PDA

View Full Version : Hacker Claims Full Compromise of Royal Navy Website



prashant_uniyal
11-07-2010, 08:22 PM
A hacker claims to have gained full access to the website of the British Royal Navy and the underlying database through an SQL injection attack.

Yeah! Tinkode again ! :D

http://adf.ly/AaBr

pr3dat0r
11-07-2010, 10:14 PM
Our country's navy site should also implement some security counter measures. I was browsing the site, & when I clicked to download a form I got an error that gave the information about the database technology used by that site.
This type of information can also posses threat to websites.
Click Here (http://www.4shared.com/photo/3pReTmpf/Nausena_leaked2.html) for image.

prashant_uniyal
11-07-2010, 11:10 PM
pr3dat0r its not gonna leak anything..its just a misconfiguration with the mysql settings..I had seen it long time ago..Indian defence sites till date are quite secured..may be we can find several govt. department's sites vulnerable to xss and sqli

prashant_uniyal
11-07-2010, 11:25 PM
Its totally safe now..earlier it was just a mysql misconfiguration. See :

http://img87.imageshack.us/img87/2302/26708258.jpg

pr3dat0r
11-07-2010, 11:35 PM
Thanx Prashant, u r right