Monday, November 20, 2017
Home / Security / Breaches / @OfficialNull hacked Department of Homeland Security via LFI Vulnerability

@OfficialNull hacked Department of Homeland Security via LFI Vulnerability

@OfficialNull just announced the breach of the studyinthestates.dhs.gov, a sub domain of the official dhs.gov site.

Nullcrew dumped  some info from the servers including the wp-config.php which contains the database info and database names.  Wp-config.php is a PHP file contained in the WordPress CMS, and is the most sensitive file in a WordPress installation.   They announced the hack on Twitter with a Pastebin link containing specifics of the hack.

http://twitter.com/OfficialNull/status/287465103912222720

The sub domain was exploited via a local file inclusion (LFI) which allows the attackers to access files on the victim’s system. This exposure comes about when a page include isn’t properly sanitized, and grants directory traversal characters to be injected.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Top Massachusetts hospital suffers a data breach

One of the United State’s leading hospitals, Massachusetts General (MGH), has fallen victim to a …