Go Back   Computer Forums > Welcome To Computer Forums .org > Social Lounge | Off Topic
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 05-18-2011, 01:02 PM   #11
..m.0,0.m..
Site Team
 
iPwn's Avatar
 
Join Date: May 2010
Location: USA
Posts: 3,870
Default Re: "Hello, you just got owned"

Quote:
Originally Posted by tomek View Post
If it were me doing this, I would Soooo grab the db. I'm sure the passwords are encrypted, but i doubt the info, emails, etc is. But what sensitive info is kept here? The worst they could do, is get my junk email address and spam me or know the City in which i live. Unless I don't know something....
Lol, no we don't house anything that you don't enter, just curious if they would even bother with it.
__________________

__________________
Me: You'd think as the dominant species we wouldn't be so effing stupid.
J: We're just intelligent enough to be completely effing stupid.
iPwn is offline   Reply With Quote
Old 05-18-2011, 01:05 PM   #12
7D8
In Runtime
 
7D8's Avatar
 
Join Date: Oct 2006
Posts: 209
Default Re: "Hello, you just got owned"

Quote:
Originally Posted by InfectionZero View Post
Lol, no we don't house anything that you don't enter, just curious if they would even bother with it.
well the only thing i know these forums do store, beyond a user entering is the IP of the poster. Even thought that may change depending on your ISP, but someone who hacks into a forum can get access to that information. That's what gives you the ability to ban people, if I'm not mistaken.
__________________

7D8 is offline   Reply With Quote
Old 05-18-2011, 02:52 PM   #13
Daemon Poster
 
The_Lucas's Avatar
 
Join Date: May 2010
Posts: 749
Send a message via ICQ to The_Lucas Send a message via MSN to The_Lucas Send a message via Yahoo to The_Lucas
Default Re: "Hello, you just got owned"

Glad we got back up quickly.
I must comment on that page they put up, they weren't so stuck in the 90's with that one haha.
I hope JCB is doing everything to keep this from happening again.

By the way, what exactly was the vulnerability?
__________________
The Enigma Community
http://enigmacommunity.org
My Blog
http://lucasbytegeni.us
Quote:
Originally Posted by krone6 View Post
Doesn't "loatheing" something the same as "love?" Whenever i hear it be used the person "loves" that product or service or whatever it is they're talking about.
The_Lucas is offline   Reply With Quote
Old 05-18-2011, 03:01 PM   #14
Site Team
 
berry120's Avatar
 
Join Date: Jul 2009
Location: England, UK
Posts: 3,425
Default Re: "Hello, you just got owned"

Quote:
So you doubt anything was stolen? (User account information, etc)
Nah, it's unlikely. If they were that intent on doing damage they could have changed much more than the home page. Probably Googled around for VB forums without a certain patch, applied a script they downloaded without really knowing how it works and then whacked up a home page with a few marquee tags. They don't get the script kiddie name without a reason :P
__________________
Save the whales, feed the hungry, free the mallocs.
berry120 is offline   Reply With Quote
Old 05-18-2011, 03:31 PM   #15
7D8
In Runtime
 
7D8's Avatar
 
Join Date: Oct 2006
Posts: 209
Default Re: "Hello, you just got owned"

although the changing the home page was pretty cool, I would have quietly and gently set up some kind of sniffer that would collect data and send to an external source as an information gathering thing.

Or a script that would intermittently change the home page on the server for a few seconds, than back again.

Furthermore, did they wipe everything out of the directories, or just change index.php? I hope the forum was completely restored from a backup, because from my scenario 1 above, there could be data being sent out, and you'll never know until you log and inspect the network activity (or go digging through the code)
7D8 is offline   Reply With Quote
Old 05-18-2011, 04:02 PM   #16
JCB
Daemon Poster
 
JCB's Avatar
 
Join Date: Oct 2004
Posts: 1,302
Default Re: "Hello, you just got owned"

Hi

Dont worry, the only thing that was changed was index.php. I ran a compaire program and that was the only file that had changed.

Our passwords as safe as well, they are encrypted in a mysql database so they can not be cracked
__________________
Check Out My Computer Related YouTube Channel @ Click Here
JCB is offline   Reply With Quote
Old 05-18-2011, 04:17 PM   #17
7D8
In Runtime
 
7D8's Avatar
 
Join Date: Oct 2006
Posts: 209
Default Re: "Hello, you just got owned"

Quote:
Originally Posted by JCB View Post
...so they can not be cracked
... any encryption, can be decrypted given enough time. From a quick search, vBulletin uses MD5 encyption, so our passwords look like this: 9572aa224080351a05f5a96c3fb8f37e

using MD5:
  1. encrypted my name: tomek (returns: d0d41f1a3cc3f67dcd74694de9fef1b0)
  2. decrypted here using the encryption for tomek
7D8 is offline   Reply With Quote
Old 05-18-2011, 05:47 PM   #18
Wizard of Wires
 
setishock's Avatar
 
Join Date: Feb 2005
Location: Not sure
Posts: 10,030
Default Re: "Hello, you just got owned"

Mine uses MD5 + salt. Good luck decoding that.
setishock is offline   Reply With Quote
Old 05-18-2011, 06:46 PM   #19
Site Team
 
berry120's Avatar
 
Join Date: Jul 2009
Location: England, UK
Posts: 3,425
Default Re: "Hello, you just got owned"

Oh dear, and the damn thing's back again. Seriously, this will keep happening until the underlying cause is fixed... change any passwords and make sure VB is fully up to date... if you need to look back through logs and see how they're going about causing the thing. It's not the only thing that's changed either, look at the section title which now reads "I'm going to hack this over and over again".

I'll repeat - these people aren't even vaguely intelligent, they're moron script kiddies. But script kiddies (as do 2 year olds) know how to run the same script again and again to cause the same thing again and again.

Oh, and MD5 is a hashing function, NOT an encryption algorithm.
__________________
Save the whales, feed the hungry, free the mallocs.
berry120 is offline   Reply With Quote
Old 05-18-2011, 06:47 PM   #20
Daemon Poster
 
The_Lucas's Avatar
 
Join Date: May 2010
Posts: 749
Send a message via ICQ to The_Lucas Send a message via MSN to The_Lucas Send a message via Yahoo to The_Lucas
Default Re: "Hello, you just got owned"

rofl I just saw on FB that the site was down again, and I clicked the bookmark to my UserCP in my bookmarks bar...Man these people are stupid.
__________________

__________________
The Enigma Community
http://enigmacommunity.org
My Blog
http://lucasbytegeni.us
Quote:
Originally Posted by krone6 View Post
Doesn't "loatheing" something the same as "love?" Whenever i hear it be used the person "loves" that product or service or whatever it is they're talking about.
The_Lucas is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 07:49 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0