Hi, http://www.mtv.co.kr Webmaster

This is PlanetCreator’s Security Te@am & Hackers Group, PlanetCreator has reported Critical SQL Injection vulnerability on http://www.mtv.co.kr/ Website.

Informed to [email protected]

Some of your Web’s Data Information are as follow,

Applications: ———- PlanetCreator’s_Universal_Advanced_Internet_Security_T00L
System Time: ———(UTC+08:00) Kuala Lumpur, Singapore, 03/01/2010 5:56:19 AM
Host IP:    222.122.55.12
Web Server:     Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g
Powered-by:     PHP/5.2.4-2ubuntu5.10
DB Server:    MySQL >=5
Current User:     [email protected]
Sql Version:     5.0.51a-3ubuntu5.4-log
System User:     [email protected]
Host Name:     db2.mtv.co.kr
DB User & Pass:     root:*4FEDAB890B33E3C8EC621AAB518FCF66A17E2E9D:localhost
root:*4FEDAB890B37E3C8EC621AAB513FCF66A17E2E9D:db2.mtv.co.kr
root:*4FEDAB890B37E3C8EC621AAB513FCF66A17E2E9D:127.0.0.1
::localhost
::db2.mtv.co.kr
debian-sys-maint:*B639BCB9EA2DD94A3EC75B54325E7AA378615812:localhost
mtvkor:*4FEDAB890B37E3C8EC621AA3518FCF66A17E2E9D:%
mtvkor:*4FEDAB890B37E3C8EC621AA3518FCF66A17E2E9D:localhost
mtv2:*4FEDAB890B37E3C8EC621AAB538FCF66A17E2E9D:%
Data Bases:     information_schema
bestawards2008
chart
dev4
events
linkbak
lost+found
mtv4
mtvbb
mtvlog
mtvn_sms
mysql
newsletter_view
poll
test
vmak2009

Note: some db passwords have changed 4 security reason!
We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Critical SQL Injection in www.kmd.com KMD Group of Companies

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.kmd.com.sg owned by KMD Group of Companies These are some information from Vulneral Site http://www.kmd.com.sg

Read More

How to hack a website? – Tips and tricks

Here are the most common techniques used to hack a website Hacking sites that are least protected by password – By pass authentication It’s the webmaster’s nightmare, hackers accessing the

Read More

Best Server Security Configuration

Best Server Security Configuration. Summary 1) Upgrade Apache/PHP, MySQL, OpenSSH, OpenSSL, cP/WHM etc2) cP/WHM Configuration3) SSH Access4) Mod_Security5) Firewall6) DDoS Protection7) Rootkit8) PHP Configuration9) Other10)The End Author: QKrun1x 1) Upgrade

Read More