CUT Student Allegedly Hacks Into Results Portal & Alters Grades

A university of Chinhoyi Student has allegedly been arrested after hacking into the University’s results portal and altering grades for himself and other students.

For altering the results of 7 other students, it’s claimed he received varying amounts of US$ payments and then proceeded to use a technique called SQL Map which is an SQL injection technique to hack into the institution’s database.

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.

SQL Map – which was allegedly used in this case- is actually an open-source penetration testing tool that automates the process of detecting and exploiting flaws to take over database servers.

The presence of such a flaw also means other students could have been silently exploiting it for years without being caught and if it isn’t patched ASAP then other students will exploit the flaw and if they don’t get greedy and offer to alter results of other students at a cost, they’ll walk away scot-free.

Should he have been arrested?

One of the main talking points that has become contentious since this story broke is that this student shouldn’t have been arrested. A number of people believe he should have helped the school’s security team to patch the flaw.

Personally, I think that’s a naive approach. If someone commits a crime why should they be rewarded generously for that? If someone broke into your house whilst bypassing the alarm system, would you recommend the alarm company hire him/her to patch out the flaws?

Whilst that isn’t the best analogy in the world, I think it’s fair to assume you would want that person to be arrested and then disclose how they committed the crime to the police. That way a criminal has been removed from society and you have found your way to patching your security systems. What’s your opinion on this issue? Should he have been arrested?

15 comments

What’s your take?

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. Witker Tholana
    1. Mafuva Edmond

      Thus juvenile deliquence.

  2. lionel

    Indeed for every wrong doing you just got to pay the price, on the other hand the lad has considerable potential which might prove useful if exploited thoroughly. I wldnt send him to prison but instead commute his sentence to something more useful in regard to the institute`s info sec and other organisations. SQL injections are probably 20+ years old now, and this begs for the question which rock has the IT department been living under??

    1. Anonymous

      Industrial espionage candidate?

      1. lionel

        you see..the know how is in quite a demand,and what sell to the highest bidder🤔?, ‘interesting businèss model’ or act on behalf of a bigger hand?..quite tempting

      2. Anonymous

        No really, sql injection is the oldest trick in the IT field, I would rather say that the people who created the system are quite dumb sorry to say because that the first security prevention you make in you working with SQL supported application.Two,for the guy who hacked the system, go work to show the vulnerability of the system but I would consider him been a potential candidate in IT field since he still has more to prove

        1. Farai Mudzingwa

          Having met the guy personally I will say on the occasion I met him I did think he had a very bright future and understood computer systems and artificial intelligence in a way few people I’ve met do

    2. anony

      They do not have the money or other resources to afford industry standard security on their academic portal. This is one of the reasons I never learnt in zim coz no international employer or institution is going to take ur transcript seriously after such cases of IT incompetence

  3. Imi Vanhu Musadaro

    SQLMap is a tool, not a technique.

    I wouldn’t call a person who “hacked” into 1 system one worthy of hiring as a security consultant. If he has more skills to bring to the table, it must be weighed against that.

    You are hired as a consultant when the skills you possess are better served being taught to those that will use them legitimately, than being taught to those who could be subversive. Or, if you possess knowledge even legitimate actors do not have.

    Everyone with a copy of Kali Linux is running around calling themselves a hacker or penetration tester. 🤷🏾‍♀️

    1. Stephen Mudere

      Which application suffers from an SQL injunction attack this day and age? Novice developers!

    2. jon snow

      true to a certain extent but not every dumdum is capable of figuring out which endpoint to target or even how to go on from there if a vulnerability is found, the fact that he was able to figure that out makes him stand out and worthy for further ‘weighing’ as you say. He figured out what the ‘learned’ people in the IT department had no idea about/where complicit about. you sound like the CEH typo person😂

  4. Brandon Nyoni

    The fact that he went on to alter the results of other students, he must not be hired for that, instead he must be punished. Thus totally a pooh-pooh. If he is a genius, then why can’t he prove his geniuses genuinely and not behind closed doors.

  5. tinaboy

    How he was caught or found out is what makes him a hero or just a chancer.

  6. Foxx of the FoxxTech

    Well, thus an interesting thing to learn. Are you sure CUT is a university of Technology or a creche?. Do they have DBAs and their own Software Devs or they just pick willers. It really does not make an interesting sound that their DB was injected.
    For the boy, he is a bad boy who does not deserve anything positive. He could have maybe tested the possibility and presented his findings in order for him to be recognized useful. He did a bad thing and his reward for that is punishment.

  7. Addision Elliott

    Telegram, (At) Trustgeekshackexpert

    A virtual mentor who guides you through the academic maze, offering insights, tips, and a helping hand when you need it most. That’s TrustGeeks Hack Expert in a nutshell. Although it would be wonderful, TrustGeeks Hack Expert isn’t some sort of magical wand-waving sorcery. It’s a clever digital tool meant to assist pupils in rising above academic setbacks and achieving success. Consider it your reliable ally on the journey to academic success. Before stumbling upon TrustGeeks Hack Expert, I was practically treading water in the sea of academia. My grades were more like a rollercoaster ride than a steady incline, and I could barely keep up with assignments. It felt like I was stuck in a never-ending whirlpool of confusion and stress. you’re staring at your not-so-stellar grades, feeling like you need a magic wand to turn things around. Enter TrustGeeks Hack Expert, the revolutionary tool that promises to sprinkle some academic excellence dust on your performance. TrustGeeks Hack Expert isn’t your run-of-the-mill study app. It’s like having a digital wizard by your side, helping you navigate the treacherous waters of academia with ease. Whether you’re struggling with grades or just aiming to up your academic game, this tool is here to make your life easier. It’s a fact that your future can be made or broken by your academic performance. Your grades are a major factor in determining your success, from getting that ideal career to opening up fresh options. You may wave goodbye to failing grades and welcome an infinite world with TrustGeeks Hack Expert. Low grades can feel like a dark cloud hovering over your academic journey, casting a shadow on your potential. It’s time to shine a light on the consequences of falling short and uncover the factors contributing to your academic struggles. From missed opportunities and dashed dreams to feelings of inadequacy, low grades can take a toll on your mental and emotional well-being. It’s not just about the numbers on your report card – it’s about how they shape your outlook on learning and future prospects. Sometimes, low grades stem from a variety of factors – be it lack of motivation, ineffective study habits, or simply feeling overwhelmed by the demands of academia. By pinpointing these underlying issues, you can take the first step towards turning the tide in your favor. My grades resembled a sinking ship, and my confidence took a hit like it owed someone money. Each low mark chipped away at my self-esteem, leaving me feeling like I was walking a tightrope without a safety net but with the aid of TrustGeeks Hack Expert, I am standing tall in my grades now. contact TRUSTGEEKS HACK EXPERT with the information above..

2023 © Techzim All rights reserved. Hosted By Cloud Unboxed

Exit mobile version