Comodo Hacker Claims SQL Injection Used to Hack Reseller

[jamescv7]

The Iranian hacker who compromised a Comodo reseller and used its credentials to obtain rogue SSL certificates for high-profile domains claims the original point of entry was an SQL injection vulnerability.

When asked by Robert Graham, CEO of Errata Security, in an email exchange how he broke into the first machine at globaltrust.it, the hacker said: "SQL injection, then privilage [sic] escalation, got SYSTEM shell, remote desktop, investigation and I discovered trustdll.dll."

A new message posted on pastebin.com by the hacker as a result of people doubting his claims, describes in more detail how the hack went down.

http://news.softpedia.com/news/Comodo-Hacker-Claims-SQL-Injection-Used-to-Hack-Reseller-191915.shtml

 

[Valentin N]

non one has achieved to attack a 2048-bit long key

proof

Whomever said 2048 wasn't safe is wrong. All the "hacker" was able to do was issue certificates that he should not have been able to. There have been no successful collisions or attacks against RSA keys with key sizes 2048 or greater. RSA 2048 did not fall to this person (at least not yet).

source

 

[LaserWraith]

Seems very smart...

I guess he is just dedicated. He says that he spends ~15 hours a day studying that type of thing...

Wow.

 

[jamescv7]

RE:Comodo admits 2 more resellers pwned in SSL cert hack

Comodo has admitted a further two registration authorities tied to the digital certificates firm were hit by a high-profile forged digital certificate attack earlier this month.

No forged certificates were issued as a result of the assault on victims two and three of the attack, but confirmation that multiple resellers in the Comodo community were compromised is bound to renew questions about the trust model applied by the firm.

http://www.theregister.co.uk/2011/03/30/comodo_gate_latest/

Yet claim there is 2 more reseller in SSl attack