Ads 468x60px

Sport News

Visitors

පහත ඇති "Like" Button එක ක්ලික් කර ඔබත් අදම අපේ Facebook Fan කෙනෙකු වන්න

Powered By Tricks Lanka

Comments

Thursday, October 6, 2011

Public Enterprise Depertment of South Africa එකට හැකින් ප්‍රහාරයක්

Public Enterprise Depertment of South Africa Hacked By TEAM T!g3R


TEAM T!g3R කණ්ඩායමෙ සාමජිකයන් වන w3bd3f4c3r, n3ll@!s4mur@!, !nd!@nRuBuk, 5!l3nt k!ll3r, r00t, burn3r, ionprohaxor, s3n  මොවුන් තවත් සයිබර් ප්‍රහරයක් Public Enterprise Depertment of South Africa වෙබ් අඩවියට පසුගිය දා එල්ල කලෙය.ඔවුන් එම සංවිධානයෙ දත්ත ගබඩාවටත් ප්‍රහාර එල්ල කලෙය. එමගින් ඔවුන් ලබා ගත් දත්ත ද කාන්දු කලෙය .එම දත්ත අතර tables, columns, user credentials, server details, admin details සහ අනෙකුත් දත්ත ඇතුළත්ය.


Vulnerable Site:- 
http://www.dpe.gov.za/


Here are some screen-shots submitted By the Hacker for Prove:- 






ඔවුන් ලබා ගත් දත්ත පහත දැක් වෙ.




  1. ###################################### SERVER DETAILS ###################################################
  2.  
  3. web server operating system: Linux Debian or Ubuntu 5.0 (lenny)
  4. web application technology: PHP 5.2.6, Apache 2.2.9
  5. back-end DBMS: MySQL 5.0
  6.  
  7. ################################### DAtABASE NAMES ####################################################
  8.  
  9. available databases [2]:
  10. [*] dpeago_db2
  11. [*] information_schema
  12.  
  13. ######################################## TABLES NAMES ################################################
  14.  
  15. [10:44:37] [INFO] the back-end DBMS is MySQL
  16. web server operating system: Linux Debian or Ubuntu 5.0 (lenny)
  17. web application technology: PHP 5.2.6, Apache 2.2.9
  18. back-end DBMS: MySQL 5.0
  19. [10:44:37] [INFO] fetching tables for database 'dpeago_db2'
  20. [10:44:37] [INFO] fetching number of tables for database 'dpeago_db2'
  21. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 9
  22. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Navigation
  23. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Survey_2008
  24. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': content
  25. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': sitecontent
  26. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': subscribers
  27. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': tblStats
  28. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session':tempnavigation
  29. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': tools
  30. [10:44:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': users
  31. Database: dpeago_db2
  32. [9 tables]
  33. +----------------+
  34. | Navigation     |
  35. | Survey_2008    |
  36. | content        |
  37. | sitecontent    |
  38. | subscribers    |
  39. | tblStats       |
  40. | tempnavigation |
  41. | tools          |
  42. | users          |
  43. +----------------+
  44.  
  45. ######################################## USER TABLES ##################################################
  46.  
  47. [10:52:10] [INFO] the back-end DBMS is MySQL
  48. web server operating system: Linux Debian or Ubuntu 5.0 (lenny)
  49. web application technology: PHP 5.2.6, Apache 2.2.9
  50. back-end DBMS: MySQL 5.0
  51. [10:52:10] [INFO] fetching columns for table 'users' on database 'dpeago_db2'
  52. [10:52:10] [INFO] fetching number of columns for table 'users' on database 'dpeago_db2'
  53. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 8
  54. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': ID
  55. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': FirstName
  56. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Surname
  57. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': UserName
  58. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Password
  59. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Active
  60. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Created
  61. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Modified
  62. [10:52:10] [INFO] fetching entries for table 'users' on database 'dpeago_db2'
  63. [10:52:10] [INFO] fetching number of entries for table 'users' on database 'dpeago_db2'
  64. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 3
  65. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': andrew
  66. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Vester
  67. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Andrew
  68. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 2006-05-02 00:00:00
  69. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 2006-05-02 00:00:00
  70. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 1
  71. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': andrew
  72. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 1
  73. [10:52:10] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session':
  74. [10:52:34] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session':
  75. [10:52:37] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session':
  76. [10:52:41] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 0000-00-00 00:00:00
  77. [10:52:41] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 0000-00-00 00:00:00
  78. [10:52:41] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session':
  79. [10:52:44] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session':
  80. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 2
  81. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': tc
  82. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Tshepo
  83. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': Tshepo
  84. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 2005-02-2100:00:00
  85. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 2005-02-2100:00:00
  86. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 1
  87. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': tc
  88. [10:52:48] [INFO] read from file '/pentest/database/sqlmap/output/www.dpe.gov.za/session': 5
  89. Database: dpeago_db2
  90. Table: users
  91. [3 entries]
  92. +--------+---------------------+-----------+----+---------------------+----------+---------+----------+
  93. | Active | Created             | FirstName | ID | Modified            | Password | Surname | UserName |
  94. +--------+---------------------+-----------+----+---------------------+----------+---------+----------+
  95. | 1      | 2006-05-02 00:00:00 | Andrew    | 1  | 2006-05-02 00:00:00 | andrew   | Vester  | andrew   |
  96. | NULL   | 0000-00-00 00:00:00 | NULL      | 2  | 0000-00-00 00:00:00 | NULL     | NULL    | NULL     |
  97. | 1      | 2005-02-21 00:00:00 | Tshepo    | 5  | 2005-02-21 00:00:00 | tc       | Tshepo  | tc       |
  98. +--------+---------------------+-----------+----+---------------------+----------+---------+--------

0 ප්‍රතිචර:

Post a Comment

බැලුවද?

ඉතිං එහෙනම් කමෙන්ට එකක් දාලා යමු නෙද?