Today I was reading http://secunia.com. Ohh, how many vulnerabilities are discovered every day. A lot a of unknown (for me) products are affected. And it just was interesting how quick hackers are.
Lets take yesterday vulnerability SimpleBlog SQL Injection. Truly I have never heard about this blogging engine but anyway it is interesting to find site using this engine. First of all I’ve found its official site: 8pixel.net and downloaded engine. Then have tried to find anything specific in pages generated by this blog. Page default.asp has link “SimpleBlog 2.3 by 8pixel.net” so the next step is to google for sites with such text google query. Only two sites were found - 8pixel.net (its official site) and www.profileddesigns.com/simpleblog23/ that is already defaced.
So I think defacing is a kind of sports but what about making a clever deface? I mean do not much harm to site owner (for example adding only one banner or something like) but patch the hole. As for me it sounds much more interesting that simple deface.

Trackback this Post | Feed on comments to this Post