Really, they didn’t clean text on text fields allowing them to be read as code?
Is that really what happened? I would have at least assumed comp'ed cloud or data center people. So tired of our side taking L's due to our own retardation.
"According to DDoSecrets' Best, the hacker says that they pulled out Gab's data via a SQL injection vulnerability in the site—a common web bug in which a text field on a site doesn't differentiate between a user's input and commands in the site's code, allowing a hacker to reach in and meddle with its backend SQL database."
Is that really what happened? I would have at least assumed comp'ed cloud or data center people. So tired of our side taking L's due to our own retardation.
This has happened to many leftists companies too. They can learn from this and improve.
That's crazy. Salting passwords and shit is literally some of the easiest shit you can do that makes shit like this impossible
Looks like it was just that. From OP's comment:
"According to DDoSecrets' Best, the hacker says that they pulled out Gab's data via a SQL injection vulnerability in the site—a common web bug in which a text field on a site doesn't differentiate between a user's input and commands in the site's code, allowing a hacker to reach in and meddle with its backend SQL database."
WTF year is it? 2000? Did they write this shit in PHP?
PHP runs most websites. It's easy to sanitize user input. Whoever wrote gab is an idiot.