Recent site activity

Announcement‎ > ‎

Administrative login@China government sites

posted Dec 30, 2011, 11:19 AM by Anthony Lai
I just heard about there are around 4M user records exposed in a government unit in GZ.
http://www.sc168.com.cn/.%5Cshenghuozixun%5C201112300084.htm

At the same time, I simply input a very simple query in Google:
site:gov.cn intitle:后台



I could get dump of China government web sites with their CMS (Content Management System) administrative login page. Be frank, why don't they try to put it to another server? using a secure channel to access them? In addition, some are suffering with SQL injection vulnerability for those .asp pages.

I could say, "同志們, Good Luck".不過, 香港同澳門你都唔好咁老定:)
Comments