FoU clan site hacked!

You can talk about anything in here
Cryptic Moon
Posts: 1023
Joined: Thu Feb 17, 2022 8:24 pm

Post by Cryptic Moon »

ahhaha we got pwned fatty style
Pain-Killer
Posts: 1835
Joined: Thu Feb 17, 2022 8:24 pm

Post by Pain-Killer »

Hehe good and proper. Well hats off to 'em.Perfect.BR are a group of Brazilian site defacement hackers who find backdoors in Apache using sites (which ours is) and then redirects every single URL to one of their templates. Such as the one we had or "You were owned by Perfect.BR" etc.From what I've managed to find out about them, in a recent hacking competition where the goal was to hack as many sites as possible during a certain weekend they won with 192 points (over 2.5 times that of 2nd place). So they do know what they're doing.Here's a couple of sites with info on them:http://www.dominasecurity.com/hackerz/p ... try9366And I know the majority of you don't use pHp but to those who do, or intend to at some point I think I've found where they got in and for users of phpnuke 6.x you will need to open up your '/modules/News/index.php' file and find:[code:1:f6e3c36aa0]function rate_article($sid, $score) { global $prefix, $dbi, $ratecookie, $sitename, $r_options; if ($score) {if (isset($ratecookie)) { $rcookie = base64_decode($ratecookie); $r_cookie = explode(":", $rcookie);}for ($i=0; $i < sizeof($r_cookie); $i++) { if ($r_cookie[$i] == $sid) {$a = 1; }}if ($a == 1) { Header("Location:modules.php?name=News&op=rate_complete&sid=$sid&rated=1");} else { $result = sql_query("update ".$prefix."_stories set score=score+$score,ratings=ratings+1 where sid='$sid'", $dbi); $info = base64_encode("$rcookie$sid:"); setcookie("ratecookie","$info",time()+3600); Header("Location:modules.php?name=News&op=rate_complete&sid=$sid$r_options");} } else {include("header.php");title("$sitename: "._ARTICLERATING."");OpenTable();echo "<center>"._DIDNTRATE."<br><br>" .""._GOBACK."</center>";CloseTable();include("footer.php"); }}[/code:1:f6e3c36aa0]Then replace with:[code:1:f6e3c36aa0]function rate_article($sid, $score) { global $prefix, $dbi, $ratecookie, $sitename, $r_options; $score = intval($score); if ($score) { if ($score > 5) { $score = 5; } if ($score < 1) { $score = 1; } if ($score != 1 AND $score != 2 AND $score != 3 AND $score != 4 AND$score != 5) { Header("Location: index.php"); die(); } if (isset($ratecookie)) { $rcookie = base64_decode($ratecookie); $r_cookie = explode(":", $rcookie); } for ($i=0; $i < sizeof($r_cookie); $i++) { if ($r_cookie[$i] == $sid) { $a = 1; } } if ($a == 1) { Header("Location:modules.php?name=News&op=rate_complete&sid=$sid&rated=1"); } else { $result = sql_query("update ".$prefix."_stories setscore=score+$score, ratings=ratings+1 where sid='$sid'", $dbi); $info = base64_encode("$rcookie$sid:"); setcookie("ratecookie","$info",time()+3600); Header("Location:modules.php?name=News&op=rate_complete&sid=$sid$r_options"); } } else { include("header.php"); title("$sitename: "._ARTICLERATING.""); OpenTable(); echo "<center>"._DIDNTRATE."<br><br>" .""._GOBACK."</center>"; CloseTable(); include("footer.php"); }}[/code:1:f6e3c36aa0]Everything should be all back up and running now (finally!) but please be on the lookout for any bugs or errors that you find and let me know so I can fix them. Thanks.errm yes.... lol :oops: jees why do they hack sites.. thats stupid :nono:
Andal
Posts: 3
Joined: Thu Feb 17, 2022 8:24 pm

Post by Andal »

what did they done ?
Andal
Posts: 3
Joined: Thu Feb 17, 2022 8:24 pm

Post by Andal »

ok read it ...just for competition !so we get owned by the best hackers !!cu
FailedMunchkin
Posts: 715
Joined: Thu Feb 17, 2022 8:24 pm

Post by FailedMunchkin »

Oh yeah, BTW guys. Either the site was hacked again last night or the hosts were down?
Do babies enjoy infancy as much as adults enjoy adultery?
User avatar
Snape
Site Admin
Posts: 7890
Joined: Thu Feb 17, 2022 8:24 pm
Location: Britland
Great Britain

Post by Snape »

Nah that was wickedservers fault, they host our domain and they were down for a couple of hours.Everything should be funky again, and I've fixed the rank stars too. :D
Image
Pain-Killer
Posts: 1835
Joined: Thu Feb 17, 2022 8:24 pm

Post by Pain-Killer »

duh snape i know just a bit about html so what exactly did they do (god believe me i dont want to hack the site just want to know it)
Ang=eL
Posts: 431
Joined: Thu Feb 17, 2022 8:24 pm

Post by Ang=eL »

ok now u guys make them look like idiots ????and nice avatar gemz like christan!!!! :oops:
!!Mess with the best die like the rest!!
ZeroEnna
Posts: 1993
Joined: Thu Feb 17, 2022 8:24 pm

Post by ZeroEnna »

They didnt hack html based code, they hacked PHP based cose and PHP based code is nothing like HTML, trust me PHP is to hard for your lil brain Pain.


I work at burger king making flame broiled whoppers I wear paper hats. Would you like an apple pie with that? Would you like an apple pie with that? Ding!! Fries are done. Din
Ang=eL
Posts: 431
Joined: Thu Feb 17, 2022 8:24 pm

Post by Ang=eL »

lol dam :shock: :shock:
!!Mess with the best die like the rest!!
Post Reply