Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,200,608 members, 7,975,374 topics. Date: Tuesday, 15 October 2024 at 12:31 AM

FUTA Website Hacked By Indonesian Hacking Group - Education - Nairaland

Nairaland Forum / Nairaland / General / Education / FUTA Website Hacked By Indonesian Hacking Group (978 Views)

University Of Nigeria, Nsukka Website Hacked At 1:00 Am / Breaking News!!! FUTA Website Has Been Hacked.. / Confirmed! FUTA Website Hacked? - Inforesource (2) (3) (4)

(1) (Reply) (Go Down)

FUTA Website Hacked By Indonesian Hacking Group by matrixx9(m): 10:42am On Nov 06, 2016


A quick check through FUTA's website (www.futa.edu.ng)
shows that the website has been defaced by an Indonesian
hacking group (Indonesian Code Party) which has been
linked to the hack of several websites on the Internet.


Possible Cause Of The Hack
1.FUTA's website runs on just PHP and SQL on an
Apache Server. This can easily be exploited by any hacker.


2.Their ICT Team Failed To Apply Patches and Updates To
The School Website



Many webmasters know how vulnerable websites based on
PHP and SQL can be.I must say that It's really appalling
for a Federal University to use an outdated and buggy
CMS.


The successful defacement and hack of the FUTA
website depends on the exploit used by these hackers . It
does not necessary mean that the hackers connected to
the database directly although I'm not ruling out the
possibility .


The hackers might first check the server to find what the
app stack is (Programming Languages,
Database, CMS, OS).

Looking at HTML, Javascript code, URL pattern, hitting
standard URL's of admin pages & port scanning helps a
lot.

Once this is done, he or she knows which exploits to try.
With CMSes, exploits become public very fast. Security
patches are made available just as fast. If they regularly
apply security patches they'll be OK. Other
than that CMSes are vulnerable mostly due to bad
configuration, or poor password choice.


Custom applications are more vulnerable to loop holes in
code. There are many vulnerabilities that can be exploited.

1. Database fields become exposed to modification
because the programmer choose to simply persist the
entire object received from the user instead of only
picking those fields that the user was allowed to
modify from that page.


2. Having ajax methods such as getObject(int objectid)
in Javascript with no corresponding validation on
server side to find whether the requested object
should be accessible to the current user.


These seemingly lame coding blunders are surprisingly
very common in custom built applications.


Possible Solution
1.Scan Website Server for Vulnerabilities With Nikto On
Linux and install patch/ fixes for every vulnerability
2.Change Website CMS To Joomla

1 Like

Re: FUTA Website Hacked By Indonesian Hacking Group by matrixx9(m): 10:43am On Nov 06, 2016
Re: FUTA Website Hacked By Indonesian Hacking Group by maxti: 10:51am On Nov 06, 2016
Bad for biz
Re: FUTA Website Hacked By Indonesian Hacking Group by dauddy97(m): 11:06am On Nov 06, 2016
this unfair....
Re: FUTA Website Hacked By Indonesian Hacking Group by oldfoolnigger(m): 11:48am On Nov 06, 2016
Hahaha,tech.school indeed.buhuhahabruhaha.

(1) (Reply)

PHOTO: Freed Pupils, Staff Of Nigerian-turkish School / Biology Student Of Gombe State University Declared Missing.Did You See Her?(Pics / Study At Nottingham Trent University In UK With Free Full-fee Scholarship, 2017

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 11
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.