Yatanarpon Web Portal is being hacked!

Home / Hacking, News, Security / Yatanarpon Web Portal is being hacked!

November 24, 2010 PlanetCreator 0 Comments 0 tags

According to PeopleMediaVoice, Nation Web Portal of Myanmar ( Yatanarpon Web Portal) is being hacked by a hacker group named themselves “Humpty Dumpty”, defaced home page at around 12:30 AM local time yersterday, 13/11/2010.

At the same day, they hacked another gov news agency site The Mirror Online News Paper (KyayMon) http://www.kyaymon.info/.

Now, Yatanarpon Portal is currently under maintenance, and they are trying to discover their site!

Wat i wana talk is, they are not care security in their web site, We informed XSS, SQL Injection, Bypass Login from Myanmar Web Portal last month http://www.planetcreator.net/2010/10/critical-sql-injection-in-yatanarpon-web-portal/ . I know they fixed some vul but not at all.

Now, security vulnerability are still existing in some sub domain of Yatnarpon Web Portal, such as http://job.yatnarpon.com.mm and so on…

If you want to see detail of this vulnerability Click Here (Note :- Registered Member Only- If you are not PlanetCreator.Net Member Sign up Here)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

LFI Scanner By GlaDiaT0R

#!/usr/bin/perl #LFI Scanner By GlaDiaT0R #My Mail: the_gl4di4t0r[AT]hotmail[DOT]com #Home Page: DarkGh0st.Com #Greetz To Boomrang_victim, Marwen_Neo & All Tunisian Hackers #www.darkgh0st.net #www.tunisian-power.net More Info http://www.planetcreator.net/planetcreator/perls.php?id=37

Critical SQL Injection in Planet Myannar Website and Forum

PlanetCreator has reported another critical SQL Injection (vulnerability) onÂ Planet Myannar Website and Forum http://www.planet.com.mm/ Powered by Inforithm-Maze. SQL injection is a code injection technique that exploits a security vulnerability

Selection of tools to automate an attack SQL Injection

sqlmap (http://sqlmap.sourceforge.net/) Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server. Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase. SQL Power Injector (http://www.sqlpowerinjector.com/) Implemented support for: Microsoft SQL Server,

[webapps] D-Link DIR-650IN - Authenticated Command Injection
on April 10, 2026 at 12:00 am
D-Link DIR-650IN - Authenticated Command Injection
[local] NetBT e-Fatura - Privilege Escalation
on April 10, 2026 at 12:00 am
NetBT e-Fatura - Privilege Escalation
[local] ZSH 5.9 - RCE
on April 9, 2026 at 12:00 am
ZSH 5.9 - RCE
[webapps] Jumbo Website Manager - Remote Code Execution
on April 9, 2026 at 12:00 am
Jumbo Website Manager - Remote Code Execution
[webapps] RomM 4.4.0 - XSS_CSRF Chain
on April 9, 2026 at 12:00 am
RomM 4.4.0 - XSS_CSRF Chain