LinkBack URL
About LinkBacks
Reply With QuoteHave the vulnerabilities been fixed so that this can't happen again?
Well, the how part is fairly simple, there are several vulnerabilities in vbulletin and php that allow you to executes malicious commands (such as upping your user status to admin).
What happened was that the 'hacker' (a.k.a. script kiddie) deleted all of the admin users (Aaron, MooN, and Zip-Lock) and the Moderators (Skippman) leaving the forums in the wrong hands.
Fortunately, he deleted the 'forum index' (the part of the MySQL DB that contains forum name and description) instead of deleting some 70,000 posts.
Also all of the private messages sent on or before Sept 6 were lost due to the hacker. In the aftermath, I had to drop all of the custom avatars to allow new ones to work. (if you lost your avatar and don't have a backup LMK and i'll look in the old DB file and see if I can find it.)
Now I can't elaborate on the how I fixed it part because I used several flaws in the server configuration to gain access to the MySQL database.
I'm sure I missed several details in this message.
Discuss if you want.... just don't flame each other.
Have the vulnerabilities been fixed so that this can't happen again?
24 y/o w/ Silver/Red
2000 Honda S2000
http://www.squeezer.net
to my knowledge they have been.Originally posted by Squeezer
Have the vulnerabilities been fixed so that this can't happen again?
Can you give us a name and address so we can go beat him silly?
I don't imagine you guys would want to travel to belgium
that's what i figured happened... remember kids.. keep your software up to date!
Well send Felix after him, he's in the neighborhood.
Stereo:Alpine IVA-D900 Head Unit | Alpine PXA-H510 DSP | Boston Pro Component Speakers Upfront | Boston Rally Rear Speakers | 2 Polk 10" Subs in the Trunk | Phoenix Gold Ti900.7 Amp
Originally posted by Skippman
Well send Felix after him, he's in the neighborhood.
Good Point *Evil Laugh*
lol maybe you could post his IP and we could hack him
just kiddin :P
In your post you covered the how, but not the why, do you know if there was a reason behind the attack? and if so why?Originally posted by bgoodman
How and why the forums were "hacked"
:edit: spelling error
And you say people actually pay money for M$ Windows?
www.mp3mini.co.uk (Does what it says on the URL) www.openclassic.co.uk (The new car, with zero rust!) www.rob-web.co.uk (My other site)
Total re-design underway: on the whole progress is very slow as the car is taking up too much time :)
Posting Permissions
Bookmarks