On December 3rd 2018, a hacker going by the name of “Sh4wtyy K!ng” announced a hack of the State Biological Institue of Sau Paulo, Brasil (hxxp://biologico.sp.gov.br), leaking sensitive information tied to the sites databases online. Among other things, through the leak provided below you can find the login username and encrypted password for 6 site administrators, granting full access to the sites backend. In a statement available online, Shawtyy says that he was first able to exploit the site through an SQL Injection vulnerability on the home page – though no explanation as to his motives was given.
Raw Full Leak: https://ghostbin.com/paste/m92u4/raw
— ~Sh4wtyy K!nG~ (@Lil_Sh4wtyy) December 3, 2018
Categories: Hacking News