Comments on: Telegraph.co.uk hacked – when will they learn?

By: Cristina

Cristina — Sat, 17 Apr 2010 11:58:12 +0000

Romania va iubeste pentru ce ati facut cu siteul englezilor

By: Daily Telegraph websites hacked « TinKode Stuff

Daily Telegraph websites hacked « TinKode Stuff — Thu, 15 Apr 2010 15:32:11 +0000

[...] later posting in May on the Hackersblog site suggested that there was a weakness on the Telegraph site that allowed it to be hacked repeatedly. [...]

By: David

David — Wed, 03 Jun 2009 22:54:58 +0000

Did they reply already??

By: Эпидемия уязвимостей на британских сайтах - Персональный блог Вороны Богдана

Эпидемия уязвимостей на британских сайтах - Персональный блог Вороны Богдана — Wed, 03 Jun 2009 04:54:57 +0000

[...] одновременно с отчетом XSSed сайт HackersBlog опубликовал детали уязвимости к SQL-инъекциям, которую команда его хакеров обнаружила [...]

By: keane

keane — Fri, 29 May 2009 14:01:10 +0000

Hi Guys

It seems you guys have been looking further into this. I am unsure at what capacity however i am now in contact with the Telegraph so would be greatful to have your insight into the situation and maybe look to recruit your expertise to resolve it, as they are keen to sort this asap.

Please do contact me dkhendy509@hotmail.co.uk

Thanks,
Daniel

By: unu

unu — Fri, 29 May 2009 13:11:02 +0000

Jay…1. If you read the article carefully, you noticed that I did mention I wrote them emails but to no avail. I asked to speak to someone in their IT dept. ( I even wrote to Paul Cheesbrough) and still got no answer
2. In vain you still hope that the injection didnt give full access to users data on the site. I have to dissapoint you. DB5_data it the main data base. The one that has all the data of the users. Accessing this DB you can access the clients. If you look closely, you can see in the the first article on hackersblog http://www.hackersblog.org/2009/03/06/telegraphcouk-hacked-sql-injection/) that DB5_data is the name of one of those databases. That same database is circled in the image in this article.If that database belonged to the Telegraph back then, I dont see how it could belong to someone else now. Especially since we talk about a subdomain of telegraph.co.uk.

By: Blackie

Blackie — Fri, 29 May 2009 12:04:59 +0000

Se pare ca au rezolvat problema.
Unu, asteptam a treia buba.

By: Jay

Jay — Fri, 29 May 2009 11:34:16 +0000

Can you confirm they’ve fixed the problem now? And I stand behind my claim that it doesn’t contain Telegraph’s own user data.

By: Alexu`

Alexu` — Fri, 29 May 2009 11:10:51 +0000

Good job unu and HB !

By: Pyro

Pyro — Fri, 29 May 2009 11:09:56 +0000

Urmeaza a 3 oara? (cica e cu noroc atunci) =))