| Author |
 Topic  |
|
crash
Advanced Member
Netherlands
2064 Posts |
 Posted - 07 May 2002 : 18:45:33
|
isn't there a way to combine our forces and strike back?
do we really sit back and wait to see all our sites get hacked by this or these losers?
i mean, they don't even really hack, they only add a different background image or empty the DB...
still though, i'm getting quite sick of this so called hacking group!
who's with me?
Crash's Site | Crash is from 
|
|
|
Davio
Development Team Member
Jamaica
12217 Posts |
Posted - 07 May 2002 : 19:00:01
|
Can you post the exact error you are getting? 
This should be moved to Community forums.
And I advise you not to take things into your hands crash. Users just have to be more careful in the near future when they find security related bugs in the forum. And not publicize it.
«------------------------------------------------------»
Want to know when the next version comes out,
as soon as possible? Join our Mailing Lists ! |
 |
|
|
crash
Advanced Member
Netherlands
2064 Posts |
|
|
kookis
Starting Member
28 Posts |
Posted - 07 May 2002 : 19:16:01
|
bummer...sorry to see that...I guess they get off on it. Hacking amazes me. Where these people learn these skills is beyond me. I guess it's not hard if you have the right teacher and you know programming. It's gotta take alot of time. Seems like an awful lot of trouble to go to just to mess up the internet which should be here for everyones enjoyment(in a possitive manner). It's a power high i guess... but come on really...power is taking down an ISP or busting through a very secure system with a good firewall.
|
|
|
|
crash
Advanced Member
Netherlands
2064 Posts |
Posted - 07 May 2002 : 19:20:03
|
wel... they didn't exactly hack... they just guessed the DB path and downloaded it. they took a quick peek in the DB and logged on as Admin. then they changed some stuff to make it look like the site was hacked. easy does it.
these blokes aren't real hackers! they're just a big fuc*ing pain in the a*s!
Crash's Site | Crash is from
|
|
|
|
Gremlin
General Help Moderator
New Zealand
7528 Posts |
Posted - 07 May 2002 : 19:24:53
|
Doh, Nathan got hit too 
www.daoc-halo.com |
|
|
|
nutella
Starting Member
19 Posts |
Posted - 07 May 2002 : 19:26:40
|
Hi other hack victims:
the guy who hacked my forum, a mom-type forum for heavans sakes, replaced my admin e-mail with his hacker e-mail. Talk about Bold!
I was tempted to send an e-mail to this little punk, and most of these hackers are pre-adolescent kids (punks in less friendly terms), heck, they are about the same age as my kids!
but, my kids aren't out there hacking to relieve some kind of frustration: they are making fantastic flash films and websites of their own. They are also too busy doing sports like snowboarding and mountain biking to be using a computer as a means of releasing energy.
Should I write a letter to this kid? I know he's a kid, and, I suspect he's messed up big time.
Is it a waste of my time?
nutella
|
|
|
|
nomad_2k
Junior Member
United Kingdom
173 Posts |
Posted - 07 May 2002 : 19:27:35
|
Where's the exchange gone? All the pages except default.asp and mods.asp have disappeared.
Good things come to those who wait.
http://www.freeasphost.co.uk/evolution/ |
|
|
|
crash
Advanced Member
Netherlands
2064 Posts |
Posted - 07 May 2002 : 19:33:09
|
there is nothing we can do about it, only the security fixes should not be made available so easily, or at least, not the leaks. the fixes should only be posted. maybe we need to set up a mail system of some kind which tells what leaks have been closed.
on the other hand, if a hacker registered here, he/she would get the same info as we do...
Crash's Site | Crash is from
|
|
|
|
Aaron S.
Average Member
USA
985 Posts |
Posted - 07 May 2002 : 19:39:37
|
If he guessed the DB location and downloaded it... then that was Nathan fault (sorry Nathan) not Snitz (and any security problem).
It says clearly to put the DB in a non-accessible place or name it some funky name so it can't be guessed.
--Aaron
DOWNLOAD GREAT NEW MODS HERE |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 07 May 2002 : 19:45:28
|
I would say Nathan's situation looks different. That's not a normal Admin takeover hack. They really got into his server, changing the asp files, etc. They couldn't do that with the admin password only...
-------------------------------------------------
Installation Guide | Do's and Dont's | MODs |
|
|
|
crash
Advanced Member
Netherlands
2064 Posts |
Posted - 07 May 2002 : 19:50:02
|
they most certainly could! and they weren't on his server. the page only has a different background image. the text still is the same...
Crash's Site | Crash is from
|
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 07 May 2002 : 19:56:14
|
It really didn't look like that to me, although I admit that is possible...
-------------------------------------------------
Installation Guide | Do's and Dont's | MODs |
|
|
|
kookis
Starting Member
28 Posts |
Posted - 07 May 2002 : 20:39:52
|
I'm betting some hackers visit or or are members of this site. I'm really glad i never decided to put a link to my forum here because the moral of the story is not to have an easy database dir name and i haven't given mine a secure name as of yet and they would have been all through my system. My forum is only for fun and experimental use at the moment and doesn't even have any members. I barely use it. I just wanted to try and get one going. Actually now that i think about it these mods and admin probably have my i.p. through the db here and could easily nibby nose around(not that I'm saying they would). I'm gonna go and do some security fixes on my stuff. Later
|
|
|
|
Weasel
Starting Member
1 Posts |
|
|
Nathan
Help Moderator
USA
7664 Posts |
Posted - 07 May 2002 : 21:51:33
|
The snitz exchange was hacked via the members.asp bug.
Really, they did not have to go to all the trouble, HTML was turned on 
 Nathan Bales
Snitz Exchange | Do's and Dont's |
|
|
|
Topic |
|
Topic Locked
