14 DAY TRIAL // D35m0nd142, the German grey hat that’s slowly but surely becoming famous for finding vulnerabilities in major websites, did it again. He managed to breach a US Army site and for the second time he gained unauthorized access to mysql.com.
By leveraging a blind SQL injection vulnerability, the hacker managed to access the official website of the most popular open source database software.
“The admins have been warned the last time yet. Repair the site. It is dangerous,” D35m0nd142 wrote.
The other site he breached belongs to the US Army’s Combined Arms Center (usacac.army.mil). Similar to MySQL, this website also contained a blind SQL injection security hole.
From the Army’s site he leaked some sample information to prove that he gained access, but the hacker claims that no damage was done to the site and the administrators have been warned “immediately.”