsus$ hackers leak 37GB of Microsoft's alleged source code.

No URL yet

quote:

The notorious hacking group Lapsus$ appears to have successfully breached and leaked the source code for several Microsoft projects including bing, Cortana from the company's internal Azure DevOps server.

The hacktivist gang posted a screenshot to their Telegram channel early Sunday morning, March 20, claiming they hacked the software giant's internal servers that contained source code for Bing, Cortana, and various other projects. The following day, the group posted a torrent for a 9GB zipped archive containing the source code of over 250 projects allegedly belonging to Microsoft.
__________________
AKA Solomon/blowfish.
Reply With Quote
The Following User Says Thank You to WhoCares For This Useful Post:
sh3dow (03-24-2022)
  #2  
Old 03-22-2022, 21:03
p4r4d0x p4r4d0x is offline
Friend
 
Join Date: Jul 2012
Location: https://www.youtube.com/watch?v=GoCOg8ZzUfg
Posts: 128
Rept. Given: 96
Rept. Rcvd 21 Times in 11 Posts
Thanks Given: 374
Thanks Rcvd at 124 Times in 58 Posts
p4r4d0x Reputation: 21
And Vodafone is Next
Reply With Quote
  #3  
Old 03-22-2022, 21:24
DARKER DARKER is offline
VIP
 
Join Date: Jul 2004
Location: Côte d'Ivoire
Posts: 374
Rept. Given: 14
Rept. Rcvd 110 Times in 45 Posts
Thanks Given: 8
Thanks Rcvd at 461 Times in 127 Posts
DARKER Reputation: 100-199 DARKER Reputation: 100-199
Code:
https://www.bleepingcomputer.com/news/microsoft/lapsus-hackers-leak-37gb-of-microsofts-alleged-source-code/
Reply With Quote
  #4  
Old 03-22-2022, 22:28
DavidXanatos DavidXanatos is offline
Family
 
Join Date: Jun 2018
Posts: 167
Rept. Given: 2
Rept. Rcvd 39 Times in 26 Posts
Thanks Given: 53
Thanks Rcvd at 307 Times in 105 Posts
DavidXanatos Reputation: 39
nice... but still waiting for the full windows 11 source code leak... given how anti consumer MSFT is recently it would be a well deserved one.

PS: if you need the torrent just google their telegram its there very prominently placed
Reply With Quote
The Following User Says Thank You to DavidXanatos For This Useful Post:
sh3dow (03-24-2022)
  #5  
Old 03-22-2022, 23:03
WhoCares's Avatar
WhoCares WhoCares is offline
who cares
 
Join Date: Jan 2002
Location: Here
Posts: 390
Rept. Given: 10
Rept. Rcvd 15 Times in 13 Posts
Thanks Given: 23
Thanks Rcvd at 128 Times in 54 Posts
WhoCares Reputation: 15
yes I found their TG. thx

magnet:?xt=urn:btih:BFCFBC5E631A309271C8773BD6781C1BD63B4387


DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
https://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/


Quote:
Originally Posted by DavidXanatos View Post
nice... but still waiting for the full windows 11 source code leak... given how anti consumer MSFT is recently it would be a well deserved one.

PS: if you need the torrent just google their telegram its there very prominently placed
__________________
AKA Solomon/blowfish.

Last edited by WhoCares; 03-23-2022 at 08:31.
Reply With Quote
  #6  
Old 03-24-2022, 02:51
atom0s's Avatar
atom0s atom0s is offline
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 367
Rept. Given: 26
Rept. Rcvd 114 Times in 58 Posts
Thanks Given: 54
Thanks Rcvd at 648 Times in 253 Posts
atom0s Reputation: 100-199 atom0s Reputation: 100-199
The group said the torrent includes:

Quote:
Leak of some Bing, Bing Maps and Cortana source code - Bing Maps is 90% complete dump, Bind and Cortana around 45%
__________________
Personal Projects Site: https://atom0s.com
Reply With Quote
  #7  
Old 03-24-2022, 03:28
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 129
Rept. Given: 106
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 388
Thanks Rcvd at 160 Times in 55 Posts
sh3dow Reputation: 79
When these guys stop this bullshit and release the whole files? all their releases are nearly worthless, incomplete and lack the good parts. Who really care about Bing Maps and Cortana source code?

Even this leak feels it lack the good parts of Bing and Cortana
Here a Tree listing [restricted to only directories max 3 levels deep] for the curious of you
https://pastebin.com/raw/qg5Y4cia
Reply With Quote
The Following User Says Thank You to sh3dow For This Useful Post:
Stingered (03-24-2022)
  #8  
Old 03-24-2022, 14:08
FoxB FoxB is offline
VIP
 
Join Date: Jan 2002
Location: Earth...
Posts: 839
Rept. Given: 13
Rept. Rcvd 112 Times in 77 Posts
Thanks Given: 15
Thanks Rcvd at 547 Times in 233 Posts
FoxB Reputation: 100-199 FoxB Reputation: 100-199
this leak have any certificates?

Platform--Secrets-- CodeSign
Platform--private--SignPlatform
CoXDataMining--Certificate
Reply With Quote
  #9  
Old 03-25-2022, 06:01
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 129
Rept. Given: 106
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 388
Thanks Rcvd at 160 Times in 55 Posts
sh3dow Reputation: 79
Quote:
Platform--Secrets-- CodeSign
Code:
`-- CodeSign
|       |-- CloudSignAadAccess.cer
|       |-- CloudSignAadAccess.pfx.qencr
|       `-- CloudSignAadKey.dat
Quote:
Platform--private--SignPlatform
No certs, probably they didn't want them to be leaked and want them for private use.

Code:
|-- private
|   |-- SignPlatform
|   |   `-- makecat.proj
|   |-- cache.config
|   |-- dirs.proj
|   `-- packages
|       |-- PacmanBranchSpecificSettings.txt
|       `-- packages.ini

Quote:
CoXDataMining--Certificate
Code:
|-- CoXDataMining
|   |-- Certificate
|   |   |-- TestCertificate.ps1
|   |   |-- coxreporting.phx.gbl.cer
|   |   |-- coxreporting.phx.gbl.pfx
|   |   `-- privateKeyPassword.txt
and similar folder
Code:
|-- CoXDataMining\ (1)
|   |-- Certificate
|   |   |-- TestCertificate.ps1
|   |   |-- coxreporting.phx.gbl.cer
|   |   |-- coxreporting.phx.gbl.pfx
|   |   `-- privateKeyPassword.txt
The full tree listing are here, it's to big to paste in pastebin (20mb)
It contains the whole hierarchy of folders and files in the leak
hxxps://www.mediafire.com/file/1wfezr4fseq10g3/MS-leak-full-tree.txt/file

Last edited by sh3dow; 03-26-2022 at 03:41.
Reply With Quote
The Following User Says Thank You to sh3dow For This Useful Post:
niculaita (03-25-2022)
  #10  
Old 03-25-2022, 11:01
WhoCares's Avatar
WhoCares WhoCares is offline
who cares
 
Join Date: Jan 2002
Location: Here
Posts: 390
Rept. Given: 10
Rept. Rcvd 15 Times in 13 Posts
Thanks Given: 23
Thanks Rcvd at 128 Times in 54 Posts
WhoCares Reputation: 15
British police say seven people arrested following series of hacks by Lapsus$ group
__________________
AKA Solomon/blowfish.
Reply With Quote
  #11  
Old 03-25-2022, 22:50
JMP-JECXZ JMP-JECXZ is online now
Friend
 
Join Date: Mar 2017
Posts: 48
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 4
Thanks Rcvd at 53 Times in 26 Posts
JMP-JECXZ Reputation: 0
7 teenagers have been arrested in connection to LAPSUS$
https://www.bbc.co.uk/news/technology-60864283
Reply With Quote
  #12  
Old 03-26-2022, 00:18
bolo2002 bolo2002 is offline
VIP
 
Join Date: Apr 2002
Posts: 537
Rept. Given: 107
Rept. Rcvd 13 Times in 12 Posts
Thanks Given: 172
Thanks Rcvd at 209 Times in 134 Posts
bolo2002 Reputation: 13
"...The boy's father told the BBC his family was concerned and was trying to keep him away from his computers..."
but it's the same for every father,mother since decades
__________________
I like this forum!
Reply With Quote
  #13  
Old 03-26-2022, 03:13
atom0s's Avatar
atom0s atom0s is offline
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 367
Rept. Given: 26
Rept. Rcvd 114 Times in 58 Posts
Thanks Given: 54
Thanks Rcvd at 648 Times in 253 Posts
atom0s Reputation: 100-199 atom0s Reputation: 100-199
The group put out a message on their Telegram this morning. Looks like the people arrested are potentially all fakes claiming to be part of the group but actually aren't. Hard to say if it's entirely true for all of them arrested, but their message leans that way:

Code:
https://i.imgur.com/wYcStn4.png
__________________
Personal Projects Site: https://atom0s.com
Reply With Quote
  #14  
Old 05-30-2022, 06:49
Bidasci Bidasci is offline
Friend
 
Join Date: Jan 2022
Posts: 4
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 2
Thanks Rcvd at 7 Times in 1 Post
Bidasci Reputation: 0
don't know if people still want to download this but I downloaded the leak when it was first made available, I split the folder into two parts and the download can be viewed here:
Code:
hxxps://filecrypt.cc/Container/72EAA69F33.html
Full folder directory can be viewed here as well:
Code:
hxxps://cpaste.org/?a22ceffb98bc26a5#7eQ9tfZkyNxX7qpGSAhv8JyXXRS1uBgWHTJFeSLtni8y
SHA-256 Checksum of part1 & part2 rar's:
Code:
Name: Microsoft Source Code Leak 2022.part01.rar 
SHA256: 0A592C6EEC0DE884853814F78D6A88AA5145AE21C15FF1AFE06DF3DBACFE9064
Name: Microsoft Source Code Leak 2022.part02.rar
SHA256: AF6B354004FCCFEEFB07D43D132DF313A3646F4B2874AB2A77ADB056DD58BB34
Reply With Quote
  #15  
Old 05-30-2022, 18:56
Shub-Nigurrath's Avatar
Shub-Nigurrath Shub-Nigurrath is offline
VIP
 
Join Date: Mar 2004
Location: Obscure Kadath
Posts: 862
Rept. Given: 55
Rept. Rcvd 394 Times in 89 Posts
Thanks Given: 34
Thanks Rcvd at 219 Times in 79 Posts
Shub-Nigurrath Reputation: 300-399 Shub-Nigurrath Reputation: 300-399 Shub-Nigurrath Reputation: 300-399 Shub-Nigurrath Reputation: 300-399
rather than downloading, I am wondering which types of conclusions, pieces of evidence or gems people found inside. It's a mess of code and I imagine a lot of ppl already dug inside .. A discussion on this would be interesting!

thanks
__________________
Ŝħůb-Ňìĝùŕřaŧħ ₪)
There are only 10 types of people in the world: Those who understand binary, and those who don't
http://www.accessroot.com
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 04:38.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2022 )