Site hacked!!!
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Site hacked!!!

  1. #1
    Member
    Join Date
    Feb 2003
    Posts
    98

    Site hacked!!!

    I have a friend whos site was hacked a littlte while back by a group calling themselves "Hacking for Jesus" aka "Command Tribulation". Unluckily, he is having some trouble getting his site back up. www.alkalinehorse.com and the "hackers" site is http://www.revolutiongospel.net/, or at least thats the link they left on his website. Unluckily I am not sure if he kept any logs. I am just wondering if this group is widely known. Anyway, any help that can be provided will be appreciated.
    \"The wise programmer is told about Tao and follows it. The average programmer is told about Tao and searches for it. The foolish programmer is told about Tao and laughs at it.
    If it were not for laughter, there would be no Tao.\"

  2. #2
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Hacking for Jesus? Sounds like a front.

    //edit

    Uless you want the site up for us all to enjoy the clever words of Jesus, then take it down and boot to a floppy and reformat your hard drives, then reload everything and search AO for "locking down <insert os here>" If you know what your doing to can figure out what went wrong and backup from tape. No logs?No Tape? = Format
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  3. #3
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    They appear to be a Portuguese hacking group. They host a forum here.

    You might be able to social engineer a little more information out of them if you join the forum.

    Cheers:
    DjM

  4. #4
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Well they seem to be a bussy bunch have a look here:
    http://www.zone-h.org/en/defacements...d+Tribulation/
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  5. #5
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    Seem's like a pretty big group (or could be) and is making defacements against your type of website's. Interestingly enough they call themselves Hacking for Jesus, which I think (like RoadClosed said) is a front and a serious load of it. Btw:

    sh-2.05# uname -a; id uname -a; id Linux srv1.ariadomain.com 2.4.18-18.7.x #1 Wed Nov 13 20:29:30 EST 2002 i686 unknown uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
    Look's to me (based on a number of scan's and research on your site, etc) that they got root on the webserver. Check to see what that's all about and DEFINITELY check your logs.
    Space For Rent.. =]

  6. #6
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,836
    do a vulnerability scan on the websterver and see what could have been exploitable and patch it up to avoid further pwnage.

    Collect as much data as possible and report it to the authorities.

    EDIT:

    Ok after a little bit of my own research and the use of some really effective skiddie tools ...I can tell you that his website/webserver had a huge "WELCOME" sign hanging from all its 15 Open ports and some other stuff that I'd rather not share in public display. He seriously needs to lock that box up....is there a firewall installed?
    The box is very vulnerable to numerous high risk exploits quite a few medium risks one and one low risk.

    I have a report done but I dont think i want to give it to you...as DjM noted, this might be a sad social Engineering attempt.

    cheers.

  7. #7
    Member
    Join Date
    Feb 2003
    Posts
    98
    Thanks guys, gonna have to let my buddy know about this stuff, I have been checking out these Jesus hackers, it has to be a front. Pullezzz. Why would a bunch of Jesus fiends target a 17 year olds webserver? If we were talking pr0n, then I might be able to see why, but thats probably out of thier abilities Anyway, I am joining thier forum, (Hope they speak english, dont want to babelfish EVERYTHING.) Thanks again, ill let him know.

    (As for open ports, he shouldnt feel too bad, I once left port 139 open on my gaming machine, yes 139, thats not a typo.)
    \"The wise programmer is told about Tao and follows it. The average programmer is told about Tao and searches for it. The foolish programmer is told about Tao and laughs at it.
    If it were not for laughter, there would be no Tao.\"

  8. #8
    I did some searching and it seems to me that they are wanna be elitist's but I could be wrong.
    Everything that I tried to find out like e-mails were fake but none the less, I agree with everyone he should try to get evidence of there behavior and record it for the authorities. Then fry-um. And this is coming from a true "born again christian"

  9. #9
    Member
    Join Date
    Feb 2003
    Posts
    98
    Cant anyone track these guys down??? I mean, even the brazillian Govt has gotta be gettin sick of this.
    \"The wise programmer is told about Tao and follows it. The average programmer is told about Tao and searches for it. The foolish programmer is told about Tao and laughs at it.
    If it were not for laughter, there would be no Tao.\"

  10. #10
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,836
    I wouldn't be as worried about just the ports being open, as much as I would for the 21 vulnerabilities on the server.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides