Flayrah.com Hacked
Posted by Aureth on Fri 12 Oct 2001 - 17:26
At some point last night, we were hacked. The hackers appear to have done little other than deface the index file. We're up and running again. Sorry for the downtime.
About the author
Aureth — read stories — contact (login required)an agronomist and Cornwuff from Northern Illinois, interested in sf, homebrewing, photography and running
Comments
Bah, arguing semantics.
They have you seeing double as well.
Huzzah.org got hacked twice, and I moved it to a commerical hosting service after the second time. All that happened the first time was about what you describe - the index file was replaced by some group going by the name of "ShitkikerZ"
The second time I was actually logged onto the system when it happened and I got a boadcast message from root (which was supposely only me) calling me an idiot, and the entire file system erased.
After that I went to a windows 2000 server, but subsequently we switched from DSL to a cable modem, lost the fixed IP and they block port 80 so that was the end of that.
This PHP Nuke site was also hit, but they say more was done. Is a vulnerability in PHP Nuke to blame? How much precaution have you folks taken after the cracking?
Those crackers might have been able to break into your web site, but they sure can't write JavaScript very well. I checked.
For some reason, they didn't want anyone to be able to right click. I don't know why this was, but anyone with Netscape could just go right ahead and do so.
I could give y'all the JavaScript they used, since I saved it to disk.
Another thing I'd like to know is why they seem to be targeting furries?
>Another thing I'd like to know is why they seem to be targeting furries?
I am curious what evidence you hold that leads you to believe that furries have been "targeted" just because a Furry-related website was compromised. This is the only attack on any furry-related sites that I am aware of. My employer's Outlook Web Access server was compromised one day. Were we being "targeted?" No. We just had the misfortune of being there and being vulnerable to this particular exploit.
People are opportunists. I would lay twenty-to-one odds that the person who did this just decided to take advantage of a vulnerability ( be it in the server's configuration or the code for the weblog ) to have a little "fun" and just "see if he could do it." I do not think that there was anything particularly personal in this attack. Given the message that was left after the defacement that took place I would say this was a fairly generic attack that was completely impersonal.
Additionally, I would suggest that if you care to offer code or the like up for review (and I am sure your time and effort is quite appreciated by the Flayrah staff) you should probably take it offline and into e-mail with Aureth.
What happened to your site was the internet equivalent of someone spray painting grafitti on a wall. Be glad you didnt get your whole site wiped out!
Post new comment