The Register® — Biting the hand that feeds IT

Alldas defaced!

Occupational Hazard

Free whitepaper – Optimizing the data center for cost and efficiency

Alldas.de, the defacement archive, was... defaced yesterday.

"Around 15:44 the database for the News section had a new topic, simply stating that "Alldas.de got cracked". After ~1 min. the database was cleaned and nothing else on the page was affected. How could this have happened?," The site said on its news page.

Alldas figured out what the intruder had done by poring over the log files - its analysis was confirmed by the cracker, who emailed: "I had no intention to clear your database or to root your server. No attempt
to do this has been made." Alldas says its log files show different.

The cracker suckered Alldas' scripts to mirror another Web site. This site "was used to execute commands on the server (as an unprivileged user)".

No higher access levels were reached - the cracker was unable to read mail or to download or install bindshells.

"The actual penetration wasn't really big, though it is kinda embarrassing to get 'defaced' as a defacement mirror," Fredrik of Alldas said on the site. "We regret it that the attacker didn't inform us about the bug and choose to deface the site with all the consequences that go hand in hand with it." ®

Free whitepaper – Dell/EMC CX4 and Dell PowerEdge blades

Don’t Miss

DustbinDirty, dirty PCs: The X-rated picture guide

Ventblockers Horror beyond human imagination

SC09Top 500 supers - rise of the Linux quad-cores

SC09 Jaguar munches Roadrunner

Ubuntu teaser Early adopters bloodied by Ubuntu's Karmic Koala

Smooth Windows upgrade it ain't

Sign up, sign up for The Register IT security newsletter

Narrowcasting for the email classes