OpFuckMohammad - www.guinee.gov.gn

1. OpFuckMohammad
2.  
3. Greetings from th3inf1d3l - I bring you the government of Guinea, www.guinee.gov.gn at 83.229.26.251. A small leak, approximately 100 unique emails. But as you can see below, cracked passwords for mysql users. Additionally, another 50 accounts were breached including some administrators. The full dump can be found at https://anonfiles.com/file/f653b54705a1d1b7b601256e75b3f463.
4.  
5. web server operating system: Linux Fedora
6. web application technology: PHP 5.2.4, Apache 2.2.6
7. back-end DBMS: MySQL 5.0
8. acajoom version 3.2.7
9.  
10. Found Directories:
11. /usr/sbin/sendmail
12. /components/com_acajoom/upload
13. /administrator/components/com_acajoom/com_acajoom.log
14.  
15. database management system users [80]:
16. [*] ''@'localhost'
17. [*] ''@'nimba'
18. [*] 'bothie'@'nimba.guinee.gov.gn'
19. password hash: 077ba9ad491e17a7 clear-text password: ad
20. [*] 'gouv'@'localhost'
21. password hash: 5518aa43563f6fc6 clear-text password: gouv
22. [*] 'guineewebdev'@'localhost'
23. password hash: 7edbefdc1234cf51
24. [*] 'root'@'localhost'
25. password hash: 796ea04313cde7d6
26. [*] 'root'@'nimba'
27.  
28. available databases [26]:
29. [y] collab
30. [y] commerce_data
31. [y] coursupreme_data
32. [y] datafinances
33. [y] ecofinancesdb
34. [*] ecofinancesdb1
35. [y] eduforum
36. [*] finances_data
37. [y] financesdata
38. [y] forumdiaspo
39. [y] gouv_data
40. [y] guinee
41. [n] information_schema -> not looked at
42. [n] loi_fonda_db -> not looked at
43. [y] mae_data
44. [y] mae_db
45. [y] matap_data
46. [y] mepuecdata
47. [y] metfp
48. [n] mysql -> not looked at
49. [y] portail_gn
50. [y] portailgndb
51. [y] prdata
52. [n] ressources -> not looked at
53. [y] sgg_data
54. [y] siag_db
55.  
56. @th3inf1d3l