[mohaa] icculus.org

Bradley Caricofe caricofe at comcast.net
Wed Jun 25 08:01:08 EDT 2003 

BASTARDS...  Thanks for the info...

> -----Original Message-----
> From: morphiend [mailto:morphiend at fuse.net]
> Sent: Wednesday, June 25, 2003 7:57 AM
> To: mohaa at icculus.org
> Subject: RE: [mohaa] icculus.org
> 
> 
> Here's the lowdown from the site:
> -- Begin Quote
> We got hacked. It's under control, but the cocksucker tagged us during
> the WWDC keynote, when I was otherwise occupied. We have cleaned up,
> except we need to replace some vandalized HTML from backup and upgrade
> some software before the webserver can go back up. Email and other
> services are working.
> 
> For the record, it looks like he used a PHP exploit to execute a file
> which locally exploited the Linux 2.4.20 ptrace() hole. This means he
> had a root shell.
> 
> What you can do:
> 
>     * CHANGE YOUR PASSWORD. I don't think they were compromised, but you
> never know. We have verified that the "ssh" and "passwd" binaries are
> not compromised, so log in and change it.
>     * VERIFY YOUR SOURCE. If you have a cvs project, do a fresh checkout
> and diff it against your existing sources. I don't think this is a
> problem, either, but safety first.
>     * PAY IT FORWARD. If you can't raise your kids to not be script
> kiddie fuckheads, consider birth control. 
> 
> Again, everything is back up but the web server, which will come back
> hopefully tonight.
> 
> Stay tuned, True Believers.
> 
> --The McManagement.
> -- End Quote
> 
> Hope that clears up any confusion.
> 
> -- Mike
> 
> 
> -----Original Message-----
> From: richardnharrison at btinternet.com
> [mailto:richardnharrison at btinternet.com] 
> Sent: Wednesday, June 25, 2003 4:45 AM
> To: mohaa at icculus.org
> Subject: RE: [mohaa] icculus.org
> 
> not me.
> 
> >  from:    Bradley Caricofe <caricofe at comcast.net>
> >  date:    Tue, 24 Jun 2003 23:05:01
> >  to:      mohaa at icculus.org
> >  subject: RE: [mohaa] icculus.org
> > 
> > A couple of weeks later and I still can't get to Icculus.org, was
> wondering
> > if anyone else could? 
>

More information about the Mohaa mailing list