My website's been hacked
 

For those of you who don't know, I'm into computers. In fact right now, I posting from my brothers old laptop which I recently converted into a webserver. Before I made this server, I rented space from another company, and started the website www.drastic-creations.com . It's nothing special, but it allowed my friend and to have a webserver, program in php, and make many websites. One of the seven (7) websites I made was about a sailboat. All the old people around the web that searched for Ghost13 would end up at my website, it's all over google and such.

Well recently, the guestbook on the that server has been hacked by some attention whore freakin idiot.

You see, the guestbook was filled with about 50 anecdotes, questions and advice from ghost13 owners all around the web. It was working really well untill some idiot came, hacked the server somehow, and deleted most of the posts. I'm not sure how he did it, but I'm not impressed. The javascript he left on the page dosn't even work and has a bunch of syntax errors.

Well, I'm making this post to complain, and start a hunt for those computer inclinded HAN members. It'll be fun

So, he made this post on the guestbook:
(http://ghost13.drastic-creations.com/ghostguest/)
Yea, whatever, I don't even care what that yibberish means, he's stupid. So. The image file was this: http://www.mavideniz.org/isko/atam.gif

Seeing as it was a unique image, I went to the directory and looked around. Apparently this is his own server, with a website dedicated to silly things like hacking. In that directory, he has all sorts of screen-shot images of websites he's hacked in the past. It's somewhat impressive - or rather pitiful. For those who don't know, it dosn't take much to hack, but it takes some rare stupidity to throw around evidence like that.

After looking around that website, I decided to do a whois search about it. Returning the information:


So, now I have lots of interesting evidence on this guy. The city, phone, servername (yahoo - what an idiot), IP address, etc, etc all seem to be very helpful for a hunt for this guy. Not to mention the various IP address' logged by the guestbook and the server POST logs.

Well, now what do we do? I'm sure I could email him somehow and insult him, his family, and everything he stands for - but that might be a little low.

You see, I don't mind much about the guestbook. It's the fact that he was so obnoxious and arrogant about his hacking "ability", and the fact that he actually carried through and DELTED INFORMATION that gets me. I can do some hacking myself, but I chose not to pursue it and make a fool of myself.

What do you think? No sympathy please, just plans of attack.

ok fine not plans of attack, we shouldn't do anything drastic or mean really, just feekback would be nice

[/end-long-post-rant]

Hmm now after looking around and blowing the dust off that old ghost13 site, it seems the guestbook has also changed colors. Maybe he's done more than just mess with posts

unless your heavy into security (obvisouly not) I'd leave the security up to a webhost site that knows how to secure things and just make pretty webpages

holy crap. that was easy to get into. check out the guest book now

ahahhahha nice. If what you're refering to is simply posting, that's open to the public. What matters is that he got into the admin acount and deleted shit. The name and pass are probably pretty easy to guess. But I'll look into the server logs and see how he did it. brb

I edited a post that was already there. I can set the admin name and password if I wanted to.

on second look, this guestbook script was easy to get into... getting a professional host would only help if they didn't allow this software.

I'd look into getting something a bit more popular as far as software goes. PHPBB for example would be a lot more secure than that.

Indeed you did edit a post! PM with how you got into the admin acount, if you please.

google man.

you got a nice idea going there. just get some better software and hopefully the site does better.

Wow. You are correct sir, well done. I had no clue that "advanced guestbook 2.2" was so vulnerable. thanks for showing me the easy exploit. Here's a funny quote from the explanation I was reading:

You'll get results that are extremely similar, in the titles and what not. Some pages are already defaced by 'Kuwaiti Hacker Gro00pz" or other lame groups that hack guestbooks to bitch and whine about the US.


^kinda silly. anyway, that was anti-climactic. Maybe I'll call him anyway and "bitch and whine" about how he sucks. Eh, whatever. Good day, all.