Ndungu, Look up something called "SQL Injection" and you will see what exploit was used to access this server. This is not the work of a polished hacker, more of a "script kiddy" trolling for vulnerabilities and chalking up a personal scorecard. Nevertheless, we should be afraid, very afraid... as it is abundantly clear that we have very low or zero standards within our organizations for Information Security... Mblayo [image: logo] *Brian Munyao Longwe* | Mobile: 254715964281 http://mashilingi.blogspot.com <http://www.facebook.com/brianmunyao> Facebook<http://www.facebook.com/brianmunyao> <http://www.twitter.com/blongwe> Twitter <http://www.twitter.com/blongwe> <http://ke.linkedin.com/pub/brian-munyao-longwe/0/32/254> LinkedIn<http://ke.linkedin.com/pub/brian-munyao-longwe/0/32/254> Contact me: [image: Skype] blongwe Want a signature like mine? <http://r1.wisestamp.com/r/landing?promo=16&dest=http%3A%2F%2Fwww.wisestamp.com%2Femail-install%3Futm_source%3Dextension%26utm_medium%3Demail%26utm_campaign%3Dpromo_16> Click here.<http://r1.wisestamp.com/r/landing?promo=16&dest=http%3A%2F%2Fwww.wisestamp.com%2Femail-install%3Futm_source%3Dextension%26utm_medium%3Demail%26utm_campaign%3Dpromo_16> On Tue, Jul 17, 2012 at 4:22 PM, ndungu stephen <ndungustephen@gmail.com>wrote:
And here i was thinkin it was KCB...
So the guy was able to discover a loop hole to access the admin pages (mabbe a default password was used) ;
Then he entered the sql database using the same password and give us a print out of users who access the page and leave their email address behind ... Big WhOOPP!!!
I am sure the emails are not even KBC staff - these are probably those users told to register inorder to drop their comments ..
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke