The stupidity of web developers

Well your not going to believe this one, it goes to show that the wed developers of this hacked system have no clue what so ever in the way of storing information in database's. It comes as kahuna had recently hacked a website and dumped a fair lot of accounts which can be found here. Once the database was extracted it was clear as the passwords that the developers of this MySQL database layout totally screwed up. They have made the option for passwords to be hashed/encrypted and these are stored in the database which is fairly normal, but what make us laugh is the fact that they have listed the "actualPassword" in a column on the same table that holds the encrypted passwords cleartext result. as seen below. content/images/gallery/random2/watch2trade-co_-uk-member-logins-pastebin-com_.png Now have a laugh then its time to be serious, its problems like this that are the root cause for all our troubles. If the developers of these systems actually put effort in the penetration testing and secured information correctly we would see a lot less attacks on everyone and a lot less information being leaked in to the public domain.

Lee Johnstone

Lee Johnstone

Information Security Data Analyst, Investigative Journalist, Technology Lover, Mechanic.

Read More
The stupidity of web developers
Share this

Subscribe to Cyber War News