[ARCHIVED] What happened today

Status
Not open for further replies.

RAF

Onyx user!
Joined
Mar 19, 2011
Posts
5,010
Reacts
0
Reputation
0
Credits
0
Today I found out that the forum had been accessed by an unauthorised user (phpMyAdmin). This was due to the MyBB team releasing the exploits against 1.6 forums which were not updated to 1.6.1, ironically, I was going to upgrade to 1.6.1 in a few hours (great job MyBB team -.-). The forum was penetrated and I had noticed this within seconds, I had automatically taken a backup and deleted the files therefore corrupting the forum to stop any damage from happening. Due to the quick growth of Rune Gear, the database had grown to a lot of megabytes, therefore I needed to wait a bit before I could upload the database.

I had some things to do today so I had went out for about 6 hours, I came back and the site was still redirecting to www.PVPCorner.com (a forum I own). I decided to sit down and work on all the issues, I thought of converting Rune Gear to vBulletin but decided against it. I've upgraded the forum to MyBB 1.6.1 and am looking for any other vulnerabilities. I have fixed everything I believe except a few more bugs which I'm working on with the jScripts, etc.

I've been working on the forum for the last 5 and a half hours and also 2 hours in the morning, and I believe I've got it all fixed. We only lost 30 posts which is good, sorry for the inconvenience.

- The Elite
 
RE: What happened today

Looks like you got everything solved. I wouldn't have asked anyone else to have done it quicker

Good work The Elite.
 
RE: What happened today

Good job. So the forum should run better now?
 
RE: What happened today

Yo, do you mind telling me where the exploits are? I would like to know so I could prevent this from happening to me.
 
RE: What happened today

CoNfLiCt said:
Yo, do you mind telling me where the exploits are? I would like to know so I could prevent this from happening to me.
Click to expand...

Telling you exactly what the 'exploits' are, there is a great possibility that you will use that knowledge for evil, not good.
 
RE: What happened today

Zennywop said:
Telling you exactly what the 'exploits' are, there is a great possibility that you will use that knowledge for evil, not good.
Click to expand...

I didn't say " what the exploits are " I know what they are. I want to remove the files where the exploit exists. So I could remove it on my forum.
You could ask The Elite, I do run a forum.
 
RE: What happened today

Glad to see everything resolved. I was shocked when I could not access AdminCP.
 
RE: What happened today

Good work backing up those files. 8)
 
RE: What happened today

Well even if they are hash'd there is too many sites that have hash cracking, or already cracked billions of hashes, so if anyone is using things with just names or numbers in it, that's a security flaw to begin with, you must use letters and numbers along with lower and upper case letters or it's your own fault in the end.

A hash really isn't the protection now day's it's the users that need protecting.

I'm surprised that mybb would even release an exploit I thought it was against there rules or did you just mean someone released a exploit for it on another site/forum? Because I know they would not post something public like that as it would risk there own clients sites.


Some reason the forum is a little screwed up when I'm typing in this box it extends beyond the actual box like it's sticking out too far at the bottom instead of scrolling down..

ATTACHED A SCREEN SHOT OF WHAT I'M TALKING ABOUT.

http://img843.imageshack.us/img843/5070/rungear.png
 
RE: What happened today


It's difficult to crack the hash and I don't believe he downloaded the database since automatically all tables were dropped, but changing your password is still recommended.

Also, MyBB had pointed out to where the exploits could be found and in what files which was ridiculous. I'm also working on fixing that issue.
 
RE: What happened today


Not really, with all the sites out there now days, you can type a hash in, and most of the time it's been already cracked..

like, http://passcracking.com/ they got over 1 million hashes, but there are sites you can actually pay to be a member and have like 100k bots setup to crack hashes daily for money, you gotta think even hashes that would take years to crack can be cracked in a few days with 100k computers working on it daily.. It's crazy how many resources are out there now days to do such a thing, that's why having a secure password is the only secure thing you can do, because servers and software is never secure.
 
RE: What happened today

I do appreciate your work. Keep going TE, you're doing a great job.
 
This thread has been moved to the Archives section due to it reaching redundancy. This means that the thread has no use in the official section and has been moved to the Archives section.

If you feel this was done wrongly, please contact a Staff member.
 
Status
Not open for further replies.
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…