Sign in to follow this  
Followers 0
Seal

Astalavista Hacked

2 posts in this topic

If you go to Astalavista right now, you'll see it's just a placeholder site:

http://astalavista.com/

They got hacked. With Metasploit no less, which means they were undone by a known vulnerability. There was a patch for that vulnerability. You can see it all here:

http://pastebin.com/f751e9f5b

I was going through the logs. At one point, the hacker prints out the list of passwords for the site, which are stored in a MySQL database as MD5 hashes. I started cracking the hashes using a rainbow table. I succeeded in a number of cases, which indicates to me that they never bothered to salt their database. Seriously, I'm a shitty programmer, but I'm pretty sure I could have at least done that much.

It also made me wonder though: why would an admin set their password to be their first name? That admin's email is given out, with his first name in there. That just seems ridiculous to me, but it gets worse. Why would any user with higher privileges set their password to "123456" (actual password) or "astalavista" (another real one)?

I never cared for Astalavista, mostly because I thought it was selling what you could easily acquire from a google search for free (and better.) Heck, I'm pretty sure these forums are better than anything thing they provided for a fee on their site. This is just embarrasing though.

Edited by Seal
0

Share this post


Link to post
Share on other sites
If you go to Astalavista right now, you'll see it's just a placeholder site:

http://astalavista.com/

They got hacked. With Metasploit no less, which means they were undone by a known vulnerability. There was a patch for that vulnerability. You can see it all here:

http://pastebin.com/f751e9f5b

I was going through the logs. At one point, the hacker prints out the list of passwords for the site, which are stored in a MySQL database as MD5 hashes. I started cracking the hashes using a rainbow table. I succeeded in a number of cases, which indicates to me that they never bothered to salt their database. Seriously, I'm a shitty programmer, but I'm pretty sure I could have at least done that much.

It also made me wonder though: why would an admin set their password to be their first name? That admin's email is given out, with his first name in there. That just seems ridiculous to me, but it gets worse. Why would any user with higher privileges set their password to "123456" (actual password) or "astalavista" (another real one)?

I never cared for Astalavista, mostly because I thought it was selling what you could easily acquire from a google search for free (and better.) Heck, I'm pretty sure these forums are better than anything thing they provided for a fee on their site. This is just embarrasing though.

I never liked the "VIBE" from that site. Back in my AOHELL days it always lead me to spyware and annoying pop-ups. I am glad they got owned. I never understood their whole "SUBSCRIPTION" service, it always seemed like a joke to me because everything they offered in their member section seemed to already be in the public section. Plus nothing as ever been produced from their site.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0