I was hacked[views:4762][posts:71]______________________________________ [May 11,2007 3:37pm - the_reverend ""] Hell-0 all, i was hacked... I just wanted to make sure the_reverend checks his email out and fixes the holes in his site. Well, later all and stay metal! |
| ______________________________________ [May 11,2007 3:48pm - the_reverend ""] yeah, I'm trying to fix that... I can't believe the hole that was found.. holy shit. site's going down. |
| ______________________________________ [May 11,2007 4:13pm - the_reverend ""] try to fix things... |
| __________________________________ [May 11,2007 4:24pm - tha rev ""] test |
| ______________________________________ [May 11,2007 4:27pm - the_reverend ""] I can't believe the holes that this person found... wow.. really.. like wow.. |
| _____________________________________ [May 11,2007 4:39pm - AUTOPSY_666 ""] :middlefinger: |
| ____________________________________________________ [May 11,2007 4:54pm - menstrual_sweatpants_disco ""] Who was it? |
| ______________________________________ [May 11,2007 5:18pm - the_reverend ""] idk who it is, but they emailed me what they did. people are probably going to have to log in again later on |
| ______________________________ [May 11,2007 6:34pm - Mess ""] [img] |
| ______________________________________ [May 11,2007 7:11pm - the_reverend ""] I checked out his (the hacker's) site and it seems like he's a turn uber leet haxxor in the truest sense of the word. I hope to converse with him more later. he obviously loves metal... and wasn't malicious. I really can't believe the stupid username hack he found. it was the same one used to hack winXp update validation like 4 years ago. |
| ____________________________________________ [May 11,2007 7:19pm - ConquerTheBaphomet ""] the_reverend said: it was the same one used to hack winXp update validation like 4 years ago. Is he the same guy? |
| ______________________________ [May 11,2007 7:22pm - Mess ""] i really wish i understood what's going on here |
| __________________________________________ [May 11,2007 7:24pm - Dwellingsickness ""] Me too |
| ______________________________________ [May 11,2007 7:29pm - the_reverend ""] it's ok just banghead here X |
| ______________________________ [May 11,2007 7:29pm - Mess ""] Dwellingsickness said:Me too just...:duffbeer::NEWHORNS::duffbeer::nuke: not much going on tonight. i'm just browsing youtube for now... http://www.youtube.com/watch?v=UZVwMJs32WE |
| _____________________________________ [May 11,2007 7:43pm - AUTOPSY_666 ""] [img] |
| _________________________________ [May 11,2007 7:44pm - sxealex ""] post the hack after u fix it. |
| __________________________________________ [May 11,2007 7:45pm - Dwellingsickness ""] whoa that looked like it hurt.......alot |
| ______________________________ [May 11,2007 7:47pm - Mess ""] hiiiiiyah! that's called the poker pig choke! haha |
| ______________________________ [May 11,2007 7:52pm - Mess ""] sxealex said:post the hack after u fix it. yeah, let's e-beat his/her ass |
| _____________________________________ [May 11,2007 8:22pm - xanonymousx ""] Mess said:Dwellingsickness said:Me too just...:duffbeer::NEWHORNS::duffbeer::nuke: not much going on tonight. i'm just browsing youtube for now... http://www.youtube.com/watch?v=UZVwMJs32WE this video came after this one http://www.youtube.com/watch?v=kJ59rvPGe_4 just watch the beginning crazy people |
| ______________________________________ [May 11,2007 8:28pm - the_reverend ""] it's 1/2 fixed. will post laterz. |
| _____________________________________ [May 11,2007 8:47pm - xanonymousx ""] at least the dude who did it respects you and did not destroy the site and wants you fix it. but still it was wrong. |
| __________________________________ [May 11,2007 9:23pm - DeRtOxIa ""] i dont consider this type of hacking as wrong. it just makes things more secure. it would have been a little better if the dude just contact the rev and didnt make a public post about it but whatever. he didnt intend to fuck shit up. he just wanted to point out a vulnerability. most bugs would never be found if people didnt look for them and try to exploit them. |
| __________________________________ [May 11,2007 9:23pm - DeRtOxIa ""] i'm of course referring to the internet as a whole....not just this site. |
| _________________________________ [May 11,2007 9:28pm - sxealex ""] its not wrong its just illegal |
| _________________________________ [May 11,2007 9:28pm - sxealex ""] unless he has ur permission |
| ______________________________________ [May 11,2007 9:29pm - the_reverend ""] I agree. he didn't do anything malicious that I know of. I can't believe the truck size hole. |
| _____________________________________ [May 11,2007 9:30pm - xanonymousx ""] did it happen when you moved to the faster server. |
| ________________________________ [May 11,2007 10:41pm - boine ""] he probably posted a worm and where all gonna get it |
| _______________________________________ [May 11,2007 11:16pm - the_reverend ""] not, these bugs have been here forever. I will paste what he said. I think it's scary, but cool of him. |
| ________________________________ [May 12,2007 12:47am - boine ""] did you feel violated? |
| _______________________________________ [May 12,2007 12:55am - the_reverend ""] a little. |
| ______________________________________ [May 12,2007 3:43am - the_reverend ""] first hack, open a browser to http://www.returntothepit.com put this in the addressbar. javascript:void(document.cookie="site_user=the_reverend"); refesh the page and you are logged in as the_reverend. that doesn't happen anymore. this was a old hack for the winxp authentication. |
| __________________________________________ [May 12,2007 3:48am - DaveFromTheGrave ""] that is a big hole. or was. |
| ______________________________________ [May 12,2007 3:54am - the_reverend ""] the other is a hell of a lot geeky. I need to try some more things before I post it. |
| ____________________________________________________ [May 12,2007 1:21pm - menstrual_sweatpants_disco ""] God bless the white hats. |
| _______________________________ [May 12,2007 2:35pm - boine ""] i like all the new dont hack the site warnings when you try that |
| ________________________________ [May 14,2007 4:11pm - blah? ""] Did you fix them yet? E-mail me back and i'll tell you about a possible DoS using your own script. :p |
| ____________________________________________________ [May 14,2007 4:35pm - menstrual_sweatpants_disco ""] This guy is awesome. |
| ______________________________ [May 14,2007 5:46pm - Mess ""] i could only imagine who it could be? |
| _______________________________________ [May 15,2007 11:02am - the_reverend ""] I guess I can post the other hack that the dude did... http://www.returntothepit.com/cdreview.php...14,15,16,17,18%20FROM%20mysql.user/ * it made a CD review with the contents of my mysql users and passwords for accessing the database. |
| ______________________________________ [May 15,2007 12:54pm - blahman3000 ""] Did you want me to send you an email with the new attack? [img] |
| _______________________________________ [May 15,2007 12:56pm - the_reverend ""] I see it. |
| ______________________________________ [May 15,2007 12:57pm - blahman3000 ""] Did you mean the DoS one or the one i just did like 3 seconds ago? |
| _______________________________________ [May 15,2007 12:58pm - the_reverend ""] or you could just not do that... |
| _______________________________________ [May 15,2007 12:58pm - the_reverend ""] what is the DoS one? |
| ______________________________________ [May 15,2007 12:59pm - blahman3000 ""] i'll email it to you because i don't want it to open public |
| ______________________________ [May 15,2007 1:01pm - Mess ""] zomg! |
| ______________________________ [May 15,2007 1:01pm - Yeti ""] pretty lame, Milhouse |
| _____________________________________ [May 15,2007 1:03pm - blahman3000 ""] Milhouse? |
| ______________________________________ [May 15,2007 1:09pm - the_reverend ""] that's a pretty funny actually. |
| _____________________________________ [May 15,2007 3:25pm - blahman3000 ""] How do you like the CSRF one i just sent you? |
| ______________________________________ [May 15,2007 3:42pm - the_reverend ""] I emailed back asking for an example.. |
| _____________________________________ [May 15,2007 3:43pm - blahman3000 ""] i'm sorry, gmail must be slow, just look at my profile and click another link if you want to view an example now. YOu'll notice that after you navigate away from the profile you'll be logged out. |
| _____________________________________ [May 15,2007 3:55pm - blahman3000 ""] Got it, sent you one back with the info on how to do it. |
| ______________________________________ [May 15,2007 3:56pm - the_reverend ""] ok, that's exactly what I thought when you sent the email. you have 2 images so it only works with one of them, but that one is random so... it's a crap shoot which comes up. |
| ______________________________________ [May 15,2007 3:57pm - the_reverend ""] oh, I fixed it before I got your email. I saw what you were talking about. |
| ______________________________________ [May 15,2007 3:58pm - the_reverend ""] only you can see them when you click on "show all" to delete it. |
| _____________________________________ [May 15,2007 4:01pm - blahman3000 ""] Yeah, there were 2, i couldn't delete one of them because evertime i would try to remove it, the other image would load and log me off, lol. |
| ______________________________________ [May 15,2007 4:09pm - the_reverend ""] yeah, did you click on the injection link with the cdid=99999 again? try it. |
| _____________________________________ [May 15,2007 4:13pm - blahman3000 ""] ROFL! ping of death! |
| ______________________________________ [May 15,2007 4:16pm - the_reverend ""] no one seems to remember that one... too good for win 95's ip stack I guess. my friend freaked out when I sent him that last night. now he's trying injection on a bunch of conservative sites. |
| ______________________________________ [May 15,2007 4:23pm - the_reverend ""] years and years ago (like 2002/3) I made my own pear/mysqli/pdo set of classes, but I didn't account for mysql injection. I recently made a bug tracking system and I'm working some of the perl db safe guards back now that I see the vulnerability. |
| ____________________________________ [May 15,2007 6:09pm - immortal13 ""] [img] |
| ___________________________________________ [May 15,2007 6:23pm - FuckIsMySignature ""] you sunk my battleship |
| ___________________________________ [May 15,2007 10:46pm - nights1 ""] Btw man, the CSRF still works. |
| ______________________________________ [May 16,2007 10:44am - blahman3000 ""] I'll make another thread entitled "Don't Click or you will log out" and put the CSRF example in there. Anyone logged in that reads the forum shall theoretically get logged out and you won't realise it until you navigate away from the page/refresh/etc.. Also, i can send you an email on how to defend against such a thing, if you want. |
| _______________________________________ [May 16,2007 10:47am - the_reverend ""] don't do that. I know about that already. I realized it on the way to a show last night. |
| __________________________________ [May 16,2007 10:51am - sxealex ""] yea but why is the password in the current cookie then? |
| ____________________________________ [May 16,2007 10:54am - blah3000 ""] hey reverend, if you want, put the sessid as a variable after logout, so logout=1&sess=x, then if the session doesn't match it won't log you out. This is how most people are defending against this. |
| _______________________________________ [May 16,2007 11:20am - the_reverend ""] I'll do both of them. |