Type your search keyword, and press enter

Dan Kaminsky gets hacked

Noted security professional Dan Kaminsky’s personal website was hacked into and personal information was stolen from his webserver and posted online on the eve of the Black Hat security conference. The stolen files included private emails between Dan and other security researchers.

Following is the cached result of Dan Kaminsky’s website which is currently offline.

Dan Kaminskys personal website hacked
Dan Kaminsky's personal website hacked

According to the note the hackers left on Dan’s website on doxpara.com/zf05.txt,

We hacked Dan’s assets first through finding bugs and writing 0day, and then through abusing him giving away passwords and his silly password scheme. Check out just some of his passes: fuck.hackers, 0hn0z (root account on his mail box), fuck.omg, fuck.vps, ohhai

Five character root password? Niiiiiiice.

From .mysql_history:

SET PASSWORD FOR ‘root’@’localhost’ = PASSWORD(’fuck.mysql’);

See the pattern?

The hackers also criticized Dan for using insecure blogging and hosting services that they used to host their websites and in turn allowing access to their personal data.

If you looked at Dan’s website, he used WordPress as his Content Management Solution and used the Dropshadow wordpress theme developed by Brian Gardner.

Dan Kaminsky using WordPress as his CMS
Dan Kaminsky using WordPress as his CMS

Looking at the theme, the last development occurred around April 2007. Could the hackers have used some vulnerability in the theme itself or did Dan have an insecure version of WordPress installed on his webserver? Either case, if you are using WordPress as your content management solution, it is important to think about WordPress security.