Re: [tlug] Hacktivists Ghost Shell dump 1.6m log-in details on web

["Stephen J. Turnbull" <stephen@example.com>]

Shmuel Fomberg writes:
 > On Wed, Dec 12, 2012 at 10:51 AM, Darren Cook wrote:
 > 
 > > http://www.bbc.co.uk/news/technology-20677851
 > >
 > > "the hacking group accessed some sites by attacking the databases many
 > > companies use to catalogue and curate website content.
 > >
 > > With cleverly crafted queries, attackers can make these databases cough
 > > up data they should be concealing."
 > >
 > 
 > I would have translated it to: "Owned your wordpress site! LOL".

Why doesn't that surprise me?

More technically, dynamic websites mostly run on the LAMP (Linux/
Apache/MySQL/Perl) platform.  Presumably they're attacking either the
MySQL/PostgreSQL database directly (but why is that port exposed to
the internet?) or there's a hole in the Perl/Python/PHP/Ruby[1]
database interface (PHP sites especially sometimes put database
queries in URLs!), or possibly in the ORM/web-framework layer.

But I would think you'd be something of an expert on this stuff,
Darren?  Maybe I didn't understand your question?

Footnotes: 
[1]  That's not a pee in LAMP, that's a rho!