Teddy Rogers Posted February 9, 2008 Posted February 9, 2008 The child "hacked" and defaced the Poll script. Thanks for the heads up, I'll look in to it...Ted.
Teddy Rogers Posted February 9, 2008 Posted February 9, 2008 wow...who thell do it....how dare....I now know who it is, they are a member of this forum and I know how they did it.Shame on them. I'll be sending them a message later...Ted.
metr0 Posted February 10, 2008 Posted February 10, 2008 Would be better if they simply send you a message saying where the page's vulnerable... Anyway, at least it's not a destructive script, so we got "hacked" by some friendly kiddies. :>
STN Posted February 10, 2008 Posted February 10, 2008 stupid script kiddies... they don't deserve anything else but a permanent ip ban .
human Posted February 10, 2008 Posted February 10, 2008 why? hacking is usefull, they wrote this to inform us about hole in board script. someone else could do bigger damage.
Teddy Rogers Posted February 10, 2008 Posted February 10, 2008 why? hacking is usefull, they wrote this to inform us about hole in board script. someone else could do bigger damage.Why not just email me, its not like my email address is hidden.Ted.
metr0 Posted February 10, 2008 Posted February 10, 2008 Yeah, that's the prob... I'm personally happy they didn't delete anything and "just" displayed those message boxes. Ok, emailing Ted would've been the best solution, but they didn't do any real harm (like embedding malicious code)...
kaksii Posted February 14, 2008 Posted February 14, 2008 Yeah, that's the prob... I'm personally happy they didn't delete anything and "just" displayed those message boxes. Ok, emailing Ted would've been the best solution, but they didn't do any real harm (like embedding malicious code)...Teddy, I think that antichat.ru forum doesn't have anything to do with it.He is probably just a member theer.And also, it was some simple xss. XSS (cross site scripting)... well, more info on xssed.com.It's not a serious hole. Well, not for this kid.
STN Posted February 17, 2008 Posted February 17, 2008 Why not just email me, its not like my email address is hidden.Ted.indeed, this was the best way, should've pmed or emailed Ted. What they did was actually defaming the SnD team.
ansuman Posted April 17, 2008 Posted April 17, 2008 The vulnerability for ipb 2.3.4 is not available in any major security site site.He must be a pro hacker Btw I am also a hacker
Loki Posted April 17, 2008 Posted April 17, 2008 Doesn't take a huge amount of effort to find an XSS or injection in most large content management systems though. Look long/hard enough, you can find plenty. Not sure 'pro hacker' is the right term, even if he wasn't just some skid who read an advisory and used google.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now