Jump to content
Tuts 4 You

Tuts4you Site Defaced?


Vrane

Recommended Posts

wow...who thell do it....how dare....

I now know who it is, they are a member of this forum and I know how they did it.

Shame on them. I'll be sending them a message later...

Ted.

Link to comment
Share on other sites

Would be better if they simply send you a message saying where the page's vulnerable... Anyway, at least it's not a destructive script, so we got "hacked" by some friendly kiddies. :>

Link to comment
Share on other sites

why? hacking is usefull, they wrote this to inform us about hole in board script. someone else could do bigger damage.

Why not just email me, its not like my email address is hidden.

Ted.

Link to comment
Share on other sites

Yeah, that's the prob... I'm personally happy they didn't delete anything and "just" displayed those message boxes. Ok, emailing Ted would've been the best solution, but they didn't do any real harm (like embedding malicious code)...

Link to comment
Share on other sites

Yeah, that's the prob... I'm personally happy they didn't delete anything and "just" displayed those message boxes. Ok, emailing Ted would've been the best solution, but they didn't do any real harm (like embedding malicious code)...

Teddy, I think that antichat.ru forum doesn't have anything to do with it.

He is probably just a member theer.

And also, it was some simple xss. XSS (cross site scripting)... well, more info on xssed.com.

It's not a serious hole. Well, not for this kid.

Link to comment
Share on other sites

Why not just email me, its not like my email address is hidden.

Ted.

indeed, this was the best way, should've pmed or emailed Ted. What they did was actually defaming the SnD team.

Link to comment
Share on other sites

  • 2 months later...

The vulnerability for ipb 2.3.4 is not available in any major security site site.He must be a pro hacker

Btw I am also a hacker :D

Link to comment
Share on other sites

Doesn't take a huge amount of effort to find an XSS or injection in most large content management systems though. Look long/hard enough, you can find plenty.

Not sure 'pro hacker' is the right term, even if he wasn't just some skid who read an advisory and used google.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...