Jump to content

defacing is lame

ls

By ls
in Security

 Share

Recommended Posts

ls Newbie

ls

Posted
Posted

so i was going to this site: http://ezpicking.com/forum/index.php

it's a small lockpicking forum an what did i see ? It's defaced

So i just want to say how lame defacing is, OK they should spend more time securing their website

but that doesn't give you the right to do something this stupid.

I mean, what's the point ? if it would be a site with child pornography i would understand it

but this is just the work of people with to much spare time.

screenshotrz1.th.pngthpix.gif

what's your opinion on defacing ?

Link to comment
Share on other sites
Seshan Newbie

Seshan

Posted
Posted

There English fails, Which makes them look dumb. " We are [Terrorists Crew] Not any another hacker crew. Remember : Terrorists Crew had hacked your site in this day." "Every where and where we are there." WTF is that part suppose to mean?

Link to comment
Share on other sites
Kyle 2.0 Newbie

Kyle 2.0

Posted
Posted

Its always lame when they target some small website ran by just a few people like that. If they actually had much skill they'd choose something much larger and more challenging. and would actually impress people.

Link to comment
Share on other sites
dr0p Newbie

dr0p

Posted
Posted

And the sad part is 99% of them don't even know how that silly little exploit they ran works. If you hack a site and deface for a reason (EG: a company is treating its employees like shit) I'm fine with that, otherwise, deface is fail.

Link to comment
Share on other sites
Swathe Newbie

Swathe

Posted
Posted

Speaking of companies treating their employees like shit, I was out of a job on Fridat with one days notice. I was hired through a labour hire company as a SysAdmin and a network desing manager. Over the past few weeks I had noticed my boss had been lying to clients, sendingme to do ALL of the work and deal with the angry people. I refused to lie for him so I told them the truth and tried my best to get everything up to scratch. I then get a phone call on Thurday afternoon from the labour hire company telling me that my boss has not paid a cent the whole time I have been there, and they had to cancel my payment.

bottom line is he owes alot of moeny around town and royally screwed me and my family over. I used to manage his websites (of which he has still not paid for the domains and the hosting) so I pulled them down (with permission of the ISP hosting them because he hates my boss with a passion too!).

I guess it is defacing and some here may be against what I did but he fucking deserves it. I managed to find another IT job but the money is crap so back to struggling again.

Sorry for derail I needed to vent!

Link to comment
Share on other sites
m0u53 Newbie

m0u53

Posted
Posted

i can understand why it happens but the case most of the time is usally some kid litterly hangs out with a bunch of real hackers then he learns how they did it and then he just exploits the page and defaces thinking hes badass

in reality this is really really freaking retarted ive seen sites that have been hacked...and the admin never even knew it how?

we simply logged all the usernames and password in his form validation script

..i think he still dosent even relise it lol

Link to comment
Share on other sites
RogueHart Newbie

RogueHart

Posted
Posted
Speaking of companies treating their employees like shit, I was out of a job on Fridat with one days notice. I was hired through a labour hire company as a SysAdmin and a network desing manager. Over the past few weeks I had noticed my boss had been lying to clients, sendingme to do ALL of the work and deal with the angry people. I refused to lie for him so I told them the truth and tried my best to get everything up to scratch. I then get a phone call on Thurday afternoon from the labour hire company telling me that my boss has not paid a cent the whole time I have been there, and they had to cancel my payment.

bottom line is he owes alot of moeny around town and royally screwed me and my family over. I used to manage his websites (of which he has still not paid for the domains and the hosting) so I pulled them down (with permission of the ISP hosting them because he hates my boss with a passion too!).

I guess it is defacing and some here may be against what I did but he fucking deserves it. I managed to find another IT job but the money is crap so back to struggling again.

Sorry for derail I needed to vent!

cant blame you. i would have done far more

Link to comment
Share on other sites
deleted Newbie

deleted

Posted
Posted

I dont see why people deface in the first place, I can see why people hack banks or governments, but what do you have to gain from defacing a website, its pointless (all hacking for malicous attempt is pointless, but you get the idea). It cant be for fame, do you know the name of a famous defaceor? It cant be for money, is there a forum where money is stored in its files?

Alot of these defaceors come across flaws by accident. They have a choice, Take the site down, or, do what i do, and email the site webmaster to tell the webmaster your were on his site and found a flaw. It all depends on what colour your web browsing hat is.

Link to comment
Share on other sites
sqall Newbie

sqall

Posted
Posted
Alot of these defaceors come across flaws by accident. They have a choice, Take the site down, or, do what i do, and email the site webmaster to tell the webmaster your were on his site and found a flaw. It all depends on what colour your web browsing hat is.

I would do the same thing. Just contact the webmaster or administrator and tell them everything or give some help how to secure the site.

But I think defacing isn't so bad if the defaceors just leave a little note on the frontpage or something like that with infos to secure the site or whatever. I don't agree with the deface which ls showed us.

Link to comment
Share on other sites
dr0p Newbie

dr0p

Posted
Posted
Speaking of companies treating their employees like shit, I was out of a job on Fridat with one days notice. I was hired through a labour hire company as a SysAdmin and a network desing manager. Over the past few weeks I had noticed my boss had been lying to clients, sendingme to do ALL of the work and deal with the angry people. I refused to lie for him so I told them the truth and tried my best to get everything up to scratch. I then get a phone call on Thurday afternoon from the labour hire company telling me that my boss has not paid a cent the whole time I have been there, and they had to cancel my payment.

bottom line is he owes alot of moeny around town and royally screwed me and my family over. I used to manage his websites (of which he has still not paid for the domains and the hosting) so I pulled them down (with permission of the ISP hosting them because he hates my boss with a passion too!).

I guess it is defacing and some here may be against what I did but he fucking deserves it. I managed to find another IT job but the money is crap so back to struggling again.

Sorry for derail I needed to vent!

If he was my boss, I'd be bent on making sure he didn't have that money that he owed people and more.

I dont see why people deface in the first place, I can see why people hack banks or governments, but what do you have to gain from defacing a website, its pointless (all hacking for malicous attempt is pointless, but you get the idea). It cant be for fame, do you know the name of a famous defaceor? It cant be for money, is there a forum where money is stored in its files?

I can name one defacer: iskorpitx. He's one of those Turkish people who thinks defacing is the l33test thing ever (and has defaced a ton of sites, and actually knows what he's doing and isn't and skid). However, he is the only one I know of.

Link to comment
Share on other sites
DingleBerries Newbie

DingleBerries

Posted
Posted

I dont know if its just me or not, but if i find a site with some juicy sql exploit or an open ftp, then im going to take it and do something. maybe not big, like write penis in the middle of a paragraph, but the owners/mins should be certain to maintain an updated server/site. I can understand flusteration of being locked out completely because that is pretty douche bagish, but me putting some goatse on a site is their fault, i didnt want to do it, but its like leaving a penis lollipop in front of a homosexual.

Link to comment
Share on other sites
RogueHart Newbie

RogueHart

Posted
Posted
I dont know if its just me or not, but if i find a site with some juicy sql exploit or an open ftp, then im going to take it and do something. maybe not big, like write penis in the middle of a paragraph, but the owners/mins should be certain to maintain an updated server/site. I can understand flusteration of being locked out completely because that is pretty douche bagish, but me putting some goatse on a site is their fault, i didnt want to do it, but its like leaving a penis lollipop in front of a homosexual.

goatse.jpg

Link to comment
Share on other sites
Nophix Newbie

Nophix

Posted
Posted

I hate these guys. Seriously, they piss me off to no ends extent. I'm part of a car club, and when we first started, the web admin was learning as he went. The front page got defaced like 5 times the first year! Honestly, what part of hacking a cheesehead carclub site is cool? Although, if we were to ever catch them, we'd probably beat them with a 1/2' drive torque wrench!

Link to comment
Share on other sites
raevin Newbie

raevin

Posted
Posted

I know I'm new here, but...meh, why not give an opinion? Lol.

On a lot of "hacking" boards I used to visit, XSS and defacing were the two most hated-upon showoffs. XSS is a different discussion itself, but for defacing...here's my view.

If you:

A) have a conscience and tell the admins of the flaw that gave you the ability to deface, then you gain some respect to me...because you're doing the right thing.

B) don't deface the entire website, but maybe add <!-- hacked by me --> or something in the source, or just create a simple HTML file that says "fix the flaw"...there's no harm in that. It doesn't cause any damage, and it's far easier to fix.

C) not be a skiddie. Personally, I think it's okay to use exploit sites if you're using it to be an actual pentester, and not some...well, butthole to say it nicer, haha.

If you meet all three...where's the harm? I know point C is kind of hypocritical, but still.

I've done defacements before, but it was never to the point to where I destroyed the entire site, or anything. When I find a way into a site, I do one of two things: a) show proof I got in so the admin believes me (aka: point B & A above), or B) ignore it and continue on with whatever I'm doing.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...