Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / NewStats: 3,165,852 members, 7,862,787 topics. Date: Monday, 17 June 2024 at 06:37 AM |
Nairaland Forum / Science/Technology / Webmasters / See What I Found In This Website | Bug (970 Views)
Microsoft Acknowledges Wi-fi Bug Hitting Windows 10 Version 1903 / Finally : Narialand Functional Clone Script ( Original Script/ Bug Free) / Download The Flash On This Website (2) (3) (4)
See What I Found In This Website | Bug by Cyberleets: 2:58pm On Dec 05, 2018 |
So i was doing my routine security analysis on different sites here in naira then i saw a link someone posted. i decided to pick the site up and analyse, turns the site has multiple bug... its a financial site that gives loan... the site stores its database backup in the root folder, i was able to download it and get the admin details and that of upto 56,000 users. why cant a company as big as that invest in security?? now i can approve loans, and 56,000 users atm cards and bvn is being stored there too... nairaland webmasters see for your self. Modified: Company details removed |
Re: See What I Found In This Website | Bug by fixedhollies(m): 3:01pm On Dec 05, 2018 |
You self na hacker... whe you got there, why didn’t you leave in peace, you come download bank details � |
Re: See What I Found In This Website | Bug by Ayo081(m): 3:25pm On Dec 05, 2018 |
Develop something for them, contact them maybe they'll buy you |
Re: See What I Found In This Website | Bug by Cyberleets: 5:26pm On Dec 05, 2018 |
maxweb:Contact me via siggy |
Re: See What I Found In This Website | Bug by Cyberleets: 6:22pm On Dec 05, 2018 |
ediko5: I won't compromise bro...I will contact them tonight and let them know what to do about it.. My own details is even there (including bvn )..cos I registered as a user to also carry out proper analysis... It's a big security issue that needs to be corrected immediately! |
Re: See What I Found In This Website | Bug by Cyberleets: 6:25pm On Dec 05, 2018 |
Ire2: Haba...fear God at least!! I only posted it here so webmasters can see the importance of security. They might even arrest the web developers of that site when I contact the company |
Re: See What I Found In This Website | Bug by BitsMaster: 7:29pm On Dec 05, 2018 |
This is serious. You must be a hacker. |
Re: See What I Found In This Website | Bug by Wizdeen(m): 9:59pm On Dec 05, 2018 |
well, we all are curious at times, its the most desirable threat of a hacker , i understand your curiosity led to your recon and vulnerability analysis of the site but active exploitation could lead to a serious case bro , i had being a victim once when i passively did a recon without permission ,knowing you to be a professional, i trust you to take the right steps to bring it to their notice and avoid persecution . |
Re: See What I Found In This Website | Bug by Wizdeen(m): 10:01pm On Dec 05, 2018 |
and i suggest you withold their identity as there are very good bad guys here too that might want to go after those juicy data |
Re: See What I Found In This Website | Bug by Cyberleets: 10:32pm On Dec 05, 2018 |
Wizdeen: Was almost arrested at asaba when I reported a case of web vulnerability to a government website...they told me to come that they have a Job For me...I went there, met the gateman and explained myself!! Gateman pointed at a hilux parking inside...then told me it was me they were waiting for I didn't spend extra 2 seconds there at that moment... This our job is very risky... 1 Like |
Re: See What I Found In This Website | Bug by Nobody: 11:18pm On Dec 05, 2018 |
Hey, do you want a coverage of this vulnerability on our blog with credit to you Don't see any risks there, it's a normal thing in the IT world, so long as you didn't steal the information, just reporting a bug! |
Re: See What I Found In This Website | Bug by Cyberleets: 7:08am On Dec 06, 2018 |
questechie: Ofcos no problem |
Re: See What I Found In This Website | Bug by Nobody: 7:10am On Dec 06, 2018 |
This is very wrong...if you had good intentions you wouldnt have posted the company name in a public domain like this...You could have contacted them via email or any other channel.You are not only exposing them you are giving other hackers insight into exploiting the site while killing the organisations brand...Theres a better way to manage sensitive stuff like this... |
Re: See What I Found In This Website | Bug by Cyberleets: 7:22am On Dec 06, 2018 |
dobsava:Alright I wil take down this post |
Re: See What I Found In This Website | Bug by Nobody: 7:32am On Dec 06, 2018 |
Thats very noble of you...If you are into Website hardening and website security analysis.Kindly contact me via this email dobsava@gmail.com. |
Re: See What I Found In This Website | Bug by hitswitches: 8:10am On Dec 06, 2018 |
Weldone Bro please can you inbox me your contact want to learn ethical hacking too...or could you recommend a good institute where i can learn one. Also you are aware the website name is still showing in the user quoted comments...Even after hiding the business name...I think its safer to delete this post.But reply me first lol!!! Cyberleets: |
Re: See What I Found In This Website | Bug by Cyberleets: 8:50am On Dec 06, 2018 |
hitswitches: U can purchase courses from udemy...(paid) Or use YouTube videos... (free) Or contact me for lectures (paid) |
Re: See What I Found In This Website | Bug by hitswitches: 10:02am On Dec 06, 2018 |
Oya share contact naaa Cyberleets: |
Re: See What I Found In This Website | Bug by Cyberleets: 10:05am On Dec 06, 2018 |
hitswitches: Check signature |
Re: See What I Found In This Website | Bug by ediko5(m): 10:23am On Dec 06, 2018 |
Cyberleets: Bro that reminds me. I had this argument with a friend that if a person't BVN is exposed to others, it possess no security threat but he said it's a big threat. Can you tell me how it is a threat? |
Re: See What I Found In This Website | Bug by Cyberleets: 10:42am On Dec 06, 2018 |
ediko5: It's a security stuff u don't discuss in public... |
(1) (Reply)
Adsense Account Verification / Hello Nlanders, Has Id Verification Override Address Verification On Adsense? / Cheap Web Hosting
(Go Up)
Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 26 |