Just to warn you all, there is a hacker going around under the name of nEt^DeViL hacking all types forums and Web Wiz applications. He seams to have political issues and is doing this to address them. Get your applications upto date and back up your databases as he is doing a lot of damage.

Thank you for that boRg good tips 

Problem I have with moving the databases to the private folder is that it seams not to be ASP activated. If I move the database I found that the database can not be accessed. I have some time in the past changed the databases names on the hope this will help.

This hacker seams to have hacked loads of sites, Guest books, forums all makes, types not just WebWiz and may be doing his rounds. As boRg has stated, get all security issues sorted as you may be next.

Yep - he hit my WWG poll the other night - bastard.

Nathan

It’s funny but he knows all the loop holes in most old WebWiz applications and the locations of where the databases would normally be found. He has hacked loads of sites all in the name of Religion and politics.

i hate when people do things in name of religion... alright... god wants everybody to be nice to everybody else but he's telling you to kill the people on the other side of the ocean... WTF???

everybody set up IIS logging so if you get hacked you can hunt him down

Some people just have too much time on their hands... Hopefully this  will never breed and further infect the human gene pool.

Do a serch on nEt^DeViL in google and you will see the damage he is doing.

It's sad when you have to go to that level to get yourself noticed and when you do everyone that has, and all that have crossed your path hates you and despises what you stand for.

A bit counterproductive don’t you think.

Hacking the Forums from Web Wiz, is not Hard, and its not the creator Borg's fault. If people simply followed instructions, particularly on the MS Access versions then we wouldnt have this problem.

The only real way this person could hack a forum is if they are able to access the database. So remember to FOLLOW INSTRUCTIONS.

I also agree that hacking in the name of god is stupid, some people just have to much time on their hands!

Sxar wrote: If people simply followed instructions, particularly on the MS Access versions then we wouldnt have this problem.

If its made by Man it can be broken by Man nothing is full proof. All you can do is your best but still you can not stop the persistent as they will find a way.

This is my point, I can not understand someone hacking a site that is unrelated to the issue in hand, stating political and religious comments. This ony gets the back up of the site owners the people visiting and does a reverse effect, a disapproval to the comments made by the hacker. This is a bit like going up to someone and punching them as you don’t like there face. Not a good way of making a statement, with a disapproving replay from all.

its is ridiculus how this guy talks religion and his name is net devil

http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=HaCkEd+By+nEt%5EDeViL&btnG=Search - http://www.google.com/search?hl=en&lr=&ie=UTF-8& q=HaCkEd+By+nEt%5EDeViL&btnG=Search

i see most of his hacking victims r users running XMB Forum rather WWG Forum

You're right about the hypocrisy Boss. It's moronic to attack people at random for something that they have nothing to do with, and then attach some sort of 'holy' justification to the attack. If that's his god, I think we'd all be better off in hell.

This guy is just another screwed up loser trying to promote some silly cause.

As far as his platform goes, we should all be thankful for the US because without them, many of us would have major problems where we live, and probably be singing Deutchland Uber Alles today. (Lend-lease policies between the allies in WWII [notably the USA] kept Russia afloat with supplies needed to fight the Nazis. Without that, Russia would have likely fallen and D-Day would never have happened. It would only be a matter of time before the Italians then expanded their empire in Africa into the middle east.)

Bush politics will pass.

pmormr wrote: that would take a little bit of work... especially to get his attention that it's actually worth hacking.

set up some forums which is very vulnerable.. u can search one google and find out which kind of forum sotwares are easy for him to hack

next post a lot of anti-arab and pro israel messages on it.. that would sure attarch his attention and make him feel about the site worthy enough to hack

get his IP

send it to me

i would make sure that million of net send messages are deliverd directly to his desktop

he even hacked a support forums of some hosting company

http://www.cmnhosting.com/supportforum/viewthread.php?goto=lastpost&fid=11 - http://www.cmnhosting.com/supportforum/viewthread.php?goto=l astpost&fid=11

http://www.cmnhosting.com/ - http://www.cmnhosting.com/

on one side is his hate for USA and on other side he is using the music theme of Mission Impossible on one of his hacked pages

http://peace2000.org/airlines/default.asp?PagePosition=1 - http://peace2000.org/airlines/default.asp?PagePosition=1

the boss wrote: on one side is his hate for USA and on other side he is using the music theme of Mission Impossible on one of his hacked pages

LOL

the boss wrote: http://www.cmnhosting.com/ - on one side is his hate for USA and on other side he is using the music theme of Mission Impossible on one of his hacked pages

That's just classic. What a real winner!

If you take a http://www.google.com/search?hl=en&ie=UTF-8&q=nEt%5EDeViL+hacked - closer look at the forums he's hacked, it clear it's not really an obsession with this software suit alone.  In fact most of those are PHP based solutions.

Bruce has kept on top of keeping the software up to date and secure.

For all we know, his uber skills might include using simple SQL injections like a true script kiddie or running Brutus all night to guess passwords 

You'd be surprised at how many IIS setups I've gone through, only to find the password was "password".

Yes he is good at hacking, but let us remember it’s not fun when you get hacked. I always backup databases all the time and have backups of the backups. He hacked the forum I have, I followed all the tips given by borg to stop this. I have access databases all renamed moved from time to time, passwords changed all the time and backups. He hacked the forum I put it back within 10 mints of him doing it as the site is monitored 24-7, changed passwords and moved the databases. He as placed a nasty worded comments (removed) now informing me he will be back. And now I am waiting for him.......

All I can do is follow borgs security tips and hope this will help, If not then maybe all your forums may not be safe. It’s not fun when it happens to you.

What I Dont Understand is Why he is able to hack all these forums? Is there not one secure forum out there.

He really is sick. Even if there are problems in the world, people such as us who have done nothing wrong, dont deserve to be caught in a political and religious tangle.

i made up a imagnary proile of that dumbass .. i registered a user id nEt^DeViL to post the profile but unfortunately i havent recived the activation email yet so i decided to post it under my username now

------------------------------------------------------------ ------

I am Abo Monkey a.k.a nEt^DeViL .  I dont know sh*t about computers but my friend trained me on some old versions of certain forums software with vulnerability and now i am goin around posting my reality.

Ever since i was eight years old, my parents gave me in "special" custody of Uncle Bin so that my parents could get enough monthly allownce from Uncle Bin to feed themselve twice a day. Also my parents cared for my future and giving me in uncle bin custody ensured i become a "real" man and a future fighter against the "infidels"

Uncle Bin was great, he kept me in the special "herd" of kids and would pay special attention on me. Every night, he would deliver in my ass his "organic extracts" using the great real life re-useable suppositry god blessed him with. He said this would replicate his sprit in me which i feel today. Other kids would only get his organic extracts depending on his mood. Sometimes once in sevral months or so but i recived them every night. Further more he trained me on camels, donkeys, mules, horses, etc etc so that i become ready to bear hardship of being a fighter against the infidels.

after a few years or so stay with him, he let me go saying that i had been trained enough and ready to fight the infidels. So then i enrolled myself into the Taliban fighter group but unfortunately i failed to pass the entry test and they said i dont have enough sprit to be one of them therefore all of them shall deliver their organic juices in my ass so that their sprit develops in me too. I counsulted this matter with Uncle Bin and he gave an "ok" signal.

After i joined taliban, the job was relatively simple. We ensured that all children recive the "organic extracts" in their ass to develop in them the sprit of a fighter against infidel. And the creation of devil a.k.a women was well hidden from the eyes of sacred anti-infidel fighters. Devil is of great danger so his creation too. They have two balls on chest and no suppositry and can lure men leading to sins.

Soon i lost my legs in a land mine.. I was salavaged by a UN worker and later sent to USA for treatment. They did opreation for my legs and for my anus so that it is tight enough to hold sh*t and i stop messing the hospital beds with poop all over. They educated me and also taught me English and computers. I gradually realised how i had been a real loser all this time. .

Now that america taught me the real face of the world, i became very frustated. Everytime i would think of past, my ass would start leaking with shame.. so now i take my frustration out by hacking old version of forum softwares whose vulnerabilities are well known with code sample over the internet on how to exploit them!!

I would say more but sorry i have to run, my ass is leaking again..!!

nEt^DeViL

------------------------------------------------------------ ------

i know it sucks.. just for the sake of spam

A few years ago I took part in a security exercise for Bell Labs testing Unix security on telco systmes. We took the 10 most common womens names from a baby book and added the digits 0 through 9 to the end of them. Ran the 100 possible passwords against two common logins. Got into 83% of the systems. Easy to remember/type = easy to crack.

We have met the enemy and he are us - Pogo

Anarchist Hackers   

These are the individuals who you should be weary of.  Their sole intent on system infiltration is to cause damage or use information to create havoc.  They are primarily the individuals who are responsible for the majority of system attacks against home users.  They are more likely to be interested in what lies on another person’s machine for example yours. Mostly you’ll find that these individuals have slightly above computer skill level and consider themselves hackers.  They glorify themselves on the accomplishments of others.   Their idea of classing themselves as a hacker is that of acquire programs and utilities readily available on the net, use these programs with no real knowledge of how these applications work and if they manage to “break” into someone’s system class themselves as a hacker.  These individuals are called “Kiddie Hackers.”  They use these programs given to them in a malicious fashion on anyone they can infect.  They have no real purpose to what they are doing except the fact of saying “Yeah! I broke into <insert name here> computer!”  It gives them bragging rights to their friends. If there is any damage to occur in a system being broken into these individuals will accomplish it. These individuals are usually high school students.  They brag about their accomplishments to their friends and try to build an image of being hackers.

Hackers

A hacker by definition believes in access to free information.  They are usually very intelligent people who could care very little about what you have on your system.  Their thrill comes from system infiltration for information reasons.  Hackers unlike “crackers and anarchist” know being able to break system security doesn’t make you a hacker any more than adding 2+2 makes you a mathematician.  Unfortunately, many journalists and writers have been fooled into using the word ‘hacker.”  They have attributed any computer related illegal activities to the term “hacker.”  Real hackers target mainly government institution.  They believe important information can be found within government institutions.  To them the risk is worth it.  The higher the security the better the challenge.  The better the challenge the better they need to be.  Who’s the best keyboard cowboy?  So to speak! These individuals come in a variety of age classes.  They range from High School students to University Grads.  They are quite adept at programming and are smart enough to stay out of the spotlight. They don’t particularly care about bragging about their accomplishments as it exposes them to suspicion.  They prefer to work from behind the scenes and preserve their anonymity. Not all hackers are loners, often you’ll find they have a very tight circle of associates, but still there is a level of anonymity between them.  An associate of mine once said to me “if they say they are a hacker, then they’re not!”

From Hackers Hand Book

If you change a webpage, DON'T SIGN! not even with a fake name. they can trace you, find your own website or email address, find your ISP, your phone number, your home...and you get busted!!

------------------------------------------------------------ ------------------------------------------------

that dumbass net^hacke has not only let his one of the many email address he's got but also his website address on some websites he messed

Scotty_32 wrote: lmfao - "the boss" - that lil story of "Net Devil" reminds me of that guy who wanted money and lived in russia or sumfin and had a "special" relationship with "the keeper" or sumfin heres the link - http://forums.webwiz.net/forum_posts.asp?TID=3236 - http://forums.webwiz.net/forum_posts.asp?TID=323 6 some good entertainment came out of that thread wonder wot happened to him?

thay guy sounded like a sad crminal put on a waiting queue for the execution o his death sentence and he is trying to pass his sad time over the internet

Badaboem wrote: always make sure the uploaded file has a random file name Get as much validation processes in there as possilbe..possibly a check when the file has been uploaded already? I don't know if that's possible. No damage done , due to iis 6.0 and mime I believe. I have disabled the upload form. Back 2 the drawing board for me.

use upload components which lets u control file extension, image and upload directory should have directry listing denied and no execute permissions

Actually, it don't. I've used a tool called r-disk to recover everything on a drive that had been fdisked a couple of times.

I do find however, that putting the disk in a dishwasher secuures it pretty well.

I once got to try to destroy some notebook/tablet PC's as part of my job. The idea was to select a pc to be used outside by telephone repair people. The winning PC was a tablet from an English firm. Some of the tests that it survived were:

1. Push from desktop onto concrete.
2. Drop from 2nd story window onto dirt.
3. Left in freezer overnight and powered up in am.
4. Submerged in bathtub for 5 minutes.
5. Cooked in oven at 200 degrees for 6 hours.
6. Run over by pickup truck.

You havent lived until you see $20,000 of electronics soaking in your bath tub.

On the other hand, I did put a keyboard I had spilled soda on in the dishwasher. Used it for a couple of years after letting it dry out for a week.

was the freezer and oven test supposed to test extreme weather conditions? like being outside in -5 degrees and sitting in a black pickup in the sun?

pmormr wrote: how do you assume you're already hacked? install viruses?

It's actually a very intelligent assumption. Let me briefly explain...

Users are STUPID. They love to click on attachements in email and infect themselves. Users are STUPID.

Ergo... all the security in the world won't help with stupid users.

Corollary... the computers are already infected... 

Solution... assume the worst... because it is likely true.

If you are a sysadmin with 100's or 1000's of computers... what are the chances that you have stupid users? 100%? 1000%? Something like that anyways...

dpyers wrote: I once got to try to destroy some notebook/tablet PC's as part of my job. The idea was to select a pc to be used outside by telephone repair people. The winning PC was a tablet from an English firm. Some of the tests that it survived were: Push from desktop onto concrete. Drop from 2nd story window onto dirt. Left in freezer overnight and powered up in am. Submerged in bathtub for 5 minutes. Cooked in oven at 200 degrees for 6 hours. Run over by pickup truck. You havent lived until you see $20,000 of electronics soaking in your bath tub. On the other hand, I did put a keyboard I had spilled soda on in the dishwasher. Used it for a couple of years after letting it dry out for a week.

Oh jeez... that's part of your job? I want your job~! That would be so much fun~!  

Of course, you missed one real nasty test... being expose to Seoul air~! It's putrid. 

I have to smoke a lot to burn and filter the garbage in the air here...

I've been to Bangkok and a coupls other places in SE Asia so I can probably relate - of course New Orleans during the summer is up there on the list of stinkers.

In another life, worked with ROK Marines. Developed a taste for garlic that has made me immune to most smells - particularly my own - lol.

dpyers wrote: I've been to Bangkok and a coupls other places in SE Asia so I can probably relate - of course New Orleans during the summer is up there on the list of stinkers. In another life, worked with ROK Marines. Developed a taste for garlic that has made me immune to most smells - particularly my own - lol.

I would never have thought about eating raw onions or garlic before, but I've aquired a taste for them. Quite good actually. Problem is that there's always dwenjang (fermented bean paste) that comes with the garlic when you eat - leads to nasty nasty flatulence afterwards ... But such is the price of good food  

poor marines

dpyers wrote: I've got a good story about the horney monkey, the ROK Marines, and the duck. But it's depraved and you wouldn't want to ever eat a duck again.

I'm quite sure that everyone whose been in the ROK has a few stories...

LET'S HEAR IT  ~!

Semikolon wrote: dpyers wrote: ... I do find however, that putting the disk in a dishwasher secuures it pretty well. not at all.. you have to destroy the plates to secure it totally.. a harddrive from a long time ago was found with nails through it and dropped in acid.. it was possible to recover data from it.. a company here in Norway are working with things like that.. one of very few in the world

use a dremel with a grinding rotor to scrape away the layer of data storing material from the cylinder surface and blow it in air..

now dont u say u can recover data from flying powder in air

pmormr wrote: what's a ROK?

ROK = Republic of Korea. Can't really publish the story here as it's the type of x-rated material that would get me banned.

[post deleted][but i thought it would be funny to bring back as a quote]

Yo, I'm not your mate, and I am one of the NET Devils.. Paul is the Great NET Devil, but I don't think you are his mate either

why do i have to be netdevil??? why couldn't you make mart or someone netdevil?

BoLt wrote: Just to warn you all, there is a hacker going around under the name of nEt^DeViL hacking all types forums and Web Wiz applications. He seams to have political issues and is doing this to address them. Get your applications upto date and back up your databases as he is doing a lot of damage.

My friend, lmao