• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

selectar airport website hacked

Froggy

Froggy

Alfrescian (InfP) + Mod
Moderator
Generous Asset
Jah_rastafar_I said:
Didn't even know this airport had a site. It's not a popular site suffice to say

http://www.channelnewsasia.com/news/singapore/seletar-airport-website/873144.html?cid=FBSG
Click to expand...

Maintenance la Jah. The picture below is the screen saver during maintenance.

some-human-rights.jpg
 
BuiKia

BuiKia

Alfrescian (InfP)
Generous Asset
The website of Seletar Airport has become the latest to be hit by hackers — the second in three days.

At around 12.30pm yesterday, the site showed a black and green background with an image in the middle resembling a skull wearing a hood.

It was back running less than 30 minutes later.

The Infocomm Development Authority (IDA) and Changi Airport Group, which manages Seletar Airport, could not respond to queries at press time.

On Friday, The Straits Times’ website was hacked by someone claiming to be from the hacking collective, Anonymous.

The hacker, who went by the moniker “The Messiah”, said the attack was prompted by a “misleading” report published on the paper’s website about a YouTube video posted on Thursday, in which he threatened to attack the Singapore Government.

It is unknown who is behind the attack on Seletar Airport’s website. “The Messiah” had previously claimed responsibility for the hacking of a few local sites this year, including those of the PAP Community Foundation, Ang Mo Kio Town Council and City Harvest Church co-founder Sun Ho.

Meanwhile, the police also said yesterday that there were no investigations into the government sites that were down for “planned maintenance” the day after the attack on The Straits Times.

The IDA said on its Facebook page that maintenance on the 19 government sites — including those of the Social and Family Development and Transport ministries, the Singapore Police Force and PUB — took longer than expected because of technical difficulties.

The police said that “misreporting” in an earlier news article had led to the spread of the “inaccurate information” about investigations into the government sites’ downtime.
 
Leongsam

Leongsam

High Order Twit / Low SES subject
Admin
Asset
I took a look at the source code for http://www.seletarairport.com/

It contains various plug ins used for SEO, slideshows etc. This sort of site is a prime target for hackers because it contains many well known vulnerabilities.

For example it uses the yoast wordpress SEO plug in and inserts the code < ! -- This site is optimized with the Yoast WordPress SEO plugin v1.4.19 - http://yoast.com/wordpress/seo/ -->

The site developer should never leave these sorts of lines of code in the page as it makes it very easy for hackers to zoom in on vulnerable sites with know security holes. They should be removed once the plug in is installed.

It also uses the jquery slideshow script which has known vulnerabilities.

http://seclists.org/fulldisclosure/2012/Oct/117

They have restored the site but they have not done anything to remove the risks. This proves that you can pay top dollar and still end up with monkeys on the job.

It is very time consuming to keep track of all these security issues and requires a full time security trained IT expert to do the job. I get around this by keeping the number of plug ins to the minimum and consulting my IT expert whenever I want to add features to vbulletin.
 
Jah_rastafar_I

Jah_rastafar_I

Alfrescian (Inf)
Asset
sinkland govt websites have many exploits cause they hire the cheapest to do them and there are too few of them around to do too many things and not to mention the cheapest are often of the shit colored variety that have no computer expertise whatsoever.
 
erection2015

erection2015

Alfrescian (InfP) + C
can you explain this in english?


Leongsam said:
I took a look at the source code for http://www.seletarairport.com/

It contains various plug ins used for SEO, slideshows etc. This sort of site is a prime target for hackers because it contains many well known vulnerabilities.

For example it uses the yoast wordpress SEO plug in and inserts the code < ! -- This site is optimized with the Yoast WordPress SEO plugin v1.4.19 - http://yoast.com/wordpress/seo/ -->

The site developer should never leaves these sorts of lines of code in the page as it makes it very easy for hackers to zoom in on vulnerable sites with know security holes. They should be removed once the plug in is installed.

It also uses the jquery slideshow script which has known vulnerabilities.

http://seclists.org/fulldisclosure/2012/Oct/117

They have restored the site but they have not done anything to remove the risks. This proves that you can pay top dollar and still end up with monkeys on the job.

It is very time consuming to keep track of all these security issues and requires a full time security trained IT expert to do the job. I get around this by keeping the number of plug ins to the minimum and consulting my IT expert whenever I want to add features to vbulletin.
Click to expand...
 
Leongsam

Leongsam

High Order Twit / Low SES subject
Admin
Asset
erection2011 said:
can you explain this in english?
Click to expand...

In the good old days, websites were pure html and were as safe as the server that hosted them.

Nowadays 99% of all sites are database driven and constructed using free CMS templates such as wordpress, joomla etc.

These very popular CMS attract thousands of developers to write plug ins to further enhance the websites. Some know all about security exploits. Most don't have a clue and installing plug ins written by developers which facilitate sql injections etc can compromise ALL the websites hosted on that server.

How do I know all this?... because I learned the hard way when my sites were hacked by my IT expert friend. :p
 
erection2015

erection2015

Alfrescian (InfP) + C
after a long struggle i managed to sort of understand the first and the last sentences :*:

Leongsam said:
In the good old days, websites were pure html and were as safe as the server that hosted them.

Nowadays 99% of all sites are database driven and constructed using free CMS templates such as wordpress, joomla etc.

These very popular CMS attract thousands of developers to write plug ins to further enhance the websites. Some know all about security exploits. Most don't have a clue and installing plug ins written by developers which facilitate sql injections etc can compromise ALL the websites hosted on that server.

How do I know all this?... because I learned the hard way when my sites were hacked by my IT expert friend. :p
Click to expand...
 
Leongsam

Leongsam

High Order Twit / Low SES subject
Admin
Asset
red amoeba said:
Sam Leong , y not throw the gauntlet n invite them to hack sammyboy
Click to expand...

Vbulletin is not 100% secure. Patches are released on a regular basis. However, it's usually a potential exploit rather than one that has already been used.

If you challenge a hacker group to hack your site, they will succeed. The issue is only how long they'll take and how much damage they can do.
 
You must log in or register to reply here.

Similar threads

Rogue Trader
Changi Airpork not lumbar one best kilat airport in 2024. Lost to Dubai
Replies
8
Views
391
eatshitndie
eatshitndie
meaninglesslife
Technical issue prompts Singapore Airlines flight to return to Sydney Airport
Replies
0
Views
266
meaninglesslife
meaninglesslife
Byebye Penis
Singh posed as Singapore Airlines Pilot at Indira Gandhi International Airport
2
Replies
20
Views
1K
k1976
k1976
duluxe
Netherlands Airport Apologizes After Muslim Security Worker Harassed, Humiliated Former Hamas Jewish Hostage
Replies
0
Views
199
duluxe
duluxe
meaninglesslife
Singapore Changi Airport Offering Up To SGD 20 To Passengers Originating In India
Replies
10
Views
711
Leungsam
Leungsam
Top