[Lowfer] KC3OL - Ted's lowfer forum is down, HACKED !!!
Peter Barick
pbarick at niu.edu
Thu Feb 19 19:38:09 EST 2009
Had some time and interest in "cracking" so I did a lookup on Ted's "SQL injection" friend. Sounded weird too.
Found this resource on the subject. It's rich in DB jargon, exactly what a cracker wants in plying his craft.
http://www.unixwiz.net/techtips/sql-injection.html
Basically, SQL stands for Structured Query Language. It's sole use is a tool to search databases on some user supplied key term/phrase. A cracker structures his List message into a semi-corrupted message string that requires an internal error routine to examine same. Now it (the message text) has access to the site's DB internals. Nasty is the outcome.
Peter
--------------------------------------
>>> "Ted Holdahl" <holdahl at kc3ol.dynip.com> 02/19/09 1:37 PM >>>
I just got the LOWFER forum back up again. It's now running on a backup I
made 10 days ago.
The vandal used a method called "SQL injection".
Ted, KC3OL
<...>
More information about the Lowfer
mailing list