> Yep - little nuance > Do they do write-ups of how they break into, and the > vulnerabilities/loopholes which enabled them?
> eb There is no such thing as "Ethical Hacking" in the computer misuse bill turned act! Hence documentation & making such information public could easily excite the security organs & concerned stake holders to the point of having lunch with you (bill is on them). To shade a little light on the above, search for "Ethical Hacking" any where in the computer misuse/abuse act or the DPP website: The Directorate of Public Prosecution http://www.dpp.go.ug/pespectives_cyber.php The Computer Act 2011 http://ict.go.ug/index.php?option=com_docman&task=doc_download&gid=57&Itemid=61 > A good hack is one where I get in, document what I did to get it, expose a > vulnerability, suggest how to plug it... that is a good hack. This is at the > very least... Again, in Uganda, the math is simple; Black/White/Grey/Ethical hacker === hacker. And activities by such a person === hacking. Hence the only option left for any hacker (White/Ethical) is to remain Anonymous & his/her exploits secret (The most important law in the hacking community is: NEVER GET CAUGHT). On the flip side, the site is a joomla job and scanning for vulnerable joomla sites & exploiting them is basic even for a script kiddie with a little Perl knowledge. Aung Khant of yehg.net put together a script available here: http://yehg.net/lab/pr0js/files.php/joomscan.pl?first_time=1# OWASP has a joomla vulnerability scanner (really nice): https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project So, who ever did the mabira thing didn't have exceptional abilities (probably ran a scan, followed up on the results & ka-boom). My 2 cents _______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
