View previous topic :: View next topic |
Author |
Message |
Mac Professional Member
Joined: 08 Jul 2000 Posts: 1585 Location: Oklahoma USA
|
Posted: Mon Nov 18, 2002 1:17 am Post subject: VDSworld attacked... |
|
|
It seems so senseless to attack a forum where so many
people come to get help and/or help others, just because
you don't like a few members. I wonder if the hacker
would like his family/friends to be targets just because
someone doesn't like him?
I have most (if not all) of the VDS3 examples I've posted
this year, and will try to re-post the missing ones (as I'm
sure others will) if Tommy will let us know when he's
through restoring the forum.
Sorry about this nightmare Tommy.
Cheers, Mac _________________ VDSug.dll does file IO, check/disable menu items,
non-VDS dlls, draw functions and more...
Free download (30k dll size) at:
http://www.vdsworld.com/download.php?id=361
|
|
Back to top |
|
|
PGWARE Web Host
Joined: 29 Dec 2001 Posts: 1562
|
Posted: Mon Nov 18, 2002 5:43 am Post subject: |
|
|
The sad part of it all is that he's a script kiddie not a real hacker yet he puts Own3d on the title of the page. What he did was use an exploit in version 2.0.0 of PhpBB forum widely available on the internet in a .zip file. What the files do is give any user the ability to upgrade himself to an administrator and delete topics/forums. The new version 2.0.3 fixes that security hole, let's see if he tries and 'hacks' it now - didn't think so. |
|
Back to top |
|
|
SnarlingSheep Professional Member
Joined: 13 Mar 2001 Posts: 759 Location: Michigan
|
Posted: Mon Nov 18, 2002 6:51 am Post subject: |
|
|
I'm not trying to start anything really, but I assume there was a 2.0.1 and 2? How come the forums weren't upgraded before this?
I know we get what we pay for of course, just voicing my curiousity really.
_________________ -Sheep
My pockets hurt... |
|
Back to top |
|
|
Mac Professional Member
Joined: 08 Jul 2000 Posts: 1585 Location: Oklahoma USA
|
Posted: Mon Nov 18, 2002 8:53 am Post subject: |
|
|
Hey Tommy,
Just remembered I still have the 7+ MB archive file
from when we discussed setting it up last time. Let
me know if ya need it.
Cheers, Mac _________________ VDSug.dll does file IO, check/disable menu items,
non-VDS dlls, draw functions and more...
Free download (30k dll size) at:
http://www.vdsworld.com/download.php?id=361
|
|
Back to top |
|
|
marty Professional Member
Joined: 10 May 2001 Posts: 789
|
Posted: Mon Nov 18, 2002 1:07 pm Post subject: |
|
|
I find attacking a small community like ours to be terrible. The person who did this should really sit down and think what advantages he/she gains by doing this sort of attacks.
Also Tommy, one little suggestion. Mentionning the hackers/kid alias on the main page of VDSWORLD isnt a good idea I personnaly think. These guys usually like the publicity.
BTW What part of the forum was mainly affected?
Have a good day |
|
Back to top |
|
|
PGWARE Web Host
Joined: 29 Dec 2001 Posts: 1562
|
Posted: Mon Nov 18, 2002 4:29 pm Post subject: |
|
|
It wasn't upgraded to the latest version because Tommy made many modifications to PHPBB, such as adding the vds tag and also changing some of small portions of the forum code. It would have required him to spend many more hours to do those changes to a new version if installed. |
|
Back to top |
|
|
Tommy Admin Team
Joined: 16 Nov 2002 Posts: 746 Location: The Netherlands
|
Posted: Mon Nov 18, 2002 5:05 pm Post subject: |
|
|
Everything that has been left from the forum has been restored now... You'll easily be
able to see which parts are more hurt than others.
The hacker has always been using the alias/real name "Izan_m". It may be important
for people being able to identify him so that they won't get hurt by him as well. Also it
was obvious it wasn't that name he wanted to be known, but rather he seemed to
prefer to be called "MHA", so we are probably not doing a favour by mentioning the
other name.
Also please note that the VDS tag isn't available in this version and probably won't be.
I'll see if I can replace old instances of the vds tag with the code tag.
This also applies for all other languages, they haven't been installed and may or may not
be in the future. |
|
Back to top |
|
|
SnarlingSheep Professional Member
Joined: 13 Mar 2001 Posts: 759 Location: Michigan
|
Posted: Mon Nov 18, 2002 5:57 pm Post subject: |
|
|
Just wanted to say that we appreciate your guys' effort in trying to clean up the mess.
I liked the VDS tag as I'm sure everyone else did but I guess we should take security over functionality.
Foolish kids anyway.. _________________ -Sheep
My pockets hurt... |
|
Back to top |
|
|
PGWARE Web Host
Joined: 29 Dec 2001 Posts: 1562
|
Posted: Tue Nov 19, 2002 12:06 am Post subject: |
|
|
Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m Izan_m
enjoy Izan_m with your l33t hax0r skr1p4 k1dd13 sk1llz |
|
Back to top |
|
|
Garrett Moderator Team
Joined: 04 Oct 2001 Posts: 2149 Location: A House
|
Posted: Tue Nov 19, 2002 4:31 pm Post subject: |
|
|
You know what's funny, is that the script kiddies hate being called that
because they think they're super hackers and should be treated like
royalty. I like to really tick them off by calling them skids, short for
script kiddies, but more because they're nothing but skids in the bottom
of someone's Hanes Briefs!
Skids!
-Garrett |
|
Back to top |
|
|
PGWARE Web Host
Joined: 29 Dec 2001 Posts: 1562
|
Posted: Tue Nov 19, 2002 4:53 pm Post subject: |
|
|
That's just gotta smell bad.. |
|
Back to top |
|
|
Tommy Admin Team
Joined: 16 Nov 2002 Posts: 746 Location: The Netherlands
|
Posted: Wed Nov 20, 2002 8:23 pm Post subject: |
|
|
Thanks to the help of FreezingFire, many messages have been restored. His backup
is dated 3 November, so only certain messages from 3 November up to 16 November
have been lost permanently. Thanks FreezingFire! |
|
Back to top |
|
|
Mac Professional Member
Joined: 08 Jul 2000 Posts: 1585 Location: Oklahoma USA
|
Posted: Wed Nov 20, 2002 9:19 pm Post subject: |
|
|
That's wunnerful wunnerful wunnerful!
Thanks FF!
I removed some code I had re-posted to avoid duplicates...
Cheers, Mac _________________ VDSug.dll does file IO, check/disable menu items,
non-VDS dlls, draw functions and more...
Free download (30k dll size) at:
http://www.vdsworld.com/download.php?id=361
|
|
Back to top |
|
|
marty Professional Member
Joined: 10 May 2001 Posts: 789
|
Posted: Thu Nov 21, 2002 12:55 pm Post subject: |
|
|
Thanks FF!! This is great! |
|
Back to top |
|
|
MarkTrubo Contributor
Joined: 27 May 2001 Posts: 148 Location: Long Island, NY
|
Posted: Wed Nov 27, 2002 5:55 pm Post subject: |
|
|
Why not write a VDS program that backs up the whole forum daily, FTPs somewhere else and keeps an archive of maybe the last 30 days or so. That way if some putz attackes again, restoration will be easy.
Just a thought. |
|
Back to top |
|
|
|