Zone-h.org, a loosers web site has been hacked by saudi hackers :)
[www.zone-h.org]
at 17:00 still not fixed

[imaj.at]

here's a screenshot

(idk if this topic belong to OMG Ponies but i'm new u know :) )



Edited 1 time(s). Last edit at 01/22/2007 09:14AM by kozanaybar.

Wow, again? That's the second time in a couple months.

Any idea how they got in?

- RSnake
Gotta love it. http://ha.ckers.org

rsnake Wrote:
-------------------------------------------------------
> Any idea how they got in?


The last time they did a write up on it, it was through some hotmail cross-site scripting and resetting the Joomla! password I believe.

Interesting! Let me know if you find out. I'd be curious.

- RSnake
Gotta love it. http://ha.ckers.org

methot : Hotmail xss :D L0L
Zone-h Register Mail Hotmail :D

hmm this site still is hacked.... i wonder why there is a small line of a real-player element (my firefox asked to install it and showed the white box with "Install plugin", on the screenshort from kozanaybar this little real-player line is just as black as the background, directly under the line "Greets to: Saudi Coder, Mr_n0m3rcy, Black Zero".... hmmm interesting

@chillervalley

Most likely because most defacers are stuck in the 90s and so black backgrounds with clashing fonts, bad images and annoying music files are still in, :p

.....Seriously.....



Edited 1 time(s). Last edit at 01/23/2007 07:26AM by kuza55.

hmm.. for me "Firefox can't find the server at www.zone-h.org.". I read the soutce using the W3C XHTML validator though, they really should think up something new.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer

lmao kuza55 ... yeah, thats a point :>

Explanation: [www.zone-h.org]
They got the passwords of their registrant's panel and did a DNS redirection.

lol i cant view the thread there... cant find the server

but: YAY a very secure registrant! :>

That's scary! REGISTER.IT huh? Sounds secure. :-/

But no, really, how did they get their password, that's the interesting part of this.

- RSnake
Gotta love it. http://ha.ckers.org

hm maybe the username/password was admin/admin ... or they just save it in plain text and there was a security hole.
Or like in your blog-entrie today, google saved it :D