This morning, December 28th 2018, “Shawty Boy” of Pryzraky announced a hack and data leak effecting the City of Campo Grande, Brasil. In a data dump posted to Ghostbin, Shawty Boy explained how he was able to hack the back end of the city’s official website via SQL injection, granting him access to 3 databases. While he kept the exact payload used to breach the site private, to serve as proof of the hack, Shawty did leak the login user name and passwords for 3 website administrators – theoretically giving anyone in the world the ability to login into the site for themselves if they really wanted.
It should be noted that Shawty did tag the city in the leak, meaning that if the passwords have not already been changed, they almost certainly will be in the near future. In a message attached to the hack, Shawty also stated “Happy New Year half in advance! In 2019, we come back!” In a message to Rogue Media Labs, Shawty explained that after a brief break away from the hacking scene to end 2018, he plans on returning back to hacking activities in the new year.
Website Effected: hxxp://campogrande.ms.gov.br
Raw Leak: https://ghostbin.com/paste/jhar7/raw