was SQL-i vulnerability on their site, using that they hacked the entire Database exposed including admin details
Website:-
Vulnerable Link:-
www.nta.gov.np/en/aboutus/index.php?id=7
Exposed DB & Admin Credentials:-
##############ADMIN DETAILS#####################
USERNAME : Administrator
PASSWORD : cWccBbcbcLPCAYtMBA+c9jz6Q/Gvgn5FEPWxuwewFwY
##############SERVER DETAILS####################
web server operating system: Linux Debian or Ubuntu 6.0 (unstable sid or testing squeeze)
web application technology: Apache 2.2.16
back-end DBMS: MySQL 5.0
available databases [2]:
[*] dbase_nta
[*] information_schema
No comments:
Post a Comment