Some kid calling himself thunder, apparently part of a group called the Moroccan Snipers defaced the home page (that was only, the forum was still accessible by entering the url directly) Some else also dumped all the user names and password for those register prior to Nov of last year, which that among other things leads me to believe this was done by someone else not "thunder".
thank you i will look into this group do we have a team on this right now?
Some kid calling himself thunder, apparently part of a group called the Moroccan Snipers defaced the home page (that was only, the forum was still accessible by entering the url directly) Some else also dumped all the user names and password for those register prior to Nov of last year, which that among other things leads me to believe this was done by someone else not "thunder".
thank you i will look into this group do we have a team on this right now?
no I think most people have forgotten about it or don't care...
Thunder email address is t4h@hotmail.fr, I've verified this as I spoke with him briefly. From what I read irs a group of script kiddies that mainly target Israeli, and US websites, you know the whole death to America crap....It's seems that this one was thunder by himself. But I still feel that the dumping of usernames/passwords was a different attacker, probably before the defacement but that wasn't caught until the defacement. Their was a link here to milw0rm that had info on the attack.
koolpop0 wrote:The usernames and passwords is what worries me
i didnt use my regular password on this site but im sure others did...
It happened in like Feb. And I'm sure most everybody changed their passwords and if they used the same elsewhere I hope they changed those too. I personally wasn't affected since I joined after Nov 08. here's the link http://www.milw0rm.com/papers/297 not a lot of info on the attack itself just the list of usernames and hashes that were dumped. Some hashes are cracked some aren't.
hehehe i was away from this site for long time then i check this list and theres my email(my email has my real name in it)
so now i know why im getting so much money from dead relitives(or not)
bobman801 wrote:hehehe i was away from this site for long time then i check this list and theres my email(my email has my real name in it)
so now i know why im getting so much money from dead relitives(or not)
What the fuck are you on about?
Edit:
Oh wait, spam?
Lolz. Don't use main email for signing up for this shit (: TIP: IT HELPS REDUCE SPAM
Defil3d wrote:Hello, I'm new to this site and since I saw that a hacking site just got hacked...All I can say is lol
I wouldn't laugh, go start up a site of your own and watch what happens in like the first 2 days. (shitty free sites don't count, I mean one where you have to do the security, smartass)
Little sites also count.
I had a personal ssh server for ssh tunnelling when in wifi open networks that got hacked no much time ago (weak password, bruteforce).
They also installed a rootkit wich started to try cracking other machines ssh bruteforcing (just a shitty bash script collection!)
My password is secure, i only use it here and I wasn't even registered when happend.
I'm getting this on profile editor:
Warning: ob_start() [ref.outcontrol]: output handler 'ob_gzhandler' cannot be used after 'URL-Rewriter' in /home/.mazie/hacker_apache/html/hacker/html/forum/includes/page_header.php on line 44
Defil3d wrote:Hello, I'm new to this site and since I saw that a hacking site just got hacked...All I can say is lol
I wouldn't laugh, go start up a site of your own and watch what happens in like the first 2 days. (shitty free sites don't count, I mean one where you have to do the security, smartass)
I love how people claim to be smart enough to crack all of the largest sites, but dumb enough to think that a bunch of people on a hacking website would believe that "Secret" programs can be found on an online message board post that is structured like an advertisement.
I love how people claim to be smart enough to crack all of the largest sites, but dumb enough to think that a bunch of people on a hacking website would believe that "Secret" programs can be found on an online message board post that is structured like an advertisement.
adum wrote:as you probably noticed, hacker.org was hacked last weekend. oh, the irony!
truth to be told, we hadn't spent much effort in securing the site. which was a little foolish.
as well as defacing the site, somebody dumped the user table with names and passwords. we use the phpbb2 reg system here, and i guess they don't salt their passwords, which is unfortunate. any password that is short or based on a dictionary word has probably been reversed at this time. therefore, it's very important to change your password to something robust, and if you used the same password on any other site or email account to change that too. sorry for any trouble.
i've spent some time closing out all the SQL injection points i could think of, but in case i missed something, if you happen to notice it please drop me a PM.
