http://cboard.cprogramming.com
I guess WEBMASTER's no longer the webmaster.
http://cboard.cprogramming.com
I guess WEBMASTER's no longer the webmaster.
it's pretty annoying that while they say they don't do it to be malicious, their activity clearly causes problems. why couldn't they just find the security hole, and report it, rather than completely disrupt legitimate users' use of the website? these are not good people, regardless of what they say about themselves.
What can this strange device be?
When I touch it, it gives forth a sound
It's got wires that vibrate and give music
What can this thing be that I found?
Agreed, Elkvis.
Those who aren't out to cause damage or other problems, like you say, will not disrupt sites. They would report the problem to the vendors of vBulletin (the software this site uses) in the first instance. At most, they would provide site admins with advice on how to address the vulnerability, and advise those admins to actively check with the software vendors for fixes.
I haven't followed the link they give to their own forum but, from its URL, it is a porn site.
So, credibility of these hackers is pretty low in my view.
I can think of one reason...
If you find a security hole and and report it, the operators are likely to patch it at their leisure.
If you find a security hole and exploit it, the operators are likely to patch it as fast as they can.
If they had access to the whole forums but chose to only deface the entry page, that's pretty credible.
If I were webmaster, I would be thankful the exploit was harmless (outside of harm to reputation) rather than destructive.
If I were webmaster, I'd be ........ed, because there is nothing that I can do, aside from update forum software, because I don't necessarily have the ability to manually edit vBulletin software.
Imagine if Amazon were similarly defaced. "Dear third party merchants, we defaced Amazon because it's not secure. This was not intended to interrupt your business." Yeah, kiss the fattest part of my ass.
you make a good point, but it doesn't excuse their actions. vBulletin is all php, and it would be a simple matter to override the home page, and redirect after a few seconds to the actual page, after notifying the site visitor that it had been compromised. there is literally no excuse for rendering a whole web site effectively inaccessible, just to make a point about security. these guys are thugs, plain and simple. they do this for their own amusement, and nothing else.
What can this strange device be?
When I touch it, it gives forth a sound
It's got wires that vibrate and give music
What can this thing be that I found?
We seem to be back on track now, it looks like the hacker got in with a well know Vbulletin exploit. He only edited the forum.php file. I have replaced it and everything is working like normal.
Whats the legal recourse for something like this?
- Compiler warnings are like "Bridge Out Ahead" warnings. DON'T just ignore them.
- A compiler error is something SO stupid that the compiler genuinely can't carry on with its job. A compiler warning is the compiler saying "Well, that's bloody stupid but if you WANT to ignore me..." and carrying on.
- The best debugging tool in the world is a bunch of printf()'s for everything important around the bits you think might be wrong.