Lol, no we don't house anything that you don't enter, just curious if they would even bother with it.
"Hello, you just got owned"
- Thread starter berry120
- Start date
Lol, no we don't house anything that you don't enter, just curious if they would even bother with it.
7D8
In Runtime
- Messages
- 209
well the only thing i know these forums do store, beyond a user entering is the IP of the poster. Even thought that may change depending on your ISP, but someone who hacks into a forum can get access to that information. That's what gives you the ability to ban people, if I'm not mistaken.
Nah, it's unlikely. If they were that intent on doing damage they could have changed much more than the home page. Probably Googled around for VB forums without a certain patch, applied a script they downloaded without really knowing how it works and then whacked up a home page with a few marquee tags. They don't get the script kiddie name without a reason
7D8
In Runtime
- Messages
- 209
although the changing the home page was pretty cool, I would have quietly and gently set up some kind of sniffer that would collect data and send to an external source as an information gathering thing.
Or a script that would intermittently change the home page on the server for a few seconds, than back again.
Furthermore, did they wipe everything out of the directories, or just change index.php? I hope the forum was completely restored from a backup, because from my scenario 1 above, there could be data being sent out, and you'll never know until you log and inspect the network activity (or go digging through the code)
Or a script that would intermittently change the home page on the server for a few seconds, than back again.
Furthermore, did they wipe everything out of the directories, or just change index.php? I hope the forum was completely restored from a backup, because from my scenario 1 above, there could be data being sent out, and you'll never know until you log and inspect the network activity (or go digging through the code)
7D8
In Runtime
- Messages
- 209
... any encryption, can be decrypted given enough time. From a quick search, vBulletin uses MD5 encyption, so our passwords look like this: 9572aa224080351a05f5a96c3fb8f37e
using MD5:
- encrypted my name: tomek (returns: d0d41f1a3cc3f67dcd74694de9fef1b0)
- decrypted here using the encryption for tomek
Oh dear, and the damn thing's back again. Seriously, this will keep happening until the underlying cause is fixed... change any passwords and make sure VB is fully up to date... if you need to look back through logs and see how they're going about causing the thing. It's not the only thing that's changed either, look at the section title which now reads "I'm going to hack this over and over again".
I'll repeat - these people aren't even vaguely intelligent, they're moron script kiddies. But script kiddies (as do 2 year olds) know how to run the same script again and again to cause the same thing again and again.
Oh, and MD5 is a hashing function, NOT an encryption algorithm.
I'll repeat - these people aren't even vaguely intelligent, they're moron script kiddies. But script kiddies (as do 2 year olds) know how to run the same script again and again to cause the same thing again and again.
Oh, and MD5 is a hashing function, NOT an encryption algorithm.
