Search This Blog

Bangladesh Post Office site hacked by Human Mind Cracker

A SQL Injection vulnerability has been discovered in official website of Bangladesh Post Office (bangladeshpost.gov.bd).
A SQL Injection vulnerability has been discovered in official website of Bangladesh Post Office (bangladeshpost.gov.bd). The vulnerability was discovered by the Grey-hat hacker "Human Mind Cracker".

In an email sent to EHN, the hacker provided the vulnerable link and claimed that the site is vulnerable to lot of vulnerabilities.

The hacker breached the site by exploiting the SQL injection vulnerability and compromised the database.

Screenshot of Admin Panel

"I get into their database,and the most funniest thing is that  The passwords is not encrypted with any hash, and this so bad for a website related to a government." the hacker said in the email.

The database dump(heypasteit.com/clip/0N9U) contains database details, username, plain-text format password.  It also includes the admin username and password.
Share it:

Breaking News

Hacking News

Human Mind Cracker

Information Security News

SQL Injection Vulnerability

Vulnerability