The Tech Herald

AntiSec supporters take revenge - target the City of Oakland

by Steve Ragan - Oct 27 2011, 15:11

Responding to the violent police treatment of protesters during Occupy Oakland (video below), AntiSec supporters have leaked what appears to be the usernames, passwords, and email addresses of two city employees, while exposing a CMS that manages part of the City of Oakland’s website.

The data leaked by AntiSec supporters - along with a single statement of, “Problem #Oakland authorities? F--- you!” - contains a sample database record, and images taken from the admin area of the Senior Access Guide for Empowerment (SAGE) portal used by Oakland’s Department of Human Services (DHS).

One of the sample links is a copy of an active page, allowing others to access the entire backend by using one of the three administrator accounts provided. Google searches show that the SAGE pages have been in the public for some time.

According to the release, the City of Oakland is using eEye Digital Security’s SecureIIS webserver security suite, which promises, “...integrated multi-layered windows server protection [against] known and unknown exploits, zero day attacks, and unauthorized web access...”

SAGE is what appears to be an ASP driven application, created in-part with a tool called ASPMaker. One of the administrator accounts published by AntiSec supporters comes from T324, a web design and hosting firm located in Albany, California. When the SAGE section of the DHS site was developed by T324, they used version 4 of ASPMaker, which has long since been replaced by several revisions.

It’s possible that access to the user accounts stems from ASPMaker’s role in developing the SAGE portal used by Oakland’s DHS. In addition to IIS 6.0, the site stores all of its content in a MS Access Database.

The age of the development tool, as well as the site itself being publically available, could mean that what AntiSec supporters leaked to the Web is no longer used, or of no critical value to the City of Oakland. However, if it isn’t used or needed, the city needs to remove it. If there is value in the SAGE application, then it needs serious code modifications and protection.

On Tuesday evening, as shown in the video below, the police turned to violence in order to clear Occupy Oakland protesters out of their camp in front of City Hall. Tragically, one protester, an Iraq vet who served two tours and returned home in good health, 24 year-old Scott Olsen, was critically wounded by police.

Oakland PD fired rubber bullets, tear gas, and smoke canisters into the crowd. Olsen was struck in the head by one of the canisters, suffering a fractured skull according to doctors. He is listed in serious, but stable condition.

 

[The video shows an aerial view of police breaking up the crowd]

 


[This video shows what is said to be Olsen being attacked.]

 

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Shelby GT350 Mustang Pictures

We have added a bunch of pictures of the all-new Shelby GT350 Mustang from Ford. The ne...

All-new Shelby GT350 Mustang

Ford have revealed details of the new Shelby GT350 Mustang. First introduced in 1965 the new...

Best Cars To Buy In 2015

Leading vehicle research company Kelley Blue Book has released its list of the best cars to ...

A.C. Milan Take On Audi R8

Five A.C. Milan stars take on an Audi R8 in a game of street soccer in a new ad for Toyo Tir...

Jaguar 2016 F-TYPE R Coupe All-Wheel-Drive

Jaguar has unveiled the 2016 F-TYPE R Coupe, the first to feature all-wheel-drive. The 2016 ...