index.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0026)http://www.antionline.com/ -->
<HTML><HEAD><TITLE>AntiOnline Owned</TITLE>
<META content="text/html; charset=windows-1252" http-equiv=Content-Type>
<META content=n1nor name=author>
<META content="MSHTML 5.00.2920.0" name=GENERATOR>
<META
content="antionline, jp, packetstorm, harvard, negation, attrition > antionline, hyperlitigious cranks, hacker toilet training, carolyn meinel's mutual masturbation buff, support for the NSA's new double-xor/single-key encryption algorithm, hacker profili
ng with Inspector Gadget utility belts"
name=keywords>
<META
content="AntiOnline gets owned. JP contemplates switching to ballet dancing"
name=description><!-- "There is a darker element of my culture" --></HEAD>
<BODY aLink=#ff0000 bgColor=#000000 link=#cc99ff text=#ffffff vLink=#cc99ff>
<H1 align=center>Hackers Know The Weaknesses In My System, Shouldn't I?</H1>
<CENTER><IMG
alt="JP: I wish my ass could be as tight as my box was supposed to be..."
src="AntiOnline_Owned_files/jpred.gif"> </CENTER>
<TABLE align=center width="90%">
  <TBODY>
  <TR>
    <TD><FONT face=arial>I could have sworn this site was deemed unhackable.
      <P>Johnny, is there any chance of getting the site's appearance changed?
      Honestly man, it looks like some fucking playdoh workbench with Sesame
      Street tinker toys.
      <P>Included below are some links where you can read about the different
      classes of programming flaws commonly found in dynamic scripts. Some of
      these flaws led to the compromise of John Vranesevich and his slumber
      party think tank.
      <UL>
        <LI><A href="http://www.nmrc.org/faqs/www/index.html">WWW Hack Faq</A>
        <LI><A href="http://www.w3.org/Security/faq/www-security-faq.html">WWW
        Security Faq</A>
        <LI><A
        href="http://phrack.infonexus.com/search.phtml?view&amp;article=p55-7">Perl
        CGI Problems</A>
        <LI><A
        href="http://phrack.infonexus.com/search.phtml?view&amp;article=p49-8">CGI
        Security Holes</A>
        <LI><A
        href="http://www.csclub.uwaterloo.ca/u/mlvanbie/cgisec/index.html">CGI
        Security Tutorial</A>
        <LI><A href="http://secinf.net/info/www/cgi-bugs.htm">CGI Vulnerability
        List</A> </LI></UL>The lesson inherent in this defacement is that even
      sites with only a webserver accessible can be penetrated. Determined
      intruders will scour your website looking for information leaks, dimwitted
      misconfigurations, and insecurities in server-side programs.
      <P>This hack did not require any great degree of skill. I am convinced
      that the vulnerability I discovered would be recognized as such by anyone
      who cared to endure the torment of wading through this retarded shithole.
      Unsafe scripting practices and the dangers of unsanitized input have been
      discussed for years, so why is it that AntiOnline, a site which apparently
      extols computer security, could be owned so easily? <!-- words betray me -->
      <P>My guess here is that Bub will lose his job, then he'll scrounge
      welfare checks or wind up as another talk show host, seeing that he looks
      like the by-product of Phil Donahue and Barney the Dinosaur anyway. JP is
      gonna shit his pants when he sees this, but that's ok cuz he can clean it
      up with the pages of his Sally Struthers mail-order security manual.
      Meanwhile, YOU can send in your comments about this to AntiOnline's Weekly
      Windbag.
      <P>This defacement by <FONT color=#66ffff face=courier>n1nor</FONT> was
      endorsed by ISS RealSecure and Cisco PIX. The original index.html was
      renamed indexbak.html. </FONT></P></TD></TR></TBODY></TABLE></BODY></HTML>
<!-- www.attrition.org web hack mirror - watermark or something -->
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
	<!-- saved from url=(0026)http://www.antionline.com/ -->
	<HTML><HEAD><TITLE>AntiOnline Owned</TITLE>
	<META content="text/html; charset=windows-1252" http-equiv=Content-Type>
	<META content=n1nor name=author>
	<META content="MSHTML 5.00.2920.0" name=GENERATOR>
	<META
	content="antionline, jp, packetstorm, harvard, negation, attrition > antionline, hyperlitigious cranks, hacker toilet training, carolyn meinel's mutual masturbation buff, support for the NSA's new double-xor/single-key encryption algorithm, hacker profili
	ng with Inspector Gadget utility belts"
	name=keywords>
	<META
	content="AntiOnline gets owned. JP contemplates switching to ballet dancing"
	name=description><!-- "There is a darker element of my culture" --></HEAD>
	<BODY aLink=#ff0000 bgColor=#000000 link=#cc99ff text=#ffffff vLink=#cc99ff>
	<H1 align=center>Hackers Know The Weaknesses In My System, Shouldn't I?</H1>
	<CENTER><IMG
	alt="JP: I wish my ass could be as tight as my box was supposed to be..."
	src="AntiOnline_Owned_files/jpred.gif"> </CENTER>
	<TABLE align=center width="90%">
	<TBODY>
	<TR>
	<TD><FONT face=arial>I could have sworn this site was deemed unhackable.
	<P>Johnny, is there any chance of getting the site's appearance changed?
	Honestly man, it looks like some fucking playdoh workbench with Sesame
	Street tinker toys.
	<P>Included below are some links where you can read about the different
	classes of programming flaws commonly found in dynamic scripts. Some of
	these flaws led to the compromise of John Vranesevich and his slumber
	party think tank.
	<UL>
	<LI><A href="http://www.nmrc.org/faqs/www/index.html">WWW Hack Faq</A>
	<LI><A href="http://www.w3.org/Security/faq/www-security-faq.html">WWW
	Security Faq</A>
	<LI><A
	href="http://phrack.infonexus.com/search.phtml?view&article=p55-7">Perl
	CGI Problems</A>
	<LI><A
	href="http://phrack.infonexus.com/search.phtml?view&article=p49-8">CGI
	Security Holes</A>
	<LI><A
	href="http://www.csclub.uwaterloo.ca/u/mlvanbie/cgisec/index.html">CGI
	Security Tutorial</A>
	<LI><A href="http://secinf.net/info/www/cgi-bugs.htm">CGI Vulnerability
	List</A> </LI></UL>The lesson inherent in this defacement is that even
	sites with only a webserver accessible can be penetrated. Determined
	intruders will scour your website looking for information leaks, dimwitted
	misconfigurations, and insecurities in server-side programs.
	<P>This hack did not require any great degree of skill. I am convinced
	that the vulnerability I discovered would be recognized as such by anyone
	who cared to endure the torment of wading through this retarded shithole.
	Unsafe scripting practices and the dangers of unsanitized input have been
	discussed for years, so why is it that AntiOnline, a site which apparently
	extols computer security, could be owned so easily? <!-- words betray me -->
	<P>My guess here is that Bub will lose his job, then he'll scrounge
	welfare checks or wind up as another talk show host, seeing that he looks
	like the by-product of Phil Donahue and Barney the Dinosaur anyway. JP is
	gonna shit his pants when he sees this, but that's ok cuz he can clean it
	up with the pages of his Sally Struthers mail-order security manual.
	Meanwhile, YOU can send in your comments about this to AntiOnline's Weekly
	Windbag.
	<P>This defacement by <FONT color=#66ffff face=courier>n1nor</FONT> was
	endorsed by ISS RealSecure and Cisco PIX. The original index.html was
	renamed indexbak.html. </FONT></P></TD></TR></TBODY></TABLE></BODY></HTML>
	<!-- www.attrition.org web hack mirror - watermark or something -->