AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Software > Data Security

Data Security Viruses, Firewalls and Safe computing


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 25th April, 2005, 02:47 AM
Member/Contributor/Resident Crystal Ball
 
Join Date: March 2004
Posts: 7,451

Xbit Homepage Hacked

I'm going over the sourcecode right now...all the XBIT links i posted are still active, and you cvan navigate the site from there, but going to the frontpage will get you nowhere
Quote:
<html>
<head>
<title>dEF@CED by NukLeoN from AnTiSh@Re tEaM | AnoNyMoUs gRouP</title>
<style>
BODY {
color: #646464;
background-color: #646464;
scrollbar-face-color: #212121;
scrollbar-highlight-color: #404040;
scrollbar-shadow-color: #646464;
scrollbar-3dlight-color: #616161;
scrollbar-arrow-color: #66E201;
scrollbar-track-color: #646464;
scrollbar-darkshadow-color: #646464;
}
</style>
<script language="javascript">
var pos=0;
var speed=110;
var msg="<b>Hi You are owNed by NukLeoN from AnTiSh@Re tEaM. </b><br><br>Greets <br>teams:<br><br><font color=red><i>AnOnYmOuS . CCTEAM . CyberLords . VOID . RST . CNM . Rock . tPort . ICU . Gh0st</i></font><br><br>and personally to:<br><br><font color=red><i>tristram . xPOw . loSed . ^Bl@deM@n^ . DeCoDe . -=ÑRuZ@De=- . X134FD . Condor . k0pa . pLuToNiUm . Black Neuromancer . Mafia32 . SLV . WELL . CReg . EGOiST . MozgC . Noble Ghost . rC . PolishOx . CERBER . Gelios . Dr. Lektor . Wumber . Winux</i></font><br> and <b>MicRoBit for nice GFX logo</i> )<br><br><br>yoU can know, how you owned, on our forum such as - <br><font color=#FFFF00><a href=http://www.anonymous.ru>AnOnYmOuS.ru</a></font><br><br><br><font color=#FFCC00><b>Àäìè*</b>, ìå*ÿé õîñòè*ã.. Òû ïðîñòî *å ïðåäñò*âëÿåøü, ** ê*êîì äåðüìå òû õîñòèøüñÿ...</font>.";
function Type(){
pos++;
if (msg.substring(pos-1,pos) == " ")
{
pos++
}
text=msg.substring(0,pos);
if (document.layers)
{
document.layers.layerA.document.open();
document.layers.layerA.document.write("<div style='position:absolute;top:0px;center:0px;font-family:Verdana;font-size:14px;color:#FFFFFF'>" + text + "</div>");
document.layers.layerA.document.close();
}
else if (document.all)
document.all.layerA.innerHTML=text;
if (pos < msg.length)
{
tmer=setTimeout('Type();',speed);
}
}
</script>
<meta http-equiv="Content-Type" content="text/html;charset=windows-1251">
</head>
<body bgcolor="#646464" text="#FFFFFF" onLoad="Type()" style="background-color: #2D2C2D" link="#FFFF00">
<div align="center">
<img border="0" src="http://www.antishare.net/img/defaces/antishare.jpg" width="424" height="287"></div><br><br>
<font color="#FFFFFF">
<b> <div align="center" id="layerA" style="position:relative;;top:0px;center:0px;font-family:Verdana;font-size:14px;color:#FFFFFF">
</b></div></font></td>
</tr>
</table>
</div>
</body>
</html>
<!-- SMART Cached -->
<!--
Parsing URL: cached
Get statistics: 0.015990972518921
Executing templates: cached
Extracting cache: 0.00046706199645996
Subst cookies: 5.0783157348633E-05
Processing banners: 4.3869018554688E-05
Post execute: Not used
Total: 0.016743898391724


-->
Attached Thumbnails
Xbit Homepage Hacked-capture24-04-2005-7.43.56-pm24-04  
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 25th April, 2005, 03:10 AM
GrahamGarside's Avatar
Member/Contributer
 
Join Date: September 2004
Location: England
Posts: 4,572

Wow, I'm in awe of such manly brilliance who hold such elite skills as spelling with numbers.

girls calm yourselfs.
__________________
"Well yes but I'm afraid I prematurely shot my wod on what was supposed to be a dry run if you will, so now I'm afraid I have something of a mess on my hands."

Tobias Fünke, M.D.

AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 25th April, 2005, 03:23 AM
Member/Contributor/Resident Crystal Ball
 
Join Date: March 2004
Posts: 7,451

lol. i agree with you, graham. script kiddies...
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 25th April, 2005, 03:46 AM
GrahamGarside's Avatar
Member/Contributer
 
Join Date: September 2004
Location: England
Posts: 4,572

Even if they weren't script kiddies (a term I find amusing, like being able to do this yourself is grown up) they're still pathetic little vandals
__________________
"Well yes but I'm afraid I prematurely shot my wod on what was supposed to be a dry run if you will, so now I'm afraid I have something of a mess on my hands."

Tobias Fünke, M.D.

AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 25th April, 2005, 04:47 AM
Member/Contributor/Resident Crystal Ball
 
Join Date: March 2004
Posts: 7,451

i labels individuals that do this sort of thing as script kiddies for a reason...it's highly immature, and really a waste of time. Most people, when they mature, realize that simple things like this aren't the great feats they make them out to be...it only makes people hate them. Sad thing is that one of those names there i know very well...and @ 18, he's still just a kid, and even more so after this stunt.
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 25th April, 2005, 01:13 PM
Rondog's Avatar
Member
 
Join Date: January 2005
Location: Victoria, Australia
Posts: 3,298
Send a message via MSN to Rondog

What sort of encryption did the site have 128bit? If it had 128bit thats kinda scary. The processing power required to brute force a 128bit encrytion is just enormous!
__________________
AOA Team fah

Rig 1: Intel Core i5 750,4gb,HD6870,500gb,W7 Ult x64
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 25th April, 2005, 03:27 PM
Pitch's Avatar
AOA Staff
Asteroids Champion, Maeda Path Champion, Disco Racer Champion, Alpha Bravo Charlie Champion, Van Champion
 
Join Date: February 2004
Location: The cake is a lie.
Posts: 5,025
Send a message via MSN to Pitch

Probably exploited a cgi script or something to gain backdoor entry.
__________________


XBL/PNS = neolad
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 25th April, 2005, 03:54 PM
Rondog's Avatar
Member
 
Join Date: January 2005
Location: Victoria, Australia
Posts: 3,298
Send a message via MSN to Rondog

*whoosh* Thats the sound of information going right over the top of my head.
__________________
AOA Team fah

Rig 1: Intel Core i5 750,4gb,HD6870,500gb,W7 Ult x64
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 25th April, 2005, 04:36 PM
danrok's Avatar
AOA Staff
 
Join Date: March 2003
Location: Great Britain
Posts: 18,917

It's all very cHilDisH.
__________________
Desktop PC: AMD FX-8370E / Asus M5A99X Evo R2.0 Motherboard / 16GB DDR3 RAM / GeForce GTX 970
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 25th April, 2005, 06:42 PM
Logan's Avatar
Member
 
Join Date: August 2004
Posts: 1,235

Gotta hate it when a site's security is compomised.
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #11 (permalink)  
Old 25th April, 2005, 06:59 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

One has to wonder if things might have been different if we had spend a few hours and a few bucks trying to show them how to create a life for them selves.

Let's go ask George and Arnold what they "Think"... just for laughs...
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #12 (permalink)  
Old 26th April, 2005, 03:50 AM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Quote:
Originally Posted by Rondog
What sort of encryption did the site have 128bit? If it had 128bit thats kinda scary. The processing power required to brute force a 128bit encrytion is just enormous!
Actually, the use of HTTPS is only to protect information in transit. It doesn't provide protection to the web server. If there's a vulnerability in the configuration or programs running on the web server, the encryption doesn't help at all.
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #13 (permalink)  
Old 26th April, 2005, 05:47 AM
Rondog's Avatar
Member
 
Join Date: January 2005
Location: Victoria, Australia
Posts: 3,298
Send a message via MSN to Rondog

Quote:
Originally Posted by Áedán
Actually, the use of HTTPS is only to protect information in transit. It doesn't provide protection to the web server. If there's a vulnerability in the configuration or programs running on the web server, the encryption doesn't help at all.
Locking the door and hiding the key under the door mat?

__________________
AOA Team fah

Rig 1: Intel Core i5 750,4gb,HD6870,500gb,W7 Ult x64
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #14 (permalink)  
Old 26th April, 2005, 07:49 AM
hoinar's Avatar
Member
 
Join Date: February 2005
Location: Iasi, Romania
Posts: 945
Send a message via Skype™ to hoinar

nope...the reverse...hiding the key but letting the door open...well allmost
__________________
I'd cry...but I can't stop laughing.
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #15 (permalink)  
Old 26th April, 2005, 12:04 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Quote:
Originally Posted by Rondog
Locking the door and hiding the key under the door mat?
More like using an armed guard to transfer a sealed envelope. Whilst the armed guard keeps it safe in transit, what happens at either end is another thing entirely!
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #16 (permalink)  
Old 27th April, 2005, 02:00 AM
Member/Contributor/Resident Crystal Ball
 
Join Date: March 2004
Posts: 7,451

Quote:
ERROR [2] Invalid argument supplied for foreach() In line 79 of file /usr/home/administrator/www/admin/url_parser.php URL: /

ERROR [2] mysql_num_rows(): supplied argument is not a valid MySQL result resource In line 36 of file /usr/home/administrator/www/admin/include/stats.php URL: /

ERROR [2] mysql_num_rows(): supplied argument is not a valid MySQL result resource In line 112 of file /usr/home/administrator/www/admin/include/stats.php URL: /

ERROR [2] mysql_num_rows(): supplied argument is not a valid MySQL result resource In line 94 of file /usr/home/administrator/www/admin/include/stats.php URL: /
about to happen again? Thier home page shows this.

wondering about this, form SANS:

Quote:
Oracle Built-In Package SQL Injection
Several Oracle packages have been fixed with the April CPU to resolve SQL injection vulnerabilities that can allow an authenticated attacker to cause a denial-of-service attack, or to run arbitrary code as the SYS user with SQL injection techniques. As exploit code is publicly available for these vulnerabilities, it is important that DBA's take action to protect against authorized users escalating their privileges on the database.
The three most important packages that are of concern are DBMS_CDC_PUBLISH, DBMS_CDC_SUBSCRIBE and DBMS_METADATA. As a workaround, DBA's are encouraged to revoke PUBLIC privileges on these functions:

revoke EXECUTE on DBMS_METADATA from PUBLIC;
revoke EXECUTE on DBMS_CDC_PUBLISH from PUBLIC;
revoke EXECUTE on DBMS_CDC_SUBSCRIBE from PUBLIC;
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Possible to set default homepage for IE6? Nate-X OS, Software, Firmware, and BIOS 6 16th June, 2007 09:47 PM
team45 homepage piccoLEW ThunderRd's AOA FOLDING@HOME Team 2 24th June, 2003 09:32 AM
Xbit Labs 13 Vidcard Shootout in 3DMark03. Haw yee! cloasters Graphics and Sound cards; Speakers and other Peripherals 6 29th March, 2003 07:39 PM
Xbit hack a Rad9500 and turn it into a 9700!! MiGGinZ Hardware Hacking 1 10th January, 2003 06:28 PM


All times are GMT +1. The time now is 08:59 AM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0