Was just visiting the yii website and saw this?
http://www.yiiframework.com/
Source:
<title>Hacked by BILIS IRENG</title>
<meta name="generator" content="Hacked by MR.SMITH, Hacked By begundalz , katonz , hacked by katonz , katon , Surabaya blackhat , Security Tester" /><meta name="author" content="Hacked By Katonz" />
<meta name="keywords" content="Hacked By MR.SMITH, hacked by katonz" /><meta name="description" content="Hacked By Katonz - Security Tester" />
<link rel=‘SHORTCUT ICON’ type=‘image/x-icon’ href=‘http://fcs-cultural-foods-wiki.wikispaces.com/file/view/indonesia-flag.gif/212845002/172x129/indonesia-flag.gif ’>
<style>
body {
background: #000 url(http://i.cubeupload.com/H2cLux.jpg) no-repeat top center;
color: #ffffff;
font-family: Courier New;
font-size: 12px;
}
#black {
text-align: center;
font-size:12px;
font-weight: bold;
}
a:link, a:visited {font-weight:normal; text-decoration:none; color:#ff0000 ;}
a:hover {font-weight:bold; text-decoration:none; cursor:help;}
</style>
<object data="http://flash-mp3-player.net/medias/player_mp3.swf " width="0" height="0" type="application/x-shockwave-flash" idm_id ="-1980514303">
<param value="#ffffff " name="bgcolor"><br>
<param value="mp3=http://xover2.jkt.3d.x.indowebster.com/download-vip/80/p16nfjku6i1fnr16km154kl6e4o3.MP3/%5Bwww.indowebster.com %5D-PREVIEW.MP3&loop=1&autoplay=1&volume=125" name="FlashVars"></object>
<br>
</head>
</center>
<br>
<br>
</span></font>
<body bgcolor="#000000 ">
<body style=’-moz-user-select: true; cursor: crosshair;’>
<br>
<br>
<br>
<br>
<br>
<br>
</font></p>
<marquee direction="up" scrollamount="0.7"><left>
<br>
<br>Greetz :
<br>- UNWANTED
<br>- WAYC0DE
<br>- MJL007
<br>- KATONZ
<br>- IBOX
<br>- STAR ANGGA
<br>- PLENGEH
<br>- XEROX
<br>- And All Jember Hacker Team Member
<br>
<br>
<br><br>
</marquee> </center>
</br><br>
<p align="left"><b>
<br>
<center>
<center><font color="white" face="" size="2"></center><font color="B20202" face="" size="3"><b>BILIS <font color="white" face="" size="3">IRENG</b></a><br>
<center><font color="white" face="" size="2"></center><a href="http://www.jember-hacker.org " title="WE JUST TEST YOUR SECURITY" target="_blank"><font color="B20202" face="" size="3"><b>WWW.Jember-<font color="white" face="" size="3">Hacker.ORG </b></a><br>
<script type=‘text/javascript’>
function showElement(layer){var myLayer = document.getElementById(layer);if(myLayer.style.display=="none"){myLayer.style.display="block";myLayer.backgroundPosition="top";} else { myLayer.style.display="none"; }}
</script>
</body>
</html>
oh… i think it’s bad news or breaking news to yii team!
kiran123
(Sharmakiran71)
July 23, 2013, 8:50am
4
Yes It Is…
But I thought the YiiFramework.com is not created using Yii framework .
Its server security issue that hacker(s) uploaded html file of index page, rather than this whole site working fine.
So, Don’t worry… Yii Framework is Secure.
Cheers…
Nic_Anji
(Nic Anji)
July 23, 2013, 8:53am
5
Yes, it seems that someone has uploaded an index.html file!
http://www.yiiframework.com/index.php seems to work
samdark
(Alexander Makarov)
July 23, 2013, 10:05am
7
Just posted an announcement.
samdark
(Alexander Makarov)
July 23, 2013, 3:26pm
8
Will post details soon. Overall it’s nothing to worry about too much.
Since the installation of IPB is a rather old one, dare I ask if the concerns in this discussion regarding IPB’s way of hashing passwords still apply?
samdark
(Alexander Makarov)
July 24, 2013, 8:47am
10
Yes. That’s why emails about changing passwords were sent.
Well, that’s good to know. But you will surely see this somewhat contradicts your previous statement:
Since the post above might sound harsh, I’d like to clarify a bit: I think overall you reacted very well and in a timely fashion. Especially since some corporations took up to a week (or significantly longer) to inform their user base about security breaches involving possible or actual leaks of user data in the very recent past.
However, I feel a bit misinformed by your aforementioned statement in conjunction with the email stating “we’re storing passwords encrypted and are salting hashes” if I have to find out via Google this is actually supposed to mean [font=“Courier New”]md5(md5($hash) . md5($password))[/font]. This very bit of information implies an entirely different sense of urgency. Given that the target audience of this forum is quite tech-savvy, I see some room for improvement.
Well, since I got this off my chest, let’s all carry on now, shall we?
samilo
(Samiloxphp)
July 25, 2013, 12:34pm
13
It’s So bad news , please from All Yii team we need to know full details about exploit and where it ?
http://www.yiiframew …deface-details/
This too short description .
We love Yii and we need to be stable .
Viva Yii
samdark
(Alexander Makarov)
July 25, 2013, 12:51pm
14
samilo
What would you like to know? It was IPB forum known exploit that is now fixed.
samilo
(Samiloxphp)
July 25, 2013, 1:04pm
15
Thank you samdark .
That mean we need to develop our own Forum , or what you think .
[b]
[/b]
samdark
(Alexander Makarov)
July 25, 2013, 5:16pm
16
Well, ideally yes but in reality it would take too much time.
re1nald0
(Reinld17)
July 26, 2013, 2:54pm
17
This is bad. Some other sites were attacked too at the same day (and several of them are still down until now ).
Thanks for the quick fix, Yii team!