Heh – I wonder if that trojan is “Vista Ready” :P

Yet another fine reason to run something beside Windoze . . .

Thank you much, for the information. I will look more into IIS when I have the time.
Dinner is almost ready so…

And I hope you liked the widget site. LSTM

Well, yes and no. IIS is notoriously exploitable unless locked down properly. Unpatched windows can also be an easy target.

But then again Linux can also be easily exploited if you are running an old version of Apache, and old ssh server and etc…

Whelp, my fav Bittorrent site (Demonoid) just crashed. And that is lame indeed.

So; just reading what you’re saying. Linux is better.

No worries.

Well, yes that page does have some Javascript.

Btw – Javascript and Java are very different. Javascript is a scripting language developed by Netscape. It is mainly used for making web pages do cool stuff. Java is a full fledged programming language by Sun that can be used to write applications or powerful server side backends.

I just don’t understand how someone unauthorized can change the header without the Admin knowing.

Well, first you compromise the server. The Dolphin Stadium seem to be running IIS 5.0 and ASP 1.1.4. Ops, it’s a windows machine!!! Most likely unpatched.

Chances are that there are plenty of remote exploits you could use to take over that box. Once you’re in, you just do whatever. :)

I’ve always been more interested in hacking software then webpages.

It’s the same thing really. To “hack” a webpage you need to gain control of the server on which it is located. You you are really exploiting the underlying software.

There’s a lot you wrote there…I knew java could do that. Instead of opening another url, it happens all in the same page. I tried to give a link, but I never code that often, http://www.widgipedia.com/. This page is Java right? (just read your email, thanks for fixing.) Don’t know your email, haven’t really looked around much for it, just put it in the comments…nice site; I know it’s not relevant, I apologize. I just don’t understand how someone unauthorized can change the header without the Admin knowing.
I’ve always been more interested in hacking software then webpages. People do this for what reason? Ah, they’re just really bored. Now compromising a system on hands is more fun.

Ze – this one is a biggie. I suspect that there will be quite a few people hit by this.

They picked a perfect time to do this, and their web staff doesn’t seem to be “on the ball” so to speak :mrgreen:

Elephantman – I fixed the link you tried to post. It goes:

<a href=”url”>link text</a>

Not sure how that site is relevant to the topic at hand though. :| If you want to share a cool link, just email it to me or something.

Huh?

No, I meant that you would usually put all of this kind of stuff (ie. declarations of all the javascript scripts that you will use on the page, references to stylesheets, top of the page graphics, the navigation menus and etc..) into some sort of header file and then import it at the top of each page.

Usually the header files won’t change that often – and if I was trying to compromise a website I would try to find such a file and then insert my malicious script there – this way it would appear on every single page of the website.

Then there of course are the email headers, and the html headers. Every HTML server sends a set of headers with each page. They tell the browser how to render the page properly. For example the headers of this website are:

HTTP/1.1 200 OK
Date: Sun, 04 Feb 2007 02:25:32 GMT
Server: Apache/2.0.54 (Unix) PHP/4.4.4 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_fastcg
i/2.4.2 DAV/2 SVN/1.3.2
X-Powered-By: PHP/4.4.4
X-Pingback: http://www.terminally-incoherent.com/blog/xmlrpc.php
Set-Cookie: bb2_screener_=1170555933+69.249.57.64; path=/blog/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Connection: close
Content-Type: text/html; charset=UTF

I guess the easiest way you can see the headers using the text browser lynx:

lynx -head http://example.com

Email headers are similar but they contain additional information about the servers the email visited, the sender, email client that was used to send it and etc..

Regarding the IP – there are many ways to find it. For example, each time you load a page in your browser, it sends out a HTTP request to the server. This request contains your IP, the page you wish to view and some other info. The server then sends you back the page so you can view it.

So if you browsed my site I can find out your IP address (and by that your ISP), what kind of browser do you use, what kind of OS you are running and etc..

Javascript is a scripting language that can be used to do all sorts of fancy stuff with web pages. For example – if you go to Google Maps, you can drag the map to move it around – that’s done using javascript. Similarly the dots game I posted is also javascript.

You can also use javascript to trigger a download of a malicious trojan on an unpatched windows machine using IE – which is what happened in this case.

link