You remember in the old days when there was a difference between a cracker and hacker? Now a hacker is a cracker and a cracker is something else entirely. Well the same thing is about to happen with what blind injection VS true/false injection. People should know why it is called a blind injection. It’s not because you can’t see the number of columns or anything like that. A blind injection is where no error message appears. Is all started with the MSsql injections where you could use the error message to your advantage by creating errors that would display the results. But this seems too have been forgotten by the new generation of exploiters out there. While looking into this I even found that some moron on wikipedia had got his facts wrong and is now teaching the whole world the wrong thing. Well, I guess I just to have to except people are sheep.
If(!true) {
echo ‘this is true, Baaa!’;
}

More sources:
http://www.cgisecurity.com/questions/blindsql.shtml
http://www.owasp.org/index.php/Blind_SQL_Injection

There are thing you just don’t do in life. One of dose thing is to fuck with a large number of people. Mr Aaron Barr did decided to try to find people that didn’t want to be found. He said he was researching vulnerabilities in “social media”. The research goal was to found out about the 4chan based group called anonymous. They have made some hacks that has has media exposer over the years. There is no doubt some of them know what they are doing. But that’s not their true power. They have a power that few has, they have a following of 10 000, 100 000 who know how many they really are. There is a good chance that 0.01% of are quite good at breaking into shit. But there only needs to be one crazy motherfucker for you to end up in a body bag. Aaron Barr isn’t yet dead. But as a security “expert” he might be fucked. They got his twitter, emails, site and along with that they scammed a guy for further access to a other server. A PDF leaked that described a plan to disrupt Wikileaks organization. The whole situation just blows up in his face. I find it all amusing. Mostly because of how they gain access to rootkit.com. That’s just sad.

The question is what now? He still has his research with names of what he claims is the top of the group. Anonymous said that the report was all bullshit and made up. But i am not so sure. That’s what i would say i was in their situation. The question is now. Will there be arrests? Will Aaron survive in the security community? Will he make a speech at Defcon or blackhat on how he got owned?
Lesson: You don’t want to get a mob of people motivated to bring you down. Especially people that don’t forgive or forget.

Links:
Twitter of Aaron
Overview
Wiki-shit
Price to pay