Thread: FYI: The main web site page got hacked.

Click "c Board" to see the hack. I noticed it about an hour ago.

Yup. Was afraid the whole thing had gone down the drain. Been checking VBulletin boards. May have been done through some insecure script. I highly doubt they had any other kind of server access.

Script kiddies losers, I betcha.

Hmm... all index.php were defaced. cprogramming.com, the forums archive, ... mod_rewrite?

Seems as though all passwords still work and users can still log-in. I'll bookmark this until the main page is back up.

I have no idea what this proves except that some morons can hack a page. Stupid.

Yeah this will be fun. I've had a bit of experience fighting hackers myself (some hacked into our servers where I work).

Most likely cause: somewhere in the site the "get" and "post" variable inputs are not being checked, and so the hackers probably got access do the database and used SQL injection to discover admin passwords, logged in as an admin, uploaded some scripts and defaced the site.

Has anyone contacted the webmaster or kermi?

The two 'dudes' (<no credit due>) are members of some defacing "security" group. Wow, sounds fun...

They're probably not aware that hacking in Egypt has recently been made illegal, and carries a hefty penalty. Only time will tell.

I doubt they were from egypt. The javascript variables were in Spanish and the img tags were pointing to a site in San Diego, California.

Originally Posted by Mario F.

I doubt they were from egypt. The javascript variables were in Spanish and the img tags were pointing to a site in San Diego, California.

The page that they hacked said they were "3gypti@n." I don't think where they host their images would tell much, and generally the people who crack message boards are not hackers. They probably found the dork and the code to hack the page on some website like milw0rm... it may have been written by somebody who is Spanish, but not necessarily used by a Spanish person.

Originally Posted by SlyMaelstrom

The page that they hacked said they were "3gypti@n." I don't think where they host their images would tell much, and generally the people who crack message boards are not hackers. They probably found the dork and the code to hack the page on some website like milw0rm... it may have been written by somebody who is Spanish, but not necessarily used by a Spanish person.

Why don't they bring down such sites? I thought laws were strict in the US.

Edit: ooh and thanks for letting me know about that site
(no I won't hack anyone)

Originally Posted by abk

Why don't they bring down such sites? I thought laws were strict in the US.

Because they can. Someone else actually did all the work finding exploits in popular web services and script based tools, like vbulletin. All the information is made public for several reasons, being one of them help the authors fix it.

Then someone with nothing to do, wanting to impress friends and strangers takes the information and goes about their business. As long as they only deface websites, as these two(?) did, it's a favor they are doing you. However, more often than one would like, they go about trashing all files in the website, deleting them, changing accounts, whatever.

VBulletin has a considerable amount of I've been hacked posts. Mostly not to do with vB own scripts, but with mods, or forgetting to delete installation scripts. That's probably how they go in. However, they did deface index.php all across the cprogramming.com domain. So, I'm curious how they did it and if they gained the ability to write/overwrite .htaccess.

Oh. I just don't know where they are from. I just doubt they were from egypt.
My main reason for doubting that? The fact they said they were.

They'll just make new sites. Taking down some of these websites won't stop people doing it - I doubt it'll even slow down the spread of knowledge (read: tools written by someone else).