Jump to content

Hey hacker guy

Sign in to follow this  

Recommended Posts

Guest

Wow, I feel sorry for the people that don't have anything to do so they hack accursedfarms

Share this post


Link to post
Guest

I am sure that the hack attack was just to make them feel "stronger" than someone so just ignore them, because they attack low security webs because they cant hack a really strong one.... they are losers....

i hope someone help you with your work Ross, because its really gooooood!

keep it up Sr. !!

Share this post


Link to post
Guest

Man, don't come in for a few days and all hell breaks loose.

Keep it going, Ross. Something good is bound to come your way. You know, considering that all this crap desides to happen.

Share this post


Link to post
Guest

Whoa...I didn't even notice something was wrong until I read this. I usually check the site whenever the RSS feed updates, and I check it daily. Somehow the last two updates (the hacker's) were already marked as read, so either that was a side effect or I'm really not paying attention to what I'm doing.

 

Anyway, good to see everything's back to normal.

Share this post


Link to post
Guest

Want help with rebuilding the site?

Share this post


Link to post
Guest

It's like they're trying to tell you "Hire us for better security"

 

You know, like if you were actually making money out of this.

Share this post


Link to post
Guest

The hacker might be motivating you to get a donate button

Share this post


Link to post
Guest

it's summer, so the script kiddies are rampant. Bummer

Share this post


Link to post
Guest

Since it seems like an advertisement for their services, I wonder if they stand to make any money off attacks like this.

Share this post


Link to post
Guest

Okay, I'm not going to read the rest of everyone elses' comments, but quite a few are not very correct. So shut up and start reading.

 

First off, the guy who hacked this site has a site from freewebs. Freewebs did not hack accursedfarms.com. The people who think that's his site are complete idiots. Freewebs changed their name to just webs about 3-4 years ago. If you want to help out, go report the hacker's site to freewebs.

 

Also, your "hacker" is really just a script kiddie. I mean really, it's obvious. Look at his stupid webpage. Look at the code. It's just sad.

 

For those guessing how he got in, stop. This site is just a couple of php scripts. It's most likely he got in via form injections. This just means whoever programmed your site didn't make sure to take user input sanitized. The "hacker" probably just had the database dump and got everyone's username and password. Bam. Now he can login as Ross and post what he wants. Notice how all posts the hacker made were by Ross? There you go.

 

However it's possible that:

1) Ross has some extremely outdated web software installed somewhere that he just doesn't use and never deleted (like Wordpress, Joomla or Gallery).

2) He guessed your ftp password, Ross. But judging on the damage, this is not likely.

 

Also, Ross? Not a good idea to keep those posts there. Atleast delete the images. That only helps him.

Share this post


Link to post
Guest

Ross, you are a good man, patience is a virtue possesed by few.

As a faithfull viewer, I say take your time

Share this post


Link to post
Guest

kinda a waste of time to hack this site, and i dont really see anything at risk (ie personal info etc) so ignore it. also if that youtube video is the song they put on the site...that is kind a funny, but they should have embedded that video instead of those pics, way funnier. but maybe im just being racist or perhaps culturalist because this: http://www.youtube.com/watch?v=OWeIBEKY3S4 totally had me on the floor.

Share this post


Link to post
Guest

I hope they don't have acces to the database. f they do, we'll all recieve a lot of viagra spam and junk emails...

 

PS: Whitehats FTW

Share this post


Link to post
Guest

You could just break down into a basic html and get rid of the rss feed. Just make another page to link to for all news, and it'd work the same except when adding in posts. php the comments, but i don't think you want to do that.

 

I love your vids and hope more come.

 

-lex (http://www.youtube.com/user/someoneinexistance)

Share this post


Link to post
Guest

Okay just to clear something up, No one and nothing "hacked" this site, they cracked it! It's 2 complete different things!

1. Hacking is modifying something to improve it

2. Cracking is exploiting someone's system to do something bad. (or just does something bad)

Share this post


Link to post
Guest

@Anonymous at 20:33:54

That was an SQL injection, please read early comments. While it is possible that the passwords were not md5()-ed, I strongly believe (or hope ) that they were. If they were encrypted, nobody can login as you. If they weren't (which is less likely), yes, the person might have all your login/pass details but unless you keep the same password for everything, I don't see any risk here. The person didn't need to get Ross's login/pass, he likely directly UPDATE-ed or INSERT-ed in the DB.

 

Regarding upcoming spam as Muzt4nG suggests, yes, that's a possible scenario. I don't have enough time on my hands (and don't really want to, that injection is really trivial and not interesting) to go ahead and verify what can be pulled from DB but I am almost 100% sure that emails can be pulled.

 

However if the guy had hacked to get any gain, he wouldn't had posted all this childish stuff here. He would actually had kept everything silent and continued pulling emails from DB as new users register. So that said I think the only motive was "just for lulz".

 

PS. I likely messed up all these would-s and had-s, sorry, english is not my native language

Share this post


Link to post
Guest

SQL injection is really easy to fix... and that was prolly some 14y old lamos, sice this is like ... well .. lame... i mean look i can make smile here in comments im hacker yay...

 

Just filter all $_POST and $_GET variables with something like htmlspecialchars or mysql escape string functions and thats it... (no more than 5mins work)

 

If you dont know how to do it, lots of people here will do it for you.

(sorry for my gramaticaly incorrect sage input)

Share this post


Link to post
Guest

Am I vulnerable to hackers by visiting this site now?

Share this post


Link to post
Guest

Posted by Anonymous at 02:09:21 :

 

No.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in the community.

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  


×
×
  • Create New...

This website uses cookies, as do most websites since the 90s. By using this site, you consent to cookies. We have to say this or we get in trouble. Learn more.