http://www.keretapi.com/guestbook/index.php

WTF? This idiot hacked one of sites.

Some 13 year old kid thinks he's ------.

Pretending to be elitist.

They seem to enjoy hacking WebWiz Forums & guest books..

And left the link to his site in the source

http://madoz.jeeran.com/hack.gif

twit

Someone want to report him to his host ;) ? Sure, it's practically harmless. But I'd like to ssee this idiot get busted ^^

Regards,

I've already sent a letter to the upstream provider located in the U.S. Asked them if they wonder if the FBI would be interested in knowing that one of the clients that is hosted within their network performs illegal activities.

One of those - 'We don't care' and it's not in our terms and conditions places.

I spend a load of time reporting attempts to hack into servers and get nothing back or really lame 'thank you' responses.

I recon that anyone who hosts should ban the IP

What a SFI. :-)

SFI - where are you seeing that SFI Techrad

LOL. that's not a hack. not even close. it's called.. your guestbook script is a pos that allows html in it :p

LOL. that's not a hack. not even close. it's called.. your guestbook script is a pos that allows html in it :p
In that case, one poor bloke is getting reported for performing illegal activities when what he did was to post HTML.

The kid exploited a well-known hole in a script, what's the big deal ?

Happens all the time.

Just check OSVDB for vulnerabilities, then Google for instances of the script -- I guarantee you will find the same thing.

Who know's what they'll try next though, if they get away with it it can become clumsy and damaging. Even if it's just having their connection pulled it shows them they've been caught.

The kid exploited a well-known hole in a script, what's the big deal ?

Happens all the time.

Just check OSVDB for vulnerabilities, then Google for instances of the script -- I guarantee you will find the same thing.

That's doesn't mean everything will be ok.

Btw, does anyone know how to remove that. I think that ---- is in my MYSQL database. Please, somebody.........

Check the source of the page for his stuff and search your db for it, I doubt it'll be hard to find as it's a pretty amature attempt, if you really hit a prob finding it mail me an sql dump and I'll see if I can find it :)

Thanks man, i will PM you.

In that case, one poor bloke is getting reported for performing illegal activities when what he did was to post HTML. it's not hacking. hacking is illegal access to a machine. (actually, that's cracking; hacking are programming shortcuts).

all he did was exploit a bad-written script that allowed html... that's not hacking, as he didnt intrude or abuse a machine. all it is is showing off, and also it is other people's stupidity.

it doesnt actually break something. it's not even as severe as other xss things, just a simple html code that doesn't affect anything or pose any security risks or alter any hard coding or data.

What he did was 'deface' a site, we know everyone normally get's the terms the wrong way round and that's not the real problem. It can more clearly be referred to as 'malicious damage' which is an ilegal activity. So showing off or not as you can see it's caused the site owner problems invloving clean up work which at least would normally allow a civil case to reclaim expenses for that and a punative amount for other reasons.

There's no reason to try and justify this type of thing, it should be actively discouraged, lets face it at least half of the costs of any webhosting resource is due to costs involved in protecting infrastructure & systems - if it stopped they wouldn't be necessary. In my book a good reason to discourage it and report any offenders.

I googled to find information on this "attack" after a client of mine had his website defaced via this "attack". We've reported all the information we have gathered and sent a report to the FBI. Regardless of whether it is "hacking", which it could be becuase you are still changing and editing data on a remote machine without permissions.

Anyways, just floating around the Internet.

Nick

it is NOT "changing and editing data on a remote machine without permissions." .. its adding HTML which affects the output of a website. nothing has been changed. nothing has been edited. NOTHING. just because you're ignorant and don't understand how it works doesn't make it HACKING. do some god damned research before reporting people and wasting the FBI's time.

second of all, you can't do anything without an IP and timestamp. third of all, the first step is to go to the ISP, NOT the fbi. but since it's not hacking, it doesn't matter anyway!

it's not hacking. hacking is illegal access to a machine. (actually, that's cracking; hacking are programming shortcuts).

all he did was exploit a bad-written script that allowed html... that's not hacking, as he didnt intrude or abuse a machine. all it is is showing off, and also it is other people's stupidity.

it doesnt actually break something. it's not even as severe as other xss things, just a simple html code that doesn't affect anything or pose any security risks or alter any hard coding or data.
Er, did I mention anything about hacking in that post?

Btw, does anyone know how to remove that. I think that ---- is in my MYSQL database. Please, somebody.........

I'm not sure how exactly that guestbook works, but if you can search the posts, look for layer1 or <div in the posts. If that doesn't work, e-mail me at admin@cawunited.com and i'll help you some more.

edit: didn't see the second page.. but if you still need help, let me know
: Just incase you didn't find out which one posted it, it was entry number 51 by joe. his hostname is dyn-83-155-175-153.ppp.tiscali.fr It was on Sunday, 13. June 2004 04:39 AM