Pr3 H4ck3r hacked Phillipine navy website.
A hacker with handle "Pr3 H4ck3r" from Phillipine Cyber Army has claimed to have hacked into the database of the Navy Website of Phillipines. According to hacker's statement, he compromised the data by exploiting the SQL Injection vulnerability in the Navy's "BRP Alcaraz blog" page (This page). However, we are not able to access the given link at the time of writing. It appears the admin have taken down the link.
The news was first reported by local hacking news site PinoyHackNews.
In a Pastebin's post, hackers leaked the login credentials compromised from the database. It includes the Admin login credentials. What is worse is that they are using very weak username and password.
They have used the "username" as password. Even if there is no bug, hacker could have guessed the password or get the password by brute-forcing. It is sad to know that the Navy website itself has poor security and weak passwords.
We are hoping that this time they will do some security precautions.
Thanks
Regards
Toxic Hack
Subscribe to me on Facebook
Wasiq Alvi
They have used the "username" as password. Even if there is no bug, hacker could have guessed the password or get the password by brute-forcing. It is sad to know that the Navy website itself has poor security and weak passwords.
We are hoping that this time they will do some security precautions.
Thanks
Regards
Toxic Hack
Subscribe to me on Facebook
Wasiq Alvi
No comments:
Post a Comment