anythingarian bubbles and troubles from the land of the sweating hun
/ kalebeul / 2008 / 06 / 03 / we wuz hacked /
We wuz hacked
Skip to: comments (4); categories; related posts; previous/next postApologies for any (continuing) inconvenience and thanks for warnings. The degree of technological sophistication involved suggests John Chappell 
Trevor @ 3 June 2008 8:50 AM
Categories
SplogRelated posts
- stereotyping
- Link sync
- Zapatero already more notorious than Chamberlain–in the US
- yo
- Ramos strikes again
Previous/next post
«« New great mosque for Barcelona in historic building on Tibidabo ««»» More on the hack attack: Adolfo Daine/adol77dai51, Manchurian candidate? »»
Comments
Feeds: RSS
Trackback link.
0Tell me if the spam dragon gives you a hard time. Log in if you want to be really foul.
- Tibidabo set to music
- Spanglish, an important new literary language
- How a right-wing tree became a left-wing tree
- “Those close to the couple say they penetrate one another perfectly”
- De Juana Chaos gets something right
- Photos of egrets eating lizards
- Left/right
- How to use public service exams to screw your enemies
- “What is art in Latin countries is obscenity in the Nordic north”
- I am burning with desire to teach the Spaniards how Nordic women can love
- Bologna baloney: Barcelona student protestors are either mad or stupid
- Nerd riot
- Macbitch in Paris
- Hot chicks in Cornell
- Fines for “incorrect” language use
On Facebook, Trevor is eating saucisson de sanglier and starting to look like Obelix.
kalebeul
open source and uses Linux,
Apache, MySQL,
WordPress, PHP · Sing along with Moo Way (MP3) · 58 in 0.644
10:48 AM on 3 June 2008
Were you really hacked? What happened?
11:21 AM on 3 June 2008
Most people 777 their wp-content folders (or something therein) to enable uploads, or make their themes writeable by Tom & Dick, so you put something in there that injects Javascript into as many php files as it can find and hey presto. I’m going back to 644 / 755. The specific string injected here doesn’t do anything except screw things up, so I guess it was probably a schoolchild who found it on one of the warez sites and fancied a laugh.
11:23 AM on 3 June 2008
Here’s something similar http://wordpress.org/support/topic/157889
1:45 PM on 4 June 2008
[...] More on the hacker who briefly brought baldie enterprises to a shuddering halt the other day. The problem is now fixed and I haven’t got time to investigate, but I no longer have any reason to believe that the attack was purely permissions-based, exploiting the tendency of most of us to 777 /wp-content/ directories. Instead this is roughly what I think happened: [...]