Comments on: Skiddies hacking sites in my name

By: thefixer

thefixer — Sat, 27 Feb 2010 04:34:12 +0000

“I just monitor it the best I can, chuckle a bit, and share the more interesting stuff with my readers.”

I think you meant to say… you will share the more interesting stuff with the FBI…

By: Wesley McGrew

Wesley McGrew — Wed, 04 Nov 2009 13:20:59 +0000

Thanks Aaron! Stuff like this doesn’t really bother me. As you said, the fact that I continue to be targeted means something more than the sum of the stuff that happens.

I just monitor it the best I can, chuckle a bit, and share the more interesting stuff with my readers.

By: Wesley McGrew

Wesley McGrew — Wed, 04 Nov 2009 13:18:57 +0000

Thanks for the link, Web.Audit that’s a good find. With the SQL injection vuln. listed publicly like that, it doesn’t really even take any skill to go ahead and do defacements. So it could have been them, or anyone else who read that post (or found a really easy SQL injection on their own).

By: Aaron

Aaron — Wed, 04 Nov 2009 07:35:43 +0000

Wesley, keep up the good work. The more of this you see, the more you know you have made an impact. It’s not always pretty, but you obviously got some attention. Getting attention usually means you hit a nerve and that usually means you discovered a truth. You are doing good work, you are doing it with good intentions and you are doing it with integrity. This is a compliment to the impact you have had – there is no changing that.

No amount of amateur tagging will paint a different picture. You caught a bad guy.

By: Web.Audit

Web.Audit — Wed, 04 Nov 2009 05:44:56 +0000

Your possible culprits.
http://www.hackforums.net/showthread.php?tid=176840

By: Vap0r

Vap0r — Wed, 04 Nov 2009 02:55:27 +0000

I’m a member of ETA, and I would like to say that I don’t think it was Mr^E, these cats took responsibility: http://www.realtyverticals.com/GCDisplay.php?id=2 . It might have been him, I’m just saying, it just doesn’t really seem his style. Also, the sql injection was relatively simple, anyone could have found it.

By: Rob

Rob — Tue, 03 Nov 2009 22:51:12 +0000

Obviously it was not Wesley, if it was the message would have read:

‘J00 h4VE 8eEN H4x0rED L4mEr2, pHJEER MC9rEW 5eCuR17Y!

By: Wesley McGrew

Wesley McGrew — Tue, 03 Nov 2009 20:53:23 +0000

I think I need to lie down now too.

By: Dan

Dan — Tue, 03 Nov 2009 20:43:10 +0000

Yes, if you hacked the site you wouldn’t leave a calling card. But wait, you know that we know you wouldn’t leave a calling card. And you know that we know that ETA is after you. So then ETA wouldn’t be so obvious in posting the link in their forum. But they know that we know its obvious. But if you know that they know that we know its obvious then…this is the most elaborate hack performed by mcgrew!

Need to go lie down.