I found a extremely vulnerable child care site

What is right? Is there right? Are you right?

I found a extremely vulnerable child care site

Post by andrew101010 on Thu Feb 17, 2011 11:29 am
([msg=53708]see I found a extremely vulnerable child care site[/msg])

The website is a non-profit children care site... but it's admin login is extremely vulnerable to simple sql injections. Once someone hacks the admin login, they can access a database of all there clients information. How should I tell the site owners about the danger. I don't want to get arrest, but I also don't want anyone to steal their clients information. Should I alert the site owner? :?:

Sorry if I posted this in the wrong thread.
andrew101010
New User
New User
 
Posts: 2
Joined: Thu Feb 17, 2011 11:18 am
Blog: View Blog (0)


Re: I found a extremely vulnerable child care site

Post by hellow533 on Thu Feb 17, 2011 11:34 am
([msg=53710]see Re: I found a extremely vulnerable child care site[/msg])

What's the sites name? Can you tell us what site this is? Also, somewhere on there should be a contact/contact us button. Try calling them and telling them upfront.
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 506
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: I found a extremely vulnerable child care site

Post by andrew101010 on Thu Feb 17, 2011 11:47 am
([msg=53712]see Re: I found a extremely vulnerable child care site[/msg])

I don't want to give out the site name. There is a contact page, but some of the employee's email address are .gov. The site offers child care services and offers advice. It's run by a bunch of kind old ladies.
andrew101010
New User
New User
 
Posts: 2
Joined: Thu Feb 17, 2011 11:18 am
Blog: View Blog (0)


Re: I found a extremely vulnerable child care site

Post by insomaniacal on Thu Feb 17, 2011 4:18 pm
([msg=53723]see Re: I found a extremely vulnerable child care site[/msg])

Use Tor to set up a fake g-mail account for yourself and drop them a line about it.
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: I found a extremely vulnerable child care site

Post by Goatboy on Thu Feb 17, 2011 8:28 pm
([msg=53734]see Re: I found a extremely vulnerable child care site[/msg])

insom said it best, although that might be a little overkill. Basically, your best bet is to send an anonymous email and hope they fix it. You don't want to assume that they will be happy, because they might not be. This could land you in some trouble very quickly.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2818
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: I found a extremely vulnerable child care site

Post by fbi hacker101 on Sun Jul 14, 2013 5:22 pm
([msg=76464]see Re: I found a extremely vulnerable child care site[/msg])

HACK IN NOW
fbi hacker101
New User
New User
 
Posts: 2
Joined: Sun Jul 14, 2013 5:18 pm
Blog: View Blog (0)


Re: I found a extremely vulnerable child care site

Post by -Ninjex- on Sun Jul 14, 2013 5:40 pm
([msg=76469]see Re: I found a extremely vulnerable child care site[/msg])

fbi hacker101 wrote:HACK IN NOW


Please look at the dates on the post before commenting.
We don't like to dig up old posts..
Also promoting illegal activities is going to get you frowned upon quickly here.

Image
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1305
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: I found a extremely vulnerable child care site

Post by centip3de on Mon Jul 15, 2013 2:14 pm
([msg=76485]see Re: I found a extremely vulnerable child care site[/msg])

-Ninjex- wrote:
Please look at the dates on the post before commenting.
We don't like to dig up old posts..
Also promoting illegal activities is going to get you frowned upon quickly here.


What he said. Locked.
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1423
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)



Return to Ethics

Who is online

Users browsing this forum: No registered users and 0 guests