The Sinclair QL Forum

RIP Sir Clive Sinclair 1940 - 2021
https://theqlforum.com/

Lemon 64 and Lemon Amiga sites down after being attacked

https://theqlforum.com/viewtopic.php?t=4886

Page 1 of 1

Lemon 64 and Lemon Amiga sites down after being attacked

Posted: Sat Jul 13, 2024 3:17 pm
by 1024MAK
Unfortunately another community has been subjected to an attack. Both Lemon 64 (for Commodore 64 machines) and Lemon Amiga are down.

On the Spectrum Computing forum, PROSM says:
PROSM wrote: Sat Jul 13, 2024 10:01 am According to lifeschool over on the English Amiga Board, both Lemon sites have been hacked:
lifeschool wrote:SQL injection, LA and L64 sites compromised. The hackers want money to reveal how they did it.

It may take some time to secure the site, but Kim says it can be done given some time.

This is an increasing problem, so I hope eab is secure?
Mark

Re: Lemon 64 and Lemon Amiga sites down after being attacked

Posted: Sat Jul 13, 2024 3:26 pm
by NormanDunbar
Oh dear, oh dear!

I can reveal how they did it or free!

SQL Injection. Basically, the input "forms" don't to any validation and just pass the entered data into a SQL statement that they build up from scratch. Then they execute it. This is seriously bad and I would advise against ever doing business/hobbies with these web sites ever again!

I'm typing this as a retired database administrator, I know about SQL injection because I've been preventing it for years! ;)

Cheers,
Norm.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited