Thursday , March 30 2023
Breaking News
Home / Defacement / Local hacker says “Lulz” to LBC’s security

Local hacker says “Lulz” to LBC’s security

Clifford Trigo February 24, 2014 Defacement Leave a comment 528 Views


One of the leading cargo and courier services in the country, LBC express,  suffers website security hack as one local hacker penetrated its website.

The hacker who identified himself as “Kh4lifax” managed to upload his own php file containing his messages.

“LBC? Upgrade you security Lulz.  Where’s the security? ,” the hacker writes.

When contacted, he revealed that this is not just an ordinary defacement, a web application that is shelled, but a full take over.

Kh4lifax explained, he made his way through a SQL injection vulnerability and gained the root user.

He provided me screenshots of the site’s tables from accordingly databases, lbc_dbl and bc_read.

Currently, the defacement can still be accessed publicly.

Tags

About Clifford Trigo

I am Clifford Trigo a proud Boholano / Pinoy / Filipino Web App Security Researcher. Day by day, I'm learning new things :)) Visit my Hackerone Profile, currently at top 2 overall :D
Clifford Trigo : Web Application Security Researcher :)
© Copyright 2023, https://www.pinoyhacknews.com!