Page 2 of 2 [ 20 posts ]  Go to page Previous  1, 2

LordoftheMonkeys
Veteran
Veteran

User avatar

Joined: 15 Aug 2009
Age: 31
Gender: Male
Posts: 927
Location: A deep,dark hole in the ground

25 Feb 2010, 9:43 am

Well, I went to codecall.net and it seems the admins have found out about the hack and are currently in the process of restoring the site. I wonder if these kids will get in trouble for it, seeing as they appear to be based in the Middle East and not in America. Anyway, it would be nice if someone would go to that script kiddie site that they came from and hack it, or at least report it to the government so it will be dismantled. Here's the URL and IP address of the site in case anyone is interested in tracking these people down:

http://forums.soqor.net/
69.175.51.126

Here's the whois information:

OrgName: SingleHop, Inc.
OrgID: SINGL-8
Address: 621 W. Randolph St.
Address: 3rd Floor
City: Chicago
StateProv: IL
PostalCode: 60661
Country: US

ReferralServer: rwhois://rwhois.singlehop.net:4321

NetRange: 69.175.0.0 - 69.175.127.255
CIDR: 69.175.0.0/17
OriginAS: AS32475
NetName: SINGLEHOP
NetHandle: NET-69-175-0-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.SINGLEHOP.COM
NameServer: NS2.SINGLEHOP.COM
Comment:
RegDate: 2009-05-04
Updated: 2009-11-02

RAbuseHandle: NETWO1546-ARIN
RAbuseName: Network Operations
RAbusePhone: +1-866-817-2811
RAbuseEmail: [email protected]

RNOCHandle: NETWO1546-ARIN
RNOCName: Network Operations
RNOCPhone: +1-866-817-2811
RNOCEmail: [email protected]

RTechHandle: NETWO1546-ARIN
RTechName: Network Operations
RTechPhone: +1-866-817-2811
RTechEmail: [email protected]

OrgAbuseHandle: ABUSE2492-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-866-817-2811
OrgAbuseEmail: [email protected]

OrgNOCHandle: NETWO1546-ARIN
OrgNOCName: Network Operations
OrgNOCPhone: +1-866-817-2811
OrgNOCEmail: [email protected]

OrgTechHandle: NETWO1546-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-866-817-2811
OrgTechEmail: [email protected]

# ARIN WHOIS database, last updated 2010-02-24 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at https://www.arin.net/whois_tou.html

Here are the accounts of the two individuals who did the hacking:

http://forums.soqor.net/hackers-pal-m1.html

http://forums.soqor.net/str1ker-m2.html

Hopefully this post will fall into the hands of someone who can do damage to these kids, their computers, their accounts, and/or their whole script kiddie operation.



pakled
Veteran
Veteran

User avatar

Joined: 12 Nov 2007
Age: 63
Gender: Male
Posts: 7,015

25 Feb 2010, 10:52 am

anahl nathrak, uth vas bethude, doth yel dyenvey...

It's the 'charm of making' from the movie Excalibur...and I have no idea what it means...probably means 'I'll have an oven-boiled tractor' in Welsh or something...;)

In any endeavor, it's the people who are on the bleeding edge of the learning curve that cause the most trouble.
There is a war (where isn't there one?) in cyberspace between the Palestinians and Israelis, and that probably spills over onto us (but that's a subject for PPR...;) Heck, the Chinese army has cyber-soldiers who are busily trying out professional-grade web attacks.

But yeah, it's a poor hacker that doesn't understand their tools...or just are tools...;)


_________________
anahl nathrak, uth vas bethude, doth yel dyenvey...


FePixie
Snowy Owl
Snowy Owl

User avatar

Joined: 29 Oct 2008
Age: 52
Gender: Female
Posts: 157
Location: NZ

01 Mar 2010, 2:20 am

ValMikeSmith wrote:
At some time in the near or indefinite future, I will have an unhackable webserver.


There is no such thing - if its a "webserver" its hackable - if you state its not it just makes the hackers try harder till they get in - if its on the web its not 100% safe - ever - on any site - make something new and a hacker will just find a new way to get in :roll:

Having said that - there are lots of things you can do to make it hard for anyone to get in - especially "kiddy hackers"

Like mike said - writing your own code is a good start - any open source package program has given hackers the opportunity to see how it works from the backend - that sure makes it easier to find a way in 8O

Make sure your server has the latest hacker proof stuff loaded - especially check for suexec on a php server :D

Never ever set folder permissions to allow public write - if a script says it needs this - ditch it fast!! :o

Always keep files with database passwords etc in a folder with an htaccess lock on it

And thats just real basics for a public site - if you store things like personal info or other stuff thats supposed to be top secret - you should also use an ssl connection - a session - and an htaccess lock

No i'm not a hacker - but i do run a server with around 170 websites on it - so i've met these jerks b4 :evil:



lxuser
Sea Gull
Sea Gull

User avatar

Joined: 29 Sep 2008
Gender: Male
Posts: 223
Location: When you're here, I'm nowhere

07 Mar 2010, 4:49 am

LordoftheMonkeys wrote:
jamesongerbil wrote:
they'd have to have intimate knowledge of your passwords or something... floppies are so very old school. i still have some hanging around that I just can't get rid of... you do bring up an excellent point, though. :roll: i wish you luck in your endeavor.


I think the first method people use to break into servers is to run a program that determines the password, and then use it to do a remote login.


It most likely was a dictionary attack or a brute force attack. Script kiddies are really annoying, if your going to hack hack for a constructive reason or hack people who annoy you.



cron