5punk /downloads & /uploads

spoodie · Post by **spoodie** » May 1st, 2007, 12:13

FatherJack wrote:They deleted everything to disguise the fact that they'd stolen passwords, which they then tried on PayPal, so not utterly stupid.

That's not actual proved fact though is it, could just be a coincidence.

Post by **FatherJack** » May 1st, 2007, 12:14

Two or three board members, within days of the attack, who used the same email/password combination for both.

spoodie · Post by **spoodie** » May 1st, 2007, 12:18

I didn't think that was the case from what I read but I'll take your word for it. I'm glad I'm not that stupid.

Post by **Dr. kitteny berk** » May 1st, 2007, 12:22

FatherJack wrote: They deleted everything to disguise the fact that they'd stolen passwords, which they then tried on PayPal, so not utterly stupid.

That.

Also the deleting of stuff likely destroys a lot of logs etc to make it hard to tell who and when it was done.

spoodie wrote:I didn't think that was the case from what I read but I'll take your word for it. I'm glad I'm not that stupid.

That was exactly the case, and not entirely stupid, more stupid and lazy.

Woo Elephant Yeah · Post by **Woo Elephant Yeah** » May 1st, 2007, 12:29

For those that are interested I can send you the files in a zip if you want to have a look at them, but basically it's php files that hack into the site and gain shell access.

The reason they delete everything is to try and cover their tracks, but in reality they'd be better off not doing anything, and we wouldn't of even known it happened, so I'm actually quite glad they did this, rather than have it go on without us having a clue.

cashy · Post by **cashy** » May 1st, 2007, 12:31

Did anyone get a picture of berk on his hands and knees covered in his own sick? We need a 'Berk is wrong' macro

Lateralus · Post by **Lateralus** » May 1st, 2007, 12:37

cashy wrote:Did anyone get a picture of berk on his hands and knees covered in his own sick? We need a 'Berk is wrong' macro

If no-one did, then clearly none of you are really his friends.

Post by **Dr. kitteny berk** » May 1st, 2007, 12:41

Woo Elephant Yeah wrote:For those that are interested I can send you the files in a zip if you want to have a look at them, but basically it's php files that hack into the site and gain shell access.

Not that.

Woo Elephant Yeah wrote:The reason they delete everything is to try and cover their tracks, but in reality they'd be better off not doing anything, and we wouldn't of even known it happened, so I'm actually quite glad they did this, rather than have it go on without us having a clue.

That, sorta. if they'd not nuked everything, they'd've been identifiable, which they probably don't want when money is involved.

As it is, everyone just assumes a basic ftp haxxing until stuff goes wrong and on bigger forums, I'd expect no-one would pick up on a few closely timed paypal hackings

eion · Post by **eion** » May 1st, 2007, 14:58

Dr. kitteny berk wrote:
That, sorta. if they'd not nuked everything, they'd've been identifiable, which they probably don't want when money is involved.

Not that, cos even the most half-witted script kiddy knows enough to use a proxy.