So I watched the video and was thinking about how this went down.
- Google cache of download page
The video is LOL , that woman is batshit crazy! Go anon!
I had not heard of the term hacktivist until this video, its a good term and it fits Anon well. I sincerely hope that the Anon members are behind 9000 proxies and will be careful to stay anonymous. They are obviously intelligent and to me, they seem to be looking for justice.
I hypothesize the way they did this one looked similar to this:
- Got access (not sure how.. ) to DNS and setup downloads.weststupidchurch.com subdomain.
- Got server access (not sure how.. ) to setup apache v-hosts to point to dir
- added fags.php to downloads sub-dir root.
- fags.php is a genious little piece of php (I would like to see source ).. it allows gets to be translated into local ip addresses. Exapmple : fags.php?=_&=192.168.14.100
- posted message on index of downloads root, with nmap(?) output of local network. Also they posted exploit urls for most of the computers and routers on the network
Things I am unsure about:
- How did they get access to the DNS provider for westbuttholechurch?
- Answer: SPEAKFREE.NET is not really a DNS provider but another one their own servers.. Found this out with help from this : https://www.msu.edu/~hinmanka/westboro_analysis.pdf
- How did they get access to the webhost server?
- was it a zero day exploit or a clever bit of social engineering ? Either way I bet they had root acces on the server to modify the v-hosts and create the downloads apache root..
- I am also interested in how this GET works I have never used a get with _ , usually i use text like page.php?EMemail@example.com&ph=303292129
Please leave your thoughts in the comments !