ethiopiantimes

January 26, 2012

Commercial Bank of Ethiopia website hacked & data leaked by SEPO

Filed under: Ethiopia — ethiopiantimes @ 11:50 am
Tags: ,

For the last 4 days I was posting a lot of hack’s in .gh(Ghana) domain. The most of them were banks. All this time, here on my blog, I saw a how the traffic from Ghana was rising up. Ofcourse, not only from Ghana. My post’s were reblogged by other blogers, writers, journalists and other users of the internet. It is very important, becouse other admins read all of this and they understand that everything in the internet can be hacked.

Today let’s move out of Ghana for a while. Let’s take a look to Ethiopia. What can we find here. As I was searching for a good list of target’s I understand – there is the same problem in the e-banking sector. Seem’s like no one is going to replace the breaches that can make a lot of problems.
Ok! Enough of this soap opera 😉 Let’s take a look at our first target.
The Commercial Bank of Ethiopia (CBE) is the largest commercial bank in Ethiopia and had about Birr 73.7 billion (US$4.45 billion), in assets at the end of June 2010. At the time, the bank held approximately 63.5% of deposits and about 38% of all bank loans in the country. The bank has about 9, 000 employees who staff the headquarters and 301 branches positioned in the main cities and regional towns, including 45 branches in Addis Ababa. CBE recently opened new branches in the remote towns of Injibara and Humera.
Type Government Owned
Industry Finance
Founded 1963
Headquarters Addis Ababa, Ethiopia
Products Financial services
Revenue ~
Total assets Birr 73.7+ billion (US$4.45+ billion) (2010)
Employees 9,000+ (2010)
Host IP: 69.89.31.83
Web Server: Apache
DB Server: MySQL >=5
Resp. Time(avg): 1108 ms
Current User: combanke_cbeadmi@localhost
Sql Version: 5.1.60-community-log
Current DB: combanke_cbedb
System User: combanke_cbeadmi@localhost
Host Name: box283.bluehost.com
Installation dir:/
DB User: ‘combanke_cbeadmi’@’localhost’
Data Bases: information_schema
combanke_cbedb
===================================================
combanke_cbedb
Table Name Columns
adminlog
advertisment
asquired
asquired_buildinghotelhouse
atm
bid
biditem
branch
branch_service
buildinghotelhouse
cbeuesrs
compfollup
compliant
compliants
currencytype
district
exchangerate
feedback
forclosure
jobposition
news
pages
procurment
property
service
vacancyitem
vehicle
vehicleasq
Data Base: combanke_cbedb
Table: cbeuesrs
Total Rows: 18

 

usrId usrname usrpassword usrfullname usremail usrrole
1 cbe d94cb1ecced733695415997b1a1878ee cbe admin navablanka@yahoo.com SA
20 nava 533078acd91fffef2a525239de4a3dc9 nava navablanka@yahoo.com AX
21 hw 65c2a3d77127c15d068dec7e00e50649 test test@combanketh.com SA
22 xa 53e59fface936ea788f7cf51e7b25531 xa xa@combanketh.com AX
23 xo f13dfee35a80a761918d326acd591d12 xo xo@combanketh.com X
24 senten 3d0e1db8b51b89e62b01067c97b6ba5f Senait ayalewf@freemail.et B
25 skten 12879fe24168807c1ef38cd5e580ee3a Selamawit Kefale skten@combanketh.com B
26 gaten 12879fe24168807c1ef38cd5e580ee3a gaten gashawtenaa@combanketh.com AB
27 mafb 35ce1d4eb0f666cd136987d34f64aedc Mekbib Amare Jiru mekbib.amare@combanketh.com F
28 fba 6671381000ee06f48d92e30c603533e2 fb feedback@combanketh.com FA
29 eafb 35ce1d4eb0f666cd136987d34f64aedc Etsegenet Alemu etsegenet.alemu@combanketh.com FA
30 Asrat Getaneh 4e42f7dd43ecbfe104de58610557c5ba Asrat Getaneh asrat.getaneh@combanketh.com X
31 agxratea 4e42f7dd43ecbfe104de58610557c5ba Asrat Getaneh asrat.getaneh@combanketh.com AX
32 agxrate 4e42f7dd43ecbfe104de58610557c5ba Asrat Getaneh asrat.getaneh@combanketh.com X
33 Gashawtena Amdetsion 12879fe24168807c1ef38cd5e580ee3a gashawtena gashawtenaa@combanketh.com AB
34 tbu c43221b12ac4410fcc2c0b43630e03a8 test branch user nava@yahoo.com BFA
35 tfa 82bb75eeb62da92ed8ba501e306dc7e6 test feedback admin taa@yahoo.com FA
36 mb a9ddcf51419881bdee445181e32ede58 mb mb mb@combanketh.com BFA
Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: