vonnagy
have kiwi, will travel...
- Joined
- Sep 8, 2003
- Messages
- 3,759
- Reaction score
- 30
- Location
- -36.855339, 174.762384
- Website
- www.vonnagy.com
- Can others edit my Photos
- Photos NOT OK to edit
I recently did a search on google and with one simple query i was able to have full access rights into several databases. Its shocking how careless people are with their web database, I was given root access mrgreen: - gotta love root access :mrgreen simply because folks did take the necessary security precautions:
If you use phpMyAdmin/pgMyAdmin make sure you ALWAYS set the root password and make sure you use htaccess and at the very very very very very very very minimum use the robots.txt to only allow search engines to crawl selected areas of your site.
Keep in mind I have NO HACKER skills whatsoever. All I need is a search engine and a little knowledge and I can create havoc. I was polite enough to email these folks warning them of the security hole, but some other folks won't be so kind.
Be ye warned!
If you use phpMyAdmin/pgMyAdmin make sure you ALWAYS set the root password and make sure you use htaccess and at the very very very very very very very minimum use the robots.txt to only allow search engines to crawl selected areas of your site.
Keep in mind I have NO HACKER skills whatsoever. All I need is a search engine and a little knowledge and I can create havoc. I was polite enough to email these folks warning them of the security hole, but some other folks won't be so kind.
Be ye warned!