The systems of Host Gator, a company that hosts over 8 million domains, have been breached by s3rver.exe. The hacker described the attack in a Pastebin document.
By leveraging a post cookie injection present on the site’s tickets subdomain, he managed to obtain the administrator’s password. Then he uploaded a shell that allowed him to gain access to the domain files of hostgator.com.
The data dump doesn’t seem to contain any sensitive information, but it shows that he has possessed access to certain restricted areas.
After the next phase, which s3rver.exe described as being a man-in-the middle attack, he contacted a member of Host Gator’s support team, asking him why the tracking.hostgator.com domain is down. The technician confirmed that for some reason there appeared to be “an issue on the server.”
At press time, the files uploaded by the hacker onto the tracking subdomain were still there.
source:softpedia
By leveraging a post cookie injection present on the site’s tickets subdomain, he managed to obtain the administrator’s password. Then he uploaded a shell that allowed him to gain access to the domain files of hostgator.com.
The data dump doesn’t seem to contain any sensitive information, but it shows that he has possessed access to certain restricted areas.
After the next phase, which s3rver.exe described as being a man-in-the middle attack, he contacted a member of Host Gator’s support team, asking him why the tracking.hostgator.com domain is down. The technician confirmed that for some reason there appeared to be “an issue on the server.”
At press time, the files uploaded by the hacker onto the tracking subdomain were still there.
source:softpedia