Hack attempt
Date: November 24, 2007Source: idm.net.au
When the depatment’s Light Blue Touchpaper Wordpress blog was compromised by a hacker recently, researcher Steven Murdoch decided to do a little detective work to see what methods the hacker had used to get in and snoop around, and if anything had been changed.
What he found was due to an SQL injection weakness in the Wordpress installation, the hacker was able to upgrade his account from a user with comment posting privileges to a full administrator. The account was disabled soon after the initial breach, however, during the clean up Murdoch found himself intrigued by what password the hacker had been using.
Original article
Add comment
Email to a Friend
