u-boot.realsimulation.com site defaced...

[shegeek72]

Quote:

Originally Posted by Jager

Damn it, can't these people find something else to amuse them ? I'm curious, how does someone actually "Hack" a site ?

By getting the password to the ftp files, or finding a back door: http://www.faqts.com/knowledge_base/...html/aid/11815

[hardcampa]

Quote:

Originally Posted by shegeek72

Quote:

By getting the password to the ftp files, or finding a back door: http://www.faqts.com/knowledge_base/...html/aid/11815

Lol that link was funny and completely pointless.
When someone hacks a computer in 99.999% of the cases they simply look for exploits, bad ASP or PHP code running on the web server for example, most often I would say the reason to why they succeeded is that the admin missed/didn't bother with a new patch for whatever is running on the server.
Any program that is running on a server must be kept track of and updated when there's an update.

99.9% of all web defaces etc are made by script kiddies. These guys don't know how to code or anything, they simply run bots and programs (that other have done) on computers that already been owned by some other script etc, the scripts then look for vulnerabilities at whatever sites they stumble upon. Once found they can install and deface a webpage with whatever info they want.

Admins really should follow lists like bugtraq etc to learn about new exploits, this is just common sense if you're a security aware admin.

A final note, these guys seldom, "target" a specific site. Their bot searching for vulnerabilities just happened to stumble upon a site that had a vulnerability.

[U-Bones]

Quote:

Originally Posted by hardcampa

Quote:

Lol that link was funny and completely pointless.
When someone hacks a computer in 99.999% of the cases they simply look for exploits, bad ASP or PHP code running on the web server for example, most often I would say the reason to why they succeeded is that the admin missed/didn't bother with a new patch for whatever is running on the server.
Any program that is running on a server must be kept track of and updated when there's an update.

99.9% of all web defaces etc are made by script kiddies. These guys don't know how to code or anything, they simply run bots and programs (that other have done) on computers that already been owned by some other script etc, the scripts then look for vulnerabilities at whatever sites they stumble upon. Once found they can install and deface a webpage with whatever info they want.

Admins really should follow lists like bugtraq etc to learn about new exploits, this is just common sense if you're a security aware admin.

A final note, these guys seldom, "target" a specific site. Their bot searching for vulnerabilities just happened to stumble upon a site that had a vulnerability.

Exactly.

One additional point. "...just happened to stumble upon a site" is perhaps downsizing what goes on. The bots actually harvest a large list of hosts with vunerabilities, which the kiddies can pick and choose from. Many (if not most) machines are insufficiently patched.

[NeonSamurai]

That job looked to me like the typical wanabe hacker kiddy exploit hack. The only reason why the site was targeted was simply because they found it had the exploit they were working with.

Usualy all the political crap is just a smoke screen, they usualy do it in a lame attempt to throw off the scent.

Typicaly these wanabes dont find their own exploits, they just use published ones they find on the net. Total amatures. Sending viruses back on an email just proves that.

[CWorth]

Looks like the site is back up on my end...hope he has closed off the vulnerabilities this time.

[kiwi_2005]

Script kiddies!

[hardcampa]

Quote:

Originally Posted by U-Bones

Quote:

Exactly.

One additional point. "...just happened to stumble upon a site" is perhaps downsizing what goes on. The bots actually harvest a large list of hosts with vunerabilities, which the kiddies can pick and choose from. Many (if not most) machines are insufficiently patched.

Yeah, I didn't want to get too technical. They scan a range of IP's to keep it short. =>

These guys should not be mistaken for coders like the cracker groups have (Reloaded, Deviance and such), those guys are real good coders. The web defacing mess, well those are just nobodys.

[shegeek72]

Quote:

Originally Posted by hardcampa

Lol that link was funny and completely pointless.

I know. Was waiting for someone to 'get it.'
The efforts to "cover your tracks" could have been done better. Its abit
transparent about deleting windows.
--

[Shadow9216]

And then of course there's the good old "DOS" attacks...internet extortion- pay us a sum or we shut down your site. Many of those punks have a "corporate" logo to represent their little band of thieves. Good news is that they have to leave a trace in order to get paid- bad news is they usually exist outside of US jurisdiction. Still, international law enforcement cooperates fairly well these days in such cases.

Jager, your sig is still awfully large. You might want to read the forum rules and tone it down a bit.

[ming]

Some dl's still seem screwed up...hopefully it will all be back up soon You guys still having problems? I just need to know because I have to know that my computer has not been infected .

[andy_311]

Quote:

Originally Posted by ming

Some dl's still seem screwed up...hopefully it will all be back up soon You guys still having problems? I just need to know because I have to know that my computer has not been infected .

same here tried to d/load the u-571 movie last night and that was tottally corrupt.