Linux Today: Linux News On Internet Time.

More on LinuxToday

Slashdot: Yup, Somebody Cracked Slashdot

Sep 29, 2000, 15:12 (0 Talkback[s])
(Other stories by Rob Malda)


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

"So last night a couple of guys (Nohican && {}) Cracked in to Slashdot. As they say, the weakest link in any security system is human: on one of our test boxes, we had a "Clean" copy of Slashcode installed, with default data... including the temp admin password (God/Pete). It didn't take much after that to get into Slashdot itself..."

"What a great way to wake up! I went to bed at about 10 last night, completely exhausted (stuff unrelated to Slashdot stressing me out). I guess the upside is that I had a good nights sleep: the downside is I still haven't had a morning cup of coffee ;)"

"Allright, so by using the 31337 haxx0r tool known as "Common Sense", {} and Nohican managed to get a Slashcode test site's administrative access (this isn't a root shell or anything: its only a series of web forms used to post stories, and configure various parts of the site). This was our biggest mistake: the password (God/Pete) was never changed on the test site. From there, it was a cake walk."

Complete Story

Related Stories: