Cop that Australian Federal Police

For discussions about security.
Post Reply
Message
Author
cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

Cop that Australian Federal Police

#1 Post by cthisbear »

"These dipshits are using an automatic digital forensics and incident response tool," the hacker wrote.

"All of this [hacking] had been done within 30-40 minutes. Could of been faster if I didn't stop to laugh so much."

http://www.smh.com.au/technology/securi ... -eohc.html

Shaon Diwakar, a security consultant at Hack Labs in Sydney, explained how the hack occurred.

"The attacker has discovered that the server didn't have a password for its database application and he has logged on ... and, using a technique called SQL injection, he created a PHP file on the disk and browsed through that PHP file to get complete control of that particular server," he said."

Chris.

Bruce B

#2 Post by Bruce B »

Chris,

The G agencies love technology. Pay big money for it.

There are businesses, contractors if you prefer, in the business of catering to the agencies.

Agencies buy the products, often first class crapware. They get a little training from the vendor on how to use the crap.

They, the agencies, do not however maintain or develop the technology. The crapware vendors do. The maintenance is often times included with the contract, with much of the maintenance done remotely. Very little security concern on the part of the vendors.

Frankly, IMO, in many cases all would be required to completely compromise the entire network is one disgruntled employee, someone from software, a technician or supervisor.

Bruce

Post Reply