Ghazi 0 Posted August 31, 2005 i think atleast, http://www.geovision.com.tw/ is it me, and all of you are getting the turkey flagged site Share this post Link to post Share on other sites
scottj 0 Posted August 31, 2005 oh the irony....a security company site hacked...too much. It was however very nice of the hacker to supply everyone a map of where he is from, not too braight those Turks. scott Share this post Link to post Share on other sites
ad123 0 Posted August 31, 2005 That hacker is a member of Lycos: http://members.lycos.co.uk/krbkboy34 Share this post Link to post Share on other sites
G22 0 Posted August 31, 2005 IIS on Win2K. Yuk. Should at least use Linux, Red Hat ES or something with latest up2dates. http://toolbar.netcraft.com/site_report?url=http://www.geovision.com.tw Share this post Link to post Share on other sites
rory 0 Posted August 31, 2005 (edited) He Supplies alot more than that: "Defaced by SLiM_BoY | TURKEY", "Greetings From TURKEY !! From The Sons Of Ottomans !!", "slim_boy@hackerpowers.com", "We won't allow you to forget the Ottoman Empire !!", "We are Turks !! We are the heritager of Ottomans !!", "We are Everything..We owned and We'll always own whole world !! NOBODY CAN STOP US !!" ); images come from here: http://members.lycos.co.uk/krbkboy34/ This is their web site: http://www.turkgate.com/portal.php And if you can understand this: http://forum.turkgate.com/showthread.php?t=21343 this is where they talk about the sites they have "hacked" and how they did it, who they are, and where they live http://forum.turkgate.com/forumdisplay.php?f=65 Registration Service Provided By: NameCheap.com Contact: support@NameCheap.com Visit: http://www.namecheap.com/ Domain name: TURKGATE.COM Registrant Contact: WhoisGuard WhoisGuard Protected (43cae47df51b45f89435f20d68cd5106.protect@whoisguard.com) +1.6613102107 Fax: +1.6613102107 8939 S. Sepulveda Blvd 8939 S. Sepulveda Blvd Westchester, CA 90045 US Administrative Contact: WhoisGuard WhoisGuard Protected (43cae47df51b45f89435f20d68cd5106.protect@whoisguard.com) +1.6613102107 Fax: +1.6613102107 8939 S. Sepulveda Blvd 8939 S. Sepulveda Blvd Westchester, CA 90045 US Technical Contact: WhoisGuard WhoisGuard Protected (43cae47df51b45f89435f20d68cd5106.protect@whoisguard.com) +1.6613102107 Fax: +1.6613102107 8939 S. Sepulveda Blvd 8939 S. Sepulveda Blvd Westchester, CA 90045 US Billing Contact: WhoisGuard WhoisGuard Protected (43cae47df51b45f89435f20d68cd5106.protect@whoisguard.com) +1.6613102107 Fax: +1.6613102107 8939 S. Sepulveda Blvd 8939 S. Sepulveda Blvd Westchester, CA 90045 US Status: Locked Name Servers: dns1.name-services.com dns2.name-services.com dns3.name-services.com dns4.name-services.com dns5.name-services.com Creation date: 01 Dec 2003 12:04:03 Expiration date: 01 Dec 2005 12:04:03 Domain name: HACKERPOWERS.COM Registrant Contact: Hackerpowers.com Corporation ThE KinG (domainpower@gmail.com) +90.9573318698 Fax: +90.9573318699 Hackerpowers.com Hackerpowers.com, FL 33458 TR Administrative Contact: Hackerpowers.com Corporation ThE KinG (domainpower@gmail.com) +90.9573318698 Fax: +90.9573318699 Hackerpowers.com Hackerpowers.com, FL 33458 TR Technical Contact: Hackerpowers.com Corporation ThE KinG (domainpower@gmail.com) +90.9573318698 Fax: +90.9573318699 Hackerpowers.com Hackerpowers.com, FL 33458 TR Billing Contact: Hackerpowers.com Corporation ThE KinG (domainpower@gmail.com) +90.9573318698 Fax: +90.9573318699 Hackerpowers.com Hackerpowers.com, FL 33458 TR Status: Locked Name Servers: ns17.zoneedit.com ns8.zoneedit.com Creation date: 21 Oct 2002 05:25:28 Expiration date: 21 Oct 2005 05:25:28 Edited August 31, 2005 by Guest Share this post Link to post Share on other sites
G22 0 Posted August 31, 2005 Happened more than once BTLOI. http://www.zone-h.org/en/defacements/view/id=2788099/ http://www.zone-h.org/en/search/what=geovision/ Share this post Link to post Share on other sites
Thomas 0 Posted August 31, 2005 Yes, they were "pwnd". Share this post Link to post Share on other sites
rory 0 Posted August 31, 2005 Yeah some islamic flower forum site defaced a bahamian forum recently, a couple times also, they just found a hole in the Php app and linux server, there was even software made for it that basically did it all for them! Share this post Link to post Share on other sites
DataAve 0 Posted August 31, 2005 ...let me go out and buy some of 'dem dare' cards. Share this post Link to post Share on other sites
Thomas 0 Posted August 31, 2005 Looks like they shared the same server for FTP/Web on IIS. Never a good idea. FTP should always be seperate from your web server. Shot in the dark but they had the root directory set up in FTP and the FTP portion was compromised. Share this post Link to post Share on other sites
DataAve 0 Posted August 31, 2005 I wonder how many sites were compromised through that server. Share this post Link to post Share on other sites
Thomas 0 Posted August 31, 2005 Yeah, just general script kiddies. Basicly little kids who have no idea what they are doing, but a get a little tool from IRC that scans for vunerable systems. And PHP is a absolute pain to secure properly. Share this post Link to post Share on other sites
qman 0 Posted September 1, 2005 HAAHAHAHAH THIS IS TOOO FUNNY HAHAHAHA Share this post Link to post Share on other sites
cctv_down_under 0 Posted September 1, 2005 I can't believe I missed it, anyone take any screen shots? Share this post Link to post Share on other sites
