WE R PAKBRAIN AND [CODE]

Defacing sites with one-liners about copulating with nations, leads to political education of the western word. Right? Two days ago, PakBrain and [Code] managed to deface this and my two other sites with a highly intellectual message:

WHACKERZ OWNED YA BOX WE R PAKBRAIN AND [CODE] BIG FUCKS TO INDIA ISRAEL USA.

A group of Hackers, who call themselves “Whackerz” (how creative!), managed to use a security hole in phpSecurePages (how’s that for irony?) to place a backdoor on the server and subsequently replace all files matching *index* with 77 bytes of their gray-matter-garbage. The original attack was launched against unsere-weltreise.net, but since streeck.com and stufe98.de are hosted from the same account, all three sites were “whacked”.

Let’s take a look at PakBrain and [Code]. I’ve done a little research on the net, and found that they feel themselves to be political and religious freedom fighters. For Pakistan against India, pro Palestine contra Israel, and screw the USA twice over. They trust Allah to protect them from the police and truly believe that defacing sites owned by “westerners” will earn them sympathies and political support.

How is it, that someone smart enough to hijack a server can be so dumb?

UPDATE: After being the idiot whose site was wrecked, I started trying to understand how such an exploit works, and thus examined the code in question: phpSecurePages’ secure.php. After contacting the author, I started messing with the code and so we simultaniously developed an identical fix for the exploit (a security measure already implemented in checklogin.php needed to be copied into secure.php and slightly modified). The official download has been replaced with the new version, which is hopefully bombproof. Note, if you are using PHP4 or PHP5, replace all include() functions with require(), so that a missing file or misconfiguration leads to a fatal error and not to a security breach.

Ein Kommentar zu “WE R PAKBRAIN AND [CODE]”

  1. balu://erzählt

    Weltreise-Seite gehacked

    Für fast zwei Tage war die Weltreise-Seite von Ute und Krissi dank zweier “begnadeter” Hacker offline :##. Ben hatte alle Hände voll zu tun, das wieder hinzukriegen. Jetzt läuft die Seite glücklicherweise wieder.

Einen Kommentar schreiben:

*