The Defenseless Defender - See More Slide Shows Like This One!
The Defenseless Defender
Even the militaries of major countries are guilty of lax security and weak patching. Heres the story of one European nation that left its doors wide open.
The Defenseless Defender - Defense Department for Dummies
Sunbelt Software on July 18 came across a SQL command passed as a query within a URL belonging to a European defense department. With that, any visitor can pass queries in the URL straight to the back-end database and squeeze out any data it contains.
The Defenseless Defender - SQL Query Embedded in URL
This is the URL of a defense department in a European country. Its name and the search terms used to reveal the contents of the back-end database have been obscured, and the language in places has been rendered in English to more thoroughly protect the co
The Defenseless Defender - The Ever-Helpful Error Message
At one point, Sunbelt Vice President of Product Management Greg Krass changed his select statement to include information schema columns, which he expected would give him the database structure. This image shows two of the error messages he received, whic
The Defenseless Defender - Determining the Operating System
Finding out which operating system is in use is trivial. Krass typed this query into the URL: &strsql=select+%2A+from+test.txt, which returned the error message shown in this image. The error message references the c:\ directory, which had been called C W
The Defenseless Defender - The Payoff
Data that can be retrieved from the defense agencys Web site include a table of what appears to be job bids, with base names and locations, and various details regarding distribution fuels, warehousing and barracks.
The Defenseless Defender - It\s *Still* Vulnerable
As of Sept. 6, the site still hadnt been fixed, in spite of Sunbelt having twice been assured by security researchers from the country in question that they had notified the defense agency and that the problems with the site had been fixed.