Hacked ?! [Archive]

View Full Version : Hacked ?!

Dutch_guy

11-19-2005, 20:04

Ok, I wanted to upload the save file for the pbm Im running.

But when I clicked the upload section, I got a green screen saying the site was hacked :

follow at you own risk, since I have no idea if it contains spy ware, or something else, haven't experienced any thing like that when I clicked the link though,

http://www.totalwar.org/patrons/pbm/

:balloon2:

Viking

11-19-2005, 20:25

Yaikes.... Hitler is taking over the forums... only the pbm section though. :inquisitive:

Monk

11-20-2005, 05:59

Strange, interesting, alaming, concerning, frightening.

but the more inportant question is... why the pbms? there are far more worthwhile targets.. :hide:

Just A Girl

11-20-2005, 07:34

Find the owner of this,
http://members.lycos.co.uk/drdeathx2/upload/LebNazi0.jpg"
And find a way to have your revenge (my fave)

Or if your a bit lazy.
You can always just report that account,
http://www.tripod.lycos.co.uk/support/abuse/

R'as al Ghul

11-20-2005, 10:08

Anyone followed the link to www.LebHacker.Com?
It shows up as beirut-online.
Isn't that weird? ~:confused:

Kekvit Irae

11-20-2005, 12:23

Sounds like our old friend, Shambles, could be the culprit. I feel as if this is a direct target against our AM Beirut

Mikeus Caesar

11-20-2005, 12:23

Argh, we're being hacked by the Lebanese.

Dutch_guy

11-20-2005, 13:10

Sounds like our old friend, Shambles, could be the culprit. I feel as if this is a direct target against our AM Beirut

If so, why the PBM area ?

And why not ...say hte frontroom,or another ''high'' activity area - cause face it, if I didn't want to download the file, this could maybe have not been discovered for quite some time.

The PBM uploading area isn't one of the most active parts of this forum.

:balloon2:

Just A Girl

11-20-2005, 15:00

hey dont blame me I dont have anything against the org at all,

So to put it bluntly it was not me.

And any way i have no reason to,

The org never did anything to upset me,
And beirut said sorry,

I have no need or want to cause the org any problems,
And neither do i have a need nor want to cause beirut any problems,

So dunno why you think i have a vendeta against any 1 or thing,

Templar Knight

11-20-2005, 16:37

Just A Girl

11-20-2005, 16:40

your are shambles? ~:confused:

this is Trish's account, So i use it on and off,

Templar Knight

11-20-2005, 16:42

this is Trish's account, So i use it on and off,

ah, I get it now ~:)

Byzantine Prince

11-20-2005, 17:14

Anyone followed the link to www.LebHacker.Com?
It shows up as beirut-online.
Isn't that weird? ~:confused:
LMAO! That made my day. ~:cheers:

asilv

11-21-2005, 00:05

Big King Sanctaphrax

11-21-2005, 00:09

This has to be the poorest hack-job I've ever seen. All this fellow has accomplished is to prompt laughter at his pseudo-fascist beliefs. He hasn't even written that 'hacked!' page in 133t speak!

Well done, script kiddie. We salute you. *claps sarcastically*.

Just A Girl

11-21-2005, 13:08

Ive decided to Prove this is not my work,

"the fact that i went and even botherd to view source on that page and Post the Url of his/her lycos name must count for something,"

but seeing as it really is just a simple script, SUPER BASIC.

i thought id show you i can do better in a few seconds than what was displayed theire,

Befor you try this, Let me say...

It Wont hurt you,
Its not going to add or take anything from or to your pc.
But it may take a while to close if you dont spot the trick And neither do you have a pop-up blocker,
It could posibly close your I.E windows,
So try it when u have nothing els to do.

Here it is Click this link to see.
http://www.shoguntw.2ya.com/index1.htm

Easiest way to stop this is to minimize the pop-up then close the little one, and then close the pop-up

Still would be much more worth while than what happend their though,

You probably wont see what it does if you have a popup blocker,
But its still easily more Annoying,
And is still realy basic,
but stops you doing simple things like view source, (something our hacker didnt bother with)

"I would not go so far as to call them a script kiddy... If you go theire and do view source like i did, You will see... there were no scripts as such in that html"

hopefully you can see It was not me

Reverend Joe

11-23-2005, 01:16

For the love of god, someone teach this idiot a lesson... fill his computer to the brim with horse porn!

Beirut

11-23-2005, 02:05

Anyone followed the link to www.LebHacker.Com?
It shows up as beirut-online.
Isn't that weird? ~:confused:

Cool. :hippie:

I'm like famous dude.

Simetrical

11-23-2005, 02:43

I think those "hackers" just uploaded index.html file to directory. The uploader page says that it only accepts zip and and rar files, but I uploaded file called test.html (http://www.totalwar.org/patrons/pbm/test.html) without any problems.Clever. Sounds like you hit it, assuming there wasn't an index.html file before.

But its still easily more Annoying,
And is still realy basic,
but stops you doing simple things like view source~:confused:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<HTML>
<!- GET YOUR OWN FREE SHORT URL AT SHORTURL.COM ! -->
<head>
<TITLE>!!! SHOGUN TOTAL WAR !!!</TITLE>
<META NAME="description" CONTENT="SHOGUN TOTAL WAR Play Shogun Total War online">
<META NAME="keywords" CONTENT="shogun, total, war, Shogun Total war, total war, Multiplay, Multi player, Online, downloads,">
<meta name="Robots" content="INDEX,FOLLOW">
<LINK REL="SHORTCUT ICON" HREF="#####################################################/favicon.ico">
</head>
<NOFRAMES>
<body>
<h2>!!! SHOGUN TOTAL WAR !!!</h2><P>
SHOGUN TOTAL WAR Play Shogun Total War online
<BR>

<a href="#####################################################/index1.htm">Please click here</a> to visit: !!! SHOGUN TOTAL WAR !!! - shoguntw.2ya.com.
<P>
<BR>
This page is generated by shorturl.com - redirection and forwarding services.
<BR><B>
Get free sub domain URL forwarding and redirection for your site, with no ads at <a href=http://www.shortURL.com>ShortURL.com</A>
<BR>
<a href=http://www.2Ya.com>2Ya.com</A> free domain forwarding and email forwarding services.
</body>
</NOFRAMES>
<frameset rows="100%,*" border=0 frameborder=0 framespacing=0>

<frame src="#####################################################/index1.htm" name="shoguntw">
</frameset>

</html>
<script language="JavaScript">
function stoperror() { return true; }
window.onerror = stoperror();
</script>

Just A Girl

11-23-2005, 09:44

Thats not the source of the page,
I didnt write it to well cos As i said i was only gonna take a min to make it,
so if you try you can view source but you wont do it with the mouse,
-------
Any way... to show what i mean.
This is the source, of the 1st page,
(People dont use this to be annoying,
it wont work wothout atleast 1 of the other 2 pages anyway)

<html>
<head>
<title>what to do</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="refresh" content="1;url=2.htm" >
<SCRIPT LANGUAGE="JavaScript1.1">

function right(e) {
if (navigator.appName == 'Netscape' &&
(e.which == 3 || e.which == 2))
return false;
else if (navigator.appName == 'Microsoft Internet Explorer' &&
(event.button == 2 || event.button == 3)) {
alert("Hacked");
return false;
}
return true;
}

document.onmousedown=right;
document.onmouseup=right;
if (document.layers) window.captureEvents(Event.MOUSEDOWN);
if (document.layers) window.captureEvents(Event.MOUSEUP);
window.onmousedown=right;
window.onmouseup=right;
</script>
<SCRIPT LANGUAGE="javascript">
window.open ('2.htm','newwindow',config='height=99999,width=99999,titlebar=no,toolbar=no,menubar=no,scrollbars=n o,resizable=no,location=no,directories=no,status=no')
</SCRIPT>
<SCRIPT LANGUAGE="javascript">
window.open ('1.htm','newwindow',config='height=2224,width=2768,titlebar=no,toolbar=no,menubar=no,scrollbars=no, resizable=no,location=no,directories=no,status=no')
</SCRIPT>
</HEAD>

<BODY bgcolor="#000000" text="#FFFFFF" "titlebar=no,toolbar=no,menubar=no,scrollbars=no,resizable=no,location=no,directories=no,status=no'>

<div id="Layer1" style="position:absolute; left:365px; top:228px; width:78px; height:25px; z-index:1"><font color="#FFFFFF">WHO
GOT </font></div>
</body>
</html>

As you can see That Is not the same as you posted,

The page html code you posted isnt even a html. Its just
code from my url redirection service, So that google has a description for
Shoguntw.2ya.com

Compare the one i made to this Effort the hacker made.

<html dir="rtl">

<head>
<meta http-equiv="Content-Language" content="en-us">
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>.:. LebNaZi Organization .:. H-A-C-K-E-D - Connection Reset by pear.</title>

<body style="font-family: City Light; font-size: .5in; color: #FF0000; text-align: left; text-indent: 0; line-height: 0.9; word-spacing: 0; margin-left: 0; margin-top: 0; margin-bottom: 0" bgcolor="#006C00">

<div align="center">
<center>
<table border="1" height="140" id="AutoNumber1" bgcolor="#FFFFFF" bordercolordark="#006C00" bordercolorlight="#005E00" bordercolor="#008000">
<tr>
<td height="140" dir="ltr" valign="top">
 <font face="Formata Outline" size="7" color="#006C00">Hacked By
LebNaZi™</font></td>
<td height="140" valign="top">
<p dir="ltr">
<img border="0" src="http://members.lycos.co.uk/drdeathx2/upload/LebNazi0.jpg"></td>
</tr>
</table>
</center>
</div>
<p dir="ltr">Welcome :$</p>
<font size="5">
<div align="center">
<center>
<table border="1" width="725" height="415" id="AutoNumber2">
<tr>
<td width="725" height="415" valign="top">
<p dir="ltr"><font size="5"><font color="#FFFFFF">1. Sorry , It Is Hacked
.</p>
<p dir="ltr">2. Life Sucks ... Maybe But We Fuck .</p>
<p dir="ltr">3. You Are too late to look to your site :) .</font></p>
<p dir="ltr"><font color="#FFFFFF">4. If You have any problems or you want
your site back message us , but </font></p>
<p dir="ltr"><font color="#FFFFFF">"I can say that u must pay".</font></p>
<p dir="ltr"><font color="#FFFFFF">5. In the duty of destruction Lewi.86@gmail.com
, LebHacker@LebHacker.Com   </font>
</font></td>
</tr>
</table>
</center>
</div>
<p dir="ltr"><span style="color: #FFFFFF">  </span></p>
<p dir="ltr"><span style="color: #FFFFFF">                                  
I Already read the rules and I accept ! fuck me instead :(</span></p>
<p dir="ltr"><span style="color: #FFFFFF">                                
And If You Don't , it doesn't matters coz the site is hacked :) </span></p>
<p dir="ltr"> </p>
<p dir="ltr"> </p>
<p dir="ltr"></font></p>
<p dir="ltr"> </p>
<p dir="ltr"> </p>

</body>

You can see that we write our html's diferently. This person seems to Use outlook express.
I use Note pad,
and if i am making a nice looking page, i use dreamwaver mx.
The html i posted here was writen in note pad,

futher more this person has little knowlage of scripts, Or of meta tags,
Which implies that he/she has only just began Editing html.

and if that was not enough, the bulk of our "hacker's" page is in the
body of the page, Where as most of my page is java script that resides
in the page header. and a meta refresh script that lives with the
meta tags.
The body of my page is nearly empty

Take from it what you will,
Just be shure to think twice before saying it was me.
Becous it was not.

Hopefully though thats enough proof for people that it was not me.

Its not my style to be so Indescreet any way,
Some 1 pushes me to far I want them to know its me whos causing
the trouble,
And this "hacking job" is definatly not me.

:bow: