Sunday, February 6, 2011

how hillsboro beach website hacked ?

 few weeks ago i read a news on foxnews about an american website :

http://www.foxnews.com/scitech/2011/01/18/florida-communitys-website-targeted-iranian-hackers/

i logged in website and found the bug , in this post i want to show vulnerability of  this site :d

 let's go !
first , home page :

            sql  error :

            number of selected column is incorrect :

           mysql version :


           username and password :d :


user : tohbadministrator
pass : 481a91595db92d57

and login pages :
http://townofhillsborobeach.com/cmsadmin/index.php
http://townofhillsborobeach.com/ControlPanel/index.xsl

i have a message for foxnews , they are not iranian pro hackers ! they are some basiji script kiddies . . .
good luck :p

No comments:

Post a Comment