Spraydio.com defaced

***el-half*** · September 5th, 2003, 06:36 PM

I just noticed www.spraydio.com is defaced, I didn't read it somewhere, I actually noticed it myself, first time!

If you're too late to view the defaced page, I saved it to disk so I can upload it here.

**valhallen** · September 5th, 2003, 07:12 PM

timed out - looks like they have taken it down - got screenies?

***el-half*** · September 5th, 2003, 07:21 PM

Screenshot below

Text that defacers added:

omg woot? where is teh my server?! muaha! (:
MuAh4hHa! Y0U ArE T3H L4Me! GreeTz: team teso, rebel, peak, holmen, L3If "L0K3T" oL5S0N
haxor kattenpejst:
root@team-keso:~> 3j337-keso-login -h www.spraydio.com
password:
bon voyage!
Red Hat Linux release 7.2 (Enigma)

,--------------.
| SPRAYdio.com |
`--------------'

[root@www root]# uname -a;id
Linux www.spraydio.com 2.4.9-31enterprise #1 SMP Tue Feb 26 06:25:36 EST 2002 i686 unknown
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@www root]# exit
root@team-keso:~> 3j337-keso-login -h www.mixmegapol.com
password:
Red Hat Linux release 7.2 (Enigma)
,------------------------.
| Nordic Web Radio JVM03 |
`------------------------'
[root@www root]# uname -a;id
Linux www.plingplong.nu 2.4.20-20.7 #1 Mon Aug 18 14:56:30 EDT 2003 i686 unknown
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@www root]# exit
root@team-keso:~> 3j337-keso-login -h db.spraydio.com
Red Hat Linux release 6.2 (Zoot) //keso comment: omg w00t?! T0O G0oD To b tR0O
Kernel 2.2.18 on a 2-processor i686
,---------------------------.
| Nordic Web Radio Database |
`---------------------------'
[root@db /root]# rpm -q redhat-release
redhat-release-6.2-1 //keso comment: R0Fl0mGpLzL0Lh4hAT3HlE4T4Dm1n
[root@db /root]# uname -a;id
Linux db 2.2.18 #1 SMP Wed Jan 24 11:27:44 CET 2001 i686 unknown
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@db /root]# exit
root@team-keso:~> 3j337-keso-login -h 213.132.102.116 (gatewayen)
Red Hat Linux release 7.2 (Enigma)
: sfw ~ ; uname -a;id
Linux localhost.localdomain 2.4.7-10smp #1 SMP Thu Sep 6 17:09:31 EDT 2001 i686 unknown
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
: sfw ~ ; exit
root@team-keso:~> 3j337-keso-login -h www.5monkeys.se
Red Hat Linux release 8.0 (Psyche)

,ittti:
tDf;:::;jDj.
.DL. tE;
DL ;; ;Ki
;K: LtLG fD :iLEGGf
tD tE LD ;jjfffjt;iGWWWWWW;
,Ki ,Et .iDKKWDEEEKWWWWWWWWWWWt
,GDDL; .tLEEDEKti iGKWWWWWWWWWWKi .;tffft,
jKE,. ;Wf;tDWWWWWWWWWWWWWWWKKELj,.,jLEKLiifLtK,
fKt; DWWWWWWWWWKf;,..:;ijLGGEKWWWKG; :
:L, .GWWWWWWWWL :,,.
,itKWWWWK.
LWWKWWWt
tKD,tWWWt
tWKtLEWWK:
;DWWWEft,
GEWWWi
.iKDi,
.,,
[root@www root]# uname -a;id
Linux www.5monkeys.se 2.4.18-19.8.0smp #1 SMP Thu Dec 12 04:36:25 EST 2002 i686 i686 i386 GNU/Linux
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),534(coder)
[root@www root]# exit

fin 100mbit kattenpejst:
[root@www root]# wget http://ftp.port80.se/pub/linux/kerne...-test2.tar.bz2
--23:23:14-- http://ftp.port80.se/pub/linux/kerne...-test2.tar.bz2
=> `linux-2.6.0-test2.tar.bz2'
69% [==============================> ] 24,708,140 9.01M/s ETA 00:01

ni har alltså råkat ut för en hacker-attack från cyber-rymden!
nu borde ni nog ringa polisen, eller kontaka en bra säkerhetskonsult!
t.x sentor, www.sentor.se, polisen hittar ni på närmaste kebabkök/www.polisen.se

kolla bara..sentors anställda kan ingen hacka:
INSERT INTO tbl_order VALUES (232298,1,'1050500760','Herr','Eriksson','Tobias','Sentor MSS AB',0,'St Johannesg 31a nb','75233','uppsala','Sverige','018653004','',' tobias@sentor.se ','Eriksson','Tobias','018653004','Västra Strandgatan 7b','75311','Uppsala','Visa','4581091554016004','Föreningssparbanken '
oops!

ring mig! Joakim von Braun - 070-9561642

thats all folks!
'til we meet again

**valhallen** · September 5th, 2003, 07:45 PM

why is it all defacers put in the worst ever amount of crap when they deface something? couldn't they write some decent html to replace it with??

***el-half*** · September 5th, 2003, 07:49 PM

Yeah, I was wondering about that too, almost at every defaced website some crap is added.
It's only seldom you can find a defaced website where the index page is replaced by something you can call a webpage.

**valhallen** · September 5th, 2003, 07:54 PM

I guess no one has wrote a script the kiddie defacers can use to generate pages like the pre-made scripts they use to get access

***CXGJarrod*** · September 5th, 2003, 09:01 PM

You would think that leEt Hackers such as themselves could at least pirate a copy of Frontpage...

**kr4y3** · September 5th, 2003, 11:55 PM

Originally posted here by CXGJarrod
You would think that leEt Hackers such as themselves could at least pirate a copy of Frontpage...

HAHAHAHA! I just cant stand the fact they always "t41k L1k3 t|-|i5"

**Ennis** · September 6th, 2003, 12:12 AM

Yeah I gotta say that I am surprised there are no web defacers can actually achieve basic html skills. Surely it is due to their destructive rather than creative impulses...

**silentstalker** · September 6th, 2003, 03:55 AM

Or maybe once they learn how to write HTML and create a decent page, they deface it.

Joe

Thread: Spraydio.com defaced

Thread Tools

Display

Spraydio.com defaced

Posting Permissions