Lulzsec and Anonymous script kiddie SQL Injection.

I have been following the activities of the so called ‘hacker group’ calling itself “Anonymous” for some time now. Not because I support their activities but because I find the whole Anonymous, Lulzsec and Wikileaks debacle interesting.

While there is certainly a valid argument that Wikileaks is doing some good in the world the same cannot be said for Anonymous and Lulzsec. Although unlike Anonymous at least Lulzsec is up front about why they attack other peoples systems. They admit to doing it for fun and entertainment, whereas Anonymous tries to justify themselves with Hypocritical bullshit. Such as claiming to defend Free-Speech while simultaneously taking down the websites of perceived opponents.

Anonymous even tried to take this blog offline when I wrote the article titled “Anonymous Script Kiddies are not defending the internet.” at the time I didn’t recognise the traffic pattern as an attempted SQL Injection because I wasn’t expecting one and nor was I familiar with the tool they use to “hack” peoples websites. Needless to say the attempted SQL Injection failed and I was able to remain online.

It turns out the method by which these groups infiltrate websites is remarkably unsophisticated. The tool being used by both Anonymous and Lulzsec to infiltrate websites is called Havij, it’s a GUI based SQL Injection tool and is available for download here.

It is only after testing Havij against my own system that I recognised the signatures left in the server access logs by the Havij software. The most concerning thing about this is how easy it is to protect WordPress and a variety of other content management software from this type of vulnerability; yet these attacks keep on happening. In most cases securing your website is simply a matter of keeping the software upto date.

While Lulzsec and Anonymous are using unsophisticated attacks, if they inject a vulnerable website that happens to contain sensitive information it can have direr consequences for the user. As we have seen with the recent Sony hacks in which millions of credit cards were stolen.

I believe the best way to defend yourself from the kids at Lulzsec and Anonymous is by understanding the treat. I don’t endorse trying an SQL Injection on someone’s website without their consent. Use your own system or create a Honeypot.

Here are some resources I have found. To get started with SQL Injections.

SQL Injection Using Havij

Basics And Working of SQL Injection Attacks

Trick for Advanced SQL Injection

I do not condone any criminal activity, nor do I support the actions of either Anonymous or Lulzsec. I am only sharing what I have learned so far. Both screen shots were captured from legal penetration testing of my own systems setup expressly for that purpose.

One thought on “Lulzsec and Anonymous script kiddie SQL Injection.

  1. Rick Iicktoven

    Dan,

    Sometimes being to close to a problem clouds your view. There are real reasons as to why these groups exist. Your views are very simple, calling them children is a good example. As for your belief
    that using SQL Injection or it's various forms is a simple but ineffective tool again your missing the point. Have you not heard the idea of dying from a 1000 cuts. While many of the "hacks" may be simple pranks organized crime used these attacks to gain access for monetary gain. Your kids have not committed such acts yet you infir they are some how equal to these criminals. Big business or even a certain group who masquerades as a church thinks that they are the only ones who can legally get away with manuliplating the public. It's actually a good thing that a group while not well organized, act to show big money that money can't stomp free will.

    I think our children would do well spending more time outside then on the Xbox. If every aspect of our life is driven by the $ then what are we living for? Besides the reason they attacked you was not to take you down, they could have done that had they chosen. It was to poke you to see if you responded. In fact if you really look at it they did prick you, you just missed it.

    Reply

Leave a Reply

Your email address will not be published.