FYI: The main web site page got hacked.

This is a discussion on FYI: The main web site page got hacked. within the A Brief History of Cprogramming.com forums, part of the Community Boards category; Originally Posted by Mario F. I doubt they were from egypt. The javascript variables were in Spanish and the img ...

  1. #16
    Devil's Advocate SlyMaelstrom's Avatar
    Join Date
    May 2004
    Location
    Out of scope
    Posts
    4,069
    Quote Originally Posted by Mario F. View Post
    I doubt they were from egypt. The javascript variables were in Spanish and the img tags were pointing to a site in San Diego, California.
    The page that they hacked said they were "3gypti@n." I don't think where they host their images would tell much, and generally the people who crack message boards are not hackers. They probably found the dork and the code to hack the page on some website like milw0rm... it may have been written by somebody who is Spanish, but not necessarily used by a Spanish person.
    Sent from my iPad®

  2. #17
    Registered User
    Join Date
    Nov 2005
    Posts
    673
    The artwork was pretty good. Although a petty attempt at a hack.

  3. #18
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,472
    Oh. I just don't know where they are from. I just doubt they were from egypt.
    My main reason for doubting that? The fact they said they were.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  4. #19
    Super unModrator
    Join Date
    Dec 2007
    Posts
    321
    Quote Originally Posted by SlyMaelstrom View Post
    The page that they hacked said they were "3gypti@n." I don't think where they host their images would tell much, and generally the people who crack message boards are not hackers. They probably found the dork and the code to hack the page on some website like milw0rm... it may have been written by somebody who is Spanish, but not necessarily used by a Spanish person.
    Why don't they bring down such sites? I thought laws were strict in the US.

    Edit: ooh and thanks for letting me know about that site
    (no I won't hack anyone)
    Last edited by abh!shek; 04-28-2008 at 07:30 AM.

  5. #20
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,472
    Quote Originally Posted by abk View Post
    Why don't they bring down such sites? I thought laws were strict in the US.
    Because they can. Someone else actually did all the work finding exploits in popular web services and script based tools, like vbulletin. All the information is made public for several reasons, being one of them help the authors fix it.

    Then someone with nothing to do, wanting to impress friends and strangers takes the information and goes about their business. As long as they only deface websites, as these two(?) did, it's a favor they are doing you. However, more often than one would like, they go about trashing all files in the website, deleting them, changing accounts, whatever.

    VBulletin has a considerable amount of I've been hacked posts. Mostly not to do with vB own scripts, but with mods, or forgetting to delete installation scripts. That's probably how they go in. However, they did deface index.php all across the cprogramming.com domain. So, I'm curious how they did it and if they gained the ability to write/overwrite .htaccess.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  6. #21
    Super unModrator
    Join Date
    Dec 2007
    Posts
    321
    My point was - why not bring sites like milworm off the web. Hacking would be reduced drastically!

  7. #22
    Supermassive black hole cboard_member's Avatar
    Join Date
    Jul 2005
    Posts
    1,709
    They'll just make new sites. Taking down some of these websites won't stop people doing it - I doubt it'll even slow down the spread of knowledge (read: tools written by someone else).
    Good class architecture is not like a Swiss Army Knife; it should be more like a well balanced throwing knife.

    - Mike McShaffry

  8. #23
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,472
    If you read between the lines, you'll know these sites are indeed beneficial. In a makeup world where they didn't exist, hacking could be thought to be done only by the knowledgeable, and not every 15 year old with a bad case of acne and pokemon posters in the bedroom.

    However, it would also be much harder to fix the exploit, because information wasn't simply available anywhere on how someone might got into the website.

    Handling security is not an issue of hiding possible exploits from the public in general. It is about fixing those holes and coding defensively. You'll be more secure if you know what makes you insecure, agreed?
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  9. #24
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    And the other factor is of course that if you close down a site, someone will soon have another site running with similar or same content, in a country where the laws aren't so strict, and the US, Egyptian, Spanish or whatever law can not touch it. It's not very difficult to set up a web-site as long as you have a valid credit card number (doesn't even have to be yours, if you are that way inclined!)

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  10. #25
    Captain Crash brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,239
    As far as the origin of the dweebs, I think they really are Egyptian. I Googled a few things based on what I saw in the HTML and tracked down a message board where one of the guys posts. It's definitely Egyptian.

    I briefly considered digging deeper. But the morons only managed to temporarily deface the front page. It's not worth my time. Sadly, it's not really worth anybody else's time either, and that's why these kinds of snot-nosed idiots don't usually get caught.

    The board was working the whole time. I think I was the first person to try following a direct link to a post, and from there I could use the board jumper to get to General Discussions and post a comment. Mario, how did you see that comment? Do you have email notification set up or something?

  11. #26
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,472
    Nah. I just did the same as you and tried to follow a direct link to a post to see if the boards hadn't been deleted.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  12. #27
    Devil's Advocate SlyMaelstrom's Avatar
    Join Date
    May 2004
    Location
    Out of scope
    Posts
    4,069
    Quote Originally Posted by brewbuck View Post
    The board was working the whole time. I think I was the first person to try following a direct link to a post, and from there I could use the board jumper to get to General Discussions and post a comment. Mario, how did you see that comment? Do you have email notification set up or something?
    Actually, I had been surfing General Discussion for a good 20 minutes before I realized the board was "hacked." I actually have in my favorites a direct link to General Discussion and frequently don't even look at the index page anymore.
    Sent from my iPad®

  13. #28
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,189
    Well, specifically in the U.S. you cant restrict a website based on content as it would violate at least 1 constitutional amendment in at least 2 ways (freedom of speech, freedom of the press). Other countries may have less libreral laws. I know that traffic into and out of Iraq is restricted, how effective those restrictions are I have no idea. I'm pretty sure you can still get porn, even though it is illegal there. In either case, taking down the site wouldnt even slow the hackers down much.
    Until you can build a working general purpose reprogrammable computer out of basic components from radio shack, you are not fit to call yourself a programmer in my presence. This is cwhizard, signing off.

  14. #29
    S Sang-drax's Avatar
    Join Date
    May 2002
    Location
    Göteborg, Sweden
    Posts
    2,072
    This is what it looked like.
    Attached Files Attached Files
    Last edited by Sang-drax : Tomorrow at 02:21 AM. Reason: Time travelling

  15. #30
    Frequently Quite Prolix dwks's Avatar
    Join Date
    Apr 2005
    Location
    Canada
    Posts
    8,046
    This isn't the first time this has happened. CBoard got hacked by someone else with a green logo; I can't remember where I saved it at the moment. That time was more serious, however: cprogramming.com and all of CBoard were down.

    Good to see it was fixed so quickly.
    dwk

    Seek and ye shall find. quaere et invenies.

    "Simplicity does not precede complexity, but follows it." -- Alan Perlis
    "Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
    "The only real mistake is the one from which we learn nothing." -- John Powell


    Other boards: DaniWeb, TPS
    Unofficial Wiki FAQ: cpwiki.sf.net

    My website: http://dwks.theprogrammingsite.com/
    Projects: codeform, xuni, atlantis, nort, etc.

Page 2 of 4 FirstFirst 1234 LastLast
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. web page loading ...
    By twomers in forum C++ Programming
    Replies: 2
    Last Post: 01-21-2006, 12:42 PM
  2. How can I incorporate this code into a web page?
    By MisterRob in forum C Programming
    Replies: 6
    Last Post: 11-02-2005, 04:43 PM
  3. Determining values on a web page
    By AaA in forum C Programming
    Replies: 1
    Last Post: 06-28-2005, 04:47 AM
  4. Drawing rectangle in a web page
    By alphaoide in forum Tech Board
    Replies: 3
    Last Post: 02-20-2005, 06:40 PM
  5. Tab Controls - API
    By -KEN- in forum Windows Programming
    Replies: 7
    Last Post: 06-02-2002, 09:44 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21