main site infected?

[toneddu2000]

I don't understand rook, that pun is referred to me?
You can check by yourself, is in the source. It was on the Drupal showcase for years. I don't tell baloney
About the programming argument, imho for programming I intend every language that helps you to reach your task with the minimum effort and maximum quality

[r00k]

no it wasnt directed to you.

Some hacker "picked" this site to illustrate his keen sense of programming. He pick us as fellow nerds who would think his programming was cool, but he picked our butt by making it something that blocks us from accessing the resources on the front page.

[revelator]

Ya i prefer constructing something with my measly skills i wonder why some get there kicks by destroying something

[toneddu2000]

ah ok, sorry rook, but some english constructs are still obscure to me!
yeah totally agree. Hacking is cool as long as you do it for learning/testing purpouse on your own machine (testing holes in your own code, testing firewalls, etc). Once you start attacking other sites is just being ass**le

[frag.machine]

Script kiddies don't deserve to be called "hackers". Most of the time they don't even have any idea about what they're doing.

[toneddu2000]

Well, frag.machine, either this script kid has been very lucky or inside3d main page security is pretty lax

[revelator]

php has some security flaws but is easy to work with i guess thats where the popularity comes from,
many sites therefore resort to using some sort of captcha or other ways to keep malicius activity to a minimum.
Most of the time a serious attack takes place its for robbing passwords or other identity theft shit, what i dont get
is why someone would try out something like that on a developer board,
were not crazy so forget about stealing the password for my bank account will ya i dont use the same password as i log on with here doh :roll:
besides even if they do get my password for the bank they still need a set of numbers that only i have to verify that its actually me attempting to access it,
so they would also need to have a trojan on my PC to capture keystrokes and my PC has some nasty protection keeping that from happening.

Still its annoying and i hope it will get fixed

[frag.machine]

It's very likely that the I3D site was invaded using some automated tool that takes an IP subnet as argument and then starts to scan every address looking for well known exploits. So no, the script kid who defaced the site probably doesn't know the nature of our discussions. OTOH, we are probably running pretty outdated versions of PHP and forums, so this is kinda expected. :/

[Spirit]

I'd volunteer to take a look at the code but only in November/December. I would be able to help trying to find the hole(s) in webserver logs before that.

[Cobalt]

Main page is very hacked today

[Spike]

http://apple.slashdot.org/story/14/09/2 ... n-the-wild stuff like that doesn't help. note that it potentially applies to ANY cgi program that uses the system() libc function, not just bash cgi scripts.

[revelator]

actually a new security risk has surfaced concerning system using bash its called shellshock and is mostly a risk for for people using unix based software.
But users of cygwin / msys / msys2 should also look out. The new threat uses bash's scripting ability to get malicious code onto a users PC.

Do not be fooled this is much worse than the heartbleed bug .

[goldenboy]

What's this new fashion of giving catchy names to bugs?

And aren't there lots of new root exploits discovered every week? How is something like "shell shock" different?

Debian/Ubuntu had this exploit fixed yesterday already, btw. apt-get update, apt-get install bash.

[revelator]

for the drama effect i guess not something i came up with heh.
atleast its good to know that the bug was squashed quickly,
unfortunatly it also shows that linux based os are no longer unaffected,
and i have a hunch that more exploits will surface over the years.

edit btw.

Linux vendor Red Hat has warned the patch to fix Bash is not complete, and there are still ways to inject commands via environment variables. In an update at 0310 GMT, Red Hat said:

Red Hat has become aware that the patch for CVE-2014-6271 is incomplete. An attacker can provide specially-crafted environment variables containing arbitrary commands that will be executed on vulnerable systems under certain conditions. The new issue has been assigned CVE-2014-7169. Red Hat is working on patches in conjunction with the upstream developers as a critical priority.

snip <-

your not safe yet.

[Spirit]

And aren't there lots of new root exploits discovered every week? How is something like "shell shock" different?

The scope is very different. Nowadays you can contact every single IP on the internet in a matter of minutes. If then a bug like this occurs (remotely exploitable shell access on most linux/unix/andmore servers) it means armageddon. This is not a root exploit btw, it can be used to get a root shell if bash was running as root though. This one is probably even worse than Heartbleed as it does not "just" mean that you can grab snippets of memory but get access to the whole webserver.

Theorically there is nothing stopping people to make this the next big worm (if you remember Blaster, Sasser or Slammer). It's actually weird that it has not happened yet.

This has nothing to do with the inside3d hackery though, that's probably just trivial SQL injection.
I took the opportunity to make fresh archives of the forums, please download and keep them, it's not even 1GB: https://www.quaddicted.com/webarchive/f ... 25.warc.gz https://www.quaddicted.com/webarchive/f ... 140925.cdx