←  Programs

ComputerCraft | Programmable Computers for Minecraft

»

[HTTP] Rednet Explorer 3.1 Beta - Share yo...

Leo Verto's Photo Leo Verto 28 Aug 2012

View PostLeft4Cake, on 28 August 2012 - 03:23 PM, said:

I think Leo Verto adding the index file broke the program.

As far as I can tell, the program doesn't use any .html files at all, but uploading one broke the webindex.
(Un)fortunately, we are currently not able to execute any code serverside (for search engines, etc.) the webinterface was the only way to keep track of all the infected sites.
Quote

cant_delete_account's Photo cant_delete_account 29 Aug 2012

Does anyone even monitor the database? There's tons of viruses in there. Could I become a database admin?
Quote

A friendly nobody's Photo A friendly nobody 29 Aug 2012

Oops!
It seems that someone made a little mess in your database, and that wasn't me...
Posted Image
Also, I can't connect to it anymore. Looks like databases don't like being spammed with ~200 megabytes of "HITLERHITLERHITLER" text files...
Quote

cant_delete_account's Photo cant_delete_account 29 Aug 2012

HOLY FUC*..... There's a REAL VIRUS on the website. I went to /php/folder and it says 'fuck you' then redirects you to a virus site which I fortunately didn't go to because Google Chrome told me it was malware. I advise you delete /php/folder NAO.
It redirects you to throwyourmoneyaway.on.nimp.org (DO NOT GO THERE), this is a Google Safe Browsing scan for it: http://safebrowsing....chrome&hl=en-US
VirusTotal URL scan:
https://www.virustot...sis/1346261821/
Detection ratio: 3 / 28
Direct HTML code for the virus:
<!DOCTYPE html><html><head><meta http-equiv="Refresh" content="0.1;url=http://throwyourmoneyaway.on.nimp.org" /></head><body><p>fuck you</p></body></html>
You need to work on some security for your database. This could easily happen again.
Quote

Left4Cake's Photo Left4Cake 29 Aug 2012

index.* need to be blocked. That not the only thing that need done but that is the biggest issue with the hole thing.
Quote

Leo Verto's Photo Leo Verto 29 Aug 2012

You should generally disallow .html,.htm and .php file if not denying any file endings other than .lua, .com, .net, .org and maybe some country code endings for other viruses (eg. .de for German sites)
Quote

Leo Verto's Photo Leo Verto 29 Aug 2012

Overwrote index.php with an empty file, should be safe for now.

(Sorry for doublepost, but I had accidentally created this post before)
Quote

cant_delete_account's Photo cant_delete_account 29 Aug 2012

View PostLeo Verto, on 29 August 2012 - 07:53 PM, said:

Overwrote index.php with an empty file, should be safe for now.

(Sorry for doublepost, but I had accidentally created this post before)
Now it says 'shouldn't have fucked with the hackers' and redirects to the same place...
Quote

cant_delete_account's Photo cant_delete_account 29 Aug 2012

Great, now someone messed up /php and the config and stuff disappeared. So mcmain.php doesn't work and no one can even use Rednet Explorer! [sarcasm]YAY!
Anyone notice yet? You should REAAALLLY check the extension files so people can't upload .html and .php or any executables.
Quote

cant_delete_account's Photo cant_delete_account 29 Aug 2012

I hope you made backups.
Quote

ComputerCraftFan11's Photo ComputerCraftFan11 30 Aug 2012

View Postthesbros, on 29 August 2012 - 10:27 PM, said:

I hope you made backups.

You can't execute .php (and your not supposed to use a real browser)
Quote

cant_delete_account's Photo cant_delete_account 30 Aug 2012

View PostComputerCraftFan11, on 30 August 2012 - 01:43 AM, said:

View Postthesbros, on 29 August 2012 - 10:27 PM, said:

I hope you made backups.

You can't execute .php (and your not supposed to use a real browser)
Still, you can do HTML files which can redirect and the uploader is still broken. The config and other stuff are gone.
Quote

Leo Verto's Photo Leo Verto 30 Aug 2012

View Postthesbros, on 29 August 2012 - 10:17 PM, said:

Now it says 'shouldn't have fucked with the hackers' and redirects to the same place...
Correction: 'shouldn't have fucked with the script kiddie'
Quote

djblocksaway's Photo djblocksaway 30 Aug 2012

Dun worry, I cleaned it up. Btw I will be making about 5 backup databases and adding extra security and block index.htm files from running :)/>
*i am also gunna block php files from running and being uploaded*

*at the moment you can not upload will have it ready in a few hours*

*the guy that did this fails... Your virus is Pathetic...*

I am also looking for some admins to help me manage the database

- Djblocksaway

*EDIT*

For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites B)/>
Quote

Leo Verto's Photo Leo Verto 30 Aug 2012

Well, I think you should keep working on the authentication program, I could help managing the database if you need me to.
Quote

A friendly nobody's Photo A friendly nobody 30 Aug 2012

View Postdjblocksaway, on 30 August 2012 - 01:42 PM, said:

For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites :)/>
Oh, you're offending me! In my opinion, that's very rude.
Also, looks like my pr0 1337 "hacking" didn't work too well, shit.
Well, until I think of something better, I can still spam your site. Have you seen these "FUCK YOU" files? They were from me.
Quote

CoLDarkness's Photo CoLDarkness 30 Aug 2012

Lol. your script was hacked. Why ? I know why. You allowed php scripts. yeah. PHP and ASP is used by linux backdoors. that allow to gain root access on server.

A website is including a linux shell. If somebody give me root , I will help you guys with those. Personally i did hacked websites , only fixed 1 of them , but i can do this simply. Im still in rage of that noob act before me.. -.- I was looking for c99 shell then uploading... and found website blocked guest login.

As i said , i would like to help you guys get off that noob who act before me. -.-
Quote

cant_delete_account's Photo cant_delete_account 30 Aug 2012

View Postdjblocksaway, on 30 August 2012 - 01:42 PM, said:

Dun worry, I cleaned it up. Btw I will be making about 5 backup databases and adding extra security and block index.htm files from running :)/>
*i am also gunna block php files from running and being uploaded*

*at the moment you can not upload will have it ready in a few hours*

*the guy that did this fails... Your virus is Pathetic...*

I am also looking for some admins to help me manage the database

- Djblocksaway

*EDIT*

For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites B)/>
Could I be a database admin? I could also help with adding extra security because I know PHP.
Quote

djblocksaway's Photo djblocksaway 30 Aug 2012

View PostA friendly nobody, on 30 August 2012 - 05:01 PM, said:

View Postdjblocksaway, on 30 August 2012 - 01:42 PM, said:

For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites :)/>
Oh, you're offending me! In my opinion, that's very rude.
Also, looks like my pr0 1337 "hacking" didn't work too well, shit.
Well, until I think of something better, I can still spam your site. Have you seen these "FUCK YOU" files? They were from me.
your "FUCK YOU" Files took about 20 seconds to delete.....
and no you can not still spam the site as anonymous access isn't allowed "temporary"
Quote

Left4Cake's Photo Left4Cake 31 Aug 2012

The whole "Fuck you" thing make me mad for 2 reasons.
1) Well you are messing this up for everyone
2) Its not even well thought out.
If you are going to waste people time, at least put some time into it. Put some respect into your disrespecting people. (I am not joking)
Quote