Harvard Carr Center for Human Rights Policy Hacked, Password was "DOG" ?
Oct 08, 2012
Harvard's Carr Center for Human Rights Policy website ( www.hks.harvard.edu/cchrp/ ) was hacked last week and then silently fixed by the administrator without giving Reply/Credit to the Whitehat Hacker who reported the vulnerability. The Hack incident was performed in 3 Phases as described below: Phase 1: A Hacker , with nickname " FastFive" posted a few sql injection vulnerable Educational sites on a famous Hacking Forum last week which included the SQLi vulnerable link for the Harvard Carr Center for Human Rights Policy website, as you can see in the list in the above screenshot taken by me. Phase 2 : Almost 100's of Hackers have seen the post from " FastFive " and they got some juicy information for their next targets. One of them named, " Vansh " successfully exploit the Harvard's site and extracted the database onto his computer. He Found the username and Password from the table and tried to login on the Admin access panel location