Well... In the past few day's, ChaosGFX, ShoutGFX and Gfx-base has been hacked. I found out who hacked ShoutGFX, @ ChaosGFX Some british people hacked the site... o.o Is IPB not secured nemore?? SHOUTGFX has been fully hacked ryt now!! Dear www.shoutgfx.com, You have been hacked by Klik of BHU - ritish [H]ackers nited BHU - British Hackers United: HoofMaGoof Net_Raven Untamed Cyber Squee PeSt iZaP GM Klik Regards, Klik.
there is a bug in one of the versions of IPB, but for webmasters over here: you can get a free updat from the staff from Invision Power Board.
ahh well i just wish i could feel more sorry for shout gfx, nope i can't sorry. But hackings wrong anyway, no matter how much we dont like shout, theyve put a awful amount of money into that site, for it to be hacked like that
if anyone has more info on what type of exploit was used on these sites, please share it. - Gfx-base.com is the one with the exploits, file is fillmemadv416 - Couldn't find script exploits, or i'm slacking only vulnerable thing i found was CRLF injection .. on the ads -____- - ShoutGFX site ip: 24.177.130.88 24.177.130.88 CustName: Web-Coders LLC Address: 1411 Johnson St Address: Use as many Customer Address lines as needed to specify City: Onalaska StateProv: WI PostalCode: 54650 Country: US RegDate: 2005-03-07 Updated: 2005-03-07 NetRange: 24.177.130.80 - 24.177.130.95 CIDR: 24.177.130.80/28 NetName: WBCD-24-177-130-80 NetHandle: NET-24-177-130-80-1 Parent: NET-24-177-128-0-1 NetType: Reassigned Comment: Abuse EMail [email protected] RegDate: 2005-03-07 Updated: 2005-03-07 OrgAbuseHandle: ABUSE19-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-314-288-3111 OrgAbuseEmail: [email protected] OrgTechHandle: IPadd1-ARIN OrgTechName: IPAddressing OrgTechPhone: +1-314-288-3889 OrgTechEmail: [email protected] port 21, 22, 53, 80, 110, 111, 119, 143, 443 is open. - An SQL injection vulnerability was found in Invision Power Board allows attackers to add, change, delete and view records from the database.
These "Hackers" arent bad, from what Ive seen at another sites that been hacked. They hack the stuff to show that your stuff isnt secure. On another site, after they hacked it, they posted a announcment using a Admins names, prociding a link to fix the holes and bugs in there stuff. But I dont know.