[Preacher]

Can anything be said about efforts to find out the website hacker?


Packin' Preacher

 

[NExd]

HAHAHA 8)

 

[mullanman]

He's in my basement, hogtied.



I'm denying him food and water. 8)

 

[Greg in OKLAa]

it puts the lotion on

it puts the lotion in the basket :lol:



make sure you dont forget to feed him

 

[NiK]

In all likelihood it was a worm that affects php sites. I doubt if any efforts were even applied to discover its origin.

 

[ampleworks]

Actually had you browsed back and read, you would find out the previous version of phpBB had a bug in it and this script kiddie read about it, exploited it, and probably voted for John Kerry.

He/she/it may have gotten away from it on this site, but he has a standing dare to enter my property.

 

[[TASF]Overkill]

I don't think he'll ever be found.

Unless you bring a shovel.

 

[120mm]

"Put the lotion on the skin, or else it gets the holes again!"

 

[Preacher]

Yeah, I was just wondering. I have checked Kermee's FAQs, INFO, etc. a few times, but never heard any new info on whether or not the idiot is being sought out.

Where do you live, Mullanman? Some might want to help you take care of him or her.

 

[msidner]

Depending on how extensively the activity here is logged, the IP address of the hacker may have been logged, but the next step would be figuring out if the location used is actually their ISP (a common thing when kids hack) or if they compromised another device to then "relay" an attack. My guess would be the fool did it from home or the library, or if smarter than the average, might have sought out an open WIFI access somewhere. This is why its hard to nail down cyber criminals, too many ways to hide.

Matthew

 

[one-eyed-fatman]

If it was a worm I can only hope it came from a good bottle of Tequila.

 

[Preacher]

No, I think it is the kind of worm that swims up your weinie when you swim in African waters.

Difficult to urinate, you know.

 

[aiformula]

all the references in this thread reminded me of this site. I don't know which is more disturbing, the singing or the fact that someone actually took the time to put the the major dialogue scenes of the movie to "music"

http://www.silencethemusical.com/

sorry for the hijack

 

[DigMe]

It was definitely no random worm. It was a hacker because I saw when he was here and logged in when it was happening and I even PMed him. I can't remember what username he was going by but it was definitely the guy that hacked the board...brand new registered member who's username at the bottom of the forums page was colored orange, which signifies that he's an admin.

brad cook

 

[jcrich33]

It was definitely no random worm. It was a hacker because I saw when he was here and logged in when it was happening and I even PMed him. I can't remember what username he was going by but it was definitely the guy that hacked the board...brand new registered member who's username at the bottom of the forums page was colored orange, which signifies that he's an admin.

brad cook

http://www.hs2000talk.com/viewtopic.php?t=15554&highlight=pwn3d

 

[Preacher]

Aha. After looking at the Urban Dictionary, I believe the person should be called a cracker and not a hacker. My bad--- 1 15 /V07 4 1337 h0x0r --- Obviously. :roll:

 

[SLCDave]

It puts the Joe Dirt in the hole!

 

[mattsnuked]

If you Google ze3lock a lot of stuff comes up on him or what ever it is.

 

[dolanp]

Zeelock was an individual who discovered how to exploit this vulnerability and published a proof-of-concept exploit which was subsequently used by many script kiddies. Most likely, any attempts to trace the source of the attack would be futile.

 

[wfrazee]

Zeelock was an individual who discovered how to exploit this vulnerability and published a proof-of-concept exploit which was subsequently used by many script kiddies. Most likely, any attempts to trace the source of the attack would be futile.

Would be now, anyway.

If the owner of the foumr was a little more hands on and had released the access logs and any phpBB logs to someone in cyber security, an IP check could have been run against the login records or the backend database (phpBB DOES record your registration IP, and there would be an origination IP in the server access logs anyway) and then run a query of the IP against ARIN block such as by using NQT that I wrote (http://www.waynefrazee.com/tools.php/nq).

From that, you can form an abuse inquiry to the ISP. Realistically, that might turn out a red herring but chances are that will give you at least the outbound leg in the attack vector.

At any rate, running a forum using publicly availible forum software, especially something that has been as high profile as phpBB without actively maintaining and updating your community is irresponsible. I enjoy this forum for the community but if I really had the time you have no idea how much throught I have put into running my own XD enthusiast site.