ls Posted October 13, 2008 Share Posted October 13, 2008 so i was going to this site: http://ezpicking.com/forum/index.php it's a small lockpicking forum an what did i see ? It's defaced So i just want to say how lame defacing is, OK they should spend more time securing their website but that doesn't give you the right to do something this stupid. I mean, what's the point ? if it would be a site with child pornography i would understand it but this is just the work of people with to much spare time. what's your opinion on defacing ? Quote Link to comment Share on other sites More sharing options...
Seshan Posted October 13, 2008 Share Posted October 13, 2008 There English fails, Which makes them look dumb. " We are [Terrorists Crew] Not any another hacker crew. Remember : Terrorists Crew had hacked your site in this day." "Every where and where we are there." WTF is that part suppose to mean? Quote Link to comment Share on other sites More sharing options...
Kyle 2.0 Posted October 13, 2008 Share Posted October 13, 2008 Its always lame when they target some small website ran by just a few people like that. If they actually had much skill they'd choose something much larger and more challenging. and would actually impress people. Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted October 13, 2008 Share Posted October 13, 2008 Ive seen many a server/page owned and the admins had no clue it had happened, usually they place ads and what not there and in essence steal the page clicks. I would like to see something like this done with click jacking. Addictive Flash Game+Click Jacking=Profit Quote Link to comment Share on other sites More sharing options...
snakey Posted October 14, 2008 Share Posted October 14, 2008 yeah tried to go on yesterday and it failed :P i also think they cant get admin privileges back so they have gotta go to the server company to get the site back Quote Link to comment Share on other sites More sharing options...
dr0p Posted October 15, 2008 Share Posted October 15, 2008 And the sad part is 99% of them don't even know how that silly little exploit they ran works. If you hack a site and deface for a reason (EG: a company is treating its employees like shit) I'm fine with that, otherwise, deface is fail. Quote Link to comment Share on other sites More sharing options...
Swathe Posted October 15, 2008 Share Posted October 15, 2008 Speaking of companies treating their employees like shit, I was out of a job on Fridat with one days notice. I was hired through a labour hire company as a SysAdmin and a network desing manager. Over the past few weeks I had noticed my boss had been lying to clients, sendingme to do ALL of the work and deal with the angry people. I refused to lie for him so I told them the truth and tried my best to get everything up to scratch. I then get a phone call on Thurday afternoon from the labour hire company telling me that my boss has not paid a cent the whole time I have been there, and they had to cancel my payment. bottom line is he owes alot of moeny around town and royally screwed me and my family over. I used to manage his websites (of which he has still not paid for the domains and the hosting) so I pulled them down (with permission of the ISP hosting them because he hates my boss with a passion too!). I guess it is defacing and some here may be against what I did but he fucking deserves it. I managed to find another IT job but the money is crap so back to struggling again. Sorry for derail I needed to vent! Quote Link to comment Share on other sites More sharing options...
m0u53 Posted October 15, 2008 Share Posted October 15, 2008 i can understand why it happens but the case most of the time is usally some kid litterly hangs out with a bunch of real hackers then he learns how they did it and then he just exploits the page and defaces thinking hes badass in reality this is really really freaking retarted ive seen sites that have been hacked...and the admin never even knew it how? we simply logged all the usernames and password in his form validation script ..i think he still dosent even relise it lol Quote Link to comment Share on other sites More sharing options...
RogueHart Posted October 16, 2008 Share Posted October 16, 2008 Speaking of companies treating their employees like shit, I was out of a job on Fridat with one days notice. I was hired through a labour hire company as a SysAdmin and a network desing manager. Over the past few weeks I had noticed my boss had been lying to clients, sendingme to do ALL of the work and deal with the angry people. I refused to lie for him so I told them the truth and tried my best to get everything up to scratch. I then get a phone call on Thurday afternoon from the labour hire company telling me that my boss has not paid a cent the whole time I have been there, and they had to cancel my payment. bottom line is he owes alot of moeny around town and royally screwed me and my family over. I used to manage his websites (of which he has still not paid for the domains and the hosting) so I pulled them down (with permission of the ISP hosting them because he hates my boss with a passion too!). I guess it is defacing and some here may be against what I did but he fucking deserves it. I managed to find another IT job but the money is crap so back to struggling again. Sorry for derail I needed to vent! cant blame you. i would have done far more Quote Link to comment Share on other sites More sharing options...
deleted Posted October 16, 2008 Share Posted October 16, 2008 I dont see why people deface in the first place, I can see why people hack banks or governments, but what do you have to gain from defacing a website, its pointless (all hacking for malicous attempt is pointless, but you get the idea). It cant be for fame, do you know the name of a famous defaceor? It cant be for money, is there a forum where money is stored in its files? Alot of these defaceors come across flaws by accident. They have a choice, Take the site down, or, do what i do, and email the site webmaster to tell the webmaster your were on his site and found a flaw. It all depends on what colour your web browsing hat is. Quote Link to comment Share on other sites More sharing options...
Swathe Posted October 16, 2008 Share Posted October 16, 2008 cant blame you. i would have done far more I will be Quote Link to comment Share on other sites More sharing options...
sqall Posted October 16, 2008 Share Posted October 16, 2008 Alot of these defaceors come across flaws by accident. They have a choice, Take the site down, or, do what i do, and email the site webmaster to tell the webmaster your were on his site and found a flaw. It all depends on what colour your web browsing hat is. I would do the same thing. Just contact the webmaster or administrator and tell them everything or give some help how to secure the site. But I think defacing isn't so bad if the defaceors just leave a little note on the frontpage or something like that with infos to secure the site or whatever. I don't agree with the deface which ls showed us. Quote Link to comment Share on other sites More sharing options...
will-wtf Posted October 18, 2008 Share Posted October 18, 2008 Once apon a time i did that to like 30 sites straight, really lame. Googling for vulnerable sites. Never did it again. Defacing without a purpose is stupid. Quote Link to comment Share on other sites More sharing options...
dr0p Posted October 19, 2008 Share Posted October 19, 2008 Speaking of companies treating their employees like shit, I was out of a job on Fridat with one days notice. I was hired through a labour hire company as a SysAdmin and a network desing manager. Over the past few weeks I had noticed my boss had been lying to clients, sendingme to do ALL of the work and deal with the angry people. I refused to lie for him so I told them the truth and tried my best to get everything up to scratch. I then get a phone call on Thurday afternoon from the labour hire company telling me that my boss has not paid a cent the whole time I have been there, and they had to cancel my payment. bottom line is he owes alot of moeny around town and royally screwed me and my family over. I used to manage his websites (of which he has still not paid for the domains and the hosting) so I pulled them down (with permission of the ISP hosting them because he hates my boss with a passion too!). I guess it is defacing and some here may be against what I did but he fucking deserves it. I managed to find another IT job but the money is crap so back to struggling again. Sorry for derail I needed to vent! If he was my boss, I'd be bent on making sure he didn't have that money that he owed people and more. I dont see why people deface in the first place, I can see why people hack banks or governments, but what do you have to gain from defacing a website, its pointless (all hacking for malicous attempt is pointless, but you get the idea). It cant be for fame, do you know the name of a famous defaceor? It cant be for money, is there a forum where money is stored in its files? I can name one defacer: iskorpitx. He's one of those Turkish people who thinks defacing is the l33test thing ever (and has defaced a ton of sites, and actually knows what he's doing and isn't and skid). However, he is the only one I know of. Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted October 20, 2008 Share Posted October 20, 2008 I dont know if its just me or not, but if i find a site with some juicy sql exploit or an open ftp, then im going to take it and do something. maybe not big, like write penis in the middle of a paragraph, but the owners/mins should be certain to maintain an updated server/site. I can understand flusteration of being locked out completely because that is pretty douche bagish, but me putting some goatse on a site is their fault, i didnt want to do it, but its like leaving a penis lollipop in front of a homosexual. Quote Link to comment Share on other sites More sharing options...
RogueHart Posted October 20, 2008 Share Posted October 20, 2008 I dont know if its just me or not, but if i find a site with some juicy sql exploit or an open ftp, then im going to take it and do something. maybe not big, like write penis in the middle of a paragraph, but the owners/mins should be certain to maintain an updated server/site. I can understand flusteration of being locked out completely because that is pretty douche bagish, but me putting some goatse on a site is their fault, i didnt want to do it, but its like leaving a penis lollipop in front of a homosexual. Quote Link to comment Share on other sites More sharing options...
Nophix Posted October 21, 2008 Share Posted October 21, 2008 I hate these guys. Seriously, they piss me off to no ends extent. I'm part of a car club, and when we first started, the web admin was learning as he went. The front page got defaced like 5 times the first year! Honestly, what part of hacking a cheesehead carclub site is cool? Although, if we were to ever catch them, we'd probably beat them with a 1/2' drive torque wrench! Quote Link to comment Share on other sites More sharing options...
will-wtf Posted October 21, 2008 Share Posted October 21, 2008 What was it's name... Gulp Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted October 22, 2008 Share Posted October 22, 2008 I still think its funny. Its a piece of software, reinstall it, rebuild it.. Quote Link to comment Share on other sites More sharing options...
raevin Posted October 25, 2008 Share Posted October 25, 2008 I know I'm new here, but...meh, why not give an opinion? Lol. On a lot of "hacking" boards I used to visit, XSS and defacing were the two most hated-upon showoffs. XSS is a different discussion itself, but for defacing...here's my view. If you: A) have a conscience and tell the admins of the flaw that gave you the ability to deface, then you gain some respect to me...because you're doing the right thing. B) don't deface the entire website, but maybe add <!-- hacked by me --> or something in the source, or just create a simple HTML file that says "fix the flaw"...there's no harm in that. It doesn't cause any damage, and it's far easier to fix. C) not be a skiddie. Personally, I think it's okay to use exploit sites if you're using it to be an actual pentester, and not some...well, butthole to say it nicer, haha. If you meet all three...where's the harm? I know point C is kind of hypocritical, but still. I've done defacements before, but it was never to the point to where I destroyed the entire site, or anything. When I find a way into a site, I do one of two things: a) show proof I got in so the admin believes me (aka: point B & A above), or B) ignore it and continue on with whatever I'm doing. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.