The website of the Public Broadcasting Service (PBS) was hacked for the second time in under a month by a hacker who wanted to prove that LulzSec are not very skillful.
The hacker, who uses the online handle of Warv0x, claims he exploited an SQL injection vulnerability that gave him access to the PBS.org databases.
LulzSec previously hacked PBS because of a WikiLeaks documentary. They stole administrative accounts and posted fake news articles on the website.
"This wasn't done for fame or fun, just proving LulzSec aren't as good as they think they are,
" Warv0x wrote
in a pastebin.com post where he also posted hashed account passwords taken from the PBS website.
"I haven't rooted the box or been up to crack the hashes, I'm just proving that most of their attacks are very lame and basic (i'm pretty sure and automated) SQL injections and further privilege escalation, which is just matter of time,
" he told The Hacker News
Warv0x greets Web Ninjas and The Jester, hackers who have declared LulzSec their enemies and have currently try to expose them. LulzSec's attack against PBS is believed to have involved a zero-day vulnerability in the Moveable Type blog publishing platform.
Unfortunately, the organization has been caught in a fight between hackers. During recent days some groups have pledged support for LulzSec and joined their anti-government campaign while others have united against them.
There is an active effort to "dox" the LulzSec members. This is Internet slang for exposing someone's real identity by digging up information about them. Some solid info has already emerged about alleged LulzSec leader Sabu, according to which he is an IT or security consultant of Puerto Rican descent who lives or lived in New York and is named Xavier.