Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label KillCode. Show all posts
KillCode
Database Leaked KillCode

KillCode hacks National Institutes of Health, found XSS in faa.gov,airforce.com


database leaked

A Hacker with a handle "KillCode" has contacted us with a link to dump.  It contains the data compromised from the subdomain 'IT Service Desk' of the National Institutes of Health website.(itservicedesk.nih.gov)

The leak contains 5208 account details that includes email address, login name, and encrypted password. The leak also contains some database name and table name details.
http://www.anonpaste.me/anonpaste2/index.php?6c66338fae0fc580#Q9fghIFzYmvj5roGLYk0LTSzU0E6F1897vQjYbUanUM=

At the time of press time, the hacked site is down.  It seems like the admin of the site is fixing the security flaw.


The hacker also discovered XSS Vulnerability in few high profile sites which includes Federal Aviation Authority (faa.gov) site, United States Air Force (airforce.com).

The proof of concept for the XSS Vulnerability can be found here:
http://www.anonpaste.me/anonpaste2/index.php?f66e175690c6e859#K7+wRJKOEyqudHgnaXWcobPZdySSxrd2mZxsp0NzFOQ=

http://www.anonpaste.me/anonpaste2/index.php?4ecd93394d6f7f5f#rq8lS4qTfDEkgp3VtR1ibqmCnqsHCX4mmPhwmH45KSI=

Read more »
Subscribe to: Posts (Atom)