August 6th, 2019 | Cybersecurity Daily
On August 6th, 2019, the website of Larisa KEMDIKBUD, found at https://larisa.kemdikbud.go.id/f.htm, was compromised. The attacker, identified as ./Fell Ganns from the Manusia Biasa Team, executed a successful SQL Injection attack on the site. The breach specifically targeted the main page, leading to unauthorized changes and defacement.
Hacker Details:
- Hacker Name: ./Fell Ganns
- Hacker Group: Manusia Biasa Team
Website Details:
- URL: https://larisa.kemdikbud.go.id/f.htm
- System: Linux
- Web Server: Apache
- IP: 118.98.221.13
- Location: Indonesia
Incident Details:
- Date: August 6th, 2019 15:12:11 (WIB)
- Proof of Concept: SQL Injection
- Reason: Heh…just for fun!
Archive Page: https://defacer.id/mirror/id/85908
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/85908
The attacker exploited an SQL Injection vulnerability to gain unauthorized access to the website. SQL Injection is a technique where malicious SQL queries are inserted into input fields or URLs to manipulate the database. By using this method, the attacker was able to execute unauthorized commands, potentially altering or extracting sensitive data from the site.
The attacker’s reason for the breach was simply “Heh…just for fun!” indicating that the motive behind the incident was likely to demonstrate technical prowess or cause disruption for amusement, without any specific objectives or intentions beyond that.