22 August 2009

ACT Bar Associations Porn Web Site

| baldilocks
Join the conversation
5

Well this is one way to spice up the law.

The Australian is reporting that someone hacked into the new web site of the ACT Bar Association and turned it into a porn site.

The site is now shown as being “under construction”

Join the conversation

5
All Comments
  • All Comments
  • Website Comments
LatestOldest

Pommy bastard said :

The site is now shown as being “under construction”

Shouldn’t that read; The site is now shown as being “under erection”?

“Waiting for erection” ?

It looks like they had some nice big vulnerabilities in there. A quick look shows that this is the not the first time the site was hacked, the other events were just subtle enough that the newspapers never noticed.

You can pull up the old version of the website from Google’s cache.
http://74.125.153.132/search?q=cache:1x78p4WBc60J:www.actbar.com.au/+http://www.actbar.com.au/&cd=1&hl=en&ct=clnk

This looks fine, the images don’t load because the site has been taken down but you can see the content that was there. However if you view source and scroll down slightly the problems become clear. Someone has inserted into the front page of the website a whole stack of links to online medications, they then hid this with the display:none line so that browsers didn’t show it to people looking at the site.

The reason they do this is to game Google’s search results. While a user won’t see it Google will and google ranks pages in part based on who links to them, so their google ranking will increase. It’s hidden so that users won’t see it and remove it, it could have been there for years.

Right down the bottom of the front page you can see another hidden link to tzd.htm on the same server. While I can’t find this page another compromised web server has a site that’s probably the same http://www.frontiercomputing.on.ca/tzd.htm
From this site you can see that they are trying to game google links again but this time to replace legitimate banks with their own phishing version.

A search for the website leads to a whole pile of forum sites
http://www.google.com/search?hl=en&safe=off&q=http://www.actbar.com.au/&start=10&sa=N
A good example of these is
http://theplayersball.com/forum/index?a=topic&t=79
Here you can see that forum posts are made directing people to pages on the actbar website. I assume that the webpages they link to used to exist on the actbar server, they no longer do.

These aren’t someone devilishly clever spending hours trying to hack the ACT Bar’s website. These are automated attacks that scan the internet for vulnerable systems and compromise them in an automated fashion. This webserver had vulnerabilities big enough to drive a truck through, multiple attackers were able to modify existing pages and add new ones. Whoever is maintaining this website has no idea what they are doing, which is also hinted by the current under construction page being written in Microsoft Word.

It wasnt so long ago that everything on that site was legal!

Being a Pommy Bastard I thought you may adopt the stiff upper lip approach to this matter

I can feel all kinds of legal jokes coming on & my mind is working overtime as to who some of the (local well known legal) models were for the site.

Pommy bastard10:35 am 22 Aug 09

The site is now shown as being “under construction”

Shouldn’t that read; The site is now shown as being “under erection”?

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.