Forgot your password?
February 9, 2008 in Site Bug Reports and Feedback
What an a-Hole
The child "hacked" and defaced the Poll script. Thanks for the heads up, I'll look in to it...
wow...who thell do it....how dare....
I now know who it is, they are a member of this forum and I know how they did it.
Shame on them. I'll be sending them a message later...
Would be better if they simply send you a message saying where the page's vulnerable... Anyway, at least it's not a destructive script, so we got "hacked" by some friendly kiddies. :>
stupid script kiddies... they don't deserve anything else but a permanent ip ban .
why? hacking is usefull, they wrote this to inform us about hole in board script. someone else could do bigger damage.
Why not just email me, its not like my email address is hidden.
Yeah, that's the prob... I'm personally happy they didn't delete anything and "just" displayed those message boxes. Ok, emailing Ted would've been the best solution, but they didn't do any real harm (like embedding malicious code)...
Teddy, I think that antichat.ru forum doesn't have anything to do with it.
He is probably just a member theer.
And also, it was some simple xss. XSS (cross site scripting)... well, more info on xssed.com.
It's not a serious hole. Well, not for this kid.
Why not just email me, its not like my email address is hidden.Ted.
indeed, this was the best way, should've pmed or emailed Ted. What they did was actually defaming the SnD team.
The vulnerability for ipb 2.3.4 is not available in any major security site site.He must be a pro hacker
Btw I am also a hacker
Doesn't take a huge amount of effort to find an XSS or injection in most large content management systems though. Look long/hard enough, you can find plenty.
Not sure 'pro hacker' is the right term, even if he wasn't just some skid who read an advisory and used google.
You need to be a member in order to leave a comment
Sign up for a new account in our community. It's easy!
Already have an account? Sign in here.