Iframe exploit

Discussion in 'Site Discussions & Suggestions' started by Logan_, Mar 12, 2008.

  1. Logan_
    OP

    Logan_ Member

    Newcomer
    27
    0
    Nov 15, 2006
    United States
  2. jeklnoo

    jeklnoo GBAtemp Fan

    Member
    335
    0
    Oct 20, 2006
    United States
    ur forum software was haxed! and so soon after upgrading too. lame.
     
  3. fischju

    fischju Rehabilitated Jaywalker

    Member
    1,940
    0
    Jan 11, 2008
    United States
    OH NO.


    *disables flash*
     
  4. thejakal

    thejakal Member

    Newcomer
    39
    0
    Nov 15, 2006
    United States
    yes, this is quite an annoying problem. is it really a hack? either way, someone needs to take care of it...
     
  5. camx

    camx GBAtemp Fan

    Member
    372
    0
    Nov 17, 2003
    United States
    colorado USA
    I ARE ASCARED
     
  6. 754boy

    754boy :D

    Banned
    3,469
    1
    Oct 24, 2002
    United States
    Mississippi
    Was just about to report this lol. Its VERY annoying [​IMG]
     
  7. asuri

    asuri GBAtemp Fan

    Member
    465
    0
    Jun 6, 2007
    Canada
    because of the piracy protection rumor
     
  8. jeklnoo

    jeklnoo GBAtemp Fan

    Member
    335
    0
    Oct 20, 2006
    United States
    yes it's definately a hack. what is unknown is if it's due to a hole in the forum software, or it was placed there by other means (eg by gbatemp admin to make some money)
     
  9. Costello

    Costello Headmaster

    Administrator
    12,441
    5,776
    Oct 24, 2002
    [​IMG] hehe
     
  10. science

    science science rules

    Member
    3,697
    114
    Jun 9, 2006
    Canada
    I'm confused as to whats happening...?
     
  11. CockroachMan

    CockroachMan Scribbling around GBATemp's kitchen.

    Member
    3,889
    5
    Jan 14, 2006
    Brazil
    Brazil
    So.. now Costello has all our credit card numbers? [​IMG]

    lol.. seriously.. what happened? [​IMG]
     
  12. AndreXL

    AndreXL GBAtemp Advanced Fan

    Member
    514
    0
    Dec 28, 2006
    It's because of the new game "DS #2114: Bunnyz (Europe)!!!"
    It just came out and all heck broke loose!
     
  13. fischju

    fischju Rehabilitated Jaywalker

    Member
    1,940
    0
    Jan 11, 2008
    United States

    OH NOES

    *disables javascript*
     
  14. aZnXrAvEr

    aZnXrAvEr GBAtemp Regular

    Member
    148
    0
    May 18, 2007
    United States
    I think I have a router that can be exploited by that "hack."

    When I went on gbatemp.net last night, it kept causing my internet to disconnect and I had to wait a minute before I could use it again. It also gave me a new ip address... I have a UK ip address now because when I go to google.com, it redirects me to google.co.uk... When I click "Go to Google.com", there is an "VHCS Error" or something.
     
  15. Drkchaos

    Drkchaos Newbie

    Newcomer
    3
    0
    Aug 22, 2007
    United States
    Same thing happened to me...

    Any way to fix this? I can't even log into Gmail now...
     
  16. aZnXrAvEr

    aZnXrAvEr GBAtemp Regular

    Member
    148
    0
    May 18, 2007
    United States
    Yea, this is serious... What did you do Costello? [​IMG]

    Google.com and Gmail.com don't work for me anymore...
     
  17. AndreXL

    AndreXL GBAtemp Advanced Fan

    Member
    514
    0
    Dec 28, 2006
    Ok. Seems that this iframe hack thing started it all.... Hope everything is ok now. :|
     
  18. Costello

    Costello Headmaster

    Administrator
    12,441
    5,776
    Oct 24, 2002
    today's attack was totally unrelated, fortunately.
    We're getting there, little by little [​IMG]
     
  19. Extreme Coder

    Extreme Coder GBAtemp Advanced Fan

    Member
    938
    0
    Nov 25, 2005
    Egypt
    Cairo, Egypt
    Today's attack was wierd, There was something about Israel, Iran and Turkish hackers [​IMG]
     
  20. aZnXrAvEr

    aZnXrAvEr GBAtemp Regular

    Member
    148
    0
    May 18, 2007
    United States
    Okay, i have finally fixed my router problem from that iframe exploit! I did some searching and found this page that talks about the exploit that was used in the iframe:
    http://www.dslreports.com/forum/r19983085-...y-Vulnerability

    The iframe loaded a page that had an exploit for the 2wire gateway/routers.
    The first thing that it did was change the password to 'admin'.

    The next thing it did was set a bunch of sites (google.com, citibank.co.uk, colmena.com.co, banesconline.com, natwest.co.uk) to redirect to 85.207.10.68. I don't know what that ip is, but it didn't load anything... which is why google.com didn't work for me.

    And lastly, there's a code that restarts your router or something...

    Anyway, I got the original ip addresses for each of those sites and set them back to normal in my router. Now I can access them again! If you need your router to be fixed, check out the page I made here: http://fix2wire.freehostplace.com