User Data of Ordroid Forum (Hardkernel)

k0mm4nd (25) in data • 7 years ago

Declaration

I'm not the hacker, and I'm just wanna share the data. I had reported it to their webmaster.
ODROID's LOGO

Content

It is an easy process to find the weakness of odroid forum. At first I just wanna watch their goods list. Because I have an IoT project, which needs lots of devices.

Though they are a great company (Hardkernel, http://www.hardkernel.com/), they dont have enough attention on the safety of their website. I had told them their websites are unsafe, but they do not reply and treat me as a kid who just know guessing the admin password.

Then they changed the password and deleted the phpmyadmin.

so funny

But they do not fix the BUG at all !

Not only the forum data, but other sites' data (like the wordpress site, but relatively has less value) can we get through the SQL Injection. In other word, they did not control the user priv in mysql.

Later, I tried the os-shell which provided by sqlmap but failed. But I think other method, like general_log config, could be able to get their shell. But I never try to get shell unless the RCE bug exists, I do not have the hobby to collect others' servers, they are meaningless for me ~

Finally I just get the data.

Download

So disappointed that I cannot upload the attachment to steemit !

I do hope that it doesnt ban the externel link.

The data can be download at HERE

Last but not least

Hardkernel should do more than before, not only your hardware.
Hardkernel's logo

data hack odroid forum hardkernel

7 years ago by k0mm4nd (25)

$0.03

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!

Sort Order:

Trending

[-]

steemitboard (66) · 7 years ago

Congratulations @k0mm4nd! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

You published your First Post
You made your First Vote
You got a First Vote
Award for the number of upvotes received

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!

$0.00

[-]

steemitboard (66) · 6 years ago

Congratulations @k0mm4nd! You have received a personal award!

1 Year on Steemit
_{Click on the badge to view your Board of Honor.}

Do not miss the last post from @steemitboard:

	The new Steemfest³ Award is ready!
	Be ready for the next contest!

Support SteemitBoard's project! Vote for its witness and get one more award!

$0.00

[-]

steemitboard (66) · 5 years ago

Congratulations @k0mm4nd! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 2 years!

_{You can view your badges on your Steem Board and compare to others on the Steem Ranking}

Do not miss the last post from @steemitboard:

SteemFest⁴ - Meet the Steemians Contest

Vote for @Steemitboard as a witness to get one more award and increased upvotes!

$0.00

User Data of Ordroid Forum (Hardkernel)steemCreated with Sketch.

Declaration

Content

Download

Last but not least

Vote for @Steemitboard as a witness to get one more award and increased upvotes!

User Data of Ordroid Forum (Hardkernel)