South African university website hacked by Anonymous

The site was vulnerable to SQL injection since 2012.. I hacked into it back when I was a student there.. The site database had students records like names, student number, ID, course registered, etc.. But no academic records and other important stuff.. Hope this won't incriminate me..
 
The site was vulnerable to SQL injection since 2012.. I hacked into it back when I was a student there.. The site database had students records like names, student number, ID, course registered, etc.. But no academic records and other important stuff.. Hope this won't incriminate me..

Oh yeah it does. You just admitted on a public forum that you committed a crime, the Protection Of Information Act. At a State Institution nogal. Not that anybody cares. You do know that SAPS have a Cyber Crime Unit (not the usual ID10T's)? Don't be sorry, be careful. :D
 
Last edited:
Those script kiddies at it again.
And with that another weekend is ruined for sysadmins because of nothing more than embarrassment.

I am still not sure what this #"OpAfrica crusade" has yielded other than defaced websites. Naughty kids spraying graffiti on a wall behind a fence behave in the same way.
 
If they wanted to make a difference they should hack the bank accounts of the stealing politicians and donate the money to deserving NGOs who actually make a difference!

Defacing websites is a bit like burning schools.
 
Oh yeah it does. You just admitted on a public forum that you committed a crime, the Protection Of Information Act. At a State Institution nogal. Not that anybody cares. You do know that SAPS have a Cyber Crime Unit (not the usual ID10T's)? Don't be sorry, be careful. :D

Not really a crime if you followed proper process. You do know that there is a whole industry of security experts and white-hat security experts out there who do nothing else than finding issues like this to protect the man on the street.

TBH - most of government websites developed by SITA and some of very well-known SA ICT companies have data leaked all over pastebin. I would rather be worried about the hacks and leaks you do not hear about (such as a popular local e-commerce leaking out 30,000 creditcard records onto Google last month - no one has heard about it).
 
As if the students or anyone else will be bothered by these hackers. Africans will see it as racism/imperialism/ 3rd force.

The people are aware of failings of the government but they still vote for the same government so how will this messages on websites do anything ? The people in Limpopo are not getting textbooks because of government failure, but the ANC has the most support in the Limpopo province.
 
As if the students or anyone else will be bothered by these hackers. Africans will see it as racism/imperialism/ 3rd force.

The people are aware of failings of the government but they still vote for the same government so how will this messages on websites do anything ? The people in Limpopo are not getting textbooks because of government failure, but the ANC has the most support in the Limpopo province.

Keep the voting majority in the dark as far as possible and votes are secured for a long time.
 
Not really a crime if you followed proper process. You do know that there is a whole industry of security experts and white-hat security experts out there who do nothing else than finding issues like this to protect the man on the street.

TBH - most of government websites developed by SITA and some of very well-known SA ICT companies have data leaked all over pastebin. I would rather be worried about the hacks and leaks you do not hear about (such as a popular local e-commerce leaking out 30,000 creditcard records onto Google last month - no one has heard about it).

Yes, of course I know that. He "hacked", by his own admission, into an account with personal info to which he was not privy. I also mentioned that nobody cares with a :D
 
I would rather be worried about the hacks and leaks you do not hear about (such as a popular local e-commerce leaking out 30,000 creditcard records onto Google last month - no one has heard about it).

There it is. Information ending up in the hands of people that should not have it. And reading up, if personal data could be ex-filtrated from the hack, that's bad. I guess there could be other bits and pieces of info, perhaps even a copy of an ID or so? Thing is you can keep your data secure, but you have to supply data to some other parties, the University in this case. Do they keep it secure? No. So much data floating about, not only internationally, but also locally. A hackers wet dream. How many numpties re-use passwords?

Given enough bits and pieces of information on a party, I could become that party virtually speaking, none of his assistance required. So if I want to become MagicDude4Eva, I do not target MagicDude4Eva with phishing and social engineering as he'd be too savvy. No, I target his providers. Mission accomplished and hello, my name is MagicDude4Eva.
 
There it is. Information ending up in the hands of people that should not have it. And reading up, if personal data could be ex-filtrated from the hack, that's bad. I guess there could be other bits and pieces of info, perhaps even a copy of an ID or so? Thing is you can keep your data secure, but you have to supply data to some other parties, the University in this case. Do they keep it secure? No. So much data floating about, not only internationally, but also locally. A hackers wet dream. How many numpties re-use passwords?

Given enough bits and pieces of information on a party, I could become that party virtually speaking, none of his assistance required. So if I want to become MagicDude4Eva, I do not target MagicDude4Eva with phishing and social engineering as he'd be too savvy. No, I target his providers. Mission accomplished and hello, my name is MagicDude4Eva.

+ 1
 
What does this achieve exactly? I can't see Uni Limpopo being a vessel for government corruption so even a bit of embarrassment achieves nothing.
 
What does this achieve exactly? I can't see Uni Limpopo being a vessel for government corruption so even a bit of embarrassment achieves nothing.

I guess it was a low hanging fruit. Shodan/Google with some clever search request will show you many government websites and servers that are vulnerable.
 
What does this achieve exactly? I can't see Uni Limpopo being a vessel for government corruption so even a bit of embarrassment achieves nothing.

"Anonymous" is as thick as pig shyte. They can't even distinguish the difference between Africa being a continent and South Africa a country.

Asking what they plan to achieve is like asking them a simple math question. They aren't gonna get it right.
 
Top
Sign up to the MyBroadband newsletter