The page that they hacked said they were "3gypti@n." I don't think where they host their images would tell much, and generally the people who crack message boards are not hackers. They probably found the dork and the code to hack the page on some website like milw0rm... it may have been written by somebody who is Spanish, but not necessarily used by a Spanish person.Originally Posted by Mario F.
Sent from my iPadŽ
The artwork was pretty good. Although a petty attempt at a hack.
Oh. I just don't know where they are from. I just doubt they were from egypt.
My main reason for doubting that? The fact they said they were.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
Why don't they bring down such sites? I thought laws were strict in the US.
Edit: ooh and thanks for letting me know about that site
(no I won't hack anyone)
Last edited by abh!shek; 04-28-2008 at 07:30 AM.
Because they can. Someone else actually did all the work finding exploits in popular web services and script based tools, like vbulletin. All the information is made public for several reasons, being one of them help the authors fix it.
Then someone with nothing to do, wanting to impress friends and strangers takes the information and goes about their business. As long as they only deface websites, as these two(?) did, it's a favor they are doing you. However, more often than one would like, they go about trashing all files in the website, deleting them, changing accounts, whatever.
VBulletin has a considerable amount of I've been hacked posts. Mostly not to do with vB own scripts, but with mods, or forgetting to delete installation scripts. That's probably how they go in. However, they did deface index.php all across the cprogramming.com domain. So, I'm curious how they did it and if they gained the ability to write/overwrite .htaccess.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
My point was - why not bring sites like milworm off the web. Hacking would be reduced drastically!
They'll just make new sites. Taking down some of these websites won't stop people doing it - I doubt it'll even slow down the spread of knowledge (read: tools written by someone else).
Good class architecture is not like a Swiss Army Knife; it should be more like a well balanced throwing knife.
- Mike McShaffry
If you read between the lines, you'll know these sites are indeed beneficial. In a makeup world where they didn't exist, hacking could be thought to be done only by the knowledgeable, and not every 15 year old with a bad case of acne and pokemon posters in the bedroom.
However, it would also be much harder to fix the exploit, because information wasn't simply available anywhere on how someone might got into the website.
Handling security is not an issue of hiding possible exploits from the public in general. It is about fixing those holes and coding defensively. You'll be more secure if you know what makes you insecure, agreed?
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
And the other factor is of course that if you close down a site, someone will soon have another site running with similar or same content, in a country where the laws aren't so strict, and the US, Egyptian, Spanish or whatever law can not touch it. It's not very difficult to set up a web-site as long as you have a valid credit card number (doesn't even have to be yours, if you are that way inclined!)
--
Mats
Compilers can produce warnings - make the compiler programmers happy: Use them!
Please don't PM me for help - and no, I don't do help over instant messengers.
As far as the origin of the dweebs, I think they really are Egyptian. I Googled a few things based on what I saw in the HTML and tracked down a message board where one of the guys posts. It's definitely Egyptian.
I briefly considered digging deeper. But the morons only managed to temporarily deface the front page. It's not worth my time. Sadly, it's not really worth anybody else's time either, and that's why these kinds of snot-nosed idiots don't usually get caught.
The board was working the whole time. I think I was the first person to try following a direct link to a post, and from there I could use the board jumper to get to General Discussions and post a comment. Mario, how did you see that comment? Do you have email notification set up or something?
Nah. I just did the same as you and tried to follow a direct link to a post to see if the boards hadn't been deleted.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
Actually, I had been surfing General Discussion for a good 20 minutes before I realized the board was "hacked." I actually have in my favorites a direct link to General Discussion and frequently don't even look at the index page anymore.
Sent from my iPadŽ
Well, specifically in the U.S. you cant restrict a website based on content as it would violate at least 1 constitutional amendment in at least 2 ways (freedom of speech, freedom of the press). Other countries may have less libreral laws. I know that traffic into and out of Iraq is restricted, how effective those restrictions are I have no idea. I'm pretty sure you can still get porn, even though it is illegal there. In either case, taking down the site wouldnt even slow the hackers down much.
This is what it looked like.
Last edited by Sang-drax : Tomorrow at 02:21 AM. Reason: Time travelling
This isn't the first time this has happened. CBoard got hacked by someone else with a green logo; I can't remember where I saved it at the moment. That time was more serious, however: cprogramming.com and all of CBoard were down.
Good to see it was fixed so quickly.
dwk
Seek and ye shall find. quaere et invenies.
"Simplicity does not precede complexity, but follows it." -- Alan Perlis
"Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
"The only real mistake is the one from which we learn nothing." -- John Powell
Other boards: DaniWeb, TPS
Unofficial Wiki FAQ: cpwiki.sf.net
My website: http://dwks.theprogrammingsite.com/
Projects: codeform, xuni, atlantis, nort, etc.
