Screw with "Hackers"

[Scary_Turtle]

I've been a .NET developer for many years so SQL injection is something that was solved in .NET a long time ago with the use of strongly-typed querystring variables and the Entity Framework. Most SQL injection attacks in .NET come about because of inexperienced developers using querystring parameters that accept any string, and then also by manually building out SQL queries directly from the querystring parameters without any kind of sanitising or checking. PHP has this problem too.

I work as a pentester, we found at most 5 sql injections last year amoung 100 pentesters.

10 years ago it was everywhere you almost got a sql injection per assessment. Those were the days haha.

Now days it's ripping apart Active Directory because that is a Microsoft mess and people don't know how to set it up properly.

 

[dontcryforme]

I read something very different but no need to be an ass.

It just sounded like you treating me like an idiot. Didnt think you would take offence for being labelled as high or working for a bank.

 

[dontcryforme]

Ah, getting a fresh attack at the moment. Coming from 3 IPs in Russia. Seems automated although timing in-between requests seem random. Definitely a brute force attack but not close to my laptop to check log specifics so can also be SQL injection attempts. Longest attack I've seen so far. Funny, think this may be a paid attempt by a competitor

 

[semaphore]

Our platform is constantly hammered daily with brute for attacks. It’s rather cute to watch. We have a pretty sophisticated topology of protection so they’re not even getting anywhere close to the core.

 

[dontcryforme]

Our platform is constantly hammered daily with brute for attacks. It’s rather cute to watch. We have a pretty sophisticated topology of protection so they’re not even getting anywhere close to the core.

Haven't had an incident on my side yet, but then again one should never be too sure. There's always new clever ways. So I monitor in many different ways

 

[dontcryforme]

Ah, getting a fresh attack at the moment. Coming from 3 IPs in Russia. Seems automated although timing in-between requests seem random. Definitely a brute force attack but not close to my laptop to check log specifics so can also be SQL injection attempts. Longest attack I've seen so far. Funny, think this may be a paid attempt by a competitor

So after the third wave I decided to go have a look. This is some data from the logs from the hackers' attempts:



Yeah. Yeah. F0ck me, I cant even create a user with the email "admin" as it would fail validation. Not even in the backend. I would have to remove the validation rules in multiple places, push the updates to the server and then do it.

They might be trying to do some SQL injection in the password field, but that is filtered out of the logs so I cant see anything.

Have to love Mother Russia. And hate their politicians no more than any other.

 

[dontcryforme]

I have finally come around to doing this and redirecting hacker requests, whether in php, js, css, html, xml, json or whatever to an html page serving a ton of ads.

Oh, its beautiful. I have already earned 9c in just under an hour!

 

[s0lar]

Our platform is constantly hammered daily with brute for attacks. It’s rather cute to watch. We have a pretty sophisticated topology of protection so they’re not even getting anywhere close to the core.

Famous last words.

 

[dontcryforme]

Famous last words.

You can't be too careful. I monitor it manually too almost every minute of every day. Any and every action that is taken on the server, I see real time (well, that which the server knows is happening at least)

 

[semaphore]

You can't be too careful. I monitor it manually too almost every minute of every day. Any and every action that is taken on the server, I see real time (well, that which the server knows is happening at least)

That seems so boring and time consuming, you need to get better things in place. Your setup should not require constant manual monitoring and intervention. When do you actually get any work done.

Famous last words.

I'll let you know, in four years there have been hundreds of attempts with zero breaches, primarily because stuff is not accessible in conventional means and it goes through many, many layers of security and abstraction.

 

[dontcryforme]

That seems so boring and time consuming, you need to get better things in place. Your setup should not require constant manual monitoring and intervention. When do you actually get any work done.

Too confident. You don't know what you don't know. No system is perfect. If you act too clever you will be given an opportunity to be educated.

99% of companies only find out they were hacked when the data gets exposed to the public.

 

[semaphore]

Too confident. You don't know what you don't know. No system is perfect. If you act too clever you will be given an opportunity to be educated.

We know a lot, we have a team dedicated to security.

 

[dontcryforme]

We know a lot, we have a team dedicated to security.

Which is great, but I mean, even the best gets hacked successfully.

And those that do not get hacked have failures. And monitoring isn't just about security, it's about system integrity too. Not everything is in your control. From hardware to network infrastructure, to software dependencies.

And what good is a dedicated security team if they think their job is to buy security subscriptions and do not do any monitoring?

 

[dontcryforme]

We know a lot, we have a team dedicated to security.

Biggest security weakness in the world

Human error is the weakest link in the cyber security chain. Here are 3 ways to fix it.

mybroadband.co.za

Do you think this was a dis at you?