Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- _ _ _ ___ _ _ ____ _ ____ ____ ___ ___ _ _
- / \ | \ | | / _ \ | \ | | | _ \ / \ / ___| / ___| |_ _| / _ \ | \ | |
- / _ \ | \| | | | | | | \| | | |_) | / _ \ \___ \ \___ \ | | | | | | | \| |
- / ___ \ | |\ | | |_| | | |\ | | __/ / ___ \ ___) | ___) | | | | |_| | | |\ |
- /_/ \_\ |_| \_| \___/ |_| \_| |_| /_/ \_\ |____/ |____/ |___| \___/ |_|\__Fix the security!
- #Lulz #NoSecurity #SecurityDown #Anonymous. #AnonPassion | DATABASE LEAK BY ANONPASSION ₂₀₁₅ ﹣|CREEDLOKZ|adduser_anon|LUCA|
- #################################################################################################################################
- We are tired of seeing important pages that police do not have their security aware. The police should have their security in place rather than right many others! Yet they choose to do so shameful and embarrassing for them, we got direct access to their five##### databases in under 20 minutes. It is extremely embarrassing and the respect we do not, and we accept it either.################
- #################################################################################################################################
- Target: http://www.police.gov.bd/ #
- Vulnerabel link: www.police.gov.bd/content.php?id=275 #
- ###########################################################
- IP: 123.49.38.132 #
- ( http://gyazo.com/7e520bec5081e3cc0d662647069a3b9f ) #
- - AnonPassions personal booter tool did take it down like #
- nothing, 2 minutes and it was down. #
- ###########################################################
- Web Server Server(s): Apache/2.2.3 (CentOS) #
- Its powered by: PHP/5.1.6 #
- Database Server: MySQL >=5 #
- CR web user: phpol@172.16.254.12 #
- SQLI Version(s): 5.1.69 / No more. (ATM) #
- The Currents Database: phq #
- SYS / System user: phpol@172.16.254.12 #
- Their hostname: Webdata #
- And ofc the installation dir: /usr/ #
- ###########################################################
- |Database USER & PASSWORDS| #
- ###########################################################
- root::localhost #
- root::webdata #
- root::127.0.0.1 #
- ::localhost #
- ::webdata #
- phpol:*50126B7EDF5673B3A17B4F93A79A8BFF649CF0BC:% #
- bdpolice:*B627A7C080D267CEE44746F3B3CBA20899440B84:% #
- bdpol:*A33A64F00495642FDCB8C89E56BBB82332CD31CD:% #
- ###########################################################
- | DATABASES | #
- ###########################################################
- information_schema #
- bdpol #
- mysql #
- phq #
- test #
- ###########################################################
- | TABLES IN DATABASE PHQ | #
- ###########################################################
- cbd_careerrecruitment #
- cbd_catagory #
- cbd_content #
- cbd_ig_msg #
- cbd_menu #
- cbd_menutype #
- cbd_news #
- cbd_ordinance #
- cbd_police_achivement #
- cbd_police_service #
- cbd_press #
- cbd_procurement #
- cbd_recruitment #
- cbd_recruitment_desc #
- cbd_recruitment_result #
- cbd_rejoinder #
- cbd_tab #
- cbd_topnews #
- cbd_un #
- cdb_unitdetials #
- cdb_unitdetials1 #
- cdm_former_igp_photo #
- cdm_legalinstruments #
- cdm_photo_gallery #
- cdm_photo_gallery_libaration #
- cdm_photo_miscellaneous #
- cdm_photo_unmission #
- cdm_publications #
- cdm_subunit_one #
- cdm_subunit_one1 #
- cdm_subunit_two #
- cdm_subunit_two1 #
- cdm_unadvertisement #
- cdm_unisub #
- cdm_unit_detials #
- cdm_unitroot #
- cdm_unitroot1 #
- users #
- ###########################################################
- 2 USERS FOUND IN PHQ ( ADMINS ) #
- ###########################################################
- Username: admin #
- Pass: e9d4f70364e9d667dba7567cdd4530b43378e47bea6122a42 #
- - Not cracket do it youself. #
- ###########################################################
- Username: admin1 #
- Pass: f276f87b9505ebad783905129982668330de63b1cf222fb7f #
- Crack it 4 the Lulz! #
- ###########################################################
- | MYSQL | HOST | USERS | PASSWORDS | #
- ###########################################################
- Found 5 domains hosted on the same web server as #
- www.police.gov.bd (123.49.38.132). #
- ###########################################################
- 123.49.38.132 #
- ad.echo-online.de #
- keskustelukanava.agronet.fi #
- upge.wn.com #
- www.police.gov.bd #
- ###########################################################
- | Port scanned | #
- Open: 22 | 80 #
- ###########################################################
- | Quick Revers DNS lookup | #
- ###########################################################
- Host found: host132.btcl.net.bd #
- ###########################################################
- | Blacklist Checked | #
- #################################################################################################################################
- OK 0spam.fusionzero.com OK access.redhawk.org
- OK all.rbl.jp OK all.s5h.net
- OK all.spamrats.com OK aspews.ext.sorbs.net
- OK b.barracudacentral.org OK backscatter.spameatingmonkey.net
- OK bb.barracudacentral.org OK bl.blocklist.de
- OK bl.drmx.org OK bl.emailbasura.org
- OK bl.konstant.no OK bl.mailspike.net
- OK bl.mav.com.br OK bl.nosolicitado.org
- OK bl.nszones.com OK bl.scientificspam.net
- OK bl.score.senderscore.com OK bl.spamcannibal.org
- OK bl.spamcop.net OK bl.spameatingmonkey.net
- OK bl.spamstinks.com OK bl.suomispam.net
- OK blacklist.woody.ch OK block.dnsbl.sorbs.net
- OK bsb.empty.us OK bsb.spamlookup.net
- OK cbl.abuseat.org OK cbl.anti-spam.org.cn
- OK cblless.anti-spam.org.cn OK cblplus.anti-spam.org.cn
- OK cdl.anti-spam.org.cn OK cidr.bl.mcafee.com
- OK combined.rbl.msrbl.net OK db.wpbl.info
- OK dnsbl-1.uceprotect.net OK dnsbl-2.uceprotect.net
- OK dnsbl-3.uceprotect.net OK dnsbl.anticaptcha.net
- OK dnsbl.aspnet.hu OK dnsbl.burnt-tech.com
- N/A(?) dnsbl.cobion.com OK dnsbl.dronebl.org
- OK projecthoneypot.org OK dnsbl.inps.de
- OK dnsbl.justspam.org OK dnsbl.kempt.net
- OK dnsbl.net.ua OK dnsbl.rv-soft.info
- OK dnsbl.rymsho.ru OK dnsbl.sorbs.net
- OK dnsbl.spam-champuru.livedoor.com OK dnsbl.tornevall.org
- OK dnsbl.webequipped.com OK dnsbl.zapbl.net
- OK dnsrbl.swinog.ch OK dul.dnsbl.sorbs.net
- OK dul.pacifier.net N/A(?) dul.ru
- OK dyn.nszones.com OK dyna.spamrats.com
- OK escalations.dnsbl.sorbs.net OK exitnodes.tor.dnsbl.sectoor.de
- OK fnrbl.fast.net OK forbidden.icm.edu.pl
- OK hostkarma.junkemailfilter.com OK http.dnsbl.sorbs.net
- OK images.rbl.msrbl.net OK intercept.datapacket.net
- OK ipbl.zeustracker.abuse.ch OK ips.backscatterer.org
- OK ix.dnsbl.manitu.net OK korea.services.net
- OK l1.bbfh.ext.sorbs.net OK l2.apews.org
- OK l2.bbfh.ext.sorbs.net OK l3.bbfh.ext.sorbs.net
- OK l4.bbfh.ext.sorbs.net OK list.bbfh.org
- OK list.blogspambl.com OK list.quorum.to
- OK lookup.dnsbl.iip.lu OK mail-abuse.blacklist.jippg.org
- OK misc.dnsbl.sorbs.net OK multi.surbl.org
- OK netbl.spameatingmonkey.net OK netblockbl.spamgrouper.com
- OK netscan.rbl.blockedservers.com OK new.spam.dnsbl.sorbs.net
- OK noptr.spamrats.com OK old.spam.dnsbl.sorbs.net
- OK pbl.spamhaus.org OK phishing.rbl.msrbl.net
- OK pofon.foobar.hu OK problems.dnsbl.sorbs.net
- OK proxies.dnsbl.sorbs.net OK psbl.surriel.com
- OK rbl.abuse.ro OK rbl.blockedservers.com
- OK rbl.dns-servicios.com OK rbl.efnet.org
- OK rbl.efnetrbl.org OK rbl.interserver.net
- OK rbl.iprange.net OK rbl.megarbl.net
- OK rbl.polarcomm.net Listed(?) rbl.rbldns.ru
- OK rbl.talkactive.net OK rbl2.triumf.ca
- OK recent.spam.dnsbl.sorbs.net OK relays.bl.kundenserver.de
- OK relays.dnsbl.sorbs.net OK rep.mailspike.net
- OK safe.dnsbl.sorbs.net OK sbl.nszones.com
- OK sbl.spamhaus.org OK singlebl.spamgrouper.com
- OK short.rbl.jp OK smtp.dnsbl.sorbs.net
- OK socks.dnsbl.sorbs.net OK spam.dnsbl.anonmails.de
- OK spam.dnsbl.sorbs.net OK spam.pedantic.org
- OK spam.rbl.blockedservers.com OK spam.rbl.msrbl.net
- OK spam.spamrats.com OK spamguard.leadmon.net
- OK spamlist.or.kr OK spamrbl.imp.ch
- OK spamsources.fabel.dk OK srn.surgate.net
- OK st.technovision.dk OK tor.dnsbl.sectoor.de
- OK torexit.dan.me.uk OK truncate.gbudb.net
- OK ubl.unsubscore.com OK virbl.dnsbl.bit.nl
- OK virus.rbl.jp OK virus.rbl.msrbl.net
- OK vote.drbl.caravan.ru OK vote.drbl.gremlin.ru
- OK web.dnsbl.sorbs.net OK web.rbl.msrbl.net
- OK work.drbl.caravan.ru OK work.drbl.gremlin.ru
- OK wormrbl.imp.ch OK xbl.spamhaus.org
- OK z.mailspike.net OK zen.spamhaus.org
- OK zombie.dnsbl.sorbs.net
- #################################################################################################################################
- | HTTP Response Headers |
- Name: Value
- Status HTTP/1.1 200 OK
- Date Wed, 27 May 2015 06:47:04 GMT
- Server Apache/2.2.3 (CentOS)
- X-Powered-By PHP/5.1.6
- Connection close
- Content-Type text/html;
- Charset=UTF-8
- #################################################################################################################################
- ─────▄████▀█▄
- ───▄█████████████████▄
- ─▄█████.▼.▼.▼.▼.▼.▼▼▼▼
- ▄███████▄.▲.▲▲▲▲▲▲▲▲ AnonPassion is here..
- ████████████████████▀▀
- #################################################################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement