hi to all i like to warning all users to stay away from this market and from any new market, this market has been hacked a few minutes ago.
this is info of panel admin :
user_name user_pass
admin $2y$10$3lvQG2epkFI6DZbzvOUQlO/kcKLAfHCZUDKdt3k/Z59gQnzVINOZi admin2 $2y$10$DEHjWfIBMUGFOj8CQkTZ0.toG/nurhi9IumPAbbtBaBmoCbqFL8va
this is info of access to database remotely by using (/phpmyadmin)
Host User Password
pma *67E8480887AD78875162CCB6927B0AAC08409A20
root *67E8480887AD78875162CCB6927B0AAC08409A20
if moderators need proof i can send to him url of exploit sqli.
update
this is proof of uploaded shell and dumped private key of url onion of market and info of config of login db using /phpmyadmin ;)
proof1 :
uploaded shell with sqli using sqlmap on vmware :
http://matrixtxri745dfw.onion/neo/uploads/170531/MATRIX_021953_uTY_proof2.png
proof 2 :
-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQDCmAaCBiW1x6trqiVXBw+DdGcEpguPfgcjbUcVKhFzhyeL8Zmm Fj+GQmLDhFgu3lTWQQDdIRmKetCJe5gMtSeg9y2yTUIiArZz5bOFZFp5/i9Kt1c7 /Qxagfg7/iOsWNvE01ey3/wV8Ki5bmAxLYRnFEK6pCrxB1i4zLZ1GOv10wIDAQAB AoGAKtAt5l+Z3mO+2GJH8tzP0flDTSeHNZvh0C6TzBlEW6mpzsVqK7uLYGustR2i FTW/bqBAo2ZL60bYKNdzfaBBxmtERV/CN7OeGS9TXsL+QlAMo+exkjxTwwmcEmw0 mJVo0WXQIottkxOtjmSCS1Zm0+hEkO/JOzbskSy7NRJlN/kCQQDhEDvnBDwEHZHS VLDG6Ll/V9RhNnDKQF0sNAmH7TgyMBD+mwblyQ4svQMbBI2WujG4q2XJR8P8+weU +9KimWPtAkEA3VeYvFuOyb78ydb9jNNuUqbjHIZHZFTegcJ9+938zmOR6LOBEqUc X6aTVKRPcFS9eovbyCdRL4MQO9LRzWcIvwJAQ7tJ+8U3dpmbh+v643GoWZ2KCdOD cCqcn6/tal3GurvicW0gT0kJngcoBxqArerNCeFzGXcikWDOsFR02IBHJQJAb35U XWzxPAaMZ094YJuQEuoltJSfGZb2jf5eX6SuV3goY0MoXS/2XugVhqlNqpPE7hnN F8FWT8yBPOEw9XpVGQJBAICX3Ikq7uIOSj/GGjH9w62IGOxQOkqIwbZXKV8ixzBd rM0PlhvrlQyN+c+u1Ef3bXvJE5xNTyM2oM6TE4jXSOA= -----END RSA PRIVATE KEY-----
tor_service42 http://yu3qmx5ha2eotxln.onion site42.local:8170 D:/xampp/htdocs/wiki wiki
proof3 :
information of config :
mysql_connect("127.0.0.1", "root", "9QjBj2D3V836b2vH");
I bet you can't hack my gmail.