www.IRC-Junkie.org – IRC News

All about Internet Relay Chat

Monthly Archives: December 2004

"Operation Fastlink" defendant pleads guilty

In April of this year we reported about the worldwide anti-piracy sweep in which raids took place worldwide including countries such as Belgium, Denmark, France, Germany, Hungary, Israel, the Netherlands, Singapore, Sweden, Spain, Great Britain and Northern Ireland.

The first defendant who got arrested in this operation is Jathan Desir, a 26-year-old from Iowa, USA. He pleaded guilty to felony information charging copyright infringement and conspiracy to commit copyright infringement.

Desir was running or helping to run two seperate sites which were used to distribute the pirated software and music and movies. If convicted he can face a maximum jail sentence of 15 years. He will be sentenced on March 18, 2005.

Bahamut support website cracked

“This website is temporary down because the idiot admin (i.e. me) didn’t update phpBB to a non exploitable version” webmaster Doc stated on the Bahamut-community.org website.

Bahamut-community.org is a website with got started to help users with this popular IRCd, and to relieve the support channel #bahamut on DALnet from FAQ’s.

The website is based on the popular phpBB forum software, which recently saw an important update due to a serious exploit. Webmaster Doc stated in a  reaction to IRC-Junkie: “I had been warned about it soon after it came out by several people, however I’ve recently just got a job and a new girlfriend, so I’ve had very little time for the internet :. I guess this has taught me a lesson.”

PhpBB developer psoTFX had this to say on the phpBB forum about users who still have not updated: “This is a reminder to all users to upgrade as soon as possible to 2.0.11. Remember, the issue leading to this release was extremely serious. It gave rise to the possibility for persons to “install” scripts, delete files and otherwise access your system.”

The exploit used on Bahamut-community.org had overwritten all .php and .htm files. “Thankfully nothing was lost”, Doc explained. “As with all websites on my server the database is backed up once a day and kept for five days, as are web files. I have chosen not to just simply restore the phpbb scripts as they would be exploitable.”

The website is back online. Thanks to DesertFox for bringing this to my attention!

DALnet acts upon XXX password sharing

Since a few days channel managers of XXX password channels on DALnet have been directed to read this page. “You have been directed to this page because you are listed as founder on a channel which has been reported to us as a location where passwords for adult sites are traded”, the page starts.

Only channel managers of channels which have been found actively trading XXX passwords are directed to this page. DALnet’s AUP section III disallow the exchange of private information such as logins. In a reaction to IRC-Junkie DALnet admin Ahnberg pointed out that it is not specifically XXX passwords which are being targeted. “I just emphasize that we’re not doing things to censor particular content, we’re acting on a general level. i.e. just because there were a bunch of XXX-pass-trading channels alerted due to this we do not single them out. We treat everyone equally. If we were to find channels who spread login information for sites with info for bird-watchers, we would act on that too.”

We asked Ahnberg if the closure means disallowing all access to a channel, or just removal of services. “AFAIK the channels have not yet been acted upon, but yes, they will be entirely blocked in this case since their sole purpose has been to trade personal information of individuals without their consent” Ahnberg explains.

“We’re not actively monitoring or “hunting” things down”, Ahnberg explains. “We usually act on reports or when something stick out.”

Thanks to Garp who initially pointed me out to this.

Undernet website hacked

Users of the Undernet network have noticed the site has been down for a few days. The website had an old calendar PHP script which was unused, but never deleted from the site.

“The calendar had an exploit that allowed users to read local files on the server by issuing local commands thought the php query string”, the admin of the Undernet website magic explained IRC-Junkie in a reaction.

“The website is running in a jail so he was unable to get anything of importance. He was able to read a very old sql dump where all password except two test passwords was encrypted using MD5.”

Prior to this hack the website have been down as well, which was unrelated to the hack however. “The reason for the original downtime was that the server was rebooted and httpd didn’t autostart as it should and no one noticed.”

mIRC charity appeal ends

“Thanks to all of the mIRC users who registered their copies of mIRC between November 6th and December 6th to support our appeal, 100% of your registration has been donated to Medecins Sans Frontieres for use in their HIV/AIDS prevention and ARV treatment programmes around the world”, the mIRC website says.

This time a total of 2301 users registered their mIRC client, which raised a total of $46,020.00.

“Many thanks to everyone who helped out!”