Needing Some Advice/Help

[ImABitch665]

Hi Guys, im a new comer to this site but not the "security" scene. When i was younger it was all that i would do but as a grew older i basically stopped using my computer so much and i basically realized how pointless it is (even though it was fun) to put my label ie. deface random/stupid/competitors sites. I chose this site as it was rated number 1 in a "hacker survey".

So heres the basic scenario, my little brother and a group of his mates run this clan site for an online game they play, as recent of 2 days theyre clan site on invisionfree was defaced/destroy and he asked me to take a look at it. The hacker labeled the site as most ppl do and a quick google search led me to the indentity of the hacker, i was just expecting it to be some stupid script kid that was basically defacing any site that his new found scrip would work on - wether it was worth the time and effort or not - turns out it as actually some dick form another clan in their game that they used to be part off and the attack was out of "spite" i guess. Anyway down to the facts their site is also running on the same invisionfree hosting that my brothers is. So for a bit of fun and to get "revenge" i guess you could say i told them that i would deface it. The main problem being the fact that all my perl, php and other various scripts and exploits are basically all out of date. So i used our good friend google as well as other sites that i use to used back in the day - ie milw0rm, securiteam you all no the 1s im talking about - and so far i have had no luck. Now i am aware that invisionfree runs ipb 1.3 final and dude to the fact that it doesnt get updated, only patched the chances of finding something for it are some say "impossible". The reason i percevere is because i no it can be done - this little dick who only nos how to press the delete button but nothing else - found it so i was wondring if you guys could help me out

cats, im looking in your direction because u actually seem to no what ur talking about and by the looks of things you like to give ppl a hand...

[DNR]

Wellllll first off let me clear up the issue of Cats, he is not as helpful as he seems - you should see the screaming and kicking he puts up when asked to empty the recyle bin.

As for your post, I like a long post, it gives a lot of detail in to your problem and even you life. Thanks for picking suck-o, getting to the number one spot was not easy - esp. when we _don't_ play the game of defacing and crashing other hacker sites.
I can appreciate that you want to help your brother, but you can't expect us to bend our ethics to exact revenge on a gaming server. What if your brother is a dick? Then it was just the natural order of clan survival.
The best offense is a good defense. If you used to be a geek, you should know how to lock down his box, I mean you did do that already right?

You already have a general idea of what it takes to take down a server - search for a exploit or weakness. You might explore other means of taking down the server. Other than that - suck-o is not going to help out in the forums for a hack-by-proxy.

DNR

[bad_brain]

Wellllll first off let me clear up the issue of Cats, he is not as helpful as he seems - you should see the screaming and kicking he puts up when asked to empty the recyle bin.

priceless....XD

[ayu]

Wellllll first off let me clear up the issue of Cats, he is not as helpful as he seems - you should see the screaming and kicking he puts up when asked to empty the recyle bin.

hey, it smells like crap, anyone would try to avoid it

[Gogeta70]

I can understand how you feel, however suck-o is an ethical hacking website, and we do not bend these rules so easily. However, considering i've got a little grey on my hat, i'm willing to provide a few things for you to look at..


-SQL is usually the part that is attacked most often, so it may be the most secure, or weakest part of the site.
-Try their HTML & SQL filtering on every type of input you possibly can
-Use a proxy

Later

[ImABitch665]

wow thank you all very much for replying

just clearing a few things up
1. i do not wish to hack the gaming server jsut post a "litle" warning to the owners of the clan to keep the fiting in game as theres always some1 bigger out there.
2. my brother, well any1 that has younger siblings can tell you that their a pain in the ass, but seeing as i dont live with my family anymore i get along with them alot better and try to be a good brother
3. i no the word revenge doesnt exactly sound eithical, but what it comes down to is the fact that they attacked his clan site and all i plan to do is retaliate in a suttle way
4.if it helps can put it into these words for you - i jsut wish to find the script/xss exploit that they/he used and see what i can do about "securing" my brothers site agasint it, to test that it is the vulnerability used i may have to try it agaisnt the ass holes site.

So if any1s heard anything new thats been found or soemthign old that hasnt been patcher or what not i would really appreciate a push in its direction =]

In regards to all of you guys, this seems like a great site and i can definetly see myself becoming resonably active on here jsut talking to people and helping who i can with the many things i am capable of doing. tbh its probably the fact that this is an ethical site that makes it so good because ppl arent comparing defaces and stuff like that as if it was penis size, i say penis size because women dont tend to compare everything like us men

DNR thankyou for your reply i also appreciate a detailed post/reply and btw geek is strong word, my interest in exploitation and what not came from me and my best m8 constantly messing with our school servers when we started highschool and at one point he got caught and had to pay "damages", good thing m8s dont rad on eachother and the poor bastartd took all the blame - we then got into website/forum exploitation being cautious and always covering our tracks ofcourse

[ImABitch665]

oh and one more thing that i forgot to mention si that i love the fact u all have a good and welcoming sense of humor

hmm i feel as if i should rite something more in this post so im not one of those "lol good job" or "nice/very nice" posting ppl who like to see their post count go up =]

[visser]

hmm i feel as if i should rite something more in this post so im not one of those "lol good job" or "nice/very nice" posting ppl who like to see their post count go up =]

nice!!!

good job!!! its good to have you here!!!




if your bro's site got hacked and the attackers site is hosted by the same people... is it possible to find an exploit that will work on your bros site that will work on the attackers site??? when i write code i always have to have other scripts around me so i can keep my syntax straight... perhaps if you could revers engineer your site you could attack the attacker....

not that we would attack anyone tho. but to defend your self it would always help to check for exploits on yourself