[mohaa] icculus.org

Steven Hartland killing at barrysworld.com
Wed Jun 25 08:05:52 EDT 2003


FFS some people just dont have anything better to do than wreck other
peoples hard work. Hope you catch the S***B.

    Steve / K
----- Original Message ----- 
From: "morphiend" <morphiend at fuse.net>
To: <mohaa at icculus.org>
Sent: 25 June 2003 12:57
Subject: RE: [mohaa] icculus.org


> Here's the lowdown from the site:
> -- Begin Quote
> We got hacked. It's under control, but the cocksucker tagged us during
> the WWDC keynote, when I was otherwise occupied. We have cleaned up,
> except we need to replace some vandalized HTML from backup and upgrade
> some software before the webserver can go back up. Email and other
> services are working.
> 
> For the record, it looks like he used a PHP exploit to execute a file
> which locally exploited the Linux 2.4.20 ptrace() hole. This means he
> had a root shell.
> 
> What you can do:
> 
>     * CHANGE YOUR PASSWORD. I don't think they were compromised, but you
> never know. We have verified that the "ssh" and "passwd" binaries are
> not compromised, so log in and change it.
>     * VERIFY YOUR SOURCE. If you have a cvs project, do a fresh checkout
> and diff it against your existing sources. I don't think this is a
> problem, either, but safety first.
>     * PAY IT FORWARD. If you can't raise your kids to not be script
> kiddie fuckheads, consider birth control. 
> 
> Again, everything is back up but the web server, which will come back
> hopefully tonight.
> 
> Stay tuned, True Believers.




More information about the Mohaa mailing list