Today, on the day the new Parliament commences its duties, we found out that the website of the Presidential Secretariat has been taken down – whether by an administrative mistake, or by yet another branch of hacktivists, we’re unable to ascertain. What we can tell you is that the entire website is open wider than the your window right now. Editor’s note: or was open as of the time of writing.
This is the server of the Presidential Secretariat (www.presidentsoffice.gov.lk). It’s a PHP site, running on what appears to be Joomla 2.5 (for the record, the world is now on Joomla 3.3). Usually, this kind of interface would not be available to the public – when an administrator puts a site into maintenance, they generally close access.
This site, however, is not just public, it’s also indexed by Google, which is how we stumbled onto this flagrant breach of security in the first place. A search for “presidential secretariat” in Google.lk brings up a link called “News” – see the screenshot – that leads you directly to this exposed back door. If it’s a hack, it’s a clever hack. If it’s merely administrator incompetence, then someone should seriously consider a change in careers.
The front door, meanwhile, is a regular Door of Durin. No, my dear website: I don’t wish to check my connection speed, but I do wish to check your administrator’s competence in web security.
PS: as we’ve been accused of hacking and unethical hack reporting (usually by those being hacked) before, please note that the ReadMe team has notified Sri Lanka CERT, and indeed delayed before publishing this article.