Singapore password file exploit

["Mr. Anderson" <dt_student () hotmail com>]

June 13 2004

There is a vulnerability in the software package of Singapore.
Say hello to theyr website: http://singapore.sourceforge.net/
This effects every version thye have made.

QUOTE OF THEIR DAY: (a while ago)_

"It is now a little over a year since singapore was first released on 
SourceForge.net. In that time it has grown from a simple script used on a 
single site to a fully fledged image gallery used on thousands of sites 
around the world."

BAD NEWS TOSE SIGHTS ARE ALSO NOW AL HACKED

In the singapore folder you are browsing on a website, go to: 
folder/data/adminusers.csv

Hello password files, with my 3.2 ghz extreme p4 i can crack you in miutes 
of time/.(md5 hash = lol )

This exploit can be fixed by putting access restrictions on the 
adminusers.csv file, something that almost nobody has done. The software 
does NOT do it on its own.

google has a nice list of the sitez which are now under hacker control:

http://www.google.com./search?hl=en&ie=UTF-8&q=%22Powered+by+singapore%22

other search sites i enjoy like dogpile find more.

What is importnat here is not the IMAGES getting hacked nobody cares about 
htat, lots of admins use the same pass of singapore on the FTP server or 
website ADMIN. try the passwords there and this site is now taken over from 
illegal hacking.

Thanksyou for your time this exploit is the first from my group known on the 
internet and lunix channels as www.wehack.com

~`TOBY`~

_________________________________________________________________
Watch the online reality show Mixed Messages with a friend and enter to win 
a trip to NY 
http://www.msnmessenger-download.click-url.com/go/onm00200497ave/direct/01/