Harpy Marx
@mk@spinster.xyz Do you have any details on the Gab hack? What software were they running?
M. K. Fain
Reply to @HarpyMarx@spinster.xyz
@HarpyMarx@spinster.xyz @alex@gleasonator.com has been posting the details! TLDR they opened themselves up to an SQL injection
polarisera boosted your post πŸ™ˆ πŸ™‰ πŸ™Š
Reply to @mk@spinster.xyz
@mk@spinster.xyz @HarpyMarx@spinster.xyz @alex@gleasonator.com Little Bobby Tables causing trouble again. (xkcd/327)
Alex Gleason
Reply to @polarisera@spinster.xyz
@polarisera@spinster.xyz @mk@spinster.xyz @HarpyMarx@spinster.xyz They introduced the SQL injection into their own software by lazy programming and lack of code review: https://spinster.xyz/@alex@gleasonator.com/posts/A4llaidKJNpEhAxy6q
Alex Gleason (@alex@gleasonator.com)
I found the Gab SQL vulnerability finally. πŸ€¦β€β™‚οΈ It was introduced in this commit: https://code.gab.com/gab/social/gab-social/-/commit/fb3b7545705153022c24bb072fbdb3925b8cbfebAnd fixed in this one: htt...
EmmaFaber
Reply to @alex@gleasonator.com
@alex@gleasonator.com @polarisera@spinster.xyz @HarpyMarx@spinster.xyz @mk@spinster.xyz is gab still hacked?
Alex Gleason
Reply to @EmmaFaber@spinster.xyz
@EmmaFaber@spinster.xyz @HarpyMarx@spinster.xyz @mk@spinster.xyz @polarisera@spinster.xyz No, I told them how to fix it, then they pretended they fixed it themselves.