

CNET hacked, site source code leaked - mrsaint
https://www.dropbox.com/s/5l4djd5a8pgx5ig/cnet.com.tar.gz

======
ten7
Did some investigation:

* The tar file (cnet.com.tar) is 489MB.

* Unpacked it's 536MB

* No database

* Around 30,000 files

* READ.ME has a promise of a copy of the database if you send this person 1BTC (not publishing their name here)

* Based on directory structure, looks like this is a release from 06/12 of this year

* Looks like the site is based on Symphony?

~~~
meowface
>READ.ME has a promise of a copy of the database if you send this person 1BTC

Sounds legit.

------
mrtksn
apparently the zip file contains an installation of symfony2 with supposedly
the cnet code as bundles. I don't know, it's kind of boring to look at the
code of a standard portal website built with a well known framework.

instead of posting the source code(which I hadn't looked further than
directory structure so I can't confirm if it's real, because well, it's just
another symfony code) why just don't tell that cnet is hacked and they are
using symfony and explain who and how did this?

I really can't see much value of distributing the source code of a standard
website built with a standard library.

~~~
ten7
Maybe he's trying to get you to bite on the database so that he can extort
some money out of this.

~~~
mrtksn
hmm, it's an advertisement for those who may want the database file. the zip
file contains a read.me file which has a bitcoin address in it, offering the
DB for 1 BTC.

I don't think that this post should be on HN.

~~~
ten7
Yea, this is exactly what I said in another thread.

~~~
mrtksn
an you were right :)

------
zik
The download is already disabled by dropbox due to high traffic.

~~~
taspeotis
I started downloading it before that happened. It's downloading now but the
transfer rate seems to be slowly dropping.

------
ohashi
Something about downloading a giant unknown zip makes me uneasy. Reminds me of
all those phishing/malware emails with attachments.

edit: no idea why I'm being downvoted.

~~~
krapp
YOLO.

~~~
ten7
Virtual machine...

------
tdeo
Anyone have a mirror?

------
lstyls
Yea I'll pass.

