KillCode hacks National Institutes of Health, found XSS in faa.gov,airforce.com

Sponsored Links

database leaked

A Hacker with a handle "KillCode" has contacted us with a link to dump.  It contains the data compromised from the subdomain 'IT Service Desk' of the National Institutes of Health website.(itservicedesk.nih.gov)

The leak contains 5208 account details that includes email address, login name, and encrypted password. The leak also contains some database name and table name details.
http://www.anonpaste.me/anonpaste2/index.php?6c66338fae0fc580#Q9fghIFzYmvj5roGLYk0LTSzU0E6F1897vQjYbUanUM=

At the time of press time, the hacked site is down.  It seems like the admin of the site is fixing the security flaw.


The hacker also discovered XSS Vulnerability in few high profile sites which includes Federal Aviation Authority (faa.gov) site, United States Air Force (airforce.com).

The proof of concept for the XSS Vulnerability can be found here:
http://www.anonpaste.me/anonpaste2/index.php?f66e175690c6e859#K7+wRJKOEyqudHgnaXWcobPZdySSxrd2mZxsp0NzFOQ=

http://www.anonpaste.me/anonpaste2/index.php?4ecd93394d6f7f5f#rq8lS4qTfDEkgp3VtR1ibqmCnqsHCX4mmPhwmH45KSI=

Category: /

Share this with Your friends:


About Author

, founder of E Hacking News, an Information Security enthusiast who has more interest in PenTesting and Malware analysis. You can find him on Google+ Profile , Twitter and Facebook.