How I hacked a news website?

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Hey guys, It’s me Krishnadev P Melevila Again!! I am a self-made cyber enthusiast and Web application pentester.

Here, now I am writing about a local news website, I came to know about this site through an Instagram story of a social media influencer, I saw that his article was posted on that site so suddenly from somewhere a thought came to my mind! — Let’s hack and add my article by myself on the site.

So I just opened the site and check for the vulnerabilities, As soon as I checked, I found a login page. But I was 100% sure that it was not an admin login panel and it is just a frontend login.

But that frontend login was SQL Injection vulnerable and I just opened the burp suite and copied that POST request and exploited it in sqlmap. Yahoo!! I got the complete database.

But all the passwords are hashed! I don't like decrypting hashes!

https://medium.com/media/2b5d2144c471d25998d7810530690fe0/href

But wait!!!! I found an interesting matter. Many of the hashes on there are the

Read the article