This is what you get when a bunch of bored hackers meet and team up. You get a group who hack shit for lulz. Not that I have any problems with it.
[editline]10th June 2011[/editline]
[QUOTE=Im Crimson;30375536]Alright, they're dicks.
Though admit that this is far from the worst possible scenario. Sony could've been hacked by a group with far more unscrupulous goals, and most importantly it could've taken place in secret. It sucks that users may have to pay for Sony's incompetence (though no one reportedly got their bank account drained), though as far as the company itself goes I have no sympathy. Skimping on security is betraying your users, which should be punishable by law. The positive thing is that now they might've fixed their vulnerabilities.[/QUOTE]
The only thing that sony hack caused was sudden rise in demand for plastic to produce new credit cards.
[QUOTE=animephreak135;30374579]Say what you will, but they're not script kiddies. I doubt you even know what that implies.[/QUOTE]
Several logs listed on their website were autogenerated by an SQL vulnerability finder.
[QUOTE=kevinseven;30374532]What the fuck? What are they doing? First they hack a major electronics and game company and steal peoples credit card info and passwords, then they take down a terrorist website. What is their goal?[/QUOTE]
Prove a point or just say 'Fuck you" to everyone.
[QUOTE=animephreak135;30374579]Say what you will, but they're not script kiddies. I doubt you even know what that implies.[/QUOTE]
It doesn't take a rocket scientist to do SQL injection.
I don't know what their attack vector was for the other stuff, but it was probably all script kiddie crap.
[editline]10th June 2011[/editline]
[QUOTE=SPESSMEHREN;30375813]Several logs listed on their website were autogenerated by an SQL vulnerability finder.[/QUOTE]
Yeah, that would pretty much make them script kiddies.
Any 12 year old could type
[code]
Robert'); DROP TABLE Students;
[/code]
into a text box on a website.
"Little Bobby Tables, we use to call him!"
The mere fact that Sony's sites were susceptible to something that simple is mind-blowing.
[QUOTE=Im Crimson;30376229]"Little Bobby Tables, we use to call him!"
The mere fact that Sony's sites were susceptible to something that simple is mind-blowing.[/QUOTE]
Not really, the bigger the expected threat, the more easily smaller threats can get through.
Its like saying its impossible for a small commando team to infiltrate a massive military base. Sure they can, because the base is set up for a full scale assault, not commandos.
They also have been under attack for atleast a month of and ahalf so building up security is annoyingly difficult, its like putting up a sentry gun when a soldier and demo man just round the corner of your base.
[QUOTE=Swilly;30376331]Not really, the bigger the expected threat, the more easily smaller threats can get through.
Its like saying its impossible for a small commando team to infiltrate a massive military base. Sure they can, because the base is set up for a full scale assault, not commandos.
They also have been under attack for atleast a month of and ahalf so building up security is annoyingly difficult, its like putting up a sentry gun when a soldier and demo man just round the corner of your base.[/QUOTE]
As someone who has done some web programming, I can say that there are billions of tools available to avoid SQL injection.
If you write plain old PHP then yeah, if you're a dumbass it can slip through. If you use any modern web programming framework, even PHP with a framework like Zend will completely defeat any SQL Injection attack.
[editline]10th June 2011[/editline]
SQL Injection is pretty much the most well known attack vector and any half assed PHP tutorial will tell you how to avoid it.
And as I said, if you use something sane like Ruby on Rails or any PHP framework you don't even have to think about it.
Secrets From The Future by MC Frontalot comes to mind here.
Last time they hacked somebody's servers, they claimed that they were doing it to help them, to show them the flaws in their security and show them what to fix.
So either they're doing that here, which means that they're trying to help terrorists, or they're a bunch of hypocrites.
Or, option C: they're just a bunch of shitheads who were trying to save face last time.
They're so smart that they're dumb!
"LulzSec" "ujelly?"
Using automatic vulnerability finders doesn't make them any less skilled. Saving effort != not having skill.
I can navigate my hard drive using a terminal and cd commands, but I use a file browser instead. The terminal takes more skill, but I use the file browser because it's available.
"The enemy of my enemy is my....enemy!"
He isn't called "The Jester."
It's just "Jester."
Silly gizmodo. But then, it is glad to see Lulzsec do something slightly decent for once.
[QUOTE=kevinseven;30374532]What the fuck? What are they doing? First they hack a major electronics and game company and steal peoples credit card info and passwords, then they take down a terrorist website. What is their goal?[/QUOTE]Well they are called [i]Lulz[/i]Sec.
I think they are just bunch of people who don't know where to properly use their skill.
Man, I think they're confused more than I am.
Honestly, what are they doing?
[QUOTE=PvtCupcakes;30375860]It doesn't take a rocket scientist to do SQL injection.
I don't know what their attack vector was for the other stuff, but it was probably all script kiddie crap.
[editline]10th June 2011[/editline]
Yeah, that would pretty much make them script kiddies.
Any 12 year old could type
[code]
Robert'); DROP TABLE Students;
[/code]
into a text box on a website.[/QUOTE]
Yeah, I'm sorry, but these guys have done things that go beyond SQL injection. That may be the case for this attack (you have no proof that it is), but that doesn't make them script kiddies.
[QUOTE=Sanius;30374790]lulzsec has malicious intentions. they are not grayhats[/QUOTE]
They have malicious and good intentions. They are a mix, but leaning more towards black hats. They are still grey hats, though.
They do it because they can, and feel like it, and also for the media attention.
When you're a retard everything seems like a good idea.
this thing(lulzsec has a whole, not just this one attack) has greater implications than people seem to realize
someone else put it really well
"I find them interesting, not respectable. These guys are an anonymity beta test. They're taunting the bull more than any group before. The organizations they're up against never lose... If they get busted quickly they will fade into obscurity. But if they last they will be replicated. Bitcoin, Tor, VPNs, releases on the pirate bay, etc.
If they succeed in hiding, everyone will know how to hide."
They did it for the lulz.
[QUOTE=kevinseven;30374532]What the fuck? What are they doing? First they hack a major electronics and game company and steal peoples credit card info and passwords, then they take down a terrorist website. What is their goal?[/QUOTE]
They hack some company websites to find holes and then tell the company about those holes, but they also do a bunch of other crazy shit, from what they say, it sounds like that hacks they are doing are relatively easy, and it is in fact the companies fault for being so stupid with their data.
[QUOTE=smidge146;30391596]They hack some company websites to find holes and then tell the company about those holes, but they also do a bunch of other crazy shit, from what they say, it sounds like that hacks they are doing are relatively easy, and it is in fact the companies fault for being so stupid with their data.[/QUOTE]
That's terrible reasoning because they don't even bother to give the owners of the websites hacked time to fix the security. They basically just knock them down and kick them back down whenever they try to get back up.
[QUOTE=SoaringScout;30392391]That's terrible reasoning because they don't even bother to give the owners of the websites hacked time to fix the security. They basically just knock them down and kick them back down whenever they try to get back up.[/QUOTE]
"Knock them down"? They're not DDOSing them or something like that. Stealing a company's database isn't messing with their efforts to improve security of said database.
If a site comes down because of that it's because the owners took it down themselves for safety.
They're just another gray-hat group of script kiddies.
I don't know what their motive is, nor do I really care. If they take down a terrorist site, great.
As long as they stay the hell away from Steam I'm fine.
I went on there, any they have a thread about firefox. Even Terrorist know that is the best browser.
I do like their theme-song though:
[media]http://www.youtube.com/watch?v=qPoIXwVVp6Q[/media]
[QUOTE=SNNS-SEAN;30441425]They're just another gray-hat group of script kiddies.
I don't know what their motive is, nor do I really care. If they take down a terrorist site, great.
As long as they stay the hell away from Steam I'm fine.[/QUOTE]
:downs:
I'm speechless.
Sorry, you need to Log In to post a reply to this thread.
