Jump to content




[HTTP] Rednet Explorer 3.1 Beta - Share your programs with the world! (Now with more hacker protection!)


86 replies to this topic

#21 Leo Verto

  • Members
  • 620 posts
  • LocationOver there

Posted 28 August 2012 - 08:30 PM

View PostLeft4Cake, on 28 August 2012 - 03:23 PM, said:

I think Leo Verto adding the index file broke the program.

As far as I can tell, the program doesn't use any .html files at all, but uploading one broke the webindex.
(Un)fortunately, we are currently not able to execute any code serverside (for search engines, etc.) the webinterface was the only way to keep track of all the infected sites.

#22 cant_delete_account

  • Members
  • 484 posts

Posted 29 August 2012 - 12:46 AM

Does anyone even monitor the database? There's tons of viruses in there. Could I become a database admin?

#23 A friendly nobody

  • New Members
  • 11 posts

Posted 29 August 2012 - 02:56 PM

Oops!
It seems that someone made a little mess in your database, and that wasn't me...
Posted Image
Also, I can't connect to it anymore. Looks like databases don't like being spammed with ~200 megabytes of "HITLERHITLERHITLER" text files...

#24 cant_delete_account

  • Members
  • 484 posts

Posted 29 August 2012 - 05:32 PM

HOLY FUC*..... There's a REAL VIRUS on the website. I went to /php/folder and it says 'fuck you' then redirects you to a virus site which I fortunately didn't go to because Google Chrome told me it was malware. I advise you delete /php/folder NAO.
It redirects you to throwyourmoneyaway.on.nimp.org (DO NOT GO THERE), this is a Google Safe Browsing scan for it: http://safebrowsing....chrome&hl=en-US
VirusTotal URL scan:
https://www.virustot...sis/1346261821/
Detection ratio: 3 / 28
Direct HTML code for the virus:
<!DOCTYPE html><html><head><meta http-equiv="Refresh" content="0.1;url=http://throwyourmoneyaway.on.nimp.org" /></head><body><p>fuck you</p></body></html>
You need to work on some security for your database. This could easily happen again.

#25 Left4Cake

  • Members
  • 272 posts
  • LocationEarth

Posted 29 August 2012 - 07:22 PM

index.* need to be blocked. That not the only thing that need done but that is the biggest issue with the hole thing.

#26 Leo Verto

  • Members
  • 620 posts
  • LocationOver there

Posted 29 August 2012 - 07:41 PM

You should generally disallow .html,.htm and .php file if not denying any file endings other than .lua, .com, .net, .org and maybe some country code endings for other viruses (eg. .de for German sites)

#27 Leo Verto

  • Members
  • 620 posts
  • LocationOver there

Posted 29 August 2012 - 07:53 PM

Overwrote index.php with an empty file, should be safe for now.

(Sorry for doublepost, but I had accidentally created this post before)

#28 cant_delete_account

  • Members
  • 484 posts

Posted 29 August 2012 - 10:17 PM

View PostLeo Verto, on 29 August 2012 - 07:53 PM, said:

Overwrote index.php with an empty file, should be safe for now.

(Sorry for doublepost, but I had accidentally created this post before)
Now it says 'shouldn't have fucked with the hackers' and redirects to the same place...

#29 cant_delete_account

  • Members
  • 484 posts

Posted 29 August 2012 - 10:24 PM

Great, now someone messed up /php and the config and stuff disappeared. So mcmain.php doesn't work and no one can even use Rednet Explorer! [sarcasm]YAY!
Anyone notice yet? You should REAAALLLY check the extension files so people can't upload .html and .php or any executables.

#30 cant_delete_account

  • Members
  • 484 posts

Posted 29 August 2012 - 10:27 PM

I hope you made backups.

#31 ComputerCraftFan11

  • Members
  • 771 posts
  • LocationHawaii

Posted 30 August 2012 - 01:43 AM

View Postthesbros, on 29 August 2012 - 10:27 PM, said:

I hope you made backups.

You can't execute .php (and your not supposed to use a real browser)

#32 cant_delete_account

  • Members
  • 484 posts

Posted 30 August 2012 - 02:07 AM

View PostComputerCraftFan11, on 30 August 2012 - 01:43 AM, said:

View Postthesbros, on 29 August 2012 - 10:27 PM, said:

I hope you made backups.

You can't execute .php (and your not supposed to use a real browser)
Still, you can do HTML files which can redirect and the uploader is still broken. The config and other stuff are gone.

#33 Leo Verto

  • Members
  • 620 posts
  • LocationOver there

Posted 30 August 2012 - 01:35 PM

View Postthesbros, on 29 August 2012 - 10:17 PM, said:

Now it says 'shouldn't have fucked with the hackers' and redirects to the same place...
Correction: 'shouldn't have fucked with the script kiddie'

#34 djblocksaway

    Epic Coderz

  • New Members
  • 397 posts
  • LocationAustralia

Posted 30 August 2012 - 01:42 PM

Dun worry, I cleaned it up. Btw I will be making about 5 backup databases and adding extra security and block index.htm files from running :)/>
*i am also gunna block php files from running and being uploaded*

*at the moment you can not upload will have it ready in a few hours*

*the guy that did this fails... Your virus is Pathetic...*

I am also looking for some admins to help me manage the database

- Djblocksaway

*EDIT*

For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites B)/>

#35 Leo Verto

  • Members
  • 620 posts
  • LocationOver there

Posted 30 August 2012 - 02:01 PM

Well, I think you should keep working on the authentication program, I could help managing the database if you need me to.

#36 A friendly nobody

  • New Members
  • 11 posts

Posted 30 August 2012 - 05:01 PM

View Postdjblocksaway, on 30 August 2012 - 01:42 PM, said:

For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites :)/>
Oh, you're offending me! In my opinion, that's very rude.
Also, looks like my pr0 1337 "hacking" didn't work too well, shit.
Well, until I think of something better, I can still spam your site. Have you seen these "FUCK YOU" files? They were from me.

#37 CoLDarkness

  • Members
  • 53 posts
  • LocationVoid

Posted 30 August 2012 - 06:41 PM

Lol. your script was hacked. Why ? I know why. You allowed php scripts. yeah. PHP and ASP is used by linux backdoors. that allow to gain root access on server.

A website is including a linux shell. If somebody give me root , I will help you guys with those. Personally i did hacked websites , only fixed 1 of them , but i can do this simply. Im still in rage of that noob act before me.. -.- I was looking for c99 shell then uploading... and found website blocked guest login.

As i said , i would like to help you guys get off that noob who act before me. -.-

#38 cant_delete_account

  • Members
  • 484 posts

Posted 30 August 2012 - 09:37 PM

View Postdjblocksaway, on 30 August 2012 - 01:42 PM, said:

Dun worry, I cleaned it up. Btw I will be making about 5 backup databases and adding extra security and block index.htm files from running :)/>
*i am also gunna block php files from running and being uploaded*

*at the moment you can not upload will have it ready in a few hours*

*the guy that did this fails... Your virus is Pathetic...*

I am also looking for some admins to help me manage the database

- Djblocksaway

*EDIT*

For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites B)/>
Could I be a database admin? I could also help with adding extra security because I know PHP.

#39 djblocksaway

    Epic Coderz

  • New Members
  • 397 posts
  • LocationAustralia

Posted 30 August 2012 - 10:18 PM

View PostA friendly nobody, on 30 August 2012 - 05:01 PM, said:

View Postdjblocksaway, on 30 August 2012 - 01:42 PM, said:

For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites :)/>
Oh, you're offending me! In my opinion, that's very rude.
Also, looks like my pr0 1337 "hacking" didn't work too well, shit.
Well, until I think of something better, I can still spam your site. Have you seen these "FUCK YOU" files? They were from me.
your "FUCK YOU" Files took about 20 seconds to delete.....
and no you can not still spam the site as anonymous access isn't allowed "temporary"

#40 Left4Cake

  • Members
  • 272 posts
  • LocationEarth

Posted 31 August 2012 - 02:36 AM

The whole "Fuck you" thing make me mad for 2 reasons.
1) Well you are messing this up for everyone
2) Its not even well thought out.
If you are going to waste people time, at least put some time into it. Put some respect into your disrespecting people. (I am not joking)





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users