Filed under: Defacements, Exploits, Security News
posted by D1m on 30 Jan 2007 08:37 pm
Britney Spears’s Official German Website Got Hacked And Defaced
Was time for the website defacers to hit the music industry! Yesterday, visitors of the BritneySpears.de website could read “XTech Inc Onwed the Music Industry… and the rest of it ” at the top of the home page. It appears to me though, that they just did it for fun and not for any serious reason.
Apparently it was hosted in the same webserver with other official german websites of Sony BMG entertainment.
The attackers exploited a web application vulnerability – probably php inclusion – in order to get access to the Solaris 9/10 webserver.
The most probable attack scenario was this: Initially a backdoor through a php shell script was run, then shell access through a terminal to the attackers specified port was aquired. Having done this, if a local root exploit is successful, then the attackers have complete access to the webserver, leaving it vulnerable to other cracking teams, usually for a short time span.
Screenshot of the deface (Click thumbnail to view it):
Here is the list of all the affected websites, along with the OS that they run:
http://britneyspears.de SolarisSunOS
http://stuff.sonybmg.de SolarisSunOS
http://dms.sonybmg.de SolarisSunOS
http://stats.bmg.de SolarisSunOS
http://forum.bmg.de SolarisSunOS
http://research.sonybmg.de SolarisSunOS
http://live.bmg.de SolarisSunOS
http://mediaplayer.sonybmg.de SolarisSunOS
All of the above defacements are archived at Zone-H.org.
on 09 Feb 2007 at 7:14 am 1.Nick Kritsilis said …
The amazing news would be to hack Britney herself not her website …
on 16 Mar 2007 at 11:57 am 2.Dim said …
That could be interesting mate… Did you see her new haircut? It is all over the news! I think she has lost her mind… You might be able to root her though… Exploit her vulnerabilities… Make her day!
*geekery humor* h0h0h0