Oh My God Bigest WAREZ Site Is Hacked :-(

pasanlaksiri

Member
Aug 22, 2006
4,179
0
0
Thalawathugoda
2001298113293168375_rs.jpg



 
Last edited:

coolioWiZ

Well-known member
  • Jul 19, 2007
    1,396
    31
    48
    alpha canis majoris
    There are other sites, what I care about getting from those type of sites is ebooks and yes plenty of ebooks.

    BTW that site seems to be back. Funny a hacker site got hacked.

    zCexVe said:
    Anthimedi deyyo ape keemata prathichaara dakvala.|-|4(k3r ta pin siddha vechchave.

    1337 :lol:
     

    pasanlaksiri

    Member
    Aug 22, 2006
    4,179
    0
    0
    Thalawathugoda
    coolioWiZ said:
    There are other sites, what I care about getting from those type of sites is ebooks and yes plenty of ebooks.

    BTW that site seems to be back. Funny a hacker site got hacked.



    1337 :lol:

    Ya u can find tons of good E Books. Like O'Reilly. But did u ever refer them a to z.
     

    funnyguy

    Member
    Jun 11, 2007
    126
    1
    0
    actually, that site may be hacked because PhpBB (the sites software) has had an exploit. Either via SQL injection or via open variables. Nothing is fool proof.
     

    coolioWiZ

    Well-known member
  • Jul 19, 2007
    1,396
    31
    48
    alpha canis majoris
    pasanlaksiri said:
    Ya u can find tons of good E Books. Like O'Reilly. But did u ever refer them a to z.

    I mostly search for medical and other science related ebooks. :yes:
    Other than that it's webdesigning [html/css/php/ruby]

    In the site you posted registration is needed to view posts. So I didn't try checking their posts. :( There are other sites which are mainly concerned about ebooks and I like that they have other topics than IT related books. :lol:

    funnyguy said:
    actually, that site may be hacked because PhpBB (the sites software) has had an exploit. Either via SQL injection or via open variables. Nothing is fool proof.

    That was a problem with PHP not phpBB. So any PHP script can be exploited not only phpBB.
    I hope it's fixed :confused:
     

    crazer_z

    Member
    Nov 25, 2006
    8,238
    3
    0
    iN Ma DR3AMz....
    coolioWiZ said:
    phpBB kiyanneth forum software ekak.
    eeka opensource. vbulletin wage register karanna oone ne, eth vbulletin tharam advance ne. :(
    Bro ape site ekath Vbulletin ne Meka Salli gevala wenna athi aran aththe ne otherwise e gollo warn karanawane :D
     

    funnyguy

    Member
    Jun 11, 2007
    126
    1
    0
    coolioWiZ said:
    I mostly search for medical and other science related ebooks. :yes:
    Other than that it's webdesigning [html/css/php/ruby]

    In the site you posted registration is needed to view posts. So I didn't try checking their posts. :( There are other sites which are mainly concerned about ebooks and I like that they have other topics than IT related books. :lol:



    That was a problem with PHP not phpBB. So any PHP script can be exploited not only phpBB.
    I hope it's fixed :confused:
    What? a PHP exploit? that does not make any sence to me.

    The PHP Change log is found here http://www.php.net/ChangeLog-5.php

    But there is no major security fix in PHP5. The server that the warez site must be running on might be seriously out of date. :confused:
     

    coolioWiZ

    Well-known member
  • Jul 19, 2007
    1,396
    31
    48
    alpha canis majoris
    funnyguy said:
    What? a PHP exploit? that does not make any sence to me.

    The PHP Change log is found here http://www.php.net/ChangeLog-5.php

    But there is no major security fix in PHP5. The server that the warez site must be running on might be seriously out of date. :confused:

    This is a very old problem dated somewhere in 2004.
    http://www.phpbb.com/community/viewtopic.php?f=14&t=248046

    By php 4.3.10/5.0.3 it's fixed so you wouldn't be able to find details about it in the top of the changelog. If you check the bottom you might see this:

    Version 5.0.3
    15-Dec-2004
    Added the %F modifier to *printf to render a non-locale-aware representation of a float with the . as decimal seperator. (Derick)
    Fixed error handling in mysqli_multi_query. (Georg)
    Extended the functionality of is_subclass_of() to accept either a class name or an object as first parameter. (Andrey)
    Fixed potential problems with unserializing invalid serialize data. (Marcus)
    Fixed bug #31034 (Problem with non-existing iconv header file). (Derick)
    Fixed bug #30995 (snmp extension does not build with net-snmp 5.2). (Ilia)
    Fixed bug #30994 (SOAP server unable to handle request with references). (Dmitry)


    I also think the php version of the warez site must be seriously old. Might be the reason they were struck with this password exploit. It's quite funny for a warez site :lol: