Jump to content

Riaa Website Wiped Clean By “hackers”


Mini0n
 Share

Recommended Posts

RIAA Website Wiped Clean by “Hackers”

Apparently the RIAA is so busy suing consumers that they forgot to hire a decent programmer. With a simple SQL injection, all their propaganda has been successfully wiped from the site.

It started out on the social news website Reddit, where a link to a really slow SQL query was posted. While the Reddit users were trying to kill the RIAA server, someone allegedly decided to up the ante and wipe the site’s entire database.

The comments on Reddit are only speculation so far. Based on the username, which was apparently “webReadOnly”, it might not have been setup correctly, or someone could have found another way to delete the content form the site.

Another possibility is that the website has some sort of database flood protection that disables new connections, or perhaps the RIAA themselves removed the content temporarily. The latter seems unlikely, as a better solution would be to take it entirely offline to fix the bigger problem. While they could fix a small vulnerability like this in a matter of seconds, the chances are it’s not an isolated problem.

As pointed out by Haywire, playing around with the urls a bit can return some funny results. It is pretty easy to make the RIAA link to The Pirate Bay for example.

For now it sure does look like all the content has been wiped from the RIAA homepage. Let’s hope they have backups, or not.

Update: After a few hours the RIAA restored the site. They seem to have fixed the vulnerability, but we have saved some screenshots.

Update: They didn’t fix it all, this still works.

RIAA website without content

riaagonemk9.jpg

RIAA supporting The Pirate Bay

riaatpbrj0.jpg

Error?

riaaerrorpp2.jpg

Fonte: TorrentFreak

PWNED! :lol:

Link to comment
Share on other sites

RIAA website hacked by SQL injection

Nothing makes a peer-to-peer user more happy than website of RIAA hacked by an unknown script kiddie. That’s exactly what happened 2 or 3 days ago, when Reddit published an extremely long SQL code which almost shut down the whole RIAA server. Meanwhile, another people tried the weakenesses in the code and discovered a way to display and alter the whole SQL database. As a result, RIAA’s Press Releases section showed a link to ThePirateBay instead of any content for some time.

2czudls.jpg

There were more errors and security bugs in their presentation, for example an XSS bug which can be used to steal cookies and information. After 2 days, RIAA finally completely fixed the vulnerabilities and the website seems to be protected now. Anyway, this issue just shown this bloody organization is full of legal actions and lawsuing, but they somehow forget to secure their website. Besides, who wouldn’t want a TPB logo at their site?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.