South African university website hacked by Anonymous

The site was vulnerable to SQL injection since 2012.. I hacked into it back when I was a student there.. The site database had students records like names, student number, ID, course registered, etc.. But no academic records and other important stuff.. Hope this won't incriminate me..
 
Maxson_N said:
The site was vulnerable to SQL injection since 2012.. I hacked into it back when I was a student there.. The site database had students records like names, student number, ID, course registered, etc.. But no academic records and other important stuff.. Hope this won't incriminate me..
Click to expand...

Oh yeah it does. You just admitted on a public forum that you committed a crime, the Protection Of Information Act. At a State Institution nogal. Not that anybody cares. You do know that SAPS have a Cyber Crime Unit (not the usual ID10T's)? Don't be sorry, be careful. :D
 
Last edited:
gregmcc said:
Those script kiddies at it again.
Click to expand...
And with that another weekend is ruined for sysadmins because of nothing more than embarrassment.

I am still not sure what this #"OpAfrica crusade" has yielded other than defaced websites. Naughty kids spraying graffiti on a wall behind a fence behave in the same way.
 
If they wanted to make a difference they should hack the bank accounts of the stealing politicians and donate the money to deserving NGOs who actually make a difference!

Defacing websites is a bit like burning schools.
 
mobber said:
Oh yeah it does. You just admitted on a public forum that you committed a crime, the Protection Of Information Act. At a State Institution nogal. Not that anybody cares. You do know that SAPS have a Cyber Crime Unit (not the usual ID10T's)? Don't be sorry, be careful. :D
Click to expand...

Not really a crime if you followed proper process. You do know that there is a whole industry of security experts and white-hat security experts out there who do nothing else than finding issues like this to protect the man on the street.

TBH - most of government websites developed by SITA and some of very well-known SA ICT companies have data leaked all over pastebin. I would rather be worried about the hacks and leaks you do not hear about (such as a popular local e-commerce leaking out 30,000 creditcard records onto Google last month - no one has heard about it).
 
As if the students or anyone else will be bothered by these hackers. Africans will see it as racism/imperialism/ 3rd force.

The people are aware of failings of the government but they still vote for the same government so how will this messages on websites do anything ? The people in Limpopo are not getting textbooks because of government failure, but the ANC has the most support in the Limpopo province.
 
DigitalSoldier said:
As if the students or anyone else will be bothered by these hackers. Africans will see it as racism/imperialism/ 3rd force.

The people are aware of failings of the government but they still vote for the same government so how will this messages on websites do anything ? The people in Limpopo are not getting textbooks because of government failure, but the ANC has the most support in the Limpopo province.
Click to expand...

Keep the voting majority in the dark as far as possible and votes are secured for a long time.
 
MagicDude4Eva said:
Not really a crime if you followed proper process. You do know that there is a whole industry of security experts and white-hat security experts out there who do nothing else than finding issues like this to protect the man on the street.

TBH - most of government websites developed by SITA and some of very well-known SA ICT companies have data leaked all over pastebin. I would rather be worried about the hacks and leaks you do not hear about (such as a popular local e-commerce leaking out 30,000 creditcard records onto Google last month - no one has heard about it).
Click to expand...

Yes, of course I know that. He "hacked", by his own admission, into an account with personal info to which he was not privy. I also mentioned that nobody cares with a :D
 
MagicDude4Eva said:
I would rather be worried about the hacks and leaks you do not hear about (such as a popular local e-commerce leaking out 30,000 creditcard records onto Google last month - no one has heard about it).
Click to expand...

There it is. Information ending up in the hands of people that should not have it. And reading up, if personal data could be ex-filtrated from the hack, that's bad. I guess there could be other bits and pieces of info, perhaps even a copy of an ID or so? Thing is you can keep your data secure, but you have to supply data to some other parties, the University in this case. Do they keep it secure? No. So much data floating about, not only internationally, but also locally. A hackers wet dream. How many numpties re-use passwords?

Given enough bits and pieces of information on a party, I could become that party virtually speaking, none of his assistance required. So if I want to become MagicDude4Eva, I do not target MagicDude4Eva with phishing and social engineering as he'd be too savvy. No, I target his providers. Mission accomplished and hello, my name is MagicDude4Eva.
 
Sollie said:
There it is. Information ending up in the hands of people that should not have it. And reading up, if personal data could be ex-filtrated from the hack, that's bad. I guess there could be other bits and pieces of info, perhaps even a copy of an ID or so? Thing is you can keep your data secure, but you have to supply data to some other parties, the University in this case. Do they keep it secure? No. So much data floating about, not only internationally, but also locally. A hackers wet dream. How many numpties re-use passwords?

Given enough bits and pieces of information on a party, I could become that party virtually speaking, none of his assistance required. So if I want to become MagicDude4Eva, I do not target MagicDude4Eva with phishing and social engineering as he'd be too savvy. No, I target his providers. Mission accomplished and hello, my name is MagicDude4Eva.
Click to expand...

+ 1
 
What does this achieve exactly? I can't see Uni Limpopo being a vessel for government corruption so even a bit of embarrassment achieves nothing.
 
SammyD said:
What does this achieve exactly? I can't see Uni Limpopo being a vessel for government corruption so even a bit of embarrassment achieves nothing.
Click to expand...

I guess it was a low hanging fruit. Shodan/Google with some clever search request will show you many government websites and servers that are vulnerable.
 
SammyD said:
What does this achieve exactly? I can't see Uni Limpopo being a vessel for government corruption so even a bit of embarrassment achieves nothing.
Click to expand...

"Anonymous" is as thick as pig shyte. They can't even distinguish the difference between Africa being a continent and South Africa a country.

Asking what they plan to achieve is like asking them a simple math question. They aren't gonna get it right.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter