10/16/2014

The hacking for the TV station of a server at the KUL was effectively hacking

okay we have found the server based upon the information that was leaked and published somewhere else (not very responsable for the journalists to do so because if the journalists in question kept the target to himself than that is because there is a good reason to do so) 

one being that any other hacker may now directly go and try to hack the server himself and because of this he may or may be not faced with some-one who has lot more of knowledge and can do a lot more harm - especially if the network is interconnected and the rest of the University network may be compromised (it can also be some half drunk students doing it from inside the network because they will suppose they will have a lot more priviliges like that) 

now we have found the server we have tried some things that we always do 

we go to google - because that is the only thing that we can do if we want to stay inside the law and did some typical tests to find data - and with whoich we have found already lots of data 

there was none 

this shows that to get the data you have only two ways 

* sql injection into a logon form (there are several - which is quite confusing and not a good security policy because you could centralize this and reinforce a strict security from there for all the logons for your server) 

* an attack against the root of the server or the application which means that there are vulnerabilities 

he could also use some stolen logons but that would take much more time (you will have to look for the names of everybody who works there and has access to the data (they are published online so that is no problem) and than you will have to infect them to get their password or you try to buiy their logons on the blackmarket 

but I doubt this

so it was hacking, he couldn't have downloaded the information from the public web 

so it is an infraction

so it is a crime 

we have contacted the CERT and the university to tell them that we have found the server and to warn them that more attacks may be on their way as the name of server is easy to find (thank you Google)

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.