Anatomy of the HBGary Hack 220
PCM2 writes "Recently, Anonymous took down the Web sites of network security firm HBGary. Ars Technica has the scoop on how it happened. Turns out it wasn't any one vulnerability, but a perfect storm of SQL injection, weak passwords, weak encryption, password re-use, unpatched servers, and social engineering. The full story will make you wince — but how many of these mistakes is your company making?"
Attack Summary (Score:4, Informative)
The exact URL used to break into hbgaryfederal.com was http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27 [hbgaryfederal.com]. The URL has two parameters named pageNav and page, set to the values 2 and 27, respectively. One or other or both of these was handled incorrectly by the CMS...
Re: SQL injection (I'm confused) (Score:2, Informative)
You're missing something.
http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27
Obviously the 2 and the 27 are not being validated before being appended into part of a larger SQL query, so construct your own URL substituting 2 (or 27) with something like 2';show tables; --
Find the one that looks like it contains user login information and then substitute again with 2';select * from user_table; --
Hey presto, you can now read all the user accounts and hashed passwords.