Jump to content

Change
Photo

Annoying "Script Kiddies" hacked into E-dz!!

- - - - -

  • Please log in to reply
1 reply to this topic

#1
The Repentant

The Repentant
  • Members
  • 75 posts
  • Gender:Male
  • Location:Algeria

Current mood:
Asalam Alaikum Wa Rahmatu Allah Wa Barakatuh

Nearly everyone have witnessed the annoying E-DZ defacement , which can not really be described as a real hack , all what these annoying "script kiddies" did is the redirection of the forum's front page to their own link : http://100781.org/TGT.php

Posted Image

After a quick view of their page's source code , there is nothing malicious that can be used to compromise your system , just simple HTML lines used in their pathetic index.

<html>
<title>The GreaT TeAm</title>
<body bgcolor="#000000" >
<center><font size="6" color=red >hacked by The GreaT TeAm</font></center><center><br>
<img border="0" src="https://fbcdn-sphotos-c-a.akamaihd.net/hphotos-ak-snc7/485862_154964204641843_1622848245_n.jpg" width="562" height="317">
<p> <font face="courier new"><font size="4" color=yellow><blink>123 Tfo Algerie</blink></font><br>
<div id="example1"></div><p id="example2">
<font color="#FF0000">Security</font><font color="#808000"> = <img src="http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/24.gif"
<br>&nbsp; &gt; :v<br>
-
<br>
<br>
www.fb.me/LibyanCA2
<br>

<br>
./TGT
</font>
<body></html>


their message is clear , just a retaliation after the ridiculous soccer game between Algeria and Libya.

E-dz was so secure in the past when it was hosted on a private server , but now its on a shared server so i knew that this was coming ,even if E-DZ is well secured , hackers can use a weak website on a shared environment to gain access to the server then crawl to the desired secure website and compromise it.

there are two possible ways how these hackers injected their redirection code:

1- using a htaccess file with the following code:


RewriteCond %{HTTP_HOST} !^forum.e-dz.com
RewriteRule (.*)
http://100781.org/TGT.php

or

2- using a brute HTML redirection code within E-DZ 's forum index source code or the Database:





<META HTTP-EQUIV="Refresh" CONTENT="0; url=http://100781.org/TGT.php">



-Either ways the Administrator must search for codes similar to this and delete it, also change the FTP password and detect then delete the backdoor used to access the websites folders.


-Members can keep their passwords because E-dz's forum is IP.Board which use a powerful encryption , i am 100% sure that these Script Kiddies can not decrypt.

Posted Image

meanwhile inorder to browse the forum without being redirected to the annoying page , its highly recommanded to use NoScript Firefox add-on , which will prevent the redirection and let you browse smoothly .

https://addons.mozil...addon/noscript/


its also recommanded to use Firefox as your default browser because its the most secure browser unlike google chrome , opera and Microsoft internet FAIL explorer .

Keep in mind that even with Firefox you are still exposed to cyber threats, thats why you need to update your browser regularly

i already posted a how to here:

http://forum.e-dz.co...online-threats/


Finally do not underestimate the danger that which malware poses for our devices and to our data. just one successful malware infection could lead to the loss of all important data stored on your computer!





والله أعلم





  • writersfreedom, kim and •eve• like this

#2
writersfreedom

writersfreedom

    The Beauty and The Prince

  • Super Moderators
  • 5,369 posts
  • Gender:Female
  • Location:In My Husband's Heart

Current mood: Cheerful
:salaam:


Glad to see E-DZ is back!

Thank you for the info. Well those kiddies also reported me on youtube and claimed that I used their copyright material, even though I always make sure to never use anything that can put my account in danger and never got any warnings from youtube about those videos, but anyways same day e-dz was ''hacked'' my account was deleted. Whatever, E-DZ is back now and we can always create new YT accounts!


~~~ Peace out ~~~


What can my enemies possibly do to me? My paradise is in my heart; wherever I go it goes with me, insepa­rable from me. For me, prison is a place of (religious) retreat; ex­ecution is my opportunity for martyrdom; and exile from my town is but a chance to travel ......

Posted Image