The Tunisian hacker 'Human Mind Cracker' who discover critical vulnerability in high profile website, come with another interesting vulnerability finding. He discovered SQL Injection Vulnerability in one of the Bangladesh Bank website , "Islami Bank Bangladesh Ltd"(islamibankbd.com).
In an email sent to EHN, the hacker provided the vulnerable link and a link to the dump(heypasteit.com/clip/0MWN).
"The vulnerability was SQL injection...I report it many times..but they didn't reply and they didn't fix it yet...So I get into their database." Hacker said in the mail.
The dump contains database details, encrypted password, email address, admin id and password.
He also discovered Cross Site scripting security flaw in Feedback sending page of Islami Bank.
This is not the first time the Bank sites are being targeted by Human Mind cracker. Last time, he discovered SQLi in Tunisian Bank site.
The hacker always like to be a Grey Hat hacker and like to help the admin of site by reporting the vulnerability. But the admin fails to respond and fails to patch the security flaw.
In an email sent to EHN, the hacker provided the vulnerable link and a link to the dump(heypasteit.com/clip/0MWN).
"The vulnerability was SQL injection...I report it many times..but they didn't reply and they didn't fix it yet...So I get into their database." Hacker said in the mail.
The dump contains database details, encrypted password, email address, admin id and password.
He also discovered Cross Site scripting security flaw in Feedback sending page of Islami Bank.
This is not the first time the Bank sites are being targeted by Human Mind cracker. Last time, he discovered SQLi in Tunisian Bank site.
The hacker always like to be a Grey Hat hacker and like to help the admin of site by reporting the vulnerability. But the admin fails to respond and fails to patch the security flaw.
