I’m sure those of you that witnessed the defacement of Weblogs inc. yesterday want to know what happened. Our head developer has updated his blog. I guess k1dd135 ruining your anniversary has reached a new level. If anybody actually had a fun Saturday night and doesn’t know what we’re talking about: here’s a screenshot.
pwnd!
Har. Har. Har.
That’s whatcha get for running Microshit’s IIS server. Expensive *and* insecure.
Although no offense to hackaday, the uberly cool hack site, everybody learns MS servers have problems at some point.
BTW… whenever MS says “innovation” or “innovate” you can replace it with “shit”. Like when they say “We like to innovate” they really mean “We like to shit”. Eventually they will say “We need to go take a nice long innovation” and you will know what they mean.
PS: don’t refer to me by my post number, it may change. Somebody will probably tell me “gnu/linux based servers have problems also”, (true, but is heavily dependent on how much of a retard you are), and you might be referring to the wrong person after a while.
If you’d read the linked blog camzmac you would have seen it was more of a firewall problem than iis’ fault,
and by the way more expletives don’t make you look cool they just make you look dumb.
They don’t?
Fuck. =(
To quote Brian Alvey (riiiiight?)
“…but it isn’t a hack waiting to happen like IIS’s FTP server can be. Any suggestions on web-based bulk upload tools or SFTP servers and clients?”
Linux webservers get cracked too, Camzmac. Check Zone-H once and a while :P
Glad to see things are back up and running.
Is this why the rss yesterday was messed? I got sent the TIG welder, and links twice. It says the doubbles were sent at the same time, but i recieved them over an hour apart.
I thought I’d check Netcraft, out of curiosity:
http://toolbar.netcraft.com/site_report?url=http://www.hackaday.com
I hope hackaday isn’t really using Windows 2000, since MS no longer provides bug fixes for Win2k.
er???
it wasnt anything to do with microsoft, linux servers do get hacked, but they normally stayed updated. It’s easily done to forget to update. As windows always wants to bloody well reboot.
Hehe I just get a little ranty sometimes, my first post was a result of that.
On another note, if you are bored, google “k1dd135”, and you will get some interesting results.
1t’5 4 v4r14t10n 0f t3h w0rd 3l1t3 u53d by 14m3r5 wh0 th1nk th3y 4r3 3l1t3… 0ft3n us3d w1th 4r3 v4r1at10n 0f d1g1t5 1n5t34d 0f l3tt3r5…0ft3n u53d by 5cr1pt k1dd135 t0 d35cr18e th31r 5k1ll.
After the vulnerability has been fixed you should have an article covering how the intrusion was implemented. I mean, you are a hack site right?
Can you say Pwned?
“That’s whatcha get for running Microshit’s IIS server. Expensive *and* insecure.
”
clearly you didnt even read the article. They were hacked because they left a FTP open to the world to be brutted. That has nothing to do with it being MS.
This makes me sad
OMG like haxz, seriously hackers are not funny I am an admin on a gaming forum and one of our hosted sites was hacked, its not funny when peoples work is messed up. So dont go ‘like this so uber and 1337’.
I think somebody got hackaday and hackthissite mixed up
hmmm, I bet he was “smart” enough to sign up to that Gmail account with his real name or information, a person or persons which insist on adding “z0rz” to the end of their Handles are not usually what I or others would term to be as smart.
send his email add to all those spammers.
that would surely tick him off
Surely the likes of Kevin Rose, #12, knows the difference between hacker and cracker :-) you’re right though, it would be interesting to know the details regarding what was actually done with the ftp service. WebDAV is a good web based HTTPS alternative to FTP although I generally just use SCP when I want to transfer files.
Im sorry this may seem like a dumb question but I bought a powermac g3 yesterday at auction for 2 dollars and I dont know how to turn it on or where to plug in the keyboard and mouse if you can help please email me at phycon5@gmail.com , I have no idea what to do. The last time i used one of these computers was in fourth grade and i didnt turn it on or off.
i think the death penalty is in order for this crime. lol. the irony in the whole situation…. hack a day still pwns his mother!
When I did a google search on the hacker email you get a spanish site on how to deface and digging deeper you get their website that is from a Mexican group who’s hobby is hacking American sites.
I wonder if gmail would cooperate with the authorities and provide IP Address information of the person that checks that account often. ‘Course, if it’s from Mexico, the buck probably stops at the border.
i agree with kevin rose. since everything is patched up now, you should show how the person actually did it, since you are a hack site and you got hacked
heh. could it be payback for the comments made about SpreadFirefox.com being hacked?
oh, the irony of it all.
People suck. People suck big time, and are assholes. But, especially computer criminals. this Really pisses me off because of how awesome hackaday is.
weblogs, inc runs on Windows?? OMG! That’s asking for trouble. Don’t get me wrong, I only ever use Windows these days… but IIS and hackers don’t mix.
There’s NOTHING wrong with leaving an FTP port open, so long as the server managing each connection is secure. It’s Obviously Microsoft’s fault for producing an FTP server with no protection against brute forcing.
Dammit.
I was actually having fun saturday night!
I always miss everything!! Agrh.
damn, you guys have forums now kevin? w00t to that.
but yeah, windows 2000? IIS? yuck.
dude, that guy is blatantly ripping off of my name (whick ive been using since 2000)
So it’s the “blame windows” game because you didn’t configure ms ftp right and because you used a password from the dictionary? That makes sense.