TOPS30, if you still haven't seen it clear your cookies and then go to back to http://forums.digitalpoint.com and refresh your screen as needed.
I agree otherwise why would some of us only get it about an hour after the first person to see it. I was on for a while and did not get it until just of few minutes ago.
It was 110% Fake!!! if a site gets defaced its not going to let you login to the site Plus if this was realy defaced then Shawn would have know about it since it didnt last long and he says he didnt know about it well if his server is close by and manged by him then he would have know and seeing he is here then he new about it even if he dont mange his own server. Plus if you check the tag of the person that was left nothing comes up in google which shows its even more fake.
I was surfing through Digital Point, when suddenly, a page appeared instead of the index. . I managed to get a screen shot: Thank You, Donny
I guess it's a joke since I have a cookie that expires tomorrow from forums.digitalpoint.com that is called hacked
No No its not fake..The site has been hacked its official now.. this is one of the most old trick used by hackers to change the index file.. the database remains same.. but when you login instead of index.php it would redirect to hacked html.. Seems that .htaccess file has been compromised in this case..
well then it would have been redircted then which it was not. if some one setup a 302 redirct you would have it redirct to a different page.
i would like to see it close so that i can read it since there are sites where you can make thoose fake newspapers or fake things like that.
Its not the redirect as its using .htaccess There are tow vulnerabilities were reported in vBulletin. A remote user can execute arbitrary commands on the target system. A remote user can also conduct cross-site scripting attacks. A file is included with the error in the Cache_library that allows a remote user to specify a remote location for the 'vbConfig_absolute_path' parameter to cause the target server to include and execute PHP code from the remote location. The PHP code, including operating system commands, will be executed with the privileges of the target web service. It is also reported that the 'index.php' script does not properly validate user-supplied input in the Itemid, vbmsg, and limit parameters. A remote user can create a specially crafted URL that, when loaded by a target user, will cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the vBulletin software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. Impact: A remote user can execute arbitrary PHP code and operating system commands on the target system with the privileges of the target web service. They can also different page every time and a cookie is set in their system namied hacked. A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the vBulletinServer software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. Seems that Shawn and his team have not appiled the latest patch, as the problem is more due to php than that of vBulletnn
any one else notice that it only shows in FF and not IE http://forums.digitalpoint.com/ very good information NeoGen thank you for sharing.
Yeah, Must Be Shawn's stab at an April fools joke. Sorry, noticed the other thread after posting, you can move this there if you like.