Skip to content
Permalink
main
Switch branches/tags

web-hack-mirror/mirror/1999/12/16/www.bsu.net/index.html

Go to file
 
 
Cannot retrieve contributors at this time
244 lines (227 sloc) 11.9 KB
Raw Blame
Open in GitHub Desktop
<HTML>
<!-- This HTML output is proceded by Fuby Security Advisory and Deface Info pager -->
<!-- Any comments free at fuby@prontomail.com -->
<HEAD>
<TITLE>Fuby - The results of the hack</TITLE>
</HEAD>
<BODY BGCOLOR=#FFFFFF>
<FONT SIZE=2 COLOR=#000000 FACE=Helvetica>
<CENTER>
<TABLE WIDTH=1% BORDER=0 CELLPADDDING=0 CELLSPACING=0>
<TR><!-- The Bar -->
<TD BACKGROUND="http://members.tripod.lycos.nl/fuby_reports/bar.jpg" WIDTH=1%><IMG SRC="http://members.tripod.lycos.nl/fuby_reports/space.jpg"
border=0></TD>
<!-- The Real code -->
<TD><TABLE WIDTH=1% BORDER=0 CELLPADDING=0 CELLSPACING=0>
<TR>
<!-- Fuby Logo -->
<TD WIDTH=1%><IMG SRC="http://members.tripod.lycos.nl/fuby_reports/fuby_secure.jpg" WIDTH=400 HEIGHT=200 border=0></TD>
</TR>
<TR>
<!-- Message Logo -->
<TD WIDTH=1%><IMG SRC="http://members.tripod.lycos.nl/fuby_reports/message.jpg" border=0></TD>
</TR>
<TR>
<TD WIDTH=1%><IMG SRC="http://members.tripod.lycos.nl/fuby_reports/first.jpg" border=0 WIDTH=400 HEIGHT=30></TD>
<TR>
<TD><FONT SIZE=1 COLOR=#000000 FACE=Helvetica>
Dear visitor of this site and ISP user. I welcome you on the new intro page. This is just temporary,
because your admin was to lazy to secure the system. Everyone has seen YTcracker, fuqrag, Flipz and
other a-like-hackers. The messages from <I>Pr1sm</I> showed on <A HREF="http://www.attrition.org/mirror/attrition/1999/12/11/www.resconet.com/">
Attrition</A> are the right words for their response on the media. Now hackers are blamed to crazy people that are drunken and deface pages of high
profile site's. I hope they will quit the lame stuff and learn to hack and not to deface! Response on the
message from <I>Pr1sm</I>.
</TD>
</TR>
<TR>
<TD WIDTH=1%><IMG SRC="http://members.tripod.lycos.nl/fuby_reports/results.jpg" border=0 WIDTH=400 HEIGHT=30></TD>
<TR>
<TD><FONT SIZE=1 COLOR=#000000 FACE=Helvetica>
Here the real story begins of the hack. It is not the first time I hack a ISP (Internet Service Provider).
I hope the admin now thinks twice before ignoring warning mails from real hackers. Just take a look at it.<BR>
<BR>
<U>General Information</U>:<BR>
OS: <I>Windows NT</I><BR>
Server: <I>IIS 4.0 with FrontPage extensions</I><BR>
IP: <I>206.207.93.110</I><BR>
Supporting: <I>Cold Fusion 4.0, SSL (port 443), FTP (port 21), SMTP (port 25), RPC (port 135),
SSMTP (port 465) and IAD2 (port 1031).</I><BR>
<BR>
<U>Bugs found and the results</U>:<BR>
CGI Scripts: <I>/scripts/iisadmin/bdir.htr</I><BR>
Mail server: <I>VRFY Command Enabled</I><BR>
Extensions: <I>Anonymous logging alloud</I> <FONT COLOR=#FF0000>patched</FONT><BR>
Cold Fusion: <I>CFDOCS installed</I> <FONT COLOR=#FF0000>patched</FONT><BR>
<BR>
<U>Admin Advisory</U><BR>
- Update your IIS software and update NT to SP6<BR>
- Delete all the CFDOCS from Cold Fusion<BR>
- Disable Verify command from Mailserver<BR>
- FrontPage loggin with authorization<BR>
- Move sensitive files or secure the CGI file</TD>
</TR>
<TR>
<TD WIDTH=1%><IMG SRC="http://members.tripod.lycos.nl/fuby_reports/real.jpg" border=0 WIDTH=400 HEIGHT=30></TD>
<TR>
<TD><FONT SIZE=1 COLOR=#000000 FACE=Helvetica>
I only greets people here that did a good job and not blamed the hackers. I hope everyone will
respect my think of others. No war is commited with anyone I wrote here! Just a conclusion on what
you did and not what I did!<BR>
<BR>
HiP, FreeJack, r 139, Phreak.nl, Pr1sm, Gh, PHC, AntiChrist, Diz-X, JxLxMx, W0lf, DHC, p4riah, Uneek Tech, hV2k, PhonePhreakers,
mozy, Sarin (I support you!), V00D00, m1ch3l, Scarab, MySelf, Flex and of course my lovely grandfather
(he died on 10th of December 1999).<BR>
<BR>
Anyone I not wrote above made their self conclusion! Maybe you will see yourself in the mirror and say: "Why
have I done this? Where is the target of it? Is it good for the opinion, public?"<BR>
<BR>
Written by,<BR>
<I>Fuby</I></TD>
</TR>
<!-- End of real Code -->
</TABLE></TD>
</TR><TR>
<TD WIDTH=1%><IMG SRC="http://members.tripod.lycos.nl/fuby_reports/low_left.jpg" border=0></TD>
<TD WIDTH=1%><IMG SRC="http://members.tripod.lycos.nl/fuby_reports/low_right.jpg" border=0></TD>
</TR>
</TABLE>
</BODY>
</HTML>
<!-- Remove this line to restore the site
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
<meta name="author" content="patrick pline">
<title>BSU.NET Home Page</title>
<meta name="Microsoft Border" content="none"></head>
<body topmargin="0" background="Images/Backgrounds/BsuNetBackground.gif" vlink="#408080">
<p align="center"><img src="images/Logos/BsuNetlogo.gif" alt="BsuNetlogo.gif (9399 bytes)" WIDTH="539" HEIGHT="150"></p>
<p align="center"><font color="#FF0000">ATTENTION BSU.NET CUSTOMERS!!!<br>
NEW Terms of Service Agreement EFFECTIVELY IMMEDIATELY<br>
Go to:&nbsp;</font><font color="#008000"> <a href="Customer%20Support/Customer%20Registration/Online%20Registration%20Form/Terms%20of%20Service.htm">Terms
of Service</a></font></p>
<div align="center"><center>
<table border="0" cellspacing="1" height="39" width="757">
<tr>
<td width="285" height="40"><p align="left"><big><strong>BSU.NET Customer Information</strong></big></td>
<td width="66" height="40"><big></big></td>
<td width="933" rowspan="8" valign="top" align="left" height="1"><strong><font face="Arial">BSU.NET offers its customers:</font></strong><ul>
<li><font face="Arial">Unlimited Internet Service</font></li>
<li><font face="Arial">5MB of Personal Web Space</font></li>
<li><font face="Arial">1 E-mail Account(can be viewed in browser without a need for
additional software)</font></li>
<li><font face="Arial">BSU students committed to serving BSU.NET customers 24 hours a day,
365 days a year.</font></li>
</ul>
<p><font face="Arial">If you are a student, faculty, or staff member of BSU and would like
to have additional information regarding the service we provide, please go to our <a href="Customer%20Support/Customer%20Registration/CustomerRegistrationPage.htm">registration
page</a> or <a href="mailto:webmaster@bsu.net">email</a> us and we will be happy to serve
you. </font></p>
<p><font face="Arial"><strong>History of BSU.NET</strong><big><br>
</big>At the beginning of the 1996 Spring Semester, students of Boise State University
chose a loose objective to start an Internet Service and provide service to students,
faculty, and staff of BSU.Through hard work and <a href="Contributions/Contributions.htm">contributions</a>
from local companies, BSU.NET was born and has <u>become the only known Internet Service
Provider organized and maintained exclusively by college students</u>.</font></p>
<p><font face="Arial">If you or your company would like to make a monetary or in-kind
equipment donation to BSU.NET for certain tax benefits, please contact Dr. Robert Minch,
Ph.D. at&nbsp; (208) 426 - 3491~ Office &amp; Voice Mail [e-mail address is: <a href="mailto:risminch@cobfac.boisestate.edu">risminch@cobfac.boisestate.edu</a>] - or -
Dr.Sharon Tabor Ph.D. at (208) 426 - 4344 ~ Office &amp; Voice Mail phone number [e-mail
address is: <a href="mailto:stabor@cobfac.boisestate.edu">stabor@cobfac.boisestate.edu</a>
]. Please consult your tax adviser for contribution credit information. </font></p>
<p><font face="Arial"><strong>Email Service&nbsp; </strong>Many customer have been
experiencing email difficulties .&nbsp; We believe that we have resolved the issues.
&nbsp; If you are still experiencing difficulties please let us know by&nbsp; <em><strong><font color="#000000">contacting us at</font></font><font color="#408080" face="Arial"> <a href="mailto:help@bsu.net">help@bsu.net</a><big><br>
</font></strong></em></big></p>
<p><big>&nbsp;</big></td>
</tr>
<tr>
<td width="285" height="1"><u><font color="#FF0000"><a href="http://mail.bsu.net:8383/">E-mail</a></font><font color="#0000FF"> </u>(mail.bsu.net)</font><p><font color="#000000">Notice of&nbsp;
Semester Expiration Dates for BSU.NET accounts:</font><ul>
<li><font color="#000000">Fall&nbsp; = </font><font color="#FF0000">January 15th</font></li>
<li><font color="#000000">Spring = </font><font color="#FF0000">June 15th</font></li>
<li><font color="#000000">Summer = </font><font color="#FF0000">September 15th </font></li>
</ul>
</td>
<td width="66" height="1"><big></big></td>
</tr>
<tr>
<td width="285" height="32"><a href="Customer%20Suggestion%20Form/CustomerSuggestionForm.htm">Customer Suggestion Form</a></td>
<td width="66" height="32"><big></big></td>
</tr>
<tr>
<td width="285" height="30"><a href="http://payette.bsu.net:8181/">Administer Your E-mail
Account</a></td>
<td width="66" height="30"><big></big></td>
</tr>
<tr>
<td width="285" height="32"><a href="Email%20Options/EmailOptions.htm">New E-mail Options</a></td>
<td width="66" height="32"><big></big></td>
</tr>
<tr>
<td width="285" height="30"><a href="Customer%20Support/CustomerSupport.htm">Help Page and
Technical Support</a></td>
<td width="66" height="30"><big></big></td>
</tr>
<tr>
<td width="285" height="30"><a href="Customer%20Support/Configuration%20Guide/Dial%20In%20Configuration%20Guide.htm">BSU.NET
Dial-up Configuration Page</a></td>
<td width="66" height="30"><big></big></td>
</tr>
<tr>
<td width="285" height="6"><a href="EmailConfiguration/EmailSetup.htm">BSU.NET Mail
Configuration</a>&nbsp; <ul>
<li>Eudora (Light) 3</li>
<li>Internet Mail</li>
<li>Netscape Communicator </li>
<li>Netscape Mail 3</li>
<li>Outlook 97</li>
<li>Outlook 98</li>
<li>Outlook Express 4</li>
<li>Outlook Express 5</li>
</ul>
</td>
<td width="66" height="6"><big></big></td>
</tr>
<tr>
<td width="285" height="6"><a href="Customer%20Web%20Pages/CustomerWebs.htm">Customer Web
Pages</a></td>
<td width="66" height="6"><big></big></td>
</tr>
<tr>
<td width="285" height="1"><a href="Customer%20Tools/CustomerTools.htm">WWW Reference and
Tools</a></td>
<td width="66" height="1"><big></big></td>
</tr>
<tr>
<td width="285" height="21"><big><strong>BSU.NET System Information</strong></big></td>
<td width="66" height="21"><big></big></td>
<td width="933" height="21"><big>&nbsp;</big><p><font face="Arial">To see the only other known
student-run ISP go to:<a href="http://www.m-hip.com">http://www.m-hip.com</a> (McDermitt
High School in McDermitt, Nevada).</font></td>
</tr>
<tr>
<td width="285" height="21"><a href="Bsu%20Net%20System%20Status/SystemStatus.htm">System
Status(monitor)</a></td>
<td width="66" height="21"><big></big></td>
<td width="933" height="21"><big></big></td>
</tr>
<tr>
<td width="285" height="21"><a href="Bsu%20Net%20Web%20Cams/WebCams.htm">BSU.NET Web Cams</a></td>
<td width="66" height="21"><big></big></td>
<td width="933" height="21"><big><strong>BSU.NET</strong><font color="#008000"><big> <em><strong>dial-up</strong></em></big>
</font>phone number is: (208) <strong>426 </strong>- <strong>4983</strong></big><p><small><small><small><small><small><img src="WB01345_.gif" width="20" height="20" alt="WB01345_.gif (616 bytes)"></small></small></small></small></small><big><strong>
Notice: <font color="#FF0000">Microsoft FrontPage 2000 is <em>NOT</em> supported by
BSU.NET at this time.</font></strong></big></td>
</tr>
</table>
</center></div>
<p align="center"><font color="#408080" face="Arial"><em><strong><small>Comments?
Questions? Contact&nbsp; <a href="mailto:help@bsu.net">help@bsu.net</a></small><br>
</strong></em></font><img src="Images/Separation%20Bars/SeparationBar2.gif" WIDTH="500" HEIGHT="4"></p>
<p align="center"><font size="2" face="Arial"><strong>Copyright © 1996-1999 [BSU.NET].
All rights reserved.</strong></font></p>
<p align="center">&nbsp;</p>
</body>
</html>
--><!-- www.attrition.org web hack mirror - watermark or something -->