United States Census Bureau Hacked and Vulnerability Exposed

A Group of Hackers from r00tw0rm found SQL injection Vulnerability on United States Census Bureauand Hackers successfully exploit the Database and Leak it online today. The United States Census Bureau is the government agency that is responsible for the United States Census. It also gathers other national demographic and economic data. As part of the United States Department of Commerce, the Census Bureau serves as a leading source of data about America's people and economy.

There is no reason mentioned for this attack yet by Hacker, But Hacker suggest United States Census Bureau to fix their loopholes as soon as possible. The Note include the Greets to other Hacking Groups like Inj3ct0r , TeaMp0isoN and Anonymous, seems that its a collective hack for #Antisec.

=======================

http://www.census.gov/

=======================

 

                 / ,

            /\  \|/  /\

            |\\_;=._//|

             \."   "./

             //^\ /^\\

      .'``",/ |0| |0| \,"``'.

     /   ,  `'\.---./'`  ,   \

    /`  /`\,."(     )".,/`\  `\

    /`     ( '.'-.-'.' )     `\

    /"`     "._  :  _."     `"\

     `/.'`"=.,_``=``_,.="`'.\`

   U.S         )   (     Census Bureau

   

   

   "They may be notified about it. Buh it's too late baby!

   It's 3:00 AM and I am too tired..Going to bed.. buh

   providing all t3h information so joo p30pl3 carry on!"

   

   

   

              -\ | /-

              ( o 0 )

       +----o0O-{_}-O0o----+

   

  'user','database','version'   =   webdev@web1.ssd.census.gov,cms,5.0.77-log

       

        http://goo.gl/6MJDq

       

        [+]  tables

       

   CHARACTER_SETS,

   COLLATIONS,

   COLLATION_CHARACTER_SET_APPLICABILITY,

   COLUMNS,

   COLUMN_PRIVILEGES,

   KEY_COLUMN_USAGE,

   PROFILING,

   ROUTINES,

   SCHEMATA,

   SCHEMA_PRIVILEGES,

   STATISTICS,

   TABLES,

   TABLE_CONSTRAINTS,

   TABLE_PRIVILEGES,

   TRIGGERS,

   USER_PRIVILEGES,

   VIEWS,

   account,

   area_interest,

   benefits,

   country,

   cv,

   cv_comment,

   cv_edu,

   cv_field,

   cv_job,

   cv_link,

   cv_photo,

   cv_pick_approval,

   cv_pick_div,

   cv_pick_edu_type,

   cv_pick_empl,

   cv_pick_flag,

   cv_pick_pub_type,

   cv_pick_topic,

   cv_pub,

   cv_pub_topic,

   cv_reviewer,

   cv_topic,

   dataset,

   dataset_coverage,

   dataset_field,

   dataset_fti,

   dataset_path,

   dataset_permission,

   disclosure_files,

   disclosure_request,

   disclosure_request_files,

   division,

   download,

   event,

   extra_field,

   foreign_keys,

   foreign_xr_keys,

   form,

   form_quality,

   form_year,

   funding,

   grp,

   industry,

   jel_codes,

   news,

   org_type,

   organization,

   origin,

   paper,

   paper_author,

   paper_dataset,

   paper_dataset_other,

   paper_notes,

   paper_status,

   period,

   person,

   person_roles,

   profession,

   proposal,

   proposal_approval_request,

   proposal_benefits,

   proposal_dataset,

   proposal_dataset_coverage,

   proposal_dataset_other,

   proposal_exte

   

   [+] table_name  =   columns

   

   proposal_dataset_other  =   id,proposal,dataset,unit_obs,size_obs,size_bytes,description

CHARACTER_SETS          =   CHARACTER_SET_NAME,DEFAULT_COLLATE_NAME,DESCRIPTION,MAXLEN

COLLATIONS              =   COLLATION_NAME,CHARACTER_SET_NAME,ID,IS_DEFAULT,IS_COMPILED,SORTLEN

COLLATION_CHARACTER_SET_APPLICABILITY   =    COLLATION_NAME,CHARACTER_SET_NAME

 

COLUMNS           =    TABLE_CATALOG,TABLE_SCHEMA,TABLE_NAME,COLUMN_NAME,ORDINAL_POSITION,COLUMN_DEFAULT,IS_NULLABLE,DATA_TYPE,CHARACTER_MAXIMUM_LENGTH,CHARACTER_OCTET_LENGTH,NUMERIC_PRECISION,NUMERIC_SCALE,CHARACTER_SET_NAME,COLLATION_NAME,COLUMN_TYPE,COLUMN_KEY,EXTRA,PRIVILEGES,COLUMN_COMMENT

 

COLUMN_PRIVILEGES    =   GRANTEE,TABLE_CATALOG,TABLE_SCHEMA,TABLE_NAME,COLUMN_NAME,PRIVILEGE_TYPE,IS_GRANTABLE

 

KEY_COLUMN_USAGE    =    CONSTRAINT_CATALOG,CONSTRAINT_SCHEMA,CONSTRAINT_NAME,TABLE_CATALOG,TABLE_SCHEMA,TABLE_NAME,COLUMN_NAME,ORDINAL_POSITION,POSITION_IN_UNIQUE_CONSTRAINT,REFERENCED_TABLE_SCHEMA,REFERENCED_TABLE_NAME,REFERENCED_COLUMN_NAME

 

cv   =    cv_id,usr_id,empl_id,name_last,name_first,name_middle,name_suffix,name_display,division_id,phone,phone_flag,email,bio,approval_date,approval_id,approval_usr_id,edited

 

 

PROFILING   =   QUERY_ID,SEQ,STATE,DURATION,CPU_USER,CPU_SYSTEM,CONTEXT_VOLUNTARY,CONTEXT_INVOLUNTARY,BLOCK_OPS_IN,BLOCK_OPS_OUT,MESSAGES_SENT,MESSAGES_RECEIVED,PAGE_FAULTS_MAJOR,PAGE_FAULTS_MINOR,SWAPS,SOURCE_FUNCTION,SOURCE_FILE,SOURCE_LINE

 

 

SCHEMA_PRIVILEGES    =  GRANTEE,TABLE_CATALOG,TABLE_SCHEMA,PRIVILEGE_TYPE,IS_GRANTABLE

proposal_dataset_coverage   =  proposal,coverage

foreign_xr_keys   =   id,parent_table,parent_key,xr_table,xr_parent_key,xr_child_key,child_table,child_key

 

STATISTICS    =    TABLE_CATALOG,TABLE_SCHEMA,TABLE_NAME,NON_UNIQUE,INDEX_SCHEMA,INDEX_NAME,SEQ_IN_INDEX,COLUMN_NAME,COLLATION,CARDINALITY,SUB_PART,PACKED,NULLABLE,INDEX_TYPE,COMMENT

 

TABLES   =       TABLE_CATALOG,TABLE_SCHEMA,TABLE_NAME,TABLE_TYPE,ENGINE,VERSION,ROW_FORMAT,TABLE_ROWS,AVG_ROW_LENGTH,DATA_LENGTH,MAX_DATA_LENGTH,INDEX_LENGTH,DATA_FREE,AUTO_INCREMENT,CREATE_TIME,UPDATE_TIME,CHECK_TIME,TABLE_COLLATION,CHECKSUM,CREATE_OPTIONS,TABLE_COMMENT

 

 

disclosure_files     =     id,parent,project,server,root,path,type,updated

cv_pub              =     pub_id,cv_id,pub_type_id,pub,pub_flag_id,order

 

 

 

      "So I quit here, I hope they gonna fix it soon!"

         

             .----.

                 _.'__    `.

             .--(#)(##)---/#\

           .' @          /###\

           :         ,   #####

            `-..__.-' _.-\###/  

                  `;_:    `"'

                .'"""""`.

               /, h4ck  ,\

              //   j00   \\

              `-._______.-'

              ___`. | .'___

             (______|______)

                         

       

   Greetings:    Team Inj3ct0r

                 Team r00tw0rm

                 #anti-sec @_TeaMp0isoN @Anonymous