|
SuzukiSavage.com
/cgi-bin/YaBB.pl General Category >> The Cafe >> susuzkisavage.com related - possibly important /cgi-bin/YaBB.pl?num=1274845619 Message started by BurnPgh on 05/25/10 at 20:46:58 |
|
Title: susuzkisavage.com related - possibly important Post by BurnPgh on 05/25/10 at 20:46:58 http://www.suzukisavage.com/cart/index.php Go there. What Im seeing is some very strange things and a lot of what appears to be an eastern european language. I dont know much about computers but I know something isnt right on that page. ".:Data System:. Disable Function:NONE Op.System:Linux||Ip.server:173.244.96.23 Safe Mode:OFF Temp: Uname:Linux olyweb1 2.6.32-3-amd64 #1 SMP Wed Feb 24 18:07:42 UTC 2010 x86_64 PhpVersi:5.2.13 Greetz::netheroes crews>>fitri,lyly^,Hellhag,gunX,black,quintin,ckarh,mzloveme,h_ganteng,ncezz,benny,wendy,napicatra,dyvilz & all (scrolling) total 288 630262392 4 drwxr-x--- 14 www www 4096 May 25 03:32 . 95700155 4 drwxr-x--- 14 www www 4096 Apr 12 15:43 .. 918966067 8 drwxr-x--- 5 www www 4096 Sep 4 2008 admin 568287914 164 -rw-r--r-- 1 www www 166031 May 25 03:31 c99.php 918966076 16 drwxr-x--- 2 www www 12288 May 24 07:47 cache 568287919 4 -rw-r--r-- 1 www www 2404 May 25 03:32 db_scaner.php 95700166 4 drwxr-x--- 2 www www 4096 May 1 2008 docs 401260575 0 drwxr-x--- 2 www www 133 May 1 2008 download 630262869 0 drwxr-x--- 3 www www 54 May 1 2008 editors 918977282 4 drwxr-x--- 2 www www 4096 May 1 2008 email 95700172 4 drwxr-x--- 2 www www 4096 May 1 2008 extras 401260581 16 drwxr-x--- 14 www www 12288 May 25 19:31 images 95700177 4 drwxr-x--- 13 www www 4096 May 13 14:39 includes 630400080 8 -rw-r----- 1 www www 4666 Feb 1 2006 index.php 630400081 20 -rw-r----- 1 www www 16672 Nov 27 2007 ipn_main_handler.php 630400082 16 -rw-r----- 1 www www 15039 Jan 21 2006 license.txt 401296754 0 drwxr-x--- 2 www www 43 May 1 2008 media 630400083 4 -rw-r----- 1 www www 2154 Mar 27 2006 nddbc.html 630400084 4 -rw-r----- 1 www www 4076 Aug 19 2007 nochex_apc_handler.php 630400085 4 -rw-r----- 1 www www 675 Dec 30 2005 page_not_found.php 630263549 0 drwxr-x--- 2 www www 39 May 1 2008 pub 918978145 0 drwxr-x--- 3 www www 64 May 1 2008 tmp" Perintah: (next to a text bar) Eksekusi / Berishi (bottons) /mnt/raid/webserver/virtual/suzukisavage.com/html/cart (in a text bar) ndelok (another button) Susep file: kirim (another button)" Anyone know wtf this means? My immediate assumption is the sites cart section has be hacked/hijacked. Doesnt matter much since no one's bought anything directly from the site for as long as Ive been around and thats about 2 years, but personal info may be in danger. I dont really know. Just thought Id give a heads up and maybe someone else knows whats going on. In any case, I think this is a good time to suggest making the backup forum a sticky if possible or as widely known as possible. |
|
Title: Re: susuzkisavage.com related - possibly important Post by Serowbot on 05/25/10 at 22:41:57 That is some major weirdness!... If all else fails,... go here.. Created by Bouletard... It;s not a full back-up but a place to meet up if we get lost... http://suzukisavage.forumotion.net/ bookmark it now!... :-?... Wish we could at least back up the tech section... |
|
Title: Re: susuzkisavage.com related - possibly important Post by dasch on 05/26/10 at 00:16:18 Know what? I think this is in Albanian. |
|
Title: Re: susuzkisavage.com related - possibly important Post by Stimpy on 05/26/10 at 01:05:29 We've been hacked. We could have been targeted (or our host server) or it could have been random, who knows, but till now it looks pretty harmless to me, kinda like wall graffiti. Easy fix. No virus risk nor re-direction (cause they usually redirect traffic to weird pr0n sites or worse) no harm done. ;) This is what they changed in the HTML page source file: <marquee behavior=alternate> <B>n37 by:<font color=#33FF4B face='courier new' size=3>vires </font>vires Greetz::netheroes crews>>fitri,lyly^,Hellhag,gunX,black,quintin,ckarh,mzloveme, h_ganteng,ncezz,benny,wendy,napicatra,dyvilz & all </b></marquee> </center></font></td> <form method='POST' enctype='multipart/form-data' action=/cart/index.php><br> Perintahe :<input type='text' name='vires' size='42'> <input type='submit' value='Eksekusi' name='v1'> <input type='reset' value='Bersihi' name='v2'><br> Direktoryne : <input type='text' value= "/mnt/raid/webserver/virtual /suzukisavage.com/html/cart" name='girls' size='50' > <input type='submit' value='ndelok' name='v3'><br> Susup file:<input size='44' type='file' name='filele'> <input type='submit' name='fitrix' value='kirim'></form> </center></font></td> </tr> </table><br> Perintah Terlaksana boz>><font color='yellow'></font>:: <center>o--+[coded by vires/nETh 2009]+--o</center><br> </font></body></div> |
|
Title: Re: susuzkisavage.com related - possibly important Post by dasch on 05/26/10 at 02:26:13 7D786A7A71190 wrote:
Mistyped, it's not Albanian. Don't want to falsly accuse my neighbors... |
|
Title: Re: susuzkisavage.com related - possibly important Post by mick on 05/26/10 at 02:57:44 2421332328400 wrote:
Mistyped, it's not Albanian. Don't want to falsly accuse my neighbors... [/quote] it's in Swahely |
|
Title: Re: susuzkisavage.com related - possibly important Post by jef.savage on 05/26/10 at 05:49:21 I did order a SS.com decal a month ago and never got it. I recently wrote to "contact us" about and got no answer. Looks like I'm out $3. |
|
Title: Re: susuzkisavage.com related - possibly important Post by babyhog on 05/26/10 at 05:59:10 I noticed it 2 or 3 days ago, at least. |
|
Title: Re: susuzkisavage.com related - possibly important Post by Boule’tard on 05/26/10 at 06:55:46 It does look like the home page was hacked, but apparently they did not touch the forum. If I was concerned about catching something I'd just set the "noscript" extension on Firefox to not allow javascripts from the site, which BTW needs to be pruned down to just the part that is used, and the forum software updated. Thanks prechermike for the heads up. |
|
Title: Re: susuzkisavage.com related - possibly important Post by Moofed on 05/26/10 at 09:02:07 Actually, it's quite serious. Anyone who came across that page, which is anyone who went to suzukisavage.com, could have wiped out the entire site very easily. :o The "graffiti" was really a command prompt straight into the server. Anyone with some Linux experience would have instantly recognized the directory listing. Since the admin around here hasn't shown his face in forever, I took it upon myself to prevent a catastrophe. I redirected the home page to the forum and moved the cracked page. I didn't want to mess with stuff too much, but something had to be done. I'd say the only reason the forum has been unaffected is that it is an uncommon forum software and so the scripts the crackers run generally don't look for it. |
|
Title: Re: susuzkisavage.com related - possibly important Post by verslagen1 on 05/26/10 at 09:20:39 Thanks moof. [smiley=thumbsup.gif] Is this the backdoor that the bigX has gotten thru? And or left open? |
|
Title: Re: susuzkisavage.com related - possibly important Post by Moofed on 05/26/10 at 09:28:06 I'm not sure who/what bigX is, but maybe. |
|
Title: Re: susuzkisavage.com related - possibly important Post by prechermike on 05/26/10 at 09:34:24 WHOOO HOOO! Moofed to the rescue! Thanks! |
|
Title: Re: susuzkisavage.com related - possibly important Post by RidgeRunner13 on 05/26/10 at 09:35:06 Is that why I got an Error 404: File Not Found when I was trying to access this site earlier? :-? I posted this on the alternate site. 8-) |
|
Title: Re: susuzkisavage.com related - possibly important Post by Gort on 05/26/10 at 09:56:39 2F0D0D040706620 wrote:
"Big X" is Verslagen's name for the coward anonymous poster who has posted a variety of sexually obscene attack posts under a variety of "member/ex member" names. As every member who has been here for a few years well knows, he has been on this site for at least 2+ years and is one of the original early members who is now using additional fake names to hide from the disgust of other members. He is friends with some of the early members, and they know who is he but play stupid. He works with the cooperation of the moderators because they have been on site and logged in, while he attacks members with sexually descriptive, obscene scenarios. They do nothing about it, and he is the first to ever become so sexually descriptive and obscene in his attacks. It does not take a hacker to do this. Anyone can log in as a member, say anything they want, and then log out as an ex member. Feel free to do so, as absolutely nothing will happen to anyone who wants to do it. |
|
Title: Re: susuzkisavage.com related - possibly important Post by Stimpy on 05/26/10 at 10:18:14 S.S. has a stalker(s)?! ...cool 8-) (thanx a bunch Moof!) |
|
Title: Re: susuzkisavage.com related - possibly important Post by Boule’tard on 05/26/10 at 10:21:15 6B4949404342260 wrote:
Holy crap, that was an active terminal?! :o Well done sir! |
|
Title: Re: susuzkisavage.com related - possibly important Post by Serowbot on 05/26/10 at 10:36:54 ...and no more newbies getting screwed out of their sticker money... ;)... |
|
Title: Re: susuzkisavage.com related - possibly important Post by BurnPgh on 05/26/10 at 10:52:38 Hey moof...since you seem well versed in computers, any way you can trace the IP address of the angry mystery poster and out them, or maybe block the IP addy from access to the site? SSwatchdog and Theskyisfalling are two of the handles the poster has used. If you can match the IP with another (respectful) member we've solved the puzzle. If you can block the IP we've laquered, framed, and hung the puzzle on the wall. Of course the poster COULD just use another computer, but if you're borrowing someone's computer or hitting the library just to be angry..well...I dont know. You've got no life in that case I geuss. |
|
Title: Re: susuzkisavage.com related - possibly important Post by Moofed on 05/26/10 at 11:55:47 Ah. Like Gort said they don't need to hack the site to create an account, post something rude and then delete the account. And if they use a fake email account and an ip proxy then there is no real way to track them. The only solution is a good team of moderators, which is another problem around here. |
|
Title: Re: susuzkisavage.com related - possibly important Post by SSWatchDog on 05/26/10 at 15:01:52 Goodness, you housebound losers just get dumber and dumber as time passes. I am away for nearly a week and now I have hacked a forum? LOL, too funny! Have none of you been outside at all? Lots of time to dream up different scenarios? That is too sad...really, it is. It does shock me that I have made that much of an impact on your pathetic little lives though. I will always remain a legend, and you people will ramble on for weeks or months after I am gone. Maybe as you hang on my every word and re-read my posts, brain osmosis may occur and some of you may actually have some hope for a future. I see Gort is still whining and obsessing over me as usual. Everyone darn well knows that he is the sexually deviant pervert here in which I have posted a LONG and incomplete list of your descriptive sexual posts. In fact, if one goes to his photobucket account and searches the ID he uses there, they will come across several Straight, bisexual, and gay forums and websites in which he belongs to, or was chased out of. Many of these forums containing explicit sexual content and him begging for members to send you pictures or links of content you cannot access without a credit card, in which he clearly do not have. Of course he would need a job and an income to apply for credit. I am sure he will run and change or alter his ID on photobucket now, as he sweats like the greasy little slime-ball he is. Seems Gort's afternoon and evening is pre-planned for him.........LOL . So Gort,if you are going to blame someone else for your sick aggression, at least cover your darn tracks before you do it. By looks of some of these forums you belonged to, you caused lots of trouble in many of them also, and were run out of most of them. The reason I have NOT been banned from this forum is I have broke far less rules than you. If you care to hit the "register" button and read the terms of service" page, you have in fact broken EVERY rule, multiple times, and for months and months. So why haven't you been banned????? You have name called, harassed women, posted sexual content almost daily, created sexually explicit pictures of your latent homosexual fantasies about Mick, and other infractions too numerous to mention. So why would a moderator ban me and not you and Mick and your little whiny effeminate friend sore-o-butt? You and Mick are notorious for cursing, attacking women, name calling, etc....So, should I ask that you be banned? You have been far more offensive than I ever dreamed of being. Nowhere does it state that I cannot change my name as I see fit. Once again, fool, MOST of us are under an alias. Whether one uses the same alias or 500 aliases, it's still an alias. I don't need any one's permission to do so, and when you all start posting under your real names, then I will also. What are you not getting? YOU ARE DOING THE SAME THING AS ME, ONLY YOU ARE FAR MORE CONSISTANT AT IT AND FAR MORE BRUTAL! If the moderators find reason to ban me, then they find reason to ban several others. This place would be an Internet ghost town. In the event that a moderator even gave two $hits who I was, what are they going to do? I have not threatened anyone nor done anything against the law. Nothing any different than many of you. Are they going to scold me and ban me from the site?...Even if they were capable, which they aren't,I can just come back 2 seconds later if I wish. Today I am in the UK, last week I was in Australia, and I could be in Canada tomorrow if I so choose. News flash People, exposing creeps, woman abusers, perverts, bullies and a$$holes is NOT against the law.If you are on a public forum and fighting with someone, scream harassment all you wish, and the police will just tell you to get a life, and hang up in your ear, as they laugh their heads off. After all, even if it was investigated, they would soon see that it was just a free for all with NO innocent parties. By the way, I guess I will back up particular threads on disk, so when Gort deletes content, as he often does, I have the posts. By the way, BIKEMOM did NOT ask anyone for money. Another lie you made up. Members tried to help her by taking donations and she made it clear several times that she just needed to vent and donations were not necessary. She was a very popular member until you spun your web of lies and distorted facts, twisted truths, altered posts, and basically screwed her over....The same thing you accuse others of doing. You exploited this and attacked the poor gal, when she was weak and vulnerable. Anyone that witnessed this,speaks to you, or calls you a friend, needs their head examined. And as a side note to Mick, you're a functionally illiterate moron. How someone can be that dumb and not realize it is beyond comprehension. You sling accusations as the wind blows.The fact that you can actually use a computer is very shocking. If I were half as stupid as you I would take a swan dive off the first bridge I found. I wonder how many people here have seen your criminal record sheet which dates back several years and 4 towns in California. No wonder you were married 5 or 6 times. A little slap happy while intoxicated were we? Net Detective is a wonderful site! Keep up your crap and I wouldn't be shocked if it leaked into the forum. I of course would not look or read it, as it would be a darn shame that anyone would do such a thing! What would people think? Oh of course, that person would be called a liar! I am done trying to reason with people who refuse to listen . I have far more important things to do than try to educate those that refuse to see the forest for the trees. You keyboard- kooks have stolen far too much of my valuable time. It would seem that Gort's life span on a public forum averages 6 to 8 months before he is chased out. He is overdue for a major blow up..........Don't say I didn't warn you. PS: If any of you basement dwelling losers want a day out, I will gladly donate a few bucks in the name of charity, so you can at least stuff street-side hot dogs into your face for half an hour, until you're asked to move on, as mothers hide their children;s eyes and tell them not to stare. LMAO!!!!!!!!!!!!!! |
|
SuzukiSavage.com » Powered by YaBB 2.2! YaBB © 2000-2007. All Rights Reserved. |