[HTTP] Rednet Explorer 3.1 Beta - Share yo...
Leo Verto 28 Aug 2012
Left4Cake, on 28 August 2012 - 03:23 PM, said:
I think Leo Verto adding the index file broke the program.
As far as I can tell, the program doesn't use any .html files at all, but uploading one broke the webindex.
(Un)fortunately, we are currently not able to execute any code serverside (for search engines, etc.) the webinterface was the only way to keep track of all the infected sites.
cant_delete_account 29 Aug 2012
Does anyone even monitor the database? There's tons of viruses in there. Could I become a database admin?
A friendly nobody 29 Aug 2012
Oops!
It seems that someone made a little mess in your database, and that wasn't me...
Also, I can't connect to it anymore. Looks like databases don't like being spammed with ~200 megabytes of "HITLERHITLERHITLER" text files...
It seems that someone made a little mess in your database, and that wasn't me...
Also, I can't connect to it anymore. Looks like databases don't like being spammed with ~200 megabytes of "HITLERHITLERHITLER" text files...
cant_delete_account 29 Aug 2012
HOLY FUC*..... There's a REAL VIRUS on the website. I went to /php/folder and it says 'fuck you' then redirects you to a virus site which I fortunately didn't go to because Google Chrome told me it was malware. I advise you delete /php/folder NAO.
It redirects you to throwyourmoneyaway.on.nimp.org (DO NOT GO THERE), this is a Google Safe Browsing scan for it: http://safebrowsing....chrome&hl=en-US
VirusTotal URL scan:
https://www.virustot...sis/1346261821/
Detection ratio: 3 / 28
Direct HTML code for the virus:
It redirects you to throwyourmoneyaway.on.nimp.org (DO NOT GO THERE), this is a Google Safe Browsing scan for it: http://safebrowsing....chrome&hl=en-US
VirusTotal URL scan:
https://www.virustot...sis/1346261821/
Detection ratio: 3 / 28
Direct HTML code for the virus:
<!DOCTYPE html><html><head><meta http-equiv="Refresh" content="0.1;url=http://throwyourmoneyaway.on.nimp.org" /></head><body><p>fuck you</p></body></html>You need to work on some security for your database. This could easily happen again.
Left4Cake 29 Aug 2012
index.* need to be blocked. That not the only thing that need done but that is the biggest issue with the hole thing.
Leo Verto 29 Aug 2012
You should generally disallow .html,.htm and .php file if not denying any file endings other than .lua, .com, .net, .org and maybe some country code endings for other viruses (eg. .de for German sites)
Leo Verto 29 Aug 2012
Overwrote index.php with an empty file, should be safe for now.
(Sorry for doublepost, but I had accidentally created this post before)
(Sorry for doublepost, but I had accidentally created this post before)
cant_delete_account 29 Aug 2012
cant_delete_account 29 Aug 2012
Great, now someone messed up /php and the config and stuff disappeared. So mcmain.php doesn't work and no one can even use Rednet Explorer! [sarcasm]YAY!
Anyone notice yet? You should REAAALLLY check the extension files so people can't upload .html and .php or any executables.
Anyone notice yet? You should REAAALLLY check the extension files so people can't upload .html and .php or any executables.
ComputerCraftFan11 30 Aug 2012
cant_delete_account 30 Aug 2012
Still, you can do HTML files which can redirect and the uploader is still broken. The config and other stuff are gone.
Leo Verto 30 Aug 2012
djblocksaway 30 Aug 2012
Dun worry, I cleaned it up. Btw I will be making about 5 backup databases and adding extra security and block index.htm files from running />
*i am also gunna block php files from running and being uploaded*
*at the moment you can not upload will have it ready in a few hours*
*the guy that did this fails... Your virus is Pathetic...*
I am also looking for some admins to help me manage the database
- Djblocksaway
*EDIT*
For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites />
*i am also gunna block php files from running and being uploaded*
*at the moment you can not upload will have it ready in a few hours*
*the guy that did this fails... Your virus is Pathetic...*
I am also looking for some admins to help me manage the database
- Djblocksaway
*EDIT*
For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites />
Leo Verto 30 Aug 2012
Well, I think you should keep working on the authentication program, I could help managing the database if you need me to.
A friendly nobody 30 Aug 2012
djblocksaway, on 30 August 2012 - 01:42 PM, said:
For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites />
Also, looks like my pr0 1337 "hacking" didn't work too well, shit.
Well, until I think of something better, I can still spam your site. Have you seen these "FUCK YOU" files? They were from me.
CoLDarkness 30 Aug 2012
Lol. your script was hacked. Why ? I know why. You allowed php scripts. yeah. PHP and ASP is used by linux backdoors. that allow to gain root access on server.
A website is including a linux shell. If somebody give me root , I will help you guys with those. Personally i did hacked websites , only fixed 1 of them , but i can do this simply. Im still in rage of that noob act before me.. -.- I was looking for c99 shell then uploading... and found website blocked guest login.
As i said , i would like to help you guys get off that noob who act before me. -.-
A website is including a linux shell. If somebody give me root , I will help you guys with those. Personally i did hacked websites , only fixed 1 of them , but i can do this simply. Im still in rage of that noob act before me.. -.- I was looking for c99 shell then uploading... and found website blocked guest login.
As i said , i would like to help you guys get off that noob who act before me. -.-
cant_delete_account 30 Aug 2012
djblocksaway, on 30 August 2012 - 01:42 PM, said:
Dun worry, I cleaned it up. Btw I will be making about 5 backup databases and adding extra security and block index.htm files from running />
*i am also gunna block php files from running and being uploaded*
*at the moment you can not upload will have it ready in a few hours*
*the guy that did this fails... Your virus is Pathetic...*
I am also looking for some admins to help me manage the database
- Djblocksaway
*EDIT*
For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites />
*i am also gunna block php files from running and being uploaded*
*at the moment you can not upload will have it ready in a few hours*
*the guy that did this fails... Your virus is Pathetic...*
I am also looking for some admins to help me manage the database
- Djblocksaway
*EDIT*
For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites />
djblocksaway 30 Aug 2012
A friendly nobody, on 30 August 2012 - 05:01 PM, said:
djblocksaway, on 30 August 2012 - 01:42 PM, said:
For someone reason the dickhead that did this didn't delete the rendet sites so don't worry about having to remake your sites />
Also, looks like my pr0 1337 "hacking" didn't work too well, shit.
Well, until I think of something better, I can still spam your site. Have you seen these "FUCK YOU" files? They were from me.
and no you can not still spam the site as anonymous access isn't allowed "temporary"
Left4Cake 31 Aug 2012
The whole "Fuck you" thing make me mad for 2 reasons.
1) Well you are messing this up for everyone
2) Its not even well thought out.
If you are going to waste people time, at least put some time into it. Put some respect into your disrespecting people. (I am not joking)
1) Well you are messing this up for everyone
2) Its not even well thought out.
If you are going to waste people time, at least put some time into it. Put some respect into your disrespecting people. (I am not joking)