regetel.be belgian crisiscommunication website not only hacked but also very unsecure
regetel is the website of the crisis communication if our country has a natural disaster, a big terrorist attack, an explosion, internal revolts, a cyberwar or war
"Alle 100 centrales (medische noodoproepen), de crisiscentra van de gouverneurs (CCPROV) en de permanente eenheden van de Civiele Veiligheid werden aangesloten. De aansluitingen naar andere belangrijke crisiscentra zoals het Maritiem Redding- en Coördinatiecentrum (MRCC) te Oostende, het Maritiem Informatie Kruispunt (MIK) te Zeebrugge, het secretariaat van de Zeewacht in Oostende, belangrijke sites van Fluxys, Electrabel, Elia, nucleaire installaties in Doel, Tihange, dispatchings van het Rode Kruis en de crisiscellen van de Communicatie- en Informatiecentra (CICASTRID) werden onlangs gerealiseerd of zijn in uitvoering."
it is the website that should make sure that everybody knows who they have to talk to and to manage the crisis telephonenetwork that is put into place (of which it has placed the directory online for everybody to see)
oh yes and it uses VOIP (that is telephone over the internet, block the internet and there is no telephone) but they also have public telephone numbers.
do you understand now how critical this may become ?
than go here : http://www.regetel.be/master/RegetelFlex.swf an external login page with password (and NO SSL encryption) so all these passwords are in cleartext and even if they were encrypted, such a network should have double authentification because in times of crisis you don't have time to reset stolen or abused password or to double check the identity of someone, you have to be absolutely sure
and how they were hacked ? even more stupidly probably
http://www.regetel.be/index.php?option=com_search&view=search this page is hacked so this page is a searchpage which means that probably they were hacked by sql injection. Now sql injection is as old as the year 2000 and should be known as something to check for before you put anything online, you even have specialised tools and better professional codingtools have the protections even integrated when you start coding searchforms and so on
it also means that this network or site has never had an external securitytest because this would have been found immediately
it also means that this network or site is not behind a good Web Application Defense or that the application is so badly coded that no Web Application Defense will be able to protect it
and if you are planning an attack on the VOIP network you should know where the system is developed or just not (so that there are still bugs you can use). That you can see on this page without password (the page is hacked so you can't see it now)
read also this for backinformation
this is a form
but the best I found with web-sniffer.net
|Date:||Sat, 02 Feb 2013 12:38:13 GMT|
|Server:||Apache/1.3.41 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/188.8.131.5235 mod_ssl/2.8.31 OpenSSL/0.9.7a|
not one part of this is patched and in order and really OpenSSL for highly critical networks ? Didn't have the 200 euro's for a real certificate ?
oh yes, if you have taken this down, you will have to take everything to the dustbin because how will you be 100 percent sure that there are no backdoors, keyloggers, sleeping accounts, insert bugs or timebombs
CLOSE THIS SHIT DOWN - and we will be more secure (oh and by the way you will have to change the numbers because they were distributed over the cybersoldiers over the whole world who one day may decide to do an undercover operation against the capital of the European Community or something like that
don't shoot the pianist - I already said and blogged about this stupid website in......2008 and before the belgian parliament during hearings