Divx Stage6 情報交換2【アカウント所持者専用】
復旧したみたいだね
ちょっと長いけどズバリだと思うので丸ごと転載
----
http://en.wikipedia.org/wiki/Talk:Stage6#Site_Hacked
In regards to the hack, viewing the password list they released, there
is great suspicion that they didn't hack ALL the passwords. It looks
more like they implemented a XSS or some social engineering hack
(created a fake login screen) and collected passwords of those who fell
for it. It would explain why the passwords are not encypted, as well as
why it seems there are so many repeated passwords only seconds apart in
the list-- users trying repeatedly to login (via a fake login). Chances
are, they scored an admin password at some point, which let them modify
greater aspects of stage6 OR modified aspects of the site via another
XSS attack. Compromised users are likely only those who have had trouble
logging into stage6 at some point in the last 2 months. ―Preceding
unsigned comment added by Punkrawker (talk . contribs) 07:57, 10
February 2008 (UTC)
----
ちょっと長いけどズバリだと思うので丸ごと転載
----
http://en.wikipedia.org/wiki/Talk:Stage6#Site_Hacked
In regards to the hack, viewing the password list they released, there
is great suspicion that they didn't hack ALL the passwords. It looks
more like they implemented a XSS or some social engineering hack
(created a fake login screen) and collected passwords of those who fell
for it. It would explain why the passwords are not encypted, as well as
why it seems there are so many repeated passwords only seconds apart in
the list-- users trying repeatedly to login (via a fake login). Chances
are, they scored an admin password at some point, which let them modify
greater aspects of stage6 OR modified aspects of the site via another
XSS attack. Compromised users are likely only those who have had trouble
logging into stage6 at some point in the last 2 months. ―Preceding
unsigned comment added by Punkrawker (talk . contribs) 07:57, 10
February 2008 (UTC)
----
|
|
|