LeakedIn Logo
Stories About Data Leaks and Related Stuff

Posts Tagged ‘Login/Password List’

Potential leak of data: Login/Password List

0 votedvote

Detected 1 occurrence(s) of ‘username[ \t:]+password[ \t:]+email’:

wilkes-barre.pa.us

small town site I came across, thought itd be fun to dump their db

by: NickMason aka llllllllllllllll

twitter.com/OUCH_Hackers

id 	username 	password 	email 	fullname 	gender 	tel_home 	tel_work 	tel_mob 	access
1 	wilkes-barre 	Galactus1 	fhershberger@wilkes-barre.pa.us 	frank Hershberger 	male 				admins,settings,design,stats
2 	llau 	Spiderman1 	llau@wilkes-barre.pa.us 	louis lau 	male 				admins,setting

Source: pastebin.com/raw.php?i=kUtggTch

Potential leak of data: MySQL Connect Information

0 votedvote

Detected 2 occurrence(s) of ‘mysql_connect\([^\$]’:

"Unclosed quotation mark before the character string"
"Warning: Bad arguments to (join|implode) () in" "on line" -help -forum
"Warning: Cannot modify header information - headers already sent"
"Warning: Division by zero in" "on line" -forum
"Warning: mysql_connect(): Access denied for user: '*@*" "on line" -help -forum
"Warning: mysql_query()" "invalid query"
"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"
"Warning: Supplied argument is not a valid File-Handle resource in"
"Warning:" "faile

Detected 1 occurrence(s) of ‘[ \t:=”‘]+[0-9a-f]{32}(?:[0-9a-f]{8})?’:

b Access (a better way)
PhotoPost PHP Upload
PHPhotoalbum Statistics
PHPhotoalbum Upload
Please enter a valid password! inurl:polladmin
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"#mysql dump" filetype:sql 21232f297a57a5a743894a0e4a801fc3
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurl:(PDF | DOC)
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report"
"HTTP_FROM=googlebot" googlebot.com "Server_Software="
"Index of" / 

Detected 2 occurrence(s) of ‘enable secret’:

SWF
filetype:TXT TXT
filetype:XLS XLS
htpasswd / htpasswd.bak
Index of phpMyAdmin
index of: intext:Gallery in Configuration mode
index.of passlist
intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
intext:"d.aspx?id" || inurl:"d.aspx?id"
intext:"enable secret 5 $"
intext:"powered by Web Wiz Journal"
intext:"SteamUserPassphrase=" intext:"SteamAppUser=" -"username" -"user"
intitle:"--- VIDEO WEB SERVER ---" intext:"Video Web Server" "Any time & Any where" username password
intitle:"500 Internal Server Error"

Detected 1 occurrence(s) of ‘username[ \t:]+password[ \t:]+email’:

SER SSHHOSTKEYS
filetype:sql "insert into" (pass|passwd|password)
filetype:sql ("values * MD5" | "values * password" | "values * encrypt")
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:"enable password 7"
intext:"enable secret 5 $"
intext:"EZGuestbook"
intext:"Web Wiz Journal"
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of

Source: pastebin.com/raw.php?i=d3abSApS

Potential leak of data: MySQL Connect Information

0 votedvote

Detected 2 occurrence(s) of ‘mysql_connect\([^\$]’:

"Unclosed quotation mark before the character string"
"Warning: Bad arguments to (join|implode) () in" "on line" -help -forum
"Warning: Cannot modify header information - headers already sent"
"Warning: Division by zero in" "on line" -forum
"Warning: mysql_connect(): Access denied for user: '*@*" "on line" -help -forum
"Warning: mysql_query()" "invalid query"
"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"
"Warning: Supplied argument is not a valid File-Handle resource in"
"Warning:" "faile

Detected 1 occurrence(s) of ‘[ \t:=”‘]+[0-9a-f]{32}(?:[0-9a-f]{8})?’:

b Access (a better way)
PhotoPost PHP Upload
PHPhotoalbum Statistics
PHPhotoalbum Upload
Please enter a valid password! inurl:polladmin
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"#mysql dump" filetype:sql 21232f297a57a5a743894a0e4a801fc3
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurl:(PDF | DOC)
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report"
"HTTP_FROM=googlebot" googlebot.com "Server_Software="
"Index of" / 

Detected 2 occurrence(s) of ‘enable secret’:

SWF
filetype:TXT TXT
filetype:XLS XLS
htpasswd / htpasswd.bak
Index of phpMyAdmin
index of: intext:Gallery in Configuration mode
index.of passlist
intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
intext:"d.aspx?id" || inurl:"d.aspx?id"
intext:"enable secret 5 $"
intext:"powered by Web Wiz Journal"
intext:"SteamUserPassphrase=" intext:"SteamAppUser=" -"username" -"user"
intitle:"--- VIDEO WEB SERVER ---" intext:"Video Web Server" "Any time & Any where" username password
intitle:"500 Internal Server Error"

Detected 1 occurrence(s) of ‘username[ \t:]+password[ \t:]+email’:

SER SSHHOSTKEYS
filetype:sql "insert into" (pass|passwd|password)
filetype:sql ("values * MD5" | "values * password" | "values * encrypt")
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:"enable password 7"
intext:"enable secret 5 $"
intext:"EZGuestbook"
intext:"Web Wiz Journal"
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of

Source: pastebin.com/raw.php?i=0cPZ0Ug0

Potential leak of data: MySQL Connect Information

0 votedvote

Detected 2 occurrence(s) of ‘mysql_connect\([^\$]’:

“Unclosed quotation mark before the character string”
“Warning: Bad arguments to (join|implode) () in” “on line” -help -forum
“Warning: Cannot modify header information – headers already sent”
“Warning: Division by zero in” “on line” -forum
“Warning: mysql_connect(): Access denied for user: ‘*@*” “on line” -help -forum
“Warning: mysql_query()” “invalid query”
“Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL”
“Warning: Supplied argument is not a valid File-Handle resource in”
“Warning:” “faile

Detected 1 occurrence(s) of ‘[ \t:=”‘]+[0-9a-f]{32}(?:[0-9a-f]{8})?’:

b Access (a better way)
PhotoPost PHP Upload
PHPhotoalbum Statistics
PHPhotoalbum Upload
Please enter a valid password! inurl:polladmin
intitle:”DocuShare” inurl:”docushare/dsweb/” -faq -gov -edu
“#mysql dump” filetype:sql
“#mysql dump” filetype:sql 21232f297a57a5a743894a0e4a801fc3
“allow_call_time_pass_reference” “PATH_INFO”
“Certificate Practice Statement” inurl:(PDF | DOC)
“Generated by phpSystem”
“generated by wwwstat”
“Host Vulnerability Summary Report”
“HTTP_FROM=googlebot” googlebot.com “Server_Software=”
“Index of” / 

Detected 2 occurrence(s) of ‘enable secret’:

SWF
filetype:TXT TXT
filetype:XLS XLS
htpasswd / htpasswd.bak
Index of phpMyAdmin
index of: intext:Gallery in Configuration mode
index.of passlist
intext:”"BiTBOARD v2.0″ BiTSHiFTERS Bulletin Board”
intext:”d.aspx?id” || inurl:”d.aspx?id”
intext:”enable secret 5 $”
intext:”powered by Web Wiz Journal”
intext:”SteamUserPassphrase=” intext:”SteamAppUser=” -”username” -”user”
intitle:”— VIDEO WEB SERVER —” intext:”Video Web Server” “Any time & Any where” username password
intitle:”500 Internal Server Error” “se

Detected 1 occurrence(s) of ‘username[ \t:]+password[ \t:]+email’:

SER SSHHOSTKEYS
filetype:sql “insert into” (pass|passwd|password)
filetype:sql (“values * MD5″ | “values * password” | “values * encrypt”)
filetype:sql +”IDENTIFIED BY” -cvs
filetype:sql password
filetype:url +inurl:”ftp://” +inurl:”;@”
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:”enable password 7″
intext:”enable secret 5 $”
intext:”EZGuestbook”
intext:”Web Wiz Journal”
intitle:”index of” intext:connect.inc
intitle:”index of” intext:globals.inc
intitle:”Index of

Source: pastebin.com/raw.php?i=aRTcPbxE

Potential leak of data: Login/Password List

0 votedvote

Detected 1 occurrence(s) of ‘username[ \t:]+password[ \t:]+email’:

website : www.themirror.nl
SQL by  : stennis1
Forum   : cyberterrorists.net
DB      : web46_db1
Table   : users


username 	 password 	          email
--------------------------------------------------------------
dweazle 	3d0d78dd7f0de64f 	dennis@krul.nu
andy 	7dad4caf40569518 	andy@security.nl.eu.org
cappie 	3382e4037da6fcca 	cappie@quickzone.cx
tetsuo 	2b2906191109a885 	o0akira0o@hotmail.com
ep

Source: pastebin.com/raw.php?i=YwrMxiN1