heaven_master_ash 0 Report post Posted August 23, 2006 Hi I have seen many articles on how to deface this website or that one... but never seen much on whats happens after web-sites are defaced. I am no admin but got to know a few things from here and there. Just thought of putting all those things together... Let me put it down in the form of a small story. Once upon a time a company by name Lazyadmin.ltd had hosted its website "Stupidsecurity.com" for their clients. It had a large number of visitors and also the company had a great reputaion. Now one fine day, one hacker/craker broke into their site and defaced the site. Their admin turned out to be my friend. He met me after two days of that incident and narrated me what all he had to face last two days and is still facing. He was really stressed out. The site was defaced by a hacker by nickname boss_dk. I did a bit of research and inquired here and there and found out that he was Mr.Dino KUmar(so the nick boss_dk). He turned out to be my old school friend. I luckily had his cell number and quickly called him up.I asked him if he can meet me. He agreed. Accordingly we met and had the following conversations. ####################Start###################### w0lf(myself): Hi buddy boss_dk:Hi man wolfie..howz life..mine fine n roking n urs? speak speak speak... w0lf:huh? allow me to speak... boss_dk:okok w0lf:I am fine. Leave aside all those things. I actually called you up for some serious discussions. boss_dk:Yaa tell me man. go ahead , dont be shy... w0lf:huh? Ok listen. Do you know hacking? boss_dk:yaa. Its cool w0lf:I know.Are you by nick boss_dk? boss_dk:Yaa. cool nick na w0lf:hmm. Heard about you. You defaced Stupidsecurity.com boss_dk:yaa. I wanna be no.1 w0lf:ok fine. Do you know their admin was my friend...good friend. boss_dk:ooh!!! Soory man. But i just defaced his index page.I didnt steal or alter anything. tell him to chillx w0lf:Do you think he can do that? Are you sure? boss_dk:Means? w0lf:I will let you know.One customer notified the company about the defacement.My friend, server admin(can be a web master also) was notified about it. boss_dk:ok w0lf:His heart jumped out of his ribs. He quickly informed his manager.He feared his job the most as he was the person who will questionable. He was responsible for webserver security.He knew this was because of his weak password or unpatched/not upgraded box. boss_dk:ok w0lf:On hearing this, manager's heart jumped out of his ribs for he feared his job. He had to answer to top management.Oh hell!!!what to do? whats next??? He is puzzled as to whom should he contact first??? He knew his relations were quite nice with VP. He calls him and updates him the same. boss_dk:hmmmm. next? w0lf:On hearing it, VP's heart jumps out of his ribs.He creates a havoc and calls for Hr,and the Director of Engineering or some highly profeesional technical staff.They plan a meeting immediately and decide whether the site should be up or should be made offline. Simultaneously Vp or some other fellow called CEO and informed him. boss_dk:oohh w0lf:Next they decide whether they should contact Cypercops immediately? The answer was Yes.They wanted to punish the intruder. They dont want to let him roam free... boss_dk:O man... Are they planning to hang me? w0lf:Let me finsh boss_dk. boss_dk:okok w0lf:All this time my friend was however digging all his systems, log files and whatever he can to find how the intruder succeeded or what damage he has done to the system. boss_dk:hey i told you right? I just replaced that index.html w0lf:Admin found the same thing and reported it to the manager. But manager was not ready to take risk.He wanted admin to check every single system in the network and block any possible ways to intrude again.Admin had been give n just 1 hour. boss_dk:Only 1 hr??? Oh God... w0lf:Yaa. He had tremondous pressure to pull out. I would have fainted if i had to face same circumtances. boss_dk:Same here w0lf:He does a comprehensive audit. He tries to do it neatly and properly in an hour.He has to do it PERFECTLy. lawyers and Cybercops get there and gather aroung admin, Discuss with him what are the clues, where are the logs.. You were smart enough to delete much of the trace... boss_dk:Yeah baby.. i rock w0lf:I know.Even admin had to bang his head against the rock. boss_dk:oops w0lf:After 2 days of total pressure, the site is restored back with all latest patches.They had to spend around 1000 $ to fortify their site more. At the end of the day they now assure each other that chances of being intruded again are very less...(their belief...Even they are not sure, but just to satisfy themselves) boss_dk:ooh christ!!! I have not though of all this stuffs before. Man i am sorry. w0lf:Haha this is the simplest procedure, if they would have found trojan/backdoor then you can imagine the condition of the admin. boss_dk:Poor fellow. Now i really pity him. w0lf:So i request you not to deface any website for funsake. boss_dk:But i want to be number one. What should... w0lf:Ok listen .There are other ways round. You can inform the admin/webmaster about the bug. He will thank you for that. After he has patched that you just post it some-where to boast about yourself. If you yourself have found a bug/vulnerability, you can report it to respective vendors and only after it has been patched disclose it in some famous mailing list etc. The fame which you will earn that way will also earn respect for you. boss_dk:Thanks w0lfie you really opened my eyes. You rock buddy!!! w0lf:I know ####################Stop###################### x---------------------A piece of advice-----------------x Ok guys... i hope i have explained it clearly. What i wanted is to make a few script kiddies out there (who have earned a bad name for HACKER community) realise that probabaly company is spending millons of dollars and significant time to face the consequences of this simple attack. You are doing no great job nor any gal will offer to have sex with you for that. But just for fun... an admin and the whole of comapny had to ...... Just think about it.My friend boss_dk has now improved and i expect the same from other kiddies. I know i have written it in a bit childish way...thats because this article is meant for childish people doing such childish act!!! x---------------------------------------------------------x Hacker Will Be Punished Sevierly If Caught And Will Be Jailled For More Then 7 Years Becarefull Notice from BuffaloHELP: Instead of writing elaborate dialogue, you could have simply described the situation and explained in simple terms. Do not use excessive unnecessary characters again! Share this post Link to post Share on other sites
Dragonfly 0 Report post Posted August 23, 2006 (edited) Few weeks ago two websites maintained by me were defaced. On the front page they put something in Turkish I suppose which I don't know. But I still have the frontpage html file with me. Those hacked sites were running on the un-upgraded version of joomla and mambo and both are hacked. But I did have the backup file. They didn't touch other things except the frontpage. They couldn't do or they didn't want I don't know. When I search the hacker name I found so many websites hacked by them and in fact Google too has indexed those websites. But I can't get them booked. What can I do. I don't know. They proudly put the following sentence in my homepages. HACKED BY AYYILDIZ TEAM Edited August 23, 2006 by Dragonfly (see edit history) Share this post Link to post Share on other sites
Bkag 0 Report post Posted August 23, 2006 The only time i have been hacked was by my friend who saw my password, that night he went on and added products to my shop including a "sack of $?%^" and a "Pickeled horse testicle" i saw this the next day and immedetely changed the products and my password. He isnt much of a computer guy and didnt understand what kind of damage that can cause, my site with those products on reciever a few hundred views and probably all those people will not/have not come back. I was extremely pi$$ed off with him Share this post Link to post Share on other sites
AlternativeNick 0 Report post Posted August 24, 2006 yeah i kinda know hhow that goes, my uncle used to work for a few different security agencies, and he would crack the security systems of their clients, and find the loopholes that there were in them, then fix whatever the problem was. hes really helped me alot with computers xD Share this post Link to post Share on other sites
masterio 0 Report post Posted September 5, 2006 Well, it not just along ago I was like boss_dk. Defacing site just for fun, and "wanna be hacker". But I realize that what i'm doing was wrong. I start to think, how if my website defaced?. From that I was stop to playing deface and just inform the admin. For admin, you must often to surf to security site like http://forums.xisto.com/no_longer_exists/ etc.STOP DEFACING!! Share this post Link to post Share on other sites
shadowx 0 Report post Posted September 23, 2006 Well people the deface are most likely after attention as they like to "tag" the websites thewy deface, unless of course its some sort of protest or whatver. My advice to hackers/crackers is not to give up what you are doing but put it to a good use. Dont hack or crack good people. im definately not sticking up for people that are starting wars, causing cruelty to other people and animals etc etc etc do what you like to them who cares about them?! :Pi used to be interested in hacking i admit i didnt get far as i got bored with it but scince then ive continued to learn about computer security and i think that all hackers should turn their knoweledge towards enforcing security rather than destroying it, i know that watching a security system crumble at your finger tips is great fun but there are so many hacking websites that allow you to practice such skills legall and safely. hacking is like a kinfe, in the right hands it can help many but in the wrong it can be deadlly (well in the case of hacking it can be a pain in the a$$!) So use your skills to help people. One job i would love is to work for the government, as much as i think they stink it would be great to being down people who think its "cool" to comit credit card fraus, send massive spam mail etc..love to watch them cry! and to skript kiddies its simply...we dont have the electricity to waste on you and your "activities" If you want to get involved in the hacking cmmunity sort yourselves out! Its not about guessing your mates hotmail password its about destroying people who do wrong and helping yourself and others with security. Hackers arent all bad, im not really into hacking as much now but i know that there are a lot of good hackers out there and just as many bad unfortunately. Share this post Link to post Share on other sites