One second I'm peacefully browsing cboard, the next I'm looking at this:
Attachment 8098
One second I'm peacefully browsing cboard, the next I'm looking at this:
Attachment 8098
MagosX.com
Give a man a fish and you feed him for a day.
Teach a man to fish and you feed him for a lifetime.
I thought spiders had eight legs.
damn, those kids are 1337!
Did anyone find out what was wrong? A hole in the forum software, or another site on the server or something?
Last edited by NeonBlack; 04-28-2008 at 02:04 PM. Reason: sorry for swearing.
I copied it from the last program in which I passed a parameter, which would have been pre-1989 I guess. - esbo
I feel smart now.
Well, I'm still curious about the index.php defacing that seems to have affected the whole htdocs directory... You would get the deface page from cboard, cprogramming and any directory with an index.php page.
This could only be done (mind my still unfamiliarity with apache) through .htaccess. Now, assuming there exists already an .htaccess file in ~/htdocs (which for security reasons alone should exist), they couldn't possibly have altered it unless this file was writable by apache (which shouldn't!).
If, on the other hand, that file didn't exist then there's still the issue how they gained access to htdocs root, assuming cboard sits on its own directory inside /htdocs (I can't get this information from simply looking at the response headers from a 404 or 500 error).
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
Note that there's another thread about this here: http://cboard.cprogramming.com/showthread.php?t=102352
dwk
Seek and ye shall find. quaere et invenies.
"Simplicity does not precede complexity, but follows it." -- Alan Perlis
"Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
"The only real mistake is the one from which we learn nothing." -- John Powell
Other boards: DaniWeb, TPS
Unofficial Wiki FAQ: cpwiki.sf.net
My website: http://dwks.theprogrammingsite.com/
Projects: codeform, xuni, atlantis, nort, etc.
For anyone who missed it...
EDIT: I really should have looked at the other thread first. *sighs*
Attachment 8099
Last edited by psychopath; 04-28-2008 at 02:45 PM.
M.Eng Computer Engineering CandidateB.Sc Computer Science
Robotics and graphics enthusiast.
Yes. But this is kinda the original thread. Todd could should have read this one before posting. I don't feel like discussing spider legs either... and Sly latest comment deserved a reply.
I'm still curious as to how this was done. writing to an .htaccess file is no easy task, especially from within a php script and assuming there's some minimum level of security in place.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
I don't see why any of us should waste a single braincell-second more on these idiots. It's up to the admin to figure out what they exploited and fix it. Other than that, let these guys rot in their little dungeons.
Attention is what they want, and that's what they're getting right now.
Obviously we were hacked. They took down all index pages. The webmaster is working on getting everything back up. Thanks to all of you who contacted us to make sure we knew it was down.
I just feel it would be interesting to know how it was done. Some of us here have our own websites. Wouldn't hurt to discuss this and in the process gain some new knowledge. That's all. But... apparently that's asking too much.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
I'm not trying to tell anybody to "shut up" or anything like that. I just think posting screenshots of what the site looked like is a bit over the top, and sort of glorifies the morons. Yes, I'm interested to know what the exploit was. Beyond that I won't give these guys any more air time.