lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: email at robert-marquardt.com (Robert Marquardt)
Subject: AW: Is www.sco.com hacked?

> The women in the background write something like "hacked by ...".
> I think www.sco.com is hacked.

News from zone-h.org
www.SCO.com defacement: 
  
SyS64738 and Siegfried, Zone-H.org admins
11/29/2004
 
It's still there since this early morning: instead of the usual SCO's logo
(www.sco.com), we can see a cleverly forged one, that at the first sight
might look as the usual SCO logo but it actually contains the wordings: WE
OWN ALL YOUR CODE, PAY US ALL YOUR MONEY. followed "by hacked by realloc()"
see the mirror at: http://www.zone-h.org/defaced/2004/11/29/www.sco.com/ or
a screenshot: http://www.zone-h.org/files/77/sco.com.jpg 

The site had already been defaced yesterday by the same person at
http://www.sco.com/redhat , the original title "Red Hat v. SCO" was changed
to "SCO vs World" with a text proclaiming that SCO had found parts of their
code in Microsoft products:

"SCO vs World 

Recently we found parts of our code in almost all Microsoft(R) software. We
want to bring an action against Microsoft(R) and our legal department is
working on that. Parts of code found in in all Microsoft(R) products from
MS-DOS(TM) 2.1 to Microsoft(R) Windows(TM) Longhorn. Currently we are
checking older MS-DOS sources. It's obvious, that all while (1){
do_something; } and for (i = 0; i < 16; i++) loops came from our code. "

The mirror is available here:
http://www.zone-h.org/defaced/2004/11/29/www.sco.com/redhat/

The site is running on Linux - Apache located at 216.250.128.21 

Unconfirmed rumors are suggesting that the site might have been defaced
using a bug in a PHP script. 

The defacement reports a message that is probably linking back to the SCO vs
IBM court case, where SCO claimed certain rights over periferic parts of the
Linux kernel. 

What can we add, back to Fluffy Bunny time? 
_______________________________________________

Best Regards,
Robert Marquardt
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ