Feeds

Infamous porn site gets a hacker makeover

Stile Project defaced in the hacker stylee

  • alert
  • submit to reddit

High performance access to file storage

Updated The Stile Project, a gross-out comedy-cum-sex site that has grown infamous on the Net, claims to have been defaced.

The home page of the site, which won a Webby award in the weird category last year and has a cult following, was replaced by a profane message from hacker Fluffy Bunny, which featured a toy pink rabbit sticking its arse in the air. Charming, especially when you consider its bottom clearly needed wiping, and the people behind the Stile Project (which some describe as postmodern pornography) aren't amused.

A rant from the site's administrator, Stile, threatens dire (and depraved) retribution against Fluffy Bunny, who is best known as the hacker who caused chaos by breaking into the servers of SourceForge and the Apache Project earlier this year.

Stile, who claims to have spent eight hours bringing the site back online, said it had been the victim of "this new FreeBSD exploit that lets people get root access on the server and do whatever they want with it".

"Looks like I was a victim of that exploit, even though we thought we had it patched", he added.

Stile suggests the vulnerability, the nature of which he explains here, extends to other mainstream Web operating systems, including Linux and Solaris and involves telnet daemons.

The bug is a multiple vendor telnet daemon buffer overflow vulnerability, a nasty exploit (discovered last week) about which you can find more information here. Many other sites may be vulnerable to the same exploit, according to Stile, who has warned his fellow admins to bolt up their security hatches. ®

Update:
Reg readers have written to remind us that last year Stile faked his own hanging on the site, which he broadcast using a Web cam. He denies the defacement is another publicity stunt and we'll leave it up to you to decide what you make of that. Stile isn't above defacing his own site at a stunt.

External Links

Multiple Vendor Telnetd Buffer Overflow Vulnerability
Fluffy Bunny's hack of the Stile Project
...and a rant by Stile on the subject

Related Stories

Cowboy cracker nails Apache
McHackers use DNS exploit to poke fun
Hackers run amok during Defcon

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
Bad PUPPY: Undead Windows XP deposits fresh scamware on lawn
Installing random interwebs shiz will bork your zombie box
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.